Wikia code/includes/specials/SpecialConfirmemail.php
Appearance
This page is obsolete. It is being retained for archival purposes. It may document extensions or features that are obsolete and/or no longer supported. Do not rely on the information here being up-to-date. The information shown below refers to the now unmaintained 1.16 MediaWiki release. The current stable release number is 1.43.0. |
--- D:\Programming\SVN\mediawiki\branches\REL1_16\phase3\includes\specials\SpecialConfirmemail.php 2011-07-18 22:31:17.802734400 +0100
+++ D:\Programming\SVN\wikia\trunk\includes\specials\SpecialConfirmemail.php 2011-08-17 15:28:16.453125000 +0100
@@ -25,6 +25,25 @@
function execute( $code ) {
global $wgUser, $wgOut;
$this->setHeaders();
+
+ /* Wikia change begin - @author: Uberfuzzy */
+ /* manual confirm code entry */
+ if( empty( $code ) ) {
+ #no code passed as execute param,
+ #attempt to pull code from URL (as sent by manual form), and put where normal flow expects
+ global $wgRequest;
+ $code = $wgRequest->getText( 'code' );
+ $code = trim($code);
+ } else
+ {
+ #execute param not empty, try to catch new state here
+ if( $code === 'manual' ) {
+ $this->showManualForm();
+ return;
+ }
+ }
+ /* wikia change end */
+
if( empty( $code ) ) {
if( $wgUser->isLoggedIn() ) {
if( User::isValidEmailAddr( $wgUser->getEmail() ) ) {
@@ -54,6 +73,8 @@
function showRequestForm() {
global $wgOut, $wgUser, $wgLang, $wgRequest;
if( $wgRequest->wasPosted() && $wgUser->matchEditToken( $wgRequest->getText( 'token' ) ) ) {
+ // Wikia change -- only allow one email confirmation attempt per hour
+ if (strtotime($wgUser->mEmailTokenExpires) - strtotime("+6 days 23 hours") > 0) return;
$ok = $wgUser->sendConfirmationMail();
if ( WikiError::isError( $ok ) ) {
$wgOut->addWikiMsg( 'confirmemail_sendfailed', $ok->toString() );
@@ -69,9 +90,12 @@
$d = $wgLang->date( $wgUser->mEmailAuthenticated, true );
$t = $wgLang->time( $wgUser->mEmailAuthenticated, true );
$wgOut->addWikiMsg( 'emailauthenticated', $time, $d, $t );
+ return; // Wikia change -- don't show button at all if email is already confirmed (spam vector)
}
if( $wgUser->isEmailConfirmationPending() ) {
$wgOut->wrapWikiMsg( "<div class=\"error mw-confirmemail-pending\">\n$1</div>", 'confirmemail_pending' );
+ // Wikia change -- only allow one email confirmation attempt per hour
+ if (strtotime($wgUser->mEmailTokenExpires) - strtotime("+6 days 23 hours") > 0) return;
}
$wgOut->addWikiMsg( 'confirmemail_text' );
$form = Xml::openElement( 'form', array( 'method' => 'post', 'action' => $this->getTitle()->getLocalUrl() ) );
@@ -82,6 +106,23 @@
}
}
+ /* Wikia change begin - @author: Uberfuzzy */
+ /**
+ * Show a specialized form for manual code entry
+ */
+ function showManualForm() {
+ global $wgOut;
+
+ $self = SpecialPage::getTitleFor( 'ConfirmEmail' );
+
+ $form = Xml::openElement( 'form', array( 'method' => 'post', 'action' => $self->getLocalUrl() ) );
+ $form .= Xml::input( 'code', 40 );
+ $form .= ' ' . Xml::submitButton( 'Confirm' );
+ $form .= Xml::closeElement( 'form' );
+ $wgOut->addHTML( Xml::fieldset( wfMsg('enterconfirmcode'), $form) );
+ }
+ /* Wikia change end */
+
/**
* Attempt to confirm the user's email address and show success or failure
* as needed; if successful, take the user to log in
@@ -100,6 +141,7 @@
$title = SpecialPage::getTitleFor( 'Userlogin' );
$wgOut->returnToMain( true, $title );
}
+ wfRunHooks( 'ConfirmEmailComplete', array( &$user ) );
} else {
$wgOut->addWikiMsg( 'confirmemail_invalid' );
}