/** * change user's email and send reconfirmation email * @requestParam string username * @requestParam string email * @responseParam string result [ok/error/invalidsession/confirmed] * @responseParam string msg - result messages * @responseParam string errParam - error param */ public function changeUnconfirmedUserEmail() { // get new email from request $email = $this->request->getVal('email', ''); $username = $this->request->getVal('username'); if (!($this->isValidEmailFieldValue($email) && $this->isValidUsernameField($username))) { return; } $user = User::newFromName($username); if (!($this->isValidUser($user) && $this->isValidSession($user))) { return; } // check email changes limit $memKey = wfSharedMemcKey('wikialogin', 'email_changes', $user->getId()); // CONN-471: Respect the registration per email limit if (!($this->isWithinEmailChangesLimit($memKey) && $this->isWithinRegistrationPerEmailLimit($email))) { return; } // increase counter for email changes $this->userLoginHelper->incrMemc($memKey); $this->setResponseFields('ok', wfMessage('usersignup-reconfirmation-email-sent', $email)->escaped()); if ($email != $user->getEmail()) { $user->setEmail($email); // CONN-471: Call AbortNewAccount to validate username/password with Phalanx if ($this->isBlockedByPhalanx($user)) { return; } // send reconfirmation email $result = $user->sendReConfirmationMail(); $user->saveSettings(); // set counter to 1 for confirmation emails sent $memKey = $this->userLoginHelper->getMemKeyConfirmationEmailsSent($user->getId()); $this->wg->Memc->set($memKey, 1, 24 * 60 * 60); if (!$result->isGood()) { $this->setResponseFields('error', wfMessage('userlogin-error-mail-error', $result->getMessage())->parse()); } } }
/** * UserLogin: send a confirmation email a new account has been created */ public function sendConfirmationEmail() { $this->response->setFormat('json'); $this->response->setCacheValidity(\WikiaResponse::CACHE_DISABLED); $this->response->setVal('success', false); if ($this->getVal('secret') != $this->wg->TheSchwartzSecretToken) { $this->response->setVal('message', 'invalid secret'); return; } if (!$this->wg->EmailAuthentication) { $this->response->setVal('message', 'email authentication is not required'); return; } $username = $this->getVal('username'); wfWaitForSlaves($this->wg->ExternalSharedDB); $user = \User::newFromName($username); if (!$user instanceof \User) { $this->response->setVal('message', 'unable to create a \\User object from name'); return; } if (!$user->getId()) { $this->response->setVal('message', 'no such user'); return; } if ($user->isEmailConfirmed()) { $this->response->setVal('message', 'already confirmed'); return; } $userLoginHelper = new \UserLoginHelper(); $memcKey = $userLoginHelper->getMemKeyConfirmationEmailsSent($user->getId()); $emailsSent = intval($this->wg->Memc->get($memcKey)); if ($user->isEmailConfirmationPending() && strtotime($user->mEmailTokenExpires) - strtotime('+6 days') > 0 && $emailsSent >= \UserLoginHelper::LIMIT_EMAILS_SENT) { $this->response->setVal('message', 'confirmation emails limit reached'); return; } if (!\Sanitizer::validateEmail($user->getEmail())) { $this->response->setVal('message', 'invalid email'); return; } $langCode = $this->getVal('langCode', 'en'); $mailTemplate = $this->app->renderView('UserLogin', 'GeneralMail', ['language' => $langCode, 'type' => 'confirmation-email']); $lang = \Language::factory($langCode); $mailStatus = (new GlobalStateWrapper(['wgLang' => $lang]))->wrap(function () use($user, $mailTemplate, $langCode) { return $user->sendConfirmationMail(false, 'ConfirmationMail', 'usersignup-confirmation-email', true, $mailTemplate, $langCode); }); if (!$mailStatus->isGood()) { $this->response->setVal('message', 'could not send an email message'); return; } $this->response->setVal('success', true); }