class User {
/**
- * \arrayof{\string} A list of default user toggles, i.e., boolean user
+ * \type{\arrayof{\string}} A list of default user toggles, i.e., boolean user
* preferences that are displayed by Special:Preferences as checkboxes.
* This list can be extended via the UserToggles hook or by
* $wgContLang::getExtraUserToggles().
'showjumplinks',
'uselivepreview',
'forceeditsummary',
- 'watchlisthideown',
- 'watchlisthidebots',
'watchlisthideminor',
+ 'watchlisthidebots',
+ 'watchlisthideown',
+ 'watchlisthideanons',
+ 'watchlisthideliu',
'ccmeonemails',
'diffonly',
'showhiddencats',
+ 'noconvertlink',
+ 'norollbackdiff',
);
/**
- * \arrayof{\string} List of member variables which are saved to the
+ * \type{\arrayof{\string}} List of member variables which are saved to the
* shared cache (memcached). Any operation which changes the
* corresponding database fields must call a cache-clearing function.
* @showinitializer
);
/**
- * \arrayof{\string} Core rights.
+ * \type{\arrayof{\string}} Core rights.
* Each of these should have a corresponding message of the form
* "right-$right".
* @showinitializer
'createtalk',
'delete',
'deletedhistory',
+ 'deleterevision',
'edit',
'editinterface',
'editusercssjs',
+ 'hideuser',
'import',
'importupload',
'ipblock-exempt',
'markbotedits',
'minoredit',
'move',
+ 'movefile',
+ 'move-rootuserpages',
+ 'move-subpages',
'nominornewtalk',
'noratelimit',
'patrol',
'proxyunbannable',
'purge',
'read',
+ 'reset-passwords',
'reupload',
'reupload-shared',
'rollback',
+ 'siteadmin',
+ 'suppressionlog',
'suppressredirect',
+ 'suppressrevision',
'trackback',
'undelete',
'unwatchedpages',
'upload',
'upload_by_url',
'userrights',
+ 'userrights-interwiki',
+ 'writeapi',
);
/**
* \string Cached results of getAllRights()
/**
* \bool Whether the cache variables have been loaded.
*/
- var $mDataLoaded;
+ var $mDataLoaded, $mAuthLoaded;
/**
* \string Initialization data source if mDataLoaded==false. May be one of:
/** @name Lazy-initialized variables, invalidated with clearInstanceCache */
//@{
var $mNewtalk, $mDatePreference, $mBlockedby, $mHash, $mSkin, $mRights,
- $mBlockreason, $mBlock, $mEffectiveGroups;
+ $mBlockreason, $mBlock, $mEffectiveGroups, $mBlockedGlobally,
+ $mLocked, $mHideName;
//@}
/**
break;
case 'session':
$this->loadFromSession();
+ wfRunHooks( 'UserLoadAfterLoadFromSession', array( $this ) );
break;
default:
throw new MWException( "Unrecognised value for User->mFrom: \"{$this->mFrom}\"" );
/**
* Get database id given a user name
* @param $name \string Username
- * @return \2types{\int,\null} The corresponding user's ID, or null if user is nonexistent
- * @static
+ * @return \types{\int,\null} The corresponding user's ID, or null if user is nonexistent
*/
static function idFromName( $name ) {
- $nt = Title::newFromText( $name );
+ $nt = Title::makeTitleSafe( NS_USER, $name );
if( is_null( $nt ) ) {
# Illegal name
return null;
* addresses like this, if we allowed accounts like this to be created
* new users could get the old edits of these anonymous users.
*
- * @param $name \string
- * @return \bool
+ * @param $name \string String to match
+ * @return \bool True or false
*/
static function isIP( $name ) {
return preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/',$name) || IP::isIPv6($name);
* is longer than the maximum allowed username size or doesn't begin with
* a capital letter.
*
- * @param $name \string
- * @return \bool
+ * @param $name \string String to match
+ * @return \bool True or false
*/
static function isValidUserName( $name ) {
global $wgContLang, $wgMaxNameChars;
* If an account already exists in this form, login will be blocked
* by a failure to pass this function.
*
- * @param $name \string
- * @return \bool
+ * @param $name \string String to match
+ * @return \bool True or false
*/
static function isUsableName( $name ) {
global $wgReservedUsernames;
return false;
}
+ static $reservedUsernames = false;
+ if ( !$reservedUsernames ) {
+ $reservedUsernames = $wgReservedUsernames;
+ wfRunHooks( 'UserGetReservedNames', array( &$reservedUsernames ) );
+ }
+
// Certain names may be reserved for batch processes.
- foreach ( $wgReservedUsernames as $reserved ) {
+ foreach ( $reservedUsernames as $reserved ) {
if ( substr( $reserved, 0, 4 ) == 'msg:' ) {
$reserved = wfMsgForContent( substr( $reserved, 4 ) );
}
* rather than in isValidUserName() to avoid disrupting
* existing accounts.
*
- * @param $name \string
- * @return \bool
+ * @param $name \string String to match
+ * @return \bool True or false
*/
static function isCreatableName( $name ) {
return
* Is the input a valid password for this user?
*
* @param $password \string Desired password
- * @return \bool
+ * @return \bool True or false
*/
function isValidPassword( $password ) {
global $wgMinimalPasswordLength, $wgContLang;
* @todo Check for RFC 2822 compilance (bug 959)
*
* @param $addr \string E-mail address
- * @return \bool
+ * @return \bool True or false
*/
public static function isValidEmailAddr( $addr ) {
$result = null;
* Given unvalidated user input, return a canonical username, or false if
* the username is invalid.
* @param $name \string User input
- * @param $validate \2types{\string,\bool} Type of validation to use:
+ * @param $validate \types{\string,\bool} Type of validation to use:
* - false No validation
* - 'valid' Valid for batch processes
* - 'usable' Valid for batch processes and login
return false;
# Clean up name according to title rules
- $t = Title::newFromText( $name );
+ $t = ($validate === 'valid') ?
+ Title::newFromText( $name ) : Title::makeTitle( NS_USER, $name );
+ # Check for invalid titles
if( is_null( $t ) ) {
return false;
}
* Return a random password. Sourced from mt_rand, so it's not particularly secure.
* @todo hash random numbers to improve security, like generateToken()
*
- * @return \string
+ * @return \string New random password
*/
static function randomPassword() {
global $wgMinimalPasswordLength;
return $result;
}
- if ( isset( $_SESSION['wsUserID'] ) ) {
- if ( 0 != $_SESSION['wsUserID'] ) {
+ if ( isset( $_COOKIE["{$wgCookiePrefix}UserID"] ) ) {
+ $sId = intval( $_COOKIE["{$wgCookiePrefix}UserID"] );
+ if( isset( $_SESSION['wsUserID'] ) && $sId != $_SESSION['wsUserID'] ) {
+ $this->loadDefaults(); // Possible collision!
+ wfDebugLog( 'loginSessions', "Session user ID ({$_SESSION['wsUserID']}) and
+ cookie user ID ($sId) don't match!" );
+ return false;
+ }
+ $_SESSION['wsUserID'] = $sId;
+ } else if ( isset( $_SESSION['wsUserID'] ) ) {
+ if ( $_SESSION['wsUserID'] != 0 ) {
$sId = $_SESSION['wsUserID'];
} else {
$this->loadDefaults();
return false;
}
- } else if ( isset( $_COOKIE["{$wgCookiePrefix}UserID"] ) ) {
- $sId = intval( $_COOKIE["{$wgCookiePrefix}UserID"] );
- $_SESSION['wsUserID'] = $sId;
} else {
$this->loadDefaults();
return false;
}
+
if ( isset( $_SESSION['wsUserName'] ) ) {
$sName = $_SESSION['wsUserName'];
} else if ( isset( $_COOKIE["{$wgCookiePrefix}UserName"] ) ) {
$dbr = wfGetDB( DB_MASTER );
$s = $dbr->selectRow( 'user', '*', array( 'user_id' => $this->mId ), __METHOD__ );
+ wfRunHooks( 'UserLoadFromDatabase', array( $this, &$s ) );
+
if ( $s !== false ) {
# Initialise user table data
$this->loadFromRow( $s );
/**
* Initialize this object from a row from the user table.
*
- * @param $row \arrayof{\mixed} Row from the user table to load.
+ * @param $row \type{\arrayof{\mixed}} Row from the user table to load.
*/
function loadFromRow( $row ) {
$this->mDataLoaded = true;
if ( isset( $row->user_id ) ) {
- $this->mId = $row->user_id;
+ $this->mId = intval( $row->user_id );
}
$this->mName = $row->user_name;
$this->mRealName = $row->user_real_name;
* Combine the language default options with any site-specific options
* and add the default language variants.
*
- * @return \arrayof{\string} Array of options
+ * @return \type{\arrayof{\string}} Array of options
*/
static function getDefaultOptions() {
global $wgNamespacesToBeSearchedDefault;
* Get a given default option value.
*
* @param $opt \string Name of option to retrieve
- * @return \string
+ * @return \string Default option value
*/
public static function getDefaultOption( $opt ) {
$defOpts = self::getDefaultOptions();
/**
* Get a list of user toggle names
- * @return \arrayof{\string}
+ * @return \type{\arrayof{\string}} Array of user toggle names
*/
static function getToggles() {
- global $wgContLang;
+ global $wgContLang, $wgUseRCPatrol;
$extraToggles = array();
wfRunHooks( 'UserToggles', array( &$extraToggles ) );
+ if( $wgUseRCPatrol ) {
+ $extraToggles[] = 'hidepatrolled';
+ $extraToggles[] = 'newpageshidepatrolled';
+ $extraToggles[] = 'watchlisthidepatrolled';
+ }
return array_merge( self::$mToggles, $extraToggles, $wgContLang->getExtraUserToggles() );
}
$this->mBlockedby = 0;
$this->mHideName = 0;
+ $this->mAllowUsertalk = 0;
$ip = wfGetIP();
if ($this->isAllowed( 'ipblock-exempt' ) ) {
$this->mBlockedby = $this->mBlock->mBy;
$this->mBlockreason = $this->mBlock->mReason;
$this->mHideName = $this->mBlock->mHideName;
+ $this->mAllowUsertalk = $this->mBlock->mAllowUsertalk;
if ( $this->isLoggedIn() ) {
$this->spreadBlock();
}
} else {
- $this->mBlock = null;
- wfDebug( __METHOD__.": No block.\n" );
+ // Bug 13611: don't remove mBlock here, to allow account creation blocks to
+ // apply to users. Note that the existence of $this->mBlock is not used to
+ // check for edit blocks, $this->mBlockedby is instead.
}
# Proxy blocking
* Whether the given IP is in the SORBS blacklist.
*
* @param $ip \string IP to check
- * @return \bool
+ * @return \bool True if blacklisted.
*/
function inSorbsBlacklist( $ip ) {
global $wgEnableSorbs, $wgSorbsUrl;
*
* @param $ip \string IP to check
* @param $base \string URL of the DNS blacklist
- * @return \bool
+ * @return \bool True if blacklisted.
*/
function inDnsBlacklist( $ip, $base ) {
wfProfileIn( __METHOD__ );
$found = false;
$host = '';
- // FIXME: IPv6 ???
- $m = array();
- if ( preg_match( '/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/', $ip, $m ) ) {
+ // FIXME: IPv6 ??? (http://bugs.php.net/bug.php?id=33170)
+ if( IP::isIPv4($ip) ) {
# Make hostname
- for ( $i=4; $i>=1; $i-- ) {
- $host .= $m[$i] . '.';
- }
- $host .= $base;
+ $host = "$ip.$base";
# Send query
$ipList = gethostbynamel( $host );
- if ( $ipList ) {
+ if( $ipList ) {
wfDebug( "Hostname $host is {$ipList[0]}, it's a proxy says $base!\n" );
$found = true;
} else {
/**
* Is this user subject to rate limiting?
*
- * @return \bool
+ * @return \bool True if rate limited
*/
public function isPingLimitable() {
global $wgRateLimitsExcludedGroups;
+ global $wgRateLimitsExcludedIPs;
if( array_intersect( $this->getEffectiveGroups(), $wgRateLimitsExcludedGroups ) ) {
// Deprecated, but kept for backwards-compatibility config
return false;
}
+ if( in_array( wfGetIP(), $wgRateLimitsExcludedIPs ) ) {
+ // No other good way currently to disable rate limits
+ // for specific IPs. :P
+ // But this is a crappy hack and should die.
+ return false;
+ }
return !$this->isAllowed('noratelimit');
}
wfDebug( __METHOD__.": asking isBlocked()\n" );
$blocked = $this->isBlocked( $bFromSlave );
+ $allowUsertalk = ($wgBlockAllowsUTEdit ? $this->mAllowUsertalk : false);
# If a user's name is suppressed, they cannot make edits anywhere
- if ( !$this->mHideName && $wgBlockAllowsUTEdit && $title->getText() === $this->getName() &&
+ if ( !$this->mHideName && $allowUsertalk && $title->getText() === $this->getName() &&
$title->getNamespace() == NS_USER_TALK ) {
$blocked = false;
wfDebug( __METHOD__.": self-talk page, ignoring any blocks\n" );
$this->getBlockedStatus();
return $this->mBlockreason;
}
+
+ /**
+ * If user is blocked, return the ID for the block
+ * @return \int Block ID
+ */
+ function getBlockId() {
+ $this->getBlockedStatus();
+ return ($this->mBlock ? $this->mBlock->mId : false);
+ }
+
+ /**
+ * Check if user is blocked on all wikis.
+ * Do not use for actual edit permission checks!
+ * This is intented for quick UI checks.
+ *
+ * @param $ip \type{\string} IP address, uses current client if none given
+ * @return \type{\bool} True if blocked, false otherwise
+ */
+ function isBlockedGlobally( $ip = '' ) {
+ if( $this->mBlockedGlobally !== null ) {
+ return $this->mBlockedGlobally;
+ }
+ // User is already an IP?
+ if( IP::isIPAddress( $this->getName() ) ) {
+ $ip = $this->getName();
+ } else if( !$ip ) {
+ $ip = wfGetIP();
+ }
+ $blocked = false;
+ wfRunHooks( 'UserIsBlockedGlobally', array( &$this, $ip, &$blocked ) );
+ $this->mBlockedGlobally = (bool)$blocked;
+ return $this->mBlockedGlobally;
+ }
+
+ /**
+ * Check if user account is locked
+ *
+ * @return \type{\bool} True if locked, false otherwise
+ */
+ function isLocked() {
+ if( $this->mLocked !== null ) {
+ return $this->mLocked;
+ }
+ global $wgAuth;
+ $authUser = $wgAuth->getUserInstance( $this );
+ $this->mLocked = (bool)$authUser->isLocked();
+ return $this->mLocked;
+ }
+
+ /**
+ * Check if user account is hidden
+ *
+ * @return \type{\bool} True if hidden, false otherwise
+ */
+ function isHidden() {
+ if( $this->mHideName !== null ) {
+ return $this->mHideName;
+ }
+ $this->getBlockedStatus();
+ if( !$this->mHideName ) {
+ global $wgAuth;
+ $authUser = $wgAuth->getUserInstance( $this );
+ $this->mHideName = (bool)$authUser->isHidden();
+ }
+ return $this->mHideName;
+ }
/**
* Get the user's ID.
/**
* Get the user name, or the IP of an anonymous user
- * @return \string
+ * @return \string User's name or IP address
*/
function getName() {
if ( !$this->mDataLoaded && $this->mFrom == 'name' ) {
/**
* Get the user's name escaped by underscores.
- * @return \string
+ * @return \string Username escaped by underscores.
*/
function getTitleKey() {
return str_replace( ' ', '_', $this->getName() );
/**
* Return the talk page(s) this user has new messages on.
- * @return \arrayof{\string} Array of page URLs
+ * @return \type{\arrayof{\string}} Array of page URLs
*/
function getNewMessageLinks() {
$talks = array();
*
* @see getNewtalk()
* @param $field \string 'user_ip' for anonymous users, 'user_id' otherwise
- * @param $id \2types{\string,\int} User's IP address for anonymous users, User ID otherwise
+ * @param $id \types{\string,\int} User's IP address for anonymous users, User ID otherwise
* @param $fromMaster \bool true to fetch from the master, false for a slave
* @return \bool True if the user has new messages
* @private
/**
* Add or update the new messages flag
* @param $field \string 'user_ip' for anonymous users, 'user_id' otherwise
- * @param $id \2types{\string,\int} User's IP address for anonymous users, User ID otherwise
+ * @param $id \types{\string,\int} User's IP address for anonymous users, User ID otherwise
* @return \bool True if successful, false otherwise
* @private
*/
/**
* Clear the new messages flag for the given user
* @param $field \string 'user_ip' for anonymous users, 'user_id' otherwise
- * @param $id \2types{\string,\int} User's IP address for anonymous users, User ID otherwise
+ * @param $id \types{\string,\int} User's IP address for anonymous users, User ID otherwise
* @return \bool True if successful, false otherwise
* @private
*/
* Called implicitly from invalidateCache() and saveSettings().
*/
private function clearSharedCache() {
+ $this->load();
if( $this->mId ) {
global $wgMemc;
$wgMemc->delete( wfMemcKey( 'user', 'id', $this->mId ) );
return ($timestamp >= $this->mTouched);
}
+ /**
+ * Get the user touched timestamp
+ */
+ function getTouched() {
+ $this->load();
+ return $this->mTouched;
+ }
+
/**
* Set the password and reset the random token.
* Calls through to authentication plugin if necessary;
/**
* Get the user's current token.
- * @return \string
+ * @return \string Token
*/
function getToken() {
$this->load();
/**
* Has password reminder email been sent within the last
* $wgPasswordReminderResendTime hours?
- * @return \bool
+ * @return \bool True or false
*/
function isPasswordReminderThrottled() {
global $wgPasswordReminderResendTime;
/**
* Get the user's e-mail address
- * @return \string
+ * @return \string User's email address
*/
function getEmail() {
$this->load();
/**
* Get the user's real name
- * @return \string
+ * @return \string User's real name
*/
function getRealName() {
$this->load();
}
$this->mOptions[$oname] = $val;
}
+
+ /**
+ * Reset all options to the site defaults
+ */
+ function restoreOptions() {
+ $this->mOptions = User::getDefaultOptions();
+ }
/**
* Get the user's preferred date format.
- * @return \string
+ * @return \string User's preferred date format
*/
function getDatePreference() {
// Important migration for old data rows
/**
* Get the permissions this user has.
- * @return \arrayof{\string}
+ * @return \type{\arrayof{\string}} Array of permission names
*/
function getRights() {
if ( is_null( $this->mRights ) ) {
/**
* Get the list of explicit group memberships this user has.
* The implicit * and user groups are not included.
- * @return \arrayof{\string}
+ * @return \type{\arrayof{\string}} Array of internal group names
*/
function getGroups() {
$this->load();
* This includes all explicit groups, plus 'user' if logged in,
* '*' for all accounts and autopromoted groups
* @param $recache \bool Whether to avoid the cache
- * @return \arrayof{\string}
+ * @return \type{\arrayof{\string}} Array of internal group names
*/
function getEffectiveGroups( $recache = false ) {
if ( $recache || is_null( $this->mEffectiveGroups ) ) {
/**
* Get the user's edit count.
- * @return \int
+ * @return \int User'e edit count
*/
function getEditCount() {
if ($this->mId) {
/**
* Get whether the user is logged in
- * @return \bool
+ * @return \bool True or false
*/
function isLoggedIn() {
return $this->getID() != 0;
/**
* Get whether the user is anonymous
- * @return \bool
+ * @return \bool True or false
*/
function isAnon() {
return !$this->isLoggedIn();
/**
* Get whether the user is a bot
- * @return \bool
+ * @return \bool True or false
* @deprecated
*/
function isBot() {
* @param $action \string action to be checked
* @return \bool True if action is allowed, else false
*/
- function isAllowed($action='') {
+ function isAllowed( $action = '' ) {
if ( $action === '' )
- // In the spirit of DWIM
- return true;
-
- return in_array( $action, $this->getRights() );
+ return true; // In the spirit of DWIM
+ # Patrolling may not be enabled
+ if( $action === 'patrol' || $action === 'autopatrol' ) {
+ global $wgUseRCPatrol, $wgUseNPPatrol;
+ if( !$wgUseRCPatrol && !$wgUseNPPatrol )
+ return false;
+ }
+ # Use strict parameter to avoid matching numeric 0 accidentally inserted
+ # by misconfiguration: 0 == 'foo'
+ return in_array( $action, $this->getRights(), true );
}
/**
* Check whether to enable recent changes patrol features for this user
- * @return \bool
+ * @return \bool True or false
*/
public function useRCPatrol() {
global $wgUseRCPatrol;
/**
* Check whether to enable new pages patrol features for this user
- * @return \bool
+ * @return \bool True or false
*/
public function useNPPatrol() {
global $wgUseRCPatrol, $wgUseNPPatrol;
/**
* Get the current skin, loading it if required
- * @return \type{Skin}
+ * @return \type{Skin} Current skin
* @todo FIXME : need to check the old failback system [AV]
*/
function &getSkin() {
- global $wgRequest;
+ global $wgRequest, $wgAllowUserSkin, $wgDefaultSkin;
if ( ! isset( $this->mSkin ) ) {
wfProfileIn( __METHOD__ );
- # get the user skin
- $userSkin = $this->getOption( 'skin' );
- $userSkin = $wgRequest->getVal('useskin', $userSkin);
-
+ if( $wgAllowUserSkin ) {
+ # get the user skin
+ $userSkin = $this->getOption( 'skin' );
+ $userSkin = $wgRequest->getVal('useskin', $userSkin);
+ } else {
+ # if we're not allowing users to override, then use the default
+ $userSkin = $wgDefaultSkin;
+ }
+
$this->mSkin =& Skin::newFromKey( $userSkin );
wfProfileOut( __METHOD__ );
}
}
/**
- * Set a cookie on the user's client
+ * Set a cookie on the user's client. Wrapper for
+ * WebResponse::setCookie
* @param $name \string Name of the cookie to set
- * @param $name \string Value to set
- * @param $name \int Expiration time, as a UNIX time value;
+ * @param $value \string Value to set
+ * @param $exp \int Expiration time, as a UNIX time value;
* if 0 or not specified, use the default $wgCookieExpiration
*/
protected function setCookie( $name, $value, $exp=0 ) {
- global $wgCookiePrefix,$wgCookieDomain,$wgCookieSecure,$wgCookieExpiration, $wgCookieHttpOnly;
- if( $exp == 0 ) {
- $exp = time() + $wgCookieExpiration;
- }
- $httpOnlySafe = wfHttpOnlySafe();
- wfDebugLog( 'cookie',
- 'setcookie: "' . implode( '", "',
- array(
- $wgCookiePrefix . $name,
- $value,
- $exp,
- '/',
- $wgCookieDomain,
- $wgCookieSecure,
- $httpOnlySafe && $wgCookieHttpOnly ) ) . '"' );
- if( $httpOnlySafe && isset( $wgCookieHttpOnly ) ) {
- setcookie( $wgCookiePrefix . $name,
- $value,
- $exp,
- '/',
- $wgCookieDomain,
- $wgCookieSecure,
- $wgCookieHttpOnly );
- } else {
- // setcookie() fails on PHP 5.1 if you give it future-compat paramters.
- // stab stab!
- setcookie( $wgCookiePrefix . $name,
- $value,
- $exp,
- '/',
- $wgCookieDomain,
- $wgCookieSecure );
- }
+ global $wgRequest;
+ $wgRequest->response()->setcookie( $name, $value, $exp );
}
/**
}
wfRunHooks( 'UserSetCookies', array( $this, &$session, &$cookies ) );
- $_SESSION = $session + $_SESSION;
+ #check for null, since the hook could cause a null value
+ if ( !is_null( $session ) && isset( $_SESSION ) ){
+ $_SESSION = $session + $_SESSION;
+ }
foreach ( $cookies as $name => $value ) {
if ( $value === false ) {
$this->clearCookie( $name );
);
wfRunHooks( 'UserSaveSettings', array( $this ) );
$this->clearSharedCache();
+ $this->getUserPage()->invalidateCache();
}
/**
* Add a user to the database, return the user object
*
* @param $name \string Username to add
- * @param $params \arrayof{\string} Non-default parameters to save to the database:
+ * @param $params \type{\arrayof{\string}} Non-default parameters to save to the database:
* - password The user's password. Password logins will be disabled if this is omitted.
* - newpassword A temporary password mailed to the user
* - email The user's email address
* which will give them a chance to modify this key based on their own
* settings.
*
- * @return \string
+ * @return \string Page rendering hash
*/
function getPageRenderingHash() {
- global $wgContLang, $wgUseDynamicDates, $wgLang;
+ global $wgUseDynamicDates, $wgRenderHashAppend, $wgLang, $wgContLang;
if( $this->mHash ){
return $this->mHash;
}
$extra = $wgContLang->getExtraHashOptions();
$confstr .= $extra;
+ $confstr .= $wgRenderHashAppend;
+
// Give a chance for extensions to modify the hash, if they have
// extra options or other effects on the parser cache.
wfRunHooks( 'PageRenderingHash', array( &$confstr ) );
/**
* Get whether the user is explicitly blocked from account creation.
- * @return \bool
+ * @return \bool True if blocked
*/
function isBlockedFromCreateAccount() {
$this->getBlockedStatus();
/**
* Get whether the user is blocked from using Special:Emailuser.
- * @return \bool
+ * @return \bool True if blocked
*/
function isBlockedFromEmailuser() {
$this->getBlockedStatus();
/**
* Get whether the user is allowed to create an account.
- * @return \bool
+ * @return \bool True if allowed
*/
function isAllowedToCreateAccount() {
return $this->isAllowed( 'createaccount' ) && !$this->isBlockedFromCreateAccount();
/**
* Get this user's personal page title.
*
- * @return \type{Title}
+ * @return \type{Title} User's personal page title
*/
function getUserPage() {
return Title::makeTitle( NS_USER, $this->getName() );
/**
* Get this user's talk page title.
*
- * @return \type{Title}
+ * @return \type{Title} User's talk page title
*/
function getTalkPage() {
$title = $this->getUserPage();
/**
* Get the maximum valid user ID.
- * @return \int
+ * @return \int User ID
* @static
*/
function getMaxID() {
/**
* Check if the given clear-text password matches the temporary password
* sent by e-mail for password reset operations.
- * @return \bool
+ * @return \bool True if matches, false otherwise
*/
function checkTemporaryPassword( $plaintext ) {
- return self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() );
+ global $wgNewPasswordExpiry;
+ if( self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ) ) {
+ $this->load();
+ $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry;
+ return ( time() < $expiry );
+ } else {
+ return false;
+ }
}
/**
* login credentials aren't being hijacked with a foreign form
* submission.
*
- * @param $salt \2types{\string,\arrayof{\string}} Optional function-specific data for hashing
+ * @param $salt \types{\string,\arrayof{\string}} Optional function-specific data for hashing
* @return \string The new edit token
*/
function editToken( $salt = '' ) {
* Generate a new e-mail confirmation token and send a confirmation/invalidation
* mail to the user's given address.
*
- * @return \2types{\bool,\type{WikiError}} True on success, a WikiError object on failure.
+ * @return \types{\bool,\type{WikiError}} True on success, a WikiError object on failure.
*/
function sendConfirmationMail() {
global $wgLang;
* @param $subject \string Message subject
* @param $body \string Message body
* @param $from \string Optional From address; if unspecified, default $wgPasswordSender will be used
- * @param $replyto \string
- * @return \2types{\bool,\type{WikiError}} True on success, a WikiError object on failure
+ * @param $replyto \string Reply-To address
+ * @return \types{\bool,\type{WikiError}} True on success, a WikiError object on failure
*/
function sendMail( $subject, $body, $from = null, $replyto = null ) {
if( is_null( $from ) ) {
* this change to the database.
*
* @param[out] &$expiration \mixed Accepts the expiration time
- * @return \string
+ * @return \string New token
* @private
*/
function confirmationToken( &$expiration ) {
/**
* Return a URL the user can use to confirm their email address.
* @param $token \string Accepts the email confirmation token
- * @return \string
+ * @return \string New token URL
* @private
*/
function confirmationTokenUrl( $token ) {
/**
* Return a URL the user can use to invalidate their email address.
* @param $token \string Accepts the email confirmation token
- * @return \string
+ * @return \string New token URL
* @private
*/
function invalidationTokenUrl( $token ) {
/**
* Is this user allowed to send e-mails within limits of current
* site configuration?
- * @return \bool
+ * @return \bool True if allowed
*/
function canSendEmail() {
+ global $wgEnableEmail, $wgEnableUserEmail;
+ if( !$wgEnableEmail || !$wgEnableUserEmail ) {
+ return false;
+ }
$canSend = $this->isEmailConfirmed();
wfRunHooks( 'UserCanSendEmail', array( &$this, &$canSend ) );
return $canSend;
/**
* Is this user allowed to receive e-mails within limits of current
* site configuration?
- * @return \bool
+ * @return \bool True if allowed
*/
function canReceiveEmail() {
return $this->isEmailConfirmed() && !$this->getOption( 'disablemail' );
* confirmed their address by returning a code or using a password
* sent to the address from the wiki.
*
- * @return \bool
+ * @return \bool True if confirmed
*/
function isEmailConfirmed() {
global $wgEmailAuthentication;
/**
* Check whether there is an outstanding request for e-mail confirmation.
- * @return \bool
+ * @return \bool True if pending
*/
function isEmailConfirmationPending() {
global $wgEmailAuthentication;
/**
* Get the timestamp of account creation.
*
- * @return \2types{\string,\bool} string Timestamp of account creation, or false for
+ * @return \types{\string,\bool} string Timestamp of account creation, or false for
* non-existent/anonymous user accounts.
*/
public function getRegistration() {
- return $this->mId > 0
+ return $this->getId() > 0
? $this->mRegistration
: false;
}
+
+ /**
+ * Get the timestamp of the first edit
+ *
+ * @return \types{\string,\bool} string Timestamp of first edit, or false for
+ * non-existent/anonymous user accounts.
+ */
+ public function getFirstEditTimestamp() {
+ if( $this->getId() == 0 ) return false; // anons
+ $dbr = wfGetDB( DB_SLAVE );
+ $time = $dbr->selectField( 'revision', 'rev_timestamp',
+ array( 'rev_user' => $this->getId() ),
+ __METHOD__,
+ array( 'ORDER BY' => 'rev_timestamp ASC' )
+ );
+ if( !$time ) return false; // no edits
+ return wfTimestamp( TS_MW, $time );
+ }
/**
* Get the permissions associated with a given list of groups
*
- * @param $groups \arrayof{\string} List of internal group names
- * @return \arrayof{\string} List of permission key names for given groups combined
+ * @param $groups \type{\arrayof{\string}} List of internal group names
+ * @return \type{\arrayof{\string}} List of permission key names for given groups combined
*/
static function getGroupPermissions( $groups ) {
global $wgGroupPermissions;
foreach( $groups as $group ) {
if( isset( $wgGroupPermissions[$group] ) ) {
$rights = array_merge( $rights,
+ // array_filter removes empty items
array_keys( array_filter( $wgGroupPermissions[$group] ) ) );
}
}
- return $rights;
+ return array_unique($rights);
}
/**
* Get all the groups who have a given permission
*
* @param $role \string Role to check
- * @return \arrayof{\string} List of internal group names with the given permission
+ * @return \type{\arrayof{\string}} List of internal group names with the given permission
*/
static function getGroupsWithPermission( $role ) {
global $wgGroupPermissions;
* Get the localized descriptive name for a group, if it exists
*
* @param $group \string Internal group name
- * @return \string
+ * @return \string Localized descriptive group name
*/
static function getGroupName( $group ) {
global $wgMessageCache;
* Get the localized descriptive name for a member of a group, if it exists
*
* @param $group \string Internal group name
- * @return \string
+ * @return \string Localized name for group member
*/
static function getGroupMember( $group ) {
global $wgMessageCache;
* Return the set of defined explicit groups.
* The implicit groups (by default *, 'user' and 'autoconfirmed')
* are not included, as they are defined automatically, not in the database.
- * @return \arrayof{\string}
+ * @return \type{\arrayof{\string}} Array of internal group names
*/
static function getAllGroups() {
global $wgGroupPermissions;
/**
* Get a list of all available permissions.
- * @return \arrayof{\string}
+ * @return \type{\arrayof{\string}} Array of permission names
*/
static function getAllRights() {
if ( self::$mAllRights === false ) {
/**
* Get a list of implicit groups
- * @return \arrayof{\string}
+ * @return \type{\arrayof{\string}} Array of internal group names
*/
public static function getImplicitGroups() {
global $wgImplicitGroups;
* Get the title of a page describing a particular group
*
* @param $group \string Internal group name
- * @return \2types{\type{Title},\bool} Title of the page if it exists, false otherwise
+ * @return \types{\type{Title},\bool} Title of the page if it exists, false otherwise
*/
static function getGroupPage( $group ) {
global $wgMessageCache;
* Get the description of a given right
*
* @param $right \string Right to query
- * @return \string
+ * @return \string Localized description of the right
*/
static function getRightDescription( $right ) {
global $wgMessageCache;
static function crypt( $password, $salt = false ) {
global $wgPasswordSalt;
- if($wgPasswordSalt) {
+ $hash = '';
+ if( !wfRunHooks( 'UserCryptPassword', array( &$password, &$salt, &$wgPasswordSalt, &$hash ) ) ) {
+ return $hash;
+ }
+
+ if( $wgPasswordSalt ) {
if ( $salt === false ) {
$salt = substr( wfGenerateToken(), 0, 8 );
}
return ':B:' . $salt . ':' . md5( $salt . '-' . md5( $password ) );
} else {
- return ':A:' . md5( $password);
+ return ':A:' . md5( $password );
}
}
static function comparePasswords( $hash, $password, $userId = false ) {
$m = false;
$type = substr( $hash, 0, 3 );
+
+ $result = false;
+ if( !wfRunHooks( 'UserComparePasswords', array( &$hash, &$password, &$userId, &$result ) ) ) {
+ return $result;
+ }
+
if ( $type == ':A:' ) {
# Unsalted
return md5( $password ) === substr( $hash, 3 );
return self::oldCrypt( $password, $userId ) === $hash;
}
}
+
+ /**
+ * Add a newuser log entry for this user
+ * @param $byEmail Boolean: account made by email?
+ */
+ public function addNewUserLogEntry( $byEmail = false ) {
+ global $wgUser, $wgContLang, $wgNewUserLog;
+ if( empty($wgNewUserLog) ) {
+ return true; // disabled
+ }
+ $talk = $wgContLang->getFormattedNsText( NS_TALK );
+ if( $this->getName() == $wgUser->getName() ) {
+ $action = 'create';
+ $message = '';
+ } else {
+ $action = 'create2';
+ $message = $byEmail ? wfMsgForContent( 'newuserlog-byemail' ) : '';
+ }
+ $log = new LogPage( 'newusers' );
+ $log->addEntry( $action, $this->getUserPage(), $message, array( $this->getId() ) );
+ return true;
+ }
+
+ /**
+ * Add an autocreate newuser log entry for this user
+ * Used by things like CentralAuth and perhaps other authplugins.
+ */
+ public function addNewUserLogEntryAutoCreate() {
+ global $wgNewUserLog;
+ if( empty($wgNewUserLog) ) {
+ return true; // disabled
+ }
+ $log = new LogPage( 'newusers', false );
+ $log->addEntry( 'autocreate', $this->getUserPage(), '', array( $this->getId() ) );
+ return true;
+ }
+
}
dépôts / lhc / web / wiklou.git / blobdiff