From 9260c3b7cadbc74f097307f49ce389d71ebe6d92 Mon Sep 17 00:00:00 2001 From: Tim Starling Date: Mon, 5 Sep 2005 02:22:20 +0000 Subject: [PATCH] Deferred initialisation of $wgIP, because it's potentially slow, especially if and when we add the 200 NTL proxies to the trusted XFF list. I was hoping to avoid initialisation altogether for anonymous page views, but that turns out to be difficult because of user_newtalk. It is, however, avoided for action=raw. Tested page view, newtalk, IP registration in history and recentchanges, IP block, autoblock and Special:Version. Also moved the old proxy scan code from EditPage.php to a more appropriate location in ProxyTools.php. --- includes/EditPage.php | 50 ++-------------------------- includes/ProxyTools.php | 55 ++++++++++++++++++++++++++++++- includes/RecentChange.php | 26 ++++++++++----- includes/Setup.php | 2 +- includes/Skin.php | 4 +-- includes/SpecialBlockme.php | 8 +++-- includes/SpecialUserlogin.php | 15 +++++---- includes/SpecialVersion.php | 3 +- includes/User.php | 62 +++++++++++++++++++---------------- 9 files changed, 125 insertions(+), 100 deletions(-) diff --git a/includes/EditPage.php b/includes/EditPage.php index a9b0581202..75b335d394 100644 --- a/includes/EditPage.php +++ b/includes/EditPage.php @@ -587,7 +587,7 @@ class EditPage { $this->edittime = $this->mArticle->getTimestamp(); $this->textbox1 = $this->mArticle->getContent( true ); $this->summary = ''; - $this->proxyCheck(); + wfProxyCheck(); } /** @@ -1015,7 +1015,7 @@ END * @todo document */ function blockedIPpage() { - global $wgOut, $wgUser, $wgContLang, $wgIP; + global $wgOut, $wgUser, $wgContLang; $wgOut->setPageTitle( wfMsg( 'blockedtitle' ) ); $wgOut->setRobotpolicy( 'noindex,nofollow' ); @@ -1023,7 +1023,7 @@ END $id = $wgUser->blockedBy(); $reason = $wgUser->blockedFor(); - $ip = $wgIP; + $ip = wfGetIP(); if ( is_numeric( $id ) ) { $name = User::whoIs( $id ); @@ -1068,50 +1068,6 @@ END $wgOut->returnToMain( false ); } - /** - * Forks processes to scan the originating IP for an open proxy server - * MemCached can be used to skip IPs that have already been scanned - */ - function proxyCheck() { - global $wgBlockOpenProxies, $wgProxyPorts, $wgProxyScriptPath; - global $wgIP, $wgUseMemCached, $wgMemc, $wgDBname, $wgProxyMemcExpiry; - - if ( !$wgBlockOpenProxies ) { - return; - } - - # Get MemCached key - $skip = false; - if ( $wgUseMemCached ) { - $mcKey = $wgDBname.':proxy:ip:'.$wgIP; - $mcValue = $wgMemc->get( $mcKey ); - if ( $mcValue ) { - $skip = true; - } - } - - # Fork the processes - if ( !$skip ) { - $title = Title::makeTitle( NS_SPECIAL, 'Blockme' ); - $iphash = md5( $wgIP . $wgProxyKey ); - $url = $title->getFullURL( 'ip='.$iphash ); - - foreach ( $wgProxyPorts as $port ) { - $params = implode( ' ', array( - escapeshellarg( $wgProxyScriptPath ), - escapeshellarg( $wgIP ), - escapeshellarg( $port ), - escapeshellarg( $url ) - )); - exec( "php $params &>/dev/null &" ); - } - # Set MemCached key - if ( $wgUseMemCached ) { - $wgMemc->set( $mcKey, 1, $wgProxyMemcExpiry ); - } - } - } - /** * @access private * @todo document diff --git a/includes/ProxyTools.php b/includes/ProxyTools.php index 3ef4a208db..24108aaef6 100644 --- a/includes/ProxyTools.php +++ b/includes/ProxyTools.php @@ -10,7 +10,12 @@ if ( !defined( 'MEDIAWIKI' ) ) { /** Work out the IP address based on various globals */ function wfGetIP() { - global $wgSquidServers, $wgSquidServersNoPurge; + global $wgSquidServers, $wgSquidServersNoPurge, $wgIP; + + # Return cached result + if ( !empty( $wgIP ) ) { + return $wgIP; + } /* collect the originating ips */ # Client connecting to this webserver @@ -45,6 +50,8 @@ function wfGetIP() { } } + wfDebug( "IP: $ip\n" ); + $wgIP = $ip; return $ip; } @@ -89,5 +96,51 @@ function wfIsIPPublic( $ip ) { } return true; } + +/** + * Forks processes to scan the originating IP for an open proxy server + * MemCached can be used to skip IPs that have already been scanned + */ +function wfProxyCheck() { + global $wgBlockOpenProxies, $wgProxyPorts, $wgProxyScriptPath; + global $wgUseMemCached, $wgMemc, $wgDBname, $wgProxyMemcExpiry; + + if ( !$wgBlockOpenProxies ) { + return; + } + + $ip = wfGetIP(); + # Get MemCached key + $skip = false; + if ( $wgUseMemCached ) { + $mcKey = "$wgDBname:proxy:ip:$ip"; + $mcValue = $wgMemc->get( $mcKey ); + if ( $mcValue ) { + $skip = true; + } + } + + # Fork the processes + if ( !$skip ) { + $title = Title::makeTitle( NS_SPECIAL, 'Blockme' ); + $iphash = md5( $ip . $wgProxyKey ); + $url = $title->getFullURL( 'ip='.$iphash ); + + foreach ( $wgProxyPorts as $port ) { + $params = implode( ' ', array( + escapeshellarg( $wgProxyScriptPath ), + escapeshellarg( $ip ), + escapeshellarg( $port ), + escapeshellarg( $url ) + )); + exec( "php $params &>/dev/null &" ); + } + # Set MemCached key + if ( $wgUseMemCached ) { + $wgMemc->set( $mcKey, 1, $wgProxyMemcExpiry ); + } + } +} + ?> diff --git a/includes/RecentChange.php b/includes/RecentChange.php index ae5ef5f9fc..bcc4f06382 100644 --- a/includes/RecentChange.php +++ b/includes/RecentChange.php @@ -194,8 +194,10 @@ class RecentChange } if ( !$ip ) { - global $wgIP; - $ip = empty( $wgIP ) ? '' : $wgIP; + $ip = wfGetIP(); + if ( !$ip ) { + $ip = ''; + } } $rc = new RecentChange; @@ -235,8 +237,10 @@ class RecentChange $ip='', $size = 0, $newId = 0 ) { if ( !$ip ) { - global $wgIP; - $ip = empty( $wgIP ) ? '' : $wgIP; + $ip = wfGetIP(); + if ( !$ip ) { + $ip = ''; + } } if ( $bot == 'default' ) { $bot = $user->isBot(); @@ -277,9 +281,12 @@ class RecentChange /*static*/ function notifyMove( $timestamp, &$oldTitle, &$newTitle, &$user, $comment, $ip='', $overRedir = false ) { if ( !$ip ) { - global $wgIP; - $ip = empty( $wgIP ) ? '' : $wgIP; + $ip = wfGetIP(); + if ( !$ip ) { + $ip = ''; + } } + $rc = new RecentChange; $rc->mAttribs = array( 'rc_timestamp' => $timestamp, @@ -323,9 +330,12 @@ class RecentChange /*static*/ function notifyLog( $timestamp, &$title, &$user, $comment, $ip='' ) { if ( !$ip ) { - global $wgIP; - $ip = empty( $wgIP ) ? '' : $wgIP; + $ip = wfGetIP(); + if ( !$ip ) { + $ip = ''; + } } + $rc = new RecentChange; $rc->mAttribs = array( 'rc_timestamp' => $timestamp, diff --git a/includes/Setup.php b/includes/Setup.php index e20e63ee2d..a5964eff17 100644 --- a/includes/Setup.php +++ b/includes/Setup.php @@ -80,7 +80,7 @@ if ( $wgUseDynamicDates ) { wfProfileOut( $fname.'-includes' ); wfProfileIn( $fname.'-misc1' ); -$wgIP = wfGetIP(); +$wgIP = false; # Load on demand $wgRequest = new WebRequest(); # Useful debug output diff --git a/includes/Skin.php b/includes/Skin.php index 4f99006bb7..78e0ca8d1e 100644 --- a/includes/Skin.php +++ b/includes/Skin.php @@ -646,7 +646,7 @@ END; } function nameAndLogin() { - global $wgUser, $wgTitle, $wgLang, $wgContLang, $wgShowIPinHeader, $wgIP; + global $wgUser, $wgTitle, $wgLang, $wgContLang, $wgShowIPinHeader; $li = $wgContLang->specialPage( 'Userlogin' ); $lo = $wgContLang->specialPage( 'Userlogout' ); @@ -654,7 +654,7 @@ END; $s = ''; if ( $wgUser->isAnon() ) { if( $wgShowIPinHeader && isset( $_COOKIE[ini_get('session.name')] ) ) { - $n = $wgIP; + $n = wfGetIP(); $tl = $this->makeKnownLinkObj( $wgUser->getTalkPage(), $wgLang->getNsText( NS_TALK ) ); diff --git a/includes/SpecialBlockme.php b/includes/SpecialBlockme.php index 6721d26796..11f4c738db 100644 --- a/includes/SpecialBlockme.php +++ b/includes/SpecialBlockme.php @@ -10,9 +10,11 @@ */ function wfSpecialBlockme() { - global $wgIP, $wgBlockOpenProxies, $wgOut, $wgProxyKey; + global $wgBlockOpenProxies, $wgOut, $wgProxyKey; - if ( !$wgBlockOpenProxies || $_REQUEST['ip'] != md5( $wgIP . $wgProxyKey ) ) { + $ip = wfGetIP(); + + if ( !$wgBlockOpenProxies || $_REQUEST['ip'] != md5( $ip . $wgProxyKey ) ) { $wgOut->addWikiText( wfMsg( "disabled" ) ); return; } @@ -31,7 +33,7 @@ function wfSpecialBlockme() $id = $u->getID(); } - $block = new Block( $wgIP, 0, $id, $reason, wfTimestampNow() ); + $block = new Block( $ip, 0, $id, $reason, wfTimestampNow() ); $block->insert(); $wgOut->addWikiText( $success ); diff --git a/includes/SpecialUserlogin.php b/includes/SpecialUserlogin.php index 57859a4ca3..179a9b08c7 100644 --- a/includes/SpecialUserlogin.php +++ b/includes/SpecialUserlogin.php @@ -162,7 +162,7 @@ class LoginForm { function addNewAccountInternal() { global $wgUser, $wgOut; global $wgUseLatin1, $wgEnableSorbs, $wgProxyWhitelist; - global $wgMemc, $wgAccountCreationThrottle, $wgDBname, $wgIP; + global $wgMemc, $wgAccountCreationThrottle, $wgDBname; global $wgAuth; // If the user passes an invalid domain, something is fishy @@ -189,10 +189,11 @@ class LoginForm { return false; } - if ( $wgEnableSorbs && !in_array( $wgIP, $wgProxyWhitelist ) && - $wgUser->inSorbsBlacklist( $wgIP ) ) + $ip = wfGetIP(); + if ( $wgEnableSorbs && !in_array( $ip, $wgProxyWhitelist ) && + $wgUser->inSorbsBlacklist( $ip ) ) { - $this->mainLoginForm( wfMsg( 'sorbs_create_account_reason' ) . ' (' . htmlspecialchars( $wgIP ) . ')' ); + $this->mainLoginForm( wfMsg( 'sorbs_create_account_reason' ) . ' (' . htmlspecialchars( $ip ) . ')' ); return; } @@ -225,7 +226,7 @@ class LoginForm { } if ( $wgAccountCreationThrottle ) { - $key = $wgDBname.':acctcreate:ip:'.$wgIP; + $key = $wgDBname.':acctcreate:ip:'.$ip; $value = $wgMemc->incr( $key ); if ( !$value ) { $wgMemc->set( $key, 1, 86400 ); @@ -376,7 +377,7 @@ class LoginForm { * @access private */ function mailPasswordInternal( $u ) { - global $wgPasswordSender, $wgDBname, $wgIP; + global $wgPasswordSender, $wgDBname; global $wgCookiePath, $wgCookieDomain; if ( '' == $u->getEmail() ) { @@ -390,7 +391,7 @@ class LoginForm { $u->saveSettings(); - $ip = $wgIP; + $ip = wfGetIP(); if ( '' == $ip ) { $ip = '(Unknown)'; } $m = wfMsg( 'passwordremindertext', $ip, $u->getName(), $np ); diff --git a/includes/SpecialVersion.php b/includes/SpecialVersion.php index d854b44eb1..615a8a6dbb 100644 --- a/includes/SpecialVersion.php +++ b/includes/SpecialVersion.php @@ -139,9 +139,8 @@ class SpecialVersion { } function IPInfo() { - global $wgIP; - $ip = str_replace( '--', ' - - ', htmlspecialchars( $wgIP ) ); + $ip = str_replace( '--', ' - - ', htmlspecialchars( wfGetIP() ) ); return "\n"; } } diff --git a/includes/User.php b/includes/User.php index 727c333f85..dada941ad5 100644 --- a/includes/User.php +++ b/includes/User.php @@ -273,12 +273,12 @@ class User { $fname = 'User::loadDefaults' . $n; wfProfileIn( $fname ); - global $wgContLang, $wgIP, $wgDBname; + global $wgContLang, $wgDBname; global $wgNamespacesToBeSearchedDefault; $this->mId = 0; $this->mNewtalk = -1; - $this->mName = $wgIP; + $this->mName = false; $this->mRealName = $this->mEmail = ''; $this->mEmailAuthenticated = null; $this->mPassword = $this->mNewpassword = ''; @@ -360,7 +360,7 @@ class User { * And it's cheaper to check slave first, then master if needed, than master always. */ function getBlockedStatus( $bFromSlave = true ) { - global $wgIP, $wgBlockCache, $wgProxyList, $wgEnableSorbs, $wgProxyWhitelist; + global $wgBlockCache, $wgProxyList, $wgEnableSorbs, $wgProxyWhitelist; if ( -1 != $this->mBlockedby ) { wfDebug( "User::getBlockedStatus: already loaded.\n" ); @@ -372,11 +372,12 @@ class User { wfDebug( "$fname: checking...\n" ); $this->mBlockedby = 0; + $ip = wfGetIP(); # User/IP blocking $block = new Block(); $block->forUpdate( $bFromSlave ); - if ( $block->load( $wgIP , $this->mId ) ) { + if ( $block->load( $ip , $this->mId ) ) { wfDebug( "$fname: Found block.\n" ); $this->mBlockedby = $block->mBy; $this->mBlockreason = $block->mReason; @@ -391,12 +392,12 @@ class User { if ( !$this->mBlockedby ) { # Check first against slave, and optionally from master. wfDebug( "$fname: Checking range blocks\n" ); - $block = $wgBlockCache->get( $wgIP, true ); + $block = $wgBlockCache->get( $ip, true ); if ( !$block && !$bFromSlave ) { # Not blocked: check against master, to make sure. $wgBlockCache->clearLocal( ); - $block = $wgBlockCache->get( $wgIP, false ); + $block = $wgBlockCache->get( $ip, false ); } if ( $block !== false ) { $this->mBlockedby = $block->mBy; @@ -405,17 +406,17 @@ class User { } # Proxy blocking - if ( !$this->isSysop() && !in_array( $wgIP, $wgProxyWhitelist ) ) { + if ( !$this->isSysop() && !in_array( $ip, $wgProxyWhitelist ) ) { # Local list - if ( array_key_exists( $wgIP, $wgProxyList ) ) { + if ( array_key_exists( $ip, $wgProxyList ) ) { $this->mBlockedby = wfMsg( 'proxyblocker' ); $this->mBlockreason = wfMsg( 'proxyblockreason' ); } # DNSBL if ( !$this->mBlockedby && $wgEnableSorbs && !$this->getID() ) { - if ( $this->inSorbsBlacklist( $wgIP ) ) { + if ( $this->inSorbsBlacklist( $ip ) ) { $this->mBlockedby = wfMsg( 'sorbs' ); $this->mBlockreason = wfMsg( 'sorbsreason' ); } @@ -485,13 +486,14 @@ class User { return false; } - global $wgMemc, $wgIP, $wgDBname, $wgRateLimitLog; + global $wgMemc, $wgDBname, $wgRateLimitLog; $fname = 'User::pingLimiter'; wfProfileIn( $fname ); $limits = $wgRateLimits[$action]; $keys = array(); $id = $this->getId(); + $ip = wfGetIP(); if( isset( $limits['anon'] ) && $id == 0 ) { $keys["$wgDBname:limiter:$action:anon"] = $limits['anon']; @@ -505,9 +507,9 @@ class User { $keys["$wgDBname:limiter:$action:user:$id"] = $limits['newbie']; } if( isset( $limits['ip'] ) ) { - $keys["mediawiki:limiter:$action:ip:$wgIP"] = $limits['ip']; + $keys["mediawiki:limiter:$action:ip:$ip"] = $limits['ip']; } - if( isset( $limits['subnet'] ) && preg_match( '/^(\d+\.\d+\.\d+)\.\d+$/', $wgIP, $matches ) ) { + if( isset( $limits['subnet'] ) && preg_match( '/^(\d+\.\d+\.\d+)\.\d+$/', $ip, $matches ) ) { $subnet = $matches[1]; $keys["mediawiki:limiter:$action:subnet:$subnet"] = $limits['subnet']; } @@ -607,7 +609,7 @@ class User { } /** - * Read datas from session + * Create a new user object using data from session * @static */ function loadFromSession() { @@ -734,6 +736,9 @@ class User { function getName() { $this->loadFromDatabase(); + if ( $this->mName === false ) { + $this->mName = wfGetIP(); + } return $this->mName; } @@ -765,7 +770,7 @@ class User { # entire User object stored in there. if( !$this->mId ) { global $wgDBname, $wgMemc; - $key = "$wgDBname:newtalk:ip:{$this->mName}"; + $key = "$wgDBname:newtalk:ip:" . $this->getName(); $newtalk = $wgMemc->get( $key ); if( is_integer( $newtalk ) ) { $this->mNewtalk = $newtalk ? 1 : 0; @@ -794,7 +799,7 @@ class User { } $dbr->freeResult( $res ); } else { - $res = $dbr->select( 'user_newtalk', 1, array( 'user_ip' => $this->mName ), $fname ); + $res = $dbr->select( 'user_newtalk', 1, array( 'user_ip' => $this->getName() ), $fname ); $this->mNewtalk = $dbr->numRows( $res ) > 0 ? 1 : 0; $dbr->freeResult( $res ); } @@ -1250,8 +1255,8 @@ class User { $_SESSION['wsUserID'] = $this->mId; setcookie( $wgDBname.'UserID', $this->mId, $exp, $wgCookiePath, $wgCookieDomain ); - $_SESSION['wsUserName'] = $this->mName; - setcookie( $wgDBname.'UserName', $this->mName, $exp, $wgCookiePath, $wgCookieDomain ); + $_SESSION['wsUserName'] = $this->getName(); + setcookie( $wgDBname.'UserName', $this->getName(), $exp, $wgCookiePath, $wgCookieDomain ); $_SESSION['wsToken'] = $this->mToken; if ( 1 == $this->getOption( 'rememberpassword' ) ) { @@ -1266,7 +1271,7 @@ class User { * It will clean the session cookie */ function logout() { - global $wgCookiePath, $wgCookieDomain, $wgDBname, $wgIP; + global $wgCookiePath, $wgCookieDomain, $wgDBname; $this->loadDefaults(); $this->setLoaded( true ); @@ -1337,7 +1342,7 @@ class User { if( !$this->mId ) { # Anon users have a separate memcache space for newtalk # since they don't store their own info. Trim... - $wgMemc->delete( "$wgDBname:newtalk:ip:{$this->mName}" ); + $wgMemc->delete( "$wgDBname:newtalk:ip:" . $this->getName() ); } } } else { @@ -1347,8 +1352,8 @@ class User { $key = false; } else { $field = 'user_ip'; - $value = $this->mName; - $key = "$wgDBname:newtalk:ip:$this->mName"; + $value = $this->getName(); + $key = "$wgDBname:newtalk:ip:$value"; } $dbr =& wfGetDB( DB_SLAVE ); @@ -1390,7 +1395,7 @@ class User { $fname = 'User::idForName'; $gotid = 0; - $s = trim( $this->mName ); + $s = trim( $this->getName() ); if ( 0 == strcmp( '', $s ) ) return 0; $dbr =& wfGetDB( DB_SLAVE ); @@ -1425,7 +1430,6 @@ class User { } function spreadBlock() { - global $wgIP; # If the (non-anonymous) user is blocked, this function will block any IP address # that they successfully log on from. $fname = 'User::spreadBlock'; @@ -1441,7 +1445,7 @@ class User { } # Check if this IP address is already blocked - $ipblock = Block::newFromDB( $wgIP ); + $ipblock = Block::newFromDB( wfGetIP() ); if ( $ipblock->isValid() ) { # Just update the timestamp $ipblock->updateTimestamp(); @@ -1449,8 +1453,8 @@ class User { } # Make a new block object with the desired properties - wfDebug( "Autoblocking {$this->mName}@{$wgIP}\n" ); - $ipblock->mAddress = $wgIP; + wfDebug( "Autoblocking {$this->mName}@" . wfGetIP() . "\n" ); + $ipblock->mAddress = wfGetIP(); $ipblock->mUser = 0; $ipblock->mBy = $userblock->mBy; $ipblock->mReason = wfMsg( 'autoblocker', $this->getName(), $userblock->mReason ); @@ -1511,7 +1515,7 @@ class User { * @access public */ function getUserPage() { - return Title::makeTitle( NS_USER, $this->mName ); + return Title::makeTitle( NS_USER, $this->getName() ); } /** @@ -1656,11 +1660,11 @@ class User { * @return mixed True on success, a WikiError object on failure. */ function sendConfirmationMail() { - global $wgIP, $wgContLang; + global $wgContLang; $url = $this->confirmationTokenUrl( $expiration ); return $this->sendMail( wfMsg( 'confirmemail_subject' ), wfMsg( 'confirmemail_body', - $wgIP, + wfGetIP(), $this->getName(), $url, $wgContLang->timeanddate( $expiration, false ) ) ); -- 2.20.1