Пример #1
0
 function load()
 {
     parent::load();
     $request = $this->mOverrideRequest;
     if ($request->getText('username', '') != '') {
         $this->mUsername = $request->getText('username', '');
     }
     if ($request->getText('password', '') != '') {
         $this->mPassword = $request->getText('password');
         $this->mRetype = $request->getText('password');
     }
     if ($request->getText('email', '') != '') {
         $this->mEmail = $request->getText('email');
     }
     if ($request->getVal('birthyear', '') != '') {
         $this->wpBirthYear = $request->getVal('birthyear');
     }
     if ($request->getVal('birthmonth', '') != '') {
         $this->wpBirthMonth = $request->getVal('birthmonth');
     }
     if ($request->getVal('birthday', '') != '') {
         $this->wpBirthDay = $request->getVal('birthday');
     }
     if ($request->getVal('signupToken', '') != '') {
         $this->mToken = $request->getVal('signupToken');
     }
     if ($request->getVal('returnto', '') != '') {
         $this->mReturnTo = $request->getVal('returnto');
     }
     $this->wpUserBirthDay = strtotime($this->wpBirthYear . '-' . $this->wpBirthMonth . '-' . $this->wpBirthDay);
 }
 function submit_OTP($user_id, $user_name)
 {
     global $wgRequest, $wgOut, $wgUser;
     $otp_DB = "";
     $attempts = 0;
     # When OTP button is pressed we we check if the OTP is set on DB.
     if ($wgRequest->getCheck('clickBotOTP')) {
         SpecialLatch::accDB_useraccid($user_id, $user_id, $acc_id, $otp_DB, $attempts);
         # CSRF protection
         if (!$wgUser->matchEditToken($wgRequest->getVal('token'))) {
             return;
         } else {
             # If it's correct we set again the correct user name to session and redirect to the main page
             if ($otp_DB == $wgRequest->getText('txt_OTP')) {
                 $wgRequest->setSessionData('wsUserName', $user_name);
                 $fullURL = $wgRequest->getRequestURL();
                 $urlMainPage = explode("?", $fullURL);
                 $wgOut->redirect($urlMainPage[0]);
             } else {
                 if ($attempts < 2) {
                     SpecialLatch::updDB_useraccid($user_id, $acc_id, $otp_DB, $attempts + 1);
                     $wgOut->addWikiText(wfMsg('latch-OTP-error'));
                 } else {
                     $wgUser->logout();
                     $wgOut->clearHTML();
                     $specialUserlogin = new LoginForm();
                     $specialUserlogin->load();
                     $error = $specialUserlogin->mAbortLoginErrorMsg ?: 'wrongpassword';
                     $specialUserlogin->mainLoginForm($specialUserlogin->msg($error)->text());
                 }
             }
         }
     }
 }
Пример #3
0
 public function actionLogin()
 {
     if (!\Yii::$app->user->isGuest) {
         return $this->goHome();
     }
     $model = new LoginForm();
     if ($model->load(Yii::$app->request->post()) && $model->login()) {
         return $this->goBack();
     }
     return $this->render('login', ['model' => $model]);
 }
Пример #4
0
 public function run()
 {
     if ($this->visible) {
         $user = new LoginForm();
         if ($user->load(\Yii::$app->request->post()) && $user->login()) {
             return \Yii::$app->getResponse()->refresh();
         } else {
             return $this->render('loginWidget', ['user' => $user, 'title' => $this->title]);
         }
     }
 }
Пример #5
0
 function __construct(&$request)
 {
     global $wgUser;
     $this->titleObj = SpecialPage::getTitleFor('Piggyback');
     $this->templateData['actionlogin'] = $this->titleObj->getLocalUrl('action=submitlogin');
     $this->mOtherName = $request->getVal('wpOtherName');
     parent::load();
     $this->mType = 'login';
     /* fake to don't change remember password */
     $this->mRemember = (bool) $wgUser->getGlobalPreference('rememberpassword');
 }
Пример #6
0
 public function actionLogin($return_url = null)
 {
     if (!\Yii::$app->user->isGuest) {
         return $this->goHome();
     }
     $login_form = new LoginForm();
     if ($login_form->load(Yii::$app->request->post()) && $login_form->login()) {
         if ($return_url) {
             Yii::$app->user->setReturnUrl($return_url);
         }
         return $this->goBack();
     } else {
         return $this->render('login', ['login_form' => $login_form]);
     }
 }
Пример #7
0
 public function actionLogin()
 {
     if (!\Yii::$app->user->isGuest) {
         return $this->goHome();
     }
     $model = new LoginForm();
     $login = new \app\models\LoginDetails();
     if ($model->load(Yii::$app->request->post())) {
         $log = \app\models\User::find()->where(['user_login_id' => $_POST['LoginForm']['username'], 'is_block' => 0])->one();
         if (empty($log)) {
             \Yii::$app->session->setFlash('loginError', '<i class="fa fa-warning"></i><b> Incorrect username or password. !</b>');
             return $this->render('login', ['model' => $model]);
         }
         $login->login_user_id = $log['user_id'];
         $loginuser = $login->login_user_id;
         $emplogin = EmpMaster::find()->andWhere(['emp_master_user_id' => $loginuser])->one();
         $studlogin = StuMaster::find()->andWhere(['stu_master_user_id' => $loginuser])->one();
         if ($studlogin) {
             \Yii::$app->session->set('stu_id', $studlogin->stu_master_id);
         } else {
             if ($emplogin) {
                 \Yii::$app->session->set('emp_id', $emplogin->emp_master_id);
             } else {
                 if (!$emplogin && !$studlogin) {
                     \Yii::$app->session->set('admin_user', $loginuser);
                 } else {
                     \Yii::$app->session->setFlash('loginError', '<i class="fa fa-warning"></i><b> These Login credentials are Blocked/Deactive by Admin</b>');
                     return $this->render('login', ['model' => $model]);
                 }
             }
         }
         $login->login_status = 1;
         $login->login_at = new \yii\db\Expression('NOW()');
         $login->user_ip_address = $_SERVER['REMOTE_ADDR'];
         $login->save(false);
         if ($model->login()) {
             return $this->goBack();
         } else {
             return $this->render('login', ['model' => $model]);
         }
     } else {
         return $this->render('login', ['model' => $model]);
     }
 }
 public function actionApprovedAuthorizeSave()
 {
     $dinasFormlogin = new LoginForm();
     /*Ajax Load*/
     if (Yii::$app->request->isAjax) {
         $dinasFormlogin->load(Yii::$app->request->post());
         return Json::encode(\yii\widgets\ActiveForm::validate($dinasFormlogin));
     } else {
         /*Normal Load*/
         if ($dinasFormlogin->load(Yii::$app->request->post())) {
             if ($dinasFormlogin->loginformdinas_dinasved()) {
                 $hsl = \Yii::$app->request->post();
                 $kdro = $hsl['LoginForm']['kdro'];
                 return $this->redirect(['/accounting/dinasles-order/approved', 'kd' => $kdro]);
             }
         }
     }
 }
Пример #9
0
 public function execute()
 {
     $Name = $Password = $Remember = $Loginattempt = $Mailmypassword = $LoginToken = null;
     extract($this->extractRequestParams());
     if (!empty($Loginattempt)) {
         // Login attempt
         $params = new FauxRequest(array('wpName' => $Name, 'wpPassword' => $Password, 'wpRemember' => $Remember, 'wpLoginattempt' => $Loginattempt, 'wpLoginToken' => $LoginToken));
         // Init session if necessary
         if (session_id() == '') {
             wfSetupSession();
         }
         $result = array();
         $loginForm = new LoginForm($params);
         $caseCode = $loginForm->authenticateUserData();
         switch ($caseCode) {
             case LoginForm::RESET_PASS:
                 $result['result'] = 'Reset';
                 break;
             case LoginForm::SUCCESS:
                 global $wgUser;
                 $injected_html = '';
                 wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html));
                 $wgUser->setGlobalPreference('rememberpassword', $Remember ? 1 : 0);
                 $wgUser->setCookies();
                 $result['result'] = 'Success';
                 $result['lguserid'] = $_SESSION['wsUserID'];
                 $result['lgusername'] = $_SESSION['wsUserName'];
                 $result['lgtoken'] = $_SESSION['wsToken'];
                 break;
             case LoginForm::NO_NAME:
                 $result['result'] = 'NoName';
                 $result['text'] = wfMsg('noname');
                 break;
             case LoginForm::ILLEGAL:
                 $result['result'] = 'Illegal';
                 $result['text'] = wfMsg('noname');
                 break;
             case LoginForm::WRONG_PLUGIN_PASS:
                 $result['result'] = 'WrongPluginPass';
                 $result['text'] = wfMsg('wrongpassword');
                 break;
             case LoginForm::NOT_EXISTS:
                 $result['result'] = 'NotExists';
                 $result['text'] = wfMsg('nosuchuser', htmlspecialchars($Name));
                 break;
             case LoginForm::WRONG_PASS:
                 $result['result'] = 'WrongPass';
                 $result['text'] = wfMsg('wrongpassword');
                 #set default normal message
                 $attemptedUser = User::newFromName($Name);
                 if (!is_null($attemptedUser)) {
                     $disOpt = $attemptedUser->getGlobalFlag('disabled');
                     if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) {
                         #either closed account flag was present, override fail message
                         $result['text'] = wfMsg('edit-account-closed-flag');
                     }
                 }
                 break;
             case LoginForm::EMPTY_PASS:
                 $result['result'] = 'EmptyPass';
                 $result['text'] = wfMsg('wrongpasswordempty');
                 break;
             case LoginForm::NEED_TOKEN:
             case LoginForm::WRONG_TOKEN:
                 $result['result'] = 'NeedToken';
                 $result['text'] = wfMsg('sessionfailure');
                 break;
             case LoginForm::THROTTLED:
                 $result['result'] = 'Throttled';
                 $result['text'] = wfMsg('login-throttled');
                 break;
             case LoginForm::ABORTED:
                 $result['result'] = 'Aborted';
                 $result['text'] = wfMsg($loginForm->mAbortLoginErrorMsg);
                 break;
             default:
                 ApiBase::dieDebug(__METHOD__, "Unhandled case value: \"{$caseCode}\"");
         }
         $dbw = wfGetDB(DB_MASTER);
         $dbw->commit();
         $this->getResult()->addValue(null, 'ajaxlogin', $result);
     } else {
         if (!empty($Mailmypassword)) {
             // Remind password attemp
             $params = new FauxRequest(array('wpName' => $Name));
             $result = array();
             $loginForm = new LoginForm($params);
             $loginForm->load();
             global $wgUser, $wgOut, $wgAuth;
             if (!$wgAuth->allowPasswordChange()) {
                 $result['result'] = 'resetpass_forbidden';
                 $result['text'] = wfMsg('resetpass_forbidden');
             } else {
                 if ($wgUser->isBlocked()) {
                     $result['result'] = 'blocked-mailpassword';
                     $result['text'] = wfMsg('blocked-mailpassword');
                 } else {
                     if ('' == $loginForm->mUsername) {
                         $result['result'] = 'noname';
                         $result['text'] = wfMsg('noname');
                     } else {
                         $u = User::newFromName($loginForm->mUsername);
                         if (empty($u)) {
                             $result['result'] = 'noname';
                             $result['text'] = wfMsg('noname');
                         } else {
                             if (0 == $u->getID()) {
                                 $result['result'] = 'nosuchuser';
                                 $result['text'] = wfMsg('nosuchuser', $u->getName());
                             } else {
                                 if ($u->isPasswordReminderThrottled()) {
                                     global $wgPasswordReminderResendTime;
                                     $result['result'] = 'throttled-mailpassword';
                                     $result['text'] = wfMsg('throttled-mailpassword', round($wgPasswordReminderResendTime, 3));
                                 } else {
                                     $res = $loginForm->mailPasswordInternal($u, true);
                                     if (!$res->isOK()) {
                                         $result['result'] = 'mailerror';
                                         $result['text'] = wfMsg('mailerror', $res->getMessage());
                                     } else {
                                         $result['result'] = 'OK';
                                         $result['text'] = wfMsg('passwordsent', $u->getName());
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
             $dbw = wfGetDB(DB_MASTER);
             $dbw->commit();
             $this->getResult()->addValue(null, 'ajaxlogin', $result);
         }
     }
 }
Пример #10
0
 public function execute()
 {
     // If we're in a mode that breaks the same-origin policy, no tokens can
     // be obtained
     if ($this->lacksSameOriginSecurity()) {
         $this->dieUsage('Cannot create account when the same-origin policy is not applied', 'aborted');
     }
     // $loginForm->addNewaccountInternal will throw exceptions
     // if wiki is read only (already handled by api), user is blocked or does not have rights.
     // Use userCan in order to hit GlobalBlock checks (according to Special:userlogin)
     $loginTitle = SpecialPage::getTitleFor('Userlogin');
     if (!$loginTitle->userCan('createaccount', $this->getUser())) {
         $this->dieUsage('You do not have the right to create a new account', 'permdenied-createaccount');
     }
     if ($this->getUser()->isBlockedFromCreateAccount()) {
         $this->dieUsage('You cannot create a new account because you are blocked', 'blocked', 0, array('blockinfo' => ApiQueryUserInfo::getBlockInfo($this->getUser()->getBlock())));
     }
     $params = $this->extractRequestParams();
     // Init session if necessary
     if (session_id() == '') {
         wfSetupSession();
     }
     if ($params['mailpassword'] && !$params['email']) {
         $this->dieUsageMsg('noemail');
     }
     if ($params['language'] && !Language::isSupportedLanguage($params['language'])) {
         $this->dieUsage('Invalid language parameter', 'langinvalid');
     }
     $context = new DerivativeContext($this->getContext());
     $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('type' => 'signup', 'uselang' => $params['language'], 'wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpRetype' => $params['password'], 'wpDomain' => $params['domain'], 'wpEmail' => $params['email'], 'wpRealName' => $params['realname'], 'wpCreateaccountToken' => $params['token'], 'wpCreateaccount' => $params['mailpassword'] ? null : '1', 'wpCreateaccountMail' => $params['mailpassword'] ? '1' : null)));
     $loginForm = new LoginForm();
     $loginForm->setContext($context);
     Hooks::run('AddNewAccountApiForm', array($this, $loginForm));
     $loginForm->load();
     $status = $loginForm->addNewaccountInternal();
     $result = array();
     if ($status->isGood()) {
         // Success!
         $user = $status->getValue();
         if ($params['language']) {
             $user->setOption('language', $params['language']);
         }
         if ($params['mailpassword']) {
             // If mailpassword was set, disable the password and send an email.
             $user->setPassword(null);
             $status->merge($loginForm->mailPasswordInternal($user, false, 'createaccount-title', 'createaccount-text'));
         } elseif ($this->getConfig()->get('EmailAuthentication') && Sanitizer::validateEmail($user->getEmail())) {
             // Send out an email authentication message if needed
             $status->merge($user->sendConfirmationMail());
         }
         // Save settings (including confirmation token)
         $user->saveSettings();
         Hooks::run('AddNewAccount', array($user, $params['mailpassword']));
         if ($params['mailpassword']) {
             $logAction = 'byemail';
         } elseif ($this->getUser()->isLoggedIn()) {
             $logAction = 'create2';
         } else {
             $logAction = 'create';
         }
         $user->addNewUserLogEntry($logAction, (string) $params['reason']);
         // Add username, id, and token to result.
         $result['username'] = $user->getName();
         $result['userid'] = $user->getId();
         $result['token'] = $user->getToken();
     }
     $apiResult = $this->getResult();
     if ($status->hasMessage('sessionfailure') || $status->hasMessage('nocookiesfornew')) {
         // Token was incorrect, so add it to result, but don't throw an exception
         // since not having the correct token is part of the normal
         // flow of events.
         $result['token'] = LoginForm::getCreateaccountToken();
         $result['result'] = 'NeedToken';
     } elseif (!$status->isOK()) {
         // There was an error. Die now.
         $this->dieStatus($status);
     } elseif (!$status->isGood()) {
         // Status is not good, but OK. This means warnings.
         $result['result'] = 'Warning';
         // Add any warnings to the result
         $warnings = $status->getErrorsByType('warning');
         if ($warnings) {
             foreach ($warnings as &$warning) {
                 ApiResult::setIndexedTagName($warning['params'], 'param');
             }
             ApiResult::setIndexedTagName($warnings, 'warning');
             $result['warnings'] = $warnings;
         }
     } else {
         // Everything was fine.
         $result['result'] = 'Success';
     }
     // Give extensions a chance to modify the API result data
     Hooks::run('AddNewAccountApiResult', array($this, $loginForm, &$result));
     $apiResult->addValue(null, 'createaccount', $result);
 }
 /**
  * Logs in a user with given login name and password. If keeploggedin, sets a cookie.
  *
  * @requestParam string username
  * @requestParam string password
  * @requestParam string keeploggedin [true/false]
  * @responseParam string result [ok/error/unconfirm/resetpass]
  * @responseParam string msg - result message
  * @responseParam string errParam - error param
  */
 public function login()
 {
     // Init session if necessary
     if (session_id() == '') {
         wfSetupSession();
     }
     $loginForm = new LoginForm($this->wg->request);
     $loginForm->load();
     // MW1.19 uses different form fields names
     // set variables
     if ($this->wg->request->getText('username', '') != '') {
         $loginForm->mUsername = $this->wg->request->getText('username');
     }
     if ($this->wg->request->getText('password', '') != '') {
         $loginForm->mPassword = $this->wg->request->getText('password');
     }
     if ($this->wg->request->getText('keeploggedin', '') != '') {
         $loginForm->mRemember = $this->wg->request->getCheck('keeploggedin');
     }
     if ($this->wg->request->getVal('loginToken', '') != '') {
         $loginForm->mToken = $this->wg->request->getVal('loginToken');
     }
     if ($this->wg->request->getVal('returnto', '') != '') {
         $loginForm->mReturnTo = $this->wg->request->getVal('returnto');
     }
     $loginCase = $loginForm->authenticateUserData();
     switch ($loginCase) {
         case LoginForm::SUCCESS:
             // first check if user has confirmed email after sign up
             if ($this->wg->User->getGlobalFlag(self::NOT_CONFIRMED_SIGNUP_OPTION_NAME) && $this->wg->User->getGlobalAttribute(self::NOT_CONFIRMED_LOGIN_OPTION_NAME) !== self::NOT_CONFIRMED_LOGIN_ALLOWED) {
                 // User not confirmed on signup
                 LoginForm::clearLoginToken();
                 $this->userLoginHelper->setNotConfirmedUserSession($this->wg->User->getId());
                 $this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
                 $this->response->setValues(['result' => 'unconfirm', 'msg' => wfMessage('usersignup-confirmation-email-sent', $this->wg->User->getEmail())->parse()]);
             } else {
                 $result = '';
                 $resultMsg = '';
                 if (!wfRunHooks('WikiaUserLoginSuccess', array($this->wg->User, &$result, &$resultMsg))) {
                     $this->response->setValues(['result' => $result, 'msg' => $resultMsg]);
                     break;
                 }
                 // Login succesful
                 $injected_html = '';
                 wfRunHooks('UserLoginComplete', array(&$this->wg->User, &$injected_html));
                 // set rememberpassword option
                 if ((bool) $loginForm->mRemember != (bool) $this->wg->User->getGlobalPreference('rememberpassword')) {
                     $this->wg->User->setGlobalPreference('rememberpassword', $loginForm->mRemember ? 1 : 0);
                     $this->wg->User->saveSettings();
                 } else {
                     $this->wg->User->invalidateCache();
                 }
                 $this->wg->User->setCookies();
                 LoginForm::clearLoginToken();
                 UserLoginHelper::clearNotConfirmedUserSession();
                 $this->userLoginHelper->clearPasswordThrottle($loginForm->mUsername);
                 // we're sure at this point we'll need the private field'
                 // value in the template let's pass them then
                 $this->response->setValues(['username' => $loginForm->mUsername, 'result' => 'ok']);
                 // regenerate session ID on user login (the approach MW's core SpecialUserLogin uses)
                 // to avoid race conditions with long running requests logging the user back in & out
                 // @see PLATFORM-1028
                 wfResetSessionID();
             }
             break;
         case LoginForm::NEED_TOKEN:
         case LoginForm::WRONG_TOKEN:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-sessionfailure')->escaped()]);
             break;
         case LoginForm::NO_NAME:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-noname')->escaped(), 'errParam' => 'username']);
             break;
         case LoginForm::NOT_EXISTS:
         case LoginForm::ILLEGAL:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-nosuchuser')->escaped(), 'errParam' => 'username']);
             break;
         case LoginForm::WRONG_PLUGIN_PASS:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpassword')->escaped(), 'errParam' => 'password']);
             break;
         case LoginForm::WRONG_PASS:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpassword')->escaped(), 'errParam' => 'password']);
             $attemptedUser = User::newFromName($loginForm->mUsername);
             if (!is_null($attemptedUser)) {
                 $disOpt = $attemptedUser->getGlobalFlag('disabled');
                 if (!empty($disOpt) || defined('CLOSED_ACCOUNT_FLAG') && $attemptedUser->getRealName() == CLOSED_ACCOUNT_FLAG) {
                     # either closed account flag was present, override fail message
                     $this->response->setValues(['msg' => wfMessage('userlogin-error-edit-account-closed-flag')->escaped(), 'errParam' => '']);
                 }
             }
             break;
         case LoginForm::EMPTY_PASS:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-wrongpasswordempty')->escaped(), 'errParam' => 'password']);
             break;
         case LoginForm::RESET_PASS:
             $this->response->setVal('result', 'resetpass');
             break;
         case LoginForm::THROTTLED:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-login-throttled')->escaped()]);
             break;
         case LoginForm::CREATE_BLOCKED:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-cantcreateaccount-text')->escaped()]);
             break;
         case LoginForm::USER_BLOCKED:
             $this->response->setValues(['result' => 'error', 'msg' => wfMessage('userlogin-error-login-userblocked')->escaped()]);
             break;
         case LoginForm::ABORTED:
             $this->result = 'error';
             $this->msg = wfMessage($loginForm->mAbortLoginErrorMsg)->escaped();
             break;
         default:
             throw new MWException("Unhandled case value");
     }
 }
 public function execute()
 {
     // $loginForm->addNewaccountInternal will throw exceptions
     // if wiki is read only (already handled by api), user is blocked or does not have rights.
     // Use userCan in order to hit GlobalBlock checks (according to Special:userlogin)
     $loginTitle = SpecialPage::getTitleFor('Userlogin');
     if (!$loginTitle->userCan('createaccount', $this->getUser())) {
         $this->dieUsage('You do not have the right to create a new account', 'permdenied-createaccount');
     }
     if ($this->getUser()->isBlockedFromCreateAccount()) {
         $this->dieUsage('You cannot create a new account because you are blocked', 'blocked');
     }
     $params = $this->extractRequestParams();
     $result = array();
     // Init session if necessary
     if (session_id() == '') {
         wfSetupSession();
     }
     if ($params['mailpassword'] && !$params['email']) {
         $this->dieUsageMsg('noemail');
     }
     $context = new DerivativeContext($this->getContext());
     $context->setRequest(new DerivativeRequest($this->getContext()->getRequest(), array('type' => 'signup', 'uselang' => $params['language'], 'wpName' => $params['name'], 'wpPassword' => $params['password'], 'wpRetype' => $params['password'], 'wpDomain' => $params['domain'], 'wpEmail' => $params['email'], 'wpRealName' => $params['realname'], 'wpCreateaccountToken' => $params['token'], 'wpCreateaccount' => $params['mailpassword'] ? null : '1', 'wpCreateaccountMail' => $params['mailpassword'] ? '1' : null)));
     $loginForm = new LoginForm();
     $loginForm->setContext($context);
     $loginForm->load();
     $status = $loginForm->addNewaccountInternal();
     $result = array();
     if ($status->isGood()) {
         // Success!
         $user = $status->getValue();
         // If we showed up language selection links, and one was in use, be
         // smart (and sensible) and save that language as the user's preference
         global $wgLoginLanguageSelector, $wgEmailAuthentication;
         if ($wgLoginLanguageSelector && $params['language']) {
             $user->setOption('language', $params['language']);
         }
         if ($params['mailpassword']) {
             // If mailpassword was set, disable the password and send an email.
             $user->setPassword(null);
             $status->merge($loginForm->mailPasswordInternal($user, false, 'createaccount-title', 'createaccount-text'));
         } elseif ($wgEmailAuthentication && Sanitizer::validateEmail($user->getEmail())) {
             // Send out an email authentication message if needed
             $status->merge($user->sendConfirmationMail());
         }
         // Save settings (including confirmation token)
         $user->saveSettings();
         wfRunHooks('AddNewAccount', array($user, $params['mailpassword']));
         if ($params['mailpassword']) {
             $logAction = 'byemail';
         } elseif ($this->getUser()->isLoggedIn()) {
             $logAction = 'create2';
         } else {
             $logAction = 'create';
         }
         $user->addNewUserLogEntry($logAction, (string) $params['reason']);
         // Add username, id, and token to result.
         $result['username'] = $user->getName();
         $result['userid'] = $user->getId();
         $result['token'] = $user->getToken();
     }
     $apiResult = $this->getResult();
     if ($status->hasMessage('sessionfailure') || $status->hasMessage('nocookiesfornew')) {
         // Token was incorrect, so add it to result, but don't throw an exception
         // since not having the correct token is part of the normal
         // flow of events.
         $result['token'] = LoginForm::getCreateaccountToken();
         $result['result'] = 'needtoken';
     } elseif (!$status->isOK()) {
         // There was an error. Die now.
         // Cannot use dieUsageMsg() directly because extensions
         // might return custom error messages.
         $errors = $status->getErrorsArray();
         if ($errors[0] instanceof Message) {
             $code = 'aborted';
             $desc = $errors[0];
         } else {
             $code = array_shift($errors[0]);
             $desc = wfMessage($code, $errors[0]);
         }
         $this->dieUsage($desc, $code);
     } elseif (!$status->isGood()) {
         // Status is not good, but OK. This means warnings.
         $result['result'] = 'warning';
         // Add any warnings to the result
         $warnings = $status->getErrorsByType('warning');
         if ($warnings) {
             foreach ($warnings as &$warning) {
                 $apiResult->setIndexedTagName($warning['params'], 'param');
             }
             $apiResult->setIndexedTagName($warnings, 'warning');
             $result['warnings'] = $warnings;
         }
     } else {
         // Everything was fine.
         $result['result'] = 'success';
     }
     $apiResult->addValue(null, 'createaccount', $result);
 }
Пример #13
0
 function load()
 {
     parent::load();
     $request = $this->mOverrideRequest;
     if ($request->getText('wpName2Ajax', '') != '') {
         $this->mUsername = $request->getText('wpName2Ajax', '');
     }
     if ($request->getText('wpPassword2Ajax', '') != '') {
         $this->mPassword = $request->getText('wpPassword2Ajax');
     }
     if ($request->getText('wpRemember2Ajax', '') != '') {
         $this->mRemember = $request->getCheck('wpRemember2Ajax');
     }
     $this->mReturnTo = $request->getVal('returnto');
 }
Пример #14
0
 public function actionText()
 {
     //请求处理
     $req = Yii::$app->request;
     //创建一个请求对象
     $data_get = $req->get('id');
     //获取get请求中参数id的值
     $date_post = $req->post('id');
     //....post....
     //响应处理
     $res = Yii::$app->response;
     //创建一个响应对象
     $res->statusCode = '';
     //网页状态吗的设置
     $res->headers->add('', '');
     //添加http响应头的信息
     $res->headers->set('', '');
     //设置http响应头的信息
     //跳转
     $res->headers->add('location', 'url');
     //网页的跳转或者
     $this->redirect('url', '状态码');
     //文件下载
     $res->headers->add('content-disposition', 'attachment;filename=a.jpg');
     //文件下载
     $res->sendFile('a.jpg');
     //文件下载
     //session
     $session = Yii::$app->session;
     //创建一个session对象
     $session->isActive;
     //判断session是否开启
     $session->open();
     //开启session
     $session->set('key', 'value');
     //设置session
     $session['key'] = 'value';
     //设置session
     $session->remove('key');
     //删除session
     unset($session['key']);
     //删除session
     //cookie
     $cookie = YII::$app->response->cookies;
     //创建cookie集
     $c_data = array('name' => 'key', 'value' => 'value');
     $cookie->add(new Cookie($c_data));
     //增加一条cookie
     $cookie->remove('key');
     //删除key 的cookie
     //请求中的cookie
     $cookies = Yii::$app->request->cookies;
     //创建请求中的cookie集
     echo $cookie->getValue('key');
     //获取请求中key的cookie
     //视图的创建
     //        return $this->renderPartial('index','数据数组');//
     //        return $this->render('index','数据数组');
     //数据过滤
     //        Html::encode();//字符串转义
     //视图互相调用
     //        $this->render(); 在视图文件里引入需要的视图文件即可
     if (!\Yii::$app->user->isGuest) {
         return $this->goHome();
     }
     $model = new LoginForm();
     if ($model->load(Yii::$app->request->post()) && $model->login()) {
         return $this->goBack();
     } else {
         //  $this->render
         return $this->render('login', ['res' => '用户名密码错误']);
     }
 }
 public static function wfLoginHook(&$returnTo, &$returnToQuery, &$type)
 {
     global $wgUser, $wgOut, $wgRequest, $wgTitle;
     $acc_id = "";
     $msg = "";
     $app_id = "";
     $secret = "";
     $type = 'error';
     $two_factor_token = "";
     $user_id = "";
     # We remove the user's name to "freeze" the session
     $wgRequest->setSessionData('wsUserName', "");
     # If app_id, secret, user_id and the account_id are already in the DB, we take them
     SpecialLatch::accDB_appsecret($app_id, $secret);
     SpecialLatch::accDB_useraccid($wgUser->getId(), $user_id, $acc_id);
     # If the user doesn't have Latch configured we redirect him to Main Page without checking anything
     if (!empty($user_id) && !empty($acc_id)) {
         # We call the Status function from the Latch SDK
         $api = new Latch($app_id, $secret);
         $statusResponse = $api->status($acc_id);
         $responseData = $statusResponse->getData();
         $responseError = $statusResponse->getError();
         if (empty($statusResponse) || empty($responseData) && empty($responseError)) {
             return false;
         } else {
             # If everything is OK and the status is on, we redirect the user to the main page and set the user's name again
             if (!empty($responseData) && $responseData->{"operations"}->{$app_id}->{"status"} === "on") {
                 if (!empty($responseData->{"operations"}->{$app_id}->{"two_factor"})) {
                     $two_factor_token = $responseData->{"operations"}->{$app_id}->{"two_factor"}->{"token"};
                     # We have another special page for the OTP page. We insert the OTP token on DB and we redirect to that page
                     if (!empty($two_factor_token)) {
                         SpecialLatch::updDB_useraccid($user_id, $acc_id, $two_factor_token);
                         $wgOut->redirect(SpecialPage::getTitleFor('LatchOTP')->getFullURL('', false, PROTO_CURRENT));
                     }
                 } else {
                     SpecialLatch::putUserInSession();
                 }
             } else {
                 if (!empty($responseData) && $responseData->{"operations"}->{$app_id}->{"status"} === "off") {
                     $wgUser->logout();
                     $specialUserlogin = new LoginForm();
                     $specialUserlogin->load();
                     $error = $specialUserlogin->mAbortLoginErrorMsg ?: 'wrongpassword';
                     $specialUserlogin->mainLoginForm($specialUserlogin->msg($error)->text());
                 } else {
                     SpecialLatch::putUserInSession();
                 }
             }
         }
     } else {
         SpecialLatch::putUserInSession();
     }
     return true;
 }