Jump to content

Wikia code/includes/specials/SpecialConfirmemail.php

From mediawiki.org
--- D:\Programming\SVN\mediawiki\branches\REL1_16\phase3\includes\specials\SpecialConfirmemail.php	2011-07-18 22:31:17.802734400 +0100
+++ D:\Programming\SVN\wikia\trunk\includes\specials\SpecialConfirmemail.php	2011-08-17 15:28:16.453125000 +0100
@@ -25,6 +25,25 @@
 	function execute( $code ) {
 		global $wgUser, $wgOut;
 		$this->setHeaders();
+
+		/* Wikia change begin - @author: Uberfuzzy */
+		/* manual confirm code entry */
+		if( empty( $code ) ) {
+			#no code passed as execute param,
+			#attempt to pull code from URL (as sent by manual form), and put where normal flow expects
+			global $wgRequest;
+			$code = $wgRequest->getText( 'code' );
+			$code = trim($code);
+		} else 
+		{
+			#execute param not empty, try to catch new state here
+			if( $code === 'manual' ) {
+				$this->showManualForm();
+				return;
+			}
+		}
+		/* wikia change end */
+
 		if( empty( $code ) ) {
 			if( $wgUser->isLoggedIn() ) {
 				if( User::isValidEmailAddr( $wgUser->getEmail() ) ) {
@@ -54,6 +73,8 @@
 	function showRequestForm() {
 		global $wgOut, $wgUser, $wgLang, $wgRequest;
 		if( $wgRequest->wasPosted() && $wgUser->matchEditToken( $wgRequest->getText( 'token' ) ) ) {
+			// Wikia change -- only allow one email confirmation attempt per hour
+			if (strtotime($wgUser->mEmailTokenExpires) - strtotime("+6 days 23 hours") > 0) return;
 			$ok = $wgUser->sendConfirmationMail();
 			if ( WikiError::isError( $ok ) ) {
 				$wgOut->addWikiMsg( 'confirmemail_sendfailed', $ok->toString() );
@@ -69,9 +90,12 @@
 				$d = $wgLang->date( $wgUser->mEmailAuthenticated, true );
 				$t = $wgLang->time( $wgUser->mEmailAuthenticated, true );
 				$wgOut->addWikiMsg( 'emailauthenticated', $time, $d, $t );
+				return;  // Wikia change -- don't show button at all if email is already confirmed (spam vector)
 			}
 			if( $wgUser->isEmailConfirmationPending() ) {
 				$wgOut->wrapWikiMsg( "<div class=\"error mw-confirmemail-pending\">\n$1</div>", 'confirmemail_pending' );
+				// Wikia change -- only allow one email confirmation attempt per hour
+				if (strtotime($wgUser->mEmailTokenExpires) - strtotime("+6 days 23 hours") > 0) return;
 			}
 			$wgOut->addWikiMsg( 'confirmemail_text' );
 			$form  = Xml::openElement( 'form', array( 'method' => 'post', 'action' => $this->getTitle()->getLocalUrl() ) );
@@ -82,6 +106,23 @@
 		}
 	}
 
+	/* Wikia change begin - @author: Uberfuzzy */
+	/**
+	 * Show a specialized form for manual code entry
+	 */
+	function showManualForm() {
+		global $wgOut;
+
+		$self = SpecialPage::getTitleFor( 'ConfirmEmail' );
+
+		$form  = Xml::openElement( 'form', array( 'method' => 'post', 'action' => $self->getLocalUrl() ) );
+		$form .= Xml::input( 'code', 40 );
+		$form .= ' ' . Xml::submitButton( 'Confirm' );
+		$form .= Xml::closeElement( 'form' );
+		$wgOut->addHTML( Xml::fieldset( wfMsg('enterconfirmcode'), $form) );
+	}
+	/* Wikia change end */
+
 	/**
 	 * Attempt to confirm the user's email address and show success or failure
 	 * as needed; if successful, take the user to log in
@@ -100,6 +141,7 @@
 				$title = SpecialPage::getTitleFor( 'Userlogin' );
 				$wgOut->returnToMain( true, $title );
 			}
+			wfRunHooks( 'ConfirmEmailComplete', array( &$user ) );
 		} else {
 			$wgOut->addWikiMsg( 'confirmemail_invalid' );
 		}