$this->loadFromId();
break;
case 'session':
- $this->loadFromSession();
+ if( !$this->loadFromSession() ) {
+ // Loading from session failed. Load defaults.
+ $this->loadDefaults();
+ }
wfRunHooks( 'UserLoadAfterLoadFromSession', array( $this ) );
break;
default:
// Certain names may be reserved for batch processes.
foreach ( $reservedUsernames as $reserved ) {
if ( substr( $reserved, 0, 4 ) == 'msg:' ) {
- $reserved = wfMsgForContent( substr( $reserved, 4 ) );
+ $reserved = wfMessage( substr( $reserved, 4 ) )->inContentLanguage()->text();
}
if ( $reserved == $name ) {
return false;
* - 'usable' Valid for batch processes and login
* - 'creatable' Valid for batch processes, login and account creation
*
+ * @throws MWException
* @return bool|string
*/
public static function getCanonicalName( $name, $validate = 'valid' ) {
if( $loggedOut !== null ) {
$this->mTouched = wfTimestamp( TS_MW, $loggedOut );
} else {
- $this->mTouched = '0'; # Allow any pages to be cached
+ $this->mTouched = '1'; # Allow any pages to be cached
}
$this->mToken = null; // Don't run cryptographic functions till we need a token
}
/**
- * Load user data from the session or login cookie. If there are no valid
- * credentials, initialises the user as an anonymous user.
+ * Load user data from the session or login cookie.
* @return Bool True if the user is logged in, false otherwise.
*/
private function loadFromSession() {
if ( $cookieId !== null ) {
$sId = intval( $cookieId );
if( $sessId !== null && $cookieId != $sessId ) {
- $this->loadDefaults(); // Possible collision!
wfDebugLog( 'loginSessions', "Session user ID ($sessId) and
cookie user ID ($sId) don't match!" );
return false;
} elseif ( $sessId !== null && $sessId != 0 ) {
$sId = $sessId;
} else {
- $this->loadDefaults();
return false;
}
$sName = $request->getCookie( 'UserName' );
$request->setSessionData( 'wsUserName', $sName );
} else {
- $this->loadDefaults();
return false;
}
$proposedUser = User::newFromId( $sId );
if ( !$proposedUser->isLoggedIn() ) {
# Not a valid ID
- $this->loadDefaults();
return false;
}
global $wgBlockDisablesLogin;
if( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
# User blocked and we've disabled blocked user logins
- $this->loadDefaults();
return false;
}
$from = 'cookie';
} else {
# No session or persistent login cookie
- $this->loadDefaults();
return false;
}
} else {
# Invalid credentials
wfDebug( "User: can't log in from $from, invalid credentials\n" );
- $this->loadDefaults();
return false;
}
}
$this->mEffectiveGroups = null;
$this->mImplicitGroups = null;
$this->mOptions = null;
+ $this->mEditCount = null;
if ( $reloadFrom ) {
$this->mLoadedItems = array();
$defOpt = $wgDefaultUserOptions;
# default language setting
- $variant = $wgContLang->getDefaultVariant();
- $defOpt['variant'] = $variant;
- $defOpt['language'] = $variant;
+ $defOpt['variant'] = $wgContLang->getCode();
+ $defOpt['language'] = $wgContLang->getCode();
foreach( SearchEngine::searchableNamespaces() as $nsnum => $nsname ) {
$defOpt['searchNs'.$nsnum] = !empty( $wgNamespacesToBeSearchedDefault[$nsnum] );
}
# Local list
if ( self::isLocallyBlockedProxy( $ip ) ) {
$block = new Block;
- $block->setBlocker( wfMsg( 'proxyblocker' ) );
- $block->mReason = wfMsg( 'proxyblockreason' );
+ $block->setBlocker( wfMessage( 'proxyblocker' )->text() );
+ $block->mReason = wfMessage( 'proxyblockreason' )->text();
$block->setTarget( $ip );
} elseif ( $this->isAnon() && $this->isDnsBlacklisted( $ip ) ) {
$block = new Block;
- $block->setBlocker( wfMsg( 'sorbs' ) );
- $block->mReason = wfMsg( 'sorbsreason' );
+ $block->setBlocker( wfMessage( 'sorbs' )->text() );
+ $block->mReason = wfMessage( 'sorbsreason' )->text();
$block->setTarget( $ip );
}
}
if( $str !== null ) {
if( !$wgAuth->allowPasswordChange() ) {
- throw new PasswordError( wfMsg( 'password-change-forbidden' ) );
+ throw new PasswordError( wfMessage( 'password-change-forbidden' )->text() );
}
if( !$this->isValidPassword( $str ) ) {
$message = $valid;
$params = array( $wgMinimalPasswordLength );
}
- throw new PasswordError( wfMsgExt( $message, array( 'parsemag' ), $params ) );
+ throw new PasswordError( wfMessage( $message, $params )->text() );
}
}
if( !$wgAuth->setPassword( $this, $str ) ) {
- throw new PasswordError( wfMsg( 'externaldberror' ) );
+ throw new PasswordError( wfMessage( 'externaldberror' )->text() );
}
$this->setInternalPassword( $str );
* @param $value String Value to set
* @param $exp Int Expiration time, as a UNIX time value;
* if 0 or not specified, use the default $wgCookieExpiration
+ * @param $secure Bool
+ * true: Force setting the secure attribute when setting the cookie
+ * false: Force NOT setting the secure attribute when setting the cookie
+ * null (default): Use the default ($wgCookieSecure) to set the secure attribute
*/
- protected function setCookie( $name, $value, $exp = 0 ) {
- $this->getRequest()->response()->setcookie( $name, $value, $exp );
+ protected function setCookie( $name, $value, $exp = 0, $secure = null ) {
+ $this->getRequest()->response()->setcookie( $name, $value, $exp, null, null, $secure );
}
/**
*
* @param $request WebRequest object to use; $wgRequest will be used if null
* is passed.
+ * @param $secure Whether to force secure/insecure cookies or use default
*/
- public function setCookies( $request = null ) {
+ public function setCookies( $request = null, $secure = null ) {
if ( $request === null ) {
$request = $this->getRequest();
}
if ( $value === false ) {
$this->clearCookie( $name );
} else {
- $this->setCookie( $name, $value );
+ $this->setCookie( $name, $value, 0, $secure );
}
}
+
+ /**
+ * If wpStickHTTPS was selected, also set an insecure cookie that
+ * will cause the site to redirect the user to HTTPS, if they access
+ * it over HTTP. Bug 29898.
+ */
+ if ( $request->getCheck( 'wpStickHTTPS' ) ) {
+ $this->setCookie( 'forceHTTPS', 'true', time() + 2592000, false ); //30 days
+ }
}
/**
$this->clearCookie( 'UserID' );
$this->clearCookie( 'Token' );
+ $this->clearCookie( 'forceHTTPS' );
# Remember when user logged out, to prevent seeing cached pages
$this->setCookie( 'LoggedOut', wfTimestampNow(), time() + 86400 );
* @todo Only rarely do all these fields need to be set!
*/
public function saveSettings() {
+ global $wgAuth;
+
$this->load();
if ( wfReadOnly() ) { return; }
if ( 0 == $this->mId ) { return; }
$this->mTouched = self::newTouchedTimestamp();
+ if ( !$wgAuth->allowSetLocalPassword() ) {
+ $this->mPassword = '';
+ }
$dbw = wfGetDB( DB_MASTER );
$dbw->update( 'user',
}
/**
- * Add this existing user object to the database
+ * Add this existing user object to the database. If the user already
+ * exists, a fatal status object is returned, and the user object is
+ * initialised with the data from the database.
+ *
+ * Previously, this function generated a DB error due to a key conflict
+ * if the user already existed. Many extension callers use this function
+ * in code along the lines of:
+ *
+ * $user = User::newFromName( $name );
+ * if ( !$user->isLoggedIn() ) {
+ * $user->addToDatabase();
+ * }
+ * // do something with $user...
+ *
+ * However, this was vulnerable to a race condition (bug 16020). By
+ * initialising the user object if the user exists, we aim to support this
+ * calling sequence as far as possible.
+ *
+ * Note that if the user exists, this function will acquire a write lock,
+ * so it is still advisable to make the call conditional on isLoggedIn(),
+ * and to commit the transaction after calling.
+ *
+ * @return Status
*/
public function addToDatabase() {
$this->load();
'user_registration' => $dbw->timestamp( $this->mRegistration ),
'user_editcount' => 0,
'user_touched' => $dbw->timestamp( $this->mTouched ),
- ), __METHOD__
+ ), __METHOD__,
+ array( 'IGNORE' )
);
+ if ( !$dbw->affectedRows() ) {
+ $this->mId = $dbw->selectField( 'user', 'user_id',
+ array( 'user_name' => $this->mName ), __METHOD__ );
+ $loaded = false;
+ if ( $this->mId ) {
+ if ( $this->loadFromDatabase() ) {
+ $loaded = true;
+ }
+ }
+ if ( !$loaded ) {
+ throw new MWException( __METHOD__. ": hit a key conflict attempting " .
+ "to insert a user row, but then it doesn't exist when we select it!" );
+ }
+ return Status::newFatal( 'userexists' );
+ }
$this->mId = $dbw->insertId();
// Clear instance cache other than user table data, which is already accurate
$this->clearInstanceCache();
$this->saveOptions();
+ return Status::newGood();
}
/**
$message = 'confirmemail_body_' . $type;
}
- return $this->sendMail( wfMsg( 'confirmemail_subject' ),
- wfMsg( $message,
+ return $this->sendMail( wfMessage( 'confirmemail_subject' )->text(),
+ wfMessage( $message,
$this->getRequest()->getIP(),
$this->getName(),
$url,
$wgLang->timeanddate( $expiration, false ),
$invalidateURL,
$wgLang->date( $expiration, false ),
- $wgLang->time( $expiration, false ) ) );
+ $wgLang->time( $expiration, false ) )->text() );
}
/**
public static function getGroupsWithPermission( $role ) {
global $wgGroupPermissions;
$allowedGroups = array();
- foreach ( $wgGroupPermissions as $group => $rights ) {
- if ( isset( $rights[$role] ) && $rights[$role] ) {
+ foreach ( array_keys( $wgGroupPermissions ) as $group ) {
+ if ( self::groupHasPermission( $group, $role ) ) {
$allowedGroups[] = $group;
}
}
return $allowedGroups;
}
+ /**
+ * Check, if the given group has the given permission
+ *
+ * @param $group String Group to check
+ * @param $role String Role to check
+ * @return bool
+ */
+ public static function groupHasPermission( $group, $role ) {
+ global $wgGroupPermissions, $wgRevokePermissions;
+ return isset( $wgGroupPermissions[$group][$role] ) && $wgGroupPermissions[$group][$role]
+ && !( isset( $wgRevokePermissions[$group][$role] ) && $wgRevokePermissions[$group][$role] );
+ }
+
/**
* Get the localized descriptive name for a group, if it exists
*
$action = 'create2';
if ( $byEmail ) {
if ( $reason === '' ) {
- $reason = wfMsgForContent( 'newuserlog-byemail' );
+ $reason = wfMessage( 'newuserlog-byemail' )->inContentLanguage()->text();
} else {
$reason = $wgContLang->commaList( array(
- $reason, wfMsgForContent( 'newuserlog-byemail' ) ) );
+ $reason, wfMessage( 'newuserlog-byemail' )->inContentLanguage()->text() ) );
}
}
}
* @todo document
*/
protected function loadOptions() {
+ global $wgContLang;
+
$this->load();
- if ( $this->mOptionsLoaded || !$this->getId() )
+
+ if ( $this->mOptionsLoaded ) {
return;
+ }
$this->mOptions = self::getDefaultOptions();
+ if ( !$this->getId() ) {
+ // For unlogged-in users, load language/variant options from request.
+ // There's no need to do it for logged-in users: they can set preferences,
+ // and handling of page content is done by $pageLang->getPreferredVariant() and such,
+ // so don't override user's choice (especially when the user chooses site default).
+ $variant = $wgContLang->getDefaultVariant();
+ $this->mOptions['variant'] = $variant;
+ $this->mOptions['language'] = $variant;
+ $this->mOptionsLoaded = true;
+ return;
+ }
+
// Maybe load from the object
if ( !is_null( $this->mOptionOverrides ) ) {
wfDebug( "User: loading options for user " . $this->getId() . " from override cache.\n" );
/*
if ( $wgMinimalPasswordLength > 1 ) {
$ret['pattern'] = '.{' . intval( $wgMinimalPasswordLength ) . ',}';
- $ret['title'] = wfMsgExt( 'passwordtooshort', 'parsemag',
- $wgMinimalPasswordLength );
+ $ret['title'] = wfMessage( 'passwordtooshort' )
+ ->numParams( $wgMinimalPasswordLength )->text();
}
*/