dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Don't run the query if search is disabled!
[lhc/web/wiklou.git] / includes / SpecialUserlogin.php
1 <?
2
3 function wfSpecialUserlogin()
4 {
5 global $wpCreateaccount, $wpCreateaccountMail;
6 global $wpLoginattempt, $wpMailmypassword;
7 global $action;
8
9 $fields = array( "wpName", "wpPassword", "wpName",
10 "wpPassword", "wpRetype", "wpEmail" );
11 wfCleanFormFields( $fields );
12
13 if ( isset( $wpCreateaccount ) ) {
14 addNewAccount();
15 } else if ( isset( $wpCreateaccountMail ) ) {
16 addNewAccountMailPassword();
17 } else if ( isset( $wpMailmypassword ) ) {
18 mailPassword();
19 } else if ( "submit" == $action || isset( $wpLoginattempt ) ) {
20 processLogin();
21 } else {
22 mainLoginForm( "" );
23 }
24 }
25
26
27 /* private */ function addNewAccountMailPassword()
28 {
29 global $wgOut, $wpEmail, $wpName;
30
31 if ("" == $wpEmail) {
32 mainLoginForm( wfMsg( "noemail", $wpName ) );
33 return;
34 }
35
36 $u = addNewaccountInternal();
37
38 if ($u == NULL) {
39 return;
40 }
41
42 $u->saveSettings();
43 if (mailPasswordInternal($u) == NULL)
44 {
45 return;
46 }
47
48 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
49 $wgOut->setRobotpolicy( "noindex,nofollow" );
50 $wgOut->setArticleFlag( false );
51
52 $wgOut->addWikiText( wfMsg( "accmailtext", $u->getName(), $u->getEmail() ) );
53 $wgOut->returnToMain( false );
54
55 $u = 0;
56 }
57
58
59 /* private */ function addNewAccount()
60 {
61 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
62 global $wpEmail, $wgDeferredUpdateList;
63
64 $u = addNewAccountInternal();
65
66 if ($u == NULL) {
67 return;
68 }
69
70 $wgUser = $u;
71 successfulLogin( wfMsg( "welcomecreation", $wgUser->getName() ) );
72 }
73
74
75 /* private */ function addNewAccountInternal()
76 {
77 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
78 global $wpEmail, $wgDeferredUpdateList;
79
80 if (!cookieCheck()) {
81 return;
82 }
83
84 if (!$wgUser->isAllowedToCreateAccount()) {
85 userNotPrivilegedMessage();
86 return;
87 }
88
89 if ( 0 != strcmp( $wpPassword, $wpRetype ) ) {
90 mainLoginForm( wfMsg( "badretype" ) );
91 return;
92 }
93 $wpName = trim( $wpName );
94 if ( ( "" == $wpName ) ||
95 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $wpName ) ||
96 (strpos( $wpName, "/" ) !== false) )
97 {
98 mainLoginForm( wfMsg( "noname" ) );
99 return;
100 }
101 if ( wfReadOnly() ) {
102 $wgOut->readOnlyPage();
103 return;
104 }
105 $u = User::newFromName( $wpName );
106
107 if ( 0 != $u->idForName() ) {
108 mainLoginForm( wfMsg( "userexists" ) );
109 return;
110 }
111 $u->addToDatabase();
112 $u->setPassword( $wpPassword );
113 $u->setEmail( $wpEmail );
114 if ( 1 == $wpRemember ) { $r = 1; }
115 else { $r = 0; }
116 $u->setOption( "rememberpassword", $r );
117
118 return $u;
119 }
120
121
122
123
124 /* private */ function processLogin()
125 {
126 global $wgUser, $wpName, $wpPassword, $wpRemember;
127 global $returnto;
128
129 if (!cookieCheck()) {
130 return;
131 }
132
133 if ( "" == $wpName ) {
134 mainLoginForm( wfMsg( "noname" ) );
135 return;
136 }
137 $u = User::newFromName( $wpName );
138 $id = $u->idForName();
139 if ( 0 == $id ) {
140 mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
141 return;
142 }
143 $u->setId( $id );
144 $u->loadFromDatabase();
145 $ep = $u->encryptPassword( $wpPassword );
146 if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
147 if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
148 mainLoginForm( wfMsg( "wrongpassword" ) );
149 return;
150 }
151 }
152
153 # We've verified now, update the real record
154 #
155 if ( 1 == $wpRemember ) {
156 $r = 1;
157 $u->setCookiePassword( $wpPassword );
158 } else {
159 $r = 0;
160 }
161 $u->setOption( "rememberpassword", $r );
162
163 $wgUser = $u;
164 successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
165 }
166
167 /* private */ function mailPassword()
168 {
169 global $wgUser, $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
170 global $wgCookiePath, $wgCookieDomain, $wgDBname;
171
172 if ( "" == $wpName ) {
173 mainLoginForm( wfMsg( "noname" ) );
174 return;
175 }
176 $u = User::newFromName( $wpName );
177 $id = $u->idForName();
178 if ( 0 == $id ) {
179 mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
180 return;
181 }
182 $u->setId( $id );
183 $u->loadFromDatabase();
184
185 if (mailPasswordInternal($u) == NULL) {
186 return;
187 }
188
189 mainLoginForm( wfMsg( "passwordsent", $u->getName() ) );
190 }
191
192
193 /* private */ function mailPasswordInternal( $u )
194 {
195 global $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
196 global $wgPasswordSender;
197
198 if ( "" == $u->getEmail() ) {
199 mainLoginForm( wfMsg( "noemail", $u->getName() ) );
200 return;
201 }
202 $np = User::randomPassword();
203 $u->setNewpassword( $np );
204
205 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
206 $u->saveSettings();
207
208 $ip = getenv( "REMOTE_ADDR" );
209 if ( "" == $ip ) { $ip = "(Unknown)"; }
210
211 $m = wfMsg( "passwordremindertext", $ip, $u->getName(), $np );
212
213 mail( $u->getEmail(), wfMsg( "passwordremindertitle" ), $m,
214 "MIME-Version: 1.0\r\n" .
215 "Content-type: text/plain; charset={$wgOutputEncoding}\r\n" .
216 "Content-transfer-encoding: 8bit\r\n" .
217 "From: $wgPasswordSender" );
218
219 return $u;
220 }
221
222
223
224
225
226 /* private */ function successfulLogin( $msg )
227 {
228 global $wgUser, $wgOut, $returnto;
229 global $wgDeferredUpdateList;
230
231 $wgUser->setCookies();
232 $up = new UserUpdate();
233 array_push( $wgDeferredUpdateList, $up );
234
235 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
236 $wgOut->setRobotpolicy( "noindex,nofollow" );
237 $wgOut->setArticleFlag( false );
238 $wgOut->addHTML( $msg . "\n<p>" );
239 $wgOut->returnToMain();
240 }
241
242
243
244
245
246 function userNotPrivilegedMessage()
247 {
248 global $wgOut, $wgUser, $wgLang;
249
250 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
251 $wgOut->setRobotpolicy( "noindex,nofollow" );
252 $wgOut->setArticleFlag( false );
253
254 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
255 $wgOut->returnToMain( false );
256 }
257
258
259
260
261 /* private */ function mainLoginForm( $err )
262 {
263 global $wgUser, $wgOut, $wgLang, $returnto;
264 global $wpName, $wpPassword, $wpRetype, $wpRemember;
265 global $wpEmail, $HTTP_COOKIE_VARS, $wgDBname;
266
267 $le = wfMsg( "loginerror" );
268 $yn = wfMsg( "yourname" );
269 $yp = wfMsg( "yourpassword" );
270 $ypa = wfMsg( "yourpasswordagain" );
271 $rmp = wfMsg( "remembermypassword" );
272 $ayn = wfMsg( "areyounew" );
273 $nuo = wfMsg( "newusersonly" );
274 $li = wfMsg( "login" );
275 $ca = wfMsg( "createaccount" );
276 $cam = wfMsg( "createaccountmail" );
277 $ye = wfMsg( "youremail" );
278 $efl = wfMsg( "emailforlost" );
279 $mmp = wfMsg( "mailmypassword" );
280
281 $name = $wpName;
282 if ( "" == $name ) {
283 if ( 0 != $wgUser->getID() ) {
284 $name = $wgUser->getName();
285 } else {
286 $name = $HTTP_COOKIE_VARS["{$wgDBname}UserName"];
287 }
288 }
289 $pwd = $wpPassword;
290
291 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
292 $wgOut->setRobotpolicy( "noindex,nofollow" );
293 $wgOut->setArticleFlag( false );
294
295 if ( "" == $err ) {
296 $wgOut->addHTML( "<h2>$li:</h2>\n" );
297 } else {
298 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
299 color='red'>$err</font>\n" );
300 }
301 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
302 $checked = " checked";
303 } else {
304 $checked = "";
305 }
306 $q = "action=submit";
307 if ( "" != $returnto ) { $q .= "&returnto=" . wfUrlencode($returnto); }
308 $action = wfLocalUrlE( $wgLang->specialPage( "Userlogin" ), $q );
309
310 $wpName = wfEscapeHTML( $wpName );
311 $wpPassword = wfEscapeHTML( $wpPassword );
312 $wpRetype = wfEscapeHTML( $wpRetype );
313 $wpEmail = wfEscapeHTML( $wpEmail );
314
315 if ($wgUser->getID() != 0) {
316 $cambutton = "<input tabindex=6 type=submit name=\"wpCreateaccountMail\" value=\"{$cam}\">";
317 }
318
319 $wgOut->addHTML( "
320 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
321 <table border=0><tr>
322 <td align=right>$yn:</td>
323 <td colspan=2 align=left>
324 <input tabindex=1 type=text name=\"wpName\" value=\"{$name}\" size=20>
325 </td></tr><tr>
326 <td align=right>$yp:</td>
327 <td align=left>
328 <input tabindex=2 type=password name=\"wpPassword\" value=\"{$pwd}\" size=20>
329 </td>
330 <td align=left>
331 <input tabindex=3 type=submit name=\"wpLoginattempt\" value=\"{$li}\">
332 </td></tr>");
333
334 if ($wgUser->isAllowedToCreateAccount()) {
335
336 $wgOut->addHTML("<tr><td colspan=3>&nbsp;</td></tr><tr>
337 <td align=right>$ypa:</td>
338 <td align=left>
339 <input tabindex=4 type=password name=\"wpRetype\" value=\"{$wpRetype}\"
340 size=20>
341 </td><td>$nuo</td></tr>
342 <tr>
343 <td align=right>$ye:</td>
344 <td align=left>
345 <input tabindex=5 type=text name=\"wpEmail\" value=\"{$wpEmail}\" size=20>
346 </td><td align=left>
347 <input tabindex=6 type=submit name=\"wpCreateaccount\" value=\"{$ca}\">
348 $cambutton
349 </td></tr>");
350 }
351
352 $wgOut->addHTML("
353 <tr>
354 <td colspan=3 align=left>
355 <input tabindex=7 type=checkbox name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked><label for=\"wpRemember\">$rmp</label>
356 </td></tr>
357 <tr><td colspan=3>&nbsp;</td></tr><tr>
358 <td colspan=3 align=left>
359 <p>$efl<br>
360 <input tabindex=8 type=submit name=\"wpMailmypassword\" value=\"{$mmp}\">
361 </td></tr></table>
362 </form>\n" );
363
364
365
366 }
367
368 /* private */ function cookieCheck() {
369
370 global $HTTP_COOKIE_VARS, $wgOut, $returnto;
371 global $wgDisableCookieCheck;
372
373 if ( $wgDisableCookieCheck ) {
374 return true;
375 }
376
377 # XXX: kind of crude check to see if cookies are enabled, but it works OK
378
379 if ( "" == $HTTP_COOKIE_VARS[session_name()])
380 {
381 # Don't go back to login page; they won't get time to
382 # enable cookies and send us one, so they'll get this msg again. Instead,
383 # let them enable cookies on the error page, then go back to login page.
384 # XXX: wipes returnto, unfortunately.
385
386 $returnto = "Special:Userlogin";
387 $wgOut->errorpage( "nocookies", "nocookiestext" );
388 return false;
389 }
390
391 return true;
392 }
393
394 ?>
Wiklou, le Wiki du Wiklou