dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Bug 10080 - Sysops can now modify a block without unblocking first. Patch by Huji...
[lhc/web/wiklou.git] / includes / SpecialBlockip.php
1 <?php
2 /**
3 * Constructor for Special:Blockip page
4 *
5 * @file
6 * @ingroup SpecialPage
7 */
8
9 /**
10 * Constructor
11 */
12 function wfSpecialBlockip( $par ) {
13 global $wgUser, $wgOut, $wgRequest;
14
15 # Can't block when the database is locked
16 if( wfReadOnly() ) {
17 $wgOut->readOnlyPage();
18 return;
19 }
20
21 # Permission check
22 if( !$wgUser->isAllowed( 'block' ) ) {
23 $wgOut->permissionRequired( 'block' );
24 return;
25 }
26
27 $ipb = new IPBlockForm( $par );
28
29 $action = $wgRequest->getVal( 'action' );
30 if ( 'success' == $action ) {
31 $ipb->showSuccess();
32 } else if ( $wgRequest->wasPosted() && 'submit' == $action &&
33 $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) {
34 $ipb->doSubmit();
35 } else {
36 $ipb->showForm( '' );
37 }
38 }
39
40 /**
41 * Form object for the Special:Blockip page.
42 *
43 * @ingroup SpecialPage
44 */
45 class IPBlockForm {
46 var $BlockAddress, $BlockExpiry, $BlockReason;
47 # var $BlockEmail;
48
49 function IPBlockForm( $par ) {
50 global $wgRequest, $wgUser, $wgLang;
51
52 $this->BlockAddress = $wgRequest->getVal( 'wpBlockAddress', $wgRequest->getVal( 'ip', $par ) );
53 $this->BlockAddress = strtr( $this->BlockAddress, '_', ' ' );
54 $this->AlreadyBlocked = false;
55
56 if( $this->BlockAddress && !$wgRequest->wasPosted() ){
57 $this->mBlock = new Block();
58 if( $this->mBlock->load($this->BlockAddress) ) {
59 $this->AlreadyBlocked = true;
60 $this->BlockReason = wfMsgForContent( 'ipb_modifying_block' );
61 $this->BlockReasonList = $wgRequest->getText( 'wpBlockReasonList' );
62 $this->BlockExpiry = wfMsg('ipbotheroption');
63 $this->BlockOther = $wgLang->timeanddate( $this->mBlock->mExpiry );
64 $this->BlockAnonOnly = $wgRequest->getBool( 'wpAnonOnly', true );
65 $this->BlockCreateAccount = $wgRequest->getBool( 'wpCreateAccount', true );
66 $this->BlockEnableAutoblock = $wgRequest->getBool( 'wpEnableAutoblock', true );
67 $this->BlockEmail = $wgRequest->getBool( 'wpEmailBan', false );
68 $this->BlockEmail = $this->mBlock->mBlockEmail;
69 $this->BlockWatchUser = $wgRequest->getBool( 'wpWatchUser', false );
70 # Re-check user's rights to hide names, very serious, defaults to 0
71 $this->BlockHideName = ( $this->mBlock->mHideName && $wgUser->isAllowed( 'hideuser' ) ) ? 1 : 0;
72 return true;
73 }
74 }
75
76 $this->BlockReason = $wgRequest->getText( 'wpBlockReason' );
77 $this->BlockReasonList = $wgRequest->getText( 'wpBlockReasonList' );
78 $this->BlockExpiry = $wgRequest->getVal( 'wpBlockExpiry', wfMsg('ipbotheroption') );
79 $this->BlockOther = $wgRequest->getVal( 'wpBlockOther', '' );
80
81 # Unchecked checkboxes are not included in the form data at all, so having one
82 # that is true by default is a bit tricky
83 $byDefault = !$wgRequest->wasPosted();
84 $this->BlockAnonOnly = $wgRequest->getBool( 'wpAnonOnly', $byDefault );
85 $this->BlockCreateAccount = $wgRequest->getBool( 'wpCreateAccount', $byDefault );
86 $this->BlockEnableAutoblock = $wgRequest->getBool( 'wpEnableAutoblock', $byDefault );
87 $this->BlockEmail = $wgRequest->getBool( 'wpEmailBan', false );
88 $this->BlockWatchUser = $wgRequest->getBool( 'wpWatchUser', false );
89 # Re-check user's rights to hide names, very serious, defaults to 0
90 $this->BlockHideName = ( $wgRequest->getBool( 'wpHideName', 0 ) && $wgUser->isAllowed( 'hideuser' ) ) ? 1 : 0;
91 }
92
93 function showForm( $err ) {
94 global $wgOut, $wgUser, $wgSysopUserBans;
95
96 $wgOut->setPagetitle( wfMsg( 'blockip' ) );
97 $wgOut->addWikiMsg( 'blockiptext' );
98
99 if($wgSysopUserBans) {
100 $mIpaddress = Xml::label( wfMsg( 'ipadressorusername' ), 'mw-bi-target' );
101 } else {
102 $mIpaddress = Xml::label( wfMsg( 'ipaddress' ), 'mw-bi-target' );
103 }
104 $mIpbexpiry = Xml::label( wfMsg( 'ipbexpiry' ), 'wpBlockExpiry' );
105 $mIpbother = Xml::label( wfMsg( 'ipbother' ), 'mw-bi-other' );
106 $mIpbreasonother = Xml::label( wfMsg( 'ipbreason' ), 'wpBlockReasonList' );
107 $mIpbreason = Xml::label( wfMsg( 'ipbotherreason' ), 'mw-bi-reason' );
108
109 $titleObj = SpecialPage::getTitleFor( 'Blockip' );
110
111 if ( "" != $err ) {
112 $wgOut->setSubtitle( wfMsgHtml( 'formerror' ) );
113 $wgOut->addHTML( Xml::tags( 'p', array( 'class' => 'error' ), $err ) );
114 }
115
116 $scBlockExpiryOptions = wfMsgForContent( 'ipboptions' );
117
118 $showblockoptions = $scBlockExpiryOptions != '-';
119 if (!$showblockoptions)
120 $mIpbother = $mIpbexpiry;
121
122 $blockExpiryFormOptions = Xml::option( wfMsg( 'ipbotheroption' ), 'other' );
123 foreach (explode(',', $scBlockExpiryOptions) as $option) {
124 if ( strpos($option, ":") === false ) $option = "$option:$option";
125 list($show, $value) = explode(":", $option);
126 $show = htmlspecialchars($show);
127 $value = htmlspecialchars($value);
128 $blockExpiryFormOptions .= Xml::option( $show, $value, $this->BlockExpiry === $value ? true : false ) . "\n";
129 }
130
131 $reasonDropDown = Xml::listDropDown( 'wpBlockReasonList',
132 wfMsgForContent( 'ipbreason-dropdown' ),
133 wfMsgForContent( 'ipbreasonotherlist' ), '', 'wpBlockDropDown', 4 );
134
135 global $wgStylePath, $wgStyleVersion;
136 if( $this->AlreadyBlocked ) {
137 $wgOut->addHTML( Xml::element( 'p', array ( 'class' => 'error' ),
138 wfMsg( 'ipb_already_blocked', $this->BlockAddress ) ) );
139 }
140 $wgOut->addHTML(
141 Xml::tags( 'script', array( 'type' => 'text/javascript', 'src' => "$wgStylePath/common/block.js?$wgStyleVersion" ), '' ) .
142 Xml::openElement( 'form', array( 'method' => 'post', 'action' => $titleObj->getLocalURL( "action=submit" ), 'id' => 'blockip' ) ) .
143 Xml::openElement( 'fieldset' ) .
144 Xml::element( 'legend', null, wfMsg( 'blockip-legend' ) ) .
145 Xml::openElement( 'table', array ( 'border' => '0', 'id' => 'mw-blockip-table' ) ) .
146 "<tr>
147 <td class='mw-label'>
148 {$mIpaddress}
149 </td>
150 <td class='mw-input'>" .
151 Xml::input( 'wpBlockAddress', 45, $this->BlockAddress,
152 array(
153 'tabindex' => '1',
154 'id' => 'mw-bi-target',
155 'onchange' => 'updateBlockOptions()' ) ). "
156 </td>
157 </tr>
158 <tr>"
159 );
160 if ( $showblockoptions ) {
161 $wgOut->addHTML("
162 <td class='mw-label'>
163 {$mIpbexpiry}
164 </td>
165 <td class='mw-input'>" .
166 Xml::tags( 'select',
167 array(
168 'id' => 'wpBlockExpiry',
169 'name' => 'wpBlockExpiry',
170 'onchange' => 'considerChangingExpiryFocus()',
171 'tabindex' => '2' ),
172 $blockExpiryFormOptions ) .
173 "</td>"
174 );
175 }
176 $wgOut->addHTML("
177 </tr>
178 <tr id='wpBlockOther'>
179 <td class='mw-label'>
180 {$mIpbother}
181 </td>
182 <td class='mw-input'>" .
183 Xml::input( 'wpBlockOther', 45, $this->BlockOther,
184 array( 'tabindex' => '3', 'id' => 'mw-bi-other' ) ) . "
185 </td>
186 </tr>
187 <tr>
188 <td class='mw-label'>
189 {$mIpbreasonother}
190 </td>
191 <td class='mw-input'>
192 {$reasonDropDown}
193 </td>
194 </tr>
195 <tr id=\"wpBlockReason\">
196 <td class='mw-label'>
197 {$mIpbreason}
198 </td>
199 <td class='mw-input'>" .
200 Xml::input( 'wpBlockReason', 45, $this->BlockReason,
201 array( 'tabindex' => '5', 'id' => 'mw-bi-reason', 'maxlength'=> '200' ) ) . "
202 </td>
203 </tr>
204 <tr id='wpAnonOnlyRow'>
205 <td>&nbsp;</td>
206 <td class='mw-input'>" .
207 Xml::checkLabel( wfMsg( 'ipbanononly' ),
208 'wpAnonOnly', 'wpAnonOnly', $this->BlockAnonOnly,
209 array( 'tabindex' => '6' ) ) . "
210 </td>
211 </tr>
212 <tr id='wpCreateAccountRow'>
213 <td>&nbsp;</td>
214 <td class='mw-input'>" .
215 Xml::checkLabel( wfMsg( 'ipbcreateaccount' ),
216 'wpCreateAccount', 'wpCreateAccount', $this->BlockCreateAccount,
217 array( 'tabindex' => '7' ) ) . "
218 </td>
219 </tr>
220 <tr id='wpEnableAutoblockRow'>
221 <td>&nbsp;</td>
222 <td class='mw-input'>" .
223 Xml::checkLabel( wfMsg( 'ipbenableautoblock' ),
224 'wpEnableAutoblock', 'wpEnableAutoblock', $this->BlockEnableAutoblock,
225 array( 'tabindex' => '8' ) ) . "
226 </td>
227 </tr>"
228 );
229
230 global $wgSysopEmailBans;
231 if ( $wgSysopEmailBans && $wgUser->isAllowed( 'blockemail' ) ) {
232 $wgOut->addHTML("
233 <tr id='wpEnableEmailBan'>
234 <td>&nbsp;</td>
235 <td class='mw-input'>" .
236 Xml::checkLabel( wfMsg( 'ipbemailban' ),
237 'wpEmailBan', 'wpEmailBan', $this->BlockEmail,
238 array( 'tabindex' => '9' )) . "
239 </td>
240 </tr>"
241 );
242 }
243
244 // Allow some users to hide name from block log, blocklist and listusers
245 if ( $wgUser->isAllowed( 'hideuser' ) ) {
246 $wgOut->addHTML("
247 <tr id='wpEnableHideUser'>
248 <td>&nbsp;</td>
249 <td class='mw-input'>" .
250 Xml::checkLabel( wfMsg( 'ipbhidename' ),
251 'wpHideName', 'wpHideName', $this->BlockHideName,
252 array( 'tabindex' => '10' ) ) . "
253 </td>
254 </tr>"
255 );
256 }
257
258 # Watchlist their user page?
259 $wgOut->addHTML("
260 <tr id='wpEnableWatchUser'>
261 <td>&nbsp;</td>
262 <td class='mw-input'>" .
263 Xml::checkLabel( wfMsg( 'ipbwatchuser' ),
264 'wpWatchUser', 'wpWatchUser', $this->BlockWatchUser,
265 array( 'tabindex' => '11' ) ) . "
266 </td>
267 </tr>"
268 );
269
270 $wgOut->addHTML("
271 <tr>
272 <td style='padding-top: 1em'>&nbsp;</td>
273 <td class='mw-submit' style='padding-top: 1em'>" .
274 Xml::submitButton( wfMsg( 'ipbsubmit' ),
275 array( 'name' => 'wpBlock', 'tabindex' => '12' ) ) . "
276 </td>
277 </tr>" .
278 Xml::closeElement( 'table' ) .
279 Xml::hidden( 'wpEditToken', $wgUser->editToken() ) .
280 Xml::closeElement( 'fieldset' ) .
281 Xml::closeElement( 'form' ) .
282 Xml::tags( 'script', array( 'type' => 'text/javascript' ), 'updateBlockOptions()' ) . "\n"
283 );
284
285 $wgOut->addHtml( $this->getConvenienceLinks() );
286
287 $user = User::newFromName( $this->BlockAddress );
288 if( is_object( $user ) ) {
289 $this->showLogFragment( $wgOut, $user->getUserPage() );
290 } elseif( preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/', $this->BlockAddress ) ) {
291 $this->showLogFragment( $wgOut, Title::makeTitle( NS_USER, $this->BlockAddress ) );
292 } elseif( preg_match( '/^\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}/', $this->BlockAddress ) ) {
293 $this->showLogFragment( $wgOut, Title::makeTitle( NS_USER, $this->BlockAddress ) );
294 }
295 }
296
297 /**
298 * Backend block code.
299 * $userID and $expiry will be filled accordingly
300 * @return array(message key, arguments) on failure, empty array on success
301 */
302 function doBlock(&$userId = null, &$expiry = null)
303 {
304 global $wgUser, $wgSysopUserBans, $wgSysopRangeBans;
305
306 $userId = 0;
307 # Expand valid IPv6 addresses, usernames are left as is
308 $this->BlockAddress = IP::sanitizeIP( $this->BlockAddress );
309 # isIPv4() and IPv6() are used for final validation
310 $rxIP4 = '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}';
311 $rxIP6 = '\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}';
312 $rxIP = "($rxIP4|$rxIP6)";
313
314 # Check for invalid specifications
315 if ( !preg_match( "/^$rxIP$/", $this->BlockAddress ) ) {
316 $matches = array();
317 if ( preg_match( "/^($rxIP4)\\/(\\d{1,2})$/", $this->BlockAddress, $matches ) ) {
318 # IPv4
319 if ( $wgSysopRangeBans ) {
320 if ( !IP::isIPv4( $this->BlockAddress ) || $matches[2] < 16 || $matches[2] > 32 ) {
321 return array('ip_range_invalid');
322 }
323 $this->BlockAddress = Block::normaliseRange( $this->BlockAddress );
324 } else {
325 # Range block illegal
326 return array('range_block_disabled');
327 }
328 } else if ( preg_match( "/^($rxIP6)\\/(\\d{1,3})$/", $this->BlockAddress, $matches ) ) {
329 # IPv6
330 if ( $wgSysopRangeBans ) {
331 if ( !IP::isIPv6( $this->BlockAddress ) || $matches[2] < 64 || $matches[2] > 128 ) {
332 return array('ip_range_invalid');
333 }
334 $this->BlockAddress = Block::normaliseRange( $this->BlockAddress );
335 } else {
336 # Range block illegal
337 return array('range_block_disabled');
338 }
339 } else {
340 # Username block
341 if ( $wgSysopUserBans ) {
342 $user = User::newFromName( $this->BlockAddress );
343 if( !is_null( $user ) && $user->getId() ) {
344 # Use canonical name
345 $userId = $user->getId();
346 $this->BlockAddress = $user->getName();
347 } else {
348 return array('nosuchusershort', htmlspecialchars( $user ? $user->getName() : $this->BlockAddress ) );
349 }
350 } else {
351 return array('badipaddress');
352 }
353 }
354 }
355
356 $reasonstr = $this->BlockReasonList;
357 if ( $reasonstr != 'other' && $this->BlockReason != '') {
358 // Entry from drop down menu + additional comment
359 $reasonstr .= ': ' . $this->BlockReason;
360 } elseif ( $reasonstr == 'other' ) {
361 $reasonstr = $this->BlockReason;
362 }
363
364 $expirestr = $this->BlockExpiry;
365 if( $expirestr == 'other' )
366 $expirestr = $this->BlockOther;
367
368 if (strlen($expirestr) == 0) {
369 return array('ipb_expiry_invalid');
370 }
371
372 if ( false === ($expiry = Block::parseExpiryInput( $expirestr )) ) {
373 // Bad expiry.
374 return array('ipb_expiry_invalid');
375 }
376
377 # Create block
378 # Note: for a user block, ipb_address is only for display purposes
379 $block = new Block( $this->BlockAddress, $userId, $wgUser->getId(),
380 $reasonstr, wfTimestampNow(), 0, $expiry, $this->BlockAnonOnly,
381 $this->BlockCreateAccount, $this->BlockEnableAutoblock, $this->BlockHideName,
382 $this->BlockEmail);
383
384 if (wfRunHooks('BlockIp', array(&$block, &$wgUser))) {
385
386 if ( !$block->insert() ) {
387 // Block already exists. Silently delete the existing block and insert it again
388 $oldblock = Block::newFromDB( $this->BlockAddress );
389 $oldblock->delete();
390 $block->insert();
391 }
392
393 wfRunHooks('BlockIpComplete', array($block, $wgUser));
394
395 if ( $this->BlockWatchUser ) {
396 $wgUser->addWatch ( Title::makeTitle( NS_USER, $this->BlockAddress ) );
397 }
398
399 # Prepare log parameters
400 $logParams = array();
401 $logParams[] = $expirestr;
402 $logParams[] = $this->blockLogFlags();
403
404 # Make log entry, if the name is hidden, put it in the oversight log
405 $log_type = ($this->BlockHideName) ? 'suppress' : 'block';
406 $log = new LogPage( $log_type );
407 $log->addEntry( 'block', Title::makeTitle( NS_USER, $this->BlockAddress ),
408 $reasonstr, $logParams );
409
410 # Report to the user
411 return array();
412 }
413 else
414 return array('hookaborted');
415 }
416
417 /**
418 * UI entry point for blocking
419 * Wraps around doBlock()
420 */
421 function doSubmit()
422 {
423 global $wgOut;
424 $retval = $this->doBlock();
425 if(empty($retval)) {
426 $titleObj = SpecialPage::getTitleFor( 'Blockip' );
427 $wgOut->redirect( $titleObj->getFullURL( 'action=success&ip=' .
428 urlencode( $this->BlockAddress ) ) );
429 return;
430 }
431 $key = array_shift($retval);
432 $this->showForm(wfMsgReal($key, $retval));
433 }
434
435 function showSuccess() {
436 global $wgOut;
437
438 $wgOut->setPagetitle( wfMsg( 'blockip' ) );
439 $wgOut->setSubtitle( wfMsg( 'blockipsuccesssub' ) );
440 $text = wfMsgExt( 'blockipsuccesstext', array( 'parse' ), $this->BlockAddress );
441 $wgOut->addHtml( $text );
442 }
443
444 function showLogFragment( $out, $title ) {
445 $out->addHtml( Xml::element( 'h2', NULL, LogPage::logName( 'block' ) ) );
446 LogEventsList::showLogExtract( $out, 'block', $title->getPrefixedText() );
447 }
448
449 /**
450 * Return a comma-delimited list of "flags" to be passed to the log
451 * reader for this block, to provide more information in the logs
452 *
453 * @return array
454 */
455 private function blockLogFlags() {
456 $flags = array();
457 if( $this->BlockAnonOnly && IP::isIPAddress( $this->BlockAddress ) )
458 // when blocking a user the option 'anononly' is not available/has no effect -> do not write this into log
459 $flags[] = 'anononly';
460 if( $this->BlockCreateAccount )
461 $flags[] = 'nocreate';
462 if( !$this->BlockEnableAutoblock )
463 $flags[] = 'noautoblock';
464 if ( $this->BlockEmail )
465 $flags[] = 'noemail';
466 return implode( ',', $flags );
467 }
468
469 /**
470 * Builds unblock and block list links
471 *
472 * @return string
473 */
474 private function getConvenienceLinks() {
475 global $wgUser;
476 $skin = $wgUser->getSkin();
477 $links[] = $skin->makeLink ( 'MediaWiki:Ipbreason-dropdown', wfMsgHtml( 'ipb-edit-dropdown' ) );
478 $links[] = $this->getUnblockLink( $skin );
479 $links[] = $this->getBlockListLink( $skin );
480 return '<p class="mw-ipb-conveniencelinks">' . implode( ' | ', $links ) . '</p>';
481 }
482
483 /**
484 * Build a convenient link to unblock the given username or IP
485 * address, if available; otherwise link to a blank unblock
486 * form
487 *
488 * @param $skin Skin to use
489 * @return string
490 */
491 private function getUnblockLink( $skin ) {
492 $list = SpecialPage::getTitleFor( 'Ipblocklist' );
493 if( $this->BlockAddress ) {
494 $addr = htmlspecialchars( strtr( $this->BlockAddress, '_', ' ' ) );
495 return $skin->makeKnownLinkObj( $list, wfMsgHtml( 'ipb-unblock-addr', $addr ),
496 'action=unblock&ip=' . urlencode( $this->BlockAddress ) );
497 } else {
498 return $skin->makeKnownLinkObj( $list, wfMsgHtml( 'ipb-unblock' ), 'action=unblock' );
499 }
500 }
501
502 /**
503 * Build a convenience link to the block list
504 *
505 * @param $skin Skin to use
506 * @return string
507 */
508 private function getBlockListLink( $skin ) {
509 $list = SpecialPage::getTitleFor( 'Ipblocklist' );
510 if( $this->BlockAddress ) {
511 $addr = htmlspecialchars( strtr( $this->BlockAddress, '_', ' ' ) );
512 return $skin->makeKnownLinkObj( $list, wfMsgHtml( 'ipb-blocklist-addr', $addr ),
513 'ip=' . urlencode( $this->BlockAddress ) );
514 } else {
515 return $skin->makeKnownLinkObj( $list, wfMsgHtml( 'ipb-blocklist' ) );
516 }
517 }
518 }
Wiklou, le Wiki du Wiklou