dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Removed usage of $wgUser in block and unblock processing:
[lhc/web/wiklou.git] / includes / specials / SpecialBlock.php
1 <?php
2 /**
3 * Implements Special:Block
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 /**
25 * A special page that allows users with 'block' right to block users from
26 * editing pages and other actions
27 *
28 * @ingroup SpecialPage
29 */
30 class SpecialBlock extends SpecialPage {
31 /** The maximum number of edits a user can have and still be hidden
32 * TODO: config setting? */
33 const HIDEUSER_CONTRIBLIMIT = 1000;
34
35 /** @var User user to be blocked, as passed either by parameter (url?wpTarget=Foo)
36 * or as subpage (Special:Block/Foo) */
37 protected $target;
38
39 /// @var Block::TYPE_ constant
40 protected $type;
41
42 /// @var User|String the previous block target
43 protected $previousTarget;
44
45 /// @var Bool whether the previous submission of the form asked for HideUser
46 protected $requestedHideUser;
47
48 /// @var Bool
49 protected $alreadyBlocked;
50
51 /// @var Array
52 protected $preErrors = array();
53
54 public function __construct() {
55 parent::__construct( 'Block', 'block' );
56 }
57
58 public function execute( $par ) {
59 # Permission check
60 $user = $this->getUser();
61 if( !$this->userCanExecute( $user ) ) {
62 $this->displayRestrictionError();
63 return;
64 }
65
66 # Can't block when the database is locked
67 if( wfReadOnly() ) {
68 throw new ReadOnlyError;
69 }
70
71 # Extract variables from the request. Try not to get into a situation where we
72 # need to extract *every* variable from the form just for processing here, but
73 # there are legitimate uses for some variables
74 $request = $this->getRequest();
75 list( $this->target, $this->type ) = self::getTargetAndType( $par, $request );
76 if ( $this->target instanceof User ) {
77 # Set the 'relevant user' in the skin, so it displays links like Contributions,
78 # User logs, UserRights, etc.
79 $this->getSkin()->setRelevantUser( $this->target );
80 }
81
82 list( $this->previousTarget, /*...*/ ) = Block::parseTarget( $request->getVal( 'wpPreviousTarget' ) );
83 $this->requestedHideUser = $request->getBool( 'wpHideUser' );
84
85 # bug 15810: blocked admins should have limited access here
86 $status = self::checkUnblockSelf( $this->target, $user );
87 if ( $status !== true ) {
88 throw new ErrorPageError( 'badaccess', $status );
89 }
90
91 $this->setHeaders();
92 $this->outputHeader();
93
94 $out = $this->getOutput();
95 $out->setPageTitle( $this->msg( 'blockip-title' ) );
96 $out->addModules( array( 'mediawiki.special', 'mediawiki.special.block' ) );
97
98 $fields = $this->getFormFields();
99 $this->maybeAlterFormDefaults( $fields );
100
101 $form = new HTMLForm( $fields, $this->getContext() );
102 $form->setWrapperLegend( wfMsg( 'blockip-legend' ) );
103 $form->setSubmitCallback( array( __CLASS__, 'processUIForm' ) );
104
105 $t = $this->alreadyBlocked
106 ? wfMsg( 'ipb-change-block' )
107 : wfMsg( 'ipbsubmit' );
108 $form->setSubmitText( $t );
109
110 $this->doPreText( $form );
111 $this->doHeadertext( $form );
112 $this->doPostText( $form );
113
114 if( $form->show() ){
115 $out->setPageTitle( $this->msg( 'blockipsuccesssub' ) );
116 $out->addWikiMsg( 'blockipsuccesstext', $this->target );
117 }
118 }
119
120 /**
121 * Get the HTMLForm descriptor array for the block form
122 * @return Array
123 */
124 protected function getFormFields(){
125 global $wgBlockAllowsUTEdit;
126
127 $user = $this->getUser();
128
129 $a = array(
130 'Target' => array(
131 'type' => 'text',
132 'label-message' => 'ipadressorusername',
133 'tabindex' => '1',
134 'id' => 'mw-bi-target',
135 'size' => '45',
136 'required' => true,
137 'validation-callback' => array( __CLASS__, 'validateTargetField' ),
138 ),
139 'Expiry' => array(
140 'type' => !count( self::getSuggestedDurations() ) ? 'text' : 'selectorother',
141 'label-message' => 'ipbexpiry',
142 'required' => true,
143 'tabindex' => '2',
144 'options' => self::getSuggestedDurations(),
145 'other' => wfMsg( 'ipbother' ),
146 ),
147 'Reason' => array(
148 'type' => 'selectandother',
149 'label-message' => 'ipbreason',
150 'options-message' => 'ipbreason-dropdown',
151 ),
152 'CreateAccount' => array(
153 'type' => 'check',
154 'label-message' => 'ipbcreateaccount',
155 'default' => true,
156 ),
157 );
158
159 if( self::canBlockEmail( $user ) ) {
160 $a['DisableEmail'] = array(
161 'type' => 'check',
162 'label-message' => 'ipbemailban',
163 );
164 }
165
166 if( $wgBlockAllowsUTEdit ){
167 $a['DisableUTEdit'] = array(
168 'type' => 'check',
169 'label-message' => 'ipb-disableusertalk',
170 'default' => false,
171 );
172 }
173
174 $a['AutoBlock'] = array(
175 'type' => 'check',
176 'label-message' => 'ipbenableautoblock',
177 'default' => true,
178 );
179
180 # Allow some users to hide name from block log, blocklist and listusers
181 if( $user->isAllowed( 'hideuser' ) ) {
182 $a['HideUser'] = array(
183 'type' => 'check',
184 'label-message' => 'ipbhidename',
185 'cssclass' => 'mw-block-hideuser',
186 );
187 }
188
189 # Watchlist their user page? (Only if user is logged in)
190 if( $user->isLoggedIn() ) {
191 $a['Watch'] = array(
192 'type' => 'check',
193 'label-message' => 'ipbwatchuser',
194 );
195 }
196
197 $a['HardBlock'] = array(
198 'type' => 'check',
199 'label-message' => 'ipb-hardblock',
200 'default' => false,
201 );
202
203 # This is basically a copy of the Target field, but the user can't change it, so we
204 # can see if the warnings we maybe showed to the user before still apply
205 $a['PreviousTarget'] = array(
206 'type' => 'hidden',
207 'default' => false,
208 );
209
210 # We'll turn this into a checkbox if we need to
211 $a['Confirm'] = array(
212 'type' => 'hidden',
213 'default' => '',
214 'label-message' => 'ipb-confirm',
215 );
216
217 return $a;
218 }
219
220 /**
221 * If the user has already been blocked with similar settings, load that block
222 * and change the defaults for the form fields to match the existing settings.
223 * @param &$fields Array HTMLForm descriptor array
224 * @return Bool whether fields were altered (that is, whether the target is
225 * already blocked)
226 */
227 protected function maybeAlterFormDefaults( &$fields ){
228 # This will be overwritten by request data
229 $fields['Target']['default'] = (string)$this->target;
230
231 # This won't be
232 $fields['PreviousTarget']['default'] = (string)$this->target;
233
234 $block = Block::newFromTarget( $this->target );
235
236 if( $block instanceof Block && !$block->mAuto # The block exists and isn't an autoblock
237 && ( $this->type != Block::TYPE_RANGE # The block isn't a rangeblock
238 || $block->getTarget() == $this->target ) # or if it is, the range is what we're about to block
239 )
240 {
241 $fields['HardBlock']['default'] = $block->isHardblock();
242 $fields['CreateAccount']['default'] = $block->prevents( 'createaccount' );
243 $fields['AutoBlock']['default'] = $block->isAutoblocking();
244
245 if( isset( $fields['DisableEmail'] ) ){
246 $fields['DisableEmail']['default'] = $block->prevents( 'sendemail' );
247 }
248
249 if( isset( $fields['HideUser'] ) ){
250 $fields['HideUser']['default'] = $block->mHideName;
251 }
252
253 if( isset( $fields['DisableUTEdit'] ) ){
254 $fields['DisableUTEdit']['default'] = $block->prevents( 'editownusertalk' );
255 }
256
257 $fields['Reason']['default'] = $block->mReason;
258
259 if( $this->getRequest()->wasPosted() ){
260 # Ok, so we got a POST submission asking us to reblock a user. So show the
261 # confirm checkbox; the user will only see it if they haven't previously
262 $fields['Confirm']['type'] = 'check';
263 } else {
264 # We got a target, but it wasn't a POST request, so the user must have gone
265 # to a link like [[Special:Block/User]]. We don't need to show the checkbox
266 # as long as they go ahead and block *that* user
267 $fields['Confirm']['default'] = 1;
268 }
269
270 if( $block->mExpiry == 'infinity' ) {
271 $fields['Expiry']['default'] = 'indefinite';
272 } else {
273 $fields['Expiry']['default'] = wfTimestamp( TS_RFC2822, $block->mExpiry );
274 }
275
276 $this->alreadyBlocked = true;
277 $this->preErrors[] = array( 'ipb-needreblock', (string)$block->getTarget() );
278 }
279
280 # We always need confirmation to do HideUser
281 if( $this->requestedHideUser ){
282 $fields['Confirm']['type'] = 'check';
283 unset( $fields['Confirm']['default'] );
284 $this->preErrors[] = 'ipb-confirmhideuser';
285 }
286
287 # Or if the user is trying to block themselves
288 if( (string)$this->target === $this->getUser()->getName() ){
289 $fields['Confirm']['type'] = 'check';
290 unset( $fields['Confirm']['default'] );
291 $this->preErrors[] = 'ipb-blockingself';
292 }
293 }
294
295 /**
296 * Add header elements like block log entries, etc.
297 * @param $form HTMLForm
298 * @return void
299 */
300 protected function doPreText( HTMLForm &$form ){
301 $form->addPreText( wfMsgExt( 'blockiptext', 'parse' ) );
302
303 $otherBlockMessages = array();
304 if( $this->target !== null ) {
305 # Get other blocks, i.e. from GlobalBlocking or TorBlock extension
306 wfRunHooks( 'OtherBlockLogLink', array( &$otherBlockMessages, $this->target ) );
307
308 if( count( $otherBlockMessages ) ) {
309 $s = Html::rawElement(
310 'h2',
311 array(),
312 wfMsgExt( 'ipb-otherblocks-header', 'parseinline', count( $otherBlockMessages ) )
313 ) . "\n";
314
315 $list = '';
316
317 foreach( $otherBlockMessages as $link ) {
318 $list .= Html::rawElement( 'li', array(), $link ) . "\n";
319 }
320
321 $s .= Html::rawElement(
322 'ul',
323 array( 'class' => 'mw-blockip-alreadyblocked' ),
324 $list
325 ) . "\n";
326
327 $form->addPreText( $s );
328 }
329 }
330 }
331
332 /**
333 * Add header text inside the form, just underneath where the errors would go
334 * @param $form HTMLForm
335 * @return void
336 */
337 protected function doHeaderText( HTMLForm &$form ){
338 # Don't need to do anything if the form has been posted
339 if( !$this->getRequest()->wasPosted() && $this->preErrors ){
340 $s = HTMLForm::formatErrors( $this->preErrors );
341 if( $s ){
342 $form->addHeaderText( Html::rawElement(
343 'div',
344 array( 'class' => 'error' ),
345 $s
346 ) );
347 }
348 }
349 }
350
351 /**
352 * Add footer elements to the form
353 * @param $form HTMLForm
354 * @return void
355 */
356 protected function doPostText( HTMLForm &$form ){
357 # Link to the user's contributions, if applicable
358 if( $this->target instanceof User ){
359 $contribsPage = SpecialPage::getTitleFor( 'Contributions', $this->target->getName() );
360 $links[] = Linker::link(
361 $contribsPage,
362 wfMsgExt( 'ipb-blocklist-contribs', 'escape', $this->target->getName() )
363 );
364 }
365
366 # Link to unblock the specified user, or to a blank unblock form
367 if( $this->target instanceof User ) {
368 $message = wfMsgExt( 'ipb-unblock-addr', array( 'parseinline' ), $this->target->getName() );
369 $list = SpecialPage::getTitleFor( 'Unblock', $this->target->getName() );
370 } else {
371 $message = wfMsgExt( 'ipb-unblock', array( 'parseinline' ) );
372 $list = SpecialPage::getTitleFor( 'Unblock' );
373 }
374 $links[] = Linker::linkKnown( $list, $message, array() );
375
376 # Link to the block list
377 $links[] = Linker::linkKnown(
378 SpecialPage::getTitleFor( 'BlockList' ),
379 wfMsg( 'ipb-blocklist' )
380 );
381
382 $user = $this->getUser();
383
384 # Link to edit the block dropdown reasons, if applicable
385 if ( $user->isAllowed( 'editinterface' ) ) {
386 $links[] = Linker::link(
387 Title::makeTitle( NS_MEDIAWIKI, 'Ipbreason-dropdown' ),
388 wfMsgHtml( 'ipb-edit-dropdown' ),
389 array(),
390 array( 'action' => 'edit' )
391 );
392 }
393
394 $form->addPostText( Html::rawElement(
395 'p',
396 array( 'class' => 'mw-ipb-conveniencelinks' ),
397 $this->getLang()->pipeList( $links )
398 ) );
399
400 if( $this->target instanceof User ){
401 # Get relevant extracts from the block and suppression logs, if possible
402 $userpage = $this->target->getUserPage();
403 $out = '';
404
405 LogEventsList::showLogExtract(
406 $out,
407 'block',
408 $userpage,
409 '',
410 array(
411 'lim' => 10,
412 'msgKey' => array( 'blocklog-showlog', $userpage->getText() ),
413 'showIfEmpty' => false
414 )
415 );
416 $form->addPostText( $out );
417
418 # Add suppression block entries if allowed
419 if( $user->isAllowed( 'suppressionlog' ) ) {
420 LogEventsList::showLogExtract(
421 $out,
422 'suppress',
423 $userpage,
424 '',
425 array(
426 'lim' => 10,
427 'conds' => array( 'log_action' => array( 'block', 'reblock', 'unblock' ) ),
428 'msgKey' => array( 'blocklog-showsuppresslog', $userpage->getText() ),
429 'showIfEmpty' => false
430 )
431 );
432
433 $form->addPostText( $out );
434 }
435 }
436 }
437
438 /**
439 * Determine the target of the block, and the type of target
440 * TODO: should be in Block.php?
441 * @param $par String subpage parameter passed to setup, or data value from
442 * the HTMLForm
443 * @param $request WebRequest optionally try and get data from a request too
444 * @return array( User|string|null, Block::TYPE_ constant|null )
445 */
446 public static function getTargetAndType( $par, WebRequest $request = null ){
447 $i = 0;
448 $target = null;
449
450 while( true ){
451 switch( $i++ ){
452 case 0:
453 # The HTMLForm will check wpTarget first and only if it doesn't get
454 # a value use the default, which will be generated from the options
455 # below; so this has to have a higher precedence here than $par, or
456 # we could end up with different values in $this->target and the HTMLForm!
457 if( $request instanceof WebRequest ){
458 $target = $request->getText( 'wpTarget', null );
459 }
460 break;
461 case 1:
462 $target = $par;
463 break;
464 case 2:
465 if( $request instanceof WebRequest ){
466 $target = $request->getText( 'ip', null );
467 }
468 break;
469 case 3:
470 # B/C @since 1.18
471 if( $request instanceof WebRequest ){
472 $target = $request->getText( 'wpBlockAddress', null );
473 }
474 break;
475 case 4:
476 break 2;
477 }
478
479 list( $target, $type ) = Block::parseTarget( $target );
480
481 if( $type !== null ){
482 return array( $target, $type );
483 }
484 }
485
486 return array( null, null );
487 }
488
489 /**
490 * HTMLForm field validation-callback for Target field.
491 * @since 1.18
492 * @param $value String
493 * @param $alldata Array
494 * @return Message
495 */
496 public static function validateTargetField( $value, $alldata, $form ) {
497 global $wgBlockCIDRLimit;
498
499 list( $target, $type ) = self::getTargetAndType( $value );
500
501 if( $type == Block::TYPE_USER ){
502 # TODO: why do we not have a User->exists() method?
503 if( !$target->getId() ){
504 return $form->msg( 'nosuchusershort',
505 wfEscapeWikiText( $target->getName() ) );
506 }
507
508 $status = self::checkUnblockSelf( $target, $form->getUser() );
509 if ( $status !== true ) {
510 return $form->msg( 'badaccess', $status );
511 }
512
513 } elseif( $type == Block::TYPE_RANGE ){
514 list( $ip, $range ) = explode( '/', $target, 2 );
515
516 if( ( IP::isIPv4( $ip ) && $wgBlockCIDRLimit['IPv4'] == 32 )
517 || ( IP::isIPv6( $ip ) && $wgBlockCIDRLimit['IPv6'] == 128 ) )
518 {
519 # Range block effectively disabled
520 return $form->msg( 'range_block_disabled' );
521 }
522
523 if( ( IP::isIPv4( $ip ) && $range > 32 )
524 || ( IP::isIPv6( $ip ) && $range > 128 ) )
525 {
526 # Dodgy range
527 return $form->msg( 'ip_range_invalid' );
528 }
529
530 if( IP::isIPv4( $ip ) && $range < $wgBlockCIDRLimit['IPv4'] ) {
531 return $form->msg( 'ip_range_toolarge', $wgBlockCIDRLimit['IPv4'] );
532 }
533
534 if( IP::isIPv6( $ip ) && $range < $wgBlockCIDRLimit['IPv6'] ) {
535 return $form->msg( 'ip_range_toolarge', $wgBlockCIDRLimit['IPv6'] );
536 }
537 } elseif( $type == Block::TYPE_IP ){
538 # All is well
539 } else {
540 return $form->msg( 'badipaddress' );
541 }
542
543 return true;
544 }
545
546 /**
547 * Submit callback for an HTMLForm object, will simply pass
548 */
549 public static function processUIForm( array $data, HTMLForm $form ) {
550 return self::processForm( $data, $form->getContext() );
551 }
552
553 /**
554 * Given the form data, actually implement a block
555 * @param $data Array
556 * @return Bool|String
557 */
558 public static function processForm( array $data, IContextSource $context ){
559 global $wgBlockAllowsUTEdit;
560
561 $performer = $context->getUser();
562
563 // Handled by field validator callback
564 // self::validateTargetField( $data['Target'] );
565
566 # This might have been a hidden field or a checkbox, so interesting data
567 # can come from it
568 $data['Confirm'] = !in_array( $data['Confirm'], array( '', '0', null, false ), true );
569
570 list( $target, $type ) = self::getTargetAndType( $data['Target'] );
571 if( $type == Block::TYPE_USER ){
572 $user = $target;
573 $target = $user->getName();
574 $userId = $user->getId();
575
576 # Give admins a heads-up before they go and block themselves. Much messier
577 # to do this for IPs, but it's pretty unlikely they'd ever get the 'block'
578 # permission anyway, although the code does allow for it
579 if( $target === $performer->getName() &&
580 ( $data['PreviousTarget'] !== $data['Target'] || !$data['Confirm'] ) )
581 {
582 return array( 'ipb-blockingself' );
583 }
584 } elseif( $type == Block::TYPE_RANGE ){
585 $userId = 0;
586 } elseif( $type == Block::TYPE_IP ){
587 $target = $target->getName();
588 $userId = 0;
589 } else {
590 # This should have been caught in the form field validation
591 return array( 'badipaddress' );
592 }
593
594 if( ( strlen( $data['Expiry'] ) == 0) || ( strlen( $data['Expiry'] ) > 50 )
595 || !self::parseExpiryInput( $data['Expiry'] ) )
596 {
597 return array( 'ipb_expiry_invalid' );
598 }
599
600 if( !isset( $data['DisableEmail'] ) ){
601 $data['DisableEmail'] = false;
602 }
603
604 # If the user has done the form 'properly', they won't even have been given the
605 # option to suppress-block unless they have the 'hideuser' permission
606 if( !isset( $data['HideUser'] ) ){
607 $data['HideUser'] = false;
608 }
609
610 if( $data['HideUser'] ) {
611 if( !$performer->isAllowed('hideuser') ){
612 # this codepath is unreachable except by a malicious user spoofing forms,
613 # or by race conditions (user has oversight and sysop, loads block form,
614 # and is de-oversighted before submission); so need to fail completely
615 # rather than just silently disable hiding
616 return array( 'badaccess-group0' );
617 }
618
619 # Recheck params here...
620 if( $type != Block::TYPE_USER ) {
621 $data['HideUser'] = false; # IP users should not be hidden
622 } elseif( !in_array( $data['Expiry'], array( 'infinite', 'infinity', 'indefinite' ) ) ) {
623 # Bad expiry.
624 return array( 'ipb_expiry_temp' );
625 } elseif( $user->getEditCount() > self::HIDEUSER_CONTRIBLIMIT ) {
626 # Typically, the user should have a handful of edits.
627 # Disallow hiding users with many edits for performance.
628 return array( 'ipb_hide_invalid' );
629 } elseif( !$data['Confirm'] ){
630 return array( 'ipb-confirmhideuser' );
631 }
632 }
633
634 # Create block object.
635 $block = new Block();
636 $block->setTarget( $target );
637 $block->setBlocker( $performer );
638 $block->mReason = $data['Reason'][0];
639 $block->mExpiry = self::parseExpiryInput( $data['Expiry'] );
640 $block->prevents( 'createaccount', $data['CreateAccount'] );
641 $block->prevents( 'editownusertalk', ( !$wgBlockAllowsUTEdit || $data['DisableUTEdit'] ) );
642 $block->prevents( 'sendemail', $data['DisableEmail'] );
643 $block->isHardblock( $data['HardBlock'] );
644 $block->isAutoblocking( $data['AutoBlock'] );
645 $block->mHideName = $data['HideUser'];
646
647 if( !wfRunHooks( 'BlockIp', array( &$block, &$performer ) ) ) {
648 return array( 'hookaborted' );
649 }
650
651 # Try to insert block. Is there a conflicting block?
652 $status = $block->insert();
653 if( !$status ) {
654 # Show form unless the user is already aware of this...
655 if( !$data['Confirm'] || ( array_key_exists( 'PreviousTarget', $data )
656 && $data['PreviousTarget'] !== $target ) )
657 {
658 return array( array( 'ipb_already_blocked', $block->getTarget() ) );
659 # Otherwise, try to update the block...
660 } else {
661 # This returns direct blocks before autoblocks/rangeblocks, since we should
662 # be sure the user is blocked by now it should work for our purposes
663 $currentBlock = Block::newFromTarget( $target );
664
665 if( $block->equals( $currentBlock ) ) {
666 return array( array( 'ipb_already_blocked', $block->getTarget() ) );
667 }
668
669 # If the name was hidden and the blocking user cannot hide
670 # names, then don't allow any block changes...
671 if( $currentBlock->mHideName && !$performer->isAllowed( 'hideuser' ) ) {
672 return array( 'cant-see-hidden-user' );
673 }
674
675 $currentBlock->delete();
676 $status = $block->insert();
677 $logaction = 'reblock';
678
679 # Unset _deleted fields if requested
680 if( $currentBlock->mHideName && !$data['HideUser'] ) {
681 RevisionDeleteUser::unsuppressUserName( $target, $userId );
682 }
683
684 # If hiding/unhiding a name, this should go in the private logs
685 if( (bool)$currentBlock->mHideName ){
686 $data['HideUser'] = true;
687 }
688 }
689 } else {
690 $logaction = 'block';
691 }
692
693 wfRunHooks( 'BlockIpComplete', array( $block, $performer ) );
694
695 # Set *_deleted fields if requested
696 if( $data['HideUser'] ) {
697 RevisionDeleteUser::suppressUserName( $target, $userId );
698 }
699
700 # Can't watch a rangeblock
701 if( $type != Block::TYPE_RANGE && $data['Watch'] ) {
702 $performer->addWatch( Title::makeTitle( NS_USER, $target ) );
703 }
704
705 # Block constructor sanitizes certain block options on insert
706 $data['BlockEmail'] = $block->prevents( 'sendemail' );
707 $data['AutoBlock'] = $block->isAutoblocking();
708
709 # Prepare log parameters
710 $logParams = array();
711 $logParams[] = $data['Expiry'];
712 $logParams[] = self::blockLogFlags( $data, $type );
713
714 # Make log entry, if the name is hidden, put it in the oversight log
715 $log_type = $data['HideUser'] ? 'suppress' : 'block';
716 $log = new LogPage( $log_type );
717 $log_id = $log->addEntry(
718 $logaction,
719 Title::makeTitle( NS_USER, $target ),
720 $data['Reason'][0],
721 $logParams
722 );
723 # Relate log ID to block IDs (bug 25763)
724 $blockIds = array_merge( array( $status['id'] ), $status['autoIds'] );
725 $log->addRelations( 'ipb_id', $blockIds, $log_id );
726
727 # Report to the user
728 return true;
729 }
730
731 /**
732 * Get an array of suggested block durations from MediaWiki:Ipboptions
733 * @todo FIXME: This uses a rather odd syntax for the options, should it be converted
734 * to the standard "**<duration>|<displayname>" format?
735 * @param $lang Language|null the language to get the durations in, or null to use
736 * the wiki's content language
737 * @return Array
738 */
739 public static function getSuggestedDurations( $lang = null ){
740 $a = array();
741 $msg = $lang === null
742 ? wfMessage( 'ipboptions' )->inContentLanguage()->text()
743 : wfMessage( 'ipboptions' )->inLanguage( $lang )->text();
744
745 if( $msg == '-' ){
746 return array();
747 }
748
749 foreach( explode( ',', $msg ) as $option ) {
750 if( strpos( $option, ':' ) === false ){
751 $option = "$option:$option";
752 }
753
754 list( $show, $value ) = explode( ':', $option );
755 $a[htmlspecialchars( $show )] = htmlspecialchars( $value );
756 }
757
758 return $a;
759 }
760
761 /**
762 * Convert a submitted expiry time, which may be relative ("2 weeks", etc) or absolute
763 * ("24 May 2034", etc), into an absolute timestamp we can put into the database.
764 * @param $expiry String: whatever was typed into the form
765 * @return String: timestamp or "infinity" string for the DB implementation
766 */
767 public static function parseExpiryInput( $expiry ) {
768 static $infinity;
769 if( $infinity == null ){
770 $infinity = wfGetDB( DB_SLAVE )->getInfinity();
771 }
772
773 if ( $expiry == 'infinite' || $expiry == 'indefinite' ) {
774 $expiry = $infinity;
775 } else {
776 $expiry = strtotime( $expiry );
777
778 if ( $expiry < 0 || $expiry === false ) {
779 return false;
780 }
781
782 $expiry = wfTimestamp( TS_MW, $expiry );
783 }
784
785 return $expiry;
786 }
787
788 /**
789 * Can we do an email block?
790 * @param $user User: the sysop wanting to make a block
791 * @return Boolean
792 */
793 public static function canBlockEmail( $user ) {
794 global $wgEnableUserEmail, $wgSysopEmailBans;
795
796 return ( $wgEnableUserEmail && $wgSysopEmailBans && $user->isAllowed( 'blockemail' ) );
797 }
798
799 /**
800 * bug 15810: blocked admins should not be able to block/unblock
801 * others, and probably shouldn't be able to unblock themselves
802 * either.
803 * @param $user User|Int|String
804 * @param $performer User user doing the request
805 * @return Bool|String true or error message key
806 */
807 public static function checkUnblockSelf( $user, User $performer ) {
808 if ( is_int( $user ) ) {
809 $user = User::newFromId( $user );
810 } elseif ( is_string( $user ) ) {
811 $user = User::newFromName( $user );
812 }
813
814 if( $performer->isBlocked() ){
815 if( $user instanceof User && $user->getId() == $performer->getId() ) {
816 # User is trying to unblock themselves
817 if ( $performer->isAllowed( 'unblockself' ) ) {
818 return true;
819 # User blocked themselves and is now trying to reverse it
820 } elseif ( $performer->blockedBy() === $performer->getName() ) {
821 return true;
822 } else {
823 return 'ipbnounblockself';
824 }
825 } else {
826 # User is trying to block/unblock someone else
827 return 'ipbblocked';
828 }
829 } else {
830 return true;
831 }
832 }
833
834 /**
835 * Return a comma-delimited list of "flags" to be passed to the log
836 * reader for this block, to provide more information in the logs
837 * @param $data Array from HTMLForm data
838 * @param $type Block::TYPE_ constant (USER, RANGE, or IP)
839 * @return array
840 */
841 protected static function blockLogFlags( array $data, $type ) {
842 global $wgBlockAllowsUTEdit;
843 $flags = array();
844
845 # when blocking a user the option 'anononly' is not available/has no effect -> do not write this into log
846 if( !$data['HardBlock'] && $type != Block::TYPE_USER ){
847 // For grepping: message block-log-flags-anononly
848 $flags[] = 'anononly';
849 }
850
851 if( $data['CreateAccount'] ){
852 // For grepping: message block-log-flags-nocreate
853 $flags[] = 'nocreate';
854 }
855
856 # Same as anononly, this is not displayed when blocking an IP address
857 if( !$data['AutoBlock'] && $type == Block::TYPE_USER ){
858 // For grepping: message block-log-flags-noautoblock
859 $flags[] = 'noautoblock';
860 }
861
862 if( $data['DisableEmail'] ){
863 // For grepping: message block-log-flags-noemail
864 $flags[] = 'noemail';
865 }
866
867 if( $wgBlockAllowsUTEdit && $data['DisableUTEdit'] ){
868 // For grepping: message block-log-flags-nousertalk
869 $flags[] = 'nousertalk';
870 }
871
872 if( $data['HideUser'] ){
873 // For grepping: message block-log-flags-hiddenname
874 $flags[] = 'hiddenname';
875 }
876
877 return implode( ',', $flags );
878 }
879 }
880
881 # BC @since 1.18
882 class IPBlockForm extends SpecialBlock {}
Wiklou, le Wiki du Wiklou