search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge "Import BatchRowUpdate classes from Echo"
[mediawiki.git] / includes / User.php
blob9b958f42dd1dabf26f85bef61699555895116097
1 <?php
2 /**
3 * Implements the User class for the %MediaWiki software.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 /**
24 * String Some punctuation to prevent editing from broken text-mangling proxies.
25 * @ingroup Constants
26 */
27 define( 'EDIT_TOKEN_SUFFIX', '+\\' );
28
29 /**
30 * The User object encapsulates all of the user-specific settings (user_id,
31 * name, rights, password, email address, options, last login time). Client
32 * classes use the getXXX() functions to access these fields. These functions
33 * do all the work of determining whether the user is logged in,
34 * whether the requested option can be satisfied from cookies or
35 * whether a database query is needed. Most of the settings needed
36 * for rendering normal pages are set in the cookie to minimize use
37 * of the database.
38 */
39 class User implements IDBAccessObject {
40 /**
41 * @const int Number of characters in user_token field.
42 */
43 const TOKEN_LENGTH = 32;
44
45 /**
46 * Global constant made accessible as class constants so that autoloader
47 * magic can be used.
48 */
49 const EDIT_TOKEN_SUFFIX = EDIT_TOKEN_SUFFIX;
50
51 /**
52 * @const int Serialized record version.
53 */
54 const VERSION = 10;
55
56 /**
57 * Maximum items in $mWatchedItems
58 */
59 const MAX_WATCHED_ITEMS_CACHE = 100;
60
61 /**
62 * Exclude user options that are set to their default value.
63 * @since 1.25
64 */
65 const GETOPTIONS_EXCLUDE_DEFAULTS = 1;
66
67 /**
68 * @var PasswordFactory Lazily loaded factory object for passwords
69 */
70 private static $mPasswordFactory = null;
71
72 /**
73 * Array of Strings List of member variables which are saved to the
74 * shared cache (memcached). Any operation which changes the
75 * corresponding database fields must call a cache-clearing function.
76 * @showinitializer
77 */
78 protected static $mCacheVars = array(
79 // user table
80 'mId',
81 'mName',
82 'mRealName',
83 'mEmail',
84 'mTouched',
85 'mToken',
86 'mEmailAuthenticated',
87 'mEmailToken',
88 'mEmailTokenExpires',
89 'mRegistration',
90 'mEditCount',
91 // user_groups table
92 'mGroups',
93 // user_properties table
94 'mOptionOverrides',
95 );
96
97 /**
98 * Array of Strings Core rights.
99 * Each of these should have a corresponding message of the form
100 * "right-$right".
101 * @showinitializer
102 */
103 protected static $mCoreRights = array(
104 'apihighlimits',
105 'applychangetags',
106 'autoconfirmed',
107 'autopatrol',
108 'bigdelete',
109 'block',
110 'blockemail',
111 'bot',
112 'browsearchive',
113 'changetags',
114 'createaccount',
115 'createpage',
116 'createtalk',
117 'delete',
118 'deletedhistory',
119 'deletedtext',
120 'deletelogentry',
121 'deleterevision',
122 'edit',
123 'editcontentmodel',
124 'editinterface',
125 'editprotected',
126 'editmyoptions',
127 'editmyprivateinfo',
128 'editmyusercss',
129 'editmyuserjs',
130 'editmywatchlist',
131 'editsemiprotected',
132 'editusercssjs', #deprecated
133 'editusercss',
134 'edituserjs',
135 'hideuser',
136 'import',
137 'importupload',
138 'ipblock-exempt',
139 'managechangetags',
140 'markbotedits',
141 'mergehistory',
142 'minoredit',
143 'move',
144 'movefile',
145 'move-categorypages',
146 'move-rootuserpages',
147 'move-subpages',
148 'nominornewtalk',
149 'noratelimit',
150 'override-export-depth',
151 'pagelang',
152 'passwordreset',
153 'patrol',
154 'patrolmarks',
155 'protect',
156 'proxyunbannable',
157 'purge',
158 'read',
159 'reupload',
160 'reupload-own',
161 'reupload-shared',
162 'rollback',
163 'sendemail',
164 'siteadmin',
165 'suppressionlog',
166 'suppressredirect',
167 'suppressrevision',
168 'unblockself',
169 'undelete',
170 'unwatchedpages',
171 'upload',
172 'upload_by_url',
173 'userrights',
174 'userrights-interwiki',
175 'viewmyprivateinfo',
176 'viewmywatchlist',
177 'viewsuppressed',
178 'writeapi',
179 );
180
181 /**
182 * String Cached results of getAllRights()
183 */
184 protected static $mAllRights = false;
185
186 /** Cache variables */
187 //@{
188 public $mId;
189 /** @var string */
190 public $mName;
191 /** @var string */
192 public $mRealName;
193 /**
194 * @todo Make this actually private
195 * @private
196 * @var Password
197 */
198 public $mPassword;
199 /**
200 * @todo Make this actually private
201 * @private
202 * @var Password
203 */
204 public $mNewpassword;
205 /** @var string */
206 public $mNewpassTime;
207 /** @var string */
208 public $mEmail;
209 /** @var string TS_MW timestamp from the DB */
210 public $mTouched;
211 /** @var string TS_MW timestamp from cache */
212 protected $mQuickTouched;
213 /** @var string */
214 protected $mToken;
215 /** @var string */
216 public $mEmailAuthenticated;
217 /** @var string */
218 protected $mEmailToken;
219 /** @var string */
220 protected $mEmailTokenExpires;
221 /** @var string */
222 protected $mRegistration;
223 /** @var int */
224 protected $mEditCount;
225 /** @var array */
226 public $mGroups;
227 /** @var array */
228 protected $mOptionOverrides;
229 /** @var string */
230 protected $mPasswordExpires;
231 //@}
232
233 /**
234 * Bool Whether the cache variables have been loaded.
235 */
236 //@{
237 public $mOptionsLoaded;
238
239 /**
240 * Array with already loaded items or true if all items have been loaded.
241 */
242 protected $mLoadedItems = array();
243 //@}
244
245 /**
246 * String Initialization data source if mLoadedItems!==true. May be one of:
247 * - 'defaults' anonymous user initialised from class defaults
248 * - 'name' initialise from mName
249 * - 'id' initialise from mId
250 * - 'session' log in from cookies or session if possible
251 *
252 * Use the User::newFrom*() family of functions to set this.
253 */
254 public $mFrom;
255
256 /**
257 * Lazy-initialized variables, invalidated with clearInstanceCache
258 */
259 protected $mNewtalk;
260 /** @var string */
261 protected $mDatePreference;
262 /** @var string */
263 public $mBlockedby;
264 /** @var string */
265 protected $mHash;
266 /** @var array */
267 public $mRights;
268 /** @var string */
269 protected $mBlockreason;
270 /** @var array */
271 protected $mEffectiveGroups;
272 /** @var array */
273 protected $mImplicitGroups;
274 /** @var array */
275 protected $mFormerGroups;
276 /** @var bool */
277 protected $mBlockedGlobally;
278 /** @var bool */
279 protected $mLocked;
280 /** @var bool */
281 public $mHideName;
282 /** @var array */
283 public $mOptions;
284
285 /**
286 * @var WebRequest
287 */
288 private $mRequest;
289
290 /** @var Block */
291 public $mBlock;
292
293 /** @var bool */
294 protected $mAllowUsertalk;
295
296 /** @var Block */
297 private $mBlockedFromCreateAccount = false;
298
299 /** @var array */
300 private $mWatchedItems = array();
301
302 /** @var integer User::READ_* constant bitfield used to load data */
303 protected $queryFlagsUsed = self::READ_NORMAL;
304
305 public static $idCacheByName = array();
306
307 /**
308 * Lightweight constructor for an anonymous user.
309 * Use the User::newFrom* factory functions for other kinds of users.
310 *
311 * @see newFromName()
312 * @see newFromId()
313 * @see newFromConfirmationCode()
314 * @see newFromSession()
315 * @see newFromRow()
316 */
317 public function __construct() {
318 $this->clearInstanceCache( 'defaults' );
319 }
320
321 /**
322 * @return string
323 */
324 public function __toString() {
325 return $this->getName();
326 }
327
328 /**
329 * Load the user table data for this object from the source given by mFrom.
330 *
331 * @param integer $flags User::READ_* constant bitfield
332 */
333 public function load( $flags = self::READ_NORMAL ) {
334 if ( $this->mLoadedItems === true ) {
335 return;
336 }
337
338 // Set it now to avoid infinite recursion in accessors
339 $this->mLoadedItems = true;
340 $this->queryFlagsUsed = $flags;
341
342 switch ( $this->mFrom ) {
343 case 'defaults':
344 $this->loadDefaults();
345 break;
346 case 'name':
347 // Make sure this thread sees its own changes
348 if ( wfGetLB()->hasOrMadeRecentMasterChanges() ) {
349 $flags |= self::READ_LATEST;
350 $this->queryFlagsUsed = $flags;
351 }
352
353 $this->mId = self::idFromName( $this->mName, $flags );
354 if ( !$this->mId ) {
355 // Nonexistent user placeholder object
356 $this->loadDefaults( $this->mName );
357 } else {
358 $this->loadFromId( $flags );
359 }
360 break;
361 case 'id':
362 $this->loadFromId( $flags );
363 break;
364 case 'session':
365 if ( !$this->loadFromSession() ) {
366 // Loading from session failed. Load defaults.
367 $this->loadDefaults();
368 }
369 Hooks::run( 'UserLoadAfterLoadFromSession', array( $this ) );
370 break;
371 default:
372 throw new UnexpectedValueException(
373 "Unrecognised value for User->mFrom: \"{$this->mFrom}\"" );
374 }
375 }
376
377 /**
378 * Load user table data, given mId has already been set.
379 * @param integer $flags User::READ_* constant bitfield
380 * @return bool False if the ID does not exist, true otherwise
381 */
382 public function loadFromId( $flags = self::READ_NORMAL ) {
383 if ( $this->mId == 0 ) {
384 $this->loadDefaults();
385 return false;
386 }
387
388 // Try cache (unless this needs to lock the DB).
389 // NOTE: if this thread called saveSettings(), the cache was cleared.
390 $locking = ( ( $flags & self::READ_LOCKING ) == self::READ_LOCKING );
391 if ( $locking || !$this->loadFromCache() ) {
392 wfDebug( "User: cache miss for user {$this->mId}\n" );
393 // Load from DB (make sure this thread sees its own changes)
394 if ( wfGetLB()->hasOrMadeRecentMasterChanges() ) {
395 $flags |= self::READ_LATEST;
396 }
397 if ( !$this->loadFromDatabase( $flags ) ) {
398 // Can't load from ID, user is anonymous
399 return false;
400 }
401 $this->saveToCache();
402 }
403
404 $this->mLoadedItems = true;
405 $this->queryFlagsUsed = $flags;
406
407 return true;
408 }
409
410 /**
411 * Load user data from shared cache, given mId has already been set.
412 *
413 * @return bool false if the ID does not exist or data is invalid, true otherwise
414 * @since 1.25
415 */
416 protected function loadFromCache() {
417 if ( $this->mId == 0 ) {
418 $this->loadDefaults();
419 return false;
420 }
421
422 $key = wfMemcKey( 'user', 'id', $this->mId );
423 $data = ObjectCache::getMainWANInstance()->get( $key );
424 if ( !is_array( $data ) || $data['mVersion'] < self::VERSION ) {
425 // Object is expired
426 return false;
427 }
428
429 wfDebug( "User: got user {$this->mId} from cache\n" );
430
431 // Restore from cache
432 foreach ( self::$mCacheVars as $name ) {
433 $this->$name = $data[$name];
434 }
435
436 return true;
437 }
438
439 /**
440 * Save user data to the shared cache
441 *
442 * This method should not be called outside the User class
443 */
444 public function saveToCache() {
445 $this->load();
446 $this->loadGroups();
447 $this->loadOptions();
448
449 if ( $this->isAnon() ) {
450 // Anonymous users are uncached
451 return;
452 }
453
454 $data = array();
455 foreach ( self::$mCacheVars as $name ) {
456 $data[$name] = $this->$name;
457 }
458 $data['mVersion'] = self::VERSION;
459 $key = wfMemcKey( 'user', 'id', $this->mId );
460
461 ObjectCache::getMainWANInstance()->set( $key, $data, 3600 );
462 }
463
464 /** @name newFrom*() static factory methods */
465 //@{
466
467 /**
468 * Static factory method for creation from username.
469 *
470 * This is slightly less efficient than newFromId(), so use newFromId() if
471 * you have both an ID and a name handy.
472 *
473 * @param string $name Username, validated by Title::newFromText()
474 * @param string|bool $validate Validate username. Takes the same parameters as
475 * User::getCanonicalName(), except that true is accepted as an alias
476 * for 'valid', for BC.
477 *
478 * @return User|bool User object, or false if the username is invalid
479 * (e.g. if it contains illegal characters or is an IP address). If the
480 * username is not present in the database, the result will be a user object
481 * with a name, zero user ID and default settings.
482 */
483 public static function newFromName( $name, $validate = 'valid' ) {
484 if ( $validate === true ) {
485 $validate = 'valid';
486 }
487 $name = self::getCanonicalName( $name, $validate );
488 if ( $name === false ) {
489 return false;
490 } else {
491 // Create unloaded user object
492 $u = new User;
493 $u->mName = $name;
494 $u->mFrom = 'name';
495 $u->setItemLoaded( 'name' );
496 return $u;
497 }
498 }
499
500 /**
501 * Static factory method for creation from a given user ID.
502 *
503 * @param int $id Valid user ID
504 * @return User The corresponding User object
505 */
506 public static function newFromId( $id ) {
507 $u = new User;
508 $u->mId = $id;
509 $u->mFrom = 'id';
510 $u->setItemLoaded( 'id' );
511 return $u;
512 }
513
514 /**
515 * Factory method to fetch whichever user has a given email confirmation code.
516 * This code is generated when an account is created or its e-mail address
517 * has changed.
518 *
519 * If the code is invalid or has expired, returns NULL.
520 *
521 * @param string $code Confirmation code
522 * @param int $flags User::READ_* bitfield
523 * @return User|null
524 */
525 public static function newFromConfirmationCode( $code, $flags = 0 ) {
526 $db = ( $flags & self::READ_LATEST ) == self::READ_LATEST
527 ? wfGetDB( DB_MASTER )
528 : wfGetDB( DB_SLAVE );
529
530 $id = $db->selectField(
531 'user',
532 'user_id',
533 array(
534 'user_email_token' => md5( $code ),
535 'user_email_token_expires > ' . $db->addQuotes( $db->timestamp() ),
536 )
537 );
538
539 return $id ? User::newFromId( $id ) : null;
540 }
541
542 /**
543 * Create a new user object using data from session or cookies. If the
544 * login credentials are invalid, the result is an anonymous user.
545 *
546 * @param WebRequest|null $request Object to use; $wgRequest will be used if omitted.
547 * @return User
548 */
549 public static function newFromSession( WebRequest $request = null ) {
550 $user = new User;
551 $user->mFrom = 'session';
552 $user->mRequest = $request;
553 return $user;
554 }
555
556 /**
557 * Create a new user object from a user row.
558 * The row should have the following fields from the user table in it:
559 * - either user_name or user_id to load further data if needed (or both)
560 * - user_real_name
561 * - all other fields (email, password, etc.)
562 * It is useless to provide the remaining fields if either user_id,
563 * user_name and user_real_name are not provided because the whole row
564 * will be loaded once more from the database when accessing them.
565 *
566 * @param stdClass $row A row from the user table
567 * @param array $data Further data to load into the object (see User::loadFromRow for valid keys)
568 * @return User
569 */
570 public static function newFromRow( $row, $data = null ) {
571 $user = new User;
572 $user->loadFromRow( $row, $data );
573 return $user;
574 }
575
576 //@}
577
578 /**
579 * Get the username corresponding to a given user ID
580 * @param int $id User ID
581 * @return string|bool The corresponding username
582 */
583 public static function whoIs( $id ) {
584 return UserCache::singleton()->getProp( $id, 'name' );
585 }
586
587 /**
588 * Get the real name of a user given their user ID
589 *
590 * @param int $id User ID
591 * @return string|bool The corresponding user's real name
592 */
593 public static function whoIsReal( $id ) {
594 return UserCache::singleton()->getProp( $id, 'real_name' );
595 }
596
597 /**
598 * Get database id given a user name
599 * @param string $name Username
600 * @param integer $flags User::READ_* constant bitfield
601 * @return int|null The corresponding user's ID, or null if user is nonexistent
602 */
603 public static function idFromName( $name, $flags = self::READ_NORMAL ) {
604 $nt = Title::makeTitleSafe( NS_USER, $name );
605 if ( is_null( $nt ) ) {
606 // Illegal name
607 return null;
608 }
609
610 if ( isset( self::$idCacheByName[$name] ) ) {
611 return self::$idCacheByName[$name];
612 }
613
614 $db = ( $flags & self::READ_LATEST )
615 ? wfGetDB( DB_MASTER )
616 : wfGetDB( DB_SLAVE );
617
618 $s = $db->selectRow(
619 'user',
620 array( 'user_id' ),
621 array( 'user_name' => $nt->getText() ),
622 __METHOD__
623 );
624
625 if ( $s === false ) {
626 $result = null;
627 } else {
628 $result = $s->user_id;
629 }
630
631 self::$idCacheByName[$name] = $result;
632
633 if ( count( self::$idCacheByName ) > 1000 ) {
634 self::$idCacheByName = array();
635 }
636
637 return $result;
638 }
639
640 /**
641 * Reset the cache used in idFromName(). For use in tests.
642 */
643 public static function resetIdByNameCache() {
644 self::$idCacheByName = array();
645 }
646
647 /**
648 * Does the string match an anonymous IPv4 address?
649 *
650 * This function exists for username validation, in order to reject
651 * usernames which are similar in form to IP addresses. Strings such
652 * as 300.300.300.300 will return true because it looks like an IP
653 * address, despite not being strictly valid.
654 *
655 * We match "\d{1,3}\.\d{1,3}\.\d{1,3}\.xxx" as an anonymous IP
656 * address because the usemod software would "cloak" anonymous IP
657 * addresses like this, if we allowed accounts like this to be created
658 * new users could get the old edits of these anonymous users.
659 *
660 * @param string $name Name to match
661 * @return bool
662 */
663 public static function isIP( $name ) {
664 return preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/', $name )
665 || IP::isIPv6( $name );
666 }
667
668 /**
669 * Is the input a valid username?
670 *
671 * Checks if the input is a valid username, we don't want an empty string,
672 * an IP address, anything that contains slashes (would mess up subpages),
673 * is longer than the maximum allowed username size or doesn't begin with
674 * a capital letter.
675 *
676 * @param string $name Name to match
677 * @return bool
678 */
679 public static function isValidUserName( $name ) {
680 global $wgContLang, $wgMaxNameChars;
681
682 if ( $name == ''
683 || User::isIP( $name )
684 || strpos( $name, '/' ) !== false
685 || strlen( $name ) > $wgMaxNameChars
686 || $name != $wgContLang->ucfirst( $name )
687 ) {
688 wfDebugLog( 'username', __METHOD__ .
689 ": '$name' invalid due to empty, IP, slash, length, or lowercase" );
690 return false;
691 }
692
693 // Ensure that the name can't be misresolved as a different title,
694 // such as with extra namespace keys at the start.
695 $parsed = Title::newFromText( $name );
696 if ( is_null( $parsed )
697 || $parsed->getNamespace()
698 || strcmp( $name, $parsed->getPrefixedText() ) ) {
699 wfDebugLog( 'username', __METHOD__ .
700 ": '$name' invalid due to ambiguous prefixes" );
701 return false;
702 }
703
704 // Check an additional blacklist of troublemaker characters.
705 // Should these be merged into the title char list?
706 $unicodeBlacklist = '/[' .
707 '\x{0080}-\x{009f}' . # iso-8859-1 control chars
708 '\x{00a0}' . # non-breaking space
709 '\x{2000}-\x{200f}' . # various whitespace
710 '\x{2028}-\x{202f}' . # breaks and control chars
711 '\x{3000}' . # ideographic space
712 '\x{e000}-\x{f8ff}' . # private use
713 ']/u';
714 if ( preg_match( $unicodeBlacklist, $name ) ) {
715 wfDebugLog( 'username', __METHOD__ .
716 ": '$name' invalid due to blacklisted characters" );
717 return false;
718 }
719
720 return true;
721 }
722
723 /**
724 * Usernames which fail to pass this function will be blocked
725 * from user login and new account registrations, but may be used
726 * internally by batch processes.
727 *
728 * If an account already exists in this form, login will be blocked
729 * by a failure to pass this function.
730 *
731 * @param string $name Name to match
732 * @return bool
733 */
734 public static function isUsableName( $name ) {
735 global $wgReservedUsernames;
736 // Must be a valid username, obviously ;)
737 if ( !self::isValidUserName( $name ) ) {
738 return false;
739 }
740
741 static $reservedUsernames = false;
742 if ( !$reservedUsernames ) {
743 $reservedUsernames = $wgReservedUsernames;
744 Hooks::run( 'UserGetReservedNames', array( &$reservedUsernames ) );
745 }
746
747 // Certain names may be reserved for batch processes.
748 foreach ( $reservedUsernames as $reserved ) {
749 if ( substr( $reserved, 0, 4 ) == 'msg:' ) {
750 $reserved = wfMessage( substr( $reserved, 4 ) )->inContentLanguage()->text();
751 }
752 if ( $reserved == $name ) {
753 return false;
754 }
755 }
756 return true;
757 }
758
759 /**
760 * Usernames which fail to pass this function will be blocked
761 * from new account registrations, but may be used internally
762 * either by batch processes or by user accounts which have
763 * already been created.
764 *
765 * Additional blacklisting may be added here rather than in
766 * isValidUserName() to avoid disrupting existing accounts.
767 *
768 * @param string $name String to match
769 * @return bool
770 */
771 public static function isCreatableName( $name ) {
772 global $wgInvalidUsernameCharacters;
773
774 // Ensure that the username isn't longer than 235 bytes, so that
775 // (at least for the builtin skins) user javascript and css files
776 // will work. (bug 23080)
777 if ( strlen( $name ) > 235 ) {
778 wfDebugLog( 'username', __METHOD__ .
779 ": '$name' invalid due to length" );
780 return false;
781 }
782
783 // Preg yells if you try to give it an empty string
784 if ( $wgInvalidUsernameCharacters !== '' ) {
785 if ( preg_match( '/[' . preg_quote( $wgInvalidUsernameCharacters, '/' ) . ']/', $name ) ) {
786 wfDebugLog( 'username', __METHOD__ .
787 ": '$name' invalid due to wgInvalidUsernameCharacters" );
788 return false;
789 }
790 }
791
792 return self::isUsableName( $name );
793 }
794
795 /**
796 * Is the input a valid password for this user?
797 *
798 * @param string $password Desired password
799 * @return bool
800 */
801 public function isValidPassword( $password ) {
802 //simple boolean wrapper for getPasswordValidity
803 return $this->getPasswordValidity( $password ) === true;
804 }
805
806
807 /**
808 * Given unvalidated password input, return error message on failure.
809 *
810 * @param string $password Desired password
811 * @return bool|string|array True on success, string or array of error message on failure
812 */
813 public function getPasswordValidity( $password ) {
814 $result = $this->checkPasswordValidity( $password );
815 if ( $result->isGood() ) {
816 return true;
817 } else {
818 $messages = array();
819 foreach ( $result->getErrorsByType( 'error' ) as $error ) {
820 $messages[] = $error['message'];
821 }
822 foreach ( $result->getErrorsByType( 'warning' ) as $warning ) {
823 $messages[] = $warning['message'];
824 }
825 if ( count( $messages ) === 1 ) {
826 return $messages[0];
827 }
828 return $messages;
829 }
830 }
831
832 /**
833 * Check if this is a valid password for this user
834 *
835 * Create a Status object based on the password's validity.
836 * The Status should be set to fatal if the user should not
837 * be allowed to log in, and should have any errors that
838 * would block changing the password.
839 *
840 * If the return value of this is not OK, the password
841 * should not be checked. If the return value is not Good,
842 * the password can be checked, but the user should not be
843 * able to set their password to this.
844 *
845 * @param string $password Desired password
846 * @param string $purpose one of 'login', 'create', 'reset'
847 * @return Status
848 * @since 1.23
849 */
850 public function checkPasswordValidity( $password, $purpose = 'login' ) {
851 global $wgPasswordPolicy;
852
853 $upp = new UserPasswordPolicy(
854 $wgPasswordPolicy['policies'],
855 $wgPasswordPolicy['checks']
856 );
857
858 $status = Status::newGood();
859 $result = false; //init $result to false for the internal checks
860
861 if ( !Hooks::run( 'isValidPassword', array( $password, &$result, $this ) ) ) {
862 $status->error( $result );
863 return $status;
864 }
865
866 if ( $result === false ) {
867 $status->merge( $upp->checkUserPassword( $this, $password, $purpose ) );
868 return $status;
869 } elseif ( $result === true ) {
870 return $status;
871 } else {
872 $status->error( $result );
873 return $status; //the isValidPassword hook set a string $result and returned true
874 }
875 }
876
877 /**
878 * Expire a user's password
879 * @since 1.23
880 * @param int $ts Optional timestamp to convert, default 0 for the current time
881 */
882 public function expirePassword( $ts = 0 ) {
883 $this->loadPasswords();
884 $timestamp = wfTimestamp( TS_MW, $ts );
885 $this->mPasswordExpires = $timestamp;
886 $this->saveSettings();
887 }
888
889 /**
890 * Clear the password expiration for a user
891 * @since 1.23
892 * @param bool $load Ensure user object is loaded first
893 */
894 public function resetPasswordExpiration( $load = true ) {
895 global $wgPasswordExpirationDays;
896 if ( $load ) {
897 $this->load();
898 }
899 $newExpire = null;
900 if ( $wgPasswordExpirationDays ) {
901 $newExpire = wfTimestamp(
902 TS_MW,
903 time() + ( $wgPasswordExpirationDays * 24 * 3600 )
904 );
905 }
906 // Give extensions a chance to force an expiration
907 Hooks::run( 'ResetPasswordExpiration', array( $this, &$newExpire ) );
908 $this->mPasswordExpires = $newExpire;
909 }
910
911 /**
912 * Check if the user's password is expired.
913 * TODO: Put this and password length into a PasswordPolicy object
914 * @since 1.23
915 * @return string|bool The expiration type, or false if not expired
916 * hard: A password change is required to login
917 * soft: Allow login, but encourage password change
918 * false: Password is not expired
919 */
920 public function getPasswordExpired() {
921 global $wgPasswordExpireGrace;
922 $expired = false;
923 $now = wfTimestamp();
924 $expiration = $this->getPasswordExpireDate();
925 $expUnix = wfTimestamp( TS_UNIX, $expiration );
926 if ( $expiration !== null && $expUnix < $now ) {
927 $expired = ( $expUnix + $wgPasswordExpireGrace < $now ) ? 'hard' : 'soft';
928 }
929 return $expired;
930 }
931
932 /**
933 * Get this user's password expiration date. Since this may be using
934 * the cached User object, we assume that whatever mechanism is setting
935 * the expiration date is also expiring the User cache.
936 * @since 1.23
937 * @return string|bool The datestamp of the expiration, or null if not set
938 */
939 public function getPasswordExpireDate() {
940 $this->load();
941 return $this->mPasswordExpires;
942 }
943
944 /**
945 * Given unvalidated user input, return a canonical username, or false if
946 * the username is invalid.
947 * @param string $name User input
948 * @param string|bool $validate Type of validation to use:
949 * - false No validation
950 * - 'valid' Valid for batch processes
951 * - 'usable' Valid for batch processes and login
952 * - 'creatable' Valid for batch processes, login and account creation
953 *
954 * @throws InvalidArgumentException
955 * @return bool|string
956 */
957 public static function getCanonicalName( $name, $validate = 'valid' ) {
958 // Force usernames to capital
959 global $wgContLang;
960 $name = $wgContLang->ucfirst( $name );
961
962 # Reject names containing '#'; these will be cleaned up
963 # with title normalisation, but then it's too late to
964 # check elsewhere
965 if ( strpos( $name, '#' ) !== false ) {
966 return false;
967 }
968
969 // Clean up name according to title rules,
970 // but only when validation is requested (bug 12654)
971 $t = ( $validate !== false ) ?
972 Title::newFromText( $name ) : Title::makeTitle( NS_USER, $name );
973 // Check for invalid titles
974 if ( is_null( $t ) ) {
975 return false;
976 }
977
978 // Reject various classes of invalid names
979 global $wgAuth;
980 $name = $wgAuth->getCanonicalName( $t->getText() );
981
982 switch ( $validate ) {
983 case false:
984 break;
985 case 'valid':
986 if ( !User::isValidUserName( $name ) ) {
987 $name = false;
988 }
989 break;
990 case 'usable':
991 if ( !User::isUsableName( $name ) ) {
992 $name = false;
993 }
994 break;
995 case 'creatable':
996 if ( !User::isCreatableName( $name ) ) {
997 $name = false;
998 }
999 break;
1000 default:
1001 throw new InvalidArgumentException(
1002 'Invalid parameter value for $validate in ' . __METHOD__ );
1003 }
1004 return $name;
1005 }
1006
1007 /**
1008 * Count the number of edits of a user
1009 *
1010 * @param int $uid User ID to check
1011 * @return int The user's edit count
1012 *
1013 * @deprecated since 1.21 in favour of User::getEditCount
1014 */
1015 public static function edits( $uid ) {
1016 wfDeprecated( __METHOD__, '1.21' );
1017 $user = self::newFromId( $uid );
1018 return $user->getEditCount();
1019 }
1020
1021 /**
1022 * Return a random password.
1023 *
1024 * @return string New random password
1025 */
1026 public static function randomPassword() {
1027 global $wgMinimalPasswordLength;
1028 // Decide the final password length based on our min password length,
1029 // stopping at a minimum of 10 chars.
1030 $length = max( 10, $wgMinimalPasswordLength );
1031 // Multiply by 1.25 to get the number of hex characters we need
1032 $length = $length * 1.25;
1033 // Generate random hex chars
1034 $hex = MWCryptRand::generateHex( $length );
1035 // Convert from base 16 to base 32 to get a proper password like string
1036 return wfBaseConvert( $hex, 16, 32 );
1037 }
1038
1039 /**
1040 * Set cached properties to default.
1041 *
1042 * @note This no longer clears uncached lazy-initialised properties;
1043 * the constructor does that instead.
1044 *
1045 * @param string|bool $name
1046 */
1047 public function loadDefaults( $name = false ) {
1048
1049 $passwordFactory = self::getPasswordFactory();
1050
1051 $this->mId = 0;
1052 $this->mName = $name;
1053 $this->mRealName = '';
1054 $this->mPassword = $passwordFactory->newFromCiphertext( null );
1055 $this->mNewpassword = $passwordFactory->newFromCiphertext( null );
1056 $this->mNewpassTime = null;
1057 $this->mEmail = '';
1058 $this->mOptionOverrides = null;
1059 $this->mOptionsLoaded = false;
1060
1061 $loggedOut = $this->getRequest()->getCookie( 'LoggedOut' );
1062 if ( $loggedOut !== null ) {
1063 $this->mTouched = wfTimestamp( TS_MW, $loggedOut );
1064 } else {
1065 $this->mTouched = '1'; # Allow any pages to be cached
1066 }
1067
1068 $this->mToken = null; // Don't run cryptographic functions till we need a token
1069 $this->mEmailAuthenticated = null;
1070 $this->mEmailToken = '';
1071 $this->mEmailTokenExpires = null;
1072 $this->mPasswordExpires = null;
1073 $this->resetPasswordExpiration( false );
1074 $this->mRegistration = wfTimestamp( TS_MW );
1075 $this->mGroups = array();
1076
1077 Hooks::run( 'UserLoadDefaults', array( $this, $name ) );
1078 }
1079
1080 /**
1081 * Return whether an item has been loaded.
1082 *
1083 * @param string $item Item to check. Current possibilities:
1084 * - id
1085 * - name
1086 * - realname
1087 * @param string $all 'all' to check if the whole object has been loaded
1088 * or any other string to check if only the item is available (e.g.
1089 * for optimisation)
1090 * @return bool
1091 */
1092 public function isItemLoaded( $item, $all = 'all' ) {
1093 return ( $this->mLoadedItems === true && $all === 'all' ) ||
1094 ( isset( $this->mLoadedItems[$item] ) && $this->mLoadedItems[$item] === true );
1095 }
1096
1097 /**
1098 * Set that an item has been loaded
1099 *
1100 * @param string $item
1101 */
1102 protected function setItemLoaded( $item ) {
1103 if ( is_array( $this->mLoadedItems ) ) {
1104 $this->mLoadedItems[$item] = true;
1105 }
1106 }
1107
1108 /**
1109 * Load user data from the session or login cookie.
1110 *
1111 * @return bool True if the user is logged in, false otherwise.
1112 */
1113 private function loadFromSession() {
1114 $result = null;
1115 Hooks::run( 'UserLoadFromSession', array( $this, &$result ) );
1116 if ( $result !== null ) {
1117 return $result;
1118 }
1119
1120 $request = $this->getRequest();
1121
1122 $cookieId = $request->getCookie( 'UserID' );
1123 $sessId = $request->getSessionData( 'wsUserID' );
1124
1125 if ( $cookieId !== null ) {
1126 $sId = intval( $cookieId );
1127 if ( $sessId !== null && $cookieId != $sessId ) {
1128 wfDebugLog( 'loginSessions', "Session user ID ($sessId) and
1129 cookie user ID ($sId) don't match!" );
1130 return false;
1131 }
1132 $request->setSessionData( 'wsUserID', $sId );
1133 } elseif ( $sessId !== null && $sessId != 0 ) {
1134 $sId = $sessId;
1135 } else {
1136 return false;
1137 }
1138
1139 if ( $request->getSessionData( 'wsUserName' ) !== null ) {
1140 $sName = $request->getSessionData( 'wsUserName' );
1141 } elseif ( $request->getCookie( 'UserName' ) !== null ) {
1142 $sName = $request->getCookie( 'UserName' );
1143 $request->setSessionData( 'wsUserName', $sName );
1144 } else {
1145 return false;
1146 }
1147
1148 $proposedUser = User::newFromId( $sId );
1149 if ( !$proposedUser->isLoggedIn() ) {
1150 // Not a valid ID
1151 return false;
1152 }
1153
1154 global $wgBlockDisablesLogin;
1155 if ( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
1156 // User blocked and we've disabled blocked user logins
1157 return false;
1158 }
1159
1160 if ( $request->getSessionData( 'wsToken' ) ) {
1161 $passwordCorrect =
1162 ( $proposedUser->getToken( false ) === $request->getSessionData( 'wsToken' ) );
1163 $from = 'session';
1164 } elseif ( $request->getCookie( 'Token' ) ) {
1165 # Get the token from DB/cache and clean it up to remove garbage padding.
1166 # This deals with historical problems with bugs and the default column value.
1167 $token = rtrim( $proposedUser->getToken( false ) ); // correct token
1168 // Make comparison in constant time (bug 61346)
1169 $passwordCorrect = strlen( $token )
1170 && hash_equals( $token, $request->getCookie( 'Token' ) );
1171 $from = 'cookie';
1172 } else {
1173 // No session or persistent login cookie
1174 return false;
1175 }
1176
1177 if ( ( $sName === $proposedUser->getName() ) && $passwordCorrect ) {
1178 $this->loadFromUserObject( $proposedUser );
1179 $request->setSessionData( 'wsToken', $this->mToken );
1180 wfDebug( "User: logged in from $from\n" );
1181 return true;
1182 } else {
1183 // Invalid credentials
1184 wfDebug( "User: can't log in from $from, invalid credentials\n" );
1185 return false;
1186 }
1187 }
1188
1189 /**
1190 * Load user and user_group data from the database.
1191 * $this->mId must be set, this is how the user is identified.
1192 *
1193 * @param integer $flags User::READ_* constant bitfield
1194 * @return bool True if the user exists, false if the user is anonymous
1195 */
1196 public function loadFromDatabase( $flags = self::READ_LATEST ) {
1197 // Paranoia
1198 $this->mId = intval( $this->mId );
1199
1200 // Anonymous user
1201 if ( !$this->mId ) {
1202 $this->loadDefaults();
1203 return false;
1204 }
1205
1206 $db = ( $flags & self::READ_LATEST )
1207 ? wfGetDB( DB_MASTER )
1208 : wfGetDB( DB_SLAVE );
1209
1210 $s = $db->selectRow(
1211 'user',
1212 self::selectFields(),
1213 array( 'user_id' => $this->mId ),
1214 __METHOD__,
1215 ( ( $flags & self::READ_LOCKING ) == self::READ_LOCKING )
1216 ? array( 'LOCK IN SHARE MODE' )
1217 : array()
1218 );
1219
1220 $this->queryFlagsUsed = $flags;
1221 Hooks::run( 'UserLoadFromDatabase', array( $this, &$s ) );
1222
1223 if ( $s !== false ) {
1224 // Initialise user table data
1225 $this->loadFromRow( $s );
1226 $this->mGroups = null; // deferred
1227 $this->getEditCount(); // revalidation for nulls
1228 return true;
1229 } else {
1230 // Invalid user_id
1231 $this->mId = 0;
1232 $this->loadDefaults();
1233 return false;
1234 }
1235 }
1236
1237 /**
1238 * Initialize this object from a row from the user table.
1239 *
1240 * @param stdClass $row Row from the user table to load.
1241 * @param array $data Further user data to load into the object
1242 *
1243 * user_groups Array with groups out of the user_groups table
1244 * user_properties Array with properties out of the user_properties table
1245 */
1246 protected function loadFromRow( $row, $data = null ) {
1247 $all = true;
1248 $passwordFactory = self::getPasswordFactory();
1249
1250 $this->mGroups = null; // deferred
1251
1252 if ( isset( $row->user_name ) ) {
1253 $this->mName = $row->user_name;
1254 $this->mFrom = 'name';
1255 $this->setItemLoaded( 'name' );
1256 } else {
1257 $all = false;
1258 }
1259
1260 if ( isset( $row->user_real_name ) ) {
1261 $this->mRealName = $row->user_real_name;
1262 $this->setItemLoaded( 'realname' );
1263 } else {
1264 $all = false;
1265 }
1266
1267 if ( isset( $row->user_id ) ) {
1268 $this->mId = intval( $row->user_id );
1269 $this->mFrom = 'id';
1270 $this->setItemLoaded( 'id' );
1271 } else {
1272 $all = false;
1273 }
1274
1275 if ( isset( $row->user_id ) && isset( $row->user_name ) ) {
1276 self::$idCacheByName[$row->user_name] = $row->user_id;
1277 }
1278
1279 if ( isset( $row->user_editcount ) ) {
1280 $this->mEditCount = $row->user_editcount;
1281 } else {
1282 $all = false;
1283 }
1284
1285 if ( isset( $row->user_password ) ) {
1286 // Check for *really* old password hashes that don't even have a type
1287 // The old hash format was just an md5 hex hash, with no type information
1288 if ( preg_match( '/^[0-9a-f]{32}$/', $row->user_password ) ) {
1289 $row->user_password = ":A:{$this->mId}:{$row->user_password}";
1290 }
1291
1292 try {
1293 $this->mPassword = $passwordFactory->newFromCiphertext( $row->user_password );
1294 } catch ( PasswordError $e ) {
1295 wfDebug( 'Invalid password hash found in database.' );
1296 $this->mPassword = $passwordFactory->newFromCiphertext( null );
1297 }
1298
1299 try {
1300 $this->mNewpassword = $passwordFactory->newFromCiphertext( $row->user_newpassword );
1301 } catch ( PasswordError $e ) {
1302 wfDebug( 'Invalid password hash found in database.' );
1303 $this->mNewpassword = $passwordFactory->newFromCiphertext( null );
1304 }
1305
1306 $this->mNewpassTime = wfTimestampOrNull( TS_MW, $row->user_newpass_time );
1307 $this->mPasswordExpires = wfTimestampOrNull( TS_MW, $row->user_password_expires );
1308 }
1309
1310 if ( isset( $row->user_email ) ) {
1311 $this->mEmail = $row->user_email;
1312 $this->mTouched = wfTimestamp( TS_MW, $row->user_touched );
1313 $this->mToken = $row->user_token;
1314 if ( $this->mToken == '' ) {
1315 $this->mToken = null;
1316 }
1317 $this->mEmailAuthenticated = wfTimestampOrNull( TS_MW, $row->user_email_authenticated );
1318 $this->mEmailToken = $row->user_email_token;
1319 $this->mEmailTokenExpires = wfTimestampOrNull( TS_MW, $row->user_email_token_expires );
1320 $this->mRegistration = wfTimestampOrNull( TS_MW, $row->user_registration );
1321 } else {
1322 $all = false;
1323 }
1324
1325 if ( $all ) {
1326 $this->mLoadedItems = true;
1327 }
1328
1329 if ( is_array( $data ) ) {
1330 if ( isset( $data['user_groups'] ) && is_array( $data['user_groups'] ) ) {
1331 $this->mGroups = $data['user_groups'];
1332 }
1333 if ( isset( $data['user_properties'] ) && is_array( $data['user_properties'] ) ) {
1334 $this->loadOptions( $data['user_properties'] );
1335 }
1336 }
1337 }
1338
1339 /**
1340 * Load the data for this user object from another user object.
1341 *
1342 * @param User $user
1343 */
1344 protected function loadFromUserObject( $user ) {
1345 $user->load();
1346 $user->loadGroups();
1347 $user->loadOptions();
1348 foreach ( self::$mCacheVars as $var ) {
1349 $this->$var = $user->$var;
1350 }
1351 }
1352
1353 /**
1354 * Load the groups from the database if they aren't already loaded.
1355 */
1356 private function loadGroups() {
1357 if ( is_null( $this->mGroups ) ) {
1358 $db = ( $this->queryFlagsUsed & self::READ_LATEST )
1359 ? wfGetDB( DB_MASTER )
1360 : wfGetDB( DB_SLAVE );
1361 $res = $db->select( 'user_groups',
1362 array( 'ug_group' ),
1363 array( 'ug_user' => $this->mId ),
1364 __METHOD__ );
1365 $this->mGroups = array();
1366 foreach ( $res as $row ) {
1367 $this->mGroups[] = $row->ug_group;
1368 }
1369 }
1370 }
1371
1372 /**
1373 * Load the user's password hashes from the database
1374 *
1375 * This is usually called in a scenario where the actual User object was
1376 * loaded from the cache, and then password comparison needs to be performed.
1377 * Password hashes are not stored in memcached.
1378 *
1379 * @since 1.24
1380 */
1381 private function loadPasswords() {
1382 if ( $this->getId() !== 0 &&
1383 ( $this->mPassword === null || $this->mNewpassword === null )
1384 ) {
1385 $db = ( $this->queryFlagsUsed & self::READ_LATEST )
1386 ? wfGetDB( DB_MASTER )
1387 : wfGetDB( DB_SLAVE );
1388
1389 $this->loadFromRow( $db->selectRow(
1390 'user',
1391 array( 'user_password', 'user_newpassword',
1392 'user_newpass_time', 'user_password_expires' ),
1393 array( 'user_id' => $this->getId() ),
1394 __METHOD__
1395 ) );
1396 }
1397 }
1398
1399 /**
1400 * Add the user to the group if he/she meets given criteria.
1401 *
1402 * Contrary to autopromotion by \ref $wgAutopromote, the group will be
1403 * possible to remove manually via Special:UserRights. In such case it
1404 * will not be re-added automatically. The user will also not lose the
1405 * group if they no longer meet the criteria.
1406 *
1407 * @param string $event Key in $wgAutopromoteOnce (each one has groups/criteria)
1408 *
1409 * @return array Array of groups the user has been promoted to.
1410 *
1411 * @see $wgAutopromoteOnce
1412 */
1413 public function addAutopromoteOnceGroups( $event ) {
1414 global $wgAutopromoteOnceLogInRC, $wgAuth;
1415
1416 if ( wfReadOnly() || !$this->getId() ) {
1417 return array();
1418 }
1419
1420 $toPromote = Autopromote::getAutopromoteOnceGroups( $this, $event );
1421 if ( !count( $toPromote ) ) {
1422 return array();
1423 }
1424
1425 if ( !$this->checkAndSetTouched() ) {
1426 return array(); // raced out (bug T48834)
1427 }
1428
1429 $oldGroups = $this->getGroups(); // previous groups
1430 foreach ( $toPromote as $group ) {
1431 $this->addGroup( $group );
1432 }
1433
1434 // update groups in external authentication database
1435 $wgAuth->updateExternalDBGroups( $this, $toPromote );
1436
1437 $newGroups = array_merge( $oldGroups, $toPromote ); // all groups
1438
1439 $logEntry = new ManualLogEntry( 'rights', 'autopromote' );
1440 $logEntry->setPerformer( $this );
1441 $logEntry->setTarget( $this->getUserPage() );
1442 $logEntry->setParameters( array(
1443 '4::oldgroups' => $oldGroups,
1444 '5::newgroups' => $newGroups,
1445 ) );
1446 $logid = $logEntry->insert();
1447 if ( $wgAutopromoteOnceLogInRC ) {
1448 $logEntry->publish( $logid );
1449 }
1450
1451 return $toPromote;
1452 }
1453
1454 /**
1455 * Bump user_touched if it didn't change since this object was loaded
1456 *
1457 * On success, the mTouched field is updated.
1458 * The user serialization cache is always cleared.
1459 *
1460 * @return bool Whether user_touched was actually updated
1461 * @since 1.26
1462 */
1463 protected function checkAndSetTouched() {
1464 $this->load();
1465
1466 if ( !$this->mId ) {
1467 return false; // anon
1468 }
1469
1470 // Get a new user_touched that is higher than the old one
1471 $oldTouched = $this->mTouched;
1472 $newTouched = $this->newTouchedTimestamp();
1473
1474 $dbw = wfGetDB( DB_MASTER );
1475 $dbw->update( 'user',
1476 array( 'user_touched' => $dbw->timestamp( $newTouched ) ),
1477 array(
1478 'user_id' => $this->mId,
1479 'user_touched' => $dbw->timestamp( $oldTouched ) // CAS check
1480 ),
1481 __METHOD__
1482 );
1483 $success = ( $dbw->affectedRows() > 0 );
1484
1485 if ( $success ) {
1486 $this->mTouched = $newTouched;
1487 }
1488
1489 // Clears on failure too since that is desired if the cache is stale
1490 $this->clearSharedCache();
1491
1492 return $success;
1493 }
1494
1495 /**
1496 * Clear various cached data stored in this object. The cache of the user table
1497 * data (i.e. self::$mCacheVars) is not cleared unless $reloadFrom is given.
1498 *
1499 * @param bool|string $reloadFrom Reload user and user_groups table data from a
1500 * given source. May be "name", "id", "defaults", "session", or false for no reload.
1501 */
1502 public function clearInstanceCache( $reloadFrom = false ) {
1503 $this->mNewtalk = -1;
1504 $this->mDatePreference = null;
1505 $this->mBlockedby = -1; # Unset
1506 $this->mHash = false;
1507 $this->mRights = null;
1508 $this->mEffectiveGroups = null;
1509 $this->mImplicitGroups = null;
1510 $this->mGroups = null;
1511 $this->mOptions = null;
1512 $this->mOptionsLoaded = false;
1513 $this->mEditCount = null;
1514
1515 if ( $reloadFrom ) {
1516 $this->mLoadedItems = array();
1517 $this->mFrom = $reloadFrom;
1518 }
1519 }
1520
1521 /**
1522 * Combine the language default options with any site-specific options
1523 * and add the default language variants.
1524 *
1525 * @return array Array of String options
1526 */
1527 public static function getDefaultOptions() {
1528 global $wgNamespacesToBeSearchedDefault, $wgDefaultUserOptions, $wgContLang, $wgDefaultSkin;
1529
1530 static $defOpt = null;
1531 if ( !defined( 'MW_PHPUNIT_TEST' ) && $defOpt !== null ) {
1532 // Disabling this for the unit tests, as they rely on being able to change $wgContLang
1533 // mid-request and see that change reflected in the return value of this function.
1534 // Which is insane and would never happen during normal MW operation
1535 return $defOpt;
1536 }
1537
1538 $defOpt = $wgDefaultUserOptions;
1539 // Default language setting
1540 $defOpt['language'] = $wgContLang->getCode();
1541 foreach ( LanguageConverter::$languagesWithVariants as $langCode ) {
1542 $defOpt[$langCode == $wgContLang->getCode() ? 'variant' : "variant-$langCode"] = $langCode;
1543 }
1544 foreach ( SearchEngine::searchableNamespaces() as $nsnum => $nsname ) {
1545 $defOpt['searchNs' . $nsnum] = !empty( $wgNamespacesToBeSearchedDefault[$nsnum] );
1546 }
1547 $defOpt['skin'] = Skin::normalizeKey( $wgDefaultSkin );
1548
1549 Hooks::run( 'UserGetDefaultOptions', array( &$defOpt ) );
1550
1551 return $defOpt;
1552 }
1553
1554 /**
1555 * Get a given default option value.
1556 *
1557 * @param string $opt Name of option to retrieve
1558 * @return string Default option value
1559 */
1560 public static function getDefaultOption( $opt ) {
1561 $defOpts = self::getDefaultOptions();
1562 if ( isset( $defOpts[$opt] ) ) {
1563 return $defOpts[$opt];
1564 } else {
1565 return null;
1566 }
1567 }
1568
1569 /**
1570 * Get blocking information
1571 * @param bool $bFromSlave Whether to check the slave database first.
1572 * To improve performance, non-critical checks are done against slaves.
1573 * Check when actually saving should be done against master.
1574 */
1575 private function getBlockedStatus( $bFromSlave = true ) {
1576 global $wgProxyWhitelist, $wgUser, $wgApplyIpBlocksToXff;
1577
1578 if ( -1 != $this->mBlockedby ) {
1579 return;
1580 }
1581
1582 wfDebug( __METHOD__ . ": checking...\n" );
1583
1584 // Initialize data...
1585 // Otherwise something ends up stomping on $this->mBlockedby when
1586 // things get lazy-loaded later, causing false positive block hits
1587 // due to -1 !== 0. Probably session-related... Nothing should be
1588 // overwriting mBlockedby, surely?
1589 $this->load();
1590
1591 # We only need to worry about passing the IP address to the Block generator if the
1592 # user is not immune to autoblocks/hardblocks, and they are the current user so we
1593 # know which IP address they're actually coming from
1594 if ( !$this->isAllowed( 'ipblock-exempt' ) && $this->getID() == $wgUser->getID() ) {
1595 $ip = $this->getRequest()->getIP();
1596 } else {
1597 $ip = null;
1598 }
1599
1600 // User/IP blocking
1601 $block = Block::newFromTarget( $this, $ip, !$bFromSlave );
1602
1603 // Proxy blocking
1604 if ( !$block instanceof Block && $ip !== null && !$this->isAllowed( 'proxyunbannable' )
1605 && !in_array( $ip, $wgProxyWhitelist )
1606 ) {
1607 // Local list
1608 if ( self::isLocallyBlockedProxy( $ip ) ) {
1609 $block = new Block;
1610 $block->setBlocker( wfMessage( 'proxyblocker' )->text() );
1611 $block->mReason = wfMessage( 'proxyblockreason' )->text();
1612 $block->setTarget( $ip );
1613 } elseif ( $this->isAnon() && $this->isDnsBlacklisted( $ip ) ) {
1614 $block = new Block;
1615 $block->setBlocker( wfMessage( 'sorbs' )->text() );
1616 $block->mReason = wfMessage( 'sorbsreason' )->text();
1617 $block->setTarget( $ip );
1618 }
1619 }
1620
1621 // (bug 23343) Apply IP blocks to the contents of XFF headers, if enabled
1622 if ( !$block instanceof Block
1623 && $wgApplyIpBlocksToXff
1624 && $ip !== null
1625 && !$this->isAllowed( 'proxyunbannable' )
1626 && !in_array( $ip, $wgProxyWhitelist )
1627 ) {
1628 $xff = $this->getRequest()->getHeader( 'X-Forwarded-For' );
1629 $xff = array_map( 'trim', explode( ',', $xff ) );
1630 $xff = array_diff( $xff, array( $ip ) );
1631 $xffblocks = Block::getBlocksForIPList( $xff, $this->isAnon(), !$bFromSlave );
1632 $block = Block::chooseBlock( $xffblocks, $xff );
1633 if ( $block instanceof Block ) {
1634 # Mangle the reason to alert the user that the block
1635 # originated from matching the X-Forwarded-For header.
1636 $block->mReason = wfMessage( 'xffblockreason', $block->mReason )->text();
1637 }
1638 }
1639
1640 if ( $block instanceof Block ) {
1641 wfDebug( __METHOD__ . ": Found block.\n" );
1642 $this->mBlock = $block;
1643 $this->mBlockedby = $block->getByName();
1644 $this->mBlockreason = $block->mReason;
1645 $this->mHideName = $block->mHideName;
1646 $this->mAllowUsertalk = !$block->prevents( 'editownusertalk' );
1647 } else {
1648 $this->mBlockedby = '';
1649 $this->mHideName = 0;
1650 $this->mAllowUsertalk = false;
1651 }
1652
1653 // Extensions
1654 Hooks::run( 'GetBlockedStatus', array( &$this ) );
1655
1656 }
1657
1658 /**
1659 * Whether the given IP is in a DNS blacklist.
1660 *
1661 * @param string $ip IP to check
1662 * @param bool $checkWhitelist Whether to check the whitelist first
1663 * @return bool True if blacklisted.
1664 */
1665 public function isDnsBlacklisted( $ip, $checkWhitelist = false ) {
1666 global $wgEnableDnsBlacklist, $wgDnsBlacklistUrls, $wgProxyWhitelist;
1667
1668 if ( !$wgEnableDnsBlacklist ) {
1669 return false;
1670 }
1671
1672 if ( $checkWhitelist && in_array( $ip, $wgProxyWhitelist ) ) {
1673 return false;
1674 }
1675
1676 return $this->inDnsBlacklist( $ip, $wgDnsBlacklistUrls );
1677 }
1678
1679 /**
1680 * Whether the given IP is in a given DNS blacklist.
1681 *
1682 * @param string $ip IP to check
1683 * @param string|array $bases Array of Strings: URL of the DNS blacklist
1684 * @return bool True if blacklisted.
1685 */
1686 public function inDnsBlacklist( $ip, $bases ) {
1687
1688 $found = false;
1689 // @todo FIXME: IPv6 ??? (http://bugs.php.net/bug.php?id=33170)
1690 if ( IP::isIPv4( $ip ) ) {
1691 // Reverse IP, bug 21255
1692 $ipReversed = implode( '.', array_reverse( explode( '.', $ip ) ) );
1693
1694 foreach ( (array)$bases as $base ) {
1695 // Make hostname
1696 // If we have an access key, use that too (ProjectHoneypot, etc.)
1697 if ( is_array( $base ) ) {
1698 if ( count( $base ) >= 2 ) {
1699 // Access key is 1, base URL is 0
1700 $host = "{$base[1]}.$ipReversed.{$base[0]}";
1701 } else {
1702 $host = "$ipReversed.{$base[0]}";
1703 }
1704 } else {
1705 $host = "$ipReversed.$base";
1706 }
1707
1708 // Send query
1709 $ipList = gethostbynamel( $host );
1710
1711 if ( $ipList ) {
1712 wfDebugLog( 'dnsblacklist', "Hostname $host is {$ipList[0]}, it's a proxy says $base!" );
1713 $found = true;
1714 break;
1715 } else {
1716 wfDebugLog( 'dnsblacklist', "Requested $host, not found in $base." );
1717 }
1718 }
1719 }
1720
1721 return $found;
1722 }
1723
1724 /**
1725 * Check if an IP address is in the local proxy list
1726 *
1727 * @param string $ip
1728 *
1729 * @return bool
1730 */
1731 public static function isLocallyBlockedProxy( $ip ) {
1732 global $wgProxyList;
1733
1734 if ( !$wgProxyList ) {
1735 return false;
1736 }
1737
1738 if ( !is_array( $wgProxyList ) ) {
1739 // Load from the specified file
1740 $wgProxyList = array_map( 'trim', file( $wgProxyList ) );
1741 }
1742
1743 if ( !is_array( $wgProxyList ) ) {
1744 $ret = false;
1745 } elseif ( array_search( $ip, $wgProxyList ) !== false ) {
1746 $ret = true;
1747 } elseif ( array_key_exists( $ip, $wgProxyList ) ) {
1748 // Old-style flipped proxy list
1749 $ret = true;
1750 } else {
1751 $ret = false;
1752 }
1753 return $ret;
1754 }
1755
1756 /**
1757 * Is this user subject to rate limiting?
1758 *
1759 * @return bool True if rate limited
1760 */
1761 public function isPingLimitable() {
1762 global $wgRateLimitsExcludedIPs;
1763 if ( in_array( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
1764 // No other good way currently to disable rate limits
1765 // for specific IPs. :P
1766 // But this is a crappy hack and should die.
1767 return false;
1768 }
1769 return !$this->isAllowed( 'noratelimit' );
1770 }
1771
1772 /**
1773 * Primitive rate limits: enforce maximum actions per time period
1774 * to put a brake on flooding.
1775 *
1776 * The method generates both a generic profiling point and a per action one
1777 * (suffix being "-$action".
1778 *
1779 * @note When using a shared cache like memcached, IP-address
1780 * last-hit counters will be shared across wikis.
1781 *
1782 * @param string $action Action to enforce; 'edit' if unspecified
1783 * @param int $incrBy Positive amount to increment counter by [defaults to 1]
1784 * @return bool True if a rate limiter was tripped
1785 */
1786 public function pingLimiter( $action = 'edit', $incrBy = 1 ) {
1787 // Call the 'PingLimiter' hook
1788 $result = false;
1789 if ( !Hooks::run( 'PingLimiter', array( &$this, $action, &$result, $incrBy ) ) ) {
1790 return $result;
1791 }
1792
1793 global $wgRateLimits;
1794 if ( !isset( $wgRateLimits[$action] ) ) {
1795 return false;
1796 }
1797
1798 // Some groups shouldn't trigger the ping limiter, ever
1799 if ( !$this->isPingLimitable() ) {
1800 return false;
1801 }
1802
1803 global $wgMemc;
1804
1805 $limits = $wgRateLimits[$action];
1806 $keys = array();
1807 $id = $this->getId();
1808 $userLimit = false;
1809
1810 if ( isset( $limits['anon'] ) && $id == 0 ) {
1811 $keys[wfMemcKey( 'limiter', $action, 'anon' )] = $limits['anon'];
1812 }
1813
1814 if ( isset( $limits['user'] ) && $id != 0 ) {
1815 $userLimit = $limits['user'];
1816 }
1817 if ( $this->isNewbie() ) {
1818 if ( isset( $limits['newbie'] ) && $id != 0 ) {
1819 $keys[wfMemcKey( 'limiter', $action, 'user', $id )] = $limits['newbie'];
1820 }
1821 if ( isset( $limits['ip'] ) ) {
1822 $ip = $this->getRequest()->getIP();
1823 $keys["mediawiki:limiter:$action:ip:$ip"] = $limits['ip'];
1824 }
1825 if ( isset( $limits['subnet'] ) ) {
1826 $ip = $this->getRequest()->getIP();
1827 $matches = array();
1828 $subnet = false;
1829 if ( IP::isIPv6( $ip ) ) {
1830 $parts = IP::parseRange( "$ip/64" );
1831 $subnet = $parts[0];
1832 } elseif ( preg_match( '/^(\d+\.\d+\.\d+)\.\d+$/', $ip, $matches ) ) {
1833 // IPv4
1834 $subnet = $matches[1];
1835 }
1836 if ( $subnet !== false ) {
1837 $keys["mediawiki:limiter:$action:subnet:$subnet"] = $limits['subnet'];
1838 }
1839 }
1840 }
1841 // Check for group-specific permissions
1842 // If more than one group applies, use the group with the highest limit
1843 foreach ( $this->getGroups() as $group ) {
1844 if ( isset( $limits[$group] ) ) {
1845 if ( $userLimit === false
1846 || $limits[$group][0] / $limits[$group][1] > $userLimit[0] / $userLimit[1]
1847 ) {
1848 $userLimit = $limits[$group];
1849 }
1850 }
1851 }
1852 // Set the user limit key
1853 if ( $userLimit !== false ) {
1854 list( $max, $period ) = $userLimit;
1855 wfDebug( __METHOD__ . ": effective user limit: $max in {$period}s\n" );
1856 $keys[wfMemcKey( 'limiter', $action, 'user', $id )] = $userLimit;
1857 }
1858
1859 $triggered = false;
1860 foreach ( $keys as $key => $limit ) {
1861 list( $max, $period ) = $limit;
1862 $summary = "(limit $max in {$period}s)";
1863 $count = $wgMemc->get( $key );
1864 // Already pinged?
1865 if ( $count ) {
1866 if ( $count >= $max ) {
1867 wfDebugLog( 'ratelimit', "User '{$this->getName()}' " .
1868 "(IP {$this->getRequest()->getIP()}) tripped $key at $count $summary" );
1869 $triggered = true;
1870 } else {
1871 wfDebug( __METHOD__ . ": ok. $key at $count $summary\n" );
1872 }
1873 } else {
1874 wfDebug( __METHOD__ . ": adding record for $key $summary\n" );
1875 if ( $incrBy > 0 ) {
1876 $wgMemc->add( $key, 0, intval( $period ) ); // first ping
1877 }
1878 }
1879 if ( $incrBy > 0 ) {
1880 $wgMemc->incr( $key, $incrBy );
1881 }
1882 }
1883
1884 return $triggered;
1885 }
1886
1887 /**
1888 * Check if user is blocked
1889 *
1890 * @param bool $bFromSlave Whether to check the slave database instead of
1891 * the master. Hacked from false due to horrible probs on site.
1892 * @return bool True if blocked, false otherwise
1893 */
1894 public function isBlocked( $bFromSlave = true ) {
1895 return $this->getBlock( $bFromSlave ) instanceof Block && $this->getBlock()->prevents( 'edit' );
1896 }
1897
1898 /**
1899 * Get the block affecting the user, or null if the user is not blocked
1900 *
1901 * @param bool $bFromSlave Whether to check the slave database instead of the master
1902 * @return Block|null
1903 */
1904 public function getBlock( $bFromSlave = true ) {
1905 $this->getBlockedStatus( $bFromSlave );
1906 return $this->mBlock instanceof Block ? $this->mBlock : null;
1907 }
1908
1909 /**
1910 * Check if user is blocked from editing a particular article
1911 *
1912 * @param Title $title Title to check
1913 * @param bool $bFromSlave Whether to check the slave database instead of the master
1914 * @return bool
1915 */
1916 public function isBlockedFrom( $title, $bFromSlave = false ) {
1917 global $wgBlockAllowsUTEdit;
1918
1919 $blocked = $this->isBlocked( $bFromSlave );
1920 $allowUsertalk = ( $wgBlockAllowsUTEdit ? $this->mAllowUsertalk : false );
1921 // If a user's name is suppressed, they cannot make edits anywhere
1922 if ( !$this->mHideName && $allowUsertalk && $title->getText() === $this->getName()
1923 && $title->getNamespace() == NS_USER_TALK ) {
1924 $blocked = false;
1925 wfDebug( __METHOD__ . ": self-talk page, ignoring any blocks\n" );
1926 }
1927
1928 Hooks::run( 'UserIsBlockedFrom', array( $this, $title, &$blocked, &$allowUsertalk ) );
1929
1930 return $blocked;
1931 }
1932
1933 /**
1934 * If user is blocked, return the name of the user who placed the block
1935 * @return string Name of blocker
1936 */
1937 public function blockedBy() {
1938 $this->getBlockedStatus();
1939 return $this->mBlockedby;
1940 }
1941
1942 /**
1943 * If user is blocked, return the specified reason for the block
1944 * @return string Blocking reason
1945 */
1946 public function blockedFor() {
1947 $this->getBlockedStatus();
1948 return $this->mBlockreason;
1949 }
1950
1951 /**
1952 * If user is blocked, return the ID for the block
1953 * @return int Block ID
1954 */
1955 public function getBlockId() {
1956 $this->getBlockedStatus();
1957 return ( $this->mBlock ? $this->mBlock->getId() : false );
1958 }
1959
1960 /**
1961 * Check if user is blocked on all wikis.
1962 * Do not use for actual edit permission checks!
1963 * This is intended for quick UI checks.
1964 *
1965 * @param string $ip IP address, uses current client if none given
1966 * @return bool True if blocked, false otherwise
1967 */
1968 public function isBlockedGlobally( $ip = '' ) {
1969 if ( $this->mBlockedGlobally !== null ) {
1970 return $this->mBlockedGlobally;
1971 }
1972 // User is already an IP?
1973 if ( IP::isIPAddress( $this->getName() ) ) {
1974 $ip = $this->getName();
1975 } elseif ( !$ip ) {
1976 $ip = $this->getRequest()->getIP();
1977 }
1978 $blocked = false;
1979 Hooks::run( 'UserIsBlockedGlobally', array( &$this, $ip, &$blocked ) );
1980 $this->mBlockedGlobally = (bool)$blocked;
1981 return $this->mBlockedGlobally;
1982 }
1983
1984 /**
1985 * Check if user account is locked
1986 *
1987 * @return bool True if locked, false otherwise
1988 */
1989 public function isLocked() {
1990 if ( $this->mLocked !== null ) {
1991 return $this->mLocked;
1992 }
1993 global $wgAuth;
1994 $authUser = $wgAuth->getUserInstance( $this );
1995 $this->mLocked = (bool)$authUser->isLocked();
1996 return $this->mLocked;
1997 }
1998
1999 /**
2000 * Check if user account is hidden
2001 *
2002 * @return bool True if hidden, false otherwise
2003 */
2004 public function isHidden() {
2005 if ( $this->mHideName !== null ) {
2006 return $this->mHideName;
2007 }
2008 $this->getBlockedStatus();
2009 if ( !$this->mHideName ) {
2010 global $wgAuth;
2011 $authUser = $wgAuth->getUserInstance( $this );
2012 $this->mHideName = (bool)$authUser->isHidden();
2013 }
2014 return $this->mHideName;
2015 }
2016
2017 /**
2018 * Get the user's ID.
2019 * @return int The user's ID; 0 if the user is anonymous or nonexistent
2020 */
2021 public function getId() {
2022 if ( $this->mId === null && $this->mName !== null && User::isIP( $this->mName ) ) {
2023 // Special case, we know the user is anonymous
2024 return 0;
2025 } elseif ( !$this->isItemLoaded( 'id' ) ) {
2026 // Don't load if this was initialized from an ID
2027 $this->load();
2028 }
2029 return $this->mId;
2030 }
2031
2032 /**
2033 * Set the user and reload all fields according to a given ID
2034 * @param int $v User ID to reload
2035 */
2036 public function setId( $v ) {
2037 $this->mId = $v;
2038 $this->clearInstanceCache( 'id' );
2039 }
2040
2041 /**
2042 * Get the user name, or the IP of an anonymous user
2043 * @return string User's name or IP address
2044 */
2045 public function getName() {
2046 if ( $this->isItemLoaded( 'name', 'only' ) ) {
2047 // Special case optimisation
2048 return $this->mName;
2049 } else {
2050 $this->load();
2051 if ( $this->mName === false ) {
2052 // Clean up IPs
2053 $this->mName = IP::sanitizeIP( $this->getRequest()->getIP() );
2054 }
2055 return $this->mName;
2056 }
2057 }
2058
2059 /**
2060 * Set the user name.
2061 *
2062 * This does not reload fields from the database according to the given
2063 * name. Rather, it is used to create a temporary "nonexistent user" for
2064 * later addition to the database. It can also be used to set the IP
2065 * address for an anonymous user to something other than the current
2066 * remote IP.
2067 *
2068 * @note User::newFromName() has roughly the same function, when the named user
2069 * does not exist.
2070 * @param string $str New user name to set
2071 */
2072 public function setName( $str ) {
2073 $this->load();
2074 $this->mName = $str;
2075 }
2076
2077 /**
2078 * Get the user's name escaped by underscores.
2079 * @return string Username escaped by underscores.
2080 */
2081 public function getTitleKey() {
2082 return str_replace( ' ', '_', $this->getName() );
2083 }
2084
2085 /**
2086 * Check if the user has new messages.
2087 * @return bool True if the user has new messages
2088 */
2089 public function getNewtalk() {
2090 $this->load();
2091
2092 // Load the newtalk status if it is unloaded (mNewtalk=-1)
2093 if ( $this->mNewtalk === -1 ) {
2094 $this->mNewtalk = false; # reset talk page status
2095
2096 // Check memcached separately for anons, who have no
2097 // entire User object stored in there.
2098 if ( !$this->mId ) {
2099 global $wgDisableAnonTalk;
2100 if ( $wgDisableAnonTalk ) {
2101 // Anon newtalk disabled by configuration.
2102 $this->mNewtalk = false;
2103 } else {
2104 $this->mNewtalk = $this->checkNewtalk( 'user_ip', $this->getName() );
2105 }
2106 } else {
2107 $this->mNewtalk = $this->checkNewtalk( 'user_id', $this->mId );
2108 }
2109 }
2110
2111 return (bool)$this->mNewtalk;
2112 }
2113
2114 /**
2115 * Return the data needed to construct links for new talk page message
2116 * alerts. If there are new messages, this will return an associative array
2117 * with the following data:
2118 * wiki: The database name of the wiki
2119 * link: Root-relative link to the user's talk page
2120 * rev: The last talk page revision that the user has seen or null. This
2121 * is useful for building diff links.
2122 * If there are no new messages, it returns an empty array.
2123 * @note This function was designed to accomodate multiple talk pages, but
2124 * currently only returns a single link and revision.
2125 * @return array
2126 */
2127 public function getNewMessageLinks() {
2128 $talks = array();
2129 if ( !Hooks::run( 'UserRetrieveNewTalks', array( &$this, &$talks ) ) ) {
2130 return $talks;
2131 } elseif ( !$this->getNewtalk() ) {
2132 return array();
2133 }
2134 $utp = $this->getTalkPage();
2135 $dbr = wfGetDB( DB_SLAVE );
2136 // Get the "last viewed rev" timestamp from the oldest message notification
2137 $timestamp = $dbr->selectField( 'user_newtalk',
2138 'MIN(user_last_timestamp)',
2139 $this->isAnon() ? array( 'user_ip' => $this->getName() ) : array( 'user_id' => $this->getID() ),
2140 __METHOD__ );
2141 $rev = $timestamp ? Revision::loadFromTimestamp( $dbr, $utp, $timestamp ) : null;
2142 return array( array( 'wiki' => wfWikiID(), 'link' => $utp->getLocalURL(), 'rev' => $rev ) );
2143 }
2144
2145 /**
2146 * Get the revision ID for the last talk page revision viewed by the talk
2147 * page owner.
2148 * @return int|null Revision ID or null
2149 */
2150 public function getNewMessageRevisionId() {
2151 $newMessageRevisionId = null;
2152 $newMessageLinks = $this->getNewMessageLinks();
2153 if ( $newMessageLinks ) {
2154 // Note: getNewMessageLinks() never returns more than a single link
2155 // and it is always for the same wiki, but we double-check here in
2156 // case that changes some time in the future.
2157 if ( count( $newMessageLinks ) === 1
2158 && $newMessageLinks[0]['wiki'] === wfWikiID()
2159 && $newMessageLinks[0]['rev']
2160 ) {
2161 /** @var Revision $newMessageRevision */
2162 $newMessageRevision = $newMessageLinks[0]['rev'];
2163 $newMessageRevisionId = $newMessageRevision->getId();
2164 }
2165 }
2166 return $newMessageRevisionId;
2167 }
2168
2169 /**
2170 * Internal uncached check for new messages
2171 *
2172 * @see getNewtalk()
2173 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
2174 * @param string|int $id User's IP address for anonymous users, User ID otherwise
2175 * @return bool True if the user has new messages
2176 */
2177 protected function checkNewtalk( $field, $id ) {
2178 $dbr = wfGetDB( DB_SLAVE );
2179
2180 $ok = $dbr->selectField( 'user_newtalk', $field, array( $field => $id ), __METHOD__ );
2181
2182 return $ok !== false;
2183 }
2184
2185 /**
2186 * Add or update the new messages flag
2187 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
2188 * @param string|int $id User's IP address for anonymous users, User ID otherwise
2189 * @param Revision|null $curRev New, as yet unseen revision of the user talk page. Ignored if null.
2190 * @return bool True if successful, false otherwise
2191 */
2192 protected function updateNewtalk( $field, $id, $curRev = null ) {
2193 // Get timestamp of the talk page revision prior to the current one
2194 $prevRev = $curRev ? $curRev->getPrevious() : false;
2195 $ts = $prevRev ? $prevRev->getTimestamp() : null;
2196 // Mark the user as having new messages since this revision
2197 $dbw = wfGetDB( DB_MASTER );
2198 $dbw->insert( 'user_newtalk',
2199 array( $field => $id, 'user_last_timestamp' => $dbw->timestampOrNull( $ts ) ),
2200 __METHOD__,
2201 'IGNORE' );
2202 if ( $dbw->affectedRows() ) {
2203 wfDebug( __METHOD__ . ": set on ($field, $id)\n" );
2204 return true;
2205 } else {
2206 wfDebug( __METHOD__ . " already set ($field, $id)\n" );
2207 return false;
2208 }
2209 }
2210
2211 /**
2212 * Clear the new messages flag for the given user
2213 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
2214 * @param string|int $id User's IP address for anonymous users, User ID otherwise
2215 * @return bool True if successful, false otherwise
2216 */
2217 protected function deleteNewtalk( $field, $id ) {
2218 $dbw = wfGetDB( DB_MASTER );
2219 $dbw->delete( 'user_newtalk',
2220 array( $field => $id ),
2221 __METHOD__ );
2222 if ( $dbw->affectedRows() ) {
2223 wfDebug( __METHOD__ . ": killed on ($field, $id)\n" );
2224 return true;
2225 } else {
2226 wfDebug( __METHOD__ . ": already gone ($field, $id)\n" );
2227 return false;
2228 }
2229 }
2230
2231 /**
2232 * Update the 'You have new messages!' status.
2233 * @param bool $val Whether the user has new messages
2234 * @param Revision $curRev New, as yet unseen revision of the user talk
2235 * page. Ignored if null or !$val.
2236 */
2237 public function setNewtalk( $val, $curRev = null ) {
2238 if ( wfReadOnly() ) {
2239 return;
2240 }
2241
2242 $this->load();
2243 $this->mNewtalk = $val;
2244
2245 if ( $this->isAnon() ) {
2246 $field = 'user_ip';
2247 $id = $this->getName();
2248 } else {
2249 $field = 'user_id';
2250 $id = $this->getId();
2251 }
2252
2253 if ( $val ) {
2254 $changed = $this->updateNewtalk( $field, $id, $curRev );
2255 } else {
2256 $changed = $this->deleteNewtalk( $field, $id );
2257 }
2258
2259 if ( $changed ) {
2260 $this->invalidateCache();
2261 }
2262 }
2263
2264 /**
2265 * Generate a current or new-future timestamp to be stored in the
2266 * user_touched field when we update things.
2267 * @return string Timestamp in TS_MW format
2268 */
2269 private function newTouchedTimestamp() {
2270 global $wgClockSkewFudge;
2271
2272 $time = wfTimestamp( TS_MW, time() + $wgClockSkewFudge );
2273 if ( $this->mTouched && $time <= $this->mTouched ) {
2274 $time = wfTimestamp( TS_MW, wfTimestamp( TS_UNIX, $this->mTouched ) + 1 );
2275 }
2276
2277 return $time;
2278 }
2279
2280 /**
2281 * Clear user data from memcached.
2282 * Use after applying fun updates to the database; caller's
2283 * responsibility to update user_touched if appropriate.
2284 *
2285 * Called implicitly from invalidateCache() and saveSettings().
2286 */
2287 public function clearSharedCache() {
2288 $id = $this->getId();
2289 if ( $id ) {
2290 $key = wfMemcKey( 'user', 'id', $id );
2291 ObjectCache::getMainWANInstance()->delete( $key );
2292 }
2293 }
2294
2295 /**
2296 * Immediately touch the user data cache for this account
2297 *
2298 * Calls touch() and removes account data from memcached
2299 */
2300 public function invalidateCache() {
2301 $this->touch();
2302 $this->clearSharedCache();
2303 }
2304
2305 /**
2306 * Update the "touched" timestamp for the user
2307 *
2308 * This is useful on various login/logout events when making sure that
2309 * a browser or proxy that has multiple tenants does not suffer cache
2310 * pollution where the new user sees the old users content. The value
2311 * of getTouched() is checked when determining 304 vs 200 responses.
2312 * Unlike invalidateCache(), this preserves the User object cache and
2313 * avoids database writes.
2314 *
2315 * @since 1.25
2316 */
2317 public function touch() {
2318 $id = $this->getId();
2319 if ( $id ) {
2320 $key = wfMemcKey( 'user-quicktouched', 'id', $id );
2321 ObjectCache::getMainWANInstance()->touchCheckKey( $key );
2322 $this->mQuickTouched = null;
2323 }
2324 }
2325
2326 /**
2327 * Validate the cache for this account.
2328 * @param string $timestamp A timestamp in TS_MW format
2329 * @return bool
2330 */
2331 public function validateCache( $timestamp ) {
2332 return ( $timestamp >= $this->getTouched() );
2333 }
2334
2335 /**
2336 * Get the user touched timestamp
2337 *
2338 * Use this value only to validate caches via inequalities
2339 * such as in the case of HTTP If-Modified-Since response logic
2340 *
2341 * @return string TS_MW Timestamp
2342 */
2343 public function getTouched() {
2344 $this->load();
2345
2346 if ( $this->mId ) {
2347 if ( $this->mQuickTouched === null ) {
2348 $key = wfMemcKey( 'user-quicktouched', 'id', $this->mId );
2349 $cache = ObjectCache::getMainWANInstance();
2350
2351 $this->mQuickTouched = wfTimestamp( TS_MW, $cache->getCheckKeyTime( $key ) );
2352 }
2353
2354 return max( $this->mTouched, $this->mQuickTouched );
2355 }
2356
2357 return $this->mTouched;
2358 }
2359
2360 /**
2361 * Get the user_touched timestamp field (time of last DB updates)
2362 * @return string TS_MW Timestamp
2363 * @since 1.26
2364 */
2365 public function getDBTouched() {
2366 $this->load();
2367
2368 return $this->mTouched;
2369 }
2370
2371 /**
2372 * @return Password
2373 * @since 1.24
2374 */
2375 public function getPassword() {
2376 $this->loadPasswords();
2377
2378 return $this->mPassword;
2379 }
2380
2381 /**
2382 * @return Password
2383 * @since 1.24
2384 */
2385 public function getTemporaryPassword() {
2386 $this->loadPasswords();
2387
2388 return $this->mNewpassword;
2389 }
2390
2391 /**
2392 * Set the password and reset the random token.
2393 * Calls through to authentication plugin if necessary;
2394 * will have no effect if the auth plugin refuses to
2395 * pass the change through or if the legal password
2396 * checks fail.
2397 *
2398 * As a special case, setting the password to null
2399 * wipes it, so the account cannot be logged in until
2400 * a new password is set, for instance via e-mail.
2401 *
2402 * @param string $str New password to set
2403 * @throws PasswordError On failure
2404 *
2405 * @return bool
2406 */
2407 public function setPassword( $str ) {
2408 global $wgAuth;
2409
2410 $this->loadPasswords();
2411
2412 if ( $str !== null ) {
2413 if ( !$wgAuth->allowPasswordChange() ) {
2414 throw new PasswordError( wfMessage( 'password-change-forbidden' )->text() );
2415 }
2416
2417 $status = $this->checkPasswordValidity( $str );
2418 if ( !$status->isGood() ) {
2419 throw new PasswordError( $status->getMessage()->text() );
2420 }
2421 }
2422
2423 if ( !$wgAuth->setPassword( $this, $str ) ) {
2424 throw new PasswordError( wfMessage( 'externaldberror' )->text() );
2425 }
2426
2427 $this->setInternalPassword( $str );
2428
2429 return true;
2430 }
2431
2432 /**
2433 * Set the password and reset the random token unconditionally.
2434 *
2435 * @param string|null $str New password to set or null to set an invalid
2436 * password hash meaning that the user will not be able to log in
2437 * through the web interface.
2438 */
2439 public function setInternalPassword( $str ) {
2440 $this->setToken();
2441
2442 $passwordFactory = self::getPasswordFactory();
2443 $this->mPassword = $passwordFactory->newFromPlaintext( $str );
2444
2445 $this->mNewpassword = $passwordFactory->newFromCiphertext( null );
2446 $this->mNewpassTime = null;
2447 }
2448
2449 /**
2450 * Get the user's current token.
2451 * @param bool $forceCreation Force the generation of a new token if the
2452 * user doesn't have one (default=true for backwards compatibility).
2453 * @return string Token
2454 */
2455 public function getToken( $forceCreation = true ) {
2456 $this->load();
2457 if ( !$this->mToken && $forceCreation ) {
2458 $this->setToken();
2459 }
2460 return $this->mToken;
2461 }
2462
2463 /**
2464 * Set the random token (used for persistent authentication)
2465 * Called from loadDefaults() among other places.
2466 *
2467 * @param string|bool $token If specified, set the token to this value
2468 */
2469 public function setToken( $token = false ) {
2470 $this->load();
2471 if ( !$token ) {
2472 $this->mToken = MWCryptRand::generateHex( self::TOKEN_LENGTH );
2473 } else {
2474 $this->mToken = $token;
2475 }
2476 }
2477
2478 /**
2479 * Set the password for a password reminder or new account email
2480 *
2481 * @param string $str New password to set or null to set an invalid
2482 * password hash meaning that the user will not be able to use it
2483 * @param bool $throttle If true, reset the throttle timestamp to the present
2484 */
2485 public function setNewpassword( $str, $throttle = true ) {
2486 $this->loadPasswords();
2487
2488 $this->mNewpassword = self::getPasswordFactory()->newFromPlaintext( $str );
2489 if ( $str === null ) {
2490 $this->mNewpassTime = null;
2491 } elseif ( $throttle ) {
2492 $this->mNewpassTime = wfTimestampNow();
2493 }
2494 }
2495
2496 /**
2497 * Has password reminder email been sent within the last
2498 * $wgPasswordReminderResendTime hours?
2499 * @return bool
2500 */
2501 public function isPasswordReminderThrottled() {
2502 global $wgPasswordReminderResendTime;
2503 $this->load();
2504 if ( !$this->mNewpassTime || !$wgPasswordReminderResendTime ) {
2505 return false;
2506 }
2507 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgPasswordReminderResendTime * 3600;
2508 return time() < $expiry;
2509 }
2510
2511 /**
2512 * Get the user's e-mail address
2513 * @return string User's email address
2514 */
2515 public function getEmail() {
2516 $this->load();
2517 Hooks::run( 'UserGetEmail', array( $this, &$this->mEmail ) );
2518 return $this->mEmail;
2519 }
2520
2521 /**
2522 * Get the timestamp of the user's e-mail authentication
2523 * @return string TS_MW timestamp
2524 */
2525 public function getEmailAuthenticationTimestamp() {
2526 $this->load();
2527 Hooks::run( 'UserGetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
2528 return $this->mEmailAuthenticated;
2529 }
2530
2531 /**
2532 * Set the user's e-mail address
2533 * @param string $str New e-mail address
2534 */
2535 public function setEmail( $str ) {
2536 $this->load();
2537 if ( $str == $this->mEmail ) {
2538 return;
2539 }
2540 $this->invalidateEmail();
2541 $this->mEmail = $str;
2542 Hooks::run( 'UserSetEmail', array( $this, &$this->mEmail ) );
2543 }
2544
2545 /**
2546 * Set the user's e-mail address and a confirmation mail if needed.
2547 *
2548 * @since 1.20
2549 * @param string $str New e-mail address
2550 * @return Status
2551 */
2552 public function setEmailWithConfirmation( $str ) {
2553 global $wgEnableEmail, $wgEmailAuthentication;
2554
2555 if ( !$wgEnableEmail ) {
2556 return Status::newFatal( 'emaildisabled' );
2557 }
2558
2559 $oldaddr = $this->getEmail();
2560 if ( $str === $oldaddr ) {
2561 return Status::newGood( true );
2562 }
2563
2564 $this->setEmail( $str );
2565
2566 if ( $str !== '' && $wgEmailAuthentication ) {
2567 // Send a confirmation request to the new address if needed
2568 $type = $oldaddr != '' ? 'changed' : 'set';
2569 $result = $this->sendConfirmationMail( $type );
2570 if ( $result->isGood() ) {
2571 // Say to the caller that a confirmation mail has been sent
2572 $result->value = 'eauth';
2573 }
2574 } else {
2575 $result = Status::newGood( true );
2576 }
2577
2578 return $result;
2579 }
2580
2581 /**
2582 * Get the user's real name
2583 * @return string User's real name
2584 */
2585 public function getRealName() {
2586 if ( !$this->isItemLoaded( 'realname' ) ) {
2587 $this->load();
2588 }
2589
2590 return $this->mRealName;
2591 }
2592
2593 /**
2594 * Set the user's real name
2595 * @param string $str New real name
2596 */
2597 public function setRealName( $str ) {
2598 $this->load();
2599 $this->mRealName = $str;
2600 }
2601
2602 /**
2603 * Get the user's current setting for a given option.
2604 *
2605 * @param string $oname The option to check
2606 * @param string $defaultOverride A default value returned if the option does not exist
2607 * @param bool $ignoreHidden Whether to ignore the effects of $wgHiddenPrefs
2608 * @return string User's current value for the option
2609 * @see getBoolOption()
2610 * @see getIntOption()
2611 */
2612 public function getOption( $oname, $defaultOverride = null, $ignoreHidden = false ) {
2613 global $wgHiddenPrefs;
2614 $this->loadOptions();
2615
2616 # We want 'disabled' preferences to always behave as the default value for
2617 # users, even if they have set the option explicitly in their settings (ie they
2618 # set it, and then it was disabled removing their ability to change it). But
2619 # we don't want to erase the preferences in the database in case the preference
2620 # is re-enabled again. So don't touch $mOptions, just override the returned value
2621 if ( !$ignoreHidden && in_array( $oname, $wgHiddenPrefs ) ) {
2622 return self::getDefaultOption( $oname );
2623 }
2624
2625 if ( array_key_exists( $oname, $this->mOptions ) ) {
2626 return $this->mOptions[$oname];
2627 } else {
2628 return $defaultOverride;
2629 }
2630 }
2631
2632 /**
2633 * Get all user's options
2634 *
2635 * @param int $flags Bitwise combination of:
2636 * User::GETOPTIONS_EXCLUDE_DEFAULTS Exclude user options that are set
2637 * to the default value. (Since 1.25)
2638 * @return array
2639 */
2640 public function getOptions( $flags = 0 ) {
2641 global $wgHiddenPrefs;
2642 $this->loadOptions();
2643 $options = $this->mOptions;
2644
2645 # We want 'disabled' preferences to always behave as the default value for
2646 # users, even if they have set the option explicitly in their settings (ie they
2647 # set it, and then it was disabled removing their ability to change it). But
2648 # we don't want to erase the preferences in the database in case the preference
2649 # is re-enabled again. So don't touch $mOptions, just override the returned value
2650 foreach ( $wgHiddenPrefs as $pref ) {
2651 $default = self::getDefaultOption( $pref );
2652 if ( $default !== null ) {
2653 $options[$pref] = $default;
2654 }
2655 }
2656
2657 if ( $flags & self::GETOPTIONS_EXCLUDE_DEFAULTS ) {
2658 $options = array_diff_assoc( $options, self::getDefaultOptions() );
2659 }
2660
2661 return $options;
2662 }
2663
2664 /**
2665 * Get the user's current setting for a given option, as a boolean value.
2666 *
2667 * @param string $oname The option to check
2668 * @return bool User's current value for the option
2669 * @see getOption()
2670 */
2671 public function getBoolOption( $oname ) {
2672 return (bool)$this->getOption( $oname );
2673 }
2674
2675 /**
2676 * Get the user's current setting for a given option, as an integer value.
2677 *
2678 * @param string $oname The option to check
2679 * @param int $defaultOverride A default value returned if the option does not exist
2680 * @return int User's current value for the option
2681 * @see getOption()
2682 */
2683 public function getIntOption( $oname, $defaultOverride = 0 ) {
2684 $val = $this->getOption( $oname );
2685 if ( $val == '' ) {
2686 $val = $defaultOverride;
2687 }
2688 return intval( $val );
2689 }
2690
2691 /**
2692 * Set the given option for a user.
2693 *
2694 * You need to call saveSettings() to actually write to the database.
2695 *
2696 * @param string $oname The option to set
2697 * @param mixed $val New value to set
2698 */
2699 public function setOption( $oname, $val ) {
2700 $this->loadOptions();
2701
2702 // Explicitly NULL values should refer to defaults
2703 if ( is_null( $val ) ) {
2704 $val = self::getDefaultOption( $oname );
2705 }
2706
2707 $this->mOptions[$oname] = $val;
2708 }
2709
2710 /**
2711 * Get a token stored in the preferences (like the watchlist one),
2712 * resetting it if it's empty (and saving changes).
2713 *
2714 * @param string $oname The option name to retrieve the token from
2715 * @return string|bool User's current value for the option, or false if this option is disabled.
2716 * @see resetTokenFromOption()
2717 * @see getOption()
2718 */
2719 public function getTokenFromOption( $oname ) {
2720 global $wgHiddenPrefs;
2721 if ( in_array( $oname, $wgHiddenPrefs ) ) {
2722 return false;
2723 }
2724
2725 $token = $this->getOption( $oname );
2726 if ( !$token ) {
2727 $token = $this->resetTokenFromOption( $oname );
2728 if ( !wfReadOnly() ) {
2729 $this->saveSettings();
2730 }
2731 }
2732 return $token;
2733 }
2734
2735 /**
2736 * Reset a token stored in the preferences (like the watchlist one).
2737 * *Does not* save user's preferences (similarly to setOption()).
2738 *
2739 * @param string $oname The option name to reset the token in
2740 * @return string|bool New token value, or false if this option is disabled.
2741 * @see getTokenFromOption()
2742 * @see setOption()
2743 */
2744 public function resetTokenFromOption( $oname ) {
2745 global $wgHiddenPrefs;
2746 if ( in_array( $oname, $wgHiddenPrefs ) ) {
2747 return false;
2748 }
2749
2750 $token = MWCryptRand::generateHex( 40 );
2751 $this->setOption( $oname, $token );
2752 return $token;
2753 }
2754
2755 /**
2756 * Return a list of the types of user options currently returned by
2757 * User::getOptionKinds().
2758 *
2759 * Currently, the option kinds are:
2760 * - 'registered' - preferences which are registered in core MediaWiki or
2761 * by extensions using the UserGetDefaultOptions hook.
2762 * - 'registered-multiselect' - as above, using the 'multiselect' type.
2763 * - 'registered-checkmatrix' - as above, using the 'checkmatrix' type.
2764 * - 'userjs' - preferences with names starting with 'userjs-', intended to
2765 * be used by user scripts.
2766 * - 'special' - "preferences" that are not accessible via User::getOptions
2767 * or User::setOptions.
2768 * - 'unused' - preferences about which MediaWiki doesn't know anything.
2769 * These are usually legacy options, removed in newer versions.
2770 *
2771 * The API (and possibly others) use this function to determine the possible
2772 * option types for validation purposes, so make sure to update this when a
2773 * new option kind is added.
2774 *
2775 * @see User::getOptionKinds
2776 * @return array Option kinds
2777 */
2778 public static function listOptionKinds() {
2779 return array(
2780 'registered',
2781 'registered-multiselect',
2782 'registered-checkmatrix',
2783 'userjs',
2784 'special',
2785 'unused'
2786 );
2787 }
2788
2789 /**
2790 * Return an associative array mapping preferences keys to the kind of a preference they're
2791 * used for. Different kinds are handled differently when setting or reading preferences.
2792 *
2793 * See User::listOptionKinds for the list of valid option types that can be provided.
2794 *
2795 * @see User::listOptionKinds
2796 * @param IContextSource $context
2797 * @param array $options Assoc. array with options keys to check as keys.
2798 * Defaults to $this->mOptions.
2799 * @return array The key => kind mapping data
2800 */
2801 public function getOptionKinds( IContextSource $context, $options = null ) {
2802 $this->loadOptions();
2803 if ( $options === null ) {
2804 $options = $this->mOptions;
2805 }
2806
2807 $prefs = Preferences::getPreferences( $this, $context );
2808 $mapping = array();
2809
2810 // Pull out the "special" options, so they don't get converted as
2811 // multiselect or checkmatrix.
2812 $specialOptions = array_fill_keys( Preferences::getSaveBlacklist(), true );
2813 foreach ( $specialOptions as $name => $value ) {
2814 unset( $prefs[$name] );
2815 }
2816
2817 // Multiselect and checkmatrix options are stored in the database with
2818 // one key per option, each having a boolean value. Extract those keys.
2819 $multiselectOptions = array();
2820 foreach ( $prefs as $name => $info ) {
2821 if ( ( isset( $info['type'] ) && $info['type'] == 'multiselect' ) ||
2822 ( isset( $info['class'] ) && $info['class'] == 'HTMLMultiSelectField' ) ) {
2823 $opts = HTMLFormField::flattenOptions( $info['options'] );
2824 $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $name;
2825
2826 foreach ( $opts as $value ) {
2827 $multiselectOptions["$prefix$value"] = true;
2828 }
2829
2830 unset( $prefs[$name] );
2831 }
2832 }
2833 $checkmatrixOptions = array();
2834 foreach ( $prefs as $name => $info ) {
2835 if ( ( isset( $info['type'] ) && $info['type'] == 'checkmatrix' ) ||
2836 ( isset( $info['class'] ) && $info['class'] == 'HTMLCheckMatrix' ) ) {
2837 $columns = HTMLFormField::flattenOptions( $info['columns'] );
2838 $rows = HTMLFormField::flattenOptions( $info['rows'] );
2839 $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $name;
2840
2841 foreach ( $columns as $column ) {
2842 foreach ( $rows as $row ) {
2843 $checkmatrixOptions["$prefix$column-$row"] = true;
2844 }
2845 }
2846
2847 unset( $prefs[$name] );
2848 }
2849 }
2850
2851 // $value is ignored
2852 foreach ( $options as $key => $value ) {
2853 if ( isset( $prefs[$key] ) ) {
2854 $mapping[$key] = 'registered';
2855 } elseif ( isset( $multiselectOptions[$key] ) ) {
2856 $mapping[$key] = 'registered-multiselect';
2857 } elseif ( isset( $checkmatrixOptions[$key] ) ) {
2858 $mapping[$key] = 'registered-checkmatrix';
2859 } elseif ( isset( $specialOptions[$key] ) ) {
2860 $mapping[$key] = 'special';
2861 } elseif ( substr( $key, 0, 7 ) === 'userjs-' ) {
2862 $mapping[$key] = 'userjs';
2863 } else {
2864 $mapping[$key] = 'unused';
2865 }
2866 }
2867
2868 return $mapping;
2869 }
2870
2871 /**
2872 * Reset certain (or all) options to the site defaults
2873 *
2874 * The optional parameter determines which kinds of preferences will be reset.
2875 * Supported values are everything that can be reported by getOptionKinds()
2876 * and 'all', which forces a reset of *all* preferences and overrides everything else.
2877 *
2878 * @param array|string $resetKinds Which kinds of preferences to reset. Defaults to
2879 * array( 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused' )
2880 * for backwards-compatibility.
2881 * @param IContextSource|null $context Context source used when $resetKinds
2882 * does not contain 'all', passed to getOptionKinds().
2883 * Defaults to RequestContext::getMain() when null.
2884 */
2885 public function resetOptions(
2886 $resetKinds = array( 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused' ),
2887 IContextSource $context = null
2888 ) {
2889 $this->load();
2890 $defaultOptions = self::getDefaultOptions();
2891
2892 if ( !is_array( $resetKinds ) ) {
2893 $resetKinds = array( $resetKinds );
2894 }
2895
2896 if ( in_array( 'all', $resetKinds ) ) {
2897 $newOptions = $defaultOptions;
2898 } else {
2899 if ( $context === null ) {
2900 $context = RequestContext::getMain();
2901 }
2902
2903 $optionKinds = $this->getOptionKinds( $context );
2904 $resetKinds = array_intersect( $resetKinds, self::listOptionKinds() );
2905 $newOptions = array();
2906
2907 // Use default values for the options that should be deleted, and
2908 // copy old values for the ones that shouldn't.
2909 foreach ( $this->mOptions as $key => $value ) {
2910 if ( in_array( $optionKinds[$key], $resetKinds ) ) {
2911 if ( array_key_exists( $key, $defaultOptions ) ) {
2912 $newOptions[$key] = $defaultOptions[$key];
2913 }
2914 } else {
2915 $newOptions[$key] = $value;
2916 }
2917 }
2918 }
2919
2920 Hooks::run( 'UserResetAllOptions', array( $this, &$newOptions, $this->mOptions, $resetKinds ) );
2921
2922 $this->mOptions = $newOptions;
2923 $this->mOptionsLoaded = true;
2924 }
2925
2926 /**
2927 * Get the user's preferred date format.
2928 * @return string User's preferred date format
2929 */
2930 public function getDatePreference() {
2931 // Important migration for old data rows
2932 if ( is_null( $this->mDatePreference ) ) {
2933 global $wgLang;
2934 $value = $this->getOption( 'date' );
2935 $map = $wgLang->getDatePreferenceMigrationMap();
2936 if ( isset( $map[$value] ) ) {
2937 $value = $map[$value];
2938 }
2939 $this->mDatePreference = $value;
2940 }
2941 return $this->mDatePreference;
2942 }
2943
2944 /**
2945 * Determine based on the wiki configuration and the user's options,
2946 * whether this user must be over HTTPS no matter what.
2947 *
2948 * @return bool
2949 */
2950 public function requiresHTTPS() {
2951 global $wgSecureLogin;
2952 if ( !$wgSecureLogin ) {
2953 return false;
2954 } else {
2955 $https = $this->getBoolOption( 'prefershttps' );
2956 Hooks::run( 'UserRequiresHTTPS', array( $this, &$https ) );
2957 if ( $https ) {
2958 $https = wfCanIPUseHTTPS( $this->getRequest()->getIP() );
2959 }
2960 return $https;
2961 }
2962 }
2963
2964 /**
2965 * Get the user preferred stub threshold
2966 *
2967 * @return int
2968 */
2969 public function getStubThreshold() {
2970 global $wgMaxArticleSize; # Maximum article size, in Kb
2971 $threshold = $this->getIntOption( 'stubthreshold' );
2972 if ( $threshold > $wgMaxArticleSize * 1024 ) {
2973 // If they have set an impossible value, disable the preference
2974 // so we can use the parser cache again.
2975 $threshold = 0;
2976 }
2977 return $threshold;
2978 }
2979
2980 /**
2981 * Get the permissions this user has.
2982 * @return array Array of String permission names
2983 */
2984 public function getRights() {
2985 if ( is_null( $this->mRights ) ) {
2986 $this->mRights = self::getGroupPermissions( $this->getEffectiveGroups() );
2987 Hooks::run( 'UserGetRights', array( $this, &$this->mRights ) );
2988 // Force reindexation of rights when a hook has unset one of them
2989 $this->mRights = array_values( array_unique( $this->mRights ) );
2990 }
2991 return $this->mRights;
2992 }
2993
2994 /**
2995 * Get the list of explicit group memberships this user has.
2996 * The implicit * and user groups are not included.
2997 * @return array Array of String internal group names
2998 */
2999 public function getGroups() {
3000 $this->load();
3001 $this->loadGroups();
3002 return $this->mGroups;
3003 }
3004
3005 /**
3006 * Get the list of implicit group memberships this user has.
3007 * This includes all explicit groups, plus 'user' if logged in,
3008 * '*' for all accounts, and autopromoted groups
3009 * @param bool $recache Whether to avoid the cache
3010 * @return array Array of String internal group names
3011 */
3012 public function getEffectiveGroups( $recache = false ) {
3013 if ( $recache || is_null( $this->mEffectiveGroups ) ) {
3014 $this->mEffectiveGroups = array_unique( array_merge(
3015 $this->getGroups(), // explicit groups
3016 $this->getAutomaticGroups( $recache ) // implicit groups
3017 ) );
3018 // Hook for additional groups
3019 Hooks::run( 'UserEffectiveGroups', array( &$this, &$this->mEffectiveGroups ) );
3020 // Force reindexation of groups when a hook has unset one of them
3021 $this->mEffectiveGroups = array_values( array_unique( $this->mEffectiveGroups ) );
3022 }
3023 return $this->mEffectiveGroups;
3024 }
3025
3026 /**
3027 * Get the list of implicit group memberships this user has.
3028 * This includes 'user' if logged in, '*' for all accounts,
3029 * and autopromoted groups
3030 * @param bool $recache Whether to avoid the cache
3031 * @return array Array of String internal group names
3032 */
3033 public function getAutomaticGroups( $recache = false ) {
3034 if ( $recache || is_null( $this->mImplicitGroups ) ) {
3035 $this->mImplicitGroups = array( '*' );
3036 if ( $this->getId() ) {
3037 $this->mImplicitGroups[] = 'user';
3038
3039 $this->mImplicitGroups = array_unique( array_merge(
3040 $this->mImplicitGroups,
3041 Autopromote::getAutopromoteGroups( $this )
3042 ) );
3043 }
3044 if ( $recache ) {
3045 // Assure data consistency with rights/groups,
3046 // as getEffectiveGroups() depends on this function
3047 $this->mEffectiveGroups = null;
3048 }
3049 }
3050 return $this->mImplicitGroups;
3051 }
3052
3053 /**
3054 * Returns the groups the user has belonged to.
3055 *
3056 * The user may still belong to the returned groups. Compare with getGroups().
3057 *
3058 * The function will not return groups the user had belonged to before MW 1.17
3059 *
3060 * @return array Names of the groups the user has belonged to.
3061 */
3062 public function getFormerGroups() {
3063 $this->load();
3064
3065 if ( is_null( $this->mFormerGroups ) ) {
3066 $db = ( $this->queryFlagsUsed & self::READ_LATEST )
3067 ? wfGetDB( DB_MASTER )
3068 : wfGetDB( DB_SLAVE );
3069 $res = $db->select( 'user_former_groups',
3070 array( 'ufg_group' ),
3071 array( 'ufg_user' => $this->mId ),
3072 __METHOD__ );
3073 $this->mFormerGroups = array();
3074 foreach ( $res as $row ) {
3075 $this->mFormerGroups[] = $row->ufg_group;
3076 }
3077 }
3078
3079 return $this->mFormerGroups;
3080 }
3081
3082 /**
3083 * Get the user's edit count.
3084 * @return int|null Null for anonymous users
3085 */
3086 public function getEditCount() {
3087 if ( !$this->getId() ) {
3088 return null;
3089 }
3090
3091 if ( $this->mEditCount === null ) {
3092 /* Populate the count, if it has not been populated yet */
3093 $dbr = wfGetDB( DB_SLAVE );
3094 // check if the user_editcount field has been initialized
3095 $count = $dbr->selectField(
3096 'user', 'user_editcount',
3097 array( 'user_id' => $this->mId ),
3098 __METHOD__
3099 );
3100
3101 if ( $count === null ) {
3102 // it has not been initialized. do so.
3103 $count = $this->initEditCount();
3104 }
3105 $this->mEditCount = $count;
3106 }
3107 return (int)$this->mEditCount;
3108 }
3109
3110 /**
3111 * Add the user to the given group.
3112 * This takes immediate effect.
3113 * @param string $group Name of the group to add
3114 * @return bool
3115 */
3116 public function addGroup( $group ) {
3117 $this->load();
3118
3119 if ( !Hooks::run( 'UserAddGroup', array( $this, &$group ) ) ) {
3120 return false;
3121 }
3122
3123 $dbw = wfGetDB( DB_MASTER );
3124 if ( $this->getId() ) {
3125 $dbw->insert( 'user_groups',
3126 array(
3127 'ug_user' => $this->getID(),
3128 'ug_group' => $group,
3129 ),
3130 __METHOD__,
3131 array( 'IGNORE' ) );
3132 }
3133
3134 $this->loadGroups();
3135 $this->mGroups[] = $group;
3136 // In case loadGroups was not called before, we now have the right twice.
3137 // Get rid of the duplicate.
3138 $this->mGroups = array_unique( $this->mGroups );
3139
3140 // Refresh the groups caches, and clear the rights cache so it will be
3141 // refreshed on the next call to $this->getRights().
3142 $this->getEffectiveGroups( true );
3143 $this->mRights = null;
3144
3145 $this->invalidateCache();
3146
3147 return true;
3148 }
3149
3150 /**
3151 * Remove the user from the given group.
3152 * This takes immediate effect.
3153 * @param string $group Name of the group to remove
3154 * @return bool
3155 */
3156 public function removeGroup( $group ) {
3157 $this->load();
3158 if ( !Hooks::run( 'UserRemoveGroup', array( $this, &$group ) ) ) {
3159 return false;
3160 }
3161
3162 $dbw = wfGetDB( DB_MASTER );
3163 $dbw->delete( 'user_groups',
3164 array(
3165 'ug_user' => $this->getID(),
3166 'ug_group' => $group,
3167 ), __METHOD__
3168 );
3169 // Remember that the user was in this group
3170 $dbw->insert( 'user_former_groups',
3171 array(
3172 'ufg_user' => $this->getID(),
3173 'ufg_group' => $group,
3174 ),
3175 __METHOD__,
3176 array( 'IGNORE' )
3177 );
3178
3179 $this->loadGroups();
3180 $this->mGroups = array_diff( $this->mGroups, array( $group ) );
3181
3182 // Refresh the groups caches, and clear the rights cache so it will be
3183 // refreshed on the next call to $this->getRights().
3184 $this->getEffectiveGroups( true );
3185 $this->mRights = null;
3186
3187 $this->invalidateCache();
3188
3189 return true;
3190 }
3191
3192 /**
3193 * Get whether the user is logged in
3194 * @return bool
3195 */
3196 public function isLoggedIn() {
3197 return $this->getID() != 0;
3198 }
3199
3200 /**
3201 * Get whether the user is anonymous
3202 * @return bool
3203 */
3204 public function isAnon() {
3205 return !$this->isLoggedIn();
3206 }
3207
3208 /**
3209 * Check if user is allowed to access a feature / make an action
3210 *
3211 * @param string $permissions,... Permissions to test
3212 * @return bool True if user is allowed to perform *any* of the given actions
3213 */
3214 public function isAllowedAny( /*...*/ ) {
3215 $permissions = func_get_args();
3216 foreach ( $permissions as $permission ) {
3217 if ( $this->isAllowed( $permission ) ) {
3218 return true;
3219 }
3220 }
3221 return false;
3222 }
3223
3224 /**
3225 *
3226 * @param string $permissions,... Permissions to test
3227 * @return bool True if the user is allowed to perform *all* of the given actions
3228 */
3229 public function isAllowedAll( /*...*/ ) {
3230 $permissions = func_get_args();
3231 foreach ( $permissions as $permission ) {
3232 if ( !$this->isAllowed( $permission ) ) {
3233 return false;
3234 }
3235 }
3236 return true;
3237 }
3238
3239 /**
3240 * Internal mechanics of testing a permission
3241 * @param string $action
3242 * @return bool
3243 */
3244 public function isAllowed( $action = '' ) {
3245 if ( $action === '' ) {
3246 return true; // In the spirit of DWIM
3247 }
3248 // Patrolling may not be enabled
3249 if ( $action === 'patrol' || $action === 'autopatrol' ) {
3250 global $wgUseRCPatrol, $wgUseNPPatrol;
3251 if ( !$wgUseRCPatrol && !$wgUseNPPatrol ) {
3252 return false;
3253 }
3254 }
3255 // Use strict parameter to avoid matching numeric 0 accidentally inserted
3256 // by misconfiguration: 0 == 'foo'
3257 return in_array( $action, $this->getRights(), true );
3258 }
3259
3260 /**
3261 * Check whether to enable recent changes patrol features for this user
3262 * @return bool True or false
3263 */
3264 public function useRCPatrol() {
3265 global $wgUseRCPatrol;
3266 return $wgUseRCPatrol && $this->isAllowedAny( 'patrol', 'patrolmarks' );
3267 }
3268
3269 /**
3270 * Check whether to enable new pages patrol features for this user
3271 * @return bool True or false
3272 */
3273 public function useNPPatrol() {
3274 global $wgUseRCPatrol, $wgUseNPPatrol;
3275 return (
3276 ( $wgUseRCPatrol || $wgUseNPPatrol )
3277 && ( $this->isAllowedAny( 'patrol', 'patrolmarks' ) )
3278 );
3279 }
3280
3281 /**
3282 * Get the WebRequest object to use with this object
3283 *
3284 * @return WebRequest
3285 */
3286 public function getRequest() {
3287 if ( $this->mRequest ) {
3288 return $this->mRequest;
3289 } else {
3290 global $wgRequest;
3291 return $wgRequest;
3292 }
3293 }
3294
3295 /**
3296 * Get the current skin, loading it if required
3297 * @return Skin The current skin
3298 * @todo FIXME: Need to check the old failback system [AV]
3299 * @deprecated since 1.18 Use ->getSkin() in the most relevant outputting context you have
3300 */
3301 public function getSkin() {
3302 wfDeprecated( __METHOD__, '1.18' );
3303 return RequestContext::getMain()->getSkin();
3304 }
3305
3306 /**
3307 * Get a WatchedItem for this user and $title.
3308 *
3309 * @since 1.22 $checkRights parameter added
3310 * @param Title $title
3311 * @param int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
3312 * Pass WatchedItem::CHECK_USER_RIGHTS or WatchedItem::IGNORE_USER_RIGHTS.
3313 * @return WatchedItem
3314 */
3315 public function getWatchedItem( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
3316 $key = $checkRights . ':' . $title->getNamespace() . ':' . $title->getDBkey();
3317
3318 if ( isset( $this->mWatchedItems[$key] ) ) {
3319 return $this->mWatchedItems[$key];
3320 }
3321
3322 if ( count( $this->mWatchedItems ) >= self::MAX_WATCHED_ITEMS_CACHE ) {
3323 $this->mWatchedItems = array();
3324 }
3325
3326 $this->mWatchedItems[$key] = WatchedItem::fromUserTitle( $this, $title, $checkRights );
3327 return $this->mWatchedItems[$key];
3328 }
3329
3330 /**
3331 * Check the watched status of an article.
3332 * @since 1.22 $checkRights parameter added
3333 * @param Title $title Title of the article to look at
3334 * @param int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
3335 * Pass WatchedItem::CHECK_USER_RIGHTS or WatchedItem::IGNORE_USER_RIGHTS.
3336 * @return bool
3337 */
3338 public function isWatched( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
3339 return $this->getWatchedItem( $title, $checkRights )->isWatched();
3340 }
3341
3342 /**
3343 * Watch an article.
3344 * @since 1.22 $checkRights parameter added
3345 * @param Title $title Title of the article to look at
3346 * @param int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
3347 * Pass WatchedItem::CHECK_USER_RIGHTS or WatchedItem::IGNORE_USER_RIGHTS.
3348 */
3349 public function addWatch( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
3350 $this->getWatchedItem( $title, $checkRights )->addWatch();
3351 $this->invalidateCache();
3352 }
3353
3354 /**
3355 * Stop watching an article.
3356 * @since 1.22 $checkRights parameter added
3357 * @param Title $title Title of the article to look at
3358 * @param int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
3359 * Pass WatchedItem::CHECK_USER_RIGHTS or WatchedItem::IGNORE_USER_RIGHTS.
3360 */
3361 public function removeWatch( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
3362 $this->getWatchedItem( $title, $checkRights )->removeWatch();
3363 $this->invalidateCache();
3364 }
3365
3366 /**
3367 * Clear the user's notification timestamp for the given title.
3368 * If e-notif e-mails are on, they will receive notification mails on
3369 * the next change of the page if it's watched etc.
3370 * @note If the user doesn't have 'editmywatchlist', this will do nothing.
3371 * @param Title $title Title of the article to look at
3372 * @param int $oldid The revision id being viewed. If not given or 0, latest revision is assumed.
3373 */
3374 public function clearNotification( &$title, $oldid = 0 ) {
3375 global $wgUseEnotif, $wgShowUpdatedMarker;
3376
3377 // Do nothing if the database is locked to writes
3378 if ( wfReadOnly() ) {
3379 return;
3380 }
3381
3382 // Do nothing if not allowed to edit the watchlist
3383 if ( !$this->isAllowed( 'editmywatchlist' ) ) {
3384 return;
3385 }
3386
3387 // If we're working on user's talk page, we should update the talk page message indicator
3388 if ( $title->getNamespace() == NS_USER_TALK && $title->getText() == $this->getName() ) {
3389 if ( !Hooks::run( 'UserClearNewTalkNotification', array( &$this, $oldid ) ) ) {
3390 return;
3391 }
3392
3393 $that = $this;
3394 // Try to update the DB post-send and only if needed...
3395 DeferredUpdates::addCallableUpdate( function() use ( $that, $title, $oldid ) {
3396 if ( !$that->getNewtalk() ) {
3397 return; // no notifications to clear
3398 }
3399
3400 // Delete the last notifications (they stack up)
3401 $that->setNewtalk( false );
3402
3403 // If there is a new, unseen, revision, use its timestamp
3404 $nextid = $oldid
3405 ? $title->getNextRevisionID( $oldid, Title::GAID_FOR_UPDATE )
3406 : null;
3407 if ( $nextid ) {
3408 $that->setNewtalk( true, Revision::newFromId( $nextid ) );
3409 }
3410 } );
3411 }
3412
3413 if ( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
3414 return;
3415 }
3416
3417 if ( $this->isAnon() ) {
3418 // Nothing else to do...
3419 return;
3420 }
3421
3422 // Only update the timestamp if the page is being watched.
3423 // The query to find out if it is watched is cached both in memcached and per-invocation,
3424 // and when it does have to be executed, it can be on a slave
3425 // If this is the user's newtalk page, we always update the timestamp
3426 $force = '';
3427 if ( $title->getNamespace() == NS_USER_TALK && $title->getText() == $this->getName() ) {
3428 $force = 'force';
3429 }
3430
3431 $this->getWatchedItem( $title )->resetNotificationTimestamp(
3432 $force, $oldid, WatchedItem::DEFERRED
3433 );
3434 }
3435
3436 /**
3437 * Resets all of the given user's page-change notification timestamps.
3438 * If e-notif e-mails are on, they will receive notification mails on
3439 * the next change of any watched page.
3440 * @note If the user doesn't have 'editmywatchlist', this will do nothing.
3441 */
3442 public function clearAllNotifications() {
3443 if ( wfReadOnly() ) {
3444 return;
3445 }
3446
3447 // Do nothing if not allowed to edit the watchlist
3448 if ( !$this->isAllowed( 'editmywatchlist' ) ) {
3449 return;
3450 }
3451
3452 global $wgUseEnotif, $wgShowUpdatedMarker;
3453 if ( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
3454 $this->setNewtalk( false );
3455 return;
3456 }
3457 $id = $this->getId();
3458 if ( $id != 0 ) {
3459 $dbw = wfGetDB( DB_MASTER );
3460 $dbw->update( 'watchlist',
3461 array( /* SET */ 'wl_notificationtimestamp' => null ),
3462 array( /* WHERE */ 'wl_user' => $id, 'wl_notificationtimestamp IS NOT NULL' ),
3463 __METHOD__
3464 );
3465 // We also need to clear here the "you have new message" notification for the own user_talk page;
3466 // it's cleared one page view later in WikiPage::doViewUpdates().
3467 }
3468 }
3469
3470 /**
3471 * Set a cookie on the user's client. Wrapper for
3472 * WebResponse::setCookie
3473 * @param string $name Name of the cookie to set
3474 * @param string $value Value to set
3475 * @param int $exp Expiration time, as a UNIX time value;
3476 * if 0 or not specified, use the default $wgCookieExpiration
3477 * @param bool $secure
3478 * true: Force setting the secure attribute when setting the cookie
3479 * false: Force NOT setting the secure attribute when setting the cookie
3480 * null (default): Use the default ($wgCookieSecure) to set the secure attribute
3481 * @param array $params Array of options sent passed to WebResponse::setcookie()
3482 * @param WebRequest|null $request WebRequest object to use; $wgRequest will be used if null
3483 * is passed.
3484 */
3485 protected function setCookie(
3486 $name, $value, $exp = 0, $secure = null, $params = array(), $request = null
3487 ) {
3488 if ( $request === null ) {
3489 $request = $this->getRequest();
3490 }
3491 $params['secure'] = $secure;
3492 $request->response()->setcookie( $name, $value, $exp, $params );
3493 }
3494
3495 /**
3496 * Clear a cookie on the user's client
3497 * @param string $name Name of the cookie to clear
3498 * @param bool $secure
3499 * true: Force setting the secure attribute when setting the cookie
3500 * false: Force NOT setting the secure attribute when setting the cookie
3501 * null (default): Use the default ($wgCookieSecure) to set the secure attribute
3502 * @param array $params Array of options sent passed to WebResponse::setcookie()
3503 */
3504 protected function clearCookie( $name, $secure = null, $params = array() ) {
3505 $this->setCookie( $name, '', time() - 86400, $secure, $params );
3506 }
3507
3508 /**
3509 * Set an extended login cookie on the user's client. The expiry of the cookie
3510 * is controlled by the $wgExtendedLoginCookieExpiration configuration
3511 * variable.
3512 *
3513 * @see User::setCookie
3514 *
3515 * @param string $name Name of the cookie to set
3516 * @param string $value Value to set
3517 * @param bool $secure
3518 * true: Force setting the secure attribute when setting the cookie
3519 * false: Force NOT setting the secure attribute when setting the cookie
3520 * null (default): Use the default ($wgCookieSecure) to set the secure attribute
3521 */
3522 protected function setExtendedLoginCookie( $name, $value, $secure ) {
3523 global $wgExtendedLoginCookieExpiration, $wgCookieExpiration;
3524
3525 $exp = time();
3526 $exp += $wgExtendedLoginCookieExpiration !== null
3527 ? $wgExtendedLoginCookieExpiration
3528 : $wgCookieExpiration;
3529
3530 $this->setCookie( $name, $value, $exp, $secure );
3531 }
3532
3533 /**
3534 * Set the default cookies for this session on the user's client.
3535 *
3536 * @param WebRequest|null $request WebRequest object to use; $wgRequest will be used if null
3537 * is passed.
3538 * @param bool $secure Whether to force secure/insecure cookies or use default
3539 * @param bool $rememberMe Whether to add a Token cookie for elongated sessions
3540 */
3541 public function setCookies( $request = null, $secure = null, $rememberMe = false ) {
3542 global $wgExtendedLoginCookies;
3543
3544 if ( $request === null ) {
3545 $request = $this->getRequest();
3546 }
3547
3548 $this->load();
3549 if ( 0 == $this->mId ) {
3550 return;
3551 }
3552 if ( !$this->mToken ) {
3553 // When token is empty or NULL generate a new one and then save it to the database
3554 // This allows a wiki to re-secure itself after a leak of it's user table or $wgSecretKey
3555 // Simply by setting every cell in the user_token column to NULL and letting them be
3556 // regenerated as users log back into the wiki.
3557 $this->setToken();
3558 if ( !wfReadOnly() ) {
3559 $this->saveSettings();
3560 }
3561 }
3562 $session = array(
3563 'wsUserID' => $this->mId,
3564 'wsToken' => $this->mToken,
3565 'wsUserName' => $this->getName()
3566 );
3567 $cookies = array(
3568 'UserID' => $this->mId,
3569 'UserName' => $this->getName(),
3570 );
3571 if ( $rememberMe ) {
3572 $cookies['Token'] = $this->mToken;
3573 } else {
3574 $cookies['Token'] = false;
3575 }
3576
3577 Hooks::run( 'UserSetCookies', array( $this, &$session, &$cookies ) );
3578
3579 foreach ( $session as $name => $value ) {
3580 $request->setSessionData( $name, $value );
3581 }
3582 foreach ( $cookies as $name => $value ) {
3583 if ( $value === false ) {
3584 $this->clearCookie( $name );
3585 } elseif ( $rememberMe && in_array( $name, $wgExtendedLoginCookies ) ) {
3586 $this->setExtendedLoginCookie( $name, $value, $secure );
3587 } else {
3588 $this->setCookie( $name, $value, 0, $secure, array(), $request );
3589 }
3590 }
3591
3592 /**
3593 * If wpStickHTTPS was selected, also set an insecure cookie that
3594 * will cause the site to redirect the user to HTTPS, if they access
3595 * it over HTTP. Bug 29898. Use an un-prefixed cookie, so it's the same
3596 * as the one set by centralauth (bug 53538). Also set it to session, or
3597 * standard time setting, based on if rememberme was set.
3598 */
3599 if ( $request->getCheck( 'wpStickHTTPS' ) || $this->requiresHTTPS() ) {
3600 $this->setCookie(
3601 'forceHTTPS',
3602 'true',
3603 $rememberMe ? 0 : null,
3604 false,
3605 array( 'prefix' => '' ) // no prefix
3606 );
3607 }
3608 }
3609
3610 /**
3611 * Log this user out.
3612 */
3613 public function logout() {
3614 if ( Hooks::run( 'UserLogout', array( &$this ) ) ) {
3615 $this->doLogout();
3616 }
3617 }
3618
3619 /**
3620 * Clear the user's cookies and session, and reset the instance cache.
3621 * @see logout()
3622 */
3623 public function doLogout() {
3624 $this->clearInstanceCache( 'defaults' );
3625
3626 $this->getRequest()->setSessionData( 'wsUserID', 0 );
3627
3628 $this->clearCookie( 'UserID' );
3629 $this->clearCookie( 'Token' );
3630 $this->clearCookie( 'forceHTTPS', false, array( 'prefix' => '' ) );
3631
3632 // Remember when user logged out, to prevent seeing cached pages
3633 $this->setCookie( 'LoggedOut', time(), time() + 86400 );
3634 }
3635
3636 /**
3637 * Save this user's settings into the database.
3638 * @todo Only rarely do all these fields need to be set!
3639 */
3640 public function saveSettings() {
3641 global $wgAuth;
3642
3643 if ( wfReadOnly() ) {
3644 // @TODO: caller should deal with this instead!
3645 // This should really just be an exception.
3646 MWExceptionHandler::logException( new DBExpectedError(
3647 null,
3648 "Could not update user with ID '{$this->mId}'; DB is read-only."
3649 ) );
3650 return;
3651 }
3652
3653 $this->load();
3654 $this->loadPasswords();
3655 if ( 0 == $this->mId ) {
3656 return; // anon
3657 }
3658
3659 // Get a new user_touched that is higher than the old one.
3660 // This will be used for a CAS check as a last-resort safety
3661 // check against race conditions and slave lag.
3662 $oldTouched = $this->mTouched;
3663 $newTouched = $this->newTouchedTimestamp();
3664
3665 if ( !$wgAuth->allowSetLocalPassword() ) {
3666 $this->mPassword = self::getPasswordFactory()->newFromCiphertext( null );
3667 }
3668
3669 $dbw = wfGetDB( DB_MASTER );
3670 $dbw->update( 'user',
3671 array( /* SET */
3672 'user_name' => $this->mName,
3673 'user_password' => $this->mPassword->toString(),
3674 'user_newpassword' => $this->mNewpassword->toString(),
3675 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
3676 'user_real_name' => $this->mRealName,
3677 'user_email' => $this->mEmail,
3678 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
3679 'user_touched' => $dbw->timestamp( $newTouched ),
3680 'user_token' => strval( $this->mToken ),
3681 'user_email_token' => $this->mEmailToken,
3682 'user_email_token_expires' => $dbw->timestampOrNull( $this->mEmailTokenExpires ),
3683 'user_password_expires' => $dbw->timestampOrNull( $this->mPasswordExpires ),
3684 ), array( /* WHERE */
3685 'user_id' => $this->mId,
3686 'user_touched' => $dbw->timestamp( $oldTouched ) // CAS check
3687 ), __METHOD__
3688 );
3689
3690 if ( !$dbw->affectedRows() ) {
3691 // Maybe the problem was a missed cache update; clear it to be safe
3692 $this->clearSharedCache();
3693 // User was changed in the meantime or loaded with stale data
3694 $from = ( $this->queryFlagsUsed & self::READ_LATEST ) ? 'master' : 'slave';
3695 throw new MWException(
3696 "CAS update failed on user_touched for user ID '{$this->mId}' (read from $from);" .
3697 " the version of the user to be saved is older than the current version."
3698 );
3699 }
3700
3701 $this->mTouched = $newTouched;
3702 $this->saveOptions();
3703
3704 Hooks::run( 'UserSaveSettings', array( $this ) );
3705 $this->clearSharedCache();
3706 $this->getUserPage()->invalidateCache();
3707
3708 // T95839: clear the cache again post-commit to reduce race conditions
3709 // where stale values are written back to the cache by other threads.
3710 // Note: this *still* doesn't deal with REPEATABLE-READ snapshot lag...
3711 $that = $this;
3712 $dbw->onTransactionIdle( function() use ( $that ) {
3713 $that->clearSharedCache();
3714 } );
3715 }
3716
3717 /**
3718 * If only this user's username is known, and it exists, return the user ID.
3719 *
3720 * @param int $flags Bitfield of User:READ_* constants; useful for existence checks
3721 * @return int
3722 */
3723 public function idForName( $flags = 0 ) {
3724 $s = trim( $this->getName() );
3725 if ( $s === '' ) {
3726 return 0;
3727 }
3728
3729 $db = ( ( $flags & self::READ_LATEST ) == self::READ_LATEST )
3730 ? wfGetDB( DB_MASTER )
3731 : wfGetDB( DB_SLAVE );
3732
3733 $options = ( ( $flags & self::READ_LOCKING ) == self::READ_LOCKING )
3734 ? array( 'LOCK IN SHARE MODE' )
3735 : array();
3736
3737 $id = $db->selectField( 'user',
3738 'user_id', array( 'user_name' => $s ), __METHOD__, $options );
3739
3740 return (int)$id;
3741 }
3742
3743 /**
3744 * Add a user to the database, return the user object
3745 *
3746 * @param string $name Username to add
3747 * @param array $params Array of Strings Non-default parameters to save to
3748 * the database as user_* fields:
3749 * - password: The user's password hash. Password logins will be disabled
3750 * if this is omitted.
3751 * - newpassword: Hash for a temporary password that has been mailed to
3752 * the user.
3753 * - email: The user's email address.
3754 * - email_authenticated: The email authentication timestamp.
3755 * - real_name: The user's real name.
3756 * - options: An associative array of non-default options.
3757 * - token: Random authentication token. Do not set.
3758 * - registration: Registration timestamp. Do not set.
3759 *
3760 * @return User|null User object, or null if the username already exists.
3761 */
3762 public static function createNew( $name, $params = array() ) {
3763 $user = new User;
3764 $user->load();
3765 $user->loadPasswords();
3766 $user->setToken(); // init token
3767 if ( isset( $params['options'] ) ) {
3768 $user->mOptions = $params['options'] + (array)$user->mOptions;
3769 unset( $params['options'] );
3770 }
3771 $dbw = wfGetDB( DB_MASTER );
3772 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
3773
3774 $fields = array(
3775 'user_id' => $seqVal,
3776 'user_name' => $name,
3777 'user_password' => $user->mPassword->toString(),
3778 'user_newpassword' => $user->mNewpassword->toString(),
3779 'user_newpass_time' => $dbw->timestampOrNull( $user->mNewpassTime ),
3780 'user_email' => $user->mEmail,
3781 'user_email_authenticated' => $dbw->timestampOrNull( $user->mEmailAuthenticated ),
3782 'user_real_name' => $user->mRealName,
3783 'user_token' => strval( $user->mToken ),
3784 'user_registration' => $dbw->timestamp( $user->mRegistration ),
3785 'user_editcount' => 0,
3786 'user_touched' => $dbw->timestamp( $user->newTouchedTimestamp() ),
3787 );
3788 foreach ( $params as $name => $value ) {
3789 $fields["user_$name"] = $value;
3790 }
3791 $dbw->insert( 'user', $fields, __METHOD__, array( 'IGNORE' ) );
3792 if ( $dbw->affectedRows() ) {
3793 $newUser = User::newFromId( $dbw->insertId() );
3794 } else {
3795 $newUser = null;
3796 }
3797 return $newUser;
3798 }
3799
3800 /**
3801 * Add this existing user object to the database. If the user already
3802 * exists, a fatal status object is returned, and the user object is
3803 * initialised with the data from the database.
3804 *
3805 * Previously, this function generated a DB error due to a key conflict
3806 * if the user already existed. Many extension callers use this function
3807 * in code along the lines of:
3808 *
3809 * $user = User::newFromName( $name );
3810 * if ( !$user->isLoggedIn() ) {
3811 * $user->addToDatabase();
3812 * }
3813 * // do something with $user...
3814 *
3815 * However, this was vulnerable to a race condition (bug 16020). By
3816 * initialising the user object if the user exists, we aim to support this
3817 * calling sequence as far as possible.
3818 *
3819 * Note that if the user exists, this function will acquire a write lock,
3820 * so it is still advisable to make the call conditional on isLoggedIn(),
3821 * and to commit the transaction after calling.
3822 *
3823 * @throws MWException
3824 * @return Status
3825 */
3826 public function addToDatabase() {
3827 $this->load();
3828 $this->loadPasswords();
3829 if ( !$this->mToken ) {
3830 $this->setToken(); // init token
3831 }
3832
3833 $this->mTouched = $this->newTouchedTimestamp();
3834
3835 $dbw = wfGetDB( DB_MASTER );
3836 $inWrite = $dbw->writesOrCallbacksPending();
3837 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
3838 $dbw->insert( 'user',
3839 array(
3840 'user_id' => $seqVal,
3841 'user_name' => $this->mName,
3842 'user_password' => $this->mPassword->toString(),
3843 'user_newpassword' => $this->mNewpassword->toString(),
3844 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
3845 'user_email' => $this->mEmail,
3846 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
3847 'user_real_name' => $this->mRealName,
3848 'user_token' => strval( $this->mToken ),
3849 'user_registration' => $dbw->timestamp( $this->mRegistration ),
3850 'user_editcount' => 0,
3851 'user_touched' => $dbw->timestamp( $this->mTouched ),
3852 ), __METHOD__,
3853 array( 'IGNORE' )
3854 );
3855 if ( !$dbw->affectedRows() ) {
3856 // The queries below cannot happen in the same REPEATABLE-READ snapshot.
3857 // Handle this by COMMIT, if possible, or by LOCK IN SHARE MODE otherwise.
3858 if ( $inWrite ) {
3859 // Can't commit due to pending writes that may need atomicity.
3860 // This may cause some lock contention unlike the case below.
3861 $options = array( 'LOCK IN SHARE MODE' );
3862 $flags = self::READ_LOCKING;
3863 } else {
3864 // Often, this case happens early in views before any writes when
3865 // using CentralAuth. It's should be OK to commit and break the snapshot.
3866 $dbw->commit( __METHOD__, 'flush' );
3867 $options = array();
3868 $flags = self::READ_LATEST;
3869 }
3870 $this->mId = $dbw->selectField( 'user', 'user_id',
3871 array( 'user_name' => $this->mName ), __METHOD__, $options );
3872 $loaded = false;
3873 if ( $this->mId ) {
3874 if ( $this->loadFromDatabase( $flags ) ) {
3875 $loaded = true;
3876 }
3877 }
3878 if ( !$loaded ) {
3879 throw new MWException( __METHOD__ . ": hit a key conflict attempting " .
3880 "to insert user '{$this->mName}' row, but it was not present in select!" );
3881 }
3882 return Status::newFatal( 'userexists' );
3883 }
3884 $this->mId = $dbw->insertId();
3885
3886 // Clear instance cache other than user table data, which is already accurate
3887 $this->clearInstanceCache();
3888
3889 $this->saveOptions();
3890 return Status::newGood();
3891 }
3892
3893 /**
3894 * If this user is logged-in and blocked,
3895 * block any IP address they've successfully logged in from.
3896 * @return bool A block was spread
3897 */
3898 public function spreadAnyEditBlock() {
3899 if ( $this->isLoggedIn() && $this->isBlocked() ) {
3900 return $this->spreadBlock();
3901 }
3902 return false;
3903 }
3904
3905 /**
3906 * If this (non-anonymous) user is blocked,
3907 * block the IP address they've successfully logged in from.
3908 * @return bool A block was spread
3909 */
3910 protected function spreadBlock() {
3911 wfDebug( __METHOD__ . "()\n" );
3912 $this->load();
3913 if ( $this->mId == 0 ) {
3914 return false;
3915 }
3916
3917 $userblock = Block::newFromTarget( $this->getName() );
3918 if ( !$userblock ) {
3919 return false;
3920 }
3921
3922 return (bool)$userblock->doAutoblock( $this->getRequest()->getIP() );
3923 }
3924
3925 /**
3926 * Get whether the user is explicitly blocked from account creation.
3927 * @return bool|Block
3928 */
3929 public function isBlockedFromCreateAccount() {
3930 $this->getBlockedStatus();
3931 if ( $this->mBlock && $this->mBlock->prevents( 'createaccount' ) ) {
3932 return $this->mBlock;
3933 }
3934
3935 # bug 13611: if the IP address the user is trying to create an account from is
3936 # blocked with createaccount disabled, prevent new account creation there even
3937 # when the user is logged in
3938 if ( $this->mBlockedFromCreateAccount === false && !$this->isAllowed( 'ipblock-exempt' ) ) {
3939 $this->mBlockedFromCreateAccount = Block::newFromTarget( null, $this->getRequest()->getIP() );
3940 }
3941 return $this->mBlockedFromCreateAccount instanceof Block
3942 && $this->mBlockedFromCreateAccount->prevents( 'createaccount' )
3943 ? $this->mBlockedFromCreateAccount
3944 : false;
3945 }
3946
3947 /**
3948 * Get whether the user is blocked from using Special:Emailuser.
3949 * @return bool
3950 */
3951 public function isBlockedFromEmailuser() {
3952 $this->getBlockedStatus();
3953 return $this->mBlock && $this->mBlock->prevents( 'sendemail' );
3954 }
3955
3956 /**
3957 * Get whether the user is allowed to create an account.
3958 * @return bool
3959 */
3960 public function isAllowedToCreateAccount() {
3961 return $this->isAllowed( 'createaccount' ) && !$this->isBlockedFromCreateAccount();
3962 }
3963
3964 /**
3965 * Get this user's personal page title.
3966 *
3967 * @return Title User's personal page title
3968 */
3969 public function getUserPage() {
3970 return Title::makeTitle( NS_USER, $this->getName() );
3971 }
3972
3973 /**
3974 * Get this user's talk page title.
3975 *
3976 * @return Title User's talk page title
3977 */
3978 public function getTalkPage() {
3979 $title = $this->getUserPage();
3980 return $title->getTalkPage();
3981 }
3982
3983 /**
3984 * Determine whether the user is a newbie. Newbies are either
3985 * anonymous IPs, or the most recently created accounts.
3986 * @return bool
3987 */
3988 public function isNewbie() {
3989 return !$this->isAllowed( 'autoconfirmed' );
3990 }
3991
3992 /**
3993 * Check to see if the given clear-text password is one of the accepted passwords
3994 * @param string $password User password
3995 * @return bool True if the given password is correct, otherwise False
3996 */
3997 public function checkPassword( $password ) {
3998 global $wgAuth, $wgLegacyEncoding;
3999
4000 $this->loadPasswords();
4001
4002 // Some passwords will give a fatal Status, which means there is
4003 // some sort of technical or security reason for this password to
4004 // be completely invalid and should never be checked (e.g., T64685)
4005 if ( !$this->checkPasswordValidity( $password )->isOK() ) {
4006 return false;
4007 }
4008
4009 // Certain authentication plugins do NOT want to save
4010 // domain passwords in a mysql database, so we should
4011 // check this (in case $wgAuth->strict() is false).
4012 if ( $wgAuth->authenticate( $this->getName(), $password ) ) {
4013 return true;
4014 } elseif ( $wgAuth->strict() ) {
4015 // Auth plugin doesn't allow local authentication
4016 return false;
4017 } elseif ( $wgAuth->strictUserAuth( $this->getName() ) ) {
4018 // Auth plugin doesn't allow local authentication for this user name
4019 return false;
4020 }
4021
4022 if ( !$this->mPassword->equals( $password ) ) {
4023 if ( $wgLegacyEncoding ) {
4024 // Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted
4025 // Check for this with iconv
4026 $cp1252Password = iconv( 'UTF-8', 'WINDOWS-1252//TRANSLIT', $password );
4027 if ( $cp1252Password === $password || !$this->mPassword->equals( $cp1252Password ) ) {
4028 return false;
4029 }
4030 } else {
4031 return false;
4032 }
4033 }
4034
4035 $passwordFactory = self::getPasswordFactory();
4036 if ( $passwordFactory->needsUpdate( $this->mPassword ) && !wfReadOnly() ) {
4037 $this->mPassword = $passwordFactory->newFromPlaintext( $password );
4038 $this->saveSettings();
4039 }
4040
4041 return true;
4042 }
4043
4044 /**
4045 * Check if the given clear-text password matches the temporary password
4046 * sent by e-mail for password reset operations.
4047 *
4048 * @param string $plaintext
4049 *
4050 * @return bool True if matches, false otherwise
4051 */
4052 public function checkTemporaryPassword( $plaintext ) {
4053 global $wgNewPasswordExpiry;
4054
4055 $this->load();
4056 $this->loadPasswords();
4057 if ( $this->mNewpassword->equals( $plaintext ) ) {
4058 if ( is_null( $this->mNewpassTime ) ) {
4059 return true;
4060 }
4061 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry;
4062 return ( time() < $expiry );
4063 } else {
4064 return false;
4065 }
4066 }
4067
4068 /**
4069 * Alias for getEditToken.
4070 * @deprecated since 1.19, use getEditToken instead.
4071 *
4072 * @param string|array $salt Array of Strings Optional function-specific data for hashing
4073 * @param WebRequest|null $request WebRequest object to use or null to use $wgRequest
4074 * @return string The new edit token
4075 */
4076 public function editToken( $salt = '', $request = null ) {
4077 wfDeprecated( __METHOD__, '1.19' );
4078 return $this->getEditToken( $salt, $request );
4079 }
4080
4081 /**
4082 * Internal implementation for self::getEditToken() and
4083 * self::matchEditToken().
4084 *
4085 * @param string|array $salt
4086 * @param WebRequest $request
4087 * @param string|int $timestamp
4088 * @return string
4089 */
4090 private function getEditTokenAtTimestamp( $salt, $request, $timestamp ) {
4091 if ( $this->isAnon() ) {
4092 return self::EDIT_TOKEN_SUFFIX;
4093 } else {
4094 $token = $request->getSessionData( 'wsEditToken' );
4095 if ( $token === null ) {
4096 $token = MWCryptRand::generateHex( 32 );
4097 $request->setSessionData( 'wsEditToken', $token );
4098 }
4099 if ( is_array( $salt ) ) {
4100 $salt = implode( '|', $salt );
4101 }
4102 return hash_hmac( 'md5', $timestamp . $salt, $token, false ) .
4103 dechex( $timestamp ) .
4104 self::EDIT_TOKEN_SUFFIX;
4105 }
4106 }
4107
4108 /**
4109 * Initialize (if necessary) and return a session token value
4110 * which can be used in edit forms to show that the user's
4111 * login credentials aren't being hijacked with a foreign form
4112 * submission.
4113 *
4114 * @since 1.19
4115 *
4116 * @param string|array $salt Array of Strings Optional function-specific data for hashing
4117 * @param WebRequest|null $request WebRequest object to use or null to use $wgRequest
4118 * @return string The new edit token
4119 */
4120 public function getEditToken( $salt = '', $request = null ) {
4121 return $this->getEditTokenAtTimestamp(
4122 $salt, $request ?: $this->getRequest(), wfTimestamp()
4123 );
4124 }
4125
4126 /**
4127 * Generate a looking random token for various uses.
4128 *
4129 * @return string The new random token
4130 * @deprecated since 1.20: Use MWCryptRand for secure purposes or
4131 * wfRandomString for pseudo-randomness.
4132 */
4133 public static function generateToken() {
4134 return MWCryptRand::generateHex( 32 );
4135 }
4136
4137 /**
4138 * Get the embedded timestamp from a token.
4139 * @param string $val Input token
4140 * @return int|null
4141 */
4142 public static function getEditTokenTimestamp( $val ) {
4143 $suffixLen = strlen( self::EDIT_TOKEN_SUFFIX );
4144 if ( strlen( $val ) <= 32 + $suffixLen ) {
4145 return null;
4146 }
4147
4148 return hexdec( substr( $val, 32, -$suffixLen ) );
4149 }
4150
4151 /**
4152 * Check given value against the token value stored in the session.
4153 * A match should confirm that the form was submitted from the
4154 * user's own login session, not a form submission from a third-party
4155 * site.
4156 *
4157 * @param string $val Input value to compare
4158 * @param string $salt Optional function-specific data for hashing
4159 * @param WebRequest|null $request Object to use or null to use $wgRequest
4160 * @param int $maxage Fail tokens older than this, in seconds
4161 * @return bool Whether the token matches
4162 */
4163 public function matchEditToken( $val, $salt = '', $request = null, $maxage = null ) {
4164 if ( $this->isAnon() ) {
4165 return $val === self::EDIT_TOKEN_SUFFIX;
4166 }
4167
4168 $timestamp = self::getEditTokenTimestamp( $val );
4169 if ( $timestamp === null ) {
4170 return false;
4171 }
4172 if ( $maxage !== null && $timestamp < wfTimestamp() - $maxage ) {
4173 // Expired token
4174 return false;
4175 }
4176
4177 $sessionToken = $this->getEditTokenAtTimestamp(
4178 $salt, $request ?: $this->getRequest(), $timestamp
4179 );
4180
4181 if ( $val != $sessionToken ) {
4182 wfDebug( "User::matchEditToken: broken session data\n" );
4183 }
4184
4185 return hash_equals( $sessionToken, $val );
4186 }
4187
4188 /**
4189 * Check given value against the token value stored in the session,
4190 * ignoring the suffix.
4191 *
4192 * @param string $val Input value to compare
4193 * @param string $salt Optional function-specific data for hashing
4194 * @param WebRequest|null $request Object to use or null to use $wgRequest
4195 * @param int $maxage Fail tokens older than this, in seconds
4196 * @return bool Whether the token matches
4197 */
4198 public function matchEditTokenNoSuffix( $val, $salt = '', $request = null, $maxage = null ) {
4199 $val = substr( $val, 0, strspn( $val, '0123456789abcdef' ) ) . self::EDIT_TOKEN_SUFFIX;
4200 return $this->matchEditToken( $val, $salt, $request, $maxage );
4201 }
4202
4203 /**
4204 * Generate a new e-mail confirmation token and send a confirmation/invalidation
4205 * mail to the user's given address.
4206 *
4207 * @param string $type Message to send, either "created", "changed" or "set"
4208 * @return Status
4209 */
4210 public function sendConfirmationMail( $type = 'created' ) {
4211 global $wgLang;
4212 $expiration = null; // gets passed-by-ref and defined in next line.
4213 $token = $this->confirmationToken( $expiration );
4214 $url = $this->confirmationTokenUrl( $token );
4215 $invalidateURL = $this->invalidationTokenUrl( $token );
4216 $this->saveSettings();
4217
4218 if ( $type == 'created' || $type === false ) {
4219 $message = 'confirmemail_body';
4220 } elseif ( $type === true ) {
4221 $message = 'confirmemail_body_changed';
4222 } else {
4223 // Messages: confirmemail_body_changed, confirmemail_body_set
4224 $message = 'confirmemail_body_' . $type;
4225 }
4226
4227 return $this->sendMail( wfMessage( 'confirmemail_subject' )->text(),
4228 wfMessage( $message,
4229 $this->getRequest()->getIP(),
4230 $this->getName(),
4231 $url,
4232 $wgLang->timeanddate( $expiration, false ),
4233 $invalidateURL,
4234 $wgLang->date( $expiration, false ),
4235 $wgLang->time( $expiration, false ) )->text() );
4236 }
4237
4238 /**
4239 * Send an e-mail to this user's account. Does not check for
4240 * confirmed status or validity.
4241 *
4242 * @param string $subject Message subject
4243 * @param string $body Message body
4244 * @param User|null $from Optional sending user; if unspecified, default
4245 * $wgPasswordSender will be used.
4246 * @param string $replyto Reply-To address
4247 * @return Status
4248 */
4249 public function sendMail( $subject, $body, $from = null, $replyto = null ) {
4250 global $wgPasswordSender;
4251
4252 if ( $from instanceof User ) {
4253 $sender = MailAddress::newFromUser( $from );
4254 } else {
4255 $sender = new MailAddress( $wgPasswordSender,
4256 wfMessage( 'emailsender' )->inContentLanguage()->text() );
4257 }
4258 $to = MailAddress::newFromUser( $this );
4259
4260 return UserMailer::send( $to, $sender, $subject, $body, array(
4261 'replyTo' => $replyto,
4262 ) );
4263 }
4264
4265 /**
4266 * Generate, store, and return a new e-mail confirmation code.
4267 * A hash (unsalted, since it's used as a key) is stored.
4268 *
4269 * @note Call saveSettings() after calling this function to commit
4270 * this change to the database.
4271 *
4272 * @param string &$expiration Accepts the expiration time
4273 * @return string New token
4274 */
4275 protected function confirmationToken( &$expiration ) {
4276 global $wgUserEmailConfirmationTokenExpiry;
4277 $now = time();
4278 $expires = $now + $wgUserEmailConfirmationTokenExpiry;
4279 $expiration = wfTimestamp( TS_MW, $expires );
4280 $this->load();
4281 $token = MWCryptRand::generateHex( 32 );
4282 $hash = md5( $token );
4283 $this->mEmailToken = $hash;
4284 $this->mEmailTokenExpires = $expiration;
4285 return $token;
4286 }
4287
4288 /**
4289 * Return a URL the user can use to confirm their email address.
4290 * @param string $token Accepts the email confirmation token
4291 * @return string New token URL
4292 */
4293 protected function confirmationTokenUrl( $token ) {
4294 return $this->getTokenUrl( 'ConfirmEmail', $token );
4295 }
4296
4297 /**
4298 * Return a URL the user can use to invalidate their email address.
4299 * @param string $token Accepts the email confirmation token
4300 * @return string New token URL
4301 */
4302 protected function invalidationTokenUrl( $token ) {
4303 return $this->getTokenUrl( 'InvalidateEmail', $token );
4304 }
4305
4306 /**
4307 * Internal function to format the e-mail validation/invalidation URLs.
4308 * This uses a quickie hack to use the
4309 * hardcoded English names of the Special: pages, for ASCII safety.
4310 *
4311 * @note Since these URLs get dropped directly into emails, using the
4312 * short English names avoids insanely long URL-encoded links, which
4313 * also sometimes can get corrupted in some browsers/mailers
4314 * (bug 6957 with Gmail and Internet Explorer).
4315 *
4316 * @param string $page Special page
4317 * @param string $token Token
4318 * @return string Formatted URL
4319 */
4320 protected function getTokenUrl( $page, $token ) {
4321 // Hack to bypass localization of 'Special:'
4322 $title = Title::makeTitle( NS_MAIN, "Special:$page/$token" );
4323 return $title->getCanonicalURL();
4324 }
4325
4326 /**
4327 * Mark the e-mail address confirmed.
4328 *
4329 * @note Call saveSettings() after calling this function to commit the change.
4330 *
4331 * @return bool
4332 */
4333 public function confirmEmail() {
4334 // Check if it's already confirmed, so we don't touch the database
4335 // and fire the ConfirmEmailComplete hook on redundant confirmations.
4336 if ( !$this->isEmailConfirmed() ) {
4337 $this->setEmailAuthenticationTimestamp( wfTimestampNow() );
4338 Hooks::run( 'ConfirmEmailComplete', array( $this ) );
4339 }
4340 return true;
4341 }
4342
4343 /**
4344 * Invalidate the user's e-mail confirmation, and unauthenticate the e-mail
4345 * address if it was already confirmed.
4346 *
4347 * @note Call saveSettings() after calling this function to commit the change.
4348 * @return bool Returns true
4349 */
4350 public function invalidateEmail() {
4351 $this->load();
4352 $this->mEmailToken = null;
4353 $this->mEmailTokenExpires = null;
4354 $this->setEmailAuthenticationTimestamp( null );
4355 $this->mEmail = '';
4356 Hooks::run( 'InvalidateEmailComplete', array( $this ) );
4357 return true;
4358 }
4359
4360 /**
4361 * Set the e-mail authentication timestamp.
4362 * @param string $timestamp TS_MW timestamp
4363 */
4364 public function setEmailAuthenticationTimestamp( $timestamp ) {
4365 $this->load();
4366 $this->mEmailAuthenticated = $timestamp;
4367 Hooks::run( 'UserSetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
4368 }
4369
4370 /**
4371 * Is this user allowed to send e-mails within limits of current
4372 * site configuration?
4373 * @return bool
4374 */
4375 public function canSendEmail() {
4376 global $wgEnableEmail, $wgEnableUserEmail;
4377 if ( !$wgEnableEmail || !$wgEnableUserEmail || !$this->isAllowed( 'sendemail' ) ) {
4378 return false;
4379 }
4380 $canSend = $this->isEmailConfirmed();
4381 Hooks::run( 'UserCanSendEmail', array( &$this, &$canSend ) );
4382 return $canSend;
4383 }
4384
4385 /**
4386 * Is this user allowed to receive e-mails within limits of current
4387 * site configuration?
4388 * @return bool
4389 */
4390 public function canReceiveEmail() {
4391 return $this->isEmailConfirmed() && !$this->getOption( 'disablemail' );
4392 }
4393
4394 /**
4395 * Is this user's e-mail address valid-looking and confirmed within
4396 * limits of the current site configuration?
4397 *
4398 * @note If $wgEmailAuthentication is on, this may require the user to have
4399 * confirmed their address by returning a code or using a password
4400 * sent to the address from the wiki.
4401 *
4402 * @return bool
4403 */
4404 public function isEmailConfirmed() {
4405 global $wgEmailAuthentication;
4406 $this->load();
4407 $confirmed = true;
4408 if ( Hooks::run( 'EmailConfirmed', array( &$this, &$confirmed ) ) ) {
4409 if ( $this->isAnon() ) {
4410 return false;
4411 }
4412 if ( !Sanitizer::validateEmail( $this->mEmail ) ) {
4413 return false;
4414 }
4415 if ( $wgEmailAuthentication && !$this->getEmailAuthenticationTimestamp() ) {
4416 return false;
4417 }
4418 return true;
4419 } else {
4420 return $confirmed;
4421 }
4422 }
4423
4424 /**
4425 * Check whether there is an outstanding request for e-mail confirmation.
4426 * @return bool
4427 */
4428 public function isEmailConfirmationPending() {
4429 global $wgEmailAuthentication;
4430 return $wgEmailAuthentication &&
4431 !$this->isEmailConfirmed() &&
4432 $this->mEmailToken &&
4433 $this->mEmailTokenExpires > wfTimestamp();
4434 }
4435
4436 /**
4437 * Get the timestamp of account creation.
4438 *
4439 * @return string|bool|null Timestamp of account creation, false for
4440 * non-existent/anonymous user accounts, or null if existing account
4441 * but information is not in database.
4442 */
4443 public function getRegistration() {
4444 if ( $this->isAnon() ) {
4445 return false;
4446 }
4447 $this->load();
4448 return $this->mRegistration;
4449 }
4450
4451 /**
4452 * Get the timestamp of the first edit
4453 *
4454 * @return string|bool Timestamp of first edit, or false for
4455 * non-existent/anonymous user accounts.
4456 */
4457 public function getFirstEditTimestamp() {
4458 if ( $this->getId() == 0 ) {
4459 return false; // anons
4460 }
4461 $dbr = wfGetDB( DB_SLAVE );
4462 $time = $dbr->selectField( 'revision', 'rev_timestamp',
4463 array( 'rev_user' => $this->getId() ),
4464 __METHOD__,
4465 array( 'ORDER BY' => 'rev_timestamp ASC' )
4466 );
4467 if ( !$time ) {
4468 return false; // no edits
4469 }
4470 return wfTimestamp( TS_MW, $time );
4471 }
4472
4473 /**
4474 * Get the permissions associated with a given list of groups
4475 *
4476 * @param array $groups Array of Strings List of internal group names
4477 * @return array Array of Strings List of permission key names for given groups combined
4478 */
4479 public static function getGroupPermissions( $groups ) {
4480 global $wgGroupPermissions, $wgRevokePermissions;
4481 $rights = array();
4482 // grant every granted permission first
4483 foreach ( $groups as $group ) {
4484 if ( isset( $wgGroupPermissions[$group] ) ) {
4485 $rights = array_merge( $rights,
4486 // array_filter removes empty items
4487 array_keys( array_filter( $wgGroupPermissions[$group] ) ) );
4488 }
4489 }
4490 // now revoke the revoked permissions
4491 foreach ( $groups as $group ) {
4492 if ( isset( $wgRevokePermissions[$group] ) ) {
4493 $rights = array_diff( $rights,
4494 array_keys( array_filter( $wgRevokePermissions[$group] ) ) );
4495 }
4496 }
4497 return array_unique( $rights );
4498 }
4499
4500 /**
4501 * Get all the groups who have a given permission
4502 *
4503 * @param string $role Role to check
4504 * @return array Array of Strings List of internal group names with the given permission
4505 */
4506 public static function getGroupsWithPermission( $role ) {
4507 global $wgGroupPermissions;
4508 $allowedGroups = array();
4509 foreach ( array_keys( $wgGroupPermissions ) as $group ) {
4510 if ( self::groupHasPermission( $group, $role ) ) {
4511 $allowedGroups[] = $group;
4512 }
4513 }
4514 return $allowedGroups;
4515 }
4516
4517 /**
4518 * Check, if the given group has the given permission
4519 *
4520 * If you're wanting to check whether all users have a permission, use
4521 * User::isEveryoneAllowed() instead. That properly checks if it's revoked
4522 * from anyone.
4523 *
4524 * @since 1.21
4525 * @param string $group Group to check
4526 * @param string $role Role to check
4527 * @return bool
4528 */
4529 public static function groupHasPermission( $group, $role ) {
4530 global $wgGroupPermissions, $wgRevokePermissions;
4531 return isset( $wgGroupPermissions[$group][$role] ) && $wgGroupPermissions[$group][$role]
4532 && !( isset( $wgRevokePermissions[$group][$role] ) && $wgRevokePermissions[$group][$role] );
4533 }
4534
4535 /**
4536 * Check if all users have the given permission
4537 *
4538 * @since 1.22
4539 * @param string $right Right to check
4540 * @return bool
4541 */
4542 public static function isEveryoneAllowed( $right ) {
4543 global $wgGroupPermissions, $wgRevokePermissions;
4544 static $cache = array();
4545
4546 // Use the cached results, except in unit tests which rely on
4547 // being able change the permission mid-request
4548 if ( isset( $cache[$right] ) && !defined( 'MW_PHPUNIT_TEST' ) ) {
4549 return $cache[$right];
4550 }
4551
4552 if ( !isset( $wgGroupPermissions['*'][$right] ) || !$wgGroupPermissions['*'][$right] ) {
4553 $cache[$right] = false;
4554 return false;
4555 }
4556
4557 // If it's revoked anywhere, then everyone doesn't have it
4558 foreach ( $wgRevokePermissions as $rights ) {
4559 if ( isset( $rights[$right] ) && $rights[$right] ) {
4560 $cache[$right] = false;
4561 return false;
4562 }
4563 }
4564
4565 // Allow extensions (e.g. OAuth) to say false
4566 if ( !Hooks::run( 'UserIsEveryoneAllowed', array( $right ) ) ) {
4567 $cache[$right] = false;
4568 return false;
4569 }
4570
4571 $cache[$right] = true;
4572 return true;
4573 }
4574
4575 /**
4576 * Get the localized descriptive name for a group, if it exists
4577 *
4578 * @param string $group Internal group name
4579 * @return string Localized descriptive group name
4580 */
4581 public static function getGroupName( $group ) {
4582 $msg = wfMessage( "group-$group" );
4583 return $msg->isBlank() ? $group : $msg->text();
4584 }
4585
4586 /**
4587 * Get the localized descriptive name for a member of a group, if it exists
4588 *
4589 * @param string $group Internal group name
4590 * @param string $username Username for gender (since 1.19)
4591 * @return string Localized name for group member
4592 */
4593 public static function getGroupMember( $group, $username = '#' ) {
4594 $msg = wfMessage( "group-$group-member", $username );
4595 return $msg->isBlank() ? $group : $msg->text();
4596 }
4597
4598 /**
4599 * Return the set of defined explicit groups.
4600 * The implicit groups (by default *, 'user' and 'autoconfirmed')
4601 * are not included, as they are defined automatically, not in the database.
4602 * @return array Array of internal group names
4603 */
4604 public static function getAllGroups() {
4605 global $wgGroupPermissions, $wgRevokePermissions;
4606 return array_diff(
4607 array_merge( array_keys( $wgGroupPermissions ), array_keys( $wgRevokePermissions ) ),
4608 self::getImplicitGroups()
4609 );
4610 }
4611
4612 /**
4613 * Get a list of all available permissions.
4614 * @return string[] Array of permission names
4615 */
4616 public static function getAllRights() {
4617 if ( self::$mAllRights === false ) {
4618 global $wgAvailableRights;
4619 if ( count( $wgAvailableRights ) ) {
4620 self::$mAllRights = array_unique( array_merge( self::$mCoreRights, $wgAvailableRights ) );
4621 } else {
4622 self::$mAllRights = self::$mCoreRights;
4623 }
4624 Hooks::run( 'UserGetAllRights', array( &self::$mAllRights ) );
4625 }
4626 return self::$mAllRights;
4627 }
4628
4629 /**
4630 * Get a list of implicit groups
4631 * @return array Array of Strings Array of internal group names
4632 */
4633 public static function getImplicitGroups() {
4634 global $wgImplicitGroups;
4635
4636 $groups = $wgImplicitGroups;
4637 # Deprecated, use $wgImplicitGroups instead
4638 Hooks::run( 'UserGetImplicitGroups', array( &$groups ), '1.25' );
4639
4640 return $groups;
4641 }
4642
4643 /**
4644 * Get the title of a page describing a particular group
4645 *
4646 * @param string $group Internal group name
4647 * @return Title|bool Title of the page if it exists, false otherwise
4648 */
4649 public static function getGroupPage( $group ) {
4650 $msg = wfMessage( 'grouppage-' . $group )->inContentLanguage();
4651 if ( $msg->exists() ) {
4652 $title = Title::newFromText( $msg->text() );
4653 if ( is_object( $title ) ) {
4654 return $title;
4655 }
4656 }
4657 return false;
4658 }
4659
4660 /**
4661 * Create a link to the group in HTML, if available;
4662 * else return the group name.
4663 *
4664 * @param string $group Internal name of the group
4665 * @param string $text The text of the link
4666 * @return string HTML link to the group
4667 */
4668 public static function makeGroupLinkHTML( $group, $text = '' ) {
4669 if ( $text == '' ) {
4670 $text = self::getGroupName( $group );
4671 }
4672 $title = self::getGroupPage( $group );
4673 if ( $title ) {
4674 return Linker::link( $title, htmlspecialchars( $text ) );
4675 } else {
4676 return htmlspecialchars( $text );
4677 }
4678 }
4679
4680 /**
4681 * Create a link to the group in Wikitext, if available;
4682 * else return the group name.
4683 *
4684 * @param string $group Internal name of the group
4685 * @param string $text The text of the link
4686 * @return string Wikilink to the group
4687 */
4688 public static function makeGroupLinkWiki( $group, $text = '' ) {
4689 if ( $text == '' ) {
4690 $text = self::getGroupName( $group );
4691 }
4692 $title = self::getGroupPage( $group );
4693 if ( $title ) {
4694 $page = $title->getFullText();
4695 return "[[$page|$text]]";
4696 } else {
4697 return $text;
4698 }
4699 }
4700
4701 /**
4702 * Returns an array of the groups that a particular group can add/remove.
4703 *
4704 * @param string $group The group to check for whether it can add/remove
4705 * @return array Array( 'add' => array( addablegroups ),
4706 * 'remove' => array( removablegroups ),
4707 * 'add-self' => array( addablegroups to self),
4708 * 'remove-self' => array( removable groups from self) )
4709 */
4710 public static function changeableByGroup( $group ) {
4711 global $wgAddGroups, $wgRemoveGroups, $wgGroupsAddToSelf, $wgGroupsRemoveFromSelf;
4712
4713 $groups = array(
4714 'add' => array(),
4715 'remove' => array(),
4716 'add-self' => array(),
4717 'remove-self' => array()
4718 );
4719
4720 if ( empty( $wgAddGroups[$group] ) ) {
4721 // Don't add anything to $groups
4722 } elseif ( $wgAddGroups[$group] === true ) {
4723 // You get everything
4724 $groups['add'] = self::getAllGroups();
4725 } elseif ( is_array( $wgAddGroups[$group] ) ) {
4726 $groups['add'] = $wgAddGroups[$group];
4727 }
4728
4729 // Same thing for remove
4730 if ( empty( $wgRemoveGroups[$group] ) ) {
4731 // Do nothing
4732 } elseif ( $wgRemoveGroups[$group] === true ) {
4733 $groups['remove'] = self::getAllGroups();
4734 } elseif ( is_array( $wgRemoveGroups[$group] ) ) {
4735 $groups['remove'] = $wgRemoveGroups[$group];
4736 }
4737
4738 // Re-map numeric keys of AddToSelf/RemoveFromSelf to the 'user' key for backwards compatibility
4739 if ( empty( $wgGroupsAddToSelf['user'] ) || $wgGroupsAddToSelf['user'] !== true ) {
4740 foreach ( $wgGroupsAddToSelf as $key => $value ) {
4741 if ( is_int( $key ) ) {
4742 $wgGroupsAddToSelf['user'][] = $value;
4743 }
4744 }
4745 }
4746
4747 if ( empty( $wgGroupsRemoveFromSelf['user'] ) || $wgGroupsRemoveFromSelf['user'] !== true ) {
4748 foreach ( $wgGroupsRemoveFromSelf as $key => $value ) {
4749 if ( is_int( $key ) ) {
4750 $wgGroupsRemoveFromSelf['user'][] = $value;
4751 }
4752 }
4753 }
4754
4755 // Now figure out what groups the user can add to him/herself
4756 if ( empty( $wgGroupsAddToSelf[$group] ) ) {
4757 // Do nothing
4758 } elseif ( $wgGroupsAddToSelf[$group] === true ) {
4759 // No idea WHY this would be used, but it's there
4760 $groups['add-self'] = User::getAllGroups();
4761 } elseif ( is_array( $wgGroupsAddToSelf[$group] ) ) {
4762 $groups['add-self'] = $wgGroupsAddToSelf[$group];
4763 }
4764
4765 if ( empty( $wgGroupsRemoveFromSelf[$group] ) ) {
4766 // Do nothing
4767 } elseif ( $wgGroupsRemoveFromSelf[$group] === true ) {
4768 $groups['remove-self'] = User::getAllGroups();
4769 } elseif ( is_array( $wgGroupsRemoveFromSelf[$group] ) ) {
4770 $groups['remove-self'] = $wgGroupsRemoveFromSelf[$group];
4771 }
4772
4773 return $groups;
4774 }
4775
4776 /**
4777 * Returns an array of groups that this user can add and remove
4778 * @return array Array( 'add' => array( addablegroups ),
4779 * 'remove' => array( removablegroups ),
4780 * 'add-self' => array( addablegroups to self),
4781 * 'remove-self' => array( removable groups from self) )
4782 */
4783 public function changeableGroups() {
4784 if ( $this->isAllowed( 'userrights' ) ) {
4785 // This group gives the right to modify everything (reverse-
4786 // compatibility with old "userrights lets you change
4787 // everything")
4788 // Using array_merge to make the groups reindexed
4789 $all = array_merge( User::getAllGroups() );
4790 return array(
4791 'add' => $all,
4792 'remove' => $all,
4793 'add-self' => array(),
4794 'remove-self' => array()
4795 );
4796 }
4797
4798 // Okay, it's not so simple, we will have to go through the arrays
4799 $groups = array(
4800 'add' => array(),
4801 'remove' => array(),
4802 'add-self' => array(),
4803 'remove-self' => array()
4804 );
4805 $addergroups = $this->getEffectiveGroups();
4806
4807 foreach ( $addergroups as $addergroup ) {
4808 $groups = array_merge_recursive(
4809 $groups, $this->changeableByGroup( $addergroup )
4810 );
4811 $groups['add'] = array_unique( $groups['add'] );
4812 $groups['remove'] = array_unique( $groups['remove'] );
4813 $groups['add-self'] = array_unique( $groups['add-self'] );
4814 $groups['remove-self'] = array_unique( $groups['remove-self'] );
4815 }
4816 return $groups;
4817 }
4818
4819 /**
4820 * Deferred version of incEditCountImmediate()
4821 */
4822 public function incEditCount() {
4823 $that = $this;
4824 wfGetDB( DB_MASTER )->onTransactionPreCommitOrIdle( function() use ( $that ) {
4825 $that->incEditCountImmediate();
4826 } );
4827 }
4828
4829 /**
4830 * Increment the user's edit-count field.
4831 * Will have no effect for anonymous users.
4832 * @since 1.26
4833 */
4834 public function incEditCountImmediate() {
4835 if ( $this->isAnon() ) {
4836 return;
4837 }
4838
4839 $dbw = wfGetDB( DB_MASTER );
4840 // No rows will be "affected" if user_editcount is NULL
4841 $dbw->update(
4842 'user',
4843 array( 'user_editcount=user_editcount+1' ),
4844 array( 'user_id' => $this->getId() ),
4845 __METHOD__
4846 );
4847 // Lazy initialization check...
4848 if ( $dbw->affectedRows() == 0 ) {
4849 // Now here's a goddamn hack...
4850 $dbr = wfGetDB( DB_SLAVE );
4851 if ( $dbr !== $dbw ) {
4852 // If we actually have a slave server, the count is
4853 // at least one behind because the current transaction
4854 // has not been committed and replicated.
4855 $this->initEditCount( 1 );
4856 } else {
4857 // But if DB_SLAVE is selecting the master, then the
4858 // count we just read includes the revision that was
4859 // just added in the working transaction.
4860 $this->initEditCount();
4861 }
4862 }
4863 // Edit count in user cache too
4864 $this->invalidateCache();
4865 }
4866
4867 /**
4868 * Initialize user_editcount from data out of the revision table
4869 *
4870 * @param int $add Edits to add to the count from the revision table
4871 * @return int Number of edits
4872 */
4873 protected function initEditCount( $add = 0 ) {
4874 // Pull from a slave to be less cruel to servers
4875 // Accuracy isn't the point anyway here
4876 $dbr = wfGetDB( DB_SLAVE );
4877 $count = (int)$dbr->selectField(
4878 'revision',
4879 'COUNT(rev_user)',
4880 array( 'rev_user' => $this->getId() ),
4881 __METHOD__
4882 );
4883 $count = $count + $add;
4884
4885 $dbw = wfGetDB( DB_MASTER );
4886 $dbw->update(
4887 'user',
4888 array( 'user_editcount' => $count ),
4889 array( 'user_id' => $this->getId() ),
4890 __METHOD__
4891 );
4892
4893 return $count;
4894 }
4895
4896 /**
4897 * Get the description of a given right
4898 *
4899 * @param string $right Right to query
4900 * @return string Localized description of the right
4901 */
4902 public static function getRightDescription( $right ) {
4903 $key = "right-$right";
4904 $msg = wfMessage( $key );
4905 return $msg->isBlank() ? $right : $msg->text();
4906 }
4907
4908 /**
4909 * Make a new-style password hash
4910 *
4911 * @param string $password Plain-text password
4912 * @param bool|string $salt Optional salt, may be random or the user ID.
4913 * If unspecified or false, will generate one automatically
4914 * @return string Password hash
4915 * @deprecated since 1.24, use Password class
4916 */
4917 public static function crypt( $password, $salt = false ) {
4918 wfDeprecated( __METHOD__, '1.24' );
4919 $hash = self::getPasswordFactory()->newFromPlaintext( $password );
4920 return $hash->toString();
4921 }
4922
4923 /**
4924 * Compare a password hash with a plain-text password. Requires the user
4925 * ID if there's a chance that the hash is an old-style hash.
4926 *
4927 * @param string $hash Password hash
4928 * @param string $password Plain-text password to compare
4929 * @param string|bool $userId User ID for old-style password salt
4930 *
4931 * @return bool
4932 * @deprecated since 1.24, use Password class
4933 */
4934 public static function comparePasswords( $hash, $password, $userId = false ) {
4935 wfDeprecated( __METHOD__, '1.24' );
4936
4937 // Check for *really* old password hashes that don't even have a type
4938 // The old hash format was just an md5 hex hash, with no type information
4939 if ( preg_match( '/^[0-9a-f]{32}$/', $hash ) ) {
4940 global $wgPasswordSalt;
4941 if ( $wgPasswordSalt ) {
4942 $password = ":B:{$userId}:{$hash}";
4943 } else {
4944 $password = ":A:{$hash}";
4945 }
4946 }
4947
4948 $hash = self::getPasswordFactory()->newFromCiphertext( $hash );
4949 return $hash->equals( $password );
4950 }
4951
4952 /**
4953 * Add a newuser log entry for this user.
4954 * Before 1.19 the return value was always true.
4955 *
4956 * @param string|bool $action Account creation type.
4957 * - String, one of the following values:
4958 * - 'create' for an anonymous user creating an account for himself.
4959 * This will force the action's performer to be the created user itself,
4960 * no matter the value of $wgUser
4961 * - 'create2' for a logged in user creating an account for someone else
4962 * - 'byemail' when the created user will receive its password by e-mail
4963 * - 'autocreate' when the user is automatically created (such as by CentralAuth).
4964 * - Boolean means whether the account was created by e-mail (deprecated):
4965 * - true will be converted to 'byemail'
4966 * - false will be converted to 'create' if this object is the same as
4967 * $wgUser and to 'create2' otherwise
4968 *
4969 * @param string $reason User supplied reason
4970 *
4971 * @return int|bool True if not $wgNewUserLog; otherwise ID of log item or 0 on failure
4972 */
4973 public function addNewUserLogEntry( $action = false, $reason = '' ) {
4974 global $wgUser, $wgNewUserLog;
4975 if ( empty( $wgNewUserLog ) ) {
4976 return true; // disabled
4977 }
4978
4979 if ( $action === true ) {
4980 $action = 'byemail';
4981 } elseif ( $action === false ) {
4982 if ( $this->equals( $wgUser ) ) {
4983 $action = 'create';
4984 } else {
4985 $action = 'create2';
4986 }
4987 }
4988
4989 if ( $action === 'create' || $action === 'autocreate' ) {
4990 $performer = $this;
4991 } else {
4992 $performer = $wgUser;
4993 }
4994
4995 $logEntry = new ManualLogEntry( 'newusers', $action );
4996 $logEntry->setPerformer( $performer );
4997 $logEntry->setTarget( $this->getUserPage() );
4998 $logEntry->setComment( $reason );
4999 $logEntry->setParameters( array(
5000 '4::userid' => $this->getId(),
5001 ) );
5002 $logid = $logEntry->insert();
5003
5004 if ( $action !== 'autocreate' ) {
5005 $logEntry->publish( $logid );
5006 }
5007
5008 return (int)$logid;
5009 }
5010
5011 /**
5012 * Add an autocreate newuser log entry for this user
5013 * Used by things like CentralAuth and perhaps other authplugins.
5014 * Consider calling addNewUserLogEntry() directly instead.
5015 *
5016 * @return bool
5017 */
5018 public function addNewUserLogEntryAutoCreate() {
5019 $this->addNewUserLogEntry( 'autocreate' );
5020
5021 return true;
5022 }
5023
5024 /**
5025 * Load the user options either from cache, the database or an array
5026 *
5027 * @param array $data Rows for the current user out of the user_properties table
5028 */
5029 protected function loadOptions( $data = null ) {
5030 global $wgContLang;
5031
5032 $this->load();
5033
5034 if ( $this->mOptionsLoaded ) {
5035 return;
5036 }
5037
5038 $this->mOptions = self::getDefaultOptions();
5039
5040 if ( !$this->getId() ) {
5041 // For unlogged-in users, load language/variant options from request.
5042 // There's no need to do it for logged-in users: they can set preferences,
5043 // and handling of page content is done by $pageLang->getPreferredVariant() and such,
5044 // so don't override user's choice (especially when the user chooses site default).
5045 $variant = $wgContLang->getDefaultVariant();
5046 $this->mOptions['variant'] = $variant;
5047 $this->mOptions['language'] = $variant;
5048 $this->mOptionsLoaded = true;
5049 return;
5050 }
5051
5052 // Maybe load from the object
5053 if ( !is_null( $this->mOptionOverrides ) ) {
5054 wfDebug( "User: loading options for user " . $this->getId() . " from override cache.\n" );
5055 foreach ( $this->mOptionOverrides as $key => $value ) {
5056 $this->mOptions[$key] = $value;
5057 }
5058 } else {
5059 if ( !is_array( $data ) ) {
5060 wfDebug( "User: loading options for user " . $this->getId() . " from database.\n" );
5061 // Load from database
5062 $dbr = ( $this->queryFlagsUsed & self::READ_LATEST )
5063 ? wfGetDB( DB_MASTER )
5064 : wfGetDB( DB_SLAVE );
5065
5066 $res = $dbr->select(
5067 'user_properties',
5068 array( 'up_property', 'up_value' ),
5069 array( 'up_user' => $this->getId() ),
5070 __METHOD__
5071 );
5072
5073 $this->mOptionOverrides = array();
5074 $data = array();
5075 foreach ( $res as $row ) {
5076 $data[$row->up_property] = $row->up_value;
5077 }
5078 }
5079 foreach ( $data as $property => $value ) {
5080 $this->mOptionOverrides[$property] = $value;
5081 $this->mOptions[$property] = $value;
5082 }
5083 }
5084
5085 $this->mOptionsLoaded = true;
5086
5087 Hooks::run( 'UserLoadOptions', array( $this, &$this->mOptions ) );
5088 }
5089
5090 /**
5091 * Saves the non-default options for this user, as previously set e.g. via
5092 * setOption(), in the database's "user_properties" (preferences) table.
5093 * Usually used via saveSettings().
5094 */
5095 protected function saveOptions() {
5096 $this->loadOptions();
5097
5098 // Not using getOptions(), to keep hidden preferences in database
5099 $saveOptions = $this->mOptions;
5100
5101 // Allow hooks to abort, for instance to save to a global profile.
5102 // Reset options to default state before saving.
5103 if ( !Hooks::run( 'UserSaveOptions', array( $this, &$saveOptions ) ) ) {
5104 return;
5105 }
5106
5107 $userId = $this->getId();
5108
5109 $insert_rows = array(); // all the new preference rows
5110 foreach ( $saveOptions as $key => $value ) {
5111 // Don't bother storing default values
5112 $defaultOption = self::getDefaultOption( $key );
5113 if ( ( $defaultOption === null && $value !== false && $value !== null )
5114 || $value != $defaultOption
5115 ) {
5116 $insert_rows[] = array(
5117 'up_user' => $userId,
5118 'up_property' => $key,
5119 'up_value' => $value,
5120 );
5121 }
5122 }
5123
5124 $dbw = wfGetDB( DB_MASTER );
5125
5126 $res = $dbw->select( 'user_properties',
5127 array( 'up_property', 'up_value' ), array( 'up_user' => $userId ), __METHOD__ );
5128
5129 // Find prior rows that need to be removed or updated. These rows will
5130 // all be deleted (the later so that INSERT IGNORE applies the new values).
5131 $keysDelete = array();
5132 foreach ( $res as $row ) {
5133 if ( !isset( $saveOptions[$row->up_property] )
5134 || strcmp( $saveOptions[$row->up_property], $row->up_value ) != 0
5135 ) {
5136 $keysDelete[] = $row->up_property;
5137 }
5138 }
5139
5140 if ( count( $keysDelete ) ) {
5141 // Do the DELETE by PRIMARY KEY for prior rows.
5142 // In the past a very large portion of calls to this function are for setting
5143 // 'rememberpassword' for new accounts (a preference that has since been removed).
5144 // Doing a blanket per-user DELETE for new accounts with no rows in the table
5145 // caused gap locks on [max user ID,+infinity) which caused high contention since
5146 // updates would pile up on each other as they are for higher (newer) user IDs.
5147 // It might not be necessary these days, but it shouldn't hurt either.
5148 $dbw->delete( 'user_properties',
5149 array( 'up_user' => $userId, 'up_property' => $keysDelete ), __METHOD__ );
5150 }
5151 // Insert the new preference rows
5152 $dbw->insert( 'user_properties', $insert_rows, __METHOD__, array( 'IGNORE' ) );
5153 }
5154
5155 /**
5156 * Lazily instantiate and return a factory object for making passwords
5157 *
5158 * @return PasswordFactory
5159 */
5160 public static function getPasswordFactory() {
5161 if ( self::$mPasswordFactory === null ) {
5162 self::$mPasswordFactory = new PasswordFactory();
5163 self::$mPasswordFactory->init( RequestContext::getMain()->getConfig() );
5164 }
5165
5166 return self::$mPasswordFactory;
5167 }
5168
5169 /**
5170 * Provide an array of HTML5 attributes to put on an input element
5171 * intended for the user to enter a new password. This may include
5172 * required, title, and/or pattern, depending on $wgMinimalPasswordLength.
5173 *
5174 * Do *not* use this when asking the user to enter his current password!
5175 * Regardless of configuration, users may have invalid passwords for whatever
5176 * reason (e.g., they were set before requirements were tightened up).
5177 * Only use it when asking for a new password, like on account creation or
5178 * ResetPass.
5179 *
5180 * Obviously, you still need to do server-side checking.
5181 *
5182 * NOTE: A combination of bugs in various browsers means that this function
5183 * actually just returns array() unconditionally at the moment. May as
5184 * well keep it around for when the browser bugs get fixed, though.
5185 *
5186 * @todo FIXME: This does not belong here; put it in Html or Linker or somewhere
5187 *
5188 * @return array Array of HTML attributes suitable for feeding to
5189 * Html::element(), directly or indirectly. (Don't feed to Xml::*()!
5190 * That will get confused by the boolean attribute syntax used.)
5191 */
5192 public static function passwordChangeInputAttribs() {
5193 global $wgMinimalPasswordLength;
5194
5195 if ( $wgMinimalPasswordLength == 0 ) {
5196 return array();
5197 }
5198
5199 # Note that the pattern requirement will always be satisfied if the
5200 # input is empty, so we need required in all cases.
5201 #
5202 # @todo FIXME: Bug 23769: This needs to not claim the password is required
5203 # if e-mail confirmation is being used. Since HTML5 input validation
5204 # is b0rked anyway in some browsers, just return nothing. When it's
5205 # re-enabled, fix this code to not output required for e-mail
5206 # registration.
5207 #$ret = array( 'required' );
5208 $ret = array();
5209
5210 # We can't actually do this right now, because Opera 9.6 will print out
5211 # the entered password visibly in its error message! When other
5212 # browsers add support for this attribute, or Opera fixes its support,
5213 # we can add support with a version check to avoid doing this on Opera
5214 # versions where it will be a problem. Reported to Opera as
5215 # DSK-262266, but they don't have a public bug tracker for us to follow.
5216 /*
5217 if ( $wgMinimalPasswordLength > 1 ) {
5218 $ret['pattern'] = '.{' . intval( $wgMinimalPasswordLength ) . ',}';
5219 $ret['title'] = wfMessage( 'passwordtooshort' )
5220 ->numParams( $wgMinimalPasswordLength )->text();
5221 }
5222 */
5223
5224 return $ret;
5225 }
5226
5227 /**
5228 * Return the list of user fields that should be selected to create
5229 * a new user object.
5230 * @return array
5231 */
5232 public static function selectFields() {
5233 return array(
5234 'user_id',
5235 'user_name',
5236 'user_real_name',
5237 'user_email',
5238 'user_touched',
5239 'user_token',
5240 'user_email_authenticated',
5241 'user_email_token',
5242 'user_email_token_expires',
5243 'user_registration',
5244 'user_editcount',
5245 );
5246 }
5247
5248 /**
5249 * Factory function for fatal permission-denied errors
5250 *
5251 * @since 1.22
5252 * @param string $permission User right required
5253 * @return Status
5254 */
5255 static function newFatalPermissionDeniedStatus( $permission ) {
5256 global $wgLang;
5257
5258 $groups = array_map(
5259 array( 'User', 'makeGroupLinkWiki' ),
5260 User::getGroupsWithPermission( $permission )
5261 );
5262
5263 if ( $groups ) {
5264 return Status::newFatal( 'badaccess-groups', $wgLang->commaList( $groups ), count( $groups ) );
5265 } else {
5266 return Status::newFatal( 'badaccess-group0' );
5267 }
5268 }
5269
5270 /**
5271 * Checks if two user objects point to the same user.
5272 *
5273 * @since 1.25
5274 * @param User $user
5275 * @return bool
5276 */
5277 public function equals( User $user ) {
5278 return $this->getName() === $user->getName();
5279 }
5280 }
MediaWiki Core