dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
New update script, Version.php, new salted passwords, minor fixes.
[lhc/web/wiklou.git] / includes / SpecialUserlogin.php
1 <?
2
3 function wfSpecialUserlogin()
4 {
5 global $wpCreateaccount, $wpLoginattempt, $wpMailmypassword;
6 global $action;
7
8 $fields = array( "wpName", "wpPassword", "wpName",
9 "wpPassword", "wpRetype", "wpEmail" );
10 wfCleanFormFields( $fields );
11
12 if ( isset( $wpCreateaccount ) ) {
13 addNewAccount();
14 } else if ( isset( $wpMailmypassword ) ) {
15 mailPassword();
16 } else if ( "submit" == $action || isset( $wpLoginattempt ) ) {
17 processLogin();
18 } else {
19 mainLoginForm( "" );
20 }
21 }
22
23 /* private */ function addNewAccount()
24 {
25 global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
26 global $wpEmail, $wgDeferredUpdateList;
27
28 if ( 0 != strcmp( $wpPassword, $wpRetype ) ) {
29 mainLoginForm( wfMsg( "badretype" ) );
30 return;
31 }
32 $wpName = trim( $wpName );
33 if ( ( "" == $wpName ) ||
34 preg_match( "/^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$/", $wpName ) )
35 {
36 mainLoginForm( wfMsg( "noname" ) );
37 return;
38 }
39 if ( wfReadOnly() ) {
40 $wgOut->readOnlyPage();
41 return;
42 }
43 $u = User::newFromName( $wpName );
44
45 if ( 0 != $u->idForName() ) {
46 mainLoginForm( wfMsg( "userexists" ) );
47 return;
48 }
49 $u->addToDatabase();
50 $u->setPassword( $wpPassword );
51 $u->setEmail( $wpEmail );
52 if ( 1 == $wpRemember ) { $r = 1; }
53 else { $r = 0; }
54 $u->setOption( "rememberpassword", $r );
55
56 $wgUser = $u;
57 $m = str_replace( "$1", $wgUser->getName(), wfMsg( "welcomecreation" ) );
58 successfulLogin( $m );
59 }
60
61 /* private */ function processLogin()
62 {
63 global $wgUser, $wpName, $wpPassword, $wpRemember;
64 global $returnto;
65
66 if ( "" == $wpName ) {
67 mainLoginForm( wfMsg( "noname" ) );
68 return;
69 }
70 $u = User::newFromName( $wpName );
71 $id = $u->idForName();
72 if ( 0 == $id ) {
73 $m = str_replace( "$1", $u->getName(), wfMsg( "nosuchuser" ) );
74 mainLoginForm( $m );
75 return;
76 }
77 $u->setId( $id );
78 $u->loadFromDatabase();
79 $ep = $u->encryptPassword( $wpPassword );
80 if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
81 if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
82 mainLoginForm( wfMsg( "wrongpassword" ) );
83 return;
84 }
85 }
86
87 # We've verified now, update the real record
88 #
89 if ( 1 == $wpRemember ) {
90 $r = 1;
91 $u->setCookiePassword( $wpPassword );
92 } else {
93 $r = 0;
94 }
95 $u->setOption( "rememberpassword", $r );
96
97 $wgUser = $u;
98 $m = str_replace( "$1", $wgUser->getName(), wfMsg( "loginsuccess" ) );
99 successfulLogin( $m );
100 }
101
102 /* private */ function mailPassword()
103 {
104 global $wgUser, $wpName, $wgDeferredUpdateList, $wgOutputEncoding;
105
106 if ( "" == $wpName ) {
107 mainLoginForm( wfMsg( "noname" ) );
108 return;
109 }
110 $u = User::newFromName( $wpName );
111 $id = $u->idForName();
112 if ( 0 == $id ) {
113 $m = str_replace( "$1", $u->getName(), wfMsg( "nosuchuser" ) );
114 mainLoginForm( $m );
115 return;
116 }
117 $u->setId( $id );
118 $u->loadFromDatabase();
119
120 if ( "" == $u->getEmail() ) {
121 $m = str_replace( "$1", $u->getName(), wfMsg( "noemail" ) );
122 mainLoginForm( $m );
123 return;
124 }
125 $np = User::randomPassword();
126 $u->setNewpassword( $np );
127
128 setcookie( "wcUserPassword", "", time() - 3600 );
129 $u->saveSettings();
130
131 $ip = getenv( "REMOTE_ADDR" );
132 if ( "" == $ip ) { $ip = "(Unknown)"; }
133
134 $m = str_replace( "$1", $ip, wfMsg( "passwordremindertext" ) );
135 $m = str_replace( "$2", $u->getName(), $m );
136 $m = str_replace( "$3", $np, $m );
137
138 #FIXME: Generilize the email addresses for 3rd party sites...
139 mail( $u->getEmail(), wfMsg( "passwordremindertitle" ), $m,
140 "MIME-Version: 1.0\r\n" .
141 "Content-type: text/plain; charset={$wgOutputEncoding}\r\n" .
142 "Content-transfer-encoding: 8bit\r\n" .
143 "From: Wikipedia Mail <apache@www.wikipedia.org>\r\n" .
144 "Reply-To: webmaster@www.wikipedia.org" );
145 $m = str_replace( "$1", $u->getName(), wfMsg( "passwordsent" ) );
146 mainLoginForm( $m );
147 }
148
149 /* private */ function successfulLogin( $msg )
150 {
151 global $wgUser, $wgOut, $returnto;
152 global $wgDeferredUpdateList;
153
154 $wgUser->setCookies();
155 $up = new UserUpdate();
156 array_push( $wgDeferredUpdateList, $up );
157
158 $wgOut->setPageTitle( wfMsg( "loginsuccesstitle" ) );
159 $wgOut->setRobotpolicy( "noindex,nofollow" );
160 $wgOut->setArticleFlag( false );
161 $wgOut->addHTML( $msg . "\n<p>" );
162 $wgOut->returnToMain();
163 }
164
165 /* private */ function mainLoginForm( $err )
166 {
167 global $wgUser, $wgOut, $wgLang, $returnto;
168 global $wpName, $wpPassword, $wpRetype, $wpRemember;
169 global $wpEmail, $HTTP_COOKIE_VARS;
170
171 $le = wfMsg( "loginerror" );
172 $yn = wfMsg( "yourname" );
173 $yp = wfMsg( "yourpassword" );
174 $ypa = wfMsg( "yourpasswordagain" );
175 $rmp = wfMsg( "remembermypassword" );
176 $ayn = wfMsg( "areyounew" );
177 $nuo = wfMsg( "newusersonly" );
178 $li = wfMsg( "login" );
179 $ca = wfMsg( "createaccount" );
180 $ye = wfMsg( "youremail" );
181 $efl = wfMsg( "emailforlost" );
182 $mmp = wfMsg( "mailmypassword" );
183
184 $name = $wpName;
185 if ( "" == $name ) {
186 if ( 0 != $wgUser->getID() ) {
187 $name = $wgUser->getName();
188 } else {
189 $name = $HTTP_COOKIE_VARS["wcUserName"];
190 }
191 }
192 $pwd = $wpPassword;
193
194 $wgOut->setPageTitle( wfMsg( "userlogin" ) );
195 $wgOut->setRobotpolicy( "noindex,nofollow" );
196 $wgOut->setArticleFlag( false );
197
198 if ( "" == $err ) {
199 $wgOut->addHTML( "<h2>$li:</h2>\n" );
200 } else {
201 $wgOut->addHTML( "<h2>$le:</h2>\n<font size='+1'
202 color='red'>$err</font>\n" );
203 }
204 if ( 1 == $wgUser->getOption( "rememberpassword" ) ) {
205 $checked = " checked";
206 } else {
207 $checked = "";
208 }
209 $q = "action=submit";
210 if ( "" != $returnto ) { $q .= "&returnto=" . wfUrlencode($returnto); }
211 $action = wfLocalUrlE( $wgLang->specialPage( "Userlogin" ), $q );
212
213 $wpName = wfEscapeHTML( $wpName );
214 $wpPassword = wfEscapeHTML( $wpPassword );
215 $wpRetype = wfEscapeHTML( $wpRetype );
216 $wpEmail = wfEscapeHTML( $wpEmail );
217
218 $wgOut->addHTML( "
219 <form name='userlogin' method=post action=\"{$action}\">
220 <table border=0><tr>
221 <td align=right>$yn:</td>
222 <td colspan=2 align=left>
223 <input tabindex=1 type=text name='wpName' value=\"{$name}\" size=20>
224 </td></tr><tr>
225 <td align=right>$yp:</td>
226 <td align=left>
227 <input tabindex=2 type=password name='wpPassword' value=\"{$pwd}\" size=20>
228 </td>
229 <td align=left>
230 <input tabindex=3 type=submit name='wpLoginattempt' value=\"{$li}\">
231 </td></tr>
232 <tr><td colspan=3>&nbsp;</td></tr><tr>
233 <td align=right>$ypa:</td>
234 <td align=left>
235 <input tabindex=4 type=password name='wpRetype' value=\"{$wpRetype}\"
236 size=20>
237 </td><td>$nuo</td></tr>
238 <tr>
239 <td align=right>$ye:</td>
240 <td align=left>
241 <input tabindex=5 type=text name='wpEmail' value=\"{$wpEmail}\" size=20>
242 </td><td align=left>
243 <input tabindex=6 type=submit name='wpCreateaccount' value=\"{$ca}\">
244 </td></tr>
245 <tr>
246 <td colspan=3 align=left>
247 <input tabindex=7 type=checkbox name='wpRemember' value='1'$checked>$rmp
248 </td></tr>
249 <tr><td colspan=3>&nbsp;</td></tr><tr>
250 <td colspan=3 align=left>
251 <p>$efl<br>
252 <input tabindex=8 type=submit name='wpMailmypassword' value=\"{$mmp}\">
253 </td></tr></table>
254 </form>\n" );
255 }
256
257 ?>
Wiklou, le Wiki du Wiklou