dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "StringUtils: Add a utility for checking if a string is a valid regex"
[lhc/web/wiklou.git] / includes / specials / SpecialConfirmEmail.php
1 <?php
2 /**
3 * Implements Special:Confirmemail
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 use MediaWiki\MediaWikiServices;
25
26 /**
27 * Special page allows users to request email confirmation message, and handles
28 * processing of the confirmation code when the link in the email is followed
29 *
30 * @ingroup SpecialPage
31 * @author Brion Vibber
32 * @author Rob Church <robchur@gmail.com>
33 */
34 class SpecialConfirmEmail extends UnlistedSpecialPage {
35 public function __construct() {
36 parent::__construct( 'Confirmemail', 'editmyprivateinfo' );
37 }
38
39 public function doesWrites() {
40 return true;
41 }
42
43 /**
44 * Main execution point
45 *
46 * @param null|string $code Confirmation code passed to the page
47 * @throws PermissionsError
48 * @throws ReadOnlyError
49 * @throws UserNotLoggedIn
50 */
51 function execute( $code ) {
52 // Ignore things like master queries/connections on GET requests.
53 // It's very convenient to just allow formless link usage.
54 $trxProfiler = Profiler::instance()->getTransactionProfiler();
55
56 $this->setHeaders();
57 $this->checkReadOnly();
58 $this->checkPermissions();
59
60 // This could also let someone check the current email address, so
61 // require both permissions.
62 if ( !MediaWikiServices::getInstance()
63 ->getPermissionManager()
64 ->userHasRight( $this->getUser(), 'viewmyprivateinfo' )
65 ) {
66 throw new PermissionsError( 'viewmyprivateinfo' );
67 }
68
69 if ( $code === null || $code === '' ) {
70 $this->requireLogin( 'confirmemail_needlogin' );
71 if ( Sanitizer::validateEmail( $this->getUser()->getEmail() ) ) {
72 $this->showRequestForm();
73 } else {
74 $this->getOutput()->addWikiMsg( 'confirmemail_noemail' );
75 }
76 } else {
77 $old = $trxProfiler->setSilenced( true );
78 $this->attemptConfirm( $code );
79 $trxProfiler->setSilenced( $old );
80 }
81 }
82
83 /**
84 * Show a nice form for the user to request a confirmation mail
85 */
86 function showRequestForm() {
87 $user = $this->getUser();
88 $out = $this->getOutput();
89
90 if ( !$user->isEmailConfirmed() ) {
91 $descriptor = [];
92 if ( $user->isEmailConfirmationPending() ) {
93 $descriptor += [
94 'pending' => [
95 'type' => 'info',
96 'raw' => true,
97 'default' => "<div class=\"error mw-confirmemail-pending\">\n" .
98 $this->msg( 'confirmemail_pending' )->escaped() .
99 "\n</div>",
100 ],
101 ];
102 }
103
104 $out->addWikiMsg( 'confirmemail_text' );
105 $form = HTMLForm::factory( 'ooui', $descriptor, $this->getContext() );
106 $form
107 ->setMethod( 'post' )
108 ->setAction( $this->getPageTitle()->getLocalURL() )
109 ->setSubmitTextMsg( 'confirmemail_send' )
110 ->setSubmitCallback( [ $this, 'submitSend' ] );
111
112 $retval = $form->show();
113
114 if ( $retval === true ) {
115 // should never happen, but if so, don't let the user without any message
116 $out->addWikiMsg( 'confirmemail_sent' );
117 } elseif ( $retval instanceof Status && $retval->isGood() ) {
118 $out->addWikiTextAsInterface( $retval->getValue() );
119 }
120 } else {
121 // date and time are separate parameters to facilitate localisation.
122 // $time is kept for backward compat reasons.
123 // 'emailauthenticated' is also used in SpecialPreferences.php
124 $lang = $this->getLanguage();
125 $emailAuthenticated = $user->getEmailAuthenticationTimestamp();
126 $time = $lang->userTimeAndDate( $emailAuthenticated, $user );
127 $d = $lang->userDate( $emailAuthenticated, $user );
128 $t = $lang->userTime( $emailAuthenticated, $user );
129 $out->addWikiMsg( 'emailauthenticated', $time, $d, $t );
130 }
131 }
132
133 /**
134 * Callback for HTMLForm send confirmation mail.
135 *
136 * @return Status Status object with the result
137 */
138 public function submitSend() {
139 $status = $this->getUser()->sendConfirmationMail();
140 if ( $status->isGood() ) {
141 return Status::newGood( $this->msg( 'confirmemail_sent' )->text() );
142 } else {
143 return Status::newFatal( new RawMessage(
144 $status->getWikiText( 'confirmemail_sendfailed' )
145 ) );
146 }
147 }
148
149 /**
150 * Attempt to confirm the user's email address and show success or failure
151 * as needed; if successful, take the user to log in
152 *
153 * @param string $code Confirmation code
154 */
155 private function attemptConfirm( $code ) {
156 $user = User::newFromConfirmationCode( $code, User::READ_EXCLUSIVE );
157 if ( !is_object( $user ) ) {
158 $this->getOutput()->addWikiMsg( 'confirmemail_invalid' );
159
160 return;
161 }
162
163 // rate limit email confirmations
164 if ( $user->pingLimiter( 'confirmemail' ) ) {
165 $this->getOutput()->addWikiMsg( 'actionthrottledtext' );
166
167 return;
168 }
169
170 $user->confirmEmail();
171 $user->saveSettings();
172 $message = $this->getUser()->isLoggedIn() ? 'confirmemail_loggedin' : 'confirmemail_success';
173 $this->getOutput()->addWikiMsg( $message );
174
175 if ( !$this->getUser()->isLoggedIn() ) {
176 $title = SpecialPage::getTitleFor( 'Userlogin' );
177 $this->getOutput()->returnToMain( true, $title );
178 }
179 }
180 }
Wiklou, le Wiki du Wiklou