dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
fixtags hack slightly cleaned up
[lhc/web/wiklou.git] / includes / SpecialUserlogin.php
1 <?php
2
3 require_once('UserMailer.php');
4
5 function wfSpecialUserlogin()
6 {
7 global $wgCommandLineMode;
8 global $wgRequest;
9 if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {
10 User::SetupSession();
11 }
12
13 $form = new LoginForm( $wgRequest );
14 $form->execute();
15 }
16
17 class LoginForm {
18 var $mName, $mPassword, $mRetype, $mReturnto, $mCookieCheck, $mPosted;
19 var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
20 var $mLoginattempt, $mRemember, $mEmail;
21
22 function LoginForm( &$request ) {
23 global $wgLang;
24
25 $this->mName = $request->getText( 'wpName' );
26 $this->mPassword = $request->getText( 'wpPassword' );
27 $this->mRetype = $request->getText( 'wpRetype' );
28 $this->mReturnto = $request->getText( 'returnto' );
29 $this->mCookieCheck = $request->getVal( "wpCookieCheck" );
30 $this->mPosted = $request->wasPosted();
31 $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' );
32 $this->mCreateaccountMail = $request->getCheck( 'wpCreateaccountMail' );
33 $this->mMailmypassword = $request->getCheck( 'wpMailmypassword' );
34 $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
35 $this->mAction = $request->getVal( 'action' );
36 $this->mRemember = $request->getCheck( 'wpRemember' );
37 $this->mEmail = $request->getText( 'wpEmail' );
38
39 # When switching accounts, it sucks to get automatically logged out
40 if( $this->mReturnto == $wgLang->specialPage( "Userlogout" ) ) {
41 $this->mReturnto = "";
42 }
43 }
44
45 function execute() {
46 if ( !is_null( $this->mCookieCheck ) ) {
47 $this->onCookieRedirectCheck( $this->mCookieCheck );
48 } else if( $this->mPosted ) {
49 if( $this->mCreateaccount ) {
50 return $this->addNewAccount();
51 } else if ( $this->mCreateaccountMail ) {
52 return $this->addNewAccountMailPassword();
53 } else if ( $this->mMailmypassword ) {
54 return $this->mailPassword();
55 } else if ( ( "submit" == $this->mAction ) || $this->mLoginattempt ) {
56 return $this->processLogin();
57 }
58 }
59 $this->mainLoginForm( "" );
60 }
61
62 /* private */ function addNewAccountMailPassword()
63 {
64 global $wgOut;
65
66 if ("" == $this->mEmail) {
67 $this->mainLoginForm( wfMsg( "noemail", $this->mName ) );
68 return;
69 }
70
71 $u = $this->addNewaccountInternal();
72
73 if ($u == NULL) {
74 return;
75 }
76
77 $u->saveSettings();
78 $error = $this->mailPasswordInternal($u);
79
80 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
81 $wgOut->setRobotpolicy( "noindex,nofollow" );
82 $wgOut->setArticleRelated( false );
83
84 if ( $error === "" ) {
85 $wgOut->addWikiText( wfMsg( "accmailtext", $u->getName(), $u->getEmail() ) );
86 $wgOut->returnToMain( false );
87 } else {
88 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
89 }
90
91 $u = 0;
92 }
93
94
95 /* private */ function addNewAccount()
96 {
97 global $wgUser, $wgOut;
98 global $wgDeferredUpdateList;
99
100 $u = $this->addNewAccountInternal();
101
102 if ($u == NULL) {
103 return;
104 }
105
106 $wgUser = $u;
107 $wgUser->setCookies();
108
109 $up = new UserUpdate();
110 array_push( $wgDeferredUpdateList, $up );
111
112 if( $this->hasSessionCookie() ) {
113 return $this->successfulLogin( wfMsg( "welcomecreation", $wgUser->getName() ) );
114 } else {
115 return $this->cookieRedirectCheck( "new" );
116 }
117 }
118
119
120 /* private */ function addNewAccountInternal()
121 {
122 global $wgUser, $wgOut;
123 global $wgMaxNameChars;
124
125 if (!$wgUser->isAllowedToCreateAccount()) {
126 $this->userNotPrivilegedMessage();
127 return;
128 }
129
130 if ( 0 != strcmp( $this->mPassword, $this->mRetype ) ) {
131 $this->mainLoginForm( wfMsg( "badretype" ) );
132 return;
133 }
134
135 $name = trim( $this->mName );
136 if ( ( "" == $name ) ||
137 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $name ) ||
138 (strpos( $name, "/" ) !== false) ||
139 (strlen( $name ) > $wgMaxNameChars) )
140 {
141 $this->mainLoginForm( wfMsg( "noname" ) );
142 return;
143 }
144 if ( wfReadOnly() ) {
145 $wgOut->readOnlyPage();
146 return;
147 }
148 $u = User::newFromName( $name );
149
150 if ( 0 != $u->idForName() ) {
151 $this->mainLoginForm( wfMsg( "userexists" ) );
152 return;
153 }
154 $u->addToDatabase();
155 $u->setPassword( $this->mPassword );
156 $u->setEmail( $this->mEmail );
157 if ( $this->mRemember ) { $r = 1; }
158 else { $r = 0; }
159 $u->setOption( "rememberpassword", $r );
160
161 return $u;
162 }
163
164
165
166 /* private */ function processLogin()
167 {
168 global $wgUser;
169 global $wgDeferredUpdateList;
170
171 if ( "" == $this->mName ) {
172 $this->mainLoginForm( wfMsg( "noname" ) );
173 return;
174 }
175 $u = User::newFromName( $this->mName );
176 $id = $u->idForName();
177 if ( 0 == $id ) {
178 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
179 return;
180 }
181 $u->setId( $id );
182 $u->loadFromDatabase();
183 $ep = $u->encryptPassword( $this->mPassword );
184 if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
185 if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
186 $this->mainLoginForm( wfMsg( "wrongpassword" ) );
187 return;
188 }
189 }
190
191 # We've verified now, update the real record
192 #
193 if ( $this->mRemember ) {
194 $r = 1;
195 $u->setCookiePassword( $this->mPassword );
196 } else {
197 $r = 0;
198 }
199 $u->setOption( "rememberpassword", $r );
200
201 $wgUser = $u;
202 $wgUser->setCookies();
203
204 $up = new UserUpdate();
205 array_push( $wgDeferredUpdateList, $up );
206
207 if( $this->hasSessionCookie() ) {
208 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
209 } else {
210 return $this->cookieRedirectCheck( "login" );
211 }
212 }
213
214 /* private */ function mailPassword()
215 {
216 global $wgUser, $wgDeferredUpdateList, $wgOutputEncoding;
217 global $wgCookiePath, $wgCookieDomain, $wgDBname;
218
219 if ( "" == $this->mName ) {
220 $this->mainLoginForm( wfMsg( "noname" ) );
221 return;
222 }
223 $u = User::newFromName( $this->mName );
224 $id = $u->idForName();
225 if ( 0 == $id ) {
226 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
227 return;
228 }
229 $u->setId( $id );
230 $u->loadFromDatabase();
231
232 $error = $this->mailPasswordInternal( $u );
233 if ($error === "") {
234 $this->mainLoginForm( wfMsg( "passwordsent", $u->getName() ) );
235 } else {
236 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
237 }
238
239 }
240
241
242 /* private */ function mailPasswordInternal( $u )
243 {
244 global $wgDeferredUpdateList, $wgOutputEncoding;
245 global $wgPasswordSender, $wgDBname, $wgIP;
246 global $wgCookiePath, $wgCookieDomain;
247
248 if ( "" == $u->getEmail() ) {
249 $this->mainLoginForm( wfMsg( "noemail", $u->getName() ) );
250 return;
251 }
252 $np = User::randomPassword();
253 $u->setNewpassword( $np );
254
255 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
256 $u->saveSettings();
257
258 $ip = $wgIP;
259 if ( "" == $ip ) { $ip = "(Unknown)"; }
260
261 $m = wfMsg( "passwordremindertext", $ip, $u->getName(), $np );
262
263 $error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( "passwordremindertitle" ), $m );
264
265 return $error;
266 }
267
268
269
270
271
272 /* private */ function successfulLogin( $msg )
273 {
274 global $wgUser;
275 global $wgDeferredUpdateList;
276 global $wgOut;
277
278 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
279 $wgOut->setRobotpolicy( "noindex,nofollow" );
280 $wgOut->setArticleRelated( false );
281 $wgOut->addHTML( $msg );
282 $wgOut->returnToMain();
283 }
284
285 function userNotPrivilegedMessage()
286 {
287 global $wgOut, $wgUser, $wgLang;
288
289 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
290 $wgOut->setRobotpolicy( "noindex,nofollow" );
291 $wgOut->setArticleRelated( false );
292
293 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
294
295 $wgOut->returnToMain( false );
296 }
297
298 /* private */ function mainLoginForm( $err )
299 {
300 global $wgUser, $wgOut, $wgLang;
301 global $wgDBname;
302
303 $le = wfMsg( "loginerror" );
304 $yn = wfMsg( "yourname" );
305 $yp = wfMsg( "yourpassword" );
306 $ypa = wfMsg( "yourpasswordagain" );
307 $rmp = wfMsg( "remembermypassword" );
308 $nuo = wfMsg( "newusersonly" );
309 $li = wfMsg( "login" );
310 $ca = wfMsg( "createaccount" );
311 $cam = wfMsg( "createaccountmail" );
312 $ye = wfMsg( "youremail" );
313 $efl = wfMsg( "emailforlost" );
314 $mmp = wfMsg( "mailmypassword" );
315 $endText = wfMsg( "loginend" );
316
317 if ( $endText = "&lt;loginend&gt;" ) {
318 $endText = "";
319 }
320
321 if ( "" == $this->mName ) {
322 if ( 0 != $wgUser->getID() ) {
323 $this->mName = $wgUser->getName();
324 } else {
325 $this->mName = @$_COOKIE["{$wgDBname}UserName"];
326 }
327 }
328
329 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
330 $wgOut->setRobotpolicy( "noindex,nofollow" );
331 $wgOut->setArticleRelated( false );
332
333 if ( "" == $err ) {
334 $lp = wfMsg( "loginprompt" );
335 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
336 } else {
337 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
338 color='red'>$err</font>\n" );
339 }
340 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
341 $checked = " checked";
342 } else {
343 $checked = "";
344 }
345
346 $q = "action=submit";
347 if ( !empty( $this->mReturnto ) ) {
348 $q .= "&returnto=" . wfUrlencode( $this->mReturnto );
349 }
350
351 $titleObj = Title::makeTitle( NS_SPECIAL, "Userlogin" );
352 $action = $titleObj->escapeLocalUrl( $q );
353
354 $encName = wfEscapeHTML( $this->mName );
355 $encPassword = wfEscapeHTML( $this->mPassword );
356 $encRetype = wfEscapeHTML( $this->mRetype );
357 $encEmail = wfEscapeHTML( $this->mEmail );
358
359 if ($wgUser->getID() != 0) {
360 $cambutton = "<input tabindex='6' type='submit' name=\"wpCreateaccountMail\" value=\"{$cam}\" />";
361 } else {
362 $cambutton = "";
363 }
364
365 $wgOut->addHTML( "
366 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
367 <table border='0'><tr>
368 <td align='right'>$yn:</td>
369 <td align='left'>
370 <input tabindex='1' type='text' name=\"wpName\" value=\"{$encName}\" size='20' />
371 </td>
372 <td align='left'>
373 <input tabindex='3' type='submit' name=\"wpLoginattempt\" value=\"{$li}\" />
374 </td>
375 </tr>
376 <tr>
377 <td align='right'>$yp:</td>
378 <td align='left'>
379 <input tabindex='2' type='password' name=\"wpPassword\" value=\"{$encPassword}\" size='20' />
380 </td>
381 <td align='left'>
382 <input tabindex='7' type='checkbox' name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked /><label for=\"wpRemember\">$rmp</label>
383 </td>
384 </tr>");
385
386 if ($wgUser->isAllowedToCreateAccount()) {
387 $encRetype = htmlspecialchars( $this->mRetype );
388 $encEmail = htmlspecialchars( $this->mEmail );
389 $wgOut->addHTML("<tr><td colspan='3'>&nbsp;</td></tr><tr>
390 <td align='right'>$ypa:</td>
391 <td align='left'>
392 <input tabindex='4' type='password' name=\"wpRetype\" value=\"{$encRetype}\"
393 size='20' />
394 </td><td>$nuo</td></tr>
395 <tr>
396 <td align='right'>$ye:</td>
397 <td align='left'>
398 <input tabindex='5' type='text' name=\"wpEmail\" value=\"{$encEmail}\" size='20' />
399 </td><td align='left'>
400 <input tabindex='6' type='submit' name=\"wpCreateaccount\" value=\"{$ca}\" />
401 $cambutton
402 </td></tr>");
403 }
404
405 $wgOut->addHTML("
406 <tr><td colspan='3'>&nbsp;</td></tr><tr>
407 <td colspan='3' align='left'>
408 <p>$efl<br />
409 <input tabindex='8' type='submit' name=\"wpMailmypassword\" value=\"{$mmp}\" /></p>
410 </td></tr></table>
411 </form>\n" );
412 $wgOut->addHTML( $endText );
413 }
414
415 /* private */ function hasSessionCookie()
416 {
417 global $wgDisableCookieCheck;
418 return ( $wgDisableCookieCheck ) ? true : ( "" != $_COOKIE[session_name()] );
419 }
420
421 /* private */ function cookieRedirectCheck( $type )
422 {
423 global $wgOut, $wgLang;
424
425 $titleObj = Title::makeTitle( NS_SPECIAL, "Userlogin" );
426 $check = $titleObj->getFullURL( "wpCookieCheck=$type" );
427
428 return $wgOut->redirect( $check );
429 }
430
431 /* private */ function onCookieRedirectCheck( $type ) {
432 global $wgUser;
433
434 if ( !$this->hasSessionCookie() ) {
435 if ( $type == "new" ) {
436 return $this->mainLoginForm( wfMsg( "nocookiesnew" ) );
437 } else if ( $type == "login" ) {
438 return $this->mainLoginForm( wfMsg( "nocookieslogin" ) );
439 } else {
440 # shouldn't happen
441 return $this->mainLoginForm( wfMsg( "error" ) );
442 }
443 } else {
444 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
445 }
446 }
447 }
448 ?>
Wiklou, le Wiki du Wiklou