dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Declare dynamic properties"
[lhc/web/wiklou.git] / includes / specials / SpecialCreateAccount.php
1 <?php
2 /**
3 * Implements Special:CreateAccount
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 use MediaWiki\Auth\AuthManager;
25 use MediaWiki\Logger\LoggerFactory;
26 use MediaWiki\MediaWikiServices;
27
28 /**
29 * Implements Special:CreateAccount
30 *
31 * @ingroup SpecialPage
32 */
33 class SpecialCreateAccount extends LoginSignupSpecialPage {
34 protected static $allowedActions = [
35 AuthManager::ACTION_CREATE,
36 AuthManager::ACTION_CREATE_CONTINUE
37 ];
38
39 protected static $messages = [
40 'authform-newtoken' => 'nocookiesfornew',
41 'authform-notoken' => 'sessionfailure',
42 'authform-wrongtoken' => 'sessionfailure',
43 ];
44
45 public function __construct() {
46 parent::__construct( 'CreateAccount' );
47 }
48
49 public function doesWrites() {
50 return true;
51 }
52
53 public function isRestricted() {
54 return !MediaWikiServices::getInstance()
55 ->getPermissionManager()
56 ->groupHasPermission( '*', 'createaccount' );
57 }
58
59 public function userCanExecute( User $user ) {
60 return MediaWikiServices::getInstance()
61 ->getPermissionManager()
62 ->userHasRight( $user, 'createaccount' );
63 }
64
65 public function checkPermissions() {
66 parent::checkPermissions();
67
68 $user = $this->getUser();
69 $status = AuthManager::singleton()->checkAccountCreatePermissions( $user );
70 if ( !$status->isGood() ) {
71 // Track block with a cookie if it doesn't exist already
72 if ( $user->isBlockedFromCreateAccount() ) {
73 MediaWikiServices::getInstance()->getBlockManager()->trackBlockWithCookie( $user );
74 }
75 throw new ErrorPageError( 'createacct-error', $status->getMessage() );
76 }
77 }
78
79 protected function getLoginSecurityLevel() {
80 return false;
81 }
82
83 protected function getDefaultAction( $subPage ) {
84 return AuthManager::ACTION_CREATE;
85 }
86
87 public function getDescription() {
88 return $this->msg( 'createaccount' )->text();
89 }
90
91 protected function isSignup() {
92 return true;
93 }
94
95 /**
96 * Run any hooks registered for logins, then display a message welcoming
97 * the user.
98 * @param bool $direct True if the action was successful just now; false if that happened
99 * pre-redirection (so this handler was called already)
100 * @param StatusValue|null $extraMessages
101 */
102 protected function successfulAction( $direct = false, $extraMessages = null ) {
103 $session = $this->getRequest()->getSession();
104 $user = $this->targetUser ?: $this->getUser();
105
106 if ( $direct ) {
107 # Only save preferences if the user is not creating an account for someone else.
108 if ( !$this->proxyAccountCreation ) {
109 Hooks::run( 'AddNewAccount', [ $user, false ] );
110
111 // If the user does not have a session cookie at this point, they probably need to
112 // do something to their browser.
113 if ( !$this->hasSessionCookie() ) {
114 $this->mainLoginForm( [ /*?*/ ], $session->getProvider()->whyNoSession() );
115 // TODO something more specific? This used to use nocookiesnew
116 // FIXME should redirect to login page instead?
117 return;
118 }
119 } else {
120 $byEmail = false; // FIXME no way to set this
121
122 Hooks::run( 'AddNewAccount', [ $user, $byEmail ] );
123
124 $out = $this->getOutput();
125 $out->setPageTitle( $this->msg( $byEmail ? 'accmailtitle' : 'accountcreated' ) );
126 if ( $byEmail ) {
127 $out->addWikiMsg( 'accmailtext', $user->getName(), $user->getEmail() );
128 } else {
129 $out->addWikiMsg( 'accountcreatedtext', $user->getName() );
130 }
131
132 $rt = Title::newFromText( $this->mReturnTo );
133 $out->addReturnTo(
134 ( $rt && !$rt->isExternal() ) ? $rt : $this->getPageTitle(),
135 wfCgiToArray( $this->mReturnToQuery )
136 );
137 return;
138 }
139 }
140
141 $this->clearToken();
142
143 # Run any hooks; display injected HTML
144 $injected_html = '';
145 $welcome_creation_msg = 'welcomecreation-msg';
146 Hooks::run( 'UserLoginComplete', [ &$user, &$injected_html, $direct ] );
147
148 /**
149 * Let any extensions change what message is shown.
150 * @see https://www.mediawiki.org/wiki/Manual:Hooks/BeforeWelcomeCreation
151 * @since 1.18
152 */
153 Hooks::run( 'BeforeWelcomeCreation', [ &$welcome_creation_msg, &$injected_html ] );
154
155 $this->showSuccessPage( 'signup', $this->msg( 'welcomeuser', $this->getUser()->getName() ),
156 $welcome_creation_msg, $injected_html, $extraMessages );
157 }
158
159 protected function getToken() {
160 return $this->getRequest()->getSession()->getToken( '', 'createaccount' );
161 }
162
163 protected function clearToken() {
164 return $this->getRequest()->getSession()->resetToken( 'createaccount' );
165 }
166
167 protected function getTokenName() {
168 return 'wpCreateaccountToken';
169 }
170
171 protected function getGroupName() {
172 return 'login';
173 }
174
175 protected function logAuthResult( $success, $status = null ) {
176 LoggerFactory::getInstance( 'authevents' )->info( 'Account creation attempt', [
177 'event' => 'accountcreation',
178 'successful' => $success,
179 'status' => $status,
180 ] );
181 }
182 }
Wiklou, le Wiki du Wiklou