3 * Implements Special:CreateAccount
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
21 * @ingroup SpecialPage
24 use MediaWiki\Auth\AuthManager
;
25 use MediaWiki\Logger\LoggerFactory
;
26 use MediaWiki\MediaWikiServices
;
29 * Implements Special:CreateAccount
31 * @ingroup SpecialPage
33 class SpecialCreateAccount
extends LoginSignupSpecialPage
{
34 protected static $allowedActions = [
35 AuthManager
::ACTION_CREATE
,
36 AuthManager
::ACTION_CREATE_CONTINUE
39 protected static $messages = [
40 'authform-newtoken' => 'nocookiesfornew',
41 'authform-notoken' => 'sessionfailure',
42 'authform-wrongtoken' => 'sessionfailure',
45 public function __construct() {
46 parent
::__construct( 'CreateAccount' );
49 public function doesWrites() {
53 public function isRestricted() {
54 return !User
::groupHasPermission( '*', 'createaccount' );
57 public function userCanExecute( User
$user ) {
58 return $user->isAllowed( 'createaccount' );
61 public function checkPermissions() {
62 parent
::checkPermissions();
64 $user = $this->getUser();
65 $status = AuthManager
::singleton()->checkAccountCreatePermissions( $user );
66 if ( !$status->isGood() ) {
67 // track block with a cookie if it doesn't exists already
68 if ( $user->isBlockedFromCreateAccount() ) {
69 MediaWikiServices
::getInstance()->getBlockManager()->trackBlockWithCookie( $user );
71 throw new ErrorPageError( 'createacct-error', $status->getMessage() );
75 protected function getLoginSecurityLevel() {
79 protected function getDefaultAction( $subPage ) {
80 return AuthManager
::ACTION_CREATE
;
83 public function getDescription() {
84 return $this->msg( 'createaccount' )->text();
87 protected function isSignup() {
92 * Run any hooks registered for logins, then display a message welcoming
94 * @param bool $direct True if the action was successful just now; false if that happened
95 * pre-redirection (so this handler was called already)
96 * @param StatusValue|null $extraMessages
98 protected function successfulAction( $direct = false, $extraMessages = null ) {
99 $session = $this->getRequest()->getSession();
100 $user = $this->targetUser ?
: $this->getUser();
103 # Only save preferences if the user is not creating an account for someone else.
104 if ( !$this->proxyAccountCreation
) {
105 Hooks
::run( 'AddNewAccount', [ $user, false ] );
107 // If the user does not have a session cookie at this point, they probably need to
108 // do something to their browser.
109 if ( !$this->hasSessionCookie() ) {
110 $this->mainLoginForm( [ /*?*/ ], $session->getProvider()->whyNoSession() );
111 // TODO something more specific? This used to use nocookiesnew
112 // FIXME should redirect to login page instead?
116 $byEmail = false; // FIXME no way to set this
118 Hooks
::run( 'AddNewAccount', [ $user, $byEmail ] );
120 $out = $this->getOutput();
121 $out->setPageTitle( $this->msg( $byEmail ?
'accmailtitle' : 'accountcreated' ) );
123 $out->addWikiMsg( 'accmailtext', $user->getName(), $user->getEmail() );
125 $out->addWikiMsg( 'accountcreatedtext', $user->getName() );
128 $rt = Title
::newFromText( $this->mReturnTo
);
130 ( $rt && !$rt->isExternal() ) ?
$rt : $this->getPageTitle(),
131 wfCgiToArray( $this->mReturnToQuery
)
139 # Run any hooks; display injected HTML
141 $welcome_creation_msg = 'welcomecreation-msg';
142 Hooks
::run( 'UserLoginComplete', [ &$user, &$injected_html, $direct ] );
145 * Let any extensions change what message is shown.
146 * @see https://www.mediawiki.org/wiki/Manual:Hooks/BeforeWelcomeCreation
149 Hooks
::run( 'BeforeWelcomeCreation', [ &$welcome_creation_msg, &$injected_html ] );
151 $this->showSuccessPage( 'signup', $this->msg( 'welcomeuser', $this->getUser()->getName() ),
152 $welcome_creation_msg, $injected_html, $extraMessages );
155 protected function getToken() {
156 return $this->getRequest()->getSession()->getToken( '', 'createaccount' );
159 protected function clearToken() {
160 return $this->getRequest()->getSession()->resetToken( 'createaccount' );
163 protected function getTokenName() {
164 return 'wpCreateaccountToken';
167 protected function getGroupName() {
171 protected function logAuthResult( $success, $status = null ) {
172 LoggerFactory
::getInstance( 'authevents' )->info( 'Account creation attempt', [
173 'event' => 'accountcreation',
174 'successful' => $success,