$user = $session->getUser();
if ( $user->isLoggedIn() ) {
$this->loadFromUserObject( $user );
-
- // If this user is autoblocked, set a cookie to track the Block. This has to be done on
- // every session load, because an autoblocked editor might not edit again from the same
- // IP address after being blocked.
- $config = RequestContext::getMain()->getConfig();
- if ( $config->get( 'CookieSetOnAutoblock' ) === true ) {
- $block = $this->getBlock();
- $shouldSetCookie = $this->getRequest()->getCookie( 'BlockID' ) === null
- && $block
- && $block->getType() === Block::TYPE_USER
- && $block->isAutoblocking();
- if ( $shouldSetCookie ) {
- wfDebug( __METHOD__ . ': User is autoblocked, setting cookie to track' );
- $block->setCookie( $this->getRequest()->response() );
- }
+ if ( $user->isBlocked() ) {
+ // If this user is autoblocked, set a cookie to track the Block. This has to be done on
+ // every session load, because an autoblocked editor might not edit again from the same
+ // IP address after being blocked.
+ $this->trackBlockWithCookie();
}
// Other code expects these to be set in the session, so set them.
$session->set( 'wsUserID', $this->getId() );
$session->set( 'wsUserName', $this->getName() );
$session->set( 'wsToken', $this->getToken() );
+
return true;
}
+
return false;
}
+ /**
+ * Set the 'BlockID' cookie depending on block type and user authentication status.
+ */
+ public function trackBlockWithCookie() {
+ $block = $this->getBlock();
+ if ( $block && $this->getRequest()->getCookie( 'BlockID' ) === null ) {
+ $config = RequestContext::getMain()->getConfig();
+ $shouldSetCookie = false;
+
+ if ( $this->isAnon() && $config->get( 'CookieSetOnIpBlock' ) ) {
+ // If user is logged-out, set a cookie to track the Block
+ $shouldSetCookie = in_array( $block->getType(), [
+ Block::TYPE_IP, Block::TYPE_RANGE
+ ] );
+ if ( $shouldSetCookie ) {
+ $block->setCookie( $this->getRequest()->response() );
+
+ // temporary measure the use of cookies on ip blocks
+ $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
+ $stats->increment( 'block.ipblock.setCookie.success' );
+ }
+ } elseif ( $this->isLoggedIn() && $config->get( 'CookieSetOnAutoblock' ) ) {
+ $shouldSetCookie = $block->getType() === Block::TYPE_USER && $block->isAutoblocking();
+ if ( $shouldSetCookie ) {
+ $block->setCookie( $this->getRequest()->response() );
+ }
+ }
+ }
+ }
+
/**
* Load user and user_group data from the database.
* $this->mId must be set, this is how the user is identified.
if ( self::isLocallyBlockedProxy( $ip ) ) {
$block = new Block( [
'byText' => wfMessage( 'proxyblocker' )->text(),
- 'reason' => wfMessage( 'proxyblockreason' )->text(),
+ 'reason' => wfMessage( 'proxyblockreason' )->plain(),
'address' => $ip,
'systemBlock' => 'proxy',
] );
} elseif ( $this->isAnon() && $this->isDnsBlacklisted( $ip ) ) {
$block = new Block( [
'byText' => wfMessage( 'sorbs' )->text(),
- 'reason' => wfMessage( 'sorbsreason' )->text(),
+ 'reason' => wfMessage( 'sorbsreason' )->plain(),
'address' => $ip,
'systemBlock' => 'dnsbl',
] );
if ( $block instanceof Block ) {
# Mangle the reason to alert the user that the block
# originated from matching the X-Forwarded-For header.
- $block->mReason = wfMessage( 'xffblockreason', $block->mReason )->text();
+ $block->mReason = wfMessage( 'xffblockreason', $block->mReason )->plain();
}
}
$block = new Block( [
'address' => $ip,
'byText' => 'MediaWiki default',
- 'reason' => wfMessage( 'softblockrangesreason', $ip )->text(),
+ 'reason' => wfMessage( 'softblockrangesreason', $ip )->plain(),
'anonOnly' => true,
'systemBlock' => 'wgSoftBlockRanges',
] );
// An ID was found in the cookie.
$tmpBlock = Block::newFromID( $blockCookieId );
if ( $tmpBlock instanceof Block ) {
- // Check the validity of the block.
- $blockIsValid = $tmpBlock->getType() == Block::TYPE_USER
- && !$tmpBlock->isExpired()
- && $tmpBlock->isAutoblocking();
$config = RequestContext::getMain()->getConfig();
- $useBlockCookie = ( $config->get( 'CookieSetOnAutoblock' ) === true );
+
+ switch ( $tmpBlock->getType() ) {
+ case Block::TYPE_USER:
+ $blockIsValid = !$tmpBlock->isExpired() && $tmpBlock->isAutoblocking();
+ $useBlockCookie = ( $config->get( 'CookieSetOnAutoblock' ) === true );
+ break;
+ case Block::TYPE_IP:
+ case Block::TYPE_RANGE:
+ // If block is type IP or IP range, load only if user is not logged in (T152462)
+ $blockIsValid = !$tmpBlock->isExpired() && !$this->isLoggedIn();
+ $useBlockCookie = ( $config->get( 'CookieSetOnIpBlock' ) === true );
+ break;
+ default:
+ $blockIsValid = false;
+ $useBlockCookie = false;
+ }
+
if ( $blockIsValid && $useBlockCookie ) {
// Use the block.
return $tmpBlock;
if ( ( isset( $info['type'] ) && $info['type'] == 'multiselect' ) ||
( isset( $info['class'] ) && $info['class'] == HTMLMultiSelectField::class ) ) {
$opts = HTMLFormField::flattenOptions( $info['options'] );
- $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $name;
+ $prefix = $info['prefix'] ?? $name;
foreach ( $opts as $value ) {
$multiselectOptions["$prefix$value"] = true;
( isset( $info['class'] ) && $info['class'] == HTMLCheckMatrix::class ) ) {
$columns = HTMLFormField::flattenOptions( $info['columns'] );
$rows = HTMLFormField::flattenOptions( $info['rows'] );
- $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $name;
+ $prefix = $info['prefix'] ?? $name;
foreach ( $columns as $column ) {
foreach ( $rows as $row ) {
/**
* Checks if two user objects point to the same user.
*
- * @since 1.25
- * @param User $user
+ * @since 1.25 ; takes a UserIdentity instead of a User since 1.32
+ * @param UserIdentity $user
* @return bool
*/
- public function equals( User $user ) {
+ public function equals( UserIdentity $user ) {
+ // XXX it's not clear whether central ID providers are supposed to obey this
return $this->getName() === $user->getName();
}
}