includes/specials/pre-authmanager/SpecialUserlogout.php

   1 <?php
   2 /**
   3  * Implements Special:Userlogout
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  * @ingroup SpecialPage
  22  */
  23
  24 /**
  25  * Implements Special:Userlogout
  26  *
  27  * @ingroup SpecialPage
  28  */
  29 class SpecialUserlogoutPreAuthManager extends UnlistedSpecialPage {
  30         function __construct() {
  31                 parent::__construct( 'Userlogout' );
  32         }
  33
  34         public function doesWrites() {
  35                 return true;
  36         }
  37
  38         function execute( $par ) {
  39                 /**
  40                  * Some satellite ISPs use broken precaching schemes that log people out straight after
  41                  * they're logged in (bug 17790). Luckily, there's a way to detect such requests.
  42                  */
  43                 if ( isset( $_SERVER['REQUEST_URI'] ) && strpos( $_SERVER['REQUEST_URI'], '&amp;' ) !== false ) {
  44                         wfDebug( "Special:Userlogout request {$_SERVER['REQUEST_URI']} looks suspicious, denying.\n" );
  45                         throw new HttpError( 400, $this->msg( 'suspicious-userlogout' ), $this->msg( 'loginerror' ) );
  46                 }
  47
  48                 $this->setHeaders();
  49                 $this->outputHeader();
  50
  51                 // Make sure it's possible to log out
  52                 $session = MediaWiki\Session\SessionManager::getGlobalSession();
  53                 if ( !$session->canSetUser() ) {
  54                         throw new ErrorPageError(
  55                                 'cannotlogoutnow-title',
  56                                 'cannotlogoutnow-text',
  57                                 [
  58                                         $session->getProvider()->describe( RequestContext::getMain()->getLanguage() )
  59                                 ]
  60                         );
  61                 }
  62
  63                 $user = $this->getUser();
  64                 $oldName = $user->getName();
  65                 $user->logout();
  66
  67                 $loginURL = SpecialPage::getTitleFor( 'Userlogin' )->getFullURL(
  68                         $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
  69
  70                 $out = $this->getOutput();
  71                 $out->addWikiMsg( 'logouttext', $loginURL );
  72
  73                 // Hook.
  74                 $injected_html = '';
  75                 Hooks::run( 'UserLogoutComplete', [ &$user, &$injected_html, $oldName ] );
  76                 $out->addHTML( $injected_html );
  77
  78                 $out->returnToMain();
  79         }
  80
  81         protected function getGroupName() {
  82                 return 'login';
  83         }
  84 }