dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Add window close warning to Special:Upload"
[lhc/web/wiklou.git] / includes / specials / SpecialChangeEmail.php
1 <?php
2 /**
3 * Implements Special:ChangeEmail
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 /**
25 * Let users change their email address.
26 *
27 * @ingroup SpecialPage
28 */
29 class SpecialChangeEmail extends FormSpecialPage {
30 /**
31 * @var Status
32 */
33 private $status;
34
35 public function __construct() {
36 parent::__construct( 'ChangeEmail', 'editmyprivateinfo' );
37 }
38
39 /**
40 * @return bool
41 */
42 function isListed() {
43 global $wgAuth;
44
45 return $wgAuth->allowPropChange( 'emailaddress' );
46 }
47
48 /**
49 * Main execution point
50 * @param string $par
51 */
52 function execute( $par ) {
53 $out = $this->getOutput();
54 $out->disallowUserJs();
55 $out->addModules( 'mediawiki.special.changeemail' );
56
57 return parent::execute( $par );
58 }
59
60 protected function checkExecutePermissions( User $user ) {
61 global $wgAuth;
62
63 if ( !$wgAuth->allowPropChange( 'emailaddress' ) ) {
64 throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
65 }
66
67 $this->requireLogin( 'changeemail-no-info' );
68
69 // This could also let someone check the current email address, so
70 // require both permissions.
71 if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
72 throw new PermissionsError( 'viewmyprivateinfo' );
73 }
74
75 parent::checkExecutePermissions( $user );
76 }
77
78 protected function getFormFields() {
79 $user = $this->getUser();
80
81 $fields = array(
82 'Name' => array(
83 'type' => 'info',
84 'label-message' => 'username',
85 'default' => $user->getName(),
86 ),
87 'OldEmail' => array(
88 'type' => 'info',
89 'label-message' => 'changeemail-oldemail',
90 'default' => $user->getEmail() ?: $this->msg( 'changeemail-none' )->text(),
91 ),
92 'NewEmail' => array(
93 'type' => 'email',
94 'label-message' => 'changeemail-newemail',
95 ),
96 );
97
98 if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' ) ) {
99 $fields['Password'] = array(
100 'type' => 'password',
101 'label-message' => 'changeemail-password',
102 'autofocus' => true,
103 );
104 }
105
106 return $fields;
107 }
108
109 protected function alterForm( HTMLForm $form ) {
110 $form->setDisplayFormat( 'vform' );
111 $form->setId( 'mw-changeemail-form' );
112 $form->setTableId( 'mw-changeemail-table' );
113 $form->setWrapperLegend( false );
114 $form->setSubmitTextMsg( 'changeemail-submit' );
115 $form->addHiddenField( 'returnto', $this->getRequest()->getVal( 'returnto' ) );
116 }
117
118 public function onSubmit( array $data ) {
119 $password = isset( $data['Password'] ) ? $data['Password'] : null;
120 $status = $this->attemptChange( $this->getUser(), $password, $data['NewEmail'] );
121
122 $this->status = $status;
123
124 return $status;
125 }
126
127 public function onSuccess() {
128 $titleObj = Title::newFromText( $this->getRequest()->getVal( 'returnto' ) );
129 if ( !$titleObj instanceof Title ) {
130 $titleObj = Title::newMainPage();
131 }
132
133 if ( $this->status->value === true ) {
134 $this->getOutput()->redirect( $titleObj->getFullURL() );
135 } elseif ( $this->status->value === 'eauth' ) {
136 # Notify user that a confirmation email has been sent...
137 $this->getOutput()->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>",
138 'eauthentsent', $this->getUser()->getName() );
139 $this->getOutput()->addReturnTo( $titleObj ); // just show the link to go back
140 }
141 }
142
143 /**
144 * @param User $user
145 * @param string $pass
146 * @param string $newaddr
147 * @return Status
148 */
149 protected function attemptChange( User $user, $pass, $newaddr ) {
150 global $wgAuth;
151
152 if ( $newaddr != '' && !Sanitizer::validateEmail( $newaddr ) ) {
153 return Status::newFatal( 'invalidemailaddress' );
154 }
155
156 $throttleCount = LoginForm::incLoginThrottle( $user->getName() );
157 if ( $throttleCount === true ) {
158 $lang = $this->getLanguage();
159 $throttleInfo = $this->getConfig()->get( 'PasswordAttemptThrottle' );
160 return Status::newFatal(
161 'changeemail-throttled',
162 $lang->formatDuration( $throttleInfo['seconds'] )
163 );
164 }
165
166 if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' )
167 && !$user->checkTemporaryPassword( $pass )
168 && !$user->checkPassword( $pass )
169 ) {
170 return Status::newFatal( 'wrongpassword' );
171 }
172
173 if ( $throttleCount ) {
174 LoginForm::clearLoginThrottle( $user->getName() );
175 }
176
177 $oldaddr = $user->getEmail();
178 $status = $user->setEmailWithConfirmation( $newaddr );
179 if ( !$status->isGood() ) {
180 return $status;
181 }
182
183 wfRunHooks( 'PrefsEmailAudit', array( $user, $oldaddr, $newaddr ) );
184
185 $user->saveSettings();
186
187 $wgAuth->updateExternalDB( $user );
188
189 return $status;
190 }
191
192 public function requiresUnblock() {
193 return false;
194 }
195
196 protected function getGroupName() {
197 return 'users';
198 }
199 }
Wiklou, le Wiki du Wiklou