50 self::SUCCESS =>
'success',
51 self::NO_NAME =>
'no_name',
52 self::ILLEGAL =>
'illegal',
53 self::WRONG_PLUGIN_PASS =>
'wrong_plugin_pass',
54 self::NOT_EXISTS =>
'not_exists',
56 self::EMPTY_PASS =>
'empty_pass',
57 self::RESET_PASS =>
'reset_pass',
58 self::ABORTED =>
'aborted',
59 self::CREATE_BLOCKED =>
'create_blocked',
60 self::THROTTLED =>
'throttled',
61 self::USER_BLOCKED =>
'user_blocked',
62 self::NEED_TOKEN =>
'need_token',
63 self::WRONG_TOKEN =>
'wrong_token',
64 self::USER_MIGRATED =>
'user_migrated',
81 'exception-nologin-text',
83 'changeemail-no-info',
85 'confirmemail_needlogin',
135 parent::__construct(
'Userlogin' );
139 $wgUseMediaWikiUIEverywhere =
true;
167 if ( $this->mLoaded ) {
170 $this->mLoaded =
true;
172 if ( $this->mOverrideRequest === null ) {
179 $this->mType =
$request->getText(
'type' );
180 $this->mUsername =
$request->getText(
'wpName' );
181 $this->mPassword =
$request->getText(
'wpPassword' );
182 $this->mRetype =
$request->getText(
'wpRetype' );
183 $this->mDomain =
$request->getText(
'wpDomain' );
184 $this->mReason =
$request->getText(
'wpReason' );
185 $this->mCookieCheck =
$request->getVal(
'wpCookieCheck' );
186 $this->mPosted =
$request->wasPosted();
187 $this->mCreateaccountMail =
$request->getCheck(
'wpCreateaccountMail' )
190 $this->mLoginattempt =
$request->getCheck(
'wpLoginattempt' );
191 $this->mAction =
$request->getVal(
'action' );
192 $this->mRemember =
$request->getCheck(
'wpRemember' );
193 $this->mFromHTTP =
$request->getBool(
'fromhttp',
false )
194 ||
$request->getBool(
'wpFromhttp',
false );
195 $this->mStickHTTPS = ( !$this->mFromHTTP &&
$request->getProtocol() ===
'https' )
196 ||
$request->getBool(
'wpForceHttps',
false );
197 $this->mLanguage =
$request->getText(
'uselang' );
198 $this->mSkipCookieCheck =
$request->getCheck(
'wpSkipCookieCheck' );
199 $this->mToken = $this->mType ==
'signup'
200 ?
$request->getVal(
'wpCreateaccountToken' )
201 :
$request->getVal(
'wpLoginToken' );
202 $this->mReturnTo =
$request->getVal(
'returnto',
'' );
203 $this->mReturnToQuery =
$request->getVal(
'returntoquery',
'' );
206 $entryError = $this->
msg(
$request->getVal(
'error',
'' ) );
207 $entryWarning = $this->
msg(
$request->getVal(
'warning',
'' ) );
212 $this->
msg(
'loginreqlink' )->escaped(),
215 'returnto' => $this->mReturnTo,
216 'returntoquery' => $this->mReturnToQuery,
217 'uselang' => $this->mLanguage,
218 'fromhttp' => $this->mFromHTTP ?
'1' :
'0',
223 if ( $entryError->exists()
224 && in_array( $entryError->getKey(), self::getValidErrorMessages() )
226 $this->mEntryErrorType =
'error';
227 $this->mEntryError = $entryError->rawParams( $loginreqlink )->parse();
229 } elseif ( $entryWarning->exists()
230 && in_array( $entryWarning->getKey(), self::getValidErrorMessages() )
232 $this->mEntryErrorType =
'warning';
233 $this->mEntryError = $entryWarning->rawParams( $loginreqlink )->parse();
236 if ( $wgEnableEmail ) {
237 $this->mEmail =
$request->getText(
'wpEmail' );
241 if ( !in_array(
'realname', $wgHiddenPrefs ) ) {
242 $this->mRealName =
$request->getText(
'wpRealName' );
244 $this->mRealName =
'';
247 if ( !$wgAuth->validDomain( $this->mDomain ) ) {
248 $this->mDomain = $wgAuth->getDomain();
250 $wgAuth->setDomain( $this->mDomain );
252 # 1. When switching accounts, it sucks to get automatically logged out
253 # 2. Do not return to PasswordReset after a successful password change
254 # but goto Wiki start page (Main_Page) instead ( bug 33997 )
256 if ( is_object( $returnToTitle )
257 && ( $returnToTitle->isSpecial(
'Userlogout' )
258 || $returnToTitle->isSpecial(
'PasswordReset' ) )
260 $this->mReturnTo =
'';
261 $this->mReturnToQuery =
'';
266 if ( $this->mType ===
'signup' ) {
267 return $this->
msg(
'createaccount' )->text();
269 return $this->
msg(
'login' )->text();
278 $session = SessionManager::getGlobalSession();
285 if ( $subPage ==
'signup' ) {
286 $this->mType =
'signup';
291 if ( $this->mType !==
'signup' && !$session->canSetUser() ) {
293 'cannotloginnow-title',
294 'cannotloginnow-text',
313 $this->mType !==
'signup' &&
315 $this->
getUser()->isLoggedIn() &&
316 ( $this->mReturnTo !==
'' || $this->mReturnToQuery !==
'' )
323 if ( $this->mRequest->getProtocol() !==
'https' ) {
326 'returnto' => $this->mReturnTo !==
'' ? $this->mReturnTo : null,
327 'returntoquery' => $this->mReturnToQuery !==
'' ?
328 $this->mReturnToQuery : null,
330 ( $this->mEntryErrorType ===
'error' ?
'error' :
'warning' ) => $this->mEntryError,
331 ] + $this->mRequest->getQueryValues();
335 && !$this->mFromHTTP )
340 $this->
getOutput()->addVaryHeader(
'X-Forwarded-Proto' );
347 if ( substr( $url, 0, 8 ) ===
'https://' ) {
348 $this->mSecureLoginUrl = $url;
353 if ( !is_null( $this->mCookieCheck ) ) {
357 } elseif ( $this->mPosted ) {
358 if ( $this->mCreateaccount ) {
362 } elseif ( $this->mCreateaccountMail ) {
366 } elseif ( (
'submitlogin' == $this->mAction ) || $this->mLoginattempt ) {
372 $this->
mainLoginForm( $this->mEntryError, $this->mEntryErrorType );
379 if ( $this->mEmail ==
'' ) {
386 LoggerFactory::getInstance(
'authmanager' )->info(
387 'Account creation attempt with mailed password',
388 [
'event' =>
'accountcreation',
'status' =>
$status ]
391 $error =
$status->getMessage();
401 $u->setPassword( null );
406 $u->addNewUserLogEntry(
'byemail', $this->mReason );
409 $out->setPageTitle( $this->
msg(
'accmailtitle' ) );
414 $out->addWikiMsg(
'accmailtext', $u->getName(), $u->getEmail() );
426 # Create the account and abort if there's a problem doing so
428 LoggerFactory::getInstance(
'authmanager' )->info(
'Account creation attempt', [
429 'event' =>
'accountcreation',
434 $error =
$status->getMessage();
442 # Only save preferences if the user is not creating an account for someone else.
443 if ( $this->
getUser()->isAnon() ) {
444 # If we showed up language selection links, and one was in use, be
445 # smart (and sensible) and save that language as the user's preference
446 if ( $wgLoginLanguageSelector && $this->mLanguage ) {
447 $u->setOption(
'language', $this->mLanguage );
450 # Otherwise the user's language preference defaults to $wgContLang,
451 # but it may be better to set it to their preferred $wgContLang variant,
452 # based on browser preferences or URL parameters.
453 $u->setOption(
'language', $wgContLang->getPreferredVariant() );
455 if ( $wgContLang->hasVariants() ) {
456 $u->setOption(
'variant', $wgContLang->getPreferredVariant() );
462 # Send out an email authentication message if needed
464 $status = $u->sendConfirmationMail();
466 $out->addWikiMsg(
'confirmemail_oncreate' );
468 $out->addWikiText(
$status->getWikiText(
'confirmemail_sendfailed' ) );
472 # Save settings (including confirmation token)
475 # If not logged in, assume the new account as the current one and set
476 # session cookies then show a "welcome" message or a "need cookies"
478 if ( $this->
getUser()->isAnon() ) {
486 $u->addNewUserLogEntry(
'create' );
493 # Confirm that the account was created
494 $out->setPageTitle( $this->
msg(
'accountcreated' ) );
495 $out->addWikiMsg(
'accountcreatedtext', $u->getName() );
498 $u->addNewUserLogEntry(
'create2', $this->mReason );
514 if ( !$wgAuth->validDomain( $this->mDomain ) ) {
523 if (
'local' != $this->mDomain && $this->mDomain !=
'' ) {
525 !$wgAuth->canCreateAccounts() &&
527 !$wgAuth->userExists( $this->mUsername ) ||
528 !$wgAuth->authenticate( $this->mUsername, $this->mPassword )
539 # Request forgery checks.
540 $token = self::getCreateaccountToken();
541 if ( $token->wasNew() ) {
545 # The user didn't pass a createaccount token
546 if ( !$this->mToken ) {
550 # Validate the createaccount token
551 if ( !$token->match( $this->mToken ) ) {
556 $currentUser = $this->
getUser();
557 $creationBlock = $currentUser->isBlockedFromCreateAccount();
558 if ( !$currentUser->isAllowed(
'createaccount' ) ) {
560 } elseif ( $creationBlock instanceof
Block ) {
568 # Include checks that will include GlobalBlocking (Bug 38333)
569 $permErrors = $this->
getPageTitle()->getUserPermissionsErrors(
575 if ( count( $permErrors ) ) {
580 if ( $currentUser->isDnsBlacklisted( $ip,
true ) ) {
584 # Now create a dummy user ($u) and check if it is valid
591 # Make sure the user does not exist already
592 $lock =
$cache->getScopedLock(
$cache->makeGlobalKey(
'account', md5( $this->mUsername ) ) );
599 if ( $this->mCreateaccountMail ) {
600 # do not force a password for account creation by email
601 # set invalid password, it will be replaced later by a random generated password
602 $this->mPassword = null;
604 if ( $this->mPassword !== $this->mRetype ) {
608 # check for password validity, return a fatal Status if invalid
609 $validity = $u->checkPasswordValidity( $this->mPassword,
'create' );
610 if ( !$validity->isGood() ) {
611 $validity->ok =
false;
616 # if you need a confirmed email address to edit, then obviously you
617 # need an email address.
618 if ( $wgEmailConfirmToEdit && strval( $this->mEmail ) ===
'' ) {
626 # Set some additional data so the AbortNewAccount hook can be used for
627 # more than just username validation
628 $u->setEmail( $this->mEmail );
629 $u->setRealName( $this->mRealName );
633 if ( !
Hooks::run(
'AbortNewAccount', [ $u, &$abortError, &$abortStatus ] ) ) {
635 wfDebug(
"LoginForm::addNewAccountInternal: a hook blocked creation\n" );
636 if ( $abortStatus === null ) {
641 $abortError =
new Message(
'createaccount-hook-aborted', [ $abortError ] );
653 if ( !
Hooks::run(
'ExemptFromAccountCreationThrottle', [ $ip ] ) ) {
654 wfDebug(
"LoginForm::exemptFromAccountCreationThrottle: a hook " .
655 "allowed account creation w/o throttle\n" );
657 if ( ( $wgAccountCreationThrottle && $currentUser->isPingLimitable() ) ) {
661 $cache->set( $key, 0, $cache::TTL_DAY );
663 if (
$value >= $wgAccountCreationThrottle ) {
664 return Status::newFatal(
'acct_creation_throttle_hit', $wgAccountCreationThrottle );
670 if ( !$wgAuth->addUser( $u, $this->mPassword, $this->mEmail, $this->mRealName ) ) {
674 self::clearCreateaccountToken();
676 return $this->
initUser( $u,
false );
696 if ( $wgAuth->allowPasswordChange() ) {
697 $u->setPassword( $this->mPassword );
700 $u->setEmail( $this->mEmail );
701 $u->setRealName( $this->mRealName );
704 Hooks::run(
'LocalUserCreated', [ $u, $autocreate ] );
706 $wgAuth->initUser( $u, $autocreate );
707 if ( $oldUser !== $u ) {
708 wfWarn( get_class( $wgAuth ) .
'::initUser() replaced the user object' );
735 if ( $this->mUsername ==
'' ) {
736 return self::NO_NAME;
745 $token = self::getLoginToken();
746 if ( $token->wasNew() ) {
747 return self::NEED_TOKEN;
750 if ( !$this->mToken ) {
751 return self::NEED_TOKEN;
754 $throttleCount = self::incrementLoginThrottle( $this->mUsername );
755 if ( $throttleCount ) {
756 $this->mThrottleWait = $throttleCount[
'wait'];
757 return self::THROTTLED;
761 if ( !$token->match( $this->mToken ) ) {
762 return self::WRONG_TOKEN;
772 wfDebug( __METHOD__ .
": already logged in as {$this->mUsername}\n" );
774 return self::SUCCESS;
778 if ( $u ===
false ) {
779 return self::ILLEGAL;
785 if ( !
Hooks::run(
'LoginUserMigrated', [ $u, &$msg ] ) ) {
786 $this->mAbortLoginErrorMsg = $msg;
787 return self::USER_MIGRATED;
791 return self::ILLEGAL;
794 $isAutoCreated =
false;
795 if ( $u->getId() == 0 ) {
797 if (
$status !== self::SUCCESS ) {
800 $isAutoCreated =
true;
807 $abort = self::ABORTED;
808 if ( !
Hooks::run(
'AbortLogin', [ $u, $this->mPassword, &$abort, &$msg ] ) ) {
809 if ( !in_array( $abort, array_keys( self::$statusCodes ),
true ) ) {
810 throw new Exception(
'Invalid status code returned from AbortLogin hook: ' . $abort );
812 $this->mAbortLoginErrorMsg = $msg;
817 if ( !$u->checkPassword( $this->mPassword ) ) {
818 if ( $u->checkTemporaryPassword( $this->mPassword ) ) {
837 if ( !$u->isEmailConfirmed() && !
wfReadOnly() ) {
845 $this->mAbortLoginErrorMsg =
'resetpass-temp-emailed';
846 $this->mTempPasswordUsed =
true;
851 } elseif ( $wgBlockDisablesLogin && $u->isBlocked() ) {
857 $this->mAbortLoginErrorMsg =
'resetpass-expired';
861 $wgAuth->updateUser( $u );
862 if ( $oldUser !== $u ) {
863 wfWarn( get_class( $wgAuth ) .
'::updateUser() replaced the user object' );
872 self::clearLoginThrottle( $this->mUsername );
874 if ( $isAutoCreated ) {
901 if ( is_array( $wgPasswordAttemptThrottle ) ) {
903 if ( isset( $wgPasswordAttemptThrottle[
'count'] ) ) {
907 foreach ( $throttleConfig
as $index => $specificThrottle ) {
908 if ( isset( $specificThrottle[
'allIPs'] ) ) {
911 $ip = $wgRequest->getIP();
916 $count = $specificThrottle[
'count'];
917 $period = $specificThrottle[
'seconds'];
920 $throttleCount =
$cache->get( $throttleKey );
921 if ( !$throttleCount ) {
922 $cache->add( $throttleKey, 1, $period );
923 } elseif ( $throttleCount <
$count ) {
924 $cache->incr( $throttleKey );
925 } elseif ( $throttleCount >=
$count ) {
926 $logMsg =
'Login attempt rejected because logins to '
927 .
'{acct} from IP {ip} have been throttled for '
928 .
'{period} seconds due to {count} failed attempts';
933 $level =
$count >= 50 ? LogLevel::WARNING : LogLevel::INFO;
938 LoggerFactory::getInstance(
'password-throttle' )->log(
946 'throttleIdentifier' => $index,
947 'method' => __METHOD__
952 'throttleIndex' => $index,
973 return is_array(
$res ) ?
true : 0;
986 if ( is_array( $wgPasswordAttemptThrottle ) ) {
988 if ( isset( $wgPasswordAttemptThrottle[
'count'] ) ) {
992 foreach ( $throttleConfig
as $index => $specificThrottle ) {
993 if ( isset( $specificThrottle[
'allIPs'] ) ) {
996 $ip = $wgRequest->getIP();
1017 if ( $this->
getUser()->isBlockedFromCreateAccount() ) {
1018 wfDebug( __METHOD__ .
": user is blocked from account creation\n" );
1020 return self::CREATE_BLOCKED;
1023 if ( !$wgAuth->autoCreate() ) {
1024 return self::NOT_EXISTS;
1027 if ( !$wgAuth->userExists(
$user->getName() ) ) {
1028 wfDebug( __METHOD__ .
": user does not exist\n" );
1030 return self::NOT_EXISTS;
1034 wfDebug( __METHOD__ .
": \$wgAuth->authenticate() returned false, aborting\n" );
1036 return self::WRONG_PLUGIN_PASS;
1042 wfDebug(
"LoginForm::attemptAutoCreate: a hook blocked creation: $abortError\n" );
1043 $this->mAbortLoginErrorMsg = $abortError;
1045 return self::ABORTED;
1048 wfDebug( __METHOD__ .
": creating account\n" );
1052 $errors =
$status->getErrorsByType(
'error' );
1053 $this->mAbortLoginErrorMsg = $errors[0][
'message'];
1055 return self::ABORTED;
1058 return self::SUCCESS;
1065 switch ( $authRes ) {
1067 # We've verified now, update the real record
1071 if (
$user->requiresHTTPS() ) {
1072 $this->mStickHTTPS =
true;
1075 if ( $wgSecureLogin && !$this->mStickHTTPS ) {
1076 $user->setCookies( $this->mRequest,
false, $this->mRemember );
1078 $user->setCookies( $this->mRequest, null, $this->mRemember );
1080 self::clearLoginToken();
1083 self::clearLoginThrottle( $this->mUsername );
1092 $wgLang = $userLang;
1094 $this->
getContext()->setLanguage( $userLang );
1099 } elseif ( $wgInvalidPasswordReset
1100 && !
$user->isValidPassword( $this->mPassword )
1107 $status->getMessage(
'resetpass-validity-soft' )
1117 case self::NEED_TOKEN:
1118 $error = $this->mAbortLoginErrorMsg ?:
'nocookiesforlogin';
1121 case self::WRONG_TOKEN:
1122 $error = $this->mAbortLoginErrorMsg ?:
'sessionfailure';
1127 $error = $this->mAbortLoginErrorMsg ?:
'noname';
1130 case self::WRONG_PLUGIN_PASS:
1131 $error = $this->mAbortLoginErrorMsg ?:
'wrongpassword';
1134 case self::NOT_EXISTS:
1135 if ( $this->
getUser()->isAllowed(
'createaccount' ) ) {
1136 $error = $this->mAbortLoginErrorMsg ?:
'nosuchuser';
1140 $error = $this->mAbortLoginErrorMsg ?:
'nosuchusershort';
1146 $error = $this->mAbortLoginErrorMsg ?:
'wrongpassword';
1149 case self::EMPTY_PASS:
1150 $error = $this->mAbortLoginErrorMsg ?:
'wrongpasswordempty';
1153 case self::RESET_PASS:
1154 $error = $this->mAbortLoginErrorMsg ?:
'resetpass_announce';
1157 case self::CREATE_BLOCKED:
1160 case self::THROTTLED:
1161 $error = $this->mAbortLoginErrorMsg ?:
'login-throttled';
1163 ->durationParams( $this->mThrottleWait )->
text()
1166 case self::USER_BLOCKED:
1167 $error = $this->mAbortLoginErrorMsg ?:
'login-userblocked';
1171 $error = $this->mAbortLoginErrorMsg ?:
'login-abort-generic';
1175 case self::USER_MIGRATED:
1176 $error = $this->mAbortLoginErrorMsg ?:
'login-migrated-generic';
1178 if ( is_array( $error ) ) {
1179 $error = array_shift( $this->mAbortLoginErrorMsg );
1188 LoggerFactory::getInstance(
'authmanager' )->info(
'Login attempt', [
1190 'successful' => $authRes === self::SUCCESS,
1201 Hooks::run(
'LoginPasswordResetMessage', [ &$msg, $this->mUsername ] );
1204 $derivative->setTitle( $reset->getPageTitle() );
1205 $reset->setContext( $derivative );
1206 if ( !$this->mTempPasswordUsed ) {
1207 $reset->setOldPasswordMessage(
'oldpassword' );
1209 $reset->setChangeMessage( $msg );
1210 $reset->execute( null );
1221 $emailText =
'passwordremindertext'
1225 if ( $u->getEmail() ==
'' ) {
1233 $currentUser = $this->
getUser();
1234 Hooks::run(
'User::mailPasswordInternal', [ &$currentUser, &$ip, &$u ] );
1237 $u->setNewpassword( $np, $throttle );
1239 $userLanguage = $u->getOption(
'language' );
1242 $mainPageUrl = $mainPage->getCanonicalURL();
1244 $m = $this->
msg( $emailText, $ip, $u->getName(), $np,
'<' . $mainPageUrl .
'>',
1245 round( $wgNewPasswordExpiry / 86400 ) )->inLanguage( $userLanguage )->text();
1246 $result = $u->sendMail( $this->
msg( $emailTitle )->inLanguage( $userLanguage )->
text(), $m );
1262 # Run any hooks; display injected HTML if any, else redirect
1263 $currentUser = $this->
getUser();
1264 $injected_html =
'';
1266 Hooks::run(
'UserLoginComplete', [ &$currentUser, &$injected_html, $direct ] );
1268 if ( $injected_html !==
'' ) {
1270 'loginsuccess', $injected_html );
1283 # Run any hooks; display injected HTML
1284 $currentUser = $this->
getUser();
1285 $injected_html =
'';
1286 $welcome_creation_msg =
'welcomecreation-msg';
1289 Hooks::run(
'UserLoginComplete', [ &$currentUser, &$injected_html, $direct ] );
1296 Hooks::run(
'BeforeWelcomeCreation', [ &$welcome_creation_msg, &$injected_html ] );
1301 $welcome_creation_msg, $injected_html
1320 $out->addHTML( $injected_html );
1334 # Let's be nice about this, it's likely that this feature will be used
1335 # for blocking large numbers of innocent people, e.g. range blocks on
1336 # schools. Don't blame it on the user. There's a small chance that it
1337 # really is the user's fault, i.e. the username is blocked and they
1338 # haven't bothered to log out before trying to create an account to
1339 # evade it, but we'll leave that to their guilty conscience to figure
1343 $block->mReason ? $block->mReason : $this->
msg(
'blockednoreason' )->text(),
1348 $errorMessage =
'cantcreateaccount-range-text';
1349 $errorParams[] = $this->
getRequest()->getIP();
1351 $errorMessage =
'cantcreateaccount-text';
1355 'cantcreateaccounttitle',
1381 $this->mStickHTTPS = $stickHTTPs;
1397 if (
$type !=
'error' && $wgRedirectOnLogin !== null ) {
1409 if ( !$returnToTitle ) {
1413 if ( $wgSecureLogin && !$this->mStickHTTPS ) {
1416 } elseif ( $wgSecureLogin ) {
1424 if (
$type ==
'successredirect' ) {
1425 $redirectUrl = $returnToTitle->getFullURL(
$returnToQuery,
false, $proto );
1426 $this->
getOutput()->redirect( $redirectUrl );
1454 if ( $this->mType ==
'signup' ) {
1458 $permErrors = $titleObj->getUserPermissionsErrors(
'createaccount',
$user,
true );
1459 if ( count( $permErrors ) ) {
1461 } elseif (
$user->isBlockedFromCreateAccount() ) {
1471 if ( $this->mUsername ==
'' && $this->mType !=
'signup' ) {
1472 if (
$user->isLoggedIn() ) {
1473 $this->mUsername =
$user->getName();
1475 $this->mUsername = $this->
getRequest()->getSession()->suggestLoginUsername();
1480 $out->addModuleStyles( [
1482 'mediawiki.ui.button',
1483 'mediawiki.ui.checkbox',
1484 'mediawiki.ui.input',
1485 'mediawiki.special.userlogin.common.styles'
1488 if ( $this->mType ==
'signup' ) {
1491 'mediawiki.special.userlogin.signup.js'
1493 $out->addModuleStyles( [
1494 'mediawiki.special.userlogin.signup.styles'
1502 $q =
'action=submitlogin&type=signup';
1503 $linkq =
'type=login';
1506 $out->addModuleStyles( [
1507 'mediawiki.special.userlogin.login.styles'
1512 $q =
'action=submitlogin&type=login';
1513 $linkq =
'type=signup';
1516 if ( $this->mReturnTo !==
'' ) {
1517 $returnto =
'&returnto=' .
wfUrlencode( $this->mReturnTo );
1518 if ( $this->mReturnToQuery !==
'' ) {
1519 $returnto .=
'&returntoquery=' .
1523 $linkq .= $returnto;
1526 # Don't show a "create account" link if the user can't.
1528 # Pass any language selection on to the mode switch link
1529 if ( $wgLoginLanguageSelector && $this->mLanguage ) {
1533 $template->set(
'createOrLoginHref', $titleObj->getLocalURL( $linkq ) );
1538 $resetLink = $this->mType ==
'signup'
1540 : is_array( $wgPasswordResetRoutes ) && in_array(
true, array_values( $wgPasswordResetRoutes ) );
1545 $template->set(
'name', $this->mUsername );
1546 $template->set(
'password', $this->mPassword );
1547 $template->set(
'retype', $this->mRetype );
1548 $template->set(
'createemailset', $this->mCreateaccountMail );
1549 $template->set(
'email', $this->mEmail );
1550 $template->set(
'realname', $this->mRealName );
1551 $template->set(
'domain', $this->mDomain );
1552 $template->set(
'reason', $this->mReason );
1554 $template->set(
'action', $titleObj->getLocalURL( $q ) );
1556 $template->set(
'messagetype', $msgtype );
1557 $template->set(
'createemail', $wgEnableEmail &&
$user->isLoggedIn() );
1558 $template->set(
'userealname', !in_array(
'realname', $wgHiddenPrefs ) );
1559 $template->set(
'useemail', $wgEnableEmail );
1560 $template->set(
'emailrequired', $wgEmailConfirmToEdit );
1561 $template->set(
'emailothers', $wgEnableUserEmail );
1562 $template->set(
'canreset', $wgAuth->allowPasswordChange() );
1563 $template->set(
'resetlink', $resetLink );
1564 $template->set(
'canremember', $wgExtendedLoginCookieExpiration === null ?
1565 ( $wgCookieExpiration > 0 ) :
1566 ( $wgExtendedLoginCookieExpiration > 0 ) );
1568 $template->set(
'remember', $this->mRemember );
1569 $template->set(
'cansecurelogin', ( $wgSecureLogin ===
true ) );
1570 $template->set(
'stickhttps', (
int)$this->mStickHTTPS );
1574 if ( $this->mType ==
'signup' ) {
1575 $template->set(
'token', self::getCreateaccountToken()->toString() );
1577 $template->set(
'token', self::getLoginToken()->toString() );
1580 # Prepare language selection links as needed
1581 if ( $wgLoginLanguageSelector ) {
1583 if ( $this->mLanguage ) {
1584 $template->set(
'uselang', $this->mLanguage );
1588 $template->set(
'secureLoginUrl', $this->mSecureLoginUrl );
1590 $usingHTTPS = $this->mRequest->getProtocol() ==
'https';
1591 $signupendHTTPS = $this->
msg(
'signupend-https' );
1592 if ( $usingHTTPS && !$signupendHTTPS->isBlank() ) {
1593 $template->set(
'signupend', $signupendHTTPS->parse() );
1595 $template->set(
'signupend', $this->
msg(
'signupend' )->parse() );
1599 if ( $usingHTTPS ) {
1600 $template->set(
'fromhttp', $this->mFromHTTP );
1604 $wgAuth->modifyUITemplate(
$template, $this->mType );
1605 if ( $this->mType ==
'signup' ) {
1611 $out->disallowUserJs();
1623 if ( $this->mType ==
'signup' ) {
1625 } elseif (
$user->isAllowed(
'createaccount' ) ) {
1645 return $wgDisableCookieCheck || (
1646 $wgInitialSessionId &&
1658 return $wgRequest->getSession()->getToken(
'',
'login' );
1679 $wgRequest->getSession()->resetToken(
'login' );
1689 return $wgRequest->getSession()->getToken(
'',
'createaccount' );
1710 $wgRequest->getSession()->resetToken(
'createaccount' );
1718 if ( $wgSecureLogin && !$this->mStickHTTPS ) {
1719 $wgCookieSecure =
false;
1722 SessionManager::getGlobalSession()->resetId();
1723 SessionManager::getGlobalSession()->resetAllTokens();
1733 if ( $this->mReturnTo !==
'' ) {
1737 $check = $titleObj->getFullURL(
$query );
1748 if (
$type ==
'new' ) {
1750 } elseif (
$type ==
'login' ) {
1768 $msg = $this->
msg(
'loginlanguagelinks' )->inContentLanguage();
1769 if ( $msg->isBlank() ) {
1772 $langs = explode(
"\n", $msg->text() );
1775 $lang = trim( $lang,
'* ' );
1776 $parts = explode(
'|', $lang );
1777 if ( count( $parts ) >= 2 ) {
1782 return count( $links ) > 0 ? $this->
msg(
'loginlanguagelabel' )->rawParams(
1783 $this->
getLanguage()->pipeList( $links ) )->escaped() :
'';
1797 return htmlspecialchars( $text );
1800 if ( $this->mType ==
'signup' ) {
1801 $query[
'type'] =
'signup';
1803 if ( $this->mReturnTo !==
'' ) {
1810 $attr[
'lang'] = $attr[
'hreflang'] = $targetLanguage->getHtmlCode();
1814 htmlspecialchars( $text ),
1833 $ts =
$dbr->selectField(
'user',
'user_password_expires', [
'user_id' => $user->
getId() ] );
1838 if ( $ts !== null && $expUnix < $now ) {
1839 $expired = ( $expUnix + $wgPasswordExpireGrace < $now ) ?
'hard' :
'soft';
1845 return [
'signup' ];
static newFromName($name, $validate= 'valid')
Static factory method for creation from username.
$wgPasswordAttemptThrottle
Limit password attempts to X attempts per Y seconds per IP per account.
wfGetDB($db, $groups=[], $wiki=false)
Get a Database object.
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
null for the local wiki Added should default to null in handler for backwards compatibility add a value to it if you want to add a cookie that have to vary cache options can modify $query
wfCanIPUseHTTPS($ip)
Determine whether the client at a given source IP is likely to be able to access the wiki via HTTPS...
getContext()
Gets the context this SpecialPage is executed in.
do that in ParserLimitReportFormat instead use this to modify the parameters of the image and a DIV can begin in one section and end in another Make sure your code can handle that case gracefully See the EditSectionClearerLink extension for an example zero but section is usually empty its values are the globals values before the output is cached one of or reset my talk my contributions etc etc otherwise the built in rate limiting checks are if enabled allows for interception of redirect as a string & $returnToQuery
static newMainPage()
Create a new Title for the Main Page.
Show an error when the wiki is locked/read-only and the user tries to do something that requires writ...
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
static getTitleFor($name, $subpage=false, $fragment= '')
Get a localised Title object for a specified special page name.
static getCanonicalName($name, $validate= 'valid')
Given unvalidated user input, return a canonical username, or false if the username is invalid...
The Message class provides methods which fulfil two basic services:
getType()
Get the type of target for this particular block.
$wgPasswordExpireGrace
If a user's password is expired, the number of seconds when they can still login, and cancel their pa...
if(!isset($args[0])) $lang
An IContextSource implementation which will inherit context from another source but allow individual ...
static generateRandomPasswordString($minLength=10)
Generate a random string suitable for a password.
static isUsableName($name)
Usernames which fail to pass this function will be blocked from user login and new account registrati...
$wgSecureLogin
This is to let user authenticate using https when they come from http.
This code would result in ircNotify being run twice when an article is and once for brion Hooks can return three possible true was required This is the default since MediaWiki *some string
static getLocalClusterInstance()
Get the main cluster-local cache object.
msg()
Wrapper around wfMessage that sets the current context.
$wgEmailConfirmToEdit
Should editors be required to have a validated e-mail address before being allowed to edit...
getOutput()
Get the OutputPage being used for this instance.
$wgAuth $wgAuth
Authentication plugin.
$wgHiddenPrefs
An array of preferences to not show for the user.
$wgCookieSecure
Whether the "secure" flag should be set on the cookie.
wfUrlencode($s)
We want some things to be included as literal characters in our title URLs for prettiness, which urlencode encodes by default.
static newFromText($text, $defaultNamespace=NS_MAIN)
Create a new Title from text, such as what one would find in a link.
when a variable name is used in a it is silently declared as a new local masking the global
static newFatal($message)
Factory function for fatal errors.
$wgEnableEmail
Set to true to enable the e-mail basic features: Password reminders, etc.
$wgPasswordResetRoutes
Whether to allow password resets ("enter some identifying data, and we'll send an email with a tempo...
wfDebug($text, $dest= 'all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
this class mediates it Skin Encapsulates a look and feel for the wiki All of the functions that render HTML and make choices about how to render it are here and are called from various other places when and is meant to be subclassed with other skins that may override some of its functions The User object contains a reference to a and so rather than having a global skin object we just rely on the global User and get the skin with $wgUser and also has some character encoding functions and other locale stuff The current user interface language is instantiated as $wgLang
The index of the header message $result[1]=The index of the body text message $result[2 through n]=Parameters passed to body text message.Please note the header message cannot receive/use parameters. 'ImportHandleLogItemXMLTag':When parsing a XML tag in a log item.Return false to stop further processing of the tag $reader:XMLReader object $logInfo:Array of information 'ImportHandlePageXMLTag':When parsing a XML tag in a page.Return false to stop further processing of the tag $reader:XMLReader object &$pageInfo:Array of information 'ImportHandleRevisionXMLTag':When parsing a XML tag in a page revision.Return false to stop further processing of the tag $reader:XMLReader object $pageInfo:Array of page information $revisionInfo:Array of revision information 'ImportHandleToplevelXMLTag':When parsing a top level XML tag.Return false to stop further processing of the tag $reader:XMLReader object 'ImportHandleUploadXMLTag':When parsing a XML tag in a file upload.Return false to stop further processing of the tag $reader:XMLReader object $revisionInfo:Array of information 'ImportLogInterwikiLink':Hook to change the interwiki link used in log entries and edit summaries for transwiki imports.&$fullInterwikiPrefix:Interwiki prefix, may contain colons.&$pageTitle:String that contains page title. 'ImportSources':Called when reading from the $wgImportSources configuration variable.Can be used to lazy-load the import sources list.&$importSources:The value of $wgImportSources.Modify as necessary.See the comment in DefaultSettings.php for the detail of how to structure this array. 'InfoAction':When building information to display on the action=info page.$context:IContextSource object &$pageInfo:Array of information 'InitializeArticleMaybeRedirect':MediaWiki check to see if title is a redirect.&$title:Title object for the current page &$request:WebRequest &$ignoreRedirect:boolean to skip redirect check &$target:Title/string of redirect target &$article:Article object 'InternalParseBeforeLinks':during Parser's internalParse method before links but after nowiki/noinclude/includeonly/onlyinclude and other processings.&$parser:Parser object &$text:string containing partially parsed text &$stripState:Parser's internal StripState object 'InternalParseBeforeSanitize':during Parser's internalParse method just before the parser removes unwanted/dangerous HTML tags and after nowiki/noinclude/includeonly/onlyinclude and other processings.Ideal for syntax-extensions after template/parser function execution which respect nowiki and HTML-comments.&$parser:Parser object &$text:string containing partially parsed text &$stripState:Parser's internal StripState object 'InterwikiLoadPrefix':When resolving if a given prefix is an interwiki or not.Return true without providing an interwiki to continue interwiki search.$prefix:interwiki prefix we are looking for.&$iwData:output array describing the interwiki with keys iw_url, iw_local, iw_trans and optionally iw_api and iw_wikiid. 'InvalidateEmailComplete':Called after a user's email has been invalidated successfully.$user:user(object) whose email is being invalidated 'IRCLineURL':When constructing the URL to use in an IRC notification.Callee may modify $url and $query, URL will be constructed as $url.$query &$url:URL to index.php &$query:Query string $rc:RecentChange object that triggered url generation 'IsFileCacheable':Override the result of Article::isFileCacheable()(if true) &$article:article(object) being checked 'IsTrustedProxy':Override the result of IP::isTrustedProxy() &$ip:IP being check &$result:Change this value to override the result of IP::isTrustedProxy() 'IsUploadAllowedFromUrl':Override the result of UploadFromUrl::isAllowedUrl() $url:URL used to upload from &$allowed:Boolean indicating if uploading is allowed for given URL 'isValidEmailAddr':Override the result of Sanitizer::validateEmail(), for instance to return false if the domain name doesn't match your organization.$addr:The e-mail address entered by the user &$result:Set this and return false to override the internal checks 'isValidPassword':Override the result of User::isValidPassword() $password:The password entered by the user &$result:Set this and return false to override the internal checks $user:User the password is being validated for 'Language::getMessagesFileName':$code:The language code or the language we're looking for a messages file for &$file:The messages file path, you can override this to change the location. 'LanguageGetMagic':DEPRECATED!Use $magicWords in a file listed in $wgExtensionMessagesFiles instead.Use this to define synonyms of magic words depending of the language &$magicExtensions:associative array of magic words synonyms $lang:language code(string) 'LanguageGetNamespaces':Provide custom ordering for namespaces or remove namespaces.Do not use this hook to add namespaces.Use CanonicalNamespaces for that.&$namespaces:Array of namespaces indexed by their numbers 'LanguageGetSpecialPageAliases':DEPRECATED!Use $specialPageAliases in a file listed in $wgExtensionMessagesFiles instead.Use to define aliases of special pages names depending of the language &$specialPageAliases:associative array of magic words synonyms $lang:language code(string) 'LanguageGetTranslatedLanguageNames':Provide translated language names.&$names:array of language code=> language name $code:language of the preferred translations 'LanguageLinks':Manipulate a page's language links.This is called in various places to allow extensions to define the effective language links for a page.$title:The page's Title.&$links:Associative array mapping language codes to prefixed links of the form"language:title".&$linkFlags:Associative array mapping prefixed links to arrays of flags.Currently unused, but planned to provide support for marking individual language links in the UI, e.g.for featured articles. 'LanguageSelector':Hook to change the language selector available on a page.$out:The output page.$cssClassName:CSS class name of the language selector. 'LinkBegin':DEPRECATED!Use HtmlPageLinkRendererBegin instead.Used when generating internal and interwiki links in Linker::link(), before processing starts.Return false to skip default processing and return $ret.See documentation for Linker::link() for details on the expected meanings of parameters.$skin:the Skin object $target:the Title that the link is pointing to &$html:the contents that the< a > tag should have(raw HTML) $result
wfGlobalCacheKey()
Make a cache key with database-agnostic prefix.
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping $template
The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time).
wfTimestamp($outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
$wgLoginLanguageSelector
Show a bar of language selection links in the user login and user registration forms; edit the "login...
wfCgiToArray($query)
This is the logical opposite of wfArrayToCgi(): it accepts a query string as its argument and returns...
Parent class for all special pages.
$wgExtendedLoginCookieExpiration
Default login cookie lifetime, in seconds.
wfEscapeWikiText($text)
Escapes the given text so that it may be output using addWikiText() without any linking, formatting, etc.
wfReadOnly()
Check whether the wiki is in read-only mode.
static getMain()
Static methods.
Let users recover their password.
wfAppendQuery($url, $query)
Append a query string to an existing URL, which may or may not already have query string parameters a...
An error page which can definitely be safely rendered using the OutputPage.
wfWarn($msg, $callerOffset=1, $level=E_USER_NOTICE)
Send a warning either to the debug log or in a PHP error depending on $wgDevelopmentWarnings.
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set and then return false from the hook function Ensure you consume the ChangeTagAfterDelete hook to carry out custom deletion actions as context called by AbstractContent::getParserOutput May be used to override the normal model specific rendering of page content as context as context $options
$wgDisableCookieCheck
By default, MediaWiki checks if the client supports cookies during the login process, so that it can display an informative error message if cookies are disabled.
Class for handling updates to the site_stats table.
$wgBlockDisablesLogin
If true, blocked users will not be allowed to login.
getSkin()
Shortcut to get the skin being used for this instance.
wfDeprecated($function, $version=false, $component=false, $callerOffset=2)
Throws a warning that $function is deprecated.
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes! ...
$wgUseMediaWikiUIEverywhere
Temporary variable that applies MediaWiki UI wherever it can be supported.
$wgNewPasswordExpiry
The time, in seconds, when an emailed temporary password expires.
Allows to change the fields on the form that will be generated are created Can be used to omit specific feeds from being outputted You must not use this hook to add use OutputPage::addFeedLink() instead.&$feedLinks conditions will AND in the final query as a Content object as a Content object $title
static linkKnown($target, $html=null, $customAttribs=[], $query=[], $options=[ 'known'])
Identical to link(), except $options defaults to 'known'.
static addUpdate(DeferrableUpdate $update, $type=self::POSTSEND)
Add an update to the deferred list.
static run($event, array $args=[], $deprecatedVersion=null)
Call hook functions defined in Hooks::register and $wgHooks.
design txt This is a brief overview of the new design More thorough and up to date information is available on the documentation wiki at etc Handles the details of getting and saving to the user table of the and dealing with sessions and cookies OutputPage Encapsulates the entire HTML page that will be sent in response to any server request It is used by calling its functions to add text
$wgEnableUserEmail
Set to true to enable user-to-user e-mail.
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output modifiable & $code
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account $user
$wgAccountCreationThrottle
Number of accounts each IP address may create, 0 to disable.
$wgRedirectOnLogin
Allow redirection to another page when a user logs in.
$wgEmailAuthentication
Require email authentication before sending mail to an email address.
$wgCookieExpiration
Default cookie lifetime, in seconds.
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
$wgInvalidPasswordReset
Specifies if users should be sent to a password-reset form on login, if their password doesn't meet t...
this hook is for auditing only or null if authentication failed before getting that far $username
error also a ContextSource you ll probably need to make sure the header is varied on $request
getName()
Get the name of this Special Page.
$wgMinimalPasswordLength
Specifies the minimal length of a user password.
getId()
Get the user's ID.
getUser()
Shortcut to get the User executing this instance.
getConfig()
Shortcut to get main config object.
getTarget()
Get the target for this particular Block.
this hook is for auditing only WRONG_PASS
Show an error when a user tries to do something they do not have the necessary permissions for...
getLanguage()
Shortcut to get user's language.
this class mediates it Skin Encapsulates a look and feel for the wiki All of the functions that render HTML and make choices about how to render it are here and are called from various other places when and is meant to be subclassed with other skins that may override some of its functions The User object contains a reference to a and so rather than having a global skin object we just rely on the global User and get the skin with $wgUser and also has some character encoding functions and other locale stuff The current user interface language is instantiated as and the local content language as $wgContLang
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set $status
MediaWiki Logger LoggerFactory implements a PSR[0] compatible message logging system Named Psr Log LoggerInterface instances can be obtained from the MediaWiki Logger LoggerFactory::getInstance() static method.MediaWiki\Logger\LoggerFactory expects a class implementing the MediaWiki\Logger\Spi interface to act as a factory for new Psr\Log\LoggerInterface instances.The"Spi"in MediaWiki\Logger\Spi stands for"service provider interface".An SPI is an API intended to be implemented or extended by a third party.This software design pattern is intended to enable framework extension and replaceable components.It is specifically used in the MediaWiki\Logger\LoggerFactory service to allow alternate PSR-3 logging implementations to be easily integrated with MediaWiki.The service provider interface allows the backend logging library to be implemented in multiple ways.The $wgMWLoggerDefaultSpi global provides the classname of the default MediaWiki\Logger\Spi implementation to be loaded at runtime.This can either be the name of a class implementing the MediaWiki\Logger\Spi with a zero argument const ructor or a callable that will return an MediaWiki\Logger\Spi instance.Alternately the MediaWiki\Logger\LoggerFactory MediaWiki Logger LoggerFactory
getFullTitle()
Return the full title, including $par.
static validateEmail($addr)
Does a string look like an e-mail address?
const TS_UNIX
Unix time - the number of seconds since 1970-01-01 00:00:00 UTC.
getRequest()
Get the WebRequest being used for this instance.
do that in ParserLimitReportFormat instead use this to modify the parameters of the image and a DIV can begin in one section and end in another Make sure your code can handle that case gracefully See the EditSectionClearerLink extension for an example zero but section is usually empty its values are the globals values before the output is cached one of or reset my talk my contributions etc etc otherwise the built in rate limiting checks are if enabled allows for interception of redirect & $returnTo
static factory($code)
Get a cached or new language object for a given language code.
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account incomplete not yet checked for validity & $retval
if(is_null($wgLocalTZoffset)) if(!$wgDBerrorLogTZ) $wgRequest
do that in ParserLimitReportFormat instead use this to modify the parameters of the image and a DIV can begin in one section and end in another Make sure your code can handle that case gracefully See the EditSectionClearerLink extension for an example zero but section is usually empty its values are the globals values before the output is cached one of or reset my talk my contributions etc etc otherwise the built in rate limiting checks are if enabled allows for interception of redirect as a string mapping parameter names to values & $type
getByName()
Get the username of the blocking sysop.
static newGood($value=null)
Factory function for good results.
getPageTitle($subpage=false)
Get a self-referential title object.
1.8.6