Localisation updates from http://translatewiki.net.
[mediawiki.git] / includes / User.php
blobe2cbb816f51c0e1ad24c686c658ebcbf5769d589
1 <?php
2 /**
3 * Implements the User class for the %MediaWiki software.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
20 * @file
23 /**
24 * Int Number of characters in user_token field.
25 * @ingroup Constants
27 define( 'USER_TOKEN_LENGTH', 32 );
29 /**
30 * Int Serialized record version.
31 * @ingroup Constants
33 define( 'MW_USER_VERSION', 8 );
35 /**
36 * String Some punctuation to prevent editing from broken text-mangling proxies.
37 * @ingroup Constants
39 define( 'EDIT_TOKEN_SUFFIX', '+\\' );
41 /**
42 * Thrown by User::setPassword() on error.
43 * @ingroup Exception
45 class PasswordError extends MWException {
46 // NOP
49 /**
50 * The User object encapsulates all of the user-specific settings (user_id,
51 * name, rights, password, email address, options, last login time). Client
52 * classes use the getXXX() functions to access these fields. These functions
53 * do all the work of determining whether the user is logged in,
54 * whether the requested option can be satisfied from cookies or
55 * whether a database query is needed. Most of the settings needed
56 * for rendering normal pages are set in the cookie to minimize use
57 * of the database.
59 class User {
60 /**
61 * Global constants made accessible as class constants so that autoloader
62 * magic can be used.
64 const USER_TOKEN_LENGTH = USER_TOKEN_LENGTH;
65 const MW_USER_VERSION = MW_USER_VERSION;
66 const EDIT_TOKEN_SUFFIX = EDIT_TOKEN_SUFFIX;
68 /**
69 * Maximum items in $mWatchedItems
71 const MAX_WATCHED_ITEMS_CACHE = 100;
73 /**
74 * Array of Strings List of member variables which are saved to the
75 * shared cache (memcached). Any operation which changes the
76 * corresponding database fields must call a cache-clearing function.
77 * @showinitializer
79 static $mCacheVars = array(
80 // user table
81 'mId',
82 'mName',
83 'mRealName',
84 'mPassword',
85 'mNewpassword',
86 'mNewpassTime',
87 'mEmail',
88 'mTouched',
89 'mToken',
90 'mEmailAuthenticated',
91 'mEmailToken',
92 'mEmailTokenExpires',
93 'mRegistration',
94 'mEditCount',
95 // user_groups table
96 'mGroups',
97 // user_properties table
98 'mOptionOverrides',
102 * Array of Strings Core rights.
103 * Each of these should have a corresponding message of the form
104 * "right-$right".
105 * @showinitializer
107 static $mCoreRights = array(
108 'apihighlimits',
109 'autoconfirmed',
110 'autopatrol',
111 'bigdelete',
112 'block',
113 'blockemail',
114 'bot',
115 'browsearchive',
116 'createaccount',
117 'createpage',
118 'createtalk',
119 'delete',
120 'deletedhistory',
121 'deletedtext',
122 'deletelogentry',
123 'deleterevision',
124 'edit',
125 'editinterface',
126 'editprotected',
127 'editusercssjs', #deprecated
128 'editusercss',
129 'edituserjs',
130 'hideuser',
131 'import',
132 'importupload',
133 'ipblock-exempt',
134 'markbotedits',
135 'mergehistory',
136 'minoredit',
137 'move',
138 'movefile',
139 'move-rootuserpages',
140 'move-subpages',
141 'nominornewtalk',
142 'noratelimit',
143 'override-export-depth',
144 'passwordreset',
145 'patrol',
146 'patrolmarks',
147 'protect',
148 'proxyunbannable',
149 'purge',
150 'read',
151 'reupload',
152 'reupload-own',
153 'reupload-shared',
154 'rollback',
155 'sendemail',
156 'siteadmin',
157 'suppressionlog',
158 'suppressredirect',
159 'suppressrevision',
160 'unblockself',
161 'undelete',
162 'unwatchedpages',
163 'upload',
164 'upload_by_url',
165 'userrights',
166 'userrights-interwiki',
167 'writeapi',
170 * String Cached results of getAllRights()
172 static $mAllRights = false;
174 /** @name Cache variables */
175 //@{
176 var $mId, $mName, $mRealName, $mPassword, $mNewpassword, $mNewpassTime,
177 $mEmail, $mTouched, $mToken, $mEmailAuthenticated,
178 $mEmailToken, $mEmailTokenExpires, $mRegistration, $mEditCount,
179 $mGroups, $mOptionOverrides;
180 //@}
183 * Bool Whether the cache variables have been loaded.
185 //@{
186 var $mOptionsLoaded;
189 * Array with already loaded items or true if all items have been loaded.
191 private $mLoadedItems = array();
192 //@}
195 * String Initialization data source if mLoadedItems!==true. May be one of:
196 * - 'defaults' anonymous user initialised from class defaults
197 * - 'name' initialise from mName
198 * - 'id' initialise from mId
199 * - 'session' log in from cookies or session if possible
201 * Use the User::newFrom*() family of functions to set this.
203 var $mFrom;
206 * Lazy-initialized variables, invalidated with clearInstanceCache
208 var $mNewtalk, $mDatePreference, $mBlockedby, $mHash, $mRights,
209 $mBlockreason, $mEffectiveGroups, $mImplicitGroups, $mFormerGroups, $mBlockedGlobally,
210 $mLocked, $mHideName, $mOptions;
213 * @var WebRequest
215 private $mRequest;
218 * @var Block
220 var $mBlock;
223 * @var bool
225 var $mAllowUsertalk;
228 * @var Block
230 private $mBlockedFromCreateAccount = false;
233 * @var Array
235 private $mWatchedItems = array();
237 static $idCacheByName = array();
240 * Lightweight constructor for an anonymous user.
241 * Use the User::newFrom* factory functions for other kinds of users.
243 * @see newFromName()
244 * @see newFromId()
245 * @see newFromConfirmationCode()
246 * @see newFromSession()
247 * @see newFromRow()
249 function __construct() {
250 $this->clearInstanceCache( 'defaults' );
254 * @return String
256 function __toString() {
257 return $this->getName();
261 * Load the user table data for this object from the source given by mFrom.
263 public function load() {
264 if ( $this->mLoadedItems === true ) {
265 return;
267 wfProfileIn( __METHOD__ );
269 # Set it now to avoid infinite recursion in accessors
270 $this->mLoadedItems = true;
272 switch ( $this->mFrom ) {
273 case 'defaults':
274 $this->loadDefaults();
275 break;
276 case 'name':
277 $this->mId = self::idFromName( $this->mName );
278 if ( !$this->mId ) {
279 # Nonexistent user placeholder object
280 $this->loadDefaults( $this->mName );
281 } else {
282 $this->loadFromId();
284 break;
285 case 'id':
286 $this->loadFromId();
287 break;
288 case 'session':
289 if ( !$this->loadFromSession() ) {
290 // Loading from session failed. Load defaults.
291 $this->loadDefaults();
293 wfRunHooks( 'UserLoadAfterLoadFromSession', array( $this ) );
294 break;
295 default:
296 wfProfileOut( __METHOD__ );
297 throw new MWException( "Unrecognised value for User->mFrom: \"{$this->mFrom}\"" );
299 wfProfileOut( __METHOD__ );
303 * Load user table data, given mId has already been set.
304 * @return Bool false if the ID does not exist, true otherwise
306 public function loadFromId() {
307 global $wgMemc;
308 if ( $this->mId == 0 ) {
309 $this->loadDefaults();
310 return false;
313 # Try cache
314 $key = wfMemcKey( 'user', 'id', $this->mId );
315 $data = $wgMemc->get( $key );
316 if ( !is_array( $data ) || $data['mVersion'] < MW_USER_VERSION ) {
317 # Object is expired, load from DB
318 $data = false;
321 if ( !$data ) {
322 wfDebug( "User: cache miss for user {$this->mId}\n" );
323 # Load from DB
324 if ( !$this->loadFromDatabase() ) {
325 # Can't load from ID, user is anonymous
326 return false;
328 $this->saveToCache();
329 } else {
330 wfDebug( "User: got user {$this->mId} from cache\n" );
331 # Restore from cache
332 foreach ( self::$mCacheVars as $name ) {
333 $this->$name = $data[$name];
337 $this->mLoadedItems = true;
339 return true;
343 * Save user data to the shared cache
345 public function saveToCache() {
346 $this->load();
347 $this->loadGroups();
348 $this->loadOptions();
349 if ( $this->isAnon() ) {
350 // Anonymous users are uncached
351 return;
353 $data = array();
354 foreach ( self::$mCacheVars as $name ) {
355 $data[$name] = $this->$name;
357 $data['mVersion'] = MW_USER_VERSION;
358 $key = wfMemcKey( 'user', 'id', $this->mId );
359 global $wgMemc;
360 $wgMemc->set( $key, $data );
363 /** @name newFrom*() static factory methods */
364 //@{
367 * Static factory method for creation from username.
369 * This is slightly less efficient than newFromId(), so use newFromId() if
370 * you have both an ID and a name handy.
372 * @param string $name Username, validated by Title::newFromText()
373 * @param string|Bool $validate Validate username. Takes the same parameters as
374 * User::getCanonicalName(), except that true is accepted as an alias
375 * for 'valid', for BC.
377 * @return User|bool User object, or false if the username is invalid
378 * (e.g. if it contains illegal characters or is an IP address). If the
379 * username is not present in the database, the result will be a user object
380 * with a name, zero user ID and default settings.
382 public static function newFromName( $name, $validate = 'valid' ) {
383 if ( $validate === true ) {
384 $validate = 'valid';
386 $name = self::getCanonicalName( $name, $validate );
387 if ( $name === false ) {
388 return false;
389 } else {
390 # Create unloaded user object
391 $u = new User;
392 $u->mName = $name;
393 $u->mFrom = 'name';
394 $u->setItemLoaded( 'name' );
395 return $u;
400 * Static factory method for creation from a given user ID.
402 * @param int $id Valid user ID
403 * @return User The corresponding User object
405 public static function newFromId( $id ) {
406 $u = new User;
407 $u->mId = $id;
408 $u->mFrom = 'id';
409 $u->setItemLoaded( 'id' );
410 return $u;
414 * Factory method to fetch whichever user has a given email confirmation code.
415 * This code is generated when an account is created or its e-mail address
416 * has changed.
418 * If the code is invalid or has expired, returns NULL.
420 * @param string $code Confirmation code
421 * @return User object, or null
423 public static function newFromConfirmationCode( $code ) {
424 $dbr = wfGetDB( DB_SLAVE );
425 $id = $dbr->selectField( 'user', 'user_id', array(
426 'user_email_token' => md5( $code ),
427 'user_email_token_expires > ' . $dbr->addQuotes( $dbr->timestamp() ),
428 ) );
429 if ( $id !== false ) {
430 return User::newFromId( $id );
431 } else {
432 return null;
437 * Create a new user object using data from session or cookies. If the
438 * login credentials are invalid, the result is an anonymous user.
440 * @param $request WebRequest object to use; $wgRequest will be used if omitted.
441 * @return User object
443 public static function newFromSession( WebRequest $request = null ) {
444 $user = new User;
445 $user->mFrom = 'session';
446 $user->mRequest = $request;
447 return $user;
451 * Create a new user object from a user row.
452 * The row should have the following fields from the user table in it:
453 * - either user_name or user_id to load further data if needed (or both)
454 * - user_real_name
455 * - all other fields (email, password, etc.)
456 * It is useless to provide the remaining fields if either user_id,
457 * user_name and user_real_name are not provided because the whole row
458 * will be loaded once more from the database when accessing them.
460 * @param array $row A row from the user table
461 * @param array $data Further data to load into the object (see User::loadFromRow for valid keys)
462 * @return User
464 public static function newFromRow( $row, $data = null ) {
465 $user = new User;
466 $user->loadFromRow( $row, $data );
467 return $user;
470 //@}
473 * Get the username corresponding to a given user ID
474 * @param int $id User ID
475 * @return String|bool The corresponding username
477 public static function whoIs( $id ) {
478 return UserCache::singleton()->getProp( $id, 'name' );
482 * Get the real name of a user given their user ID
484 * @param int $id User ID
485 * @return String|bool The corresponding user's real name
487 public static function whoIsReal( $id ) {
488 return UserCache::singleton()->getProp( $id, 'real_name' );
492 * Get database id given a user name
493 * @param string $name Username
494 * @return Int|Null The corresponding user's ID, or null if user is nonexistent
496 public static function idFromName( $name ) {
497 $nt = Title::makeTitleSafe( NS_USER, $name );
498 if ( is_null( $nt ) ) {
499 # Illegal name
500 return null;
503 if ( isset( self::$idCacheByName[$name] ) ) {
504 return self::$idCacheByName[$name];
507 $dbr = wfGetDB( DB_SLAVE );
508 $s = $dbr->selectRow( 'user', array( 'user_id' ), array( 'user_name' => $nt->getText() ), __METHOD__ );
510 if ( $s === false ) {
511 $result = null;
512 } else {
513 $result = $s->user_id;
516 self::$idCacheByName[$name] = $result;
518 if ( count( self::$idCacheByName ) > 1000 ) {
519 self::$idCacheByName = array();
522 return $result;
526 * Reset the cache used in idFromName(). For use in tests.
528 public static function resetIdByNameCache() {
529 self::$idCacheByName = array();
533 * Does the string match an anonymous IPv4 address?
535 * This function exists for username validation, in order to reject
536 * usernames which are similar in form to IP addresses. Strings such
537 * as 300.300.300.300 will return true because it looks like an IP
538 * address, despite not being strictly valid.
540 * We match "\d{1,3}\.\d{1,3}\.\d{1,3}\.xxx" as an anonymous IP
541 * address because the usemod software would "cloak" anonymous IP
542 * addresses like this, if we allowed accounts like this to be created
543 * new users could get the old edits of these anonymous users.
545 * @param string $name to match
546 * @return Bool
548 public static function isIP( $name ) {
549 return preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/', $name ) || IP::isIPv6( $name );
553 * Is the input a valid username?
555 * Checks if the input is a valid username, we don't want an empty string,
556 * an IP address, anything that contains slashes (would mess up subpages),
557 * is longer than the maximum allowed username size or doesn't begin with
558 * a capital letter.
560 * @param string $name to match
561 * @return Bool
563 public static function isValidUserName( $name ) {
564 global $wgContLang, $wgMaxNameChars;
566 if ( $name == ''
567 || User::isIP( $name )
568 || strpos( $name, '/' ) !== false
569 || strlen( $name ) > $wgMaxNameChars
570 || $name != $wgContLang->ucfirst( $name ) ) {
571 wfDebugLog( 'username', __METHOD__ .
572 ": '$name' invalid due to empty, IP, slash, length, or lowercase" );
573 return false;
576 // Ensure that the name can't be misresolved as a different title,
577 // such as with extra namespace keys at the start.
578 $parsed = Title::newFromText( $name );
579 if ( is_null( $parsed )
580 || $parsed->getNamespace()
581 || strcmp( $name, $parsed->getPrefixedText() ) ) {
582 wfDebugLog( 'username', __METHOD__ .
583 ": '$name' invalid due to ambiguous prefixes" );
584 return false;
587 // Check an additional blacklist of troublemaker characters.
588 // Should these be merged into the title char list?
589 $unicodeBlacklist = '/[' .
590 '\x{0080}-\x{009f}' . # iso-8859-1 control chars
591 '\x{00a0}' . # non-breaking space
592 '\x{2000}-\x{200f}' . # various whitespace
593 '\x{2028}-\x{202f}' . # breaks and control chars
594 '\x{3000}' . # ideographic space
595 '\x{e000}-\x{f8ff}' . # private use
596 ']/u';
597 if ( preg_match( $unicodeBlacklist, $name ) ) {
598 wfDebugLog( 'username', __METHOD__ .
599 ": '$name' invalid due to blacklisted characters" );
600 return false;
603 return true;
607 * Usernames which fail to pass this function will be blocked
608 * from user login and new account registrations, but may be used
609 * internally by batch processes.
611 * If an account already exists in this form, login will be blocked
612 * by a failure to pass this function.
614 * @param string $name to match
615 * @return Bool
617 public static function isUsableName( $name ) {
618 global $wgReservedUsernames;
619 // Must be a valid username, obviously ;)
620 if ( !self::isValidUserName( $name ) ) {
621 return false;
624 static $reservedUsernames = false;
625 if ( !$reservedUsernames ) {
626 $reservedUsernames = $wgReservedUsernames;
627 wfRunHooks( 'UserGetReservedNames', array( &$reservedUsernames ) );
630 // Certain names may be reserved for batch processes.
631 foreach ( $reservedUsernames as $reserved ) {
632 if ( substr( $reserved, 0, 4 ) == 'msg:' ) {
633 $reserved = wfMessage( substr( $reserved, 4 ) )->inContentLanguage()->text();
635 if ( $reserved == $name ) {
636 return false;
639 return true;
643 * Usernames which fail to pass this function will be blocked
644 * from new account registrations, but may be used internally
645 * either by batch processes or by user accounts which have
646 * already been created.
648 * Additional blacklisting may be added here rather than in
649 * isValidUserName() to avoid disrupting existing accounts.
651 * @param string $name to match
652 * @return Bool
654 public static function isCreatableName( $name ) {
655 global $wgInvalidUsernameCharacters;
657 // Ensure that the username isn't longer than 235 bytes, so that
658 // (at least for the builtin skins) user javascript and css files
659 // will work. (bug 23080)
660 if ( strlen( $name ) > 235 ) {
661 wfDebugLog( 'username', __METHOD__ .
662 ": '$name' invalid due to length" );
663 return false;
666 // Preg yells if you try to give it an empty string
667 if ( $wgInvalidUsernameCharacters !== '' ) {
668 if ( preg_match( '/[' . preg_quote( $wgInvalidUsernameCharacters, '/' ) . ']/', $name ) ) {
669 wfDebugLog( 'username', __METHOD__ .
670 ": '$name' invalid due to wgInvalidUsernameCharacters" );
671 return false;
675 return self::isUsableName( $name );
679 * Is the input a valid password for this user?
681 * @param string $password Desired password
682 * @return Bool
684 public function isValidPassword( $password ) {
685 //simple boolean wrapper for getPasswordValidity
686 return $this->getPasswordValidity( $password ) === true;
690 * Given unvalidated password input, return error message on failure.
692 * @param string $password Desired password
693 * @return mixed: true on success, string or array of error message on failure
695 public function getPasswordValidity( $password ) {
696 global $wgMinimalPasswordLength, $wgContLang;
698 static $blockedLogins = array(
699 'Useruser' => 'Passpass', 'Useruser1' => 'Passpass1', # r75589
700 'Apitestsysop' => 'testpass', 'Apitestuser' => 'testpass' # r75605
703 $result = false; //init $result to false for the internal checks
705 if ( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) ) {
706 return $result;
709 if ( $result === false ) {
710 if ( strlen( $password ) < $wgMinimalPasswordLength ) {
711 return 'passwordtooshort';
712 } elseif ( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
713 return 'password-name-match';
714 } elseif ( isset( $blockedLogins[$this->getName()] ) && $password == $blockedLogins[$this->getName()] ) {
715 return 'password-login-forbidden';
716 } else {
717 //it seems weird returning true here, but this is because of the
718 //initialization of $result to false above. If the hook is never run or it
719 //doesn't modify $result, then we will likely get down into this if with
720 //a valid password.
721 return true;
723 } elseif ( $result === true ) {
724 return true;
725 } else {
726 return $result; //the isValidPassword hook set a string $result and returned true
731 * Does a string look like an e-mail address?
733 * This validates an email address using an HTML5 specification found at:
734 * http://www.whatwg.org/specs/web-apps/current-work/multipage/states-of-the-type-attribute.html#valid-e-mail-address
735 * Which as of 2011-01-24 says:
737 * A valid e-mail address is a string that matches the ABNF production
738 * 1*( atext / "." ) "@" ldh-str *( "." ldh-str ) where atext is defined
739 * in RFC 5322 section 3.2.3, and ldh-str is defined in RFC 1034 section
740 * 3.5.
742 * This function is an implementation of the specification as requested in
743 * bug 22449.
745 * Client-side forms will use the same standard validation rules via JS or
746 * HTML 5 validation; additional restrictions can be enforced server-side
747 * by extensions via the 'isValidEmailAddr' hook.
749 * Note that this validation doesn't 100% match RFC 2822, but is believed
750 * to be liberal enough for wide use. Some invalid addresses will still
751 * pass validation here.
753 * @param string $addr E-mail address
754 * @return Bool
755 * @deprecated since 1.18 call Sanitizer::isValidEmail() directly
757 public static function isValidEmailAddr( $addr ) {
758 wfDeprecated( __METHOD__, '1.18' );
759 return Sanitizer::validateEmail( $addr );
763 * Given unvalidated user input, return a canonical username, or false if
764 * the username is invalid.
765 * @param string $name User input
766 * @param string|Bool $validate type of validation to use:
767 * - false No validation
768 * - 'valid' Valid for batch processes
769 * - 'usable' Valid for batch processes and login
770 * - 'creatable' Valid for batch processes, login and account creation
772 * @throws MWException
773 * @return bool|string
775 public static function getCanonicalName( $name, $validate = 'valid' ) {
776 # Force usernames to capital
777 global $wgContLang;
778 $name = $wgContLang->ucfirst( $name );
780 # Reject names containing '#'; these will be cleaned up
781 # with title normalisation, but then it's too late to
782 # check elsewhere
783 if ( strpos( $name, '#' ) !== false ) {
784 return false;
787 # Clean up name according to title rules
788 $t = ( $validate === 'valid' ) ?
789 Title::newFromText( $name ) : Title::makeTitle( NS_USER, $name );
790 # Check for invalid titles
791 if ( is_null( $t ) ) {
792 return false;
795 # Reject various classes of invalid names
796 global $wgAuth;
797 $name = $wgAuth->getCanonicalName( $t->getText() );
799 switch ( $validate ) {
800 case false:
801 break;
802 case 'valid':
803 if ( !User::isValidUserName( $name ) ) {
804 $name = false;
806 break;
807 case 'usable':
808 if ( !User::isUsableName( $name ) ) {
809 $name = false;
811 break;
812 case 'creatable':
813 if ( !User::isCreatableName( $name ) ) {
814 $name = false;
816 break;
817 default:
818 throw new MWException( 'Invalid parameter value for $validate in ' . __METHOD__ );
820 return $name;
824 * Count the number of edits of a user
826 * @param int $uid User ID to check
827 * @return Int the user's edit count
829 * @deprecated since 1.21 in favour of User::getEditCount
831 public static function edits( $uid ) {
832 wfDeprecated( __METHOD__, '1.21' );
833 $user = self::newFromId( $uid );
834 return $user->getEditCount();
838 * Return a random password.
840 * @return String new random password
842 public static function randomPassword() {
843 global $wgMinimalPasswordLength;
844 // Decide the final password length based on our min password length, stopping at a minimum of 10 chars
845 $length = max( 10, $wgMinimalPasswordLength );
846 // Multiply by 1.25 to get the number of hex characters we need
847 $length = $length * 1.25;
848 // Generate random hex chars
849 $hex = MWCryptRand::generateHex( $length );
850 // Convert from base 16 to base 32 to get a proper password like string
851 return wfBaseConvert( $hex, 16, 32 );
855 * Set cached properties to default.
857 * @note This no longer clears uncached lazy-initialised properties;
858 * the constructor does that instead.
860 * @param $name string|bool
862 public function loadDefaults( $name = false ) {
863 wfProfileIn( __METHOD__ );
865 $this->mId = 0;
866 $this->mName = $name;
867 $this->mRealName = '';
868 $this->mPassword = $this->mNewpassword = '';
869 $this->mNewpassTime = null;
870 $this->mEmail = '';
871 $this->mOptionOverrides = null;
872 $this->mOptionsLoaded = false;
874 $loggedOut = $this->getRequest()->getCookie( 'LoggedOut' );
875 if ( $loggedOut !== null ) {
876 $this->mTouched = wfTimestamp( TS_MW, $loggedOut );
877 } else {
878 $this->mTouched = '1'; # Allow any pages to be cached
881 $this->mToken = null; // Don't run cryptographic functions till we need a token
882 $this->mEmailAuthenticated = null;
883 $this->mEmailToken = '';
884 $this->mEmailTokenExpires = null;
885 $this->mRegistration = wfTimestamp( TS_MW );
886 $this->mGroups = array();
888 wfRunHooks( 'UserLoadDefaults', array( $this, $name ) );
890 wfProfileOut( __METHOD__ );
894 * Return whether an item has been loaded.
896 * @param string $item item to check. Current possibilities:
897 * - id
898 * - name
899 * - realname
900 * @param string $all 'all' to check if the whole object has been loaded
901 * or any other string to check if only the item is available (e.g.
902 * for optimisation)
903 * @return Boolean
905 public function isItemLoaded( $item, $all = 'all' ) {
906 return ( $this->mLoadedItems === true && $all === 'all' ) ||
907 ( isset( $this->mLoadedItems[$item] ) && $this->mLoadedItems[$item] === true );
911 * Set that an item has been loaded
913 * @param $item String
915 protected function setItemLoaded( $item ) {
916 if ( is_array( $this->mLoadedItems ) ) {
917 $this->mLoadedItems[$item] = true;
922 * Load user data from the session or login cookie.
923 * @return Bool True if the user is logged in, false otherwise.
925 private function loadFromSession() {
926 $result = null;
927 wfRunHooks( 'UserLoadFromSession', array( $this, &$result ) );
928 if ( $result !== null ) {
929 return $result;
932 $request = $this->getRequest();
934 $cookieId = $request->getCookie( 'UserID' );
935 $sessId = $request->getSessionData( 'wsUserID' );
937 if ( $cookieId !== null ) {
938 $sId = intval( $cookieId );
939 if ( $sessId !== null && $cookieId != $sessId ) {
940 wfDebugLog( 'loginSessions', "Session user ID ($sessId) and
941 cookie user ID ($sId) don't match!" );
942 return false;
944 $request->setSessionData( 'wsUserID', $sId );
945 } elseif ( $sessId !== null && $sessId != 0 ) {
946 $sId = $sessId;
947 } else {
948 return false;
951 if ( $request->getSessionData( 'wsUserName' ) !== null ) {
952 $sName = $request->getSessionData( 'wsUserName' );
953 } elseif ( $request->getCookie( 'UserName' ) !== null ) {
954 $sName = $request->getCookie( 'UserName' );
955 $request->setSessionData( 'wsUserName', $sName );
956 } else {
957 return false;
960 $proposedUser = User::newFromId( $sId );
961 if ( !$proposedUser->isLoggedIn() ) {
962 # Not a valid ID
963 return false;
966 global $wgBlockDisablesLogin;
967 if ( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
968 # User blocked and we've disabled blocked user logins
969 return false;
972 if ( $request->getSessionData( 'wsToken' ) ) {
973 $passwordCorrect = ( $proposedUser->getToken( false ) === $request->getSessionData( 'wsToken' ) );
974 $from = 'session';
975 } elseif ( $request->getCookie( 'Token' ) ) {
976 # Get the token from DB/cache and clean it up to remove garbage padding.
977 # This deals with historical problems with bugs and the default column value.
978 $token = rtrim( $proposedUser->getToken( false ) ); // correct token
979 $passwordCorrect = ( strlen( $token ) && $token === $request->getCookie( 'Token' ) );
980 $from = 'cookie';
981 } else {
982 # No session or persistent login cookie
983 return false;
986 if ( ( $sName === $proposedUser->getName() ) && $passwordCorrect ) {
987 $this->loadFromUserObject( $proposedUser );
988 $request->setSessionData( 'wsToken', $this->mToken );
989 wfDebug( "User: logged in from $from\n" );
990 return true;
991 } else {
992 # Invalid credentials
993 wfDebug( "User: can't log in from $from, invalid credentials\n" );
994 return false;
999 * Load user and user_group data from the database.
1000 * $this->mId must be set, this is how the user is identified.
1002 * @return Bool True if the user exists, false if the user is anonymous
1004 public function loadFromDatabase() {
1005 # Paranoia
1006 $this->mId = intval( $this->mId );
1008 /** Anonymous user */
1009 if ( !$this->mId ) {
1010 $this->loadDefaults();
1011 return false;
1014 $dbr = wfGetDB( DB_MASTER );
1015 $s = $dbr->selectRow( 'user', self::selectFields(), array( 'user_id' => $this->mId ), __METHOD__ );
1017 wfRunHooks( 'UserLoadFromDatabase', array( $this, &$s ) );
1019 if ( $s !== false ) {
1020 # Initialise user table data
1021 $this->loadFromRow( $s );
1022 $this->mGroups = null; // deferred
1023 $this->getEditCount(); // revalidation for nulls
1024 return true;
1025 } else {
1026 # Invalid user_id
1027 $this->mId = 0;
1028 $this->loadDefaults();
1029 return false;
1034 * Initialize this object from a row from the user table.
1036 * @param array $row Row from the user table to load.
1037 * @param array $data Further user data to load into the object
1039 * user_groups Array with groups out of the user_groups table
1040 * user_properties Array with properties out of the user_properties table
1042 public function loadFromRow( $row, $data = null ) {
1043 $all = true;
1045 $this->mGroups = null; // deferred
1047 if ( isset( $row->user_name ) ) {
1048 $this->mName = $row->user_name;
1049 $this->mFrom = 'name';
1050 $this->setItemLoaded( 'name' );
1051 } else {
1052 $all = false;
1055 if ( isset( $row->user_real_name ) ) {
1056 $this->mRealName = $row->user_real_name;
1057 $this->setItemLoaded( 'realname' );
1058 } else {
1059 $all = false;
1062 if ( isset( $row->user_id ) ) {
1063 $this->mId = intval( $row->user_id );
1064 $this->mFrom = 'id';
1065 $this->setItemLoaded( 'id' );
1066 } else {
1067 $all = false;
1070 if ( isset( $row->user_editcount ) ) {
1071 $this->mEditCount = $row->user_editcount;
1072 } else {
1073 $all = false;
1076 if ( isset( $row->user_password ) ) {
1077 $this->mPassword = $row->user_password;
1078 $this->mNewpassword = $row->user_newpassword;
1079 $this->mNewpassTime = wfTimestampOrNull( TS_MW, $row->user_newpass_time );
1080 $this->mEmail = $row->user_email;
1081 if ( isset( $row->user_options ) ) {
1082 $this->decodeOptions( $row->user_options );
1084 $this->mTouched = wfTimestamp( TS_MW, $row->user_touched );
1085 $this->mToken = $row->user_token;
1086 if ( $this->mToken == '' ) {
1087 $this->mToken = null;
1089 $this->mEmailAuthenticated = wfTimestampOrNull( TS_MW, $row->user_email_authenticated );
1090 $this->mEmailToken = $row->user_email_token;
1091 $this->mEmailTokenExpires = wfTimestampOrNull( TS_MW, $row->user_email_token_expires );
1092 $this->mRegistration = wfTimestampOrNull( TS_MW, $row->user_registration );
1093 } else {
1094 $all = false;
1097 if ( $all ) {
1098 $this->mLoadedItems = true;
1101 if ( is_array( $data ) ) {
1102 if ( isset( $data['user_groups'] ) && is_array( $data['user_groups'] ) ) {
1103 $this->mGroups = $data['user_groups'];
1105 if ( isset( $data['user_properties'] ) && is_array( $data['user_properties'] ) ) {
1106 $this->loadOptions( $data['user_properties'] );
1112 * Load the data for this user object from another user object.
1114 * @param $user User
1116 protected function loadFromUserObject( $user ) {
1117 $user->load();
1118 $user->loadGroups();
1119 $user->loadOptions();
1120 foreach ( self::$mCacheVars as $var ) {
1121 $this->$var = $user->$var;
1126 * Load the groups from the database if they aren't already loaded.
1128 private function loadGroups() {
1129 if ( is_null( $this->mGroups ) ) {
1130 $dbr = wfGetDB( DB_MASTER );
1131 $res = $dbr->select( 'user_groups',
1132 array( 'ug_group' ),
1133 array( 'ug_user' => $this->mId ),
1134 __METHOD__ );
1135 $this->mGroups = array();
1136 foreach ( $res as $row ) {
1137 $this->mGroups[] = $row->ug_group;
1143 * Add the user to the group if he/she meets given criteria.
1145 * Contrary to autopromotion by \ref $wgAutopromote, the group will be
1146 * possible to remove manually via Special:UserRights. In such case it
1147 * will not be re-added automatically. The user will also not lose the
1148 * group if they no longer meet the criteria.
1150 * @param string $event key in $wgAutopromoteOnce (each one has groups/criteria)
1152 * @return array Array of groups the user has been promoted to.
1154 * @see $wgAutopromoteOnce
1156 public function addAutopromoteOnceGroups( $event ) {
1157 global $wgAutopromoteOnceLogInRC;
1159 $toPromote = array();
1160 if ( $this->getId() ) {
1161 $toPromote = Autopromote::getAutopromoteOnceGroups( $this, $event );
1162 if ( count( $toPromote ) ) {
1163 $oldGroups = $this->getGroups(); // previous groups
1164 foreach ( $toPromote as $group ) {
1165 $this->addGroup( $group );
1167 $newGroups = array_merge( $oldGroups, $toPromote ); // all groups
1169 $logEntry = new ManualLogEntry( 'rights', 'autopromote' );
1170 $logEntry->setPerformer( $this );
1171 $logEntry->setTarget( $this->getUserPage() );
1172 $logEntry->setParameters( array(
1173 '4::oldgroups' => $oldGroups,
1174 '5::newgroups' => $newGroups,
1175 ) );
1176 $logid = $logEntry->insert();
1177 if ( $wgAutopromoteOnceLogInRC ) {
1178 $logEntry->publish( $logid );
1182 return $toPromote;
1186 * Clear various cached data stored in this object. The cache of the user table
1187 * data (i.e. self::$mCacheVars) is not cleared unless $reloadFrom is given.
1189 * @param bool|String $reloadFrom Reload user and user_groups table data from a
1190 * given source. May be "name", "id", "defaults", "session", or false for
1191 * no reload.
1193 public function clearInstanceCache( $reloadFrom = false ) {
1194 $this->mNewtalk = -1;
1195 $this->mDatePreference = null;
1196 $this->mBlockedby = -1; # Unset
1197 $this->mHash = false;
1198 $this->mRights = null;
1199 $this->mEffectiveGroups = null;
1200 $this->mImplicitGroups = null;
1201 $this->mGroups = null;
1202 $this->mOptions = null;
1203 $this->mOptionsLoaded = false;
1204 $this->mEditCount = null;
1206 if ( $reloadFrom ) {
1207 $this->mLoadedItems = array();
1208 $this->mFrom = $reloadFrom;
1213 * Combine the language default options with any site-specific options
1214 * and add the default language variants.
1216 * @return Array of String options
1218 public static function getDefaultOptions() {
1219 global $wgNamespacesToBeSearchedDefault, $wgDefaultUserOptions, $wgContLang, $wgDefaultSkin;
1221 static $defOpt = null;
1222 if ( !defined( 'MW_PHPUNIT_TEST' ) && $defOpt !== null ) {
1223 // Disabling this for the unit tests, as they rely on being able to change $wgContLang
1224 // mid-request and see that change reflected in the return value of this function.
1225 // Which is insane and would never happen during normal MW operation
1226 return $defOpt;
1229 $defOpt = $wgDefaultUserOptions;
1230 # default language setting
1231 $defOpt['variant'] = $wgContLang->getCode();
1232 $defOpt['language'] = $wgContLang->getCode();
1233 foreach ( SearchEngine::searchableNamespaces() as $nsnum => $nsname ) {
1234 $defOpt['searchNs' . $nsnum] = !empty( $wgNamespacesToBeSearchedDefault[$nsnum] );
1236 $defOpt['skin'] = $wgDefaultSkin;
1238 wfRunHooks( 'UserGetDefaultOptions', array( &$defOpt ) );
1240 return $defOpt;
1244 * Get a given default option value.
1246 * @param string $opt Name of option to retrieve
1247 * @return String Default option value
1249 public static function getDefaultOption( $opt ) {
1250 $defOpts = self::getDefaultOptions();
1251 if ( isset( $defOpts[$opt] ) ) {
1252 return $defOpts[$opt];
1253 } else {
1254 return null;
1259 * Get blocking information
1260 * @param bool $bFromSlave Whether to check the slave database first. To
1261 * improve performance, non-critical checks are done
1262 * against slaves. Check when actually saving should be
1263 * done against master.
1265 private function getBlockedStatus( $bFromSlave = true ) {
1266 global $wgProxyWhitelist, $wgUser, $wgApplyIpBlocksToXff;
1268 if ( -1 != $this->mBlockedby ) {
1269 return;
1272 wfProfileIn( __METHOD__ );
1273 wfDebug( __METHOD__ . ": checking...\n" );
1275 // Initialize data...
1276 // Otherwise something ends up stomping on $this->mBlockedby when
1277 // things get lazy-loaded later, causing false positive block hits
1278 // due to -1 !== 0. Probably session-related... Nothing should be
1279 // overwriting mBlockedby, surely?
1280 $this->load();
1282 # We only need to worry about passing the IP address to the Block generator if the
1283 # user is not immune to autoblocks/hardblocks, and they are the current user so we
1284 # know which IP address they're actually coming from
1285 if ( !$this->isAllowed( 'ipblock-exempt' ) && $this->getID() == $wgUser->getID() ) {
1286 $ip = $this->getRequest()->getIP();
1287 } else {
1288 $ip = null;
1291 # User/IP blocking
1292 $block = Block::newFromTarget( $this, $ip, !$bFromSlave );
1294 # Proxy blocking
1295 if ( !$block instanceof Block && $ip !== null && !$this->isAllowed( 'proxyunbannable' )
1296 && !in_array( $ip, $wgProxyWhitelist ) )
1298 # Local list
1299 if ( self::isLocallyBlockedProxy( $ip ) ) {
1300 $block = new Block;
1301 $block->setBlocker( wfMessage( 'proxyblocker' )->text() );
1302 $block->mReason = wfMessage( 'proxyblockreason' )->text();
1303 $block->setTarget( $ip );
1304 } elseif ( $this->isAnon() && $this->isDnsBlacklisted( $ip ) ) {
1305 $block = new Block;
1306 $block->setBlocker( wfMessage( 'sorbs' )->text() );
1307 $block->mReason = wfMessage( 'sorbsreason' )->text();
1308 $block->setTarget( $ip );
1312 # (bug 23343) Apply IP blocks to the contents of XFF headers, if enabled
1313 if ( !$block instanceof Block
1314 && $wgApplyIpBlocksToXff
1315 && $ip !== null
1316 && !$this->isAllowed( 'proxyunbannable' )
1317 && !in_array( $ip, $wgProxyWhitelist )
1319 $xff = $this->getRequest()->getHeader( 'X-Forwarded-For' );
1320 $xff = array_map( 'trim', explode( ',', $xff ) );
1321 $xff = array_diff( $xff, array( $ip ) );
1322 $xffblocks = Block::getBlocksForIPList( $xff, $this->isAnon(), !$bFromSlave );
1323 $block = Block::chooseBlock( $xffblocks, $xff );
1324 if ( $block instanceof Block ) {
1325 # Mangle the reason to alert the user that the block
1326 # originated from matching the X-Forwarded-For header.
1327 $block->mReason = wfMessage( 'xffblockreason', $block->mReason )->text();
1331 if ( $block instanceof Block ) {
1332 wfDebug( __METHOD__ . ": Found block.\n" );
1333 $this->mBlock = $block;
1334 $this->mBlockedby = $block->getByName();
1335 $this->mBlockreason = $block->mReason;
1336 $this->mHideName = $block->mHideName;
1337 $this->mAllowUsertalk = !$block->prevents( 'editownusertalk' );
1338 } else {
1339 $this->mBlockedby = '';
1340 $this->mHideName = 0;
1341 $this->mAllowUsertalk = false;
1344 // Extensions
1345 wfRunHooks( 'GetBlockedStatus', array( &$this ) );
1347 wfProfileOut( __METHOD__ );
1351 * Whether the given IP is in a DNS blacklist.
1353 * @param string $ip IP to check
1354 * @param bool $checkWhitelist whether to check the whitelist first
1355 * @return Bool True if blacklisted.
1357 public function isDnsBlacklisted( $ip, $checkWhitelist = false ) {
1358 global $wgEnableSorbs, $wgEnableDnsBlacklist,
1359 $wgSorbsUrl, $wgDnsBlacklistUrls, $wgProxyWhitelist;
1361 if ( !$wgEnableDnsBlacklist && !$wgEnableSorbs ) {
1362 return false;
1365 if ( $checkWhitelist && in_array( $ip, $wgProxyWhitelist ) ) {
1366 return false;
1369 $urls = array_merge( $wgDnsBlacklistUrls, (array)$wgSorbsUrl );
1370 return $this->inDnsBlacklist( $ip, $urls );
1374 * Whether the given IP is in a given DNS blacklist.
1376 * @param string $ip IP to check
1377 * @param string|array $bases of Strings: URL of the DNS blacklist
1378 * @return Bool True if blacklisted.
1380 public function inDnsBlacklist( $ip, $bases ) {
1381 wfProfileIn( __METHOD__ );
1383 $found = false;
1384 // @todo FIXME: IPv6 ??? (http://bugs.php.net/bug.php?id=33170)
1385 if ( IP::isIPv4( $ip ) ) {
1386 # Reverse IP, bug 21255
1387 $ipReversed = implode( '.', array_reverse( explode( '.', $ip ) ) );
1389 foreach ( (array)$bases as $base ) {
1390 # Make hostname
1391 # If we have an access key, use that too (ProjectHoneypot, etc.)
1392 if ( is_array( $base ) ) {
1393 if ( count( $base ) >= 2 ) {
1394 # Access key is 1, base URL is 0
1395 $host = "{$base[1]}.$ipReversed.{$base[0]}";
1396 } else {
1397 $host = "$ipReversed.{$base[0]}";
1399 } else {
1400 $host = "$ipReversed.$base";
1403 # Send query
1404 $ipList = gethostbynamel( $host );
1406 if ( $ipList ) {
1407 wfDebugLog( 'dnsblacklist', "Hostname $host is {$ipList[0]}, it's a proxy says $base!\n" );
1408 $found = true;
1409 break;
1410 } else {
1411 wfDebugLog( 'dnsblacklist', "Requested $host, not found in $base.\n" );
1416 wfProfileOut( __METHOD__ );
1417 return $found;
1421 * Check if an IP address is in the local proxy list
1423 * @param $ip string
1425 * @return bool
1427 public static function isLocallyBlockedProxy( $ip ) {
1428 global $wgProxyList;
1430 if ( !$wgProxyList ) {
1431 return false;
1433 wfProfileIn( __METHOD__ );
1435 if ( !is_array( $wgProxyList ) ) {
1436 # Load from the specified file
1437 $wgProxyList = array_map( 'trim', file( $wgProxyList ) );
1440 if ( !is_array( $wgProxyList ) ) {
1441 $ret = false;
1442 } elseif ( array_search( $ip, $wgProxyList ) !== false ) {
1443 $ret = true;
1444 } elseif ( array_key_exists( $ip, $wgProxyList ) ) {
1445 # Old-style flipped proxy list
1446 $ret = true;
1447 } else {
1448 $ret = false;
1450 wfProfileOut( __METHOD__ );
1451 return $ret;
1455 * Is this user subject to rate limiting?
1457 * @return Bool True if rate limited
1459 public function isPingLimitable() {
1460 global $wgRateLimitsExcludedIPs;
1461 if ( in_array( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
1462 // No other good way currently to disable rate limits
1463 // for specific IPs. :P
1464 // But this is a crappy hack and should die.
1465 return false;
1467 return !$this->isAllowed( 'noratelimit' );
1471 * Primitive rate limits: enforce maximum actions per time period
1472 * to put a brake on flooding.
1474 * @note When using a shared cache like memcached, IP-address
1475 * last-hit counters will be shared across wikis.
1477 * @param string $action Action to enforce; 'edit' if unspecified
1478 * @return Bool True if a rate limiter was tripped
1480 public function pingLimiter( $action = 'edit' ) {
1481 # Call the 'PingLimiter' hook
1482 $result = false;
1483 if ( !wfRunHooks( 'PingLimiter', array( &$this, $action, &$result ) ) ) {
1484 return $result;
1487 global $wgRateLimits;
1488 if ( !isset( $wgRateLimits[$action] ) ) {
1489 return false;
1492 # Some groups shouldn't trigger the ping limiter, ever
1493 if ( !$this->isPingLimitable() ) {
1494 return false;
1497 global $wgMemc, $wgRateLimitLog;
1498 wfProfileIn( __METHOD__ );
1500 $limits = $wgRateLimits[$action];
1501 $keys = array();
1502 $id = $this->getId();
1503 $ip = $this->getRequest()->getIP();
1504 $userLimit = false;
1506 if ( isset( $limits['anon'] ) && $id == 0 ) {
1507 $keys[wfMemcKey( 'limiter', $action, 'anon' )] = $limits['anon'];
1510 if ( isset( $limits['user'] ) && $id != 0 ) {
1511 $userLimit = $limits['user'];
1513 if ( $this->isNewbie() ) {
1514 if ( isset( $limits['newbie'] ) && $id != 0 ) {
1515 $keys[wfMemcKey( 'limiter', $action, 'user', $id )] = $limits['newbie'];
1517 if ( isset( $limits['ip'] ) ) {
1518 $keys["mediawiki:limiter:$action:ip:$ip"] = $limits['ip'];
1520 $matches = array();
1521 if ( isset( $limits['subnet'] ) && preg_match( '/^(\d+\.\d+\.\d+)\.\d+$/', $ip, $matches ) ) {
1522 $subnet = $matches[1];
1523 $keys["mediawiki:limiter:$action:subnet:$subnet"] = $limits['subnet'];
1526 // Check for group-specific permissions
1527 // If more than one group applies, use the group with the highest limit
1528 foreach ( $this->getGroups() as $group ) {
1529 if ( isset( $limits[$group] ) ) {
1530 if ( $userLimit === false || $limits[$group] > $userLimit ) {
1531 $userLimit = $limits[$group];
1535 // Set the user limit key
1536 if ( $userLimit !== false ) {
1537 list( $max, $period ) = $userLimit;
1538 wfDebug( __METHOD__ . ": effective user limit: $max in {$period}s\n" );
1539 $keys[wfMemcKey( 'limiter', $action, 'user', $id )] = $userLimit;
1542 $triggered = false;
1543 foreach ( $keys as $key => $limit ) {
1544 list( $max, $period ) = $limit;
1545 $summary = "(limit $max in {$period}s)";
1546 $count = $wgMemc->get( $key );
1547 // Already pinged?
1548 if ( $count ) {
1549 if ( $count >= $max ) {
1550 wfDebug( __METHOD__ . ": tripped! $key at $count $summary\n" );
1551 if ( $wgRateLimitLog ) {
1552 wfSuppressWarnings();
1553 file_put_contents( $wgRateLimitLog, wfTimestamp( TS_MW ) . ' ' . wfWikiID() . ': ' . $this->getName() . " tripped $key at $count $summary\n", FILE_APPEND );
1554 wfRestoreWarnings();
1556 $triggered = true;
1557 } else {
1558 wfDebug( __METHOD__ . ": ok. $key at $count $summary\n" );
1560 } else {
1561 wfDebug( __METHOD__ . ": adding record for $key $summary\n" );
1562 $wgMemc->add( $key, 0, intval( $period ) ); // first ping
1564 $wgMemc->incr( $key );
1567 wfProfileOut( __METHOD__ );
1568 return $triggered;
1572 * Check if user is blocked
1574 * @param bool $bFromSlave Whether to check the slave database instead of the master
1575 * @return Bool True if blocked, false otherwise
1577 public function isBlocked( $bFromSlave = true ) { // hacked from false due to horrible probs on site
1578 return $this->getBlock( $bFromSlave ) instanceof Block && $this->getBlock()->prevents( 'edit' );
1582 * Get the block affecting the user, or null if the user is not blocked
1584 * @param bool $bFromSlave Whether to check the slave database instead of the master
1585 * @return Block|null
1587 public function getBlock( $bFromSlave = true ) {
1588 $this->getBlockedStatus( $bFromSlave );
1589 return $this->mBlock instanceof Block ? $this->mBlock : null;
1593 * Check if user is blocked from editing a particular article
1595 * @param $title Title to check
1596 * @param bool $bFromSlave whether to check the slave database instead of the master
1597 * @return Bool
1599 function isBlockedFrom( $title, $bFromSlave = false ) {
1600 global $wgBlockAllowsUTEdit;
1601 wfProfileIn( __METHOD__ );
1603 $blocked = $this->isBlocked( $bFromSlave );
1604 $allowUsertalk = ( $wgBlockAllowsUTEdit ? $this->mAllowUsertalk : false );
1605 # If a user's name is suppressed, they cannot make edits anywhere
1606 if ( !$this->mHideName && $allowUsertalk && $title->getText() === $this->getName() &&
1607 $title->getNamespace() == NS_USER_TALK ) {
1608 $blocked = false;
1609 wfDebug( __METHOD__ . ": self-talk page, ignoring any blocks\n" );
1612 wfRunHooks( 'UserIsBlockedFrom', array( $this, $title, &$blocked, &$allowUsertalk ) );
1614 wfProfileOut( __METHOD__ );
1615 return $blocked;
1619 * If user is blocked, return the name of the user who placed the block
1620 * @return String name of blocker
1622 public function blockedBy() {
1623 $this->getBlockedStatus();
1624 return $this->mBlockedby;
1628 * If user is blocked, return the specified reason for the block
1629 * @return String Blocking reason
1631 public function blockedFor() {
1632 $this->getBlockedStatus();
1633 return $this->mBlockreason;
1637 * If user is blocked, return the ID for the block
1638 * @return Int Block ID
1640 public function getBlockId() {
1641 $this->getBlockedStatus();
1642 return ( $this->mBlock ? $this->mBlock->getId() : false );
1646 * Check if user is blocked on all wikis.
1647 * Do not use for actual edit permission checks!
1648 * This is intended for quick UI checks.
1650 * @param string $ip IP address, uses current client if none given
1651 * @return Bool True if blocked, false otherwise
1653 public function isBlockedGlobally( $ip = '' ) {
1654 if ( $this->mBlockedGlobally !== null ) {
1655 return $this->mBlockedGlobally;
1657 // User is already an IP?
1658 if ( IP::isIPAddress( $this->getName() ) ) {
1659 $ip = $this->getName();
1660 } elseif ( !$ip ) {
1661 $ip = $this->getRequest()->getIP();
1663 $blocked = false;
1664 wfRunHooks( 'UserIsBlockedGlobally', array( &$this, $ip, &$blocked ) );
1665 $this->mBlockedGlobally = (bool)$blocked;
1666 return $this->mBlockedGlobally;
1670 * Check if user account is locked
1672 * @return Bool True if locked, false otherwise
1674 public function isLocked() {
1675 if ( $this->mLocked !== null ) {
1676 return $this->mLocked;
1678 global $wgAuth;
1679 $authUser = $wgAuth->getUserInstance( $this );
1680 $this->mLocked = (bool)$authUser->isLocked();
1681 return $this->mLocked;
1685 * Check if user account is hidden
1687 * @return Bool True if hidden, false otherwise
1689 public function isHidden() {
1690 if ( $this->mHideName !== null ) {
1691 return $this->mHideName;
1693 $this->getBlockedStatus();
1694 if ( !$this->mHideName ) {
1695 global $wgAuth;
1696 $authUser = $wgAuth->getUserInstance( $this );
1697 $this->mHideName = (bool)$authUser->isHidden();
1699 return $this->mHideName;
1703 * Get the user's ID.
1704 * @return Int The user's ID; 0 if the user is anonymous or nonexistent
1706 public function getId() {
1707 if ( $this->mId === null && $this->mName !== null && User::isIP( $this->mName ) ) {
1708 // Special case, we know the user is anonymous
1709 return 0;
1710 } elseif ( !$this->isItemLoaded( 'id' ) ) {
1711 // Don't load if this was initialized from an ID
1712 $this->load();
1714 return $this->mId;
1718 * Set the user and reload all fields according to a given ID
1719 * @param int $v User ID to reload
1721 public function setId( $v ) {
1722 $this->mId = $v;
1723 $this->clearInstanceCache( 'id' );
1727 * Get the user name, or the IP of an anonymous user
1728 * @return String User's name or IP address
1730 public function getName() {
1731 if ( $this->isItemLoaded( 'name', 'only' ) ) {
1732 # Special case optimisation
1733 return $this->mName;
1734 } else {
1735 $this->load();
1736 if ( $this->mName === false ) {
1737 # Clean up IPs
1738 $this->mName = IP::sanitizeIP( $this->getRequest()->getIP() );
1740 return $this->mName;
1745 * Set the user name.
1747 * This does not reload fields from the database according to the given
1748 * name. Rather, it is used to create a temporary "nonexistent user" for
1749 * later addition to the database. It can also be used to set the IP
1750 * address for an anonymous user to something other than the current
1751 * remote IP.
1753 * @note User::newFromName() has roughly the same function, when the named user
1754 * does not exist.
1755 * @param string $str New user name to set
1757 public function setName( $str ) {
1758 $this->load();
1759 $this->mName = $str;
1763 * Get the user's name escaped by underscores.
1764 * @return String Username escaped by underscores.
1766 public function getTitleKey() {
1767 return str_replace( ' ', '_', $this->getName() );
1771 * Check if the user has new messages.
1772 * @return Bool True if the user has new messages
1774 public function getNewtalk() {
1775 $this->load();
1777 # Load the newtalk status if it is unloaded (mNewtalk=-1)
1778 if ( $this->mNewtalk === -1 ) {
1779 $this->mNewtalk = false; # reset talk page status
1781 # Check memcached separately for anons, who have no
1782 # entire User object stored in there.
1783 if ( !$this->mId ) {
1784 global $wgDisableAnonTalk;
1785 if ( $wgDisableAnonTalk ) {
1786 // Anon newtalk disabled by configuration.
1787 $this->mNewtalk = false;
1788 } else {
1789 global $wgMemc;
1790 $key = wfMemcKey( 'newtalk', 'ip', $this->getName() );
1791 $newtalk = $wgMemc->get( $key );
1792 if ( strval( $newtalk ) !== '' ) {
1793 $this->mNewtalk = (bool)$newtalk;
1794 } else {
1795 // Since we are caching this, make sure it is up to date by getting it
1796 // from the master
1797 $this->mNewtalk = $this->checkNewtalk( 'user_ip', $this->getName(), true );
1798 $wgMemc->set( $key, (int)$this->mNewtalk, 1800 );
1801 } else {
1802 $this->mNewtalk = $this->checkNewtalk( 'user_id', $this->mId );
1806 return (bool)$this->mNewtalk;
1810 * Return the revision and link for the oldest new talk page message for
1811 * this user.
1812 * Note: This function was designed to accomodate multiple talk pages, but
1813 * currently only returns a single link and revision.
1814 * @return Array
1816 public function getNewMessageLinks() {
1817 $talks = array();
1818 if ( !wfRunHooks( 'UserRetrieveNewTalks', array( &$this, &$talks ) ) ) {
1819 return $talks;
1820 } elseif ( !$this->getNewtalk() ) {
1821 return array();
1823 $utp = $this->getTalkPage();
1824 $dbr = wfGetDB( DB_SLAVE );
1825 // Get the "last viewed rev" timestamp from the oldest message notification
1826 $timestamp = $dbr->selectField( 'user_newtalk',
1827 'MIN(user_last_timestamp)',
1828 $this->isAnon() ? array( 'user_ip' => $this->getName() ) : array( 'user_id' => $this->getID() ),
1829 __METHOD__ );
1830 $rev = $timestamp ? Revision::loadFromTimestamp( $dbr, $utp, $timestamp ) : null;
1831 return array( array( 'wiki' => wfWikiID(), 'link' => $utp->getLocalURL(), 'rev' => $rev ) );
1835 * Get the revision ID for the oldest new talk page message for this user
1836 * @return Integer or null if there are no new messages
1838 public function getNewMessageRevisionId() {
1839 $newMessageRevisionId = null;
1840 $newMessageLinks = $this->getNewMessageLinks();
1841 if ( $newMessageLinks ) {
1842 // Note: getNewMessageLinks() never returns more than a single link
1843 // and it is always for the same wiki, but we double-check here in
1844 // case that changes some time in the future.
1845 if ( count( $newMessageLinks ) === 1
1846 && $newMessageLinks[0]['wiki'] === wfWikiID()
1847 && $newMessageLinks[0]['rev']
1849 $newMessageRevision = $newMessageLinks[0]['rev'];
1850 $newMessageRevisionId = $newMessageRevision->getId();
1853 return $newMessageRevisionId;
1857 * Internal uncached check for new messages
1859 * @see getNewtalk()
1860 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
1861 * @param string|Int $id User's IP address for anonymous users, User ID otherwise
1862 * @param bool $fromMaster true to fetch from the master, false for a slave
1863 * @return Bool True if the user has new messages
1865 protected function checkNewtalk( $field, $id, $fromMaster = false ) {
1866 if ( $fromMaster ) {
1867 $db = wfGetDB( DB_MASTER );
1868 } else {
1869 $db = wfGetDB( DB_SLAVE );
1871 $ok = $db->selectField( 'user_newtalk', $field,
1872 array( $field => $id ), __METHOD__ );
1873 return $ok !== false;
1877 * Add or update the new messages flag
1878 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
1879 * @param string|Int $id User's IP address for anonymous users, User ID otherwise
1880 * @param $curRev Revision new, as yet unseen revision of the user talk page. Ignored if null.
1881 * @return Bool True if successful, false otherwise
1883 protected function updateNewtalk( $field, $id, $curRev = null ) {
1884 // Get timestamp of the talk page revision prior to the current one
1885 $prevRev = $curRev ? $curRev->getPrevious() : false;
1886 $ts = $prevRev ? $prevRev->getTimestamp() : null;
1887 // Mark the user as having new messages since this revision
1888 $dbw = wfGetDB( DB_MASTER );
1889 $dbw->insert( 'user_newtalk',
1890 array( $field => $id, 'user_last_timestamp' => $dbw->timestampOrNull( $ts ) ),
1891 __METHOD__,
1892 'IGNORE' );
1893 if ( $dbw->affectedRows() ) {
1894 wfDebug( __METHOD__ . ": set on ($field, $id)\n" );
1895 return true;
1896 } else {
1897 wfDebug( __METHOD__ . " already set ($field, $id)\n" );
1898 return false;
1903 * Clear the new messages flag for the given user
1904 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
1905 * @param string|Int $id User's IP address for anonymous users, User ID otherwise
1906 * @return Bool True if successful, false otherwise
1908 protected function deleteNewtalk( $field, $id ) {
1909 $dbw = wfGetDB( DB_MASTER );
1910 $dbw->delete( 'user_newtalk',
1911 array( $field => $id ),
1912 __METHOD__ );
1913 if ( $dbw->affectedRows() ) {
1914 wfDebug( __METHOD__ . ": killed on ($field, $id)\n" );
1915 return true;
1916 } else {
1917 wfDebug( __METHOD__ . ": already gone ($field, $id)\n" );
1918 return false;
1923 * Update the 'You have new messages!' status.
1924 * @param bool $val Whether the user has new messages
1925 * @param $curRev Revision new, as yet unseen revision of the user talk page. Ignored if null or !$val.
1927 public function setNewtalk( $val, $curRev = null ) {
1928 if ( wfReadOnly() ) {
1929 return;
1932 $this->load();
1933 $this->mNewtalk = $val;
1935 if ( $this->isAnon() ) {
1936 $field = 'user_ip';
1937 $id = $this->getName();
1938 } else {
1939 $field = 'user_id';
1940 $id = $this->getId();
1942 global $wgMemc;
1944 if ( $val ) {
1945 $changed = $this->updateNewtalk( $field, $id, $curRev );
1946 } else {
1947 $changed = $this->deleteNewtalk( $field, $id );
1950 if ( $this->isAnon() ) {
1951 // Anons have a separate memcached space, since
1952 // user records aren't kept for them.
1953 $key = wfMemcKey( 'newtalk', 'ip', $id );
1954 $wgMemc->set( $key, $val ? 1 : 0, 1800 );
1956 if ( $changed ) {
1957 $this->invalidateCache();
1962 * Generate a current or new-future timestamp to be stored in the
1963 * user_touched field when we update things.
1964 * @return String Timestamp in TS_MW format
1966 private static function newTouchedTimestamp() {
1967 global $wgClockSkewFudge;
1968 return wfTimestamp( TS_MW, time() + $wgClockSkewFudge );
1972 * Clear user data from memcached.
1973 * Use after applying fun updates to the database; caller's
1974 * responsibility to update user_touched if appropriate.
1976 * Called implicitly from invalidateCache() and saveSettings().
1978 private function clearSharedCache() {
1979 $this->load();
1980 if ( $this->mId ) {
1981 global $wgMemc;
1982 $wgMemc->delete( wfMemcKey( 'user', 'id', $this->mId ) );
1987 * Immediately touch the user data cache for this account.
1988 * Updates user_touched field, and removes account data from memcached
1989 * for reload on the next hit.
1991 public function invalidateCache() {
1992 if ( wfReadOnly() ) {
1993 return;
1995 $this->load();
1996 if ( $this->mId ) {
1997 $this->mTouched = self::newTouchedTimestamp();
1999 $dbw = wfGetDB( DB_MASTER );
2000 $userid = $this->mId;
2001 $touched = $this->mTouched;
2002 $method = __METHOD__;
2003 $dbw->onTransactionIdle( function() use ( $dbw, $userid, $touched, $method ) {
2004 // Prevent contention slams by checking user_touched first
2005 $encTouched = $dbw->addQuotes( $dbw->timestamp( $touched ) );
2006 $needsPurge = $dbw->selectField( 'user', '1',
2007 array( 'user_id' => $userid, 'user_touched < ' . $encTouched ) );
2008 if ( $needsPurge ) {
2009 $dbw->update( 'user',
2010 array( 'user_touched' => $dbw->timestamp( $touched ) ),
2011 array( 'user_id' => $userid, 'user_touched < ' . $encTouched ),
2012 $method
2015 } );
2016 $this->clearSharedCache();
2021 * Validate the cache for this account.
2022 * @param string $timestamp A timestamp in TS_MW format
2024 * @return bool
2026 public function validateCache( $timestamp ) {
2027 $this->load();
2028 return ( $timestamp >= $this->mTouched );
2032 * Get the user touched timestamp
2033 * @return String timestamp
2035 public function getTouched() {
2036 $this->load();
2037 return $this->mTouched;
2041 * Set the password and reset the random token.
2042 * Calls through to authentication plugin if necessary;
2043 * will have no effect if the auth plugin refuses to
2044 * pass the change through or if the legal password
2045 * checks fail.
2047 * As a special case, setting the password to null
2048 * wipes it, so the account cannot be logged in until
2049 * a new password is set, for instance via e-mail.
2051 * @param string $str New password to set
2052 * @throws PasswordError on failure
2054 * @return bool
2056 public function setPassword( $str ) {
2057 global $wgAuth;
2059 if ( $str !== null ) {
2060 if ( !$wgAuth->allowPasswordChange() ) {
2061 throw new PasswordError( wfMessage( 'password-change-forbidden' )->text() );
2064 if ( !$this->isValidPassword( $str ) ) {
2065 global $wgMinimalPasswordLength;
2066 $valid = $this->getPasswordValidity( $str );
2067 if ( is_array( $valid ) ) {
2068 $message = array_shift( $valid );
2069 $params = $valid;
2070 } else {
2071 $message = $valid;
2072 $params = array( $wgMinimalPasswordLength );
2074 throw new PasswordError( wfMessage( $message, $params )->text() );
2078 if ( !$wgAuth->setPassword( $this, $str ) ) {
2079 throw new PasswordError( wfMessage( 'externaldberror' )->text() );
2082 $this->setInternalPassword( $str );
2084 return true;
2088 * Set the password and reset the random token unconditionally.
2090 * @param string|null $str New password to set or null to set an invalid
2091 * password hash meaning that the user will not be able to log in
2092 * through the web interface.
2094 public function setInternalPassword( $str ) {
2095 $this->load();
2096 $this->setToken();
2098 if ( $str === null ) {
2099 // Save an invalid hash...
2100 $this->mPassword = '';
2101 } else {
2102 $this->mPassword = self::crypt( $str );
2104 $this->mNewpassword = '';
2105 $this->mNewpassTime = null;
2109 * Get the user's current token.
2110 * @param bool $forceCreation Force the generation of a new token if the user doesn't have one (default=true for backwards compatibility)
2111 * @return String Token
2113 public function getToken( $forceCreation = true ) {
2114 $this->load();
2115 if ( !$this->mToken && $forceCreation ) {
2116 $this->setToken();
2118 return $this->mToken;
2122 * Set the random token (used for persistent authentication)
2123 * Called from loadDefaults() among other places.
2125 * @param string|bool $token If specified, set the token to this value
2127 public function setToken( $token = false ) {
2128 $this->load();
2129 if ( !$token ) {
2130 $this->mToken = MWCryptRand::generateHex( USER_TOKEN_LENGTH );
2131 } else {
2132 $this->mToken = $token;
2137 * Set the password for a password reminder or new account email
2139 * @param string $str New password to set
2140 * @param bool $throttle If true, reset the throttle timestamp to the present
2142 public function setNewpassword( $str, $throttle = true ) {
2143 $this->load();
2144 $this->mNewpassword = self::crypt( $str );
2145 if ( $throttle ) {
2146 $this->mNewpassTime = wfTimestampNow();
2151 * Has password reminder email been sent within the last
2152 * $wgPasswordReminderResendTime hours?
2153 * @return Bool
2155 public function isPasswordReminderThrottled() {
2156 global $wgPasswordReminderResendTime;
2157 $this->load();
2158 if ( !$this->mNewpassTime || !$wgPasswordReminderResendTime ) {
2159 return false;
2161 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgPasswordReminderResendTime * 3600;
2162 return time() < $expiry;
2166 * Get the user's e-mail address
2167 * @return String User's email address
2169 public function getEmail() {
2170 $this->load();
2171 wfRunHooks( 'UserGetEmail', array( $this, &$this->mEmail ) );
2172 return $this->mEmail;
2176 * Get the timestamp of the user's e-mail authentication
2177 * @return String TS_MW timestamp
2179 public function getEmailAuthenticationTimestamp() {
2180 $this->load();
2181 wfRunHooks( 'UserGetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
2182 return $this->mEmailAuthenticated;
2186 * Set the user's e-mail address
2187 * @param string $str New e-mail address
2189 public function setEmail( $str ) {
2190 $this->load();
2191 if ( $str == $this->mEmail ) {
2192 return;
2194 $this->mEmail = $str;
2195 $this->invalidateEmail();
2196 wfRunHooks( 'UserSetEmail', array( $this, &$this->mEmail ) );
2200 * Set the user's e-mail address and a confirmation mail if needed.
2202 * @since 1.20
2203 * @param string $str New e-mail address
2204 * @return Status
2206 public function setEmailWithConfirmation( $str ) {
2207 global $wgEnableEmail, $wgEmailAuthentication;
2209 if ( !$wgEnableEmail ) {
2210 return Status::newFatal( 'emaildisabled' );
2213 $oldaddr = $this->getEmail();
2214 if ( $str === $oldaddr ) {
2215 return Status::newGood( true );
2218 $this->setEmail( $str );
2220 if ( $str !== '' && $wgEmailAuthentication ) {
2221 # Send a confirmation request to the new address if needed
2222 $type = $oldaddr != '' ? 'changed' : 'set';
2223 $result = $this->sendConfirmationMail( $type );
2224 if ( $result->isGood() ) {
2225 # Say the the caller that a confirmation mail has been sent
2226 $result->value = 'eauth';
2228 } else {
2229 $result = Status::newGood( true );
2232 return $result;
2236 * Get the user's real name
2237 * @return String User's real name
2239 public function getRealName() {
2240 if ( !$this->isItemLoaded( 'realname' ) ) {
2241 $this->load();
2244 return $this->mRealName;
2248 * Set the user's real name
2249 * @param string $str New real name
2251 public function setRealName( $str ) {
2252 $this->load();
2253 $this->mRealName = $str;
2257 * Get the user's current setting for a given option.
2259 * @param string $oname The option to check
2260 * @param string $defaultOverride A default value returned if the option does not exist
2261 * @param bool $ignoreHidden = whether to ignore the effects of $wgHiddenPrefs
2262 * @return String User's current value for the option
2263 * @see getBoolOption()
2264 * @see getIntOption()
2266 public function getOption( $oname, $defaultOverride = null, $ignoreHidden = false ) {
2267 global $wgHiddenPrefs;
2268 $this->loadOptions();
2270 # We want 'disabled' preferences to always behave as the default value for
2271 # users, even if they have set the option explicitly in their settings (ie they
2272 # set it, and then it was disabled removing their ability to change it). But
2273 # we don't want to erase the preferences in the database in case the preference
2274 # is re-enabled again. So don't touch $mOptions, just override the returned value
2275 if ( in_array( $oname, $wgHiddenPrefs ) && !$ignoreHidden ) {
2276 return self::getDefaultOption( $oname );
2279 if ( array_key_exists( $oname, $this->mOptions ) ) {
2280 return $this->mOptions[$oname];
2281 } else {
2282 return $defaultOverride;
2287 * Get all user's options
2289 * @return array
2291 public function getOptions() {
2292 global $wgHiddenPrefs;
2293 $this->loadOptions();
2294 $options = $this->mOptions;
2296 # We want 'disabled' preferences to always behave as the default value for
2297 # users, even if they have set the option explicitly in their settings (ie they
2298 # set it, and then it was disabled removing their ability to change it). But
2299 # we don't want to erase the preferences in the database in case the preference
2300 # is re-enabled again. So don't touch $mOptions, just override the returned value
2301 foreach ( $wgHiddenPrefs as $pref ) {
2302 $default = self::getDefaultOption( $pref );
2303 if ( $default !== null ) {
2304 $options[$pref] = $default;
2308 return $options;
2312 * Get the user's current setting for a given option, as a boolean value.
2314 * @param string $oname The option to check
2315 * @return Bool User's current value for the option
2316 * @see getOption()
2318 public function getBoolOption( $oname ) {
2319 return (bool)$this->getOption( $oname );
2323 * Get the user's current setting for a given option, as a boolean value.
2325 * @param string $oname The option to check
2326 * @param int $defaultOverride A default value returned if the option does not exist
2327 * @return Int User's current value for the option
2328 * @see getOption()
2330 public function getIntOption( $oname, $defaultOverride = 0 ) {
2331 $val = $this->getOption( $oname );
2332 if ( $val == '' ) {
2333 $val = $defaultOverride;
2335 return intval( $val );
2339 * Set the given option for a user.
2341 * @param string $oname The option to set
2342 * @param $val mixed New value to set
2344 public function setOption( $oname, $val ) {
2345 $this->loadOptions();
2347 // Explicitly NULL values should refer to defaults
2348 if ( is_null( $val ) ) {
2349 $val = self::getDefaultOption( $oname );
2352 $this->mOptions[$oname] = $val;
2356 * Return a list of the types of user options currently returned by
2357 * User::getOptionKinds().
2359 * Currently, the option kinds are:
2360 * - 'registered' - preferences which are registered in core MediaWiki or
2361 * by extensions using the UserGetDefaultOptions hook.
2362 * - 'registered-multiselect' - as above, using the 'multiselect' type.
2363 * - 'registered-checkmatrix' - as above, using the 'checkmatrix' type.
2364 * - 'userjs' - preferences with names starting with 'userjs-', intended to
2365 * be used by user scripts.
2366 * - 'unused' - preferences about which MediaWiki doesn't know anything.
2367 * These are usually legacy options, removed in newer versions.
2369 * The API (and possibly others) use this function to determine the possible
2370 * option types for validation purposes, so make sure to update this when a
2371 * new option kind is added.
2373 * @see User::getOptionKinds
2374 * @return array Option kinds
2376 public static function listOptionKinds() {
2377 return array(
2378 'registered',
2379 'registered-multiselect',
2380 'registered-checkmatrix',
2381 'userjs',
2382 'unused'
2387 * Return an associative array mapping preferences keys to the kind of a preference they're
2388 * used for. Different kinds are handled differently when setting or reading preferences.
2390 * See User::listOptionKinds for the list of valid option types that can be provided.
2392 * @see User::listOptionKinds
2393 * @param $context IContextSource
2394 * @param array $options assoc. array with options keys to check as keys. Defaults to $this->mOptions.
2395 * @return array the key => kind mapping data
2397 public function getOptionKinds( IContextSource $context, $options = null ) {
2398 $this->loadOptions();
2399 if ( $options === null ) {
2400 $options = $this->mOptions;
2403 $prefs = Preferences::getPreferences( $this, $context );
2404 $mapping = array();
2406 // Multiselect and checkmatrix options are stored in the database with
2407 // one key per option, each having a boolean value. Extract those keys.
2408 $multiselectOptions = array();
2409 foreach ( $prefs as $name => $info ) {
2410 if ( ( isset( $info['type'] ) && $info['type'] == 'multiselect' ) ||
2411 ( isset( $info['class'] ) && $info['class'] == 'HTMLMultiSelectField' ) ) {
2412 $opts = HTMLFormField::flattenOptions( $info['options'] );
2413 $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $name;
2415 foreach ( $opts as $value ) {
2416 $multiselectOptions["$prefix$value"] = true;
2419 unset( $prefs[$name] );
2422 $checkmatrixOptions = array();
2423 foreach ( $prefs as $name => $info ) {
2424 if ( ( isset( $info['type'] ) && $info['type'] == 'checkmatrix' ) ||
2425 ( isset( $info['class'] ) && $info['class'] == 'HTMLCheckMatrix' ) ) {
2426 $columns = HTMLFormField::flattenOptions( $info['columns'] );
2427 $rows = HTMLFormField::flattenOptions( $info['rows'] );
2428 $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $name;
2430 foreach ( $columns as $column ) {
2431 foreach ( $rows as $row ) {
2432 $checkmatrixOptions["$prefix-$column-$row"] = true;
2436 unset( $prefs[$name] );
2440 // $value is ignored
2441 foreach ( $options as $key => $value ) {
2442 if ( isset( $prefs[$key] ) ) {
2443 $mapping[$key] = 'registered';
2444 } elseif ( isset( $multiselectOptions[$key] ) ) {
2445 $mapping[$key] = 'registered-multiselect';
2446 } elseif ( isset( $checkmatrixOptions[$key] ) ) {
2447 $mapping[$key] = 'registered-checkmatrix';
2448 } elseif ( substr( $key, 0, 7 ) === 'userjs-' ) {
2449 $mapping[$key] = 'userjs';
2450 } else {
2451 $mapping[$key] = 'unused';
2455 return $mapping;
2459 * Reset certain (or all) options to the site defaults
2461 * The optional parameter determines which kinds of preferences will be reset.
2462 * Supported values are everything that can be reported by getOptionKinds()
2463 * and 'all', which forces a reset of *all* preferences and overrides everything else.
2465 * @param array|string $resetKinds which kinds of preferences to reset. Defaults to
2466 * array( 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused' )
2467 * for backwards-compatibility.
2468 * @param $context IContextSource|null context source used when $resetKinds
2469 * does not contain 'all', passed to getOptionKinds().
2470 * Defaults to RequestContext::getMain() when null.
2472 public function resetOptions(
2473 $resetKinds = array( 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused' ),
2474 IContextSource $context = null
2476 $this->load();
2477 $defaultOptions = self::getDefaultOptions();
2479 if ( !is_array( $resetKinds ) ) {
2480 $resetKinds = array( $resetKinds );
2483 if ( in_array( 'all', $resetKinds ) ) {
2484 $newOptions = $defaultOptions;
2485 } else {
2486 if ( $context === null ) {
2487 $context = RequestContext::getMain();
2490 $optionKinds = $this->getOptionKinds( $context );
2491 $resetKinds = array_intersect( $resetKinds, self::listOptionKinds() );
2492 $newOptions = array();
2494 // Use default values for the options that should be deleted, and
2495 // copy old values for the ones that shouldn't.
2496 foreach ( $this->mOptions as $key => $value ) {
2497 if ( in_array( $optionKinds[$key], $resetKinds ) ) {
2498 if ( array_key_exists( $key, $defaultOptions ) ) {
2499 $newOptions[$key] = $defaultOptions[$key];
2501 } else {
2502 $newOptions[$key] = $value;
2507 $this->mOptions = $newOptions;
2508 $this->mOptionsLoaded = true;
2512 * Get the user's preferred date format.
2513 * @return String User's preferred date format
2515 public function getDatePreference() {
2516 // Important migration for old data rows
2517 if ( is_null( $this->mDatePreference ) ) {
2518 global $wgLang;
2519 $value = $this->getOption( 'date' );
2520 $map = $wgLang->getDatePreferenceMigrationMap();
2521 if ( isset( $map[$value] ) ) {
2522 $value = $map[$value];
2524 $this->mDatePreference = $value;
2526 return $this->mDatePreference;
2530 * Get the user preferred stub threshold
2532 * @return int
2534 public function getStubThreshold() {
2535 global $wgMaxArticleSize; # Maximum article size, in Kb
2536 $threshold = $this->getIntOption( 'stubthreshold' );
2537 if ( $threshold > $wgMaxArticleSize * 1024 ) {
2538 # If they have set an impossible value, disable the preference
2539 # so we can use the parser cache again.
2540 $threshold = 0;
2542 return $threshold;
2546 * Get the permissions this user has.
2547 * @return Array of String permission names
2549 public function getRights() {
2550 if ( is_null( $this->mRights ) ) {
2551 $this->mRights = self::getGroupPermissions( $this->getEffectiveGroups() );
2552 wfRunHooks( 'UserGetRights', array( $this, &$this->mRights ) );
2553 // Force reindexation of rights when a hook has unset one of them
2554 $this->mRights = array_values( array_unique( $this->mRights ) );
2556 return $this->mRights;
2560 * Get the list of explicit group memberships this user has.
2561 * The implicit * and user groups are not included.
2562 * @return Array of String internal group names
2564 public function getGroups() {
2565 $this->load();
2566 $this->loadGroups();
2567 return $this->mGroups;
2571 * Get the list of implicit group memberships this user has.
2572 * This includes all explicit groups, plus 'user' if logged in,
2573 * '*' for all accounts, and autopromoted groups
2574 * @param bool $recache Whether to avoid the cache
2575 * @return Array of String internal group names
2577 public function getEffectiveGroups( $recache = false ) {
2578 if ( $recache || is_null( $this->mEffectiveGroups ) ) {
2579 wfProfileIn( __METHOD__ );
2580 $this->mEffectiveGroups = array_unique( array_merge(
2581 $this->getGroups(), // explicit groups
2582 $this->getAutomaticGroups( $recache ) // implicit groups
2583 ) );
2584 # Hook for additional groups
2585 wfRunHooks( 'UserEffectiveGroups', array( &$this, &$this->mEffectiveGroups ) );
2586 // Force reindexation of groups when a hook has unset one of them
2587 $this->mEffectiveGroups = array_values( array_unique( $this->mEffectiveGroups ) );
2588 wfProfileOut( __METHOD__ );
2590 return $this->mEffectiveGroups;
2594 * Get the list of implicit group memberships this user has.
2595 * This includes 'user' if logged in, '*' for all accounts,
2596 * and autopromoted groups
2597 * @param bool $recache Whether to avoid the cache
2598 * @return Array of String internal group names
2600 public function getAutomaticGroups( $recache = false ) {
2601 if ( $recache || is_null( $this->mImplicitGroups ) ) {
2602 wfProfileIn( __METHOD__ );
2603 $this->mImplicitGroups = array( '*' );
2604 if ( $this->getId() ) {
2605 $this->mImplicitGroups[] = 'user';
2607 $this->mImplicitGroups = array_unique( array_merge(
2608 $this->mImplicitGroups,
2609 Autopromote::getAutopromoteGroups( $this )
2610 ) );
2612 if ( $recache ) {
2613 # Assure data consistency with rights/groups,
2614 # as getEffectiveGroups() depends on this function
2615 $this->mEffectiveGroups = null;
2617 wfProfileOut( __METHOD__ );
2619 return $this->mImplicitGroups;
2623 * Returns the groups the user has belonged to.
2625 * The user may still belong to the returned groups. Compare with getGroups().
2627 * The function will not return groups the user had belonged to before MW 1.17
2629 * @return array Names of the groups the user has belonged to.
2631 public function getFormerGroups() {
2632 if ( is_null( $this->mFormerGroups ) ) {
2633 $dbr = wfGetDB( DB_MASTER );
2634 $res = $dbr->select( 'user_former_groups',
2635 array( 'ufg_group' ),
2636 array( 'ufg_user' => $this->mId ),
2637 __METHOD__ );
2638 $this->mFormerGroups = array();
2639 foreach ( $res as $row ) {
2640 $this->mFormerGroups[] = $row->ufg_group;
2643 return $this->mFormerGroups;
2647 * Get the user's edit count.
2648 * @return Int
2650 public function getEditCount() {
2651 if ( !$this->getId() ) {
2652 return null;
2655 if ( !isset( $this->mEditCount ) ) {
2656 /* Populate the count, if it has not been populated yet */
2657 wfProfileIn( __METHOD__ );
2658 $dbr = wfGetDB( DB_SLAVE );
2659 // check if the user_editcount field has been initialized
2660 $count = $dbr->selectField(
2661 'user', 'user_editcount',
2662 array( 'user_id' => $this->mId ),
2663 __METHOD__
2666 if ( $count === null ) {
2667 // it has not been initialized. do so.
2668 $count = $this->initEditCount();
2670 $this->mEditCount = intval( $count );
2671 wfProfileOut( __METHOD__ );
2673 return $this->mEditCount;
2677 * Add the user to the given group.
2678 * This takes immediate effect.
2679 * @param string $group Name of the group to add
2681 public function addGroup( $group ) {
2682 if ( wfRunHooks( 'UserAddGroup', array( $this, &$group ) ) ) {
2683 $dbw = wfGetDB( DB_MASTER );
2684 if ( $this->getId() ) {
2685 $dbw->insert( 'user_groups',
2686 array(
2687 'ug_user' => $this->getID(),
2688 'ug_group' => $group,
2690 __METHOD__,
2691 array( 'IGNORE' ) );
2694 $this->loadGroups();
2695 $this->mGroups[] = $group;
2696 // In case loadGroups was not called before, we now have the right twice.
2697 // Get rid of the duplicate.
2698 $this->mGroups = array_unique( $this->mGroups );
2699 $this->mRights = User::getGroupPermissions( $this->getEffectiveGroups( true ) );
2701 $this->invalidateCache();
2705 * Remove the user from the given group.
2706 * This takes immediate effect.
2707 * @param string $group Name of the group to remove
2709 public function removeGroup( $group ) {
2710 $this->load();
2711 if ( wfRunHooks( 'UserRemoveGroup', array( $this, &$group ) ) ) {
2712 $dbw = wfGetDB( DB_MASTER );
2713 $dbw->delete( 'user_groups',
2714 array(
2715 'ug_user' => $this->getID(),
2716 'ug_group' => $group,
2717 ), __METHOD__ );
2718 // Remember that the user was in this group
2719 $dbw->insert( 'user_former_groups',
2720 array(
2721 'ufg_user' => $this->getID(),
2722 'ufg_group' => $group,
2724 __METHOD__,
2725 array( 'IGNORE' ) );
2727 $this->loadGroups();
2728 $this->mGroups = array_diff( $this->mGroups, array( $group ) );
2729 $this->mRights = User::getGroupPermissions( $this->getEffectiveGroups( true ) );
2731 $this->invalidateCache();
2735 * Get whether the user is logged in
2736 * @return Bool
2738 public function isLoggedIn() {
2739 return $this->getID() != 0;
2743 * Get whether the user is anonymous
2744 * @return Bool
2746 public function isAnon() {
2747 return !$this->isLoggedIn();
2751 * Check if user is allowed to access a feature / make an action
2753 * @internal param \String $varargs permissions to test
2754 * @return Boolean: True if user is allowed to perform *any* of the given actions
2756 * @return bool
2758 public function isAllowedAny( /*...*/ ) {
2759 $permissions = func_get_args();
2760 foreach ( $permissions as $permission ) {
2761 if ( $this->isAllowed( $permission ) ) {
2762 return true;
2765 return false;
2770 * @internal param $varargs string
2771 * @return bool True if the user is allowed to perform *all* of the given actions
2773 public function isAllowedAll( /*...*/ ) {
2774 $permissions = func_get_args();
2775 foreach ( $permissions as $permission ) {
2776 if ( !$this->isAllowed( $permission ) ) {
2777 return false;
2780 return true;
2784 * Internal mechanics of testing a permission
2785 * @param $action String
2786 * @return bool
2788 public function isAllowed( $action = '' ) {
2789 if ( $action === '' ) {
2790 return true; // In the spirit of DWIM
2792 # Patrolling may not be enabled
2793 if ( $action === 'patrol' || $action === 'autopatrol' ) {
2794 global $wgUseRCPatrol, $wgUseNPPatrol;
2795 if ( !$wgUseRCPatrol && !$wgUseNPPatrol ) {
2796 return false;
2799 # Use strict parameter to avoid matching numeric 0 accidentally inserted
2800 # by misconfiguration: 0 == 'foo'
2801 return in_array( $action, $this->getRights(), true );
2805 * Check whether to enable recent changes patrol features for this user
2806 * @return Boolean: True or false
2808 public function useRCPatrol() {
2809 global $wgUseRCPatrol;
2810 return $wgUseRCPatrol && $this->isAllowedAny( 'patrol', 'patrolmarks' );
2814 * Check whether to enable new pages patrol features for this user
2815 * @return Bool True or false
2817 public function useNPPatrol() {
2818 global $wgUseRCPatrol, $wgUseNPPatrol;
2819 return ( ( $wgUseRCPatrol || $wgUseNPPatrol ) && ( $this->isAllowedAny( 'patrol', 'patrolmarks' ) ) );
2823 * Get the WebRequest object to use with this object
2825 * @return WebRequest
2827 public function getRequest() {
2828 if ( $this->mRequest ) {
2829 return $this->mRequest;
2830 } else {
2831 global $wgRequest;
2832 return $wgRequest;
2837 * Get the current skin, loading it if required
2838 * @return Skin The current skin
2839 * @todo FIXME: Need to check the old failback system [AV]
2840 * @deprecated since 1.18 Use ->getSkin() in the most relevant outputting context you have
2842 public function getSkin() {
2843 wfDeprecated( __METHOD__, '1.18' );
2844 return RequestContext::getMain()->getSkin();
2848 * Get a WatchedItem for this user and $title.
2850 * @param $title Title
2851 * @return WatchedItem
2853 public function getWatchedItem( $title ) {
2854 $key = $title->getNamespace() . ':' . $title->getDBkey();
2856 if ( isset( $this->mWatchedItems[$key] ) ) {
2857 return $this->mWatchedItems[$key];
2860 if ( count( $this->mWatchedItems ) >= self::MAX_WATCHED_ITEMS_CACHE ) {
2861 $this->mWatchedItems = array();
2864 $this->mWatchedItems[$key] = WatchedItem::fromUserTitle( $this, $title );
2865 return $this->mWatchedItems[$key];
2869 * Check the watched status of an article.
2870 * @param $title Title of the article to look at
2871 * @return Bool
2873 public function isWatched( $title ) {
2874 return $this->getWatchedItem( $title )->isWatched();
2878 * Watch an article.
2879 * @param $title Title of the article to look at
2881 public function addWatch( $title ) {
2882 $this->getWatchedItem( $title )->addWatch();
2883 $this->invalidateCache();
2887 * Stop watching an article.
2888 * @param $title Title of the article to look at
2890 public function removeWatch( $title ) {
2891 $this->getWatchedItem( $title )->removeWatch();
2892 $this->invalidateCache();
2896 * Clear the user's notification timestamp for the given title.
2897 * If e-notif e-mails are on, they will receive notification mails on
2898 * the next change of the page if it's watched etc.
2899 * @param $title Title of the article to look at
2901 public function clearNotification( &$title ) {
2902 global $wgUseEnotif, $wgShowUpdatedMarker;
2904 # Do nothing if the database is locked to writes
2905 if ( wfReadOnly() ) {
2906 return;
2909 if ( $title->getNamespace() == NS_USER_TALK &&
2910 $title->getText() == $this->getName() ) {
2911 if ( !wfRunHooks( 'UserClearNewTalkNotification', array( &$this ) ) ) {
2912 return;
2914 $this->setNewtalk( false );
2917 if ( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
2918 return;
2921 if ( $this->isAnon() ) {
2922 // Nothing else to do...
2923 return;
2926 // Only update the timestamp if the page is being watched.
2927 // The query to find out if it is watched is cached both in memcached and per-invocation,
2928 // and when it does have to be executed, it can be on a slave
2929 // If this is the user's newtalk page, we always update the timestamp
2930 $force = '';
2931 if ( $title->getNamespace() == NS_USER_TALK &&
2932 $title->getText() == $this->getName() )
2934 $force = 'force';
2937 $this->getWatchedItem( $title )->resetNotificationTimestamp( $force );
2941 * Resets all of the given user's page-change notification timestamps.
2942 * If e-notif e-mails are on, they will receive notification mails on
2943 * the next change of any watched page.
2945 public function clearAllNotifications() {
2946 if ( wfReadOnly() ) {
2947 return;
2950 global $wgUseEnotif, $wgShowUpdatedMarker;
2951 if ( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
2952 $this->setNewtalk( false );
2953 return;
2955 $id = $this->getId();
2956 if ( $id != 0 ) {
2957 $dbw = wfGetDB( DB_MASTER );
2958 $dbw->update( 'watchlist',
2959 array( /* SET */
2960 'wl_notificationtimestamp' => null
2961 ), array( /* WHERE */
2962 'wl_user' => $id
2963 ), __METHOD__
2965 # We also need to clear here the "you have new message" notification for the own user_talk page
2966 # This is cleared one page view later in Article::viewUpdates();
2971 * Set this user's options from an encoded string
2972 * @param string $str Encoded options to import
2974 * @deprecated in 1.19 due to removal of user_options from the user table
2976 private function decodeOptions( $str ) {
2977 wfDeprecated( __METHOD__, '1.19' );
2978 if ( !$str ) {
2979 return;
2982 $this->mOptionsLoaded = true;
2983 $this->mOptionOverrides = array();
2985 // If an option is not set in $str, use the default value
2986 $this->mOptions = self::getDefaultOptions();
2988 $a = explode( "\n", $str );
2989 foreach ( $a as $s ) {
2990 $m = array();
2991 if ( preg_match( "/^(.[^=]*)=(.*)$/", $s, $m ) ) {
2992 $this->mOptions[$m[1]] = $m[2];
2993 $this->mOptionOverrides[$m[1]] = $m[2];
2999 * Set a cookie on the user's client. Wrapper for
3000 * WebResponse::setCookie
3001 * @param string $name Name of the cookie to set
3002 * @param string $value Value to set
3003 * @param int $exp Expiration time, as a UNIX time value;
3004 * if 0 or not specified, use the default $wgCookieExpiration
3005 * @param $secure Bool
3006 * true: Force setting the secure attribute when setting the cookie
3007 * false: Force NOT setting the secure attribute when setting the cookie
3008 * null (default): Use the default ($wgCookieSecure) to set the secure attribute
3010 protected function setCookie( $name, $value, $exp = 0, $secure = null ) {
3011 $this->getRequest()->response()->setcookie( $name, $value, $exp, null, null, $secure );
3015 * Clear a cookie on the user's client
3016 * @param string $name Name of the cookie to clear
3018 protected function clearCookie( $name ) {
3019 $this->setCookie( $name, '', time() - 86400 );
3023 * Set the default cookies for this session on the user's client.
3025 * @param $request WebRequest object to use; $wgRequest will be used if null
3026 * is passed.
3027 * @param bool $secure Whether to force secure/insecure cookies or use default
3029 public function setCookies( $request = null, $secure = null ) {
3030 if ( $request === null ) {
3031 $request = $this->getRequest();
3034 $this->load();
3035 if ( 0 == $this->mId ) {
3036 return;
3038 if ( !$this->mToken ) {
3039 // When token is empty or NULL generate a new one and then save it to the database
3040 // This allows a wiki to re-secure itself after a leak of it's user table or $wgSecretKey
3041 // Simply by setting every cell in the user_token column to NULL and letting them be
3042 // regenerated as users log back into the wiki.
3043 $this->setToken();
3044 $this->saveSettings();
3046 $session = array(
3047 'wsUserID' => $this->mId,
3048 'wsToken' => $this->mToken,
3049 'wsUserName' => $this->getName()
3051 $cookies = array(
3052 'UserID' => $this->mId,
3053 'UserName' => $this->getName(),
3055 if ( 1 == $this->getOption( 'rememberpassword' ) ) {
3056 $cookies['Token'] = $this->mToken;
3057 } else {
3058 $cookies['Token'] = false;
3061 wfRunHooks( 'UserSetCookies', array( $this, &$session, &$cookies ) );
3063 foreach ( $session as $name => $value ) {
3064 $request->setSessionData( $name, $value );
3066 foreach ( $cookies as $name => $value ) {
3067 if ( $value === false ) {
3068 $this->clearCookie( $name );
3069 } else {
3070 $this->setCookie( $name, $value, 0, $secure );
3075 * If wpStickHTTPS was selected, also set an insecure cookie that
3076 * will cause the site to redirect the user to HTTPS, if they access
3077 * it over HTTP. Bug 29898.
3079 if ( $request->getCheck( 'wpStickHTTPS' ) ) {
3080 $this->setCookie( 'forceHTTPS', 'true', time() + 2592000, false ); //30 days
3085 * Log this user out.
3087 public function logout() {
3088 if ( wfRunHooks( 'UserLogout', array( &$this ) ) ) {
3089 $this->doLogout();
3094 * Clear the user's cookies and session, and reset the instance cache.
3095 * @see logout()
3097 public function doLogout() {
3098 $this->clearInstanceCache( 'defaults' );
3100 $this->getRequest()->setSessionData( 'wsUserID', 0 );
3102 $this->clearCookie( 'UserID' );
3103 $this->clearCookie( 'Token' );
3104 $this->clearCookie( 'forceHTTPS' );
3106 # Remember when user logged out, to prevent seeing cached pages
3107 $this->setCookie( 'LoggedOut', wfTimestampNow(), time() + 86400 );
3111 * Save this user's settings into the database.
3112 * @todo Only rarely do all these fields need to be set!
3114 public function saveSettings() {
3115 global $wgAuth;
3117 $this->load();
3118 if ( wfReadOnly() ) {
3119 return;
3121 if ( 0 == $this->mId ) {
3122 return;
3125 $this->mTouched = self::newTouchedTimestamp();
3126 if ( !$wgAuth->allowSetLocalPassword() ) {
3127 $this->mPassword = '';
3130 $dbw = wfGetDB( DB_MASTER );
3131 $dbw->update( 'user',
3132 array( /* SET */
3133 'user_name' => $this->mName,
3134 'user_password' => $this->mPassword,
3135 'user_newpassword' => $this->mNewpassword,
3136 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
3137 'user_real_name' => $this->mRealName,
3138 'user_email' => $this->mEmail,
3139 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
3140 'user_touched' => $dbw->timestamp( $this->mTouched ),
3141 'user_token' => strval( $this->mToken ),
3142 'user_email_token' => $this->mEmailToken,
3143 'user_email_token_expires' => $dbw->timestampOrNull( $this->mEmailTokenExpires ),
3144 ), array( /* WHERE */
3145 'user_id' => $this->mId
3146 ), __METHOD__
3149 $this->saveOptions();
3151 wfRunHooks( 'UserSaveSettings', array( $this ) );
3152 $this->clearSharedCache();
3153 $this->getUserPage()->invalidateCache();
3157 * If only this user's username is known, and it exists, return the user ID.
3158 * @return Int
3160 public function idForName() {
3161 $s = trim( $this->getName() );
3162 if ( $s === '' ) {
3163 return 0;
3166 $dbr = wfGetDB( DB_SLAVE );
3167 $id = $dbr->selectField( 'user', 'user_id', array( 'user_name' => $s ), __METHOD__ );
3168 if ( $id === false ) {
3169 $id = 0;
3171 return $id;
3175 * Add a user to the database, return the user object
3177 * @param string $name Username to add
3178 * @param array $params of Strings Non-default parameters to save to the database as user_* fields:
3179 * - password The user's password hash. Password logins will be disabled if this is omitted.
3180 * - newpassword Hash for a temporary password that has been mailed to the user
3181 * - email The user's email address
3182 * - email_authenticated The email authentication timestamp
3183 * - real_name The user's real name
3184 * - options An associative array of non-default options
3185 * - token Random authentication token. Do not set.
3186 * - registration Registration timestamp. Do not set.
3188 * @return User object, or null if the username already exists
3190 public static function createNew( $name, $params = array() ) {
3191 $user = new User;
3192 $user->load();
3193 $user->setToken(); // init token
3194 if ( isset( $params['options'] ) ) {
3195 $user->mOptions = $params['options'] + (array)$user->mOptions;
3196 unset( $params['options'] );
3198 $dbw = wfGetDB( DB_MASTER );
3199 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
3201 $fields = array(
3202 'user_id' => $seqVal,
3203 'user_name' => $name,
3204 'user_password' => $user->mPassword,
3205 'user_newpassword' => $user->mNewpassword,
3206 'user_newpass_time' => $dbw->timestampOrNull( $user->mNewpassTime ),
3207 'user_email' => $user->mEmail,
3208 'user_email_authenticated' => $dbw->timestampOrNull( $user->mEmailAuthenticated ),
3209 'user_real_name' => $user->mRealName,
3210 'user_token' => strval( $user->mToken ),
3211 'user_registration' => $dbw->timestamp( $user->mRegistration ),
3212 'user_editcount' => 0,
3213 'user_touched' => $dbw->timestamp( self::newTouchedTimestamp() ),
3215 foreach ( $params as $name => $value ) {
3216 $fields["user_$name"] = $value;
3218 $dbw->insert( 'user', $fields, __METHOD__, array( 'IGNORE' ) );
3219 if ( $dbw->affectedRows() ) {
3220 $newUser = User::newFromId( $dbw->insertId() );
3221 } else {
3222 $newUser = null;
3224 return $newUser;
3228 * Add this existing user object to the database. If the user already
3229 * exists, a fatal status object is returned, and the user object is
3230 * initialised with the data from the database.
3232 * Previously, this function generated a DB error due to a key conflict
3233 * if the user already existed. Many extension callers use this function
3234 * in code along the lines of:
3236 * $user = User::newFromName( $name );
3237 * if ( !$user->isLoggedIn() ) {
3238 * $user->addToDatabase();
3240 * // do something with $user...
3242 * However, this was vulnerable to a race condition (bug 16020). By
3243 * initialising the user object if the user exists, we aim to support this
3244 * calling sequence as far as possible.
3246 * Note that if the user exists, this function will acquire a write lock,
3247 * so it is still advisable to make the call conditional on isLoggedIn(),
3248 * and to commit the transaction after calling.
3250 * @throws MWException
3251 * @return Status
3253 public function addToDatabase() {
3254 $this->load();
3255 if ( !$this->mToken ) {
3256 $this->setToken(); // init token
3259 $this->mTouched = self::newTouchedTimestamp();
3261 $dbw = wfGetDB( DB_MASTER );
3262 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
3263 $dbw->insert( 'user',
3264 array(
3265 'user_id' => $seqVal,
3266 'user_name' => $this->mName,
3267 'user_password' => $this->mPassword,
3268 'user_newpassword' => $this->mNewpassword,
3269 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
3270 'user_email' => $this->mEmail,
3271 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
3272 'user_real_name' => $this->mRealName,
3273 'user_token' => strval( $this->mToken ),
3274 'user_registration' => $dbw->timestamp( $this->mRegistration ),
3275 'user_editcount' => 0,
3276 'user_touched' => $dbw->timestamp( $this->mTouched ),
3277 ), __METHOD__,
3278 array( 'IGNORE' )
3280 if ( !$dbw->affectedRows() ) {
3281 $this->mId = $dbw->selectField( 'user', 'user_id',
3282 array( 'user_name' => $this->mName ), __METHOD__ );
3283 $loaded = false;
3284 if ( $this->mId ) {
3285 if ( $this->loadFromDatabase() ) {
3286 $loaded = true;
3289 if ( !$loaded ) {
3290 throw new MWException( __METHOD__ . ": hit a key conflict attempting " .
3291 "to insert user '{$this->mName}' row, but it was not present in select!" );
3293 return Status::newFatal( 'userexists' );
3295 $this->mId = $dbw->insertId();
3297 // Clear instance cache other than user table data, which is already accurate
3298 $this->clearInstanceCache();
3300 $this->saveOptions();
3301 return Status::newGood();
3305 * If this user is logged-in and blocked,
3306 * block any IP address they've successfully logged in from.
3307 * @return bool A block was spread
3309 public function spreadAnyEditBlock() {
3310 if ( $this->isLoggedIn() && $this->isBlocked() ) {
3311 return $this->spreadBlock();
3313 return false;
3317 * If this (non-anonymous) user is blocked,
3318 * block the IP address they've successfully logged in from.
3319 * @return bool A block was spread
3321 protected function spreadBlock() {
3322 wfDebug( __METHOD__ . "()\n" );
3323 $this->load();
3324 if ( $this->mId == 0 ) {
3325 return false;
3328 $userblock = Block::newFromTarget( $this->getName() );
3329 if ( !$userblock ) {
3330 return false;
3333 return (bool)$userblock->doAutoblock( $this->getRequest()->getIP() );
3337 * Generate a string which will be different for any combination of
3338 * user options which would produce different parser output.
3339 * This will be used as part of the hash key for the parser cache,
3340 * so users with the same options can share the same cached data
3341 * safely.
3343 * Extensions which require it should install 'PageRenderingHash' hook,
3344 * which will give them a chance to modify this key based on their own
3345 * settings.
3347 * @deprecated since 1.17 use the ParserOptions object to get the relevant options
3348 * @return String Page rendering hash
3350 public function getPageRenderingHash() {
3351 wfDeprecated( __METHOD__, '1.17' );
3353 global $wgRenderHashAppend, $wgLang, $wgContLang;
3354 if ( $this->mHash ) {
3355 return $this->mHash;
3358 // stubthreshold is only included below for completeness,
3359 // since it disables the parser cache, its value will always
3360 // be 0 when this function is called by parsercache.
3362 $confstr = $this->getOption( 'math' );
3363 $confstr .= '!' . $this->getStubThreshold();
3364 $confstr .= '!' . ( $this->getOption( 'numberheadings' ) ? '1' : '' );
3365 $confstr .= '!' . $wgLang->getCode();
3366 $confstr .= '!' . $this->getOption( 'thumbsize' );
3367 // add in language specific options, if any
3368 $extra = $wgContLang->getExtraHashOptions();
3369 $confstr .= $extra;
3371 // Since the skin could be overloading link(), it should be
3372 // included here but in practice, none of our skins do that.
3374 $confstr .= $wgRenderHashAppend;
3376 // Give a chance for extensions to modify the hash, if they have
3377 // extra options or other effects on the parser cache.
3378 wfRunHooks( 'PageRenderingHash', array( &$confstr ) );
3380 // Make it a valid memcached key fragment
3381 $confstr = str_replace( ' ', '_', $confstr );
3382 $this->mHash = $confstr;
3383 return $confstr;
3387 * Get whether the user is explicitly blocked from account creation.
3388 * @return Bool|Block
3390 public function isBlockedFromCreateAccount() {
3391 $this->getBlockedStatus();
3392 if ( $this->mBlock && $this->mBlock->prevents( 'createaccount' ) ) {
3393 return $this->mBlock;
3396 # bug 13611: if the IP address the user is trying to create an account from is
3397 # blocked with createaccount disabled, prevent new account creation there even
3398 # when the user is logged in
3399 if ( $this->mBlockedFromCreateAccount === false && !$this->isAllowed( 'ipblock-exempt' ) ) {
3400 $this->mBlockedFromCreateAccount = Block::newFromTarget( null, $this->getRequest()->getIP() );
3402 return $this->mBlockedFromCreateAccount instanceof Block && $this->mBlockedFromCreateAccount->prevents( 'createaccount' )
3403 ? $this->mBlockedFromCreateAccount
3404 : false;
3408 * Get whether the user is blocked from using Special:Emailuser.
3409 * @return Bool
3411 public function isBlockedFromEmailuser() {
3412 $this->getBlockedStatus();
3413 return $this->mBlock && $this->mBlock->prevents( 'sendemail' );
3417 * Get whether the user is allowed to create an account.
3418 * @return Bool
3420 function isAllowedToCreateAccount() {
3421 return $this->isAllowed( 'createaccount' ) && !$this->isBlockedFromCreateAccount();
3425 * Get this user's personal page title.
3427 * @return Title: User's personal page title
3429 public function getUserPage() {
3430 return Title::makeTitle( NS_USER, $this->getName() );
3434 * Get this user's talk page title.
3436 * @return Title: User's talk page title
3438 public function getTalkPage() {
3439 $title = $this->getUserPage();
3440 return $title->getTalkPage();
3444 * Determine whether the user is a newbie. Newbies are either
3445 * anonymous IPs, or the most recently created accounts.
3446 * @return Bool
3448 public function isNewbie() {
3449 return !$this->isAllowed( 'autoconfirmed' );
3453 * Check to see if the given clear-text password is one of the accepted passwords
3454 * @param string $password user password.
3455 * @return Boolean: True if the given password is correct, otherwise False.
3457 public function checkPassword( $password ) {
3458 global $wgAuth, $wgLegacyEncoding;
3459 $this->load();
3461 // Even though we stop people from creating passwords that
3462 // are shorter than this, doesn't mean people wont be able
3463 // to. Certain authentication plugins do NOT want to save
3464 // domain passwords in a mysql database, so we should
3465 // check this (in case $wgAuth->strict() is false).
3466 if ( !$this->isValidPassword( $password ) ) {
3467 return false;
3470 if ( $wgAuth->authenticate( $this->getName(), $password ) ) {
3471 return true;
3472 } elseif ( $wgAuth->strict() ) {
3473 /* Auth plugin doesn't allow local authentication */
3474 return false;
3475 } elseif ( $wgAuth->strictUserAuth( $this->getName() ) ) {
3476 /* Auth plugin doesn't allow local authentication for this user name */
3477 return false;
3479 if ( self::comparePasswords( $this->mPassword, $password, $this->mId ) ) {
3480 return true;
3481 } elseif ( $wgLegacyEncoding ) {
3482 # Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted
3483 # Check for this with iconv
3484 $cp1252Password = iconv( 'UTF-8', 'WINDOWS-1252//TRANSLIT', $password );
3485 if ( $cp1252Password != $password &&
3486 self::comparePasswords( $this->mPassword, $cp1252Password, $this->mId ) )
3488 return true;
3491 return false;
3495 * Check if the given clear-text password matches the temporary password
3496 * sent by e-mail for password reset operations.
3498 * @param $plaintext string
3500 * @return Boolean: True if matches, false otherwise
3502 public function checkTemporaryPassword( $plaintext ) {
3503 global $wgNewPasswordExpiry;
3505 $this->load();
3506 if ( self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ) ) {
3507 if ( is_null( $this->mNewpassTime ) ) {
3508 return true;
3510 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry;
3511 return ( time() < $expiry );
3512 } else {
3513 return false;
3518 * Alias for getEditToken.
3519 * @deprecated since 1.19, use getEditToken instead.
3521 * @param string|array $salt of Strings Optional function-specific data for hashing
3522 * @param $request WebRequest object to use or null to use $wgRequest
3523 * @return String The new edit token
3525 public function editToken( $salt = '', $request = null ) {
3526 wfDeprecated( __METHOD__, '1.19' );
3527 return $this->getEditToken( $salt, $request );
3531 * Initialize (if necessary) and return a session token value
3532 * which can be used in edit forms to show that the user's
3533 * login credentials aren't being hijacked with a foreign form
3534 * submission.
3536 * @since 1.19
3538 * @param string|array $salt of Strings Optional function-specific data for hashing
3539 * @param $request WebRequest object to use or null to use $wgRequest
3540 * @return String The new edit token
3542 public function getEditToken( $salt = '', $request = null ) {
3543 if ( $request == null ) {
3544 $request = $this->getRequest();
3547 if ( $this->isAnon() ) {
3548 return EDIT_TOKEN_SUFFIX;
3549 } else {
3550 $token = $request->getSessionData( 'wsEditToken' );
3551 if ( $token === null ) {
3552 $token = MWCryptRand::generateHex( 32 );
3553 $request->setSessionData( 'wsEditToken', $token );
3555 if ( is_array( $salt ) ) {
3556 $salt = implode( '|', $salt );
3558 return md5( $token . $salt ) . EDIT_TOKEN_SUFFIX;
3563 * Generate a looking random token for various uses.
3565 * @return String The new random token
3566 * @deprecated since 1.20; Use MWCryptRand for secure purposes or wfRandomString for pseudo-randomness
3568 public static function generateToken() {
3569 return MWCryptRand::generateHex( 32 );
3573 * Check given value against the token value stored in the session.
3574 * A match should confirm that the form was submitted from the
3575 * user's own login session, not a form submission from a third-party
3576 * site.
3578 * @param string $val Input value to compare
3579 * @param string $salt Optional function-specific data for hashing
3580 * @param $request WebRequest object to use or null to use $wgRequest
3581 * @return Boolean: Whether the token matches
3583 public function matchEditToken( $val, $salt = '', $request = null ) {
3584 $sessionToken = $this->getEditToken( $salt, $request );
3585 if ( $val != $sessionToken ) {
3586 wfDebug( "User::matchEditToken: broken session data\n" );
3588 return $val == $sessionToken;
3592 * Check given value against the token value stored in the session,
3593 * ignoring the suffix.
3595 * @param string $val Input value to compare
3596 * @param string $salt Optional function-specific data for hashing
3597 * @param $request WebRequest object to use or null to use $wgRequest
3598 * @return Boolean: Whether the token matches
3600 public function matchEditTokenNoSuffix( $val, $salt = '', $request = null ) {
3601 $sessionToken = $this->getEditToken( $salt, $request );
3602 return substr( $sessionToken, 0, 32 ) == substr( $val, 0, 32 );
3606 * Generate a new e-mail confirmation token and send a confirmation/invalidation
3607 * mail to the user's given address.
3609 * @param string $type message to send, either "created", "changed" or "set"
3610 * @return Status object
3612 public function sendConfirmationMail( $type = 'created' ) {
3613 global $wgLang;
3614 $expiration = null; // gets passed-by-ref and defined in next line.
3615 $token = $this->confirmationToken( $expiration );
3616 $url = $this->confirmationTokenUrl( $token );
3617 $invalidateURL = $this->invalidationTokenUrl( $token );
3618 $this->saveSettings();
3620 if ( $type == 'created' || $type === false ) {
3621 $message = 'confirmemail_body';
3622 } elseif ( $type === true ) {
3623 $message = 'confirmemail_body_changed';
3624 } else {
3625 $message = 'confirmemail_body_' . $type;
3628 return $this->sendMail( wfMessage( 'confirmemail_subject' )->text(),
3629 wfMessage( $message,
3630 $this->getRequest()->getIP(),
3631 $this->getName(),
3632 $url,
3633 $wgLang->timeanddate( $expiration, false ),
3634 $invalidateURL,
3635 $wgLang->date( $expiration, false ),
3636 $wgLang->time( $expiration, false ) )->text() );
3640 * Send an e-mail to this user's account. Does not check for
3641 * confirmed status or validity.
3643 * @param string $subject Message subject
3644 * @param string $body Message body
3645 * @param string $from Optional From address; if unspecified, default $wgPasswordSender will be used
3646 * @param string $replyto Reply-To address
3647 * @return Status
3649 public function sendMail( $subject, $body, $from = null, $replyto = null ) {
3650 if ( is_null( $from ) ) {
3651 global $wgPasswordSender, $wgPasswordSenderName;
3652 $sender = new MailAddress( $wgPasswordSender, $wgPasswordSenderName );
3653 } else {
3654 $sender = new MailAddress( $from );
3657 $to = new MailAddress( $this );
3658 return UserMailer::send( $to, $sender, $subject, $body, $replyto );
3662 * Generate, store, and return a new e-mail confirmation code.
3663 * A hash (unsalted, since it's used as a key) is stored.
3665 * @note Call saveSettings() after calling this function to commit
3666 * this change to the database.
3668 * @param &$expiration \mixed Accepts the expiration time
3669 * @return String New token
3671 protected function confirmationToken( &$expiration ) {
3672 global $wgUserEmailConfirmationTokenExpiry;
3673 $now = time();
3674 $expires = $now + $wgUserEmailConfirmationTokenExpiry;
3675 $expiration = wfTimestamp( TS_MW, $expires );
3676 $this->load();
3677 $token = MWCryptRand::generateHex( 32 );
3678 $hash = md5( $token );
3679 $this->mEmailToken = $hash;
3680 $this->mEmailTokenExpires = $expiration;
3681 return $token;
3685 * Return a URL the user can use to confirm their email address.
3686 * @param string $token Accepts the email confirmation token
3687 * @return String New token URL
3689 protected function confirmationTokenUrl( $token ) {
3690 return $this->getTokenUrl( 'ConfirmEmail', $token );
3694 * Return a URL the user can use to invalidate their email address.
3695 * @param string $token Accepts the email confirmation token
3696 * @return String New token URL
3698 protected function invalidationTokenUrl( $token ) {
3699 return $this->getTokenUrl( 'InvalidateEmail', $token );
3703 * Internal function to format the e-mail validation/invalidation URLs.
3704 * This uses a quickie hack to use the
3705 * hardcoded English names of the Special: pages, for ASCII safety.
3707 * @note Since these URLs get dropped directly into emails, using the
3708 * short English names avoids insanely long URL-encoded links, which
3709 * also sometimes can get corrupted in some browsers/mailers
3710 * (bug 6957 with Gmail and Internet Explorer).
3712 * @param string $page Special page
3713 * @param string $token Token
3714 * @return String Formatted URL
3716 protected function getTokenUrl( $page, $token ) {
3717 // Hack to bypass localization of 'Special:'
3718 $title = Title::makeTitle( NS_MAIN, "Special:$page/$token" );
3719 return $title->getCanonicalURL();
3723 * Mark the e-mail address confirmed.
3725 * @note Call saveSettings() after calling this function to commit the change.
3727 * @return bool
3729 public function confirmEmail() {
3730 // Check if it's already confirmed, so we don't touch the database
3731 // and fire the ConfirmEmailComplete hook on redundant confirmations.
3732 if ( !$this->isEmailConfirmed() ) {
3733 $this->setEmailAuthenticationTimestamp( wfTimestampNow() );
3734 wfRunHooks( 'ConfirmEmailComplete', array( $this ) );
3736 return true;
3740 * Invalidate the user's e-mail confirmation, and unauthenticate the e-mail
3741 * address if it was already confirmed.
3743 * @note Call saveSettings() after calling this function to commit the change.
3744 * @return bool Returns true
3746 function invalidateEmail() {
3747 $this->load();
3748 $this->mEmailToken = null;
3749 $this->mEmailTokenExpires = null;
3750 $this->setEmailAuthenticationTimestamp( null );
3751 wfRunHooks( 'InvalidateEmailComplete', array( $this ) );
3752 return true;
3756 * Set the e-mail authentication timestamp.
3757 * @param string $timestamp TS_MW timestamp
3759 function setEmailAuthenticationTimestamp( $timestamp ) {
3760 $this->load();
3761 $this->mEmailAuthenticated = $timestamp;
3762 wfRunHooks( 'UserSetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
3766 * Is this user allowed to send e-mails within limits of current
3767 * site configuration?
3768 * @return Bool
3770 public function canSendEmail() {
3771 global $wgEnableEmail, $wgEnableUserEmail;
3772 if ( !$wgEnableEmail || !$wgEnableUserEmail || !$this->isAllowed( 'sendemail' ) ) {
3773 return false;
3775 $canSend = $this->isEmailConfirmed();
3776 wfRunHooks( 'UserCanSendEmail', array( &$this, &$canSend ) );
3777 return $canSend;
3781 * Is this user allowed to receive e-mails within limits of current
3782 * site configuration?
3783 * @return Bool
3785 public function canReceiveEmail() {
3786 return $this->isEmailConfirmed() && !$this->getOption( 'disablemail' );
3790 * Is this user's e-mail address valid-looking and confirmed within
3791 * limits of the current site configuration?
3793 * @note If $wgEmailAuthentication is on, this may require the user to have
3794 * confirmed their address by returning a code or using a password
3795 * sent to the address from the wiki.
3797 * @return Bool
3799 public function isEmailConfirmed() {
3800 global $wgEmailAuthentication;
3801 $this->load();
3802 $confirmed = true;
3803 if ( wfRunHooks( 'EmailConfirmed', array( &$this, &$confirmed ) ) ) {
3804 if ( $this->isAnon() ) {
3805 return false;
3807 if ( !Sanitizer::validateEmail( $this->mEmail ) ) {
3808 return false;
3810 if ( $wgEmailAuthentication && !$this->getEmailAuthenticationTimestamp() ) {
3811 return false;
3813 return true;
3814 } else {
3815 return $confirmed;
3820 * Check whether there is an outstanding request for e-mail confirmation.
3821 * @return Bool
3823 public function isEmailConfirmationPending() {
3824 global $wgEmailAuthentication;
3825 return $wgEmailAuthentication &&
3826 !$this->isEmailConfirmed() &&
3827 $this->mEmailToken &&
3828 $this->mEmailTokenExpires > wfTimestamp();
3832 * Get the timestamp of account creation.
3834 * @return String|Bool|Null Timestamp of account creation, false for
3835 * non-existent/anonymous user accounts, or null if existing account
3836 * but information is not in database.
3838 public function getRegistration() {
3839 if ( $this->isAnon() ) {
3840 return false;
3842 $this->load();
3843 return $this->mRegistration;
3847 * Get the timestamp of the first edit
3849 * @return String|Bool Timestamp of first edit, or false for
3850 * non-existent/anonymous user accounts.
3852 public function getFirstEditTimestamp() {
3853 if ( $this->getId() == 0 ) {
3854 return false; // anons
3856 $dbr = wfGetDB( DB_SLAVE );
3857 $time = $dbr->selectField( 'revision', 'rev_timestamp',
3858 array( 'rev_user' => $this->getId() ),
3859 __METHOD__,
3860 array( 'ORDER BY' => 'rev_timestamp ASC' )
3862 if ( !$time ) {
3863 return false; // no edits
3865 return wfTimestamp( TS_MW, $time );
3869 * Get the permissions associated with a given list of groups
3871 * @param array $groups of Strings List of internal group names
3872 * @return Array of Strings List of permission key names for given groups combined
3874 public static function getGroupPermissions( $groups ) {
3875 global $wgGroupPermissions, $wgRevokePermissions;
3876 $rights = array();
3877 // grant every granted permission first
3878 foreach ( $groups as $group ) {
3879 if ( isset( $wgGroupPermissions[$group] ) ) {
3880 $rights = array_merge( $rights,
3881 // array_filter removes empty items
3882 array_keys( array_filter( $wgGroupPermissions[$group] ) ) );
3885 // now revoke the revoked permissions
3886 foreach ( $groups as $group ) {
3887 if ( isset( $wgRevokePermissions[$group] ) ) {
3888 $rights = array_diff( $rights,
3889 array_keys( array_filter( $wgRevokePermissions[$group] ) ) );
3892 return array_unique( $rights );
3896 * Get all the groups who have a given permission
3898 * @param string $role Role to check
3899 * @return Array of Strings List of internal group names with the given permission
3901 public static function getGroupsWithPermission( $role ) {
3902 global $wgGroupPermissions;
3903 $allowedGroups = array();
3904 foreach ( array_keys( $wgGroupPermissions ) as $group ) {
3905 if ( self::groupHasPermission( $group, $role ) ) {
3906 $allowedGroups[] = $group;
3909 return $allowedGroups;
3913 * Check, if the given group has the given permission
3915 * @since 1.21
3916 * @param string $group Group to check
3917 * @param string $role Role to check
3918 * @return bool
3920 public static function groupHasPermission( $group, $role ) {
3921 global $wgGroupPermissions, $wgRevokePermissions;
3922 return isset( $wgGroupPermissions[$group][$role] ) && $wgGroupPermissions[$group][$role]
3923 && !( isset( $wgRevokePermissions[$group][$role] ) && $wgRevokePermissions[$group][$role] );
3927 * Get the localized descriptive name for a group, if it exists
3929 * @param string $group Internal group name
3930 * @return String Localized descriptive group name
3932 public static function getGroupName( $group ) {
3933 $msg = wfMessage( "group-$group" );
3934 return $msg->isBlank() ? $group : $msg->text();
3938 * Get the localized descriptive name for a member of a group, if it exists
3940 * @param string $group Internal group name
3941 * @param string $username Username for gender (since 1.19)
3942 * @return String Localized name for group member
3944 public static function getGroupMember( $group, $username = '#' ) {
3945 $msg = wfMessage( "group-$group-member", $username );
3946 return $msg->isBlank() ? $group : $msg->text();
3950 * Return the set of defined explicit groups.
3951 * The implicit groups (by default *, 'user' and 'autoconfirmed')
3952 * are not included, as they are defined automatically, not in the database.
3953 * @return Array of internal group names
3955 public static function getAllGroups() {
3956 global $wgGroupPermissions, $wgRevokePermissions;
3957 return array_diff(
3958 array_merge( array_keys( $wgGroupPermissions ), array_keys( $wgRevokePermissions ) ),
3959 self::getImplicitGroups()
3964 * Get a list of all available permissions.
3965 * @return Array of permission names
3967 public static function getAllRights() {
3968 if ( self::$mAllRights === false ) {
3969 global $wgAvailableRights;
3970 if ( count( $wgAvailableRights ) ) {
3971 self::$mAllRights = array_unique( array_merge( self::$mCoreRights, $wgAvailableRights ) );
3972 } else {
3973 self::$mAllRights = self::$mCoreRights;
3975 wfRunHooks( 'UserGetAllRights', array( &self::$mAllRights ) );
3977 return self::$mAllRights;
3981 * Get a list of implicit groups
3982 * @return Array of Strings Array of internal group names
3984 public static function getImplicitGroups() {
3985 global $wgImplicitGroups;
3986 $groups = $wgImplicitGroups;
3987 wfRunHooks( 'UserGetImplicitGroups', array( &$groups ) ); #deprecated, use $wgImplictGroups instead
3988 return $groups;
3992 * Get the title of a page describing a particular group
3994 * @param string $group Internal group name
3995 * @return Title|Bool Title of the page if it exists, false otherwise
3997 public static function getGroupPage( $group ) {
3998 $msg = wfMessage( 'grouppage-' . $group )->inContentLanguage();
3999 if ( $msg->exists() ) {
4000 $title = Title::newFromText( $msg->text() );
4001 if ( is_object( $title ) ) {
4002 return $title;
4005 return false;
4009 * Create a link to the group in HTML, if available;
4010 * else return the group name.
4012 * @param string $group Internal name of the group
4013 * @param string $text The text of the link
4014 * @return String HTML link to the group
4016 public static function makeGroupLinkHTML( $group, $text = '' ) {
4017 if ( $text == '' ) {
4018 $text = self::getGroupName( $group );
4020 $title = self::getGroupPage( $group );
4021 if ( $title ) {
4022 return Linker::link( $title, htmlspecialchars( $text ) );
4023 } else {
4024 return $text;
4029 * Create a link to the group in Wikitext, if available;
4030 * else return the group name.
4032 * @param string $group Internal name of the group
4033 * @param string $text The text of the link
4034 * @return String Wikilink to the group
4036 public static function makeGroupLinkWiki( $group, $text = '' ) {
4037 if ( $text == '' ) {
4038 $text = self::getGroupName( $group );
4040 $title = self::getGroupPage( $group );
4041 if ( $title ) {
4042 $page = $title->getPrefixedText();
4043 return "[[$page|$text]]";
4044 } else {
4045 return $text;
4050 * Returns an array of the groups that a particular group can add/remove.
4052 * @param string $group the group to check for whether it can add/remove
4053 * @return Array array( 'add' => array( addablegroups ),
4054 * 'remove' => array( removablegroups ),
4055 * 'add-self' => array( addablegroups to self),
4056 * 'remove-self' => array( removable groups from self) )
4058 public static function changeableByGroup( $group ) {
4059 global $wgAddGroups, $wgRemoveGroups, $wgGroupsAddToSelf, $wgGroupsRemoveFromSelf;
4061 $groups = array( 'add' => array(), 'remove' => array(), 'add-self' => array(), 'remove-self' => array() );
4062 if ( empty( $wgAddGroups[$group] ) ) {
4063 // Don't add anything to $groups
4064 } elseif ( $wgAddGroups[$group] === true ) {
4065 // You get everything
4066 $groups['add'] = self::getAllGroups();
4067 } elseif ( is_array( $wgAddGroups[$group] ) ) {
4068 $groups['add'] = $wgAddGroups[$group];
4071 // Same thing for remove
4072 if ( empty( $wgRemoveGroups[$group] ) ) {
4073 } elseif ( $wgRemoveGroups[$group] === true ) {
4074 $groups['remove'] = self::getAllGroups();
4075 } elseif ( is_array( $wgRemoveGroups[$group] ) ) {
4076 $groups['remove'] = $wgRemoveGroups[$group];
4079 // Re-map numeric keys of AddToSelf/RemoveFromSelf to the 'user' key for backwards compatibility
4080 if ( empty( $wgGroupsAddToSelf['user'] ) || $wgGroupsAddToSelf['user'] !== true ) {
4081 foreach ( $wgGroupsAddToSelf as $key => $value ) {
4082 if ( is_int( $key ) ) {
4083 $wgGroupsAddToSelf['user'][] = $value;
4088 if ( empty( $wgGroupsRemoveFromSelf['user'] ) || $wgGroupsRemoveFromSelf['user'] !== true ) {
4089 foreach ( $wgGroupsRemoveFromSelf as $key => $value ) {
4090 if ( is_int( $key ) ) {
4091 $wgGroupsRemoveFromSelf['user'][] = $value;
4096 // Now figure out what groups the user can add to him/herself
4097 if ( empty( $wgGroupsAddToSelf[$group] ) ) {
4098 } elseif ( $wgGroupsAddToSelf[$group] === true ) {
4099 // No idea WHY this would be used, but it's there
4100 $groups['add-self'] = User::getAllGroups();
4101 } elseif ( is_array( $wgGroupsAddToSelf[$group] ) ) {
4102 $groups['add-self'] = $wgGroupsAddToSelf[$group];
4105 if ( empty( $wgGroupsRemoveFromSelf[$group] ) ) {
4106 } elseif ( $wgGroupsRemoveFromSelf[$group] === true ) {
4107 $groups['remove-self'] = User::getAllGroups();
4108 } elseif ( is_array( $wgGroupsRemoveFromSelf[$group] ) ) {
4109 $groups['remove-self'] = $wgGroupsRemoveFromSelf[$group];
4112 return $groups;
4116 * Returns an array of groups that this user can add and remove
4117 * @return Array array( 'add' => array( addablegroups ),
4118 * 'remove' => array( removablegroups ),
4119 * 'add-self' => array( addablegroups to self),
4120 * 'remove-self' => array( removable groups from self) )
4122 public function changeableGroups() {
4123 if ( $this->isAllowed( 'userrights' ) ) {
4124 // This group gives the right to modify everything (reverse-
4125 // compatibility with old "userrights lets you change
4126 // everything")
4127 // Using array_merge to make the groups reindexed
4128 $all = array_merge( User::getAllGroups() );
4129 return array(
4130 'add' => $all,
4131 'remove' => $all,
4132 'add-self' => array(),
4133 'remove-self' => array()
4137 // Okay, it's not so simple, we will have to go through the arrays
4138 $groups = array(
4139 'add' => array(),
4140 'remove' => array(),
4141 'add-self' => array(),
4142 'remove-self' => array()
4144 $addergroups = $this->getEffectiveGroups();
4146 foreach ( $addergroups as $addergroup ) {
4147 $groups = array_merge_recursive(
4148 $groups, $this->changeableByGroup( $addergroup )
4150 $groups['add'] = array_unique( $groups['add'] );
4151 $groups['remove'] = array_unique( $groups['remove'] );
4152 $groups['add-self'] = array_unique( $groups['add-self'] );
4153 $groups['remove-self'] = array_unique( $groups['remove-self'] );
4155 return $groups;
4159 * Increment the user's edit-count field.
4160 * Will have no effect for anonymous users.
4162 public function incEditCount() {
4163 if ( !$this->isAnon() ) {
4164 $dbw = wfGetDB( DB_MASTER );
4165 $dbw->update(
4166 'user',
4167 array( 'user_editcount=user_editcount+1' ),
4168 array( 'user_id' => $this->getId() ),
4169 __METHOD__
4172 // Lazy initialization check...
4173 if ( $dbw->affectedRows() == 0 ) {
4174 // Now here's a goddamn hack...
4175 $dbr = wfGetDB( DB_SLAVE );
4176 if ( $dbr !== $dbw ) {
4177 // If we actually have a slave server, the count is
4178 // at least one behind because the current transaction
4179 // has not been committed and replicated.
4180 $this->initEditCount( 1 );
4181 } else {
4182 // But if DB_SLAVE is selecting the master, then the
4183 // count we just read includes the revision that was
4184 // just added in the working transaction.
4185 $this->initEditCount();
4189 // edit count in user cache too
4190 $this->invalidateCache();
4194 * Initialize user_editcount from data out of the revision table
4196 * @param $add Integer Edits to add to the count from the revision table
4197 * @return Integer Number of edits
4199 protected function initEditCount( $add = 0 ) {
4200 // Pull from a slave to be less cruel to servers
4201 // Accuracy isn't the point anyway here
4202 $dbr = wfGetDB( DB_SLAVE );
4203 $count = (int) $dbr->selectField(
4204 'revision',
4205 'COUNT(rev_user)',
4206 array( 'rev_user' => $this->getId() ),
4207 __METHOD__
4209 $count = $count + $add;
4211 $dbw = wfGetDB( DB_MASTER );
4212 $dbw->update(
4213 'user',
4214 array( 'user_editcount' => $count ),
4215 array( 'user_id' => $this->getId() ),
4216 __METHOD__
4219 return $count;
4223 * Get the description of a given right
4225 * @param string $right Right to query
4226 * @return String Localized description of the right
4228 public static function getRightDescription( $right ) {
4229 $key = "right-$right";
4230 $msg = wfMessage( $key );
4231 return $msg->isBlank() ? $right : $msg->text();
4235 * Make an old-style password hash
4237 * @param string $password Plain-text password
4238 * @param string $userId User ID
4239 * @return String Password hash
4241 public static function oldCrypt( $password, $userId ) {
4242 global $wgPasswordSalt;
4243 if ( $wgPasswordSalt ) {
4244 return md5( $userId . '-' . md5( $password ) );
4245 } else {
4246 return md5( $password );
4251 * Make a new-style password hash
4253 * @param string $password Plain-text password
4254 * @param bool|string $salt Optional salt, may be random or the user ID.
4256 * If unspecified or false, will generate one automatically
4257 * @return String Password hash
4259 public static function crypt( $password, $salt = false ) {
4260 global $wgPasswordSalt;
4262 $hash = '';
4263 if ( !wfRunHooks( 'UserCryptPassword', array( &$password, &$salt, &$wgPasswordSalt, &$hash ) ) ) {
4264 return $hash;
4267 if ( $wgPasswordSalt ) {
4268 if ( $salt === false ) {
4269 $salt = MWCryptRand::generateHex( 8 );
4271 return ':B:' . $salt . ':' . md5( $salt . '-' . md5( $password ) );
4272 } else {
4273 return ':A:' . md5( $password );
4278 * Compare a password hash with a plain-text password. Requires the user
4279 * ID if there's a chance that the hash is an old-style hash.
4281 * @param string $hash Password hash
4282 * @param string $password Plain-text password to compare
4283 * @param string|bool $userId User ID for old-style password salt
4285 * @return Boolean
4287 public static function comparePasswords( $hash, $password, $userId = false ) {
4288 $type = substr( $hash, 0, 3 );
4290 $result = false;
4291 if ( !wfRunHooks( 'UserComparePasswords', array( &$hash, &$password, &$userId, &$result ) ) ) {
4292 return $result;
4295 if ( $type == ':A:' ) {
4296 # Unsalted
4297 return md5( $password ) === substr( $hash, 3 );
4298 } elseif ( $type == ':B:' ) {
4299 # Salted
4300 list( $salt, $realHash ) = explode( ':', substr( $hash, 3 ), 2 );
4301 return md5( $salt . '-' . md5( $password ) ) === $realHash;
4302 } else {
4303 # Old-style
4304 return self::oldCrypt( $password, $userId ) === $hash;
4309 * Add a newuser log entry for this user.
4310 * Before 1.19 the return value was always true.
4312 * @param string|bool $action account creation type.
4313 * - String, one of the following values:
4314 * - 'create' for an anonymous user creating an account for himself.
4315 * This will force the action's performer to be the created user itself,
4316 * no matter the value of $wgUser
4317 * - 'create2' for a logged in user creating an account for someone else
4318 * - 'byemail' when the created user will receive its password by e-mail
4319 * - Boolean means whether the account was created by e-mail (deprecated):
4320 * - true will be converted to 'byemail'
4321 * - false will be converted to 'create' if this object is the same as
4322 * $wgUser and to 'create2' otherwise
4324 * @param string $reason user supplied reason
4326 * @return int|bool True if not $wgNewUserLog; otherwise ID of log item or 0 on failure
4328 public function addNewUserLogEntry( $action = false, $reason = '' ) {
4329 global $wgUser, $wgNewUserLog;
4330 if ( empty( $wgNewUserLog ) ) {
4331 return true; // disabled
4334 if ( $action === true ) {
4335 $action = 'byemail';
4336 } elseif ( $action === false ) {
4337 if ( $this->getName() == $wgUser->getName() ) {
4338 $action = 'create';
4339 } else {
4340 $action = 'create2';
4344 if ( $action === 'create' || $action === 'autocreate' ) {
4345 $performer = $this;
4346 } else {
4347 $performer = $wgUser;
4350 $logEntry = new ManualLogEntry( 'newusers', $action );
4351 $logEntry->setPerformer( $performer );
4352 $logEntry->setTarget( $this->getUserPage() );
4353 $logEntry->setComment( $reason );
4354 $logEntry->setParameters( array(
4355 '4::userid' => $this->getId(),
4356 ) );
4357 $logid = $logEntry->insert();
4359 if ( $action !== 'autocreate' ) {
4360 $logEntry->publish( $logid );
4363 return (int)$logid;
4367 * Add an autocreate newuser log entry for this user
4368 * Used by things like CentralAuth and perhaps other authplugins.
4369 * Consider calling addNewUserLogEntry() directly instead.
4371 * @return bool
4373 public function addNewUserLogEntryAutoCreate() {
4374 $this->addNewUserLogEntry( 'autocreate' );
4376 return true;
4380 * Load the user options either from cache, the database or an array
4382 * @param array $data Rows for the current user out of the user_properties table
4384 protected function loadOptions( $data = null ) {
4385 global $wgContLang;
4387 $this->load();
4389 if ( $this->mOptionsLoaded ) {
4390 return;
4393 $this->mOptions = self::getDefaultOptions();
4395 if ( !$this->getId() ) {
4396 // For unlogged-in users, load language/variant options from request.
4397 // There's no need to do it for logged-in users: they can set preferences,
4398 // and handling of page content is done by $pageLang->getPreferredVariant() and such,
4399 // so don't override user's choice (especially when the user chooses site default).
4400 $variant = $wgContLang->getDefaultVariant();
4401 $this->mOptions['variant'] = $variant;
4402 $this->mOptions['language'] = $variant;
4403 $this->mOptionsLoaded = true;
4404 return;
4407 // Maybe load from the object
4408 if ( !is_null( $this->mOptionOverrides ) ) {
4409 wfDebug( "User: loading options for user " . $this->getId() . " from override cache.\n" );
4410 foreach ( $this->mOptionOverrides as $key => $value ) {
4411 $this->mOptions[$key] = $value;
4413 } else {
4414 if ( !is_array( $data ) ) {
4415 wfDebug( "User: loading options for user " . $this->getId() . " from database.\n" );
4416 // Load from database
4417 $dbr = wfGetDB( DB_SLAVE );
4419 $res = $dbr->select(
4420 'user_properties',
4421 array( 'up_property', 'up_value' ),
4422 array( 'up_user' => $this->getId() ),
4423 __METHOD__
4426 $this->mOptionOverrides = array();
4427 $data = array();
4428 foreach ( $res as $row ) {
4429 $data[$row->up_property] = $row->up_value;
4432 foreach ( $data as $property => $value ) {
4433 $this->mOptionOverrides[$property] = $value;
4434 $this->mOptions[$property] = $value;
4438 $this->mOptionsLoaded = true;
4440 wfRunHooks( 'UserLoadOptions', array( $this, &$this->mOptions ) );
4444 * @todo document
4446 protected function saveOptions() {
4447 $this->loadOptions();
4449 // Not using getOptions(), to keep hidden preferences in database
4450 $saveOptions = $this->mOptions;
4452 // Allow hooks to abort, for instance to save to a global profile.
4453 // Reset options to default state before saving.
4454 if ( !wfRunHooks( 'UserSaveOptions', array( $this, &$saveOptions ) ) ) {
4455 return;
4458 $userId = $this->getId();
4459 $insert_rows = array();
4460 foreach ( $saveOptions as $key => $value ) {
4461 # Don't bother storing default values
4462 $defaultOption = self::getDefaultOption( $key );
4463 if ( ( is_null( $defaultOption ) &&
4464 !( $value === false || is_null( $value ) ) ) ||
4465 $value != $defaultOption ) {
4466 $insert_rows[] = array(
4467 'up_user' => $userId,
4468 'up_property' => $key,
4469 'up_value' => $value,
4474 $dbw = wfGetDB( DB_MASTER );
4475 $hasRows = $dbw->selectField( 'user_properties', '1',
4476 array( 'up_user' => $userId ), __METHOD__ );
4478 if ( $hasRows ) {
4479 // Only do this delete if there is something there. A very large portion of
4480 // calls to this function are for setting 'rememberpassword' for new accounts.
4481 // Doing this delete for new accounts with no rows in the table rougly causes
4482 // gap locks on [max user ID,+infinity) which causes high contention since many
4483 // updates will pile up on each other since they are for higher (newer) user IDs.
4484 $dbw->delete( 'user_properties', array( 'up_user' => $userId ), __METHOD__ );
4486 $dbw->insert( 'user_properties', $insert_rows, __METHOD__, array( 'IGNORE' ) );
4490 * Provide an array of HTML5 attributes to put on an input element
4491 * intended for the user to enter a new password. This may include
4492 * required, title, and/or pattern, depending on $wgMinimalPasswordLength.
4494 * Do *not* use this when asking the user to enter his current password!
4495 * Regardless of configuration, users may have invalid passwords for whatever
4496 * reason (e.g., they were set before requirements were tightened up).
4497 * Only use it when asking for a new password, like on account creation or
4498 * ResetPass.
4500 * Obviously, you still need to do server-side checking.
4502 * NOTE: A combination of bugs in various browsers means that this function
4503 * actually just returns array() unconditionally at the moment. May as
4504 * well keep it around for when the browser bugs get fixed, though.
4506 * @todo FIXME: This does not belong here; put it in Html or Linker or somewhere
4508 * @return array Array of HTML attributes suitable for feeding to
4509 * Html::element(), directly or indirectly. (Don't feed to Xml::*()!
4510 * That will get confused by the boolean attribute syntax used.)
4512 public static function passwordChangeInputAttribs() {
4513 global $wgMinimalPasswordLength;
4515 if ( $wgMinimalPasswordLength == 0 ) {
4516 return array();
4519 # Note that the pattern requirement will always be satisfied if the
4520 # input is empty, so we need required in all cases.
4522 # @todo FIXME: Bug 23769: This needs to not claim the password is required
4523 # if e-mail confirmation is being used. Since HTML5 input validation
4524 # is b0rked anyway in some browsers, just return nothing. When it's
4525 # re-enabled, fix this code to not output required for e-mail
4526 # registration.
4527 #$ret = array( 'required' );
4528 $ret = array();
4530 # We can't actually do this right now, because Opera 9.6 will print out
4531 # the entered password visibly in its error message! When other
4532 # browsers add support for this attribute, or Opera fixes its support,
4533 # we can add support with a version check to avoid doing this on Opera
4534 # versions where it will be a problem. Reported to Opera as
4535 # DSK-262266, but they don't have a public bug tracker for us to follow.
4537 if ( $wgMinimalPasswordLength > 1 ) {
4538 $ret['pattern'] = '.{' . intval( $wgMinimalPasswordLength ) . ',}';
4539 $ret['title'] = wfMessage( 'passwordtooshort' )
4540 ->numParams( $wgMinimalPasswordLength )->text();
4544 return $ret;
4548 * Return the list of user fields that should be selected to create
4549 * a new user object.
4550 * @return array
4552 public static function selectFields() {
4553 return array(
4554 'user_id',
4555 'user_name',
4556 'user_real_name',
4557 'user_password',
4558 'user_newpassword',
4559 'user_newpass_time',
4560 'user_email',
4561 'user_touched',
4562 'user_token',
4563 'user_email_authenticated',
4564 'user_email_token',
4565 'user_email_token_expires',
4566 'user_registration',
4567 'user_editcount',