/**
* Inject a captcha into the user login form after a failed
* password attempt as a speedbump for mass attacks.
*
* @fixme if multiple thingies insert a header, could break
* https://wikia-inc.atlassian.net/browse/SOC-289
*
* @param \QuickTemplate $template
*
* @return bool whether to keep running callbacks
*/
public function injectUserLogin(&$template)
{
if ($this->isBadLoginTriggered()) {
$template->set('header', "<div class='captcha'>" . \F::app()->wg->Out->parse($this->captcha->getMessage('badlogin')) . $this->captcha->getForm() . "</div>\n");
}
return true;
}
function execute()
{
$html = parent::gethtml('bodytext');
if (preg_match('/^<div class="noarticletext">/s', $html)) {
header("HTTP/1.1 404 File Not Found");
}
if (isset($_GET['isManual'])) {
$this->myPrintManualLayout();
} else {
$this->myPrintNormalLayout();
}
}
/**
* Decide if the login/usercreate page should be overwritten by a mobile only
* special specialpage. If not, do some changes to the template.
* @param QuickTemplate $tpl Login or Usercreate template
* @param String $mode Is this function called in context of UserCreate or UserLogin?
*/
public static function changeUserLoginCreateForm(&$tpl)
{
$context = MobileContext::singleton();
// otherwise just(tm) add a logoheader, if there is any
$mfLogo = $context->getMFConfig()->get('MobileFrontendLogo');
// do nothing in desktop mode
if ($context->shouldDisplayMobileView() && $mfLogo) {
$tpl->extend('formheader', Html::openElement('div', array('class' => 'watermark')) . Html::element('img', array('src' => $mfLogo, 'alt' => '')) . Html::closeElement('div'));
}
}
/**
* Add the output of a QuickTemplate to the output buffer
*
* @param QuickTemplate $template
*/
public function addTemplate(&$template)
{
$this->addHTML($template->getHTML());
}
/**
* Prepares links used in the mobile footer
* @param QuickTemplate $tpl
*/
protected function prepareMobileFooterLinks($tpl)
{
$req = $this->getRequest();
$url = $this->getOutput()->getProperty('desktopUrl');
if ($url) {
$url = wfAppendQuery($url, 'mobileaction=toggle_view_desktop');
} else {
$url = $this->getTitle()->getLocalUrl($req->appendQueryValue('mobileaction', 'toggle_view_desktop', true));
}
$url = htmlspecialchars($this->mobileContext->getDesktopUrl(wfExpandUrl($url, PROTO_RELATIVE)));
$desktop = wfMessage('mobile-frontend-view-desktop')->escaped();
$mobile = wfMessage('mobile-frontend-view-mobile')->escaped();
$switcherHtml = <<<HTML
<h2>{$this->getSitename(true)}</h2>
<ul>
\t<li>{$mobile}</li><li><a id="mw-mf-display-toggle" href="{$url}">{$desktop}</a></li>
</ul>
HTML;
// Generate the licensing text displayed in the footer of each page.
// See Skin::getCopyright for desktop equivalent.
$license = self::getLicense('footer');
if (isset($license['link']) && $license['link']) {
$licenseText = $this->msg('mobile-frontend-copyright')->rawParams($license['link'])->text();
} else {
$licenseText = '';
}
// Enable extensions to add links to footer in Mobile view, too - bug 66350
Hooks::run('SkinMinervaOutputPageBeforeExec', array(&$this, &$tpl));
$tpl->set('mobile-switcher', $switcherHtml);
$tpl->set('mobile-license', $licenseText);
$tpl->set('privacy', $this->footerLink('mobile-frontend-privacy-link-text', 'privacypage'));
$tpl->set('terms-use', $this->getTermsLink());
}
/**
* Inject whazawhoo
* @fixme if multiple thingies insert a header, could break
* @param QuickTemplate $template
* @return bool true to keep running callbacks
*/
function injectUserCreate(&$template)
{
global $wgCaptchaTriggers, $wgOut, $wgUser;
if ($wgCaptchaTriggers['createaccount']) {
if ($wgUser->isAllowed('skipcaptcha')) {
wfDebug("ConfirmEdit: user group allows skipping captcha on account creation\n");
return true;
}
$template->set('header', "<div class='captcha'>" . $wgOut->parse($this->getMessage('createaccount')) . $this->getForm() . "</div>\n");
}
return true;
}
/**
* Add the output of a QuickTemplate to the output buffer
*
* @param QuickTemplate $template
*/
public function addTemplate(&$template)
{
ob_start();
$template->execute();
$this->addHTML(ob_get_contents());
ob_end_clean();
}
/**
* Add variables to SkinTemplate
*/
public static function onSkinTemplateOutputPageBeforeExec(SkinTemplate $skinTemplate, QuickTemplate $tpl)
{
wfProfileIn(__METHOD__);
$out = $skinTemplate->getOutput();
$title = $skinTemplate->getTitle();
# quick hack for rt#15730; if you ever feel temptation to add 'elseif' ***CREATE A PROPER HOOK***
if ($title instanceof Title && NS_CATEGORY == $title->getNamespace()) {
// FIXME
$tpl->set('pagetitle', preg_replace("/^{$title->getNsText()}:/", '', $out->getHTMLTitle()));
}
// Pass parameters to skin, see: Login friction project (Marooned)
$tpl->set('thisurl', $title->getPrefixedURL());
$tpl->set('thisquery', $skinTemplate->thisquery);
wfProfileOut(__METHOD__);
return true;
}
/**
* SkinTemplateOutputPageBeforeExec hook handler
* @see https://www.mediawiki.org/wiki/Manual:Hooks/SkinTemplateOutputPageBeforeExec
*
* Adds a link to view the current page in 'mobile view' to the desktop footer.
*
* @param SkinTemplate $skin
* @param QuickTemplate $tpl
* @return bool
*/
public static function onSkinTemplateOutputPageBeforeExec(&$skin, &$tpl)
{
$title = $skin->getTitle();
$context = MobileContext::singleton();
if (!$context->isBlacklistedPage()) {
$footerlinks = $tpl->data['footerlinks'];
$args = $skin->getRequest()->getQueryValues();
// avoid title being set twice
unset($args['title']);
unset($args['useformat']);
$args['mobileaction'] = 'toggle_view_mobile';
$mobileViewUrl = $title->getFullURL($args);
$mobileViewUrl = MobileContext::singleton()->getMobileUrl($mobileViewUrl);
$link = Html::element('a', array('href' => $mobileViewUrl, 'class' => 'noprint stopMobileRedirectToggle'), wfMessage('mobile-frontend-view')->text());
$tpl->set('mobileview', $link);
$footerlinks['places'][] = 'mobileview';
$tpl->set('footerlinks', $footerlinks);
}
return true;
}
/**
* Prepares links used in the mobile footer
* @param Skin $sk
* @param QuickTemplate $tpl
* @param MobileContext $ctx
* @param Title $title
* @param WebRequest $req
* @return QuickTemplate
*/
protected static function mobileFooter($sk, $tpl, $ctx, $title, $req)
{
$url = $sk->getOutput()->getProperty('desktopUrl');
if ($url) {
$url = wfAppendQuery($url, 'mobileaction=toggle_view_desktop');
} else {
$url = $title->getLocalUrl($req->appendQueryValue('mobileaction', 'toggle_view_desktop', true));
}
$url = htmlspecialchars($ctx->getDesktopUrl(wfExpandUrl($url, PROTO_RELATIVE)));
$desktop = wfMessage('mobile-frontend-view-desktop')->escaped();
$mobile = wfMessage('mobile-frontend-view-mobile')->escaped();
$sitename = self::getSitename(true);
$switcherHtml = <<<HTML
<h2>{$sitename}</h2>
<ul>
\t<li>{$mobile}</li><li><a id="mw-mf-display-toggle" href="{$url}">{$desktop}</a></li>
</ul>
HTML;
// Generate the licensing text displayed in the footer of each page.
// See Skin::getCopyright for desktop equivalent.
$license = self::getLicense('footer');
if (isset($license['link']) && $license['link']) {
$licenseText = $sk->msg($license['msg'])->rawParams($license['link'])->text();
} else {
$licenseText = '';
}
// Enable extensions to add links to footer in Mobile view, too - bug 66350
Hooks::run('MobileSiteOutputPageBeforeExec', array(&$sk, &$tpl));
// FIXME: Deprecate this hook.
Hooks::run('SkinMinervaOutputPageBeforeExec', array(&$sk, &$tpl), '1.26');
$tpl->set('mobile-switcher', $switcherHtml);
$tpl->set('mobile-license', $licenseText);
$tpl->set('privacy', $sk->footerLink('mobile-frontend-privacy-link-text', 'privacypage'));
$tpl->set('terms-use', self::getTermsLink($sk));
$tpl->set('footerlinks', array('info' => array('mobile-switcher', 'mobile-license'), 'places' => array('terms-use', 'privacy')));
return $tpl;
}
/**
* Inject whazawhoo
* @fixme if multiple thingies insert a header, could break
* @param QuickTemplate $template
* @return bool true to keep running callbacks
*/
function injectUserCreate(&$template)
{
global $wgCaptchaTriggers, $wgOut, $wgUser;
if ($wgCaptchaTriggers['createaccount']) {
$this->action = 'usercreate';
if ($wgUser->isAllowed('skipcaptcha')) {
wfDebug("ConfirmEdit: user group allows skipping captcha on account creation\n");
return true;
}
$captcha = "<div class='captcha'>" . $wgOut->parse($this->getMessage('createaccount')) . $this->getForm() . "</div>\n";
// for older MediaWiki versions
if (is_callable(array($template, 'extend'))) {
$template->extend('extrafields', $captcha);
} else {
$template->set('header', $captcha);
}
}
return true;
}
/**
* Inject whazawhoo
* @fixme if multiple thingies insert a header, could break
* @param QuickTemplate $template
* @return bool true to keep running callbacks
*/
function injectUserCreate(&$template)
{
global $wgCaptchaTriggers, $wgOut, $wgUser;
if ($wgCaptchaTriggers['createaccount']) {
$this->action = 'usercreate';
if ($wgUser->isAllowed('skipcaptcha')) {
wfDebug("ConfirmEdit: user group allows skipping captcha on account creation\n");
return true;
}
LoggerFactory::getInstance('authmanager')->info('Captcha shown on account creation', array('event' => 'captcha.display', 'type' => 'accountcreation'));
$captcha = "<div class='captcha'>" . $wgOut->parse($this->getMessage('createaccount')) . $this->getForm($wgOut) . "</div>\n";
// for older MediaWiki versions
if (is_callable(array($template, 'extend'))) {
$template->extend('extrafields', $captcha);
} else {
$template->set('header', $captcha);
}
}
return true;
}
/**
* Rewrites the language list so that it cannot be contaminated by other extensions with things
* other than languages
* See bug 57094.
*
* @todo Remove when Special:Languages link goes stable
* @param QuickTemplate $tpl
*/
protected function prepareLanguages($tpl)
{
$lang = $this->getTitle()->getPageViewLanguage();
$tpl->set('pageLang', $lang->getHtmlCode());
$tpl->set('pageDir', $lang->getDir());
$language_urls = $this->getLanguages();
if (count($language_urls)) {
$tpl->setRef('language_urls', $language_urls);
} else {
$tpl->set('language_urls', false);
}
}
/**
* Inject whazawhoo
* @fixme if multiple thingies insert a header, could break
* @param QuickTemplate $template
* @return bool true to keep running callbacks
*/
function injectUserCreate(&$template)
{
global $wgCaptchaTriggers, $wgOut, $wgUser;
if ($wgCaptchaTriggers['createaccount']) {
if ($wgUser->isAllowed('skipcaptcha')) {
wfDebug("ConfirmEdit: user group allows skipping captcha on account creation\n");
return true;
}
/* Wikia change - begin */
$message = '';
wfRunHooks('GetConfirmEditMessage', array($this, &$message));
if (empty($message)) {
$message = $this->getMessage('createaccount');
}
$template->set('captcha', "<div class='captcha'>" . $this->getForm() . '<p class="captchadesc" >' . $message . '</p>' . "</div>\n");
/* Wikia change - end */
}
return true;
}
/**
* Replaces the language variant menu by the Polyglot one.
*
* @global type $wgOut
* @global type $wgContLang
* @param SkinTemplate $skin
* @param QuickTemplate $tpl
* @return type
*/
function wfPolyglotAddVariantsToTemplate($skin, $tpl)
{
global $wgOut, $wgContLang;
$variants = wfPolyglotGetVariantTitles($skin->getRelevantTitle());
$language_urls = array();
foreach ($variants as $lang => $title) {
$language_urls[] = array('href' => $title->getFullURL(), 'text' => $wgContLang->getLanguageName($lang), 'class' => 'interwiki-' . $lang);
}
if (count($language_urls)) {
$tpl->setRef('language_urls', $language_urls);
} else {
$tpl->set('language_urls', false);
}
return true;
}
function mailPassword()
{
global $wgUser, $wgOut, $wgAuth, $wgRequest;
$result = array();
if (!$wgAuth->allowPasswordChange()) {
$result['error_general'] = wfMsg('resetpass_forbidden');
return $result;
}
# Check against blocked IPs
# fixme -- should we not?
if ($wgUser->isBlocked()) {
$result['error_general'] = wfMsg('blocked-mailpassword');
return $result;
}
# Check against the rate limiter
if ($wgUser->pingLimiter('mailpassword')) {
$wgOut->disable();
$wgOut->rateLimited();
$result['error_general'] = "<h4>" . wfMsg('actionthrottled') . "</h4>";
$result['error_general'] .= wfMsg('actionthrottledtext');
return $result;
}
$name = $wgRequest->getVal('name');
if (!isset($name) || '' == $name) {
$result['error_username'] = wfMsg('noname');
return $result;
}
$name = trim($name);
$u = null;
// If $name looks like an email address, we look it up by email
// address first
$looksLikeEmail = strpos($name, '@') !== false;
if ($looksLikeEmail) {
list($u, $count) = WikihowUser::newFromEmailAddress($name);
}
if (is_null($u)) {
$u = User::newFromName($name);
// Show error specific to email addresses if there's no username
// with an '@' in it either
if ($looksLikeEmail) {
if ($count < 1) {
$result['error_username'] = wfMsg('noemail_login');
return $result;
} elseif ($count > 1) {
$result['error_username'] = wfMsg('multipleemails_login');
return $result;
}
}
}
if (is_null($u)) {
$result['error_username'] = wfMsg('noname');
return $result;
}
if (0 == $u->getID()) {
$result['error_username'] = wfMsg('nosuchuser', $u->getName());
return $result;
}
$abortError = '';
if (!wfRunHooks('AbortAccountReminder', array($u, &$abortError))) {
// Hook point to add extra creation throttles and blocks
wfDebug("LoginForm::addNewAccountInternal: a hook blocked creation\n");
$result['error_captcha'] = $abortError;
//had a problem with the captcha, need to load a new one
$template = new QuickTemplate();
$template->set('header', '');
wfRunHooks('AccountReminderNewCaptcha', array(&$template));
//hack since templates ECHO the data you want
ob_start();
$template->html('header');
$var = ob_get_contents();
ob_end_clean();
//end hack
$result['newCaptcha'] = $var;
return $result;
}
# Check against password throttle
if ($u->isPasswordReminderThrottled()) {
global $wgPasswordReminderResendTime;
# Round the time in hours to 3 d.p., in case someone is specifying minutes or seconds.
$result['error_general'] = wfMsg('throttled-mailpassword', round($wgPasswordReminderResendTime, 3));
return $result;
}
$mailResult = $this->mailPasswordInternal($u, true, 'passwordremindertitle', 'passwordremindertext');
if (WikiError::isError($mailResult)) {
$result['error_general'] = wfMsg('mailerror', $mailResult->getMessage());
return $result;
} else {
$result['success'] = wfMsgHtml('passwordsent', $u->getName());
return $result;
}
}