00001 <?php
00002
00003 require_once('UserMailer.php');
00004
00005 function
wfSpecialUserlogin()
00006 {
00007 global
$wgCommandLineMode;
00008 global
$wgRequest;
00009
if( !
$wgCommandLineMode && !isset( $_COOKIE[ini_get(
"session.name")] ) ) {
00010 User::SetupSession();
00011 }
00012
00013 $form =
new LoginForm( $wgRequest );
00014 $form->execute();
00015 }
00016
00017 class LoginForm {
00018 var
$mName,
$mPassword,
$mRetype,
$mReturnto,
$mCookieCheck,
$mPosted;
00019 var
$mAction,
$mCreateaccount,
$mCreateaccountMail,
$mMailmypassword;
00020 var
$mLoginattempt,
$mRemember,
$mEmail;
00021
00022 function
LoginForm( &$request ) {
00023 global
$wgLang,
$wgAllowRealName;
00024
00025 $this->mName = $request->getText( 'wpName' );
00026 $this->mPassword = $request->getText( 'wpPassword' );
00027 $this->mRetype = $request->getText( 'wpRetype' );
00028 $this->mReturnto = $request->getVal( 'returnto' );
00029 $this->mCookieCheck = $request->getVal(
"wpCookieCheck" );
00030 $this->mPosted = $request->wasPosted();
00031 $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' );
00032 $this->mCreateaccountMail = $request->getCheck( 'wpCreateaccountMail' );
00033 $this->mMailmypassword = $request->getCheck( 'wpMailmypassword' );
00034 $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
00035 $this->mAction = $request->getVal( 'action' );
00036 $this->mRemember = $request->getCheck( 'wpRemember' );
00037 $this->mEmail = $request->getText( 'wpEmail' );
00038
if (
$wgAllowRealName) {
00039 $this->mRealName = $request->getText( 'wpRealName' );
00040 }
else {
00041 $this->mRealName = '';
00042 }
00043
00044
# When switching accounts, it sucks to get automatically logged out
00045
if( $this->mReturnto ==
$wgLang->specialPage(
"Userlogout" ) ) {
00046 $this->mReturnto =
"";
00047 }
00048 }
00049
00050 function
execute() {
00051
if ( !is_null( $this->mCookieCheck ) ) {
00052 $this->
onCookieRedirectCheck( $this->mCookieCheck );
00053 }
else if( $this->mPosted ) {
00054
if( $this->mCreateaccount ) {
00055
return $this->
addNewAccount();
00056 }
else if ( $this->mCreateaccountMail ) {
00057
return $this->
addNewAccountMailPassword();
00058 }
else if ( $this->mMailmypassword ) {
00059
return $this->
mailPassword();
00060 }
else if ( (
"submit" == $this->mAction ) || $this->mLoginattempt ) {
00061
return $this->
processLogin();
00062 }
00063 }
00064 $this->
mainLoginForm(
"" );
00065 }
00066
00067 function
addNewAccountMailPassword()
00068 {
00069 global
$wgOut;
00070
00071
if (
"" == $this->mEmail) {
00072 $this->
mainLoginForm(
wfMsg(
"noemail", $this->mName ) );
00073
return;
00074 }
00075
00076 $u = $this->addNewaccountInternal();
00077
00078
if ($u == NULL) {
00079
return;
00080 }
00081
00082 $u->saveSettings();
00083 $error = $this->
mailPasswordInternal($u);
00084
00085
$wgOut->setPageTitle(
wfMsg(
"accmailtitle" ) );
00086
$wgOut->setRobotpolicy(
"noindex,nofollow" );
00087
$wgOut->setArticleRelated(
false );
00088
00089
if ( $error ===
"" ) {
00090
$wgOut->addWikiText(
wfMsg(
"accmailtext", $u->getName(), $u->getEmail() ) );
00091
$wgOut->returnToMain(
false );
00092 }
else {
00093 $this->
mainLoginForm(
wfMsg(
"mailerror", $error ) );
00094 }
00095
00096 $u = 0;
00097 }
00098
00099
00100 function
addNewAccount()
00101 {
00102 global
$wgUser,
$wgOut;
00103 global
$wgDeferredUpdateList;
00104
00105 $u = $this->
addNewAccountInternal();
00106
00107
if ($u == NULL) {
00108
return;
00109 }
00110
00111
$wgUser = $u;
00112
$wgUser->setCookies();
00113
00114 $up =
new UserUpdate();
00115 array_push( $wgDeferredUpdateList, $up );
00116
00117
if( $this->
hasSessionCookie() ) {
00118
return $this->
successfulLogin(
wfMsg(
"welcomecreation", $wgUser->getName() ) );
00119 }
else {
00120
return $this->
cookieRedirectCheck(
"new" );
00121 }
00122 }
00123
00124
00125 function
addNewAccountInternal()
00126 {
00127 global
$wgUser,
$wgOut;
00128 global
$wgMaxNameChars;
00129
00130
if (!
$wgUser->isAllowedToCreateAccount()) {
00131 $this->
userNotPrivilegedMessage();
00132
return;
00133 }
00134
00135
if ( 0 != strcmp( $this->mPassword, $this->mRetype ) ) {
00136 $this->
mainLoginForm(
wfMsg(
"badretype" ) );
00137
return;
00138 }
00139
00140 $name = trim( $this->mName );
00141
if ( (
"" == $name ) ||
00142 preg_match(
"/\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}/", $
name ) ||
00143 (strpos( $
name,
"/" ) !==
false) ||
00144 (strlen( $
name ) >
$wgMaxNameChars) )
00145 {
00146 $this->
mainLoginForm(
wfMsg(
"noname" ) );
00147
return;
00148 }
00149
if (
wfReadOnly() ) {
00150
$wgOut->readOnlyPage();
00151
return;
00152 }
00153 $u = User::newFromName( $
name );
00154
00155
if ( 0 != $u->idForName() ) {
00156 $this->
mainLoginForm(
wfMsg(
"userexists" ) );
00157
return;
00158 }
00159 $u->addToDatabase();
00160 $u->setPassword( $this->mPassword );
00161 $u->setEmail( $this->mEmail );
00162 $u->setRealName( $this->mRealName );
00163
00164
if ( $this->mRemember ) { $r = 1; }
00165
else { $r = 0; }
00166 $u->setOption(
"rememberpassword", $r );
00167
00168
return $u;
00169 }
00170
00171
00172
00173 function
processLogin()
00174 {
00175 global
$wgUser;
00176 global
$wgDeferredUpdateList;
00177
00178
if (
"" == $this->mName ) {
00179 $this->
mainLoginForm(
wfMsg(
"noname" ) );
00180
return;
00181 }
00182 $u = User::newFromName( $this->mName );
00183 $id = $u->idForName();
00184
if ( 0 == $id ) {
00185 $this->
mainLoginForm(
wfMsg(
"nosuchuser", $u->getName() ) );
00186
return;
00187 }
00188 $u->setId( $
id );
00189 $u->loadFromDatabase();
00190 $ep = $u->encryptPassword( $this->mPassword );
00191
if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
00192
if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
00193 $this->
mainLoginForm(
wfMsg(
"wrongpassword" ) );
00194
return;
00195 }
00196 }
00197
00198
# We've verified now, update the real record
00199
#
00200
if ( $this->mRemember ) {
00201 $r = 1;
00202 $u->setCookiePassword( $this->mPassword );
00203 }
else {
00204 $r = 0;
00205 }
00206 $u->setOption(
"rememberpassword", $r );
00207
00208
$wgUser = $u;
00209
$wgUser->setCookies();
00210
00211 $up =
new UserUpdate();
00212 array_push( $wgDeferredUpdateList, $up );
00213
00214
if( $this->
hasSessionCookie() ) {
00215
return $this->
successfulLogin(
wfMsg(
"loginsuccess", $wgUser->getName() ) );
00216 }
else {
00217
return $this->
cookieRedirectCheck(
"login" );
00218 }
00219 }
00220
00221 function
mailPassword()
00222 {
00223 global
$wgUser,
$wgDeferredUpdateList,
$wgOutputEncoding;
00224 global
$wgCookiePath,
$wgCookieDomain,
$wgDBname;
00225
00226
if (
"" == $this->mName ) {
00227 $this->
mainLoginForm(
wfMsg(
"noname" ) );
00228
return;
00229 }
00230 $u = User::newFromName( $this->mName );
00231 $id = $u->idForName();
00232
if ( 0 == $id ) {
00233 $this->
mainLoginForm(
wfMsg(
"nosuchuser", $u->getName() ) );
00234
return;
00235 }
00236 $u->setId( $
id );
00237 $u->loadFromDatabase();
00238
00239 $error = $this->
mailPasswordInternal( $u );
00240
if ($error ===
"") {
00241 $this->
mainLoginForm(
wfMsg(
"passwordsent", $u->getName() ) );
00242 }
else {
00243 $this->
mainLoginForm(
wfMsg(
"mailerror", $error ) );
00244 }
00245
00246 }
00247
00248
00249 function
mailPasswordInternal( $u )
00250 {
00251 global
$wgDeferredUpdateList,
$wgOutputEncoding;
00252 global
$wgPasswordSender,
$wgDBname,
$wgIP;
00253 global
$wgCookiePath,
$wgCookieDomain;
00254
00255
if (
"" == $u->getEmail() ) {
00256 $this->
mainLoginForm(
wfMsg(
"noemail", $u->getName() ) );
00257
return;
00258 }
00259 $np = User::randomPassword();
00260 $u->setNewpassword( $np );
00261
00262 setcookie(
"{$wgDBname}Password",
"", time() - 3600, $wgCookiePath, $wgCookieDomain );
00263 $u->saveSettings();
00264
00265 $ip =
$wgIP;
00266
if (
"" == $ip ) { $ip =
"(Unknown)"; }
00267
00268 $m =
wfMsg(
"passwordremindertext", $ip, $u->getName(), $np );
00269
00270 $error =
userMailer( $u->getEmail(),
$wgPasswordSender,
wfMsg(
"passwordremindertitle" ), $m );
00271
00272
return $error;
00273 }
00274
00275
00276
00277
00278
00279 function
successfulLogin( $msg )
00280 {
00281 global
$wgUser;
00282 global
$wgDeferredUpdateList;
00283 global
$wgOut;
00284
00285
$wgOut->setPageTitle(
wfMsg(
"loginsuccesstitle" ) );
00286
$wgOut->setRobotpolicy(
"noindex,nofollow" );
00287
$wgOut->setArticleRelated(
false );
00288
$wgOut->addHTML( $msg );
00289
$wgOut->returnToMain();
00290 }
00291
00292 function
userNotPrivilegedMessage()
00293 {
00294 global
$wgOut,
$wgUser,
$wgLang;
00295
00296
$wgOut->setPageTitle(
wfMsg(
"whitelistacctitle" ) );
00297
$wgOut->setRobotpolicy(
"noindex,nofollow" );
00298
$wgOut->setArticleRelated(
false );
00299
00300
$wgOut->addWikiText(
wfMsg(
"whitelistacctext" ) );
00301
00302
$wgOut->returnToMain(
false );
00303 }
00304
00305 function
mainLoginForm( $err )
00306 {
00307 global
$wgUser,
$wgOut,
$wgLang;
00308 global
$wgDBname,
$wgAllowRealName;
00309
00310 $le =
wfMsg(
"loginerror" );
00311 $yn =
wfMsg(
"yourname" );
00312 $yp =
wfMsg(
"yourpassword" );
00313 $ypa =
wfMsg(
"yourpasswordagain" );
00314 $rmp =
wfMsg(
"remembermypassword" );
00315 $nuo =
wfMsg(
"newusersonly" );
00316 $li =
wfMsg(
"login" );
00317 $ca =
wfMsg(
"createaccount" );
00318 $cam =
wfMsg(
"createaccountmail" );
00319 $ye =
wfMsg(
"youremail" );
00320
if (
$wgAllowRealName) {
00321 $yrn =
wfMsg(
"yourrealname" );
00322 }
else {
00323 $yrn = '';
00324 }
00325 $efl =
wfMsg(
"emailforlost" );
00326 $mmp =
wfMsg(
"mailmypassword" );
00327 $endText =
wfMsg(
"loginend" );
00328
00329
if ( $endText =
"<loginend>" ) {
00330 $endText =
"";
00331 }
00332
00333
if (
"" == $this->mName ) {
00334
if ( 0 !=
$wgUser->getID() ) {
00335 $this->mName =
$wgUser->getName();
00336 }
else {
00337 $this->mName = @$_COOKIE[
"{$wgDBname}UserName"];
00338 }
00339 }
00340
00341
$wgOut->setPageTitle(
wfMsg(
"userlogin" ) );
00342
$wgOut->setRobotpolicy(
"noindex,nofollow" );
00343
$wgOut->setArticleRelated(
false );
00344
00345
if (
"" == $err ) {
00346 $lp =
wfMsg(
"loginprompt" );
00347
$wgOut->addHTML(
"<h2>$li:</h2>\n<p>$lp</p>" );
00348 }
else {
00349
$wgOut->addHTML(
"<h2>$le:</h2>\n<font size='+1'
00350
color='red'>$err</font>\n" );
00351 }
00352
if ( 1 ==
$wgUser->getOption(
"rememberpassword" ) ) {
00353 $checked =
" checked";
00354 }
else {
00355 $checked =
"";
00356 }
00357
00358 $q =
"action=submit";
00359
if ( !empty( $this->mReturnto ) ) {
00360 $q .=
"&returnto=" .
wfUrlencode( $this->mReturnto );
00361 }
00362
00363 $titleObj = Title::makeTitle(
NS_SPECIAL,
"Userlogin" );
00364
$action = $titleObj->escapeLocalUrl( $q );
00365
00366 $encName =
wfEscapeHTML( $this->mName );
00367 $encPassword =
wfEscapeHTML( $this->mPassword );
00368 $encRetype =
wfEscapeHTML( $this->mRetype );
00369 $encEmail =
wfEscapeHTML( $this->mEmail );
00370 $encRealName =
wfEscapeHTML( $this->mRealName );
00371
00372
if (
$wgUser->getID() != 0) {
00373 $cambutton =
"<input tabindex='6' type='submit' name=\"wpCreateaccountMail\" value=\"{$cam}\" />";
00374 }
else {
00375 $cambutton =
"";
00376 }
00377
00378
$wgOut->addHTML(
"
00379
<form name=\"userlogin\" id=\"userlogin\" method=\"post\" action=\"{$action}\">
00380
<table border='0'><tr>
00381
<td align='right'>$yn:</td>
00382
<td align='left'>
00383
<input tabindex='1' type='text' name=\"wpName\" value=\"{$encName}\" size='20' />
00384
</td>
00385
<td align='left'>
00386
<input tabindex='3' type='submit' name=\"wpLoginattempt\" value=\"{$li}\" />
00387
</td>
00388
</tr>
00389
<tr>
00390
<td align='right'>$yp:</td>
00391
<td align='left'>
00392
<input tabindex='2' type='password' name=\"wpPassword\" value=\"{$encPassword}\" size='20' />
00393
</td>
00394
<td align='left'>
00395
<input tabindex='7' type='checkbox' name=\"wpRemember\" value=\"1\" id=\"wpRemember\"$checked /><label for=\"wpRemember\">$rmp</label>
00396
</td>
00397
</tr>");
00398
00399
if (
$wgUser->isAllowedToCreateAccount()) {
00400 $encRetype = htmlspecialchars( $this->mRetype );
00401 $encEmail = htmlspecialchars( $this->mEmail );
00402
$wgOut->addHTML(
"<tr><td colspan='3'> </td></tr><tr>
00403
<td align='right'>$ypa:</td>
00404
<td align='left'>
00405
<input tabindex='4' type='password' name=\"wpRetype\" value=\"{$encRetype}\"
00406
size='20' />
00407
</td><td>$nuo</td></tr>
00408
<tr>
00409
<td align='right'>$ye:</td>
00410
<td align='left'>
00411
<input tabindex='6' type='text' name=\"wpEmail\" value=\"{$encEmail}\" size='20' />
00412
</td>");
00413
00414
if (
$wgAllowRealName) {
00415
$wgOut->addHTML(
"<td> </td>
00416
</tr><tr>
00417
<td align='right'>$yrn:</td>
00418
<td align='left'>
00419
<input tabindex='6' type='text' name=\"wpRealName\" value=\"{$encRealName}\" size='20' />
00420
</td>");
00421 }
00422
00423
$wgOut->addHTML(
"<td align='left'>
00424
<input tabindex='7' type='submit' name=\"wpCreateaccount\" value=\"{$ca}\" />
00425
$cambutton
00426
</td></tr>");
00427 }
00428
00429
$wgOut->addHTML(
"
00430
<tr><td colspan='3'> </td></tr><tr>
00431
<td colspan='3' align='left'>
00432
<p>$efl<br />
00433
<input tabindex='8' type='submit' name=\"wpMailmypassword\" value=\"{$mmp}\" /></p>
00434
</td></tr></table>
00435
</form>\n" );
00436
$wgOut->addHTML( $endText );
00437 }
00438
00439 function
hasSessionCookie()
00440 {
00441 global
$wgDisableCookieCheck;
00442
return (
$wgDisableCookieCheck ) ?
true : (
"" != $_COOKIE[session_name()] );
00443 }
00444
00445 function
cookieRedirectCheck( $type )
00446 {
00447 global
$wgOut,
$wgLang;
00448
00449 $titleObj = Title::makeTitle(
NS_SPECIAL,
"Userlogin" );
00450 $check = $titleObj->getFullURL(
"wpCookieCheck=$type" );
00451
00452
return $wgOut->redirect( $
check );
00453 }
00454
00455 function
onCookieRedirectCheck( $type ) {
00456 global
$wgUser;
00457
00458
if ( !$this->
hasSessionCookie() ) {
00459
if (
$type ==
"new" ) {
00460
return $this->mainLoginForm(
wfMsg(
"nocookiesnew" ) );
00461 }
else if (
$type ==
"login" ) {
00462
return $this->mainLoginForm(
wfMsg(
"nocookieslogin" ) );
00463 }
else {
00464
# shouldn't happen
00465
return $this->mainLoginForm(
wfMsg(
"error" ) );
00466 }
00467 }
else {
00468
return $this->successfulLogin(
wfMsg(
"loginsuccess", $wgUser->getName() ) );
00469 }
00470 }
00471 }
00472 ?>
