Wiki source code of Registration
Version 18.1 by Admin on 2012/01/30
Hide last authors
author | version | line-number | content |
---|---|---|---|
![]() |
2.1 | 1 | {{velocity}} |
2 | ## These are defined in other places around XWiki, changing them here will result in undefined behavior. | ||
3 | #set($redirectParam = 'xredirect') | ||
4 | #set($userSpace = 'XWiki.') | ||
5 | #set($loginPage = 'XWiki.XWikiLogin') | ||
6 | #set($loginAction = 'loginsubmit') | ||
7 | ## | ||
![]() |
16.1 | 8 | #set($documentName = 'XWiki.Registration') |
![]() |
2.1 | 9 | ## |
![]() |
16.1 | 10 | ## Security measure: |
11 | ## If this document is changed such that it must have programming permission in order to run, change this to false. | ||
12 | #set($sandbox = true) | ||
13 | ## | ||
14 | ## Load the configuration from a seperate document. | ||
15 | #loadConfig('XWiki.RegistrationConfig') | ||
16 | ## | ||
![]() |
2.1 | 17 | ## Defines what server generated error messages should look like |
18 | ## The error message when a field is entered incorrectly | ||
19 | #set($failureMessageParams = { 'class' : 'LV_validation_message LV_invalid'}) | ||
20 | ## 'LV_validation_message LV_invalid' depends on this: | ||
![]() |
16.1 | 21 | $xwiki.get('ssfx').use('uicomponents/widgets/validation/livevalidation.css') |
![]() |
2.1 | 22 | ## |
23 | ## The * next to the fields to denote they are mandatory. | ||
![]() |
16.1 | 24 | #set($fieldMandatoryStar = { 'class' : 'xRequired'}) |
![]() |
2.1 | 25 | ## |
26 | #* | ||
![]() |
16.1 | 27 | * You may include this document in other documents using {{include document="XWiki.Registration"/}} |
28 | * To specify that the user is invited and should be allowed to register even if Guest does not have permission to | ||
29 | * register, set $invited to true. NOTE: The including script must have programming permission to do this. | ||
30 | * | ||
31 | * To specify some code which should run after registration is successfully completed, set | ||
32 | * $doAfterRegistration to a define block of velocity code like so: | ||
33 | * #define($doAfterRegistration) | ||
34 | * some code | ||
35 | * #end | ||
36 | * Output from running this code will not be printed. | ||
37 | * | ||
![]() |
2.1 | 38 | * The fields which will be seen on the registration page are defined here. |
39 | * $fields is an array and each field is a Map. The names shown below are Map keys. | ||
40 | * | ||
41 | * Each field must have: | ||
42 | * name - this is the name of the field, it will be the value for "name" and "id" | ||
43 | * | ||
44 | * Each field may have: | ||
45 | * label - this String will be written above the field. | ||
46 | * | ||
47 | * tag - the HTML tag which will be created, default is <input>, may also be a non form tag such as <img> | ||
48 | * | ||
49 | * params - a Map, each key value pair will be in the html tag. eg: {"size" : "30"} becomes <input size=30... | ||
50 | * | ||
51 | * validate a Map describing how to validate the field, validation is done in javascript then redone in velocity | ||
52 | * | for security and because not everyone has javascript. | ||
53 | * | | ||
54 | * +-mandatory (Optional) - Will fail if the field is not filled in. | ||
55 | * | +-failureMessage (Required) - The message to display if the field is not filled in. | ||
56 | * | +-noscript (Optional) - will not be checked by javascript | ||
57 | * | | ||
58 | * +-regex (Optional) - Will validate the field using a regular expression. | ||
59 | * | | because of character escaping, you must provide a different expression for the | ||
60 | * | | javascript validation and the server side validation. Both javascript and server side | ||
61 | * | | validation are optional, but if you provide neither, then your field will not be validated. | ||
62 | * | | | ||
63 | * | +-failureMessage (Optional) - The message to display if the regex evaluation returns false. | ||
64 | * | +-jsFailureMessage (Optional) - The message for Javascript to display if regex fails. | ||
65 | * | | If jsFailureMessage is not defined Javascript uses failureMessage. | ||
66 | * | | NOTE: Javascript injects the failure message using createTextNode so < will | ||
67 | * | | be displayed as < | ||
68 | * | | | ||
69 | * | +-pattern (Optional) - The regular expression to test the input at the server side, it's important to use | ||
70 | * | | this if you need to validate the field for security reasons, also it is good because not | ||
71 | * | | all browsers use javascript or have it enabled. | ||
72 | * | | | ||
73 | * | +-jsPattern (Optional) - The regular expression to use for client side, you can use escaped characters to avoid | ||
74 | * | | them being parsed as HTML or javascript. To get javascript to unescape characters use: | ||
75 | * | | {"jsPattern" : "'+unescape('%5E%5B%24')+'"} | ||
76 | * | | NOTE: If no jsPattern is specified, the jsValidator will try to validate | ||
77 | * | | using the server pattern. | ||
78 | * | | | ||
79 | * | +-noscript (Optional) - will not be checked by javascript | ||
80 | * | | ||
81 | * +-mustMatch (Optional) - Will fail if the entry into the field is not the same as the entry in another field. | ||
82 | * | | Good for password confirmation. | ||
83 | * | | | ||
84 | * | +-failureMessage (Required) - The message to display if the field doesn't match the named field. | ||
85 | * | +-name (Required) - The name of the field which this field must match. | ||
86 | * | +-noscript (Optional) - will not be checked by javascript | ||
87 | * | | ||
88 | * +-programmaticValidation (Optional) - This form of validation executes a piece of code which you give it and | ||
89 | * | | if the code returns the word "failed" then it gives the error message. | ||
90 | * | | Remember to put the code in singel quotes ('') because you want the value | ||
91 | * | | of 'code' to equal the literal code, not the output from running it. | ||
92 | * | | | ||
93 | * | +-code (Required) - The code which will be executed to test whether the field is filled in correctly. | ||
94 | * | +-failureMessage (Required) - The message which will be displayed if evaluating the code returns "false" | ||
95 | * | | ||
96 | * +-fieldOkayMessage (Optional) - The message which is displayed by LiveValidation when a field is validated as okay. | ||
97 | * If not specified, will be $defaultFieldOkayMessage | ||
98 | * | ||
99 | * noReturn - If this is specified, the field will not be filled in if there is an error and the user has to fix their | ||
100 | * registration information. If you don't want a password to be passed back in html then set this true | ||
101 | * for the password fields. Used for the captcha because it makes no sense to pass back a captcha answer. | ||
102 | * | ||
103 | * doAfterRegistration - Some Velocity code which will be executed after a successfull registration. | ||
104 | * This is used in the favorite color example. | ||
105 | * Remember to put the code in singel quotes ('') because you want the 'code' entry to equal the literal | ||
106 | * code, not the output from running it. | ||
107 | * | ||
108 | * Each field may not have: (reserved names) | ||
109 | * error - This is used to pass back any error message from the server side code. | ||
110 | * | ||
111 | * NOTE: This template uses a registration method which requires: | ||
112 | * * register_first_name | ||
113 | * * register_last_name | ||
114 | * * xwikiname | ||
115 | * * register_password | ||
116 | * * register2_password | ||
117 | * * register_email | ||
118 | * * template | ||
119 | * Removing or renaming any of these fields will result in undefined behavior. | ||
120 | * | ||
121 | *### | ||
122 | #set($fields = []) | ||
123 | ## | ||
124 | ## The first name field, no checking. | ||
125 | #set($field = | ||
126 | {'name' : 'register_first_name', | ||
127 | 'label' : $msg.get('core.register.firstName'), | ||
128 | 'params' : { | ||
129 | 'type' : 'text', | ||
![]() |
16.1 | 130 | 'size' : '60' |
![]() |
2.1 | 131 | } |
132 | }) | ||
133 | #set($discard = $fields.add($field)) | ||
134 | ## | ||
135 | ## The last name field, no checking. | ||
136 | #set($field = | ||
137 | {'name' : 'register_last_name', | ||
138 | 'label' : $msg.get('core.register.lastName'), | ||
139 | 'params' : { | ||
140 | 'type' : 'text', | ||
![]() |
16.1 | 141 | 'size' : '60' |
![]() |
2.1 | 142 | } |
143 | }) | ||
144 | #set($discard = $fields.add($field)) | ||
145 | ## | ||
146 | ## The user name field, mandatory and programmatically checked to make sure the username doesn't exist. | ||
147 | #set($field = | ||
148 | {'name' : 'xwikiname', | ||
149 | 'label' : $msg.get('core.register.username'), | ||
150 | 'params' : { | ||
151 | 'type' : 'text', | ||
152 | 'onfocus' : 'prepareName(document.forms.register);', | ||
![]() |
16.1 | 153 | 'size' : '60' |
![]() |
2.1 | 154 | }, |
155 | 'validate' : { | ||
156 | 'mandatory' : { | ||
![]() |
16.1 | 157 | 'failureMessage' : $msg.get('core.validation.required.message') |
![]() |
2.1 | 158 | }, |
159 | 'programmaticValidation' : { | ||
160 | 'code' : '#nameAvailable($request.get("xwikiname"))', | ||
161 | 'failureMessage' : $msg.get('core.register.userAlreadyExists') | ||
162 | } | ||
163 | } | ||
164 | }) | ||
165 | #set($discard = $fields.add($field)) | ||
166 | ## Make sure the chosen user name is not already taken | ||
167 | ## This macro is called by programmaticValidation for xwikiname (above) | ||
168 | #macro(nameAvailable, $name) | ||
169 | #if($xwiki.exists("$userSpace$name")) | ||
170 | failed | ||
![]() |
1.1 | 171 | #end |
![]() |
2.1 | 172 | #end |
173 | ## | ||
174 | ##The password field, mandatory and must be at least 6 characters long. | ||
175 | #set($field = | ||
176 | {'name' : 'register_password', | ||
177 | 'label' : $msg.get('core.register.password'), | ||
178 | 'params' : { | ||
179 | 'type' : 'password', | ||
![]() |
16.1 | 180 | 'size' : '60' |
![]() |
2.1 | 181 | }, |
182 | 'validate' : { | ||
183 | 'mandatory' : { | ||
![]() |
16.1 | 184 | 'failureMessage' : $msg.get('core.validation.required.message') |
![]() |
2.1 | 185 | }, |
186 | 'regex' : { | ||
187 | 'pattern' : '/.{6,}/', | ||
188 | 'failureMessage' : $msg.get('xe.admin.registration.passwordTooShort') | ||
189 | } | ||
190 | } | ||
191 | }) | ||
192 | #set($discard = $fields.add($field)) | ||
193 | ## | ||
194 | ##The confirm password field, mandatory, must match password field, and must also be 6+ characters long. | ||
195 | #set($field = | ||
196 | {'name' : 'register2_password', | ||
197 | 'label' : $msg.get('core.register.passwordRepeat'), | ||
198 | 'params' : { | ||
199 | 'type' : 'password', | ||
![]() |
16.1 | 200 | 'size' : '60' |
![]() |
2.1 | 201 | }, |
202 | 'validate' : { | ||
203 | 'mandatory' : { | ||
![]() |
16.1 | 204 | 'failureMessage' : $msg.get('core.validation.required.message') |
![]() |
2.1 | 205 | }, |
206 | 'mustMatch' : { | ||
207 | 'name' : 'register_password', | ||
208 | 'failureMessage' : $msg.get('xe.admin.registration.passwordMismatch') | ||
209 | }, | ||
210 | 'regex' : { | ||
211 | 'pattern' : '/.{6,}/', | ||
212 | 'failureMessage' : $msg.get('xe.admin.registration.passwordTooShort') | ||
213 | } | ||
214 | } | ||
215 | }) | ||
216 | #set($discard = $fields.add($field)) | ||
217 | ## | ||
218 | ## The email address field, regex checked with an email pattern. | ||
219 | #set($field = | ||
220 | {'name' : 'register_email', | ||
221 | 'label' : $msg.get('core.register.email'), | ||
222 | 'params' : { | ||
223 | 'type' : 'text', | ||
![]() |
16.1 | 224 | 'size' : '60' |
![]() |
2.1 | 225 | }, |
226 | 'validate' : { | ||
227 | 'regex' : { | ||
228 | 'pattern' : '/^([^@\s]+)@((?:[-a-zA-Z0-9]+\.)+[a-zA-Z]{2,})$/', | ||
229 | 'failureMessage' : $msg.get('xe.admin.registration.invalidEmail') | ||
230 | } | ||
231 | } | ||
232 | }) | ||
233 | #set($discard = $fields.add($field)) | ||
234 | ## | ||
235 | #* ## Uncomment this code to see an example of how you can easily add a field to the registration page | ||
236 | ## Note: The user's favorite color is not saved anywhere, see above for information on how to save it. | ||
237 | #set($field = | ||
238 | {'name' : 'favorite_color', | ||
239 | 'label' : 'What is your favorite color', | ||
240 | 'params' : { | ||
241 | 'type' : 'text', | ||
![]() |
16.1 | 242 | 'size' : '60' |
![]() |
2.1 | 243 | }, |
244 | 'validate' : { | ||
245 | 'mandatory' : { | ||
![]() |
16.1 | 246 | 'failureMessage' : $msg.get('core.validation.required.message') |
![]() |
2.1 | 247 | }, |
248 | 'regex' : { | ||
249 | 'pattern' : '/^green$/i', | ||
250 | 'failureMessage' : 'You are not cool enough to register here.' | ||
251 | }, | ||
252 | 'fieldOkayMessage' : 'You are awesome.' | ||
253 | }, | ||
254 | 'doAfterRegistration' : '#saveFavoriteColor()' | ||
255 | }) | ||
256 | #set($discard = $fields.add($field)) | ||
257 | ## Save the user's favorite color on their user page. | ||
258 | #macro(saveFavoriteColor) | ||
259 | #set($xwikiname = $request.get('xwikiname')) | ||
260 | #set($userDoc = $xwiki.getDocument("$userSpace$xwikiname")) | ||
261 | $userDoc.setContent("$userDoc.getContent() ${xwikiname}'s favorite color is $request.get('favorite_color')!") | ||
262 | ## The user (who is not yet logged in) can't save documents so saveWithProgrammingRights | ||
263 | ## will save the document as long as the user who last saved this registration page has programming rights. | ||
264 | $userDoc.saveWithProgrammingRights("Saved favorite color from registration form.") | ||
265 | #end | ||
266 | ## *### | ||
267 | ## To disable the captcha on this page, comment out the next two entries. | ||
268 | ## The captcha image, not an input field but still defined the same way. | ||
269 | #if($captchaservice | ||
![]() |
16.1 | 270 | && !$invited |
![]() |
2.1 | 271 | && $xcontext.getUser() == "XWiki.XWikiGuest" |
![]() |
16.1 | 272 | && $requireCaptcha) |
![]() |
2.1 | 273 | ## Empty label field used for padding. |
274 | ## Empty 'name' field overriddes name="captcha_image" with "" so name is not specified at all. | ||
275 | #set($field = | ||
276 | {'name' : 'captcha_image', | ||
![]() |
16.1 | 277 | 'label' : "<span class='hidden'>$msg.get('core.captcha.image.label')</span>", |
![]() |
2.1 | 278 | 'tag' : 'img', |
279 | 'params' : { | ||
280 | 'src' : $doc.getURL('imagecaptcha'), | ||
281 | 'alt' : $msg.get('core.captcha.image.alternateText', [$msg.get('core.register.submit')]), | ||
282 | 'name' : '' | ||
283 | } | ||
284 | }) | ||
285 | #set($discard = $fields.add($field)) | ||
286 | ## The captcha field, mandatory, programmatically checked to make sure the captcha is right | ||
287 | ## Not checked by javascript because javascript can't check the captcha and the Ok message because it passes the | ||
288 | ## mandatory test is misleading. | ||
289 | ## and not filled back in if there is an error ('noReturn') | ||
290 | #set($field = | ||
291 | {'name' : 'captcha_answer', | ||
292 | 'label' : $msg.get('core.captcha.image.instruction'), | ||
293 | 'params' : { | ||
294 | 'type' : 'text', | ||
![]() |
16.1 | 295 | 'size' : '60' |
![]() |
2.1 | 296 | }, |
297 | 'validate' : { | ||
298 | 'mandatory' : { | ||
299 | 'failureMessage' : $msg.get('core.captcha.captchaAnswerIsWrong'), | ||
300 | 'noscript' : true | ||
301 | }, | ||
302 | 'programmaticValidation' : { | ||
303 | 'code' : '#checkCaptcha($request, $request.get("captcha_answer"))', | ||
304 | 'failureMessage' : $msg.get('core.captcha.captchaAnswerIsWrong') | ||
305 | } | ||
306 | }, | ||
307 | 'noReturn' : true | ||
308 | }) | ||
309 | #set($discard = $fields.add($field)) | ||
310 | #end | ||
311 | ## | ||
312 | ## Checks the captcha answer; used by programmaticValidation above. | ||
313 | #macro(checkCaptcha, $request, $answer) | ||
314 | #set($cv = $captchaservice.getCaptchaVerifier('image')) | ||
315 | #if(!$cv.isAnswerCorrect($cv.getUserId($request), $answer)) | ||
316 | failed | ||
317 | #end | ||
318 | #end | ||
319 | ## | ||
320 | ## Pass the name of the template to $xwiki.createUser so any contained information will be passed in. | ||
321 | #set($field = | ||
322 | {'name' : 'template', | ||
323 | 'params' : { | ||
324 | 'type' : 'hidden', | ||
325 | 'value' : 'XWiki.XWikiUserTemplate' | ||
326 | } | ||
327 | }) | ||
328 | #set($discard = $fields.add($field)) | ||
329 | ## | ||
330 | ## Pass the redirect parameter on so that the login page may redirect to the right place. | ||
331 | ## Not necessary in Firefox 3.0.10 or Opera 9.64, I don't know about IE or Safari. | ||
332 | #set($field = | ||
333 | {'name' : $redirectParam, | ||
334 | 'params' : { | ||
335 | 'type' : 'hidden' | ||
336 | } | ||
337 | }) | ||
338 | #set($discard = $fields.add($field)) | ||
339 | ## | ||
340 | ####################################################################### | ||
341 | ## The Code. | ||
342 | ####################################################################### | ||
343 | ## | ||
344 | #if($useLiveValidation) | ||
345 | $xwiki.get('jsfx').use('uicomponents/widgets/validation/livevalidation_prototype.js') | ||
![]() |
16.1 | 346 | $xwiki.get('ssfx').use('uicomponents/widgets/validation/livevalidation.css') |
![]() |
2.1 | 347 | #end |
348 | ## This application's HTML is dynamically generated and editing in WYSIWYG would not work | ||
![]() |
16.1 | 349 | #if($xcontext.getAction() == 'edit') |
![]() |
2.1 | 350 | $response.sendRedirect("$xwiki.getURL($doc.getFullName(), 'edit')?editor=wiki") |
351 | #end | ||
352 | ## | ||
![]() |
16.1 | 353 | ## If this document has PR and is not included from another document then it's author should be set to Guest |
354 | ## for the duration of it's execution in order to improve security. | ||
355 | ## Note we compare document ids because | ||
356 | #if($sandbox | ||
357 | && $xcontext.hasProgrammingRights() | ||
358 | && $xcontext.getDoc().getDocumentReference().equals($xwiki.getDocument($documentName).getDocumentReference())) | ||
359 | ## | ||
360 | $xcontext.dropPermissions()## | ||
361 | #end | ||
362 | ## | ||
![]() |
2.1 | 363 | ## Access level to register must be explicitly checked because it is only checked in XWiki.prepareDocuments |
364 | ## and this page is accessible through view action. | ||
![]() |
16.1 | 365 | #if(!$xcontext.hasAccessLevel('register', 'XWiki.XWikiPreferences')) |
366 | ## Make an exception if another document with programming permission (Invitation app) has included this | ||
367 | ## document and set $invited to true. | ||
368 | #if(!$invited || !$xcontext.hasProgrammingRights()) | ||
369 | $response.sendRedirect("$xwiki.getURL($doc.getFullName(), 'login')") | ||
370 | #end | ||
![]() |
2.1 | 371 | #end |
372 | ## If this is true, then assume the registration page is being viewed inside of a lightbox | ||
373 | #if($request.get('xpage')) | ||
374 | #set($assumeLightbox = true) | ||
375 | #end | ||
376 | ## | ||
377 | ## Display the heading | ||
378 | $heading | ||
379 | ## If the submit button has been pressed, then we test the input and maybe create the user. | ||
380 | #if($request.getParameter('xwikiname')) | ||
381 | ## Do server side validation of input fields. | ||
382 | #set($discard = "#validateFields($fields, $request)") | ||
383 | ## If server side validation was successfull, create the user | ||
384 | #if(!$registrationFailed) | ||
![]() |
16.1 | 385 | #createUser($fields, $request, $response, $doAfterRegistration) |
![]() |
2.1 | 386 | #end |
387 | #end | ||
388 | ## If the registration was not successful or if the user hasn't submitted the info yet | ||
389 | ## Then we display the registration form. | ||
390 | #if(!$registrationDone) | ||
391 | $welcomeMessage | ||
![]() |
16.1 | 392 | |
![]() |
2.1 | 393 | {{html clean=false wiki=false}} |
![]() |
16.1 | 394 | <form id="register" action="" method="post" class="xform half"> |
![]() |
2.1 | 395 | <div> |
![]() |
16.1 | 396 | <input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" /> |
![]() |
2.1 | 397 | #generateHtml($fields, $fieldMandatoryStar, $failureMessageParams) |
398 | <div class="wikimodel-emptyline"></div> | ||
399 | <span class="buttonwrapper"> | ||
400 | #if($assumeLightbox) | ||
401 | ## LightBox detected... | ||
402 | <script type="text/javascript"> | ||
403 | ## Make the X button not reload the page. (overriding LbClose) | ||
404 | window.lb.lbClose = function() { | ||
405 | this.lbHide(); | ||
406 | this.lbClearData(); | ||
407 | ##return false; | ||
408 | } | ||
409 | ## Post the form entry to the page and load the result. (we override lbSaveForm) | ||
410 | window.lb.lbSaveForm = function() { | ||
411 | var formParams = Form.serialize(this.form); | ||
412 | Form.disable(this.form); | ||
413 | var ajaxRequest = new Ajax.Request(this.saveUrl, { | ||
414 | parameters: formParams, | ||
415 | asynchronous: false | ||
416 | }); | ||
417 | window.lb.lbFormDataLoaded(ajaxRequest.transport); | ||
418 | } | ||
419 | </script> | ||
420 | ## It doesn't really matter where these are, the scripts will be relocated to the head. | ||
421 | <!-- com.xpn.xwiki.plugin.skinx.CssSkinFileExtensionPlugin --> | ||
422 | <!-- com.xpn.xwiki.plugin.skinx.JsSkinFileExtensionPlugin --> | ||
423 | ## | ||
424 | <input class="button" type="submit" value="$msg.get('save')" onclick="window.lb.lbSaveForm();"/> | ||
425 | </span>#* End ButtonWrapper then start another...*#<span class="buttonwrapper"> | ||
![]() |
16.1 | 426 | <input class="button secondary" type="submit" value="$msg.get("cancel")" onclick="Form.disable(window.lb.form); window.lb.lbClose();"/> |
![]() |
2.1 | 427 | #else |
428 | ## Not using the LightBox | ||
429 | <input type="submit" value="$msg.get('core.register.submit')" class="button"/> | ||
430 | #end | ||
431 | </span>## ButtonWrapper | ||
432 | </div> | ||
433 | </form> | ||
434 | #if($useLiveValidation) | ||
435 | #generateJavascript($fields) | ||
436 | #end | ||
437 | {{/html}} | ||
![]() |
16.1 | 438 | |
![]() |
2.1 | 439 | ## |
440 | ## Allow permitted users to configure this application. | ||
![]() |
16.1 | 441 | #if($xcontext.getUser() != 'XWiki.XWikiGuest' && $xcontext.hasAccessLevel("edit", $documentName)) |
442 | [[$msg.get('xe.admin.registration.youCanConfigureRegistrationHere')>>XWiki.XWikiPreferences?section=Registration&editor=globaladmin#HCustomizeXWikiRegistration]] | ||
443 | {{html}}<a href="$xwiki.getURL($documentName, 'edit', 'editor=wiki')">$msg.get('xe.admin.registration.youCanConfigureRegistrationFieldsHere')</a>{{/html}} | ||
![]() |
2.1 | 444 | #end |
445 | ## If the registration is done (successful) and we detect the Lightbox simply send the user back to the original page. | ||
446 | #elseif($assumeLightbox) | ||
447 | {{html clean=false wiki=false}} | ||
448 | <script type="text/javascript"> | ||
449 | var url = window.lb.redirectUrl; | ||
450 | window.lb.lbClose; | ||
451 | if (url != undefined) { | ||
452 | if(window.location.pathname + window.location.search == url) { | ||
453 | ## Under certain circumstances (bug) Opera will not load a page if the location is the same as the current page. | ||
454 | ## In these cases, location.reload() doesn't work either, the only solution (I could find) was to change the URL. | ||
455 | window.location.href = url + "&"; | ||
456 | } else { | ||
457 | window.location.href = url; | ||
458 | } | ||
459 | } | ||
460 | </script> | ||
461 | {{/html}} | ||
462 | #end | ||
463 | ## | ||
464 | ####### The Macros (nothing below this point is run directly) ######### | ||
465 | #* | ||
466 | * Server side validation, this is necessary for security and because not everyone has Javascript | ||
467 | * | ||
468 | * @param $fields The array of fields to validate. | ||
469 | * @param $request An XWikiRequest object which made the register request, used to get parameters. | ||
470 | *### | ||
471 | #macro(validateFields, $fields, $request) | ||
472 | #foreach($field in $fields) | ||
473 | #if($field.get('validate') && $field.get('name')) | ||
474 | #set($fieldName = $field.get('name')) | ||
475 | #set($validate = $field.get('validate')) | ||
476 | #set($error = '') | ||
477 | #set($value = $request.get($fieldName)) | ||
478 | #if($value && $value != '') | ||
479 | ## | ||
480 | ## mustMatch validation | ||
481 | #if($error == '' && $validate.get('mustMatch')) | ||
482 | #set($mustMatch = $validate.get('mustMatch')) | ||
483 | #if($mustMatch.get('name') && $mustMatch.get('failureMessage')) | ||
484 | #if($request.get($fieldName) != $request.get($mustMatch.get('name'))) | ||
485 | #set($error = $mustMatch.get('failureMessage')) | ||
486 | #end | ||
487 | #else | ||
488 | ERROR: In field: ${fieldName}: mustMatch validation required both name | ||
489 | (of field which this field must match) and failureMessage. | ||
490 | #end | ||
491 | #end | ||
492 | ## | ||
493 | ## Regex validation | ||
494 | ## We won't bother with regex validation if there is no entry, that would defeat the purpose of 'mandatory' | ||
495 | #if($error == '' && $validate.get('regex') && $value && $value != '') | ||
496 | #set($regex = $validate.get('regex')) | ||
497 | #if($regex.get('pattern') && $regex.get('failureMessage')) | ||
![]() |
16.1 | 498 | ## Make Java regexes more compatible with Perl/js style regexes by removing leading and trailing / |
499 | #if($regex.get('pattern').length() > 1) | ||
500 | #set($pattern = $regex.get('pattern').substring(1, $mathtool.add($regex.get('pattern').length(), -1))) | ||
501 | #else | ||
502 | ## I don't expect this but want to maintain compatibility. | ||
503 | #set($pattern = $regex.get('pattern')) | ||
504 | #end | ||
505 | #if($regextool.find($value, $pattern).isEmpty()) | ||
![]() |
2.1 | 506 | #set($error = $regex.get('failureMessage')) |
507 | #end | ||
508 | #elseif($regex.get('pattern')) | ||
509 | ERROR: In field: ${fieldName}: regex validation must include failureMessage. | ||
510 | #end | ||
511 | #end | ||
512 | ## | ||
513 | ## If regex and mustMatch validation passed, try programmatic validation | ||
514 | #if($error == '' && $validate.get('programmaticValidation')) | ||
515 | #set($pv = $validate.get('programmaticValidation')) | ||
516 | #if($pv.get('code') && $pv.get('failureMessage')) | ||
517 | #set($pvReturn = "#evaluate($pv.get('code'))") | ||
518 | #if($pvReturn.indexOf('failed') != -1) | ||
519 | #set($error = $pv.get('failureMessage')) | ||
520 | #end | ||
521 | #else | ||
522 | ERROR: In field: ${fieldName}: programmaticValidation requires code and failureMessage | ||
523 | #end | ||
524 | #end | ||
525 | #else | ||
526 | ## | ||
527 | ## If no content, check if content is mandatory | ||
528 | #if($validate.get('mandatory')) | ||
529 | #set($mandatory = $validate.get('mandatory')) | ||
530 | #if($mandatory.get('failureMessage')) | ||
531 | #set($error = $mandatory.get('failureMessage')) | ||
532 | #else | ||
533 | ERROR: In field: ${fieldName}: mandatory validation requires a failureMessage | ||
534 | #end | ||
535 | #end | ||
536 | #end | ||
537 | #if($error != '') | ||
538 | #set($discard = $field.put('error', $error)) | ||
539 | #set($registrationFailed = true) | ||
540 | #end | ||
541 | #elseif(!$field.get('name')) | ||
542 | ERROR: Field with no name. | ||
543 | #end##if(validate) | ||
544 | #end##loop | ||
545 | #end##macro | ||
546 | #* | ||
547 | * Create the user. | ||
548 | * Calls $xwiki.createUser to create a new user. | ||
549 | * | ||
550 | * @param $request An XWikiRequest object which made the register request. | ||
551 | * @param $response The XWikiResponse object to send any redirects to. | ||
![]() |
16.1 | 552 | * @param $doAfterRegistration code block to run after registration completes successfully. |
![]() |
2.1 | 553 | *### |
![]() |
16.1 | 554 | #macro(createUser, $fields, $request, $response, $doAfterRegistration) |
555 | ## CSRF check | ||
556 | #if(${services.csrf.isTokenValid("$!{request.getParameter('form_token')}")}) | ||
557 | ## See if email verification is required and register the user. | ||
558 | #if($xwiki.getXWikiPreferenceAsInt('use_email_verification', 0) == 1) | ||
559 | #set($reg = $xwiki.createUser(true)) | ||
560 | #else | ||
561 | #set($reg = $xwiki.createUser(false)) | ||
562 | #end | ||
![]() |
2.1 | 563 | #else |
![]() |
16.1 | 564 | $response.sendRedirect("$!{services.csrf.getResubmissionURL()}") |
![]() |
2.1 | 565 | #end |
566 | ## | ||
567 | ## Handle output from the registration. | ||
![]() |
1.1 | 568 | #if($reg && $reg <= 0) |
![]() |
2.1 | 569 | {{error}} |
![]() |
1.1 | 570 | #if($reg == -2) |
![]() |
2.1 | 571 | $msg.get('core.register.passwordMismatch') |
572 | ## -3 means username taken, -8 means username is superadmin name | ||
573 | #elseif($reg == -3 || $reg == -8) | ||
574 | $msg.get('core.register.userAlreadyExists') | ||
![]() |
1.1 | 575 | #elseif($reg == -4) |
![]() |
2.1 | 576 | $msg.get('core.register.invalidUsername') |
![]() |
1.1 | 577 | #else |
![]() |
2.1 | 578 | $msg.get('core.register.registerFailed', [$reg]) |
![]() |
1.1 | 579 | #end |
![]() |
2.1 | 580 | {{/error}} |
![]() |
1.1 | 581 | #elseif($reg) |
![]() |
2.1 | 582 | ## Registration was successful |
583 | #set($registrationDone = true) | ||
584 | ## | ||
585 | ## If there is any thing to "doAfterRegistration" then do it. | ||
586 | #foreach($field in $fields) | ||
587 | #if($field.get('doAfterRegistration')) | ||
588 | #evaluate($field.get('doAfterRegistration')) | ||
589 | #end | ||
590 | #end | ||
![]() |
16.1 | 591 | ## If there is a "global" doAfterRegistration, do that as well. |
592 | #if($doAfterRegistration) | ||
593 | #set($discard = $doAfterRegistration.toString()) | ||
594 | #end | ||
![]() |
2.1 | 595 | ## Define some strings which may be used by autoLogin or loginButton |
596 | #set($userName = $!request.get('xwikiname')) | ||
597 | #set($password = $!request.get('register_password')) | ||
598 | #set($loginURL = $xwiki.getURL($loginPage, $loginAction)) | ||
![]() |
16.1 | 599 | #if("$!request.getParameter($redirectParam)" != '') |
![]() |
2.1 | 600 | #set($redirect = $request.getParameter($redirectParam)) |
601 | #else | ||
602 | #set($redirect = $defaultRedirect) | ||
603 | #end | ||
604 | ## Display a "registration successful" message | ||
![]() |
16.1 | 605 | |
606 | #evaluate($registrationSuccessMessage) | ||
607 | |||
608 | ## Empty line prevents message from being forced into a <p> block. | ||
609 | |||
![]() |
2.1 | 610 | ## Give the user a login button which posts their username and password to loginsubmit |
611 | #if($loginButton) | ||
![]() |
16.1 | 612 | |
![]() |
2.1 | 613 | {{html clean=false wiki=false}} |
614 | <form id="loginForm" action="$loginURL" method="post"> | ||
![]() |
17.1 | 615 | <div class="centered"> |
![]() |
16.1 | 616 | <input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" /> |
617 | <input id="j_username" name="j_username" type="hidden" value="$escapetool.xml($!userName)" /> | ||
618 | <input id="j_password" name="j_password" type="hidden" value="$escapetool.xml($!password)" /> | ||
619 | <input id="$redirectParam" name="$redirectParam" type="hidden" value="$escapetool.xml($redirect)" /> | ||
![]() |
17.1 | 620 | <span class="buttonwrapper"> |
![]() |
2.1 | 621 | <input type="submit" value="$msg.get('login')" class="button"/> |
622 | </span> | ||
623 | </div> | ||
624 | </form> | ||
625 | ## We don't want autoLogin if we are administrators adding users... | ||
626 | #if($autoLogin && !$assumeLightbox) | ||
627 | <script type='text/javascript'> | ||
628 | document.observe('dom:loaded', function() { | ||
629 | document.forms['loginForm'].submit(); | ||
630 | }); | ||
631 | </script> | ||
632 | #end | ||
633 | {{/html}} | ||
![]() |
16.1 | 634 | |
![]() |
2.1 | 635 | #end |
![]() |
1.1 | 636 | #end |
![]() |
2.1 | 637 | ## |
638 | #end## createUser Macro | ||
639 | #* | ||
640 | * Generate HTML form, this is the only place where HTML is written. | ||
641 | * | ||
642 | * @param $fields The array of fields to use for generating html code. | ||
643 | * @param $fieldMandatoryStar The tag parameters for a * indicating a mandatory field. | ||
644 | * @param $failureMessageParams The tag parameters for a failure message. | ||
645 | *### | ||
646 | #macro(generateHtml, $fields, $fieldMandatoryStar, $failureMessageParams) | ||
![]() |
16.1 | 647 | ## Put the same values back into the fields. |
648 | #getParams($fields) | ||
649 | ## | ||
650 | <dl> | ||
651 | #foreach($field in $fields) | ||
652 | #if($field.get('name')) | ||
653 | #set($fieldName = $field.get('name')) | ||
654 | #if($field.get('label')) | ||
655 | #set($label = $field.get('label')) | ||
656 | <dt><label for="$fieldName">$label | ||
657 | #if($field.get('validate').get('mandatory')) | ||
658 | <span ## | ||
659 | #foreach($entry in $fieldMandatoryStar.entrySet()) | ||
660 | $entry.getKey()="$entry.getValue()" ## | ||
![]() |
2.1 | 661 | #end |
![]() |
16.1 | 662 | >$msg.get('core.validation.required')</span> |
![]() |
1.1 | 663 | #end |
![]() |
16.1 | 664 | </label> |
665 | </dt> | ||
666 | #end | ||
667 | ## If no tag then default tag is <input> | ||
668 | #if($field.get('tag')) | ||
669 | #set($tag = $field.get('tag')) | ||
670 | #else | ||
671 | #set($tag = 'input') | ||
672 | #end | ||
673 | <dd><$tag id="$fieldName" ## | ||
674 | #set($params = $field.get('params')) | ||
675 | ## If no name parameter is spacified, then we use the field name | ||
676 | #if(!$params.get('name')) | ||
677 | #set($discard = $params.put('name', $fieldName)) | ||
678 | #end | ||
679 | #foreach($entry in $params.entrySet()) | ||
680 | ## If a parameter is specified as '' then we don't include it. | ||
681 | #if($entry.getValue() != '') | ||
682 | $entry.getKey()="$escapetool.xml($entry.getValue())" ## | ||
![]() |
1.1 | 683 | #end |
![]() |
16.1 | 684 | #end |
685 | ></$tag> | ||
686 | #if($field.get('error')) | ||
687 | <span ## | ||
688 | #foreach($entry in $failureMessageParams.entrySet()) | ||
689 | $entry.getKey()="$entry.getValue()" ## | ||
![]() |
2.1 | 690 | #end |
![]() |
16.1 | 691 | >$field.get('error')</span> |
692 | #end | ||
693 | </dd> | ||
694 | #else | ||
695 | ERROR: Field with no name. | ||
696 | #end##if fieldName exists | ||
![]() |
1.1 | 697 | #end |
![]() |
16.1 | 698 | </dl> |
![]() |
2.1 | 699 | #end |
700 | #* | ||
701 | * Generate the Javascript for interacting with LiveValidation. | ||
702 | * | ||
703 | * @param $fields The array of fields which to validate. | ||
704 | *### | ||
705 | #macro(generateJavascript, $fields) | ||
706 | <script type='text/javascript'> | ||
707 | /* <![CDATA[ */ | ||
708 | document.observe('dom:loaded', function() { | ||
709 | ## | ||
710 | #foreach($field in $fields) | ||
711 | #if($field.get('validate') && $field.get('name')) | ||
712 | #set($validate = $field.get('validate')) | ||
713 | #if(($validate.get('mandatory') && !$validate.get('mandatory').get('noscript')) | ||
714 | || ($validate.get('regex') && !$validate.get('regex').get('noscript')) | ||
715 | || ($validate.get('mustMatch') && !$validate.get('mustMatch').get('noscript'))) | ||
716 | #set($fieldName = $field.get('name')) | ||
717 | #if($validate.get('fieldOkayMessage')) | ||
718 | #set($okayMessage = $validate.get('fieldOkayMessage')) | ||
719 | #else | ||
720 | #set($okayMessage = $defaultFieldOkayMessage) | ||
721 | #end | ||
722 | var ${fieldName}Validator = new LiveValidation("$fieldName", { validMessage: "$okayMessage", wait: 500} ); | ||
723 | ## | ||
724 | #if($validate.get('mandatory')) | ||
725 | #set($mandatory = $validate.get('mandatory')) | ||
726 | #if($mandatory.get('failureMessage') && !$mandatory.get('noscript')) | ||
727 | ${fieldName}Validator.add( Validate.Presence, { failureMessage: "$!mandatory.get('failureMessage')"} ); | ||
728 | #end | ||
729 | #end | ||
730 | ## | ||
731 | #if($validate.get('mustMatch')) | ||
732 | #set($mustMatch = $validate.get('mustMatch')) | ||
733 | #if($mustMatch.get('name') && $mustMatch.get('failureMessage') && !$mustMatch.get('noscript')) | ||
734 | ${fieldName}Validator.add( Validate.Confirmation, { match: $$("input[name=$!mustMatch.get('name')]")[0], failureMessage: "$!mustMatch.get('failureMessage')"} ); | ||
735 | #end | ||
736 | #end | ||
737 | ## | ||
738 | #if($validate.get('regex')) | ||
739 | #set($regex = $validate.get('regex')) | ||
740 | #set($pattern = "") | ||
741 | #if($regex.get('jsPattern')) | ||
742 | #set($pattern = $regex.get('jsPattern')) | ||
743 | #elseif($regex.get('pattern')) | ||
744 | #set($pattern = $regex.get('pattern')) | ||
745 | #end | ||
746 | #set($failMessage = "") | ||
747 | #if($regex.get('jsFailureMessage')) | ||
748 | #set($failMessage = $regex.get('jsFailureMessage')) | ||
749 | #elseif($regex.get('failureMessage')) | ||
750 | #set($failMessage = $regex.get('failureMessage')) | ||
751 | #end | ||
752 | #if($pattern != '' && $failMessage != '' && !$regex.get('noscript')) | ||
753 | ${fieldName}Validator.add( Validate.Format, { pattern: $pattern, failureMessage: "$failMessage"} ); | ||
754 | #end | ||
755 | #end##if regex | ||
756 | #end##if contains js validateable fields. | ||
757 | #end##if validate | ||
758 | #end##loop | ||
759 | });// ]]> | ||
760 | </script> | ||
761 | #end##macro | ||
762 | #* | ||
763 | * Get parameters from request so that values will be filled in if there is a mistake | ||
764 | * in one of the entries. Entries will be returned to fields[n].params.value | ||
765 | * Fields will not be returned if they have either noReturn or error specified. | ||
766 | * | ||
767 | * @param $fields The array of fields to get parameters for. | ||
768 | *### | ||
769 | #macro(getParams $fields) | ||
770 | #foreach($field in $fields) | ||
771 | #if($field.get('name') && $request.get($field.get('name'))) | ||
772 | #if(!$field.get('noReturn') && !$field.get('error')) | ||
773 | #if(!$field.get('params')) | ||
774 | #set($params = {}) | ||
775 | #set($discard = $field.put('params', $params)) | ||
776 | #else | ||
777 | #set($params = $field.get('params')) | ||
778 | #end | ||
779 | #set($discard = $params.put('value', $request.get($field.get('name')))) | ||
780 | #end | ||
781 | #end | ||
782 | #end | ||
783 | #end | ||
![]() |
16.1 | 784 | #* |
785 | * Get the configuration from the configuration object. | ||
786 | * | ||
787 | * @param $configDocumentName The name of the document to get the configuration from. | ||
788 | *### | ||
789 | #macro(loadConfig, $configDocumentName) | ||
790 | #set($configDocument = $xwiki.getDocument($configDocumentName)) | ||
791 | #if(!$configDocument || !$configDocument.getObject($documentName)) | ||
792 | ## No config document, load defaults. | ||
793 | #set($heading = "$msg.get('core.register.title')") | ||
794 | #set($welcomeMessage = "$msg.get('core.register.welcome')") | ||
795 | #set($useLiveValidation = true) | ||
796 | #set($defaultFieldOkayMessage = "$msg.get('core.validation.valid.message')") | ||
797 | #set($loginButton = true) | ||
798 | #set($defaultRedirect = "$xwiki.getURL('Main.WebHome')") | ||
799 | #set($userFullName = "$request.get('register_first_name') $request.get('register_last_name')") | ||
800 | #set($registrationSuccessMessage = '{{info}}$msg.get("core.register.successful", ["[[${userFullName}>>${userSpace}${userName}]]", ${userName}]){{/info}}') | ||
801 | #else | ||
802 | #set($configObject = $configDocument.getObject($documentName)) | ||
803 | #if ($context.action == 'register') | ||
804 | #set ($heading = "(% id='document-title'%)((( = #evaluate($configObject.getProperty('heading').getValue()) = )))(%%)") | ||
805 | #else | ||
806 | #set ($heading = "= #evaluate($configObject.getProperty('heading').getValue()) =") | ||
807 | #end | ||
808 | #set($welcomeMessage = "#evaluate($configObject.getProperty('welcomeMessage').getValue())") | ||
809 | #if($configObject.getProperty('liveValidation_enabled').getValue() == 1) | ||
810 | #set($useLiveValidation = true) | ||
811 | #end | ||
812 | #set($defaultFieldOkayMessage = "#evaluate($configObject.getProperty('liveValidation_defaultFieldOkMessage').getValue())") | ||
813 | #if($configObject.getProperty('loginButton_enabled').getValue() == 1) | ||
814 | #set($loginButton = true) | ||
815 | #end | ||
816 | #if($configObject.getProperty('loginButton_autoLogin_enabled').getValue() == 1) | ||
817 | #set($autoLogin = true) | ||
818 | #end | ||
819 | #set($defaultRedirect = "#evaluate($configObject.getProperty('defaultRedirect').getValue())") | ||
820 | #set($registrationSuccessMessage = "$configObject.getProperty('registrationSuccessMessage').getValue()") | ||
821 | #if($configObject.getProperty('requireCaptcha').getValue() == 1) | ||
822 | #set($requireCaptcha = true) | ||
823 | #end | ||
824 | #end | ||
825 | #end | ||
![]() |
2.1 | 826 | {{/velocity}} |