X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=includes%2Fuser%2FUser.php;h=789c55c00e582e0b99db49bf957df49a4fc9205c;hb=f12a3edff708a1fb73a09d154693dba49b69d921;hp=00fc9be4c31c981c1a9d189c2eda83adf2abc929;hpb=75d8b6c6cd2b70d98242e1246678c12e973a5dfa;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/user/User.php b/includes/user/User.php
index 00fc9be4c3..789c55c00e 100644
--- a/includes/user/User.php
+++ b/includes/user/User.php
@@ -26,6 +26,7 @@ use MediaWiki\Session\Token;
 use MediaWiki\Auth\AuthManager;
 use MediaWiki\Auth\AuthenticationResponse;
 use MediaWiki\Auth\AuthenticationRequest;
+use Wikimedia\ScopedCallback;
 
 /**
  * String Some punctuation to prevent editing from broken text-mangling proxies.
@@ -165,7 +166,6 @@ class User implements IDBAccessObject {
 		'noratelimit',
 		'override-export-depth',
 		'pagelang',
-		'passwordreset',
 		'patrol',
 		'patrolmarks',
 		'protect',
@@ -300,6 +300,11 @@ class User implements IDBAccessObject {
 	/** @var integer User::READ_* constant bitfield used to load data */
 	protected $queryFlagsUsed = self::READ_NORMAL;
 
+	/** @var string Indicates type of block (used for eventlogging)
+	 * Permitted values: 'cookie-block', 'proxy-block', 'openproxy-block', 'xff-block'
+	 */
+	public $blockTrigger = false;
+
 	public static $idCacheByName = [];
 
 	/**
@@ -320,7 +325,7 @@ class User implements IDBAccessObject {
 	 * @return string
 	 */
 	public function __toString() {
-		return $this->getName();
+		return (string)$this->getName();
 	}
 
 	/**
@@ -1199,13 +1204,29 @@ class User implements IDBAccessObject {
 		$user = $session->getUser();
 		if ( $user->isLoggedIn() ) {
 			$this->loadFromUserObject( $user );
+
+			// If this user is autoblocked, set a cookie to track the Block. This has to be done on
+			// every session load, because an autoblocked editor might not edit again from the same
+			// IP address after being blocked.
+			$config = RequestContext::getMain()->getConfig();
+			if ( $config->get( 'CookieSetOnAutoblock' ) === true ) {
+				$block = $this->getBlock();
+				$shouldSetCookie = $this->getRequest()->getCookie( 'BlockID' ) === null
+					&& $block
+					&& $block->getType() === Block::TYPE_USER
+					&& $block->isAutoblocking();
+				if ( $shouldSetCookie ) {
+					wfDebug( __METHOD__ . ': User is autoblocked, setting cookie to track' );
+					$block->setCookie( $this->getRequest()->response() );
+				}
+			}
+
 			// Other code expects these to be set in the session, so set them.
 			$session->set( 'wsUserID', $this->getId() );
 			$session->set( 'wsUserName', $this->getName() );
 			$session->set( 'wsToken', $this->getToken() );
 			return true;
 		}
-
 		return false;
 	}
 
@@ -1608,6 +1629,31 @@ class User implements IDBAccessObject {
 		// User/IP blocking
 		$block = Block::newFromTarget( $this, $ip, !$bFromSlave );
 
+		// If no block has been found, check for a cookie indicating that the user is blocked.
+		$blockCookieVal = (int)$this->getRequest()->getCookie( 'BlockID' );
+		if ( !$block instanceof Block && $blockCookieVal > 0 ) {
+			// Load the Block from the ID in the cookie.
+			$tmpBlock = Block::newFromID( $blockCookieVal );
+			if ( $tmpBlock instanceof Block ) {
+				// Check the validity of the block.
+				$blockIsValid = $tmpBlock->getType() == Block::TYPE_USER
+					&& !$tmpBlock->isExpired()
+					&& $tmpBlock->isAutoblocking();
+				$config = RequestContext::getMain()->getConfig();
+				$useBlockCookie = ( $config->get( 'CookieSetOnAutoblock' ) === true );
+				if ( $blockIsValid && $useBlockCookie ) {
+					// Use the block.
+					$block = $tmpBlock;
+					$this->blockTrigger = 'cookie-block';
+				} else {
+					// If the block is not valid, clear the block cookie (but don't delete it,
+					// because it needs to be cleared from LocalStorage as well and an empty string
+					// value is checked for in the mediawiki.user.blockcookie module).
+					$block->setCookie( $this->getRequest()->response(), true );
+				}
+			}
+		}
+
 		// Proxy blocking
 		if ( !$block instanceof Block && $ip !== null && !in_array( $ip, $wgProxyWhitelist ) ) {
 			// Local list
@@ -1616,11 +1662,13 @@ class User implements IDBAccessObject {
 				$block->setBlocker( wfMessage( 'proxyblocker' )->text() );
 				$block->mReason = wfMessage( 'proxyblockreason' )->text();
 				$block->setTarget( $ip );
+				$this->blockTrigger = 'proxy-block';
 			} elseif ( $this->isAnon() && $this->isDnsBlacklisted( $ip ) ) {
 				$block = new Block;
 				$block->setBlocker( wfMessage( 'sorbs' )->text() );
 				$block->mReason = wfMessage( 'sorbsreason' )->text();
 				$block->setTarget( $ip );
+				$this->blockTrigger = 'openproxy-block';
 			}
 		}
 
@@ -1639,6 +1687,7 @@ class User implements IDBAccessObject {
 				# Mangle the reason to alert the user that the block
 				# originated from matching the X-Forwarded-For header.
 				$block->mReason = wfMessage( 'xffblockreason', $block->mReason )->text();
+				$this->blockTrigger = 'xff-block';
 			}
 		}
 
@@ -1653,11 +1702,11 @@ class User implements IDBAccessObject {
 			$this->mBlockedby = '';
 			$this->mHideName = 0;
 			$this->mAllowUsertalk = false;
+			$this->blockTrigger = false;
 		}
 
 		// Extensions
 		Hooks::run( 'GetBlockedStatus', [ &$this ] );
-
 	}
 
 	/**
@@ -1689,9 +1738,8 @@ class User implements IDBAccessObject {
 	 * @return bool True if blacklisted.
 	 */
 	public function inDnsBlacklist( $ip, $bases ) {
-
 		$found = false;
-		// @todo FIXME: IPv6 ???  (http://bugs.php.net/bug.php?id=33170)
+		// @todo FIXME: IPv6 ???  (https://bugs.php.net/bug.php?id=33170)
 		if ( IP::isIPv4( $ip ) ) {
 			// Reverse IP, bug 21255
 			$ipReversed = implode( '.', array_reverse( explode( '.', $ip ) ) );