diff options
Diffstat (limited to 'includes/specials/SpecialChangeEmail.php')
-rw-r--r-- | includes/specials/SpecialChangeEmail.php | 255 |
1 files changed, 90 insertions, 165 deletions
diff --git a/includes/specials/SpecialChangeEmail.php b/includes/specials/SpecialChangeEmail.php index aab839fd..e0be838b 100644 --- a/includes/specials/SpecialChangeEmail.php +++ b/includes/specials/SpecialChangeEmail.php @@ -26,26 +26,18 @@ * * @ingroup SpecialPage */ -class SpecialChangeEmail extends UnlistedSpecialPage { - - /** - * Users password - * @var string - */ - protected $mPassword; - +class SpecialChangeEmail extends FormSpecialPage { /** - * Users new email address - * @var string + * @var Status */ - protected $mNewEmail; + private $status; public function __construct() { parent::__construct( 'ChangeEmail', 'editmyprivateinfo' ); } /** - * @return Bool + * @return bool */ function isListed() { global $wgAuth; @@ -55,40 +47,24 @@ class SpecialChangeEmail extends UnlistedSpecialPage { /** * Main execution point + * @param string $par */ function execute( $par ) { - global $wgAuth; - - $this->setHeaders(); - $this->outputHeader(); - $out = $this->getOutput(); $out->disallowUserJs(); $out->addModules( 'mediawiki.special.changeemail' ); - if ( !$wgAuth->allowPropChange( 'emailaddress' ) ) { - $this->error( 'cannotchangeemail' ); - - return; - } - - $user = $this->getUser(); - $request = $this->getRequest(); - - if ( !$request->wasPosted() && !$user->isLoggedIn() ) { - $this->error( 'changeemail-no-info' ); - - return; - } + return parent::execute( $par ); + } - if ( $request->wasPosted() && $request->getBool( 'wpCancel' ) ) { - $this->doReturnTo(); + protected function checkExecutePermissions( User $user ) { + global $wgAuth; - return; + if ( !$wgAuth->allowPropChange( 'emailaddress' ) ) { + throw new ErrorPageError( 'changeemail', 'cannotchangeemail' ); } - $this->checkReadOnly(); - $this->checkPermissions(); + $this->requireLogin( 'changeemail-no-info' ); // This could also let someone check the current email address, so // require both permissions. @@ -96,156 +72,106 @@ class SpecialChangeEmail extends UnlistedSpecialPage { throw new PermissionsError( 'viewmyprivateinfo' ); } - $this->mPassword = $request->getVal( 'wpPassword' ); - $this->mNewEmail = $request->getVal( 'wpNewEmail' ); + parent::checkExecutePermissions( $user ); + } - if ( $request->wasPosted() - && $user->matchEditToken( $request->getVal( 'token' ) ) - ) { - $info = $this->attemptChange( $user, $this->mPassword, $this->mNewEmail ); - if ( $info === true ) { - $this->doReturnTo(); - } elseif ( $info === 'eauth' ) { - # Notify user that a confirmation email has been sent... - $out->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>", - 'eauthentsent', $user->getName() ); - $this->doReturnTo( 'soft' ); // just show the link to go back - return; // skip form - } - } + protected function getFormFields() { + $user = $this->getUser(); - $this->showForm(); - } + $fields = array( + 'Name' => array( + 'type' => 'info', + 'label-message' => 'username', + 'default' => $user->getName(), + ), + 'OldEmail' => array( + 'type' => 'info', + 'label-message' => 'changeemail-oldemail', + 'default' => $user->getEmail() ?: $this->msg( 'changeemail-none' )->text(), + ), + 'NewEmail' => array( + 'type' => 'email', + 'label-message' => 'changeemail-newemail', + ), + ); - /** - * @param $type string - */ - protected function doReturnTo( $type = 'hard' ) { - $titleObj = Title::newFromText( $this->getRequest()->getVal( 'returnto' ) ); - if ( !$titleObj instanceof Title ) { - $titleObj = Title::newMainPage(); + if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' ) ) { + $fields['Password'] = array( + 'type' => 'password', + 'label-message' => 'changeemail-password', + 'autofocus' => true, + ); } - if ( $type == 'hard' ) { - $this->getOutput()->redirect( $titleObj->getFullURL() ); - } else { - $this->getOutput()->addReturnTo( $titleObj ); - } - } - /** - * @param $msg string - */ - protected function error( $msg ) { - $this->getOutput()->wrapWikiMsg( "<p class='error'>\n$1\n</p>", $msg ); + return $fields; } - protected function showForm() { - global $wgRequirePasswordforEmailChange; - $user = $this->getUser(); + protected function alterForm( HTMLForm $form ) { + $form->setDisplayFormat( 'vform' ); + $form->setId( 'mw-changeemail-form' ); + $form->setTableId( 'mw-changeemail-table' ); + $form->setWrapperLegend( false ); + $form->setSubmitTextMsg( 'changeemail-submit' ); + $form->addHiddenField( 'returnto', $this->getRequest()->getVal( 'returnto' ) ); + } - $oldEmailText = $user->getEmail() - ? $user->getEmail() - : $this->msg( 'changeemail-none' )->text(); - - $this->getOutput()->addHTML( - Xml::fieldset( $this->msg( 'changeemail-header' )->text() ) . - Xml::openElement( 'form', - array( - 'method' => 'post', - 'action' => $this->getTitle()->getLocalURL(), - 'id' => 'mw-changeemail-form' ) ) . "\n" . - Html::hidden( 'token', $user->getEditToken() ) . "\n" . - Html::hidden( 'returnto', $this->getRequest()->getVal( 'returnto' ) ) . "\n" . - $this->msg( 'changeemail-text' )->parseAsBlock() . "\n" . - Xml::openElement( 'table', array( 'id' => 'mw-changeemail-table' ) ) . "\n" - ); - $items = array( - array( 'wpName', 'username', 'text', $user->getName() ), - array( 'wpOldEmail', 'changeemail-oldemail', 'text', $oldEmailText ), - array( 'wpNewEmail', 'changeemail-newemail', 'email', $this->mNewEmail ), - ); - if ( $wgRequirePasswordforEmailChange ) { - $items[] = array( 'wpPassword', 'changeemail-password', 'password', $this->mPassword ); + public function onSubmit( array $data ) { + if ( $this->getRequest()->getBool( 'wpCancel' ) ) { + $status = Status::newGood( true ); + } else { + $password = isset( $data['Password'] ) ? $data['Password'] : null; + $status = $this->attemptChange( $this->getUser(), $password, $data['NewEmail'] ); } - $this->getOutput()->addHTML( - $this->pretty( $items ) . - "\n" . - "<tr>\n" . - "<td></td>\n" . - '<td class="mw-input">' . - Xml::submitButton( $this->msg( 'changeemail-submit' )->text() ) . - Xml::submitButton( $this->msg( 'changeemail-cancel' )->text(), array( 'name' => 'wpCancel' ) ) . - "</td>\n" . - "</tr>\n" . - Xml::closeElement( 'table' ) . - Xml::closeElement( 'form' ) . - Xml::closeElement( 'fieldset' ) . "\n" - ); + $this->status = $status; + + return $status; } - /** - * @param $fields array - * @return string - */ - protected function pretty( $fields ) { - $out = ''; - foreach ( $fields as $list ) { - list( $name, $label, $type, $value ) = $list; - if ( $type == 'text' ) { - $field = htmlspecialchars( $value ); - } else { - $attribs = array( 'id' => $name ); - if ( $name == 'wpPassword' ) { - $attribs[] = 'autofocus'; - } - $field = Html::input( $name, $value, $type, $attribs ); - } - $out .= "<tr>\n"; - $out .= "\t<td class='mw-label'>"; - if ( $type != 'text' ) { - $out .= Xml::label( $this->msg( $label )->text(), $name ); - } else { - $out .= $this->msg( $label )->escaped(); - } - $out .= "</td>\n"; - $out .= "\t<td class='mw-input'>"; - $out .= $field; - $out .= "</td>\n"; - $out .= "</tr>"; + public function onSuccess() { + $titleObj = Title::newFromText( $this->getRequest()->getVal( 'returnto' ) ); + if ( !$titleObj instanceof Title ) { + $titleObj = Title::newMainPage(); } - return $out; + if ( $this->status->value === true ) { + $this->getOutput()->redirect( $titleObj->getFullURL() ); + } elseif ( $this->status->value === 'eauth' ) { + # Notify user that a confirmation email has been sent... + $this->getOutput()->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>", + 'eauthentsent', $this->getUser()->getName() ); + $this->getOutput()->addReturnTo( $titleObj ); // just show the link to go back + } } /** - * @param $user User - * @param $pass string - * @param $newaddr string - * @return bool|string true or string on success, false on failure + * @param User $user + * @param string $pass + * @param string $newaddr + * @return Status */ protected function attemptChange( User $user, $pass, $newaddr ) { - global $wgAuth, $wgPasswordAttemptThrottle; + global $wgAuth; if ( $newaddr != '' && !Sanitizer::validateEmail( $newaddr ) ) { - $this->error( 'invalidemailaddress' ); - - return false; + return Status::newFatal( 'invalidemailaddress' ); } $throttleCount = LoginForm::incLoginThrottle( $user->getName() ); if ( $throttleCount === true ) { $lang = $this->getLanguage(); - $this->error( array( 'login-throttled', $lang->formatDuration( $wgPasswordAttemptThrottle['seconds'] ) ) ); - - return false; + $throttleInfo = $this->getConfig()->get( 'PasswordAttemptThrottle' ); + return Status::newFatal( + 'changeemail-throttled', + $lang->formatDuration( $throttleInfo['seconds'] ) + ); } - global $wgRequirePasswordforEmailChange; - if ( $wgRequirePasswordforEmailChange && !$user->checkTemporaryPassword( $pass ) && !$user->checkPassword( $pass ) ) { - $this->error( 'wrongpassword' ); - - return false; + if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' ) + && !$user->checkTemporaryPassword( $pass ) + && !$user->checkPassword( $pass ) + ) { + return Status::newFatal( 'wrongpassword' ); } if ( $throttleCount ) { @@ -255,12 +181,7 @@ class SpecialChangeEmail extends UnlistedSpecialPage { $oldaddr = $user->getEmail(); $status = $user->setEmailWithConfirmation( $newaddr ); if ( !$status->isGood() ) { - $this->getOutput()->addHTML( - '<p class="error">' . - $this->getOutput()->parseInline( $status->getWikiText( 'mailerror' ) ) . - '</p>' ); - - return false; + return $status; } wfRunHooks( 'PrefsEmailAudit', array( $user, $oldaddr, $newaddr ) ); @@ -269,7 +190,11 @@ class SpecialChangeEmail extends UnlistedSpecialPage { $wgAuth->updateExternalDB( $user ); - return $status->value; + return $status; + } + + public function requiresUnblock() { + return false; } protected function getGroupName() { |