MediaWiki  master
SpecialCreateAccount.php
Go to the documentation of this file.
1 <?php
27 
34  protected static $allowedActions = [
35  AuthManager::ACTION_CREATE,
36  AuthManager::ACTION_CREATE_CONTINUE
37  ];
38 
39  protected static $messages = [
40  'authform-newtoken' => 'nocookiesfornew',
41  'authform-notoken' => 'sessionfailure',
42  'authform-wrongtoken' => 'sessionfailure',
43  ];
44 
45  public function __construct() {
46  parent::__construct( 'CreateAccount' );
47  }
48 
49  public function doesWrites() {
50  return true;
51  }
52 
53  public function isRestricted() {
54  return !MediaWikiServices::getInstance()
55  ->getPermissionManager()
56  ->groupHasPermission( '*', 'createaccount' );
57  }
58 
59  public function userCanExecute( User $user ) {
60  return MediaWikiServices::getInstance()
61  ->getPermissionManager()
62  ->userHasRight( $user, 'createaccount' );
63  }
64 
65  public function checkPermissions() {
66  parent::checkPermissions();
67 
68  $user = $this->getUser();
69  $status = AuthManager::singleton()->checkAccountCreatePermissions( $user );
70  if ( !$status->isGood() ) {
71  throw new ErrorPageError( 'createacct-error', $status->getMessage() );
72  }
73  }
74 
75  protected function getLoginSecurityLevel() {
76  return false;
77  }
78 
79  protected function getDefaultAction( $subPage ) {
80  return AuthManager::ACTION_CREATE;
81  }
82 
83  public function getDescription() {
84  return $this->msg( 'createaccount' )->text();
85  }
86 
87  protected function isSignup() {
88  return true;
89  }
90 
98  protected function successfulAction( $direct = false, $extraMessages = null ) {
99  $session = $this->getRequest()->getSession();
100  $user = $this->targetUser ?: $this->getUser();
101 
102  if ( $direct ) {
103  # Only save preferences if the user is not creating an account for someone else.
104  if ( !$this->proxyAccountCreation ) {
105  Hooks::run( 'AddNewAccount', [ $user, false ] );
106 
107  // If the user does not have a session cookie at this point, they probably need to
108  // do something to their browser.
109  if ( !$this->hasSessionCookie() ) {
110  $this->mainLoginForm( [ /*?*/ ], $session->getProvider()->whyNoSession() );
111  // TODO something more specific? This used to use nocookiesnew
112  // FIXME should redirect to login page instead?
113  return;
114  }
115  } else {
116  $byEmail = false; // FIXME no way to set this
117 
118  Hooks::run( 'AddNewAccount', [ $user, $byEmail ] );
119 
120  $out = $this->getOutput();
121  $out->setPageTitle( $this->msg( $byEmail ? 'accmailtitle' : 'accountcreated' ) );
122  if ( $byEmail ) {
123  $out->addWikiMsg( 'accmailtext', $user->getName(), $user->getEmail() );
124  } else {
125  $out->addWikiMsg( 'accountcreatedtext', $user->getName() );
126  }
127 
128  $rt = Title::newFromText( $this->mReturnTo );
129  $out->addReturnTo(
130  ( $rt && !$rt->isExternal() ) ? $rt : $this->getPageTitle(),
131  wfCgiToArray( $this->mReturnToQuery )
132  );
133  return;
134  }
135  }
136 
137  $this->clearToken();
138 
139  # Run any hooks; display injected HTML
140  $injected_html = '';
141  $welcome_creation_msg = 'welcomecreation-msg';
142  Hooks::run( 'UserLoginComplete', [ &$user, &$injected_html, $direct ] );
143 
149  Hooks::run( 'BeforeWelcomeCreation', [ &$welcome_creation_msg, &$injected_html ] );
150 
151  $this->showSuccessPage( 'signup', $this->msg( 'welcomeuser', $this->getUser()->getName() ),
152  $welcome_creation_msg, $injected_html, $extraMessages );
153  }
154 
155  protected function getToken() {
156  return $this->getRequest()->getSession()->getToken( '', 'createaccount' );
157  }
158 
159  protected function clearToken() {
160  return $this->getRequest()->getSession()->resetToken( 'createaccount' );
161  }
162 
163  protected function getTokenName() {
164  return 'wpCreateaccountToken';
165  }
166 
167  protected function getGroupName() {
168  return 'login';
169  }
170 
171  protected function logAuthResult( $success, $status = null ) {
172  LoggerFactory::getInstance( 'authevents' )->info( 'Account creation attempt', [
173  'event' => 'accountcreation',
174  'successful' => $success,
175  'status' => $status,
176  ] );
177  }
178 }
successfulAction( $direct=false, $extraMessages=null)
Run any hooks registered for logins, then display a message welcoming the user.
$success
mainLoginForm(array $requests, $msg='', $msgtype='error')
hasSessionCookie()
Check if a session cookie is present.
getOutput()
Get the OutputPage being used for this instance.
Holds shared logic for login and account creation pages.
The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time).
Definition: User.php:51
showSuccessPage( $type, $title, $msgname, $injected_html, $extraMessages)
Show the success page.
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
wfCgiToArray( $query)
This is the logical opposite of wfArrayToCgi(): it accepts a query string as its argument and returns...
An error page which can definitely be safely rendered using the OutputPage.
logAuthResult( $success, $status=null)
getName()
Get the name of this Special Page.
getUser()
Shortcut to get the User executing this instance.
Implements Special:CreateAccount.
string $subPage
Subpage of the special page.
getPageTitle( $subpage=false)
Get a self-referential title object.
static run( $event, array $args=[], $deprecatedVersion=null)
Call hook functions defined in Hooks::register and $wgHooks.
Definition: Hooks.php:200
static newFromText( $text, $defaultNamespace=NS_MAIN)
Create a new Title from text, such as what one would find in a link.
Definition: Title.php:317