diff options
Diffstat (limited to 'includes/specials/SpecialUserlogin.php')
-rw-r--r-- | includes/specials/SpecialUserlogin.php | 158 |
1 files changed, 99 insertions, 59 deletions
diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index 4c5a2376..58da77da 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -74,7 +74,7 @@ class LoginForm extends SpecialPage { * Loader */ function load() { - global $wgAuth, $wgHiddenPrefs, $wgEnableEmail, $wgRedirectOnLogin; + global $wgAuth, $wgHiddenPrefs, $wgEnableEmail; if ( $this->mLoaded ) { return; @@ -93,8 +93,6 @@ class LoginForm extends SpecialPage { $this->mRetype = $request->getText( 'wpRetype' ); $this->mDomain = $request->getText( 'wpDomain' ); $this->mReason = $request->getText( 'wpReason' ); - $this->mReturnTo = $request->getVal( 'returnto' ); - $this->mReturnToQuery = $request->getVal( 'returntoquery' ); $this->mCookieCheck = $request->getVal( 'wpCookieCheck' ); $this->mPosted = $request->wasPosted(); $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' ); @@ -107,11 +105,8 @@ class LoginForm extends SpecialPage { $this->mLanguage = $request->getText( 'uselang' ); $this->mSkipCookieCheck = $request->getCheck( 'wpSkipCookieCheck' ); $this->mToken = ( $this->mType == 'signup' ) ? $request->getVal( 'wpCreateaccountToken' ) : $request->getVal( 'wpLoginToken' ); - - if ( $wgRedirectOnLogin ) { - $this->mReturnTo = $wgRedirectOnLogin; - $this->mReturnToQuery = ''; - } + $this->mReturnTo = $request->getVal( 'returnto', '' ); + $this->mReturnToQuery = $request->getVal( 'returntoquery', '' ); if( $wgEnableEmail ) { $this->mEmail = $request->getText( 'wpEmail' ); @@ -125,17 +120,17 @@ class LoginForm extends SpecialPage { } if( !$wgAuth->validDomain( $this->mDomain ) ) { - if ( isset( $_SESSION['wsDomain'] ) ) { - $this->mDomain = $_SESSION['wsDomain']; - } else { - $this->mDomain = 'invaliddomain'; - } + $this->mDomain = $wgAuth->getDomain(); } $wgAuth->setDomain( $this->mDomain ); - # When switching accounts, it sucks to get automatically logged out + # 1. When switching accounts, it sucks to get automatically logged out + # 2. Do not return to PasswordReset after a successful password change + # but goto Wiki start page (Main_Page) instead ( bug 33997 ) $returnToTitle = Title::newFromText( $this->mReturnTo ); - if( is_object( $returnToTitle ) && $returnToTitle->isSpecial( 'Userlogout' ) ) { + if( is_object( $returnToTitle ) && ( + $returnToTitle->isSpecial( 'Userlogout' ) + || $returnToTitle->isSpecial( 'PasswordReset' ) ) ) { $this->mReturnTo = ''; $this->mReturnToQuery = ''; } @@ -163,11 +158,14 @@ class LoginForm extends SpecialPage { return; } elseif( $this->mPosted ) { if( $this->mCreateaccount ) { - return $this->addNewAccount(); + $this->addNewAccount(); + return; } elseif ( $this->mCreateaccountMail ) { - return $this->addNewAccountMailPassword(); + $this->addNewAccountMailPassword(); + return; } elseif ( ( 'submitlogin' == $this->mAction ) || $this->mLoginattempt ) { - return $this->processLogin(); + $this->processLogin(); + return; } } $this->mainLoginForm( '' ); @@ -203,12 +201,13 @@ class LoginForm extends SpecialPage { $this->mainLoginForm( $this->msg( 'mailerror', $result->getWikiText() )->text() ); } else { $out->addWikiMsg( 'accmailtext', $u->getName(), $u->getEmail() ); - $out->returnToMain( false ); + $this->executeReturnTo( 'success' ); } } /** * @private + * @return bool */ function addNewAccount() { global $wgUser, $wgEmailAuthentication, $wgLoginLanguageSelector; @@ -216,7 +215,7 @@ class LoginForm extends SpecialPage { # Create the account and abort if there's a problem doing so $u = $this->addNewAccountInternal(); if( $u == null ) { - return; + return false; } # If we showed up language selection links, and one was in use, be @@ -253,23 +252,24 @@ class LoginForm extends SpecialPage { wfRunHooks( 'AddNewAccount', array( $u, false ) ); $u->addNewUserLogEntry(); if( $this->hasSessionCookie() ) { - return $this->successfulCreation(); + $this->successfulCreation(); } else { - return $this->cookieRedirectCheck( 'new' ); + $this->cookieRedirectCheck( 'new' ); } } else { # Confirm that the account was created $out->setPageTitle( $this->msg( 'accountcreated' ) ); $out->addWikiMsg( 'accountcreatedtext', $u->getName() ); - $out->returnToMain( false, $this->getTitle() ); + $out->addReturnTo( $this->getTitle() ); wfRunHooks( 'AddNewAccount', array( $u, false ) ); $u->addNewUserLogEntry( false, $this->mReason ); - return true; } + return true; } /** * @private + * @return bool|User */ function addNewAccountInternal() { global $wgAuth, $wgMemc, $wgAccountCreationThrottle, @@ -334,7 +334,7 @@ class LoginForm extends SpecialPage { $ip = $this->getRequest()->getIP(); if ( $currentUser->isDnsBlacklisted( $ip, true /* check $wgProxyWhitelist */ ) ) { - $this->mainLoginForm( $this->msg( 'sorbs_create_account_reason' )->text() . ' (' . htmlspecialchars( $ip ) . ')' ); + $this->mainLoginForm( $this->msg( 'sorbs_create_account_reason' )->text() . ' ' . $this->msg( 'parentheses', $ip )->escaped() ); return false; } @@ -476,6 +476,7 @@ class LoginForm extends SpecialPage { * This may create a local account as a side effect if the * authentication plugin allows transparent local account * creation. + * @return int */ public function authenticateUserData() { global $wgUser, $wgAuth; @@ -747,9 +748,9 @@ class LoginForm extends SpecialPage { $this->getContext()->setLanguage( $userLang ); // Reset SessionID on Successful login (bug 40995) $this->renewSessionId(); - return $this->successfulLogin(); + $this->successfulLogin(); } else { - return $this->cookieRedirectCheck( 'login' ); + $this->cookieRedirectCheck( 'login' ); } break; @@ -769,7 +770,7 @@ class LoginForm extends SpecialPage { case self::NOT_EXISTS: if( $this->getUser()->isAllowed( 'createaccount' ) ) { $this->mainLoginForm( $this->msg( 'nosuchuser', - wfEscapeWikiText( $this->mUsername ) )->parse() ); + wfEscapeWikiText( $this->mUsername ) )->parse() ); } else { $this->mainLoginForm( $this->msg( 'nosuchusershort', wfEscapeWikiText( $this->mUsername ) )->text() ); @@ -861,16 +862,7 @@ class LoginForm extends SpecialPage { if( $injected_html !== '' ) { $this->displaySuccessfulLogin( 'loginsuccess', $injected_html ); } else { - $titleObj = Title::newFromText( $this->mReturnTo ); - if ( !$titleObj instanceof Title ) { - $titleObj = Title::newMainPage(); - } - $redirectUrl = $titleObj->getFullURL( $this->mReturnToQuery ); - global $wgSecureLogin; - if( $wgSecureLogin && !$this->mStickHTTPS ) { - $redirectUrl = preg_replace( '/^https:/', 'http:', $redirectUrl ); - } - $this->getOutput()->redirect( $redirectUrl ); + $this->executeReturnTo( 'successredirect' ); } } @@ -900,6 +892,8 @@ class LoginForm extends SpecialPage { /** * Display a "login successful" page. + * @param $msgname string + * @param $injected_html string */ private function displaySuccessfulLogin( $msgname, $injected_html ) { $out = $this->getOutput(); @@ -910,11 +904,7 @@ class LoginForm extends SpecialPage { $out->addHTML( $injected_html ); - if ( !empty( $this->mReturnTo ) ) { - $out->returnToMain( null, $this->mReturnTo, $this->mReturnToQuery ); - } else { - $out->returnToMain( null ); - } + $this->executeReturnTo( 'success' ); } /** @@ -948,7 +938,42 @@ class LoginForm extends SpecialPage { $block->getByName() ); - $out->returnToMain( false ); + $this->executeReturnTo( 'error' ); + } + + /** + * Add a "return to" link or redirect to it. + * + * @param $type string, one of the following: + * - error: display a return to link ignoring $wgRedirectOnLogin + * - success: display a return to link using $wgRedirectOnLogin if needed + * - successredirect: send an HTTP redirect using $wgRedirectOnLogin if needed + */ + private function executeReturnTo( $type ) { + global $wgRedirectOnLogin, $wgSecureLogin; + + if ( $type != 'error' && $wgRedirectOnLogin !== null ) { + $returnTo = $wgRedirectOnLogin; + $returnToQuery = array(); + } else { + $returnTo = $this->mReturnTo; + $returnToQuery = wfCgiToArray( $this->mReturnToQuery ); + } + + $returnToTitle = Title::newFromText( $returnTo ); + if ( !$returnToTitle ) { + $returnToTitle = Title::newMainPage(); + } + + if ( $type == 'successredirect' ) { + $redirectUrl = $returnToTitle->getFullURL( $returnToQuery ); + if( $wgSecureLogin && !$this->mStickHTTPS ) { + $redirectUrl = preg_replace( '/^https:/', 'http:', $redirectUrl ); + } + $this->getOutput()->redirect( $redirectUrl ); + } else { + $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery ); + } } /** @@ -998,9 +1023,9 @@ class LoginForm extends SpecialPage { $linkmsg = 'nologin'; } - if ( !empty( $this->mReturnTo ) ) { + if ( $this->mReturnTo !== '' ) { $returnto = '&returnto=' . wfUrlencode( $this->mReturnTo ); - if ( !empty( $this->mReturnToQuery ) ) { + if ( $this->mReturnToQuery !== '' ) { $returnto .= '&returntoquery=' . wfUrlencode( $this->mReturnToQuery ); } @@ -1125,6 +1150,7 @@ class LoginForm extends SpecialPage { * previous pass through the system. * * @private + * @return bool */ function hasSessionCookie() { global $wgDisableCookieCheck; @@ -1133,6 +1159,7 @@ class LoginForm extends SpecialPage { /** * Get the login token from the current session + * @return Mixed */ public static function getLoginToken() { global $wgRequest; @@ -1159,6 +1186,7 @@ class LoginForm extends SpecialPage { /** * Get the createaccount token from the current session + * @return Mixed */ public static function getCreateaccountToken() { global $wgRequest; @@ -1181,7 +1209,7 @@ class LoginForm extends SpecialPage { $wgRequest->setSessionData( 'wsCreateaccountToken', null ); } - /** + /** * Renew the user's session id, using strong entropy */ private function renewSessionId() { @@ -1204,12 +1232,13 @@ class LoginForm extends SpecialPage { function cookieRedirectCheck( $type ) { $titleObj = SpecialPage::getTitleFor( 'Userlogin' ); $query = array( 'wpCookieCheck' => $type ); - if ( $this->mReturnTo ) { + if ( $this->mReturnTo !== '' ) { $query['returnto'] = $this->mReturnTo; + $query['returntoquery'] = $this->mReturnToQuery; } $check = $titleObj->getFullURL( $query ); - return $this->getOutput()->redirect( $check ); + $this->getOutput()->redirect( $check ); } /** @@ -1218,15 +1247,15 @@ class LoginForm extends SpecialPage { function onCookieRedirectCheck( $type ) { if ( !$this->hasSessionCookie() ) { if ( $type == 'new' ) { - return $this->mainLoginForm( $this->msg( 'nocookiesnew' )->parse() ); + $this->mainLoginForm( $this->msg( 'nocookiesnew' )->parse() ); } elseif ( $type == 'login' ) { - return $this->mainLoginForm( $this->msg( 'nocookieslogin' )->parse() ); + $this->mainLoginForm( $this->msg( 'nocookieslogin' )->parse() ); } else { # shouldn't happen - return $this->mainLoginForm( $this->msg( 'error' )->text() ); + $this->mainLoginForm( $this->msg( 'error' )->text() ); } } else { - return $this->successfulLogin(); + $this->successfulLogin(); } } @@ -1268,20 +1297,31 @@ class LoginForm extends SpecialPage { * * @param $text Link text * @param $lang Language code + * @return string */ function makeLanguageSelectorLink( $text, $lang ) { - $attr = array( 'uselang' => $lang ); + if( $this->getLanguage()->getCode() == $lang ) { + // no link for currently used language + return htmlspecialchars( $text ); + } + $query = array( 'uselang' => $lang ); if( $this->mType == 'signup' ) { - $attr['type'] = 'signup'; + $query['type'] = 'signup'; } - if( $this->mReturnTo ) { - $attr['returnto'] = $this->mReturnTo; + if( $this->mReturnTo !== '' ) { + $query['returnto'] = $this->mReturnTo; + $query['returntoquery'] = $this->mReturnToQuery; } + + $attr = array(); + $targetLanguage = Language::factory( $lang ); + $attr['lang'] = $attr['hreflang'] = $targetLanguage->getHtmlCode(); + return Linker::linkKnown( $this->getTitle(), htmlspecialchars( $text ), - array(), - $attr + $attr, + $query ); } } |