SpecialConfirmEmail.php

Go to the documentation of this file.

<?php
use MediaWiki\MediaWikiServices;
 
class SpecialConfirmEmail extends UnlistedSpecialPage {
    public function __construct() {
        parent::__construct( 'Confirmemail', 'editmyprivateinfo' );
    }
 
    public function doesWrites() {
        return true;
    }
 
    function execute( $code ) {
        // Ignore things like master queries/connections on GET requests.
        // It's very convenient to just allow formless link usage.
        $trxProfiler = Profiler::instance()->getTransactionProfiler();
 
        $this->setHeaders();
        $this->checkReadOnly();
        $this->checkPermissions();
 
        // This could also let someone check the current email address, so
        // require both permissions.
        if ( !MediaWikiServices::getInstance()
                ->getPermissionManager()
                ->userHasRight( $this->getUser(), 'viewmyprivateinfo' )
        ) {
            throw new PermissionsError( 'viewmyprivateinfo' );
        }
 
        if ( $code === null || $code === '' ) {
            $this->requireLogin( 'confirmemail_needlogin' );
            if ( Sanitizer::validateEmail( $this->getUser()->getEmail() ) ) {
                $this->showRequestForm();
            } else {
                $this->getOutput()->addWikiMsg( 'confirmemail_noemail' );
            }
        } else {
            $old = $trxProfiler->setSilenced( true );
            $this->attemptConfirm( $code );
            $trxProfiler->setSilenced( $old );
        }
    }
 
    function showRequestForm() {
        $user = $this->getUser();
        $out = $this->getOutput();
 
        if ( !$user->isEmailConfirmed() ) {
            $descriptor = [];
            if ( $user->isEmailConfirmationPending() ) {
                $descriptor += [
                    'pending' => [
                        'type' => 'info',
                        'raw' => true,
                        'default' => "<div class=\"error mw-confirmemail-pending\">\n" .
                            $this->msg( 'confirmemail_pending' )->escaped() .
                            "\n</div>",
                    ],
                ];
            }
 
            $out->addWikiMsg( 'confirmemail_text' );
            $form = HTMLForm::factory( 'ooui', $descriptor, $this->getContext() );
            $form
                ->setAction( $this->getPageTitle()->getLocalURL() )
                ->setSubmitTextMsg( 'confirmemail_send' )
                ->setSubmitCallback( [ $this, 'submitSend' ] );
 
            $retval = $form->show();
 
            if ( $retval === true ) {
                // should never happen, but if so, don't let the user without any message
                $out->addWikiMsg( 'confirmemail_sent' );
            } elseif ( $retval instanceof Status && $retval->isGood() ) {
                $out->addWikiTextAsInterface( $retval->getValue() );
            }
        } else {
            // date and time are separate parameters to facilitate localisation.
            // $time is kept for backward compat reasons.
            // 'emailauthenticated' is also used in SpecialPreferences.php
            $lang = $this->getLanguage();
            $emailAuthenticated = $user->getEmailAuthenticationTimestamp();
            $time = $lang->userTimeAndDate( $emailAuthenticated, $user );
            $d = $lang->userDate( $emailAuthenticated, $user );
            $t = $lang->userTime( $emailAuthenticated, $user );
            $out->addWikiMsg( 'emailauthenticated', $time, $d, $t );
        }
    }
 
    public function submitSend() {
        $status = $this->getUser()->sendConfirmationMail();
        if ( $status->isGood() ) {
            return Status::newGood( $this->msg( 'confirmemail_sent' )->text() );
        } else {
            return Status::newFatal( new RawMessage(
                $status->getWikiText( 'confirmemail_sendfailed', false, $this->getLanguage() )
            ) );
        }
    }
 
    private function attemptConfirm( $code ) {
        $user = User::newFromConfirmationCode( $code, User::READ_EXCLUSIVE );
        if ( !is_object( $user ) ) {
            $this->getOutput()->addWikiMsg( 'confirmemail_invalid' );
 
            return;
        }
 
        // rate limit email confirmations
        if ( $user->pingLimiter( 'confirmemail' ) ) {
            $this->getOutput()->addWikiMsg( 'actionthrottledtext' );
 
            return;
        }
 
        $user->confirmEmail();
        $user->saveSettings();
        $message = $this->getUser()->isLoggedIn() ? 'confirmemail_loggedin' : 'confirmemail_success';
        $this->getOutput()->addWikiMsg( $message );
 
        if ( !$this->getUser()->isLoggedIn() ) {
            $title = SpecialPage::getTitleFor( 'Userlogin' );
            $this->getOutput()->returnToMain( true, $title );
        }
    }
}