includes/specials/SpecialConfirmemail.php

   1 <?php
   2 /**
   3  * Implements Special:Confirmemail
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  * @ingroup SpecialPage
  22  */
  23
  24 /**
  25  * Special page allows users to request email confirmation message, and handles
  26  * processing of the confirmation code when the link in the email is followed
  27  *
  28  * @ingroup SpecialPage
  29  * @author Brion Vibber
  30  * @author Rob Church <robchur@gmail.com>
  31  */
  32 class EmailConfirmation extends UnlistedSpecialPage {
  33         public function __construct() {
  34                 parent::__construct( 'Confirmemail', 'editmyprivateinfo' );
  35         }
  36
  37         public function doesWrites() {
  38                 return true;
  39         }
  40
  41         /**
  42          * Main execution point
  43          *
  44          * @param null|string $code Confirmation code passed to the page
  45          * @throws PermissionsError
  46          * @throws ReadOnlyError
  47          * @throws UserNotLoggedIn
  48          */
  49         function execute( $code ) {
  50                 // Ignore things like master queries/connections on GET requests.
  51                 // It's very convenient to just allow formless link usage.
  52                 $trxProfiler = Profiler::instance()->getTransactionProfiler();
  53
  54                 $this->setHeaders();
  55                 $this->checkReadOnly();
  56                 $this->checkPermissions();
  57
  58                 // This could also let someone check the current email address, so
  59                 // require both permissions.
  60                 if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
  61                         throw new PermissionsError( 'viewmyprivateinfo' );
  62                 }
  63
  64                 if ( $code === null || $code === '' ) {
  65                         $this->requireLogin( 'confirmemail_needlogin' );
  66                         if ( Sanitizer::validateEmail( $this->getUser()->getEmail() ) ) {
  67                                 $this->showRequestForm();
  68                         } else {
  69                                 $this->getOutput()->addWikiMsg( 'confirmemail_noemail' );
  70                         }
  71                 } else {
  72                         $old = $trxProfiler->setSilenced( true );
  73                         $this->attemptConfirm( $code );
  74                         $trxProfiler->setSilenced( $old );
  75                 }
  76         }
  77
  78         /**
  79          * Show a nice form for the user to request a confirmation mail
  80          */
  81         function showRequestForm() {
  82                 $user = $this->getUser();
  83                 $out = $this->getOutput();
  84
  85                 if ( !$user->isEmailConfirmed() ) {
  86                         $descriptor = [];
  87                         if ( $user->isEmailConfirmationPending() ) {
  88                                 $descriptor += [
  89                                         'pending' => [
  90                                                 'type' => 'info',
  91                                                 'raw' => true,
  92                                                 'default' => "<div class=\"error mw-confirmemail-pending\">\n" .
  93                                                         $this->msg( 'confirmemail_pending' )->escaped() .
  94                                                         "\n</div>",
  95                                         ],
  96                                 ];
  97                         }
  98
  99                         $out->addWikiMsg( 'confirmemail_text' );
 100                         $form = HTMLForm::factory( 'ooui', $descriptor, $this->getContext() );
 101                         $form
 102                                 ->setMethod( 'post' )
 103                                 ->setAction( $this->getPageTitle()->getLocalURL() )
 104                                 ->setSubmitTextMsg( 'confirmemail_send' )
 105                                 ->setSubmitCallback( [ $this, 'submitSend' ] );
 106
 107                         $retval = $form->show();
 108
 109                         if ( $retval === true ) {
 110                                 // should never happen, but if so, don't let the user without any message
 111                                 $out->addWikiMsg( 'confirmemail_sent' );
 112                         } elseif ( $retval instanceof Status && $retval->isGood() ) {
 113                                 $out->addWikiText( $retval->getValue() );
 114                         }
 115                 } else {
 116                         // date and time are separate parameters to facilitate localisation.
 117                         // $time is kept for backward compat reasons.
 118                         // 'emailauthenticated' is also used in SpecialPreferences.php
 119                         $lang = $this->getLanguage();
 120                         $emailAuthenticated = $user->getEmailAuthenticationTimestamp();
 121                         $time = $lang->userTimeAndDate( $emailAuthenticated, $user );
 122                         $d = $lang->userDate( $emailAuthenticated, $user );
 123                         $t = $lang->userTime( $emailAuthenticated, $user );
 124                         $out->addWikiMsg( 'emailauthenticated', $time, $d, $t );
 125                 }
 126         }
 127
 128         /**
 129          * Callback for HTMLForm send confirmation mail.
 130          *
 131          * @return Status Status object with the result
 132          */
 133         public function submitSend() {
 134                 $status = $this->getUser()->sendConfirmationMail();
 135                 if ( $status->isGood() ) {
 136                         return Status::newGood( $this->msg( 'confirmemail_sent' )->text() );
 137                 } else {
 138                         return Status::newFatal( new RawMessage(
 139                                 $status->getWikiText( 'confirmemail_sendfailed' )
 140                         ) );
 141                 }
 142         }
 143
 144         /**
 145          * Attempt to confirm the user's email address and show success or failure
 146          * as needed; if successful, take the user to log in
 147          *
 148          * @param string $code Confirmation code
 149          */
 150         private function attemptConfirm( $code ) {
 151                 $user = User::newFromConfirmationCode( $code, User::READ_LATEST );
 152                 if ( !is_object( $user ) ) {
 153                         $this->getOutput()->addWikiMsg( 'confirmemail_invalid' );
 154
 155                         return;
 156                 }
 157
 158                 $user->confirmEmail();
 159                 $user->saveSettings();
 160                 $message = $this->getUser()->isLoggedIn() ? 'confirmemail_loggedin' : 'confirmemail_success';
 161                 $this->getOutput()->addWikiMsg( $message );
 162
 163                 if ( !$this->getUser()->isLoggedIn() ) {
 164                         $title = SpecialPage::getTitleFor( 'Userlogin' );
 165                         $this->getOutput()->returnToMain( true, $title );
 166                 }
 167         }
 168 }