dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
FOR UPDATE mode for Article class, and for getArticleID function of Title. Using...
[lhc/web/wiklou.git] / includes / SpecialUserlogin.php
1 <?php
2
3 require_once('UserMailer.php');
4
5 function wfSpecialUserlogin()
6 {
7 global $wgCommandLineMode;
8 global $wgRequest;
9 if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {
10 User::SetupSession();
11 }
12
13 $form = new LoginForm( $wgRequest );
14 $form->execute();
15 }
16
17 class LoginForm {
18 var $mName, $mPassword, $mRetype, $mReturnto, $mCookieCheck, $mPosted;
19 var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
20 var $mLoginattempt, $mRemember, $mEmail;
21
22 function LoginForm( &$request ) {
23 global $wgLang, $wgAllowRealName;
24
25 $this->mName = $request->getText( 'wpName' );
26 $this->mPassword = $request->getText( 'wpPassword' );
27 $this->mRetype = $request->getText( 'wpRetype' );
28 $this->mReturnto = $request->getVal( 'returnto' );
29 $this->mCookieCheck = $request->getVal( "wpCookieCheck" );
30 $this->mPosted = $request->wasPosted();
31 $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' );
32 $this->mCreateaccountMail = $request->getCheck( 'wpCreateaccountMail' );
33 $this->mMailmypassword = $request->getCheck( 'wpMailmypassword' );
34 $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
35 $this->mAction = $request->getVal( 'action' );
36 $this->mRemember = $request->getCheck( 'wpRemember' );
37 $this->mEmail = $request->getText( 'wpEmail' );
38 if ($wgAllowRealName) {
39 $this->mRealName = $request->getText( 'wpRealName' );
40 } else {
41 $this->mRealName = '';
42 }
43
44 # When switching accounts, it sucks to get automatically logged out
45 if( $this->mReturnto == $wgLang->specialPage( "Userlogout" ) ) {
46 $this->mReturnto = "";
47 }
48 }
49
50 function execute() {
51 if ( !is_null( $this->mCookieCheck ) ) {
52 $this->onCookieRedirectCheck( $this->mCookieCheck );
53 return;
54 } else if( $this->mPosted ) {
55 if( $this->mCreateaccount ) {
56 return $this->addNewAccount();
57 } else if ( $this->mCreateaccountMail ) {
58 return $this->addNewAccountMailPassword();
59 } else if ( $this->mMailmypassword ) {
60 return $this->mailPassword();
61 } else if ( ( "submit" == $this->mAction ) || $this->mLoginattempt ) {
62 return $this->processLogin();
63 }
64 }
65 $this->mainLoginForm( "" );
66 }
67
68 /* private */ function addNewAccountMailPassword()
69 {
70 global $wgOut;
71
72 if ("" == $this->mEmail) {
73 $this->mainLoginForm( wfMsg( "noemail", $this->mName ) );
74 return;
75 }
76
77 $u = $this->addNewaccountInternal();
78
79 if ($u == NULL) {
80 return;
81 }
82
83 $u->saveSettings();
84 $error = $this->mailPasswordInternal($u);
85
86 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
87 $wgOut->setRobotpolicy( "noindex,nofollow" );
88 $wgOut->setArticleRelated( false );
89
90 if ( $error === "" ) {
91 $wgOut->addWikiText( wfMsg( "accmailtext", $u->getName(), $u->getEmail() ) );
92 $wgOut->returnToMain( false );
93 } else {
94 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
95 }
96
97 $u = 0;
98 }
99
100
101 /* private */ function addNewAccount()
102 {
103 global $wgUser, $wgOut;
104 global $wgDeferredUpdateList;
105
106 $u = $this->addNewAccountInternal();
107
108 if ($u == NULL) {
109 return;
110 }
111
112 $wgUser = $u;
113 $wgUser->setCookies();
114
115 $up = new UserUpdate();
116 array_push( $wgDeferredUpdateList, $up );
117
118 if( $this->hasSessionCookie() ) {
119 return $this->successfulLogin( wfMsg( "welcomecreation", $wgUser->getName() ) );
120 } else {
121 return $this->cookieRedirectCheck( "new" );
122 }
123 }
124
125
126 /* private */ function addNewAccountInternal()
127 {
128 global $wgUser, $wgOut;
129 global $wgMaxNameChars;
130 global $wgMemc, $wgAccountCreationThrottle, $wgDBname, $wgIP;
131
132 if (!$wgUser->isAllowedToCreateAccount()) {
133 $this->userNotPrivilegedMessage();
134 return;
135 }
136
137 if ( 0 != strcmp( $this->mPassword, $this->mRetype ) ) {
138 $this->mainLoginForm( wfMsg( "badretype" ) );
139 return;
140 }
141
142 $name = trim( $this->mName );
143 $u = User::newFromName( $name );
144 if ( ( "" == $name ) ||
145 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $name ) ||
146 (strpos( $name, "/" ) !== false) ||
147 (strlen( $name ) > $wgMaxNameChars) ||
148 ucFirst($name) != $u->getName() )
149 {
150 $this->mainLoginForm( wfMsg( "noname" ) );
151 return;
152 }
153 if ( wfReadOnly() ) {
154 $wgOut->readOnlyPage();
155 return;
156 }
157
158 if ( 0 != $u->idForName() ) {
159 $this->mainLoginForm( wfMsg( "userexists" ) );
160 return;
161 }
162
163 if ( $wgAccountCreationThrottle ) {
164 $key = "$wgDBname:acctcreate:ip:$wgIP";
165 $value = $wgMemc->incr( $key );
166 if ( !$value ) {
167 $wgMemc->set( $key, 1, 86400 );
168 }
169 if ( $value > $wgAccountCreationThrottle ) {
170 $this->throttleHit( $wgAccountCreationThrottle );
171 return;
172 }
173 }
174
175 $u->addToDatabase();
176 $u->setPassword( $this->mPassword );
177 $u->setEmail( $this->mEmail );
178 $u->setRealName( $this->mRealName );
179
180 if ( $this->mRemember ) { $r = 1; }
181 else { $r = 0; }
182 $u->setOption( "rememberpassword", $r );
183
184 return $u;
185 }
186
187
188
189 /* private */ function processLogin()
190 {
191 global $wgUser;
192 global $wgDeferredUpdateList;
193
194 if ( "" == $this->mName ) {
195 $this->mainLoginForm( wfMsg( "noname" ) );
196 return;
197 }
198 $u = User::newFromName( $this->mName );
199 $id = $u->idForName();
200 if ( 0 == $id ) {
201 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
202 return;
203 }
204 $u->setId( $id );
205 $u->loadFromDatabase();
206 if (!$u->checkPassword( $this->mPassword )) {
207 $this->mainLoginForm( wfMsg( "wrongpassword" ) );
208 return;
209 }
210
211 # We've verified now, update the real record
212 #
213 if ( $this->mRemember ) {
214 $r = 1;
215 $u->setCookiePassword( $this->mPassword );
216 } else {
217 $r = 0;
218 }
219 $u->setOption( "rememberpassword", $r );
220
221 $wgUser = $u;
222 $wgUser->setCookies();
223
224 $up = new UserUpdate();
225 array_push( $wgDeferredUpdateList, $up );
226
227 if( $this->hasSessionCookie() ) {
228 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
229 } else {
230 return $this->cookieRedirectCheck( "login" );
231 }
232 }
233
234 /* private */ function mailPassword()
235 {
236 global $wgUser, $wgDeferredUpdateList, $wgOutputEncoding;
237 global $wgCookiePath, $wgCookieDomain, $wgDBname;
238
239 if ( "" == $this->mName ) {
240 $this->mainLoginForm( wfMsg( "noname" ) );
241 return;
242 }
243 $u = User::newFromName( $this->mName );
244 $id = $u->idForName();
245 if ( 0 == $id ) {
246 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
247 return;
248 }
249 $u->setId( $id );
250 $u->loadFromDatabase();
251
252 $error = $this->mailPasswordInternal( $u );
253 if ($error === "") {
254 $this->mainLoginForm( wfMsg( "passwordsent", $u->getName() ) );
255 } else {
256 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
257 }
258
259 }
260
261
262 /* private */ function mailPasswordInternal( $u )
263 {
264 global $wgDeferredUpdateList, $wgOutputEncoding;
265 global $wgPasswordSender, $wgDBname, $wgIP;
266 global $wgCookiePath, $wgCookieDomain;
267
268 if ( "" == $u->getEmail() ) {
269 $this->mainLoginForm( wfMsg( "noemail", $u->getName() ) );
270 return;
271 }
272 $np = User::randomPassword();
273 $u->setNewpassword( $np );
274
275 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
276 $u->saveSettings();
277
278 $ip = $wgIP;
279 if ( "" == $ip ) { $ip = "(Unknown)"; }
280
281 $m = wfMsg( "passwordremindertext", $ip, $u->getName(), $np );
282
283 $error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( "passwordremindertitle" ), $m );
284
285 return $error;
286 }
287
288
289
290
291
292 /* private */ function successfulLogin( $msg )
293 {
294 global $wgUser;
295 global $wgDeferredUpdateList;
296 global $wgOut;
297
298 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
299 $wgOut->setRobotpolicy( "noindex,nofollow" );
300 $wgOut->setArticleRelated( false );
301 $wgOut->addHTML( $msg );
302 $wgOut->returnToMain();
303 }
304
305 function userNotPrivilegedMessage()
306 {
307 global $wgOut, $wgUser, $wgLang;
308
309 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
310 $wgOut->setRobotpolicy( "noindex,nofollow" );
311 $wgOut->setArticleRelated( false );
312
313 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
314
315 $wgOut->returnToMain( false );
316 }
317
318 /* private */ function mainLoginForm( $err )
319 {
320 global $wgUser, $wgOut, $wgLang;
321 global $wgDBname, $wgAllowRealName;
322
323 $le = wfMsg( "loginerror" );
324 $yn = wfMsg( "yourname" );
325 $yp = wfMsg( "yourpassword" );
326 $ypa = wfMsg( "yourpasswordagain" );
327 $rmp = wfMsg( "remembermypassword" );
328 $nuo = wfMsg( "newusersonly" );
329 $li = wfMsg( "login" );
330 $ca = wfMsg( "createaccount" );
331 $cam = wfMsg( "createaccountmail" );
332 $ye = wfMsg( "youremail" );
333 if ($wgAllowRealName) {
334 $yrn = wfMsg( "yourrealname" );
335 } else {
336 $yrn = '';
337 }
338 $efl = wfMsg( "emailforlost" );
339 $mmp = wfMsg( "mailmypassword" );
340 $endText = wfMsg( "loginend" );
341
342 if ( $endText = "&lt;loginend&gt;" ) {
343 $endText = "";
344 }
345
346 if ( "" == $this->mName ) {
347 if ( 0 != $wgUser->getID() ) {
348 $this->mName = $wgUser->getName();
349 } else {
350 $this->mName = @$_COOKIE["{$wgDBname}UserName"];
351 }
352 }
353
354 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
355 $wgOut->setRobotpolicy( "noindex,nofollow" );
356 $wgOut->setArticleRelated( false );
357
358 if ( "" == $err ) {
359 $lp = wfMsg( "loginprompt" );
360 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
361 } else {
362 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
363 color='red'>$err</font>\n" );
364 }
365 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
366 $checked = " checked";
367 } else {
368 $checked = "";
369 }
370
371 $q = "action=submit";
372 if ( !empty( $this->mReturnto ) ) {
373 $q .= "&returnto=" . wfUrlencode( $this->mReturnto );
374 }
375
376 $titleObj = Title::makeTitle( NS_SPECIAL, "Userlogin" );
377 $action = $titleObj->escapeLocalUrl( $q );
378
379 $encName = htmlspecialchars( $this->mName );
380 $encPassword = htmlspecialchars( $this->mPassword );
381 $encRetype = htmlspecialchars( $this->mRetype );
382 $encEmail = htmlspecialchars( $this->mEmail );
383 $encRealName = htmlspecialchars( $this->mRealName );
384
385 if ($wgUser->getID() != 0) {
386 $cambutton = "<input tabindex='6' type='submit' name=\"wpCreateaccountMail\" value=\"{$cam}\" />";
387 } else {
388 $cambutton = "";
389 }
390
391 $wgOut->addHTML( "
392 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
393 <table border='0'><tr>
394 <td align='right'>$yn:</td>
395 <td align='left'>
396 <input tabindex='1' type='text' name=\"wpName\" value=\"{$encName}\" size='20' />
397 </td>
398 <td align='left'>
399 <input tabindex='3' type='submit' name=\"wpLoginattempt\" value=\"{$li}\" />
400 </td>
401 </tr>
402 <tr>
403 <td align='right'>$yp:</td>
404 <td align='left'>
405 <input tabindex='2' type='password' name=\"wpPassword\" value=\"{$encPassword}\" size='20' />
406 </td>
407 <td align='left'>
408 <input tabindex='7' type='checkbox' name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked /><label for=\"wpRemember\">$rmp</label>
409 </td>
410 </tr>");
411
412 if ($wgUser->isAllowedToCreateAccount()) {
413 $encRetype = htmlspecialchars( $this->mRetype );
414 $encEmail = htmlspecialchars( $this->mEmail );
415 $wgOut->addHTML("<tr><td colspan='3'>&nbsp;</td></tr><tr>
416 <td align='right'>$ypa:</td>
417 <td align='left'>
418 <input tabindex='4' type='password' name=\"wpRetype\" value=\"{$encRetype}\"
419 size='20' />
420 </td><td>$nuo</td></tr>
421 <tr>
422 <td align='right'>$ye:</td>
423 <td align='left'>
424 <input tabindex='6' type='text' name=\"wpEmail\" value=\"{$encEmail}\" size='20' />
425 </td>");
426
427 if ($wgAllowRealName) {
428 $wgOut->addHTML("<td>&nbsp;</td>
429 </tr><tr>
430 <td align='right'>$yrn:</td>
431 <td align='left'>
432 <input tabindex='6' type='text' name=\"wpRealName\" value=\"{$encRealName}\" size='20' />
433 </td>");
434 }
435
436 $wgOut->addHTML("<td align='left'>
437 <input tabindex='7' type='submit' name=\"wpCreateaccount\" value=\"{$ca}\" />
438 $cambutton
439 </td></tr>");
440 }
441
442 $wgOut->addHTML("
443 <tr><td colspan='3'>&nbsp;</td></tr><tr>
444 <td colspan='3' align='left'>
445 <p>$efl<br />
446 <input tabindex='8' type='submit' name=\"wpMailmypassword\" value=\"{$mmp}\" /></p>
447 </td></tr></table>
448 </form>\n" );
449 $wgOut->addHTML( $endText );
450 }
451
452 /* private */ function hasSessionCookie()
453 {
454 global $wgDisableCookieCheck;
455 return ( $wgDisableCookieCheck ) ? true : ( "" != $_COOKIE[session_name()] );
456 }
457
458 /* private */ function cookieRedirectCheck( $type )
459 {
460 global $wgOut, $wgLang;
461
462 $titleObj = Title::makeTitle( NS_SPECIAL, "Userlogin" );
463 $check = $titleObj->getFullURL( "wpCookieCheck=$type" );
464
465 return $wgOut->redirect( $check );
466 }
467
468 /* private */ function onCookieRedirectCheck( $type ) {
469 global $wgUser;
470
471 if ( !$this->hasSessionCookie() ) {
472 if ( $type == "new" ) {
473 return $this->mainLoginForm( wfMsg( "nocookiesnew" ) );
474 } else if ( $type == "login" ) {
475 return $this->mainLoginForm( wfMsg( "nocookieslogin" ) );
476 } else {
477 # shouldn't happen
478 return $this->mainLoginForm( wfMsg( "error" ) );
479 }
480 } else {
481 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
482 }
483 }
484
485 /* private */ function throttleHit( $limit ) {
486 global $wgOut;
487
488 $wgOut->addWikiText( wfMsg( 'acct_creation_throttle_hit', $limit ) );
489 }
490 }
491 ?>
Wiklou, le Wiki du Wiklou