MediaWiki  1.30.0
SpecialUserLogin Class Reference

Implements Special:UserLogin. More...

Inheritance diagram for SpecialUserLogin:
Collaboration diagram for SpecialUserLogin:

Public Member Functions

 __construct ()
 
 doesWrites ()
 Indicates whether this special page may perform database writes. More...
 
 getDescription ()
 Returns the name that goes in the \<h1\> in the special page itself, and also the name that will be listed in Special:Specialpages. More...
 
 setHeaders ()
 Sets headers - this should be called from the execute() method of all derived classes! More...
 
- Public Member Functions inherited from LoginSignupSpecialPage
 __construct ( $name)
 
 execute ( $subPage)
 
 onAuthChangeFormFields (array $requests, array $fieldInfo, array &$formDescriptor, $action)
 Change the form descriptor that determines how a field will look in the authentication form. More...
 
 showReturnToPage ( $type, $returnTo='', $returnToQuery='', $stickHTTPS=false)
 Add a "return to" link or redirect to it. More...
 
- Public Member Functions inherited from AuthManagerSpecialPage
 getRequest ()
 Get the WebRequest being used for this instance. More...
 
 handleFormSubmit ( $data)
 Submit handler callback for HTMLForm. More...
 
- Public Member Functions inherited from SpecialPage
 __construct ( $name='', $restriction='', $listed=true, $function=false, $file='', $includable=false)
 Default constructor for special pages Derivative classes should call this from their constructor Note that if the user does not have the required level, an error message will be displayed by the default execute() method, without the global function ever being called. More...
 
 addHelpLink ( $to, $overrideBaseUrl=false)
 Adds help link with an icon via page indicators. More...
 
 checkPermissions ()
 Checks if userCanExecute, and if not throws a PermissionsError. More...
 
 checkReadOnly ()
 If the wiki is currently in readonly mode, throws a ReadOnlyError. More...
 
 displayRestrictionError ()
 Output an error message telling the user what access level they have to have. More...
 
 getConfig ()
 Shortcut to get main config object. More...
 
 getContext ()
 Gets the context this SpecialPage is executed in. More...
 
 getFinalGroupName ()
 Get the group that the special page belongs in on Special:SpecialPage Use this method, instead of getGroupName to allow customization of the group name from the wiki side. More...
 
 getFullTitle ()
 Return the full title, including $par. More...
 
 getLanguage ()
 Shortcut to get user's language. More...
 
 getLinkRenderer ()
 
 getLocalName ()
 Get the localised name of the special page. More...
 
 getName ()
 Get the name of this Special Page. More...
 
 getOutput ()
 Get the OutputPage being used for this instance. More...
 
 getPageTitle ( $subpage=false)
 Get a self-referential title object. More...
 
 getRestriction ()
 Get the permission that a user must have to execute this page. More...
 
 getSkin ()
 Shortcut to get the skin being used for this instance. More...
 
 getTitle ( $subpage=false)
 Get a self-referential title object. More...
 
 getUser ()
 Shortcut to get the User executing this instance. More...
 
 including ( $x=null)
 Whether the special page is being evaluated via transclusion. More...
 
 isCached ()
 Is this page cached? Expensive pages are cached or disabled in miser mode. More...
 
 isExpensive ()
 Is this page expensive (for some definition of expensive)? Expensive pages are disabled or cached in miser mode. More...
 
 isIncludable ()
 Whether it's allowed to transclude the special page via {{Special:Foo/params}}. More...
 
 isListed ()
 Whether this special page is listed in Special:SpecialPages. More...
 
 isRestricted ()
 Can be overridden by subclasses with more complicated permissions schemes. More...
 
 listed ( $x=null)
 Get or set whether this special page is listed in Special:SpecialPages. More...
 
 maxIncludeCacheTime ()
 How long to cache page when it is being included. More...
 
 msg ( $key)
 Wrapper around wfMessage that sets the current context. More...
 
 outputHeader ( $summaryMessageKey='')
 Outputs a summary message on top of special pages Per default the message key is the canonical name of the special page May be overridden, i.e. More...
 
 prefixSearchSubpages ( $search, $limit, $offset)
 Return an array of subpages beginning with $search that this special page will accept. More...
 
 requireLogin ( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin')
 If the user is not logged in, throws UserNotLoggedIn error. More...
 
 run ( $subPage)
 Entry point. More...
 
 setContext ( $context)
 Sets the context this SpecialPage is executed in. More...
 
 setLinkRenderer (LinkRenderer $linkRenderer)
 
 setListed ( $listed)
 Set whether this page is listed in Special:Specialpages, at run-time. More...
 
 userCanExecute (User $user)
 Checks if the given user (identified by an object) can execute this special page (as defined by $mRestriction). More...
 

Protected Member Functions

 beforeExecute ( $subPage)
 Gets called before. More...
 
 clearToken ()
 
 getDefaultAction ( $subPage)
 Get the default action for this special page, if none is given via URL/POST data. More...
 
 getGroupName ()
 Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-group-*' for valid names This method defaults to group 'other'. More...
 
 getLoginSecurityLevel ()
 Tells if the special page does something security-sensitive and needs extra defense against a stolen account (e.g. More...
 
 getToken ()
 Returns the CSRF token. More...
 
 getTokenName ()
 Returns the name of the CSRF token (under which it should be found in the POST or GET data). More...
 
 isSignup ()
 
 logAuthResult ( $success, $status=null)
 Logs to the authmanager-stats channel. More...
 
 successfulAction ( $direct=false, $extraMessages=null)
 Run any hooks registered for logins, then HTTP redirect to $this->mReturnTo (or Main Page if that's undefined). More...
 
- Protected Member Functions inherited from LoginSignupSpecialPage
 getAuthForm (array $requests, $action, $msg='', $msgType='error')
 Generates a form from the given request. More...
 
 getBCFieldDefinitions ( $fieldDefinitions, $template)
 Adds fields provided via the deprecated UserLoginForm / UserCreateForm hooks. More...
 
 getFakeTemplate ( $msg, $msgType)
 Temporary B/C method to handle extensions using the UserLoginForm/UserCreateForm hooks. More...
 
 getFieldDefinitions ( $template)
 Create a HTMLForm descriptor for the core login fields. More...
 
 getPageHtml ( $formHtml)
 Add page elements which are outside the form. More...
 
 getPreservedParams ( $withToken=false)
 Returns URL query parameters which can be used to reload the page (or leave and return) while preserving all information that is necessary for authentication to continue. More...
 
 getReturnToQueryStringFragment ()
 Returns a string that can be appended to the URL (without encoding) to preserve the return target. More...
 
 hasSessionCookie ()
 Check if a session cookie is present. More...
 
 load ( $subPage)
 Load data from request. More...
 
 mainLoginForm (array $requests, $msg='', $msgtype='error')
 
 makeLanguageSelector ()
 Produce a bar of links which allow the user to select another language during login/registration but retain "returnto". More...
 
 makeLanguageSelectorLink ( $text, $lang)
 Create a language selector link for a particular language Links back to this page preserving type and returnto. More...
 
 postProcessFormDescriptor (&$formDescriptor, $requests)
 
 setRequest (array $data, $wasPosted=null)
 Override the POST data, GET data from the real request is preserved. More...
 
 setSessionUserForCurrentRequest ()
 Replace some globals to make sure the fact that the user has just been logged in is reflected in the current request. More...
 
 showExtraInformation ()
 Show extra information such as password recovery information, link from login to signup, CTA etc? Such information should only be shown on the "landing page", ie. More...
 
 showSuccessPage ( $type, $title, $msgname, $injected_html, $extraMessages)
 Show the success page. More...
 
- Protected Member Functions inherited from AuthManagerSpecialPage
 addTabIndex (&$formDescriptor)
 Adds a sequential tabindex starting from 1 to all form elements. More...
 
 displayForm ( $status)
 Display the form. More...
 
 fieldInfoToFormDescriptor (array $requests, array $fieldInfo, $action)
 Turns a field info array into a form descriptor. More...
 
 getAuthForm (array $requests, $action)
 
 getAuthFormDescriptor ( $requests, $action)
 Generates a HTMLForm descriptor array from a set of authentication requests. More...
 
 getContinueAction ( $action)
 Gets the _CONTINUE version of an action. More...
 
 getRequestBlacklist ()
 Allows blacklisting certain request types. More...
 
 handleReauthBeforeExecute ( $subPage)
 Handle redirection when the user needs to (re)authenticate. More...
 
 handleReturnBeforeExecute ( $subPage)
 Handle redirection from the /return subpage. More...
 
 hasOwnSubmitButton (AuthenticationRequest $req)
 Checks whether the given AuthenticationRequest has its own submit button. More...
 
 isActionAllowed ( $action)
 Checks whether AuthManager is ready to perform the action. More...
 
 isContinued ()
 Returns true if this is not the first step of the authentication. More...
 
 loadAuth ( $subPage, $authAction=null, $reset=false)
 Load or initialize $authAction, $authRequests and $subPage. More...
 
 messageKey ( $defaultKey)
 Return custom message key. More...
 
 needsSubmitButton (array $requests)
 Returns true if the form built from the given AuthenticationRequests needs a submit button. More...
 
 performAuthenticationStep ( $action, array $requests)
 
 trySubmit ()
 Attempts to do an authentication step with the submitted data. More...
 
- Protected Member Functions inherited from SpecialPage
 addFeedLinks ( $params)
 Adds RSS/atom links. More...
 
 afterExecute ( $subPage)
 Gets called after. More...
 
 checkLoginSecurityLevel ( $level=null)
 Verifies that the user meets the security level, possibly reauthenticating them in the process. More...
 
 getCacheTTL ()
 
 getRobotPolicy ()
 Return the robot policy. More...
 
 getSubpagesForPrefixSearch ()
 Return an array of subpages that this special page will accept for prefix searches. More...
 
 prefixSearchString ( $search, $limit, $offset)
 Perform a regular substring search for prefixSearchSubpages. More...
 
 useTransactionalTimeLimit ()
 Call wfTransactionalTimeLimit() if this request was POSTed. More...
 

Static Protected Attributes

static $allowedActions
 
static $messages
 
- Static Protected Attributes inherited from AuthManagerSpecialPage
static string[] $allowedActions
 The list of actions this special page deals with. More...
 
static array $messages = []
 Customized messages. More...
 

Additional Inherited Members

- Static Public Member Functions inherited from SpecialPage
static getSafeTitleFor ( $name, $subpage=false)
 Get a localised Title object for a page name with a possibly unvalidated subpage. More...
 
static getTitleFor ( $name, $subpage=false, $fragment='')
 Get a localised Title object for a specified special page name If you don't need a full Title object, consider using TitleValue through getTitleValueFor() below. More...
 
static getTitleValueFor ( $name, $subpage=false, $fragment='')
 Get a localised TitleValue object for a specified special page name. More...
 
- Static Protected Member Functions inherited from AuthManagerSpecialPage
static getField (array $array, $fieldName, $default=null)
 Get an array value, or a default if it does not exist. More...
 
static mapFieldInfoTypeToFormDescriptorType ( $type)
 Maps AuthenticationRequest::getFieldInfo() types to HTMLForm types. More...
 
static mapSingleFieldInfo ( $singleFieldInfo, $fieldName)
 Maps an authentication field configuration for a single field (as returned by AuthenticationRequest::getFieldInfo()) to a HTMLForm field descriptor. More...
 
static sortFormDescriptorFields (array &$formDescriptor)
 Sort the fields of a form descriptor by their 'weight' property. More...
 
- Static Protected Member Functions inherited from SpecialPage
static prefixSearchArray ( $search, $limit, array $subpages, $offset)
 Helper function for implementations of prefixSearchSubpages() that filter the values in memory (as opposed to making a query). More...
 
- Protected Attributes inherited from LoginSignupSpecialPage
HTMLForm $authForm
 
FakeAuthTemplate $fakeTemplate
 
 $mAction
 
 $mEntryError = ''
 
 $mEntryErrorType = 'error'
 
 $mFromHTTP
 
 $mLanguage
 
 $mLoaded = false
 
 $mLoadedRequest = false
 
 $mPosted
 
 $mReturnTo
 
 $mReturnToQuery
 
 $mSecureLoginUrl
 
 $mStickHTTPS
 
 $mToken
 
bool $proxyAccountCreation
 True if the user if creating an account for someone else. More...
 
string $securityLevel
 
User $targetUser
 FIXME another flag for passing data. More...
 
- Protected Attributes inherited from AuthManagerSpecialPage
string $authAction
 one of the AuthManager::ACTION_* constants. More...
 
AuthenticationRequest[] $authRequests
 
bool $isReturn
 True if the current request is a result of returning from a redirect flow. More...
 
WebRequest null $savedRequest
 If set, will be used instead of the real request. More...
 
string $subPage
 Subpage of the special page. More...
 
- Protected Attributes inherited from SpecialPage
IContextSource $mContext
 Current request context. More...
 
 $mIncludable
 
 $mIncluding
 
 $mName
 
 $mRestriction
 

Detailed Description

Implements Special:UserLogin.

Definition at line 32 of file SpecialUserLogin.php.

Constructor & Destructor Documentation

◆ __construct()

SpecialUserLogin::__construct ( )

Definition at line 44 of file SpecialUserLogin.php.

Member Function Documentation

◆ beforeExecute()

SpecialUserLogin::beforeExecute (   $subPage)
protected

Gets called before.

See also
SpecialPage::execute. Return false to prevent calling execute() (since 1.27+).
Since
1.20
Parameters
string | null$subPage
Returns
bool|void

Reimplemented from LoginSignupSpecialPage.

Definition at line 76 of file SpecialUserLogin.php.

References $query, AuthManagerSpecialPage\$subPage, $title, SpecialPage\getOutput(), AuthManagerSpecialPage\getRequest(), SpecialPage\getTitleFor(), and PROTO_CURRENT.

◆ clearToken()

SpecialUserLogin::clearToken ( )
protected

Definition at line 143 of file SpecialUserLogin.php.

References AuthManagerSpecialPage\getRequest().

Referenced by successfulAction().

◆ doesWrites()

SpecialUserLogin::doesWrites ( )

Indicates whether this special page may perform database writes.

Returns
bool
Since
1.27

Reimplemented from SpecialPage.

Definition at line 48 of file SpecialUserLogin.php.

◆ getDefaultAction()

SpecialUserLogin::getDefaultAction (   $subPage)
protected

Get the default action for this special page, if none is given via URL/POST data.

Subclasses should override this (or override loadAuth() so this is never called).

Parameters
string$subPageSubpage of the special page.
Returns
string an AuthManager::ACTION_* constant.

Reimplemented from AuthManagerSpecialPage.

Definition at line 56 of file SpecialUserLogin.php.

◆ getDescription()

SpecialUserLogin::getDescription ( )

Returns the name that goes in the \<h1\> in the special page itself, and also the name that will be listed in Special:Specialpages.

Derived classes can override this, but usually it is easier to keep the default behavior.

Returns
string

Reimplemented from SpecialPage.

Definition at line 60 of file SpecialUserLogin.php.

References SpecialPage\msg().

◆ getGroupName()

SpecialUserLogin::getGroupName ( )
protected

Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-group-*' for valid names This method defaults to group 'other'.

Returns
string
Since
1.21

Reimplemented from LoginSignupSpecialPage.

Definition at line 151 of file SpecialUserLogin.php.

◆ getLoginSecurityLevel()

SpecialUserLogin::getLoginSecurityLevel ( )
protected

Tells if the special page does something security-sensitive and needs extra defense against a stolen account (e.g.

a reauthentication). What exactly that will mean is decided by the authentication framework.

Returns
bool|string False or the argument for AuthManager::securitySensitiveOperationStatus(). Typically a special page needing elevated security would return its name here.

Reimplemented from AuthManagerSpecialPage.

Definition at line 52 of file SpecialUserLogin.php.

◆ getToken()

SpecialUserLogin::getToken ( )
protected

Returns the CSRF token.

Returns
Token

Reimplemented from AuthManagerSpecialPage.

Definition at line 139 of file SpecialUserLogin.php.

References AuthManagerSpecialPage\getRequest().

◆ getTokenName()

SpecialUserLogin::getTokenName ( )
protected

Returns the name of the CSRF token (under which it should be found in the POST or GET data).

Returns
string

Reimplemented from LoginSignupSpecialPage.

Definition at line 147 of file SpecialUserLogin.php.

◆ isSignup()

SpecialUserLogin::isSignup ( )
protected

Reimplemented from LoginSignupSpecialPage.

Definition at line 72 of file SpecialUserLogin.php.

◆ logAuthResult()

SpecialUserLogin::logAuthResult (   $success,
  $status = null 
)
protected

Logs to the authmanager-stats channel.

Parameters
bool$success
string | null$statusError message key

Reimplemented from LoginSignupSpecialPage.

Definition at line 155 of file SpecialUserLogin.php.

References $success.

◆ setHeaders()

SpecialUserLogin::setHeaders ( )

Sets headers - this should be called from the execute() method of all derived classes!

Reimplemented from SpecialPage.

Definition at line 64 of file SpecialUserLogin.php.

References SpecialPage\getOutput(), SpecialPage\getUser(), and SpecialPage\msg().

◆ successfulAction()

SpecialUserLogin::successfulAction (   $direct = false,
  $extraMessages = null 
)
protected

Run any hooks registered for logins, then HTTP redirect to $this->mReturnTo (or Main Page if that's undefined).

Formerly we had a nice message here, but that's really not as useful as just being sent to wherever you logged in from. It should be clear that the action was successful, given the lack of error messages plus the appearance of your name in the upper right.

Parameters
bool$directTrue if the action was successful just now; false if that happened pre-redirection (so this handler was called already)
StatusValue | null$extraMessages

Reimplemented from LoginSignupSpecialPage.

Definition at line 100 of file SpecialUserLogin.php.

References $user, $wgSecureLogin, clearToken(), SpecialPage\getContext(), AuthManagerSpecialPage\getRequest(), SpecialPage\getUser(), global, LoginSignupSpecialPage\hasSessionCookie(), LoginSignupSpecialPage\mainLoginForm(), SpecialPage\msg(), Hooks\run(), and LoginSignupSpecialPage\showSuccessPage().

Member Data Documentation

◆ $allowedActions

SpecialUserLogin::$allowedActions
staticprotected
Initial value:
= [
AuthManager::ACTION_LOGIN,
AuthManager::ACTION_LOGIN_CONTINUE
]

Definition at line 33 of file SpecialUserLogin.php.

◆ $messages

SpecialUserLogin::$messages
staticprotected
Initial value:
= [
'authform-newtoken' => 'nocookiesforlogin',
'authform-notoken' => 'sessionfailure',
'authform-wrongtoken' => 'sessionfailure',
]

Definition at line 38 of file SpecialUserLogin.php.


The documentation for this class was generated from the following file: