// User/IP blocking
$block = Block::newFromTarget( $this, $ip, !$bFromSlave );
- // If no block has been found, check for a cookie indicating that the user is blocked.
- $blockCookieVal = (int)$this->getRequest()->getCookie( 'BlockID' );
- if ( !$block instanceof Block && $blockCookieVal > 0 ) {
- // Load the Block from the ID in the cookie.
- $tmpBlock = Block::newFromID( $blockCookieVal );
- if ( $tmpBlock instanceof Block ) {
- // Check the validity of the block.
- $blockIsValid = $tmpBlock->getType() == Block::TYPE_USER
- && !$tmpBlock->isExpired()
- && $tmpBlock->isAutoblocking();
- $config = RequestContext::getMain()->getConfig();
- $useBlockCookie = ( $config->get( 'CookieSetOnAutoblock' ) === true );
- if ( $blockIsValid && $useBlockCookie ) {
- // Use the block.
- $block = $tmpBlock;
- $this->blockTrigger = 'cookie-block';
- } else {
- // If the block is not valid, clear the block cookie (but don't delete it,
- // because it needs to be cleared from LocalStorage as well and an empty string
- // value is checked for in the mediawiki.user.blockcookie module).
- $tmpBlock->setCookie( $this->getRequest()->response(), true );
- }
- }
+ // Cookie blocking
+ if ( !$block instanceof Block ) {
+ $block = $this->getBlockFromCookieValue( $this->getRequest()->getCookie( 'BlockID' ) );
}
// Proxy blocking
Hooks::run( 'GetBlockedStatus', [ &$user ] );
}
+ /**
+ * Try to load a Block from an ID given in a cookie value.
+ * @param string|null $blockCookieVal The cookie value to check.
+ * @return Block|bool The Block object, or false if none could be loaded.
+ */
+ protected function getBlockFromCookieValue( $blockCookieVal ) {
+ // Make sure there's something to check. The cookie value must start with a number.
+ if ( strlen( $blockCookieVal ) < 1 || !is_numeric( substr( $blockCookieVal, 0, 1 ) ) ) {
+ return false;
+ }
+ // Load the Block from the ID in the cookie.
+ $blockCookieId = Block::getIdFromCookieValue( $blockCookieVal );
+ if ( $blockCookieId !== null ) {
+ // An ID was found in the cookie.
+ $tmpBlock = Block::newFromID( $blockCookieId );
+ if ( $tmpBlock instanceof Block ) {
+ // Check the validity of the block.
+ $blockIsValid = $tmpBlock->getType() == Block::TYPE_USER
+ && !$tmpBlock->isExpired()
+ && $tmpBlock->isAutoblocking();
+ $config = RequestContext::getMain()->getConfig();
+ $useBlockCookie = ( $config->get( 'CookieSetOnAutoblock' ) === true );
+ if ( $blockIsValid && $useBlockCookie ) {
+ // Use the block.
+ $this->blockTrigger = 'cookie-block';
+ return $tmpBlock;
+ } else {
+ // If the block is not valid, clear the block cookie (but don't delete it,
+ // because it needs to be cleared from LocalStorage as well and an empty string
+ // value is checked for in the mediawiki.user.blockcookie module).
+ $tmpBlock->setCookie( $this->getRequest()->response(), true );
+ }
+ }
+ }
+ return false;
+ }
+
/**
* Whether the given IP is in a DNS blacklist.
*
return $msg->isDisabled() ? $grant : $msg->text();
}
- /**
- * Make a new-style password hash
- *
- * @param string $password Plain-text password
- * @param bool|string $salt Optional salt, may be random or the user ID.
- * If unspecified or false, will generate one automatically
- * @return string Password hash
- * @deprecated since 1.24, use Password class
- */
- public static function crypt( $password, $salt = false ) {
- wfDeprecated( __METHOD__, '1.24' );
- $passwordFactory = new PasswordFactory();
- $passwordFactory->init( RequestContext::getMain()->getConfig() );
- $hash = $passwordFactory->newFromPlaintext( $password );
- return $hash->toString();
- }
-
- /**
- * Compare a password hash with a plain-text password. Requires the user
- * ID if there's a chance that the hash is an old-style hash.
- *
- * @param string $hash Password hash
- * @param string $password Plain-text password to compare
- * @param string|bool $userId User ID for old-style password salt
- *
- * @return bool
- * @deprecated since 1.24, use Password class
- */
- public static function comparePasswords( $hash, $password, $userId = false ) {
- wfDeprecated( __METHOD__, '1.24' );
-
- // Check for *really* old password hashes that don't even have a type
- // The old hash format was just an md5 hex hash, with no type information
- if ( preg_match( '/^[0-9a-f]{32}$/', $hash ) ) {
- global $wgPasswordSalt;
- if ( $wgPasswordSalt ) {
- $password = ":B:{$userId}:{$hash}";
- } else {
- $password = ":A:{$hash}";
- }
- }
-
- $passwordFactory = new PasswordFactory();
- $passwordFactory->init( RequestContext::getMain()->getConfig() );
- $hash = $passwordFactory->newFromCiphertext( $hash );
- return $hash->equals( $password );
- }
-
/**
* Add a newuser log entry for this user.
* Before 1.19 the return value was always true.