| [ Index ] |
PHP Cross Reference of MediaWiki-1.24.0 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Created on August 7, 2012 4 * 5 * Copyright © 2012 Tyler Romeo <[email protected]> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License as published by 9 * the Free Software Foundation; either version 2 of the License, or 10 * (at your option) any later version. 11 * 12 * This program is distributed in the hope that it will be useful, 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 * GNU General Public License for more details. 16 * 17 * You should have received a copy of the GNU General Public License along 18 * with this program; if not, write to the Free Software Foundation, Inc., 19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. 20 * http://www.gnu.org/copyleft/gpl.html 21 * 22 * @file 23 */ 24 25 /** 26 * Unit to authenticate account registration attempts to the current wiki. 27 * 28 * @ingroup API 29 */ 30 class ApiCreateAccount extends ApiBase { 31 public function execute() { 32 // If we're in JSON callback mode, no tokens can be obtained 33 if ( !is_null( $this->getMain()->getRequest()->getVal( 'callback' ) ) ) { 34 $this->dieUsage( 'Cannot create account when using a callback', 'aborted' ); 35 } 36 37 // $loginForm->addNewaccountInternal will throw exceptions 38 // if wiki is read only (already handled by api), user is blocked or does not have rights. 39 // Use userCan in order to hit GlobalBlock checks (according to Special:userlogin) 40 $loginTitle = SpecialPage::getTitleFor( 'Userlogin' ); 41 if ( !$loginTitle->userCan( 'createaccount', $this->getUser() ) ) { 42 $this->dieUsage( 43 'You do not have the right to create a new account', 44 'permdenied-createaccount' 45 ); 46 } 47 if ( $this->getUser()->isBlockedFromCreateAccount() ) { 48 $this->dieUsage( 'You cannot create a new account because you are blocked', 'blocked' ); 49 } 50 51 $params = $this->extractRequestParams(); 52 53 // Init session if necessary 54 if ( session_id() == '' ) { 55 wfSetupSession(); 56 } 57 58 if ( $params['mailpassword'] && !$params['email'] ) { 59 $this->dieUsageMsg( 'noemail' ); 60 } 61 62 if ( $params['language'] && !Language::isSupportedLanguage( $params['language'] ) ) { 63 $this->dieUsage( 'Invalid language parameter', 'langinvalid' ); 64 } 65 66 $context = new DerivativeContext( $this->getContext() ); 67 $context->setRequest( new DerivativeRequest( 68 $this->getContext()->getRequest(), 69 array( 70 'type' => 'signup', 71 'uselang' => $params['language'], 72 'wpName' => $params['name'], 73 'wpPassword' => $params['password'], 74 'wpRetype' => $params['password'], 75 'wpDomain' => $params['domain'], 76 'wpEmail' => $params['email'], 77 'wpRealName' => $params['realname'], 78 'wpCreateaccountToken' => $params['token'], 79 'wpCreateaccount' => $params['mailpassword'] ? null : '1', 80 'wpCreateaccountMail' => $params['mailpassword'] ? '1' : null 81 ) 82 ) ); 83 84 $loginForm = new LoginForm(); 85 $loginForm->setContext( $context ); 86 wfRunHooks( 'AddNewAccountApiForm', array( $this, $loginForm ) ); 87 $loginForm->load(); 88 89 $status = $loginForm->addNewaccountInternal(); 90 $result = array(); 91 if ( $status->isGood() ) { 92 // Success! 93 $user = $status->getValue(); 94 95 if ( $params['language'] ) { 96 $user->setOption( 'language', $params['language'] ); 97 } 98 99 if ( $params['mailpassword'] ) { 100 // If mailpassword was set, disable the password and send an email. 101 $user->setPassword( null ); 102 $status->merge( $loginForm->mailPasswordInternal( 103 $user, 104 false, 105 'createaccount-title', 106 'createaccount-text' 107 ) ); 108 } elseif ( $this->getConfig()->get( 'EmailAuthentication' ) && Sanitizer::validateEmail( $user->getEmail() ) ) { 109 // Send out an email authentication message if needed 110 $status->merge( $user->sendConfirmationMail() ); 111 } 112 113 // Save settings (including confirmation token) 114 $user->saveSettings(); 115 116 wfRunHooks( 'AddNewAccount', array( $user, $params['mailpassword'] ) ); 117 118 if ( $params['mailpassword'] ) { 119 $logAction = 'byemail'; 120 } elseif ( $this->getUser()->isLoggedIn() ) { 121 $logAction = 'create2'; 122 } else { 123 $logAction = 'create'; 124 } 125 $user->addNewUserLogEntry( $logAction, (string)$params['reason'] ); 126 127 // Add username, id, and token to result. 128 $result['username'] = $user->getName(); 129 $result['userid'] = $user->getId(); 130 $result['token'] = $user->getToken(); 131 } 132 133 $apiResult = $this->getResult(); 134 135 if ( $status->hasMessage( 'sessionfailure' ) || $status->hasMessage( 'nocookiesfornew' ) ) { 136 // Token was incorrect, so add it to result, but don't throw an exception 137 // since not having the correct token is part of the normal 138 // flow of events. 139 $result['token'] = LoginForm::getCreateaccountToken(); 140 $result['result'] = 'NeedToken'; 141 } elseif ( !$status->isOK() ) { 142 // There was an error. Die now. 143 $this->dieStatus( $status ); 144 } elseif ( !$status->isGood() ) { 145 // Status is not good, but OK. This means warnings. 146 $result['result'] = 'Warning'; 147 148 // Add any warnings to the result 149 $warnings = $status->getErrorsByType( 'warning' ); 150 if ( $warnings ) { 151 foreach ( $warnings as &$warning ) { 152 $apiResult->setIndexedTagName( $warning['params'], 'param' ); 153 } 154 $apiResult->setIndexedTagName( $warnings, 'warning' ); 155 $result['warnings'] = $warnings; 156 } 157 } else { 158 // Everything was fine. 159 $result['result'] = 'Success'; 160 } 161 162 // Give extensions a chance to modify the API result data 163 wfRunHooks( 'AddNewAccountApiResult', array( $this, $loginForm, &$result ) ); 164 165 $apiResult->addValue( null, 'createaccount', $result ); 166 } 167 168 public function getDescription() { 169 return 'Create a new user account.'; 170 } 171 172 public function mustBePosted() { 173 return true; 174 } 175 176 public function isReadMode() { 177 return false; 178 } 179 180 public function isWriteMode() { 181 return true; 182 } 183 184 public function getAllowedParams() { 185 return array( 186 'name' => array( 187 ApiBase::PARAM_TYPE => 'user', 188 ApiBase::PARAM_REQUIRED => true 189 ), 190 'password' => null, 191 'domain' => null, 192 'token' => null, 193 'email' => array( 194 ApiBase::PARAM_TYPE => 'string', 195 ApiBase::PARAM_REQUIRED => $this->getConfig()->get( 'EmailConfirmToEdit' ), 196 ), 197 'realname' => null, 198 'mailpassword' => array( 199 ApiBase::PARAM_TYPE => 'boolean', 200 ApiBase::PARAM_DFLT => false 201 ), 202 'reason' => null, 203 'language' => null 204 ); 205 } 206 207 public function getParamDescription() { 208 $p = $this->getModulePrefix(); 209 210 return array( 211 'name' => 'Username', 212 'password' => "Password (ignored if {$p}mailpassword is set)", 213 'domain' => 'Domain for external authentication (optional)', 214 'token' => 'Account creation token obtained in first request', 215 'email' => 'Email address of user (optional)', 216 'realname' => 'Real name of user (optional)', 217 'mailpassword' => 'If set to any value, a random password will be emailed to the user', 218 'reason' => 'Optional reason for creating the account to be put in the logs', 219 'language' 220 => 'Language code to set as default for the user (optional, defaults to content language)' 221 ); 222 } 223 224 public function getExamples() { 225 return array( 226 'api.php?action=createaccount&name=testuser&password=test123', 227 'api.php?action=createaccount&name=testmailuser&mailpassword=true&reason=MyReason', 228 ); 229 } 230 231 public function getHelpUrls() { 232 return 'https://www.mediawiki.org/wiki/API:Account_creation'; 233 } 234 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Fri Nov 28 14:03:12 2014 | Cross-referenced by PHPXref 0.7.1 |