/**
* Loader
- *
- * @param $request WebRequest object
*/
function load() {
global $wgAuth, $wgHiddenPrefs, $wgEnableEmail, $wgRedirectOnLogin;
$this->mRetype = $request->getText( 'wpRetype' );
$this->mDomain = $request->getText( 'wpDomain' );
$this->mReason = $request->getText( 'wpReason' );
- $this->mReturnTo = $request->getVal( 'returnto' );
- $this->mReturnToQuery = $request->getVal( 'returntoquery' );
$this->mCookieCheck = $request->getVal( 'wpCookieCheck' );
$this->mPosted = $request->wasPosted();
$this->mCreateaccount = $request->getCheck( 'wpCreateaccount' );
if ( $wgRedirectOnLogin ) {
$this->mReturnTo = $wgRedirectOnLogin;
$this->mReturnToQuery = '';
+ } else {
+ $this->mReturnTo = $request->getVal( 'returnto', '' );
+ $this->mReturnToQuery = $request->getVal( 'returntoquery', '' );
}
if( $wgEnableEmail ) {
}
if( !$wgAuth->validDomain( $this->mDomain ) ) {
- $this->mDomain = 'invaliddomain';
+ $this->mDomain = $wgAuth->getDomain();
}
$wgAuth->setDomain( $this->mDomain );
- # When switching accounts, it sucks to get automatically logged out
+ # 1. When switching accounts, it sucks to get automatically logged out
+ # 2. Do not return to PasswordReset after a successful password change
+ # but goto Wiki start page (Main_Page) instead ( bug 33997 )
$returnToTitle = Title::newFromText( $this->mReturnTo );
- if( is_object( $returnToTitle ) && $returnToTitle->isSpecial( 'Userlogout' ) ) {
+ if( is_object( $returnToTitle ) && (
+ $returnToTitle->isSpecial( 'Userlogout' )
+ || $returnToTitle->isSpecial( 'PasswordReset' ) ) ) {
$this->mReturnTo = '';
$this->mReturnToQuery = '';
}
return;
} elseif( $this->mPosted ) {
if( $this->mCreateaccount ) {
- return $this->addNewAccount();
+ $this->addNewAccount();
+ return;
} elseif ( $this->mCreateaccountMail ) {
- return $this->addNewAccountMailPassword();
+ $this->addNewAccountMailPassword();
+ return;
} elseif ( ( 'submitlogin' == $this->mAction ) || $this->mLoginattempt ) {
- return $this->processLogin();
+ $this->processLogin();
+ return;
}
}
$this->mainLoginForm( '' );
/**
* @private
+ * @return bool
*/
function addNewAccount() {
global $wgUser, $wgEmailAuthentication, $wgLoginLanguageSelector;
# Create the account and abort if there's a problem doing so
$u = $this->addNewAccountInternal();
if( $u == null ) {
- return;
+ return false;
}
# If we showed up language selection links, and one was in use, be
wfRunHooks( 'AddNewAccount', array( $u, false ) );
$u->addNewUserLogEntry();
if( $this->hasSessionCookie() ) {
- return $this->successfulCreation();
+ $this->successfulCreation();
} else {
- return $this->cookieRedirectCheck( 'new' );
+ $this->cookieRedirectCheck( 'new' );
}
} else {
# Confirm that the account was created
$out->returnToMain( false, $this->getTitle() );
wfRunHooks( 'AddNewAccount', array( $u, false ) );
$u->addNewUserLogEntry( false, $this->mReason );
- return true;
}
+ return true;
}
/**
* @private
+ * @return bool|User
*/
function addNewAccountInternal() {
global $wgAuth, $wgMemc, $wgAccountCreationThrottle,
return false;
}
+ # Include checks that will include GlobalBlocking (Bug 38333)
+ $permErrors = $this->getTitle()->getUserPermissionsErrors( 'createaccount', $currentUser, true );
+ if ( count( $permErrors ) ) {
+ throw new PermissionsError( 'createaccount', $permErrors );
+ }
+
$ip = $this->getRequest()->getIP();
if ( $currentUser->isDnsBlacklisted( $ip, true /* check $wgProxyWhitelist */ ) ) {
- $this->mainLoginForm( $this->msg( 'sorbs_create_account_reason' )->text() . ' (' . htmlspecialchars( $ip ) . ')' );
+ $this->mainLoginForm( $this->msg( 'sorbs_create_account_reason' )->text() . ' ' . $this->msg( 'parentheses', $ip )->escaped() );
return false;
}
* This may create a local account as a side effect if the
* authentication plugin allows transparent local account
* creation.
+ * @return int
*/
public function authenticateUserData() {
global $wgUser, $wgAuth;
$this->load();
if ( $this->mUsername == '' ) {
- wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::NO_NAME ) );
return self::NO_NAME;
}
// If the user doesn't have a login token yet, set one.
if ( !self::getLoginToken() ) {
self::setLoginToken();
- wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::NEED_TOKEN ) );
return self::NEED_TOKEN;
}
// If the user didn't pass a login token, tell them we need one
if ( !$this->mToken ) {
- wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::NEED_TOKEN ) );
return self::NEED_TOKEN;
}
$throttleCount = self::incLoginThrottle( $this->mUsername );
if ( $throttleCount === true ) {
- wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::THROTTLED ) );
return self::THROTTLED;
}
// Validate the login token
if ( $this->mToken !== self::getLoginToken() ) {
- wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::WRONG_TOKEN ) );
return self::WRONG_TOKEN;
}
# user choose a different wiki name.
$u = User::newFromName( $this->mUsername );
if( !( $u instanceof User ) || !User::isUsableName( $u->getName() ) ) {
- wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::ILLEGAL ) );
return self::ILLEGAL;
}
if ( 0 == $u->getID() ) {
$status = $this->attemptAutoCreate( $u );
if ( $status !== self::SUCCESS ) {
- wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, $status ) );
return $status;
} else {
$isAutoCreated = true;
// Give general extensions, such as a captcha, a chance to abort logins
$abort = self::ABORTED;
if( !wfRunHooks( 'AbortLogin', array( $u, $this->mPassword, &$abort, &$this->mAbortLoginErrorMsg ) ) ) {
- wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, $abort ) );
return $abort;
}
$code = $request->getVal( 'uselang', $user->getOption( 'language' ) );
$userLang = Language::factory( $code );
$wgLang = $userLang;
- $this->getContext()->setLang( $userLang );
- return $this->successfulLogin();
+ $this->getContext()->setLanguage( $userLang );
+ $this->successfulLogin();
} else {
- return $this->cookieRedirectCheck( 'login' );
+ $this->cookieRedirectCheck( 'login' );
}
break;
case self::NOT_EXISTS:
if( $this->getUser()->isAllowed( 'createaccount' ) ) {
$this->mainLoginForm( $this->msg( 'nosuchuser',
- wfEscapeWikiText( $this->mUsername ) )->parse() );
+ wfEscapeWikiText( $this->mUsername ) )->parse() );
} else {
$this->mainLoginForm( $this->msg( 'nosuchusershort',
wfEscapeWikiText( $this->mUsername ) )->text() );
function resetLoginForm( $error ) {
$this->getOutput()->addHTML( Xml::element('p', array( 'class' => 'error' ), $error ) );
$reset = new SpecialChangePassword();
- $reset->setContext( $this );
+ $reset->setContext( $this->getContext() );
$reset->execute( null );
}
wfRunHooks( 'UserLoginComplete', array( &$currentUser, &$injected_html ) );
- //let any extensions change what message is shown
+ /**
+ * Let any extensions change what message is shown.
+ * @see https://www.mediawiki.org/wiki/Manual:Hooks/BeforeWelcomeCreation
+ * @since 1.18
+ */
wfRunHooks( 'BeforeWelcomeCreation', array( &$welcome_creation_msg, &$injected_html ) );
$this->displaySuccessfulLogin( $welcome_creation_msg, $injected_html );
/**
* Display a "login successful" page.
+ * @param $msgname string
+ * @param $injected_html string
*/
private function displaySuccessfulLogin( $msgname, $injected_html ) {
$out = $this->getOutput();
$out->addHTML( $injected_html );
- if ( !empty( $this->mReturnTo ) ) {
+ if ( $this->mReturnTo !== '' ) {
$out->returnToMain( null, $this->mReturnTo, $this->mReturnToQuery );
} else {
$out->returnToMain( null );
$linkmsg = 'nologin';
}
- if ( !empty( $this->mReturnTo ) ) {
+ if ( $this->mReturnTo !== '' ) {
$returnto = '&returnto=' . wfUrlencode( $this->mReturnTo );
- if ( !empty( $this->mReturnToQuery ) ) {
+ if ( $this->mReturnToQuery !== '' ) {
$returnto .= '&returntoquery=' .
wfUrlencode( $this->mReturnToQuery );
}
# Prepare language selection links as needed
if( $wgLoginLanguageSelector ) {
$template->set( 'languages', $this->makeLanguageSelector() );
- if( $this->mLanguage )
+ if( $this->mLanguage ) {
$template->set( 'uselang', $this->mLanguage );
+ }
}
// Use loginend-https for HTTPS requests if it's not blank, loginend otherwise
* previous pass through the system.
*
* @private
+ * @return bool
*/
function hasSessionCookie() {
global $wgDisableCookieCheck;
/**
* Get the login token from the current session
+ * @return Mixed
*/
public static function getLoginToken() {
global $wgRequest;
*/
public static function setLoginToken() {
global $wgRequest;
- // Use User::generateToken() instead of $user->editToken()
+ // Generate a token directly instead of using $user->editToken()
// because the latter reuses $_SESSION['wsEditToken']
- $wgRequest->setSessionData( 'wsLoginToken', User::generateToken() );
+ $wgRequest->setSessionData( 'wsLoginToken', MWCryptRand::generateHex( 32 ) );
}
/**
/**
* Get the createaccount token from the current session
+ * @return Mixed
*/
public static function getCreateaccountToken() {
global $wgRequest;
*/
public static function setCreateaccountToken() {
global $wgRequest;
- $wgRequest->setSessionData( 'wsCreateaccountToken', User::generateToken() );
+ $wgRequest->setSessionData( 'wsCreateaccountToken', MWCryptRand::generateHex( 32 ) );
}
/**
function cookieRedirectCheck( $type ) {
$titleObj = SpecialPage::getTitleFor( 'Userlogin' );
$query = array( 'wpCookieCheck' => $type );
- if ( $this->mReturnTo ) {
+ if ( $this->mReturnTo !== '' ) {
$query['returnto'] = $this->mReturnTo;
+ $query['returntoquery'] = $this->mReturnToQuery;
}
$check = $titleObj->getFullURL( $query );
- return $this->getOutput()->redirect( $check );
+ $this->getOutput()->redirect( $check );
}
/**
function onCookieRedirectCheck( $type ) {
if ( !$this->hasSessionCookie() ) {
if ( $type == 'new' ) {
- return $this->mainLoginForm( $this->msg( 'nocookiesnew' )->parse() );
+ $this->mainLoginForm( $this->msg( 'nocookiesnew' )->parse() );
} elseif ( $type == 'login' ) {
- return $this->mainLoginForm( $this->msg( 'nocookieslogin' )->parse() );
+ $this->mainLoginForm( $this->msg( 'nocookieslogin' )->parse() );
} else {
# shouldn't happen
- return $this->mainLoginForm( $this->msg( 'error' )->text() );
+ $this->mainLoginForm( $this->msg( 'error' )->text() );
}
} else {
- return $this->successfulLogin();
+ $this->successfulLogin();
}
}
}
}
return count( $links ) > 0 ? $this->msg( 'loginlanguagelabel' )->rawParams(
- $this->getLang()->pipeList( $links ) )->escaped() : '';
+ $this->getLanguage()->pipeList( $links ) )->escaped() : '';
} else {
return '';
}
*
* @param $text Link text
* @param $lang Language code
+ * @return string
*/
function makeLanguageSelectorLink( $text, $lang ) {
- $attr = array( 'uselang' => $lang );
+ if( $this->getLanguage()->getCode() == $lang ) {
+ // no link for currently used language
+ return htmlspecialchars( $text );
+ }
+ $query = array( 'uselang' => $lang );
if( $this->mType == 'signup' ) {
- $attr['type'] = 'signup';
+ $query['type'] = 'signup';
}
- if( $this->mReturnTo ) {
- $attr['returnto'] = $this->mReturnTo;
+ if( $this->mReturnTo !== '' ) {
+ $query['returnto'] = $this->mReturnTo;
+ $query['returntoquery'] = $this->mReturnToQuery;
}
+
+ $attr = array();
+ $targetLanguage = Language::factory( $lang );
+ $attr['lang'] = $attr['hreflang'] = $targetLanguage->getHtmlCode();
+
return Linker::linkKnown(
$this->getTitle(),
htmlspecialchars( $text ),
- array(),
- $attr
+ $attr,
+ $query
);
}
}