Merge "Whitelist the <wbr> element."
[mediawiki.git] / includes / api / ApiQueryBlocks.php
blobe3c27f5e2ae081eaa47d7f393e78e1fd1f00cc27
1 <?php
2 /**
5 * Created on Sep 10, 2007
7 * Copyright © 2007 Roan Kattouw "<Firstname>.<Lastname>@gmail.com"
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
24 * @file
27 /**
28 * Query module to enumerate all user blocks
30 * @ingroup API
32 class ApiQueryBlocks extends ApiQueryBase {
34 /**
35 * @var Array
37 protected $usernames;
39 public function __construct( $query, $moduleName ) {
40 parent::__construct( $query, $moduleName, 'bk' );
43 public function execute() {
44 global $wgContLang;
46 $params = $this->extractRequestParams();
47 $this->requireMaxOneParameter( $params, 'users', 'ip' );
49 $prop = array_flip( $params['prop'] );
50 $fld_id = isset( $prop['id'] );
51 $fld_user = isset( $prop['user'] );
52 $fld_userid = isset( $prop['userid'] );
53 $fld_by = isset( $prop['by'] );
54 $fld_byid = isset( $prop['byid'] );
55 $fld_timestamp = isset( $prop['timestamp'] );
56 $fld_expiry = isset( $prop['expiry'] );
57 $fld_reason = isset( $prop['reason'] );
58 $fld_range = isset( $prop['range'] );
59 $fld_flags = isset( $prop['flags'] );
61 $result = $this->getResult();
63 $this->addTables( 'ipblocks' );
64 $this->addFields( 'ipb_auto' );
66 $this->addFieldsIf( 'ipb_id', $fld_id );
67 $this->addFieldsIf( array( 'ipb_address', 'ipb_user' ), $fld_user || $fld_userid );
68 $this->addFieldsIf( 'ipb_by_text', $fld_by );
69 $this->addFieldsIf( 'ipb_by', $fld_byid );
70 $this->addFieldsIf( 'ipb_timestamp', $fld_timestamp );
71 $this->addFieldsIf( 'ipb_expiry', $fld_expiry );
72 $this->addFieldsIf( 'ipb_reason', $fld_reason );
73 $this->addFieldsIf( array( 'ipb_range_start', 'ipb_range_end' ), $fld_range );
74 $this->addFieldsIf( array( 'ipb_anon_only', 'ipb_create_account', 'ipb_enable_autoblock',
75 'ipb_block_email', 'ipb_deleted', 'ipb_allow_usertalk' ),
76 $fld_flags );
78 $this->addOption( 'LIMIT', $params['limit'] + 1 );
79 $this->addTimestampWhereRange( 'ipb_timestamp', $params['dir'], $params['start'], $params['end'] );
81 $db = $this->getDB();
83 if ( isset( $params['ids'] ) ) {
84 $this->addWhereFld( 'ipb_id', $params['ids'] );
86 if ( isset( $params['users'] ) ) {
87 foreach ( (array)$params['users'] as $u ) {
88 $this->prepareUsername( $u );
90 $this->addWhereFld( 'ipb_address', $this->usernames );
91 $this->addWhereFld( 'ipb_auto', 0 );
93 if ( isset( $params['ip'] ) ) {
94 global $wgBlockCIDRLimit;
95 if ( IP::isIPv4( $params['ip'] ) ) {
96 $type = 'IPv4';
97 $cidrLimit = $wgBlockCIDRLimit['IPv4'];
98 $prefixLen = 0;
99 } elseif ( IP::isIPv6( $params['ip'] ) ) {
100 $type = 'IPv6';
101 $cidrLimit = $wgBlockCIDRLimit['IPv6'];
102 $prefixLen = 3; // IP::toHex output is prefixed with "v6-"
103 } else {
104 $this->dieUsage( 'IP parameter is not valid', 'param_ip' );
107 # Check range validity, if it's a CIDR
108 list( $ip, $range ) = IP::parseCIDR( $params['ip'] );
109 if ( $ip !== false && $range !== false && $range < $cidrLimit ) {
110 $this->dieUsage( "$type CIDR ranges broader than /$cidrLimit are not accepted", 'cidrtoobroad' );
113 # Let IP::parseRange handle calculating $upper, instead of duplicating the logic here.
114 list( $lower, $upper ) = IP::parseRange( $params['ip'] );
116 # Extract the common prefix to any rangeblock affecting this IP/CIDR
117 $prefix = substr( $lower, 0, $prefixLen + floor( $cidrLimit / 4 ) );
119 # Fairly hard to make a malicious SQL statement out of hex characters,
120 # but it is good practice to add quotes
121 $lower = $db->addQuotes( $lower );
122 $upper = $db->addQuotes( $upper );
124 $this->addWhere( array(
125 'ipb_range_start' . $db->buildLike( $prefix, $db->anyString() ),
126 'ipb_range_start <= ' . $lower,
127 'ipb_range_end >= ' . $upper,
128 'ipb_auto' => 0
129 ) );
132 if ( !is_null( $params['show'] ) ) {
133 $show = array_flip( $params['show'] );
135 /* Check for conflicting parameters. */
136 if ( ( isset( $show['account'] ) && isset( $show['!account'] ) )
137 || ( isset( $show['ip'] ) && isset( $show['!ip'] ) )
138 || ( isset( $show['range'] ) && isset( $show['!range'] ) )
139 || ( isset( $show['temp'] ) && isset( $show['!temp'] ) )
141 $this->dieUsageMsg( 'show' );
144 $this->addWhereIf( 'ipb_user = 0', isset( $show['!account'] ) );
145 $this->addWhereIf( 'ipb_user != 0', isset( $show['account'] ) );
146 $this->addWhereIf( 'ipb_user != 0 OR ipb_range_end > ipb_range_start', isset( $show['!ip'] ) );
147 $this->addWhereIf( 'ipb_user = 0 AND ipb_range_end = ipb_range_start', isset( $show['ip'] ) );
148 $this->addWhereIf( 'ipb_expiry = ' . $db->addQuotes( $db->getInfinity() ), isset( $show['!temp'] ) );
149 $this->addWhereIf( 'ipb_expiry != ' . $db->addQuotes( $db->getInfinity() ), isset( $show['temp'] ) );
150 $this->addWhereIf( 'ipb_range_end = ipb_range_start', isset( $show['!range'] ) );
151 $this->addWhereIf( 'ipb_range_end > ipb_range_start', isset( $show['range'] ) );
154 if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
155 $this->addWhereFld( 'ipb_deleted', 0 );
158 // Purge expired entries on one in every 10 queries
159 if ( !mt_rand( 0, 10 ) ) {
160 Block::purgeExpired();
163 $res = $this->select( __METHOD__ );
165 $count = 0;
166 foreach ( $res as $row ) {
167 if ( ++$count > $params['limit'] ) {
168 // We've had enough
169 $this->setContinueEnumParameter( 'start', wfTimestamp( TS_ISO_8601, $row->ipb_timestamp ) );
170 break;
172 $block = array();
173 if ( $fld_id ) {
174 $block['id'] = $row->ipb_id;
176 if ( $fld_user && !$row->ipb_auto ) {
177 $block['user'] = $row->ipb_address;
179 if ( $fld_userid && !$row->ipb_auto ) {
180 $block['userid'] = $row->ipb_user;
182 if ( $fld_by ) {
183 $block['by'] = $row->ipb_by_text;
185 if ( $fld_byid ) {
186 $block['byid'] = $row->ipb_by;
188 if ( $fld_timestamp ) {
189 $block['timestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
191 if ( $fld_expiry ) {
192 $block['expiry'] = $wgContLang->formatExpiry( $row->ipb_expiry, TS_ISO_8601 );
194 if ( $fld_reason ) {
195 $block['reason'] = $row->ipb_reason;
197 if ( $fld_range && !$row->ipb_auto ) {
198 $block['rangestart'] = IP::formatHex( $row->ipb_range_start );
199 $block['rangeend'] = IP::formatHex( $row->ipb_range_end );
201 if ( $fld_flags ) {
202 // For clarity, these flags use the same names as their action=block counterparts
203 if ( $row->ipb_auto ) {
204 $block['automatic'] = '';
206 if ( $row->ipb_anon_only ) {
207 $block['anononly'] = '';
209 if ( $row->ipb_create_account ) {
210 $block['nocreate'] = '';
212 if ( $row->ipb_enable_autoblock ) {
213 $block['autoblock'] = '';
215 if ( $row->ipb_block_email ) {
216 $block['noemail'] = '';
218 if ( $row->ipb_deleted ) {
219 $block['hidden'] = '';
221 if ( $row->ipb_allow_usertalk ) {
222 $block['allowusertalk'] = '';
225 $fit = $result->addValue( array( 'query', $this->getModuleName() ), null, $block );
226 if ( !$fit ) {
227 $this->setContinueEnumParameter( 'start', wfTimestamp( TS_ISO_8601, $row->ipb_timestamp ) );
228 break;
231 $result->setIndexedTagName_internal( array( 'query', $this->getModuleName() ), 'block' );
234 protected function prepareUsername( $user ) {
235 if ( !$user ) {
236 $this->dieUsage( 'User parameter may not be empty', 'param_user' );
238 $name = User::isIP( $user )
239 ? $user
240 : User::getCanonicalName( $user, 'valid' );
241 if ( $name === false ) {
242 $this->dieUsage( "User name {$user} is not valid", 'param_user' );
244 $this->usernames[] = $name;
247 public function getAllowedParams() {
248 return array(
249 'start' => array(
250 ApiBase::PARAM_TYPE => 'timestamp'
252 'end' => array(
253 ApiBase::PARAM_TYPE => 'timestamp',
255 'dir' => array(
256 ApiBase::PARAM_TYPE => array(
257 'newer',
258 'older'
260 ApiBase::PARAM_DFLT => 'older'
262 'ids' => array(
263 ApiBase::PARAM_TYPE => 'integer',
264 ApiBase::PARAM_ISMULTI => true
266 'users' => array(
267 ApiBase::PARAM_ISMULTI => true
269 'ip' => null,
270 'limit' => array(
271 ApiBase::PARAM_DFLT => 10,
272 ApiBase::PARAM_TYPE => 'limit',
273 ApiBase::PARAM_MIN => 1,
274 ApiBase::PARAM_MAX => ApiBase::LIMIT_BIG1,
275 ApiBase::PARAM_MAX2 => ApiBase::LIMIT_BIG2
277 'prop' => array(
278 ApiBase::PARAM_DFLT => 'id|user|by|timestamp|expiry|reason|flags',
279 ApiBase::PARAM_TYPE => array(
280 'id',
281 'user',
282 'userid',
283 'by',
284 'byid',
285 'timestamp',
286 'expiry',
287 'reason',
288 'range',
289 'flags'
291 ApiBase::PARAM_ISMULTI => true
293 'show' => array(
294 ApiBase::PARAM_TYPE => array(
295 'account',
296 '!account',
297 'temp',
298 '!temp',
299 'ip',
300 '!ip',
301 'range',
302 '!range',
304 ApiBase::PARAM_ISMULTI => true
309 public function getParamDescription() {
310 global $wgBlockCIDRLimit;
311 $p = $this->getModulePrefix();
312 return array(
313 'start' => 'The timestamp to start enumerating from',
314 'end' => 'The timestamp to stop enumerating at',
315 'dir' => $this->getDirectionDescription( $p ),
316 'ids' => 'List of block IDs to list (optional)',
317 'users' => 'List of users to search for (optional)',
318 'ip' => array(
319 'Get all blocks applying to this IP or CIDR range, including range blocks.',
320 "Cannot be used together with bkusers. CIDR ranges broader than " .
321 "IPv4/{$wgBlockCIDRLimit['IPv4']} or IPv6/{$wgBlockCIDRLimit['IPv6']} " .
322 "are not accepted"
324 'limit' => 'The maximum amount of blocks to list',
325 'prop' => array(
326 'Which properties to get',
327 ' id - Adds the ID of the block',
328 ' user - Adds the username of the blocked user',
329 ' userid - Adds the user ID of the blocked user',
330 ' by - Adds the username of the blocking user',
331 ' byid - Adds the user ID of the blocking user',
332 ' timestamp - Adds the timestamp of when the block was given',
333 ' expiry - Adds the timestamp of when the block expires',
334 ' reason - Adds the reason given for the block',
335 ' range - Adds the range of IPs affected by the block',
336 ' flags - Tags the ban with (autoblock, anononly, etc)',
338 'show' => array(
339 'Show only items that meet this criteria.',
340 "For example, to see only indefinite blocks on IPs, set {$p}show=ip|!temp"
345 public function getResultProperties() {
346 return array(
347 'id' => array(
348 'id' => 'integer'
350 'user' => array(
351 'user' => array(
352 ApiBase::PROP_TYPE => 'string',
353 ApiBase::PROP_NULLABLE => true
356 'userid' => array(
357 'userid' => array(
358 ApiBase::PROP_TYPE => 'integer',
359 ApiBase::PROP_NULLABLE => true
362 'by' => array(
363 'by' => 'string'
365 'byid' => array(
366 'byid' => 'integer'
368 'timestamp' => array(
369 'timestamp' => 'timestamp'
371 'expiry' => array(
372 'expiry' => 'timestamp'
374 'reason' => array(
375 'reason' => 'string'
377 'range' => array(
378 'rangestart' => array(
379 ApiBase::PROP_TYPE => 'string',
380 ApiBase::PROP_NULLABLE => true
382 'rangeend' => array(
383 ApiBase::PROP_TYPE => 'string',
384 ApiBase::PROP_NULLABLE => true
387 'flags' => array(
388 'automatic' => 'boolean',
389 'anononly' => 'boolean',
390 'nocreate' => 'boolean',
391 'autoblock' => 'boolean',
392 'noemail' => 'boolean',
393 'hidden' => 'boolean',
394 'allowusertalk' => 'boolean'
399 public function getDescription() {
400 return 'List all blocked users and IP addresses';
403 public function getPossibleErrors() {
404 global $wgBlockCIDRLimit;
405 return array_merge( parent::getPossibleErrors(),
406 $this->getRequireOnlyOneParameterErrorMessages( array( 'users', 'ip' ) ),
407 array(
408 array(
409 'code' => 'cidrtoobroad',
410 'info' => "IPv4 CIDR ranges broader than /{$wgBlockCIDRLimit['IPv4']} are not accepted"
412 array(
413 'code' => 'cidrtoobroad',
414 'info' => "IPv6 CIDR ranges broader than /{$wgBlockCIDRLimit['IPv6']} are not accepted"
416 array( 'code' => 'param_ip', 'info' => 'IP parameter is not valid' ),
417 array( 'code' => 'param_user', 'info' => 'User parameter may not be empty' ),
418 array( 'code' => 'param_user', 'info' => 'User name user is not valid' ),
419 array( 'show' ),
424 public function getExamples() {
425 return array(
426 'api.php?action=query&list=blocks',
427 'api.php?action=query&list=blocks&bkusers=Alice|Bob'
431 public function getHelpUrls() {
432 return 'https://www.mediawiki.org/wiki/API:Blocks';