Wiki source code of Registration

Version 19.1 by Admin on 2012/03/01

version	line-number	content
2.1	1	{{velocity}}
	2	## These are defined in other places around XWiki, changing them here will result in undefined behavior.
	3	#set($redirectParam = 'xredirect')
	4	#set($userSpace = 'XWiki.')
	5	#set($loginPage = 'XWiki.XWikiLogin')
	6	#set($loginAction = 'loginsubmit')
	7	##
16.1	8	#set($documentName = 'XWiki.Registration')
2.1	9	##
16.1	10	## Security measure:
	11	## If this document is changed such that it must have programming permission in order to run, change this to false.
	12	#set($sandbox = true)
	13	##
	14	## Load the configuration from a seperate document.
	15	#loadConfig('XWiki.RegistrationConfig')
	16	##
2.1	17	## Defines what server generated error messages should look like
	18	## The error message when a field is entered incorrectly
	19	#set($failureMessageParams = { 'class' : 'LV_validation_message LV_invalid'})
	20	## 'LV_validation_message LV_invalid' depends on this:
16.1	21	$xwiki.get('ssfx').use('uicomponents/widgets/validation/livevalidation.css')
2.1	22	##
	23	## The * next to the fields to denote they are mandatory.
16.1	24	#set($fieldMandatoryStar = { 'class' : 'xRequired'})
2.1	25	##
	26	#*
16.1	27	* You may include this document in other documents using {{include document="XWiki.Registration"/}}
	28	* To specify that the user is invited and should be allowed to register even if Guest does not have permission to
	29	* register, set $invited to true. NOTE: The including script must have programming permission to do this.
	30	*
	31	* To specify some code which should run after registration is successfully completed, set
	32	* $doAfterRegistration to a define block of velocity code like so:
	33	* #define($doAfterRegistration)
	34	* some code
	35	* #end
	36	* Output from running this code will not be printed.
	37	*
2.1	38	* The fields which will be seen on the registration page are defined here.
	39	* $fields is an array and each field is a Map. The names shown below are Map keys.
	40	*
	41	* Each field must have:
	42	* name - this is the name of the field, it will be the value for "name" and "id"
	43	*
	44	* Each field may have:
	45	* label - this String will be written above the field.
	46	*
	47	* tag - the HTML tag which will be created, default is <input>, may also be a non form tag such as <img>
	48	*
	49	* params - a Map, each key value pair will be in the html tag. eg: {"size" : "30"} becomes <input size=30...
	50	*
	51	* validate a Map describing how to validate the field, validation is done in javascript then redone in velocity
	52	* \| for security and because not everyone has javascript.
	53	* \|
	54	* +-mandatory (Optional) - Will fail if the field is not filled in.
	55	* \| +-failureMessage (Required) - The message to display if the field is not filled in.
	56	* \| +-noscript (Optional) - will not be checked by javascript
	57	* \|
	58	* +-regex (Optional) - Will validate the field using a regular expression.
	59	* \| \| because of character escaping, you must provide a different expression for the
	60	* \| \| javascript validation and the server side validation. Both javascript and server side
	61	* \| \| validation are optional, but if you provide neither, then your field will not be validated.
	62	* \| \|
	63	* \| +-failureMessage (Optional) - The message to display if the regex evaluation returns false.
	64	* \| +-jsFailureMessage (Optional) - The message for Javascript to display if regex fails.
	65	* \| \| If jsFailureMessage is not defined Javascript uses failureMessage.
	66	* \| \| NOTE: Javascript injects the failure message using createTextNode so < will
	67	* \| \| be displayed as <
	68	* \| \|
	69	* \| +-pattern (Optional) - The regular expression to test the input at the server side, it's important to use
	70	* \| \| this if you need to validate the field for security reasons, also it is good because not
	71	* \| \| all browsers use javascript or have it enabled.
	72	* \| \|
	73	* \| +-jsPattern (Optional) - The regular expression to use for client side, you can use escaped characters to avoid
	74	* \| \| them being parsed as HTML or javascript. To get javascript to unescape characters use:
	75	* \| \| {"jsPattern" : "'+unescape('%5E%5B%24')+'"}
	76	* \| \| NOTE: If no jsPattern is specified, the jsValidator will try to validate
	77	* \| \| using the server pattern.
	78	* \| \|
	79	* \| +-noscript (Optional) - will not be checked by javascript
	80	* \|
	81	* +-mustMatch (Optional) - Will fail if the entry into the field is not the same as the entry in another field.
	82	* \| \| Good for password confirmation.
	83	* \| \|
	84	* \| +-failureMessage (Required) - The message to display if the field doesn't match the named field.
	85	* \| +-name (Required) - The name of the field which this field must match.
	86	* \| +-noscript (Optional) - will not be checked by javascript
	87	* \|
	88	* +-programmaticValidation (Optional) - This form of validation executes a piece of code which you give it and
	89	* \| \| if the code returns the word "failed" then it gives the error message.
	90	* \| \| Remember to put the code in singel quotes ('') because you want the value
	91	* \| \| of 'code' to equal the literal code, not the output from running it.
	92	* \| \|
	93	* \| +-code (Required) - The code which will be executed to test whether the field is filled in correctly.
	94	* \| +-failureMessage (Required) - The message which will be displayed if evaluating the code returns "false"
	95	* \|
	96	* +-fieldOkayMessage (Optional) - The message which is displayed by LiveValidation when a field is validated as okay.
	97	* If not specified, will be $defaultFieldOkayMessage
	98	*
	99	* noReturn - If this is specified, the field will not be filled in if there is an error and the user has to fix their
	100	* registration information. If you don't want a password to be passed back in html then set this true
	101	* for the password fields. Used for the captcha because it makes no sense to pass back a captcha answer.
	102	*
	103	* doAfterRegistration - Some Velocity code which will be executed after a successfull registration.
	104	* This is used in the favorite color example.
	105	* Remember to put the code in singel quotes ('') because you want the 'code' entry to equal the literal
	106	* code, not the output from running it.
	107	*
	108	* Each field may not have: (reserved names)
	109	* error - This is used to pass back any error message from the server side code.
	110	*
	111	* NOTE: This template uses a registration method which requires:
	112	* * register_first_name
	113	* * register_last_name
	114	* * xwikiname
	115	* * register_password
	116	* * register2_password
	117	* * register_email
	118	* * template
	119	* Removing or renaming any of these fields will result in undefined behavior.
	120	*
	121	*###
	122	#set($fields = [])
	123	##
	124	## The first name field, no checking.
	125	#set($field =
	126	{'name' : 'register_first_name',
	127	'label' : $msg.get('core.register.firstName'),
	128	'params' : {
	129	'type' : 'text',
16.1	130	'size' : '60'
2.1	131	}
	132	})
	133	#set($discard = $fields.add($field))
	134	##
	135	## The last name field, no checking.
	136	#set($field =
	137	{'name' : 'register_last_name',
	138	'label' : $msg.get('core.register.lastName'),
	139	'params' : {
	140	'type' : 'text',
16.1	141	'size' : '60'
2.1	142	}
	143	})
	144	#set($discard = $fields.add($field))
	145	##
	146	## The user name field, mandatory and programmatically checked to make sure the username doesn't exist.
	147	#set($field =
	148	{'name' : 'xwikiname',
	149	'label' : $msg.get('core.register.username'),
	150	'params' : {
	151	'type' : 'text',
	152	'onfocus' : 'prepareName(document.forms.register);',
16.1	153	'size' : '60'
2.1	154	},
	155	'validate' : {
	156	'mandatory' : {
16.1	157	'failureMessage' : $msg.get('core.validation.required.message')
2.1	158	},
	159	'programmaticValidation' : {
	160	'code' : '#nameAvailable($request.get("xwikiname"))',
	161	'failureMessage' : $msg.get('core.register.userAlreadyExists')
	162	}
	163	}
	164	})
	165	#set($discard = $fields.add($field))
	166	## Make sure the chosen user name is not already taken
	167	## This macro is called by programmaticValidation for xwikiname (above)
	168	#macro(nameAvailable, $name)
	169	#if($xwiki.exists("$userSpace$name"))
	170	failed
1.1	171	#end
2.1	172	#end
	173	##
	174	##The password field, mandatory and must be at least 6 characters long.
	175	#set($field =
	176	{'name' : 'register_password',
	177	'label' : $msg.get('core.register.password'),
	178	'params' : {
	179	'type' : 'password',
16.1	180	'size' : '60'
2.1	181	},
	182	'validate' : {
	183	'mandatory' : {
16.1	184	'failureMessage' : $msg.get('core.validation.required.message')
2.1	185	},
	186	'regex' : {
	187	'pattern' : '/.{6,}/',
	188	'failureMessage' : $msg.get('xe.admin.registration.passwordTooShort')
	189	}
	190	}
	191	})
	192	#set($discard = $fields.add($field))
	193	##
	194	##The confirm password field, mandatory, must match password field, and must also be 6+ characters long.
	195	#set($field =
	196	{'name' : 'register2_password',
	197	'label' : $msg.get('core.register.passwordRepeat'),
	198	'params' : {
	199	'type' : 'password',
16.1	200	'size' : '60'
2.1	201	},
	202	'validate' : {
	203	'mandatory' : {
16.1	204	'failureMessage' : $msg.get('core.validation.required.message')
2.1	205	},
	206	'mustMatch' : {
	207	'name' : 'register_password',
	208	'failureMessage' : $msg.get('xe.admin.registration.passwordMismatch')
	209	},
	210	'regex' : {
	211	'pattern' : '/.{6,}/',
	212	'failureMessage' : $msg.get('xe.admin.registration.passwordTooShort')
	213	}
	214	}
	215	})
	216	#set($discard = $fields.add($field))
	217	##
	218	## The email address field, regex checked with an email pattern.
	219	#set($field =
	220	{'name' : 'register_email',
	221	'label' : $msg.get('core.register.email'),
	222	'params' : {
	223	'type' : 'text',
16.1	224	'size' : '60'
2.1	225	},
	226	'validate' : {
	227	'regex' : {
	228	'pattern' : '/^([^@\s]+)@((?:[-a-zA-Z0-9]+\.)+[a-zA-Z]{2,})$/',
	229	'failureMessage' : $msg.get('xe.admin.registration.invalidEmail')
	230	}
	231	}
	232	})
	233	#set($discard = $fields.add($field))
	234	##
	235	#* ## Uncomment this code to see an example of how you can easily add a field to the registration page
	236	## Note: The user's favorite color is not saved anywhere, see above for information on how to save it.
	237	#set($field =
	238	{'name' : 'favorite_color',
	239	'label' : 'What is your favorite color',
	240	'params' : {
	241	'type' : 'text',
16.1	242	'size' : '60'
2.1	243	},
	244	'validate' : {
	245	'mandatory' : {
16.1	246	'failureMessage' : $msg.get('core.validation.required.message')
2.1	247	},
	248	'regex' : {
	249	'pattern' : '/^green$/i',
	250	'failureMessage' : 'You are not cool enough to register here.'
	251	},
	252	'fieldOkayMessage' : 'You are awesome.'
	253	},
	254	'doAfterRegistration' : '#saveFavoriteColor()'
	255	})
	256	#set($discard = $fields.add($field))
	257	## Save the user's favorite color on their user page.
	258	#macro(saveFavoriteColor)
	259	#set($xwikiname = $request.get('xwikiname'))
	260	#set($userDoc = $xwiki.getDocument("$userSpace$xwikiname"))
	261	$userDoc.setContent("$userDoc.getContent() ${xwikiname}'s favorite color is $request.get('favorite_color')!")
	262	## The user (who is not yet logged in) can't save documents so saveWithProgrammingRights
	263	## will save the document as long as the user who last saved this registration page has programming rights.
	264	$userDoc.saveWithProgrammingRights("Saved favorite color from registration form.")
	265	#end
	266	## *###
	267	## To disable the captcha on this page, comment out the next two entries.
	268	## The captcha image, not an input field but still defined the same way.
	269	#if($captchaservice
16.1	270	&& !$invited
2.1	271	&& $xcontext.getUser() == "XWiki.XWikiGuest"
16.1	272	&& $requireCaptcha)
2.1	273	## Empty label field used for padding.
	274	## Empty 'name' field overriddes name="captcha_image" with "" so name is not specified at all.
	275	#set($field =
	276	{'name' : 'captcha_image',
16.1	277	'label' : "<span class='hidden'>$msg.get('core.captcha.image.label')</span>",
2.1	278	'tag' : 'img',
	279	'params' : {
	280	'src' : $doc.getURL('imagecaptcha'),
	281	'alt' : $msg.get('core.captcha.image.alternateText', [$msg.get('core.register.submit')]),
	282	'name' : ''
	283	}
	284	})
	285	#set($discard = $fields.add($field))
	286	## The captcha field, mandatory, programmatically checked to make sure the captcha is right
	287	## Not checked by javascript because javascript can't check the captcha and the Ok message because it passes the
	288	## mandatory test is misleading.
	289	## and not filled back in if there is an error ('noReturn')
	290	#set($field =
	291	{'name' : 'captcha_answer',
	292	'label' : $msg.get('core.captcha.image.instruction'),
	293	'params' : {
	294	'type' : 'text',
16.1	295	'size' : '60'
2.1	296	},
	297	'validate' : {
	298	'mandatory' : {
	299	'failureMessage' : $msg.get('core.captcha.captchaAnswerIsWrong'),
	300	'noscript' : true
	301	},
	302	'programmaticValidation' : {
	303	'code' : '#checkCaptcha($request, $request.get("captcha_answer"))',
	304	'failureMessage' : $msg.get('core.captcha.captchaAnswerIsWrong')
	305	}
	306	},
	307	'noReturn' : true
	308	})
	309	#set($discard = $fields.add($field))
	310	#end
	311	##
	312	## Checks the captcha answer; used by programmaticValidation above.
	313	#macro(checkCaptcha, $request, $answer)
	314	#set($cv = $captchaservice.getCaptchaVerifier('image'))
	315	#if(!$cv.isAnswerCorrect($cv.getUserId($request), $answer))
	316	failed
	317	#end
	318	#end
	319	##
	320	## Pass the name of the template to $xwiki.createUser so any contained information will be passed in.
	321	#set($field =
	322	{'name' : 'template',
	323	'params' : {
	324	'type' : 'hidden',
	325	'value' : 'XWiki.XWikiUserTemplate'
	326	}
	327	})
	328	#set($discard = $fields.add($field))
	329	##
	330	## Pass the redirect parameter on so that the login page may redirect to the right place.
	331	## Not necessary in Firefox 3.0.10 or Opera 9.64, I don't know about IE or Safari.
	332	#set($field =
	333	{'name' : $redirectParam,
	334	'params' : {
	335	'type' : 'hidden'
	336	}
	337	})
	338	#set($discard = $fields.add($field))
	339	##
	340	#######################################################################
	341	## The Code.
	342	#######################################################################
	343	##
	344	#if($useLiveValidation)
	345	$xwiki.get('jsfx').use('uicomponents/widgets/validation/livevalidation_prototype.js')
16.1	346	$xwiki.get('ssfx').use('uicomponents/widgets/validation/livevalidation.css')
2.1	347	#end
	348	## This application's HTML is dynamically generated and editing in WYSIWYG would not work
16.1	349	#if($xcontext.getAction() == 'edit')
2.1	350	$response.sendRedirect("$xwiki.getURL($doc.getFullName(), 'edit')?editor=wiki")
	351	#end
	352	##
16.1	353	## If this document has PR and is not included from another document then it's author should be set to Guest
	354	## for the duration of it's execution in order to improve security.
	355	## Note we compare document ids because
	356	#if($sandbox
	357	&& $xcontext.hasProgrammingRights()
	358	&& $xcontext.getDoc().getDocumentReference().equals($xwiki.getDocument($documentName).getDocumentReference()))
	359	##
	360	$xcontext.dropPermissions()##
	361	#end
	362	##
2.1	363	## Access level to register must be explicitly checked because it is only checked in XWiki.prepareDocuments
	364	## and this page is accessible through view action.
16.1	365	#if(!$xcontext.hasAccessLevel('register', 'XWiki.XWikiPreferences'))
	366	## Make an exception if another document with programming permission (Invitation app) has included this
	367	## document and set $invited to true.
	368	#if(!$invited \|\| !$xcontext.hasProgrammingRights())
	369	$response.sendRedirect("$xwiki.getURL($doc.getFullName(), 'login')")
	370	#end
2.1	371	#end
	372	## If this is true, then assume the registration page is being viewed inside of a lightbox
	373	#if($request.get('xpage'))
	374	#set($assumeLightbox = true)
	375	#end
	376	##
	377	## Display the heading
	378	$heading
	379	## If the submit button has been pressed, then we test the input and maybe create the user.
	380	#if($request.getParameter('xwikiname'))
	381	## Do server side validation of input fields.
	382	#set($discard = "#validateFields($fields, $request)")
	383	## If server side validation was successfull, create the user
	384	#if(!$registrationFailed)
16.1	385	#createUser($fields, $request, $response, $doAfterRegistration)
2.1	386	#end
	387	#end
	388	## If the registration was not successful or if the user hasn't submitted the info yet
	389	## Then we display the registration form.
	390	#if(!$registrationDone)
	391	$welcomeMessage
16.1	392
2.1	393	{{html clean=false wiki=false}}
16.1	394	<form id="register" action="" method="post" class="xform half">
2.1	395	<div>
16.1	396	<input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" />
19.1	397	#set ($userDirectoryReference = $services.model.createDocumentReference('', 'Main', 'UserDirectory'))
	398	#if ($xwiki.exists($userDirectoryReference))
	399	<input type="hidden" name="parent" value="$!{services.model.serialize($userDirectoryReference, 'default')}" />
	400	#end
2.1	401	#generateHtml($fields, $fieldMandatoryStar, $failureMessageParams)
	402	<div class="wikimodel-emptyline"></div>
	403	<span class="buttonwrapper">
	404	#if($assumeLightbox)
	405	## LightBox detected...
	406	<script type="text/javascript">
	407	## Make the X button not reload the page. (overriding LbClose)
	408	window.lb.lbClose = function() {
	409	this.lbHide();
	410	this.lbClearData();
	411	##return false;
	412	}
	413	## Post the form entry to the page and load the result. (we override lbSaveForm)
	414	window.lb.lbSaveForm = function() {
	415	var formParams = Form.serialize(this.form);
	416	Form.disable(this.form);
	417	var ajaxRequest = new Ajax.Request(this.saveUrl, {
	418	parameters: formParams,
	419	asynchronous: false
	420	});
	421	window.lb.lbFormDataLoaded(ajaxRequest.transport);
	422	}
	423	</script>
	424	## It doesn't really matter where these are, the scripts will be relocated to the head.
	425	<!-- com.xpn.xwiki.plugin.skinx.CssSkinFileExtensionPlugin -->
	426	<!-- com.xpn.xwiki.plugin.skinx.JsSkinFileExtensionPlugin -->
	427	##
	428	<input class="button" type="submit" value="$msg.get('save')" onclick="window.lb.lbSaveForm();"/>
	429	</span>#* End ButtonWrapper then start another...*#<span class="buttonwrapper">
16.1	430	<input class="button secondary" type="submit" value="$msg.get("cancel")" onclick="Form.disable(window.lb.form); window.lb.lbClose();"/>
2.1	431	#else
	432	## Not using the LightBox
	433	<input type="submit" value="$msg.get('core.register.submit')" class="button"/>
	434	#end
	435	</span>## ButtonWrapper
	436	</div>
	437	</form>
	438	#if($useLiveValidation)
	439	#generateJavascript($fields)
	440	#end
	441	{{/html}}
16.1	442
2.1	443	##
	444	## Allow permitted users to configure this application.
16.1	445	#if($xcontext.getUser() != 'XWiki.XWikiGuest' && $xcontext.hasAccessLevel("edit", $documentName))
	446	[[$msg.get('xe.admin.registration.youCanConfigureRegistrationHere')>>XWiki.XWikiPreferences?section=Registration&editor=globaladmin#HCustomizeXWikiRegistration]]
	447	{{html}}<a href="$xwiki.getURL($documentName, 'edit', 'editor=wiki')">$msg.get('xe.admin.registration.youCanConfigureRegistrationFieldsHere')</a>{{/html}}
2.1	448	#end
	449	## If the registration is done (successful) and we detect the Lightbox simply send the user back to the original page.
	450	#elseif($assumeLightbox)
	451	{{html clean=false wiki=false}}
	452	<script type="text/javascript">
	453	var url = window.lb.redirectUrl;
	454	window.lb.lbClose;
	455	if (url != undefined) {
	456	if(window.location.pathname + window.location.search == url) {
	457	## Under certain circumstances (bug) Opera will not load a page if the location is the same as the current page.
	458	## In these cases, location.reload() doesn't work either, the only solution (I could find) was to change the URL.
	459	window.location.href = url + "&";
	460	} else {
	461	window.location.href = url;
	462	}
	463	}
	464	</script>
	465	{{/html}}
	466	#end
	467	##
	468	####### The Macros (nothing below this point is run directly) #########
	469	#*
	470	* Server side validation, this is necessary for security and because not everyone has Javascript
	471	*
	472	* @param $fields The array of fields to validate.
	473	* @param $request An XWikiRequest object which made the register request, used to get parameters.
	474	*###
	475	#macro(validateFields, $fields, $request)
	476	#foreach($field in $fields)
	477	#if($field.get('validate') && $field.get('name'))
	478	#set($fieldName = $field.get('name'))
	479	#set($validate = $field.get('validate'))
	480	#set($error = '')
	481	#set($value = $request.get($fieldName))
	482	#if($value && $value != '')
	483	##
	484	## mustMatch validation
	485	#if($error == '' && $validate.get('mustMatch'))
	486	#set($mustMatch = $validate.get('mustMatch'))
	487	#if($mustMatch.get('name') && $mustMatch.get('failureMessage'))
	488	#if($request.get($fieldName) != $request.get($mustMatch.get('name')))
	489	#set($error = $mustMatch.get('failureMessage'))
	490	#end
	491	#else
	492	ERROR: In field: ${fieldName}: mustMatch validation required both name
	493	(of field which this field must match) and failureMessage.
	494	#end
	495	#end
	496	##
	497	## Regex validation
	498	## We won't bother with regex validation if there is no entry, that would defeat the purpose of 'mandatory'
	499	#if($error == '' && $validate.get('regex') && $value && $value != '')
	500	#set($regex = $validate.get('regex'))
	501	#if($regex.get('pattern') && $regex.get('failureMessage'))
16.1	502	## Make Java regexes more compatible with Perl/js style regexes by removing leading and trailing /
	503	#if($regex.get('pattern').length() > 1)
	504	#set($pattern = $regex.get('pattern').substring(1, $mathtool.add($regex.get('pattern').length(), -1)))
	505	#else
	506	## I don't expect this but want to maintain compatibility.
	507	#set($pattern = $regex.get('pattern'))
	508	#end
	509	#if($regextool.find($value, $pattern).isEmpty())
2.1	510	#set($error = $regex.get('failureMessage'))
	511	#end
	512	#elseif($regex.get('pattern'))
	513	ERROR: In field: ${fieldName}: regex validation must include failureMessage.
	514	#end
	515	#end
	516	##
	517	## If regex and mustMatch validation passed, try programmatic validation
	518	#if($error == '' && $validate.get('programmaticValidation'))
	519	#set($pv = $validate.get('programmaticValidation'))
	520	#if($pv.get('code') && $pv.get('failureMessage'))
	521	#set($pvReturn = "#evaluate($pv.get('code'))")
	522	#if($pvReturn.indexOf('failed') != -1)
	523	#set($error = $pv.get('failureMessage'))
	524	#end
	525	#else
	526	ERROR: In field: ${fieldName}: programmaticValidation requires code and failureMessage
	527	#end
	528	#end
	529	#else
	530	##
	531	## If no content, check if content is mandatory
	532	#if($validate.get('mandatory'))
	533	#set($mandatory = $validate.get('mandatory'))
	534	#if($mandatory.get('failureMessage'))
	535	#set($error = $mandatory.get('failureMessage'))
	536	#else
	537	ERROR: In field: ${fieldName}: mandatory validation requires a failureMessage
	538	#end
	539	#end
	540	#end
	541	#if($error != '')
	542	#set($discard = $field.put('error', $error))
	543	#set($registrationFailed = true)
	544	#end
	545	#elseif(!$field.get('name'))
	546	ERROR: Field with no name.
	547	#end##if(validate)
	548	#end##loop
	549	#end##macro
	550	#*
	551	* Create the user.
	552	* Calls $xwiki.createUser to create a new user.
	553	*
	554	* @param $request An XWikiRequest object which made the register request.
	555	* @param $response The XWikiResponse object to send any redirects to.
16.1	556	* @param $doAfterRegistration code block to run after registration completes successfully.
2.1	557	*###
16.1	558	#macro(createUser, $fields, $request, $response, $doAfterRegistration)
	559	## CSRF check
	560	#if(${services.csrf.isTokenValid("$!{request.getParameter('form_token')}")})
	561	## See if email verification is required and register the user.
	562	#if($xwiki.getXWikiPreferenceAsInt('use_email_verification', 0) == 1)
	563	#set($reg = $xwiki.createUser(true))
	564	#else
	565	#set($reg = $xwiki.createUser(false))
	566	#end
2.1	567	#else
16.1	568	$response.sendRedirect("$!{services.csrf.getResubmissionURL()}")
2.1	569	#end
	570	##
	571	## Handle output from the registration.
1.1	572	#if($reg && $reg <= 0)
2.1	573	{{error}}
1.1	574	#if($reg == -2)
2.1	575	$msg.get('core.register.passwordMismatch')
	576	## -3 means username taken, -8 means username is superadmin name
	577	#elseif($reg == -3 \|\| $reg == -8)
	578	$msg.get('core.register.userAlreadyExists')
1.1	579	#elseif($reg == -4)
2.1	580	$msg.get('core.register.invalidUsername')
1.1	581	#else
2.1	582	$msg.get('core.register.registerFailed', [$reg])
1.1	583	#end
2.1	584	{{/error}}
1.1	585	#elseif($reg)
2.1	586	## Registration was successful
	587	#set($registrationDone = true)
	588	##
	589	## If there is any thing to "doAfterRegistration" then do it.
	590	#foreach($field in $fields)
	591	#if($field.get('doAfterRegistration'))
	592	#evaluate($field.get('doAfterRegistration'))
	593	#end
	594	#end
16.1	595	## If there is a "global" doAfterRegistration, do that as well.
	596	#if($doAfterRegistration)
	597	#set($discard = $doAfterRegistration.toString())
	598	#end
2.1	599	## Define some strings which may be used by autoLogin or loginButton
	600	#set($userName = $!request.get('xwikiname'))
	601	#set($password = $!request.get('register_password'))
	602	#set($loginURL = $xwiki.getURL($loginPage, $loginAction))
16.1	603	#if("$!request.getParameter($redirectParam)" != '')
2.1	604	#set($redirect = $request.getParameter($redirectParam))
	605	#else
	606	#set($redirect = $defaultRedirect)
	607	#end
	608	## Display a "registration successful" message
16.1	609
	610	#evaluate($registrationSuccessMessage)
	611
	612	## Empty line prevents message from being forced into a <p> block.
	613
2.1	614	## Give the user a login button which posts their username and password to loginsubmit
	615	#if($loginButton)
16.1	616
2.1	617	{{html clean=false wiki=false}}
	618	<form id="loginForm" action="$loginURL" method="post">
17.1	619	<div class="centered">
16.1	620	<input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" />
	621	<input id="j_username" name="j_username" type="hidden" value="$escapetool.xml($!userName)" />
	622	<input id="j_password" name="j_password" type="hidden" value="$escapetool.xml($!password)" />
	623	<input id="$redirectParam" name="$redirectParam" type="hidden" value="$escapetool.xml($redirect)" />
17.1	624	<span class="buttonwrapper">
2.1	625	<input type="submit" value="$msg.get('login')" class="button"/>
	626	</span>
	627	</div>
	628	</form>
	629	## We don't want autoLogin if we are administrators adding users...
	630	#if($autoLogin && !$assumeLightbox)
	631	<script type='text/javascript'>
	632	document.observe('dom:loaded', function() {
	633	document.forms['loginForm'].submit();
	634	});
	635	</script>
	636	#end
	637	{{/html}}
16.1	638
2.1	639	#end
1.1	640	#end
2.1	641	##
	642	#end## createUser Macro
	643	#*
	644	* Generate HTML form, this is the only place where HTML is written.
	645	*
	646	* @param $fields The array of fields to use for generating html code.
	647	* @param $fieldMandatoryStar The tag parameters for a * indicating a mandatory field.
	648	* @param $failureMessageParams The tag parameters for a failure message.
	649	*###
	650	#macro(generateHtml, $fields, $fieldMandatoryStar, $failureMessageParams)
16.1	651	## Put the same values back into the fields.
	652	#getParams($fields)
	653	##
	654	<dl>
	655	#foreach($field in $fields)
	656	#if($field.get('name'))
	657	#set($fieldName = $field.get('name'))
	658	#if($field.get('label'))
	659	#set($label = $field.get('label'))
	660	<dt><label for="$fieldName">$label
	661	#if($field.get('validate').get('mandatory'))
	662	<span ##
	663	#foreach($entry in $fieldMandatoryStar.entrySet())
	664	$entry.getKey()="$entry.getValue()" ##
2.1	665	#end
16.1	666	>$msg.get('core.validation.required')</span>
1.1	667	#end
16.1	668	</label>
	669	</dt>
	670	#end
	671	## If no tag then default tag is <input>
	672	#if($field.get('tag'))
	673	#set($tag = $field.get('tag'))
	674	#else
	675	#set($tag = 'input')
	676	#end
	677	<dd><$tag id="$fieldName" ##
	678	#set($params = $field.get('params'))
	679	## If no name parameter is spacified, then we use the field name
	680	#if(!$params.get('name'))
	681	#set($discard = $params.put('name', $fieldName))
	682	#end
	683	#foreach($entry in $params.entrySet())
	684	## If a parameter is specified as '' then we don't include it.
	685	#if($entry.getValue() != '')
	686	$entry.getKey()="$escapetool.xml($entry.getValue())" ##
1.1	687	#end
16.1	688	#end
	689	></$tag>
	690	#if($field.get('error'))
	691	<span ##
	692	#foreach($entry in $failureMessageParams.entrySet())
	693	$entry.getKey()="$entry.getValue()" ##
2.1	694	#end
16.1	695	>$field.get('error')</span>
	696	#end
	697	</dd>
	698	#else
	699	ERROR: Field with no name.
	700	#end##if fieldName exists
1.1	701	#end
16.1	702	</dl>
2.1	703	#end
	704	#*
	705	* Generate the Javascript for interacting with LiveValidation.
	706	*
	707	* @param $fields The array of fields which to validate.
	708	*###
	709	#macro(generateJavascript, $fields)
	710	<script type='text/javascript'>
	711	/* <![CDATA[ */
	712	document.observe('dom:loaded', function() {
	713	##
	714	#foreach($field in $fields)
	715	#if($field.get('validate') && $field.get('name'))
	716	#set($validate = $field.get('validate'))
	717	#if(($validate.get('mandatory') && !$validate.get('mandatory').get('noscript'))
	718	\|\| ($validate.get('regex') && !$validate.get('regex').get('noscript'))
	719	\|\| ($validate.get('mustMatch') && !$validate.get('mustMatch').get('noscript')))
	720	#set($fieldName = $field.get('name'))
	721	#if($validate.get('fieldOkayMessage'))
	722	#set($okayMessage = $validate.get('fieldOkayMessage'))
	723	#else
	724	#set($okayMessage = $defaultFieldOkayMessage)
	725	#end
	726	var ${fieldName}Validator = new LiveValidation("$fieldName", { validMessage: "$okayMessage", wait: 500} );
	727	##
	728	#if($validate.get('mandatory'))
	729	#set($mandatory = $validate.get('mandatory'))
	730	#if($mandatory.get('failureMessage') && !$mandatory.get('noscript'))
	731	${fieldName}Validator.add( Validate.Presence, { failureMessage: "$!mandatory.get('failureMessage')"} );
	732	#end
	733	#end
	734	##
	735	#if($validate.get('mustMatch'))
	736	#set($mustMatch = $validate.get('mustMatch'))
	737	#if($mustMatch.get('name') && $mustMatch.get('failureMessage') && !$mustMatch.get('noscript'))
	738	${fieldName}Validator.add( Validate.Confirmation, { match: $$("input[name=$!mustMatch.get('name')]")[0], failureMessage: "$!mustMatch.get('failureMessage')"} );
	739	#end
	740	#end
	741	##
	742	#if($validate.get('regex'))
	743	#set($regex = $validate.get('regex'))
	744	#set($pattern = "")
	745	#if($regex.get('jsPattern'))
	746	#set($pattern = $regex.get('jsPattern'))
	747	#elseif($regex.get('pattern'))
	748	#set($pattern = $regex.get('pattern'))
	749	#end
	750	#set($failMessage = "")
	751	#if($regex.get('jsFailureMessage'))
	752	#set($failMessage = $regex.get('jsFailureMessage'))
	753	#elseif($regex.get('failureMessage'))
	754	#set($failMessage = $regex.get('failureMessage'))
	755	#end
	756	#if($pattern != '' && $failMessage != '' && !$regex.get('noscript'))
	757	${fieldName}Validator.add( Validate.Format, { pattern: $pattern, failureMessage: "$failMessage"} );
	758	#end
	759	#end##if regex
	760	#end##if contains js validateable fields.
	761	#end##if validate
	762	#end##loop
	763	});// ]]>
	764	</script>
	765	#end##macro
	766	#*
	767	* Get parameters from request so that values will be filled in if there is a mistake
	768	* in one of the entries. Entries will be returned to fields[n].params.value
	769	* Fields will not be returned if they have either noReturn or error specified.
	770	*
	771	* @param $fields The array of fields to get parameters for.
	772	*###
	773	#macro(getParams $fields)
	774	#foreach($field in $fields)
	775	#if($field.get('name') && $request.get($field.get('name')))
	776	#if(!$field.get('noReturn') && !$field.get('error'))
	777	#if(!$field.get('params'))
	778	#set($params = {})
	779	#set($discard = $field.put('params', $params))
	780	#else
	781	#set($params = $field.get('params'))
	782	#end
	783	#set($discard = $params.put('value', $request.get($field.get('name'))))
	784	#end
	785	#end
	786	#end
	787	#end
16.1	788	#*
	789	* Get the configuration from the configuration object.
	790	*
	791	* @param $configDocumentName The name of the document to get the configuration from.
	792	*###
	793	#macro(loadConfig, $configDocumentName)
	794	#set($configDocument = $xwiki.getDocument($configDocumentName))
	795	#if(!$configDocument \|\| !$configDocument.getObject($documentName))
	796	## No config document, load defaults.
	797	#set($heading = "$msg.get('core.register.title')")
	798	#set($welcomeMessage = "$msg.get('core.register.welcome')")
	799	#set($useLiveValidation = true)
	800	#set($defaultFieldOkayMessage = "$msg.get('core.validation.valid.message')")
	801	#set($loginButton = true)
	802	#set($defaultRedirect = "$xwiki.getURL('Main.WebHome')")
	803	#set($userFullName = "$request.get('register_first_name') $request.get('register_last_name')")
	804	#set($registrationSuccessMessage = '{{info}}$msg.get("core.register.successful", ["[[${userFullName}>>${userSpace}${userName}]]", ${userName}]){{/info}}')
	805	#else
	806	#set($configObject = $configDocument.getObject($documentName))
	807	#if ($context.action == 'register')
	808	#set ($heading = "(% id='document-title'%)((( = #evaluate($configObject.getProperty('heading').getValue()) = )))(%%)")
	809	#else
	810	#set ($heading = "= #evaluate($configObject.getProperty('heading').getValue()) =")
	811	#end
	812	#set($welcomeMessage = "#evaluate($configObject.getProperty('welcomeMessage').getValue())")
	813	#if($configObject.getProperty('liveValidation_enabled').getValue() == 1)
	814	#set($useLiveValidation = true)
	815	#end
	816	#set($defaultFieldOkayMessage = "#evaluate($configObject.getProperty('liveValidation_defaultFieldOkMessage').getValue())")
	817	#if($configObject.getProperty('loginButton_enabled').getValue() == 1)
	818	#set($loginButton = true)
	819	#end
	820	#if($configObject.getProperty('loginButton_autoLogin_enabled').getValue() == 1)
	821	#set($autoLogin = true)
	822	#end
	823	#set($defaultRedirect = "#evaluate($configObject.getProperty('defaultRedirect').getValue())")
	824	#set($registrationSuccessMessage = "$configObject.getProperty('registrationSuccessMessage').getValue()")
	825	#if($configObject.getProperty('requireCaptcha').getValue() == 1)
	826	#set($requireCaptcha = true)
	827	#end
	828	#end
	829	#end
2.1	830	{{/velocity}}

Wiki source code of Registration

Quick Links

Let us know

About

About

Support

Platform

User Guide

Admin Guide

Developer Guide

Projects

XWiki

Extensions

Other

Contribute

Status

Practices

Under the Hood

Get Involved

Get Connected