dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Changing comments layout preparing for generated documentation with Phpdocumentor
[lhc/web/wiklou.git] / includes / SpecialUserlogin.php
1 <?php
2 /**
3 *
4 */
5
6 /**
7 *
8 */
9 require_once('UserMailer.php');
10
11 /**
12 * consutrctor
13 */
14 function wfSpecialUserlogin() {
15 global $wgCommandLineMode;
16 global $wgRequest;
17 if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {
18 User::SetupSession();
19 }
20
21 $form = new LoginForm( $wgRequest );
22 $form->execute();
23 }
24
25 /**
26 *
27 */
28 class LoginForm {
29 var $mName, $mPassword, $mRetype, $mReturnto, $mCookieCheck, $mPosted;
30 var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
31 var $mLoginattempt, $mRemember, $mEmail;
32
33 function LoginForm( &$request ) {
34 global $wgLang, $wgAllowRealName;
35
36 $this->mName = $request->getText( 'wpName' );
37 $this->mPassword = $request->getText( 'wpPassword' );
38 $this->mRetype = $request->getText( 'wpRetype' );
39 $this->mReturnto = $request->getVal( 'returnto' );
40 $this->mCookieCheck = $request->getVal( "wpCookieCheck" );
41 $this->mPosted = $request->wasPosted();
42 $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' );
43 $this->mCreateaccountMail = $request->getCheck( 'wpCreateaccountMail' );
44 $this->mMailmypassword = $request->getCheck( 'wpMailmypassword' );
45 $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
46 $this->mAction = $request->getVal( 'action' );
47 $this->mRemember = $request->getCheck( 'wpRemember' );
48 $this->mEmail = $request->getText( 'wpEmail' );
49 if ($wgAllowRealName) {
50 $this->mRealName = $request->getText( 'wpRealName' );
51 } else {
52 $this->mRealName = '';
53 }
54
55 # When switching accounts, it sucks to get automatically logged out
56 if( $this->mReturnto == $wgLang->specialPage( "Userlogout" ) ) {
57 $this->mReturnto = "";
58 }
59 }
60
61 function execute() {
62 if ( !is_null( $this->mCookieCheck ) ) {
63 $this->onCookieRedirectCheck( $this->mCookieCheck );
64 return;
65 } else if( $this->mPosted ) {
66 if( $this->mCreateaccount ) {
67 return $this->addNewAccount();
68 } else if ( $this->mCreateaccountMail ) {
69 return $this->addNewAccountMailPassword();
70 } else if ( $this->mMailmypassword ) {
71 return $this->mailPassword();
72 } else if ( ( "submit" == $this->mAction ) || $this->mLoginattempt ) {
73 return $this->processLogin();
74 }
75 }
76 $this->mainLoginForm( "" );
77 }
78
79 /**
80 * @access private
81 */
82 function addNewAccountMailPassword() {
83 global $wgOut;
84
85 if ("" == $this->mEmail) {
86 $this->mainLoginForm( wfMsg( "noemail", $this->mName ) );
87 return;
88 }
89
90 $u = $this->addNewaccountInternal();
91
92 if ($u == NULL) {
93 return;
94 }
95
96 $u->saveSettings();
97 $error = $this->mailPasswordInternal($u);
98
99 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
100 $wgOut->setRobotpolicy( "noindex,nofollow" );
101 $wgOut->setArticleRelated( false );
102
103 if ( $error === "" ) {
104 $wgOut->addWikiText( wfMsg( "accmailtext", $u->getName(), $u->getEmail() ) );
105 $wgOut->returnToMain( false );
106 } else {
107 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
108 }
109
110 $u = 0;
111 }
112
113
114 /**
115 * @access private
116 */
117 function addNewAccount() {
118 global $wgUser, $wgOut;
119 global $wgDeferredUpdateList;
120
121 $u = $this->addNewAccountInternal();
122
123 if ($u == NULL) {
124 return;
125 }
126
127 $wgUser = $u;
128 $wgUser->setCookies();
129
130 $up = new UserUpdate();
131 array_push( $wgDeferredUpdateList, $up );
132
133 if( $this->hasSessionCookie() ) {
134 return $this->successfulLogin( wfMsg( "welcomecreation", $wgUser->getName() ) );
135 } else {
136 return $this->cookieRedirectCheck( "new" );
137 }
138 }
139
140
141 /**
142 * @access private
143 */
144 function addNewAccountInternal() {
145 global $wgUser, $wgOut;
146 global $wgMaxNameChars;
147 global $wgMemc, $wgAccountCreationThrottle, $wgDBname, $wgIP;
148
149 if (!$wgUser->isAllowedToCreateAccount()) {
150 $this->userNotPrivilegedMessage();
151 return;
152 }
153
154 if ( 0 != strcmp( $this->mPassword, $this->mRetype ) ) {
155 $this->mainLoginForm( wfMsg( "badretype" ) );
156 return;
157 }
158
159 $name = trim( $this->mName );
160 $u = User::newFromName( $name );
161 if ( ( "" == $name ) ||
162 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $name ) ||
163 (strpos( $name, "/" ) !== false) ||
164 (strlen( $name ) > $wgMaxNameChars) ||
165 ucFirst($name) != $u->getName() )
166 {
167 $this->mainLoginForm( wfMsg( "noname" ) );
168 return;
169 }
170 if ( wfReadOnly() ) {
171 $wgOut->readOnlyPage();
172 return;
173 }
174
175 if ( 0 != $u->idForName() ) {
176 $this->mainLoginForm( wfMsg( "userexists" ) );
177 return;
178 }
179
180 if ( $wgAccountCreationThrottle ) {
181 $key = "$wgDBname:acctcreate:ip:$wgIP";
182 $value = $wgMemc->incr( $key );
183 if ( !$value ) {
184 $wgMemc->set( $key, 1, 86400 );
185 }
186 if ( $value > $wgAccountCreationThrottle ) {
187 $this->throttleHit( $wgAccountCreationThrottle );
188 return;
189 }
190 }
191
192 $u->addToDatabase();
193 $u->setPassword( $this->mPassword );
194 $u->setEmail( $this->mEmail );
195 $u->setRealName( $this->mRealName );
196
197 if ( $this->mRemember ) { $r = 1; }
198 else { $r = 0; }
199 $u->setOption( "rememberpassword", $r );
200
201 return $u;
202 }
203
204 /**
205 * @access private
206 */
207 function processLogin() {
208 global $wgUser;
209 global $wgDeferredUpdateList;
210
211 if ( "" == $this->mName ) {
212 $this->mainLoginForm( wfMsg( "noname" ) );
213 return;
214 }
215 $u = User::newFromName( $this->mName );
216 $id = $u->idForName();
217 if ( 0 == $id ) {
218 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
219 return;
220 }
221 $u->setId( $id );
222 $u->loadFromDatabase();
223 if (!$u->checkPassword( $this->mPassword )) {
224 $this->mainLoginForm( wfMsg( "wrongpassword" ) );
225 return;
226 }
227
228 # We've verified now, update the real record
229 #
230 if ( $this->mRemember ) {
231 $r = 1;
232 $u->setCookiePassword( $this->mPassword );
233 } else {
234 $r = 0;
235 }
236 $u->setOption( "rememberpassword", $r );
237
238 $wgUser = $u;
239 $wgUser->setCookies();
240
241 $up = new UserUpdate();
242 array_push( $wgDeferredUpdateList, $up );
243
244 if( $this->hasSessionCookie() ) {
245 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
246 } else {
247 return $this->cookieRedirectCheck( "login" );
248 }
249 }
250
251 /**
252 * @access private
253 */
254 function mailPassword() {
255 global $wgUser, $wgDeferredUpdateList, $wgOutputEncoding;
256 global $wgCookiePath, $wgCookieDomain, $wgDBname;
257
258 if ( "" == $this->mName ) {
259 $this->mainLoginForm( wfMsg( "noname" ) );
260 return;
261 }
262 $u = User::newFromName( $this->mName );
263 $id = $u->idForName();
264 if ( 0 == $id ) {
265 $this->mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
266 return;
267 }
268 $u->setId( $id );
269 $u->loadFromDatabase();
270
271 $error = $this->mailPasswordInternal( $u );
272 if ($error === "") {
273 $this->mainLoginForm( wfMsg( "passwordsent", $u->getName() ) );
274 } else {
275 $this->mainLoginForm( wfMsg( "mailerror", $error ) );
276 }
277
278 }
279
280
281 /**
282 * @access private
283 */
284 function mailPasswordInternal( $u ) {
285 global $wgDeferredUpdateList, $wgOutputEncoding;
286 global $wgPasswordSender, $wgDBname, $wgIP;
287 global $wgCookiePath, $wgCookieDomain;
288
289 if ( "" == $u->getEmail() ) {
290 $this->mainLoginForm( wfMsg( "noemail", $u->getName() ) );
291 return;
292 }
293 $np = User::randomPassword();
294 $u->setNewpassword( $np );
295
296 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
297 $u->saveSettings();
298
299 $ip = $wgIP;
300 if ( "" == $ip ) { $ip = "(Unknown)"; }
301
302 $m = wfMsg( "passwordremindertext", $ip, $u->getName(), $np );
303
304 $error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( "passwordremindertitle" ), $m );
305
306 return $error;
307 }
308
309
310 /**
311 * @access private
312 */
313 function successfulLogin( $msg ) {
314 global $wgUser;
315 global $wgDeferredUpdateList;
316 global $wgOut;
317
318 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
319 $wgOut->setRobotpolicy( "noindex,nofollow" );
320 $wgOut->setArticleRelated( false );
321 $wgOut->addWikiText( $msg );
322 $wgOut->returnToMain();
323 }
324
325 function userNotPrivilegedMessage() {
326 global $wgOut, $wgUser, $wgLang;
327
328 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
329 $wgOut->setRobotpolicy( "noindex,nofollow" );
330 $wgOut->setArticleRelated( false );
331
332 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
333
334 $wgOut->returnToMain( false );
335 }
336
337 /**
338 * @access private
339 */
340 function mainLoginForm( $err ) {
341 global $wgUser, $wgOut, $wgLang;
342 global $wgDBname, $wgAllowRealName;
343
344 $le = wfMsg( "loginerror" );
345 $yn = wfMsg( "yourname" );
346 $yp = wfMsg( "yourpassword" );
347 $ypa = wfMsg( "yourpasswordagain" );
348 $rmp = wfMsg( "remembermypassword" );
349 $nuo = wfMsg( "newusersonly" );
350 $li = wfMsg( "login" );
351 $ca = wfMsg( "createaccount" );
352 $cam = wfMsg( "createaccountmail" );
353 $ye = wfMsg( "youremail" );
354 if ($wgAllowRealName) {
355 $yrn = wfMsg( "yourrealname" );
356 } else {
357 $yrn = '';
358 }
359 $efl = wfMsg( "emailforlost" );
360 $mmp = wfMsg( "mailmypassword" );
361 $endText = wfMsg( "loginend" );
362
363 if ( $endText = "&lt;loginend&gt;" ) {
364 $endText = "";
365 }
366
367 if ( "" == $this->mName ) {
368 if ( 0 != $wgUser->getID() ) {
369 $this->mName = $wgUser->getName();
370 } else {
371 $this->mName = @$_COOKIE["{$wgDBname}UserName"];
372 }
373 }
374
375 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
376 $wgOut->setRobotpolicy( "noindex,nofollow" );
377 $wgOut->setArticleRelated( false );
378
379 if ( "" == $err ) {
380 $lp = wfMsg( "loginprompt" );
381 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
382 } else {
383 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
384 color='red'>$err</font>\n" );
385 }
386 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
387 $checked = " checked";
388 } else {
389 $checked = "";
390 }
391
392 $q = "action=submit";
393 if ( !empty( $this->mReturnto ) ) {
394 $q .= "&returnto=" . wfUrlencode( $this->mReturnto );
395 }
396
397 $titleObj = Title::makeTitle( NS_SPECIAL, "Userlogin" );
398 $action = $titleObj->escapeLocalUrl( $q );
399
400 $encName = htmlspecialchars( $this->mName );
401 $encPassword = htmlspecialchars( $this->mPassword );
402 $encRetype = htmlspecialchars( $this->mRetype );
403 $encEmail = htmlspecialchars( $this->mEmail );
404 $encRealName = htmlspecialchars( $this->mRealName );
405
406 if ($wgUser->getID() != 0) {
407 $cambutton = "<input tabindex='6' type='submit' name=\"wpCreateaccountMail\" value=\"{$cam}\" />";
408 } else {
409 $cambutton = "";
410 }
411
412 $wgOut->addHTML( "
413 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
414 <table border='0'><tr>
415 <td align='right'>$yn:</td>
416 <td align='left'>
417 <input tabindex='1' type='text' name=\"wpName\" value=\"{$encName}\" size='20' />
418 </td>
419 <td align='left'>
420 <input tabindex='3' type='submit' name=\"wpLoginattempt\" value=\"{$li}\" />
421 </td>
422 </tr>
423 <tr>
424 <td align='right'>$yp:</td>
425 <td align='left'>
426 <input tabindex='2' type='password' name=\"wpPassword\" value=\"{$encPassword}\" size='20' />
427 </td>
428 <td align='left'>
429 <input tabindex='7' type='checkbox' name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked /><label for=\"wpRemember\">$rmp</label>
430 </td>
431 </tr>");
432
433 if ($wgUser->isAllowedToCreateAccount()) {
434 $encRetype = htmlspecialchars( $this->mRetype );
435 $encEmail = htmlspecialchars( $this->mEmail );
436 $wgOut->addHTML("<tr><td colspan='3'>&nbsp;</td></tr><tr>
437 <td align='right'>$ypa:</td>
438 <td align='left'>
439 <input tabindex='4' type='password' name=\"wpRetype\" value=\"{$encRetype}\"
440 size='20' />
441 </td><td>$nuo</td></tr>
442 <tr>
443 <td align='right'>$ye:</td>
444 <td align='left'>
445 <input tabindex='6' type='text' name=\"wpEmail\" value=\"{$encEmail}\" size='20' />
446 </td>");
447
448 if ($wgAllowRealName) {
449 $wgOut->addHTML("<td>&nbsp;</td>
450 </tr><tr>
451 <td align='right'>$yrn:</td>
452 <td align='left'>
453 <input tabindex='6' type='text' name=\"wpRealName\" value=\"{$encRealName}\" size='20' />
454 </td>");
455 }
456
457 $wgOut->addHTML("<td align='left'>
458 <input tabindex='7' type='submit' name=\"wpCreateaccount\" value=\"{$ca}\" />
459 $cambutton
460 </td></tr>");
461 }
462
463 $wgOut->addHTML("
464 <tr><td colspan='3'>&nbsp;</td></tr><tr>
465 <td colspan='3' align='left'>
466 <p>$efl<br />
467 <input tabindex='8' type='submit' name=\"wpMailmypassword\" value=\"{$mmp}\" /></p>
468 </td></tr></table>
469 </form>\n" );
470 $wgOut->addHTML( $endText );
471 }
472
473 /**
474 * @access private
475 */
476 function hasSessionCookie() {
477 global $wgDisableCookieCheck;
478 return ( $wgDisableCookieCheck ) ? true : ( "" != $_COOKIE[session_name()] );
479 }
480
481 /**
482 * @access private
483 */
484 function cookieRedirectCheck( $type ) {
485 global $wgOut, $wgLang;
486
487 $titleObj = Title::makeTitle( NS_SPECIAL, "Userlogin" );
488 $check = $titleObj->getFullURL( "wpCookieCheck=$type" );
489
490 return $wgOut->redirect( $check );
491 }
492
493 /**
494 * @access private
495 */
496 function onCookieRedirectCheck( $type ) {
497 global $wgUser;
498
499 if ( !$this->hasSessionCookie() ) {
500 if ( $type == "new" ) {
501 return $this->mainLoginForm( wfMsg( "nocookiesnew" ) );
502 } else if ( $type == "login" ) {
503 return $this->mainLoginForm( wfMsg( "nocookieslogin" ) );
504 } else {
505 # shouldn't happen
506 return $this->mainLoginForm( wfMsg( "error" ) );
507 }
508 } else {
509 return $this->successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
510 }
511 }
512
513 /**
514 * @access private
515 */
516 function throttleHit( $limit ) {
517 global $wgOut;
518
519 $wgOut->addWikiText( wfMsg( 'acct_creation_throttle_hit', $limit ) );
520 }
521 }
522 ?>
Wiklou, le Wiki du Wiklou