*/ class EmailConfirmation extends UnlistedSpecialPage { public function __construct() { parent::__construct( 'Confirmemail', 'editmyprivateinfo' ); } /** * Main execution point * * @param null|string $code Confirmation code passed to the page * @throws PermissionsError * @throws ReadOnlyError * @throws UserNotLoggedIn */ function execute( $code ) { // Ignore things like master queries/connections on GET requests. // It's very convenient to just allow formless link usage. Profiler::instance()->getTransactionProfiler()->resetExpectations(); $this->setHeaders(); $this->checkReadOnly(); $this->checkPermissions(); $this->requireLogin( 'confirmemail_needlogin' ); // This could also let someone check the current email address, so // require both permissions. if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) { throw new PermissionsError( 'viewmyprivateinfo' ); } if ( $code === null || $code === '' ) { if ( Sanitizer::validateEmail( $this->getUser()->getEmail() ) ) { $this->showRequestForm(); } else { $this->getOutput()->addWikiMsg( 'confirmemail_noemail' ); } } else { $this->attemptConfirm( $code ); } } /** * Show a nice form for the user to request a confirmation mail */ function showRequestForm() { $user = $this->getUser(); $out = $this->getOutput(); if ( $this->getRequest()->wasPosted() && $user->matchEditToken( $this->getRequest()->getText( 'token' ) ) ) { $status = $user->sendConfirmationMail(); if ( $status->isGood() ) { $out->addWikiMsg( 'confirmemail_sent' ); } else { $out->addWikiText( $status->getWikiText( 'confirmemail_sendfailed' ) ); } } elseif ( $user->isEmailConfirmed() ) { // date and time are separate parameters to facilitate localisation. // $time is kept for backward compat reasons. // 'emailauthenticated' is also used in SpecialPreferences.php $lang = $this->getLanguage(); $emailAuthenticated = $user->getEmailAuthenticationTimestamp(); $time = $lang->userTimeAndDate( $emailAuthenticated, $user ); $d = $lang->userDate( $emailAuthenticated, $user ); $t = $lang->userTime( $emailAuthenticated, $user ); $out->addWikiMsg( 'emailauthenticated', $time, $d, $t ); } else { if ( $user->isEmailConfirmationPending() ) { $out->wrapWikiMsg( "
\n$1\n
", 'confirmemail_pending' ); } $out->addWikiMsg( 'confirmemail_text' ); $form = Html::openElement( 'form', array( 'method' => 'post', 'action' => $this->getPageTitle()->getLocalURL() ) ) . "\n"; $form .= Html::hidden( 'token', $user->getEditToken() ) . "\n"; $form .= Xml::submitButton( $this->msg( 'confirmemail_send' )->text() ) . "\n"; $form .= Html::closeElement( 'form' ) . "\n"; $out->addHTML( $form ); } } /** * Attempt to confirm the user's email address and show success or failure * as needed; if successful, take the user to log in * * @param string $code Confirmation code */ function attemptConfirm( $code ) { $user = User::newFromConfirmationCode( $code, User::READ_LATEST ); if ( !is_object( $user ) ) { $this->getOutput()->addWikiMsg( 'confirmemail_invalid' ); return; } $user->confirmEmail(); $user->saveSettings(); $message = $this->getUser()->isLoggedIn() ? 'confirmemail_loggedin' : 'confirmemail_success'; $this->getOutput()->addWikiMsg( $message ); if ( !$this->getUser()->isLoggedIn() ) { $title = SpecialPage::getTitleFor( 'Userlogin' ); $this->getOutput()->returnToMain( true, $title ); } } } /** * Special page allows users to cancel an email confirmation using the e-mail * confirmation code * * @ingroup SpecialPage */ class EmailInvalidation extends UnlistedSpecialPage { public function __construct() { parent::__construct( 'Invalidateemail', 'editmyprivateinfo' ); } function execute( $code ) { // Ignore things like master queries/connections on GET requests. // It's very convenient to just allow formless link usage. Profiler::instance()->getTransactionProfiler()->resetExpectations(); $this->setHeaders(); $this->checkReadOnly(); $this->checkPermissions(); $this->attemptInvalidate( $code ); } /** * Attempt to invalidate the user's email address and show success or failure * as needed; if successful, link to main page * * @param string $code Confirmation code */ function attemptInvalidate( $code ) { $user = User::newFromConfirmationCode( $code, User::READ_LATEST ); if ( !is_object( $user ) ) { $this->getOutput()->addWikiMsg( 'confirmemail_invalid' ); return; } $user->invalidateEmail(); $user->saveSettings(); $this->getOutput()->addWikiMsg( 'confirmemail_invalidated' ); if ( !$this->getUser()->isLoggedIn() ) { $this->getOutput()->returnToMain(); } } }