Wiki source code of Registration

Hide line numbers
  1: {{velocity}}
  2: ## These are defined in other places around XWiki, changing them here will result in undefined behavior.
  3: #set($redirectParam = 'xredirect')
  4: #set($userSpace = 'XWiki.')
  5: #set($loginPage = 'XWiki.XWikiLogin')
  6: #set($loginAction = 'loginsubmit')
  7: ##
  8: #set($documentName = 'XWiki.Registration')
  9: ##
 10: ## Security measure: 
 11: ## If this document is changed such that it must have programming permission in order to run, change this to false.
 12: #set($sandbox = true)
 13: ##
 14: ## Load the configuration from a seperate document.
 15: #loadConfig('XWiki.RegistrationConfig')
 16: ##
 17: ## Defines what server generated error messages should look like
 18: ## The error message when a field is entered incorrectly
 19: #set($failureMessageParams = { 'class' : 'LV_validation_message LV_invalid'})
 20: ## 'LV_validation_message LV_invalid' depends on this:
 21: $xwiki.get('ssfx').use('uicomponents/widgets/validation/livevalidation.css', true)
 22: ##
 23: ## The * next to the fields to denote they are mandatory.
 24: #set($fieldMandatoryStar = { 'class' : 'xRequired'})
 25: ##
 26: #*
 27:  * You may include this document in other documents using {{include document="XWiki.Registration"/}}
 28:  * To specify that the user is invited and should be allowed to register even if Guest does not have permission to
 29:  * register, set $invited to true. NOTE: The including script must have programming permission to do this.
 30:  *
 31:  * To specify some code which should run after registration is successfully completed, set
 32:  * $doAfterRegistration to a define block of velocity code like so:
 33:  * #define($doAfterRegistration)
 34:  *   some code
 35:  * #end
 36:  * Output from running this code will not be printed.
 37:  *
 38:  * The fields which will be seen on the registration page are defined here.
 39:  * $fields is an array and each field is a Map. The names shown below are Map keys.
 40:  * 
 41:  * Each field must have:
 42:  *   name - this is the name of the field, it will be the value for "name" and "id"
 43:  * 
 44:  * Each field may have:
 45:  *   label - this String will be written above the field.
 46:  *
 47:  *   tag - the HTML tag which will be created, default is <input>, may also be a non form tag such as <img>
 48:  *
 49:  *   params - a Map, each key value pair will be in the html tag. eg: {"size" : "30"} becomes <input size=30...
 50:  *
 51:  *   validate a Map describing how to validate the field, validation is done in javascript then redone in velocity
 52:  *   |        for security and because not everyone has javascript.
 53:  *   |
 54:  *   +-mandatory (Optional) - Will fail if the field is not filled in.
 55:  *   | +-failureMessage (Required) - The message to display if the field is not filled in.
 56:  *   | +-noscript (Optional) - will not be checked by javascript
 57:  *   |
 58:  *   +-regex (Optional) - Will validate the field using a regular expression.
 59:  *   | |                  because of character escaping, you must provide a different expression for the
 60:  *   | |                  javascript validation and the server side validation. Both javascript and server side
 61:  *   | |                  validation are optional, but if you provide neither, then your field will not be validated.
 62:  *   | |
 63:  *   | +-failureMessage (Optional) - The message to display if the regex evaluation returns false.
 64:  *   | +-jsFailureMessage (Optional) - The message for Javascript to display if regex fails. 
 65:  *   | |                               If jsFailureMessage is not defined Javascript uses failureMessage.
 66:  *   | |                               NOTE: Javascript injects the failure message using createTextNode so &lt; will
 67:  *   | |                                     be displayed as &lt;
 68:  *   | |
 69:  *   | +-pattern (Optional) - The regular expression to test the input at the server side, it's important to use
 70:  *   | |                      this if you need to validate the field for security reasons, also it is good because not
 71:  *   | |                      all browsers use javascript or have it enabled.
 72:  *   | |
 73:  *   | +-jsPattern (Optional) - The regular expression to use for client side, you can use escaped characters to avoid
 74:  *   | |                        them being parsed as HTML or javascript. To get javascript to unescape characters use:
 75:  *   | |                        {"jsPattern" : "'+unescape('%5E%5B%24')+'"}
 76:  *   | |                        NOTE: If no jsPattern is specified, the jsValidator will try to validate 
 77:  *   | |                              using the server pattern.
 78:  *   | |
 79:  *   | +-noscript (Optional) - will not be checked by javascript
 80:  *   |
 81:  *   +-mustMatch (Optional) - Will fail if the entry into the field is not the same as the entry in another field.
 82:  *   | |                      Good for password confirmation.
 83:  *   | |
 84:  *   | +-failureMessage (Required) - The message to display if the field doesn't match the named field.
 85:  *   | +-name (Required) - The name of the field which this field must match.
 86:  *   | +-noscript (Optional) - will not be checked by javascript
 87:  *   |
 88:  *   +-programmaticValidation (Optional) - This form of validation executes a piece of code which you give it and
 89:  *   | |                                   if the code returns the word "failed" then it gives the error message.
 90:  *   | |                                   Remember to put the code in singel quotes ('') because you want the value
 91:  *   | |                                   of 'code' to equal the literal code, not the output from running it.
 92:  *   | |
 93:  *   | +-code (Required) - The code which will be executed to test whether the field is filled in correctly.
 94:  *   | +-failureMessage (Required) - The message which will be displayed if evaluating the code returns "false"
 95:  *   |
 96:  *   +-fieldOkayMessage (Optional) - The message which is displayed by LiveValidation when a field is validated as okay.
 97:  *                                   If not specified, will be $defaultFieldOkayMessage
 98:  *  
 99:  *   noReturn - If this is specified, the field will not be filled in if there is an error and the user has to fix their
100:  *              registration information. If you don't want a password to be passed back in html then set this true
101:  *              for the password fields. Used for the captcha because it makes no sense to pass back a captcha answer.
102:  *  
103:  *   doAfterRegistration - Some Velocity code which will be executed after a successfull registration. 
104:  *                         This is used in the favorite color example.
105:  *                         Remember to put the code in singel quotes ('') because you want the 'code' entry to equal the literal
106:  *                         code, not the output from running it.
107:  *  
108:  * Each field may not have: (reserved names)
109:  *   error - This is used to pass back any error message from the server side code.
110:  *
111:  * NOTE: This template uses a registration method which requires:
112:  *        * register_first_name
113:  *        * register_last_name
114:  *        * xwikiname
115:  *        * register_password
116:  *        * register2_password
117:  *        * register_email
118:  *        * template
119:  *       Removing or renaming any of these fields will result in undefined behavior.
120:  *
121:  *###
122: #set($fields = [])
123: ##
124: ## The first name field, no checking.
125: #set($field = 
126:   {'name' : 'register_first_name',
127:     'label' : $services.localization.render('core.register.firstName'),
128:     'params' : { 
129:       'type' : 'text', 
130:       'size' : '60' 
131:     }
132:   })
133: #set($discard = $fields.add($field))
134: ##
135: ## The last name field, no checking.
136: #set($field = 
137:   {'name' : 'register_last_name',
138:     'label' : $services.localization.render('core.register.lastName'),
139:     'params' : { 
140:       'type' : 'text', 
141:       'size' : '60' 
142:     }
143:   })
144: #set($discard = $fields.add($field))
145: ##
146: ## The user name field, mandatory and programmatically checked to make sure the username doesn't exist.
147: #set($field = 
148:   {'name' : 'xwikiname',
149:     'label' : $services.localization.render('core.register.username'),
150:     'params' : {
151:       'type' : 'text',
152:       'onfocus' : 'prepareName(document.forms.register);',
153:       'size' : '60'
154:     },
155:     'validate' : {
156:       'mandatory' : { 
157:         'failureMessage' : $services.localization.render('core.validation.required.message') 
158:       },
159:       'programmaticValidation' : {
160:         'code' : '#nameAvailable($request.get("xwikiname"))',
161:         'failureMessage' : $services.localization.render('core.register.userAlreadyExists')
162:       }
163:     }
164:   })
165: #set($discard = $fields.add($field))
166: ## Make sure the chosen user name is not already taken
167: ## This macro is called by programmaticValidation for xwikiname (above)
168: #macro(nameAvailable, $name)
169:   #if($xwiki.exists("$userSpace$name"))
170:     failed
171:   #end
172: #end
173: ##
174: ##The password field, mandatory and must be at least 6 characters long.
175: #set($field = 
176:   {'name' : 'register_password',
177:     'label' : $services.localization.render('core.register.password'),
178:     'params' : {
179:       'type' : 'password',
180:       'autocomplete' : 'off',
181:       'size' : '60'
182:     },
183:     'validate' : {
184:       'mandatory' : { 
185:         'failureMessage' : $services.localization.render('core.validation.required.message') 
186:       },
187:       'regex' : {
188:         'pattern' : '/.{6,}/',
189:         'failureMessage' : $services.localization.render('xe.admin.registration.passwordTooShort')
190:       }
191:     }
192:   })
193: #set($discard = $fields.add($field))
194: ##
195: ##The confirm password field, mandatory, must match password field, and must also be 6+ characters long.
196: #set($field = 
197:   {'name' : 'register2_password',
198:     'label' : $services.localization.render('core.register.passwordRepeat'),
199:     'params' : {
200:       'type' : 'password',
201:       'autocomplete' : 'off',
202:       'size' : '60'
203:     },
204:     'validate' : {
205:       'mandatory' : { 
206:         'failureMessage' : $services.localization.render('core.validation.required.message') 
207:       },
208:       'mustMatch' : {
209:         'name' : 'register_password',
210:         'failureMessage' : $services.localization.render('xe.admin.registration.passwordMismatch')
211:       },
212:       'regex' : {
213:         'pattern' : '/.{6,}/',
214:         'failureMessage' : $services.localization.render('xe.admin.registration.passwordTooShort')
215:       }
216:     }
217:   })
218: #set($discard = $fields.add($field))
219: ##
220: ## The email address field, regex checked with an email pattern.
221: #set($field = 
222:   {'name' : 'register_email',
223:     'label' : $services.localization.render('core.register.email'),
224:     'params' : { 
225:       'type' : 'text', 
226:       'size' : '60' 
227:     },
228:     'validate' : {
229:       'regex' : {
230:         'pattern' : '/^([^@\s]+)@((?:[-a-zA-Z0-9]+\.)+[a-zA-Z]{2,})$/',
231:         'failureMessage' : $services.localization.render('xe.admin.registration.invalidEmail')
232:       }
233:     }
234:   })
235: #set($discard = $fields.add($field))
236: ##
237: #*********
238: ## Uncomment this code to see an example of how you can easily add a field to the registration page
239: ## NOTE: In order to save the favorite color in the "doAfterRegistration" hook, this page must be
240: ## saved by an administrator and can not self sandboxing.
241: #set($sandbox = false)
242: #set($field = 
243:   {'name' : 'favorite_color',
244:     'label' : 'What is your favorite color',
245:     'params' : {
246:       'type' : 'text',
247:       'size' : '60'
248:     },
249:     'validate' : {
250:       'mandatory' : {
251:         'failureMessage' : $services.localization.render('core.validation.required.message')
252:       },
253:       'regex' : {
254:         'pattern' : '/^green$/',
255:         'failureMessage' : 'You are not cool enough to register here.'
256:       },
257:       'fieldOkayMessage' : 'You are awesome.'
258:     },
259:     'doAfterRegistration' : '#saveFavoriteColor()'
260:   })
261: #set($discard = $fields.add($field))
262: ## Save the user's favorite color on their user page.
263: #macro(saveFavoriteColor)
264:   #set($xwikiname = $request.get('xwikiname'))
265:   #set($userDoc = $xwiki.getDocument("$userSpace$xwikiname"))
266:   $userDoc.setContent("$userDoc.getContent() ${xwikiname}'s favorite color is $request.get('favorite_color')!")
267:   ## The user (who is not yet logged in) can't save documents so saveWithProgrammingRights
268:   ## will save the document as long as the user who last saved this registration page has programming rights.
269:   $userDoc.saveWithProgrammingRights("Saved favorite color from registration form.")
270: #end
271: *********###
272: ##
273: ## To disable the captcha on this page, comment out the next two entries.
274: ## The captcha image, not an input field but still defined the same way.
275: #if($captchaservice
276:     && !$invited
277:     && $xcontext.getUser() == "XWiki.XWikiGuest"
278:     && $requireCaptcha)
279:   ## Empty label field used for padding.
280:   ## Empty 'name' field overriddes name="captcha_image" with "" so name is not specified at all.
281:   #set($field = 
282:     {'name' : 'captcha_image',
283:       'label' : "<span class='hidden'>$services.localization.render('core.captcha.image.label')</span>",
284:       'tag' : 'img',
285:       'params' : {
286:         'src' : $doc.getURL('imagecaptcha'),
287:         'alt' : $services.localization.render('core.captcha.image.alternateText', [$services.localization.render('core.register.submit')]),
288:         'name' : ''
289:       }
290:     })
291:   #set($discard = $fields.add($field))
292:   ## The captcha field, mandatory, programmatically checked to make sure the captcha is right
293:   ## Not checked by javascript because javascript can't check the captcha and the Ok message because it passes the 
294:   ## mandatory test is misleading.
295:   ## and not filled back in if there is an error ('noReturn')
296:   #set($field = 
297:     {'name' : 'captcha_answer',
298:       'label' : $services.localization.render('core.captcha.image.instruction'),
299:       'params' : { 
300:         'type' : 'text', 
301:         'size' : '60' 
302:       },
303:       'validate' : {
304:         'mandatory' : {
305:           'failureMessage' : $services.localization.render('core.captcha.captchaAnswerIsWrong'),
306:           'noscript' : true
307:         },
308:         'programmaticValidation' : {
309:           'code' : '#checkCaptcha($request, $request.get("captcha_answer"))',
310:           'failureMessage' : $services.localization.render('core.captcha.captchaAnswerIsWrong')
311:         }
312:       },
313:       'noReturn' : true
314:     })
315:   #set($discard = $fields.add($field))
316: #end
317: ##
318: ## Checks the captcha answer; used by programmaticValidation above.
319: #macro(checkCaptcha, $request, $answer)
320:   #set($cv = $captchaservice.getCaptchaVerifier('image'))
321:   #if(!$cv.isAnswerCorrect($cv.getUserId($request), $answer))
322:     failed
323:   #end
324: #end
325: ##
326: ## Pass the name of the template to $xwiki.createUser so any contained information will be passed in.
327: #set($field = 
328:   {'name' : 'template',
329:     'params' : {
330:       'type' : 'hidden',
331:       'value' : 'XWiki.XWikiUserTemplate'
332:     }
333:   })
334: #set($discard = $fields.add($field))
335: ##
336: ## Pass the redirect parameter on so that the login page may redirect to the right place.
337: ## Not necessary in Firefox 3.0.10 or Opera 9.64, I don't know about IE or Safari.
338: #set($field = 
339:   {'name' : $redirectParam,
340:     'params' : {
341:       'type' : 'hidden'
342:     }
343:   })
344: #set($discard = $fields.add($field))
345: ##
346: #######################################################################
347: ## The Code.
348: #######################################################################
349: ##
350: #if($useLiveValidation)
351:   $xwiki.get('jsfx').use('uicomponents/widgets/validation/livevalidation_prototype.js')
352:   $xwiki.get('ssfx').use('uicomponents/widgets/validation/livevalidation.css', true)
353: #end
354: ## This application's HTML is dynamically generated and editing in WYSIWYG would not work
355: #if($xcontext.getAction() == 'edit')
356:   $response.sendRedirect("$xwiki.getURL($doc.getFullName(), 'edit')?editor=wiki")
357: #end
358: ##
359: ## If this document has PR and is not included from another document then it's author should be set to Guest 
360: ## for the duration of it's execution in order to improve security.
361: ## Note we compare document ids because
362: #if($sandbox
363:     && $xcontext.hasProgrammingRights()
364:     && $xcontext.getDoc().getDocumentReference().equals($xwiki.getDocument($documentName).getDocumentReference()))
365: ##
366:   $xcontext.dropPermissions()##
367: #end
368: ##
369: ## Access level to register must be explicitly checked because it is only checked in XWiki.prepareDocuments
370: ## and this page is accessible through view action.
371: #if(!$xcontext.hasAccessLevel('register', 'XWiki.XWikiPreferences'))
372:   ## Make an exception if another document with programming permission (Invitation app) has included this 
373:   ## document and set $invited to true.
374:   #if(!$invited || !$xcontext.hasProgrammingRights())
375:     $response.sendRedirect("$xwiki.getURL($doc.getFullName(), 'login')")
376:   #end
377: #end
378: ## If this is true, then assume the registration page is being viewed inside of a lightbox
379: #if($request.get('xpage'))
380:   #set($assumeLightbox = true)
381: #end
382: ##
383: ## Display the heading
384: $heading
385: ## If the submit button has been pressed, then we test the input and maybe create the user.
386: #if($request.getParameter('xwikiname'))
387:   ## Do server side validation of input fields.
388:   ## This must not be in a #set directive as it will output messages if something goes wrong.
389:   #validateFields($fields, $request)
390:   ## If server side validation was successfull, create the user
391:   #if(!$registrationFailed)
392:     #createUser($fields, $request, $response, $doAfterRegistration)
393:   #end
394: #end
395: ## If the registration was not successful or if the user hasn't submitted the info yet
396: ## Then we display the registration form.
397: #if(!$registrationDone)
398:   $welcomeMessage
399: 
400:   {{html clean=false wiki=false}}
401:     <form id="register" action="" method="post" class="xform half">
402:     <div>
403:     <input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" />
404:     #set ($userDirectoryReference = $services.model.createDocumentReference('', 'Main', 'UserDirectory'))
405:     #if ($xwiki.exists($userDirectoryReference))
406:       <input type="hidden" name="parent" value="$!{services.model.serialize($userDirectoryReference, 'default')}" />
407:     #end
408:     #generateHtml($fields, $fieldMandatoryStar, $failureMessageParams)
409:     <div class="wikimodel-emptyline"></div>
410:     <span class="buttonwrapper">
411:     #if($assumeLightbox)
412:       ## LightBox detected...
413:       <script type="text/javascript">
414:         ## Make the X button not reload the page. (overriding LbClose)
415:         window.lb.lbClose = function() {
416:           this.lbHide();
417:           this.lbClearData();
418:           ##return false;
419:         }
420:         ## Post the form entry to the page and load the result. (we override lbSaveForm)
421:         window.lb.lbSaveForm = function() {
422:           var formParams = Form.serialize(this.form);
423:           Form.disable(this.form);
424:           var ajaxRequest = new Ajax.Request(this.saveUrl, {
425:             parameters: formParams,
426:             asynchronous: false
427:           });
428:           window.lb.lbFormDataLoaded(ajaxRequest.transport);
429:         }
430:       </script>
431:       ## It doesn't really matter where these are, the scripts will be relocated to the head.
432:       <!-- com.xpn.xwiki.plugin.skinx.CssSkinFileExtensionPlugin -->
433:       <!-- com.xpn.xwiki.plugin.skinx.JsSkinFileExtensionPlugin -->
434:       ##
435:       <input class="button" type="submit" value="$services.localization.render('save')" onclick="window.lb.lbSaveForm();"/>
436:       </span>#* End ButtonWrapper then start another...*#<span class="buttonwrapper">
437:       <input class="button secondary" type="submit" value="$services.localization.render("cancel")" onclick="Form.disable(window.lb.form); window.lb.lbClose();"/>
438:     #else
439:       ## Not using the LightBox
440:       <input type="submit" value="$services.localization.render('core.register.submit')" class="button"/>
441:     #end
442:     </span>## ButtonWrapper
443:     </div>
444:     </form>
445:     #if($useLiveValidation)
446:       #generateJavascript($fields)
447:     #end
448:   {{/html}}
449: 
450:   ##
451:   ## Allow permitted users to configure this application.
452:   #if($xcontext.getUser() != 'XWiki.XWikiGuest' && $xcontext.hasAccessLevel("edit", $documentName))
453:     [[{{translation key="xe.admin.registration.youCanConfigureRegistrationHere"/}}>>XWiki.XWikiPreferences?section=Registration&editor=globaladmin#HCustomizeXWikiRegistration]]
454:     {{html}}<a href="$xwiki.getURL($documentName, 'edit', 'editor=wiki')">$services.localization.render('xe.admin.registration.youCanConfigureRegistrationFieldsHere')</a>{{/html}}
455:   #end
456: ## If the registration is done (successful) and we detect the Lightbox simply send the user back to the original page.
457: #elseif($assumeLightbox)
458:   {{html clean=false wiki=false}}
459:     <script type="text/javascript">
460:         var url = window.lb.redirectUrl;
461:         window.lb.lbClose;
462:         if (url != undefined) {
463:           if(window.location.pathname + window.location.search == url) {
464:             ## Under certain circumstances (bug) Opera will not load a page if the location is the same as the current page.
465:             ## In these cases, location.reload() doesn't work either, the only solution (I could find) was to change the URL.
466:             window.location.href = url + "&";
467:           } else {
468:             window.location.href = url;
469:           }
470:         }
471:     </script>
472:   {{/html}}
473: #end
474: ##
475: ####### The Macros (nothing below this point is run directly) #########
476: #*
477:  * Server side validation, this is necessary for security and because not everyone has Javascript
478:  *
479:  * @param $fields The array of fields to validate.
480:  * @param $request An XWikiRequest object which made the register request, used to get parameters.
481:  *###
482: #macro(validateFields, $fields, $request)
483:   #foreach($field in $fields)
484:     #if($field.get('validate') && $field.get('name'))
485:       #set($fieldName = $field.get('name'))
486:       #set($validate = $field.get('validate'))
487:       #set($error = '')
488:       #set($value = $request.get($fieldName))
489:       #if($value && $value != '')
490:         ##
491:         ## mustMatch validation
492:         #if($error == '' && $validate.get('mustMatch'))
493:           #set($mustMatch = $validate.get('mustMatch'))
494:           #if($mustMatch.get('name') && $mustMatch.get('failureMessage'))
495:             #if($request.get($fieldName) != $request.get($mustMatch.get('name')))
496:               #set($error = $mustMatch.get('failureMessage'))
497:             #end
498:           #else
499:             ERROR: In field: ${fieldName}: mustMatch validation required both name 
500:                    (of field which this field must match) and failureMessage.
501:           #end
502:         #end
503:         ##
504:         ## Regex validation
505:         ## We won't bother with regex validation if there is no entry, that would defeat the purpose of 'mandatory'
506:         #if($error == '' && $validate.get('regex') && $value && $value != '')
507:           #set($regex = $validate.get('regex'))
508:           #if($regex.get('pattern') && $regex.get('failureMessage'))
509:             ## Make Java regexes more compatible with Perl/js style regexes by removing leading and trailing /
510:             #if($regex.get('pattern').length() > 1)
511:               #set($pattern = $regex.get('pattern'))
512:               #if($pattern.lastIndexOf('/') < $pattern.length() - 1)
513:                   ERROR: In field: ${fieldName}: regex validation does not allow flags after the /, please fix [${pattern}].
514:               #end
515:               #set($pattern = $pattern.substring($mathtool.add(1, $pattern.indexOf('/')), $pattern.lastIndexOf('/')))
516:             #else
517:               ## I don't expect this but want to maintain compatibility.
518:               #set($pattern = $regex.get('pattern'))
519:             #end
520:             #if($regextool.find($value, $pattern).isEmpty())
521:               #set($error = $regex.get('failureMessage'))
522:             #end
523:           #elseif($regex.get('pattern'))
524:             ERROR: In field: ${fieldName}: regex validation must include failureMessage.
525:           #end
526:         #end
527:         ##
528:         ## If regex and mustMatch validation passed, try programmatic validation
529:         #if($error == '' && $validate.get('programmaticValidation'))
530:           #set($pv = $validate.get('programmaticValidation'))
531:           #if($pv.get('code') && $pv.get('failureMessage'))
532:             #set($pvReturn = "#evaluate($pv.get('code'))")
533:             #if($pvReturn.indexOf('failed') != -1)
534:               #set($error = $pv.get('failureMessage'))
535:             #end
536:           #else
537:             ERROR: In field: ${fieldName}: programmaticValidation requires code and failureMessage
538:           #end
539:         #end
540:       #else
541:         ##
542:         ## If no content, check if content is mandatory
543:         #if($validate.get('mandatory'))
544:           #set($mandatory = $validate.get('mandatory'))
545:           #if($mandatory.get('failureMessage'))
546:             #set($error = $mandatory.get('failureMessage'))
547:           #else
548:             ERROR: In field: ${fieldName}: mandatory validation requires a failureMessage
549:           #end
550:         #end
551:       #end
552:       #if($error != '')
553:         #set($discard = $field.put('error', $error))
554:         #set($registrationFailed = true)
555:       #end
556:     #elseif(!$field.get('name'))
557:       ERROR: Field with no name.
558:     #end##if(validate)
559:   #end##loop
560: #end##macro
561: #*
562:  * Create the user.
563:  * Calls $xwiki.createUser to create a new user.
564:  *
565:  * @param $request An XWikiRequest object which made the register request.
566:  * @param $response The XWikiResponse object to send any redirects to.
567:  * @param $doAfterRegistration code block to run after registration completes successfully.
568:  *###
569: #macro(createUser, $fields, $request, $response, $doAfterRegistration)
570:   ## CSRF check
571:   #if(${services.csrf.isTokenValid("$!{request.getParameter('form_token')}")})
572:     ## See if email verification is required and register the user.
573:     #if($xwiki.getXWikiPreferenceAsInt('use_email_verification', 0) == 1)
574:       #set($reg = $xwiki.createUser(true))
575:     #else
576:       #set($reg = $xwiki.createUser(false))
577:     #end
578:   #else
579:     $response.sendRedirect("$!{services.csrf.getResubmissionURL()}")
580:   #end
581:   ##
582:   ## Handle output from the registration.
583:   #if($reg && $reg <= 0)
584:     {{error}}
585:     #if($reg == -2)
586:       {{translation key="core.register.passwordMismatch"/}}
587:     ## -3 means username taken, -8 means username is superadmin name
588:     #elseif($reg == -3 || $reg == -8)
589:       {{translation key="core.register.userAlreadyExists"/}}
590:     #elseif($reg == -4)
591:       {{translation key="core.register.invalidUsername"/}}
592:     #else
593:       {{translation key="core.register.registerFailed" parameters="$reg"/}}
594:     #end
595:     {{/error}}
596:   #elseif($reg)
597:   ## Registration was successful
598:     #set($registrationDone = true)
599:     ##
600:     ## If there is any thing to "doAfterRegistration" then do it.
601:     #foreach($field in $fields)
602:       #if($field.get('doAfterRegistration'))
603:         #evaluate($field.get('doAfterRegistration'))
604:       #end
605:     #end
606:     ## If there is a "global" doAfterRegistration, do that as well.
607:     #if($doAfterRegistration)
608:       #set($discard = $doAfterRegistration.toString())
609:     #end
610:     ## Define some strings which may be used by autoLogin or loginButton
611:     #set($userName = $!request.get('xwikiname'))
612:     #set($password = $!request.get('register_password'))
613:     #set($loginURL = $xwiki.getURL($loginPage, $loginAction))
614:     #if("$!request.getParameter($redirectParam)" != '')
615:       #set($redirect = $request.getParameter($redirectParam))
616:     #else
617:       #set($redirect = $defaultRedirect)
618:     #end
619:     ## Display a "registration successful" message
620: 
621:     #evaluate($registrationSuccessMessage)
622: 
623:     ## Empty line prevents message from being forced into a <p> block.
624: 
625:     ## Give the user a login button which posts their username and password to loginsubmit
626:     #if($loginButton)
627: 
628:       {{html clean=false wiki=false}}
629:         <form id="loginForm" action="$loginURL" method="post">
630:           <div class="centered">
631:           <input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" />
632:           <input id="j_username" name="j_username" type="hidden" value="$escapetool.xml($!userName)" />
633:           <input id="j_password" name="j_password" type="hidden" value="$escapetool.xml($!password)" />
634:           <input id="$redirectParam" name="$redirectParam" type="hidden" value="$escapetool.xml($redirect)" />
635:           <span class="buttonwrapper">
636:             <input type="submit" value="$services.localization.render('login')" class="button"/>
637:           </span>
638:           </div>
639:         </form>
640:         ## We don't want autoLogin if we are administrators adding users...
641:         #if($autoLogin && !$assumeLightbox)
642:           <script type='text/javascript'>
643:             document.observe('xwiki:dom:loaded', function() {
644:               document.forms['loginForm'].submit();
645:             });
646:           </script>
647:         #end
648:       {{/html}}
649: 
650:     #end
651:   #end
652:   ##
653: #end## createUser Macro
654: #*
655:  * Generate HTML form, this is the only place where HTML is written.
656:  *
657:  * @param $fields The array of fields to use for generating html code.
658:  * @param $fieldMandatoryStar The tag parameters for a * indicating a mandatory field.
659:  * @param $failureMessageParams The tag parameters for a failure message.
660:  *###
661: #macro(generateHtml, $fields, $fieldMandatoryStar, $failureMessageParams)
662:   ## Put the same values back into the fields.
663:   #getParams($fields)
664:   ##
665:   <dl>
666:   #foreach($field in $fields)
667:     #if($field.get('name'))
668:       #set($fieldName = $field.get('name'))
669:       #if($field.get('label'))
670:         #set($label = $field.get('label'))
671:         <dt><label for="$fieldName">$label
672:         #if($field.get('validate').get('mandatory'))
673:           <span ##
674:           #foreach($entry in $fieldMandatoryStar.entrySet())
675:             $entry.getKey()="$entry.getValue()" ##
676:           #end
677:           >$services.localization.render('core.validation.required')</span>
678:         #end
679:           </label>
680:         </dt>
681:       #end
682:       ## If no tag then default tag is <input>
683:       #if($field.get('tag'))
684:         #set($tag = $field.get('tag'))
685:       #else
686:         #set($tag = 'input')
687:       #end
688:       <dd><$tag id="$fieldName" ##
689:       #set($params = $field.get('params'))
690:       ## If no name parameter is spacified, then we use the field name
691:       #if(!$params.get('name'))
692:         #set($discard = $params.put('name', $fieldName))
693:       #end
694:       #foreach($entry in $params.entrySet())
695:         ## If a parameter is specified as '' then we don't include it.
696:         #if($entry.getValue() != '')
697:           $entry.getKey()="$escapetool.xml($entry.getValue())" ##
698:         #end
699:       #end
700:       ></$tag>
701:       #if($field.get('error'))
702:         <span ##
703:         #foreach($entry in $failureMessageParams.entrySet())
704:           $entry.getKey()="$entry.getValue()" ##
705:         #end
706:         >$field.get('error')</span>
707:       #end
708:       </dd>
709:     #else
710:       ERROR: Field with no name.
711:     #end##if fieldName exists
712:   #end
713:   </dl>
714: #end
715: #*
716:  * Generate the Javascript for interacting with LiveValidation.
717:  *
718:  * @param $fields The array of fields which to validate.
719:  *###
720: #macro(generateJavascript, $fields)
721:   <script type='text/javascript'>
722:   /* <![CDATA[ */
723:   document.observe('xwiki:dom:loaded', function() {
724:   ##
725:   #foreach($field in $fields)
726:     #if($field.get('validate') && $field.get('name'))
727:       #set($validate = $field.get('validate'))
728:       #if(($validate.get('mandatory') && !$validate.get('mandatory').get('noscript'))
729:           || ($validate.get('regex') && !$validate.get('regex').get('noscript'))
730:           || ($validate.get('mustMatch') && !$validate.get('mustMatch').get('noscript')))
731:         #set($fieldName = $field.get('name'))
732:         #if($validate.get('fieldOkayMessage'))
733:           #set($okayMessage = $validate.get('fieldOkayMessage'))
734:         #else
735:           #set($okayMessage = $defaultFieldOkayMessage)
736:         #end
737:         var ${fieldName}Validator = new LiveValidation("$fieldName", { validMessage: "$okayMessage", wait: 500} );
738:         ##
739:         #if($validate.get('mandatory'))
740:           #set($mandatory = $validate.get('mandatory'))
741:           #if($mandatory.get('failureMessage') && !$mandatory.get('noscript'))
742:             ${fieldName}Validator.add( Validate.Presence, { failureMessage: "$!mandatory.get('failureMessage')"} );
743:           #end
744:         #end
745:         ##
746:         #if($validate.get('mustMatch'))
747:           #set($mustMatch = $validate.get('mustMatch'))
748:           #if($mustMatch.get('name') && $mustMatch.get('failureMessage')  && !$mustMatch.get('noscript'))
749:             ${fieldName}Validator.add( Validate.Confirmation, { match: $$("input[name=$!mustMatch.get('name')]")[0], failureMessage: "$!mustMatch.get('failureMessage')"} );
750:           #end
751:         #end
752:         ##
753:         #if($validate.get('regex'))
754:           #set($regex = $validate.get('regex'))
755:           #set($pattern = "")
756:           #if($regex.get('jsPattern'))
757:             #set($pattern = $regex.get('jsPattern'))
758:           #elseif($regex.get('pattern'))
759:             #set($pattern = $regex.get('pattern'))
760:           #end
761:           #set($failMessage = "")
762:           #if($regex.get('jsFailureMessage'))
763:             #set($failMessage = $regex.get('jsFailureMessage'))
764:           #elseif($regex.get('failureMessage'))
765:             #set($failMessage = $regex.get('failureMessage'))
766:           #end          
767:           #if($pattern != '' && $failMessage != '' && !$regex.get('noscript'))
768:             ${fieldName}Validator.add( Validate.Format, { pattern: $pattern, failureMessage: "$failMessage"} );
769:           #end
770:         #end##if regex
771:       #end##if contains js validateable fields.
772:     #end##if validate
773:   #end##loop
774:     });// ]]>
775:     </script>
776: #end##macro
777: #*
778:  * Get parameters from request so that values will be filled in if there is a mistake
779:  * in one of the entries. Entries will be returned to fields[n].params.value
780:  * Fields will not be returned if they have either noReturn or error specified.
781:  *
782:  * @param $fields The array of fields to get parameters for.
783:  *###
784: #macro(getParams $fields)
785:   #foreach($field in $fields)
786:     #if($field.get('name') && $request.get($field.get('name')))
787:       #if(!$field.get('noReturn') && !$field.get('error'))
788:         #if(!$field.get('params'))
789:           #set($params = {})
790:           #set($discard = $field.put('params', $params))
791:         #else
792:           #set($params = $field.get('params'))
793:         #end
794:         #set($discard = $params.put('value', $request.get($field.get('name'))))
795:       #end
796:     #end
797:   #end
798: #end
799: #*
800:  * Get the configuration from the configuration object.
801:  *
802:  * @param $configDocumentName The name of the document to get the configuration from.
803:  *###
804: #macro(loadConfig, $configDocumentName)
805:   #set($configDocument = $xwiki.getDocument($configDocumentName))
806:   #if(!$configDocument || !$configDocument.getObject($documentName))
807:     ## No config document, load defaults.
808:     #set($heading = "$services.localization.render('core.register.title')")
809:     #set($welcomeMessage = "$services.localization.render('core.register.welcome')")
810:     #set($useLiveValidation = true)
811:     #set($defaultFieldOkayMessage = "$services.localization.render('core.validation.valid.message')")
812:     #set($loginButton = true)
813:     #set($defaultRedirect = "$xwiki.getURL($services.model.resolveDocument('', 'default', $doc.documentReference.extractReference('WIKI')))")
814:     #set($userFullName = "$request.get('register_first_name') $request.get('register_last_name')")
815:     #set($registrationSuccessMessage = '{{info}}$services.localization.render("core.register.successful", ["[[${userFullName}>>${userSpace}${userName}]]", ${userName}]){{/info}}')
816:   #else
817:     #set($configObject = $configDocument.getObject($documentName))
818:     #if ($context.action == 'register')
819:       #set ($heading = "(% id='document-title'%)((( = #evaluate($configObject.getProperty('heading').getValue()) = )))(%%)")
820:     #else
821:       #set ($heading = "= #evaluate($configObject.getProperty('heading').getValue()) =")
822:     #end
823:     #set($welcomeMessage = "#evaluate($configObject.getProperty('welcomeMessage').getValue())")
824:     #if($configObject.getProperty('liveValidation_enabled').getValue() == 1)
825:       #set($useLiveValidation = true)
826:     #end
827:     #set($defaultFieldOkayMessage = "#evaluate($configObject.getProperty('liveValidation_defaultFieldOkMessage').getValue())")
828:     #if($configObject.getProperty('loginButton_enabled').getValue() == 1)
829:       #set($loginButton = true)
830:     #end
831:     #if($configObject.getProperty('loginButton_autoLogin_enabled').getValue() == 1)
832:       #set($autoLogin = true)
833:     #end
834:     #set($defaultRedirect = "#evaluate($configObject.getProperty('defaultRedirect').getValue())")
835:     #set($registrationSuccessMessage = "$configObject.getProperty('registrationSuccessMessage').getValue()")
836:     #if($configObject.getProperty('requireCaptcha').getValue() == 1)
837:       #set($requireCaptcha = true)
838:     #end
839:   #end
840: #end
841: {{/velocity}}
Kategorie

Koncepcja
Gatunki
Stanowiska
Sponsorzy

Klasyfikacja

This wiki is licensed under a Creative Commons 2.0 license
XWiki Enterprise 6.4.8 - Documentation