+
+ if ( $this->mUsername == '' ) {
+ if ( $wgUser->isLoggedIn() ) {
+ $this->mUsername = $wgUser->getName();
+ } else {
+ $this->mUsername = $wgRequest->getCookie( 'UserName' );
+ }
+ }
+
+ if ( $this->mType == 'signup' ) {
+ $template = new UsercreateTemplate();
+ $q = 'action=submitlogin&type=signup';
+ $linkq = 'type=login';
+ $linkmsg = 'gotaccount';
+ } else {
+ $template = new UserloginTemplate();
+ $q = 'action=submitlogin&type=login';
+ $linkq = 'type=signup';
+ $linkmsg = 'nologin';
+ }
+
+ if ( !empty( $this->mReturnTo ) ) {
+ $returnto = '&returnto=' . wfUrlencode( $this->mReturnTo );
+ if ( !empty( $this->mReturnToQuery ) ) {
+ $returnto .= '&returntoquery=' .
+ wfUrlencode( $this->mReturnToQuery );
+ }
+ $q .= $returnto;
+ $linkq .= $returnto;
+ }
+
+ # Pass any language selection on to the mode switch link
+ if( $wgLoginLanguageSelector && $this->mLanguage ) {
+ $linkq .= '&uselang=' . $this->mLanguage;
+ }
+
+ $link = '<a href="' . htmlspecialchars ( $titleObj->getLocalURL( $linkq ) ) . '">';
+ $link .= wfMsgHtml( $linkmsg . 'link' ); # Calling either 'gotaccountlink' or 'nologinlink'
+ $link .= '</a>';
+
+ # Don't show a "create account" link if the user can't
+ if( $this->showCreateOrLoginLink( $wgUser ) ) {
+ $template->set( 'link', wfMsgExt( $linkmsg, array( 'parseinline', 'replaceafter' ), $link ) );
+ } else {
+ $template->set( 'link', '' );
+ }
+
+ $resetLink = $this->mType == 'signup'
+ ? null
+ : is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) );
+
+ $template->set( 'header', '' );
+ $template->set( 'name', $this->mUsername );
+ $template->set( 'password', $this->mPassword );
+ $template->set( 'retype', $this->mRetype );
+ $template->set( 'email', $this->mEmail );
+ $template->set( 'realname', $this->mRealName );
+ $template->set( 'domain', $this->mDomain );
+ $template->set( 'reason', $this->mReason );
+
+ $template->set( 'action', $titleObj->getLocalURL( $q ) );
+ $template->set( 'message', $msg );
+ $template->set( 'messagetype', $msgtype );
+ $template->set( 'createemail', $wgEnableEmail && $wgUser->isLoggedIn() );
+ $template->set( 'userealname', !in_array( 'realname', $wgHiddenPrefs ) );
+ $template->set( 'useemail', $wgEnableEmail );
+ $template->set( 'emailrequired', $wgEmailConfirmToEdit );
+ $template->set( 'emailothers', $wgEnableUserEmail );
+ $template->set( 'canreset', $wgAuth->allowPasswordChange() );
+ $template->set( 'resetlink', $resetLink );
+ $template->set( 'canremember', ( $wgCookieExpiration > 0 ) );
+ $template->set( 'usereason', $wgUser->isLoggedIn() );
+ $template->set( 'remember', $wgUser->getOption( 'rememberpassword' ) || $this->mRemember );
+ $template->set( 'cansecurelogin', ( $wgSecureLogin === true ) );
+ $template->set( 'stickHTTPS', $this->mStickHTTPS );
+
+ if ( $this->mType == 'signup' ) {
+ if ( !self::getCreateaccountToken() ) {
+ self::setCreateaccountToken();
+ }
+ $template->set( 'token', self::getCreateaccountToken() );
+ } else {
+ if ( !self::getLoginToken() ) {
+ self::setLoginToken();
+ }
+ $template->set( 'token', self::getLoginToken() );
+ }
+
+ # Prepare language selection links as needed
+ if( $wgLoginLanguageSelector ) {
+ $template->set( 'languages', $this->makeLanguageSelector() );
+ if( $this->mLanguage )
+ $template->set( 'uselang', $this->mLanguage );
+ }
+
+ // Give authentication and captcha plugins a chance to modify the form
+ $wgAuth->modifyUITemplate( $template, $this->mType );
+ if ( $this->mType == 'signup' ) {
+ wfRunHooks( 'UserCreateForm', array( &$template ) );
+ } else {
+ wfRunHooks( 'UserLoginForm', array( &$template ) );
+ }
+
+ // Changes the title depending on permissions for creating account
+ if ( $wgUser->isAllowed( 'createaccount' ) ) {
+ $wgOut->setPageTitle( wfMsg( 'userlogin' ) );
+ } else {
+ $wgOut->setPageTitle( wfMsg( 'userloginnocreate' ) );
+ }
+
+ $wgOut->disallowUserJs(); // just in case...
+ $wgOut->addTemplate( $template );
+ }
+
+ /**
+ * @private
+ *
+ * @param $user User
+ *
+ * @return Boolean
+ */
+ function showCreateOrLoginLink( &$user ) {
+ if( $this->mType == 'signup' ) {
+ return true;
+ } elseif( $user->isAllowed( 'createaccount' ) ) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ /**
+ * Check if a session cookie is present.
+ *
+ * This will not pick up a cookie set during _this_ request, but is meant
+ * to ensure that the client is returning the cookie which was set on a
+ * previous pass through the system.
+ *
+ * @private
+ */
+ function hasSessionCookie() {
+ global $wgDisableCookieCheck, $wgRequest;
+ return $wgDisableCookieCheck ? true : $wgRequest->checkSessionCookie();
+ }
+
+ /**
+ * Get the login token from the current session
+ */
+ public static function getLoginToken() {
+ global $wgRequest;
+ return $wgRequest->getSessionData( 'wsLoginToken' );
+ }
+
+ /**
+ * Randomly generate a new login token and attach it to the current session
+ */
+ public static function setLoginToken() {
+ global $wgRequest;
+ // Use User::generateToken() instead of $user->editToken()
+ // because the latter reuses $_SESSION['wsEditToken']
+ $wgRequest->setSessionData( 'wsLoginToken', User::generateToken() );
+ }
+
+ /**
+ * Remove any login token attached to the current session
+ */
+ public static function clearLoginToken() {
+ global $wgRequest;
+ $wgRequest->setSessionData( 'wsLoginToken', null );
+ }
+
+ /**
+ * Get the createaccount token from the current session
+ */
+ public static function getCreateaccountToken() {
+ global $wgRequest;
+ return $wgRequest->getSessionData( 'wsCreateaccountToken' );
+ }
+
+ /**
+ * Randomly generate a new createaccount token and attach it to the current session
+ */
+ public static function setCreateaccountToken() {
+ global $wgRequest;
+ $wgRequest->setSessionData( 'wsCreateaccountToken', User::generateToken() );
+ }
+
+ /**
+ * Remove any createaccount token attached to the current session
+ */
+ public static function clearCreateaccountToken() {
+ global $wgRequest;
+ $wgRequest->setSessionData( 'wsCreateaccountToken', null );
+ }
+
+ /**
+ * @private
+ */
+ function cookieRedirectCheck( $type ) {
+ global $wgOut;
+
+ $titleObj = SpecialPage::getTitleFor( 'Userlogin' );
+ $query = array( 'wpCookieCheck' => $type );
+ if ( $this->mReturnTo ) {
+ $query['returnto'] = $this->mReturnTo;
+ }
+ $check = $titleObj->getFullURL( $query );
+
+ return $wgOut->redirect( $check );
+ }
+
+ /**
+ * @private
+ */
+ function onCookieRedirectCheck( $type ) {
+ if ( !$this->hasSessionCookie() ) {
+ if ( $type == 'new' ) {
+ return $this->mainLoginForm( wfMsgExt( 'nocookiesnew', array( 'parseinline' ) ) );
+ } elseif ( $type == 'login' ) {
+ return $this->mainLoginForm( wfMsgExt( 'nocookieslogin', array( 'parseinline' ) ) );
+ } else {
+ # shouldn't happen
+ return $this->mainLoginForm( wfMsg( 'error' ) );
+ }
+ } else {
+ return $this->successfulLogin();
+ }
+ }
+
+ /**
+ * @private
+ */
+ function throttleHit( $limit ) {
+ $this->mainLoginForm( wfMsgExt( 'acct_creation_throttle_hit', array( 'parseinline' ), $limit ) );