const EMPTY_PASS = 6;
const RESET_PASS = 7;
const ABORTED = 8;
+ const CREATE_BLOCKED = 9;
var $mName, $mPassword, $mRetype, $mReturnTo, $mCookieCheck, $mPosted;
var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
if( WikiError::isError( $result ) ) {
$this->mainLoginForm( wfMsg( 'mailerror', $result->getMessage() ) );
} else {
- $wgOut->addWikiText( wfMsg( 'accmailtext', $u->getName(), $u->getEmail() ) );
+ $wgOut->addWikiMsg( 'accmailtext', $u->getName(), $u->getEmail() );
$wgOut->returnToMain( false );
}
$u = 0;
if( $wgLoginLanguageSelector && $this->mLanguage )
$u->setOption( 'language', $this->mLanguage );
- # Save user settings and send out an email authentication message if needed
- $u->saveSettings();
+ # Send out an email authentication message if needed
if( $wgEmailAuthentication && User::isValidEmailAddr( $u->getEmail() ) ) {
global $wgOut;
$error = $u->sendConfirmationMail();
if( WikiError::isError( $error ) ) {
- $wgOut->addWikiText( wfMsg( 'confirmemail_sendfailed', $error->getMessage() ) );
+ $wgOut->addWikiMsg( 'confirmemail_sendfailed', $error->getMessage() );
} else {
- $wgOut->addWikiText( wfMsg( 'confirmemail_oncreate' ) );
+ $wgOut->addWikiMsg( 'confirmemail_oncreate' );
}
}
+ # Save settings (including confirmation token)
+ $u->saveSettings();
+
# If not logged in, assume the new account as the current one and set session cookies
# then show a "welcome" message or a "need cookies" message as needed
if( $wgUser->isAnon() ) {
return false;
} else {
# do not force a password for account creation by email
- # set pseudo password, it will be replaced later by a random generated password
- $this->mPassword = '-';
+ # set invalid password, it will be replaced later by a random generated password
+ $this->mPassword = null;
}
}
if ( '' == $this->mName ) {
return self::NO_NAME;
}
+
+ // Load $wgUser now, and check to see if we're logging in as the same name.
+ // This is necessary because loading $wgUser (say by calling getName()) calls
+ // the UserLoadFromSession hook, which potentially creates the user in the
+ // database. Until we load $wgUser, checking for user existence using
+ // User::newFromName($name)->getId() below will effectively be using stale data.
+ if ( $wgUser->getName() === $this->mName ) {
+ wfDebug( __METHOD__.": already logged in as {$this->mName}\n" );
+ return self::SUCCESS;
+ }
$u = User::newFromName( $this->mName );
if( is_null( $u ) || !User::isUsableName( $u->getName() ) ) {
return self::ILLEGAL;
}
+
+ $isAutoCreated = false;
if ( 0 == $u->getID() ) {
- global $wgAuth;
- /**
- * If the external authentication plugin allows it,
- * automatically create a new account for users that
- * are externally defined but have not yet logged in.
- */
- if ( $wgAuth->autoCreate() && $wgAuth->userExists( $u->getName() ) ) {
- if ( $wgAuth->authenticate( $u->getName(), $this->mPassword ) ) {
- $u = $this->initUser( $u, true );
- } else {
- return self::WRONG_PLUGIN_PASS;
- }
+ $status = $this->attemptAutoCreate( $u );
+ if ( $status !== self::SUCCESS ) {
+ return $status;
} else {
- return self::NOT_EXISTS;
+ $isAutoCreated = true;
}
} else {
$u->load();
if( !wfRunHooks( 'AbortLogin', array( $u, $this->mPassword, &$abort ) ) ) {
return $abort;
}
-
+
if (!$u->checkPassword( $this->mPassword )) {
if( $u->checkTemporaryPassword( $this->mPassword ) ) {
// The e-mailed temporary password should not be used
//
if( !$u->isEmailConfirmed() ) {
$u->confirmEmail();
+ $u->saveSettings();
}
// At this point we just return an appropriate code
$wgAuth->updateUser( $u );
$wgUser = $u;
+ if ( $isAutoCreated ) {
+ // Must be run after $wgUser is set, for correct new user log
+ wfRunHooks( 'AuthPluginAutoCreate', array( $wgUser ) );
+ }
+
$retval = self::SUCCESS;
}
wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, $retval ) );
return $retval;
}
+ /**
+ * Attempt to automatically create a user on login.
+ * Only succeeds if there is an external authentication method which allows it.
+ * @return integer Status code
+ */
+ function attemptAutoCreate( $user ) {
+ global $wgAuth, $wgUser;
+ /**
+ * If the external authentication plugin allows it,
+ * automatically create a new account for users that
+ * are externally defined but have not yet logged in.
+ */
+ if ( !$wgAuth->autoCreate() ) {
+ return self::NOT_EXISTS;
+ }
+ if ( !$wgAuth->userExists( $user->getName() ) ) {
+ wfDebug( __METHOD__.": user does not exist\n" );
+ return self::NOT_EXISTS;
+ }
+ if ( !$wgAuth->authenticate( $user->getName(), $this->mPassword ) ) {
+ wfDebug( __METHOD__.": \$wgAuth->authenticate() returned false, aborting\n" );
+ return self::WRONG_PLUGIN_PASS;
+ }
+ if ( $wgUser->isBlockedFromCreateAccount() ) {
+ wfDebug( __METHOD__.": user is blocked from account creation\n" );
+ return self::CREATE_BLOCKED;
+ }
+
+ wfDebug( __METHOD__.": creating account\n" );
+ $user = $this->initUser( $user, true );
+ return self::SUCCESS;
+ }
+
function processLogin() {
global $wgUser, $wgAuth;
$wgUser->setCookies();
if( $this->hasSessionCookie() ) {
+ /* Replace the language object to provide user interface in correct
+ * language immediately on this first page load.
+ */
+ global $wgLang, $wgRequest;
+ $code = $wgRequest->getVal( 'uselang', $wgUser->getOption( 'language' ) );
+ $wgLang = Language::factory( $code );
return $this->successfulLogin( wfMsg( 'loginsuccess', $wgUser->getName() ) );
} else {
return $this->cookieRedirectCheck( 'login' );
case self::RESET_PASS:
$this->resetLoginForm( wfMsg( 'resetpass_announce' ) );
break;
+ case self::CREATE_BLOCKED:
+ $this->userBlockedMessage();
+ break;
default:
- wfDebugDieBacktrace( "Unhandled case value" );
+ throw new MWException( "Unhandled case value" );
}
}
$np = $u->randomPassword();
$u->setNewpassword( $np, $throttle );
-
- setcookie( "{$wgCookiePrefix}Token", '', time() - 3600, $wgCookiePath, $wgCookieDomain, $wgCookieSecure );
-
$u->saveSettings();
$ip = wfGetIP();
# Run any hooks; ignore results
- wfRunHooks('UserLoginComplete', array(&$wgUser));
+ $injected_html = '';
+ wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html));
$wgOut->setPageTitle( wfMsg( 'loginsuccesstitle' ) );
$wgOut->setRobotpolicy( 'noindex,nofollow' );
$wgOut->setArticleRelated( false );
$wgOut->addWikiText( $msg );
+ $wgOut->addHtml( $injected_html );
if ( !empty( $this->mReturnTo ) ) {
$wgOut->returnToMain( $auto, $this->mReturnTo );
} else {
$wgOut->setRobotpolicy( 'noindex,nofollow' );
$wgOut->setArticleRelated( false );
- $wgOut->addWikiText( wfMsg( 'whitelistacctext' ) );
+ $wgOut->addWikiMsg( 'whitelistacctext' );
$wgOut->returnToMain( false );
}
global $wgOut, $wgUser;
# Let's be nice about this, it's likely that this feature will be used
- # for blocking large numbers of innocent people, e.g. range blocks on
- # schools. Don't blame it on the user. There's a small chance that it
- # really is the user's fault, i.e. the username is blocked and they
- # haven't bothered to log out before trying to create an account to
+ # for blocking large numbers of innocent people, e.g. range blocks on
+ # schools. Don't blame it on the user. There's a small chance that it
+ # really is the user's fault, i.e. the username is blocked and they
+ # haven't bothered to log out before trying to create an account to
# evade it, but we'll leave that to their guilty conscience to figure
# out.
$blocker = User::whoIs( $wgUser->mBlock->mBy );
$block_reason = $wgUser->mBlock->mReason;
- $wgOut->addWikiText( wfMsg( 'cantcreateaccount-text', $ip, $block_reason, $blocker ) );
+ if ( strval( $block_reason ) === '' ) {
+ $block_reason = wfMsg( 'blockednoreason' );
+ }
+ $wgOut->addWikiMsg( 'cantcreateaccount-text', $ip, $block_reason, $blocker );
$wgOut->returnToMain( false );
}
function throttleHit( $limit ) {
global $wgOut;
- $wgOut->addWikiText( wfMsg( 'acct_creation_throttle_hit', $limit ) );
+ $wgOut->addWikiMsg( 'acct_creation_throttle_hit', $limit );
}
/**
return $skin->makeKnownLinkObj( $self, htmlspecialchars( $text ), implode( '&', $attr ) );
}
}
-
-