master/php/SpecialChangeEmail_8php_source.html

 <?php

 namespace MediaWiki\Specials;


 use ErrorPageError;

 use FormSpecialPage;

 use HTMLForm;

 use MediaWiki\Auth\AuthManager;

 use MediaWiki\Html\Html;

 use MediaWiki\Logger\LoggerFactory;

 use MediaWiki\Title\Title;

 use PermissionsError;

 use Sanitizer;

 use Status;

 use User;


 class SpecialChangeEmail extends FormSpecialPage {

     private $status;


     public function __construct( AuthManager $authManager ) {

         parent::__construct( 'ChangeEmail', 'editmyprivateinfo' );


         $this->setAuthManager( $authManager );

     }


     public function doesWrites() {

         return true;

     }


     public function isListed() {

         return $this->getAuthManager()->allowsPropertyChange( 'emailaddress' );

     }


     public function execute( $par ) {

         $out = $this->getOutput();

         $out->disallowUserJs();

         $out->addModules( 'mediawiki.special.changeemail' );

         parent::execute( $par );

     }


     protected function getLoginSecurityLevel() {

         return $this->getName();

     }


     protected function checkExecutePermissions( User $user ) {

         if ( !$this->getAuthManager()->allowsPropertyChange( 'emailaddress' ) ) {

             throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );

         }


         $this->requireNamedUser( 'changeemail-no-info' );


         // This could also let someone check the current email address, so

         // require both permissions.

         if ( !$this->getAuthority()->isAllowed( 'viewmyprivateinfo' ) ) {

             throw new PermissionsError( 'viewmyprivateinfo' );

         }


         parent::checkExecutePermissions( $user );

     }


     protected function getFormFields() {

         $user = $this->getUser();


         return [

             'Name' => [

                 'type' => 'info',

                 'label-message' => 'username',

                 'default' => $user->getName(),

             ],

             'OldEmail' => [

                 'type' => 'info',

                 'label-message' => 'changeemail-oldemail',

                 'default' => $user->getEmail() ?: $this->msg( 'changeemail-none' )->text(),

             ],

             'NewEmail' => [

                 'type' => 'email',

                 'label-message' => 'changeemail-newemail',

                 'autofocus' => true,

                 'maxlength' => 255,

                 'help-message' => 'changeemail-newemail-help',

             ],

         ];

     }


     protected function getDisplayFormat() {

         return 'ooui';

     }


     protected function alterForm( HTMLForm $form ) {

         $form->setId( 'mw-changeemail-form' );

         $form->setTableId( 'mw-changeemail-table' );

         $form->setSubmitTextMsg( 'changeemail-submit' );

         $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );


         $form->addHeaderHtml( $this->msg( 'changeemail-header' )->parseAsBlock() );

         $form->setSubmitID( 'change_email_submit' );

     }


     public function onSubmit( array $data ) {

         $this->status = $this->attemptChange( $this->getUser(), $data['NewEmail'] );


         return $this->status;

     }


     public function onSuccess() {

         $request = $this->getRequest();


         $returnTo = $request->getVal( 'returnto' );

         $titleObj = $returnTo !== null ? Title::newFromText( $returnTo ) : null;

         if ( !$titleObj instanceof Title ) {

             $titleObj = Title::newMainPage();

         }

         $query = $request->getVal( 'returntoquery', '' );


         if ( $this->status->value === true ) {

             $this->getOutput()->redirect( $titleObj->getFullUrlForRedirect( $query ) );

         } elseif ( $this->status->value === 'eauth' ) {

             # Notify user that a confirmation email has been sent...

             $out = $this->getOutput();

             $out->addHTML(

                 Html::warningBox(

                     $out->msg( 'eauthentsent', $this->getUser()->getName() )->parse()

                 )

             );

             // just show the link to go back

             $this->getOutput()->addReturnTo( $titleObj, wfCgiToArray( $query ) );

         }

     }


     private function attemptChange( User $user, $newAddr ) {

         if ( $newAddr !== '' && !Sanitizer::validateEmail( $newAddr ) ) {

             return Status::newFatal( 'invalidemailaddress' );

         }


         $oldAddr = $user->getEmail();

         if ( $newAddr === $oldAddr ) {

             return Status::newFatal( 'changeemail-nochange' );

         }


         if ( strlen( $newAddr ) > 255 ) {

             return Status::newFatal( 'changeemail-maxlength' );

         }


         // To prevent spam, rate limit adding a new address, but do

         // not rate limit removing an address.

         if ( $newAddr !== '' && $user->pingLimiter( 'changeemail' ) ) {

             return Status::newFatal( 'actionthrottledtext' );

         }


         $userLatest = $user->getInstanceForUpdate();

         $status = $userLatest->setEmailWithConfirmation( $newAddr );

         if ( !$status->isGood() ) {

             return $status;

         }


         LoggerFactory::getInstance( 'authentication' )->info(

             'Changing email address for {user} from {oldemail} to {newemail}', [

                 'user' => $userLatest->getName(),

                 'oldemail' => $oldAddr,

                 'newemail' => $newAddr,

             ]

         );


         $this->getHookRunner()->onPrefsEmailAudit( $userLatest, $oldAddr, $newAddr );


         $userLatest->saveSettings();


         return $status;

     }


     public function requiresUnblock() {

         return false;

     }


     protected function getGroupName() {

         return 'login';

     }

 }


 class_alias( SpecialChangeEmail::class, 'SpecialChangeEmail' );

wfCgiToArray
wfCgiToArray( $query)
This is the logical opposite of wfArrayToCgi(): it accepts a query string as its argument and returns...
Definition: GlobalFunctions.php:383

ErrorPageError
An error page which can definitely be safely rendered using the OutputPage.
Definition: ErrorPageError.php:30

FormSpecialPage
Special page which uses an HTMLForm to handle processing.
Definition: FormSpecialPage.php:33

FormSpecialPage\$par
string null $par
The sub-page of the special page.
Definition: FormSpecialPage.php:38

HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition: HTMLForm.php:155

HTMLForm\addHeaderHtml
addHeaderHtml( $html, $section=null)
Add HTML to the header, inside the form.
Definition: HTMLForm.php:897

HTMLForm\setTableId
setTableId( $id)
Set the id of the <table> or outermost <div> element.
Definition: HTMLForm.php:1776

HTMLForm\setSubmitTextMsg
setSubmitTextMsg( $msg)
Set the text for the submit button to a message.
Definition: HTMLForm.php:1637

HTMLForm\setId
setId( $id)
Definition: HTMLForm.php:1787

HTMLForm\setSubmitID
setSubmitID( $t)
Set the id for the submit button.
Definition: HTMLForm.php:1684

HTMLForm\addHiddenFields
addHiddenFields(array $fields)
Add an array of hidden fields to the output Array values are discarded for security reasons (per WebR...
Definition: HTMLForm.php:1173

MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition: AuthManager.php:106

MediaWiki\Html\Html
This class is a collection of static functions that serve two purposes:
Definition: Html.php:55

MediaWiki\Html\Html\warningBox
static warningBox( $html, $className='')
Return a warning box.
Definition: Html.php:783

MediaWiki\Logger\LoggerFactory
PSR-3 logger instance factory.
Definition: LoggerFactory.php:45

MediaWiki\Logger\LoggerFactory\getInstance
static getInstance( $channel)
Get a named logger instance from the currently configured logger factory.
Definition: LoggerFactory.php:92

MediaWiki\Specials\SpecialChangeEmail
Let users change their email address.
Definition: SpecialChangeEmail.php:43

MediaWiki\Specials\SpecialChangeEmail\__construct
__construct(AuthManager $authManager)
Definition: SpecialChangeEmail.php:52

MediaWiki\Specials\SpecialChangeEmail\execute
execute( $par)
Main execution point.
Definition: SpecialChangeEmail.php:73

MediaWiki\Specials\SpecialChangeEmail\doesWrites
doesWrites()
Indicates whether this special page may perform database writes.
Definition: SpecialChangeEmail.php:58

MediaWiki\Specials\SpecialChangeEmail\onSuccess
onSuccess()
Do something exciting on successful processing of the form, most likely to show a confirmation messag...
Definition: SpecialChangeEmail.php:144

MediaWiki\Specials\SpecialChangeEmail\getFormFields
getFormFields()
Get an HTMLForm descriptor array.
Definition: SpecialChangeEmail.php:100

MediaWiki\Specials\SpecialChangeEmail\isListed
isListed()
Definition: SpecialChangeEmail.php:65

MediaWiki\Specials\SpecialChangeEmail\getGroupName
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
Definition: SpecialChangeEmail.php:220

MediaWiki\Specials\SpecialChangeEmail\alterForm
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
Definition: SpecialChangeEmail.php:128

MediaWiki\Specials\SpecialChangeEmail\checkExecutePermissions
checkExecutePermissions(User $user)
Called from execute() to check if the given user can perform this action.
Definition: SpecialChangeEmail.php:84

MediaWiki\Specials\SpecialChangeEmail\getDisplayFormat
getDisplayFormat()
Get display format for the form.
Definition: SpecialChangeEmail.php:124

MediaWiki\Specials\SpecialChangeEmail\onSubmit
onSubmit(array $data)
Process the form on submission.
Definition: SpecialChangeEmail.php:138

MediaWiki\Specials\SpecialChangeEmail\requiresUnblock
requiresUnblock()
Whether this action cannot be executed by a blocked user, default to requiresPost()
Definition: SpecialChangeEmail.php:216

MediaWiki\Specials\SpecialChangeEmail\getLoginSecurityLevel
getLoginSecurityLevel()
Tells if the special page does something security-sensitive and needs extra defense against a stolen ...
Definition: SpecialChangeEmail.php:80

MediaWiki\Title\Title
Represents a title within MediaWiki.
Definition: Title.php:82

MediaWiki\Title\Title\newMainPage
static newMainPage(MessageLocalizer $localizer=null)
Create a new Title for the Main Page.
Definition: Title.php:755

MediaWiki\Title\Title\newFromText
static newFromText( $text, $defaultNamespace=NS_MAIN)
Create a new Title from text, such as what one would find in a link.
Definition: Title.php:425

PermissionsError
Show an error when a user tries to do something they do not have the necessary permissions for.
Definition: PermissionsError.php:32

Sanitizer
HTML sanitizer for MediaWiki.
Definition: Sanitizer.php:42

Sanitizer\validateEmail
static validateEmail( $addr)
Does a string look like an e-mail address?
Definition: Sanitizer.php:1895

SpecialPage\getName
getName()
Get the name of this Special Page.
Definition: SpecialPage.php:204

SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition: SpecialPage.php:862

SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition: SpecialPage.php:872

SpecialPage\requireNamedUser
requireNamedUser( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin')
If the user is not logged in or is a temporary user, throws UserNotLoggedIn.
Definition: SpecialPage.php:431

SpecialPage\getAuthManager
getAuthManager()
Definition: SpecialPage.php:563

SpecialPage\getHookRunner
getHookRunner()
Definition: SpecialPage.php:1181

SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition: SpecialPage.php:984

SpecialPage\getAuthority
getAuthority()
Shortcut to get the Authority executing this instance.
Definition: SpecialPage.php:882

SpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition: SpecialPage.php:852

SpecialPage\setAuthManager
setAuthManager(AuthManager $authManager)
Set the injected AuthManager from the special page constructor.
Definition: SpecialPage.php:553

StatusValue\newFatal
static newFatal( $message,... $parameters)
Factory function for fatal errors.
Definition: StatusValue.php:73

StatusValue\isGood
isGood()
Returns whether the operation completed and didn't have any error or warnings.
Definition: StatusValue.php:125

Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition: Status.php:46

User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition: User.php:71

User\getName
getName()
Get the user name, or the IP of an anonymous user.
Definition: User.php:1684

User\pingLimiter
pingLimiter( $action='edit', $incrBy=1)
Primitive rate limits: enforce maximum actions per time period to put a brake on flooding.
Definition: User.php:1483

User\getEmail
getEmail()
Get the user's e-mail address.
Definition: User.php:2002

User\getInstanceForUpdate
getInstanceForUpdate()
Get a new instance of this user that was loaded from the primary DB via a locking read.
Definition: User.php:3439