X-Git-Url: https://git.cyclocoop.org/%27.WWW_URL.%27admin/?a=blobdiff_plain;f=includes%2Fspecials%2FSpecialBlock.php;h=299d758435f07c6fbc54b17c4c6643f6bce328d3;hb=4eb5827a1f680feb1e92d6bd52ac84c7c4c1d488;hp=36a050f12f6988151fcd4d1991e7b712de9f2141;hpb=6dbcdc1be097167c25a9b9a95956a9b765204216;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/specials/SpecialBlock.php b/includes/specials/SpecialBlock.php index 36a050f12f..299d758435 100644 --- a/includes/specials/SpecialBlock.php +++ b/includes/specials/SpecialBlock.php @@ -40,9 +40,18 @@ class SpecialBlock extends SpecialPage { /// @var Block::TYPE_ constant protected $type; + /// @var User|String the previous block target + protected $previousTarget; + + /// @var Bool whether the previous submission of the form asked for HideUser + protected $requestedHideUser; + /// @var Bool protected $alreadyBlocked; + /// @var Array + protected $preErrors = array(); + public function __construct() { parent::__construct( 'Block', 'block' ); } @@ -71,6 +80,9 @@ class SpecialBlock extends SpecialPage { $wgUser->getSkin()->setRelevantUser( $this->target ); } + list( $this->previousTarget, /*...*/ ) = Block::parseTarget( $wgRequest->getVal( 'wpPreviousTarget' ) ); + $this->requestedHideUser = $wgRequest->getBool( 'wpHideUser' ); + # bug 15810: blocked admins should have limited access here $status = self::checkUnblockSelf( $this->target ); if ( $status !== true ) { @@ -81,10 +93,9 @@ class SpecialBlock extends SpecialPage { $wgOut->addModules( 'mediawiki.special', 'mediawiki.special.block' ); $fields = self::getFormFields(); - $this->alreadyBlocked = $this->maybeAlterFormDefaults( $fields ); + $this->maybeAlterFormDefaults( $fields ); - $form = new HTMLForm( $fields ); - $form->setTitle( $this->getTitle() ); + $form = new HTMLForm( $fields, $this->getContext() ); $form->setWrapperLegend( wfMsg( 'blockip-legend' ) ); $form->setSubmitCallback( array( __CLASS__, 'processForm' ) ); @@ -94,6 +105,7 @@ class SpecialBlock extends SpecialPage { $form->setSubmitText( $t ); $this->doPreText( $form ); + $this->doHeadertext( $form ); $this->doPostText( $form ); if( $form->show() ){ @@ -183,11 +195,20 @@ class SpecialBlock extends SpecialPage { 'default' => false, ); - $a['AlreadyBlocked'] = array( + # This is basically a copy of the Target field, but the user can't change it, so we + # can see if the warnings we maybe showed to the user before still apply + $a['PreviousTarget'] = array( 'type' => 'hidden', 'default' => false, ); + # We'll turn this into a checkbox if we need to + $a['Confirm'] = array( + 'type' => 'hidden', + 'default' => '', + 'label-message' => 'ipb-confirm', + ); + return $a; } @@ -199,8 +220,14 @@ class SpecialBlock extends SpecialPage { * already blocked) */ protected function maybeAlterFormDefaults( &$fields ){ + global $wgRequest, $wgUser; + + # This will be overwritten by request data $fields['Target']['default'] = (string)$this->target; + # This won't be + $fields['PreviousTarget']['default'] = (string)$this->target; + $block = Block::newFromTarget( $this->target ); if( $block instanceof Block && !$block->mAuto # The block exists and isn't an autoblock @@ -221,7 +248,17 @@ class SpecialBlock extends SpecialPage { $fields['DisableUTEdit']['default'] = $block->prevents( 'editownusertalk' ); } $fields['Reason']['default'] = $block->mReason; - $fields['AlreadyBlocked']['default'] = true; + + if( $wgRequest->wasPosted() ){ + # Ok, so we got a POST submission asking us to reblock a user. So show the + # confirm checkbox; the user will only see it if they haven't previously + $fields['Confirm']['type'] = 'check'; + } else { + # We got a target, but it wasn't a POST request, so the user must have gone + # to a link like [[Special:Block/User]]. We don't need to show the checkbox + # as long as they go ahead and block *that* user + $fields['Confirm']['default'] = 1; + } if( $block->mExpiry == 'infinity' ) { $fields['Expiry']['default'] = 'indefinite'; @@ -229,9 +266,23 @@ class SpecialBlock extends SpecialPage { $fields['Expiry']['default'] = wfTimestamp( TS_RFC2822, $block->mExpiry ); } - return true; + $this->alreadyBlocked = true; + $this->preErrors[] = array( 'ipb-needreblock', (string)$block->getTarget() ); + } + + # We always need confirmation to do HideUser + if( $this->requestedHideUser ){ + $fields['Confirm']['type'] = 'check'; + unset( $fields['Confirm']['default'] ); + $this->preErrors[] = 'ipb-confirmhideuser'; + } + + # Or if the user is trying to block themselves + if( (string)$this->target === $wgUser->getName() ){ + $fields['Confirm']['type'] = 'check'; + unset( $fields['Confirm']['default'] ); + $this->preErrors[] = 'ipb-blockingself'; } - return false; } /** @@ -265,17 +316,25 @@ class SpecialBlock extends SpecialPage { $form->addPreText( $s ); } } + } - # Username/IP is blocked already locally - if( $this->alreadyBlocked ) { - $form->addPreText( Html::rawElement( - 'div', - array( 'class' => 'mw-ipb-needreblock', ), - wfMsgExt( - 'ipb-needreblock', - array( 'parseinline' ), - $this->target - ) ) ); + /** + * Add header text inside the form, just underneath where the errors would go + * @param $form HTMLForm + * @return void + */ + protected function doHeaderText( HTMLForm &$form ){ + global $wgRequest; + # Don't need to do anything if the form has been posted + if( !$wgRequest->wasPosted() && $this->preErrors ){ + $s = HTMLForm::formatErrors( $this->preErrors ); + if( $s ){ + $form->addHeaderText( Html::rawElement( + 'div', + array( 'class' => 'error' ), + $s + ) ); + } } } @@ -427,7 +486,8 @@ class SpecialBlock extends SpecialPage { if( $type == Block::TYPE_USER ){ # TODO: why do we not have a User->exists() method? if( !$target->getId() ){ - return wfMessage( 'nosuchusershort', $target->getName() ); + return wfMessage( 'nosuchusershort', + wfEscapeWikiText( $target->getName() ) ); } $status = self::checkUnblockSelf( $target ); @@ -481,16 +541,32 @@ class SpecialBlock extends SpecialPage { // Handled by field validator callback // self::validateTargetField( $data['Target'] ); + # This might have been a hidden field or a checkbox, so interesting data + # can come from it + $data['Confirm'] = !in_array( $data['Confirm'], array( '', '0', null, false ), true ); + list( $target, $type ) = self::getTargetAndType( $data['Target'] ); if( $type == Block::TYPE_USER ){ $user = $target; $target = $user->getName(); $userId = $user->getId(); + + # Give admins a heads-up before they go and block themselves. Much messier + # to do this for IPs, but it's pretty unlikely they'd ever get the 'block' + # permission anyway, although the code does allow for it + if( $target === $wgUser->getName() && + ( $data['PreviousTarget'] != $data['Target'] || !$data['Confirm'] ) ) + { + return array( 'ipb-blockingself' ); + } + } elseif( $type == Block::TYPE_RANGE ){ $userId = 0; + } elseif( $type == Block::TYPE_IP ){ $target = $target->getName(); $userId = 0; + } else { # This should have been caught in the form field validation return array( 'badipaddress' ); @@ -502,6 +578,10 @@ class SpecialBlock extends SpecialPage { return array( 'ipb_expiry_invalid' ); } + if( !isset( $data['DisableEmail'] ) ){ + $data['DisableEmail'] = false; + } + # If the user has done the form 'properly', they won't even have been given the # option to suppress-block unless they have the 'hideuser' permission if( !isset( $data['HideUser'] ) ){ @@ -528,6 +608,9 @@ class SpecialBlock extends SpecialPage { # Typically, the user should have a handful of edits. # Disallow hiding users with many edits for performance. return array( 'ipb_hide_invalid' ); + + } elseif( !$data['Confirm'] ){ + return array( 'ipb-confirmhideuser' ); } } @@ -549,21 +632,21 @@ class SpecialBlock extends SpecialPage { } # Try to insert block. Is there a conflicting block? - if( !$block->insert() ) { - + $status = $block->insert(); + if( !$status ) { # Show form unless the user is already aware of this... - if( !$data['AlreadyBlocked'] ) { - return array( array( 'ipb_already_blocked', $data['Target'] ) ); - + if( !$data['Confirm'] || ( array_key_exists( 'PreviousTarget', $data ) + && $data['PreviousTarget'] !== htmlspecialchars( $block->getTarget() ) ) ) + { + return array( array( 'ipb_already_blocked', $block->getTarget() ) ); # Otherwise, try to update the block... } else { - # This returns direct blocks before autoblocks/rangeblocks, since we should # be sure the user is blocked by now it should work for our purposes $currentBlock = Block::newFromTarget( $target ); if( $block->equals( $currentBlock ) ) { - return array( 'ipb_already_blocked' ); + return array( array( 'ipb_already_blocked', $block->getTarget() ) ); } # If the name was hidden and the blocking user cannot hide @@ -573,7 +656,7 @@ class SpecialBlock extends SpecialPage { } $currentBlock->delete(); - $block->insert(); + $status = $block->insert(); $logaction = 'reblock'; # Unset _deleted fields if requested @@ -586,7 +669,6 @@ class SpecialBlock extends SpecialPage { $data['HideUser'] = true; } } - } else { $logaction = 'block'; } @@ -615,12 +697,15 @@ class SpecialBlock extends SpecialPage { # Make log entry, if the name is hidden, put it in the oversight log $log_type = $data['HideUser'] ? 'suppress' : 'block'; $log = new LogPage( $log_type ); - $log->addEntry( + $log_id = $log->addEntry( $logaction, Title::makeTitle( NS_USER, $target ), $data['Reason'][0], $logParams ); + # Relate log ID to block IDs (bug 25763) + $blockIds = array_merge( array( $status['id'] ), $status['autoIds'] ); + $log->addRelations( 'ipb_id', $blockIds, $log_id ); # Report to the user return true; @@ -628,7 +713,7 @@ class SpecialBlock extends SpecialPage { /** * Get an array of suggested block durations from MediaWiki:Ipboptions - * FIXME: this uses a rather odd syntax for the options, should it be converted + * @todo FIXME: This uses a rather odd syntax for the options, should it be converted * to the standard "**|" format? * @return Array */ @@ -661,7 +746,7 @@ class SpecialBlock extends SpecialPage { public static function parseExpiryInput( $expiry ) { static $infinity; if( $infinity == null ){ - $infinity = wfGetDB( DB_READ )->getInfinity(); + $infinity = wfGetDB( DB_SLAVE )->getInfinity(); } if ( $expiry == 'infinite' || $expiry == 'indefinite' ) { $expiry = $infinity; @@ -744,7 +829,7 @@ class SpecialBlock extends SpecialPage { $flags[] = 'noemail'; } - if( $data['DisableUTEdit'] && $wgBlockAllowsUTEdit ){ + if( $wgBlockAllowsUTEdit && $data['DisableUTEdit'] ){ $flags[] = 'nousertalk'; }