dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
SECURITY: Fix reauth in Special:ChangeEmail
[lhc/web/wiklou.git] / includes / specials / SpecialChangeEmail.php
1 <?php
2 /**
3 * Implements Special:ChangeEmail
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 use MediaWiki\Auth\AuthManager;
25 use MediaWiki\Logger\LoggerFactory;
26
27 /**
28 * Let users change their email address.
29 *
30 * @ingroup SpecialPage
31 */
32 class SpecialChangeEmail extends FormSpecialPage {
33 /**
34 * @var Status
35 */
36 private $status;
37
38 public function __construct() {
39 parent::__construct( 'ChangeEmail', 'editmyprivateinfo' );
40 }
41
42 public function doesWrites() {
43 return true;
44 }
45
46 /**
47 * @return bool
48 */
49 public function isListed() {
50 return AuthManager::singleton()->allowsPropertyChange( 'emailaddress' );
51 }
52
53 /**
54 * Main execution point
55 * @param string $par
56 */
57 function execute( $par ) {
58 $out = $this->getOutput();
59 $out->disallowUserJs();
60
61 parent::execute( $par );
62 }
63
64 protected function getLoginSecurityLevel() {
65 return $this->getName();
66 }
67
68 protected function checkExecutePermissions( User $user ) {
69 if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) {
70 throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
71 }
72
73 $this->requireLogin( 'changeemail-no-info' );
74
75 // This could also let someone check the current email address, so
76 // require both permissions.
77 if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
78 throw new PermissionsError( 'viewmyprivateinfo' );
79 }
80
81 parent::checkExecutePermissions( $user );
82 }
83
84 protected function getFormFields() {
85 $user = $this->getUser();
86
87 $fields = [
88 'Name' => [
89 'type' => 'info',
90 'label-message' => 'username',
91 'default' => $user->getName(),
92 ],
93 'OldEmail' => [
94 'type' => 'info',
95 'label-message' => 'changeemail-oldemail',
96 'default' => $user->getEmail() ?: $this->msg( 'changeemail-none' )->text(),
97 ],
98 'NewEmail' => [
99 'type' => 'email',
100 'label-message' => 'changeemail-newemail',
101 'autofocus' => true,
102 'help-message' => 'changeemail-newemail-help',
103 ],
104 ];
105
106 return $fields;
107 }
108
109 protected function getDisplayFormat() {
110 return 'ooui';
111 }
112
113 protected function alterForm( HTMLForm $form ) {
114 $form->setId( 'mw-changeemail-form' );
115 $form->setTableId( 'mw-changeemail-table' );
116 $form->setSubmitTextMsg( 'changeemail-submit' );
117 $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
118
119 $form->addHeaderText( $this->msg( 'changeemail-header' )->parseAsBlock() );
120 }
121
122 public function onSubmit( array $data ) {
123 $status = $this->attemptChange( $this->getUser(), $data['NewEmail'] );
124
125 $this->status = $status;
126
127 return $status;
128 }
129
130 public function onSuccess() {
131 $request = $this->getRequest();
132
133 $returnto = $request->getVal( 'returnto' );
134 $titleObj = $returnto !== null ? Title::newFromText( $returnto ) : null;
135 if ( !$titleObj instanceof Title ) {
136 $titleObj = Title::newMainPage();
137 }
138 $query = $request->getVal( 'returntoquery' );
139
140 if ( $this->status->value === true ) {
141 $this->getOutput()->redirect( $titleObj->getFullUrlForRedirect( $query ) );
142 } elseif ( $this->status->value === 'eauth' ) {
143 # Notify user that a confirmation email has been sent...
144 $this->getOutput()->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>",
145 'eauthentsent', $this->getUser()->getName() );
146 // just show the link to go back
147 $this->getOutput()->addReturnTo( $titleObj, wfCgiToArray( $query ) );
148 }
149 }
150
151 /**
152 * @param User $user
153 * @param string $newaddr
154 * @return Status
155 */
156 private function attemptChange( User $user, $newaddr ) {
157 if ( $newaddr != '' && !Sanitizer::validateEmail( $newaddr ) ) {
158 return Status::newFatal( 'invalidemailaddress' );
159 }
160
161 if ( $newaddr === $user->getEmail() ) {
162 return Status::newFatal( 'changeemail-nochange' );
163 }
164
165 $oldaddr = $user->getEmail();
166 $status = $user->setEmailWithConfirmation( $newaddr );
167 if ( !$status->isGood() ) {
168 return $status;
169 }
170
171 LoggerFactory::getInstance( 'authentication' )->info(
172 'Changing email address for {user} from {oldemail} to {newemail}', [
173 'user' => $user->getName(),
174 'oldemail' => $oldaddr,
175 'newemail' => $newaddr,
176 ]
177 );
178
179 Hooks::run( 'PrefsEmailAudit', [ $user, $oldaddr, $newaddr ] );
180
181 $user->saveSettings();
182
183 return $status;
184 }
185
186 public function requiresUnblock() {
187 return false;
188 }
189
190 protected function getGroupName() {
191 return 'users';
192 }
193 }
Wiklou, le Wiki du Wiklou