| blob | 9cd33f99286e466a1c88fa1ffae9096c1732f39e |
1 <?php
2 /**
3 * Implements the User class for the %MediaWiki software.
4 * @file
5 */
7 /**
8 * Int Number of characters in user_token field.
9 * @ingroup Constants
10 */
13 /**
14 * Int Serialized record version.
15 * @ingroup Constants
16 */
19 /**
20 * String Some punctuation to prevent editing from broken text-mangling proxies.
21 * @ingroup Constants
22 */
25 /**
26 * Thrown by User::setPassword() on error.
27 * @ingroup Exception
28 */
30 // NOP
31 }
33 /**
34 * The User object encapsulates all of the user-specific settings (user_id,
35 * name, rights, password, email address, options, last login time). Client
36 * classes use the getXXX() functions to access these fields. These functions
37 * do all the work of determining whether the user is logged in,
38 * whether the requested option can be satisfied from cookies or
39 * whether a database query is needed. Most of the settings needed
40 * for rendering normal pages are set in the cookie to minimize use
41 * of the database.
42 */
44 /**
45 * Global constants made accessible as class constants so that autoloader
46 * magic can be used.
47 */
52 /**
53 * Array of Strings List of member variables which are saved to the
54 * shared cache (memcached). Any operation which changes the
55 * corresponding database fields must call a cache-clearing function.
56 * @showinitializer
57 */
59 // user table
74 // user_group table
76 // user_properties table
78 );
80 /**
81 * Array of Strings Core rights.
82 * Each of these should have a corresponding message of the form
83 * "right-$right".
84 * @showinitializer
85 */
141 );
142 /**
143 * String Cached results of getAllRights()
144 */
147 /** @name Cache variables */
148 //@{
152 //@}
154 /**
155 * Bool Whether the cache variables have been loaded.
156 */
159 /**
160 * String Initialization data source if mDataLoaded==false. May be one of:
161 * - 'defaults' anonymous user initialised from class defaults
162 * - 'name' initialise from mName
163 * - 'id' initialise from mId
164 * - 'session' log in from cookies or session if possible
165 *
166 * Use the User::newFrom*() family of functions to set this.
167 */
170 /**
171 * Lazy-initialized variables, invalidated with clearInstanceCache
172 */
179 /**
180 * Lightweight constructor for an anonymous user.
181 * Use the User::newFrom* factory functions for other kinds of users.
182 *
183 * @see newFromName()
184 * @see newFromId()
185 * @see newFromConfirmationCode()
186 * @see newFromSession()
187 * @see newFromRow()
188 */
191 }
193 /**
194 * Load the user table data for this object from the source given by mFrom.
195 */
199 }
202 # Set it now to avoid infinite recursion in accessors
212 # Nonexistent user placeholder object
216 }
227 }
229 }
231 /**
232 * Load user table data, given mId has already been set.
233 * @return Bool false if the ID does not exist, true otherwise
234 * @private
235 */
241 }
243 # Try cache
247 # Object is expired, load from DB
249 }
253 # Load from DB
255 # Can't load from ID, user is anonymous
257 }
261 # Restore from cache
264 }
265 }
267 }
269 /**
270 * Save user data to the shared cache
271 */
277 // Anonymous users are uncached
279 }
283 }
288 }
291 /** @name newFrom*() static factory methods */
292 //@{
294 /**
295 * Static factory method for creation from username.
296 *
297 * This is slightly less efficient than newFromId(), so use newFromId() if
298 * you have both an ID and a name handy.
299 *
300 * @param $name String Username, validated by Title::newFromText()
301 * @param $validate String|Bool Validate username. Takes the same parameters as
302 * User::getCanonicalName(), except that true is accepted as an alias
303 * for 'valid', for BC.
304 *
305 * @return User object, or false if the username is invalid
306 * (e.g. if it contains illegal characters or is an IP address). If the
307 * username is not present in the database, the result will be a user object
308 * with a name, zero user ID and default settings.
309 */
313 }
318 # Create unloaded user object
323 }
324 }
326 /**
327 * Static factory method for creation from a given user ID.
328 *
329 * @param $id Int Valid user ID
330 * @return User The corresponding User object
331 */
337 }
339 /**
340 * Factory method to fetch whichever user has a given email confirmation code.
341 * This code is generated when an account is created or its e-mail address
342 * has changed.
343 *
344 * If the code is invalid or has expired, returns NULL.
345 *
346 * @param $code String Confirmation code
347 * @return User
348 */
354 ) );
359 }
360 }
362 /**
363 * Create a new user object using data from session or cookies. If the
364 * login credentials are invalid, the result is an anonymous user.
365 *
366 * @return User
367 */
372 }
374 /**
375 * Create a new user object from a user row.
376 * The row should have all fields from the user table in it.
377 * @param $row Array A row from the user table
378 * @return User
379 */
384 }
386 //@}
389 /**
390 * Get the username corresponding to a given user ID
391 * @param $id Int User ID
392 * @return String The corresponding username
393 */
397 }
399 /**
400 * Get the real name of a user given their user ID
401 *
402 * @param $id Int User ID
403 * @return String The corresponding user's real name
404 */
408 }
410 /**
411 * Get database id given a user name
412 * @param $name String Username
413 * @return Int|Null The corresponding user's ID, or null if user is nonexistent
414 */
418 # Illegal name
420 }
424 }
427 $s = $dbr->selectRow( 'user', array( 'user_id' ), array( 'user_name' => $nt->getText() ), __METHOD__ );
433 }
439 }
442 }
444 /**
445 * Reset the cache used in idFromName(). For use in tests.
446 */
449 }
451 /**
452 * Does the string match an anonymous IPv4 address?
453 *
454 * This function exists for username validation, in order to reject
455 * usernames which are similar in form to IP addresses. Strings such
456 * as 300.300.300.300 will return true because it looks like an IP
457 * address, despite not being strictly valid.
458 *
459 * We match \d{1,3}\.\d{1,3}\.\d{1,3}\.xxx as an anonymous IP
460 * address because the usemod software would "cloak" anonymous IP
461 * addresses like this, if we allowed accounts like this to be created
462 * new users could get the old edits of these anonymous users.
463 *
464 * @param $name String to match
465 * @return Bool
466 */
469 }
471 /**
472 * Is the input a valid username?
473 *
474 * Checks if the input is a valid username, we don't want an empty string,
475 * an IP address, anything that containins slashes (would mess up subpages),
476 * is longer than the maximum allowed username size or doesn't begin with
477 * a capital letter.
478 *
479 * @param $name String to match
480 * @return Bool
481 */
493 }
495 // Ensure that the name can't be misresolved as a different title,
496 // such as with extra namespace keys at the start.
504 }
506 // Check an additional blacklist of troublemaker characters.
507 // Should these be merged into the title char list?
520 }
523 }
525 /**
526 * Usernames which fail to pass this function will be blocked
527 * from user login and new account registrations, but may be used
528 * internally by batch processes.
529 *
530 * If an account already exists in this form, login will be blocked
531 * by a failure to pass this function.
532 *
533 * @param $name String to match
534 * @return Bool
535 */
538 // Must be a valid username, obviously ;)
541 }
547 }
549 // Certain names may be reserved for batch processes.
553 }
556 }
557 }
559 }
561 /**
562 * Usernames which fail to pass this function will be blocked
563 * from new account registrations, but may be used internally
564 * either by batch processes or by user accounts which have
565 * already been created.
566 *
567 * Additional blacklisting may be added here rather than in
568 * isValidUserName() to avoid disrupting existing accounts.
569 *
570 * @param $name String to match
571 * @return Bool
572 */
576 // Ensure that the username isn't longer than 235 bytes, so that
577 // (at least for the builtin skins) user javascript and css files
578 // will work. (bug 23080)
583 }
589 }
592 }
594 /**
595 * Is the input a valid password for this user?
596 *
597 * @param $password String Desired password
598 * @return Bool
599 */
601 //simple boolean wrapper for getPasswordValidity
603 }
605 /**
606 * Given unvalidated password input, return error message on failure.
607 *
608 * @param $password String Desired password
609 * @return mixed: true on success, string or array of error message on failure
610 */
617 );
629 } elseif ( isset( $blockedLogins[ $this->getName() ] ) && $password == $blockedLogins[ $this->getName() ] ) {
632 //it seems weird returning true here, but this is because of the
633 //initialization of $result to false above. If the hook is never run or it
634 //doesn't modify $result, then we will likely get down into this if with
635 //a valid password.
637 }
642 }
643 }
645 /**
646 * Does a string look like an e-mail address?
647 *
648 * This validates an email address using an HTML5 specification found at:
649 * http://www.whatwg.org/specs/web-apps/current-work/multipage/states-of-the-type-attribute.html#valid-e-mail-address
650 * Which as of 2011-01-24 says:
651 *
652 * A valid e-mail address is a string that matches the ABNF production
653 * 1*( atext / "." ) "@" ldh-str *( "." ldh-str ) where atext is defined
654 * in RFC 5322 section 3.2.3, and ldh-str is defined in RFC 1034 section
655 * 3.5.
656 *
657 * This function is an implementation of the specification as requested in
658 * bug 22449.
659 *
660 * Client-side forms will use the same standard validation rules via JS or
661 * HTML 5 validation; additional restrictions can be enforced server-side
662 * by extensions via the 'isValidEmailAddr' hook.
663 *
664 * Note that this validation doesn't 100% match RFC 2822, but is believed
665 * to be liberal enough for wide use. Some invalid addresses will still
666 * pass validation here.
667 *
668 * @param $addr String E-mail address
669 * @return Bool
670 */
675 }
680 ^ # start of string
682 @ # 'apostrophe'
685 $ # End of string
689 }
691 /**
692 * Given unvalidated user input, return a canonical username, or false if
693 * the username is invalid.
694 * @param $name String User input
695 * @param $validate String|Bool type of validation to use:
696 * - false No validation
697 * - 'valid' Valid for batch processes
698 * - 'usable' Valid for batch processes and login
699 * - 'creatable' Valid for batch processes, login and account creation
700 */
702 # Force usernames to capital
706 # Reject names containing '#'; these will be cleaned up
707 # with title normalisation, but then it's too late to
708 # check elsewhere
712 # Clean up name according to title rules
715 # Check for invalid titles
718 }
720 # Reject various classes of invalid names
730 }
735 }
740 }
744 }
746 }
748 /**
749 * Count the number of edits of a user
750 * @todo It should not be static and some day should be merged as proper member function / deprecated -- domas
751 *
752 * @param $uid Int User ID to check
753 * @return Int the user's edit count
754 */
758 // check if the user_editcount field has been initialized
762 __METHOD__
763 );
770 __METHOD__
771 );
776 __METHOD__
777 );
780 }
783 }
785 /**
786 * Return a random password. Sourced from mt_rand, so it's not particularly secure.
787 * @todo hash random numbers to improve security, like generateToken()
788 *
789 * @return String new random password
790 */
801 }
803 }
805 /**
806 * Set cached properties to default.
807 *
808 * @note This no longer clears uncached lazy-initialised properties;
809 * the constructor does that instead.
810 * @private
811 */
830 }
842 }
844 /**
845 * Load user data from the session or login cookie. If there are no valid
846 * credentials, initialises the user as an anonymous user.
847 * @return Bool True if the user is logged in, false otherwise.
848 */
856 }
861 # TODO: Automatically create the user here (or probably a bit
862 # lower down, in fact)
863 }
864 }
873 }
881 }
885 }
895 }
899 # Not a valid ID, loadFromId has switched the object to anon for us
901 }
905 # User blocked and we've disabled blocked user logins
908 }
917 # No session or persistent login cookie
920 }
927 # Invalid credentials
931 }
932 }
934 /**
935 * Load user and user_group data from the database.
936 * $this::mId must be set, this is how the user is identified.
937 *
938 * @return Bool True if the user exists, false if the user is anonymous
939 * @private
940 */
942 # Paranoia
945 /** Anonymous user */
949 }
957 # Initialise user table data
963 # Invalid user_id
967 }
968 }
970 /**
971 * Initialize this object from a row from the user table.
972 *
973 * @param $row Array Row from the user table to load.
974 */
980 }
995 }
997 /**
998 * Load the groups from the database if they aren't already loaded.
999 * @private
1000 */
1007 __METHOD__ );
1011 }
1012 }
1013 }
1015 /**
1016 * Clear various cached data stored in this object.
1017 * @param $reloadFrom String Reload user and user_groups table data from a
1018 * given source. May be "name", "id", "defaults", "session", or false for
1019 * no reload.
1020 */
1034 }
1035 }
1037 /**
1038 * Combine the language default options with any site-specific options
1039 * and add the default language variants.
1040 *
1041 * @return Array of String options
1042 */
1045 /**
1046 * Site defaults will override the global/language defaults
1047 */
1051 /**
1052 * default language setting
1053 */
1059 }
1063 }
1065 /**
1066 * Get a given default option value.
1067 *
1068 * @param $opt String Name of option to retrieve
1069 * @return String Default option value
1070 */
1077 }
1078 }
1081 /**
1082 * Get blocking information
1083 * @private
1084 * @param $bFromSlave Bool Whether to check the slave database first. To
1085 * improve performance, non-critical checks are done
1086 * against slaves. Check when actually saving should be
1087 * done against master.
1088 */
1094 }
1099 // Initialize data...
1100 // Otherwise something ends up stomping on $this->mBlockedby when
1101 // things get lazy-loaded later, causing false positive block hits
1102 // due to -1 !== 0. Probably session-related... Nothing should be
1103 // overwriting mBlockedby, surely?
1110 # Check if we are looking at an IP or a logged-in user
1114 # Check if we are looking at the current user
1115 # If we don't, and the user is logged in, we don't know about
1116 # his IP / autoblock status, so ignore autoblock of current user's IP
1120 # Get IP of current user
1122 }
1123 }
1126 # Exempt from all types of IP-block
1128 }
1130 # User/IP blocking
1143 }
1145 // Bug 13611: don't remove mBlock here, to allow account creation blocks to
1146 // apply to users. Note that the existence of $this->mBlock is not used to
1147 // check for edit blocks, $this->mBlockedby is instead.
1148 }
1150 # Proxy blocking
1152 # Local list
1156 }
1158 # DNSBL
1163 }
1164 }
1165 }
1167 # Extensions
1171 }
1173 /**
1174 * Whether the given IP is in a DNS blacklist.
1175 *
1176 * @param $ip String IP to check
1177 * @param $checkWhitelist Bool: whether to check the whitelist first
1178 * @return Bool True if blacklisted.
1179 */
1192 }
1194 /**
1195 * Whether the given IP is in a given DNS blacklist.
1196 *
1197 * @param $ip String IP to check
1198 * @param $bases String|Array of Strings: URL of the DNS blacklist
1199 * @return Bool True if blacklisted.
1200 */
1205 // FIXME: IPv6 ??? (http://bugs.php.net/bug.php?id=33170)
1207 # Reverse IP, bug 21255
1211 # Make hostname
1214 # Send query
1223 }
1224 }
1225 }
1229 }
1231 /**
1232 * Is this user subject to rate limiting?
1233 *
1234 * @return Bool True if rate limited
1235 */
1240 // Deprecated, but kept for backwards-compatibility config
1242 }
1244 // No other good way currently to disable rate limits
1245 // for specific IPs. :P
1246 // But this is a crappy hack and should die.
1248 }
1250 }
1252 /**
1253 * Primitive rate limits: enforce maximum actions per time period
1254 * to put a brake on flooding.
1255 *
1256 * @note When using a shared cache like memcached, IP-address
1257 * last-hit counters will be shared across wikis.
1258 *
1259 * @param $action String Action to enforce; 'edit' if unspecified
1260 * @return Bool True if a rate limiter was tripped
1261 */
1263 # Call the 'PingLimiter' hook
1267 }
1272 }
1274 # Some groups shouldn't trigger the ping limiter, ever
1289 }
1293 }
1297 }
1300 }
1305 }
1306 }
1307 // Check for group-specific permissions
1308 // If more than one group applies, use the group with the highest limit
1313 }
1314 }
1315 }
1316 // Set the user limit key
1320 }
1327 // Already pinged?
1332 @error_log( wfTimestamp( TS_MW ) . ' ' . wfWikiID() . ': ' . $this->getName() . " tripped $key at $count $summary\n", 3, $wgRateLimitLog );
1333 }
1337 }
1341 }
1343 }
1347 }
1349 /**
1350 * Check if user is blocked
1351 *
1352 * @param $bFromSlave Bool Whether to check the slave database instead of the master
1353 * @return Bool True if blocked, false otherwise
1354 */
1358 }
1360 /**
1361 * Check if user is blocked from editing a particular article
1362 *
1363 * @param $title Title to check
1364 * @param $bFromSlave Bool whether to check the slave database instead of the master
1365 * @return Bool
1366 */
1373 # If a user's name is suppressed, they cannot make edits anywhere
1378 }
1384 }
1386 /**
1387 * If user is blocked, return the name of the user who placed the block
1388 * @return String name of blocker
1389 */
1393 }
1395 /**
1396 * If user is blocked, return the specified reason for the block
1397 * @return String Blocking reason
1398 */
1402 }
1404 /**
1405 * If user is blocked, return the ID for the block
1406 * @return Int Block ID
1407 */
1411 }
1413 /**
1414 * Check if user is blocked on all wikis.
1415 * Do not use for actual edit permission checks!
1416 * This is intented for quick UI checks.
1417 *
1418 * @param $ip String IP address, uses current client if none given
1419 * @return Bool True if blocked, false otherwise
1420 */
1424 }
1425 // User is already an IP?
1430 }
1435 }
1437 /**
1438 * Check if user account is locked
1439 *
1440 * @return Bool True if locked, false otherwise
1441 */
1445 }
1450 }
1452 /**
1453 * Check if user account is hidden
1454 *
1455 * @return Bool True if hidden, false otherwise
1456 */
1460 }
1466 }
1468 }
1470 /**
1471 * Get the user's ID.
1472 * @return Int The user's ID; 0 if the user is anonymous or nonexistent
1473 */
1477 // Special case, we know the user is anonymous
1480 // Don't load if this was initialized from an ID
1482 }
1484 }
1486 /**
1487 * Set the user and reload all fields according to a given ID
1488 * @param $v Int User ID to reload
1489 */
1493 }
1495 /**
1496 * Get the user name, or the IP of an anonymous user
1497 * @return String User's name or IP address
1498 */
1501 # Special case optimisation
1506 # Clean up IPs
1508 }
1510 }
1511 }
1513 /**
1514 * Set the user name.
1515 *
1516 * This does not reload fields from the database according to the given
1517 * name. Rather, it is used to create a temporary "nonexistent user" for
1518 * later addition to the database. It can also be used to set the IP
1519 * address for an anonymous user to something other than the current
1520 * remote IP.
1521 *
1522 * @note User::newFromName() has rougly the same function, when the named user
1523 * does not exist.
1524 * @param $str String New user name to set
1525 */
1529 }
1531 /**
1532 * Get the user's name escaped by underscores.
1533 * @return String Username escaped by underscores.
1534 */
1537 }
1539 /**
1540 * Check if the user has new messages.
1541 * @return Bool True if the user has new messages
1542 */
1546 # Load the newtalk status if it is unloaded (mNewtalk=-1)
1550 # Check memcached separately for anons, who have no
1551 # entire User object stored in there.
1559 // Since we are caching this, make sure it is up to date by getting it
1560 // from the master
1563 }
1566 }
1567 }
1570 }
1572 /**
1573 * Return the talk page(s) this user has new messages on.
1574 * @return Array of String page URLs
1575 */
1586 }
1588 /**
1589 * Internal uncached check for new messages
1590 *
1591 * @see getNewtalk()
1592 * @param $field String 'user_ip' for anonymous users, 'user_id' otherwise
1593 * @param $id String|Int User's IP address for anonymous users, User ID otherwise
1594 * @param $fromMaster Bool true to fetch from the master, false for a slave
1595 * @return Bool True if the user has new messages
1596 * @private
1597 */
1603 }
1607 }
1609 /**
1610 * Add or update the new messages flag
1611 * @param $field String 'user_ip' for anonymous users, 'user_id' otherwise
1612 * @param $id String|Int User's IP address for anonymous users, User ID otherwise
1613 * @return Bool True if successful, false otherwise
1614 * @private
1615 */
1620 __METHOD__,
1628 }
1629 }
1631 /**
1632 * Clear the new messages flag for the given user
1633 * @param $field String 'user_ip' for anonymous users, 'user_id' otherwise
1634 * @param $id String|Int User's IP address for anonymous users, User ID otherwise
1635 * @return Bool True if successful, false otherwise
1636 * @private
1637 */
1642 __METHOD__ );
1649 }
1650 }
1652 /**
1653 * Update the 'You have new messages!' status.
1654 * @param $val Bool Whether the user has new messages
1655 */
1659 }
1670 }
1677 }
1680 // Anons have a separate memcached space, since
1681 // user records aren't kept for them.
1684 }
1687 }
1688 }
1690 /**
1691 * Generate a current or new-future timestamp to be stored in the
1692 * user_touched field when we update things.
1693 * @return String Timestamp in TS_MW format
1694 */
1698 }
1700 /**
1701 * Clear user data from memcached.
1702 * Use after applying fun updates to the database; caller's
1703 * responsibility to update user_touched if appropriate.
1704 *
1705 * Called implicitly from invalidateCache() and saveSettings().
1706 */
1712 }
1713 }
1715 /**
1716 * Immediately touch the user data cache for this account.
1717 * Updates user_touched field, and removes account data from memcached
1718 * for reload on the next hit.
1719 */
1723 }
1732 __METHOD__ );
1735 }
1736 }
1738 /**
1739 * Validate the cache for this account.
1740 * @param $timestamp String A timestamp in TS_MW format
1741 */
1745 }
1747 /**
1748 * Get the user touched timestamp
1749 * @return String timestamp
1750 */
1754 }
1756 /**
1757 * Set the password and reset the random token.
1758 * Calls through to authentication plugin if necessary;
1759 * will have no effect if the auth plugin refuses to
1760 * pass the change through or if the legal password
1761 * checks fail.
1762 *
1763 * As a special case, setting the password to null
1764 * wipes it, so the account cannot be logged in until
1765 * a new password is set, for instance via e-mail.
1766 *
1767 * @param $str String New password to set
1768 * @throws PasswordError on failure
1769 */
1776 }
1787 }
1789 }
1790 }
1794 }
1799 }
1801 /**
1802 * Set the password and reset the random token unconditionally.
1803 *
1804 * @param $str String New password to set
1805 */
1811 // Save an invalid hash...
1815 }
1818 }
1820 /**
1821 * Get the user's current token.
1822 * @return String Token
1823 */
1827 }
1829 /**
1830 * Set the random token (used for persistent authentication)
1831 * Called from loadDefaults() among other places.
1832 *
1833 * @param $token String If specified, set the token to this value
1834 * @private
1835 */
1846 }
1850 }
1851 }
1853 /**
1854 * Set the cookie password
1855 *
1856 * @param $str String New cookie password
1857 * @private
1858 */
1862 }
1864 /**
1865 * Set the password for a password reminder or new account email
1866 *
1867 * @param $str String New password to set
1868 * @param $throttle Bool If true, reset the throttle timestamp to the present
1869 */
1875 }
1876 }
1878 /**
1879 * Has password reminder email been sent within the last
1880 * $wgPasswordReminderResendTime hours?
1881 * @return Bool
1882 */
1888 }
1891 }
1893 /**
1894 * Get the user's e-mail address
1895 * @return String User's email address
1896 */
1901 }
1903 /**
1904 * Get the timestamp of the user's e-mail authentication
1905 * @return String TS_MW timestamp
1906 */
1909 wfRunHooks( 'UserGetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
1911 }
1913 /**
1914 * Set the user's e-mail address
1915 * @param $str String New e-mail address
1916 */
1921 }
1923 /**
1924 * Get the user's real name
1925 * @return String User's real name
1926 */
1930 }
1932 /**
1933 * Set the user's real name
1934 * @param $str String New real name
1935 */
1939 }
1941 /**
1942 * Get the user's current setting for a given option.
1943 *
1944 * @param $oname String The option to check
1945 * @param $defaultOverride String A default value returned if the option does not exist
1946 * @return String User's current value for the option
1947 * @see getBoolOption()
1948 * @see getIntOption()
1949 */
1956 }
1958 }
1964 }
1965 }
1967 /**
1968 * Get all user's options
1969 *
1970 * @return array
1971 */
1975 }
1977 /**
1978 * Get the user's current setting for a given option, as a boolean value.
1979 *
1980 * @param $oname String The option to check
1981 * @return Bool User's current value for the option
1982 * @see getOption()
1983 */
1986 }
1989 /**
1990 * Get the user's current setting for a given option, as a boolean value.
1991 *
1992 * @param $oname String The option to check
1993 * @param $defaultOverride Int A default value returned if the option does not exist
1994 * @return Int User's current value for the option
1995 * @see getOption()
1996 */
2001 }
2003 }
2005 /**
2006 * Set the given option for a user.
2007 *
2008 * @param $oname String The option to set
2009 * @param $val mixed New value to set
2010 */
2016 # Clear cached skin, so the new one displays immediately in Special:Preferences
2018 }
2020 // Explicitly NULL values should refer to defaults
2024 }
2027 }
2029 /**
2030 * Reset all options to the site defaults
2031 */
2034 }
2036 /**
2037 * Get the user's preferred date format.
2038 * @return String User's preferred date format
2039 */
2041 // Important migration for old data rows
2048 }
2050 }
2052 }
2054 /**
2055 * Get the user preferred stub threshold
2056 */
2061 # If they have set an impossible value, disable the preference
2062 # so we can use the parser cache again.
2064 }
2066 }
2068 /**
2069 * Get the permissions this user has.
2070 * @return Array of String permission names
2071 */
2076 // Force reindexation of rights when a hook has unset one of them
2078 }
2080 }
2082 /**
2083 * Get the list of explicit group memberships this user has.
2084 * The implicit * and user groups are not included.
2085 * @return Array of String internal group names
2086 */
2090 }
2092 /**
2093 * Get the list of implicit group memberships this user has.
2094 * This includes all explicit groups, plus 'user' if logged in,
2095 * '*' for all accounts, and autopromoted groups
2096 * @param $recache Bool Whether to avoid the cache
2097 * @return Array of String internal group names
2098 */
2110 ) );
2112 # Hook for additional groups
2114 }
2116 }
2118 }
2120 /**
2121 * Get the user's edit count.
2122 * @return Int
2123 */
2127 /* Populate the count, if it has not been populated yet */
2129 }
2132 /* nil */
2134 }
2135 }
2137 /**
2138 * Add the user to the given group.
2139 * This takes immediate effect.
2140 * @param $group String Name of the group to add
2141 */
2149 ),
2150 __METHOD__,
2152 }
2159 }
2161 /**
2162 * Remove the user from the given group.
2163 * This takes immediate effect.
2164 * @param $group String Name of the group to remove
2165 */
2180 }
2182 /**
2183 * Get whether the user is logged in
2184 * @return Bool
2185 */
2188 }
2190 /**
2191 * Get whether the user is anonymous
2192 * @return Bool
2193 */
2196 }
2198 /**
2199 * Check if user is allowed to access a feature / make an action
2200 * @param $action String action to be checked
2201 * @return Boolean: True if action is allowed, else false
2202 */
2206 }
2207 # Patrolling may not be enabled
2212 }
2213 # Use strict parameter to avoid matching numeric 0 accidentally inserted
2214 # by misconfiguration: 0 == 'foo'
2216 }
2218 /**
2219 * Check whether to enable recent changes patrol features for this user
2220 * @return Boolean: True or false
2221 */
2224 return( $wgUseRCPatrol && ( $this->isAllowed( 'patrol' ) || $this->isAllowed( 'patrolmarks' ) ) );
2225 }
2227 /**
2228 * Check whether to enable new pages patrol features for this user
2229 * @return Bool True or false
2230 */
2233 return( ( $wgUseRCPatrol || $wgUseNPPatrol ) && ( $this->isAllowed( 'patrol' ) || $this->isAllowed( 'patrolmarks' ) ) );
2234 }
2236 /**
2237 * Get the current skin, loading it if required, and setting a title
2238 * @param $t Title: the title to use in the skin
2239 * @return Skin The current skin
2240 * @todo: FIXME : need to check the old failback system [AV]
2241 */
2250 }
2256 }
2259 }
2260 }
2262 // Creates a Skin object, for getSkin()
2269 # get the user skin
2273 # if we're not allowing users to override, then use the default
2276 }
2282 }
2284 /**
2285 * Check the watched status of an article.
2286 * @param $title Title of the article to look at
2287 * @return Bool
2288 */
2292 }
2294 /**
2295 * Watch an article.
2296 * @param $title Title of the article to look at
2297 */
2302 }
2304 /**
2305 * Stop watching an article.
2306 * @param $title Title of the article to look at
2307 */
2312 }
2314 /**
2315 * Clear the user's notification timestamp for the given title.
2316 * If e-notif e-mails are on, they will receive notification mails on
2317 * the next change of the page if it's watched etc.
2318 * @param $title Title of the article to look at
2319 */
2323 # Do nothing if the database is locked to writes
2326 }
2333 }
2337 }
2340 // Nothing else to do...
2342 }
2344 // Only update the timestamp if the page is being watched.
2345 // The query to find out if it is watched is cached both in memcached and per-invocation,
2346 // and when it does have to be executed, it can be on a slave
2347 // If this is the user's newtalk page, we always update the timestamp
2350 {
2356 }
2358 // If the page is watched by the user (or may be watched), update the timestamp on any
2359 // any matching rows
2369 ), __METHOD__
2370 );
2371 }
2372 }
2374 /**
2375 * Resets all of the given user's page-change notification timestamps.
2376 * If e-notif e-mails are on, they will receive notification mails on
2377 * the next change of any watched page.
2378 *
2379 * @param $currentUser Int User ID
2380 */
2386 }
2394 ), __METHOD__
2395 );
2396 # We also need to clear here the "you have new message" notification for the own user_talk page
2397 # This is cleared one page view later in Article::viewUpdates();
2398 }
2399 }
2401 /**
2402 * Set this user's options from an encoded string
2403 * @param $str String Encoded options to import
2404 * @private
2405 */
2413 // If an option is not set in $str, use the default value
2422 }
2423 }
2424 }
2426 /**
2427 * Set a cookie on the user's client. Wrapper for
2428 * WebResponse::setCookie
2429 * @param $name String Name of the cookie to set
2430 * @param $value String Value to set
2431 * @param $exp Int Expiration time, as a UNIX time value;
2432 * if 0 or not specified, use the default $wgCookieExpiration
2433 */
2437 }
2439 /**
2440 * Clear a cookie on the user's client
2441 * @param $name String Name of the cookie to clear
2442 */
2445 }
2447 /**
2448 * Set the default cookies for this session on the user's client.
2449 */
2457 );
2461 );
2466 }
2469 #check for null, since the hook could cause a null value
2472 }
2478 }
2479 }
2480 }
2482 /**
2483 * Log this user out.
2484 */
2488 }
2489 }
2491 /**
2492 * Clear the user's cookies and session, and reset the instance cache.
2493 * @private
2494 * @see logout()
2495 */
2504 # Remember when user logged out, to prevent seeing cached pages
2506 }
2508 /**
2509 * Save this user's settings into the database.
2510 * @todo Only rarely do all these fields need to be set!
2511 */
2536 ), __METHOD__
2537 );
2544 }
2546 /**
2547 * If only this user's username is known, and it exists, return the user ID.
2548 * @return Int
2549 */
2558 }
2560 }
2562 /**
2563 * Add a user to the database, return the user object
2564 *
2565 * @param $name String Username to add
2566 * @param $params Array of Strings Non-default parameters to save to the database:
2567 * - password The user's password. Password logins will be disabled if this is omitted.
2568 * - newpassword A temporary password mailed to the user
2569 * - email The user's email address
2570 * - email_authenticated The email authentication timestamp
2571 * - real_name The user's real name
2572 * - options An associative array of non-default options
2573 * - token Random authentication token. Do not set.
2574 * - registration Registration timestamp. Do not set.
2575 *
2576 * @return User object, or null if the username already exists
2577 */
2584 }
2601 );
2604 }
2610 }
2612 }
2614 /**
2615 * Add this existing user object to the database
2616 */
2635 ), __METHOD__
2636 );
2639 // Clear instance cache other than user table data, which is already accurate
2643 }
2645 /**
2646 * If this (non-anonymous) user is blocked, block any IP address
2647 * they've successfully logged in from.
2648 */
2654 }
2659 }
2662 }
2664 /**
2665 * Generate a string which will be different for any combination of
2666 * user options which would produce different parser output.
2667 * This will be used as part of the hash key for the parser cache,
2668 * so users with the same options can share the same cached data
2669 * safely.
2670 *
2671 * Extensions which require it should install 'PageRenderingHash' hook,
2672 * which will give them a chance to modify this key based on their own
2673 * settings.
2674 *
2675 * @deprecated @since 1.17 use the ParserOptions object to get the relevant options
2676 * @return String Page rendering hash
2677 */
2682 }
2685 // stubthreshold is only included below for completeness,
2686 // since it disables the parser cache, its value will always
2687 // be 0 when this function is called by parsercache.
2693 }
2697 // add in language specific options, if any
2701 // Since the skin could be overloading link(), it should be
2702 // included here but in practice, none of our skins do that.
2706 // Give a chance for extensions to modify the hash, if they have
2707 // extra options or other effects on the parser cache.
2710 // Make it a valid memcached key fragment
2714 }
2716 /**
2717 * Get whether the user is explicitly blocked from account creation.
2718 * @return Bool
2719 */
2723 }
2725 /**
2726 * Get whether the user is blocked from using Special:Emailuser.
2727 * @return Bool
2728 */
2732 }
2734 /**
2735 * Get whether the user is allowed to create an account.
2736 * @return Bool
2737 */
2740 }
2742 /**
2743 * Get this user's personal page title.
2744 *
2745 * @return Title: User's personal page title
2746 */
2749 }
2751 /**
2752 * Get this user's talk page title.
2753 *
2754 * @return Title: User's talk page title
2755 */
2759 }
2761 /**
2762 * Get the maximum valid user ID.
2763 * @return Integer: User ID
2764 * @static
2765 */
2774 }
2775 }
2777 /**
2778 * Determine whether the user is a newbie. Newbies are either
2779 * anonymous IPs, or the most recently created accounts.
2780 * @return Bool
2781 */
2784 }
2786 /**
2787 * Check to see if the given clear-text password is one of the accepted passwords
2788 * @param $password String: user password.
2789 * @return Boolean: True if the given password is correct, otherwise False.
2790 */
2795 // Even though we stop people from creating passwords that
2796 // are shorter than this, doesn't mean people wont be able
2797 // to. Certain authentication plugins do NOT want to save
2798 // domain passwords in a mysql database, so we should
2799 // check this (in case $wgAuth->strict() is false).
2802 }
2807 /* Auth plugin doesn't allow local authentication */
2810 /* Auth plugin doesn't allow local authentication for this user name */
2812 }
2816 # Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted
2817 # Check for this with iconv
2821 }
2822 }
2824 }
2826 /**
2827 * Check if the given clear-text password matches the temporary password
2828 * sent by e-mail for password reset operations.
2829 * @return Boolean: True if matches, false otherwise
2830 */
2836 }
2841 }
2842 }
2844 /**
2845 * Initialize (if necessary) and return a session token value
2846 * which can be used in edit forms to show that the user's
2847 * login credentials aren't being hijacked with a foreign form
2848 * submission.
2849 *
2850 * @param $salt String|Array of Strings Optional function-specific data for hashing
2851 * @return String The new edit token
2852 */
2862 }
2865 }
2867 }
2868 }
2870 /**
2871 * Generate a looking random token for various uses.
2872 *
2873 * @param $salt String Optional salt value
2874 * @return String The new random token
2875 */
2879 }
2881 /**
2882 * Check given value against the token value stored in the session.
2883 * A match should confirm that the form was submitted from the
2884 * user's own login session, not a form submission from a third-party
2885 * site.
2886 *
2887 * @param $val String Input value to compare
2888 * @param $salt String Optional function-specific data for hashing
2889 * @return Boolean: Whether the token matches
2890 */
2895 }
2897 }
2899 /**
2900 * Check given value against the token value stored in the session,
2901 * ignoring the suffix.
2902 *
2903 * @param $val String Input value to compare
2904 * @param $salt String Optional function-specific data for hashing
2905 * @return Boolean: Whether the token matches
2906 */
2910 }
2912 /**
2913 * Generate a new e-mail confirmation token and send a confirmation/invalidation
2914 * mail to the user's given address.
2915 *
2916 * @param $changed Boolean: whether the adress changed
2917 * @return Status object
2918 */
2937 }
2939 /**
2940 * Send an e-mail to this user's account. Does not check for
2941 * confirmed status or validity.
2942 *
2943 * @param $subject String Message subject
2944 * @param $body String Message body
2945 * @param $from String Optional From address; if unspecified, default $wgPasswordSender will be used
2946 * @param $replyto String Reply-To address
2947 * @return Status
2948 */
2955 }
2959 }
2961 /**
2962 * Generate, store, and return a new e-mail confirmation code.
2963 * A hash (unsalted, since it's used as a key) is stored.
2964 *
2965 * @note Call saveSettings() after calling this function to commit
2966 * this change to the database.
2967 *
2968 * @param[out] &$expiration \mixed Accepts the expiration time
2969 * @return String New token
2970 * @private
2971 */
2982 }
2984 /**
2985 * Return a URL the user can use to confirm their email address.
2986 * @param $token String Accepts the email confirmation token
2987 * @return String New token URL
2988 * @private
2989 */
2992 }
2994 /**
2995 * Return a URL the user can use to invalidate their email address.
2996 * @param $token String Accepts the email confirmation token
2997 * @return String New token URL
2998 * @private
2999 */
3002 }
3004 /**
3005 * Internal function to format the e-mail validation/invalidation URLs.
3006 * This uses $wgArticlePath directly as a quickie hack to use the
3007 * hardcoded English names of the Special: pages, for ASCII safety.
3008 *
3009 * @note Since these URLs get dropped directly into emails, using the
3010 * short English names avoids insanely long URL-encoded links, which
3011 * also sometimes can get corrupted in some browsers/mailers
3012 * (bug 6957 with Gmail and Internet Explorer).
3013 *
3014 * @param $page String Special page
3015 * @param $token String Token
3016 * @return String Formatted URL
3017 */
3025 }
3027 /**
3028 * Mark the e-mail address confirmed.
3029 *
3030 * @note Call saveSettings() after calling this function to commit the change.
3031 */
3036 }
3038 /**
3039 * Invalidate the user's e-mail confirmation, and unauthenticate the e-mail
3040 * address if it was already confirmed.
3041 *
3042 * @note Call saveSettings() after calling this function to commit the change.
3043 */
3051 }
3053 /**
3054 * Set the e-mail authentication timestamp.
3055 * @param $timestamp String TS_MW timestamp
3056 */
3060 wfRunHooks( 'UserSetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
3061 }
3063 /**
3064 * Is this user allowed to send e-mails within limits of current
3065 * site configuration?
3066 * @return Bool
3067 */
3072 }
3076 }
3078 /**
3079 * Is this user allowed to receive e-mails within limits of current
3080 * site configuration?
3081 * @return Bool
3082 */
3085 }
3087 /**
3088 * Is this user's e-mail address valid-looking and confirmed within
3089 * limits of the current site configuration?
3090 *
3091 * @note If $wgEmailAuthentication is on, this may require the user to have
3092 * confirmed their address by returning a code or using a password
3093 * sent to the address from the wiki.
3094 *
3095 * @return Bool
3096 */
3111 }
3112 }
3114 /**
3115 * Check whether there is an outstanding request for e-mail confirmation.
3116 * @return Bool
3117 */
3124 }
3126 /**
3127 * Get the timestamp of account creation.
3128 *
3129 * @return String|Bool Timestamp of account creation, or false for
3130 * non-existent/anonymous user accounts.
3131 */
3136 }
3138 /**
3139 * Get the timestamp of the first edit
3140 *
3141 * @return String|Bool Timestamp of first edit, or false for
3142 * non-existent/anonymous user accounts.
3143 */
3147 }
3151 __METHOD__,
3153 );
3156 }
3158 }
3160 /**
3161 * Get the permissions associated with a given list of groups
3162 *
3163 * @param $groups Array of Strings List of internal group names
3164 * @return Array of Strings List of permission key names for given groups combined
3165 */
3169 // grant every granted permission first
3173 // array_filter removes empty items
3175 }
3176 }
3177 // now revoke the revoked permissions
3182 }
3183 }
3185 }
3187 /**
3188 * Get all the groups who have a given permission
3189 *
3190 * @param $role String Role to check
3191 * @return Array of Strings List of internal group names with the given permission
3192 */
3199 }
3200 }
3202 }
3204 /**
3205 * Get the localized descriptive name for a group, if it exists
3206 *
3207 * @param $group String Internal group name
3208 * @return String Localized descriptive group name
3209 */
3213 }
3215 /**
3216 * Get the localized descriptive name for a member of a group, if it exists
3217 *
3218 * @param $group String Internal group name
3219 * @return String Localized name for group member
3220 */
3224 }
3226 /**
3227 * Return the set of defined explicit groups.
3228 * The implicit groups (by default *, 'user' and 'autoconfirmed')
3229 * are not included, as they are defined automatically, not in the database.
3230 * @return Array of internal group names
3231 */
3237 );
3238 }
3240 /**
3241 * Get a list of all available permissions.
3242 * @return Array of permission names
3243 */
3251 }
3253 }
3255 }
3257 /**
3258 * Get a list of implicit groups
3259 * @return Array of Strings Array of internal group names
3260 */
3264 wfRunHooks( 'UserGetImplicitGroups', array( &$groups ) ); #deprecated, use $wgImplictGroups instead
3266 }
3268 /**
3269 * Get the title of a page describing a particular group
3270 *
3271 * @param $group String Internal group name
3272 * @return Title|Bool Title of the page if it exists, false otherwise
3273 */
3280 }
3282 }
3284 /**
3285 * Create a link to the group in HTML, if available;
3286 * else return the group name.
3287 *
3288 * @param $group String Internal name of the group
3289 * @param $text String The text of the link
3290 * @return String HTML link to the group
3291 */
3295 }
3303 }
3304 }
3306 /**
3307 * Create a link to the group in Wikitext, if available;
3308 * else return the group name.
3309 *
3310 * @param $group String Internal name of the group
3311 * @param $text String The text of the link
3312 * @return String Wikilink to the group
3313 */
3317 }
3324 }
3325 }
3327 /**
3328 * Returns an array of the groups that a particular group can add/remove.
3329 *
3330 * @param $group String: the group to check for whether it can add/remove
3331 * @return Array array( 'add' => array( addablegroups ),
3332 * 'remove' => array( removablegroups ),
3333 * 'add-self' => array( addablegroups to self),
3334 * 'remove-self' => array( removable groups from self) )
3335 */
3339 $groups = array( 'add' => array(), 'remove' => array(), 'add-self' => array(), 'remove-self' => array() );
3341 // Don't add anything to $groups
3343 // You get everything
3347 }
3349 // Same thing for remove
3355 }
3357 // Re-map numeric keys of AddToSelf/RemoveFromSelf to the 'user' key for backwards compatibility
3362 }
3363 }
3364 }
3370 }
3371 }
3372 }
3374 // Now figure out what groups the user can add to him/herself
3377 // No idea WHY this would be used, but it's there
3381 }
3388 }
3391 }
3393 /**
3394 * Returns an array of groups that this user can add and remove
3395 * @return Array array( 'add' => array( addablegroups ),
3396 * 'remove' => array( removablegroups ),
3397 * 'add-self' => array( addablegroups to self),
3398 * 'remove-self' => array( removable groups from self) )
3399 */
3402 // This group gives the right to modify everything (reverse-
3403 // compatibility with old "userrights lets you change
3404 // everything")
3405 // Using array_merge to make the groups reindexed
3412 );
3413 }
3415 // Okay, it's not so simple, we will have to go through the arrays
3421 );
3427 );
3432 }
3434 }
3436 /**
3437 * Increment the user's edit-count field.
3438 * Will have no effect for anonymous users.
3439 */
3446 __METHOD__ );
3448 // Lazy initialization check...
3450 // Pull from a slave to be less cruel to servers
3451 // Accuracy isn't the point anyway here
3456 __METHOD__ );
3458 // Now here's a goddamn hack...
3460 // If we actually have a slave server, the count is
3461 // at least one behind because the current transaction
3462 // has not been committed and replicated.
3465 // But if DB_SLAVE is selecting the master, then the
3466 // count we just read includes the revision that was
3467 // just added in the working transaction.
3468 }
3473 __METHOD__ );
3474 }
3475 }
3476 // edit count in user cache too
3478 }
3480 /**
3481 * Get the description of a given right
3482 *
3483 * @param $right String Right to query
3484 * @return String Localized description of the right
3485 */
3490 ? $right
3492 }
3494 /**
3495 * Make an old-style password hash
3496 *
3497 * @param $password String Plain-text password
3498 * @param $userId String User ID
3499 * @return String Password hash
3500 */
3507 }
3508 }
3510 /**
3511 * Make a new-style password hash
3512 *
3513 * @param $password String Plain-text password
3514 * @param $salt String Optional salt, may be random or the user ID.
3515 * If unspecified or false, will generate one automatically
3516 * @return String Password hash
3517 */
3522 if( !wfRunHooks( 'UserCryptPassword', array( &$password, &$salt, &$wgPasswordSalt, &$hash ) ) ) {
3524 }
3529 }
3533 }
3534 }
3536 /**
3537 * Compare a password hash with a plain-text password. Requires the user
3538 * ID if there's a chance that the hash is an old-style hash.
3539 *
3540 * @param $hash String Password hash
3541 * @param $password String Plain-text password to compare
3542 * @param $userId String User ID for old-style password salt
3543 * @return Boolean:
3544 */
3551 }
3554 # Unsalted
3557 # Salted
3561 # Old-style
3563 }
3564 }
3566 /**
3567 * Add a newuser log entry for this user
3568 *
3569 * @param $byEmail Boolean: account made by email?
3570 * @param $reason String: user supplied reason
3571 */
3576 }
3588 }
3589 }
3590 }
3597 );
3599 }
3601 /**
3602 * Add an autocreate newuser log entry for this user
3603 * Used by things like CentralAuth and perhaps other authplugins.
3604 */
3609 }
3613 }
3622 // Maybe load from the object
3627 }
3630 // Load from database
3637 __METHOD__
3638 );
3643 }
3644 }
3649 }
3663 // Allow hooks to abort, for instance to save to a global profile.
3664 // Reset options to default state before saving.
3669 # Don't bother storing default values
3677 );
3678 }
3687 }
3688 }
3689 }
3695 }
3697 /**
3698 * Provide an array of HTML5 attributes to put on an input element
3699 * intended for the user to enter a new password. This may include
3700 * required, title, and/or pattern, depending on $wgMinimalPasswordLength.
3701 *
3702 * Do *not* use this when asking the user to enter his current password!
3703 * Regardless of configuration, users may have invalid passwords for whatever
3704 * reason (e.g., they were set before requirements were tightened up).
3705 * Only use it when asking for a new password, like on account creation or
3706 * ResetPass.
3707 *
3708 * Obviously, you still need to do server-side checking.
3709 *
3710 * NOTE: A combination of bugs in various browsers means that this function
3711 * actually just returns array() unconditionally at the moment. May as
3712 * well keep it around for when the browser bugs get fixed, though.
3713 *
3714 * FIXME : This does not belong here; put it in Html or Linker or somewhere
3715 *
3716 * @return array Array of HTML attributes suitable for feeding to
3717 * Html::element(), directly or indirectly. (Don't feed to Xml::*()!
3718 * That will potentially output invalid XHTML 1.0 Transitional, and will
3719 * get confused by the boolean attribute syntax used.)
3720 */
3726 }
3728 # Note that the pattern requirement will always be satisfied if the
3729 # input is empty, so we need required in all cases.
3730 #
3731 # FIXME (bug 23769): This needs to not claim the password is required
3732 # if e-mail confirmation is being used. Since HTML5 input validation
3733 # is b0rked anyway in some browsers, just return nothing. When it's
3734 # re-enabled, fix this code to not output required for e-mail
3735 # registration.
3736 #$ret = array( 'required' );
3739 # We can't actually do this right now, because Opera 9.6 will print out
3740 # the entered password visibly in its error message! When other
3741 # browsers add support for this attribute, or Opera fixes its support,
3742 # we can add support with a version check to avoid doing this on Opera
3743 # versions where it will be a problem. Reported to Opera as
3744 # DSK-262266, but they don't have a public bug tracker for us to follow.
3745 /*
3746 if ( $wgMinimalPasswordLength > 1 ) {
3747 $ret['pattern'] = '.{' . intval( $wgMinimalPasswordLength ) . ',}';
3748 $ret['title'] = wfMsgExt( 'passwordtooshort', 'parsemag',
3749 $wgMinimalPasswordLength );
3750 }
3751 */
3754 }
3756 /**
3757 * Format the user message using a hook, a template, or, failing these, a static format.
3758 * @param $subject String the subject of the message
3759 * @param $text String the content of the message
3760 * @param $signature String the signature, if provided.
3761 */
3776 }
3777 }
3780 }
3782 /**
3783 * Leave a user a message
3784 * @param $subject String the subject of the message
3785 * @param $text String the message to leave
3786 * @param $signature String Text to leave in the signature
3787 * @param $summary String the summary for this change, defaults to
3788 * "Leave system message."
3789 * @param $editor User The user leaving the message, defaults to
3790 * "{{MediaWiki:usermessage-editor}}"
3791 * @param $flags Int default edit flags
3792 *
3793 * @return boolean true if it was successful
3794 */
3799 }
3805 }
3806 }
3818 }
3827 }
3830 // Set newtalk with the right user ID
3836 // The article was concurrently created
3839 }
3842 }
3843 }