MediaWiki master
SpecialChangeEmail.php
Go to the documentation of this file.
1<?php
21namespace MediaWiki\Specials;
22
34
44 private $status;
45
49 public function __construct( AuthManager $authManager ) {
50 parent::__construct( 'ChangeEmail', 'editmyprivateinfo' );
51
52 $this->setAuthManager( $authManager );
53 }
54
55 public function doesWrites() {
56 return true;
57 }
58
62 public function isListed() {
63 return $this->getAuthManager()->allowsPropertyChange( 'emailaddress' );
64 }
65
70 public function execute( $par ) {
71 $out = $this->getOutput();
72 $out->disallowUserJs();
73 $out->addModules( 'mediawiki.special.changeemail' );
74 parent::execute( $par );
75 }
76
77 protected function getLoginSecurityLevel() {
78 return $this->getName();
79 }
80
81 protected function checkExecutePermissions( User $user ) {
82 if ( !$this->getAuthManager()->allowsPropertyChange( 'emailaddress' ) ) {
83 throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
84 }
85
86 $this->requireNamedUser( 'changeemail-no-info', 'exception-nologin', true );
87
88 // This could also let someone check the current email address, so
89 // require both permissions.
90 if ( !$this->getAuthority()->isAllowed( 'viewmyprivateinfo' ) ) {
91 throw new PermissionsError( 'viewmyprivateinfo' );
92 }
93
94 parent::checkExecutePermissions( $user );
95 }
96
97 protected function getFormFields() {
98 $user = $this->getUser();
99
100 return [
101 'Name' => [
102 'type' => 'info',
103 'label-message' => 'username',
104 'default' => $user->getName(),
105 ],
106 'OldEmail' => [
107 'type' => 'info',
108 'label-message' => 'changeemail-oldemail',
109 'default' => $user->getEmail() ?: $this->msg( 'changeemail-none' )->text(),
110 ],
111 'NewEmail' => [
112 'type' => 'email',
113 'label-message' => 'changeemail-newemail',
114 'autofocus' => true,
115 'maxlength' => 255,
116 'help-message' => 'changeemail-newemail-help',
117 ],
118 ];
119 }
120
121 protected function getDisplayFormat() {
122 return 'ooui';
123 }
124
125 protected function alterForm( HTMLForm $form ) {
126 $form->setId( 'mw-changeemail-form' );
127 $form->setTableId( 'mw-changeemail-table' );
128 $form->setSubmitTextMsg( 'changeemail-submit' );
129 $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
130
131 $form->addHeaderHtml( $this->msg( 'changeemail-header' )->parseAsBlock() );
132 $form->setSubmitID( 'change_email_submit' );
133 }
134
135 public function onSubmit( array $data ) {
136 $this->status = $this->attemptChange( $this->getUser(), $data['NewEmail'] );
137
138 return $this->status;
139 }
140
141 public function onSuccess() {
142 $request = $this->getRequest();
143
144 $returnTo = $request->getVal( 'returnto' );
145 $titleObj = $returnTo !== null ? Title::newFromText( $returnTo ) : null;
146 if ( !$titleObj instanceof Title ) {
147 $titleObj = Title::newMainPage();
148 }
149 $query = $request->getVal( 'returntoquery', '' );
150
151 if ( $this->status->value === true ) {
152 $this->getOutput()->redirect( $titleObj->getFullUrlForRedirect( $query ) );
153 } elseif ( $this->status->value === 'eauth' ) {
154 # Notify user that a confirmation email has been sent...
155 $out = $this->getOutput();
156 $out->addHTML(
157 Html::warningBox(
158 $out->msg( 'eauthentsent', $this->getUser()->getName() )->parse()
159 )
160 );
161 // just show the link to go back
162 $this->getOutput()->addReturnTo( $titleObj, wfCgiToArray( $query ) );
163 }
164 }
165
172 private function attemptChange( User $user, $newAddr ) {
173 if ( $newAddr !== '' && !Sanitizer::validateEmail( $newAddr ) ) {
174 return Status::newFatal( 'invalidemailaddress' );
175 }
176
177 $oldAddr = $user->getEmail();
178 if ( $newAddr === $oldAddr ) {
179 return Status::newFatal( 'changeemail-nochange' );
180 }
181
182 if ( strlen( $newAddr ) > 255 ) {
183 return Status::newFatal( 'changeemail-maxlength' );
184 }
185
186 // To prevent spam, rate limit adding a new address, but do
187 // not rate limit removing an address.
188 if ( $newAddr !== '' ) {
189 // Enforce permissions, user blocks, and rate limits
190 $status = $this->authorizeAction( 'changeemail' );
191 if ( !$status->isGood() ) {
192 return Status::wrap( $status );
193 }
194 }
195
196 $userLatest = $user->getInstanceForUpdate();
197 $status = $userLatest->setEmailWithConfirmation( $newAddr );
198 if ( !$status->isGood() ) {
199 return $status;
200 }
201
202 LoggerFactory::getInstance( 'authentication' )->info(
203 'Changing email address for {user} from {oldemail} to {newemail}', [
204 'user' => $userLatest->getName(),
205 'oldemail' => $oldAddr,
206 'newemail' => $newAddr,
207 ]
208 );
209
210 $this->getHookRunner()->onPrefsEmailAudit( $userLatest, $oldAddr, $newAddr );
211
212 $userLatest->saveSettings();
213
214 return $status;
215 }
216
217 public function requiresUnblock() {
218 return false;
219 }
220
221 protected function getGroupName() {
222 return 'login';
223 }
224}
225
227class_alias( SpecialChangeEmail::class, 'SpecialChangeEmail' );
wfCgiToArray( $query)
This is the logical opposite of wfArrayToCgi(): it accepts a query string as its argument and returns...
An error page which can definitely be safely rendered using the OutputPage.
This serves as the entry point to the authentication system.
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition HTMLForm.php:209
setSubmitTextMsg( $msg)
Set the text for the submit button to a message.
setTableId( $id)
Set the id of the <table> or outermost <div> element.
addHiddenFields(array $fields)
Add an array of hidden fields to the output Array values are discarded for security reasons (per WebR...
setSubmitID( $t)
Set the id for the submit button.
addHeaderHtml( $html, $section=null)
Add HTML to the header, inside the form.
Definition HTMLForm.php:977
This class is a collection of static functions that serve two purposes:
Definition Html.php:56
Create PSR-3 logger objects.
HTML sanitizer for MediaWiki.
Definition Sanitizer.php:46
Special page which uses an HTMLForm to handle processing.
string null $par
The subpage of the special page.
getUser()
Shortcut to get the User executing this instance.
authorizeAction(?string $action=null)
Utility function for authorizing an action to be performed by the special page.
requireNamedUser( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin', bool $alwaysRedirectToLoginPage=false)
If the user is not logged in or is a temporary user, throws UserNotLoggedIn.
setAuthManager(AuthManager $authManager)
Set the injected AuthManager from the special page constructor.
getRequest()
Get the WebRequest being used for this instance.
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
getOutput()
Get the OutputPage being used for this instance.
getAuthority()
Shortcut to get the Authority executing this instance.
getName()
Get the canonical, unlocalized name of this special page without namespace.
Let users change their email address.
doesWrites()
Indicates whether POST requests to this special page require write access to the wiki.
onSuccess()
Do something exciting on successful processing of the form, most likely to show a confirmation messag...
getFormFields()
Get an HTMLForm descriptor array.
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
checkExecutePermissions(User $user)
Called from execute() to check if the given user can perform this action.
getDisplayFormat()
Get display format for the form.
onSubmit(array $data)
Process the form on submission.
requiresUnblock()
Whether this action cannot be executed by a blocked user, default to requiresPost()
getLoginSecurityLevel()
Tells if the special page does something security-sensitive and needs extra defense against a stolen ...
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition Status.php:54
Represents a title within MediaWiki.
Definition Title.php:78
internal since 1.36
Definition User.php:93
getInstanceForUpdate()
Get a new instance of this user that was loaded from the primary DB via a locking read.
Definition User.php:3207
getEmail()
Get the user's e-mail address.
Definition User.php:1884
getName()
Get the user name, or the IP of an anonymous user.
Definition User.php:1566
Show an error when a user tries to do something they do not have the necessary permissions for.
isGood()
Returns whether the operation completed and didn't have any error or warnings.