if ( !preg_match( '/^[a-z\-]*$/', $this->mUserLanguage ) ) {
$this->mUserLanguage = 'nolanguage';
}
+
+ wfRunHooks( "InitPreferencesForm", array( $this, $request ) );
}
function execute() {
function savePreferences() {
global $wgUser, $wgOut, $wgParser;
global $wgEnableUserEmail, $wgEnableEmail;
- global $wgEmailAuthentication;
- global $wgAuth;
+ global $wgEmailAuthentication, $wgRCMaxAge;
+ global $wgAuth, $wgEmailConfirmToEdit;
if ( '' != $this->mNewpass && $wgAuth->allowPasswordChange() ) {
if ( $this->mNewpass != $this->mRetypePass ) {
+ wfRunHooks( "PrefsPasswordAudit", array( $wgUser, $this->mNewpass, 'badretype' ) );
$this->mainPrefsForm( 'error', wfMsg( 'badretype' ) );
return;
}
if (!$wgUser->checkPassword( $this->mOldpass )) {
+ wfRunHooks( "PrefsPasswordAudit", array( $wgUser, $this->mNewpass, 'wrongpassword' ) );
$this->mainPrefsForm( 'error', wfMsg( 'wrongpassword' ) );
return;
}
try {
$wgUser->setPassword( $this->mNewpass );
+ wfRunHooks( "PrefsPasswordAudit", array( $wgUser, $this->mNewpass, 'success' ) );
$this->mNewpass = $this->mOldpass = $this->mRetypePass = '';
} catch( PasswordError $e ) {
+ wfRunHooks( "PrefsPasswordAudit", array( $wgUser, $this->mNewpass, 'error' ) );
$this->mainPrefsForm( 'error', $e->getMessage() );
return;
}
}
# Validate the signature and clean it up as needed
- if( $this->mToggles['fancysig'] ) {
+ global $wgMaxSigChars;
+ if( mb_strlen( $this->mNick ) > $wgMaxSigChars ) {
+ global $wgLang;
+ $this->mainPrefsForm( 'error',
+ wfMsg( 'badsiglength', $wgLang->formatNum( $wgMaxSigChars ) ) );
+ return;
+ } elseif( $this->mToggles['fancysig'] ) {
if( Parser::validateSig( $this->mNick ) !== false ) {
$this->mNick = $wgParser->cleanSig( $this->mNick );
} else {
$this->mainPrefsForm( 'error', wfMsg( 'badsig' ) );
+ return;
}
} else {
// When no fancy sig used, make sure ~{3,5} get removed.
$wgUser->setOption( 'contextlines', $this->validateIntOrNull( $this->mSearchLines ) );
$wgUser->setOption( 'contextchars', $this->validateIntOrNull( $this->mSearchChars ) );
$wgUser->setOption( 'rclimit', $this->validateIntOrNull( $this->mRecent ) );
- $wgUser->setOption( 'rcdays', $this->validateInt( $this->mRecentDays, 1, 7 ) );
+ $wgUser->setOption( 'rcdays', $this->validateInt($this->mRecentDays, 1, ceil($wgRCMaxAge / (3600*24))));
$wgUser->setOption( 'wllimit', $this->validateIntOrNull( $this->mWatchlistEdits, 0, 1000 ) );
$wgUser->setOption( 'rows', $this->validateInt( $this->mRows, 4, 1000 ) );
$wgUser->setOption( 'cols', $this->validateInt( $this->mCols, 4, 1000 ) );
foreach ( $this->mToggles as $tname => $tvalue ) {
$wgUser->setOption( $tname, $tvalue );
}
- if (!$wgAuth->updateExternalDB($wgUser)) {
- $this->mainPrefsForm( wfMsg( 'externaldberror' ) );
- return;
- }
- $wgUser->setCookies();
- $wgUser->saveSettings();
$error = false;
if( $wgEnableEmail ) {
if( $wgUser->isValidEmailAddr( $newadr ) ) {
$wgUser->mEmail = $newadr; # new behaviour: set this new emailaddr from login-page into user database record
$wgUser->mEmailAuthenticated = null; # but flag as "dirty" = unauthenticated
- $wgUser->saveSettings();
if ($wgEmailAuthentication) {
# Mail a temporary password to the dirty address.
# User can come back through the confirmation URL to re-enable email.
$error = wfMsg( 'invalidemailaddress' );
}
} else {
+ if( $wgEmailConfirmToEdit && empty( $newadr ) ) {
+ $this->mainPrefsForm( 'error', wfMsg( 'noemailtitle' ) );
+ return;
+ }
$wgUser->setEmail( $this->mUserEmail );
- $wgUser->setCookies();
- $wgUser->saveSettings();
}
+ if( $oldadr != $newadr ) {
+ wfRunHooks( "PrefsEmailAudit", array( $wgUser, $oldadr, $newadr ) );
+ }
+ }
+
+ if (!$wgAuth->updateExternalDB($wgUser)) {
+ $this->mainPrefsForm( 'error', wfMsg( 'externaldberror' ) );
+ return;
+ }
+
+ $msg = '';
+ if ( !wfRunHooks( "SavePreferences", array( $this, $wgUser, &$msg ) ) ) {
+ print "(($msg))";
+ $this->mainPrefsForm( 'error', $msg );
+ return;
}
+ $wgUser->setCookies();
+ $wgUser->saveSettings();
+
if( $needRedirect && $error === false ) {
$title =& SpecialPage::getTitleFor( "Preferences" );
$wgOut->redirect($title->getFullURL('success'));
$this->mSearchNs[$i] = $wgUser->getOption( 'searchNs'.$i );
}
}
+
+ wfRunHooks( "ResetPreferences", array( $this, $wgUser ) );
}
/**
return "<tr><td align='right'>$td1</td><td align='left'>$td2</td></tr>";
}
- function tableRow( $td1, $td2, $td3 = null ) {
- global $wgLang;
+ /**
+ * Helper function for user information panel
+ * @param $td1 label for an item
+ * @param $td2 item or null
+ * @param $td3 optional help or null
+ * @return xhtml block
+ */
+ function tableRow( $td1, $td2 = null, $td3 = null ) {
+ global $wgContLang;
- $a1 = $a2 = array();
- $a1['align'] = $wgLang->isRtl() ? 'left' : 'right';
- $a2['align'] = $wgLang->isRtl() ? 'right' : 'left';
+ $align['align'] = $wgContLang->isRtl() ? 'right' : 'left';
if ( is_null( $td3 ) ) {
$td3 = '';
);
}
- $td1 = Xml::tags( 'td', $a2, $td1 );
- $td2 = Xml::tags( 'td', $a2, $td2 );
+ if ( is_null( $td2 ) ) {
+ $td1 = Xml::tags( 'td', $align + array( 'colspan' => '2' ), $td1 );
+ $td2 = '';
+ } else {
+ $td1 = Xml::tags( 'td', $align, $td1 );
+ $td2 = Xml::tags( 'td', $align, $td2 );
+ }
return Xml::tags( 'tr', null, $td1 . $td2 ). $td3 . "\n";
global $wgRCShowWatchingUsers, $wgEnotifRevealEditorAddress;
global $wgEnableEmail, $wgEnableUserEmail, $wgEmailAuthentication;
global $wgContLanguageCode, $wgDefaultSkin, $wgSkipSkins, $wgAuth;
+ global $wgEmailConfirmToEdit;
$wgOut->setPageTitle( wfMsg( 'preferences' ) );
$wgOut->setArticleRelated( false );
$wgOut->setRobotpolicy( 'noindex,nofollow' );
+ $wgOut->disallowUserJs(); # Prevent hijacked user scripts from sniffing passwords etc.
+
if ( $this->mSuccess || 'success' == $status ) {
$wgOut->addWikitext( '<div class="successbox"><strong>'. wfMsg( 'savedprefs' ) . '</strong></div>' );
} else if ( 'error' == $status ) {
$skin = $wgUser->getSkin();
$emailauthenticated = wfMsg('emailnotauthenticated').'<br />' .
$skin->makeKnownLinkObj( SpecialPage::getTitleFor( 'Confirmemail' ),
- wfMsg( 'emailconfirmlink' ) );
+ wfMsg( 'emailconfirmlink' ) ) . '<br />';
}
} else {
$emailauthenticated = '';
}
if ($this->mUserEmail == '') {
- $emailauthenticated = wfMsg( 'noemailprefs' );
+ $emailauthenticated = wfMsg( 'noemailprefs' ) . '<br />';
}
$ps = $this->namespacesCheckboxes();
$wgOut->addHTML( "<div id='preferences'>" );
# User data
- #
$wgOut->addHTML(
Xml::openElement( 'fieldset ' ) .
Xml::element( 'legend', null, wfMsg('prefs-personal') ) .
Xml::openElement( 'table' ) .
- Xml::tags( 'tr', null,
- Xml::tags( 'td', array( 'colspan' => '2' ),
- Xml::element( 'h1', null, wfMsg( 'prefs-personal' ) )
- )
- )
+ $this->tableRow( Xml::element( 'h2', null, wfMsg( 'prefs-personal' ) ) )
);
$userInformationHtml =
$this->tableRow( wfMsgHtml( 'username' ), htmlspecialchars( $wgUser->getName() ) ) .
- $this->tableRow( wfMsgHtml( 'uid' ), htmlspecialchars( $wgUser->getID() ) );
+ $this->tableRow( wfMsgHtml( 'uid' ), htmlspecialchars( $wgUser->getID() ) ) .
+ $this->tableRow(
+ wfMsgHtml( 'prefs-edits' ),
+ $wgLang->formatNum( User::edits( $wgUser->getId() ) )
+ );
if( wfRunHooks( 'PreferencesUserInformationPanel', array( $this, &$userInformationHtml ) ) ) {
$wgOut->addHtml( $userInformationHtml );
Xml::label( wfMsg('youremail'), 'wpUserEmail' ),
Xml::input( 'wpUserEmail', 25, $this->mUserEmail, array( 'id' => 'wpUserEmail' ) ),
Xml::tags('div', array( 'class' => 'prefsectiontip' ),
- wfMsgExt( 'prefs-help-email', 'parseinline' )
+ wfMsgExt( $wgEmailConfirmToEdit ? 'prefs-help-email-required' : 'prefs-help-email', 'parseinline' )
)
)
);
}
- global $wgParser;
- if( !empty( $this->mToggles['fancysig'] ) &&
+ global $wgParser, $wgMaxSigChars;
+ if( mb_strlen( $this->mNick ) > $wgMaxSigChars ) {
+ $invalidSig = $this->tableRow(
+ ' ',
+ Xml::element( 'span', array( 'class' => 'error' ),
+ wfMsg( 'badsiglength', $wgLang->formatNum( $wgMaxSigChars ) ) )
+ );
+ } elseif( !empty( $this->mToggles['fancysig'] ) &&
false === $wgParser->validateSig( $this->mNick ) ) {
$invalidSig = $this->tableRow(
' ',
$wgOut->addHTML(
$this->tableRow(
Xml::label( wfMsg( 'yournick' ), 'wpNick' ),
- Xml::input( 'wpNick', 25, $this->mNick, array( 'id' => 'wpNick' ) )
+ Xml::input( 'wpNick', 25, $this->mNick,
+ array(
+ 'id' => 'wpNick',
+ // Note: $wgMaxSigChars is enforced in Unicode characters,
+ // both on the backend and now in the browser.
+ // Badly-behaved requests may still try to submit
+ // an overlong string, however.
+ 'maxlength' => $wgMaxSigChars ) )
) .
$invalidSig .
- # FIXME: The <input> part should be where the is, getToggle() needs
- # to be changed to out return its output in two parts. -ævar
- $this->tableRow(
- ' ',
- $this->getToggle( 'fancysig' )
- )
+ $this->tableRow( ' ', $this->getToggle( 'fancysig' ) )
);
list( $lsLabel, $lsSelect) = Xml::languageSelector( $this->mUserLanguage );
# Password
if( $wgAuth->allowPasswordChange() ) {
$wgOut->addHTML(
- Xml::tags( 'tr', null,
- Xml::tags( 'td', array( 'colspan' => '2' ),
- Xml::element( 'h1', null, wfMsg( 'changepassword' ) )
- )
- ) .
+ $this->tableRow( Xml::element( 'h2', null, wfMsg( 'changepassword' ) ) ) .
$this->tableRow(
Xml::label( wfMsg( 'oldpassword' ), 'wpOldpass' ),
- Xml::input( 'wpOldpass', 25, $this->mOldpass, array( 'id' => 'wpOldpass' ) )
+ Xml::password( 'wpOldpass', 25, $this->mOldpass, array( 'id' => 'wpOldpass' ) )
) .
$this->tableRow(
Xml::label( wfMsg( 'newpassword' ), 'wpNewpass' ),
- Xml::input( 'wpNewpass', 25, $this->mNewpass, array( 'id' => 'wpNewpass' ) )
+ Xml::password( 'wpNewpass', 25, $this->mNewpass, array( 'id' => 'wpNewpass' ) )
) .
$this->tableRow(
Xml::label( wfMsg( 'retypenew' ), 'wpRetypePass' ),
- Xml::input( 'wpRetypePass', 25, $this->mRetypePass, array( 'id' => 'wpRetypePass' ) )
+ Xml::password( 'wpRetypePass', 25, $this->mRetypePass, array( 'id' => 'wpRetypePass' ) )
) .
Xml::tags( 'tr', null,
Xml::tags( 'td', array( 'colspan' => '2' ),
$wgOut->addHTML(
- Xml::tags( 'tr', null,
- Xml::tags( 'td', array( 'colspan' => '2' ),
- Xml::element( 'h1', null, wfMsg( 'email' ) )
- )
- ) .
- Xml::tags( 'tr', null,
- Xml::tags( 'td', array( 'colspan' => '2' ),
- $emailauthenticated.
- $enotifrevealaddr.
- $enotifwatchlistpages.
- $enotifusertalkpages.
- $enotifminoredits.
- $moreEmail.
- $this->getToggle( 'ccmeonemails' )
- )
+ $this->tableRow( Xml::element( 'h2', null, wfMsg( 'email' ) ) ) .
+ $this->tableRow(
+ $emailauthenticated.
+ $enotifrevealaddr.
+ $enotifwatchlistpages.
+ $enotifusertalkpages.
+ $enotifminoredits.
+ $moreEmail.
+ $this->getToggle( 'ccmeonemails' )
)
);
}
+ # </FIXME>
$wgOut->addHTML(
Xml::closeElement( 'table' ) .
Xml::closeElement( 'fieldset' )
);
- # </FIXME>
# Quickbar
#
# Misc
#
$wgOut->addHTML('<fieldset><legend>' . wfMsg('prefs-misc') . '</legend>');
- $wgOut->addHTML( wfInputLabel( wfMsg( 'stubthreshold' ),
- 'wpStubs', 'wpStubs', 6, $this->mStubs ) );
+ $wgOut->addHtml( '<label for="wpStubs">' . wfMsg( 'stub-threshold' ) . '</label> ' );
+ $wgOut->addHtml( Xml::input( 'wpStubs', 6, $this->mStubs, array( 'id' => 'wpStubs' ) ) );
$msgUnderline = htmlspecialchars( wfMsg ( 'tog-underline' ) );
$msgUnderlinenever = htmlspecialchars( wfMsg ( 'underline-never' ) );
$msgUnderlinealways = htmlspecialchars( wfMsg ( 'underline-always' ) );
}
$wgOut->addHTML( '</fieldset>' );
- $token = $wgUser->editToken();
+ wfRunHooks( "RenderPreferencesForm", array( $this, $wgOut ) );
+
+ $token = htmlspecialchars( $wgUser->editToken() );
$skin = $wgUser->getSkin();
$wgOut->addHTML( "
<div id='prefsubmit'>
</div>
- <input type='hidden' name='wpEditToken' value='{$token}' />
+ <input type='hidden' name='wpEditToken' value=\"{$token}\" />
</div></form>\n" );
$wgOut->addHtml( Xml::tags( 'div', array( 'class' => "prefcache" ),
}
}
-?>
+