* of the database.
*/
class User implements IDBAccessObject, UserIdentity {
+
/**
- * @const int Number of characters in user_token field.
+ * Number of characters required for the user_token field.
*/
const TOKEN_LENGTH = 32;
/**
- * @const string An invalid value for user_token
+ * An invalid string value for the user_token field.
*/
const INVALID_TOKEN = '*** INVALID ***';
/**
- * @const int Serialized record version.
+ * Version number to tag cached versions of serialized User objects. Should be increased when
+ * {@link $mCacheVars} or one of it's members changes.
*/
const VERSION = 13;
return $name;
}
- /**
- * Return a random password.
- *
- * @deprecated since 1.27, use PasswordFactory::generateRandomPasswordString()
- * @return string New random password
- */
- public static function randomPassword() {
- global $wgMinimalPasswordLength;
- return PasswordFactory::generateRandomPasswordString( $wgMinimalPasswordLength );
- }
-
/**
* Set cached properties to default.
*
$user = $session->getUser();
if ( $user->isLoggedIn() ) {
$this->loadFromUserObject( $user );
- if ( $user->isBlocked() ) {
+ if ( $user->getBlock() ) {
// If this user is autoblocked, set a cookie to track the Block. This has to be done on
// every session load, because an autoblocked editor might not edit again from the same
// IP address after being blocked.
* protected against race conditions using a compare-and-set (CAS) mechanism
* based on comparing $this->mTouched with the user_touched field.
*
- * @param Database $db
+ * @param IDatabase $db
* @param array $conditions WHERE conditions for use with Database::update
* @return array WHERE conditions for use with Database::update
*/
- protected function makeUpdateConditions( Database $db, array $conditions ) {
+ protected function makeUpdateConditions( IDatabase $db, array $conditions ) {
if ( $this->mTouched ) {
// CAS check: only update if the row wasn't changed sicne it was loaded.
$conditions['user_touched'] = $db->timestamp( $this->mTouched );
// Set the user limit key
if ( $userLimit !== false ) {
+ // phan is confused because &can-bypass's value is a bool, so it assumes
+ // that $userLimit is also a bool here.
+ // @phan-suppress-next-line PhanTypeInvalidExpressionArrayDestructuring
list( $max, $period ) = $userLimit;
wfDebug( __METHOD__ . ": effective user limit: $max in {$period}s\n" );
$keys[$cache->makeKey( 'limiter', $action, 'user', $id )] = $userLimit;
$triggered = false;
foreach ( $keys as $key => $limit ) {
+ // phan is confused because &can-bypass's value is a bool, so it assumes
+ // that $userLimit is also a bool here.
+ // @phan-suppress-next-line PhanTypeInvalidExpressionArrayDestructuring
list( $max, $period ) = $limit;
$summary = "(limit $max in {$period}s)";
$count = $cache->get( $key );
/**
* Check if user is blocked
*
+ * @deprecated since 1.34, use User::getBlock() or
+ * PermissionManager::isBlockedFrom() or
+ * PermissionManager::userCan() instead.
+ *
* @param bool $fromReplica Whether to check the replica DB instead of
* the master. Hacked from false due to horrible probs on site.
* @return bool True if blocked, false otherwise
// $user->isAllowed(). It is also checked in Title::checkUserBlock()
// to give a better error message in the common case.
$config = RequestContext::getMain()->getConfig();
+ // @TODO Partial blocks should not prevent the user from logging in.
+ // see: https://phabricator.wikimedia.org/T208895
if (
$this->isLoggedIn() &&
$config->get( 'BlockDisablesLogin' ) &&
- $this->isBlocked()
+ $this->getBlock()
) {
$anon = new User;
$this->mRights = array_intersect( $this->mRights, $anon->getRights() );
* @return bool A block was spread
*/
public function spreadAnyEditBlock() {
- if ( $this->isLoggedIn() && $this->isBlocked() ) {
+ if ( $this->isLoggedIn() && $this->getBlock() ) {
return $this->spreadBlock();
}