scratchfoundation/swiki-confirmaccount
1
0
Fork 0
mirror of https://github.com/scratchfoundation/swiki-confirmaccount.git synced 2024-12-04 12:51:01 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

resored requestaccount_body.php

Browse source
This commit is contained in:
Jacob G 2015-01-11 15:17:13 -05:00
parent e378cadb89
commit 80222d2957
1 changed files with 412 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

412
ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php Normal file
View file

@ -0,0 +1,412 @@
<?php
class RequestAccountPage extends SpecialPage {
protected $mUsername; // string
protected $mRealName; // string
protected $mEmail; // string
protected $mBio; // string
protected $mNotes; // string
protected $mUrls; // string
protected $mToS; // bool
protected $mType; // integer
/** @var Array */
protected $mAreas;
protected $mPrevAttachment; // string
protected $mForgotAttachment; // bool
protected $mSrcName; // string
protected $mFileSize; // integer
protected $mTempPath; // string
function __construct() {
parent::__construct( 'RequestAccount' );
}
function execute( $par ) {
global $wgAccountRequestTypes;
$reqUser = $this->getUser();
$request = $this->getRequest();
$block = ConfirmAccount::getAccountRequestBlock( $reqUser );
if ( $block ) {
throw new UserBlockedError( $block );
} elseif ( wfReadOnly() ) {
throw new ReadOnlyError();
}
$this->setHeaders();
//$this->mRealName = trim( $request->getText( 'wpRealName' ) );
# We may only want real names being used
$this->mUsername = !$this->hasItem( 'UserName' )
? $this->mRealName
: $request->getText( 'wpUsername' );
$this->mUsername = trim( $this->mUsername );
# CV/resume attachment...
if ( $this->hasItem( 'CV' ) ) {
$this->initializeUpload( $request );
$this->mPrevAttachment = $request->getText( 'attachment' );
$this->mForgotAttachment = $request->getBool( 'forgotAttachment' );
}
# Other identifying fields...
$this->mEmail = trim( $request->getText( 'wpEmail' ) );
//$this->mBio = $this->hasItem( 'Biography' ) ? $request->getText( 'wpBio', '' ) : '';
$this->mNotes = $this->hasItem( 'Notes' ) ? $request->getText( 'wpNotes', '' ) : '';
//$this->mUrls = $this->hasItem( 'Links' ) ? $request->getText( 'wpUrls', '' ) : '';
# Site terms of service...
$this->mToS = $this->hasItem( 'TermsOfService' ) ? $request->getBool( 'wpToS' ) : false;
# Which account request queue this belongs in...
$this->mType = $request->getInt( 'wpType' );
$this->mType = isset( $wgAccountRequestTypes[$this->mType] ) ? $this->mType : 0;
# Load areas user plans to be active in...
$this->mAreas = array();
if ( $this->hasItem( 'AreasOfInterest' ) ) {
foreach ( ConfirmAccount::getUserAreaConfig() as $name => $conf ) {
$formName = "wpArea-" . htmlspecialchars( str_replace( ' ', '_', $name ) );
$this->mAreas[$name] = $request->getInt( $formName, -1 );
}
}
# We may be confirming an email address here
$emailCode = $request->getText( 'wpEmailToken' );
$action = $request->getVal( 'action' );
if ( $request->wasPosted()
&& $reqUser->matchEditToken( $request->getVal( 'wpEditToken' ) ) )
{
$this->mPrevAttachment = $this->mPrevAttachment
? $this->mPrevAttachment
: $this->mSrcName;
$this->doSubmit();
} elseif ( $action == 'confirmemail' ) {
$this->confirmEmailToken( $emailCode );
} else {
$this->showForm();
}
$this->getOutput()->addModules( 'ext.confirmAccount' ); // CSS
}
protected function showForm( $msg = '', $forgotFile = 0 ) {
global $wgAccountRequestTypes, $wgMakeUserPageFromBio;
$reqUser = $this->getUser();
$this->mForgotAttachment = $forgotFile;
$out = $this->getOutput();
$out->setPagetitle( $this->msg( "requestaccount" )->escaped() );
# Output failure message if any
if ( $msg ) {
$out->addHTML( '<div class="errorbox">' . $msg . '</div><div class="visualClear"></div>' );
}
# Give notice to users that are logged in
if ( $reqUser->getID() ) {
$out->addWikiMsg( 'requestaccount-dup' );
}
$out->addWikiMsg( 'requestaccount-text' );
$form = Xml::openElement( 'form', array( 'method' => 'post', 'name' => 'accountrequest',
'action' => $this->getTitle()->getLocalUrl(), 'enctype' => 'multipart/form-data' ) );
$form .= '<fieldset><legend>' . $this->msg( 'requestaccount-leg-user' )->escaped() . '</legend>';
$form .= $this->msg( 'requestaccount-acc-text' )->parseAsBlock() . "\n";
$form .= '<table cellpadding=\'4\'>';
if ( $this->hasItem( 'UserName' ) ) {
$form .= "<tr><td>" . Xml::label( $this->msg( 'username' )->text(), 'wpUsername' ) . "</td>";
$form .= "<td>" . Xml::input( 'wpUsername', 30, $this->mUsername, array( 'id' => 'wpUsername' ) ) . "</td></tr>\n";
} else {
$form .= "<tr><td>" . $this->msg( 'username' )->escaped() . "</td>";
$form .= "<td>" . $this->msg( 'requestaccount-same' )->escaped() . "</td></tr>\n";
}
//$form .= "<tr><td>" . Xml::label( $this->msg( 'requestaccount-email' )->text(), 'wpEmail' ) . "</td>";
//$form .= "<td>" . Xml::input( 'wpEmail', 30, $this->mEmail, array( 'id' => 'wpEmail' ) ) . "</td></tr>\n";
if ( count( $wgAccountRequestTypes ) > 1 ) {
$form .= "<tr><td>" . $this->msg( 'requestaccount-reqtype' )->escaped() . "</td><td>";
$options = array();
foreach ( $wgAccountRequestTypes as $i => $params ) {
$options[] = Xml::option( $this->msg( "requestaccount-level-$i" )->text(), $i, ( $i == $this->mType ) );
}
$form .= Xml::openElement( 'select', array( 'name' => "wpType" ) );
$form .= implode( "\n", $options );
$form .= Xml::closeElement( 'select' ) . "\n";
$form .= '</td></tr>';
}
$form .= '</table></fieldset>';
$userAreas = ConfirmAccount::getUserAreaConfig();
if ( $this->hasItem( 'AreasOfInterest' ) && count( $userAreas ) > 0 ) {
$form .= '<fieldset>';
$form .= '<legend>' . $this->msg( 'requestaccount-leg-areas' )->escaped() . '</legend>';
$form .= $this->msg( 'requestaccount-areas-text' )->parseAsBlock() . "\n";
$form .= "<div style='height:150px; overflow:scroll; background-color:#f9f9f9;'>";
$form .= "<table cellspacing='5' cellpadding='0' style='background-color:#f9f9f9;'><tr valign='top'>";
$count = 0;
foreach ( $userAreas as $name => $conf ) {
$count++;
if ( $count > 5 ) {
$form .= "</tr><tr valign='top'>";
$count = 1;
}
$formName = "wpArea-" . htmlspecialchars( str_replace( ' ', '_', $name ) );
if ( $conf['project'] != '' ) {
$pg = Linker::link( Title::newFromText( $conf['project'] ),
$this->msg( 'requestaccount-info' )->escaped(), array(), array(), "known" );
} else {
$pg = '';
}
$form .= "<td>" .
Xml::checkLabel( $name, $formName, $formName, $this->mAreas[$name] > 0 ) .
" {$pg}</td>\n";
}
$form .= "</tr></table></div>";
$form .= '</fieldset>';
}
/*if ( $this->hasItem( 'Biography' ) || $this->hasItem( 'RealName' ) ) {
$form .= '<fieldset>';
$form .= '<legend>' . $this->msg( 'requestaccount-leg-person' )->escaped() . '</legend>';
if ( $this->hasItem( 'RealName' ) ) {
$form .= '<table cellpadding=\'4\'>';
$form .= "<tr><td>" . Xml::label( $this->msg( 'requestaccount-real' )->text(), 'wpRealName' ) . "</td>";
$form .= "<td>" . Xml::input( 'wpRealName', 35, $this->mRealName, array( 'id' => 'wpRealName' ) ) . "</td></tr>\n";
$form .= '</table>';
}
if ( $this->hasItem( 'Biography' ) ) {
if ( $wgMakeUserPageFromBio ) {
$form .= $this->msg( 'requestaccount-bio-text-i' )->parseAsBlock() . "\n";
}
$form .= $this->msg( 'requestaccount-bio-text' )->parseAsBlock() . "\n";
$form .= "<p>" . $this->msg( 'requestaccount-bio' )->parse() . "\n";
$form .= "<textarea tabindex='1' name='wpBio' id='wpBio' rows='12' cols='80' style='width:100%; background-color:#f9f9f9;'>" .
htmlspecialchars( $this->mBio ) . "</textarea></p>\n";
}
$form .= '</fieldset>';
}*/
if ( $this->hasItem( 'CV' ) || $this->hasItem( 'Notes' ) || $this->hasItem( 'Links' ) ) {
$form .= '<fieldset>';
$form .= '<legend>' . $this->msg( 'requestaccount-leg-other' )->escaped() . '</legend>';
$form .= $this->msg( 'requestaccount-ext-text' )->parseAsBlock() . "\n";
if ( $this->hasItem( 'Notes' ) ) {
$form .= "<p>" . $this->msg( 'requestaccount-notes' )->escaped() . "\n";
$form .= "<textarea tabindex='1' name='wpNotes' id='wpNotes' rows='3' cols='80' style='width:100%;background-color:#f9f9f9;'>" .
htmlspecialchars( $this->mNotes ) .
"</textarea></p>\n";
}
$form .= '</fieldset>';
}
if ( $this->hasItem( 'TermsOfService' ) ) {
$form .= '<fieldset>';
$form .= '<legend>' . $this->msg( 'requestaccount-leg-tos' )->escaped() . '</legend>';
$form .= "<p>" . Xml::check( 'wpToS', $this->mToS, array( 'id' => 'wpToS' ) ) .
' <label for="wpToS">' . $this->msg( 'requestaccount-tos' )->parse() . "</label></p>\n";
$form .= '</fieldset>';
}
//Scratch user verification
$form .= '<fieldset>';
$form .= '<legend>User verification</legend>';
$form .= '<p>Please go to the <a href="http://scratch.mit.edu/projects/10135908/">user verification project</a> and comment the following code:<br /><b>' . sha1($_SERVER['REMOTE_ADDR'] . date('m')) . '</b></p>
<p><b>Note:</b>If you are having problems with User verification not working, please see our <a href="http://wiki.scratch.mit.edu/wiki/Scratch_Wiki:Become_a_contributor/Verification_code_troubleshooting">Troubleshooting page</a></p>' . "\n";
$form .= '</fieldset>';
//Set temporary password
$form .= '<fieldset>';
$form .= '<legend>Set password</legend>';
$form .= '<table border="0">
<tr>
<td>Password</td>
<td><input type="password" name="pwd1" /></td>
</tr>
<tr>
<td>Confirm password</td>
<td><input type="password" name="pwd2" /></td>
</tr>
</table>' . "\n";
$form .= '</fieldset>';
# FIXME: do this better...
global $wgConfirmAccountCaptchas, $wgCaptchaClass, $wgCaptchaTriggers;
if ( $wgConfirmAccountCaptchas && isset( $wgCaptchaClass )
&& $wgCaptchaTriggers['createaccount'] && !$reqUser->isAllowed( 'skipcaptcha' ) )
{
$captcha = new $wgCaptchaClass;
# Hook point to add captchas
$form .= '<fieldset>';
$form .= $this->msg( 'captcha-createaccount' )->parseAsBlock();
$form .= $captcha->getForm();
$form .= '</fieldset>';
}
$form .= Html::Hidden( 'title', $this->getTitle()->getPrefixedDBKey() ) . "\n";
$form .= Html::Hidden( 'wpEditToken', $reqUser->getEditToken() ) . "\n";
$form .= Html::Hidden( 'attachment', $this->mPrevAttachment ) . "\n";
$form .= Html::Hidden( 'forgotAttachment', $this->mForgotAttachment ) . "\n";
$form .= "<p>" . Xml::submitButton( $this->msg( 'requestaccount-submit' )->text() ) . "</p>";
$form .= Xml::closeElement( 'form' );
$out->addHTML( $form );
$out->addWikiMsg( 'requestaccount-footer' );
}
protected function hasItem( $name ) {
global $wgConfirmAccountRequestFormItems;
return $wgConfirmAccountRequestFormItems[$name]['enabled'];
}
protected function doSubmit() {
# Now create a dummy user ($u) and check if it is valid
$name = trim( $this->mUsername );
$u = User::newFromName( $name, 'creatable' );
if ( !$u ) {
$this->showForm( $this->msg( 'noname' )->escaped() );
return;
}
# Set some additional data so the AbortNewAccount hook can be
# used for more than just username validation
$u->setEmail( $this->mEmail );
$u->setRealName( $this->mRealName );
# FIXME: Hack! If we don't want captchas for requests, temporarily turn it off!
global $wgConfirmAccountCaptchas, $wgCaptchaTriggers;
if ( !$wgConfirmAccountCaptchas && isset( $wgCaptchaTriggers ) ) {
$old = $wgCaptchaTriggers['createaccount'];
$wgCaptchaTriggers['createaccount'] = false;
}
$abortError = '';
if ( !wfRunHooks( 'AbortNewAccount', array( $u, &$abortError ) ) ) {
// Hook point to add extra creation throttles and blocks
wfDebug( "RequestAccount::doSubmit: a hook blocked creation\n" );
$this->showForm( $abortError );
return;
}
# Set it back!
if ( !$wgConfirmAccountCaptchas && isset( $wgCaptchaTriggers ) ) {
$wgCaptchaTriggers['createaccount'] = $old;
}
# Build submission object...
$areaSet = array(); // make a simple list of interests
foreach ( $this->mAreas as $area => $val ) {
if ( $val > 0 ) {
$areaSet[] = $area;
}
}
$submission = new AccountRequestSubmission(
$this->getUser(),
array(
'userName' => $name,
'realName' => $this->mRealName,
'tosAccepted' => $this->mToS,
'email' => $this->mEmail,
'bio' => $this->mBio,
'notes' => $this->mNotes,
'urls' => $this->mUrls,
'type' => $this->mType,
'areas' => $areaSet,
'registration' => wfTimestampNow(),
'ip' => $this->getRequest()->getIP(),
'xff' => $this->getRequest()->getHeader( 'X-Forwarded-For' ),
'agent' => $this->getRequest()->getHeader( 'User-Agent' ),
'attachmentPrevName' => $this->mPrevAttachment,
'attachmentSrcName' => $this->mSrcName,
'attachmentDidNotForget' => $this->mForgotAttachment, // confusing name :)
'attachmentSize' => $this->mFileSize,
'attachmentTempPath' => $this->mTempPath
)
);
# Actually submit!
list( $status, $msg ) = $submission->submit( $this->getContext() );
# Account for state changes
$this->mForgotAttachment = $submission->getAttachmentDidNotForget();
$this->mPrevAttachment = $submission->getAttachtmentPrevName();
# Check for error messages
if ( $status !== true ) {
$this->showForm( $msg );
return;
}
# Done!
$this->showSuccess();
}
protected function showSuccess() {
$out = $this->getOutput();
$out->setPagetitle( $this->msg( "requestaccount" )->escaped() );
$out->addWikiMsg( 'requestaccount-sent' );
$out->returnToMain();
}
/**
* Initialize the uploaded file from PHP data
* @param $request WebRequest
*/
protected function initializeUpload( $request ) {
$file = new WebRequestUpload( $request, 'wpUploadFile' );
$this->mTempPath = $file->getTempName();
$this->mFileSize = $file->getSize();
$this->mSrcName = $file->getName();
}
/**
* (a) Try to confirm an email address via a token
* (b) Notify $wgConfirmAccountContact on success
* @param $code string The token
* @return void
*/
protected function confirmEmailToken( $code ) {
global $wgConfirmAccountContact, $wgPasswordSender, $wgPasswordSenderName;
$reqUser = $this->getUser();
$out = $this->getOutput();
# Confirm if this token is in the pending requests
$name = ConfirmAccount::requestNameFromEmailToken( $code );
if ( $name !== false ) {
# Send confirmation email to prospective user
ConfirmAccount::confirmEmail( $name );
# Send mail to admin after e-mail has been confirmed
if ( $wgConfirmAccountContact != '' ) {
$target = new MailAddress( $wgConfirmAccountContact );
$source = new MailAddress( $wgPasswordSender, $wgPasswordSenderName );
$title = SpecialPage::getTitleFor( 'ConfirmAccounts' );
$subject = $this->msg( 'requestaccount-email-subj-admin' )->inContentLanguage()->escaped();
$body = $this->msg(
'requestaccount-email-body-admin', $name )->rawParams( $title->getFullUrl() )->inContentLanguage()->escaped();
# Actually send the email...
$result = UserMailer::send( $target, $source, $subject, $body );
if ( !$result->isOK() ) {
wfDebug( "Could not sent email to admin at $target\n" );
}
}
$out->addWikiMsg( 'request-account-econf' );
$out->returnToMain();
} else {
# Maybe the user confirmed after account was created...
$user = User::newFromConfirmationCode( $code );
if ( is_object( $user ) ) {
if ( $user->confirmEmail() ) {
$message = $reqUser->isLoggedIn()
? 'confirmemail_loggedin'
: 'confirmemail_success';
$out->addWikiMsg( $message );
if ( !$reqUser->isLoggedIn() ) {
$title = SpecialPage::getTitleFor( 'Userlogin' );
$out->returnToMain( true, $title->getPrefixedUrl() );
}
} else {
$out->addWikiMsg( 'confirmemail_error' );
}
} else {
$out->addWikiMsg( 'confirmemail_invalid' );
}
}
}
}