dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Capitalization fix in memcached setting
[lhc/web/wiklou.git] / includes / SpecialUserlogin.php
1 <?php
2 /**
3 *
4 * @package MediaWiki
5 * @subpackage SpecialPage
6 */
7
8 /**
9 *
10 */
11 require_once('UserMailer.php');
12
13 /**
14 * consutrctor
15 */
16 function wfSpecialUserlogin() {
17 global $wgCommandLineMode;
18 global $wgRequest;
19 if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get('session.name')] ) ) {
20 User::SetupSession();
21 }
22
23 $form = new LoginForm( $wgRequest );
24 $form->execute();
25 }
26
27 /**
28 *
29 * @package MediaWiki
30 * @subpackage SpecialPage
31 */
32 class LoginForm {
33 var $mName, $mPassword, $mRetype, $mReturnto, $mCookieCheck, $mPosted;
34 var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
35 var $mLoginattempt, $mRemember, $mEmail;
36
37 function LoginForm( &$request ) {
38 global $wgLang, $wgAllowRealName;
39
40 $this->mName = $request->getText( 'wpName' );
41 $this->mPassword = $request->getText( 'wpPassword' );
42 $this->mRetype = $request->getText( 'wpRetype' );
43 $this->mReturnto = $request->getVal( 'returnto' );
44 $this->mCookieCheck = $request->getVal( 'wpCookieCheck' );
45 $this->mPosted = $request->wasPosted();
46 $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' );
47 $this->mCreateaccountMail = $request->getCheck( 'wpCreateaccountMail' );
48 $this->mMailmypassword = $request->getCheck( 'wpMailmypassword' );
49 $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
50 $this->mAction = $request->getVal( 'action' );
51 $this->mRemember = $request->getCheck( 'wpRemember' );
52 $this->mEmail = $request->getText( 'wpEmail' );
53 if ($wgAllowRealName) {
54 $this->mRealName = $request->getText( 'wpRealName' );
55 } else {
56 $this->mRealName = '';
57 }
58
59 # When switching accounts, it sucks to get automatically logged out
60 if( $this->mReturnto == $wgLang->specialPage( 'Userlogout' ) ) {
61 $this->mReturnto = '';
62 }
63 }
64
65 function execute() {
66 if ( !is_null( $this->mCookieCheck ) ) {
67 $this->onCookieRedirectCheck( $this->mCookieCheck );
68 return;
69 } else if( $this->mPosted ) {
70 if( $this->mCreateaccount ) {
71 return $this->addNewAccount();
72 } else if ( $this->mCreateaccountMail ) {
73 return $this->addNewAccountMailPassword();
74 } else if ( $this->mMailmypassword ) {
75 return $this->mailPassword();
76 } else if ( ( 'submit' == $this->mAction ) || $this->mLoginattempt ) {
77 return $this->processLogin();
78 }
79 }
80 $this->mainLoginForm( '' );
81 }
82
83 /**
84 * @access private
85 */
86 function addNewAccountMailPassword() {
87 global $wgOut;
88
89 if ('' == $this->mEmail) {
90 $this->mainLoginForm( wfMsg( 'noemail', htmlspecialchars( $this->mName ) ) );
91 return;
92 }
93
94 $u = $this->addNewaccountInternal();
95
96 if ($u == NULL) {
97 return;
98 }
99
100 $u->saveSettings();
101 $error = $this->mailPasswordInternal($u);
102
103 $wgOut->setPageTitle( wfMsg( 'accmailtitle' ) );
104 $wgOut->setRobotpolicy( 'noindex,nofollow' );
105 $wgOut->setArticleRelated( false );
106
107 if ( $error === '' ) {
108 $wgOut->addWikiText( wfMsg( 'accmailtext', $u->getName(), $u->getEmail() ) );
109 $wgOut->returnToMain( false );
110 } else {
111 $this->mainLoginForm( wfMsg( 'mailerror', $error ) );
112 }
113
114 $u = 0;
115 }
116
117
118 /**
119 * @access private
120 */
121 function addNewAccount() {
122 global $wgUser, $wgOut;
123 global $wgDeferredUpdateList;
124
125 $u = $this->addNewAccountInternal();
126
127 if ($u == NULL) {
128 return;
129 }
130
131 $wgUser = $u;
132 $wgUser->setCookies();
133
134 $up = new UserUpdate();
135 array_push( $wgDeferredUpdateList, $up );
136
137 if( $this->hasSessionCookie() ) {
138 return $this->successfulLogin( wfMsg( 'welcomecreation', $wgUser->getName() ) );
139 } else {
140 return $this->cookieRedirectCheck( 'new' );
141 }
142 }
143
144
145 /**
146 * @access private
147 */
148 function addNewAccountInternal() {
149 global $wgUser, $wgOut;
150 global $wgMaxNameChars;
151 global $wgMemc, $wgAccountCreationThrottle, $wgDBname, $wgIP;
152
153 if (!$wgUser->isAllowedToCreateAccount()) {
154 $this->userNotPrivilegedMessage();
155 return;
156 }
157
158 if ( 0 != strcmp( $this->mPassword, $this->mRetype ) ) {
159 $this->mainLoginForm( wfMsg( 'badretype' ) );
160 return;
161 }
162
163 $name = trim( $this->mName );
164 $u = User::newFromName( $name );
165 if ( is_null( $u ) ||
166 ( '' == $name ) ||
167 preg_match( "/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $name ) ||
168 (strpos( $name, "/" ) !== false) ||
169 (strlen( $name ) > $wgMaxNameChars) ||
170 ucFirst($name) != $u->getName() )
171 {
172 $this->mainLoginForm( wfMsg( 'noname' ) );
173 return;
174 }
175 if ( wfReadOnly() ) {
176 $wgOut->readOnlyPage();
177 return;
178 }
179
180 if ( 0 != $u->idForName() ) {
181 $this->mainLoginForm( wfMsg( 'userexists' ) );
182 return;
183 }
184
185 if ( $wgAccountCreationThrottle ) {
186 $key = $wgDBname.':acctcreate:ip:'.$wgIP;
187 $value = $wgMemc->incr( $key );
188 if ( !$value ) {
189 $wgMemc->set( $key, 1, 86400 );
190 }
191 if ( $value > $wgAccountCreationThrottle ) {
192 $this->throttleHit( $wgAccountCreationThrottle );
193 return;
194 }
195 }
196
197 return $this->initUser( $u );
198 }
199
200 /**
201 * Actually add a user to the database.
202 * Give it a User object that has been initialised with a name.
203 *
204 * @param User $u
205 * @return User
206 * @access private
207 */
208 function &initUser( &$u ) {
209 $u->addToDatabase();
210 $u->setPassword( $this->mPassword );
211 $u->setEmail( $this->mEmail );
212 $u->setRealName( $this->mRealName );
213
214 global $wgAuth;
215 $wgAuth->initUser( $u );
216
217 if ( $this->mRemember ) { $r = 1; }
218 else { $r = 0; }
219 $u->setOption( 'rememberpassword', $r );
220
221 return $u;
222 }
223
224 /**
225 * @access private
226 */
227 function processLogin() {
228 global $wgUser;
229 global $wgDeferredUpdateList;
230
231 if ( '' == $this->mName ) {
232 $this->mainLoginForm( wfMsg( 'noname' ) );
233 return;
234 }
235 $u = User::newFromName( $this->mName );
236 if( is_null( $u ) ) {
237 $this->mainLoginForm( wfMsg( 'noname' ) );
238 return;
239 }
240 $id = $u->idForName();
241 if ( 0 == $id ) {
242 global $wgAuth;
243 /**
244 * If the external authentication plugin allows it,
245 * automatically create a new account for users that
246 * are externally defined but have not yet logged in.
247 */
248 if( $wgAuth->autoCreate() &&
249 $wgAuth->userExists( $u->getName() ) &&
250 $wgAuth->authenticate( $u->getName(), $this->mPassword ) ) {
251 $u =& $this->initUser( $u );
252 } else {
253 $this->mainLoginForm( wfMsg( 'nosuchuser', $u->getName() ) );
254 return;
255 }
256 } else {
257 $u->setId( $id );
258 $u->loadFromDatabase();
259 }
260 if (!$u->checkPassword( $this->mPassword )) {
261 $this->mainLoginForm( wfMsg( 'wrongpassword' ) );
262 return;
263 }
264
265 # We've verified now, update the real record
266 #
267 if ( $this->mRemember ) {
268 $r = 1;
269 } else {
270 $r = 0;
271 }
272 $u->setOption( 'rememberpassword', $r );
273
274 $wgUser = $u;
275 $wgUser->setCookies();
276
277 $up = new UserUpdate();
278 array_push( $wgDeferredUpdateList, $up );
279
280 if( $this->hasSessionCookie() ) {
281 return $this->successfulLogin( wfMsg( 'loginsuccess', $wgUser->getName() ) );
282 } else {
283 return $this->cookieRedirectCheck( 'login' );
284 }
285 }
286
287 /**
288 * @access private
289 */
290 function mailPassword() {
291 global $wgUser, $wgDeferredUpdateList, $wgOutputEncoding;
292 global $wgCookiePath, $wgCookieDomain, $wgDBname;
293
294 if ( '' == $this->mName ) {
295 $this->mainLoginForm( wfMsg( 'noname' ) );
296 return;
297 }
298 $u = User::newFromName( $this->mName );
299 if( is_null( $u ) ) {
300 $this->mainLoginForm( wfMsg( 'noname' ) );
301 return;
302 }
303 $id = $u->idForName();
304 if ( 0 == $id ) {
305 $this->mainLoginForm( wfMsg( 'nosuchuser', $u->getName() ) );
306 return;
307 }
308 $u->setId( $id );
309 $u->loadFromDatabase();
310
311 $error = $this->mailPasswordInternal( $u );
312 if ($error === '') {
313 $this->mainLoginForm( wfMsg( 'passwordsent', $u->getName() ) );
314 } else {
315 $this->mainLoginForm( wfMsg( 'mailerror', $error ) );
316 }
317
318 }
319
320
321 /**
322 * @access private
323 */
324 function mailPasswordInternal( $u ) {
325 global $wgDeferredUpdateList, $wgOutputEncoding;
326 global $wgPasswordSender, $wgDBname, $wgIP;
327 global $wgCookiePath, $wgCookieDomain;
328
329 if ( '' == $u->getEmail() ) {
330 return wfMsg( 'noemail', $u->getName() );
331 }
332 $np = User::randomPassword();
333 $u->setNewpassword( $np );
334
335 setcookie( "{$wgDBname}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain );
336 $u->saveSettings();
337
338 $ip = $wgIP;
339 if ( '' == $ip ) { $ip = '(Unknown)'; }
340
341 $m = wfMsg( 'passwordremindertext', $ip, $u->getName(), $np );
342
343 $error = userMailer( $u->getEmail(), $wgPasswordSender, wfMsg( 'passwordremindertitle' ), $m );
344
345 return htmlspecialchars( $error );
346 }
347
348
349 /**
350 * @access private
351 */
352 function successfulLogin( $msg ) {
353 global $wgUser;
354 global $wgDeferredUpdateList;
355 global $wgOut;
356
357 $wgOut->setPageTitle( wfMsg( 'loginsuccesstitle' ) );
358 $wgOut->setRobotpolicy( 'noindex,nofollow' );
359 $wgOut->setArticleRelated( false );
360 $wgOut->addWikiText( $msg );
361 $wgOut->returnToMain();
362 }
363
364 function userNotPrivilegedMessage() {
365 global $wgOut, $wgUser, $wgLang;
366
367 $wgOut->setPageTitle( wfMsg( 'whitelistacctitle' ) );
368 $wgOut->setRobotpolicy( 'noindex,nofollow' );
369 $wgOut->setArticleRelated( false );
370
371 $wgOut->addWikiText( wfMsg( 'whitelistacctext' ) );
372
373 $wgOut->returnToMain( false );
374 }
375
376 /**
377 * @access private
378 */
379 function mainLoginForm( $err ) {
380 global $wgUser, $wgOut, $wgLang;
381 global $wgDBname, $wgAllowRealName;
382
383 $le = wfMsg( 'loginerror' );
384 $yn = wfMsg( 'yourname' );
385 $yp = wfMsg( 'yourpassword' );
386 $ypa = wfMsg( 'yourpasswordagain' );
387 $rmp = wfMsg( 'remembermypassword' );
388 $nuo = wfMsg( 'newusersonly' );
389 $li = wfMsg( 'login' );
390 $ca = wfMsg( 'createaccount' );
391 $cam = wfMsg( 'createaccountmail' );
392 $ye = wfMsg( 'youremail' );
393 if( $wgAllowRealName ) {
394 $yrn = wfMsg( 'yourrealname' );
395 } else {
396 $yrn = '';
397 }
398 $efl = wfMsg( 'emailforlost' );
399 $mmp = wfMsg( 'mailmypassword' );
400 $endText = wfMsg( 'loginend' );
401
402 if ( $endText == '&lt;loginend&gt;' ) {
403 $endText = '';
404 }
405
406 if ( '' == $this->mName ) {
407 if ( 0 != $wgUser->getID() ) {
408 $this->mName = $wgUser->getName();
409 } else {
410 $this->mName = @$_COOKIE[$wgDBname.'UserName'];
411 }
412 }
413
414 $wgOut->setPageTitle( wfMsg( 'userlogin' ) );
415 $wgOut->setRobotpolicy( 'noindex,nofollow' );
416 $wgOut->setArticleRelated( false );
417
418 if ( '' == $err ) {
419 $lp = wfMsg( 'loginprompt' );
420 $wgOut->addHTML( "<h2>$li:</h2>\n<p>$lp</p>" );
421 } else {
422 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
423 color='red'>$err</font>\n" );
424 }
425 if ( 1 == $wgUser->getOption( 'rememberpassword' ) ) {
426 $checked = ' checked';
427 } else {
428 $checked = '';
429 }
430
431 $q = 'action=submit';
432 if ( !empty( $this->mReturnto ) ) {
433 $q .= '&returnto=' . wfUrlencode( $this->mReturnto );
434 }
435
436 $titleObj = Title::makeTitle( NS_SPECIAL, 'Userlogin' );
437 $action = $titleObj->escapeLocalUrl( $q );
438
439 $encName = htmlspecialchars( $this->mName );
440 $encPassword = htmlspecialchars( $this->mPassword );
441 $encRetype = htmlspecialchars( $this->mRetype );
442 $encEmail = htmlspecialchars( $this->mEmail );
443 $encRealName = htmlspecialchars( $this->mRealName );
444
445 if ($wgUser->getID() != 0) {
446 $cambutton = "<input tabindex='6' type='submit' name=\"wpCreateaccountMail\" value=\"{$cam}\" />";
447 } else {
448 $cambutton = '';
449 }
450
451 $wgOut->addHTML( "
452 <form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
453 <table border='0'><tr>
454 <td align='right'>$yn:</td>
455 <td align='left'>
456 <input tabindex='1' type='text' name=\"wpName\" value=\"{$encName}\" size='20' />
457 </td>
458 <td align='left'>
459 <input tabindex='3' type='submit' name=\"wpLoginattempt\" value=\"{$li}\" />
460 </td>
461 </tr>
462 <tr>
463 <td align='right'>$yp:</td>
464 <td align='left'>
465 <input tabindex='2' type='password' name=\"wpPassword\" value=\"{$encPassword}\" size='20' />
466 </td>
467 <td align='left'>
468 <input tabindex='4' type='checkbox' name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked /><label for=\"wpRemember\">$rmp</label>
469 </td>
470 </tr>");
471
472 if ($wgUser->isAllowedToCreateAccount()) {
473 $encRetype = htmlspecialchars( $this->mRetype );
474 $encEmail = htmlspecialchars( $this->mEmail );
475 $wgOut->addHTML("<tr><td colspan='3'>&nbsp;</td></tr><tr>
476 <td align='right'>$ypa:</td>
477 <td align='left'>
478 <input tabindex='5' type='password' name=\"wpRetype\" value=\"{$encRetype}\"
479 size='20' />
480 </td><td>$nuo</td></tr>
481 <tr>
482 <td align='right'>$ye:</td>
483 <td align='left'>
484 <input tabindex='7' type='text' name=\"wpEmail\" value=\"{$encEmail}\" size='20' />
485 </td>");
486
487 if ($wgAllowRealName) {
488 $wgOut->addHTML("<td>&nbsp;</td>
489 </tr><tr>
490 <td align='right'>$yrn:</td>
491 <td align='left'>
492 <input tabindex='8' type='text' name=\"wpRealName\" value=\"{$encRealName}\" size='20' />
493 </td>");
494 }
495
496 $wgOut->addHTML("<td align='left'>
497 <input tabindex='9' type='submit' name=\"wpCreateaccount\" value=\"{$ca}\" />
498 $cambutton
499 </td></tr>");
500 }
501
502 $wgOut->addHTML("
503 <tr><td colspan='3'>&nbsp;</td></tr><tr>
504 <td colspan='3' align='left'>
505 <p>$efl<br />
506 <input tabindex='10' type='submit' name=\"wpMailmypassword\" value=\"{$mmp}\" /></p>
507 </td></tr></table>
508 </form>\n" );
509 $wgOut->addHTML( $endText );
510 }
511
512 /**
513 * @access private
514 */
515 function hasSessionCookie() {
516 global $wgDisableCookieCheck;
517 return ( $wgDisableCookieCheck ) ? true : ( '' != $_COOKIE[session_name()] );
518 }
519
520 /**
521 * @access private
522 */
523 function cookieRedirectCheck( $type ) {
524 global $wgOut, $wgLang;
525
526 $titleObj = Title::makeTitle( NS_SPECIAL, 'Userlogin' );
527 $check = $titleObj->getFullURL( 'wpCookieCheck='.$type );
528
529 return $wgOut->redirect( $check );
530 }
531
532 /**
533 * @access private
534 */
535 function onCookieRedirectCheck( $type ) {
536 global $wgUser;
537
538 if ( !$this->hasSessionCookie() ) {
539 if ( $type == 'new' ) {
540 return $this->mainLoginForm( wfMsg( 'nocookiesnew' ) );
541 } else if ( $type == 'login' ) {
542 return $this->mainLoginForm( wfMsg( 'nocookieslogin' ) );
543 } else {
544 # shouldn't happen
545 return $this->mainLoginForm( wfMsg( 'error' ) );
546 }
547 } else {
548 return $this->successfulLogin( wfMsg( 'loginsuccess', $wgUser->getName() ) );
549 }
550 }
551
552 /**
553 * @access private
554 */
555 function throttleHit( $limit ) {
556 global $wgOut;
557
558 $wgOut->addWikiText( wfMsg( 'acct_creation_throttle_hit', $limit ) );
559 }
560 }
561 ?>
Wiklou, le Wiki du Wiklou