|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* Implements Special:ChangeEmail |
|
4
|
|
|
* |
|
5
|
|
|
* This program is free software; you can redistribute it and/or modify |
|
6
|
|
|
* it under the terms of the GNU General Public License as published by |
|
7
|
|
|
* the Free Software Foundation; either version 2 of the License, or |
|
8
|
|
|
* (at your option) any later version. |
|
9
|
|
|
* |
|
10
|
|
|
* This program is distributed in the hope that it will be useful, |
|
11
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
12
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
13
|
|
|
* GNU General Public License for more details. |
|
14
|
|
|
* |
|
15
|
|
|
* You should have received a copy of the GNU General Public License along |
|
16
|
|
|
* with this program; if not, write to the Free Software Foundation, Inc., |
|
17
|
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
|
18
|
|
|
* http://www.gnu.org/copyleft/gpl.html |
|
19
|
|
|
* |
|
20
|
|
|
* @file |
|
21
|
|
|
* @ingroup SpecialPage |
|
22
|
|
|
*/ |
|
23
|
|
|
|
|
24
|
|
|
use MediaWiki\Auth\AuthManager; |
|
25
|
|
|
|
|
26
|
|
|
/** |
|
27
|
|
|
* Let users change their email address. |
|
28
|
|
|
* |
|
29
|
|
|
* @ingroup SpecialPage |
|
30
|
|
|
*/ |
|
31
|
|
|
class SpecialChangeEmail extends FormSpecialPage { |
|
32
|
|
|
/** |
|
33
|
|
|
* @var Status |
|
34
|
|
|
*/ |
|
35
|
|
|
private $status; |
|
36
|
|
|
|
|
37
|
|
|
public function __construct() { |
|
38
|
|
|
parent::__construct( 'ChangeEmail', 'editmyprivateinfo' ); |
|
39
|
|
|
} |
|
40
|
|
|
|
|
41
|
|
|
public function doesWrites() { |
|
42
|
|
|
return true; |
|
43
|
|
|
} |
|
44
|
|
|
|
|
45
|
|
|
/** |
|
46
|
|
|
* @return bool |
|
47
|
|
|
*/ |
|
48
|
|
|
public function isListed() { |
|
49
|
|
|
return AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ); |
|
50
|
|
|
} |
|
51
|
|
|
|
|
52
|
|
|
/** |
|
53
|
|
|
* Main execution point |
|
54
|
|
|
* @param string $par |
|
55
|
|
|
*/ |
|
56
|
|
|
function execute( $par ) { |
|
57
|
|
|
$this->checkLoginSecurityLevel(); |
|
58
|
|
|
|
|
59
|
|
|
$out = $this->getOutput(); |
|
60
|
|
|
$out->disallowUserJs(); |
|
61
|
|
|
|
|
62
|
|
|
parent::execute( $par ); |
|
63
|
|
|
} |
|
64
|
|
|
|
|
65
|
|
|
protected function checkExecutePermissions( User $user ) { |
|
66
|
|
|
|
|
67
|
|
|
if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) { |
|
68
|
|
|
throw new ErrorPageError( 'changeemail', 'cannotchangeemail' ); |
|
69
|
|
|
} |
|
70
|
|
|
|
|
71
|
|
|
$this->requireLogin( 'changeemail-no-info' ); |
|
72
|
|
|
|
|
73
|
|
|
// This could also let someone check the current email address, so |
|
74
|
|
|
// require both permissions. |
|
75
|
|
|
if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) { |
|
76
|
|
|
throw new PermissionsError( 'viewmyprivateinfo' ); |
|
77
|
|
|
} |
|
78
|
|
|
|
|
79
|
|
|
parent::checkExecutePermissions( $user ); |
|
80
|
|
|
} |
|
81
|
|
|
|
|
82
|
|
|
protected function getFormFields() { |
|
83
|
|
|
$user = $this->getUser(); |
|
84
|
|
|
|
|
85
|
|
|
$fields = [ |
|
86
|
|
|
'Name' => [ |
|
87
|
|
|
'type' => 'info', |
|
88
|
|
|
'label-message' => 'username', |
|
89
|
|
|
'default' => $user->getName(), |
|
90
|
|
|
], |
|
91
|
|
|
'OldEmail' => [ |
|
92
|
|
|
'type' => 'info', |
|
93
|
|
|
'label-message' => 'changeemail-oldemail', |
|
94
|
|
|
'default' => $user->getEmail() ?: $this->msg( 'changeemail-none' )->text(), |
|
95
|
|
|
], |
|
96
|
|
|
'NewEmail' => [ |
|
97
|
|
|
'type' => 'email', |
|
98
|
|
|
'label-message' => 'changeemail-newemail', |
|
99
|
|
|
'autofocus' => true, |
|
100
|
|
|
'help-message' => 'changeemail-newemail-help', |
|
101
|
|
|
], |
|
102
|
|
|
]; |
|
103
|
|
|
|
|
104
|
|
|
return $fields; |
|
105
|
|
|
} |
|
106
|
|
|
|
|
107
|
|
|
protected function getDisplayFormat() { |
|
108
|
|
|
return 'ooui'; |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
protected function alterForm( HTMLForm $form ) { |
|
112
|
|
|
$form->setId( 'mw-changeemail-form' ); |
|
113
|
|
|
$form->setTableId( 'mw-changeemail-table' ); |
|
114
|
|
|
$form->setSubmitTextMsg( 'changeemail-submit' ); |
|
115
|
|
|
$form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) ); |
|
116
|
|
|
|
|
117
|
|
|
$form->addHeaderText( $this->msg( 'changeemail-header' )->parseAsBlock() ); |
|
118
|
|
|
} |
|
119
|
|
|
|
|
120
|
|
|
public function onSubmit( array $data ) { |
|
121
|
|
|
$status = $this->attemptChange( $this->getUser(), $data['NewEmail'] ); |
|
122
|
|
|
|
|
123
|
|
|
$this->status = $status; |
|
124
|
|
|
|
|
125
|
|
|
return $status; |
|
126
|
|
|
} |
|
127
|
|
|
|
|
128
|
|
|
public function onSuccess() { |
|
129
|
|
|
$request = $this->getRequest(); |
|
130
|
|
|
|
|
131
|
|
|
$returnto = $request->getVal( 'returnto' ); |
|
132
|
|
|
$titleObj = $returnto !== null ? Title::newFromText( $returnto ) : null; |
|
133
|
|
|
if ( !$titleObj instanceof Title ) { |
|
134
|
|
|
$titleObj = Title::newMainPage(); |
|
135
|
|
|
} |
|
136
|
|
|
$query = $request->getVal( 'returntoquery' ); |
|
137
|
|
|
|
|
138
|
|
|
if ( $this->status->value === true ) { |
|
139
|
|
|
$this->getOutput()->redirect( $titleObj->getFullURL( $query ) ); |
|
140
|
|
|
} elseif ( $this->status->value === 'eauth' ) { |
|
141
|
|
|
# Notify user that a confirmation email has been sent... |
|
142
|
|
|
$this->getOutput()->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>", |
|
143
|
|
|
'eauthentsent', $this->getUser()->getName() ); |
|
144
|
|
|
// just show the link to go back |
|
145
|
|
|
$this->getOutput()->addReturnTo( $titleObj, wfCgiToArray( $query ) ); |
|
|
|
|
|
|
146
|
|
|
} |
|
147
|
|
|
} |
|
148
|
|
|
|
|
149
|
|
|
/** |
|
150
|
|
|
* @param User $user |
|
151
|
|
|
* @param string $newaddr |
|
152
|
|
|
* @return Status |
|
153
|
|
|
*/ |
|
154
|
|
|
private function attemptChange( User $user, $newaddr ) { |
|
155
|
|
|
$authManager = AuthManager::singleton(); |
|
|
|
|
|
|
156
|
|
|
|
|
157
|
|
|
if ( $newaddr != '' && !Sanitizer::validateEmail( $newaddr ) ) { |
|
|
|
|
|
|
158
|
|
|
return Status::newFatal( 'invalidemailaddress' ); |
|
159
|
|
|
} |
|
160
|
|
|
|
|
161
|
|
|
if ( $newaddr === $user->getEmail() ) { |
|
162
|
|
|
return Status::newFatal( 'changeemail-nochange' ); |
|
163
|
|
|
} |
|
164
|
|
|
|
|
165
|
|
|
$oldaddr = $user->getEmail(); |
|
166
|
|
|
$status = $user->setEmailWithConfirmation( $newaddr ); |
|
167
|
|
|
if ( !$status->isGood() ) { |
|
168
|
|
|
return $status; |
|
169
|
|
|
} |
|
170
|
|
|
|
|
171
|
|
|
Hooks::run( 'PrefsEmailAudit', [ $user, $oldaddr, $newaddr ] ); |
|
172
|
|
|
|
|
173
|
|
|
$user->saveSettings(); |
|
174
|
|
|
MediaWiki\Auth\AuthManager::callLegacyAuthPlugin( 'updateExternalDB', [ $user ] ); |
|
175
|
|
|
|
|
176
|
|
|
return $status; |
|
177
|
|
|
} |
|
178
|
|
|
|
|
179
|
|
|
public function requiresUnblock() { |
|
180
|
|
|
return false; |
|
181
|
|
|
} |
|
182
|
|
|
|
|
183
|
|
|
protected function getGroupName() { |
|
184
|
|
|
return 'users'; |
|
185
|
|
|
} |
|
186
|
|
|
} |
|
187
|
|
|
|
wikimedia /
mediawiki
Loading history...
Unless you are absolutely sure that the expression can never be null because of other conditions, we strongly recommend to add an additional type check to your code: