dépôts / lhc / web / wiklou.git / blob
? search:


f86a133a1325237364098137cdfdd3a6c658c0c7
[lhc/web/wiklou.git] / includes / specials / SpecialConfirmEmail.php
1 <?php
2 /**
3 * Implements Special:Confirmemail
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 /**
25 * Special page allows users to request email confirmation message, and handles
26 * processing of the confirmation code when the link in the email is followed
27 *
28 * @ingroup SpecialPage
29 * @author Brion Vibber
30 * @author Rob Church <robchur@gmail.com>
31 */
32 class SpecialConfirmEmail extends UnlistedSpecialPage {
33 public function __construct() {
34 parent::__construct( 'Confirmemail', 'editmyprivateinfo' );
35 }
36
37 public function doesWrites() {
38 return true;
39 }
40
41 /**
42 * Main execution point
43 *
44 * @param null|string $code Confirmation code passed to the page
45 * @throws PermissionsError
46 * @throws ReadOnlyError
47 * @throws UserNotLoggedIn
48 */
49 function execute( $code ) {
50 // Ignore things like master queries/connections on GET requests.
51 // It's very convenient to just allow formless link usage.
52 $trxProfiler = Profiler::instance()->getTransactionProfiler();
53
54 $this->setHeaders();
55 $this->checkReadOnly();
56 $this->checkPermissions();
57
58 // This could also let someone check the current email address, so
59 // require both permissions.
60 if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
61 throw new PermissionsError( 'viewmyprivateinfo' );
62 }
63
64 if ( $code === null || $code === '' ) {
65 $this->requireLogin( 'confirmemail_needlogin' );
66 if ( Sanitizer::validateEmail( $this->getUser()->getEmail() ) ) {
67 $this->showRequestForm();
68 } else {
69 $this->getOutput()->addWikiMsg( 'confirmemail_noemail' );
70 }
71 } else {
72 $old = $trxProfiler->setSilenced( true );
73 $this->attemptConfirm( $code );
74 $trxProfiler->setSilenced( $old );
75 }
76 }
77
78 /**
79 * Show a nice form for the user to request a confirmation mail
80 */
81 function showRequestForm() {
82 $user = $this->getUser();
83 $out = $this->getOutput();
84
85 if ( !$user->isEmailConfirmed() ) {
86 $descriptor = [];
87 if ( $user->isEmailConfirmationPending() ) {
88 $descriptor += [
89 'pending' => [
90 'type' => 'info',
91 'raw' => true,
92 'default' => "<div class=\"error mw-confirmemail-pending\">\n" .
93 $this->msg( 'confirmemail_pending' )->escaped() .
94 "\n</div>",
95 ],
96 ];
97 }
98
99 $out->addWikiMsg( 'confirmemail_text' );
100 $form = HTMLForm::factory( 'ooui', $descriptor, $this->getContext() );
101 $form
102 ->setMethod( 'post' )
103 ->setAction( $this->getPageTitle()->getLocalURL() )
104 ->setSubmitTextMsg( 'confirmemail_send' )
105 ->setSubmitCallback( [ $this, 'submitSend' ] );
106
107 $retval = $form->show();
108
109 if ( $retval === true ) {
110 // should never happen, but if so, don't let the user without any message
111 $out->addWikiMsg( 'confirmemail_sent' );
112 } elseif ( $retval instanceof Status && $retval->isGood() ) {
113 $out->addWikiTextAsInterface( $retval->getValue() );
114 }
115 } else {
116 // date and time are separate parameters to facilitate localisation.
117 // $time is kept for backward compat reasons.
118 // 'emailauthenticated' is also used in SpecialPreferences.php
119 $lang = $this->getLanguage();
120 $emailAuthenticated = $user->getEmailAuthenticationTimestamp();
121 $time = $lang->userTimeAndDate( $emailAuthenticated, $user );
122 $d = $lang->userDate( $emailAuthenticated, $user );
123 $t = $lang->userTime( $emailAuthenticated, $user );
124 $out->addWikiMsg( 'emailauthenticated', $time, $d, $t );
125 }
126 }
127
128 /**
129 * Callback for HTMLForm send confirmation mail.
130 *
131 * @return Status Status object with the result
132 */
133 public function submitSend() {
134 $status = $this->getUser()->sendConfirmationMail();
135 if ( $status->isGood() ) {
136 return Status::newGood( $this->msg( 'confirmemail_sent' )->text() );
137 } else {
138 return Status::newFatal( new RawMessage(
139 $status->getWikiText( 'confirmemail_sendfailed' )
140 ) );
141 }
142 }
143
144 /**
145 * Attempt to confirm the user's email address and show success or failure
146 * as needed; if successful, take the user to log in
147 *
148 * @param string $code Confirmation code
149 */
150 private function attemptConfirm( $code ) {
151 $user = User::newFromConfirmationCode( $code, User::READ_EXCLUSIVE );
152 if ( !is_object( $user ) ) {
153 $this->getOutput()->addWikiMsg( 'confirmemail_invalid' );
154
155 return;
156 }
157
158 // rate limit email confirmations
159 if ( $user->pingLimiter( 'confirmemail' ) ) {
160 $this->getOutput()->addWikiMsg( 'actionthrottledtext' );
161
162 return;
163 }
164
165 $user->confirmEmail();
166 $user->saveSettings();
167 $message = $this->getUser()->isLoggedIn() ? 'confirmemail_loggedin' : 'confirmemail_success';
168 $this->getOutput()->addWikiMsg( $message );
169
170 if ( !$this->getUser()->isLoggedIn() ) {
171 $title = SpecialPage::getTitleFor( 'Userlogin' );
172 $this->getOutput()->returnToMain( true, $title );
173 }
174 }
175 }
Wiklou, le Wiki du Wiklou