dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Added the ability to do an authenticated SMTP login to send mail.
[lhc/web/wiklou.git] / includes / SpecialUserlogin.php
1 <?php
2
3 require_once('UserMailer.php');
4
5 function wfSpecialUserlogin()
6 {
7 global $wpCreateaccount, $wpCreateaccountMail;
8 global $wpLoginattempt, $wpMailmypassword;
9 global $action, $_REQUEST, $wgCommandLineMode;
10 if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {
11 User::SetupSession();
12 }
13
14 $fields = array( "wpName", "wpPassword", "wpName",
15 "wpPassword", "wpRetype", "wpEmail" );
16 wfCleanFormFields( $fields );
17
18 # When switching accounts, it sucks to get automatically logged out
19 global $returnto, $wgLang;
20 if( $returnto == $wgLang->specialPage( "Userlogout" ) ) $returnto = "";
21
22 $wpCookieCheck = $_REQUEST[ "wpCookieCheck" ];
23
24 if ( isset( $wpCookieCheck ) ) {
25 onCookieRedirectCheck( $wpCookieCheck );
26 } else if ( isset( $wpCreateaccount ) ) {
27 addNewAccount();
28 } else if ( isset( $wpCreateaccountMail ) ) {
29 addNewAccountMailPassword();
30 } else if ( isset( $wpMailmypassword ) ) {
31 mailPassword();
32 } else if ( "submit" == $action || isset( $wpLoginattempt ) ) {
33 processLogin();
34 } else {
35 mainLoginForm( "" );
36 }
37 }
38
39
40 /* private */ function addNewAccountMailPassword()
41 {
42 global $wgOut, $wpEmail, $wpName;
43
44 if ("" == $wpEmail) {
45 mainLoginForm( wfMsg( "noemail", $wpName ) );
46 return;
47 }
48
49 $u = addNewaccountInternal();
50
51 if ($u == NULL) {
52 return;
53 }
54
55 $u->saveSettings();
56 if (mailPasswordInternal($u) == NULL) {
57 return;
58 }
59
60 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
61 $wgOut->setRobotpolicy( "noindex,nofollow" );
62 $wgOut->setArticleRelated( false );
63
64 $wgOut->addWikiText( wfMsg( "accmailtext", $u->getName(), $u->getEmail() ) );
65 $wgOut->returnToMain( false );
66
67 $u = 0;
68 }
69
70
71 /* private */ function addNewAccount()
72 {
73 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
74 global $wpEmail, $wgDeferredUpdateList;
75
76 $u = addNewAccountInternal();
77
78 if ($u == NULL) {
79 return;
80 }
81
82 $wgUser = $u;
83 $wgUser->setCookies();
84
85 $up = new UserUpdate();
86 array_push( $wgDeferredUpdateList, $up );
87
88 if( hasSessionCookie() ) {
89 return successfulLogin( wfMsg( "welcomecreation", $wgUser->getName() ) );
90 } else {
91 return cookieRedirectCheck( "new" );
92 }
93 }
94
95
96 /* private */ function addNewAccountInternal()
97 {
98 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
99 global $wpEmail, $wgMaxNameChars;
100
101 if (!$wgUser->isAllowedToCreateAccount()) {
102 userNotPrivilegedMessage();
103 return;
104 }
105
106 if ( 0 != strcmp( $wpPassword, $wpRetype ) ) {
107 mainLoginForm( wfMsg( "badretype" ) );
108 return;
109 }
110 $wpName = trim( $wpName );
111 if ( ( "" == $wpName ) ||
112 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $wpName ) ||
113 (strpos( $wpName, "/" ) !== false) ||
114 (strlen( $wpName ) > $wgMaxNameChars) )
115 {
116 mainLoginForm( wfMsg( "noname" ) );
117 return;
118 }
119 if ( wfReadOnly() ) {
120 $wgOut->readOnlyPage();
121 return;
122 }
123 $u = User::newFromName( $wpName );
124
125 if ( 0 != $u->idForName() ) {
126 mainLoginForm( wfMsg( "userexists" ) );
127 return;
128 }
129 $u->addToDatabase();
130 $u->setPassword( $wpPassword );
131 $u->setEmail( $wpEmail );
132 if ( 1 == $wpRemember ) { $r = 1; }
133 else { $r = 0; }
134 $u->setOption( "rememberpassword", $r );
135
136 return $u;
137 }
138
139
140
141
142 /* private */ function processLogin()
143 {
144 global $wgUser, $wpName, $wpPassword, $wpRemember;
145 global $wgDeferredUpdateList;
146 global $returnto;
147
148 if ( "" == $wpName ) {
149 mainLoginForm( wfMsg( "noname" ) );
150 return;
151 }
152 $u = User::newFromName( $wpName );
153 $id = $u->idForName();
154 if ( 0 == $id ) {
155 mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
156 return;
157 }
158 $u->setId( $id );
159 $u->loadFromDatabase();
160 $ep = $u->encryptPassword( $wpPassword );
161 if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
162 if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
163 mainLoginForm( wfMsg( "wrongpassword" ) );
164 return;
165 }
166 }
167
168 # We've verified now, update the real record
169 #
170 if ( 1 == $wpRemember ) {
171 $r = 1;
172 $u->setCookiePassword( $wpPassword );
173 } else {
174 $r = 0;
175 }
176 $u->setOption( "rememberpassword", $r );
177
178 $wgUser = $u;
179 $wgUser->setCookies();
180
181 $up = new UserUpdate();
182 array_push( $wgDeferredUpdateList, $up );
183
184 if( hasSessionCookie() ) {
185 return successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
186 } else {
187 return cookieRedirectCheck( "login" );
188 }
189 }
190
191 /* private */ function mailPassword()
192 {
193 global $wgUser, $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
194 global $wgCookiePath, $wgCookieDomain, $wgDBname;
195
196 if ( "" == $wpName ) {
197 mainLoginForm( wfMsg( "noname" ) );
198 return;
199 }
200 $u = User::newFromName( $wpName );
201 $id = $u->idForName();
202 if ( 0 == $id ) {
203 mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
204 return;
205 }
206 $u->setId( $id );
207 $u->loadFromDatabase();
208
209 if (mailPasswordInternal($u) == NULL) {
210 return;
211 }
212
213 mainLoginForm( wfMsg( "passwordsent", $u->getName() ) );
214 }
215
216
217 /* private */ function mailPasswordInternal( $u )
218 {
219 global $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
220 global $wgPasswordSender, $wgDBname, $wgIP;
221
222 if ( "" == $u->getEmail() ) {
223 mainLoginForm( wfMsg( "noemail", $u->getName() ) );
224 return;
225 }
226 $np = User::randomPassword();
227 $u->setNewpassword( $np );
228
229 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
230 $u->saveSettings();
231
232 $ip = $wgIP;
233 if ( "" == $ip ) { $ip = "(Unknown)"; }
234
235 $m = wfMsg( "passwordremindertext", $ip, $u->getName(), $np );
236
237 userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( "passwordremindertitle" ), $m );
238
239 return $u;
240 }
241
242
243
244
245
246 /* private */ function successfulLogin( $msg )
247 {
248 global $wgUser;
249 global $wgDeferredUpdateList;
250 global $wgOut;
251
252 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
253 $wgOut->setRobotpolicy( "noindex,nofollow" );
254 $wgOut->setArticleRelated( false );
255 $wgOut->addHTML( $msg . "\n<p>" );
256 $wgOut->returnToMain();
257 }
258
259 function userNotPrivilegedMessage()
260 {
261 global $wgOut, $wgUser, $wgLang;
262
263 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
264 $wgOut->setRobotpolicy( "noindex,nofollow" );
265 $wgOut->setArticleRelated( false );
266
267 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
268
269 $wgOut->returnToMain( false );
270 }
271
272 /* private */ function mainLoginForm( $err )
273 {
274 global $wgUser, $wgOut, $wgLang, $returnto;
275 global $wpName, $wpPassword, $wpRetype, $wpRemember;
276 global $wpEmail, $HTTP_COOKIE_VARS, $wgDBname;
277
278 $le = wfMsg( "loginerror" );
279 $yn = wfMsg( "yourname" );
280 $yp = wfMsg( "yourpassword" );
281 $ypa = wfMsg( "yourpasswordagain" );
282 $rmp = wfMsg( "remembermypassword" );
283 $nuo = wfMsg( "newusersonly" );
284 $li = wfMsg( "login" );
285 $ca = wfMsg( "createaccount" );
286 $cam = wfMsg( "createaccountmail" );
287 $ye = wfMsg( "youremail" );
288 $efl = wfMsg( "emailforlost" );
289 $mmp = wfMsg( "mailmypassword" );
290 $endText = wfMsg( "loginend" );
291
292
293 $name = $wpName;
294 if ( "" == $name ) {
295 if ( 0 != $wgUser->getID() ) {
296 $name = $wgUser->getName();
297 } else {
298 $name = $HTTP_COOKIE_VARS["{$wgDBname}UserName"];
299 }
300 }
301 $pwd = $wpPassword;
302
303 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
304 $wgOut->setRobotpolicy( "noindex,nofollow" );
305 $wgOut->setArticleRelated( false );
306
307 if ( "" == $err ) {
308 $lp = wfMsg( "loginprompt" );
309 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
310 } else {
311 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
312 color='red'>$err</font>\n" );
313 }
314 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
315 $checked = " checked";
316 } else {
317 $checked = "";
318 }
319 $q = "action=submit";
320 if ( "" != $returnto ) { $q .= "&returnto=" . wfUrlencode($returnto); }
321 $action = wfLocalUrlE( $wgLang->specialPage( "Userlogin" ), $q );
322
323 $wpName = wfEscapeHTML( $wpName );
324 $wpPassword = wfEscapeHTML( $wpPassword );
325 $wpRetype = wfEscapeHTML( $wpRetype );
326 $wpEmail = wfEscapeHTML( $wpEmail );
327
328 if ($wgUser->getID() != 0) {
329 $cambutton = "<input tabindex=6 type=submit name=\"wpCreateaccountMail\" value=\"{$cam}\">";
330 }
331
332 $wgOut->addHTML( "
333 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
334 <table border=0><tr>
335 <td align=right>$yn:</td>
336 <td align=left>
337 <input tabindex=1 type=text name=\"wpName\" value=\"{$name}\" size=20>
338 </td>
339 <td align=left>
340 <input tabindex=3 type=submit name=\"wpLoginattempt\" value=\"{$li}\">
341 </td>
342 </tr>
343 <tr>
344 <td align=right>$yp:</td>
345 <td align=left>
346 <input tabindex=2 type=password name=\"wpPassword\" value=\"{$pwd}\" size=20>
347 </td>
348 <td align=left>
349 <input tabindex=7 type=checkbox name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked><label for=\"wpRemember\">$rmp</label>
350 </td>
351 </tr>");
352
353 if ($wgUser->isAllowedToCreateAccount()) {
354
355 $wgOut->addHTML("<tr><td colspan=3>&nbsp;</td></tr><tr>
356 <td align=right>$ypa:</td>
357 <td align=left>
358 <input tabindex=4 type=password name=\"wpRetype\" value=\"{$wpRetype}\"
359 size=20>
360 </td><td>$nuo</td></tr>
361 <tr>
362 <td align=right>$ye:</td>
363 <td align=left>
364 <input tabindex=5 type=text name=\"wpEmail\" value=\"{$wpEmail}\" size=20>
365 </td><td align=left>
366 <input tabindex=6 type=submit name=\"wpCreateaccount\" value=\"{$ca}\">
367 $cambutton
368 </td></tr>");
369 }
370
371 $wgOut->addHTML("
372 <tr><td colspan=3>&nbsp;</td></tr><tr>
373 <td colspan=3 align=left>
374 <p>$efl<br>
375 <input tabindex=8 type=submit name=\"wpMailmypassword\" value=\"{$mmp}\">
376 </td></tr></table>
377 </form>\n" );
378 $wgOut->addHTML( $endText );
379 }
380
381 /* private */ function hasSessionCookie()
382 {
383 global $wgDisableCookieCheck;
384 return ( $wgDisableCookieCheck ) ? true : ( "" != $_COOKIE[session_name()] );
385 }
386
387 /* private */ function cookieRedirectCheck( $type )
388 {
389 global $wgOut, $wgLang;
390
391 $check = wfLocalUrl( wfUrlEncode( $wgLang->specialPage( "Userlogin" ) ),
392 "wpCookieCheck=$type" );
393
394 return $wgOut->redirect( $check );
395 }
396
397 /* private */ function onCookieRedirectCheck( $type ) {
398 global $wgUser;
399
400 if ( !hasSessionCookie() ) {
401 if ( $type == "new" ) {
402 return mainLoginForm( wfMsg( "nocookiesnew" ) );
403 } else if ( $type == "login" ) {
404 return mainLoginForm( wfMsg( "nocookieslogin" ) );
405 } else {
406 # shouldn't happen
407 return mainLoginForm( wfMsg( "error" ) );
408 }
409 } else {
410 return successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
411 }
412 }
413
414 ?>
Wiklou, le Wiki du Wiklou