MediaWiki REL1_37
SpecialCreateAccount.php
Go to the documentation of this file.
1<?php
24use MediaWiki\Auth\AuthManager;
25use MediaWiki\Logger\LoggerFactory;
26
32class SpecialCreateAccount extends LoginSignupSpecialPage {
33 protected static $allowedActions = [
34 AuthManager::ACTION_CREATE,
35 AuthManager::ACTION_CREATE_CONTINUE
36 ];
37
38 protected static $messages = [
39 'authform-newtoken' => 'nocookiesfornew',
40 'authform-notoken' => 'sessionfailure',
41 'authform-wrongtoken' => 'sessionfailure',
42 ];
43
47 public function __construct( AuthManager $authManager ) {
48 parent::__construct( 'CreateAccount', 'createaccount' );
49
50 $this->setAuthManager( $authManager );
51 }
52
53 public function doesWrites() {
54 return true;
55 }
56
57 public function checkPermissions() {
58 parent::checkPermissions();
59
60 $user = $this->getUser();
61 $status = $this->getAuthManager()->checkAccountCreatePermissions( $user );
62 if ( !$status->isGood() ) {
63 throw new ErrorPageError( 'createacct-error', $status->getMessage() );
64 }
65 }
66
67 protected function getLoginSecurityLevel() {
68 return false;
69 }
70
71 protected function getDefaultAction( $subPage ) {
72 return AuthManager::ACTION_CREATE;
73 }
74
75 public function getDescription() {
76 return $this->msg( 'createaccount' )->text();
77 }
78
79 protected function isSignup() {
80 return true;
81 }
82
90 protected function successfulAction( $direct = false, $extraMessages = null ) {
91 $session = $this->getRequest()->getSession();
92 $user = $this->targetUser ?: $this->getUser();
93
94 if ( $direct ) {
95 # Only save preferences if the user is not creating an account for someone else.
96 if ( !$this->proxyAccountCreation ) {
97 $this->getHookRunner()->onAddNewAccount( $user, false );
98
99 // If the user does not have a session cookie at this point, they probably need to
100 // do something to their browser.
101 if ( !$this->hasSessionCookie() ) {
102 $this->mainLoginForm( [ /*?*/ ], $session->getProvider()->whyNoSession() );
103 // TODO something more specific? This used to use nocookiesnew
104 // FIXME should redirect to login page instead?
105 return;
106 }
107 } else {
108 $byEmail = false; // FIXME no way to set this
109
110 $this->getHookRunner()->onAddNewAccount( $user, $byEmail );
111
112 $out = $this->getOutput();
113 // @phan-suppress-next-line PhanImpossibleCondition
114 $out->setPageTitle( $this->msg( $byEmail ? 'accmailtitle' : 'accountcreated' ) );
115 // @phan-suppress-next-line PhanImpossibleCondition
116 if ( $byEmail ) {
117 $out->addWikiMsg( 'accmailtext', $user->getName(), $user->getEmail() );
118 } else {
119 $out->addWikiMsg( 'accountcreatedtext', $user->getName() );
120 }
121
122 $rt = Title::newFromText( $this->mReturnTo );
123 $out->addReturnTo(
124 ( $rt && !$rt->isExternal() ) ? $rt : $this->getPageTitle(),
125 wfCgiToArray( $this->mReturnToQuery )
126 );
127 return;
128 }
129 }
130
131 $this->clearToken();
132
133 # Run any hooks; display injected HTML
134 $injected_html = '';
135 $welcome_creation_msg = 'welcomecreation-msg';
136 $this->getHookRunner()->onUserLoginComplete( $user, $injected_html, $direct );
137
143 $this->getHookRunner()->onBeforeWelcomeCreation( $welcome_creation_msg, $injected_html );
144
145 $this->showSuccessPage( 'signup',
146 $this->msg( 'welcomeuser', $this->getUser()->getName() )->escaped(),
147 $welcome_creation_msg, $injected_html, $extraMessages );
148 }
149
150 protected function getToken() {
151 return $this->getRequest()->getSession()->getToken( '', 'createaccount' );
152 }
153
154 protected function clearToken() {
155 return $this->getRequest()->getSession()->resetToken( 'createaccount' );
156 }
157
158 protected function getTokenName() {
159 return 'wpCreateaccountToken';
160 }
161
162 protected function getGroupName() {
163 return 'login';
164 }
165
166 protected function logAuthResult( $success, $status = null ) {
167 LoggerFactory::getInstance( 'authevents' )->info( 'Account creation attempt', [
168 'event' => 'accountcreation',
169 'successful' => $success,
170 'status' => strval( $status ),
171 ] );
172 }
173}
wfCgiToArray
wfCgiToArray( $query)
This is the logical opposite of wfArrayToCgi(): it accepts a query string as its argument and returns...
Definition GlobalFunctions.php:375
AuthManagerSpecialPage\$subPage
string $subPage
Subpage of the special page.
Definition AuthManagerSpecialPage.php:39
AuthManagerSpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition AuthManagerSpecialPage.php:72
ErrorPageError
An error page which can definitely be safely rendered using the OutputPage.
Definition ErrorPageError.php:30
LoginSignupSpecialPage
Holds shared logic for login and account creation pages.
Definition LoginSignupSpecialPage.php:38
LoginSignupSpecialPage\mainLoginForm
mainLoginForm(array $requests, $msg='', $msgtype='error')
Definition LoginSignupSpecialPage.php:518
LoginSignupSpecialPage\showSuccessPage
showSuccessPage( $type, $title, $msgname, $injected_html, $extraMessages)
Show the success page.
Definition LoginSignupSpecialPage.php:439
LoginSignupSpecialPage\hasSessionCookie
hasSessionCookie()
Check if a session cookie is present.
Definition LoginSignupSpecialPage.php:1067
MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition AuthManager.php:102
MediaWiki\Logger\LoggerFactory
PSR-3 logger instance factory.
Definition LoggerFactory.php:45
SpecialCreateAccount
Implements Special:CreateAccount.
Definition SpecialCreateAccount.php:32
SpecialCreateAccount\getTokenName
getTokenName()
Returns the name of the CSRF token (under which it should be found in the POST or GET data).
Definition SpecialCreateAccount.php:158
SpecialCreateAccount\successfulAction
successfulAction( $direct=false, $extraMessages=null)
Run any hooks registered for logins, then display a message welcoming the user.
Definition SpecialCreateAccount.php:90
SpecialCreateAccount\getToken
getToken()
Returns the CSRF token.
Definition SpecialCreateAccount.php:150
SpecialCreateAccount\logAuthResult
logAuthResult( $success, $status=null)
Logs to the authmanager-stats channel.
Definition SpecialCreateAccount.php:166
SpecialCreateAccount\getGroupName
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
Definition SpecialCreateAccount.php:162
SpecialCreateAccount\doesWrites
doesWrites()
Indicates whether this special page may perform database writes.
Definition SpecialCreateAccount.php:53
SpecialCreateAccount\__construct
__construct(AuthManager $authManager)
Definition SpecialCreateAccount.php:47
SpecialCreateAccount\checkPermissions
checkPermissions()
Checks if userCanExecute, and if not throws a PermissionsError.
Definition SpecialCreateAccount.php:57
SpecialCreateAccount\getDescription
getDescription()
Returns the name that goes in the <h1> in the special page itself, and also the name that will be l...
Definition SpecialCreateAccount.php:75
SpecialCreateAccount\getDefaultAction
getDefaultAction( $subPage)
Get the default action for this special page, if none is given via URL/POST data.
Definition SpecialCreateAccount.php:71
SpecialPage\getName
getName()
Get the name of this Special Page.
Definition SpecialPage.php:179
SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition SpecialPage.php:790
SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition SpecialPage.php:800
SpecialPage\$authManager
AuthManager null $authManager
Definition SpecialPage.php:88
SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition SpecialPage.php:912
SpecialPage\setAuthManager
setAuthManager(AuthManager $authManager)
Set the injected AuthManager from the special page constructor.
Definition SpecialPage.php:510
SpecialPage\getPageTitle
getPageTitle( $subpage=false)
Get a self-referential title object.
Definition SpecialPage.php:744