/**
* Loader
- *
- * @param $request WebRequest object
*/
function load() {
global $wgAuth, $wgHiddenPrefs, $wgEnableEmail, $wgRedirectOnLogin;
}
if( !$wgAuth->validDomain( $this->mDomain ) ) {
- $this->mDomain = 'invaliddomain';
+ if ( isset( $_SESSION['wsDomain'] ) ) {
+ $this->mDomain = $_SESSION['wsDomain'];
+ } else {
+ $this->mDomain = 'invaliddomain';
+ }
}
$wgAuth->setDomain( $this->mDomain );
- # When switching accounts, it sucks to get automatically logged out
+ # 1. When switching accounts, it sucks to get automatically logged out
+ # 2. Do not return to PasswordReset after a successful password change
+ # but goto Wiki start page (Main_Page) instead ( bug 33997 )
$returnToTitle = Title::newFromText( $this->mReturnTo );
- if( is_object( $returnToTitle ) && $returnToTitle->isSpecial( 'Userlogout' ) ) {
+ if( is_object( $returnToTitle ) && (
+ $returnToTitle->isSpecial( 'Userlogout' )
+ || $returnToTitle->isSpecial( 'PasswordReset' ) ) ) {
$this->mReturnTo = '';
$this->mReturnToQuery = '';
}
}
+ function getDescription() {
+ return $this->msg( $this->getUser()->isAllowed( 'createaccount' ) ?
+ 'userlogin' : 'userloginnocreate' )->text();
+ }
+
public function execute( $par ) {
if ( session_id() == '' ) {
wfSetupSession();
}
$this->load();
+ $this->setHeaders();
if ( $par == 'signup' ) { # Check for [[Special:Userlogin/signup]]
$this->mType = 'signup';
return;
} elseif( $this->mPosted ) {
if( $this->mCreateaccount ) {
- return $this->addNewAccount();
+ $this->addNewAccount();
+ return;
} elseif ( $this->mCreateaccountMail ) {
- return $this->addNewAccountMailPassword();
+ $this->addNewAccountMailPassword();
+ return;
} elseif ( ( 'submitlogin' == $this->mAction ) || $this->mLoginattempt ) {
- return $this->processLogin();
+ $this->processLogin();
+ return;
}
}
$this->mainLoginForm( '' );
$u->addNewUserLogEntry( true, $this->mReason );
$out = $this->getOutput();
- $out->setPageTitle( $this->msg( 'accmailtitle' )->text() );
+ $out->setPageTitle( $this->msg( 'accmailtitle' ) );
if( !$result->isGood() ) {
$this->mainLoginForm( $this->msg( 'mailerror', $result->getWikiText() )->text() );
/**
* @private
+ * @return bool
*/
function addNewAccount() {
global $wgUser, $wgEmailAuthentication, $wgLoginLanguageSelector;
# Create the account and abort if there's a problem doing so
$u = $this->addNewAccountInternal();
if( $u == null ) {
- return;
+ return false;
}
# If we showed up language selection links, and one was in use, be
wfRunHooks( 'AddNewAccount', array( $u, false ) );
$u->addNewUserLogEntry();
if( $this->hasSessionCookie() ) {
- return $this->successfulCreation();
+ $this->successfulCreation();
} else {
- return $this->cookieRedirectCheck( 'new' );
+ $this->cookieRedirectCheck( 'new' );
}
} else {
# Confirm that the account was created
- $out->setPageTitle( $this->msg( 'accountcreated' )->text() );
+ $out->setPageTitle( $this->msg( 'accountcreated' ) );
$out->addWikiMsg( 'accountcreatedtext', $u->getName() );
$out->returnToMain( false, $this->getTitle() );
wfRunHooks( 'AddNewAccount', array( $u, false ) );
$u->addNewUserLogEntry( false, $this->mReason );
- return true;
}
+ return true;
}
/**
* @private
+ * @return bool|\User
*/
function addNewAccountInternal() {
global $wgAuth, $wgMemc, $wgAccountCreationThrottle,
$ip = $this->getRequest()->getIP();
if ( $currentUser->isDnsBlacklisted( $ip, true /* check $wgProxyWhitelist */ ) ) {
- $this->mainLoginForm( $this->msg( 'sorbs_create_account_reason' )->text() . ' (' . htmlspecialchars( $ip ) . ')' );
+ $this->mainLoginForm( $this->msg( 'sorbs_create_account_reason' )->text() . ' ' . $this->msg( 'parentheses', $ip )->escaped() );
return false;
}
}
// Hook point to check for exempt from account creation throttle
- if ( !wfRunHooks( 'exemptFromAccountCreationThrottle', array( $ip ) ) ) {
+ if ( !wfRunHooks( 'ExemptFromAccountCreationThrottle', array( $ip ) ) ) {
wfDebug( "LoginForm::exemptFromAccountCreationThrottle: a hook allowed account creation w/o throttle\n" );
} else {
if ( ( $wgAccountCreationThrottle && $currentUser->isPingLimitable() ) ) {
* This may create a local account as a side effect if the
* authentication plugin allows transparent local account
* creation.
+ * @return int
*/
public function authenticateUserData() {
global $wgUser, $wgAuth;
return $retval;
}
- /*
+ /**
* Increment the login attempt throttle hit count for the (username,current IP)
* tuple unless the throttle was already reached.
* @param $username string The user name
return $throttleCount;
}
- /*
+ /**
* Clear the login attempt throttle hit count for the (username,current IP) tuple.
* @param $username string The user name
* @return void
$code = $request->getVal( 'uselang', $user->getOption( 'language' ) );
$userLang = Language::factory( $code );
$wgLang = $userLang;
- $this->getContext()->setLang( $userLang );
- return $this->successfulLogin();
+ $this->getContext()->setLanguage( $userLang );
+ $this->successfulLogin();
} else {
- return $this->cookieRedirectCheck( 'login' );
+ $this->cookieRedirectCheck( 'login' );
}
break;
case self::NOT_EXISTS:
if( $this->getUser()->isAllowed( 'createaccount' ) ) {
$this->mainLoginForm( $this->msg( 'nosuchuser',
- wfEscapeWikiText( $this->mUsername ) )->parse() );
+ wfEscapeWikiText( $this->mUsername ) )->parse() );
} else {
$this->mainLoginForm( $this->msg( 'nosuchusershort',
wfEscapeWikiText( $this->mUsername ) )->text() );
function resetLoginForm( $error ) {
$this->getOutput()->addHTML( Xml::element('p', array( 'class' => 'error' ), $error ) );
$reset = new SpecialChangePassword();
- $reset->setContext( $this );
+ $reset->setContext( $this->getContext() );
$reset->execute( null );
}
wfRunHooks( 'UserLoginComplete', array( &$currentUser, &$injected_html ) );
- //let any extensions change what message is shown
+ /**
+ * Let any extensions change what message is shown.
+ * @see https://www.mediawiki.org/wiki/Manual:Hooks/BeforeWelcomeCreation
+ * @since 1.18
+ */
wfRunHooks( 'BeforeWelcomeCreation', array( &$welcome_creation_msg, &$injected_html ) );
$this->displaySuccessfulLogin( $welcome_creation_msg, $injected_html );
/**
* Display a "login successful" page.
+ * @param $msgname string
+ * @param $injected_html string
*/
private function displaySuccessfulLogin( $msgname, $injected_html ) {
$out = $this->getOutput();
- $out->setPageTitle( $this->msg( 'loginsuccesstitle' )->text() );
+ $out->setPageTitle( $this->msg( 'loginsuccesstitle' ) );
if( $msgname ){
$out->addWikiMsg( $msgname, wfEscapeWikiText( $this->getUser()->getName() ) );
}
# out.
$out = $this->getOutput();
- $out->setPageTitle( $this->msg( 'cantcreateaccounttitle' )->text() );
+ $out->setPageTitle( $this->msg( 'cantcreateaccounttitle' ) );
$block_reason = $block->mReason;
if ( strval( $block_reason ) === '' ) {
'cantcreateaccount-text',
$block->getTarget(),
$block_reason,
- $block->getBlocker()->getName()
+ $block->getByName()
);
$out->returnToMain( false );
// Block signup here if in readonly. Keeps user from
// going through the process (filling out data, etc)
// and being informed later.
- if ( wfReadOnly() ) {
- throw new ReadOnlyError;
+ $permErrors = $titleObj->getUserPermissionsErrors( 'createaccount', $user, true );
+ if ( count( $permErrors ) ) {
+ throw new PermissionsError( 'createaccount', $permErrors );
} elseif ( $user->isBlockedFromCreateAccount() ) {
$this->userBlockedMessage( $user->isBlockedFromCreateAccount() );
return;
- } elseif ( count( $permErrors = $titleObj->getUserPermissionsErrors( 'createaccount', $user, true ) )>0 ) {
- $this->getOutput()->showPermissionsErrorPage( $permErrors, 'createaccount' );
- return;
+ } elseif ( wfReadOnly() ) {
+ throw new ReadOnlyError;
}
}
# Prepare language selection links as needed
if( $wgLoginLanguageSelector ) {
$template->set( 'languages', $this->makeLanguageSelector() );
- if( $this->mLanguage )
+ if( $this->mLanguage ) {
$template->set( 'uselang', $this->mLanguage );
+ }
}
-
+
// Use loginend-https for HTTPS requests if it's not blank, loginend otherwise
// Ditto for signupend
$usingHTTPS = WebRequest::detectProtocol() == 'https';
wfRunHooks( 'UserLoginForm', array( &$template ) );
}
- // Changes the title depending on permissions for creating account
$out = $this->getOutput();
- if ( $user->isAllowed( 'createaccount' ) ) {
- $out->setPageTitle( $this->msg( 'userlogin' )->text() );
- } else {
- $out->setPageTitle( $this->msg( 'userloginnocreate' )->text() );
- }
-
$out->disallowUserJs(); // just in case...
$out->addTemplate( $template );
}
* previous pass through the system.
*
* @private
+ * @return bool
*/
function hasSessionCookie() {
global $wgDisableCookieCheck;
/**
* Get the login token from the current session
+ * @return Mixed
*/
public static function getLoginToken() {
global $wgRequest;
*/
public static function setLoginToken() {
global $wgRequest;
- // Use User::generateToken() instead of $user->editToken()
+ // Generate a token directly instead of using $user->editToken()
// because the latter reuses $_SESSION['wsEditToken']
- $wgRequest->setSessionData( 'wsLoginToken', User::generateToken() );
+ $wgRequest->setSessionData( 'wsLoginToken', MWCryptRand::generateHex( 32 ) );
}
/**
/**
* Get the createaccount token from the current session
+ * @return Mixed
*/
public static function getCreateaccountToken() {
global $wgRequest;
*/
public static function setCreateaccountToken() {
global $wgRequest;
- $wgRequest->setSessionData( 'wsCreateaccountToken', User::generateToken() );
+ $wgRequest->setSessionData( 'wsCreateaccountToken', MWCryptRand::generateHex( 32 ) );
}
/**
}
$check = $titleObj->getFullURL( $query );
- return $this->getOutput()->redirect( $check );
+ $this->getOutput()->redirect( $check );
}
/**
function onCookieRedirectCheck( $type ) {
if ( !$this->hasSessionCookie() ) {
if ( $type == 'new' ) {
- return $this->mainLoginForm( $this->msg( 'nocookiesnew' )->parse() );
+ $this->mainLoginForm( $this->msg( 'nocookiesnew' )->parse() );
} elseif ( $type == 'login' ) {
- return $this->mainLoginForm( $this->msg( 'nocookieslogin' )->parse() );
+ $this->mainLoginForm( $this->msg( 'nocookieslogin' )->parse() );
} else {
# shouldn't happen
- return $this->mainLoginForm( $this->msg( 'error' )->text() );
+ $this->mainLoginForm( $this->msg( 'error' )->text() );
}
} else {
- return $this->successfulLogin();
+ $this->successfulLogin();
}
}
}
}
return count( $links ) > 0 ? $this->msg( 'loginlanguagelabel' )->rawParams(
- $this->getLang()->pipeList( $links ) )->escaped() : '';
+ $this->getLanguage()->pipeList( $links ) )->escaped() : '';
} else {
return '';
}
*
* @param $text Link text
* @param $lang Language code
+ * @return string
*/
function makeLanguageSelectorLink( $text, $lang ) {
+ if( $this->getLanguage()->getCode() == $lang ) {
+ // no link for currently used language
+ return htmlspecialchars( $text );
+ }
$attr = array( 'uselang' => $lang );
if( $this->mType == 'signup' ) {
$attr['type'] = 'signup';