2014-02-24 20:13:49 +00:00
|
|
|
<?php
|
|
|
|
|
/**
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License along
|
|
|
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
|
* http://www.gnu.org/copyleft/gpl.html
|
|
|
|
|
*
|
|
|
|
|
* @file
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
/**
|
2014-07-15 18:48:09 +00:00
|
|
|
* Redirect a user to the login page
|
2014-02-24 20:13:49 +00:00
|
|
|
*
|
|
|
|
|
* This is essentially an ErrorPageError exception which by default uses the
|
|
|
|
|
* 'exception-nologin' as a title and 'exception-nologin-text' for the message.
|
2014-07-15 18:48:09 +00:00
|
|
|
*
|
|
|
|
|
* @note In order for this exception to redirect, the error message passed to the
|
Use AuthManager on special pages
Rewrite authentication-related special pages to use AuthManager.
All the changes mentioned below only take effect when
$wgDisableAuthManager is false.
LoginForm is rewritten to use HTMLForm and split into UserLogin
and CreateAccount; ChangePassword and PasswordReset are rewritten;
ChangeEmail and Preferences are updated. Four new special pages
are added to handle the new capabilities of AuthManager (linked
accounts, secondary authentication providers): LinkAccounts,
UnlinkAccounts, ChangeCredentials, RemoveCredentials.
The old form-based hooks (ChangePasswordForm, UserCreateForm,
UserLoginForm) are deprecated. A new, more generic hook is
available to alter the forms (AuthChangeFormFields);
form changes that involve new fields should be done via
$wgAuthManagerConfig.
UserLoginComplete is limited to web-based login; for more
generic functionality UserLoggedIn can be used instead.
Hooks that assume password-based login (PrefsPasswordAudit,
AbortChangePassword) are removed; the first functionality
is replaced by ChangeAuthenticationDataAudit, the second is
handled by AuthManager. LoginPasswordResetMessage is removed,
the functionality can be recreated via authentication providers.
There are several smaller backwards incompatible changes:
* Adding fields to the login/signup forms by manipulating the
template via the extraInput/extrafields parameters is not
supported anymore. Depending on the authn configuration the
login/signup process might be multistep and it would be
complicated to ensure that extensions can access the data
at the right moment. Instead, you can create an
AuthenticationProvider which can define its own fields and
process them when the authentication is over.
(There is B/C support for a transitional period that works with
the default login form, but might break with configurations that
require multiple steps or redirects.)
* Removed cookie redirect check. This was added in 2003 in 9ead07fe9
for the benefit of bots, but with MediaWiki having an API these days
there is little reason to keep it. Same for the wpSkipCookieCheck
flag (added in 2008 in 29c73e8265).
* Instead of embedding a password field on sensitive special pages
such as ChangeEmail, such pages rely on AuthManager for elevated
security (which typically involves requiring the user to log in again
unless their last login was more than a few minutes ago).
Accordingly, wgRequirePasswordforEmailChange is removed.
* Special:ChangePassword requires login now.
* Special:ResetPassword now sends a separate email to each user when called
with a shared email address.
* the Reason field had a message with 'prefsectiontip' class
which was sorta broken but used in extensions for formatting.
HTMLForm does not support that, so this commit turns it into a help message
which will break formatting. See https://gerrit.wikimedia.org/r/#/c/231884
Bug: T110277
Change-Id: I8b52ec8ddf494f23941807638f149f15b5e46b0c
Depends-On: If4e0dfb6ee6674f0dace80a01850e2d0cbbdb47a
2015-09-22 22:50:04 +00:00
|
|
|
* constructor has to be explicitly added to LoginHelper::validErrorMessages or with
|
2014-11-01 16:09:58 +00:00
|
|
|
* the LoginFormValidErrorMessages hook. Otherwise, the user will just be shown the message
|
|
|
|
|
* rather than redirected.
|
2014-02-24 20:13:49 +00:00
|
|
|
*
|
|
|
|
|
* @par Example:
|
|
|
|
|
* @code
|
|
|
|
|
* if( $user->isAnon() ) {
|
2017-02-25 21:53:36 +00:00
|
|
|
* throw new UserNotLoggedIn();
|
2014-02-24 20:13:49 +00:00
|
|
|
* }
|
|
|
|
|
* @endcode
|
|
|
|
|
*
|
|
|
|
|
* Note the parameter order differs from ErrorPageError, this allows you to
|
|
|
|
|
* simply specify a reason without overriding the default title.
|
|
|
|
|
*
|
|
|
|
|
* @par Example:
|
|
|
|
|
* @code
|
|
|
|
|
* if( $user->isAnon() ) {
|
2017-02-25 21:53:36 +00:00
|
|
|
* throw new UserNotLoggedIn( 'action-require-loggedin' );
|
2014-02-24 20:13:49 +00:00
|
|
|
* }
|
|
|
|
|
* @endcode
|
|
|
|
|
*
|
2020-07-10 12:11:14 +00:00
|
|
|
* @newable
|
2017-02-20 22:44:19 +00:00
|
|
|
* @see T39627
|
2014-07-15 18:48:09 +00:00
|
|
|
* @since 1.20
|
2014-02-24 20:13:49 +00:00
|
|
|
* @ingroup Exception
|
|
|
|
|
*/
|
|
|
|
|
class UserNotLoggedIn extends ErrorPageError {
|
|
|
|
|
|
|
|
|
|
/**
|
2020-07-13 08:53:06 +00:00
|
|
|
* @stable to call
|
2020-07-10 12:11:14 +00:00
|
|
|
*
|
2018-09-13 22:20:11 +00:00
|
|
|
* @note The value of the $reasonMsg parameter must be set with the LoginFormValidErrorMessages
|
|
|
|
|
* hook if you want the user to be automatically redirected to the login form.
|
2014-07-15 18:48:09 +00:00
|
|
|
*
|
2014-02-24 20:13:49 +00:00
|
|
|
* @param string $reasonMsg A message key containing the reason for the error.
|
|
|
|
|
* Optional, default: 'exception-nologin-text'
|
|
|
|
|
* @param string $titleMsg A message key to set the page title.
|
|
|
|
|
* Optional, default: 'exception-nologin'
|
|
|
|
|
* @param array $params Parameters to wfMessage().
|
2016-09-12 10:06:37 +00:00
|
|
|
* Optional, default: []
|
2014-02-24 20:13:49 +00:00
|
|
|
*/
|
|
|
|
|
public function __construct(
|
|
|
|
|
$reasonMsg = 'exception-nologin-text',
|
|
|
|
|
$titleMsg = 'exception-nologin',
|
2016-02-17 09:09:32 +00:00
|
|
|
$params = []
|
2014-02-24 20:13:49 +00:00
|
|
|
) {
|
|
|
|
|
parent::__construct( $titleMsg, $reasonMsg, $params );
|
|
|
|
|
}
|
2014-07-15 18:48:09 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Redirect to Special:Userlogin if the specified message is compatible. Otherwise,
|
|
|
|
|
* show an error page as usual.
|
2019-11-08 19:58:41 +00:00
|
|
|
* @param int $action
|
2014-07-15 18:48:09 +00:00
|
|
|
*/
|
2019-09-18 18:05:42 +00:00
|
|
|
public function report( $action = self::SEND_OUTPUT ) {
|
2014-07-15 18:48:09 +00:00
|
|
|
// If an unsupported message is used, don't try redirecting to Special:Userlogin,
|
|
|
|
|
// since the message may not be compatible.
|
Use AuthManager on special pages
Rewrite authentication-related special pages to use AuthManager.
All the changes mentioned below only take effect when
$wgDisableAuthManager is false.
LoginForm is rewritten to use HTMLForm and split into UserLogin
and CreateAccount; ChangePassword and PasswordReset are rewritten;
ChangeEmail and Preferences are updated. Four new special pages
are added to handle the new capabilities of AuthManager (linked
accounts, secondary authentication providers): LinkAccounts,
UnlinkAccounts, ChangeCredentials, RemoveCredentials.
The old form-based hooks (ChangePasswordForm, UserCreateForm,
UserLoginForm) are deprecated. A new, more generic hook is
available to alter the forms (AuthChangeFormFields);
form changes that involve new fields should be done via
$wgAuthManagerConfig.
UserLoginComplete is limited to web-based login; for more
generic functionality UserLoggedIn can be used instead.
Hooks that assume password-based login (PrefsPasswordAudit,
AbortChangePassword) are removed; the first functionality
is replaced by ChangeAuthenticationDataAudit, the second is
handled by AuthManager. LoginPasswordResetMessage is removed,
the functionality can be recreated via authentication providers.
There are several smaller backwards incompatible changes:
* Adding fields to the login/signup forms by manipulating the
template via the extraInput/extrafields parameters is not
supported anymore. Depending on the authn configuration the
login/signup process might be multistep and it would be
complicated to ensure that extensions can access the data
at the right moment. Instead, you can create an
AuthenticationProvider which can define its own fields and
process them when the authentication is over.
(There is B/C support for a transitional period that works with
the default login form, but might break with configurations that
require multiple steps or redirects.)
* Removed cookie redirect check. This was added in 2003 in 9ead07fe9
for the benefit of bots, but with MediaWiki having an API these days
there is little reason to keep it. Same for the wpSkipCookieCheck
flag (added in 2008 in 29c73e8265).
* Instead of embedding a password field on sensitive special pages
such as ChangeEmail, such pages rely on AuthManager for elevated
security (which typically involves requiring the user to log in again
unless their last login was more than a few minutes ago).
Accordingly, wgRequirePasswordforEmailChange is removed.
* Special:ChangePassword requires login now.
* Special:ResetPassword now sends a separate email to each user when called
with a shared email address.
* the Reason field had a message with 'prefsectiontip' class
which was sorta broken but used in extensions for formatting.
HTMLForm does not support that, so this commit turns it into a help message
which will break formatting. See https://gerrit.wikimedia.org/r/#/c/231884
Bug: T110277
Change-Id: I8b52ec8ddf494f23941807638f149f15b5e46b0c
Depends-On: If4e0dfb6ee6674f0dace80a01850e2d0cbbdb47a
2015-09-22 22:50:04 +00:00
|
|
|
if ( !in_array( $this->msg, LoginHelper::getValidErrorMessages() ) ) {
|
2019-09-18 18:05:42 +00:00
|
|
|
parent::report( $action );
|
exception: Add missing early return for UserNotLoggedIn error page
Follows-up d0439af89f6b254c.
If the UserNotLoggedIn class is constructed with an unsupported
message parameter, thrown, and handled by MWExceptionHandler, the
report() method would get called, and it would call the parent,
which stages a full error page and sends it via OutputPage::output.
Due to the missing return statement, it would then still execute
the remaining code, which messes up the internal state of the
already-sent OutputPage object by changing its redirect target
(which will never be used, but might confuse other consumers),
and trying to re-send output() and redirect headers, which will
fail with a warning.
Fixing this is required for T233594 and Iaeaf5e55a586, which allows
ErrorPageError to be "stage only" without ending output. Without
this fix, it would call the parent and do stage-only, but then
the remaining code in this method also work and actually succeed
at sending an invalid message to the user.
To preserve current (accidentally correct) behaviour, this needs
to be fixed first.
Bug: T233594
Bug: T17484
Change-Id: Ic5d73becd889839399a5b425cbbe22a3401acea9
2019-09-23 23:33:20 +00:00
|
|
|
return;
|
2014-07-15 18:48:09 +00:00
|
|
|
}
|
|
|
|
|
|
exception: Add missing early return for UserNotLoggedIn error page
Follows-up d0439af89f6b254c.
If the UserNotLoggedIn class is constructed with an unsupported
message parameter, thrown, and handled by MWExceptionHandler, the
report() method would get called, and it would call the parent,
which stages a full error page and sends it via OutputPage::output.
Due to the missing return statement, it would then still execute
the remaining code, which messes up the internal state of the
already-sent OutputPage object by changing its redirect target
(which will never be used, but might confuse other consumers),
and trying to re-send output() and redirect headers, which will
fail with a warning.
Fixing this is required for T233594 and Iaeaf5e55a586, which allows
ErrorPageError to be "stage only" without ending output. Without
this fix, it would call the parent and do stage-only, but then
the remaining code in this method also work and actually succeed
at sending an invalid message to the user.
To preserve current (accidentally correct) behaviour, this needs
to be fixed first.
Bug: T233594
Bug: T17484
Change-Id: Ic5d73becd889839399a5b425cbbe22a3401acea9
2019-09-23 23:33:20 +00:00
|
|
|
// Message is valid. Redirect to Special:Userlogin
|
2014-07-15 18:48:09 +00:00
|
|
|
|
|
|
|
|
$context = RequestContext::getMain();
|
|
|
|
|
|
|
|
|
|
$output = $context->getOutput();
|
|
|
|
|
$query = $context->getRequest()->getValues();
|
|
|
|
|
// Title will be overridden by returnto
|
|
|
|
|
unset( $query['title'] );
|
|
|
|
|
// Redirect to Special:Userlogin
|
2016-02-17 09:09:32 +00:00
|
|
|
$output->redirect( SpecialPage::getTitleFor( 'Userlogin' )->getFullURL( [
|
2014-07-15 18:48:09 +00:00
|
|
|
// Return to this page when the user logs in
|
|
|
|
|
'returnto' => $context->getTitle()->getFullText(),
|
|
|
|
|
'returntoquery' => wfArrayToCgi( $query ),
|
|
|
|
|
'warning' => $this->msg,
|
2016-02-17 09:09:32 +00:00
|
|
|
] ) );
|
2014-07-15 18:48:09 +00:00
|
|
|
|
2019-09-18 18:05:42 +00:00
|
|
|
if ( $action === self::SEND_OUTPUT ) {
|
|
|
|
|
$output->output();
|
|
|
|
|
}
|
2014-07-15 18:48:09 +00:00
|
|
|
}
|
2014-02-24 20:13:49 +00:00
|
|
|
}
|
