master/php/SpecialConfirmEmail_8php_source.html

<?php

namespace MediaWiki\Specials;


use MediaWiki\Exception\PermissionsError;

use MediaWiki\Exception\ReadOnlyError;

use MediaWiki\Exception\UserNotLoggedIn;

use MediaWiki\HTMLForm\HTMLForm;

use MediaWiki\Language\RawMessage;

use MediaWiki\Parser\Sanitizer;

use MediaWiki\SpecialPage\SpecialPage;

use MediaWiki\SpecialPage\UnlistedSpecialPage;

use MediaWiki\Status\Status;

use MediaWiki\User\User;

use MediaWiki\User\UserFactory;

use Profiler;

use Wikimedia\Rdbms\IDBAccessObject;

use Wikimedia\ScopedCallback;


class SpecialConfirmEmail extends UnlistedSpecialPage {


    private UserFactory $userFactory;


    public function __construct( UserFactory $userFactory ) {

        parent::__construct( 'Confirmemail', 'editmyprivateinfo' );


        $this->userFactory = $userFactory;

    }


    public function doesWrites() {

        return true;

    }


    public function execute( $code ) {

        // Ignore things like primary queries/connections on GET requests.

        // It's very convenient to just allow formless link usage.

        $trxProfiler = Profiler::instance()->getTransactionProfiler();


        $this->setHeaders();

        $this->checkReadOnly();

        $this->checkPermissions();


        // This could also let someone check the current email address, so

        // require both permissions.

        if ( !$this->getAuthority()->isAllowed( 'viewmyprivateinfo' ) ) {

            throw new PermissionsError( 'viewmyprivateinfo' );

        }


        if ( $code === null || $code === '' ) {

            $this->requireNamedUser( 'confirmemail_needlogin', 'exception-nologin', true );

            if ( Sanitizer::validateEmail( $this->getUser()->getEmail() ) ) {

                $this->showRequestForm();

            } else {

                $this->getOutput()->addWikiMsg( 'confirmemail_noemail' );

            }

        } else {

            $scope = $trxProfiler->silenceForScope( $trxProfiler::EXPECTATION_REPLICAS_ONLY );

            $this->attemptConfirm( $code );

            ScopedCallback::consume( $scope );

        }

    }


    private function showRequestForm() {

        $user = $this->getUser();

        $out = $this->getOutput();


        if ( !$user->isEmailConfirmed() ) {

            $descriptor = [];

            if ( $user->isEmailConfirmationPending() ) {

                $descriptor += [

                    'pending' => [

                        'type' => 'info',

                        'raw' => true,

                        'default' => "<div class=\"error mw-confirmemail-pending\">\n" .

                            $this->msg( 'confirmemail_pending' )->escaped() .

                            "\n</div>",

                    ],

                ];

            }


            $out->addWikiMsg( 'confirmemail_text' );

            $form = HTMLForm::factory( 'ooui', $descriptor, $this->getContext() );

            $form

                ->setAction( $this->getPageTitle()->getLocalURL() )

                ->setSubmitTextMsg( 'confirmemail_send' )

                ->setSubmitCallback( [ $this, 'submitSend' ] );


            $retval = $form->show();


            if ( $retval === true ) {

                // should never happen, but if so, don't let the user without any message

                $out->addWikiMsg( 'confirmemail_sent' );

            } elseif ( $retval instanceof Status && $retval->isGood() ) {

                $out->addWikiTextAsInterface( $retval->getValue() );

            }

        } else {

            // date and time are separate parameters to facilitate localisation.

            // $time is kept for backward compat reasons.

            // 'emailauthenticated' is also used in SpecialPreferences.php

            $lang = $this->getLanguage();

            $emailAuthenticated = $user->getEmailAuthenticationTimestamp();

            $time = $lang->userTimeAndDate( $emailAuthenticated, $user );

            $d = $lang->userDate( $emailAuthenticated, $user );

            $t = $lang->userTime( $emailAuthenticated, $user );

            $out->addWikiMsg( 'emailauthenticated', $time, $d, $t );

        }

    }


    public function submitSend() {

        $status = $this->getUser()->sendConfirmationMail();

        if ( $status->isGood() ) {

            return Status::newGood( $this->msg( 'confirmemail_sent' )->text() );

        } else {

            return Status::newFatal( new RawMessage(

                $status->getWikiText( 'confirmemail_sendfailed', false, $this->getLanguage() )

            ) );

        }

    }


    private function attemptConfirm( $code ) {

        $user = $this->userFactory->newFromConfirmationCode(

            $code,

            IDBAccessObject::READ_LATEST

        );


        if ( !is_object( $user ) ) {

            if ( User::isWellFormedConfirmationToken( $code ) ) {

                $this->getOutput()->addWikiMsg( 'confirmemail_invalid' );

            } else {

                $this->getOutput()->addWikiMsg( 'confirmemail_invalid_format' );

            }


            return;

        }


        // Enforce permissions, user blocks, and rate limits

        $this->authorizeAction( 'confirmemail' )->throwErrorPageError();


        $userLatest = $user->getInstanceForUpdate();

        $userLatest->confirmEmail();

        $userLatest->saveSettings();

        $message = $this->getUser()->isNamed() ? 'confirmemail_loggedin' : 'confirmemail_success';

        $this->getOutput()->addWikiMsg( $message );


        if ( !$this->getUser()->isNamed() ) {

            $title = SpecialPage::getTitleFor( 'Userlogin' );

            $this->getOutput()->returnToMain( true, $title );

        }

    }

}


class_alias( SpecialConfirmEmail::class, 'SpecialConfirmEmail' );

MediaWiki\Exception\PermissionsError
Show an error when a user tries to do something they do not have the necessary permissions for.
Definition PermissionsError.php:36

MediaWiki\Exception\ReadOnlyError
Show an error when the wiki is locked/read-only and the user tries to do something that requires writ...
Definition ReadOnlyError.php:33

MediaWiki\Exception\UserNotLoggedIn
Redirect a user to the login page or account creation page.
Definition UserNotLoggedIn.php:69

MediaWiki\HTMLForm\HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition HTMLForm.php:210

MediaWiki\Language\RawMessage
Variant of the Message class.
Definition RawMessage.php:39

MediaWiki\Parser\Sanitizer
HTML sanitizer for MediaWiki.
Definition Sanitizer.php:46

MediaWiki\SpecialPage\SpecialPage
Parent class for all special pages.
Definition SpecialPage.php:68

MediaWiki\SpecialPage\SpecialPage\setHeaders
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes!
Definition SpecialPage.php:702

MediaWiki\SpecialPage\SpecialPage\getTitleFor
static getTitleFor( $name, $subpage=false, $fragment='')
Get a localised Title object for a specified special page name If you don't need a full Title object,...
Definition SpecialPage.php:156

MediaWiki\SpecialPage\SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition SpecialPage.php:907

MediaWiki\SpecialPage\SpecialPage\authorizeAction
authorizeAction(?string $action=null)
Utility function for authorizing an action to be performed by the special page.
Definition SpecialPage.php:374

MediaWiki\SpecialPage\SpecialPage\requireNamedUser
requireNamedUser( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin', bool $alwaysRedirectToLoginPage=false)
If the user is not logged in or is a temporary user, throws UserNotLoggedIn.
Definition SpecialPage.php:456

MediaWiki\SpecialPage\SpecialPage\getPageTitle
getPageTitle( $subpage=false)
Get a self-referential title object.
Definition SpecialPage.php:851

MediaWiki\SpecialPage\SpecialPage\checkPermissions
checkPermissions()
Checks if userCanExecute, and if not throws a PermissionsError.
Definition SpecialPage.php:404

MediaWiki\SpecialPage\SpecialPage\checkReadOnly
checkReadOnly()
If the wiki is currently in readonly mode, throws a ReadOnlyError.
Definition SpecialPage.php:417

MediaWiki\SpecialPage\SpecialPage\getContext
getContext()
Gets the context this SpecialPage is executed in.
Definition SpecialPage.php:871

MediaWiki\SpecialPage\SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition SpecialPage.php:1008

MediaWiki\SpecialPage\SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition SpecialPage.php:897

MediaWiki\SpecialPage\SpecialPage\getAuthority
getAuthority()
Shortcut to get the Authority executing this instance.
Definition SpecialPage.php:917

MediaWiki\SpecialPage\SpecialPage\getLanguage
getLanguage()
Shortcut to get user's language.
Definition SpecialPage.php:937

MediaWiki\SpecialPage\UnlistedSpecialPage
Shortcut to construct a special page which is unlisted by default.
Definition UnlistedSpecialPage.php:33

MediaWiki\Specials\SpecialConfirmEmail
Email confirmation for registered users.
Definition SpecialConfirmEmail.php:51

MediaWiki\Specials\SpecialConfirmEmail\doesWrites
doesWrites()
Indicates whether POST requests to this special page require write access to the wiki.
Definition SpecialConfirmEmail.php:61

MediaWiki\Specials\SpecialConfirmEmail\submitSend
submitSend()
Callback for HTMLForm send confirmation mail.
Definition SpecialConfirmEmail.php:156

MediaWiki\Specials\SpecialConfirmEmail\__construct
__construct(UserFactory $userFactory)
Definition SpecialConfirmEmail.php:55

MediaWiki\Specials\SpecialConfirmEmail\execute
execute( $code)
Main execution point.
Definition SpecialConfirmEmail.php:73

MediaWiki\Status\Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition Status.php:54

MediaWiki\User\UserFactory
Create User objects.
Definition UserFactory.php:45

MediaWiki\User\User
User class for the MediaWiki software.
Definition User.php:121

Profiler
Profiler base class that defines the interface and some shared functionality.
Definition Profiler.php:37

Profiler\instance
static instance()
Definition Profiler.php:105

Wikimedia\Rdbms\IDBAccessObject
Interface for database access objects.
Definition IDBAccessObject.php:59

MediaWiki\Parser\CoreParserFunctions\null\$t
$t
Definition CoreParserFunctions.php:690

MediaWiki\Specials