<?php
/**
* Blocks and bans object
- * @package MediaWiki
*/
/**
* Globals used: $wgAutoblockExpiry, $wgAntiLockFlags
*
* @todo This could be used everywhere, but it isn't.
- * @package MediaWiki
*/
class Block
{
/* public*/ var $mAddress, $mUser, $mBy, $mReason, $mTimestamp, $mAuto, $mId, $mExpiry,
- $mRangeStart, $mRangeEnd, $mAnonOnly;
+ $mRangeStart, $mRangeEnd, $mAnonOnly, $mEnableAutoblock, $mHideName;
/* private */ var $mNetworkBits, $mIntegerAddr, $mForUpdate, $mFromMaster, $mByName;
const EB_KEEP_EXPIRED = 1;
const EB_FOR_UPDATE = 2;
const EB_RANGE_ONLY = 4;
- function Block( $address = '', $user = 0, $by = 0, $reason = '',
- $timestamp = '' , $auto = 0, $expiry = '', $anonOnly = 0, $createAccount = 0 )
+ function __construct( $address = '', $user = 0, $by = 0, $reason = '',
+ $timestamp = '' , $auto = 0, $expiry = '', $anonOnly = 0, $createAccount = 0, $enableAutoblock = 0,
+ $hideName = 0 )
{
$this->mId = 0;
+ # Expand valid IPv6 addresses
+ $address = IP::sanitizeIP( $address );
$this->mAddress = $address;
$this->mUser = $user;
$this->mBy = $by;
$this->mAnonOnly = $anonOnly;
$this->mCreateAccount = $createAccount;
$this->mExpiry = self::decodeExpiry( $expiry );
+ $this->mEnableAutoblock = $enableAutoblock;
+ $this->mHideName = $hideName;
$this->mForUpdate = false;
$this->mFromMaster = false;
static function newFromID( $id )
{
- $dbr =& wfGetDB( DB_SLAVE );
+ $dbr = wfGetDB( DB_SLAVE );
$res = $dbr->resultObject( $dbr->select( 'ipblocks', '*',
array( 'ipb_id' => $id ), __METHOD__ ) );
$block = new Block;
{
$this->mAddress = $this->mReason = $this->mTimestamp = '';
$this->mId = $this->mAnonOnly = $this->mCreateAccount =
- $this->mAuto = $this->mUser = $this->mBy = 0;
+ $this->mEnableAutoblock = $this->mAuto = $this->mUser =
+ $this->mBy = $this->mHideName = 0;
$this->mByName = false;
}
{
global $wgAntiLockFlags;
if ( $this->mForUpdate || $this->mFromMaster ) {
- $db =& wfGetDB( DB_MASTER );
+ $db = wfGetDB( DB_MASTER );
if ( !$this->mForUpdate || ($wgAntiLockFlags & ALF_NO_BLOCK_LOCK) ) {
$options = array();
} else {
$options = array( 'FOR UPDATE' );
}
} else {
- $db =& wfGetDB( DB_SLAVE );
+ $db = wfGetDB( DB_SLAVE );
$options = array();
}
return $db;
$options = array();
$db =& $this->getDBOptions( $options );
- $ret = false;
- $killed = false;
-
if ( 0 == $user && $address == '' ) {
# Invalid user specification, not blocked
$this->clear();
}
# Try range block
- if ( $this->loadRange( $address, $killExpired, $user == 0 ) ) {
+ if ( $this->loadRange( $address, $killExpired, $user ) ) {
if ( $user && $this->mAnonOnly ) {
$this->clear();
return false;
/**
* Fill in member variables from a result wrapper
*/
- function loadFromResult( ResultWrapper $res, $killExpired = true ) {
+ function loadFromResult( ResultWrapper $res, $killExpired = true )
+ {
$ret = false;
if ( 0 != $res->numRows() ) {
# Get first block
* Search the database for any range blocks matching the given address, and
* load the row if one is found.
*/
- function loadRange( $address, $killExpired = true )
+ function loadRange( $address, $killExpired = true, $user = 0 )
{
- $iaddr = IP::ToHex( $address );
+ $iaddr = IP::toHex( $address );
if ( $iaddr === false ) {
# Invalid address
return false;
"ipb_range_start <= '$iaddr'",
"ipb_range_end >= '$iaddr'"
);
+
+ if ( $user ) {
+ $conds['ipb_anon_only'] = 0;
+ }
$res = $db->resultObject( $db->select( 'ipblocks', '*', $conds, __METHOD__, $options ) );
$success = $this->loadFromResult( $res, $killExpired );
/**
* Determine if a given integer IPv4 address is in a given CIDR network
+ * @deprecated Use IP::isInRange
*/
function isAddressInRange( $addr, $range ) {
- list( $network, $bits ) = wfParseCIDR( $range );
- if ( $network !== false && $addr >> ( 32 - $bits ) == $network >> ( 32 - $bits ) ) {
- return true;
- } else {
- return false;
- }
+ return IP::isInRange( $addr, $range );
}
function initFromRow( $row )
$this->mAuto = $row->ipb_auto;
$this->mAnonOnly = $row->ipb_anon_only;
$this->mCreateAccount = $row->ipb_create_account;
+ $this->mEnableAutoblock = $row->ipb_enable_autoblock;
+ $this->mHideName = $row->ipb_deleted;
$this->mId = $row->ipb_id;
$this->mExpiry = self::decodeExpiry( $row->ipb_expiry );
if ( isset( $row->user_name ) ) {
{
$this->mRangeStart = '';
$this->mRangeEnd = '';
+
if ( $this->mUser == 0 ) {
- list( $network, $bits ) = wfParseCIDR( $this->mAddress );
- if ( $network !== false ) {
- $this->mRangeStart = sprintf( '%08X', $network );
- $this->mRangeEnd = sprintf( '%08X', $network + (1 << (32 - $bits)) - 1 );
- }
+ list( $this->mRangeStart, $this->mRangeEnd ) = IP::parseRange( $this->mAddress );
}
}
$block = new Block();
if ( $flags & Block::EB_FOR_UPDATE ) {
- $db =& wfGetDB( DB_MASTER );
+ $db = wfGetDB( DB_MASTER );
if ( $wgAntiLockFlags & ALF_NO_BLOCK_LOCK ) {
$options = '';
} else {
}
$block->forUpdate( true );
} else {
- $db =& wfGetDB( DB_SLAVE );
+ $db = wfGetDB( DB_SLAVE );
$options = '';
}
if ( $flags & Block::EB_RANGE_ONLY ) {
$now = wfTimestampNow();
- extract( $db->tableNames( 'ipblocks', 'user' ) );
+ list( $ipblocks, $user ) = $db->tableNamesN( 'ipblocks', 'user' );
$sql = "SELECT $ipblocks.*,user_name FROM $ipblocks,$user " .
"WHERE user_id=ipb_by $cond ORDER BY ipb_timestamp DESC $options";
call_user_func( $callback, $block, $tag );
}
}
- wfFreeResult( $res );
+ $db->freeResult( $res );
return $num_rows;
}
throw new MWException( "Block::delete() now requires that the mId member be filled\n" );
}
- $dbw =& wfGetDB( DB_MASTER );
+ $dbw = wfGetDB( DB_MASTER );
$dbw->delete( 'ipblocks', array( 'ipb_id' => $this->mId ), __METHOD__ );
return $dbw->affectedRows() > 0;
}
+ /**
+ * Insert a block into the block table.
+ *@return Whether or not the insertion was successful.
+ */
function insert()
{
wfDebug( "Block::insert; timestamp {$this->mTimestamp}\n" );
- $dbw =& wfGetDB( DB_MASTER );
- $dbw->begin();
+ $dbw = wfGetDB( DB_MASTER );
- # Unset ipb_anon_only and ipb_create_account for user blocks, makes no sense
+ # Unset ipb_anon_only for user blocks, makes no sense
if ( $this->mUser ) {
$this->mAnonOnly = 0;
- $this->mCreateAccount = 0;
+ }
+
+ # Unset ipb_enable_autoblock for IP blocks, makes no sense
+ if ( !$this->mUser ) {
+ $this->mEnableAutoblock = 0;
}
# Don't collide with expired blocks
Block::purgeExpired();
-
+
$ipb_id = $dbw->nextSequenceValue('ipblocks_ipb_id_val');
$dbw->insert( 'ipblocks',
array(
'ipb_auto' => $this->mAuto,
'ipb_anon_only' => $this->mAnonOnly,
'ipb_create_account' => $this->mCreateAccount,
+ 'ipb_enable_autoblock' => $this->mEnableAutoblock,
'ipb_expiry' => self::encodeExpiry( $this->mExpiry, $dbw ),
'ipb_range_start' => $this->mRangeStart,
'ipb_range_end' => $this->mRangeEnd,
+ 'ipb_deleted' => $this->mHideName
), 'Block::insert', array( 'IGNORE' )
);
$affected = $dbw->affectedRows();
$dbw->commit();
+
+ if ($affected)
+ $this->doRetroactiveAutoblock();
+
return $affected;
}
+ /**
+ * Retroactively autoblocks the last IP used by the user (if it is a user)
+ * blocked by this Block.
+ *@return Whether or not a retroactive autoblock was made.
+ */
+ function doRetroactiveAutoblock() {
+ $dbr = wfGetDB( DB_SLAVE );
+ #If autoblock is enabled, autoblock the LAST IP used
+ # - stolen shamelessly from CheckUser_body.php
+
+ if ($this->mEnableAutoblock && $this->mUser) {
+ wfDebug("Doing retroactive autoblocks for " . $this->mAddress . "\n");
+
+ $row = $dbr->selectRow( 'recentchanges', array( 'rc_ip' ), array( 'rc_user_text' => $this->mAddress ),
+ __METHOD__ , array( 'ORDER BY' => 'rc_timestamp DESC' ) );
+
+ if ( !$row || !$row->rc_ip ) {
+ #No results, don't autoblock anything
+ wfDebug("No IP found to retroactively autoblock\n");
+ } else {
+ #Limit is 1, so no loop needed.
+ $retroblockip = $row->rc_ip;
+ return $this->doAutoblock( $retroblockip, true );
+ }
+ }
+ }
+
+ /**
+ * Autoblocks the given IP, referring to this Block.
+ * @param string $autoblockip The IP to autoblock.
+ * @param bool $justInserted The main block was just inserted
+ * @return bool Whether or not an autoblock was inserted.
+ */
+ function doAutoblock( $autoblockip, $justInserted = false ) {
+ # Check if this IP address is already blocked
+ $dbw = wfGetDB( DB_MASTER );
+
+ # If autoblocks are disabled, go away.
+ if ( !$this->mEnableAutoblock ) {
+ return;
+ }
+
+ # Check for presence on the autoblock whitelist
+ # TODO cache this?
+ $lines = explode( "\n", wfMsgForContentNoTrans( 'autoblock_whitelist' ) );
+
+ $ip = $autoblockip;
+
+ wfDebug("Checking the autoblock whitelist..\n");
+
+ foreach( $lines as $line ) {
+ # List items only
+ if ( substr( $line, 0, 1 ) !== '*' ) {
+ continue;
+ }
+
+ $wlEntry = substr($line, 1);
+ $wlEntry = trim($wlEntry);
+
+ wfDebug("Checking $ip against $wlEntry...");
+
+ # Is the IP in this range?
+ if (IP::isInRange( $ip, $wlEntry )) {
+ wfDebug(" IP $ip matches $wlEntry, not autoblocking\n");
+ #$autoblockip = null; # Don't autoblock a whitelisted IP.
+ return; #This /SHOULD/ introduce a dummy block - but
+ # I don't know a safe way to do so. -werdna
+ } else {
+ wfDebug( " No match\n" );
+ }
+ }
+
+ # It's okay to autoblock. Go ahead and create/insert the block.
+
+ $ipblock = Block::newFromDB( $autoblockip );
+ if ( $ipblock ) {
+ # If the user is already blocked. Then check if the autoblock would
+ # exceed the user block. If it would exceed, then do nothing, else
+ # prolong block time
+ if ($this->mExpiry &&
+ ($this->mExpiry < Block::getAutoblockExpiry($ipblock->mTimestamp))) {
+ return;
+ }
+ # Just update the timestamp
+ if ( !$justInserted ) {
+ $ipblock->updateTimestamp();
+ }
+ return;
+ } else {
+ $ipblock = new Block;
+ }
+
+ # Make a new block object with the desired properties
+ wfDebug( "Autoblocking {$this->mAddress}@" . $autoblockip . "\n" );
+ $ipblock->mAddress = $autoblockip;
+ $ipblock->mUser = 0;
+ $ipblock->mBy = $this->mBy;
+ $ipblock->mReason = wfMsgForContent( 'autoblocker', $this->mAddress, $this->mReason );
+ $ipblock->mTimestamp = wfTimestampNow();
+ $ipblock->mAuto = 1;
+ $ipblock->mCreateAccount = $this->mCreateAccount;
+ # Continue suppressing the name if needed
+ $ipblock->mHideName = $this->mHideName;
+
+ # If the user is already blocked with an expiry date, we don't
+ # want to pile on top of that!
+ if($this->mExpiry) {
+ $ipblock->mExpiry = min ( $this->mExpiry, Block::getAutoblockExpiry( $this->mTimestamp ));
+ } else {
+ $ipblock->mExpiry = Block::getAutoblockExpiry( $this->mTimestamp );
+ }
+ # Insert it
+ return $ipblock->insert();
+ }
+
function deleteIfExpired()
{
$fname = 'Block::deleteIfExpired';
$this->mTimestamp = wfTimestamp();
$this->mExpiry = Block::getAutoblockExpiry( $this->mTimestamp );
- $dbw =& wfGetDB( DB_MASTER );
+ $dbw = wfGetDB( DB_MASTER );
$dbw->update( 'ipblocks',
array( /* SET */
'ipb_timestamp' => $dbw->timestamp($this->mTimestamp),
return $this->mNetworkBits;
}*/
+ /**
+ * @return The blocker user ID.
+ */
+ public function getBy() {
+ return $this->mBy;
+ }
+
+ /**
+ * @return The blocker user name.
+ */
function getByName()
{
if ( $this->mByName === false ) {
global $wgAutoblockExpiry;
return wfTimestamp( TS_MW, wfTimestamp( TS_UNIX, $timestamp ) + $wgAutoblockExpiry );
}
-
- static function normaliseRange( $range )
- {
+
+ /**
+ * Gets rid of uneeded numbers in quad-dotted/octet IP strings
+ * For example, 127.111.113.151/24 -> 127.111.113.0/24
+ */
+ static function normaliseRange( $range ) {
$parts = explode( '/', $range );
if ( count( $parts ) == 2 ) {
- $shift = 32 - $parts[1];
- $ipint = IP::ToUnsigned( $parts[0] );
- $ipint = $ipint >> $shift << $shift;
- $newip = long2ip( $ipint );
- $range = "$newip/{$parts[1]}";
+ // IPv6
+ if ( IP::isIPv6($range) && $parts[1] >= 64 && $parts[1] <= 128 ) {
+ $bits = $parts[1];
+ $ipint = IP::toUnsigned6( $parts[0] );
+ # Native 32 bit functions WONT work here!!!
+ # Convert to a padded binary number
+ $network = wfBaseConvert( $ipint, 10, 2, 128 );
+ # Truncate the last (128-$bits) bits and replace them with zeros
+ $network = str_pad( substr( $network, 0, $bits ), 128, 0, STR_PAD_RIGHT );
+ # Convert back to an integer
+ $network = wfBaseConvert( $network, 2, 10 );
+ # Reform octet address
+ $newip = IP::toOctet( $network );
+ $range = "$newip/{$parts[1]}";
+ } // IPv4
+ else if ( IP::isIPv4($range) && $parts[1] >= 16 && $parts[1] <= 32 ) {
+ $shift = 32 - $parts[1];
+ $ipint = IP::toUnsigned( $parts[0] );
+ $ipint = $ipint >> $shift << $shift;
+ $newip = long2ip( $ipint );
+ $range = "$newip/{$parts[1]}";
+ }
}
return $range;
}
* Purge expired blocks from the ipblocks table
*/
static function purgeExpired() {
- $dbw =& wfGetDB( DB_MASTER );
+ $dbw = wfGetDB( DB_MASTER );
$dbw->delete( 'ipblocks', array( 'ipb_expiry < ' . $dbw->addQuotes( $dbw->timestamp() ) ), __METHOD__ );
}
/*
static $infinity;
if ( !isset( $infinity ) ) {
- $dbr =& wfGetDB( DB_SLAVE );
+ $dbr = wfGetDB( DB_SLAVE );
$infinity = $dbr->bigTimestamp();
}
return $infinity;