search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Pass __METHOD__ to DatabaseBase::commit() and DatabaseBase::rollback()
[mediawiki.git] / includes / User.php
blobcfceae0eacbc4c922a97ac7e5a350af8442b4dd0
1 <?php
2 /**
3 * Implements the User class for the %MediaWiki software.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 /**
24 * Int Number of characters in user_token field.
25 * @ingroup Constants
26 */
27 define( 'USER_TOKEN_LENGTH', 32 );
28
29 /**
30 * Int Serialized record version.
31 * @ingroup Constants
32 */
33 define( 'MW_USER_VERSION', 8 );
34
35 /**
36 * String Some punctuation to prevent editing from broken text-mangling proxies.
37 * @ingroup Constants
38 */
39 define( 'EDIT_TOKEN_SUFFIX', '+\\' );
40
41 /**
42 * Thrown by User::setPassword() on error.
43 * @ingroup Exception
44 */
45 class PasswordError extends MWException {
46 // NOP
47 }
48
49 /**
50 * The User object encapsulates all of the user-specific settings (user_id,
51 * name, rights, password, email address, options, last login time). Client
52 * classes use the getXXX() functions to access these fields. These functions
53 * do all the work of determining whether the user is logged in,
54 * whether the requested option can be satisfied from cookies or
55 * whether a database query is needed. Most of the settings needed
56 * for rendering normal pages are set in the cookie to minimize use
57 * of the database.
58 */
59 class User {
60 /**
61 * Global constants made accessible as class constants so that autoloader
62 * magic can be used.
63 */
64 const USER_TOKEN_LENGTH = USER_TOKEN_LENGTH;
65 const MW_USER_VERSION = MW_USER_VERSION;
66 const EDIT_TOKEN_SUFFIX = EDIT_TOKEN_SUFFIX;
67
68 /**
69 * Array of Strings List of member variables which are saved to the
70 * shared cache (memcached). Any operation which changes the
71 * corresponding database fields must call a cache-clearing function.
72 * @showinitializer
73 */
74 static $mCacheVars = array(
75 // user table
76 'mId',
77 'mName',
78 'mRealName',
79 'mPassword',
80 'mNewpassword',
81 'mNewpassTime',
82 'mEmail',
83 'mTouched',
84 'mToken',
85 'mEmailAuthenticated',
86 'mEmailToken',
87 'mEmailTokenExpires',
88 'mRegistration',
89 'mEditCount',
90 // user_groups table
91 'mGroups',
92 // user_properties table
93 'mOptionOverrides',
94 );
95
96 /**
97 * Array of Strings Core rights.
98 * Each of these should have a corresponding message of the form
99 * "right-$right".
100 * @showinitializer
101 */
102 static $mCoreRights = array(
103 'apihighlimits',
104 'autoconfirmed',
105 'autopatrol',
106 'bigdelete',
107 'block',
108 'blockemail',
109 'bot',
110 'browsearchive',
111 'createaccount',
112 'createpage',
113 'createtalk',
114 'delete',
115 'deletedhistory',
116 'deletedtext',
117 'deleterevision',
118 'edit',
119 'editinterface',
120 'editusercssjs', #deprecated
121 'editusercss',
122 'edituserjs',
123 'hideuser',
124 'import',
125 'importupload',
126 'ipblock-exempt',
127 'markbotedits',
128 'mergehistory',
129 'minoredit',
130 'move',
131 'movefile',
132 'move-rootuserpages',
133 'move-subpages',
134 'nominornewtalk',
135 'noratelimit',
136 'override-export-depth',
137 'patrol',
138 'protect',
139 'proxyunbannable',
140 'purge',
141 'read',
142 'reupload',
143 'reupload-shared',
144 'rollback',
145 'sendemail',
146 'siteadmin',
147 'suppressionlog',
148 'suppressredirect',
149 'suppressrevision',
150 'unblockself',
151 'undelete',
152 'unwatchedpages',
153 'upload',
154 'upload_by_url',
155 'userrights',
156 'userrights-interwiki',
157 'writeapi',
158 );
159 /**
160 * String Cached results of getAllRights()
161 */
162 static $mAllRights = false;
163
164 /** @name Cache variables */
165 //@{
166 var $mId, $mName, $mRealName, $mPassword, $mNewpassword, $mNewpassTime,
167 $mEmail, $mTouched, $mToken, $mEmailAuthenticated,
168 $mEmailToken, $mEmailTokenExpires, $mRegistration, $mGroups, $mOptionOverrides,
169 $mCookiePassword, $mEditCount, $mAllowUsertalk;
170 //@}
171
172 /**
173 * Bool Whether the cache variables have been loaded.
174 */
175 //@{
176 var $mOptionsLoaded;
177
178 /**
179 * Array with already loaded items or true if all items have been loaded.
180 */
181 private $mLoadedItems = array();
182 //@}
183
184 /**
185 * String Initialization data source if mLoadedItems!==true. May be one of:
186 * - 'defaults' anonymous user initialised from class defaults
187 * - 'name' initialise from mName
188 * - 'id' initialise from mId
189 * - 'session' log in from cookies or session if possible
190 *
191 * Use the User::newFrom*() family of functions to set this.
192 */
193 var $mFrom;
194
195 /**
196 * Lazy-initialized variables, invalidated with clearInstanceCache
197 */
198 var $mNewtalk, $mDatePreference, $mBlockedby, $mHash, $mRights,
199 $mBlockreason, $mEffectiveGroups, $mImplicitGroups, $mFormerGroups, $mBlockedGlobally,
200 $mLocked, $mHideName, $mOptions;
201
202 /**
203 * @var WebRequest
204 */
205 private $mRequest;
206
207 /**
208 * @var Block
209 */
210 var $mBlock;
211
212 /**
213 * @var Block
214 */
215 private $mBlockedFromCreateAccount = false;
216
217 static $idCacheByName = array();
218
219 /**
220 * Lightweight constructor for an anonymous user.
221 * Use the User::newFrom* factory functions for other kinds of users.
222 *
223 * @see newFromName()
224 * @see newFromId()
225 * @see newFromConfirmationCode()
226 * @see newFromSession()
227 * @see newFromRow()
228 */
229 function __construct() {
230 $this->clearInstanceCache( 'defaults' );
231 }
232
233 /**
234 * @return String
235 */
236 function __toString(){
237 return $this->getName();
238 }
239
240 /**
241 * Load the user table data for this object from the source given by mFrom.
242 */
243 public function load() {
244 if ( $this->mLoadedItems === true ) {
245 return;
246 }
247 wfProfileIn( __METHOD__ );
248
249 # Set it now to avoid infinite recursion in accessors
250 $this->mLoadedItems = true;
251
252 switch ( $this->mFrom ) {
253 case 'defaults':
254 $this->loadDefaults();
255 break;
256 case 'name':
257 $this->mId = self::idFromName( $this->mName );
258 if ( !$this->mId ) {
259 # Nonexistent user placeholder object
260 $this->loadDefaults( $this->mName );
261 } else {
262 $this->loadFromId();
263 }
264 break;
265 case 'id':
266 $this->loadFromId();
267 break;
268 case 'session':
269 $this->loadFromSession();
270 wfRunHooks( 'UserLoadAfterLoadFromSession', array( $this ) );
271 break;
272 default:
273 throw new MWException( "Unrecognised value for User->mFrom: \"{$this->mFrom}\"" );
274 }
275 wfProfileOut( __METHOD__ );
276 }
277
278 /**
279 * Load user table data, given mId has already been set.
280 * @return Bool false if the ID does not exist, true otherwise
281 */
282 public function loadFromId() {
283 global $wgMemc;
284 if ( $this->mId == 0 ) {
285 $this->loadDefaults();
286 return false;
287 }
288
289 # Try cache
290 $key = wfMemcKey( 'user', 'id', $this->mId );
291 $data = $wgMemc->get( $key );
292 if ( !is_array( $data ) || $data['mVersion'] < MW_USER_VERSION ) {
293 # Object is expired, load from DB
294 $data = false;
295 }
296
297 if ( !$data ) {
298 wfDebug( "User: cache miss for user {$this->mId}\n" );
299 # Load from DB
300 if ( !$this->loadFromDatabase() ) {
301 # Can't load from ID, user is anonymous
302 return false;
303 }
304 $this->saveToCache();
305 } else {
306 wfDebug( "User: got user {$this->mId} from cache\n" );
307 # Restore from cache
308 foreach ( self::$mCacheVars as $name ) {
309 $this->$name = $data[$name];
310 }
311 }
312 return true;
313 }
314
315 /**
316 * Save user data to the shared cache
317 */
318 public function saveToCache() {
319 $this->load();
320 $this->loadGroups();
321 $this->loadOptions();
322 if ( $this->isAnon() ) {
323 // Anonymous users are uncached
324 return;
325 }
326 $data = array();
327 foreach ( self::$mCacheVars as $name ) {
328 $data[$name] = $this->$name;
329 }
330 $data['mVersion'] = MW_USER_VERSION;
331 $key = wfMemcKey( 'user', 'id', $this->mId );
332 global $wgMemc;
333 $wgMemc->set( $key, $data );
334 }
335
336 /** @name newFrom*() static factory methods */
337 //@{
338
339 /**
340 * Static factory method for creation from username.
341 *
342 * This is slightly less efficient than newFromId(), so use newFromId() if
343 * you have both an ID and a name handy.
344 *
345 * @param $name String Username, validated by Title::newFromText()
346 * @param $validate String|Bool Validate username. Takes the same parameters as
347 * User::getCanonicalName(), except that true is accepted as an alias
348 * for 'valid', for BC.
349 *
350 * @return User object, or false if the username is invalid
351 * (e.g. if it contains illegal characters or is an IP address). If the
352 * username is not present in the database, the result will be a user object
353 * with a name, zero user ID and default settings.
354 */
355 public static function newFromName( $name, $validate = 'valid' ) {
356 if ( $validate === true ) {
357 $validate = 'valid';
358 }
359 $name = self::getCanonicalName( $name, $validate );
360 if ( $name === false ) {
361 return false;
362 } else {
363 # Create unloaded user object
364 $u = new User;
365 $u->mName = $name;
366 $u->mFrom = 'name';
367 $u->setItemLoaded( 'name' );
368 return $u;
369 }
370 }
371
372 /**
373 * Static factory method for creation from a given user ID.
374 *
375 * @param $id Int Valid user ID
376 * @return User The corresponding User object
377 */
378 public static function newFromId( $id ) {
379 $u = new User;
380 $u->mId = $id;
381 $u->mFrom = 'id';
382 $u->setItemLoaded( 'id' );
383 return $u;
384 }
385
386 /**
387 * Factory method to fetch whichever user has a given email confirmation code.
388 * This code is generated when an account is created or its e-mail address
389 * has changed.
390 *
391 * If the code is invalid or has expired, returns NULL.
392 *
393 * @param $code String Confirmation code
394 * @return User object, or null
395 */
396 public static function newFromConfirmationCode( $code ) {
397 $dbr = wfGetDB( DB_SLAVE );
398 $id = $dbr->selectField( 'user', 'user_id', array(
399 'user_email_token' => md5( $code ),
400 'user_email_token_expires > ' . $dbr->addQuotes( $dbr->timestamp() ),
401 ) );
402 if( $id !== false ) {
403 return User::newFromId( $id );
404 } else {
405 return null;
406 }
407 }
408
409 /**
410 * Create a new user object using data from session or cookies. If the
411 * login credentials are invalid, the result is an anonymous user.
412 *
413 * @param $request WebRequest object to use; $wgRequest will be used if
414 * ommited.
415 * @return User object
416 */
417 public static function newFromSession( WebRequest $request = null ) {
418 $user = new User;
419 $user->mFrom = 'session';
420 $user->mRequest = $request;
421 return $user;
422 }
423
424 /**
425 * Create a new user object from a user row.
426 * The row should have the following fields from the user table in it:
427 * - either user_name or user_id to load further data if needed (or both)
428 * - user_real_name
429 * - all other fields (email, password, etc.)
430 * It is useless to provide the remaining fields if either user_id,
431 * user_name and user_real_name are not provided because the whole row
432 * will be loaded once more from the database when accessing them.
433 *
434 * @param $row Array A row from the user table
435 * @return User
436 */
437 public static function newFromRow( $row ) {
438 $user = new User;
439 $user->loadFromRow( $row );
440 return $user;
441 }
442
443 //@}
444
445 /**
446 * Get the username corresponding to a given user ID
447 * @param $id Int User ID
448 * @return String|bool The corresponding username
449 */
450 public static function whoIs( $id ) {
451 $dbr = wfGetDB( DB_SLAVE );
452 return $dbr->selectField( 'user', 'user_name', array( 'user_id' => $id ), __METHOD__ );
453 }
454
455 /**
456 * Get the real name of a user given their user ID
457 *
458 * @param $id Int User ID
459 * @return String|bool The corresponding user's real name
460 */
461 public static function whoIsReal( $id ) {
462 $dbr = wfGetDB( DB_SLAVE );
463 return $dbr->selectField( 'user', 'user_real_name', array( 'user_id' => $id ), __METHOD__ );
464 }
465
466 /**
467 * Get database id given a user name
468 * @param $name String Username
469 * @return Int|Null The corresponding user's ID, or null if user is nonexistent
470 */
471 public static function idFromName( $name ) {
472 $nt = Title::makeTitleSafe( NS_USER, $name );
473 if( is_null( $nt ) ) {
474 # Illegal name
475 return null;
476 }
477
478 if ( isset( self::$idCacheByName[$name] ) ) {
479 return self::$idCacheByName[$name];
480 }
481
482 $dbr = wfGetDB( DB_SLAVE );
483 $s = $dbr->selectRow( 'user', array( 'user_id' ), array( 'user_name' => $nt->getText() ), __METHOD__ );
484
485 if ( $s === false ) {
486 $result = null;
487 } else {
488 $result = $s->user_id;
489 }
490
491 self::$idCacheByName[$name] = $result;
492
493 if ( count( self::$idCacheByName ) > 1000 ) {
494 self::$idCacheByName = array();
495 }
496
497 return $result;
498 }
499
500 /**
501 * Reset the cache used in idFromName(). For use in tests.
502 */
503 public static function resetIdByNameCache() {
504 self::$idCacheByName = array();
505 }
506
507 /**
508 * Does the string match an anonymous IPv4 address?
509 *
510 * This function exists for username validation, in order to reject
511 * usernames which are similar in form to IP addresses. Strings such
512 * as 300.300.300.300 will return true because it looks like an IP
513 * address, despite not being strictly valid.
514 *
515 * We match \d{1,3}\.\d{1,3}\.\d{1,3}\.xxx as an anonymous IP
516 * address because the usemod software would "cloak" anonymous IP
517 * addresses like this, if we allowed accounts like this to be created
518 * new users could get the old edits of these anonymous users.
519 *
520 * @param $name String to match
521 * @return Bool
522 */
523 public static function isIP( $name ) {
524 return preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/',$name) || IP::isIPv6($name);
525 }
526
527 /**
528 * Is the input a valid username?
529 *
530 * Checks if the input is a valid username, we don't want an empty string,
531 * an IP address, anything that containins slashes (would mess up subpages),
532 * is longer than the maximum allowed username size or doesn't begin with
533 * a capital letter.
534 *
535 * @param $name String to match
536 * @return Bool
537 */
538 public static function isValidUserName( $name ) {
539 global $wgContLang, $wgMaxNameChars;
540
541 if ( $name == ''
542 || User::isIP( $name )
543 || strpos( $name, '/' ) !== false
544 || strlen( $name ) > $wgMaxNameChars
545 || $name != $wgContLang->ucfirst( $name ) ) {
546 wfDebugLog( 'username', __METHOD__ .
547 ": '$name' invalid due to empty, IP, slash, length, or lowercase" );
548 return false;
549 }
550
551
552 // Ensure that the name can't be misresolved as a different title,
553 // such as with extra namespace keys at the start.
554 $parsed = Title::newFromText( $name );
555 if( is_null( $parsed )
556 || $parsed->getNamespace()
557 || strcmp( $name, $parsed->getPrefixedText() ) ) {
558 wfDebugLog( 'username', __METHOD__ .
559 ": '$name' invalid due to ambiguous prefixes" );
560 return false;
561 }
562
563 // Check an additional blacklist of troublemaker characters.
564 // Should these be merged into the title char list?
565 $unicodeBlacklist = '/[' .
566 '\x{0080}-\x{009f}' . # iso-8859-1 control chars
567 '\x{00a0}' . # non-breaking space
568 '\x{2000}-\x{200f}' . # various whitespace
569 '\x{2028}-\x{202f}' . # breaks and control chars
570 '\x{3000}' . # ideographic space
571 '\x{e000}-\x{f8ff}' . # private use
572 ']/u';
573 if( preg_match( $unicodeBlacklist, $name ) ) {
574 wfDebugLog( 'username', __METHOD__ .
575 ": '$name' invalid due to blacklisted characters" );
576 return false;
577 }
578
579 return true;
580 }
581
582 /**
583 * Usernames which fail to pass this function will be blocked
584 * from user login and new account registrations, but may be used
585 * internally by batch processes.
586 *
587 * If an account already exists in this form, login will be blocked
588 * by a failure to pass this function.
589 *
590 * @param $name String to match
591 * @return Bool
592 */
593 public static function isUsableName( $name ) {
594 global $wgReservedUsernames;
595 // Must be a valid username, obviously ;)
596 if ( !self::isValidUserName( $name ) ) {
597 return false;
598 }
599
600 static $reservedUsernames = false;
601 if ( !$reservedUsernames ) {
602 $reservedUsernames = $wgReservedUsernames;
603 wfRunHooks( 'UserGetReservedNames', array( &$reservedUsernames ) );
604 }
605
606 // Certain names may be reserved for batch processes.
607 foreach ( $reservedUsernames as $reserved ) {
608 if ( substr( $reserved, 0, 4 ) == 'msg:' ) {
609 $reserved = wfMsgForContent( substr( $reserved, 4 ) );
610 }
611 if ( $reserved == $name ) {
612 return false;
613 }
614 }
615 return true;
616 }
617
618 /**
619 * Usernames which fail to pass this function will be blocked
620 * from new account registrations, but may be used internally
621 * either by batch processes or by user accounts which have
622 * already been created.
623 *
624 * Additional blacklisting may be added here rather than in
625 * isValidUserName() to avoid disrupting existing accounts.
626 *
627 * @param $name String to match
628 * @return Bool
629 */
630 public static function isCreatableName( $name ) {
631 global $wgInvalidUsernameCharacters;
632
633 // Ensure that the username isn't longer than 235 bytes, so that
634 // (at least for the builtin skins) user javascript and css files
635 // will work. (bug 23080)
636 if( strlen( $name ) > 235 ) {
637 wfDebugLog( 'username', __METHOD__ .
638 ": '$name' invalid due to length" );
639 return false;
640 }
641
642 // Preg yells if you try to give it an empty string
643 if( $wgInvalidUsernameCharacters !== '' ) {
644 if( preg_match( '/[' . preg_quote( $wgInvalidUsernameCharacters, '/' ) . ']/', $name ) ) {
645 wfDebugLog( 'username', __METHOD__ .
646 ": '$name' invalid due to wgInvalidUsernameCharacters" );
647 return false;
648 }
649 }
650
651 return self::isUsableName( $name );
652 }
653
654 /**
655 * Is the input a valid password for this user?
656 *
657 * @param $password String Desired password
658 * @return Bool
659 */
660 public function isValidPassword( $password ) {
661 //simple boolean wrapper for getPasswordValidity
662 return $this->getPasswordValidity( $password ) === true;
663 }
664
665 /**
666 * Given unvalidated password input, return error message on failure.
667 *
668 * @param $password String Desired password
669 * @return mixed: true on success, string or array of error message on failure
670 */
671 public function getPasswordValidity( $password ) {
672 global $wgMinimalPasswordLength, $wgContLang;
673
674 static $blockedLogins = array(
675 'Useruser' => 'Passpass', 'Useruser1' => 'Passpass1', # r75589
676 'Apitestsysop' => 'testpass', 'Apitestuser' => 'testpass' # r75605
677 );
678
679 $result = false; //init $result to false for the internal checks
680
681 if( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) )
682 return $result;
683
684 if ( $result === false ) {
685 if( strlen( $password ) < $wgMinimalPasswordLength ) {
686 return 'passwordtooshort';
687 } elseif ( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
688 return 'password-name-match';
689 } elseif ( isset( $blockedLogins[ $this->getName() ] ) && $password == $blockedLogins[ $this->getName() ] ) {
690 return 'password-login-forbidden';
691 } else {
692 //it seems weird returning true here, but this is because of the
693 //initialization of $result to false above. If the hook is never run or it
694 //doesn't modify $result, then we will likely get down into this if with
695 //a valid password.
696 return true;
697 }
698 } elseif( $result === true ) {
699 return true;
700 } else {
701 return $result; //the isValidPassword hook set a string $result and returned true
702 }
703 }
704
705 /**
706 * Does a string look like an e-mail address?
707 *
708 * This validates an email address using an HTML5 specification found at:
709 * http://www.whatwg.org/specs/web-apps/current-work/multipage/states-of-the-type-attribute.html#valid-e-mail-address
710 * Which as of 2011-01-24 says:
711 *
712 * A valid e-mail address is a string that matches the ABNF production
713 * 1*( atext / "." ) "@" ldh-str *( "." ldh-str ) where atext is defined
714 * in RFC 5322 section 3.2.3, and ldh-str is defined in RFC 1034 section
715 * 3.5.
716 *
717 * This function is an implementation of the specification as requested in
718 * bug 22449.
719 *
720 * Client-side forms will use the same standard validation rules via JS or
721 * HTML 5 validation; additional restrictions can be enforced server-side
722 * by extensions via the 'isValidEmailAddr' hook.
723 *
724 * Note that this validation doesn't 100% match RFC 2822, but is believed
725 * to be liberal enough for wide use. Some invalid addresses will still
726 * pass validation here.
727 *
728 * @param $addr String E-mail address
729 * @return Bool
730 * @deprecated since 1.18 call Sanitizer::isValidEmail() directly
731 */
732 public static function isValidEmailAddr( $addr ) {
733 wfDeprecated( __METHOD__, '1.18' );
734 return Sanitizer::validateEmail( $addr );
735 }
736
737 /**
738 * Given unvalidated user input, return a canonical username, or false if
739 * the username is invalid.
740 * @param $name String User input
741 * @param $validate String|Bool type of validation to use:
742 * - false No validation
743 * - 'valid' Valid for batch processes
744 * - 'usable' Valid for batch processes and login
745 * - 'creatable' Valid for batch processes, login and account creation
746 *
747 * @return bool|string
748 */
749 public static function getCanonicalName( $name, $validate = 'valid' ) {
750 # Force usernames to capital
751 global $wgContLang;
752 $name = $wgContLang->ucfirst( $name );
753
754 # Reject names containing '#'; these will be cleaned up
755 # with title normalisation, but then it's too late to
756 # check elsewhere
757 if( strpos( $name, '#' ) !== false )
758 return false;
759
760 # Clean up name according to title rules
761 $t = ( $validate === 'valid' ) ?
762 Title::newFromText( $name ) : Title::makeTitle( NS_USER, $name );
763 # Check for invalid titles
764 if( is_null( $t ) ) {
765 return false;
766 }
767
768 # Reject various classes of invalid names
769 global $wgAuth;
770 $name = $wgAuth->getCanonicalName( $t->getText() );
771
772 switch ( $validate ) {
773 case false:
774 break;
775 case 'valid':
776 if ( !User::isValidUserName( $name ) ) {
777 $name = false;
778 }
779 break;
780 case 'usable':
781 if ( !User::isUsableName( $name ) ) {
782 $name = false;
783 }
784 break;
785 case 'creatable':
786 if ( !User::isCreatableName( $name ) ) {
787 $name = false;
788 }
789 break;
790 default:
791 throw new MWException( 'Invalid parameter value for $validate in ' . __METHOD__ );
792 }
793 return $name;
794 }
795
796 /**
797 * Count the number of edits of a user
798 * @todo It should not be static and some day should be merged as proper member function / deprecated -- domas
799 *
800 * @param $uid Int User ID to check
801 * @return Int the user's edit count
802 */
803 public static function edits( $uid ) {
804 wfProfileIn( __METHOD__ );
805 $dbr = wfGetDB( DB_SLAVE );
806 // check if the user_editcount field has been initialized
807 $field = $dbr->selectField(
808 'user', 'user_editcount',
809 array( 'user_id' => $uid ),
810 __METHOD__
811 );
812
813 if( $field === null ) { // it has not been initialized. do so.
814 $dbw = wfGetDB( DB_MASTER );
815 $count = $dbr->selectField(
816 'revision', 'count(*)',
817 array( 'rev_user' => $uid ),
818 __METHOD__
819 );
820 $dbw->update(
821 'user',
822 array( 'user_editcount' => $count ),
823 array( 'user_id' => $uid ),
824 __METHOD__
825 );
826 } else {
827 $count = $field;
828 }
829 wfProfileOut( __METHOD__ );
830 return $count;
831 }
832
833 /**
834 * Return a random password. Sourced from mt_rand, so it's not particularly secure.
835 * @todo hash random numbers to improve security, like generateToken()
836 *
837 * @return String new random password
838 */
839 public static function randomPassword() {
840 global $wgMinimalPasswordLength;
841 $pwchars = 'ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz';
842 $l = strlen( $pwchars ) - 1;
843
844 $pwlength = max( 7, $wgMinimalPasswordLength );
845 $digit = mt_rand( 0, $pwlength - 1 );
846 $np = '';
847 for ( $i = 0; $i < $pwlength; $i++ ) {
848 $np .= $i == $digit ? chr( mt_rand( 48, 57 ) ) : $pwchars[ mt_rand( 0, $l ) ];
849 }
850 return $np;
851 }
852
853 /**
854 * Set cached properties to default.
855 *
856 * @note This no longer clears uncached lazy-initialised properties;
857 * the constructor does that instead.
858 *
859 * @param $name string
860 */
861 public function loadDefaults( $name = false ) {
862 wfProfileIn( __METHOD__ );
863
864 $this->mId = 0;
865 $this->mName = $name;
866 $this->mRealName = '';
867 $this->mPassword = $this->mNewpassword = '';
868 $this->mNewpassTime = null;
869 $this->mEmail = '';
870 $this->mOptionOverrides = null;
871 $this->mOptionsLoaded = false;
872
873 $loggedOut = $this->getRequest()->getCookie( 'LoggedOut' );
874 if( $loggedOut !== null ) {
875 $this->mTouched = wfTimestamp( TS_MW, $loggedOut );
876 } else {
877 $this->mTouched = '0'; # Allow any pages to be cached
878 }
879
880 $this->setToken(); # Random
881 $this->mEmailAuthenticated = null;
882 $this->mEmailToken = '';
883 $this->mEmailTokenExpires = null;
884 $this->mRegistration = wfTimestamp( TS_MW );
885 $this->mGroups = array();
886
887 wfRunHooks( 'UserLoadDefaults', array( $this, $name ) );
888
889 wfProfileOut( __METHOD__ );
890 }
891
892 /**
893 * Return whether an item has been loaded.
894 *
895 * @param $item String: item to check. Current possibilities:
896 * - id
897 * - name
898 * - realname
899 * @param $all String: 'all' to check if the whole object has been loaded
900 * or any other string to check if only the item is available (e.g.
901 * for optimisation)
902 * @return Boolean
903 */
904 public function isItemLoaded( $item, $all = 'all' ) {
905 return ( $this->mLoadedItems === true && $all === 'all' ) ||
906 ( isset( $this->mLoadedItems[$item] ) && $this->mLoadedItems[$item] === true );
907 }
908
909 /**
910 * Set that an item has been loaded
911 *
912 * @param $item String
913 */
914 private function setItemLoaded( $item ) {
915 if ( is_array( $this->mLoadedItems ) ) {
916 $this->mLoadedItems[$item] = true;
917 }
918 }
919
920 /**
921 * Load user data from the session or login cookie. If there are no valid
922 * credentials, initialises the user as an anonymous user.
923 * @return Bool True if the user is logged in, false otherwise.
924 */
925 private function loadFromSession() {
926 global $wgExternalAuthType, $wgAutocreatePolicy;
927
928 $result = null;
929 wfRunHooks( 'UserLoadFromSession', array( $this, &$result ) );
930 if ( $result !== null ) {
931 return $result;
932 }
933
934 if ( $wgExternalAuthType && $wgAutocreatePolicy == 'view' ) {
935 $extUser = ExternalUser::newFromCookie();
936 if ( $extUser ) {
937 # TODO: Automatically create the user here (or probably a bit
938 # lower down, in fact)
939 }
940 }
941
942 $request = $this->getRequest();
943
944 $cookieId = $request->getCookie( 'UserID' );
945 $sessId = $request->getSessionData( 'wsUserID' );
946
947 if ( $cookieId !== null ) {
948 $sId = intval( $cookieId );
949 if( $sessId !== null && $cookieId != $sessId ) {
950 $this->loadDefaults(); // Possible collision!
951 wfDebugLog( 'loginSessions', "Session user ID ($sessId) and
952 cookie user ID ($sId) don't match!" );
953 return false;
954 }
955 $request->setSessionData( 'wsUserID', $sId );
956 } elseif ( $sessId !== null && $sessId != 0 ) {
957 $sId = $sessId;
958 } else {
959 $this->loadDefaults();
960 return false;
961 }
962
963 if ( $request->getSessionData( 'wsUserName' ) !== null ) {
964 $sName = $request->getSessionData( 'wsUserName' );
965 } elseif ( $request->getCookie( 'UserName' ) !== null ) {
966 $sName = $request->getCookie( 'UserName' );
967 $request->setSessionData( 'wsUserName', $sName );
968 } else {
969 $this->loadDefaults();
970 return false;
971 }
972
973 $proposedUser = User::newFromId( $sId );
974 if ( !$proposedUser->isLoggedIn() ) {
975 # Not a valid ID
976 $this->loadDefaults();
977 return false;
978 }
979
980 global $wgBlockDisablesLogin;
981 if( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
982 # User blocked and we've disabled blocked user logins
983 $this->loadDefaults();
984 return false;
985 }
986
987 if ( $request->getSessionData( 'wsToken' ) !== null ) {
988 $passwordCorrect = $proposedUser->getToken() === $request->getSessionData( 'wsToken' );
989 $from = 'session';
990 } elseif ( $request->getCookie( 'Token' ) !== null ) {
991 $passwordCorrect = $proposedUser->getToken() === $request->getCookie( 'Token' );
992 $from = 'cookie';
993 } else {
994 # No session or persistent login cookie
995 $this->loadDefaults();
996 return false;
997 }
998
999 if ( ( $sName === $proposedUser->getName() ) && $passwordCorrect ) {
1000 $this->loadFromUserObject( $proposedUser );
1001 $request->setSessionData( 'wsToken', $this->mToken );
1002 wfDebug( "User: logged in from $from\n" );
1003 return true;
1004 } else {
1005 # Invalid credentials
1006 wfDebug( "User: can't log in from $from, invalid credentials\n" );
1007 $this->loadDefaults();
1008 return false;
1009 }
1010 }
1011
1012 /**
1013 * Load user and user_group data from the database.
1014 * $this->mId must be set, this is how the user is identified.
1015 *
1016 * @return Bool True if the user exists, false if the user is anonymous
1017 */
1018 public function loadFromDatabase() {
1019 # Paranoia
1020 $this->mId = intval( $this->mId );
1021
1022 /** Anonymous user */
1023 if( !$this->mId ) {
1024 $this->loadDefaults();
1025 return false;
1026 }
1027
1028 $dbr = wfGetDB( DB_MASTER );
1029 $s = $dbr->selectRow( 'user', '*', array( 'user_id' => $this->mId ), __METHOD__ );
1030
1031 wfRunHooks( 'UserLoadFromDatabase', array( $this, &$s ) );
1032
1033 if ( $s !== false ) {
1034 # Initialise user table data
1035 $this->loadFromRow( $s );
1036 $this->mGroups = null; // deferred
1037 $this->getEditCount(); // revalidation for nulls
1038 return true;
1039 } else {
1040 # Invalid user_id
1041 $this->mId = 0;
1042 $this->loadDefaults();
1043 return false;
1044 }
1045 }
1046
1047 /**
1048 * Initialize this object from a row from the user table.
1049 *
1050 * @param $row Array Row from the user table to load.
1051 */
1052 public function loadFromRow( $row ) {
1053 $all = true;
1054
1055 $this->mGroups = null; // deferred
1056
1057 if ( isset( $row->user_name ) ) {
1058 $this->mName = $row->user_name;
1059 $this->mFrom = 'name';
1060 $this->setItemLoaded( 'name' );
1061 } else {
1062 $all = false;
1063 }
1064
1065 if ( isset( $row->user_real_name ) ) {
1066 $this->mRealName = $row->user_real_name;
1067 $this->setItemLoaded( 'realname' );
1068 } else {
1069 $all = false;
1070 }
1071
1072 if ( isset( $row->user_id ) ) {
1073 $this->mId = intval( $row->user_id );
1074 $this->mFrom = 'id';
1075 $this->setItemLoaded( 'id' );
1076 } else {
1077 $all = false;
1078 }
1079
1080 if ( isset( $row->user_editcount ) ) {
1081 $this->mEditCount = $row->user_editcount;
1082 } else {
1083 $all = false;
1084 }
1085
1086 if ( isset( $row->user_password ) ) {
1087 $this->mPassword = $row->user_password;
1088 $this->mNewpassword = $row->user_newpassword;
1089 $this->mNewpassTime = wfTimestampOrNull( TS_MW, $row->user_newpass_time );
1090 $this->mEmail = $row->user_email;
1091 if ( isset( $row->user_options ) ) {
1092 $this->decodeOptions( $row->user_options );
1093 }
1094 $this->mTouched = wfTimestamp( TS_MW, $row->user_touched );
1095 $this->mToken = $row->user_token;
1096 $this->mEmailAuthenticated = wfTimestampOrNull( TS_MW, $row->user_email_authenticated );
1097 $this->mEmailToken = $row->user_email_token;
1098 $this->mEmailTokenExpires = wfTimestampOrNull( TS_MW, $row->user_email_token_expires );
1099 $this->mRegistration = wfTimestampOrNull( TS_MW, $row->user_registration );
1100 } else {
1101 $all = false;
1102 }
1103
1104 if ( $all ) {
1105 $this->mLoadedItems = true;
1106 }
1107 }
1108
1109 /**
1110 * Load the data for this user object from another user object.
1111 *
1112 * @param $user User
1113 */
1114 protected function loadFromUserObject( $user ) {
1115 $user->load();
1116 $user->loadGroups();
1117 $user->loadOptions();
1118 foreach ( self::$mCacheVars as $var ) {
1119 $this->$var = $user->$var;
1120 }
1121 }
1122
1123 /**
1124 * Load the groups from the database if they aren't already loaded.
1125 */
1126 private function loadGroups() {
1127 if ( is_null( $this->mGroups ) ) {
1128 $dbr = wfGetDB( DB_MASTER );
1129 $res = $dbr->select( 'user_groups',
1130 array( 'ug_group' ),
1131 array( 'ug_user' => $this->mId ),
1132 __METHOD__ );
1133 $this->mGroups = array();
1134 foreach ( $res as $row ) {
1135 $this->mGroups[] = $row->ug_group;
1136 }
1137 }
1138 }
1139
1140 /**
1141 * Add the user to the group if he/she meets given criteria.
1142 *
1143 * Contrary to autopromotion by \ref $wgAutopromote, the group will be
1144 * possible to remove manually via Special:UserRights. In such case it
1145 * will not be re-added automatically. The user will also not lose the
1146 * group if they no longer meet the criteria.
1147 *
1148 * @param $event String key in $wgAutopromoteOnce (each one has groups/criteria)
1149 *
1150 * @return array Array of groups the user has been promoted to.
1151 *
1152 * @see $wgAutopromoteOnce
1153 */
1154 public function addAutopromoteOnceGroups( $event ) {
1155 global $wgAutopromoteOnceLogInRC;
1156
1157 $toPromote = array();
1158 if ( $this->getId() ) {
1159 $toPromote = Autopromote::getAutopromoteOnceGroups( $this, $event );
1160 if ( count( $toPromote ) ) {
1161 $oldGroups = $this->getGroups(); // previous groups
1162 foreach ( $toPromote as $group ) {
1163 $this->addGroup( $group );
1164 }
1165 $newGroups = array_merge( $oldGroups, $toPromote ); // all groups
1166
1167 $log = new LogPage( 'rights', $wgAutopromoteOnceLogInRC /* in RC? */ );
1168 $log->addEntry( 'autopromote',
1169 $this->getUserPage(),
1170 '', // no comment
1171 // These group names are "list to texted"-ed in class LogPage.
1172 array( implode( ', ', $oldGroups ), implode( ', ', $newGroups ) )
1173 );
1174 }
1175 }
1176 return $toPromote;
1177 }
1178
1179 /**
1180 * Clear various cached data stored in this object.
1181 * @param $reloadFrom bool|String Reload user and user_groups table data from a
1182 * given source. May be "name", "id", "defaults", "session", or false for
1183 * no reload.
1184 */
1185 public function clearInstanceCache( $reloadFrom = false ) {
1186 $this->mNewtalk = -1;
1187 $this->mDatePreference = null;
1188 $this->mBlockedby = -1; # Unset
1189 $this->mHash = false;
1190 $this->mRights = null;
1191 $this->mEffectiveGroups = null;
1192 $this->mImplicitGroups = null;
1193 $this->mOptions = null;
1194
1195 if ( $reloadFrom ) {
1196 $this->mLoadedItems = array();
1197 $this->mFrom = $reloadFrom;
1198 }
1199 }
1200
1201 /**
1202 * Combine the language default options with any site-specific options
1203 * and add the default language variants.
1204 *
1205 * @return Array of String options
1206 */
1207 public static function getDefaultOptions() {
1208 global $wgNamespacesToBeSearchedDefault, $wgDefaultUserOptions, $wgContLang, $wgDefaultSkin;
1209
1210 $defOpt = $wgDefaultUserOptions;
1211 # default language setting
1212 $variant = $wgContLang->getDefaultVariant();
1213 $defOpt['variant'] = $variant;
1214 $defOpt['language'] = $variant;
1215 foreach( SearchEngine::searchableNamespaces() as $nsnum => $nsname ) {
1216 $defOpt['searchNs'.$nsnum] = !empty( $wgNamespacesToBeSearchedDefault[$nsnum] );
1217 }
1218 $defOpt['skin'] = $wgDefaultSkin;
1219
1220 // FIXME: Ideally we'd cache the results of this function so the hook is only run once,
1221 // but that breaks the parser tests because they rely on being able to change $wgContLang
1222 // mid-request and see that change reflected in the return value of this function.
1223 // Which is insane and would never happen during normal MW operation, but is also not
1224 // likely to get fixed unless and until we context-ify everything.
1225 // See also https://www.mediawiki.org/wiki/Special:Code/MediaWiki/101488#c25275
1226 wfRunHooks( 'UserGetDefaultOptions', array( &$defOpt ) );
1227
1228 return $defOpt;
1229 }
1230
1231 /**
1232 * Get a given default option value.
1233 *
1234 * @param $opt String Name of option to retrieve
1235 * @return String Default option value
1236 */
1237 public static function getDefaultOption( $opt ) {
1238 $defOpts = self::getDefaultOptions();
1239 if( isset( $defOpts[$opt] ) ) {
1240 return $defOpts[$opt];
1241 } else {
1242 return null;
1243 }
1244 }
1245
1246
1247 /**
1248 * Get blocking information
1249 * @param $bFromSlave Bool Whether to check the slave database first. To
1250 * improve performance, non-critical checks are done
1251 * against slaves. Check when actually saving should be
1252 * done against master.
1253 */
1254 private function getBlockedStatus( $bFromSlave = true ) {
1255 global $wgProxyWhitelist, $wgUser;
1256
1257 if ( -1 != $this->mBlockedby ) {
1258 return;
1259 }
1260
1261 wfProfileIn( __METHOD__ );
1262 wfDebug( __METHOD__.": checking...\n" );
1263
1264 // Initialize data...
1265 // Otherwise something ends up stomping on $this->mBlockedby when
1266 // things get lazy-loaded later, causing false positive block hits
1267 // due to -1 !== 0. Probably session-related... Nothing should be
1268 // overwriting mBlockedby, surely?
1269 $this->load();
1270
1271 $this->mBlockedby = 0;
1272 $this->mHideName = 0;
1273 $this->mAllowUsertalk = 0;
1274
1275 # We only need to worry about passing the IP address to the Block generator if the
1276 # user is not immune to autoblocks/hardblocks, and they are the current user so we
1277 # know which IP address they're actually coming from
1278 if ( !$this->isAllowed( 'ipblock-exempt' ) && $this->getID() == $wgUser->getID() ) {
1279 $ip = $this->getRequest()->getIP();
1280 } else {
1281 $ip = null;
1282 }
1283
1284 # User/IP blocking
1285 $this->mBlock = Block::newFromTarget( $this->getName(), $ip, !$bFromSlave );
1286 if ( $this->mBlock instanceof Block ) {
1287 wfDebug( __METHOD__ . ": Found block.\n" );
1288 $this->mBlockedby = $this->mBlock->getByName();
1289 $this->mBlockreason = $this->mBlock->mReason;
1290 $this->mHideName = $this->mBlock->mHideName;
1291 $this->mAllowUsertalk = !$this->mBlock->prevents( 'editownusertalk' );
1292 }
1293
1294 # Proxy blocking
1295 if ( $ip !== null && !$this->isAllowed( 'proxyunbannable' ) && !in_array( $ip, $wgProxyWhitelist ) ) {
1296 # Local list
1297 if ( self::isLocallyBlockedProxy( $ip ) ) {
1298 $this->mBlockedby = wfMsg( 'proxyblocker' );
1299 $this->mBlockreason = wfMsg( 'proxyblockreason' );
1300 }
1301
1302 # DNSBL
1303 if ( !$this->mBlockedby && !$this->getID() ) {
1304 if ( $this->isDnsBlacklisted( $ip ) ) {
1305 $this->mBlockedby = wfMsg( 'sorbs' );
1306 $this->mBlockreason = wfMsg( 'sorbsreason' );
1307 }
1308 }
1309 }
1310
1311 # Extensions
1312 wfRunHooks( 'GetBlockedStatus', array( &$this ) );
1313
1314 wfProfileOut( __METHOD__ );
1315 }
1316
1317 /**
1318 * Whether the given IP is in a DNS blacklist.
1319 *
1320 * @param $ip String IP to check
1321 * @param $checkWhitelist Bool: whether to check the whitelist first
1322 * @return Bool True if blacklisted.
1323 */
1324 public function isDnsBlacklisted( $ip, $checkWhitelist = false ) {
1325 global $wgEnableSorbs, $wgEnableDnsBlacklist,
1326 $wgSorbsUrl, $wgDnsBlacklistUrls, $wgProxyWhitelist;
1327
1328 if ( !$wgEnableDnsBlacklist && !$wgEnableSorbs )
1329 return false;
1330
1331 if ( $checkWhitelist && in_array( $ip, $wgProxyWhitelist ) )
1332 return false;
1333
1334 $urls = array_merge( $wgDnsBlacklistUrls, (array)$wgSorbsUrl );
1335 return $this->inDnsBlacklist( $ip, $urls );
1336 }
1337
1338 /**
1339 * Whether the given IP is in a given DNS blacklist.
1340 *
1341 * @param $ip String IP to check
1342 * @param $bases String|Array of Strings: URL of the DNS blacklist
1343 * @return Bool True if blacklisted.
1344 */
1345 public function inDnsBlacklist( $ip, $bases ) {
1346 wfProfileIn( __METHOD__ );
1347
1348 $found = false;
1349 // @todo FIXME: IPv6 ??? (http://bugs.php.net/bug.php?id=33170)
1350 if( IP::isIPv4( $ip ) ) {
1351 # Reverse IP, bug 21255
1352 $ipReversed = implode( '.', array_reverse( explode( '.', $ip ) ) );
1353
1354 foreach( (array)$bases as $base ) {
1355 # Make hostname
1356 # If we have an access key, use that too (ProjectHoneypot, etc.)
1357 if( is_array( $base ) ) {
1358 if( count( $base ) >= 2 ) {
1359 # Access key is 1, base URL is 0
1360 $host = "{$base[1]}.$ipReversed.{$base[0]}";
1361 } else {
1362 $host = "$ipReversed.{$base[0]}";
1363 }
1364 } else {
1365 $host = "$ipReversed.$base";
1366 }
1367
1368 # Send query
1369 $ipList = gethostbynamel( $host );
1370
1371 if( $ipList ) {
1372 wfDebug( "Hostname $host is {$ipList[0]}, it's a proxy says $base!\n" );
1373 $found = true;
1374 break;
1375 } else {
1376 wfDebug( "Requested $host, not found in $base.\n" );
1377 }
1378 }
1379 }
1380
1381 wfProfileOut( __METHOD__ );
1382 return $found;
1383 }
1384
1385 /**
1386 * Check if an IP address is in the local proxy list
1387 *
1388 * @param $ip string
1389 *
1390 * @return bool
1391 */
1392 public static function isLocallyBlockedProxy( $ip ) {
1393 global $wgProxyList;
1394
1395 if ( !$wgProxyList ) {
1396 return false;
1397 }
1398 wfProfileIn( __METHOD__ );
1399
1400 if ( !is_array( $wgProxyList ) ) {
1401 # Load from the specified file
1402 $wgProxyList = array_map( 'trim', file( $wgProxyList ) );
1403 }
1404
1405 if ( !is_array( $wgProxyList ) ) {
1406 $ret = false;
1407 } elseif ( array_search( $ip, $wgProxyList ) !== false ) {
1408 $ret = true;
1409 } elseif ( array_key_exists( $ip, $wgProxyList ) ) {
1410 # Old-style flipped proxy list
1411 $ret = true;
1412 } else {
1413 $ret = false;
1414 }
1415 wfProfileOut( __METHOD__ );
1416 return $ret;
1417 }
1418
1419 /**
1420 * Is this user subject to rate limiting?
1421 *
1422 * @return Bool True if rate limited
1423 */
1424 public function isPingLimitable() {
1425 global $wgRateLimitsExcludedIPs;
1426 if( in_array( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
1427 // No other good way currently to disable rate limits
1428 // for specific IPs. :P
1429 // But this is a crappy hack and should die.
1430 return false;
1431 }
1432 return !$this->isAllowed('noratelimit');
1433 }
1434
1435 /**
1436 * Primitive rate limits: enforce maximum actions per time period
1437 * to put a brake on flooding.
1438 *
1439 * @note When using a shared cache like memcached, IP-address
1440 * last-hit counters will be shared across wikis.
1441 *
1442 * @param $action String Action to enforce; 'edit' if unspecified
1443 * @return Bool True if a rate limiter was tripped
1444 */
1445 public function pingLimiter( $action = 'edit' ) {
1446 # Call the 'PingLimiter' hook
1447 $result = false;
1448 if( !wfRunHooks( 'PingLimiter', array( &$this, $action, $result ) ) ) {
1449 return $result;
1450 }
1451
1452 global $wgRateLimits;
1453 if( !isset( $wgRateLimits[$action] ) ) {
1454 return false;
1455 }
1456
1457 # Some groups shouldn't trigger the ping limiter, ever
1458 if( !$this->isPingLimitable() )
1459 return false;
1460
1461 global $wgMemc, $wgRateLimitLog;
1462 wfProfileIn( __METHOD__ );
1463
1464 $limits = $wgRateLimits[$action];
1465 $keys = array();
1466 $id = $this->getId();
1467 $ip = $this->getRequest()->getIP();
1468 $userLimit = false;
1469
1470 if( isset( $limits['anon'] ) && $id == 0 ) {
1471 $keys[wfMemcKey( 'limiter', $action, 'anon' )] = $limits['anon'];
1472 }
1473
1474 if( isset( $limits['user'] ) && $id != 0 ) {
1475 $userLimit = $limits['user'];
1476 }
1477 if( $this->isNewbie() ) {
1478 if( isset( $limits['newbie'] ) && $id != 0 ) {
1479 $keys[wfMemcKey( 'limiter', $action, 'user', $id )] = $limits['newbie'];
1480 }
1481 if( isset( $limits['ip'] ) ) {
1482 $keys["mediawiki:limiter:$action:ip:$ip"] = $limits['ip'];
1483 }
1484 $matches = array();
1485 if( isset( $limits['subnet'] ) && preg_match( '/^(\d+\.\d+\.\d+)\.\d+$/', $ip, $matches ) ) {
1486 $subnet = $matches[1];
1487 $keys["mediawiki:limiter:$action:subnet:$subnet"] = $limits['subnet'];
1488 }
1489 }
1490 // Check for group-specific permissions
1491 // If more than one group applies, use the group with the highest limit
1492 foreach ( $this->getGroups() as $group ) {
1493 if ( isset( $limits[$group] ) ) {
1494 if ( $userLimit === false || $limits[$group] > $userLimit ) {
1495 $userLimit = $limits[$group];
1496 }
1497 }
1498 }
1499 // Set the user limit key
1500 if ( $userLimit !== false ) {
1501 wfDebug( __METHOD__ . ": effective user limit: $userLimit\n" );
1502 $keys[ wfMemcKey( 'limiter', $action, 'user', $id ) ] = $userLimit;
1503 }
1504
1505 $triggered = false;
1506 foreach( $keys as $key => $limit ) {
1507 list( $max, $period ) = $limit;
1508 $summary = "(limit $max in {$period}s)";
1509 $count = $wgMemc->get( $key );
1510 // Already pinged?
1511 if( $count ) {
1512 if( $count > $max ) {
1513 wfDebug( __METHOD__ . ": tripped! $key at $count $summary\n" );
1514 if( $wgRateLimitLog ) {
1515 wfSuppressWarnings();
1516 file_put_contents( $wgRateLimitLog, wfTimestamp( TS_MW ) . ' ' . wfWikiID() . ': ' . $this->getName() . " tripped $key at $count $summary\n", FILE_APPEND );
1517 wfRestoreWarnings();
1518 }
1519 $triggered = true;
1520 } else {
1521 wfDebug( __METHOD__ . ": ok. $key at $count $summary\n" );
1522 }
1523 } else {
1524 wfDebug( __METHOD__ . ": adding record for $key $summary\n" );
1525 $wgMemc->add( $key, 0, intval( $period ) ); // first ping
1526 }
1527 $wgMemc->incr( $key );
1528 }
1529
1530 wfProfileOut( __METHOD__ );
1531 return $triggered;
1532 }
1533
1534 /**
1535 * Check if user is blocked
1536 *
1537 * @param $bFromSlave Bool Whether to check the slave database instead of the master
1538 * @return Bool True if blocked, false otherwise
1539 */
1540 public function isBlocked( $bFromSlave = true ) { // hacked from false due to horrible probs on site
1541 return $this->getBlock( $bFromSlave ) instanceof Block && $this->getBlock()->prevents( 'edit' );
1542 }
1543
1544 /**
1545 * Get the block affecting the user, or null if the user is not blocked
1546 *
1547 * @param $bFromSlave Bool Whether to check the slave database instead of the master
1548 * @return Block|null
1549 */
1550 public function getBlock( $bFromSlave = true ){
1551 $this->getBlockedStatus( $bFromSlave );
1552 return $this->mBlock instanceof Block ? $this->mBlock : null;
1553 }
1554
1555 /**
1556 * Check if user is blocked from editing a particular article
1557 *
1558 * @param $title Title to check
1559 * @param $bFromSlave Bool whether to check the slave database instead of the master
1560 * @return Bool
1561 */
1562 function isBlockedFrom( $title, $bFromSlave = false ) {
1563 global $wgBlockAllowsUTEdit;
1564 wfProfileIn( __METHOD__ );
1565
1566 $blocked = $this->isBlocked( $bFromSlave );
1567 $allowUsertalk = ( $wgBlockAllowsUTEdit ? $this->mAllowUsertalk : false );
1568 # If a user's name is suppressed, they cannot make edits anywhere
1569 if ( !$this->mHideName && $allowUsertalk && $title->getText() === $this->getName() &&
1570 $title->getNamespace() == NS_USER_TALK ) {
1571 $blocked = false;
1572 wfDebug( __METHOD__ . ": self-talk page, ignoring any blocks\n" );
1573 }
1574
1575 wfRunHooks( 'UserIsBlockedFrom', array( $this, $title, &$blocked, &$allowUsertalk ) );
1576
1577 wfProfileOut( __METHOD__ );
1578 return $blocked;
1579 }
1580
1581 /**
1582 * If user is blocked, return the name of the user who placed the block
1583 * @return String name of blocker
1584 */
1585 public function blockedBy() {
1586 $this->getBlockedStatus();
1587 return $this->mBlockedby;
1588 }
1589
1590 /**
1591 * If user is blocked, return the specified reason for the block
1592 * @return String Blocking reason
1593 */
1594 public function blockedFor() {
1595 $this->getBlockedStatus();
1596 return $this->mBlockreason;
1597 }
1598
1599 /**
1600 * If user is blocked, return the ID for the block
1601 * @return Int Block ID
1602 */
1603 public function getBlockId() {
1604 $this->getBlockedStatus();
1605 return ( $this->mBlock ? $this->mBlock->getId() : false );
1606 }
1607
1608 /**
1609 * Check if user is blocked on all wikis.
1610 * Do not use for actual edit permission checks!
1611 * This is intented for quick UI checks.
1612 *
1613 * @param $ip String IP address, uses current client if none given
1614 * @return Bool True if blocked, false otherwise
1615 */
1616 public function isBlockedGlobally( $ip = '' ) {
1617 if( $this->mBlockedGlobally !== null ) {
1618 return $this->mBlockedGlobally;
1619 }
1620 // User is already an IP?
1621 if( IP::isIPAddress( $this->getName() ) ) {
1622 $ip = $this->getName();
1623 } elseif( !$ip ) {
1624 $ip = $this->getRequest()->getIP();
1625 }
1626 $blocked = false;
1627 wfRunHooks( 'UserIsBlockedGlobally', array( &$this, $ip, &$blocked ) );
1628 $this->mBlockedGlobally = (bool)$blocked;
1629 return $this->mBlockedGlobally;
1630 }
1631
1632 /**
1633 * Check if user account is locked
1634 *
1635 * @return Bool True if locked, false otherwise
1636 */
1637 public function isLocked() {
1638 if( $this->mLocked !== null ) {
1639 return $this->mLocked;
1640 }
1641 global $wgAuth;
1642 $authUser = $wgAuth->getUserInstance( $this );
1643 $this->mLocked = (bool)$authUser->isLocked();
1644 return $this->mLocked;
1645 }
1646
1647 /**
1648 * Check if user account is hidden
1649 *
1650 * @return Bool True if hidden, false otherwise
1651 */
1652 public function isHidden() {
1653 if( $this->mHideName !== null ) {
1654 return $this->mHideName;
1655 }
1656 $this->getBlockedStatus();
1657 if( !$this->mHideName ) {
1658 global $wgAuth;
1659 $authUser = $wgAuth->getUserInstance( $this );
1660 $this->mHideName = (bool)$authUser->isHidden();
1661 }
1662 return $this->mHideName;
1663 }
1664
1665 /**
1666 * Get the user's ID.
1667 * @return Int The user's ID; 0 if the user is anonymous or nonexistent
1668 */
1669 public function getId() {
1670 if( $this->mId === null && $this->mName !== null
1671 && User::isIP( $this->mName ) ) {
1672 // Special case, we know the user is anonymous
1673 return 0;
1674 } elseif( !$this->isItemLoaded( 'id' ) ) {
1675 // Don't load if this was initialized from an ID
1676 $this->load();
1677 }
1678 return $this->mId;
1679 }
1680
1681 /**
1682 * Set the user and reload all fields according to a given ID
1683 * @param $v Int User ID to reload
1684 */
1685 public function setId( $v ) {
1686 $this->mId = $v;
1687 $this->clearInstanceCache( 'id' );
1688 }
1689
1690 /**
1691 * Get the user name, or the IP of an anonymous user
1692 * @return String User's name or IP address
1693 */
1694 public function getName() {
1695 if ( $this->isItemLoaded( 'name', 'only' ) ) {
1696 # Special case optimisation
1697 return $this->mName;
1698 } else {
1699 $this->load();
1700 if ( $this->mName === false ) {
1701 # Clean up IPs
1702 $this->mName = IP::sanitizeIP( $this->getRequest()->getIP() );
1703 }
1704 return $this->mName;
1705 }
1706 }
1707
1708 /**
1709 * Set the user name.
1710 *
1711 * This does not reload fields from the database according to the given
1712 * name. Rather, it is used to create a temporary "nonexistent user" for
1713 * later addition to the database. It can also be used to set the IP
1714 * address for an anonymous user to something other than the current
1715 * remote IP.
1716 *
1717 * @note User::newFromName() has rougly the same function, when the named user
1718 * does not exist.
1719 * @param $str String New user name to set
1720 */
1721 public function setName( $str ) {
1722 $this->load();
1723 $this->mName = $str;
1724 }
1725
1726 /**
1727 * Get the user's name escaped by underscores.
1728 * @return String Username escaped by underscores.
1729 */
1730 public function getTitleKey() {
1731 return str_replace( ' ', '_', $this->getName() );
1732 }
1733
1734 /**
1735 * Check if the user has new messages.
1736 * @return Bool True if the user has new messages
1737 */
1738 public function getNewtalk() {
1739 $this->load();
1740
1741 # Load the newtalk status if it is unloaded (mNewtalk=-1)
1742 if( $this->mNewtalk === -1 ) {
1743 $this->mNewtalk = false; # reset talk page status
1744
1745 # Check memcached separately for anons, who have no
1746 # entire User object stored in there.
1747 if( !$this->mId ) {
1748 global $wgMemc;
1749 $key = wfMemcKey( 'newtalk', 'ip', $this->getName() );
1750 $newtalk = $wgMemc->get( $key );
1751 if( strval( $newtalk ) !== '' ) {
1752 $this->mNewtalk = (bool)$newtalk;
1753 } else {
1754 // Since we are caching this, make sure it is up to date by getting it
1755 // from the master
1756 $this->mNewtalk = $this->checkNewtalk( 'user_ip', $this->getName(), true );
1757 $wgMemc->set( $key, (int)$this->mNewtalk, 1800 );
1758 }
1759 } else {
1760 $this->mNewtalk = $this->checkNewtalk( 'user_id', $this->mId );
1761 }
1762 }
1763
1764 return (bool)$this->mNewtalk;
1765 }
1766
1767 /**
1768 * Return the talk page(s) this user has new messages on.
1769 * @return Array of String page URLs
1770 */
1771 public function getNewMessageLinks() {
1772 $talks = array();
1773 if( !wfRunHooks( 'UserRetrieveNewTalks', array( &$this, &$talks ) ) )
1774 return $talks;
1775
1776 if( !$this->getNewtalk() )
1777 return array();
1778 $up = $this->getUserPage();
1779 $utp = $up->getTalkPage();
1780 return array( array( 'wiki' => wfWikiID(), 'link' => $utp->getLocalURL() ) );
1781 }
1782
1783 /**
1784 * Internal uncached check for new messages
1785 *
1786 * @see getNewtalk()
1787 * @param $field String 'user_ip' for anonymous users, 'user_id' otherwise
1788 * @param $id String|Int User's IP address for anonymous users, User ID otherwise
1789 * @param $fromMaster Bool true to fetch from the master, false for a slave
1790 * @return Bool True if the user has new messages
1791 */
1792 protected function checkNewtalk( $field, $id, $fromMaster = false ) {
1793 if ( $fromMaster ) {
1794 $db = wfGetDB( DB_MASTER );
1795 } else {
1796 $db = wfGetDB( DB_SLAVE );
1797 }
1798 $ok = $db->selectField( 'user_newtalk', $field,
1799 array( $field => $id ), __METHOD__ );
1800 return $ok !== false;
1801 }
1802
1803 /**
1804 * Add or update the new messages flag
1805 * @param $field String 'user_ip' for anonymous users, 'user_id' otherwise
1806 * @param $id String|Int User's IP address for anonymous users, User ID otherwise
1807 * @return Bool True if successful, false otherwise
1808 */
1809 protected function updateNewtalk( $field, $id ) {
1810 $dbw = wfGetDB( DB_MASTER );
1811 $dbw->insert( 'user_newtalk',
1812 array( $field => $id ),
1813 __METHOD__,
1814 'IGNORE' );
1815 if ( $dbw->affectedRows() ) {
1816 wfDebug( __METHOD__ . ": set on ($field, $id)\n" );
1817 return true;
1818 } else {
1819 wfDebug( __METHOD__ . " already set ($field, $id)\n" );
1820 return false;
1821 }
1822 }
1823
1824 /**
1825 * Clear the new messages flag for the given user
1826 * @param $field String 'user_ip' for anonymous users, 'user_id' otherwise
1827 * @param $id String|Int User's IP address for anonymous users, User ID otherwise
1828 * @return Bool True if successful, false otherwise
1829 */
1830 protected function deleteNewtalk( $field, $id ) {
1831 $dbw = wfGetDB( DB_MASTER );
1832 $dbw->delete( 'user_newtalk',
1833 array( $field => $id ),
1834 __METHOD__ );
1835 if ( $dbw->affectedRows() ) {
1836 wfDebug( __METHOD__ . ": killed on ($field, $id)\n" );
1837 return true;
1838 } else {
1839 wfDebug( __METHOD__ . ": already gone ($field, $id)\n" );
1840 return false;
1841 }
1842 }
1843
1844 /**
1845 * Update the 'You have new messages!' status.
1846 * @param $val Bool Whether the user has new messages
1847 */
1848 public function setNewtalk( $val ) {
1849 if( wfReadOnly() ) {
1850 return;
1851 }
1852
1853 $this->load();
1854 $this->mNewtalk = $val;
1855
1856 if( $this->isAnon() ) {
1857 $field = 'user_ip';
1858 $id = $this->getName();
1859 } else {
1860 $field = 'user_id';
1861 $id = $this->getId();
1862 }
1863 global $wgMemc;
1864
1865 if( $val ) {
1866 $changed = $this->updateNewtalk( $field, $id );
1867 } else {
1868 $changed = $this->deleteNewtalk( $field, $id );
1869 }
1870
1871 if( $this->isAnon() ) {
1872 // Anons have a separate memcached space, since
1873 // user records aren't kept for them.
1874 $key = wfMemcKey( 'newtalk', 'ip', $id );
1875 $wgMemc->set( $key, $val ? 1 : 0, 1800 );
1876 }
1877 if ( $changed ) {
1878 $this->invalidateCache();
1879 }
1880 }
1881
1882 /**
1883 * Generate a current or new-future timestamp to be stored in the
1884 * user_touched field when we update things.
1885 * @return String Timestamp in TS_MW format
1886 */
1887 private static function newTouchedTimestamp() {
1888 global $wgClockSkewFudge;
1889 return wfTimestamp( TS_MW, time() + $wgClockSkewFudge );
1890 }
1891
1892 /**
1893 * Clear user data from memcached.
1894 * Use after applying fun updates to the database; caller's
1895 * responsibility to update user_touched if appropriate.
1896 *
1897 * Called implicitly from invalidateCache() and saveSettings().
1898 */
1899 private function clearSharedCache() {
1900 $this->load();
1901 if( $this->mId ) {
1902 global $wgMemc;
1903 $wgMemc->delete( wfMemcKey( 'user', 'id', $this->mId ) );
1904 }
1905 }
1906
1907 /**
1908 * Immediately touch the user data cache for this account.
1909 * Updates user_touched field, and removes account data from memcached
1910 * for reload on the next hit.
1911 */
1912 public function invalidateCache() {
1913 if( wfReadOnly() ) {
1914 return;
1915 }
1916 $this->load();
1917 if( $this->mId ) {
1918 $this->mTouched = self::newTouchedTimestamp();
1919
1920 $dbw = wfGetDB( DB_MASTER );
1921 $dbw->update( 'user',
1922 array( 'user_touched' => $dbw->timestamp( $this->mTouched ) ),
1923 array( 'user_id' => $this->mId ),
1924 __METHOD__ );
1925
1926 $this->clearSharedCache();
1927 }
1928 }
1929
1930 /**
1931 * Validate the cache for this account.
1932 * @param $timestamp String A timestamp in TS_MW format
1933 *
1934 * @return bool
1935 */
1936 public function validateCache( $timestamp ) {
1937 $this->load();
1938 return ( $timestamp >= $this->mTouched );
1939 }
1940
1941 /**
1942 * Get the user touched timestamp
1943 * @return String timestamp
1944 */
1945 public function getTouched() {
1946 $this->load();
1947 return $this->mTouched;
1948 }
1949
1950 /**
1951 * Set the password and reset the random token.
1952 * Calls through to authentication plugin if necessary;
1953 * will have no effect if the auth plugin refuses to
1954 * pass the change through or if the legal password
1955 * checks fail.
1956 *
1957 * As a special case, setting the password to null
1958 * wipes it, so the account cannot be logged in until
1959 * a new password is set, for instance via e-mail.
1960 *
1961 * @param $str String New password to set
1962 * @throws PasswordError on failure
1963 *
1964 * @return bool
1965 */
1966 public function setPassword( $str ) {
1967 global $wgAuth;
1968
1969 if( $str !== null ) {
1970 if( !$wgAuth->allowPasswordChange() ) {
1971 throw new PasswordError( wfMsg( 'password-change-forbidden' ) );
1972 }
1973
1974 if( !$this->isValidPassword( $str ) ) {
1975 global $wgMinimalPasswordLength;
1976 $valid = $this->getPasswordValidity( $str );
1977 if ( is_array( $valid ) ) {
1978 $message = array_shift( $valid );
1979 $params = $valid;
1980 } else {
1981 $message = $valid;
1982 $params = array( $wgMinimalPasswordLength );
1983 }
1984 throw new PasswordError( wfMsgExt( $message, array( 'parsemag' ), $params ) );
1985 }
1986 }
1987
1988 if( !$wgAuth->setPassword( $this, $str ) ) {
1989 throw new PasswordError( wfMsg( 'externaldberror' ) );
1990 }
1991
1992 $this->setInternalPassword( $str );
1993
1994 return true;
1995 }
1996
1997 /**
1998 * Set the password and reset the random token unconditionally.
1999 *
2000 * @param $str String New password to set
2001 */
2002 public function setInternalPassword( $str ) {
2003 $this->load();
2004 $this->setToken();
2005
2006 if( $str === null ) {
2007 // Save an invalid hash...
2008 $this->mPassword = '';
2009 } else {
2010 $this->mPassword = self::crypt( $str );
2011 }
2012 $this->mNewpassword = '';
2013 $this->mNewpassTime = null;
2014 }
2015
2016 /**
2017 * Get the user's current token.
2018 * @return String Token
2019 */
2020 public function getToken() {
2021 $this->load();
2022 return $this->mToken;
2023 }
2024
2025 /**
2026 * Set the random token (used for persistent authentication)
2027 * Called from loadDefaults() among other places.
2028 *
2029 * @param $token String|bool If specified, set the token to this value
2030 */
2031 public function setToken( $token = false ) {
2032 global $wgSecretKey, $wgProxyKey;
2033 $this->load();
2034 if ( !$token ) {
2035 if ( $wgSecretKey ) {
2036 $key = $wgSecretKey;
2037 } elseif ( $wgProxyKey ) {
2038 $key = $wgProxyKey;
2039 } else {
2040 $key = microtime();
2041 }
2042 $this->mToken = md5( $key . mt_rand( 0, 0x7fffffff ) . wfWikiID() . $this->mId );
2043 } else {
2044 $this->mToken = $token;
2045 }
2046 }
2047
2048 /**
2049 * Set the cookie password
2050 *
2051 * @param $str String New cookie password
2052 */
2053 private function setCookiePassword( $str ) {
2054 $this->load();
2055 $this->mCookiePassword = md5( $str );
2056 }
2057
2058 /**
2059 * Set the password for a password reminder or new account email
2060 *
2061 * @param $str String New password to set
2062 * @param $throttle Bool If true, reset the throttle timestamp to the present
2063 */
2064 public function setNewpassword( $str, $throttle = true ) {
2065 $this->load();
2066 $this->mNewpassword = self::crypt( $str );
2067 if ( $throttle ) {
2068 $this->mNewpassTime = wfTimestampNow();
2069 }
2070 }
2071
2072 /**
2073 * Has password reminder email been sent within the last
2074 * $wgPasswordReminderResendTime hours?
2075 * @return Bool
2076 */
2077 public function isPasswordReminderThrottled() {
2078 global $wgPasswordReminderResendTime;
2079 $this->load();
2080 if ( !$this->mNewpassTime || !$wgPasswordReminderResendTime ) {
2081 return false;
2082 }
2083 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgPasswordReminderResendTime * 3600;
2084 return time() < $expiry;
2085 }
2086
2087 /**
2088 * Get the user's e-mail address
2089 * @return String User's email address
2090 */
2091 public function getEmail() {
2092 $this->load();
2093 wfRunHooks( 'UserGetEmail', array( $this, &$this->mEmail ) );
2094 return $this->mEmail;
2095 }
2096
2097 /**
2098 * Get the timestamp of the user's e-mail authentication
2099 * @return String TS_MW timestamp
2100 */
2101 public function getEmailAuthenticationTimestamp() {
2102 $this->load();
2103 wfRunHooks( 'UserGetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
2104 return $this->mEmailAuthenticated;
2105 }
2106
2107 /**
2108 * Set the user's e-mail address
2109 * @param $str String New e-mail address
2110 */
2111 public function setEmail( $str ) {
2112 $this->load();
2113 if( $str == $this->mEmail ) {
2114 return;
2115 }
2116 $this->mEmail = $str;
2117 $this->invalidateEmail();
2118 wfRunHooks( 'UserSetEmail', array( $this, &$this->mEmail ) );
2119 }
2120
2121 /**
2122 * Get the user's real name
2123 * @return String User's real name
2124 */
2125 public function getRealName() {
2126 if ( !$this->isItemLoaded( 'realname' ) ) {
2127 $this->load();
2128 }
2129
2130 return $this->mRealName;
2131 }
2132
2133 /**
2134 * Set the user's real name
2135 * @param $str String New real name
2136 */
2137 public function setRealName( $str ) {
2138 $this->load();
2139 $this->mRealName = $str;
2140 }
2141
2142 /**
2143 * Get the user's current setting for a given option.
2144 *
2145 * @param $oname String The option to check
2146 * @param $defaultOverride String A default value returned if the option does not exist
2147 * @param $ignoreHidden Bool = whether to ignore the effects of $wgHiddenPrefs
2148 * @return String User's current value for the option
2149 * @see getBoolOption()
2150 * @see getIntOption()
2151 */
2152 public function getOption( $oname, $defaultOverride = null, $ignoreHidden = false ) {
2153 global $wgHiddenPrefs;
2154 $this->loadOptions();
2155
2156 if ( is_null( $this->mOptions ) ) {
2157 if($defaultOverride != '') {
2158 return $defaultOverride;
2159 }
2160 $this->mOptions = User::getDefaultOptions();
2161 }
2162
2163 # We want 'disabled' preferences to always behave as the default value for
2164 # users, even if they have set the option explicitly in their settings (ie they
2165 # set it, and then it was disabled removing their ability to change it). But
2166 # we don't want to erase the preferences in the database in case the preference
2167 # is re-enabled again. So don't touch $mOptions, just override the returned value
2168 if( in_array( $oname, $wgHiddenPrefs ) && !$ignoreHidden ){
2169 return self::getDefaultOption( $oname );
2170 }
2171
2172 if ( array_key_exists( $oname, $this->mOptions ) ) {
2173 return $this->mOptions[$oname];
2174 } else {
2175 return $defaultOverride;
2176 }
2177 }
2178
2179 /**
2180 * Get all user's options
2181 *
2182 * @return array
2183 */
2184 public function getOptions() {
2185 global $wgHiddenPrefs;
2186 $this->loadOptions();
2187 $options = $this->mOptions;
2188
2189 # We want 'disabled' preferences to always behave as the default value for
2190 # users, even if they have set the option explicitly in their settings (ie they
2191 # set it, and then it was disabled removing their ability to change it). But
2192 # we don't want to erase the preferences in the database in case the preference
2193 # is re-enabled again. So don't touch $mOptions, just override the returned value
2194 foreach( $wgHiddenPrefs as $pref ){
2195 $default = self::getDefaultOption( $pref );
2196 if( $default !== null ){
2197 $options[$pref] = $default;
2198 }
2199 }
2200
2201 return $options;
2202 }
2203
2204 /**
2205 * Get the user's current setting for a given option, as a boolean value.
2206 *
2207 * @param $oname String The option to check
2208 * @return Bool User's current value for the option
2209 * @see getOption()
2210 */
2211 public function getBoolOption( $oname ) {
2212 return (bool)$this->getOption( $oname );
2213 }
2214
2215 /**
2216 * Get the user's current setting for a given option, as a boolean value.
2217 *
2218 * @param $oname String The option to check
2219 * @param $defaultOverride Int A default value returned if the option does not exist
2220 * @return Int User's current value for the option
2221 * @see getOption()
2222 */
2223 public function getIntOption( $oname, $defaultOverride=0 ) {
2224 $val = $this->getOption( $oname );
2225 if( $val == '' ) {
2226 $val = $defaultOverride;
2227 }
2228 return intval( $val );
2229 }
2230
2231 /**
2232 * Set the given option for a user.
2233 *
2234 * @param $oname String The option to set
2235 * @param $val mixed New value to set
2236 */
2237 public function setOption( $oname, $val ) {
2238 $this->load();
2239 $this->loadOptions();
2240
2241 // Explicitly NULL values should refer to defaults
2242 global $wgDefaultUserOptions;
2243 if( is_null( $val ) && isset( $wgDefaultUserOptions[$oname] ) ) {
2244 $val = $wgDefaultUserOptions[$oname];
2245 }
2246
2247 $this->mOptions[$oname] = $val;
2248 }
2249
2250 /**
2251 * Reset all options to the site defaults
2252 */
2253 public function resetOptions() {
2254 $this->mOptions = self::getDefaultOptions();
2255 }
2256
2257 /**
2258 * Get the user's preferred date format.
2259 * @return String User's preferred date format
2260 */
2261 public function getDatePreference() {
2262 // Important migration for old data rows
2263 if ( is_null( $this->mDatePreference ) ) {
2264 global $wgLang;
2265 $value = $this->getOption( 'date' );
2266 $map = $wgLang->getDatePreferenceMigrationMap();
2267 if ( isset( $map[$value] ) ) {
2268 $value = $map[$value];
2269 }
2270 $this->mDatePreference = $value;
2271 }
2272 return $this->mDatePreference;
2273 }
2274
2275 /**
2276 * Get the user preferred stub threshold
2277 *
2278 * @return int
2279 */
2280 public function getStubThreshold() {
2281 global $wgMaxArticleSize; # Maximum article size, in Kb
2282 $threshold = intval( $this->getOption( 'stubthreshold' ) );
2283 if ( $threshold > $wgMaxArticleSize * 1024 ) {
2284 # If they have set an impossible value, disable the preference
2285 # so we can use the parser cache again.
2286 $threshold = 0;
2287 }
2288 return $threshold;
2289 }
2290
2291 /**
2292 * Get the permissions this user has.
2293 * @return Array of String permission names
2294 */
2295 public function getRights() {
2296 if ( is_null( $this->mRights ) ) {
2297 $this->mRights = self::getGroupPermissions( $this->getEffectiveGroups() );
2298 wfRunHooks( 'UserGetRights', array( $this, &$this->mRights ) );
2299 // Force reindexation of rights when a hook has unset one of them
2300 $this->mRights = array_values( $this->mRights );
2301 }
2302 return $this->mRights;
2303 }
2304
2305 /**
2306 * Get the list of explicit group memberships this user has.
2307 * The implicit * and user groups are not included.
2308 * @return Array of String internal group names
2309 */
2310 public function getGroups() {
2311 $this->load();
2312 $this->loadGroups();
2313 return $this->mGroups;
2314 }
2315
2316 /**
2317 * Get the list of implicit group memberships this user has.
2318 * This includes all explicit groups, plus 'user' if logged in,
2319 * '*' for all accounts, and autopromoted groups
2320 * @param $recache Bool Whether to avoid the cache
2321 * @return Array of String internal group names
2322 */
2323 public function getEffectiveGroups( $recache = false ) {
2324 if ( $recache || is_null( $this->mEffectiveGroups ) ) {
2325 wfProfileIn( __METHOD__ );
2326 $this->mEffectiveGroups = array_unique( array_merge(
2327 $this->getGroups(), // explicit groups
2328 $this->getAutomaticGroups( $recache ) // implicit groups
2329 ) );
2330 # Hook for additional groups
2331 wfRunHooks( 'UserEffectiveGroups', array( &$this, &$this->mEffectiveGroups ) );
2332 wfProfileOut( __METHOD__ );
2333 }
2334 return $this->mEffectiveGroups;
2335 }
2336
2337 /**
2338 * Get the list of implicit group memberships this user has.
2339 * This includes 'user' if logged in, '*' for all accounts,
2340 * and autopromoted groups
2341 * @param $recache Bool Whether to avoid the cache
2342 * @return Array of String internal group names
2343 */
2344 public function getAutomaticGroups( $recache = false ) {
2345 if ( $recache || is_null( $this->mImplicitGroups ) ) {
2346 wfProfileIn( __METHOD__ );
2347 $this->mImplicitGroups = array( '*' );
2348 if ( $this->getId() ) {
2349 $this->mImplicitGroups[] = 'user';
2350
2351 $this->mImplicitGroups = array_unique( array_merge(
2352 $this->mImplicitGroups,
2353 Autopromote::getAutopromoteGroups( $this )
2354 ) );
2355 }
2356 if ( $recache ) {
2357 # Assure data consistency with rights/groups,
2358 # as getEffectiveGroups() depends on this function
2359 $this->mEffectiveGroups = null;
2360 }
2361 wfProfileOut( __METHOD__ );
2362 }
2363 return $this->mImplicitGroups;
2364 }
2365
2366 /**
2367 * Returns the groups the user has belonged to.
2368 *
2369 * The user may still belong to the returned groups. Compare with getGroups().
2370 *
2371 * The function will not return groups the user had belonged to before MW 1.17
2372 *
2373 * @return array Names of the groups the user has belonged to.
2374 */
2375 public function getFormerGroups() {
2376 if( is_null( $this->mFormerGroups ) ) {
2377 $dbr = wfGetDB( DB_MASTER );
2378 $res = $dbr->select( 'user_former_groups',
2379 array( 'ufg_group' ),
2380 array( 'ufg_user' => $this->mId ),
2381 __METHOD__ );
2382 $this->mFormerGroups = array();
2383 foreach( $res as $row ) {
2384 $this->mFormerGroups[] = $row->ufg_group;
2385 }
2386 }
2387 return $this->mFormerGroups;
2388 }
2389
2390 /**
2391 * Get the user's edit count.
2392 * @return Int
2393 */
2394 public function getEditCount() {
2395 if( $this->getId() ) {
2396 if ( !isset( $this->mEditCount ) ) {
2397 /* Populate the count, if it has not been populated yet */
2398 $this->mEditCount = User::edits( $this->mId );
2399 }
2400 return $this->mEditCount;
2401 } else {
2402 /* nil */
2403 return null;
2404 }
2405 }
2406
2407 /**
2408 * Add the user to the given group.
2409 * This takes immediate effect.
2410 * @param $group String Name of the group to add
2411 */
2412 public function addGroup( $group ) {
2413 if( wfRunHooks( 'UserAddGroup', array( $this, &$group ) ) ) {
2414 $dbw = wfGetDB( DB_MASTER );
2415 if( $this->getId() ) {
2416 $dbw->insert( 'user_groups',
2417 array(
2418 'ug_user' => $this->getID(),
2419 'ug_group' => $group,
2420 ),
2421 __METHOD__,
2422 array( 'IGNORE' ) );
2423 }
2424 }
2425 $this->loadGroups();
2426 $this->mGroups[] = $group;
2427 $this->mRights = User::getGroupPermissions( $this->getEffectiveGroups( true ) );
2428
2429 $this->invalidateCache();
2430 }
2431
2432 /**
2433 * Remove the user from the given group.
2434 * This takes immediate effect.
2435 * @param $group String Name of the group to remove
2436 */
2437 public function removeGroup( $group ) {
2438 $this->load();
2439 if( wfRunHooks( 'UserRemoveGroup', array( $this, &$group ) ) ) {
2440 $dbw = wfGetDB( DB_MASTER );
2441 $dbw->delete( 'user_groups',
2442 array(
2443 'ug_user' => $this->getID(),
2444 'ug_group' => $group,
2445 ), __METHOD__ );
2446 // Remember that the user was in this group
2447 $dbw->insert( 'user_former_groups',
2448 array(
2449 'ufg_user' => $this->getID(),
2450 'ufg_group' => $group,
2451 ),
2452 __METHOD__,
2453 array( 'IGNORE' ) );
2454 }
2455 $this->loadGroups();
2456 $this->mGroups = array_diff( $this->mGroups, array( $group ) );
2457 $this->mRights = User::getGroupPermissions( $this->getEffectiveGroups( true ) );
2458
2459 $this->invalidateCache();
2460 }
2461
2462 /**
2463 * Get whether the user is logged in
2464 * @return Bool
2465 */
2466 public function isLoggedIn() {
2467 return $this->getID() != 0;
2468 }
2469
2470 /**
2471 * Get whether the user is anonymous
2472 * @return Bool
2473 */
2474 public function isAnon() {
2475 return !$this->isLoggedIn();
2476 }
2477
2478 /**
2479 * Check if user is allowed to access a feature / make an action
2480 *
2481 * @internal param \String $varargs permissions to test
2482 * @return Boolean: True if user is allowed to perform *any* of the given actions
2483 *
2484 * @return bool
2485 */
2486 public function isAllowedAny( /*...*/ ){
2487 $permissions = func_get_args();
2488 foreach( $permissions as $permission ){
2489 if( $this->isAllowed( $permission ) ){
2490 return true;
2491 }
2492 }
2493 return false;
2494 }
2495
2496 /**
2497 *
2498 * @internal param $varargs string
2499 * @return bool True if the user is allowed to perform *all* of the given actions
2500 */
2501 public function isAllowedAll( /*...*/ ){
2502 $permissions = func_get_args();
2503 foreach( $permissions as $permission ){
2504 if( !$this->isAllowed( $permission ) ){
2505 return false;
2506 }
2507 }
2508 return true;
2509 }
2510
2511 /**
2512 * Internal mechanics of testing a permission
2513 * @param $action String
2514 * @return bool
2515 */
2516 public function isAllowed( $action = '' ) {
2517 if ( $action === '' ) {
2518 return true; // In the spirit of DWIM
2519 }
2520 # Patrolling may not be enabled
2521 if( $action === 'patrol' || $action === 'autopatrol' ) {
2522 global $wgUseRCPatrol, $wgUseNPPatrol;
2523 if( !$wgUseRCPatrol && !$wgUseNPPatrol )
2524 return false;
2525 }
2526 # Use strict parameter to avoid matching numeric 0 accidentally inserted
2527 # by misconfiguration: 0 == 'foo'
2528 return in_array( $action, $this->getRights(), true );
2529 }
2530
2531 /**
2532 * Check whether to enable recent changes patrol features for this user
2533 * @return Boolean: True or false
2534 */
2535 public function useRCPatrol() {
2536 global $wgUseRCPatrol;
2537 return $wgUseRCPatrol && $this->isAllowedAny( 'patrol', 'patrolmarks' );
2538 }
2539
2540 /**
2541 * Check whether to enable new pages patrol features for this user
2542 * @return Bool True or false
2543 */
2544 public function useNPPatrol() {
2545 global $wgUseRCPatrol, $wgUseNPPatrol;
2546 return( ( $wgUseRCPatrol || $wgUseNPPatrol ) && ( $this->isAllowedAny( 'patrol', 'patrolmarks' ) ) );
2547 }
2548
2549 /**
2550 * Get the WebRequest object to use with this object
2551 *
2552 * @return WebRequest
2553 */
2554 public function getRequest() {
2555 if ( $this->mRequest ) {
2556 return $this->mRequest;
2557 } else {
2558 global $wgRequest;
2559 return $wgRequest;
2560 }
2561 }
2562
2563 /**
2564 * Get the current skin, loading it if required
2565 * @return Skin The current skin
2566 * @todo FIXME: Need to check the old failback system [AV]
2567 * @deprecated since 1.18 Use ->getSkin() in the most relevant outputting context you have
2568 */
2569 public function getSkin() {
2570 wfDeprecated( __METHOD__, '1.18' );
2571 return RequestContext::getMain()->getSkin();
2572 }
2573
2574 /**
2575 * Check the watched status of an article.
2576 * @param $title Title of the article to look at
2577 * @return Bool
2578 */
2579 public function isWatched( $title ) {
2580 $wl = WatchedItem::fromUserTitle( $this, $title );
2581 return $wl->isWatched();
2582 }
2583
2584 /**
2585 * Watch an article.
2586 * @param $title Title of the article to look at
2587 */
2588 public function addWatch( $title ) {
2589 $wl = WatchedItem::fromUserTitle( $this, $title );
2590 $wl->addWatch();
2591 $this->invalidateCache();
2592 }
2593
2594 /**
2595 * Stop watching an article.
2596 * @param $title Title of the article to look at
2597 */
2598 public function removeWatch( $title ) {
2599 $wl = WatchedItem::fromUserTitle( $this, $title );
2600 $wl->removeWatch();
2601 $this->invalidateCache();
2602 }
2603
2604 /**
2605 * Clear the user's notification timestamp for the given title.
2606 * If e-notif e-mails are on, they will receive notification mails on
2607 * the next change of the page if it's watched etc.
2608 * @param $title Title of the article to look at
2609 */
2610 public function clearNotification( &$title ) {
2611 global $wgUseEnotif, $wgShowUpdatedMarker;
2612
2613 # Do nothing if the database is locked to writes
2614 if( wfReadOnly() ) {
2615 return;
2616 }
2617
2618 if( $title->getNamespace() == NS_USER_TALK &&
2619 $title->getText() == $this->getName() ) {
2620 if( !wfRunHooks( 'UserClearNewTalkNotification', array( &$this ) ) )
2621 return;
2622 $this->setNewtalk( false );
2623 }
2624
2625 if( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
2626 return;
2627 }
2628
2629 if( $this->isAnon() ) {
2630 // Nothing else to do...
2631 return;
2632 }
2633
2634 // Only update the timestamp if the page is being watched.
2635 // The query to find out if it is watched is cached both in memcached and per-invocation,
2636 // and when it does have to be executed, it can be on a slave
2637 // If this is the user's newtalk page, we always update the timestamp
2638 $force = '';
2639 if ( $title->getNamespace() == NS_USER_TALK &&
2640 $title->getText() == $this->getName() )
2641 {
2642 $force = 'force';
2643 }
2644
2645 $wi = WatchedItem::fromUserTitle( $this, $title );
2646 $wi->resetNotificationTimestamp( $force );
2647 }
2648
2649 /**
2650 * Resets all of the given user's page-change notification timestamps.
2651 * If e-notif e-mails are on, they will receive notification mails on
2652 * the next change of any watched page.
2653 */
2654 public function clearAllNotifications() {
2655 global $wgUseEnotif, $wgShowUpdatedMarker;
2656 if ( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
2657 $this->setNewtalk( false );
2658 return;
2659 }
2660 $id = $this->getId();
2661 if( $id != 0 ) {
2662 $dbw = wfGetDB( DB_MASTER );
2663 $dbw->update( 'watchlist',
2664 array( /* SET */
2665 'wl_notificationtimestamp' => null
2666 ), array( /* WHERE */
2667 'wl_user' => $id
2668 ), __METHOD__
2669 );
2670 # We also need to clear here the "you have new message" notification for the own user_talk page
2671 # This is cleared one page view later in Article::viewUpdates();
2672 }
2673 }
2674
2675 /**
2676 * Set this user's options from an encoded string
2677 * @param $str String Encoded options to import
2678 *
2679 * @deprecated in 1.19 due to removal of user_options from the user table
2680 */
2681 private function decodeOptions( $str ) {
2682 wfDeprecated( __METHOD__, '1.19' );
2683 if( !$str )
2684 return;
2685
2686 $this->mOptionsLoaded = true;
2687 $this->mOptionOverrides = array();
2688
2689 // If an option is not set in $str, use the default value
2690 $this->mOptions = self::getDefaultOptions();
2691
2692 $a = explode( "\n", $str );
2693 foreach ( $a as $s ) {
2694 $m = array();
2695 if ( preg_match( "/^(.[^=]*)=(.*)$/", $s, $m ) ) {
2696 $this->mOptions[$m[1]] = $m[2];
2697 $this->mOptionOverrides[$m[1]] = $m[2];
2698 }
2699 }
2700 }
2701
2702 /**
2703 * Set a cookie on the user's client. Wrapper for
2704 * WebResponse::setCookie
2705 * @param $name String Name of the cookie to set
2706 * @param $value String Value to set
2707 * @param $exp Int Expiration time, as a UNIX time value;
2708 * if 0 or not specified, use the default $wgCookieExpiration
2709 */
2710 protected function setCookie( $name, $value, $exp = 0 ) {
2711 $this->getRequest()->response()->setcookie( $name, $value, $exp );
2712 }
2713
2714 /**
2715 * Clear a cookie on the user's client
2716 * @param $name String Name of the cookie to clear
2717 */
2718 protected function clearCookie( $name ) {
2719 $this->setCookie( $name, '', time() - 86400 );
2720 }
2721
2722 /**
2723 * Set the default cookies for this session on the user's client.
2724 *
2725 * @param $request WebRequest object to use; $wgRequest will be used if null
2726 * is passed.
2727 */
2728 public function setCookies( $request = null ) {
2729 if ( $request === null ) {
2730 $request = $this->getRequest();
2731 }
2732
2733 $this->load();
2734 if ( 0 == $this->mId ) return;
2735 if ( !$this->mToken ) {
2736 // When token is empty or NULL generate a new one and then save it to the database
2737 // This allows a wiki to re-secure itself after a leak of it's user table or $wgSecretKey
2738 // Simply by setting every cell in the user_token column to NULL and letting them be
2739 // regenerated as users log back into the wiki.
2740 $this->setToken();
2741 $this->saveSettings();
2742 }
2743 $session = array(
2744 'wsUserID' => $this->mId,
2745 'wsToken' => $this->mToken,
2746 'wsUserName' => $this->getName()
2747 );
2748 $cookies = array(
2749 'UserID' => $this->mId,
2750 'UserName' => $this->getName(),
2751 );
2752 if ( 1 == $this->getOption( 'rememberpassword' ) ) {
2753 $cookies['Token'] = $this->mToken;
2754 } else {
2755 $cookies['Token'] = false;
2756 }
2757
2758 wfRunHooks( 'UserSetCookies', array( $this, &$session, &$cookies ) );
2759
2760 foreach ( $session as $name => $value ) {
2761 $request->setSessionData( $name, $value );
2762 }
2763 foreach ( $cookies as $name => $value ) {
2764 if ( $value === false ) {
2765 $this->clearCookie( $name );
2766 } else {
2767 $this->setCookie( $name, $value );
2768 }
2769 }
2770 }
2771
2772 /**
2773 * Log this user out.
2774 */
2775 public function logout() {
2776 if( wfRunHooks( 'UserLogout', array( &$this ) ) ) {
2777 $this->doLogout();
2778 }
2779 }
2780
2781 /**
2782 * Clear the user's cookies and session, and reset the instance cache.
2783 * @see logout()
2784 */
2785 public function doLogout() {
2786 $this->clearInstanceCache( 'defaults' );
2787
2788 $this->getRequest()->setSessionData( 'wsUserID', 0 );
2789
2790 $this->clearCookie( 'UserID' );
2791 $this->clearCookie( 'Token' );
2792
2793 # Remember when user logged out, to prevent seeing cached pages
2794 $this->setCookie( 'LoggedOut', wfTimestampNow(), time() + 86400 );
2795 }
2796
2797 /**
2798 * Save this user's settings into the database.
2799 * @todo Only rarely do all these fields need to be set!
2800 */
2801 public function saveSettings() {
2802 $this->load();
2803 if ( wfReadOnly() ) { return; }
2804 if ( 0 == $this->mId ) { return; }
2805
2806 $this->mTouched = self::newTouchedTimestamp();
2807
2808 $dbw = wfGetDB( DB_MASTER );
2809 $dbw->update( 'user',
2810 array( /* SET */
2811 'user_name' => $this->mName,
2812 'user_password' => $this->mPassword,
2813 'user_newpassword' => $this->mNewpassword,
2814 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
2815 'user_real_name' => $this->mRealName,
2816 'user_email' => $this->mEmail,
2817 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
2818 'user_touched' => $dbw->timestamp( $this->mTouched ),
2819 'user_token' => $this->mToken,
2820 'user_email_token' => $this->mEmailToken,
2821 'user_email_token_expires' => $dbw->timestampOrNull( $this->mEmailTokenExpires ),
2822 ), array( /* WHERE */
2823 'user_id' => $this->mId
2824 ), __METHOD__
2825 );
2826
2827 $this->saveOptions();
2828
2829 wfRunHooks( 'UserSaveSettings', array( $this ) );
2830 $this->clearSharedCache();
2831 $this->getUserPage()->invalidateCache();
2832 }
2833
2834 /**
2835 * If only this user's username is known, and it exists, return the user ID.
2836 * @return Int
2837 */
2838 public function idForName() {
2839 $s = trim( $this->getName() );
2840 if ( $s === '' ) return 0;
2841
2842 $dbr = wfGetDB( DB_SLAVE );
2843 $id = $dbr->selectField( 'user', 'user_id', array( 'user_name' => $s ), __METHOD__ );
2844 if ( $id === false ) {
2845 $id = 0;
2846 }
2847 return $id;
2848 }
2849
2850 /**
2851 * Add a user to the database, return the user object
2852 *
2853 * @param $name String Username to add
2854 * @param $params Array of Strings Non-default parameters to save to the database as user_* fields:
2855 * - password The user's password hash. Password logins will be disabled if this is omitted.
2856 * - newpassword Hash for a temporary password that has been mailed to the user
2857 * - email The user's email address
2858 * - email_authenticated The email authentication timestamp
2859 * - real_name The user's real name
2860 * - options An associative array of non-default options
2861 * - token Random authentication token. Do not set.
2862 * - registration Registration timestamp. Do not set.
2863 *
2864 * @return User object, or null if the username already exists
2865 */
2866 public static function createNew( $name, $params = array() ) {
2867 $user = new User;
2868 $user->load();
2869 if ( isset( $params['options'] ) ) {
2870 $user->mOptions = $params['options'] + (array)$user->mOptions;
2871 unset( $params['options'] );
2872 }
2873 $dbw = wfGetDB( DB_MASTER );
2874 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
2875
2876 $fields = array(
2877 'user_id' => $seqVal,
2878 'user_name' => $name,
2879 'user_password' => $user->mPassword,
2880 'user_newpassword' => $user->mNewpassword,
2881 'user_newpass_time' => $dbw->timestampOrNull( $user->mNewpassTime ),
2882 'user_email' => $user->mEmail,
2883 'user_email_authenticated' => $dbw->timestampOrNull( $user->mEmailAuthenticated ),
2884 'user_real_name' => $user->mRealName,
2885 'user_token' => $user->mToken,
2886 'user_registration' => $dbw->timestamp( $user->mRegistration ),
2887 'user_editcount' => 0,
2888 );
2889 foreach ( $params as $name => $value ) {
2890 $fields["user_$name"] = $value;
2891 }
2892 $dbw->insert( 'user', $fields, __METHOD__, array( 'IGNORE' ) );
2893 if ( $dbw->affectedRows() ) {
2894 $newUser = User::newFromId( $dbw->insertId() );
2895 } else {
2896 $newUser = null;
2897 }
2898 return $newUser;
2899 }
2900
2901 /**
2902 * Add this existing user object to the database
2903 */
2904 public function addToDatabase() {
2905 $this->load();
2906 $dbw = wfGetDB( DB_MASTER );
2907 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
2908 $dbw->insert( 'user',
2909 array(
2910 'user_id' => $seqVal,
2911 'user_name' => $this->mName,
2912 'user_password' => $this->mPassword,
2913 'user_newpassword' => $this->mNewpassword,
2914 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
2915 'user_email' => $this->mEmail,
2916 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
2917 'user_real_name' => $this->mRealName,
2918 'user_token' => $this->mToken,
2919 'user_registration' => $dbw->timestamp( $this->mRegistration ),
2920 'user_editcount' => 0,
2921 ), __METHOD__
2922 );
2923 $this->mId = $dbw->insertId();
2924
2925 // Clear instance cache other than user table data, which is already accurate
2926 $this->clearInstanceCache();
2927
2928 $this->saveOptions();
2929 }
2930
2931 /**
2932 * If this user is logged-in and blocked,
2933 * block any IP address they've successfully logged in from.
2934 * @return bool A block was spread
2935 */
2936 public function spreadAnyEditBlock() {
2937 if ( $this->isLoggedIn() && $this->isBlocked() ) {
2938 return $this->spreadBlock();
2939 }
2940 return false;
2941 }
2942
2943 /**
2944 * If this (non-anonymous) user is blocked,
2945 * block the IP address they've successfully logged in from.
2946 * @return bool A block was spread
2947 */
2948 protected function spreadBlock() {
2949 wfDebug( __METHOD__ . "()\n" );
2950 $this->load();
2951 if ( $this->mId == 0 ) {
2952 return false;
2953 }
2954
2955 $userblock = Block::newFromTarget( $this->getName() );
2956 if ( !$userblock ) {
2957 return false;
2958 }
2959
2960 return (bool)$userblock->doAutoblock( $this->getRequest()->getIP() );
2961 }
2962
2963 /**
2964 * Generate a string which will be different for any combination of
2965 * user options which would produce different parser output.
2966 * This will be used as part of the hash key for the parser cache,
2967 * so users with the same options can share the same cached data
2968 * safely.
2969 *
2970 * Extensions which require it should install 'PageRenderingHash' hook,
2971 * which will give them a chance to modify this key based on their own
2972 * settings.
2973 *
2974 * @deprecated since 1.17 use the ParserOptions object to get the relevant options
2975 * @return String Page rendering hash
2976 */
2977 public function getPageRenderingHash() {
2978 wfDeprecated( __METHOD__, '1.17' );
2979
2980 global $wgUseDynamicDates, $wgRenderHashAppend, $wgLang, $wgContLang;
2981 if( $this->mHash ){
2982 return $this->mHash;
2983 }
2984
2985 // stubthreshold is only included below for completeness,
2986 // since it disables the parser cache, its value will always
2987 // be 0 when this function is called by parsercache.
2988
2989 $confstr = $this->getOption( 'math' );
2990 $confstr .= '!' . $this->getStubThreshold();
2991 if ( $wgUseDynamicDates ) { # This is wrong (bug 24714)
2992 $confstr .= '!' . $this->getDatePreference();
2993 }
2994 $confstr .= '!' . ( $this->getOption( 'numberheadings' ) ? '1' : '' );
2995 $confstr .= '!' . $wgLang->getCode();
2996 $confstr .= '!' . $this->getOption( 'thumbsize' );
2997 // add in language specific options, if any
2998 $extra = $wgContLang->getExtraHashOptions();
2999 $confstr .= $extra;
3000
3001 // Since the skin could be overloading link(), it should be
3002 // included here but in practice, none of our skins do that.
3003
3004 $confstr .= $wgRenderHashAppend;
3005
3006 // Give a chance for extensions to modify the hash, if they have
3007 // extra options or other effects on the parser cache.
3008 wfRunHooks( 'PageRenderingHash', array( &$confstr ) );
3009
3010 // Make it a valid memcached key fragment
3011 $confstr = str_replace( ' ', '_', $confstr );
3012 $this->mHash = $confstr;
3013 return $confstr;
3014 }
3015
3016 /**
3017 * Get whether the user is explicitly blocked from account creation.
3018 * @return Bool|Block
3019 */
3020 public function isBlockedFromCreateAccount() {
3021 $this->getBlockedStatus();
3022 if( $this->mBlock && $this->mBlock->prevents( 'createaccount' ) ){
3023 return $this->mBlock;
3024 }
3025
3026 # bug 13611: if the IP address the user is trying to create an account from is
3027 # blocked with createaccount disabled, prevent new account creation there even
3028 # when the user is logged in
3029 if( $this->mBlockedFromCreateAccount === false ){
3030 $this->mBlockedFromCreateAccount = Block::newFromTarget( null, $this->getRequest()->getIP() );
3031 }
3032 return $this->mBlockedFromCreateAccount instanceof Block && $this->mBlockedFromCreateAccount->prevents( 'createaccount' )
3033 ? $this->mBlockedFromCreateAccount
3034 : false;
3035 }
3036
3037 /**
3038 * Get whether the user is blocked from using Special:Emailuser.
3039 * @return Bool
3040 */
3041 public function isBlockedFromEmailuser() {
3042 $this->getBlockedStatus();
3043 return $this->mBlock && $this->mBlock->prevents( 'sendemail' );
3044 }
3045
3046 /**
3047 * Get whether the user is allowed to create an account.
3048 * @return Bool
3049 */
3050 function isAllowedToCreateAccount() {
3051 return $this->isAllowed( 'createaccount' ) && !$this->isBlockedFromCreateAccount();
3052 }
3053
3054 /**
3055 * Get this user's personal page title.
3056 *
3057 * @return Title: User's personal page title
3058 */
3059 public function getUserPage() {
3060 return Title::makeTitle( NS_USER, $this->getName() );
3061 }
3062
3063 /**
3064 * Get this user's talk page title.
3065 *
3066 * @return Title: User's talk page title
3067 */
3068 public function getTalkPage() {
3069 $title = $this->getUserPage();
3070 return $title->getTalkPage();
3071 }
3072
3073 /**
3074 * Determine whether the user is a newbie. Newbies are either
3075 * anonymous IPs, or the most recently created accounts.
3076 * @return Bool
3077 */
3078 public function isNewbie() {
3079 return !$this->isAllowed( 'autoconfirmed' );
3080 }
3081
3082 /**
3083 * Check to see if the given clear-text password is one of the accepted passwords
3084 * @param $password String: user password.
3085 * @return Boolean: True if the given password is correct, otherwise False.
3086 */
3087 public function checkPassword( $password ) {
3088 global $wgAuth, $wgLegacyEncoding;
3089 $this->load();
3090
3091 // Even though we stop people from creating passwords that
3092 // are shorter than this, doesn't mean people wont be able
3093 // to. Certain authentication plugins do NOT want to save
3094 // domain passwords in a mysql database, so we should
3095 // check this (in case $wgAuth->strict() is false).
3096 if( !$this->isValidPassword( $password ) ) {
3097 return false;
3098 }
3099
3100 if( $wgAuth->authenticate( $this->getName(), $password ) ) {
3101 return true;
3102 } elseif( $wgAuth->strict() ) {
3103 /* Auth plugin doesn't allow local authentication */
3104 return false;
3105 } elseif( $wgAuth->strictUserAuth( $this->getName() ) ) {
3106 /* Auth plugin doesn't allow local authentication for this user name */
3107 return false;
3108 }
3109 if ( self::comparePasswords( $this->mPassword, $password, $this->mId ) ) {
3110 return true;
3111 } elseif ( $wgLegacyEncoding ) {
3112 # Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted
3113 # Check for this with iconv
3114 $cp1252Password = iconv( 'UTF-8', 'WINDOWS-1252//TRANSLIT', $password );
3115 if ( $cp1252Password != $password &&
3116 self::comparePasswords( $this->mPassword, $cp1252Password, $this->mId ) )
3117 {
3118 return true;
3119 }
3120 }
3121 return false;
3122 }
3123
3124 /**
3125 * Check if the given clear-text password matches the temporary password
3126 * sent by e-mail for password reset operations.
3127 *
3128 * @param $plaintext string
3129 *
3130 * @return Boolean: True if matches, false otherwise
3131 */
3132 public function checkTemporaryPassword( $plaintext ) {
3133 global $wgNewPasswordExpiry;
3134
3135 $this->load();
3136 if( self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ) ) {
3137 if ( is_null( $this->mNewpassTime ) ) {
3138 return true;
3139 }
3140 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry;
3141 return ( time() < $expiry );
3142 } else {
3143 return false;
3144 }
3145 }
3146
3147 /**
3148 * Alias for getEditToken.
3149 * @deprecated since 1.19, use getEditToken instead.
3150 *
3151 * @param $salt String|Array of Strings Optional function-specific data for hashing
3152 * @param $request WebRequest object to use or null to use $wgRequest
3153 * @return String The new edit token
3154 */
3155 public function editToken( $salt = '', $request = null ) {
3156 wfDeprecated( __METHOD__, '1.19' );
3157 return $this->getEditToken( $salt, $request );
3158 }
3159
3160 /**
3161 * Initialize (if necessary) and return a session token value
3162 * which can be used in edit forms to show that the user's
3163 * login credentials aren't being hijacked with a foreign form
3164 * submission.
3165 *
3166 * @since 1.19
3167 *
3168 * @param $salt String|Array of Strings Optional function-specific data for hashing
3169 * @param $request WebRequest object to use or null to use $wgRequest
3170 * @return String The new edit token
3171 */
3172 public function getEditToken( $salt = '', $request = null ) {
3173 if ( $request == null ) {
3174 $request = $this->getRequest();
3175 }
3176
3177 if ( $this->isAnon() ) {
3178 return EDIT_TOKEN_SUFFIX;
3179 } else {
3180 $token = $request->getSessionData( 'wsEditToken' );
3181 if ( $token === null ) {
3182 $token = self::generateToken();
3183 $request->setSessionData( 'wsEditToken', $token );
3184 }
3185 if( is_array( $salt ) ) {
3186 $salt = implode( '|', $salt );
3187 }
3188 return md5( $token . $salt ) . EDIT_TOKEN_SUFFIX;
3189 }
3190 }
3191
3192 /**
3193 * Generate a looking random token for various uses.
3194 *
3195 * @param $salt String Optional salt value
3196 * @return String The new random token
3197 */
3198 public static function generateToken( $salt = '' ) {
3199 $token = dechex( mt_rand() ) . dechex( mt_rand() );
3200 return md5( $token . $salt );
3201 }
3202
3203 /**
3204 * Check given value against the token value stored in the session.
3205 * A match should confirm that the form was submitted from the
3206 * user's own login session, not a form submission from a third-party
3207 * site.
3208 *
3209 * @param $val String Input value to compare
3210 * @param $salt String Optional function-specific data for hashing
3211 * @param $request WebRequest object to use or null to use $wgRequest
3212 * @return Boolean: Whether the token matches
3213 */
3214 public function matchEditToken( $val, $salt = '', $request = null ) {
3215 $sessionToken = $this->getEditToken( $salt, $request );
3216 if ( $val != $sessionToken ) {
3217 wfDebug( "User::matchEditToken: broken session data\n" );
3218 }
3219 return $val == $sessionToken;
3220 }
3221
3222 /**
3223 * Check given value against the token value stored in the session,
3224 * ignoring the suffix.
3225 *
3226 * @param $val String Input value to compare
3227 * @param $salt String Optional function-specific data for hashing
3228 * @param $request WebRequest object to use or null to use $wgRequest
3229 * @return Boolean: Whether the token matches
3230 */
3231 public function matchEditTokenNoSuffix( $val, $salt = '', $request = null ) {
3232 $sessionToken = $this->getEditToken( $salt, $request );
3233 return substr( $sessionToken, 0, 32 ) == substr( $val, 0, 32 );
3234 }
3235
3236 /**
3237 * Generate a new e-mail confirmation token and send a confirmation/invalidation
3238 * mail to the user's given address.
3239 *
3240 * @param $type String: message to send, either "created", "changed" or "set"
3241 * @return Status object
3242 */
3243 public function sendConfirmationMail( $type = 'created' ) {
3244 global $wgLang;
3245 $expiration = null; // gets passed-by-ref and defined in next line.
3246 $token = $this->confirmationToken( $expiration );
3247 $url = $this->confirmationTokenUrl( $token );
3248 $invalidateURL = $this->invalidationTokenUrl( $token );
3249 $this->saveSettings();
3250
3251 if ( $type == 'created' || $type === false ) {
3252 $message = 'confirmemail_body';
3253 } elseif ( $type === true ) {
3254 $message = 'confirmemail_body_changed';
3255 } else {
3256 $message = 'confirmemail_body_' . $type;
3257 }
3258
3259 return $this->sendMail( wfMsg( 'confirmemail_subject' ),
3260 wfMsg( $message,
3261 $this->getRequest()->getIP(),
3262 $this->getName(),
3263 $url,
3264 $wgLang->timeanddate( $expiration, false ),
3265 $invalidateURL,
3266 $wgLang->date( $expiration, false ),
3267 $wgLang->time( $expiration, false ) ) );
3268 }
3269
3270 /**
3271 * Send an e-mail to this user's account. Does not check for
3272 * confirmed status or validity.
3273 *
3274 * @param $subject String Message subject
3275 * @param $body String Message body
3276 * @param $from String Optional From address; if unspecified, default $wgPasswordSender will be used
3277 * @param $replyto String Reply-To address
3278 * @return Status
3279 */
3280 public function sendMail( $subject, $body, $from = null, $replyto = null ) {
3281 if( is_null( $from ) ) {
3282 global $wgPasswordSender, $wgPasswordSenderName;
3283 $sender = new MailAddress( $wgPasswordSender, $wgPasswordSenderName );
3284 } else {
3285 $sender = new MailAddress( $from );
3286 }
3287
3288 $to = new MailAddress( $this );
3289 return UserMailer::send( $to, $sender, $subject, $body, $replyto );
3290 }
3291
3292 /**
3293 * Generate, store, and return a new e-mail confirmation code.
3294 * A hash (unsalted, since it's used as a key) is stored.
3295 *
3296 * @note Call saveSettings() after calling this function to commit
3297 * this change to the database.
3298 *
3299 * @param &$expiration \mixed Accepts the expiration time
3300 * @return String New token
3301 */
3302 private function confirmationToken( &$expiration ) {
3303 global $wgUserEmailConfirmationTokenExpiry;
3304 $now = time();
3305 $expires = $now + $wgUserEmailConfirmationTokenExpiry;
3306 $expiration = wfTimestamp( TS_MW, $expires );
3307 $token = self::generateToken( $this->mId . $this->mEmail . $expires );
3308 $hash = md5( $token );
3309 $this->load();
3310 $this->mEmailToken = $hash;
3311 $this->mEmailTokenExpires = $expiration;
3312 return $token;
3313 }
3314
3315 /**
3316 * Return a URL the user can use to confirm their email address.
3317 * @param $token String Accepts the email confirmation token
3318 * @return String New token URL
3319 */
3320 private function confirmationTokenUrl( $token ) {
3321 return $this->getTokenUrl( 'ConfirmEmail', $token );
3322 }
3323
3324 /**
3325 * Return a URL the user can use to invalidate their email address.
3326 * @param $token String Accepts the email confirmation token
3327 * @return String New token URL
3328 */
3329 private function invalidationTokenUrl( $token ) {
3330 return $this->getTokenUrl( 'Invalidateemail', $token );
3331 }
3332
3333 /**
3334 * Internal function to format the e-mail validation/invalidation URLs.
3335 * This uses a quickie hack to use the
3336 * hardcoded English names of the Special: pages, for ASCII safety.
3337 *
3338 * @note Since these URLs get dropped directly into emails, using the
3339 * short English names avoids insanely long URL-encoded links, which
3340 * also sometimes can get corrupted in some browsers/mailers
3341 * (bug 6957 with Gmail and Internet Explorer).
3342 *
3343 * @param $page String Special page
3344 * @param $token String Token
3345 * @return String Formatted URL
3346 */
3347 protected function getTokenUrl( $page, $token ) {
3348 // Hack to bypass localization of 'Special:'
3349 $title = Title::makeTitle( NS_MAIN, "Special:$page/$token" );
3350 return $title->getCanonicalUrl();
3351 }
3352
3353 /**
3354 * Mark the e-mail address confirmed.
3355 *
3356 * @note Call saveSettings() after calling this function to commit the change.
3357 *
3358 * @return bool
3359 */
3360 public function confirmEmail() {
3361 $this->setEmailAuthenticationTimestamp( wfTimestampNow() );
3362 wfRunHooks( 'ConfirmEmailComplete', array( $this ) );
3363 return true;
3364 }
3365
3366 /**
3367 * Invalidate the user's e-mail confirmation, and unauthenticate the e-mail
3368 * address if it was already confirmed.
3369 *
3370 * @note Call saveSettings() after calling this function to commit the change.
3371 * @return bool Returns true
3372 */
3373 function invalidateEmail() {
3374 $this->load();
3375 $this->mEmailToken = null;
3376 $this->mEmailTokenExpires = null;
3377 $this->setEmailAuthenticationTimestamp( null );
3378 wfRunHooks( 'InvalidateEmailComplete', array( $this ) );
3379 return true;
3380 }
3381
3382 /**
3383 * Set the e-mail authentication timestamp.
3384 * @param $timestamp String TS_MW timestamp
3385 */
3386 function setEmailAuthenticationTimestamp( $timestamp ) {
3387 $this->load();
3388 $this->mEmailAuthenticated = $timestamp;
3389 wfRunHooks( 'UserSetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
3390 }
3391
3392 /**
3393 * Is this user allowed to send e-mails within limits of current
3394 * site configuration?
3395 * @return Bool
3396 */
3397 public function canSendEmail() {
3398 global $wgEnableEmail, $wgEnableUserEmail;
3399 if( !$wgEnableEmail || !$wgEnableUserEmail || !$this->isAllowed( 'sendemail' ) ) {
3400 return false;
3401 }
3402 $canSend = $this->isEmailConfirmed();
3403 wfRunHooks( 'UserCanSendEmail', array( &$this, &$canSend ) );
3404 return $canSend;
3405 }
3406
3407 /**
3408 * Is this user allowed to receive e-mails within limits of current
3409 * site configuration?
3410 * @return Bool
3411 */
3412 public function canReceiveEmail() {
3413 return $this->isEmailConfirmed() && !$this->getOption( 'disablemail' );
3414 }
3415
3416 /**
3417 * Is this user's e-mail address valid-looking and confirmed within
3418 * limits of the current site configuration?
3419 *
3420 * @note If $wgEmailAuthentication is on, this may require the user to have
3421 * confirmed their address by returning a code or using a password
3422 * sent to the address from the wiki.
3423 *
3424 * @return Bool
3425 */
3426 public function isEmailConfirmed() {
3427 global $wgEmailAuthentication;
3428 $this->load();
3429 $confirmed = true;
3430 if( wfRunHooks( 'EmailConfirmed', array( &$this, &$confirmed ) ) ) {
3431 if( $this->isAnon() ) {
3432 return false;
3433 }
3434 if( !Sanitizer::validateEmail( $this->mEmail ) ) {
3435 return false;
3436 }
3437 if( $wgEmailAuthentication && !$this->getEmailAuthenticationTimestamp() ) {
3438 return false;
3439 }
3440 return true;
3441 } else {
3442 return $confirmed;
3443 }
3444 }
3445
3446 /**
3447 * Check whether there is an outstanding request for e-mail confirmation.
3448 * @return Bool
3449 */
3450 public function isEmailConfirmationPending() {
3451 global $wgEmailAuthentication;
3452 return $wgEmailAuthentication &&
3453 !$this->isEmailConfirmed() &&
3454 $this->mEmailToken &&
3455 $this->mEmailTokenExpires > wfTimestamp();
3456 }
3457
3458 /**
3459 * Get the timestamp of account creation.
3460 *
3461 * @return String|Bool Timestamp of account creation, or false for
3462 * non-existent/anonymous user accounts.
3463 */
3464 public function getRegistration() {
3465 if ( $this->isAnon() ) {
3466 return false;
3467 }
3468 $this->load();
3469 return $this->mRegistration;
3470 }
3471
3472 /**
3473 * Get the timestamp of the first edit
3474 *
3475 * @return String|Bool Timestamp of first edit, or false for
3476 * non-existent/anonymous user accounts.
3477 */
3478 public function getFirstEditTimestamp() {
3479 if( $this->getId() == 0 ) {
3480 return false; // anons
3481 }
3482 $dbr = wfGetDB( DB_SLAVE );
3483 $time = $dbr->selectField( 'revision', 'rev_timestamp',
3484 array( 'rev_user' => $this->getId() ),
3485 __METHOD__,
3486 array( 'ORDER BY' => 'rev_timestamp ASC' )
3487 );
3488 if( !$time ) {
3489 return false; // no edits
3490 }
3491 return wfTimestamp( TS_MW, $time );
3492 }
3493
3494 /**
3495 * Get the permissions associated with a given list of groups
3496 *
3497 * @param $groups Array of Strings List of internal group names
3498 * @return Array of Strings List of permission key names for given groups combined
3499 */
3500 public static function getGroupPermissions( $groups ) {
3501 global $wgGroupPermissions, $wgRevokePermissions;
3502 $rights = array();
3503 // grant every granted permission first
3504 foreach( $groups as $group ) {
3505 if( isset( $wgGroupPermissions[$group] ) ) {
3506 $rights = array_merge( $rights,
3507 // array_filter removes empty items
3508 array_keys( array_filter( $wgGroupPermissions[$group] ) ) );
3509 }
3510 }
3511 // now revoke the revoked permissions
3512 foreach( $groups as $group ) {
3513 if( isset( $wgRevokePermissions[$group] ) ) {
3514 $rights = array_diff( $rights,
3515 array_keys( array_filter( $wgRevokePermissions[$group] ) ) );
3516 }
3517 }
3518 return array_unique( $rights );
3519 }
3520
3521 /**
3522 * Get all the groups who have a given permission
3523 *
3524 * @param $role String Role to check
3525 * @return Array of Strings List of internal group names with the given permission
3526 */
3527 public static function getGroupsWithPermission( $role ) {
3528 global $wgGroupPermissions;
3529 $allowedGroups = array();
3530 foreach ( $wgGroupPermissions as $group => $rights ) {
3531 if ( isset( $rights[$role] ) && $rights[$role] ) {
3532 $allowedGroups[] = $group;
3533 }
3534 }
3535 return $allowedGroups;
3536 }
3537
3538 /**
3539 * Get the localized descriptive name for a group, if it exists
3540 *
3541 * @param $group String Internal group name
3542 * @return String Localized descriptive group name
3543 */
3544 public static function getGroupName( $group ) {
3545 $msg = wfMessage( "group-$group" );
3546 return $msg->isBlank() ? $group : $msg->text();
3547 }
3548
3549 /**
3550 * Get the localized descriptive name for a member of a group, if it exists
3551 *
3552 * @param $group String Internal group name
3553 * @param $username String Username for gender (since 1.19)
3554 * @return String Localized name for group member
3555 */
3556 public static function getGroupMember( $group, $username = '#' ) {
3557 $msg = wfMessage( "group-$group-member", $username );
3558 return $msg->isBlank() ? $group : $msg->text();
3559 }
3560
3561 /**
3562 * Return the set of defined explicit groups.
3563 * The implicit groups (by default *, 'user' and 'autoconfirmed')
3564 * are not included, as they are defined automatically, not in the database.
3565 * @return Array of internal group names
3566 */
3567 public static function getAllGroups() {
3568 global $wgGroupPermissions, $wgRevokePermissions;
3569 return array_diff(
3570 array_merge( array_keys( $wgGroupPermissions ), array_keys( $wgRevokePermissions ) ),
3571 self::getImplicitGroups()
3572 );
3573 }
3574
3575 /**
3576 * Get a list of all available permissions.
3577 * @return Array of permission names
3578 */
3579 public static function getAllRights() {
3580 if ( self::$mAllRights === false ) {
3581 global $wgAvailableRights;
3582 if ( count( $wgAvailableRights ) ) {
3583 self::$mAllRights = array_unique( array_merge( self::$mCoreRights, $wgAvailableRights ) );
3584 } else {
3585 self::$mAllRights = self::$mCoreRights;
3586 }
3587 wfRunHooks( 'UserGetAllRights', array( &self::$mAllRights ) );
3588 }
3589 return self::$mAllRights;
3590 }
3591
3592 /**
3593 * Get a list of implicit groups
3594 * @return Array of Strings Array of internal group names
3595 */
3596 public static function getImplicitGroups() {
3597 global $wgImplicitGroups;
3598 $groups = $wgImplicitGroups;
3599 wfRunHooks( 'UserGetImplicitGroups', array( &$groups ) ); #deprecated, use $wgImplictGroups instead
3600 return $groups;
3601 }
3602
3603 /**
3604 * Get the title of a page describing a particular group
3605 *
3606 * @param $group String Internal group name
3607 * @return Title|Bool Title of the page if it exists, false otherwise
3608 */
3609 public static function getGroupPage( $group ) {
3610 $msg = wfMessage( 'grouppage-' . $group )->inContentLanguage();
3611 if( $msg->exists() ) {
3612 $title = Title::newFromText( $msg->text() );
3613 if( is_object( $title ) )
3614 return $title;
3615 }
3616 return false;
3617 }
3618
3619 /**
3620 * Create a link to the group in HTML, if available;
3621 * else return the group name.
3622 *
3623 * @param $group String Internal name of the group
3624 * @param $text String The text of the link
3625 * @return String HTML link to the group
3626 */
3627 public static function makeGroupLinkHTML( $group, $text = '' ) {
3628 if( $text == '' ) {
3629 $text = self::getGroupName( $group );
3630 }
3631 $title = self::getGroupPage( $group );
3632 if( $title ) {
3633 return Linker::link( $title, htmlspecialchars( $text ) );
3634 } else {
3635 return $text;
3636 }
3637 }
3638
3639 /**
3640 * Create a link to the group in Wikitext, if available;
3641 * else return the group name.
3642 *
3643 * @param $group String Internal name of the group
3644 * @param $text String The text of the link
3645 * @return String Wikilink to the group
3646 */
3647 public static function makeGroupLinkWiki( $group, $text = '' ) {
3648 if( $text == '' ) {
3649 $text = self::getGroupName( $group );
3650 }
3651 $title = self::getGroupPage( $group );
3652 if( $title ) {
3653 $page = $title->getPrefixedText();
3654 return "[[$page|$text]]";
3655 } else {
3656 return $text;
3657 }
3658 }
3659
3660 /**
3661 * Returns an array of the groups that a particular group can add/remove.
3662 *
3663 * @param $group String: the group to check for whether it can add/remove
3664 * @return Array array( 'add' => array( addablegroups ),
3665 * 'remove' => array( removablegroups ),
3666 * 'add-self' => array( addablegroups to self),
3667 * 'remove-self' => array( removable groups from self) )
3668 */
3669 public static function changeableByGroup( $group ) {
3670 global $wgAddGroups, $wgRemoveGroups, $wgGroupsAddToSelf, $wgGroupsRemoveFromSelf;
3671
3672 $groups = array( 'add' => array(), 'remove' => array(), 'add-self' => array(), 'remove-self' => array() );
3673 if( empty( $wgAddGroups[$group] ) ) {
3674 // Don't add anything to $groups
3675 } elseif( $wgAddGroups[$group] === true ) {
3676 // You get everything
3677 $groups['add'] = self::getAllGroups();
3678 } elseif( is_array( $wgAddGroups[$group] ) ) {
3679 $groups['add'] = $wgAddGroups[$group];
3680 }
3681
3682 // Same thing for remove
3683 if( empty( $wgRemoveGroups[$group] ) ) {
3684 } elseif( $wgRemoveGroups[$group] === true ) {
3685 $groups['remove'] = self::getAllGroups();
3686 } elseif( is_array( $wgRemoveGroups[$group] ) ) {
3687 $groups['remove'] = $wgRemoveGroups[$group];
3688 }
3689
3690 // Re-map numeric keys of AddToSelf/RemoveFromSelf to the 'user' key for backwards compatibility
3691 if( empty( $wgGroupsAddToSelf['user']) || $wgGroupsAddToSelf['user'] !== true ) {
3692 foreach( $wgGroupsAddToSelf as $key => $value ) {
3693 if( is_int( $key ) ) {
3694 $wgGroupsAddToSelf['user'][] = $value;
3695 }
3696 }
3697 }
3698
3699 if( empty( $wgGroupsRemoveFromSelf['user']) || $wgGroupsRemoveFromSelf['user'] !== true ) {
3700 foreach( $wgGroupsRemoveFromSelf as $key => $value ) {
3701 if( is_int( $key ) ) {
3702 $wgGroupsRemoveFromSelf['user'][] = $value;
3703 }
3704 }
3705 }
3706
3707 // Now figure out what groups the user can add to him/herself
3708 if( empty( $wgGroupsAddToSelf[$group] ) ) {
3709 } elseif( $wgGroupsAddToSelf[$group] === true ) {
3710 // No idea WHY this would be used, but it's there
3711 $groups['add-self'] = User::getAllGroups();
3712 } elseif( is_array( $wgGroupsAddToSelf[$group] ) ) {
3713 $groups['add-self'] = $wgGroupsAddToSelf[$group];
3714 }
3715
3716 if( empty( $wgGroupsRemoveFromSelf[$group] ) ) {
3717 } elseif( $wgGroupsRemoveFromSelf[$group] === true ) {
3718 $groups['remove-self'] = User::getAllGroups();
3719 } elseif( is_array( $wgGroupsRemoveFromSelf[$group] ) ) {
3720 $groups['remove-self'] = $wgGroupsRemoveFromSelf[$group];
3721 }
3722
3723 return $groups;
3724 }
3725
3726 /**
3727 * Returns an array of groups that this user can add and remove
3728 * @return Array array( 'add' => array( addablegroups ),
3729 * 'remove' => array( removablegroups ),
3730 * 'add-self' => array( addablegroups to self),
3731 * 'remove-self' => array( removable groups from self) )
3732 */
3733 public function changeableGroups() {
3734 if( $this->isAllowed( 'userrights' ) ) {
3735 // This group gives the right to modify everything (reverse-
3736 // compatibility with old "userrights lets you change
3737 // everything")
3738 // Using array_merge to make the groups reindexed
3739 $all = array_merge( User::getAllGroups() );
3740 return array(
3741 'add' => $all,
3742 'remove' => $all,
3743 'add-self' => array(),
3744 'remove-self' => array()
3745 );
3746 }
3747
3748 // Okay, it's not so simple, we will have to go through the arrays
3749 $groups = array(
3750 'add' => array(),
3751 'remove' => array(),
3752 'add-self' => array(),
3753 'remove-self' => array()
3754 );
3755 $addergroups = $this->getEffectiveGroups();
3756
3757 foreach( $addergroups as $addergroup ) {
3758 $groups = array_merge_recursive(
3759 $groups, $this->changeableByGroup( $addergroup )
3760 );
3761 $groups['add'] = array_unique( $groups['add'] );
3762 $groups['remove'] = array_unique( $groups['remove'] );
3763 $groups['add-self'] = array_unique( $groups['add-self'] );
3764 $groups['remove-self'] = array_unique( $groups['remove-self'] );
3765 }
3766 return $groups;
3767 }
3768
3769 /**
3770 * Increment the user's edit-count field.
3771 * Will have no effect for anonymous users.
3772 */
3773 public function incEditCount() {
3774 if( !$this->isAnon() ) {
3775 $dbw = wfGetDB( DB_MASTER );
3776 $dbw->update( 'user',
3777 array( 'user_editcount=user_editcount+1' ),
3778 array( 'user_id' => $this->getId() ),
3779 __METHOD__ );
3780
3781 // Lazy initialization check...
3782 if( $dbw->affectedRows() == 0 ) {
3783 // Pull from a slave to be less cruel to servers
3784 // Accuracy isn't the point anyway here
3785 $dbr = wfGetDB( DB_SLAVE );
3786 $count = $dbr->selectField( 'revision',
3787 'COUNT(rev_user)',
3788 array( 'rev_user' => $this->getId() ),
3789 __METHOD__ );
3790
3791 // Now here's a goddamn hack...
3792 if( $dbr !== $dbw ) {
3793 // If we actually have a slave server, the count is
3794 // at least one behind because the current transaction
3795 // has not been committed and replicated.
3796 $count++;
3797 } else {
3798 // But if DB_SLAVE is selecting the master, then the
3799 // count we just read includes the revision that was
3800 // just added in the working transaction.
3801 }
3802
3803 $dbw->update( 'user',
3804 array( 'user_editcount' => $count ),
3805 array( 'user_id' => $this->getId() ),
3806 __METHOD__ );
3807 }
3808 }
3809 // edit count in user cache too
3810 $this->invalidateCache();
3811 }
3812
3813 /**
3814 * Get the description of a given right
3815 *
3816 * @param $right String Right to query
3817 * @return String Localized description of the right
3818 */
3819 public static function getRightDescription( $right ) {
3820 $key = "right-$right";
3821 $msg = wfMessage( $key );
3822 return $msg->isBlank() ? $right : $msg->text();
3823 }
3824
3825 /**
3826 * Make an old-style password hash
3827 *
3828 * @param $password String Plain-text password
3829 * @param $userId String User ID
3830 * @return String Password hash
3831 */
3832 public static function oldCrypt( $password, $userId ) {
3833 global $wgPasswordSalt;
3834 if ( $wgPasswordSalt ) {
3835 return md5( $userId . '-' . md5( $password ) );
3836 } else {
3837 return md5( $password );
3838 }
3839 }
3840
3841 /**
3842 * Make a new-style password hash
3843 *
3844 * @param $password String Plain-text password
3845 * @param bool|string $salt Optional salt, may be random or the user ID.
3846
3847 * If unspecified or false, will generate one automatically
3848 * @return String Password hash
3849 */
3850 public static function crypt( $password, $salt = false ) {
3851 global $wgPasswordSalt;
3852
3853 $hash = '';
3854 if( !wfRunHooks( 'UserCryptPassword', array( &$password, &$salt, &$wgPasswordSalt, &$hash ) ) ) {
3855 return $hash;
3856 }
3857
3858 if( $wgPasswordSalt ) {
3859 if ( $salt === false ) {
3860 $salt = substr( wfGenerateToken(), 0, 8 );
3861 }
3862 return ':B:' . $salt . ':' . md5( $salt . '-' . md5( $password ) );
3863 } else {
3864 return ':A:' . md5( $password );
3865 }
3866 }
3867
3868 /**
3869 * Compare a password hash with a plain-text password. Requires the user
3870 * ID if there's a chance that the hash is an old-style hash.
3871 *
3872 * @param $hash String Password hash
3873 * @param $password String Plain-text password to compare
3874 * @param $userId String|bool User ID for old-style password salt
3875 *
3876 * @return Boolean
3877 */
3878 public static function comparePasswords( $hash, $password, $userId = false ) {
3879 $type = substr( $hash, 0, 3 );
3880
3881 $result = false;
3882 if( !wfRunHooks( 'UserComparePasswords', array( &$hash, &$password, &$userId, &$result ) ) ) {
3883 return $result;
3884 }
3885
3886 if ( $type == ':A:' ) {
3887 # Unsalted
3888 return md5( $password ) === substr( $hash, 3 );
3889 } elseif ( $type == ':B:' ) {
3890 # Salted
3891 list( $salt, $realHash ) = explode( ':', substr( $hash, 3 ), 2 );
3892 return md5( $salt.'-'.md5( $password ) ) == $realHash;
3893 } else {
3894 # Old-style
3895 return self::oldCrypt( $password, $userId ) === $hash;
3896 }
3897 }
3898
3899 /**
3900 * Add a newuser log entry for this user. Before 1.19 the return value was always true.
3901 *
3902 * @param $byEmail Boolean: account made by email?
3903 * @param $reason String: user supplied reason
3904 *
3905 * @return int|bool True if not $wgNewUserLog; otherwise ID of log item or 0 on failure
3906 */
3907 public function addNewUserLogEntry( $byEmail = false, $reason = '' ) {
3908 global $wgUser, $wgContLang, $wgNewUserLog;
3909 if( empty( $wgNewUserLog ) ) {
3910 return true; // disabled
3911 }
3912
3913 if( $this->getName() == $wgUser->getName() ) {
3914 $action = 'create';
3915 } else {
3916 $action = 'create2';
3917 if ( $byEmail ) {
3918 if ( $reason === '' ) {
3919 $reason = wfMsgForContent( 'newuserlog-byemail' );
3920 } else {
3921 $reason = $wgContLang->commaList( array(
3922 $reason, wfMsgForContent( 'newuserlog-byemail' ) ) );
3923 }
3924 }
3925 }
3926 $log = new LogPage( 'newusers' );
3927 return (int)$log->addEntry(
3928 $action,
3929 $this->getUserPage(),
3930 $reason,
3931 array( $this->getId() )
3932 );
3933 }
3934
3935 /**
3936 * Add an autocreate newuser log entry for this user
3937 * Used by things like CentralAuth and perhaps other authplugins.
3938 *
3939 * @return bool
3940 */
3941 public function addNewUserLogEntryAutoCreate() {
3942 global $wgNewUserLog;
3943 if( !$wgNewUserLog ) {
3944 return true; // disabled
3945 }
3946 $log = new LogPage( 'newusers', false );
3947 $log->addEntry( 'autocreate', $this->getUserPage(), '', array( $this->getId() ) );
3948 return true;
3949 }
3950
3951 /**
3952 * @todo document
3953 */
3954 protected function loadOptions() {
3955 $this->load();
3956 if ( $this->mOptionsLoaded || !$this->getId() )
3957 return;
3958
3959 $this->mOptions = self::getDefaultOptions();
3960
3961 // Maybe load from the object
3962 if ( !is_null( $this->mOptionOverrides ) ) {
3963 wfDebug( "User: loading options for user " . $this->getId() . " from override cache.\n" );
3964 foreach( $this->mOptionOverrides as $key => $value ) {
3965 $this->mOptions[$key] = $value;
3966 }
3967 } else {
3968 wfDebug( "User: loading options for user " . $this->getId() . " from database.\n" );
3969 // Load from database
3970 $dbr = wfGetDB( DB_SLAVE );
3971
3972 $res = $dbr->select(
3973 'user_properties',
3974 '*',
3975 array( 'up_user' => $this->getId() ),
3976 __METHOD__
3977 );
3978
3979 $this->mOptionOverrides = array();
3980 foreach ( $res as $row ) {
3981 $this->mOptionOverrides[$row->up_property] = $row->up_value;
3982 $this->mOptions[$row->up_property] = $row->up_value;
3983 }
3984 }
3985
3986 $this->mOptionsLoaded = true;
3987
3988 wfRunHooks( 'UserLoadOptions', array( $this, &$this->mOptions ) );
3989 }
3990
3991 /**
3992 * @todo document
3993 */
3994 protected function saveOptions() {
3995 global $wgAllowPrefChange;
3996
3997 $extuser = ExternalUser::newFromUser( $this );
3998
3999 $this->loadOptions();
4000 $dbw = wfGetDB( DB_MASTER );
4001
4002 $insert_rows = array();
4003
4004 $saveOptions = $this->mOptions;
4005
4006 // Allow hooks to abort, for instance to save to a global profile.
4007 // Reset options to default state before saving.
4008 if( !wfRunHooks( 'UserSaveOptions', array( $this, &$saveOptions ) ) ) {
4009 return;
4010 }
4011
4012 foreach( $saveOptions as $key => $value ) {
4013 # Don't bother storing default values
4014 if ( ( is_null( self::getDefaultOption( $key ) ) &&
4015 !( $value === false || is_null($value) ) ) ||
4016 $value != self::getDefaultOption( $key ) ) {
4017 $insert_rows[] = array(
4018 'up_user' => $this->getId(),
4019 'up_property' => $key,
4020 'up_value' => $value,
4021 );
4022 }
4023 if ( $extuser && isset( $wgAllowPrefChange[$key] ) ) {
4024 switch ( $wgAllowPrefChange[$key] ) {
4025 case 'local':
4026 case 'message':
4027 break;
4028 case 'semiglobal':
4029 case 'global':
4030 $extuser->setPref( $key, $value );
4031 }
4032 }
4033 }
4034
4035 $dbw->delete( 'user_properties', array( 'up_user' => $this->getId() ), __METHOD__ );
4036 $dbw->insert( 'user_properties', $insert_rows, __METHOD__ );
4037 }
4038
4039 /**
4040 * Provide an array of HTML5 attributes to put on an input element
4041 * intended for the user to enter a new password. This may include
4042 * required, title, and/or pattern, depending on $wgMinimalPasswordLength.
4043 *
4044 * Do *not* use this when asking the user to enter his current password!
4045 * Regardless of configuration, users may have invalid passwords for whatever
4046 * reason (e.g., they were set before requirements were tightened up).
4047 * Only use it when asking for a new password, like on account creation or
4048 * ResetPass.
4049 *
4050 * Obviously, you still need to do server-side checking.
4051 *
4052 * NOTE: A combination of bugs in various browsers means that this function
4053 * actually just returns array() unconditionally at the moment. May as
4054 * well keep it around for when the browser bugs get fixed, though.
4055 *
4056 * @todo FIXME: This does not belong here; put it in Html or Linker or somewhere
4057 *
4058 * @return array Array of HTML attributes suitable for feeding to
4059 * Html::element(), directly or indirectly. (Don't feed to Xml::*()!
4060 * That will potentially output invalid XHTML 1.0 Transitional, and will
4061 * get confused by the boolean attribute syntax used.)
4062 */
4063 public static function passwordChangeInputAttribs() {
4064 global $wgMinimalPasswordLength;
4065
4066 if ( $wgMinimalPasswordLength == 0 ) {
4067 return array();
4068 }
4069
4070 # Note that the pattern requirement will always be satisfied if the
4071 # input is empty, so we need required in all cases.
4072 #
4073 # @todo FIXME: Bug 23769: This needs to not claim the password is required
4074 # if e-mail confirmation is being used. Since HTML5 input validation
4075 # is b0rked anyway in some browsers, just return nothing. When it's
4076 # re-enabled, fix this code to not output required for e-mail
4077 # registration.
4078 #$ret = array( 'required' );
4079 $ret = array();
4080
4081 # We can't actually do this right now, because Opera 9.6 will print out
4082 # the entered password visibly in its error message! When other
4083 # browsers add support for this attribute, or Opera fixes its support,
4084 # we can add support with a version check to avoid doing this on Opera
4085 # versions where it will be a problem. Reported to Opera as
4086 # DSK-262266, but they don't have a public bug tracker for us to follow.
4087 /*
4088 if ( $wgMinimalPasswordLength > 1 ) {
4089 $ret['pattern'] = '.{' . intval( $wgMinimalPasswordLength ) . ',}';
4090 $ret['title'] = wfMsgExt( 'passwordtooshort', 'parsemag',
4091 $wgMinimalPasswordLength );
4092 }
4093 */
4094
4095 return $ret;
4096 }
4097 }
MediaWiki Core