dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Reformatted cookie check functions.
[lhc/web/wiklou.git] / includes / SpecialUserlogin.php
1 <?
2
3 function wfSpecialUserlogin()
4 {
5 global $wpCreateaccount, $wpCreateaccountMail;
6 global $wpLoginattempt, $wpMailmypassword;
7 global $action, $_REQUEST;
8
9 $fields = array( "wpName", "wpPassword", "wpName",
10 "wpPassword", "wpRetype", "wpEmail" );
11 wfCleanFormFields( $fields );
12
13 $wpCookieCheck = $_REQUEST[ "wpCookieCheck" ];
14
15 if ( isset( $wpCookieCheck ) ) {
16 onCookieRedirectCheck( $wpCookieCheck );
17 } else if ( isset( $wpCreateaccount ) ) {
18 addNewAccount();
19 } else if ( isset( $wpCreateaccountMail ) ) {
20 addNewAccountMailPassword();
21 } else if ( isset( $wpMailmypassword ) ) {
22 mailPassword();
23 } else if ( "submit" == $action || isset( $wpLoginattempt ) ) {
24 processLogin();
25 } else {
26 mainLoginForm( "" );
27 }
28 }
29
30
31 /* private */ function addNewAccountMailPassword()
32 {
33 global $wgOut, $wpEmail, $wpName;
34
35 if ("" == $wpEmail) {
36 mainLoginForm( wfMsg( "noemail", $wpName ) );
37 return;
38 }
39
40 $u = addNewaccountInternal();
41
42 if ($u == NULL) {
43 return;
44 }
45
46 $u->saveSettings();
47 if (mailPasswordInternal($u) == NULL)
48 {
49 return;
50 }
51
52 $wgOut->setPageTitle( wfMsg( "accmailtitle" ) );
53 $wgOut->setRobotpolicy( "noindex,nofollow" );
54 $wgOut->setArticleFlag( false );
55
56 $wgOut->addWikiText( wfMsg( "accmailtext", $u->getName(), $u->getEmail() ) );
57 $wgOut->returnToMain( false );
58
59 $u = 0;
60 }
61
62
63 /* private */ function addNewAccount()
64 {
65 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
66 global $wpEmail, $wgDeferredUpdateList;
67
68 $u = addNewAccountInternal();
69
70 if ($u == NULL) {
71 return;
72 }
73
74 $wgUser = $u;
75 $wgUser->setCookies();
76
77 $up = new UserUpdate();
78 array_push( $wgDeferredUpdateList, $up );
79
80 if (hasSessionCookie()) {
81 return successfulLogin( wfMsg( "welcomecreation", $wgUser->getName() ) );
82 } else {
83 return cookieRedirectCheck("new");
84 }
85 }
86
87
88 /* private */ function addNewAccountInternal()
89 {
90 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
91 global $wpEmail;
92
93 if (!$wgUser->isAllowedToCreateAccount()) {
94 userNotPrivilegedMessage();
95 return;
96 }
97
98 if ( 0 != strcmp( $wpPassword, $wpRetype ) ) {
99 mainLoginForm( wfMsg( "badretype" ) );
100 return;
101 }
102 $wpName = trim( $wpName );
103 if ( ( "" == $wpName ) ||
104 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $wpName ) ||
105 (strpos( $wpName, "/" ) !== false) )
106 {
107 mainLoginForm( wfMsg( "noname" ) );
108 return;
109 }
110 if ( wfReadOnly() ) {
111 $wgOut->readOnlyPage();
112 return;
113 }
114 $u = User::newFromName( $wpName );
115
116 if ( 0 != $u->idForName() ) {
117 mainLoginForm( wfMsg( "userexists" ) );
118 return;
119 }
120 $u->addToDatabase();
121 $u->setPassword( $wpPassword );
122 $u->setEmail( $wpEmail );
123 if ( 1 == $wpRemember ) { $r = 1; }
124 else { $r = 0; }
125 $u->setOption( "rememberpassword", $r );
126
127 return $u;
128 }
129
130
131
132
133 /* private */ function processLogin()
134 {
135 global $wgUser, $wpName, $wpPassword, $wpRemember;
136 global $wgDeferredUpdateList;
137 global $returnto;
138
139 if ( "" == $wpName ) {
140 mainLoginForm( wfMsg( "noname" ) );
141 return;
142 }
143 $u = User::newFromName( $wpName );
144 $id = $u->idForName();
145 if ( 0 == $id ) {
146 mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
147 return;
148 }
149 $u->setId( $id );
150 $u->loadFromDatabase();
151 $ep = $u->encryptPassword( $wpPassword );
152 if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
153 if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
154 mainLoginForm( wfMsg( "wrongpassword" ) );
155 return;
156 }
157 }
158
159 # We've verified now, update the real record
160 #
161 if ( 1 == $wpRemember ) {
162 $r = 1;
163 $u->setCookiePassword( $wpPassword );
164 } else {
165 $r = 0;
166 }
167 $u->setOption( "rememberpassword", $r );
168
169 $wgUser = $u;
170 $wgUser->setCookies();
171
172 $up = new UserUpdate();
173 array_push( $wgDeferredUpdateList, $up );
174
175 if (hasSessionCookie()) {
176 return successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
177 } else {
178 return cookieRedirectCheck( "login" );
179 }
180 }
181
182 /* private */ function mailPassword()
183 {
184 global $wgUser, $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
185 global $wgCookiePath, $wgCookieDomain, $wgDBname;
186
187 if ( "" == $wpName ) {
188 mainLoginForm( wfMsg( "noname" ) );
189 return;
190 }
191 $u = User::newFromName( $wpName );
192 $id = $u->idForName();
193 if ( 0 == $id ) {
194 mainLoginForm( wfMsg( "nosuchuser", $u->getName() ) );
195 return;
196 }
197 $u->setId( $id );
198 $u->loadFromDatabase();
199
200 if (mailPasswordInternal($u) == NULL) {
201 return;
202 }
203
204 mainLoginForm( wfMsg( "passwordsent", $u->getName() ) );
205 }
206
207
208 /* private */ function mailPasswordInternal( $u )
209 {
210 global $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
211 global $wgPasswordSender;
212
213 if ( "" == $u->getEmail() ) {
214 mainLoginForm( wfMsg( "noemail", $u->getName() ) );
215 return;
216 }
217 $np = User::randomPassword();
218 $u->setNewpassword( $np );
219
220 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
221 $u->saveSettings();
222
223 $ip = getenv( "REMOTE_ADDR" );
224 if ( "" == $ip ) { $ip = "(Unknown)"; }
225
226 $m = wfMsg( "passwordremindertext", $ip, $u->getName(), $np );
227
228 mail( $u->getEmail(), wfMsg( "passwordremindertitle" ), $m,
229 "MIME-Version: 1.0\r\n" .
230 "Content-type: text/plain; charset={$wgOutputEncoding}\r\n" .
231 "Content-transfer-encoding: 8bit\r\n" .
232 "From: $wgPasswordSender" );
233
234 return $u;
235 }
236
237
238
239
240
241 /* private */ function successfulLogin( $msg )
242 {
243 global $wgUser;
244 global $wgDeferredUpdateList;
245 global $wgOut, $returnto;
246
247 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
248 $wgOut->setRobotpolicy( "noindex,nofollow" );
249 $wgOut->setArticleFlag( false );
250 $wgOut->addHTML( $msg . "\n<p>" );
251 $wgOut->returnToMain();
252 }
253
254 function userNotPrivilegedMessage()
255 {
256 global $wgOut, $wgUser, $wgLang;
257
258 $wgOut->setPageTitle( wfMsg( "whitelistacctitle" ) );
259 $wgOut->setRobotpolicy( "noindex,nofollow" );
260 $wgOut->setArticleFlag( false );
261
262 $wgOut->addWikiText( wfMsg( "whitelistacctext" ) );
263 $wgOut->returnToMain( false );
264 }
265
266 /* private */ function mainLoginForm( $err )
267 {
268 global $wgUser, $wgOut, $wgLang, $returnto;
269 global $wpName, $wpPassword, $wpRetype, $wpRemember;
270 global $wpEmail, $HTTP_COOKIE_VARS, $wgDBname;
271
272 $le = wfMsg( "loginerror" );
273 $yn = wfMsg( "yourname" );
274 $yp = wfMsg( "yourpassword" );
275 $ypa = wfMsg( "yourpasswordagain" );
276 $rmp = wfMsg( "remembermypassword" );
277 $ayn = wfMsg( "areyounew" );
278 $nuo = wfMsg( "newusersonly" );
279 $li = wfMsg( "login" );
280 $ca = wfMsg( "createaccount" );
281 $cam = wfMsg( "createaccountmail" );
282 $ye = wfMsg( "youremail" );
283 $efl = wfMsg( "emailforlost" );
284 $mmp = wfMsg( "mailmypassword" );
285
286 $name = $wpName;
287 if ( "" == $name ) {
288 if ( 0 != $wgUser->getID() ) {
289 $name = $wgUser->getName();
290 } else {
291 $name = $HTTP_COOKIE_VARS["{$wgDBname}UserName"];
292 }
293 }
294 $pwd = $wpPassword;
295
296 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
297 $wgOut->setRobotpolicy( "noindex,nofollow" );
298 $wgOut->setArticleFlag( false );
299
300 if ( "" == $err ) {
301 $lp = wfMsg( "loginprompt" );
302 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
303 } else {
304 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
305 color='red'>$err</font>\n" );
306 }
307 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
308 $checked = " checked";
309 } else {
310 $checked = "";
311 }
312 $q = "action=submit";
313 if ( "" != $returnto ) { $q .= "&returnto=" . wfUrlencode($returnto); }
314 $action = wfLocalUrlE( $wgLang->specialPage( "Userlogin" ), $q );
315
316 $wpName = wfEscapeHTML( $wpName );
317 $wpPassword = wfEscapeHTML( $wpPassword );
318 $wpRetype = wfEscapeHTML( $wpRetype );
319 $wpEmail = wfEscapeHTML( $wpEmail );
320
321 if ($wgUser->getID() != 0) {
322 $cambutton = "<input tabindex=6 type=submit name=\"wpCreateaccountMail\" value=\"{$cam}\">";
323 }
324
325 $wgOut->addHTML( "
326 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
327 <table border=0><tr>
328 <td align=right>$yn:</td>
329 <td colspan=2 align=left>
330 <input tabindex=1 type=text name=\"wpName\" value=\"{$name}\" size=20>
331 </td></tr><tr>
332 <td align=right>$yp:</td>
333 <td align=left>
334 <input tabindex=2 type=password name=\"wpPassword\" value=\"{$pwd}\" size=20>
335 </td>
336 <td align=left>
337 <input tabindex=3 type=submit name=\"wpLoginattempt\" value=\"{$li}\">
338 </td></tr>");
339
340 if ($wgUser->isAllowedToCreateAccount()) {
341
342 $wgOut->addHTML("<tr><td colspan=3>&nbsp;</td></tr><tr>
343 <td align=right>$ypa:</td>
344 <td align=left>
345 <input tabindex=4 type=password name=\"wpRetype\" value=\"{$wpRetype}\"
346 size=20>
347 </td><td>$nuo</td></tr>
348 <tr>
349 <td align=right>$ye:</td>
350 <td align=left>
351 <input tabindex=5 type=text name=\"wpEmail\" value=\"{$wpEmail}\" size=20>
352 </td><td align=left>
353 <input tabindex=6 type=submit name=\"wpCreateaccount\" value=\"{$ca}\">
354 $cambutton
355 </td></tr>");
356 }
357
358 $wgOut->addHTML("
359 <tr>
360 <td colspan=3 align=left>
361 <input tabindex=7 type=checkbox name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked><label for=\"wpRemember\">$rmp</label>
362 </td></tr>
363 <tr><td colspan=3>&nbsp;</td></tr><tr>
364 <td colspan=3 align=left>
365 <p>$efl<br>
366 <input tabindex=8 type=submit name=\"wpMailmypassword\" value=\"{$mmp}\">
367 </td></tr></table>
368 </form>\n" );
369
370
371
372 }
373
374 /* private */ function hasSessionCookie()
375 {
376 global $HTTP_COOKIE_VARS;
377 global $wgDisableCookieCheck;
378
379 return ( $wgDisableCookieCheck ) ? true : ( "" != $HTTP_COOKIE_VARS[session_name()]);
380 }
381
382 /* private */ function cookieRedirectCheck( $type )
383 {
384 global $wgOut, $wgLang;
385
386 $check = wfLocalUrl( $wgLang->specialPage( "Userlogin" ),
387 "wpCookieCheck=$type" );
388
389 return $wgOut->redirect( $check );
390 }
391
392 /* private */ function onCookieRedirectCheck( $type ) {
393
394 global $wgUser;
395
396 if (!hasSessionCookie()) {
397 if ( $type == "new" ) {
398 return mainLoginForm( wfMsg( "nocookiesnew" ) );
399 } else if ( $type == "login" ) {
400 return mainLoginForm( wfMsg( "nocookieslogin" ) );
401 } else {
402 # shouldn't happen
403 return mainLoginForm( wfMsg( "error" ) );
404 }
405 } else {
406 return successfulLogin( wfMsg( "loginsuccess", $wgUser->getName() ) );
407 }
408 }
409
410 ?>
Wiklou, le Wiki du Wiklou