Wikinaut has submitted this change and it was merged.
Change subject: Bug 54677: (partial) check email addresses
Sanitizer::validateEmail()
......................................................................
Bug 54677: (partial) check email addresses Sanitizer::validateEmail()
Do account creation checks when creating users
* part 1: pass email addresses to Sanitizer::validateEmail()
Change-Id: I4f8786c674b78277158b40d259e61ebdc39e696a
---
M SpecialOpenIDLogin.body.php
M SpecialOpenIDServer.body.php
2 files changed, 38 insertions(+), 14 deletions(-)
Approvals:
CSteipp: Looks good to me, but someone else must approve
Wikinaut: Verified; Looks good to me, approved
jenkins-bot: Checked
diff --git a/SpecialOpenIDLogin.body.php b/SpecialOpenIDLogin.body.php
index d290c82..d1defab 100644
--- a/SpecialOpenIDLogin.body.php
+++ b/SpecialOpenIDLogin.body.php
@@ -626,18 +626,26 @@
$user = self::getUserFromUrl( $openid );
if ( $user instanceof User ) {
+
$this->updateUser( $user, $sreg, $ax ); #
update from server
$wgUser = $user;
$this->displaySuccessLogin( $openid );
+
} else {
+
// if we are hardcoding nickname, and a valid
e-mail address was returned, create a user with this name
if ( $wgOpenIDUseEmailAsNickname ) {
+
$name = $this->getNameFromEmail(
$openid, $sreg, $ax );
+
if ( !empty( $name ) &&
$this->userNameOk( $name ) ) {
+
$wgUser = $this->createUser(
$openid, $sreg, $ax, $name );
$this->displaySuccessLogin(
$openid );
return;
+
}
+
}
$this->saveValues( $openid, $sreg, $ax );
@@ -669,27 +677,33 @@
if ( $this->updateOption( 'email', $user, $force ) ) {
// first check SREG, then AX; if both, AX takes higher
priority
$email = false;
- if ( array_key_exists( 'email', $sreg ) ) {
+
+ if ( array_key_exists( 'email', $sreg )
+ && Sanitizer::validateEmail( $sreg['email'] ) )
{
$email = $sreg['email'];
}
- if ( isset (
$ax['http://axschema.org/contact/email'][0] ) ) {
+
+ if ( isset (
$ax['http://axschema.org/contact/email'][0] )
+ && Sanitizer::validateEmail(
$ax['http://axschema.org/contact/email'][0] ) ) {
$email =
$ax['http://axschema.org/contact/email'][0];
}
+
if ( $email ) {
- // If email changed, then email a confirmation
mail
+
+ // send a confirmation mail if email has changed
+
if ( $email != $user->getEmail() ) {
- $user->setEmail( $email );
+
if ( $wgOpenIDTrustEmailAddress ) {
+ $user->setEmail( $email );
$user->confirmEmail();
} else {
- $user->invalidateEmail();
- if ( $wgEmailAuthentication &&
$email != '' ) {
- $result =
$user->sendConfirmationMail();
- if (
WikiError::isError( $result ) ) {
-
$wgOut->addWikiMsg( 'mailerror', $result->getMessage() );
- }
+ $status =
$user->setEmailWithConfirmation( $email );
+ if ( !$status->isOK() ) {
+ $wgOut->addWikiMsg(
'mailerror', $result->getMessage() );
}
}
+
}
}
}
@@ -912,18 +926,25 @@
# return the part before the @ in the e-mail address;
# look first at SREG, then AX
- if ( array_key_exists( 'email', $sreg ) ) {
+ if ( array_key_exists( 'email', $sreg )
+ && Sanitizer::validateEmail( $sreg['email'] ) ) {
+
$addr = explode( "@", $sreg['email'] );
if ( $addr ) {
return $addr[0];
}
+
}
- if ( isset( $ax['http://axschema.org/contact/email'][0] ) ) {
+ if ( isset( $ax['http://axschema.org/contact/email'][0] )
+ && Sanitizer::validateEmail(
$ax['http://axschema.org/contact/email'][0] ) ) {
+
$addr = explode( "@",
$ax['http://axschema.org/contact/email'][0] );
+
if ( $addr ) {
return $addr[0];
}
+
}
}
diff --git a/SpecialOpenIDServer.body.php b/SpecialOpenIDServer.body.php
index 5ccc771..2d9723a 100644
--- a/SpecialOpenIDServer.body.php
+++ b/SpecialOpenIDServer.body.php
@@ -635,8 +635,11 @@
$user->setRealName( $value );
return true;
case 'email':
- # FIXME: deal with validation
- $user->setEmail( $value );
+ if ( Sanitizer::validateEmail( $value ) ) {
+ $user->setEmail( $value );
+ } else {
+ $user->setEmail( "" );
+ }
return true;
case 'language':
$user->setOption( 'language', $value );
--
To view, visit https://gerrit.wikimedia.org/r/95076
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I4f8786c674b78277158b40d259e61ebdc39e696a
Gerrit-PatchSet: 4
Gerrit-Project: mediawiki/extensions/OpenID
Gerrit-Branch: master
Gerrit-Owner: Wikinaut <[email protected]>
Gerrit-Reviewer: CSteipp <[email protected]>
Gerrit-Reviewer: Parent5446 <[email protected]>
Gerrit-Reviewer: Ryan Lane <[email protected]>
Gerrit-Reviewer: Wikinaut <[email protected]>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
