X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=includes%2FUser.php;h=22c90cdd16539bda7ca8bc470f71d08f437f24c6;hb=70e760ee4e37edad1be0573b37c17fe6899e4806;hp=da8ff7925dce08a8dce70667313df5cf72e61b04;hpb=524c5849274e224449414926cd32559aa76b53e6;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/User.php b/includes/User.php
index da8ff7925d..22c90cdd16 100644
--- a/includes/User.php
+++ b/includes/User.php
@@ -1430,8 +1430,8 @@ class User implements IDBAccessObject {
 		foreach ( $toPromote as $group ) {
 			$this->addGroup( $group );
 		}
-
 		// update groups in external authentication database
+		Hooks::run( 'UserGroupsChanged', array( $this, $toPromote, array(), false ) );
 		$wgAuth->updateExternalDBGroups( $this, $toPromote );
 
 		$newGroups = array_merge( $oldGroups, $toPromote ); // all groups
@@ -1591,7 +1591,7 @@ class User implements IDBAccessObject {
 		# We only need to worry about passing the IP address to the Block generator if the
 		# user is not immune to autoblocks/hardblocks, and they are the current user so we
 		# know which IP address they're actually coming from
-		if ( !$this->isAllowed( 'ipblock-exempt' ) && $this->getID() == $wgUser->getID() ) {
+		if ( !$this->isAllowed( 'ipblock-exempt' ) && $this->equals( $wgUser ) ) {
 			$ip = $this->getRequest()->getIP();
 		} else {
 			$ip = null;
@@ -1993,6 +1993,7 @@ class User implements IDBAccessObject {
 		global $wgAuth;
 		$authUser = $wgAuth->getUserInstance( $this );
 		$this->mLocked = (bool)$authUser->isLocked();
+		Hooks::run( 'UserIsLocked', array( $this, &$this->mLocked ) );
 		return $this->mLocked;
 	}
 
@@ -2010,6 +2011,7 @@ class User implements IDBAccessObject {
 			global $wgAuth;
 			$authUser = $wgAuth->getUserInstance( $this );
 			$this->mHideName = (bool)$authUser->isHidden();
+			Hooks::run( 'UserIsHidden', array( $this, &$this->mHideName ) );
 		}
 		return $this->mHideName;
 	}
@@ -2438,6 +2440,7 @@ class User implements IDBAccessObject {
 	 */
 	public function setInternalPassword( $str ) {
 		$this->setToken();
+		$this->setOption( 'watchlisttoken', false );
 
 		$passwordFactory = self::getPasswordFactory();
 		$this->mPassword = $passwordFactory->newFromPlaintext( $str );
@@ -2715,20 +2718,24 @@ class User implements IDBAccessObject {
 	 * @return string|bool User's current value for the option, or false if this option is disabled.
 	 * @see resetTokenFromOption()
 	 * @see getOption()
+	 * @deprecated 1.26 Applications should use the OAuth extension
 	 */
 	public function getTokenFromOption( $oname ) {
 		global $wgHiddenPrefs;
-		if ( in_array( $oname, $wgHiddenPrefs ) ) {
+
+		$id = $this->getId();
+		if ( !$id || in_array( $oname, $wgHiddenPrefs ) ) {
 			return false;
 		}
 
 		$token = $this->getOption( $oname );
 		if ( !$token ) {
-			$token = $this->resetTokenFromOption( $oname );
-			if ( !wfReadOnly() ) {
-				$this->saveSettings();
-			}
+			// Default to a value based on the user token to avoid space
+			// wasted on storing tokens for all users. When this option
+			// is set manually by the user, only then is it stored.
+			$token = hash_hmac( 'sha1', "$oname:$id", $this->getToken() );
 		}
+
 		return $token;
 	}
 
@@ -3704,14 +3711,6 @@ class User implements IDBAccessObject {
 		Hooks::run( 'UserSaveSettings', array( $this ) );
 		$this->clearSharedCache();
 		$this->getUserPage()->invalidateCache();
-
-		// T95839: clear the cache again post-commit to reduce race conditions
-		// where stale values are written back to the cache by other threads.
-		// Note: this *still* doesn't deal with REPEATABLE-READ snapshot lag...
-		$that = $this;
-		$dbw->onTransactionIdle( function() use ( $that ) {
-			$that->clearSharedCache();
-		} );
 	}
 
 	/**