diff --git a/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php b/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php deleted file mode 100644 index 20be5e0..0000000 --- a/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php +++ /dev/null @@ -1,411 +0,0 @@ -getUser(); - $request = $this->getRequest(); - - $block = ConfirmAccount::getAccountRequestBlock( $reqUser ); - if ( $block ) { - throw new UserBlockedError( $block ); - } elseif ( wfReadOnly() ) { - throw new ReadOnlyError(); - } - - - - $this->setHeaders(); - - //$this->mRealName = trim( $request->getText( 'wpRealName' ) ); - # We may only want real names being used - $this->mUsername = !$this->hasItem( 'UserName' ) - ? $this->mRealName - : $request->getText( 'wpUsername' ); - $this->mUsername = trim( $this->mUsername ); - # CV/resume attachment... - if ( $this->hasItem( 'CV' ) ) { - $this->initializeUpload( $request ); - $this->mPrevAttachment = $request->getText( 'attachment' ); - $this->mForgotAttachment = $request->getBool( 'forgotAttachment' ); - } - # Other identifying fields... - $this->mEmail = trim( $request->getText( 'wpEmail' ) ); - //$this->mBio = $this->hasItem( 'Biography' ) ? $request->getText( 'wpBio', '' ) : ''; - $this->mNotes = $this->hasItem( 'Notes' ) ? $request->getText( 'wpNotes', '' ) : ''; - //$this->mUrls = $this->hasItem( 'Links' ) ? $request->getText( 'wpUrls', '' ) : ''; - # Site terms of service... - $this->mToS = $this->hasItem( 'TermsOfService' ) ? $request->getBool( 'wpToS' ) : false; - # Which account request queue this belongs in... - $this->mType = $request->getInt( 'wpType' ); - $this->mType = isset( $wgAccountRequestTypes[$this->mType] ) ? $this->mType : 0; - # Load areas user plans to be active in... - $this->mAreas = array(); - if ( $this->hasItem( 'AreasOfInterest' ) ) { - foreach ( ConfirmAccount::getUserAreaConfig() as $name => $conf ) { - $formName = "wpArea-" . htmlspecialchars( str_replace( ' ', '_', $name ) ); - $this->mAreas[$name] = $request->getInt( $formName, -1 ); - } - } - # We may be confirming an email address here - $emailCode = $request->getText( 'wpEmailToken' ); - - $action = $request->getVal( 'action' ); - if ( $request->wasPosted() - && $reqUser->matchEditToken( $request->getVal( 'wpEditToken' ) ) ) - { - $this->mPrevAttachment = $this->mPrevAttachment - ? $this->mPrevAttachment - : $this->mSrcName; - $this->doSubmit(); - } elseif ( $action == 'confirmemail' ) { - $this->confirmEmailToken( $emailCode ); - } else { - $this->showForm(); - } - - $this->getOutput()->addModules( 'ext.confirmAccount' ); // CSS - } - - protected function showForm( $msg = '', $forgotFile = 0 ) { - global $wgAccountRequestTypes, $wgMakeUserPageFromBio; - - $reqUser = $this->getUser(); - - $this->mForgotAttachment = $forgotFile; - - $out = $this->getOutput(); - $out->setPagetitle( $this->msg( "requestaccount" )->escaped() ); - # Output failure message if any - if ( $msg ) { - $out->addHTML( '
' . $msg . '
' ); - } - # Give notice to users that are logged in - if ( $reqUser->getID() ) { - $out->addWikiMsg( 'requestaccount-dup' ); - } - - $out->addWikiMsg( 'requestaccount-text' ); - - $form = Xml::openElement( 'form', array( 'method' => 'post', 'name' => 'accountrequest', - 'action' => $this->getTitle()->getLocalUrl(), 'enctype' => 'multipart/form-data' ) ); - - $form .= '
' . $this->msg( 'requestaccount-leg-user' )->escaped() . ''; - $form .= $this->msg( 'requestaccount-acc-text' )->parseAsBlock() . "\n"; - $form .= ''; - if ( $this->hasItem( 'UserName' ) ) { - $form .= ""; - $form .= "\n"; - } else { - $form .= ""; - $form .= "\n"; - } - //$form .= ""; - //$form .= "\n"; - if ( count( $wgAccountRequestTypes ) > 1 ) { - $form .= "'; - } - $form .= '
" . Xml::label( $this->msg( 'username' )->text(), 'wpUsername' ) . "" . Xml::input( 'wpUsername', 30, $this->mUsername, array( 'id' => 'wpUsername' ) ) . "
" . $this->msg( 'username' )->escaped() . "" . $this->msg( 'requestaccount-same' )->escaped() . "
" . Xml::label( $this->msg( 'requestaccount-email' )->text(), 'wpEmail' ) . "" . Xml::input( 'wpEmail', 30, $this->mEmail, array( 'id' => 'wpEmail' ) ) . "
" . $this->msg( 'requestaccount-reqtype' )->escaped() . ""; - $options = array(); - foreach ( $wgAccountRequestTypes as $i => $params ) { - $options[] = Xml::option( $this->msg( "requestaccount-level-$i" )->text(), $i, ( $i == $this->mType ) ); - } - $form .= Xml::openElement( 'select', array( 'name' => "wpType" ) ); - $form .= implode( "\n", $options ); - $form .= Xml::closeElement( 'select' ) . "\n"; - $form .= '
'; - - $userAreas = ConfirmAccount::getUserAreaConfig(); - if ( $this->hasItem( 'AreasOfInterest' ) && count( $userAreas ) > 0 ) { - $form .= '
'; - $form .= '' . $this->msg( 'requestaccount-leg-areas' )->escaped() . ''; - $form .= $this->msg( 'requestaccount-areas-text' )->parseAsBlock() . "\n"; - - $form .= "
"; - $form .= ""; - $count = 0; - foreach ( $userAreas as $name => $conf ) { - $count++; - if ( $count > 5 ) { - $form .= ""; - $count = 1; - } - $formName = "wpArea-" . htmlspecialchars( str_replace( ' ', '_', $name ) ); - if ( $conf['project'] != '' ) { - $pg = Linker::link( Title::newFromText( $conf['project'] ), - $this->msg( 'requestaccount-info' )->escaped(), array(), array(), "known" ); - } else { - $pg = ''; - } - $form .= "\n"; - } - $form .= "
" . - Xml::checkLabel( $name, $formName, $formName, $this->mAreas[$name] > 0 ) . - " {$pg}
"; - $form .= '
'; - } - - /*if ( $this->hasItem( 'Biography' ) || $this->hasItem( 'RealName' ) ) { - $form .= '
'; - $form .= '' . $this->msg( 'requestaccount-leg-person' )->escaped() . ''; - if ( $this->hasItem( 'RealName' ) ) { - $form .= ''; - $form .= ""; - $form .= "\n"; - $form .= '
" . Xml::label( $this->msg( 'requestaccount-real' )->text(), 'wpRealName' ) . "" . Xml::input( 'wpRealName', 35, $this->mRealName, array( 'id' => 'wpRealName' ) ) . "
'; - } - if ( $this->hasItem( 'Biography' ) ) { - if ( $wgMakeUserPageFromBio ) { - $form .= $this->msg( 'requestaccount-bio-text-i' )->parseAsBlock() . "\n"; - } - $form .= $this->msg( 'requestaccount-bio-text' )->parseAsBlock() . "\n"; - $form .= "

" . $this->msg( 'requestaccount-bio' )->parse() . "\n"; - $form .= "

\n"; - } - $form .= '
'; - }*/ - - if ( $this->hasItem( 'CV' ) || $this->hasItem( 'Notes' ) || $this->hasItem( 'Links' ) ) { - $form .= '
'; - $form .= '' . $this->msg( 'requestaccount-leg-other' )->escaped() . ''; - $form .= $this->msg( 'requestaccount-ext-text' )->parseAsBlock() . "\n"; - if ( $this->hasItem( 'Notes' ) ) { - $form .= "

" . $this->msg( 'requestaccount-notes' )->escaped() . "\n"; - $form .= "

\n"; - } - $form .= '
'; - } - - if ( $this->hasItem( 'TermsOfService' ) ) { - $form .= '
'; - $form .= '' . $this->msg( 'requestaccount-leg-tos' )->escaped() . ''; - $form .= "

" . Xml::check( 'wpToS', $this->mToS, array( 'id' => 'wpToS' ) ) . - '

\n"; - $form .= '
'; - } - - //Scratch user verification - $form .= '
'; - $form .= 'User verification'; - $form .= '

Please go to the user verification project and comment the following code:
' . sha1($_SERVER['REMOTE_ADDR'] . date('m')) . '

' . "\n"; - $form .= '
'; - - //Set temporary password - $form .= '
'; - $form .= 'Set password'; - $form .= ' - - - - - - - - -
Password
Confirm password
' . "\n"; - $form .= '
'; - - # FIXME: do this better... - global $wgConfirmAccountCaptchas, $wgCaptchaClass, $wgCaptchaTriggers; - if ( $wgConfirmAccountCaptchas && isset( $wgCaptchaClass ) - && $wgCaptchaTriggers['createaccount'] && !$reqUser->isAllowed( 'skipcaptcha' ) ) - { - $captcha = new $wgCaptchaClass; - # Hook point to add captchas - $form .= '
'; - $form .= $this->msg( 'captcha-createaccount' )->parseAsBlock(); - $form .= $captcha->getForm(); - $form .= '
'; - } - $form .= Html::Hidden( 'title', $this->getTitle()->getPrefixedDBKey() ) . "\n"; - $form .= Html::Hidden( 'wpEditToken', $reqUser->getEditToken() ) . "\n"; - $form .= Html::Hidden( 'attachment', $this->mPrevAttachment ) . "\n"; - $form .= Html::Hidden( 'forgotAttachment', $this->mForgotAttachment ) . "\n"; - $form .= "

" . Xml::submitButton( $this->msg( 'requestaccount-submit' )->text() ) . "

"; - $form .= Xml::closeElement( 'form' ); - - $out->addHTML( $form ); - - $out->addWikiMsg( 'requestaccount-footer' ); - } - - protected function hasItem( $name ) { - global $wgConfirmAccountRequestFormItems; - - return $wgConfirmAccountRequestFormItems[$name]['enabled']; - } - - protected function doSubmit() { - # Now create a dummy user ($u) and check if it is valid - $name = trim( $this->mUsername ); - $u = User::newFromName( $name, 'creatable' ); - if ( !$u ) { - $this->showForm( $this->msg( 'noname' )->escaped() ); - return; - } - # Set some additional data so the AbortNewAccount hook can be - # used for more than just username validation - $u->setEmail( $this->mEmail ); - $u->setRealName( $this->mRealName ); - # FIXME: Hack! If we don't want captchas for requests, temporarily turn it off! - global $wgConfirmAccountCaptchas, $wgCaptchaTriggers; - if ( !$wgConfirmAccountCaptchas && isset( $wgCaptchaTriggers ) ) { - $old = $wgCaptchaTriggers['createaccount']; - $wgCaptchaTriggers['createaccount'] = false; - } - $abortError = ''; - if ( !wfRunHooks( 'AbortNewAccount', array( $u, &$abortError ) ) ) { - // Hook point to add extra creation throttles and blocks - wfDebug( "RequestAccount::doSubmit: a hook blocked creation\n" ); - $this->showForm( $abortError ); - return; - } - # Set it back! - if ( !$wgConfirmAccountCaptchas && isset( $wgCaptchaTriggers ) ) { - $wgCaptchaTriggers['createaccount'] = $old; - } - - # Build submission object... - $areaSet = array(); // make a simple list of interests - foreach ( $this->mAreas as $area => $val ) { - if ( $val > 0 ) { - $areaSet[] = $area; - } - } - - $submission = new AccountRequestSubmission( - $this->getUser(), - array( - 'userName' => $name, - 'realName' => $this->mRealName, - 'tosAccepted' => $this->mToS, - 'email' => $this->mEmail, - 'bio' => $this->mBio, - 'notes' => $this->mNotes, - 'urls' => $this->mUrls, - 'type' => $this->mType, - 'areas' => $areaSet, - 'registration' => wfTimestampNow(), - 'ip' => $this->getRequest()->getIP(), - 'xff' => $this->getRequest()->getHeader( 'X-Forwarded-For' ), - 'agent' => $this->getRequest()->getHeader( 'User-Agent' ), - 'attachmentPrevName' => $this->mPrevAttachment, - 'attachmentSrcName' => $this->mSrcName, - 'attachmentDidNotForget' => $this->mForgotAttachment, // confusing name :) - 'attachmentSize' => $this->mFileSize, - 'attachmentTempPath' => $this->mTempPath - ) - ); - - # Actually submit! - list( $status, $msg ) = $submission->submit( $this->getContext() ); - # Account for state changes - $this->mForgotAttachment = $submission->getAttachmentDidNotForget(); - $this->mPrevAttachment = $submission->getAttachtmentPrevName(); - # Check for error messages - if ( $status !== true ) { - $this->showForm( $msg ); - return; - } - - # Done! - $this->showSuccess(); - } - - protected function showSuccess() { - $out = $this->getOutput(); - $out->setPagetitle( $this->msg( "requestaccount" )->escaped() ); - $out->addWikiMsg( 'requestaccount-sent' ); - $out->returnToMain(); - } - - /** - * Initialize the uploaded file from PHP data - * @param $request WebRequest - */ - protected function initializeUpload( $request ) { - $file = new WebRequestUpload( $request, 'wpUploadFile' ); - $this->mTempPath = $file->getTempName(); - $this->mFileSize = $file->getSize(); - $this->mSrcName = $file->getName(); - } - - /** - * (a) Try to confirm an email address via a token - * (b) Notify $wgConfirmAccountContact on success - * @param $code string The token - * @return void - */ - protected function confirmEmailToken( $code ) { - global $wgConfirmAccountContact, $wgPasswordSender, $wgPasswordSenderName; - - $reqUser = $this->getUser(); - $out = $this->getOutput(); - # Confirm if this token is in the pending requests - $name = ConfirmAccount::requestNameFromEmailToken( $code ); - if ( $name !== false ) { - # Send confirmation email to prospective user - ConfirmAccount::confirmEmail( $name ); - # Send mail to admin after e-mail has been confirmed - if ( $wgConfirmAccountContact != '' ) { - $target = new MailAddress( $wgConfirmAccountContact ); - $source = new MailAddress( $wgPasswordSender, $wgPasswordSenderName ); - $title = SpecialPage::getTitleFor( 'ConfirmAccounts' ); - $subject = $this->msg( 'requestaccount-email-subj-admin' )->inContentLanguage()->escaped(); - $body = $this->msg( - 'requestaccount-email-body-admin', $name )->rawParams( $title->getFullUrl() )->inContentLanguage()->escaped(); - # Actually send the email... - $result = UserMailer::send( $target, $source, $subject, $body ); - if ( !$result->isOK() ) { - wfDebug( "Could not sent email to admin at $target\n" ); - } - } - $out->addWikiMsg( 'request-account-econf' ); - $out->returnToMain(); - } else { - # Maybe the user confirmed after account was created... - $user = User::newFromConfirmationCode( $code ); - if ( is_object( $user ) ) { - if ( $user->confirmEmail() ) { - $message = $reqUser->isLoggedIn() - ? 'confirmemail_loggedin' - : 'confirmemail_success'; - $out->addWikiMsg( $message ); - if ( !$reqUser->isLoggedIn() ) { - $title = SpecialPage::getTitleFor( 'Userlogin' ); - $out->returnToMain( true, $title->getPrefixedUrl() ); - } - } else { - $out->addWikiMsg( 'confirmemail_error' ); - } - } else { - $out->addWikiMsg( 'confirmemail_invalid' ); - } - } - } -}