REL1_34/php/SpecialCreateAccount_8php_source.html

<?php

use MediaWiki\Auth\AuthManager;

use MediaWiki\Logger\LoggerFactory;

use MediaWiki\MediaWikiServices;


class SpecialCreateAccount extends LoginSignupSpecialPage {

    protected static $allowedActions = [

        AuthManager::ACTION_CREATE,

        AuthManager::ACTION_CREATE_CONTINUE

    ];


    protected static $messages = [

        'authform-newtoken' => 'nocookiesfornew',

        'authform-notoken' => 'sessionfailure',

        'authform-wrongtoken' => 'sessionfailure',

    ];


    public function __construct() {

        parent::__construct( 'CreateAccount' );

    }


    public function doesWrites() {

        return true;

    }


    public function isRestricted() {

        return !MediaWikiServices::getInstance()

            ->getPermissionManager()

            ->groupHasPermission( '*', 'createaccount' );

    }


    public function userCanExecute( User $user ) {

        return MediaWikiServices::getInstance()

            ->getPermissionManager()

            ->userHasRight( $user, 'createaccount' );

    }


    public function checkPermissions() {

        parent::checkPermissions();


        $user = $this->getUser();

        $status = AuthManager::singleton()->checkAccountCreatePermissions( $user );

        if ( !$status->isGood() ) {

            // Track block with a cookie if it doesn't exist already

            if ( $user->isBlockedFromCreateAccount() ) {

                MediaWikiServices::getInstance()->getBlockManager()->trackBlockWithCookie( $user );

            }

            throw new ErrorPageError( 'createacct-error', $status->getMessage() );

        }

    }


    protected function getLoginSecurityLevel() {

        return false;

    }


    protected function getDefaultAction( $subPage ) {

        return AuthManager::ACTION_CREATE;

    }


    public function getDescription() {

        return $this->msg( 'createaccount' )->text();

    }


    protected function isSignup() {

        return true;

    }


    protected function successfulAction( $direct = false, $extraMessages = null ) {

        $session = $this->getRequest()->getSession();

        $user = $this->targetUser ?: $this->getUser();


        if ( $direct ) {

            # Only save preferences if the user is not creating an account for someone else.

            if ( !$this->proxyAccountCreation ) {

                Hooks::run( 'AddNewAccount', [ $user, false ] );


                // If the user does not have a session cookie at this point, they probably need to

                // do something to their browser.

                if ( !$this->hasSessionCookie() ) {

                    $this->mainLoginForm( [ /*?*/ ], $session->getProvider()->whyNoSession() );

                    // TODO something more specific? This used to use nocookiesnew

                    // FIXME should redirect to login page instead?

                    return;

                }

            } else {

                $byEmail = false; // FIXME no way to set this


                Hooks::run( 'AddNewAccount', [ $user, $byEmail ] );


                $out = $this->getOutput();

                $out->setPageTitle( $this->msg( $byEmail ? 'accmailtitle' : 'accountcreated' ) );

                if ( $byEmail ) {

                    $out->addWikiMsg( 'accmailtext', $user->getName(), $user->getEmail() );

                } else {

                    $out->addWikiMsg( 'accountcreatedtext', $user->getName() );

                }


                $rt = Title::newFromText( $this->mReturnTo );

                $out->addReturnTo(

                    ( $rt && !$rt->isExternal() ) ? $rt : $this->getPageTitle(),

                    wfCgiToArray( $this->mReturnToQuery )

                );

                return;

            }

        }


        $this->clearToken();


        # Run any hooks; display injected HTML

        $injected_html = '';

        $welcome_creation_msg = 'welcomecreation-msg';

        Hooks::run( 'UserLoginComplete', [ &$user, &$injected_html, $direct ] );


        Hooks::run( 'BeforeWelcomeCreation', [ &$welcome_creation_msg, &$injected_html ] );


        $this->showSuccessPage( 'signup', $this->msg( 'welcomeuser', $this->getUser()->getName() ),

            $welcome_creation_msg, $injected_html, $extraMessages );

    }


    protected function getToken() {

        return $this->getRequest()->getSession()->getToken( '', 'createaccount' );

    }


    protected function clearToken() {

        return $this->getRequest()->getSession()->resetToken( 'createaccount' );

    }


    protected function getTokenName() {

        return 'wpCreateaccountToken';

    }


    protected function getGroupName() {

        return 'login';

    }


    protected function logAuthResult( $success, $status = null ) {

        LoggerFactory::getInstance( 'authevents' )->info( 'Account creation attempt', [

            'event' => 'accountcreation',

            'successful' => $success,

            'status' => $status,

        ] );

    }


}


wfCgiToArray
wfCgiToArray( $query)
This is the logical opposite of wfArrayToCgi(): it accepts a query string as its argument and returns...
Definition GlobalFunctions.php:392

$success
$success
Definition NoLocalSettings.php:42

AuthManagerSpecialPage\$subPage
string $subPage
Subpage of the special page.
Definition AuthManagerSpecialPage.php:35

AuthManagerSpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition AuthManagerSpecialPage.php:64

ErrorPageError
An error page which can definitely be safely rendered using the OutputPage.
Definition ErrorPageError.php:27

LoginSignupSpecialPage
Holds shared logic for login and account creation pages.
Definition LoginSignupSpecialPage.php:37

LoginSignupSpecialPage\mainLoginForm
mainLoginForm(array $requests, $msg='', $msgtype='error')
Definition LoginSignupSpecialPage.php:514

LoginSignupSpecialPage\showSuccessPage
showSuccessPage( $type, $title, $msgname, $injected_html, $extraMessages)
Show the success page.
Definition LoginSignupSpecialPage.php:435

LoginSignupSpecialPage\hasSessionCookie
hasSessionCookie()
Check if a session cookie is present.
Definition LoginSignupSpecialPage.php:1046

MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition AuthManager.php:85

MediaWiki\Logger\LoggerFactory
PSR-3 logger instance factory.
Definition LoggerFactory.php:45

MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition MediaWikiServices.php:117

SpecialCreateAccount
Implements Special:CreateAccount.
Definition SpecialCreateAccount.php:33

SpecialCreateAccount\getTokenName
getTokenName()
Returns the name of the CSRF token (under which it should be found in the POST or GET data).
Definition SpecialCreateAccount.php:167

SpecialCreateAccount\$allowedActions
static $allowedActions
Definition SpecialCreateAccount.php:34

SpecialCreateAccount\successfulAction
successfulAction( $direct=false, $extraMessages=null)
Run any hooks registered for logins, then display a message welcoming the user.
Definition SpecialCreateAccount.php:102

SpecialCreateAccount\getToken
getToken()
Returns the CSRF token.
Definition SpecialCreateAccount.php:159

SpecialCreateAccount\logAuthResult
logAuthResult( $success, $status=null)
Logs to the authmanager-stats channel.
Definition SpecialCreateAccount.php:175

SpecialCreateAccount\getGroupName
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
Definition SpecialCreateAccount.php:171

SpecialCreateAccount\doesWrites
doesWrites()
Indicates whether this special page may perform database writes.
Definition SpecialCreateAccount.php:49

SpecialCreateAccount\checkPermissions
checkPermissions()
Checks if userCanExecute, and if not throws a PermissionsError.
Definition SpecialCreateAccount.php:65

SpecialCreateAccount\$messages
static $messages
Definition SpecialCreateAccount.php:39

SpecialCreateAccount\isRestricted
isRestricted()
Can be overridden by subclasses with more complicated permissions schemes.
Definition SpecialCreateAccount.php:53

SpecialCreateAccount\getDescription
getDescription()
Returns the name that goes in the <h1> in the special page itself, and also the name that will be l...
Definition SpecialCreateAccount.php:87

SpecialCreateAccount\userCanExecute
userCanExecute(User $user)
Checks if the given user (identified by an object) can execute this special page (as defined by $mRes...
Definition SpecialCreateAccount.php:59

SpecialCreateAccount\clearToken
clearToken()
Definition SpecialCreateAccount.php:163

SpecialCreateAccount\isSignup
isSignup()
Definition SpecialCreateAccount.php:91

SpecialCreateAccount\__construct
__construct()
Definition SpecialCreateAccount.php:45

SpecialCreateAccount\getLoginSecurityLevel
getLoginSecurityLevel()
Tells if the special page does something security-sensitive and needs extra defense against a stolen ...
Definition SpecialCreateAccount.php:79

SpecialCreateAccount\getDefaultAction
getDefaultAction( $subPage)
Get the default action for this special page, if none is given via URL/POST data.
Definition SpecialCreateAccount.php:83

SpecialPage\getName
getName()
Get the name of this Special Page.
Definition SpecialPage.php:153

SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition SpecialPage.php:719

SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition SpecialPage.php:729

SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition SpecialPage.php:792

SpecialPage\getPageTitle
getPageTitle( $subpage=false)
Get a self-referential title object.
Definition SpecialPage.php:672

User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition User.php:51