Example #1
0
 /**
  * This method is called when user successfully logs in using FB credentials
  *
  * Facebook user ID is passed to our backend:
  *  - if there's Wikia account connected, log the user in,
  *  - if not, render sign up modal
  */
 public function index()
 {
     $fbUserId = $this->getFacebookUserId();
     // try to get connected Wikia account
     $user = FacebookClient::getInstance()->getWikiaUser($fbUserId);
     if ($user instanceof User && $fbUserId !== 0) {
         $errorMsg = '';
         if ($this->isAccountDisabled($user)) {
             // User account was disabled, abort the login
             $errorMsg = wfMessage('userlogin-error-edit-account-closed-flag')->escaped();
             $this->response->setData(['loginAborted' => true, 'errorMsg' => $errorMsg]);
         } elseif ($this->isAccountUnconfirmed($user)) {
             LoginForm::clearLoginToken();
             $name = $user->getName();
             $this->userLoginHelper->setNotConfirmedUserSession($user->getId());
             $this->userLoginHelper->clearPasswordThrottle($name);
             $this->response->setData(['unconfirmed' => true, 'userName' => $name, 'errorMsg' => $errorMsg]);
         } elseif (!wfRunHooks('FacebookUserLoginSuccess', [$user, &$errorMsg])) {
             $this->response->setData(['loginAborted' => true, 'errorMsg' => $errorMsg]);
         } else {
             // account is connected - log the user in
             $user->setCookies();
             $this->response->setData(['loggedIn' => true, 'userName' => $user->getName(), 'returnUrl' => $this->userLoginHelper->getRedirectUrl(), 'errorMsg' => '']);
             // Retrieve user email from Facebook if missing
             $email = $user->getEmail();
             if (empty($email)) {
                 $this->saveEmailAsynchronously($user->getId());
             }
         }
     } else {
         $modal = $this->sendRequest('FacebookSignup', 'modal')->__toString();
         $title = $this->sendRequest('FacebookSignup', 'modalHeader')->__toString();
         if (empty($modal)) {
             $modal = wfMessage('usersignup-facebook-problem')->escaped();
         }
         // no account connected - show FB sign up modal
         $this->response->setData(['htmlTitle' => $title, 'modal' => $modal, 'cancelMsg' => wfMessage('cancel')->escaped()]);
     }
 }
Example #2
0
 /**
  * Confirm email page.
  * @requestParam string code - on GET, POST
  * @requestParam string username - on POST
  * @requestParam string password - on POST
  * @responseParam string result [ok/error]
  * @responseParam string msg - result messages
  * @responseParam string errParam - error param
  */
 public function index()
 {
     $this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
     // hide things in the skin
     $this->wg->SuppressWikiHeader = false;
     $this->wg->SuppressPageHeader = false;
     $this->wg->SuppressFooter = true;
     $this->wg->SuppressAds = true;
     $this->wg->SuppressToolbar = true;
     $this->wg->Out->setPageTitle(wfMsg('wikiaconfirmemail-heading'));
     $par = $this->request->getVal('par', '');
     $this->code = $this->request->getVal('code', $par);
     $this->username = $this->request->getVal('username', '');
     $this->password = $this->request->getVal('password', '');
     if ($this->code == '') {
         $this->result = 'error';
         $this->msg = $this->wf->Msg('wikiaconfirmemail-error-empty-code');
         return;
     }
     if ($this->wg->request->wasPosted()) {
         if ($this->username == '') {
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-noname');
             $this->errParam = 'username';
             return;
         }
         if ($this->password == '') {
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-wrongpasswordempty');
             $this->errParam = 'password';
             return;
         }
         $expUser = User::newFromConfirmationCode($this->code);
         if (!is_object($expUser)) {
             $this->result = 'error';
             $this->msg = $this->wf->Msg('wikiaconfirmemail-error-invalid-code');
             return;
         }
         // User - activate user, confirm email and redirect to user page or create new wiki
         $tempUser = TempUser::getTempUserFromName($this->username);
         if ($tempUser) {
             if ($tempUser->getId() != $expUser->getId()) {
                 $this->result = 'error';
                 $this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match');
                 $this->errParam = 'username';
                 return;
             }
             $userLoginHelper = F::build('UserLoginHelper');
             if ($userLoginHelper->isPasswordThrottled($this->username)) {
                 $this->result = 'error';
                 $this->msg = $this->wf->Msg('userlogin-error-login-throttled');
                 $this->errParam = 'password';
                 return;
             }
             $user = $tempUser->mapTempUserToUser(false);
             if ($user->checkPassword($this->password)) {
                 $this->wg->user = $tempUser->activateUser($user);
                 $this->wg->User->setCookies();
                 LoginForm::clearLoginToken();
                 TempUser::clearTempUserSession();
                 $userLoginHelper->clearPasswordThrottle($this->username);
                 // redirect user
                 if ($tempUser->getSource() == '') {
                     $titleObj = $this->wg->User->getUserPage();
                     $query = '';
                 } else {
                     $titleObj = SpecialPage::getTitleFor('CreateNewWiki');
                     $query = $tempUser->getSource();
                 }
                 $this->wg->out->redirect($titleObj->getFullURL($query));
                 return;
             } else {
                 $this->result = 'error';
                 $this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
                 $this->errParam = 'password';
                 return;
             }
         }
         // User - confirm email and redirect to user page
         $user = User::newFromName($this->username);
         if (!$user instanceof User || $user->getId() != $expUser->getId()) {
             $this->result = 'error';
             $this->msg = $this->wf->Msg('wikiaconfirmemail-error-user-not-match');
             $this->errParam = 'username';
             return;
         }
         // set login token
         $this->wg->request->setVal('loginToken', UserLoginHelper::getLoginToken());
         // login
         $response = $this->app->sendRequest('UserLoginSpecial', 'login');
         $this->result = $response->getVal('result', '');
         $this->msg = $response->getVal('msg', '');
         $this->errParam = $response->getVal('errParam', '');
         if ($this->result == 'ok') {
             $optionNewEmail = $this->wg->User->getOption('new_email');
             if (!empty($optionNewEmail)) {
                 $user->setEmail($optionNewEmail);
             }
             $user->confirmEmail();
             $user->setOption('new_email', null);
             $user->saveSettings();
             $this->wf->RunHooks('ConfirmEmailComplete', array(&$user));
             // redirect user
             $userPage = $user->getUserPage();
             $this->wg->out->redirect($userPage->getFullURL());
         }
     }
 }
Example #3
0
 /**
  * @brief logs in a user with given login name and password.  if keeploggedin, sets a cookie.
  * @details
  * @requestParam string username
  * @requestParam string password
  * @requestParam string keeploggedin [true/false]
  * @responseParam string result [ok/error/unconfirm/resetpass]
  * @responseParam string msg - result message
  * @responseParam string errParam - error param
  */
 public function login()
 {
     // Init session if necessary
     if (session_id() == '') {
         $this->wf->SetupSession();
     }
     $loginForm = F::build('LoginForm', array(&$this->wg->request));
     $loginForm->load();
     // MW1.19 uses different form fields names
     // set variables
     if ($this->wg->request->getText('username', '') != '') {
         $loginForm->mUsername = $this->wg->request->getText('username');
     }
     if ($this->wg->request->getText('password', '') != '') {
         $loginForm->mPassword = $this->wg->request->getText('password');
     }
     if ($this->wg->request->getText('keeploggedin', '') != '') {
         $loginForm->mRemember = $this->wg->request->getCheck('keeploggedin');
     }
     if ($this->wg->request->getVal('loginToken', '') != '') {
         $loginForm->mToken = $this->wg->request->getVal('loginToken');
     }
     if ($this->wg->request->getVal('returnto', '') != '') {
         $loginForm->mReturnTo = $this->wg->request->getVal('returnto');
     }
     $loginCase = $loginForm->authenticateUserData();
     switch ($loginCase) {
         case LoginForm::SUCCESS:
             $injected_html = '';
             wfRunHooks('UserLoginComplete', array(&$this->wg->User, &$injected_html));
             // set rememberpassword option
             if ((bool) $loginForm->mRemember != (bool) $this->wg->User->getOption('rememberpassword')) {
                 $this->wg->User->setOption('rememberpassword', $loginForm->mRemember ? 1 : 0);
                 $this->wg->User->saveSettings();
             } else {
                 $this->wg->User->invalidateCache();
             }
             $this->wg->User->setCookies();
             LoginForm::clearLoginToken();
             TempUser::clearTempUserSession();
             $this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
             $this->result = 'ok';
             break;
         case LoginForm::NEED_TOKEN:
         case LoginForm::WRONG_TOKEN:
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-sessionfailure');
             break;
         case LoginForm::NO_NAME:
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-noname');
             $this->errParam = 'username';
             break;
         case LoginForm::ILLEGAL:
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-nosuchuser');
             $this->errParam = 'username';
             break;
         case LoginForm::NOT_EXISTS:
             $tempUser = F::build('TempUser', array($loginForm->mUsername), 'getTempUserFromName');
             if ($tempUser) {
                 if ($this->userLoginHelper->isPasswordThrottled($loginForm->mUsername)) {
                     $this->result = 'error';
                     $this->msg = $this->wf->Msg('userlogin-error-login-throttled');
                 } else {
                     $user = $tempUser->mapTempUserToUser(false);
                     if ($user->checkPassword($loginForm->mPassword)) {
                         LoginForm::clearLoginToken();
                         $tempUser->setTempUserSession();
                         $this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
                         // set lang for unconfirmed user
                         $langCode = $user->getOption('language');
                         if ($this->wg->User->getOption('language') != $langCode) {
                             $this->wg->User->setOption('language', $langCode);
                         }
                         $this->result = 'unconfirm';
                         $this->msg = $this->wf->MsgExt('usersignup-confirmation-email-sent', array('parseinline'), $tempUser->getEmail());
                     } else {
                         if ($user->checkTemporaryPassword($loginForm->mPassword)) {
                             $this->result = 'resetpass';
                         } else {
                             $this->result = 'error';
                             $this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
                             $this->errParam = 'password';
                         }
                     }
                 }
             } else {
                 $this->result = 'error';
                 $this->msg = $this->wf->Msg('userlogin-error-nosuchuser');
                 $this->errParam = 'username';
             }
             break;
         case LoginForm::WRONG_PLUGIN_PASS:
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
             $this->errParam = 'password';
             break;
         case LoginForm::WRONG_PASS:
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-wrongpassword');
             $this->errParam = 'password';
             $attemptedUser = F::build('User', array($loginForm->mUsername), 'newFromName');
             if (!is_null($attemptedUser)) {
                 $disOpt = $attemptedUser->getOption('disabled');
                 if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) {
                     #either closed account flag was present, override fail message
                     $this->msg = $this->wf->Msg('userlogin-error-edit-account-closed-flag');
                     $this->errParam = '';
                 }
             }
             break;
         case LoginForm::EMPTY_PASS:
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-wrongpasswordempty');
             $this->errParam = 'password';
             break;
         case LoginForm::RESET_PASS:
             $this->result = 'resetpass';
             break;
         case LoginForm::THROTTLED:
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-login-throttled');
             break;
         case LoginForm::CREATE_BLOCKED:
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-cantcreateaccount-text');
             break;
         case LoginForm::USER_BLOCKED:
             $this->result = 'error';
             $this->msg = $this->wf->Msg('userlogin-error-login-userblocked');
             break;
         default:
             throw new MWException("Unhandled case value");
     }
 }
Example #4
0
 /**
  * Logs in a user with given login name and password. If keeploggedin, sets a cookie.
  *
  * @requestParam string username
  * @requestParam string password
  * @requestParam string keeploggedin [true/false]
  * @responseParam string result [ok/error/unconfirm/resetpass]
  * @responseParam string msg - result message
  * @responseParam string errParam - error param
  */
 public function login()
 {
     // Init session if necessary
     if (session_id() == '') {
         wfSetupSession();
     }
     $loginForm = new LoginForm($this->wg->request);
     $loginForm->load();
     // MW1.19 uses different form fields names
     // set variables
     if ($this->wg->request->getText('username', '') != '') {
         $loginForm->mUsername = $this->wg->request->getText('username');
     }
     if ($this->wg->request->getText('password', '') != '') {
         $loginForm->mPassword = $this->wg->request->getText('password');
     }
     if ($this->wg->request->getText('keeploggedin', '') != '') {
         $loginForm->mRemember = $this->wg->request->getCheck('keeploggedin');
     }
     if ($this->wg->request->getVal('loginToken', '') != '') {
         $loginForm->mToken = $this->wg->request->getVal('loginToken');
     }
     if ($this->wg->request->getVal('returnto', '') != '') {
         $loginForm->mReturnTo = $this->wg->request->getVal('returnto');
     }
     $loginCase = $loginForm->authenticateUserData();
     switch ($loginCase) {
         case LoginForm::SUCCESS:
             // first check if user has confirmed email after sign up
             if ($this->wg->User->getGlobalFlag(self::NOT_CONFIRMED_SIGNUP_OPTION_NAME) && $this->wg->User->getGlobalAttribute(self::NOT_CONFIRMED_LOGIN_OPTION_NAME) !== self::NOT_CONFIRMED_LOGIN_ALLOWED) {
                 // User not confirmed on signup
                 LoginForm::clearLoginToken();
                 $this->userLoginHelper->setNotConfirmedUserSession($this->wg->User->getId());
                 $this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
                 $this->response->setValues(['result' => 'unconfirm', 'msg' => wfMessage('usersignup-confirmation-email-sent', $this->wg->User->getEmail())->parse()]);
             } else {
                 $result = '';
                 $resultMsg = '';
                 if (!wfRunHooks('WikiaUserLoginSuccess', array($this->wg->User, &$result, &$resultMsg))) {
                     $this->response->setValues(['result' => $result, 'msg' => $resultMsg]);
                     break;
                 }
                 // Login succesful
                 $injected_html = '';
                 wfRunHooks('UserLoginComplete', array(&$this->wg->User, &$injected_html));
                 // set rememberpassword option
                 if ((bool) $loginForm->mRemember != (bool) $this->wg->User->getGlobalPreference('rememberpassword')) {
                     $this->wg->User->setGlobalPreference('rememberpassword', $loginForm->mRemember ? 1 : 0);
                     $this->wg->User->saveSettings();
                 } else {
                     $this->wg->User->invalidateCache();
                 }
                 $this->wg->User->setCookies();
                 LoginForm::clearLoginToken();
                 UserLoginHelper::clearNotConfirmedUserSession();
                 $this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
                 // we're sure at this point we'll need the private field'
                 // value in the template let's pass them then
                 $this->response->setValues(['username' => $loginForm->mUsername, 'result' => 'ok']);
                 // regenerate session ID on user login (the approach MW's core SpecialUserLogin uses)
                 // to avoid race conditions with long running requests logging the user back in & out
                 // @see PLATFORM-1028
                 wfResetSessionID();
             }
             break;
         case LoginForm::NEED_TOKEN:
         case LoginForm::WRONG_TOKEN:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-sessionfailure')->escaped()]);
             break;
         case LoginForm::NO_NAME:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-noname')->escaped(), 'errParam' => 'username']);
             break;
         case LoginForm::NOT_EXISTS:
         case LoginForm::ILLEGAL:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-nosuchuser')->escaped(), 'errParam' => 'username']);
             break;
         case LoginForm::WRONG_PLUGIN_PASS:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpassword')->escaped(), 'errParam' => 'password']);
             break;
         case LoginForm::WRONG_PASS:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpassword')->escaped(), 'errParam' => 'password']);
             $attemptedUser = User::newFromName($loginForm->mUsername);
             if (!is_null($attemptedUser)) {
                 $disOpt = $attemptedUser->getGlobalFlag('disabled');
                 if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) {
                     # either closed account flag was present, override fail message
                     $this->response->setValues(['msg' => wfMessage('userlogin-error-edit-account-closed-flag')->escaped(), 'errParam' => '']);
                 }
             }
             break;
         case LoginForm::EMPTY_PASS:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpasswordempty')->escaped(), 'errParam' => 'password']);
             break;
         case LoginForm::RESET_PASS:
             $this->response->setVal('result', 'resetpass');
             break;
         case LoginForm::THROTTLED:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-login-throttled')->escaped()]);
             break;
         case LoginForm::CREATE_BLOCKED:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-cantcreateaccount-text')->escaped()]);
             break;
         case LoginForm::USER_BLOCKED:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-login-userblocked')->escaped()]);
             break;
         case LoginForm::ABORTED:
             $this->result = 'error';
             $this->msg = wfMessage($loginForm->mAbortLoginErrorMsg)->escaped();
             break;
         default:
             throw new MWException("Unhandled case value");
     }
 }
Example #5
0
 /**
  * Confirm email page.
  * @requestParam string code - on GET, POST
  * @requestParam string username - on POST
  * @requestParam string password - on POST
  * @responseParam string result [ok/error]
  * @responseParam string msg - result messages
  * @responseParam string errParam - error param
  */
 public function index()
 {
     $this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
     // hide things in the skin
     $this->wg->SuppressWikiHeader = false;
     $this->wg->SuppressPageHeader = false;
     $this->wg->SuppressFooter = true;
     $this->wg->SuppressAds = true;
     $this->wg->SuppressToolbar = true;
     $this->getOutput()->disallowUserJs();
     // just in case...
     $this->wg->Out->setPageTitle(wfMessage('wikiaconfirmemail-heading')->plain());
     $par = $this->request->getVal('par', '');
     $this->code = $this->request->getVal('code', $par);
     $this->username = $this->request->getVal('username', '');
     $this->password = $this->request->getVal('password', '');
     $this->editToken = $this->wg->User->getEditToken();
     $this->loginToken = UserLoginHelper::getLoginToken();
     $editTokenReq = $this->request->getVal('editToken', '');
     $loginTokenReq = $this->request->getVal('loginToken', '');
     if ($this->code == '') {
         $this->result = 'error';
         $this->msg = wfMessage('wikiaconfirmemail-error-empty-code')->escaped();
         return;
     }
     if ($this->wg->request->wasPosted() && $this->wg->User->matchEditToken($editTokenReq)) {
         if ($this->wg->User->isAnon() && $loginTokenReq !== UserLoginHelper::getLoginToken()) {
             $this->result = 'error';
             $this->msg = wfMessage('sessionfailure')->escaped();
             return;
         }
         if ($this->username == '') {
             $this->result = 'error';
             $this->msg = wfMessage('userlogin-error-noname')->escaped();
             $this->errParam = 'username';
             return;
         }
         if ($this->password == '') {
             $this->result = 'error';
             $this->msg = wfMessage('userlogin-error-wrongpasswordempty')->escaped();
             $this->errParam = 'password';
             return;
         }
         $expUser = User::newFromConfirmationCode($this->code);
         if (!$expUser instanceof User) {
             $this->result = 'error';
             $this->msg = wfMessage('wikiaconfirmemail-error-invalid-code')->escaped();
             return;
         }
         // User - activate user, confirm email and redirect to user page or create new wiki
         $user = User::newFromName($this->username);
         if (!$user instanceof User) {
             $this->result = 'error';
             $this->msg = wfMessage('userlogin-error-noname')->escaped();
             return;
         }
         if ($user->getId() != $expUser->getId()) {
             $this->result = 'error';
             $this->msg = wfMessage('wikiaconfirmemail-error-user-not-match')->parse();
             $this->errParam = 'username';
             return;
         }
         $userLoginHelper = new UserLoginHelper();
         /* @var UserLoginHelper $userLoginHelper */
         if ($userLoginHelper->isPasswordThrottled($this->username)) {
             $this->result = 'error';
             $this->msg = wfMessage('userlogin-error-login-throttled')->escaped();
             $this->errParam = 'password';
             return;
         }
         if ($user->checkPassword($this->password)) {
             $this->wg->User = $user;
             if ($user->getGlobalFlag(UserLoginSpecialController::NOT_CONFIRMED_SIGNUP_OPTION_NAME) != null) {
                 // Signup confirm
                 // Log user in manually
                 $this->wg->User->setCookies();
                 LoginForm::clearLoginToken();
                 UserLoginHelper::clearNotConfirmedUserSession();
                 $userLoginHelper->clearPasswordThrottle($this->username);
                 // Confirm
                 UserLoginHelper::removeNotConfirmedFlag($user);
                 $user->confirmEmail();
                 // Get and clear redirect page
                 $userSignupRedirect = $user->getGlobalAttribute(UserLoginSpecialController::SIGNUP_REDIRECT_OPTION_NAME);
                 $user->setGlobalAttribute(UserLoginSpecialController::SIGNUP_REDIRECT_OPTION_NAME, null);
                 $user->saveSettings();
                 $userLoginHelper->addNewUserLogEntry($user);
                 // send welcome email
                 $emailParams = array('$USERNAME' => $user->getName(), '$EDITPROFILEURL' => $user->getUserPage()->getFullURL(), '$LEARNBASICURL' => 'http://community.wikia.com/wiki/Help:Wikia_Basics', '$EXPLOREWIKISURL' => 'http://www.wikia.com');
                 $userLoginHelper->sendEmail($user, 'WelcomeMail', 'usersignup-welcome-email-subject', 'usersignup-welcome-email-body', $emailParams, 'welcome-email', 'WelcomeMail');
                 // redirect user
                 if (!empty($userSignupRedirect)) {
                     // Redirect user to the point where he finished (when signup on create wiki)
                     $titleObj = SpecialPage::getTitleFor('CreateNewWiki');
                     $query = $userSignupRedirect;
                 } else {
                     $titleObj = $this->wg->User->getUserPage();
                     $query = '';
                 }
                 $this->wg->out->redirect($titleObj->getFullURL($query));
                 return;
             } else {
                 // Email change
                 // Log user in through standard method
                 $response = $this->app->sendRequest('UserLoginSpecial', 'login');
                 $result = $response->getVal('result', '');
                 $optionNewEmail = $this->wg->User->getGlobalAttribute('new_email');
                 if (!empty($optionNewEmail)) {
                     $user->setEmail($optionNewEmail);
                 }
                 $user->confirmEmail();
                 $user->setGlobalAttribute('new_email', null);
                 $user->saveSettings();
                 // redirect user
                 if ($result === 'closurerequested') {
                     $response = $this->app->sendRequest('UserLoginSpecial', 'getCloseAccountRedirectUrl');
                     $redirectUrl = $response->getVal('redirectUrl');
                     $this->wg->Out->redirect($redirectUrl);
                 } else {
                     $userPage = $user->getUserPage();
                     $this->wg->out->redirect($userPage->getFullURL());
                 }
                 wfRunHooks('EmailChangeConfirmed', array($user));
                 return;
             }
         } else {
             $this->result = 'error';
             $this->msg = wfMessage('userlogin-error-wrongpassword')->escaped();
             $this->errParam = 'password';
             return;
         }
     }
 }
Example #6
0
 public function onSuccess()
 {
     if ($this->getUser()->isLoggedIn()) {
         $this->getOutput()->wrapWikiMsg("<div class=\"successbox\">\n\$1\n</div>", 'changepassword-success');
         $this->getOutput()->returnToMain();
     } else {
         $request = $this->getRequest();
         LoginForm::clearLoginToken();
         $token = LoginForm::getLoginToken()->toString();
         $data = array('action' => 'submitlogin', 'wpName' => $this->mUserName, 'wpDomain' => $this->mDomain, 'wpLoginToken' => $token, 'wpPassword' => $request->getVal('wpNewPassword')) + $request->getValues('wpRemember', 'returnto', 'returntoquery');
         $login = new LoginForm(new DerivativeRequest($request, $data, true));
         $login->setContext($this->getContext());
         $login->execute(null);
     }
 }
Example #7
0
 /**
  * Entry point for reactivating an account
  *
  * Handles confirming the user's reactivation request when they have
  * given a valid confirmation code. If no code is given, but they have
  * a session ID from having successfully attempted to login to an account
  * that has requested closure, this forwards to the reactivateRequest
  * method.
  *
  * @requestParam string code - The confirmation code for reactivating an account
  * @requestParam string username - The user name of the account to reactivate
  * @requestParam string password - The password for the account to reactivate
  * @requestParam string editToken - The edit token for the current user
  * @requestParam string loginToken - The login token for the current user
  * @responseParam boolean success - Whether or not reactivation was successful
  * @responseParam string resultMessage - The result of the form submission
  * @responseParam string errParam - The form item an error is related to
  * @return void
  */
 public function reactivate()
 {
     wfProfileIn(__METHOD__);
     $this->code = $this->getVal('code', false);
     if (empty($this->code)) {
         if ($this->request->getSessionData('closeAccountSessionId') !== null) {
             $this->forward(__CLASS__, 'reactivateRequest');
         } else {
             $this->success = false;
             $this->resultMessage = $this->msg('closemyaccount-reactivate-error-empty-code')->parse();
         }
         wfProfileOut(__METHOD__);
         return;
     }
     $this->getOutput()->setPageTitle($this->msg('closemyaccount-reactivate-page-title')->plain());
     $this->response->addAsset('extensions/wikia/UserLogin/css/UserLogin.scss');
     $user = $this->getUser();
     $this->username = $this->request->getVal('username', '');
     $this->password = $this->request->getVal('password', '');
     $this->loginToken = UserLoginHelper::getLoginToken();
     $this->editToken = $user->getEditToken();
     $helper = new CloseMyAccountHelper();
     if ($this->request->wasPosted() && $user->matchEditToken($this->request->getVal('editToken'))) {
         if ($user->isAnon() && $this->request->getVal('loginToken') !== UserLoginHelper::getLoginToken()) {
             $this->success = false;
             $this->resultMessage = $this->msg('sessionfailure')->escaped();
             wfProfileOut(__METHOD__);
             return;
         }
         if ($this->username === '') {
             $this->success = false;
             $this->resultMessage = $this->msg('userlogin-error-noname')->escaped();
             $this->errParam = 'username';
             wfProfileOut(__METHOD__);
             return;
         }
         if ($this->password === '') {
             $this->success = false;
             $this->resultMessage = $this->msg('userlogin-error-wrongpasswordempty')->escaped();
             $this->errParam = 'password';
             wfProfileOut(__METHOD__);
             return;
         }
         $expUser = User::newFromConfirmationCode($this->code);
         if (!$expUser instanceof User) {
             $this->success = false;
             $this->resultMessage = $this->msg('closemyaccount-reactivate-error-invalid-code', $this->username)->parse();
             wfProfileOut(__METHOD__);
             return;
         }
         $user = User::newFromName($this->username);
         if ($user->getId() != $expUser->getId()) {
             $this->success = false;
             $this->resultMessage = $this->msg('wikiaconfirmemail-error-user-not-match')->parse();
             $this->errParam = 'username';
             wfProfileOut(__METHOD__);
             return;
         }
         $userLoginHelper = new UserLoginHelper();
         /* @var UserLoginHelper $userLoginHelper */
         if ($userLoginHelper->isPasswordThrottled($this->username)) {
             $this->success = false;
             $this->resultMessage = $this - msg('userlogin-error-login-throttled')->escaped();
             $this->errParam = 'password';
             wfProfileOut(__METHOD__);
             return;
         }
         if ($helper->isClosed($user)) {
             $this->success = false;
             $this->resultMessage = $this->msg('closemyaccount-reactivate-error-disabled')->parse();
             wfProfileOut(__METHOD__);
             return;
         }
         if (!$helper->isScheduledForClosure($user)) {
             $this->success = false;
             $this->resultMessage = $this->msg('closemyaccount-reactivate-error-not-scheduled')->escaped();
             wfProfileOut(__METHOD__);
             return;
         }
         if ($user->checkPassword($this->password)) {
             $this->wg->User = $user;
             $this->wg->User->setCookies();
             LoginForm::clearLoginToken();
             $userLoginHelper->clearPasswordThrottle($this->username);
             $helper->reactivateAccount($user);
             unset($_SESSION['closeAccountSessionId']);
             $userPageTitle = $user->getUserPage();
             $this->getOutput()->redirect($userPageTitle->getFullURL());
         } else {
             $this->success = false;
             $this->resultMessage = $this->msg('userlogin-error-wrongpassword')->escaped();
             $this->errParam = 'password';
         }
     }
     wfProfileOut(__METHOD__);
 }