Wiki source code of Registration

Version 5.1 by John Stroy on 2012/11/04 03:41
Show last authors
1 {{velocity}}
2 ## These are defined in other places around XWiki, changing them here will result in undefined behavior.
3 #set($redirectParam = 'xredirect')
4 #set($userSpace = 'XWiki.')
5 #set($loginPage = 'XWiki.XWikiLogin')
6 #set($loginAction = 'loginsubmit')
7 ##
8 #set($documentName = 'XWiki.Registration')
9 ##
10 ## Security measure:
11 ## If this document is changed such that it must have programming permission in order to run, change this to false.
12 #set($sandbox = true)
13 ##
14 ## Load the configuration from a seperate document.
15 #loadConfig('XWiki.RegistrationConfig')
16 ##
17 ## Defines what server generated error messages should look like
18 ## The error message when a field is entered incorrectly
19 #set($failureMessageParams = { 'class' : 'LV_validation_message LV_invalid'})
20 ## 'LV_validation_message LV_invalid' depends on this:
21 $xwiki.get('ssfx').use('uicomponents/widgets/validation/livevalidation.css')
22 ##
23 ## The * next to the fields to denote they are mandatory.
24 #set($fieldMandatoryStar = { 'class' : 'xRequired'})
25 ##
26 #*
27 * You may include this document in other documents using {{include document="XWiki.Registration"/}}
28 * To specify that the user is invited and should be allowed to register even if Guest does not have permission to
29 * register, set $invited to true. NOTE: The including script must have programming permission to do this.
30 *
31 * To specify some code which should run after registration is successfully completed, set
32 * $doAfterRegistration to a define block of velocity code like so:
33 * #define($doAfterRegistration)
34 * some code
35 * #end
36 * Output from running this code will not be printed.
37 *
38 * The fields which will be seen on the registration page are defined here.
39 * $fields is an array and each field is a Map. The names shown below are Map keys.
40 *
41 * Each field must have:
42 * name - this is the name of the field, it will be the value for "name" and "id"
43 *
44 * Each field may have:
45 * label - this String will be written above the field.
46 *
47 * tag - the HTML tag which will be created, default is <input>, may also be a non form tag such as <img>
48 *
49 * params - a Map, each key value pair will be in the html tag. eg: {"size" : "30"} becomes <input size=30...
50 *
51 * validate a Map describing how to validate the field, validation is done in javascript then redone in velocity
52 * | for security and because not everyone has javascript.
53 * |
54 * +-mandatory (Optional) - Will fail if the field is not filled in.
55 * | +-failureMessage (Required) - The message to display if the field is not filled in.
56 * | +-noscript (Optional) - will not be checked by javascript
57 * |
58 * +-regex (Optional) - Will validate the field using a regular expression.
59 * | | because of character escaping, you must provide a different expression for the
60 * | | javascript validation and the server side validation. Both javascript and server side
61 * | | validation are optional, but if you provide neither, then your field will not be validated.
62 * | |
63 * | +-failureMessage (Optional) - The message to display if the regex evaluation returns false.
64 * | +-jsFailureMessage (Optional) - The message for Javascript to display if regex fails.
65 * | | If jsFailureMessage is not defined Javascript uses failureMessage.
66 * | | NOTE: Javascript injects the failure message using createTextNode so &lt; will
67 * | | be displayed as &lt;
68 * | |
69 * | +-pattern (Optional) - The regular expression to test the input at the server side, it's important to use
70 * | | this if you need to validate the field for security reasons, also it is good because not
71 * | | all browsers use javascript or have it enabled.
72 * | |
73 * | +-jsPattern (Optional) - The regular expression to use for client side, you can use escaped characters to avoid
74 * | | them being parsed as HTML or javascript. To get javascript to unescape characters use:
75 * | | {"jsPattern" : "'+unescape('%5E%5B%24')+'"}
76 * | | NOTE: If no jsPattern is specified, the jsValidator will try to validate
77 * | | using the server pattern.
78 * | |
79 * | +-noscript (Optional) - will not be checked by javascript
80 * |
81 * +-mustMatch (Optional) - Will fail if the entry into the field is not the same as the entry in another field.
82 * | | Good for password confirmation.
83 * | |
84 * | +-failureMessage (Required) - The message to display if the field doesn't match the named field.
85 * | +-name (Required) - The name of the field which this field must match.
86 * | +-noscript (Optional) - will not be checked by javascript
87 * |
88 * +-programmaticValidation (Optional) - This form of validation executes a piece of code which you give it and
89 * | | if the code returns the word "failed" then it gives the error message.
90 * | | Remember to put the code in singel quotes ('') because you want the value
91 * | | of 'code' to equal the literal code, not the output from running it.
92 * | |
93 * | +-code (Required) - The code which will be executed to test whether the field is filled in correctly.
94 * | +-failureMessage (Required) - The message which will be displayed if evaluating the code returns "false"
95 * |
96 * +-fieldOkayMessage (Optional) - The message which is displayed by LiveValidation when a field is validated as okay.
97 * If not specified, will be $defaultFieldOkayMessage
98 *
99 * noReturn - If this is specified, the field will not be filled in if there is an error and the user has to fix their
100 * registration information. If you don't want a password to be passed back in html then set this true
101 * for the password fields. Used for the captcha because it makes no sense to pass back a captcha answer.
102 *
103 * doAfterRegistration - Some Velocity code which will be executed after a successfull registration.
104 * This is used in the favorite color example.
105 * Remember to put the code in singel quotes ('') because you want the 'code' entry to equal the literal
106 * code, not the output from running it.
107 *
108 * Each field may not have: (reserved names)
109 * error - This is used to pass back any error message from the server side code.
110 *
111 * NOTE: This template uses a registration method which requires:
112 * * register_first_name
113 * * register_last_name
114 * * xwikiname
115 * * register_password
116 * * register2_password
117 * * register_email
118 * * template
119 * Removing or renaming any of these fields will result in undefined behavior.
120 *
121 *###
122 #set($fields = [])
123 ##
124 ## The first name field, no checking.
125 #set($field =
126 {'name' : 'register_first_name',
127 'label' : $msg.get('core.register.firstName'),
128 'params' : {
129 'type' : 'text',
130 'size' : '60'
131 }
132 })
133 #set($discard = $fields.add($field))
134 ##
135 ## The last name field, no checking.
136 #set($field =
137 {'name' : 'register_last_name',
138 'label' : $msg.get('core.register.lastName'),
139 'params' : {
140 'type' : 'text',
141 'size' : '60'
142 }
143 })
144 #set($discard = $fields.add($field))
145 ##
146 ## The user name field, mandatory and programmatically checked to make sure the username doesn't exist.
147 #set($field =
148 {'name' : 'xwikiname',
149 'label' : $msg.get('core.register.username'),
150 'params' : {
151 'type' : 'text',
152 'onfocus' : 'prepareName(document.forms.register);',
153 'size' : '60'
154 },
155 'validate' : {
156 'mandatory' : {
157 'failureMessage' : $msg.get('core.validation.required.message')
158 },
159 'programmaticValidation' : {
160 'code' : '#nameAvailable($request.get("xwikiname"))',
161 'failureMessage' : $msg.get('core.register.userAlreadyExists')
162 }
163 }
164 })
165 #set($discard = $fields.add($field))
166 ## Make sure the chosen user name is not already taken
167 ## This macro is called by programmaticValidation for xwikiname (above)
168 #macro(nameAvailable, $name)
169 #if($xwiki.exists("$userSpace$name"))
170 failed
171 #end
172 #end
173 ##
174 ##The password field, mandatory and must be at least 6 characters long.
175 #set($field =
176 {'name' : 'register_password',
177 'label' : $msg.get('core.register.password'),
178 'params' : {
179 'type' : 'password',
180 'size' : '60'
181 },
182 'validate' : {
183 'mandatory' : {
184 'failureMessage' : $msg.get('core.validation.required.message')
185 },
186 'regex' : {
187 'pattern' : '/.{6,}/',
188 'failureMessage' : $msg.get('xe.admin.registration.passwordTooShort')
189 }
190 }
191 })
192 #set($discard = $fields.add($field))
193 ##
194 ##The confirm password field, mandatory, must match password field, and must also be 6+ characters long.
195 #set($field =
196 {'name' : 'register2_password',
197 'label' : $msg.get('core.register.passwordRepeat'),
198 'params' : {
199 'type' : 'password',
200 'size' : '60'
201 },
202 'validate' : {
203 'mandatory' : {
204 'failureMessage' : $msg.get('core.validation.required.message')
205 },
206 'mustMatch' : {
207 'name' : 'register_password',
208 'failureMessage' : $msg.get('xe.admin.registration.passwordMismatch')
209 },
210 'regex' : {
211 'pattern' : '/.{6,}/',
212 'failureMessage' : $msg.get('xe.admin.registration.passwordTooShort')
213 }
214 }
215 })
216 #set($discard = $fields.add($field))
217 ##
218 ## The email address field, regex checked with an email pattern.
219 #set($field =
220 {'name' : 'register_email',
221 'label' : $msg.get('core.register.email'),
222 'params' : {
223 'type' : 'text',
224 'size' : '60'
225 },
226 'validate' : {
227 'regex' : {
228 'pattern' : '/^([^@\s]+)@((?:[-a-zA-Z0-9]+\.)+[a-zA-Z]{2,})$/',
229 'failureMessage' : $msg.get('xe.admin.registration.invalidEmail')
230 }
231 }
232 })
233 #set($discard = $fields.add($field))
234 ##
235 #* ## Uncomment this code to see an example of how you can easily add a field to the registration page
236 ## Note: The user's favorite color is not saved anywhere, see above for information on how to save it.
237 #set($field =
238 {'name' : 'favorite_color',
239 'label' : 'What is your favorite color',
240 'params' : {
241 'type' : 'text',
242 'size' : '60'
243 },
244 'validate' : {
245 'mandatory' : {
246 'failureMessage' : $msg.get('core.validation.required.message')
247 },
248 'regex' : {
249 'pattern' : '/^green$/i',
250 'failureMessage' : 'You are not cool enough to register here.'
251 },
252 'fieldOkayMessage' : 'You are awesome.'
253 },
254 'doAfterRegistration' : '#saveFavoriteColor()'
255 })
256 #set($discard = $fields.add($field))
257 ## Save the user's favorite color on their user page.
258 #macro(saveFavoriteColor)
259 #set($xwikiname = $request.get('xwikiname'))
260 #set($userDoc = $xwiki.getDocument("$userSpace$xwikiname"))
261 $userDoc.setContent("$userDoc.getContent() ${xwikiname}'s favorite color is $request.get('favorite_color')!")
262 ## The user (who is not yet logged in) can't save documents so saveWithProgrammingRights
263 ## will save the document as long as the user who last saved this registration page has programming rights.
264 $userDoc.saveWithProgrammingRights("Saved favorite color from registration form.")
265 #end
266 ## *###
267
268 ## Are you a spammer?
269 #set($field =
270 {'name' : 'vernis_barmaid_name',
271 'label' : 'What is the name of the barmaid of Vernis?',
272 'params' : {
273 'type' : 'text',
274 'size' : '60'
275 },
276 'validate' : {
277 'mandatory' : {
278 'failureMessage' : $msg.get('core.validation.required.message')
279 },
280 'regex' : {
281 'pattern' : '/^shena$/i',
282 'failureMessage' : 'That is incorrect. Please try again.'
283 }
284 }
285 })
286 #set($discard = $fields.add($field))
287
288
289 ##
290 ## To disable the captcha on this page, comment out the next two entries.
291 ## The captcha image, not an input field but still defined the same way.
292 #if($captchaservice
293 && !$invited
294 && $xcontext.getUser() == "XWiki.XWikiGuest"
295 && $requireCaptcha)
296 ## Empty label field used for padding.
297 ## Empty 'name' field overriddes name="captcha_image" with "" so name is not specified at all.
298 #set($field =
299 {'name' : 'captcha_image',
300 'label' : "<span class='hidden'>$msg.get('core.captcha.image.label')</span>",
301 'tag' : 'img',
302 'params' : {
303 'src' : $doc.getURL('imagecaptcha'),
304 'alt' : $msg.get('core.captcha.image.alternateText', [$msg.get('core.register.submit')]),
305 'name' : ''
306 }
307 })
308 #set($discard = $fields.add($field))
309 ## The captcha field, mandatory, programmatically checked to make sure the captcha is right
310 ## Not checked by javascript because javascript can't check the captcha and the Ok message because it passes the
311 ## mandatory test is misleading.
312 ## and not filled back in if there is an error ('noReturn')
313 #set($field =
314 {'name' : 'captcha_answer',
315 'label' : $msg.get('core.captcha.image.instruction'),
316 'params' : {
317 'type' : 'text',
318 'size' : '60'
319 },
320 'validate' : {
321 'mandatory' : {
322 'failureMessage' : $msg.get('core.captcha.captchaAnswerIsWrong'),
323 'noscript' : true
324 },
325 'programmaticValidation' : {
326 'code' : '#checkCaptcha($request, $request.get("captcha_answer"))',
327 'failureMessage' : $msg.get('core.captcha.captchaAnswerIsWrong')
328 }
329 },
330 'noReturn' : true
331 })
332 #set($discard = $fields.add($field))
333 #end
334 ##
335 ## Checks the captcha answer; used by programmaticValidation above.
336 #macro(checkCaptcha, $request, $answer)
337 #set($cv = $captchaservice.getCaptchaVerifier('image'))
338 #if(!$cv.isAnswerCorrect($cv.getUserId($request), $answer))
339 failed
340 #end
341 #end
342 ##
343 ## Pass the name of the template to $xwiki.createUser so any contained information will be passed in.
344 #set($field =
345 {'name' : 'template',
346 'params' : {
347 'type' : 'hidden',
348 'value' : 'XWiki.XWikiUserTemplate'
349 }
350 })
351 #set($discard = $fields.add($field))
352 ##
353 ## Pass the redirect parameter on so that the login page may redirect to the right place.
354 ## Not necessary in Firefox 3.0.10 or Opera 9.64, I don't know about IE or Safari.
355 #set($field =
356 {'name' : $redirectParam,
357 'params' : {
358 'type' : 'hidden'
359 }
360 })
361 #set($discard = $fields.add($field))
362 ##
363 #######################################################################
364 ## The Code.
365 #######################################################################
366 ##
367 #if($useLiveValidation)
368 $xwiki.get('jsfx').use('uicomponents/widgets/validation/livevalidation_prototype.js')
369 $xwiki.get('ssfx').use('uicomponents/widgets/validation/livevalidation.css')
370 #end
371 ## This application's HTML is dynamically generated and editing in WYSIWYG would not work
372 #if($xcontext.getAction() == 'edit')
373 $response.sendRedirect("$xwiki.getURL($doc.getFullName(), 'edit')?editor=wiki")
374 #end
375 ##
376 ## If this document has PR and is not included from another document then it's author should be set to Guest
377 ## for the duration of it's execution in order to improve security.
378 ## Note we compare document ids because
379 #if($sandbox
380 && $xcontext.hasProgrammingRights()
381 && $xcontext.getDoc().getDocumentReference().equals($xwiki.getDocument($documentName).getDocumentReference()))
382 ##
383 $xcontext.dropPermissions()##
384 #end
385 ##
386 ## Access level to register must be explicitly checked because it is only checked in XWiki.prepareDocuments
387 ## and this page is accessible through view action.
388 #if(!$xcontext.hasAccessLevel('register', 'XWiki.XWikiPreferences'))
389 ## Make an exception if another document with programming permission (Invitation app) has included this
390 ## document and set $invited to true.
391 #if(!$invited || !$xcontext.hasProgrammingRights())
392 $response.sendRedirect("$xwiki.getURL($doc.getFullName(), 'login')")
393 #end
394 #end
395 ## If this is true, then assume the registration page is being viewed inside of a lightbox
396 #if($request.get('xpage'))
397 #set($assumeLightbox = true)
398 #end
399 ##
400 ## Display the heading
401 $heading
402 ## If the submit button has been pressed, then we test the input and maybe create the user.
403 #if($request.getParameter('xwikiname'))
404 ## Do server side validation of input fields.
405 #set($discard = "#validateFields($fields, $request)")
406 ## If server side validation was successfull, create the user
407 #if(!$registrationFailed)
408 #createUser($fields, $request, $response, $doAfterRegistration)
409 #end
410 #end
411 ## If the registration was not successful or if the user hasn't submitted the info yet
412 ## Then we display the registration form.
413 #if(!$registrationDone)
414 $welcomeMessage
415
416 {{html clean=false wiki=false}}
417 <form id="register" action="" method="post" class="xform half">
418 <div>
419 <input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" />
420 #generateHtml($fields, $fieldMandatoryStar, $failureMessageParams)
421 <div class="wikimodel-emptyline"></div>
422 <span class="buttonwrapper">
423 #if($assumeLightbox)
424 ## LightBox detected...
425 <script type="text/javascript">
426 ## Make the X button not reload the page. (overriding LbClose)
427 window.lb.lbClose = function() {
428 this.lbHide();
429 this.lbClearData();
430 ##return false;
431 }
432 ## Post the form entry to the page and load the result. (we override lbSaveForm)
433 window.lb.lbSaveForm = function() {
434 var formParams = Form.serialize(this.form);
435 Form.disable(this.form);
436 var ajaxRequest = new Ajax.Request(this.saveUrl, {
437 parameters: formParams,
438 asynchronous: false
439 });
440 window.lb.lbFormDataLoaded(ajaxRequest.transport);
441 }
442 </script>
443 ## It doesn't really matter where these are, the scripts will be relocated to the head.
444 <!-- com.xpn.xwiki.plugin.skinx.CssSkinFileExtensionPlugin -->
445 <!-- com.xpn.xwiki.plugin.skinx.JsSkinFileExtensionPlugin -->
446 ##
447 <input class="button" type="submit" value="$msg.get('save')" onclick="window.lb.lbSaveForm();"/>
448 </span>#* End ButtonWrapper then start another...*#<span class="buttonwrapper">
449 <input class="button secondary" type="submit" value="$msg.get("cancel")" onclick="Form.disable(window.lb.form); window.lb.lbClose();"/>
450 #else
451 ## Not using the LightBox
452 <input type="submit" value="$msg.get('core.register.submit')" class="button"/>
453 #end
454 </span>## ButtonWrapper
455 </div>
456 </form>
457 #if($useLiveValidation)
458 #generateJavascript($fields)
459 #end
460 {{/html}}
461
462 ##
463 ## Allow permitted users to configure this application.
464 #if($xcontext.getUser() != 'XWiki.XWikiGuest' && $xcontext.hasAccessLevel("edit", $documentName))
465 [[$msg.get('xe.admin.registration.youCanConfigureRegistrationHere')>>XWiki.XWikiPreferences?section=Registration&editor=globaladmin#HCustomizeXWikiRegistration]]
466 {{html}}<a href="$xwiki.getURL($documentName, 'edit', 'editor=wiki')">$msg.get('xe.admin.registration.youCanConfigureRegistrationFieldsHere')</a>{{/html}}
467 #end
468 ## If the registration is done (successful) and we detect the Lightbox simply send the user back to the original page.
469 #elseif($assumeLightbox)
470 {{html clean=false wiki=false}}
471 <script type="text/javascript">
472 var url = window.lb.redirectUrl;
473 window.lb.lbClose;
474 if (url != undefined) {
475 if(window.location.pathname + window.location.search == url) {
476 ## Under certain circumstances (bug) Opera will not load a page if the location is the same as the current page.
477 ## In these cases, location.reload() doesn't work either, the only solution (I could find) was to change the URL.
478 window.location.href = url + "&";
479 } else {
480 window.location.href = url;
481 }
482 }
483 </script>
484 {{/html}}
485 #end
486 ##
487 ####### The Macros (nothing below this point is run directly) #########
488 #*
489 * Server side validation, this is necessary for security and because not everyone has Javascript
490 *
491 * @param $fields The array of fields to validate.
492 * @param $request An XWikiRequest object which made the register request, used to get parameters.
493 *###
494 #macro(validateFields, $fields, $request)
495 #foreach($field in $fields)
496 #if($field.get('validate') && $field.get('name'))
497 #set($fieldName = $field.get('name'))
498 #set($validate = $field.get('validate'))
499 #set($error = '')
500 #set($value = $request.get($fieldName))
501 #if($value && $value != '')
502 ##
503 ## mustMatch validation
504 #if($error == '' && $validate.get('mustMatch'))
505 #set($mustMatch = $validate.get('mustMatch'))
506 #if($mustMatch.get('name') && $mustMatch.get('failureMessage'))
507 #if($request.get($fieldName) != $request.get($mustMatch.get('name')))
508 #set($error = $mustMatch.get('failureMessage'))
509 #end
510 #else
511 ERROR: In field: ${fieldName}: mustMatch validation required both name
512 (of field which this field must match) and failureMessage.
513 #end
514 #end
515 ##
516 ## Regex validation
517 ## We won't bother with regex validation if there is no entry, that would defeat the purpose of 'mandatory'
518 #if($error == '' && $validate.get('regex') && $value && $value != '')
519 #set($regex = $validate.get('regex'))
520 #if($regex.get('pattern') && $regex.get('failureMessage'))
521 ## Make Java regexes more compatible with Perl/js style regexes by removing leading and trailing /
522 #if($regex.get('pattern').length() > 1)
523 #set($pattern = $regex.get('pattern').substring(1, $mathtool.add($regex.get('pattern').length(), -1)))
524 #else
525 ## I don't expect this but want to maintain compatibility.
526 #set($pattern = $regex.get('pattern'))
527 #end
528 #if($regextool.find($value, $pattern).isEmpty())
529 #set($error = $regex.get('failureMessage'))
530 #end
531 #elseif($regex.get('pattern'))
532 ERROR: In field: ${fieldName}: regex validation must include failureMessage.
533 #end
534 #end
535 ##
536 ## If regex and mustMatch validation passed, try programmatic validation
537 #if($error == '' && $validate.get('programmaticValidation'))
538 #set($pv = $validate.get('programmaticValidation'))
539 #if($pv.get('code') && $pv.get('failureMessage'))
540 #set($pvReturn = "#evaluate($pv.get('code'))")
541 #if($pvReturn.indexOf('failed') != -1)
542 #set($error = $pv.get('failureMessage'))
543 #end
544 #else
545 ERROR: In field: ${fieldName}: programmaticValidation requires code and failureMessage
546 #end
547 #end
548 #else
549 ##
550 ## If no content, check if content is mandatory
551 #if($validate.get('mandatory'))
552 #set($mandatory = $validate.get('mandatory'))
553 #if($mandatory.get('failureMessage'))
554 #set($error = $mandatory.get('failureMessage'))
555 #else
556 ERROR: In field: ${fieldName}: mandatory validation requires a failureMessage
557 #end
558 #end
559 #end
560 #if($error != '')
561 #set($discard = $field.put('error', $error))
562 #set($registrationFailed = true)
563 #end
564 #elseif(!$field.get('name'))
565 ERROR: Field with no name.
566 #end##if(validate)
567 #end##loop
568 #end##macro
569 #*
570 * Create the user.
571 * Calls $xwiki.createUser to create a new user.
572 *
573 * @param $request An XWikiRequest object which made the register request.
574 * @param $response The XWikiResponse object to send any redirects to.
575 * @param $doAfterRegistration code block to run after registration completes successfully.
576 *###
577 #macro(createUser, $fields, $request, $response, $doAfterRegistration)
578 ## CSRF check
579 #if(${services.csrf.isTokenValid("$!{request.getParameter('form_token')}")})
580 ## See if email verification is required and register the user.
581 #if($xwiki.getXWikiPreferenceAsInt('use_email_verification', 0) == 1)
582 #set($reg = $xwiki.createUser(true))
583 #else
584 #set($reg = $xwiki.createUser(false))
585 #end
586 #else
587 $response.sendRedirect("$!{services.csrf.getResubmissionURL()}")
588 #end
589 ##
590 ## Handle output from the registration.
591 #if($reg && $reg <= 0)
592 {{error}}
593 #if($reg == -2)
594 $msg.get('core.register.passwordMismatch')
595 ## -3 means username taken, -8 means username is superadmin name
596 #elseif($reg == -3 || $reg == -8)
597 $msg.get('core.register.userAlreadyExists')
598 #elseif($reg == -4)
599 $msg.get('core.register.invalidUsername')
600 #else
601 $msg.get('core.register.registerFailed', [$reg])
602 #end
603 {{/error}}
604 #elseif($reg)
605 ## Registration was successful
606 #set($registrationDone = true)
607 ##
608 ## If there is any thing to "doAfterRegistration" then do it.
609 #foreach($field in $fields)
610 #if($field.get('doAfterRegistration'))
611 #evaluate($field.get('doAfterRegistration'))
612 #end
613 #end
614 ## If there is a "global" doAfterRegistration, do that as well.
615 #if($doAfterRegistration)
616 #set($discard = $doAfterRegistration.toString())
617 #end
618 ## Define some strings which may be used by autoLogin or loginButton
619 #set($userName = $!request.get('xwikiname'))
620 #set($password = $!request.get('register_password'))
621 #set($loginURL = $xwiki.getURL($loginPage, $loginAction))
622 #if("$!request.getParameter($redirectParam)" != '')
623 #set($redirect = $request.getParameter($redirectParam))
624 #else
625 #set($redirect = $defaultRedirect)
626 #end
627 ## Display a "registration successful" message
628
629 #evaluate($registrationSuccessMessage)
630
631 ## Empty line prevents message from being forced into a <p> block.
632
633 ## Give the user a login button which posts their username and password to loginsubmit
634 #if($loginButton)
635
636 {{html clean=false wiki=false}}
637 <form id="loginForm" action="$loginURL" method="post">
638 <div>
639 <input type="hidden" name="form_token" value="$!{services.csrf.getToken()}" />
640 <input id="j_username" name="j_username" type="hidden" value="$escapetool.xml($!userName)" />
641 <input id="j_password" name="j_password" type="hidden" value="$escapetool.xml($!password)" />
642 <input id="$redirectParam" name="$redirectParam" type="hidden" value="$escapetool.xml($redirect)" />
643 <span class="buttonwrapper" style="margin-left:47%;">
644 <input type="submit" value="$msg.get('login')" class="button"/>
645 </span>
646 </div>
647 </form>
648 ## We don't want autoLogin if we are administrators adding users...
649 #if($autoLogin && !$assumeLightbox)
650 <script type='text/javascript'>
651 document.observe('dom:loaded', function() {
652 document.forms['loginForm'].submit();
653 });
654 </script>
655 #end
656 {{/html}}
657
658 #end
659 #end
660 ##
661 #end## createUser Macro
662 #*
663 * Generate HTML form, this is the only place where HTML is written.
664 *
665 * @param $fields The array of fields to use for generating html code.
666 * @param $fieldMandatoryStar The tag parameters for a * indicating a mandatory field.
667 * @param $failureMessageParams The tag parameters for a failure message.
668 *###
669 #macro(generateHtml, $fields, $fieldMandatoryStar, $failureMessageParams)
670 ## Put the same values back into the fields.
671 #getParams($fields)
672 ##
673 <dl>
674 #foreach($field in $fields)
675 #if($field.get('name'))
676 #set($fieldName = $field.get('name'))
677 #if($field.get('label'))
678 #set($label = $field.get('label'))
679 <dt><label for="$fieldName">$label
680 #if($field.get('validate').get('mandatory'))
681 <span ##
682 #foreach($entry in $fieldMandatoryStar.entrySet())
683 $entry.getKey()="$entry.getValue()" ##
684 #end
685 >$msg.get('core.validation.required')</span>
686 #end
687 </label>
688 </dt>
689 #end
690 ## If no tag then default tag is <input>
691 #if($field.get('tag'))
692 #set($tag = $field.get('tag'))
693 #else
694 #set($tag = 'input')
695 #end
696 <dd><$tag id="$fieldName" ##
697 #set($params = $field.get('params'))
698 ## If no name parameter is spacified, then we use the field name
699 #if(!$params.get('name'))
700 #set($discard = $params.put('name', $fieldName))
701 #end
702 #foreach($entry in $params.entrySet())
703 ## If a parameter is specified as '' then we don't include it.
704 #if($entry.getValue() != '')
705 $entry.getKey()="$escapetool.xml($entry.getValue())" ##
706 #end
707 #end
708 ></$tag>
709 #if($field.get('error'))
710 <span ##
711 #foreach($entry in $failureMessageParams.entrySet())
712 $entry.getKey()="$entry.getValue()" ##
713 #end
714 >$field.get('error')</span>
715 #end
716 </dd>
717 #else
718 ERROR: Field with no name.
719 #end##if fieldName exists
720 #end
721 </dl>
722 #end
723 #*
724 * Generate the Javascript for interacting with LiveValidation.
725 *
726 * @param $fields The array of fields which to validate.
727 *###
728 #macro(generateJavascript, $fields)
729 <script type='text/javascript'>
730 /* <![CDATA[ */
731 document.observe('dom:loaded', function() {
732 ##
733 #foreach($field in $fields)
734 #if($field.get('validate') && $field.get('name'))
735 #set($validate = $field.get('validate'))
736 #if(($validate.get('mandatory') && !$validate.get('mandatory').get('noscript'))
737 || ($validate.get('regex') && !$validate.get('regex').get('noscript'))
738 || ($validate.get('mustMatch') && !$validate.get('mustMatch').get('noscript')))
739 #set($fieldName = $field.get('name'))
740 #if($validate.get('fieldOkayMessage'))
741 #set($okayMessage = $validate.get('fieldOkayMessage'))
742 #else
743 #set($okayMessage = $defaultFieldOkayMessage)
744 #end
745 var ${fieldName}Validator = new LiveValidation("$fieldName", { validMessage: "$okayMessage", wait: 500} );
746 ##
747 #if($validate.get('mandatory'))
748 #set($mandatory = $validate.get('mandatory'))
749 #if($mandatory.get('failureMessage') && !$mandatory.get('noscript'))
750 ${fieldName}Validator.add( Validate.Presence, { failureMessage: "$!mandatory.get('failureMessage')"} );
751 #end
752 #end
753 ##
754 #if($validate.get('mustMatch'))
755 #set($mustMatch = $validate.get('mustMatch'))
756 #if($mustMatch.get('name') && $mustMatch.get('failureMessage') && !$mustMatch.get('noscript'))
757 ${fieldName}Validator.add( Validate.Confirmation, { match: $$("input[name=$!mustMatch.get('name')]")[0], failureMessage: "$!mustMatch.get('failureMessage')"} );
758 #end
759 #end
760 ##
761 #if($validate.get('regex'))
762 #set($regex = $validate.get('regex'))
763 #set($pattern = "")
764 #if($regex.get('jsPattern'))
765 #set($pattern = $regex.get('jsPattern'))
766 #elseif($regex.get('pattern'))
767 #set($pattern = $regex.get('pattern'))
768 #end
769 #set($failMessage = "")
770 #if($regex.get('jsFailureMessage'))
771 #set($failMessage = $regex.get('jsFailureMessage'))
772 #elseif($regex.get('failureMessage'))
773 #set($failMessage = $regex.get('failureMessage'))
774 #end
775 #if($pattern != '' && $failMessage != '' && !$regex.get('noscript'))
776 ${fieldName}Validator.add( Validate.Format, { pattern: $pattern, failureMessage: "$failMessage"} );
777 #end
778 #end##if regex
779 #end##if contains js validateable fields.
780 #end##if validate
781 #end##loop
782 });// ]]>
783 </script>
784 #end##macro
785 #*
786 * Get parameters from request so that values will be filled in if there is a mistake
787 * in one of the entries. Entries will be returned to fields[n].params.value
788 * Fields will not be returned if they have either noReturn or error specified.
789 *
790 * @param $fields The array of fields to get parameters for.
791 *###
792 #macro(getParams $fields)
793 #foreach($field in $fields)
794 #if($field.get('name') && $request.get($field.get('name')))
795 #if(!$field.get('noReturn') && !$field.get('error'))
796 #if(!$field.get('params'))
797 #set($params = {})
798 #set($discard = $field.put('params', $params))
799 #else
800 #set($params = $field.get('params'))
801 #end
802 #set($discard = $params.put('value', $request.get($field.get('name'))))
803 #end
804 #end
805 #end
806 #end
807 #*
808 * Get the configuration from the configuration object.
809 *
810 * @param $configDocumentName The name of the document to get the configuration from.
811 *###
812 #macro(loadConfig, $configDocumentName)
813 #set($configDocument = $xwiki.getDocument($configDocumentName))
814 #if(!$configDocument || !$configDocument.getObject($documentName))
815 ## No config document, load defaults.
816 #set($heading = "$msg.get('core.register.title')")
817 #set($welcomeMessage = "$msg.get('core.register.welcome')")
818 #set($useLiveValidation = true)
819 #set($defaultFieldOkayMessage = "$msg.get('core.validation.valid.message')")
820 #set($loginButton = true)
821 #set($defaultRedirect = "$xwiki.getURL('Main.WebHome')")
822 #set($userFullName = "$request.get('register_first_name') $request.get('register_last_name')")
823 #set($registrationSuccessMessage = '{{info}}$msg.get("core.register.successful", ["[[$fullName>>$userSpace$userName]]", $userName]){{/info}}')
824 #else
825 #set($configObject = $configDocument.getObject($documentName))
826 #if ($context.action == 'register')
827 #set ($heading = "(% id='document-title'%)((( = #evaluate($configObject.getProperty('heading').getValue()) = )))(%%)")
828 #else
829 #set ($heading = "= #evaluate($configObject.getProperty('heading').getValue()) =")
830 #end
831 #set($welcomeMessage = "#evaluate($configObject.getProperty('welcomeMessage').getValue())")
832 #if($configObject.getProperty('liveValidation_enabled').getValue() == 1)
833 #set($useLiveValidation = true)
834 #end
835 #set($defaultFieldOkayMessage = "#evaluate($configObject.getProperty('liveValidation_defaultFieldOkMessage').getValue())")
836 #if($configObject.getProperty('loginButton_enabled').getValue() == 1)
837 #set($loginButton = true)
838 #end
839 #if($configObject.getProperty('loginButton_autoLogin_enabled').getValue() == 1)
840 #set($autoLogin = true)
841 #end
842 #set($defaultRedirect = "#evaluate($configObject.getProperty('defaultRedirect').getValue())")
843 #set($registrationSuccessMessage = "$configObject.getProperty('registrationSuccessMessage').getValue()")
844 #if($configObject.getProperty('requireCaptcha').getValue() == 1)
845 #set($requireCaptcha = true)
846 #end
847 #end
848 #end
849 {{/velocity}}