search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Simplify $assoc check
[mediawiki.git] / includes / User.php
blobab0a35b6d782fa1022473d25391faf1d8169873d
1 <?php
2 /**
3 * Implements the User class for the %MediaWiki software.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 /**
24 * Int Number of characters in user_token field.
25 * @ingroup Constants
26 */
27 define( 'USER_TOKEN_LENGTH', 32 );
28
29 /**
30 * Int Serialized record version.
31 * @ingroup Constants
32 */
33 define( 'MW_USER_VERSION', 8 );
34
35 /**
36 * String Some punctuation to prevent editing from broken text-mangling proxies.
37 * @ingroup Constants
38 */
39 define( 'EDIT_TOKEN_SUFFIX', '+\\' );
40
41 /**
42 * Thrown by User::setPassword() on error.
43 * @ingroup Exception
44 */
45 class PasswordError extends MWException {
46 // NOP
47 }
48
49 /**
50 * The User object encapsulates all of the user-specific settings (user_id,
51 * name, rights, password, email address, options, last login time). Client
52 * classes use the getXXX() functions to access these fields. These functions
53 * do all the work of determining whether the user is logged in,
54 * whether the requested option can be satisfied from cookies or
55 * whether a database query is needed. Most of the settings needed
56 * for rendering normal pages are set in the cookie to minimize use
57 * of the database.
58 */
59 class User {
60 /**
61 * Global constants made accessible as class constants so that autoloader
62 * magic can be used.
63 */
64 const USER_TOKEN_LENGTH = USER_TOKEN_LENGTH;
65 const MW_USER_VERSION = MW_USER_VERSION;
66 const EDIT_TOKEN_SUFFIX = EDIT_TOKEN_SUFFIX;
67
68 /**
69 * Array of Strings List of member variables which are saved to the
70 * shared cache (memcached). Any operation which changes the
71 * corresponding database fields must call a cache-clearing function.
72 * @showinitializer
73 */
74 static $mCacheVars = array(
75 // user table
76 'mId',
77 'mName',
78 'mRealName',
79 'mPassword',
80 'mNewpassword',
81 'mNewpassTime',
82 'mEmail',
83 'mTouched',
84 'mToken',
85 'mEmailAuthenticated',
86 'mEmailToken',
87 'mEmailTokenExpires',
88 'mRegistration',
89 'mEditCount',
90 // user_groups table
91 'mGroups',
92 // user_properties table
93 'mOptionOverrides',
94 );
95
96 /**
97 * Array of Strings Core rights.
98 * Each of these should have a corresponding message of the form
99 * "right-$right".
100 * @showinitializer
101 */
102 static $mCoreRights = array(
103 'apihighlimits',
104 'autoconfirmed',
105 'autopatrol',
106 'bigdelete',
107 'block',
108 'blockemail',
109 'bot',
110 'browsearchive',
111 'createaccount',
112 'createpage',
113 'createtalk',
114 'delete',
115 'deletedhistory',
116 'deletedtext',
117 'deleterevision',
118 'edit',
119 'editinterface',
120 'editusercssjs', #deprecated
121 'editusercss',
122 'edituserjs',
123 'hideuser',
124 'import',
125 'importupload',
126 'ipblock-exempt',
127 'markbotedits',
128 'mergehistory',
129 'minoredit',
130 'move',
131 'movefile',
132 'move-rootuserpages',
133 'move-subpages',
134 'nominornewtalk',
135 'noratelimit',
136 'override-export-depth',
137 'patrol',
138 'protect',
139 'proxyunbannable',
140 'purge',
141 'read',
142 'reupload',
143 'reupload-shared',
144 'rollback',
145 'sendemail',
146 'siteadmin',
147 'suppressionlog',
148 'suppressredirect',
149 'suppressrevision',
150 'unblockself',
151 'undelete',
152 'unwatchedpages',
153 'upload',
154 'upload_by_url',
155 'userrights',
156 'userrights-interwiki',
157 'writeapi',
158 );
159 /**
160 * String Cached results of getAllRights()
161 */
162 static $mAllRights = false;
163
164 /** @name Cache variables */
165 //@{
166 var $mId, $mName, $mRealName, $mPassword, $mNewpassword, $mNewpassTime,
167 $mEmail, $mTouched, $mToken, $mEmailAuthenticated,
168 $mEmailToken, $mEmailTokenExpires, $mRegistration, $mGroups, $mOptionOverrides,
169 $mCookiePassword, $mEditCount, $mAllowUsertalk;
170 //@}
171
172 /**
173 * Bool Whether the cache variables have been loaded.
174 */
175 //@{
176 var $mOptionsLoaded;
177
178 /**
179 * Array with already loaded items or true if all items have been loaded.
180 */
181 private $mLoadedItems = array();
182 //@}
183
184 /**
185 * String Initialization data source if mLoadedItems!==true. May be one of:
186 * - 'defaults' anonymous user initialised from class defaults
187 * - 'name' initialise from mName
188 * - 'id' initialise from mId
189 * - 'session' log in from cookies or session if possible
190 *
191 * Use the User::newFrom*() family of functions to set this.
192 */
193 var $mFrom;
194
195 /**
196 * Lazy-initialized variables, invalidated with clearInstanceCache
197 */
198 var $mNewtalk, $mDatePreference, $mBlockedby, $mHash, $mRights,
199 $mBlockreason, $mEffectiveGroups, $mImplicitGroups, $mFormerGroups, $mBlockedGlobally,
200 $mLocked, $mHideName, $mOptions, $mDisplayName;
201
202 /**
203 * @var WebRequest
204 */
205 private $mRequest;
206
207 /**
208 * @var Block
209 */
210 var $mBlock;
211
212 /**
213 * @var Block
214 */
215 private $mBlockedFromCreateAccount = false;
216
217 static $idCacheByName = array();
218
219 /**
220 * Lightweight constructor for an anonymous user.
221 * Use the User::newFrom* factory functions for other kinds of users.
222 *
223 * @see newFromName()
224 * @see newFromId()
225 * @see newFromConfirmationCode()
226 * @see newFromSession()
227 * @see newFromRow()
228 */
229 function __construct() {
230 $this->clearInstanceCache( 'defaults' );
231 }
232
233 /**
234 * @return String
235 */
236 function __toString(){
237 return $this->getName();
238 }
239
240 /**
241 * Load the user table data for this object from the source given by mFrom.
242 */
243 public function load() {
244 if ( $this->mLoadedItems === true ) {
245 return;
246 }
247 wfProfileIn( __METHOD__ );
248
249 # Set it now to avoid infinite recursion in accessors
250 $this->mLoadedItems = true;
251
252 switch ( $this->mFrom ) {
253 case 'defaults':
254 $this->loadDefaults();
255 break;
256 case 'name':
257 $this->mId = self::idFromName( $this->mName );
258 if ( !$this->mId ) {
259 # Nonexistent user placeholder object
260 $this->loadDefaults( $this->mName );
261 } else {
262 $this->loadFromId();
263 }
264 break;
265 case 'id':
266 $this->loadFromId();
267 break;
268 case 'session':
269 $this->loadFromSession();
270 wfRunHooks( 'UserLoadAfterLoadFromSession', array( $this ) );
271 break;
272 default:
273 throw new MWException( "Unrecognised value for User->mFrom: \"{$this->mFrom}\"" );
274 }
275 wfProfileOut( __METHOD__ );
276 }
277
278 /**
279 * Load user table data, given mId has already been set.
280 * @return Bool false if the ID does not exist, true otherwise
281 */
282 public function loadFromId() {
283 global $wgMemc;
284 if ( $this->mId == 0 ) {
285 $this->loadDefaults();
286 return false;
287 }
288
289 # Try cache
290 $key = wfMemcKey( 'user', 'id', $this->mId );
291 $data = $wgMemc->get( $key );
292 if ( !is_array( $data ) || $data['mVersion'] < MW_USER_VERSION ) {
293 # Object is expired, load from DB
294 $data = false;
295 }
296
297 if ( !$data ) {
298 wfDebug( "User: cache miss for user {$this->mId}\n" );
299 # Load from DB
300 if ( !$this->loadFromDatabase() ) {
301 # Can't load from ID, user is anonymous
302 return false;
303 }
304 $this->saveToCache();
305 } else {
306 wfDebug( "User: got user {$this->mId} from cache\n" );
307 # Restore from cache
308 foreach ( self::$mCacheVars as $name ) {
309 $this->$name = $data[$name];
310 }
311 }
312 return true;
313 }
314
315 /**
316 * Save user data to the shared cache
317 */
318 public function saveToCache() {
319 $this->load();
320 $this->loadGroups();
321 $this->loadOptions();
322 if ( $this->isAnon() ) {
323 // Anonymous users are uncached
324 return;
325 }
326 $data = array();
327 foreach ( self::$mCacheVars as $name ) {
328 $data[$name] = $this->$name;
329 }
330 $data['mVersion'] = MW_USER_VERSION;
331 $key = wfMemcKey( 'user', 'id', $this->mId );
332 global $wgMemc;
333 $wgMemc->set( $key, $data );
334 }
335
336 /** @name newFrom*() static factory methods */
337 //@{
338
339 /**
340 * Static factory method for creation from username.
341 *
342 * This is slightly less efficient than newFromId(), so use newFromId() if
343 * you have both an ID and a name handy.
344 *
345 * @param $name String Username, validated by Title::newFromText()
346 * @param $validate String|Bool Validate username. Takes the same parameters as
347 * User::getCanonicalName(), except that true is accepted as an alias
348 * for 'valid', for BC.
349 *
350 * @return User object, or false if the username is invalid
351 * (e.g. if it contains illegal characters or is an IP address). If the
352 * username is not present in the database, the result will be a user object
353 * with a name, zero user ID and default settings.
354 */
355 public static function newFromName( $name, $validate = 'valid' ) {
356 if ( $validate === true ) {
357 $validate = 'valid';
358 }
359 $name = self::getCanonicalName( $name, $validate );
360 if ( $name === false ) {
361 return false;
362 } else {
363 # Create unloaded user object
364 $u = new User;
365 $u->mName = $name;
366 $u->mFrom = 'name';
367 $u->setItemLoaded( 'name' );
368 return $u;
369 }
370 }
371
372 /**
373 * Static factory method for creation from a given user ID.
374 *
375 * @param $id Int Valid user ID
376 * @return User The corresponding User object
377 */
378 public static function newFromId( $id ) {
379 $u = new User;
380 $u->mId = $id;
381 $u->mFrom = 'id';
382 $u->setItemLoaded( 'id' );
383 return $u;
384 }
385
386 /**
387 * Factory method to fetch whichever user has a given email confirmation code.
388 * This code is generated when an account is created or its e-mail address
389 * has changed.
390 *
391 * If the code is invalid or has expired, returns NULL.
392 *
393 * @param $code String Confirmation code
394 * @return User object, or null
395 */
396 public static function newFromConfirmationCode( $code ) {
397 $dbr = wfGetDB( DB_SLAVE );
398 $id = $dbr->selectField( 'user', 'user_id', array(
399 'user_email_token' => md5( $code ),
400 'user_email_token_expires > ' . $dbr->addQuotes( $dbr->timestamp() ),
401 ) );
402 if( $id !== false ) {
403 return User::newFromId( $id );
404 } else {
405 return null;
406 }
407 }
408
409 /**
410 * Create a new user object using data from session or cookies. If the
411 * login credentials are invalid, the result is an anonymous user.
412 *
413 * @param $request WebRequest object to use; $wgRequest will be used if
414 * ommited.
415 * @return User object
416 */
417 public static function newFromSession( WebRequest $request = null ) {
418 $user = new User;
419 $user->mFrom = 'session';
420 $user->mRequest = $request;
421 return $user;
422 }
423
424 /**
425 * Create a new user object from a user row.
426 * The row should have the following fields from the user table in it:
427 * - either user_name or user_id to load further data if needed (or both)
428 * - user_real_name
429 * - all other fields (email, password, etc.)
430 * It is useless to provide the remaining fields if either user_id,
431 * user_name and user_real_name are not provided because the whole row
432 * will be loaded once more from the database when accessing them.
433 *
434 * @param $row Array A row from the user table
435 * @return User
436 */
437 public static function newFromRow( $row ) {
438 $user = new User;
439 $user->loadFromRow( $row );
440 return $user;
441 }
442
443 //@}
444
445 /**
446 * Get the username corresponding to a given user ID
447 * @param $id Int User ID
448 * @return String|false The corresponding username
449 */
450 public static function whoIs( $id ) {
451 $dbr = wfGetDB( DB_SLAVE );
452 return $dbr->selectField( 'user', 'user_name', array( 'user_id' => $id ), __METHOD__ );
453 }
454
455 /**
456 * Get the real name of a user given their user ID
457 *
458 * @param $id Int User ID
459 * @return String|false The corresponding user's real name
460 */
461 public static function whoIsReal( $id ) {
462 $dbr = wfGetDB( DB_SLAVE );
463 return $dbr->selectField( 'user', 'user_real_name', array( 'user_id' => $id ), __METHOD__ );
464 }
465
466 /**
467 * Get database id given a user name
468 * @param $name String Username
469 * @return Int|Null The corresponding user's ID, or null if user is nonexistent
470 */
471 public static function idFromName( $name ) {
472 $nt = Title::makeTitleSafe( NS_USER, $name );
473 if( is_null( $nt ) ) {
474 # Illegal name
475 return null;
476 }
477
478 if ( isset( self::$idCacheByName[$name] ) ) {
479 return self::$idCacheByName[$name];
480 }
481
482 $dbr = wfGetDB( DB_SLAVE );
483 $s = $dbr->selectRow( 'user', array( 'user_id' ), array( 'user_name' => $nt->getText() ), __METHOD__ );
484
485 if ( $s === false ) {
486 $result = null;
487 } else {
488 $result = $s->user_id;
489 }
490
491 self::$idCacheByName[$name] = $result;
492
493 if ( count( self::$idCacheByName ) > 1000 ) {
494 self::$idCacheByName = array();
495 }
496
497 return $result;
498 }
499
500 /**
501 * Reset the cache used in idFromName(). For use in tests.
502 */
503 public static function resetIdByNameCache() {
504 self::$idCacheByName = array();
505 }
506
507 /**
508 * Does the string match an anonymous IPv4 address?
509 *
510 * This function exists for username validation, in order to reject
511 * usernames which are similar in form to IP addresses. Strings such
512 * as 300.300.300.300 will return true because it looks like an IP
513 * address, despite not being strictly valid.
514 *
515 * We match \d{1,3}\.\d{1,3}\.\d{1,3}\.xxx as an anonymous IP
516 * address because the usemod software would "cloak" anonymous IP
517 * addresses like this, if we allowed accounts like this to be created
518 * new users could get the old edits of these anonymous users.
519 *
520 * @param $name String to match
521 * @return Bool
522 */
523 public static function isIP( $name ) {
524 return preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/',$name) || IP::isIPv6($name);
525 }
526
527 /**
528 * Is the input a valid username?
529 *
530 * Checks if the input is a valid username, we don't want an empty string,
531 * an IP address, anything that containins slashes (would mess up subpages),
532 * is longer than the maximum allowed username size or doesn't begin with
533 * a capital letter.
534 *
535 * @param $name String to match
536 * @return Bool
537 */
538 public static function isValidUserName( $name ) {
539 global $wgContLang, $wgMaxNameChars;
540
541 if ( $name == ''
542 || User::isIP( $name )
543 || strpos( $name, '/' ) !== false
544 || strlen( $name ) > $wgMaxNameChars
545 || $name != $wgContLang->ucfirst( $name ) ) {
546 wfDebugLog( 'username', __METHOD__ .
547 ": '$name' invalid due to empty, IP, slash, length, or lowercase" );
548 return false;
549 }
550
551
552 // Ensure that the name can't be misresolved as a different title,
553 // such as with extra namespace keys at the start.
554 $parsed = Title::newFromText( $name );
555 if( is_null( $parsed )
556 || $parsed->getNamespace()
557 || strcmp( $name, $parsed->getPrefixedText() ) ) {
558 wfDebugLog( 'username', __METHOD__ .
559 ": '$name' invalid due to ambiguous prefixes" );
560 return false;
561 }
562
563 // Check an additional blacklist of troublemaker characters.
564 // Should these be merged into the title char list?
565 $unicodeBlacklist = '/[' .
566 '\x{0080}-\x{009f}' . # iso-8859-1 control chars
567 '\x{00a0}' . # non-breaking space
568 '\x{2000}-\x{200f}' . # various whitespace
569 '\x{2028}-\x{202f}' . # breaks and control chars
570 '\x{3000}' . # ideographic space
571 '\x{e000}-\x{f8ff}' . # private use
572 ']/u';
573 if( preg_match( $unicodeBlacklist, $name ) ) {
574 wfDebugLog( 'username', __METHOD__ .
575 ": '$name' invalid due to blacklisted characters" );
576 return false;
577 }
578
579 return true;
580 }
581
582 /**
583 * Usernames which fail to pass this function will be blocked
584 * from user login and new account registrations, but may be used
585 * internally by batch processes.
586 *
587 * If an account already exists in this form, login will be blocked
588 * by a failure to pass this function.
589 *
590 * @param $name String to match
591 * @return Bool
592 */
593 public static function isUsableName( $name ) {
594 global $wgReservedUsernames;
595 // Must be a valid username, obviously ;)
596 if ( !self::isValidUserName( $name ) ) {
597 return false;
598 }
599
600 static $reservedUsernames = false;
601 if ( !$reservedUsernames ) {
602 $reservedUsernames = $wgReservedUsernames;
603 wfRunHooks( 'UserGetReservedNames', array( &$reservedUsernames ) );
604 }
605
606 // Certain names may be reserved for batch processes.
607 foreach ( $reservedUsernames as $reserved ) {
608 if ( substr( $reserved, 0, 4 ) == 'msg:' ) {
609 $reserved = wfMsgForContent( substr( $reserved, 4 ) );
610 }
611 if ( $reserved == $name ) {
612 return false;
613 }
614 }
615 return true;
616 }
617
618 /**
619 * Usernames which fail to pass this function will be blocked
620 * from new account registrations, but may be used internally
621 * either by batch processes or by user accounts which have
622 * already been created.
623 *
624 * Additional blacklisting may be added here rather than in
625 * isValidUserName() to avoid disrupting existing accounts.
626 *
627 * @param $name String to match
628 * @return Bool
629 */
630 public static function isCreatableName( $name ) {
631 global $wgInvalidUsernameCharacters;
632
633 // Ensure that the username isn't longer than 235 bytes, so that
634 // (at least for the builtin skins) user javascript and css files
635 // will work. (bug 23080)
636 if( strlen( $name ) > 235 ) {
637 wfDebugLog( 'username', __METHOD__ .
638 ": '$name' invalid due to length" );
639 return false;
640 }
641
642 // Preg yells if you try to give it an empty string
643 if( $wgInvalidUsernameCharacters !== '' ) {
644 if( preg_match( '/[' . preg_quote( $wgInvalidUsernameCharacters, '/' ) . ']/', $name ) ) {
645 wfDebugLog( 'username', __METHOD__ .
646 ": '$name' invalid due to wgInvalidUsernameCharacters" );
647 return false;
648 }
649 }
650
651 return self::isUsableName( $name );
652 }
653
654 /**
655 * Is the input a valid password for this user?
656 *
657 * @param $password String Desired password
658 * @return Bool
659 */
660 public function isValidPassword( $password ) {
661 //simple boolean wrapper for getPasswordValidity
662 return $this->getPasswordValidity( $password ) === true;
663 }
664
665 /**
666 * Given unvalidated password input, return error message on failure.
667 *
668 * @param $password String Desired password
669 * @return mixed: true on success, string or array of error message on failure
670 */
671 public function getPasswordValidity( $password ) {
672 global $wgMinimalPasswordLength, $wgContLang;
673
674 static $blockedLogins = array(
675 'Useruser' => 'Passpass', 'Useruser1' => 'Passpass1', # r75589
676 'Apitestsysop' => 'testpass', 'Apitestuser' => 'testpass' # r75605
677 );
678
679 $result = false; //init $result to false for the internal checks
680
681 if( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) )
682 return $result;
683
684 if ( $result === false ) {
685 if( strlen( $password ) < $wgMinimalPasswordLength ) {
686 return 'passwordtooshort';
687 } elseif ( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
688 return 'password-name-match';
689 } elseif ( isset( $blockedLogins[ $this->getName() ] ) && $password == $blockedLogins[ $this->getName() ] ) {
690 return 'password-login-forbidden';
691 } else {
692 //it seems weird returning true here, but this is because of the
693 //initialization of $result to false above. If the hook is never run or it
694 //doesn't modify $result, then we will likely get down into this if with
695 //a valid password.
696 return true;
697 }
698 } elseif( $result === true ) {
699 return true;
700 } else {
701 return $result; //the isValidPassword hook set a string $result and returned true
702 }
703 }
704
705 /**
706 * Does a string look like an e-mail address?
707 *
708 * This validates an email address using an HTML5 specification found at:
709 * http://www.whatwg.org/specs/web-apps/current-work/multipage/states-of-the-type-attribute.html#valid-e-mail-address
710 * Which as of 2011-01-24 says:
711 *
712 * A valid e-mail address is a string that matches the ABNF production
713 * 1*( atext / "." ) "@" ldh-str *( "." ldh-str ) where atext is defined
714 * in RFC 5322 section 3.2.3, and ldh-str is defined in RFC 1034 section
715 * 3.5.
716 *
717 * This function is an implementation of the specification as requested in
718 * bug 22449.
719 *
720 * Client-side forms will use the same standard validation rules via JS or
721 * HTML 5 validation; additional restrictions can be enforced server-side
722 * by extensions via the 'isValidEmailAddr' hook.
723 *
724 * Note that this validation doesn't 100% match RFC 2822, but is believed
725 * to be liberal enough for wide use. Some invalid addresses will still
726 * pass validation here.
727 *
728 * @param $addr String E-mail address
729 * @return Bool
730 * @deprecated since 1.18 call Sanitizer::isValidEmail() directly
731 */
732 public static function isValidEmailAddr( $addr ) {
733 wfDeprecated( __METHOD__, '1.18' );
734 return Sanitizer::validateEmail( $addr );
735 }
736
737 /**
738 * Given unvalidated user input, return a canonical username, or false if
739 * the username is invalid.
740 * @param $name String User input
741 * @param $validate String|Bool type of validation to use:
742 * - false No validation
743 * - 'valid' Valid for batch processes
744 * - 'usable' Valid for batch processes and login
745 * - 'creatable' Valid for batch processes, login and account creation
746 *
747 * @return bool|string
748 */
749 public static function getCanonicalName( $name, $validate = 'valid' ) {
750 # Force usernames to capital
751 global $wgContLang;
752 $name = $wgContLang->ucfirst( $name );
753
754 # Reject names containing '#'; these will be cleaned up
755 # with title normalisation, but then it's too late to
756 # check elsewhere
757 if( strpos( $name, '#' ) !== false )
758 return false;
759
760 # Clean up name according to title rules
761 $t = ( $validate === 'valid' ) ?
762 Title::newFromText( $name ) : Title::makeTitle( NS_USER, $name );
763 # Check for invalid titles
764 if( is_null( $t ) ) {
765 return false;
766 }
767
768 # Reject various classes of invalid names
769 global $wgAuth;
770 $name = $wgAuth->getCanonicalName( $t->getText() );
771
772 switch ( $validate ) {
773 case false:
774 break;
775 case 'valid':
776 if ( !User::isValidUserName( $name ) ) {
777 $name = false;
778 }
779 break;
780 case 'usable':
781 if ( !User::isUsableName( $name ) ) {
782 $name = false;
783 }
784 break;
785 case 'creatable':
786 if ( !User::isCreatableName( $name ) ) {
787 $name = false;
788 }
789 break;
790 default:
791 throw new MWException( 'Invalid parameter value for $validate in ' . __METHOD__ );
792 }
793 return $name;
794 }
795
796 /**
797 * Count the number of edits of a user
798 * @todo It should not be static and some day should be merged as proper member function / deprecated -- domas
799 *
800 * @param $uid Int User ID to check
801 * @return Int the user's edit count
802 */
803 public static function edits( $uid ) {
804 wfProfileIn( __METHOD__ );
805 $dbr = wfGetDB( DB_SLAVE );
806 // check if the user_editcount field has been initialized
807 $field = $dbr->selectField(
808 'user', 'user_editcount',
809 array( 'user_id' => $uid ),
810 __METHOD__
811 );
812
813 if( $field === null ) { // it has not been initialized. do so.
814 $dbw = wfGetDB( DB_MASTER );
815 $count = $dbr->selectField(
816 'revision', 'count(*)',
817 array( 'rev_user' => $uid ),
818 __METHOD__
819 );
820 $dbw->update(
821 'user',
822 array( 'user_editcount' => $count ),
823 array( 'user_id' => $uid ),
824 __METHOD__
825 );
826 } else {
827 $count = $field;
828 }
829 wfProfileOut( __METHOD__ );
830 return $count;
831 }
832
833 /**
834 * Return a random password. Sourced from mt_rand, so it's not particularly secure.
835 * @todo hash random numbers to improve security, like generateToken()
836 *
837 * @return String new random password
838 */
839 public static function randomPassword() {
840 global $wgMinimalPasswordLength;
841 $pwchars = 'ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz';
842 $l = strlen( $pwchars ) - 1;
843
844 $pwlength = max( 7, $wgMinimalPasswordLength );
845 $digit = mt_rand( 0, $pwlength - 1 );
846 $np = '';
847 for ( $i = 0; $i < $pwlength; $i++ ) {
848 $np .= $i == $digit ? chr( mt_rand( 48, 57 ) ) : $pwchars[ mt_rand( 0, $l ) ];
849 }
850 return $np;
851 }
852
853 /**
854 * Set cached properties to default.
855 *
856 * @note This no longer clears uncached lazy-initialised properties;
857 * the constructor does that instead.
858 *
859 * @param $name string
860 */
861 public function loadDefaults( $name = false ) {
862 wfProfileIn( __METHOD__ );
863
864 $this->mId = 0;
865 $this->mName = $name;
866 $this->mRealName = '';
867 $this->mPassword = $this->mNewpassword = '';
868 $this->mNewpassTime = null;
869 $this->mEmail = '';
870 $this->mOptionOverrides = null;
871 $this->mOptionsLoaded = false;
872
873 $loggedOut = $this->getRequest()->getCookie( 'LoggedOut' );
874 if( $loggedOut !== null ) {
875 $this->mTouched = wfTimestamp( TS_MW, $loggedOut );
876 } else {
877 $this->mTouched = '0'; # Allow any pages to be cached
878 }
879
880 $this->setToken(); # Random
881 $this->mEmailAuthenticated = null;
882 $this->mEmailToken = '';
883 $this->mEmailTokenExpires = null;
884 $this->mRegistration = wfTimestamp( TS_MW );
885 $this->mGroups = array();
886
887 wfRunHooks( 'UserLoadDefaults', array( $this, $name ) );
888
889 wfProfileOut( __METHOD__ );
890 }
891
892 /**
893 * Return whether an item has been loaded.
894 *
895 * @param $item String: item to check. Current possibilities:
896 * - id
897 * - name
898 * - realname
899 * @param $all String: 'all' to check if the whole object has been loaded
900 * or any other string to check if only the item is available (e.g.
901 * for optimisation)
902 * @return Boolean
903 */
904 public function isItemLoaded( $item, $all = 'all' ) {
905 return ( $this->mLoadedItems === true && $all === 'all' ) ||
906 ( isset( $this->mLoadedItems[$item] ) && $this->mLoadedItems[$item] === true );
907 }
908
909 /**
910 * Set that an item has been loaded
911 *
912 * @param $item String
913 */
914 private function setItemLoaded( $item ) {
915 if ( is_array( $this->mLoadedItems ) ) {
916 $this->mLoadedItems[$item] = true;
917 }
918 }
919
920 /**
921 * Load user data from the session or login cookie. If there are no valid
922 * credentials, initialises the user as an anonymous user.
923 * @return Bool True if the user is logged in, false otherwise.
924 */
925 private function loadFromSession() {
926 global $wgExternalAuthType, $wgAutocreatePolicy;
927
928 $result = null;
929 wfRunHooks( 'UserLoadFromSession', array( $this, &$result ) );
930 if ( $result !== null ) {
931 return $result;
932 }
933
934 if ( $wgExternalAuthType && $wgAutocreatePolicy == 'view' ) {
935 $extUser = ExternalUser::newFromCookie();
936 if ( $extUser ) {
937 # TODO: Automatically create the user here (or probably a bit
938 # lower down, in fact)
939 }
940 }
941
942 $request = $this->getRequest();
943
944 $cookieId = $request->getCookie( 'UserID' );
945 $sessId = $request->getSessionData( 'wsUserID' );
946
947 if ( $cookieId !== null ) {
948 $sId = intval( $cookieId );
949 if( $sessId !== null && $cookieId != $sessId ) {
950 $this->loadDefaults(); // Possible collision!
951 wfDebugLog( 'loginSessions', "Session user ID ($sessId) and
952 cookie user ID ($sId) don't match!" );
953 return false;
954 }
955 $request->setSessionData( 'wsUserID', $sId );
956 } elseif ( $sessId !== null && $sessId != 0 ) {
957 $sId = $sessId;
958 } else {
959 $this->loadDefaults();
960 return false;
961 }
962
963 if ( $request->getSessionData( 'wsUserName' ) !== null ) {
964 $sName = $request->getSessionData( 'wsUserName' );
965 } elseif ( $request->getCookie( 'UserName' ) !== null ) {
966 $sName = $request->getCookie( 'UserName' );
967 $request->setSessionData( 'wsUserName', $sName );
968 } else {
969 $this->loadDefaults();
970 return false;
971 }
972
973 $proposedUser = User::newFromId( $sId );
974 if ( !$proposedUser->isLoggedIn() ) {
975 # Not a valid ID
976 $this->loadDefaults();
977 return false;
978 }
979
980 global $wgBlockDisablesLogin;
981 if( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
982 # User blocked and we've disabled blocked user logins
983 $this->loadDefaults();
984 return false;
985 }
986
987 if ( $request->getSessionData( 'wsToken' ) !== null ) {
988 $passwordCorrect = $proposedUser->getToken() === $request->getSessionData( 'wsToken' );
989 $from = 'session';
990 } elseif ( $request->getCookie( 'Token' ) !== null ) {
991 $passwordCorrect = $proposedUser->getToken() === $request->getCookie( 'Token' );
992 $from = 'cookie';
993 } else {
994 # No session or persistent login cookie
995 $this->loadDefaults();
996 return false;
997 }
998
999 if ( ( $sName === $proposedUser->getName() ) && $passwordCorrect ) {
1000 $this->loadFromUserObject( $proposedUser );
1001 $request->setSessionData( 'wsToken', $this->mToken );
1002 wfDebug( "User: logged in from $from\n" );
1003 return true;
1004 } else {
1005 # Invalid credentials
1006 wfDebug( "User: can't log in from $from, invalid credentials\n" );
1007 $this->loadDefaults();
1008 return false;
1009 }
1010 }
1011
1012 /**
1013 * Load user and user_group data from the database.
1014 * $this->mId must be set, this is how the user is identified.
1015 *
1016 * @return Bool True if the user exists, false if the user is anonymous
1017 */
1018 public function loadFromDatabase() {
1019 # Paranoia
1020 $this->mId = intval( $this->mId );
1021
1022 /** Anonymous user */
1023 if( !$this->mId ) {
1024 $this->loadDefaults();
1025 return false;
1026 }
1027
1028 $dbr = wfGetDB( DB_MASTER );
1029 $s = $dbr->selectRow( 'user', '*', array( 'user_id' => $this->mId ), __METHOD__ );
1030
1031 wfRunHooks( 'UserLoadFromDatabase', array( $this, &$s ) );
1032
1033 if ( $s !== false ) {
1034 # Initialise user table data
1035 $this->loadFromRow( $s );
1036 $this->mGroups = null; // deferred
1037 $this->getEditCount(); // revalidation for nulls
1038 return true;
1039 } else {
1040 # Invalid user_id
1041 $this->mId = 0;
1042 $this->loadDefaults();
1043 return false;
1044 }
1045 }
1046
1047 /**
1048 * Initialize this object from a row from the user table.
1049 *
1050 * @param $row Array Row from the user table to load.
1051 */
1052 public function loadFromRow( $row ) {
1053 $all = true;
1054
1055 $this->mGroups = null; // deferred
1056
1057 if ( isset( $row->user_name ) ) {
1058 $this->mName = $row->user_name;
1059 $this->mFrom = 'name';
1060 $this->setItemLoaded( 'name' );
1061 } else {
1062 $all = false;
1063 }
1064
1065 if ( isset( $row->user_real_name ) ) {
1066 $this->mRealName = $row->user_real_name;
1067 $this->setItemLoaded( 'realname' );
1068 } else {
1069 $all = false;
1070 }
1071
1072 if ( isset( $row->user_id ) ) {
1073 $this->mId = intval( $row->user_id );
1074 $this->mFrom = 'id';
1075 $this->setItemLoaded( 'id' );
1076 } else {
1077 $all = false;
1078 }
1079
1080 if ( isset( $row->user_editcount ) ) {
1081 $this->mEditCount = $row->user_editcount;
1082 } else {
1083 $all = false;
1084 }
1085
1086 if ( isset( $row->user_password ) ) {
1087 $this->mPassword = $row->user_password;
1088 $this->mNewpassword = $row->user_newpassword;
1089 $this->mNewpassTime = wfTimestampOrNull( TS_MW, $row->user_newpass_time );
1090 $this->mEmail = $row->user_email;
1091 if ( isset( $row->user_options ) ) {
1092 $this->decodeOptions( $row->user_options );
1093 }
1094 $this->mTouched = wfTimestamp( TS_MW, $row->user_touched );
1095 $this->mToken = $row->user_token;
1096 $this->mEmailAuthenticated = wfTimestampOrNull( TS_MW, $row->user_email_authenticated );
1097 $this->mEmailToken = $row->user_email_token;
1098 $this->mEmailTokenExpires = wfTimestampOrNull( TS_MW, $row->user_email_token_expires );
1099 $this->mRegistration = wfTimestampOrNull( TS_MW, $row->user_registration );
1100 } else {
1101 $all = false;
1102 }
1103
1104 if ( $all ) {
1105 $this->mLoadedItems = true;
1106 }
1107 }
1108
1109 /**
1110 * Load the data for this user object from another user object.
1111 *
1112 * @param $user User
1113 */
1114 protected function loadFromUserObject( $user ) {
1115 $user->load();
1116 $user->loadGroups();
1117 $user->loadOptions();
1118 foreach ( self::$mCacheVars as $var ) {
1119 $this->$var = $user->$var;
1120 }
1121 }
1122
1123 /**
1124 * Load the groups from the database if they aren't already loaded.
1125 */
1126 private function loadGroups() {
1127 if ( is_null( $this->mGroups ) ) {
1128 $dbr = wfGetDB( DB_MASTER );
1129 $res = $dbr->select( 'user_groups',
1130 array( 'ug_group' ),
1131 array( 'ug_user' => $this->mId ),
1132 __METHOD__ );
1133 $this->mGroups = array();
1134 foreach ( $res as $row ) {
1135 $this->mGroups[] = $row->ug_group;
1136 }
1137 }
1138 }
1139
1140 /**
1141 * Add the user to the group if he/she meets given criteria.
1142 *
1143 * Contrary to autopromotion by \ref $wgAutopromote, the group will be
1144 * possible to remove manually via Special:UserRights. In such case it
1145 * will not be re-added automatically. The user will also not lose the
1146 * group if they no longer meet the criteria.
1147 *
1148 * @param $event String key in $wgAutopromoteOnce (each one has groups/criteria)
1149 *
1150 * @return array Array of groups the user has been promoted to.
1151 *
1152 * @see $wgAutopromoteOnce
1153 */
1154 public function addAutopromoteOnceGroups( $event ) {
1155 global $wgAutopromoteOnceLogInRC;
1156
1157 $toPromote = array();
1158 if ( $this->getId() ) {
1159 $toPromote = Autopromote::getAutopromoteOnceGroups( $this, $event );
1160 if ( count( $toPromote ) ) {
1161 $oldGroups = $this->getGroups(); // previous groups
1162 foreach ( $toPromote as $group ) {
1163 $this->addGroup( $group );
1164 }
1165 $newGroups = array_merge( $oldGroups, $toPromote ); // all groups
1166
1167 $log = new LogPage( 'rights', $wgAutopromoteOnceLogInRC /* in RC? */ );
1168 $log->addEntry( 'autopromote',
1169 $this->getUserPage(),
1170 '', // no comment
1171 // These group names are "list to texted"-ed in class LogPage.
1172 array( implode( ', ', $oldGroups ), implode( ', ', $newGroups ) )
1173 );
1174 }
1175 }
1176 return $toPromote;
1177 }
1178
1179 /**
1180 * Clear various cached data stored in this object.
1181 * @param $reloadFrom bool|String Reload user and user_groups table data from a
1182 * given source. May be "name", "id", "defaults", "session", or false for
1183 * no reload.
1184 */
1185 public function clearInstanceCache( $reloadFrom = false ) {
1186 $this->mNewtalk = -1;
1187 $this->mDatePreference = null;
1188 $this->mBlockedby = -1; # Unset
1189 $this->mHash = false;
1190 $this->mRights = null;
1191 $this->mEffectiveGroups = null;
1192 $this->mImplicitGroups = null;
1193 $this->mOptions = null;
1194 $this->mDisplayName = null;
1195
1196 if ( $reloadFrom ) {
1197 $this->mLoadedItems = array();
1198 $this->mFrom = $reloadFrom;
1199 }
1200 }
1201
1202 /**
1203 * Combine the language default options with any site-specific options
1204 * and add the default language variants.
1205 *
1206 * @return Array of String options
1207 */
1208 public static function getDefaultOptions() {
1209 global $wgNamespacesToBeSearchedDefault, $wgDefaultUserOptions, $wgContLang, $wgDefaultSkin;
1210
1211 $defOpt = $wgDefaultUserOptions;
1212 # default language setting
1213 $variant = $wgContLang->getDefaultVariant();
1214 $defOpt['variant'] = $variant;
1215 $defOpt['language'] = $variant;
1216 foreach( SearchEngine::searchableNamespaces() as $nsnum => $nsname ) {
1217 $defOpt['searchNs'.$nsnum] = !empty( $wgNamespacesToBeSearchedDefault[$nsnum] );
1218 }
1219 $defOpt['skin'] = $wgDefaultSkin;
1220
1221 // FIXME: Ideally we'd cache the results of this function so the hook is only run once,
1222 // but that breaks the parser tests because they rely on being able to change $wgContLang
1223 // mid-request and see that change reflected in the return value of this function.
1224 // Which is insane and would never happen during normal MW operation, but is also not
1225 // likely to get fixed unless and until we context-ify everything.
1226 // See also https://www.mediawiki.org/wiki/Special:Code/MediaWiki/101488#c25275
1227 wfRunHooks( 'UserGetDefaultOptions', array( &$defOpt ) );
1228
1229 return $defOpt;
1230 }
1231
1232 /**
1233 * Get a given default option value.
1234 *
1235 * @param $opt String Name of option to retrieve
1236 * @return String Default option value
1237 */
1238 public static function getDefaultOption( $opt ) {
1239 $defOpts = self::getDefaultOptions();
1240 if( isset( $defOpts[$opt] ) ) {
1241 return $defOpts[$opt];
1242 } else {
1243 return null;
1244 }
1245 }
1246
1247
1248 /**
1249 * Get blocking information
1250 * @param $bFromSlave Bool Whether to check the slave database first. To
1251 * improve performance, non-critical checks are done
1252 * against slaves. Check when actually saving should be
1253 * done against master.
1254 */
1255 private function getBlockedStatus( $bFromSlave = true ) {
1256 global $wgProxyWhitelist, $wgUser;
1257
1258 if ( -1 != $this->mBlockedby ) {
1259 return;
1260 }
1261
1262 wfProfileIn( __METHOD__ );
1263 wfDebug( __METHOD__.": checking...\n" );
1264
1265 // Initialize data...
1266 // Otherwise something ends up stomping on $this->mBlockedby when
1267 // things get lazy-loaded later, causing false positive block hits
1268 // due to -1 !== 0. Probably session-related... Nothing should be
1269 // overwriting mBlockedby, surely?
1270 $this->load();
1271
1272 $this->mBlockedby = 0;
1273 $this->mHideName = 0;
1274 $this->mAllowUsertalk = 0;
1275
1276 # We only need to worry about passing the IP address to the Block generator if the
1277 # user is not immune to autoblocks/hardblocks, and they are the current user so we
1278 # know which IP address they're actually coming from
1279 if ( !$this->isAllowed( 'ipblock-exempt' ) && $this->getID() == $wgUser->getID() ) {
1280 $ip = $this->getRequest()->getIP();
1281 } else {
1282 $ip = null;
1283 }
1284
1285 # User/IP blocking
1286 $this->mBlock = Block::newFromTarget( $this->getName(), $ip, !$bFromSlave );
1287 if ( $this->mBlock instanceof Block ) {
1288 wfDebug( __METHOD__ . ": Found block.\n" );
1289 $this->mBlockedby = $this->mBlock->getByName();
1290 $this->mBlockreason = $this->mBlock->mReason;
1291 $this->mHideName = $this->mBlock->mHideName;
1292 $this->mAllowUsertalk = !$this->mBlock->prevents( 'editownusertalk' );
1293 }
1294
1295 # Proxy blocking
1296 if ( $ip !== null && !$this->isAllowed( 'proxyunbannable' ) && !in_array( $ip, $wgProxyWhitelist ) ) {
1297 # Local list
1298 if ( self::isLocallyBlockedProxy( $ip ) ) {
1299 $this->mBlockedby = wfMsg( 'proxyblocker' );
1300 $this->mBlockreason = wfMsg( 'proxyblockreason' );
1301 }
1302
1303 # DNSBL
1304 if ( !$this->mBlockedby && !$this->getID() ) {
1305 if ( $this->isDnsBlacklisted( $ip ) ) {
1306 $this->mBlockedby = wfMsg( 'sorbs' );
1307 $this->mBlockreason = wfMsg( 'sorbsreason' );
1308 }
1309 }
1310 }
1311
1312 # Extensions
1313 wfRunHooks( 'GetBlockedStatus', array( &$this ) );
1314
1315 wfProfileOut( __METHOD__ );
1316 }
1317
1318 /**
1319 * Whether the given IP is in a DNS blacklist.
1320 *
1321 * @param $ip String IP to check
1322 * @param $checkWhitelist Bool: whether to check the whitelist first
1323 * @return Bool True if blacklisted.
1324 */
1325 public function isDnsBlacklisted( $ip, $checkWhitelist = false ) {
1326 global $wgEnableSorbs, $wgEnableDnsBlacklist,
1327 $wgSorbsUrl, $wgDnsBlacklistUrls, $wgProxyWhitelist;
1328
1329 if ( !$wgEnableDnsBlacklist && !$wgEnableSorbs )
1330 return false;
1331
1332 if ( $checkWhitelist && in_array( $ip, $wgProxyWhitelist ) )
1333 return false;
1334
1335 $urls = array_merge( $wgDnsBlacklistUrls, (array)$wgSorbsUrl );
1336 return $this->inDnsBlacklist( $ip, $urls );
1337 }
1338
1339 /**
1340 * Whether the given IP is in a given DNS blacklist.
1341 *
1342 * @param $ip String IP to check
1343 * @param $bases String|Array of Strings: URL of the DNS blacklist
1344 * @return Bool True if blacklisted.
1345 */
1346 public function inDnsBlacklist( $ip, $bases ) {
1347 wfProfileIn( __METHOD__ );
1348
1349 $found = false;
1350 // @todo FIXME: IPv6 ??? (http://bugs.php.net/bug.php?id=33170)
1351 if( IP::isIPv4( $ip ) ) {
1352 # Reverse IP, bug 21255
1353 $ipReversed = implode( '.', array_reverse( explode( '.', $ip ) ) );
1354
1355 foreach( (array)$bases as $base ) {
1356 # Make hostname
1357 # If we have an access key, use that too (ProjectHoneypot, etc.)
1358 if( is_array( $base ) ) {
1359 if( count( $base ) >= 2 ) {
1360 # Access key is 1, base URL is 0
1361 $host = "{$base[1]}.$ipReversed.{$base[0]}";
1362 } else {
1363 $host = "$ipReversed.{$base[0]}";
1364 }
1365 } else {
1366 $host = "$ipReversed.$base";
1367 }
1368
1369 # Send query
1370 $ipList = gethostbynamel( $host );
1371
1372 if( $ipList ) {
1373 wfDebug( "Hostname $host is {$ipList[0]}, it's a proxy says $base!\n" );
1374 $found = true;
1375 break;
1376 } else {
1377 wfDebug( "Requested $host, not found in $base.\n" );
1378 }
1379 }
1380 }
1381
1382 wfProfileOut( __METHOD__ );
1383 return $found;
1384 }
1385
1386 /**
1387 * Check if an IP address is in the local proxy list
1388 *
1389 * @param $ip string
1390 *
1391 * @return bool
1392 */
1393 public static function isLocallyBlockedProxy( $ip ) {
1394 global $wgProxyList;
1395
1396 if ( !$wgProxyList ) {
1397 return false;
1398 }
1399 wfProfileIn( __METHOD__ );
1400
1401 if ( !is_array( $wgProxyList ) ) {
1402 # Load from the specified file
1403 $wgProxyList = array_map( 'trim', file( $wgProxyList ) );
1404 }
1405
1406 if ( !is_array( $wgProxyList ) ) {
1407 $ret = false;
1408 } elseif ( array_search( $ip, $wgProxyList ) !== false ) {
1409 $ret = true;
1410 } elseif ( array_key_exists( $ip, $wgProxyList ) ) {
1411 # Old-style flipped proxy list
1412 $ret = true;
1413 } else {
1414 $ret = false;
1415 }
1416 wfProfileOut( __METHOD__ );
1417 return $ret;
1418 }
1419
1420 /**
1421 * Is this user subject to rate limiting?
1422 *
1423 * @return Bool True if rate limited
1424 */
1425 public function isPingLimitable() {
1426 global $wgRateLimitsExcludedIPs;
1427 if( in_array( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
1428 // No other good way currently to disable rate limits
1429 // for specific IPs. :P
1430 // But this is a crappy hack and should die.
1431 return false;
1432 }
1433 return !$this->isAllowed('noratelimit');
1434 }
1435
1436 /**
1437 * Primitive rate limits: enforce maximum actions per time period
1438 * to put a brake on flooding.
1439 *
1440 * @note When using a shared cache like memcached, IP-address
1441 * last-hit counters will be shared across wikis.
1442 *
1443 * @param $action String Action to enforce; 'edit' if unspecified
1444 * @return Bool True if a rate limiter was tripped
1445 */
1446 public function pingLimiter( $action = 'edit' ) {
1447 # Call the 'PingLimiter' hook
1448 $result = false;
1449 if( !wfRunHooks( 'PingLimiter', array( &$this, $action, $result ) ) ) {
1450 return $result;
1451 }
1452
1453 global $wgRateLimits;
1454 if( !isset( $wgRateLimits[$action] ) ) {
1455 return false;
1456 }
1457
1458 # Some groups shouldn't trigger the ping limiter, ever
1459 if( !$this->isPingLimitable() )
1460 return false;
1461
1462 global $wgMemc, $wgRateLimitLog;
1463 wfProfileIn( __METHOD__ );
1464
1465 $limits = $wgRateLimits[$action];
1466 $keys = array();
1467 $id = $this->getId();
1468 $ip = $this->getRequest()->getIP();
1469 $userLimit = false;
1470
1471 if( isset( $limits['anon'] ) && $id == 0 ) {
1472 $keys[wfMemcKey( 'limiter', $action, 'anon' )] = $limits['anon'];
1473 }
1474
1475 if( isset( $limits['user'] ) && $id != 0 ) {
1476 $userLimit = $limits['user'];
1477 }
1478 if( $this->isNewbie() ) {
1479 if( isset( $limits['newbie'] ) && $id != 0 ) {
1480 $keys[wfMemcKey( 'limiter', $action, 'user', $id )] = $limits['newbie'];
1481 }
1482 if( isset( $limits['ip'] ) ) {
1483 $keys["mediawiki:limiter:$action:ip:$ip"] = $limits['ip'];
1484 }
1485 $matches = array();
1486 if( isset( $limits['subnet'] ) && preg_match( '/^(\d+\.\d+\.\d+)\.\d+$/', $ip, $matches ) ) {
1487 $subnet = $matches[1];
1488 $keys["mediawiki:limiter:$action:subnet:$subnet"] = $limits['subnet'];
1489 }
1490 }
1491 // Check for group-specific permissions
1492 // If more than one group applies, use the group with the highest limit
1493 foreach ( $this->getGroups() as $group ) {
1494 if ( isset( $limits[$group] ) ) {
1495 if ( $userLimit === false || $limits[$group] > $userLimit ) {
1496 $userLimit = $limits[$group];
1497 }
1498 }
1499 }
1500 // Set the user limit key
1501 if ( $userLimit !== false ) {
1502 wfDebug( __METHOD__ . ": effective user limit: $userLimit\n" );
1503 $keys[ wfMemcKey( 'limiter', $action, 'user', $id ) ] = $userLimit;
1504 }
1505
1506 $triggered = false;
1507 foreach( $keys as $key => $limit ) {
1508 list( $max, $period ) = $limit;
1509 $summary = "(limit $max in {$period}s)";
1510 $count = $wgMemc->get( $key );
1511 // Already pinged?
1512 if( $count ) {
1513 if( $count > $max ) {
1514 wfDebug( __METHOD__ . ": tripped! $key at $count $summary\n" );
1515 if( $wgRateLimitLog ) {
1516 wfSuppressWarnings();
1517 file_put_contents( $wgRateLimitLog, wfTimestamp( TS_MW ) . ' ' . wfWikiID() . ': ' . $this->getName() . " tripped $key at $count $summary\n", FILE_APPEND );
1518 wfRestoreWarnings();
1519 }
1520 $triggered = true;
1521 } else {
1522 wfDebug( __METHOD__ . ": ok. $key at $count $summary\n" );
1523 }
1524 } else {
1525 wfDebug( __METHOD__ . ": adding record for $key $summary\n" );
1526 $wgMemc->add( $key, 0, intval( $period ) ); // first ping
1527 }
1528 $wgMemc->incr( $key );
1529 }
1530
1531 wfProfileOut( __METHOD__ );
1532 return $triggered;
1533 }
1534
1535 /**
1536 * Check if user is blocked
1537 *
1538 * @param $bFromSlave Bool Whether to check the slave database instead of the master
1539 * @return Bool True if blocked, false otherwise
1540 */
1541 public function isBlocked( $bFromSlave = true ) { // hacked from false due to horrible probs on site
1542 return $this->getBlock( $bFromSlave ) instanceof Block && $this->getBlock()->prevents( 'edit' );
1543 }
1544
1545 /**
1546 * Get the block affecting the user, or null if the user is not blocked
1547 *
1548 * @param $bFromSlave Bool Whether to check the slave database instead of the master
1549 * @return Block|null
1550 */
1551 public function getBlock( $bFromSlave = true ){
1552 $this->getBlockedStatus( $bFromSlave );
1553 return $this->mBlock instanceof Block ? $this->mBlock : null;
1554 }
1555
1556 /**
1557 * Check if user is blocked from editing a particular article
1558 *
1559 * @param $title Title to check
1560 * @param $bFromSlave Bool whether to check the slave database instead of the master
1561 * @return Bool
1562 */
1563 function isBlockedFrom( $title, $bFromSlave = false ) {
1564 global $wgBlockAllowsUTEdit;
1565 wfProfileIn( __METHOD__ );
1566
1567 $blocked = $this->isBlocked( $bFromSlave );
1568 $allowUsertalk = ( $wgBlockAllowsUTEdit ? $this->mAllowUsertalk : false );
1569 # If a user's name is suppressed, they cannot make edits anywhere
1570 if ( !$this->mHideName && $allowUsertalk && $title->getText() === $this->getName() &&
1571 $title->getNamespace() == NS_USER_TALK ) {
1572 $blocked = false;
1573 wfDebug( __METHOD__ . ": self-talk page, ignoring any blocks\n" );
1574 }
1575
1576 wfRunHooks( 'UserIsBlockedFrom', array( $this, $title, &$blocked, &$allowUsertalk ) );
1577
1578 wfProfileOut( __METHOD__ );
1579 return $blocked;
1580 }
1581
1582 /**
1583 * If user is blocked, return the name of the user who placed the block
1584 * @return String name of blocker
1585 */
1586 public function blockedBy() {
1587 $this->getBlockedStatus();
1588 return $this->mBlockedby;
1589 }
1590
1591 /**
1592 * If user is blocked, return the specified reason for the block
1593 * @return String Blocking reason
1594 */
1595 public function blockedFor() {
1596 $this->getBlockedStatus();
1597 return $this->mBlockreason;
1598 }
1599
1600 /**
1601 * If user is blocked, return the ID for the block
1602 * @return Int Block ID
1603 */
1604 public function getBlockId() {
1605 $this->getBlockedStatus();
1606 return ( $this->mBlock ? $this->mBlock->getId() : false );
1607 }
1608
1609 /**
1610 * Check if user is blocked on all wikis.
1611 * Do not use for actual edit permission checks!
1612 * This is intented for quick UI checks.
1613 *
1614 * @param $ip String IP address, uses current client if none given
1615 * @return Bool True if blocked, false otherwise
1616 */
1617 public function isBlockedGlobally( $ip = '' ) {
1618 if( $this->mBlockedGlobally !== null ) {
1619 return $this->mBlockedGlobally;
1620 }
1621 // User is already an IP?
1622 if( IP::isIPAddress( $this->getName() ) ) {
1623 $ip = $this->getName();
1624 } elseif( !$ip ) {
1625 $ip = $this->getRequest()->getIP();
1626 }
1627 $blocked = false;
1628 wfRunHooks( 'UserIsBlockedGlobally', array( &$this, $ip, &$blocked ) );
1629 $this->mBlockedGlobally = (bool)$blocked;
1630 return $this->mBlockedGlobally;
1631 }
1632
1633 /**
1634 * Check if user account is locked
1635 *
1636 * @return Bool True if locked, false otherwise
1637 */
1638 public function isLocked() {
1639 if( $this->mLocked !== null ) {
1640 return $this->mLocked;
1641 }
1642 global $wgAuth;
1643 $authUser = $wgAuth->getUserInstance( $this );
1644 $this->mLocked = (bool)$authUser->isLocked();
1645 return $this->mLocked;
1646 }
1647
1648 /**
1649 * Check if user account is hidden
1650 *
1651 * @return Bool True if hidden, false otherwise
1652 */
1653 public function isHidden() {
1654 if( $this->mHideName !== null ) {
1655 return $this->mHideName;
1656 }
1657 $this->getBlockedStatus();
1658 if( !$this->mHideName ) {
1659 global $wgAuth;
1660 $authUser = $wgAuth->getUserInstance( $this );
1661 $this->mHideName = (bool)$authUser->isHidden();
1662 }
1663 return $this->mHideName;
1664 }
1665
1666 /**
1667 * Get the user's ID.
1668 * @return Int The user's ID; 0 if the user is anonymous or nonexistent
1669 */
1670 public function getId() {
1671 if( $this->mId === null && $this->mName !== null
1672 && User::isIP( $this->mName ) ) {
1673 // Special case, we know the user is anonymous
1674 return 0;
1675 } elseif( !$this->isItemLoaded( 'id' ) ) {
1676 // Don't load if this was initialized from an ID
1677 $this->load();
1678 }
1679 return $this->mId;
1680 }
1681
1682 /**
1683 * Set the user and reload all fields according to a given ID
1684 * @param $v Int User ID to reload
1685 */
1686 public function setId( $v ) {
1687 $this->mId = $v;
1688 $this->clearInstanceCache( 'id' );
1689 }
1690
1691 /**
1692 * Get the user name, or the IP of an anonymous user
1693 * @return String User's name or IP address
1694 */
1695 public function getName() {
1696 if ( $this->isItemLoaded( 'name', 'only' ) ) {
1697 # Special case optimisation
1698 return $this->mName;
1699 } else {
1700 $this->load();
1701 if ( $this->mName === false ) {
1702 # Clean up IPs
1703 $this->mName = IP::sanitizeIP( $this->getRequest()->getIP() );
1704 }
1705 return $this->mName;
1706 }
1707 }
1708
1709 /**
1710 * Set the user name.
1711 *
1712 * This does not reload fields from the database according to the given
1713 * name. Rather, it is used to create a temporary "nonexistent user" for
1714 * later addition to the database. It can also be used to set the IP
1715 * address for an anonymous user to something other than the current
1716 * remote IP.
1717 *
1718 * @note User::newFromName() has rougly the same function, when the named user
1719 * does not exist.
1720 * @param $str String New user name to set
1721 */
1722 public function setName( $str ) {
1723 $this->load();
1724 $this->mName = $str;
1725 }
1726
1727 /**
1728 * Get the user's name escaped by underscores.
1729 * @return String Username escaped by underscores.
1730 */
1731 public function getTitleKey() {
1732 return str_replace( ' ', '_', $this->getName() );
1733 }
1734
1735 /**
1736 * Check if the user has new messages.
1737 * @return Bool True if the user has new messages
1738 */
1739 public function getNewtalk() {
1740 $this->load();
1741
1742 # Load the newtalk status if it is unloaded (mNewtalk=-1)
1743 if( $this->mNewtalk === -1 ) {
1744 $this->mNewtalk = false; # reset talk page status
1745
1746 # Check memcached separately for anons, who have no
1747 # entire User object stored in there.
1748 if( !$this->mId ) {
1749 global $wgMemc;
1750 $key = wfMemcKey( 'newtalk', 'ip', $this->getName() );
1751 $newtalk = $wgMemc->get( $key );
1752 if( strval( $newtalk ) !== '' ) {
1753 $this->mNewtalk = (bool)$newtalk;
1754 } else {
1755 // Since we are caching this, make sure it is up to date by getting it
1756 // from the master
1757 $this->mNewtalk = $this->checkNewtalk( 'user_ip', $this->getName(), true );
1758 $wgMemc->set( $key, (int)$this->mNewtalk, 1800 );
1759 }
1760 } else {
1761 $this->mNewtalk = $this->checkNewtalk( 'user_id', $this->mId );
1762 }
1763 }
1764
1765 return (bool)$this->mNewtalk;
1766 }
1767
1768 /**
1769 * Return the talk page(s) this user has new messages on.
1770 * @return Array of String page URLs
1771 */
1772 public function getNewMessageLinks() {
1773 $talks = array();
1774 if( !wfRunHooks( 'UserRetrieveNewTalks', array( &$this, &$talks ) ) )
1775 return $talks;
1776
1777 if( !$this->getNewtalk() )
1778 return array();
1779 $up = $this->getUserPage();
1780 $utp = $up->getTalkPage();
1781 return array( array( 'wiki' => wfWikiID(), 'link' => $utp->getLocalURL() ) );
1782 }
1783
1784 /**
1785 * Internal uncached check for new messages
1786 *
1787 * @see getNewtalk()
1788 * @param $field String 'user_ip' for anonymous users, 'user_id' otherwise
1789 * @param $id String|Int User's IP address for anonymous users, User ID otherwise
1790 * @param $fromMaster Bool true to fetch from the master, false for a slave
1791 * @return Bool True if the user has new messages
1792 */
1793 protected function checkNewtalk( $field, $id, $fromMaster = false ) {
1794 if ( $fromMaster ) {
1795 $db = wfGetDB( DB_MASTER );
1796 } else {
1797 $db = wfGetDB( DB_SLAVE );
1798 }
1799 $ok = $db->selectField( 'user_newtalk', $field,
1800 array( $field => $id ), __METHOD__ );
1801 return $ok !== false;
1802 }
1803
1804 /**
1805 * Add or update the new messages flag
1806 * @param $field String 'user_ip' for anonymous users, 'user_id' otherwise
1807 * @param $id String|Int User's IP address for anonymous users, User ID otherwise
1808 * @return Bool True if successful, false otherwise
1809 */
1810 protected function updateNewtalk( $field, $id ) {
1811 $dbw = wfGetDB( DB_MASTER );
1812 $dbw->insert( 'user_newtalk',
1813 array( $field => $id ),
1814 __METHOD__,
1815 'IGNORE' );
1816 if ( $dbw->affectedRows() ) {
1817 wfDebug( __METHOD__ . ": set on ($field, $id)\n" );
1818 return true;
1819 } else {
1820 wfDebug( __METHOD__ . " already set ($field, $id)\n" );
1821 return false;
1822 }
1823 }
1824
1825 /**
1826 * Clear the new messages flag for the given user
1827 * @param $field String 'user_ip' for anonymous users, 'user_id' otherwise
1828 * @param $id String|Int User's IP address for anonymous users, User ID otherwise
1829 * @return Bool True if successful, false otherwise
1830 */
1831 protected function deleteNewtalk( $field, $id ) {
1832 $dbw = wfGetDB( DB_MASTER );
1833 $dbw->delete( 'user_newtalk',
1834 array( $field => $id ),
1835 __METHOD__ );
1836 if ( $dbw->affectedRows() ) {
1837 wfDebug( __METHOD__ . ": killed on ($field, $id)\n" );
1838 return true;
1839 } else {
1840 wfDebug( __METHOD__ . ": already gone ($field, $id)\n" );
1841 return false;
1842 }
1843 }
1844
1845 /**
1846 * Update the 'You have new messages!' status.
1847 * @param $val Bool Whether the user has new messages
1848 */
1849 public function setNewtalk( $val ) {
1850 if( wfReadOnly() ) {
1851 return;
1852 }
1853
1854 $this->load();
1855 $this->mNewtalk = $val;
1856
1857 if( $this->isAnon() ) {
1858 $field = 'user_ip';
1859 $id = $this->getName();
1860 } else {
1861 $field = 'user_id';
1862 $id = $this->getId();
1863 }
1864 global $wgMemc;
1865
1866 if( $val ) {
1867 $changed = $this->updateNewtalk( $field, $id );
1868 } else {
1869 $changed = $this->deleteNewtalk( $field, $id );
1870 }
1871
1872 if( $this->isAnon() ) {
1873 // Anons have a separate memcached space, since
1874 // user records aren't kept for them.
1875 $key = wfMemcKey( 'newtalk', 'ip', $id );
1876 $wgMemc->set( $key, $val ? 1 : 0, 1800 );
1877 }
1878 if ( $changed ) {
1879 $this->invalidateCache();
1880 }
1881 }
1882
1883 /**
1884 * Generate a current or new-future timestamp to be stored in the
1885 * user_touched field when we update things.
1886 * @return String Timestamp in TS_MW format
1887 */
1888 private static function newTouchedTimestamp() {
1889 global $wgClockSkewFudge;
1890 return wfTimestamp( TS_MW, time() + $wgClockSkewFudge );
1891 }
1892
1893 /**
1894 * Clear user data from memcached.
1895 * Use after applying fun updates to the database; caller's
1896 * responsibility to update user_touched if appropriate.
1897 *
1898 * Called implicitly from invalidateCache() and saveSettings().
1899 */
1900 private function clearSharedCache() {
1901 $this->load();
1902 if( $this->mId ) {
1903 global $wgMemc;
1904 $wgMemc->delete( wfMemcKey( 'user', 'id', $this->mId ) );
1905 }
1906 }
1907
1908 /**
1909 * Immediately touch the user data cache for this account.
1910 * Updates user_touched field, and removes account data from memcached
1911 * for reload on the next hit.
1912 */
1913 public function invalidateCache() {
1914 if( wfReadOnly() ) {
1915 return;
1916 }
1917 $this->load();
1918 if( $this->mId ) {
1919 $this->mTouched = self::newTouchedTimestamp();
1920
1921 $dbw = wfGetDB( DB_MASTER );
1922 $dbw->update( 'user',
1923 array( 'user_touched' => $dbw->timestamp( $this->mTouched ) ),
1924 array( 'user_id' => $this->mId ),
1925 __METHOD__ );
1926
1927 $this->clearSharedCache();
1928 }
1929 }
1930
1931 /**
1932 * Validate the cache for this account.
1933 * @param $timestamp String A timestamp in TS_MW format
1934 *
1935 * @return bool
1936 */
1937 public function validateCache( $timestamp ) {
1938 $this->load();
1939 return ( $timestamp >= $this->mTouched );
1940 }
1941
1942 /**
1943 * Get the user touched timestamp
1944 * @return String timestamp
1945 */
1946 public function getTouched() {
1947 $this->load();
1948 return $this->mTouched;
1949 }
1950
1951 /**
1952 * Set the password and reset the random token.
1953 * Calls through to authentication plugin if necessary;
1954 * will have no effect if the auth plugin refuses to
1955 * pass the change through or if the legal password
1956 * checks fail.
1957 *
1958 * As a special case, setting the password to null
1959 * wipes it, so the account cannot be logged in until
1960 * a new password is set, for instance via e-mail.
1961 *
1962 * @param $str String New password to set
1963 * @throws PasswordError on failure
1964 *
1965 * @return bool
1966 */
1967 public function setPassword( $str ) {
1968 global $wgAuth;
1969
1970 if( $str !== null ) {
1971 if( !$wgAuth->allowPasswordChange() ) {
1972 throw new PasswordError( wfMsg( 'password-change-forbidden' ) );
1973 }
1974
1975 if( !$this->isValidPassword( $str ) ) {
1976 global $wgMinimalPasswordLength;
1977 $valid = $this->getPasswordValidity( $str );
1978 if ( is_array( $valid ) ) {
1979 $message = array_shift( $valid );
1980 $params = $valid;
1981 } else {
1982 $message = $valid;
1983 $params = array( $wgMinimalPasswordLength );
1984 }
1985 throw new PasswordError( wfMsgExt( $message, array( 'parsemag' ), $params ) );
1986 }
1987 }
1988
1989 if( !$wgAuth->setPassword( $this, $str ) ) {
1990 throw new PasswordError( wfMsg( 'externaldberror' ) );
1991 }
1992
1993 $this->setInternalPassword( $str );
1994
1995 return true;
1996 }
1997
1998 /**
1999 * Set the password and reset the random token unconditionally.
2000 *
2001 * @param $str String New password to set
2002 */
2003 public function setInternalPassword( $str ) {
2004 $this->load();
2005 $this->setToken();
2006
2007 if( $str === null ) {
2008 // Save an invalid hash...
2009 $this->mPassword = '';
2010 } else {
2011 $this->mPassword = self::crypt( $str );
2012 }
2013 $this->mNewpassword = '';
2014 $this->mNewpassTime = null;
2015 }
2016
2017 /**
2018 * Get the user's current token.
2019 * @return String Token
2020 */
2021 public function getToken() {
2022 $this->load();
2023 return $this->mToken;
2024 }
2025
2026 /**
2027 * Set the random token (used for persistent authentication)
2028 * Called from loadDefaults() among other places.
2029 *
2030 * @param $token String|bool If specified, set the token to this value
2031 */
2032 public function setToken( $token = false ) {
2033 global $wgSecretKey, $wgProxyKey;
2034 $this->load();
2035 if ( !$token ) {
2036 if ( $wgSecretKey ) {
2037 $key = $wgSecretKey;
2038 } elseif ( $wgProxyKey ) {
2039 $key = $wgProxyKey;
2040 } else {
2041 $key = microtime();
2042 }
2043 $this->mToken = md5( $key . mt_rand( 0, 0x7fffffff ) . wfWikiID() . $this->mId );
2044 } else {
2045 $this->mToken = $token;
2046 }
2047 }
2048
2049 /**
2050 * Set the cookie password
2051 *
2052 * @param $str String New cookie password
2053 */
2054 private function setCookiePassword( $str ) {
2055 $this->load();
2056 $this->mCookiePassword = md5( $str );
2057 }
2058
2059 /**
2060 * Set the password for a password reminder or new account email
2061 *
2062 * @param $str String New password to set
2063 * @param $throttle Bool If true, reset the throttle timestamp to the present
2064 */
2065 public function setNewpassword( $str, $throttle = true ) {
2066 $this->load();
2067 $this->mNewpassword = self::crypt( $str );
2068 if ( $throttle ) {
2069 $this->mNewpassTime = wfTimestampNow();
2070 }
2071 }
2072
2073 /**
2074 * Has password reminder email been sent within the last
2075 * $wgPasswordReminderResendTime hours?
2076 * @return Bool
2077 */
2078 public function isPasswordReminderThrottled() {
2079 global $wgPasswordReminderResendTime;
2080 $this->load();
2081 if ( !$this->mNewpassTime || !$wgPasswordReminderResendTime ) {
2082 return false;
2083 }
2084 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgPasswordReminderResendTime * 3600;
2085 return time() < $expiry;
2086 }
2087
2088 /**
2089 * Get the user's e-mail address
2090 * @return String User's email address
2091 */
2092 public function getEmail() {
2093 $this->load();
2094 wfRunHooks( 'UserGetEmail', array( $this, &$this->mEmail ) );
2095 return $this->mEmail;
2096 }
2097
2098 /**
2099 * Get the timestamp of the user's e-mail authentication
2100 * @return String TS_MW timestamp
2101 */
2102 public function getEmailAuthenticationTimestamp() {
2103 $this->load();
2104 wfRunHooks( 'UserGetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
2105 return $this->mEmailAuthenticated;
2106 }
2107
2108 /**
2109 * Set the user's e-mail address
2110 * @param $str String New e-mail address
2111 */
2112 public function setEmail( $str ) {
2113 $this->load();
2114 if( $str == $this->mEmail ) {
2115 return;
2116 }
2117 $this->mEmail = $str;
2118 $this->invalidateEmail();
2119 wfRunHooks( 'UserSetEmail', array( $this, &$this->mEmail ) );
2120 }
2121
2122 /**
2123 * Get the user's real name
2124 * @return String User's real name
2125 */
2126 public function getRealName() {
2127 if ( !$this->isItemLoaded( 'realname' ) ) {
2128 $this->load();
2129 }
2130
2131 return $this->mRealName;
2132 }
2133
2134 /**
2135 * Set the user's real name
2136 * @param $str String New real name
2137 */
2138 public function setRealName( $str ) {
2139 $this->load();
2140 $this->mRealName = $str;
2141 }
2142
2143 /**
2144 * Return the name of this user we should used to display in the user interface
2145 * @return String The user's display name
2146 */
2147 public function getDisplayName() {
2148 global $wgRealNameInInterface;
2149 if ( is_null( $this->mDisplayName ) ) {
2150 $displayName = null;
2151
2152 // Allow hooks to set a display name
2153 wfRunHooks( 'UserDisplayName', array( $this, &$displayName ) );
2154
2155 if ( is_null( $displayName ) && $wgRealNameInInterface && $this->getRealName() ) {
2156 // If $wgRealNameInInterface is true use the real name as the display name if it's set
2157 $displayName = $this->getRealName();
2158 }
2159
2160 if ( is_null( $displayName ) ) {
2161 $displayName = $this->getName();
2162 }
2163
2164 $this->mDisplayName = $displayName;
2165 }
2166 return $this->mDisplayName;
2167 }
2168
2169 /**
2170 * Get the user's current setting for a given option.
2171 *
2172 * @param $oname String The option to check
2173 * @param $defaultOverride String A default value returned if the option does not exist
2174 * @param $ignoreHidden Bool = whether to ignore the effects of $wgHiddenPrefs
2175 * @return String User's current value for the option
2176 * @see getBoolOption()
2177 * @see getIntOption()
2178 */
2179 public function getOption( $oname, $defaultOverride = null, $ignoreHidden = false ) {
2180 global $wgHiddenPrefs;
2181 $this->loadOptions();
2182
2183 if ( is_null( $this->mOptions ) ) {
2184 if($defaultOverride != '') {
2185 return $defaultOverride;
2186 }
2187 $this->mOptions = User::getDefaultOptions();
2188 }
2189
2190 # We want 'disabled' preferences to always behave as the default value for
2191 # users, even if they have set the option explicitly in their settings (ie they
2192 # set it, and then it was disabled removing their ability to change it). But
2193 # we don't want to erase the preferences in the database in case the preference
2194 # is re-enabled again. So don't touch $mOptions, just override the returned value
2195 if( in_array( $oname, $wgHiddenPrefs ) && !$ignoreHidden ){
2196 return self::getDefaultOption( $oname );
2197 }
2198
2199 if ( array_key_exists( $oname, $this->mOptions ) ) {
2200 return $this->mOptions[$oname];
2201 } else {
2202 return $defaultOverride;
2203 }
2204 }
2205
2206 /**
2207 * Get all user's options
2208 *
2209 * @return array
2210 */
2211 public function getOptions() {
2212 global $wgHiddenPrefs;
2213 $this->loadOptions();
2214 $options = $this->mOptions;
2215
2216 # We want 'disabled' preferences to always behave as the default value for
2217 # users, even if they have set the option explicitly in their settings (ie they
2218 # set it, and then it was disabled removing their ability to change it). But
2219 # we don't want to erase the preferences in the database in case the preference
2220 # is re-enabled again. So don't touch $mOptions, just override the returned value
2221 foreach( $wgHiddenPrefs as $pref ){
2222 $default = self::getDefaultOption( $pref );
2223 if( $default !== null ){
2224 $options[$pref] = $default;
2225 }
2226 }
2227
2228 return $options;
2229 }
2230
2231 /**
2232 * Get the user's current setting for a given option, as a boolean value.
2233 *
2234 * @param $oname String The option to check
2235 * @return Bool User's current value for the option
2236 * @see getOption()
2237 */
2238 public function getBoolOption( $oname ) {
2239 return (bool)$this->getOption( $oname );
2240 }
2241
2242 /**
2243 * Get the user's current setting for a given option, as a boolean value.
2244 *
2245 * @param $oname String The option to check
2246 * @param $defaultOverride Int A default value returned if the option does not exist
2247 * @return Int User's current value for the option
2248 * @see getOption()
2249 */
2250 public function getIntOption( $oname, $defaultOverride=0 ) {
2251 $val = $this->getOption( $oname );
2252 if( $val == '' ) {
2253 $val = $defaultOverride;
2254 }
2255 return intval( $val );
2256 }
2257
2258 /**
2259 * Set the given option for a user.
2260 *
2261 * @param $oname String The option to set
2262 * @param $val mixed New value to set
2263 */
2264 public function setOption( $oname, $val ) {
2265 $this->load();
2266 $this->loadOptions();
2267
2268 // Explicitly NULL values should refer to defaults
2269 global $wgDefaultUserOptions;
2270 if( is_null( $val ) && isset( $wgDefaultUserOptions[$oname] ) ) {
2271 $val = $wgDefaultUserOptions[$oname];
2272 }
2273
2274 $this->mOptions[$oname] = $val;
2275 }
2276
2277 /**
2278 * Reset all options to the site defaults
2279 */
2280 public function resetOptions() {
2281 $this->mOptions = self::getDefaultOptions();
2282 }
2283
2284 /**
2285 * Get the user's preferred date format.
2286 * @return String User's preferred date format
2287 */
2288 public function getDatePreference() {
2289 // Important migration for old data rows
2290 if ( is_null( $this->mDatePreference ) ) {
2291 global $wgLang;
2292 $value = $this->getOption( 'date' );
2293 $map = $wgLang->getDatePreferenceMigrationMap();
2294 if ( isset( $map[$value] ) ) {
2295 $value = $map[$value];
2296 }
2297 $this->mDatePreference = $value;
2298 }
2299 return $this->mDatePreference;
2300 }
2301
2302 /**
2303 * Get the user preferred stub threshold
2304 *
2305 * @return int
2306 */
2307 public function getStubThreshold() {
2308 global $wgMaxArticleSize; # Maximum article size, in Kb
2309 $threshold = intval( $this->getOption( 'stubthreshold' ) );
2310 if ( $threshold > $wgMaxArticleSize * 1024 ) {
2311 # If they have set an impossible value, disable the preference
2312 # so we can use the parser cache again.
2313 $threshold = 0;
2314 }
2315 return $threshold;
2316 }
2317
2318 /**
2319 * Get the permissions this user has.
2320 * @return Array of String permission names
2321 */
2322 public function getRights() {
2323 if ( is_null( $this->mRights ) ) {
2324 $this->mRights = self::getGroupPermissions( $this->getEffectiveGroups() );
2325 wfRunHooks( 'UserGetRights', array( $this, &$this->mRights ) );
2326 // Force reindexation of rights when a hook has unset one of them
2327 $this->mRights = array_values( $this->mRights );
2328 }
2329 return $this->mRights;
2330 }
2331
2332 /**
2333 * Get the list of explicit group memberships this user has.
2334 * The implicit * and user groups are not included.
2335 * @return Array of String internal group names
2336 */
2337 public function getGroups() {
2338 $this->load();
2339 $this->loadGroups();
2340 return $this->mGroups;
2341 }
2342
2343 /**
2344 * Get the list of implicit group memberships this user has.
2345 * This includes all explicit groups, plus 'user' if logged in,
2346 * '*' for all accounts, and autopromoted groups
2347 * @param $recache Bool Whether to avoid the cache
2348 * @return Array of String internal group names
2349 */
2350 public function getEffectiveGroups( $recache = false ) {
2351 if ( $recache || is_null( $this->mEffectiveGroups ) ) {
2352 wfProfileIn( __METHOD__ );
2353 $this->mEffectiveGroups = array_unique( array_merge(
2354 $this->getGroups(), // explicit groups
2355 $this->getAutomaticGroups( $recache ) // implicit groups
2356 ) );
2357 # Hook for additional groups
2358 wfRunHooks( 'UserEffectiveGroups', array( &$this, &$this->mEffectiveGroups ) );
2359 wfProfileOut( __METHOD__ );
2360 }
2361 return $this->mEffectiveGroups;
2362 }
2363
2364 /**
2365 * Get the list of implicit group memberships this user has.
2366 * This includes 'user' if logged in, '*' for all accounts,
2367 * and autopromoted groups
2368 * @param $recache Bool Whether to avoid the cache
2369 * @return Array of String internal group names
2370 */
2371 public function getAutomaticGroups( $recache = false ) {
2372 if ( $recache || is_null( $this->mImplicitGroups ) ) {
2373 wfProfileIn( __METHOD__ );
2374 $this->mImplicitGroups = array( '*' );
2375 if ( $this->getId() ) {
2376 $this->mImplicitGroups[] = 'user';
2377
2378 $this->mImplicitGroups = array_unique( array_merge(
2379 $this->mImplicitGroups,
2380 Autopromote::getAutopromoteGroups( $this )
2381 ) );
2382 }
2383 if ( $recache ) {
2384 # Assure data consistency with rights/groups,
2385 # as getEffectiveGroups() depends on this function
2386 $this->mEffectiveGroups = null;
2387 }
2388 wfProfileOut( __METHOD__ );
2389 }
2390 return $this->mImplicitGroups;
2391 }
2392
2393 /**
2394 * Returns the groups the user has belonged to.
2395 *
2396 * The user may still belong to the returned groups. Compare with getGroups().
2397 *
2398 * The function will not return groups the user had belonged to before MW 1.17
2399 *
2400 * @return array Names of the groups the user has belonged to.
2401 */
2402 public function getFormerGroups() {
2403 if( is_null( $this->mFormerGroups ) ) {
2404 $dbr = wfGetDB( DB_MASTER );
2405 $res = $dbr->select( 'user_former_groups',
2406 array( 'ufg_group' ),
2407 array( 'ufg_user' => $this->mId ),
2408 __METHOD__ );
2409 $this->mFormerGroups = array();
2410 foreach( $res as $row ) {
2411 $this->mFormerGroups[] = $row->ufg_group;
2412 }
2413 }
2414 return $this->mFormerGroups;
2415 }
2416
2417 /**
2418 * Get the user's edit count.
2419 * @return Int
2420 */
2421 public function getEditCount() {
2422 if( $this->getId() ) {
2423 if ( !isset( $this->mEditCount ) ) {
2424 /* Populate the count, if it has not been populated yet */
2425 $this->mEditCount = User::edits( $this->mId );
2426 }
2427 return $this->mEditCount;
2428 } else {
2429 /* nil */
2430 return null;
2431 }
2432 }
2433
2434 /**
2435 * Add the user to the given group.
2436 * This takes immediate effect.
2437 * @param $group String Name of the group to add
2438 */
2439 public function addGroup( $group ) {
2440 if( wfRunHooks( 'UserAddGroup', array( $this, &$group ) ) ) {
2441 $dbw = wfGetDB( DB_MASTER );
2442 if( $this->getId() ) {
2443 $dbw->insert( 'user_groups',
2444 array(
2445 'ug_user' => $this->getID(),
2446 'ug_group' => $group,
2447 ),
2448 __METHOD__,
2449 array( 'IGNORE' ) );
2450 }
2451 }
2452 $this->loadGroups();
2453 $this->mGroups[] = $group;
2454 $this->mRights = User::getGroupPermissions( $this->getEffectiveGroups( true ) );
2455
2456 $this->invalidateCache();
2457 }
2458
2459 /**
2460 * Remove the user from the given group.
2461 * This takes immediate effect.
2462 * @param $group String Name of the group to remove
2463 */
2464 public function removeGroup( $group ) {
2465 $this->load();
2466 if( wfRunHooks( 'UserRemoveGroup', array( $this, &$group ) ) ) {
2467 $dbw = wfGetDB( DB_MASTER );
2468 $dbw->delete( 'user_groups',
2469 array(
2470 'ug_user' => $this->getID(),
2471 'ug_group' => $group,
2472 ), __METHOD__ );
2473 // Remember that the user was in this group
2474 $dbw->insert( 'user_former_groups',
2475 array(
2476 'ufg_user' => $this->getID(),
2477 'ufg_group' => $group,
2478 ),
2479 __METHOD__,
2480 array( 'IGNORE' ) );
2481 }
2482 $this->loadGroups();
2483 $this->mGroups = array_diff( $this->mGroups, array( $group ) );
2484 $this->mRights = User::getGroupPermissions( $this->getEffectiveGroups( true ) );
2485
2486 $this->invalidateCache();
2487 }
2488
2489 /**
2490 * Get whether the user is logged in
2491 * @return Bool
2492 */
2493 public function isLoggedIn() {
2494 return $this->getID() != 0;
2495 }
2496
2497 /**
2498 * Get whether the user is anonymous
2499 * @return Bool
2500 */
2501 public function isAnon() {
2502 return !$this->isLoggedIn();
2503 }
2504
2505 /**
2506 * Check if user is allowed to access a feature / make an action
2507 *
2508 * @internal param \String $varargs permissions to test
2509 * @return Boolean: True if user is allowed to perform *any* of the given actions
2510 *
2511 * @return bool
2512 */
2513 public function isAllowedAny( /*...*/ ){
2514 $permissions = func_get_args();
2515 foreach( $permissions as $permission ){
2516 if( $this->isAllowed( $permission ) ){
2517 return true;
2518 }
2519 }
2520 return false;
2521 }
2522
2523 /**
2524 *
2525 * @internal param $varargs string
2526 * @return bool True if the user is allowed to perform *all* of the given actions
2527 */
2528 public function isAllowedAll( /*...*/ ){
2529 $permissions = func_get_args();
2530 foreach( $permissions as $permission ){
2531 if( !$this->isAllowed( $permission ) ){
2532 return false;
2533 }
2534 }
2535 return true;
2536 }
2537
2538 /**
2539 * Internal mechanics of testing a permission
2540 * @param $action String
2541 * @return bool
2542 */
2543 public function isAllowed( $action = '' ) {
2544 if ( $action === '' ) {
2545 return true; // In the spirit of DWIM
2546 }
2547 # Patrolling may not be enabled
2548 if( $action === 'patrol' || $action === 'autopatrol' ) {
2549 global $wgUseRCPatrol, $wgUseNPPatrol;
2550 if( !$wgUseRCPatrol && !$wgUseNPPatrol )
2551 return false;
2552 }
2553 # Use strict parameter to avoid matching numeric 0 accidentally inserted
2554 # by misconfiguration: 0 == 'foo'
2555 return in_array( $action, $this->getRights(), true );
2556 }
2557
2558 /**
2559 * Check whether to enable recent changes patrol features for this user
2560 * @return Boolean: True or false
2561 */
2562 public function useRCPatrol() {
2563 global $wgUseRCPatrol;
2564 return $wgUseRCPatrol && $this->isAllowedAny( 'patrol', 'patrolmarks' );
2565 }
2566
2567 /**
2568 * Check whether to enable new pages patrol features for this user
2569 * @return Bool True or false
2570 */
2571 public function useNPPatrol() {
2572 global $wgUseRCPatrol, $wgUseNPPatrol;
2573 return( ( $wgUseRCPatrol || $wgUseNPPatrol ) && ( $this->isAllowedAny( 'patrol', 'patrolmarks' ) ) );
2574 }
2575
2576 /**
2577 * Get the WebRequest object to use with this object
2578 *
2579 * @return WebRequest
2580 */
2581 public function getRequest() {
2582 if ( $this->mRequest ) {
2583 return $this->mRequest;
2584 } else {
2585 global $wgRequest;
2586 return $wgRequest;
2587 }
2588 }
2589
2590 /**
2591 * Get the current skin, loading it if required
2592 * @return Skin The current skin
2593 * @todo FIXME: Need to check the old failback system [AV]
2594 * @deprecated since 1.18 Use ->getSkin() in the most relevant outputting context you have
2595 */
2596 public function getSkin() {
2597 wfDeprecated( __METHOD__, '1.18' );
2598 return RequestContext::getMain()->getSkin();
2599 }
2600
2601 /**
2602 * Check the watched status of an article.
2603 * @param $title Title of the article to look at
2604 * @return Bool
2605 */
2606 public function isWatched( $title ) {
2607 $wl = WatchedItem::fromUserTitle( $this, $title );
2608 return $wl->isWatched();
2609 }
2610
2611 /**
2612 * Watch an article.
2613 * @param $title Title of the article to look at
2614 */
2615 public function addWatch( $title ) {
2616 $wl = WatchedItem::fromUserTitle( $this, $title );
2617 $wl->addWatch();
2618 $this->invalidateCache();
2619 }
2620
2621 /**
2622 * Stop watching an article.
2623 * @param $title Title of the article to look at
2624 */
2625 public function removeWatch( $title ) {
2626 $wl = WatchedItem::fromUserTitle( $this, $title );
2627 $wl->removeWatch();
2628 $this->invalidateCache();
2629 }
2630
2631 /**
2632 * Cleans up watchlist by removing invalid entries from it
2633 */
2634 public function cleanupWatchlist() {
2635 $dbw = wfGetDB( DB_MASTER );
2636 $dbw->delete( 'watchlist', array( 'wl_namespace < 0', 'wl_user' => $this->getId() ), __METHOD__ );
2637 }
2638
2639 /**
2640 * Clear the user's notification timestamp for the given title.
2641 * If e-notif e-mails are on, they will receive notification mails on
2642 * the next change of the page if it's watched etc.
2643 * @param $title Title of the article to look at
2644 */
2645 public function clearNotification( &$title ) {
2646 global $wgUseEnotif, $wgShowUpdatedMarker;
2647
2648 # Do nothing if the database is locked to writes
2649 if( wfReadOnly() ) {
2650 return;
2651 }
2652
2653 if( $title->getNamespace() == NS_USER_TALK &&
2654 $title->getText() == $this->getName() ) {
2655 if( !wfRunHooks( 'UserClearNewTalkNotification', array( &$this ) ) )
2656 return;
2657 $this->setNewtalk( false );
2658 }
2659
2660 if( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
2661 return;
2662 }
2663
2664 if( $this->isAnon() ) {
2665 // Nothing else to do...
2666 return;
2667 }
2668
2669 // Only update the timestamp if the page is being watched.
2670 // The query to find out if it is watched is cached both in memcached and per-invocation,
2671 // and when it does have to be executed, it can be on a slave
2672 // If this is the user's newtalk page, we always update the timestamp
2673 if( $title->getNamespace() == NS_USER_TALK &&
2674 $title->getText() == $this->getName() )
2675 {
2676 $watched = true;
2677 } else {
2678 $watched = $this->isWatched( $title );
2679 }
2680
2681 // If the page is watched by the user (or may be watched), update the timestamp on any
2682 // any matching rows
2683 if ( $watched ) {
2684 $dbw = wfGetDB( DB_MASTER );
2685 $dbw->update( 'watchlist',
2686 array( /* SET */
2687 'wl_notificationtimestamp' => null
2688 ), array( /* WHERE */
2689 'wl_title' => $title->getDBkey(),
2690 'wl_namespace' => $title->getNamespace(),
2691 'wl_user' => $this->getID()
2692 ), __METHOD__
2693 );
2694 }
2695 }
2696
2697 /**
2698 * Resets all of the given user's page-change notification timestamps.
2699 * If e-notif e-mails are on, they will receive notification mails on
2700 * the next change of any watched page.
2701 */
2702 public function clearAllNotifications() {
2703 global $wgUseEnotif, $wgShowUpdatedMarker;
2704 if ( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
2705 $this->setNewtalk( false );
2706 return;
2707 }
2708 $id = $this->getId();
2709 if( $id != 0 ) {
2710 $dbw = wfGetDB( DB_MASTER );
2711 $dbw->update( 'watchlist',
2712 array( /* SET */
2713 'wl_notificationtimestamp' => null
2714 ), array( /* WHERE */
2715 'wl_user' => $id
2716 ), __METHOD__
2717 );
2718 # We also need to clear here the "you have new message" notification for the own user_talk page
2719 # This is cleared one page view later in Article::viewUpdates();
2720 }
2721 }
2722
2723 /**
2724 * Set this user's options from an encoded string
2725 * @param $str String Encoded options to import
2726 *
2727 * @deprecated in 1.19 due to removal of user_options from the user table
2728 */
2729 private function decodeOptions( $str ) {
2730 wfDeprecated( __METHOD__, '1.19' );
2731 if( !$str )
2732 return;
2733
2734 $this->mOptionsLoaded = true;
2735 $this->mOptionOverrides = array();
2736
2737 // If an option is not set in $str, use the default value
2738 $this->mOptions = self::getDefaultOptions();
2739
2740 $a = explode( "\n", $str );
2741 foreach ( $a as $s ) {
2742 $m = array();
2743 if ( preg_match( "/^(.[^=]*)=(.*)$/", $s, $m ) ) {
2744 $this->mOptions[$m[1]] = $m[2];
2745 $this->mOptionOverrides[$m[1]] = $m[2];
2746 }
2747 }
2748 }
2749
2750 /**
2751 * Set a cookie on the user's client. Wrapper for
2752 * WebResponse::setCookie
2753 * @param $name String Name of the cookie to set
2754 * @param $value String Value to set
2755 * @param $exp Int Expiration time, as a UNIX time value;
2756 * if 0 or not specified, use the default $wgCookieExpiration
2757 */
2758 protected function setCookie( $name, $value, $exp = 0 ) {
2759 $this->getRequest()->response()->setcookie( $name, $value, $exp );
2760 }
2761
2762 /**
2763 * Clear a cookie on the user's client
2764 * @param $name String Name of the cookie to clear
2765 */
2766 protected function clearCookie( $name ) {
2767 $this->setCookie( $name, '', time() - 86400 );
2768 }
2769
2770 /**
2771 * Set the default cookies for this session on the user's client.
2772 *
2773 * @param $request WebRequest object to use; $wgRequest will be used if null
2774 * is passed.
2775 */
2776 public function setCookies( $request = null ) {
2777 if ( $request === null ) {
2778 $request = $this->getRequest();
2779 }
2780
2781 $this->load();
2782 if ( 0 == $this->mId ) return;
2783 $session = array(
2784 'wsUserID' => $this->mId,
2785 'wsToken' => $this->mToken,
2786 'wsUserName' => $this->getName()
2787 );
2788 $cookies = array(
2789 'UserID' => $this->mId,
2790 'UserName' => $this->getName(),
2791 );
2792 if ( 1 == $this->getOption( 'rememberpassword' ) ) {
2793 $cookies['Token'] = $this->mToken;
2794 } else {
2795 $cookies['Token'] = false;
2796 }
2797
2798 wfRunHooks( 'UserSetCookies', array( $this, &$session, &$cookies ) );
2799
2800 foreach ( $session as $name => $value ) {
2801 $request->setSessionData( $name, $value );
2802 }
2803 foreach ( $cookies as $name => $value ) {
2804 if ( $value === false ) {
2805 $this->clearCookie( $name );
2806 } else {
2807 $this->setCookie( $name, $value );
2808 }
2809 }
2810 }
2811
2812 /**
2813 * Log this user out.
2814 */
2815 public function logout() {
2816 if( wfRunHooks( 'UserLogout', array( &$this ) ) ) {
2817 $this->doLogout();
2818 }
2819 }
2820
2821 /**
2822 * Clear the user's cookies and session, and reset the instance cache.
2823 * @see logout()
2824 */
2825 public function doLogout() {
2826 $this->clearInstanceCache( 'defaults' );
2827
2828 $this->getRequest()->setSessionData( 'wsUserID', 0 );
2829
2830 $this->clearCookie( 'UserID' );
2831 $this->clearCookie( 'Token' );
2832
2833 # Remember when user logged out, to prevent seeing cached pages
2834 $this->setCookie( 'LoggedOut', wfTimestampNow(), time() + 86400 );
2835 }
2836
2837 /**
2838 * Save this user's settings into the database.
2839 * @todo Only rarely do all these fields need to be set!
2840 */
2841 public function saveSettings() {
2842 $this->load();
2843 if ( wfReadOnly() ) { return; }
2844 if ( 0 == $this->mId ) { return; }
2845
2846 $this->mTouched = self::newTouchedTimestamp();
2847
2848 $dbw = wfGetDB( DB_MASTER );
2849 $dbw->update( 'user',
2850 array( /* SET */
2851 'user_name' => $this->mName,
2852 'user_password' => $this->mPassword,
2853 'user_newpassword' => $this->mNewpassword,
2854 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
2855 'user_real_name' => $this->mRealName,
2856 'user_email' => $this->mEmail,
2857 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
2858 'user_touched' => $dbw->timestamp( $this->mTouched ),
2859 'user_token' => $this->mToken,
2860 'user_email_token' => $this->mEmailToken,
2861 'user_email_token_expires' => $dbw->timestampOrNull( $this->mEmailTokenExpires ),
2862 ), array( /* WHERE */
2863 'user_id' => $this->mId
2864 ), __METHOD__
2865 );
2866
2867 $this->saveOptions();
2868
2869 wfRunHooks( 'UserSaveSettings', array( $this ) );
2870 $this->clearSharedCache();
2871 $this->getUserPage()->invalidateCache();
2872 }
2873
2874 /**
2875 * If only this user's username is known, and it exists, return the user ID.
2876 * @return Int
2877 */
2878 public function idForName() {
2879 $s = trim( $this->getName() );
2880 if ( $s === '' ) return 0;
2881
2882 $dbr = wfGetDB( DB_SLAVE );
2883 $id = $dbr->selectField( 'user', 'user_id', array( 'user_name' => $s ), __METHOD__ );
2884 if ( $id === false ) {
2885 $id = 0;
2886 }
2887 return $id;
2888 }
2889
2890 /**
2891 * Add a user to the database, return the user object
2892 *
2893 * @param $name String Username to add
2894 * @param $params Array of Strings Non-default parameters to save to the database as user_* fields:
2895 * - password The user's password hash. Password logins will be disabled if this is omitted.
2896 * - newpassword Hash for a temporary password that has been mailed to the user
2897 * - email The user's email address
2898 * - email_authenticated The email authentication timestamp
2899 * - real_name The user's real name
2900 * - options An associative array of non-default options
2901 * - token Random authentication token. Do not set.
2902 * - registration Registration timestamp. Do not set.
2903 *
2904 * @return User object, or null if the username already exists
2905 */
2906 public static function createNew( $name, $params = array() ) {
2907 $user = new User;
2908 $user->load();
2909 if ( isset( $params['options'] ) ) {
2910 $user->mOptions = $params['options'] + (array)$user->mOptions;
2911 unset( $params['options'] );
2912 }
2913 $dbw = wfGetDB( DB_MASTER );
2914 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
2915
2916 $fields = array(
2917 'user_id' => $seqVal,
2918 'user_name' => $name,
2919 'user_password' => $user->mPassword,
2920 'user_newpassword' => $user->mNewpassword,
2921 'user_newpass_time' => $dbw->timestampOrNull( $user->mNewpassTime ),
2922 'user_email' => $user->mEmail,
2923 'user_email_authenticated' => $dbw->timestampOrNull( $user->mEmailAuthenticated ),
2924 'user_real_name' => $user->mRealName,
2925 'user_token' => $user->mToken,
2926 'user_registration' => $dbw->timestamp( $user->mRegistration ),
2927 'user_editcount' => 0,
2928 );
2929 foreach ( $params as $name => $value ) {
2930 $fields["user_$name"] = $value;
2931 }
2932 $dbw->insert( 'user', $fields, __METHOD__, array( 'IGNORE' ) );
2933 if ( $dbw->affectedRows() ) {
2934 $newUser = User::newFromId( $dbw->insertId() );
2935 } else {
2936 $newUser = null;
2937 }
2938 return $newUser;
2939 }
2940
2941 /**
2942 * Add this existing user object to the database
2943 */
2944 public function addToDatabase() {
2945 $this->load();
2946 $dbw = wfGetDB( DB_MASTER );
2947 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
2948 $dbw->insert( 'user',
2949 array(
2950 'user_id' => $seqVal,
2951 'user_name' => $this->mName,
2952 'user_password' => $this->mPassword,
2953 'user_newpassword' => $this->mNewpassword,
2954 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
2955 'user_email' => $this->mEmail,
2956 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
2957 'user_real_name' => $this->mRealName,
2958 'user_token' => $this->mToken,
2959 'user_registration' => $dbw->timestamp( $this->mRegistration ),
2960 'user_editcount' => 0,
2961 ), __METHOD__
2962 );
2963 $this->mId = $dbw->insertId();
2964
2965 // Clear instance cache other than user table data, which is already accurate
2966 $this->clearInstanceCache();
2967
2968 $this->saveOptions();
2969 }
2970
2971 /**
2972 * If this user is logged-in and blocked,
2973 * block any IP address they've successfully logged in from.
2974 * @return bool A block was spread
2975 */
2976 public function spreadAnyEditBlock() {
2977 if ( $this->isLoggedIn() && $this->isBlocked() ) {
2978 return $this->spreadBlock();
2979 }
2980 return false;
2981 }
2982
2983 /**
2984 * If this (non-anonymous) user is blocked,
2985 * block the IP address they've successfully logged in from.
2986 * @return bool A block was spread
2987 */
2988 protected function spreadBlock() {
2989 wfDebug( __METHOD__ . "()\n" );
2990 $this->load();
2991 if ( $this->mId == 0 ) {
2992 return false;
2993 }
2994
2995 $userblock = Block::newFromTarget( $this->getName() );
2996 if ( !$userblock ) {
2997 return false;
2998 }
2999
3000 return (bool)$userblock->doAutoblock( $this->getRequest()->getIP() );
3001 }
3002
3003 /**
3004 * Generate a string which will be different for any combination of
3005 * user options which would produce different parser output.
3006 * This will be used as part of the hash key for the parser cache,
3007 * so users with the same options can share the same cached data
3008 * safely.
3009 *
3010 * Extensions which require it should install 'PageRenderingHash' hook,
3011 * which will give them a chance to modify this key based on their own
3012 * settings.
3013 *
3014 * @deprecated since 1.17 use the ParserOptions object to get the relevant options
3015 * @return String Page rendering hash
3016 */
3017 public function getPageRenderingHash() {
3018 wfDeprecated( __METHOD__, '1.17' );
3019
3020 global $wgUseDynamicDates, $wgRenderHashAppend, $wgLang, $wgContLang;
3021 if( $this->mHash ){
3022 return $this->mHash;
3023 }
3024
3025 // stubthreshold is only included below for completeness,
3026 // since it disables the parser cache, its value will always
3027 // be 0 when this function is called by parsercache.
3028
3029 $confstr = $this->getOption( 'math' );
3030 $confstr .= '!' . $this->getStubThreshold();
3031 if ( $wgUseDynamicDates ) { # This is wrong (bug 24714)
3032 $confstr .= '!' . $this->getDatePreference();
3033 }
3034 $confstr .= '!' . ( $this->getOption( 'numberheadings' ) ? '1' : '' );
3035 $confstr .= '!' . $wgLang->getCode();
3036 $confstr .= '!' . $this->getOption( 'thumbsize' );
3037 // add in language specific options, if any
3038 $extra = $wgContLang->getExtraHashOptions();
3039 $confstr .= $extra;
3040
3041 // Since the skin could be overloading link(), it should be
3042 // included here but in practice, none of our skins do that.
3043
3044 $confstr .= $wgRenderHashAppend;
3045
3046 // Give a chance for extensions to modify the hash, if they have
3047 // extra options or other effects on the parser cache.
3048 wfRunHooks( 'PageRenderingHash', array( &$confstr ) );
3049
3050 // Make it a valid memcached key fragment
3051 $confstr = str_replace( ' ', '_', $confstr );
3052 $this->mHash = $confstr;
3053 return $confstr;
3054 }
3055
3056 /**
3057 * Get whether the user is explicitly blocked from account creation.
3058 * @return Bool|Block
3059 */
3060 public function isBlockedFromCreateAccount() {
3061 $this->getBlockedStatus();
3062 if( $this->mBlock && $this->mBlock->prevents( 'createaccount' ) ){
3063 return $this->mBlock;
3064 }
3065
3066 # bug 13611: if the IP address the user is trying to create an account from is
3067 # blocked with createaccount disabled, prevent new account creation there even
3068 # when the user is logged in
3069 if( $this->mBlockedFromCreateAccount === false ){
3070 $this->mBlockedFromCreateAccount = Block::newFromTarget( null, $this->getRequest()->getIP() );
3071 }
3072 return $this->mBlockedFromCreateAccount instanceof Block && $this->mBlockedFromCreateAccount->prevents( 'createaccount' )
3073 ? $this->mBlockedFromCreateAccount
3074 : false;
3075 }
3076
3077 /**
3078 * Get whether the user is blocked from using Special:Emailuser.
3079 * @return Bool
3080 */
3081 public function isBlockedFromEmailuser() {
3082 $this->getBlockedStatus();
3083 return $this->mBlock && $this->mBlock->prevents( 'sendemail' );
3084 }
3085
3086 /**
3087 * Get whether the user is allowed to create an account.
3088 * @return Bool
3089 */
3090 function isAllowedToCreateAccount() {
3091 return $this->isAllowed( 'createaccount' ) && !$this->isBlockedFromCreateAccount();
3092 }
3093
3094 /**
3095 * Get this user's personal page title.
3096 *
3097 * @return Title: User's personal page title
3098 */
3099 public function getUserPage() {
3100 return Title::makeTitle( NS_USER, $this->getName() );
3101 }
3102
3103 /**
3104 * Get this user's talk page title.
3105 *
3106 * @return Title: User's talk page title
3107 */
3108 public function getTalkPage() {
3109 $title = $this->getUserPage();
3110 return $title->getTalkPage();
3111 }
3112
3113 /**
3114 * Determine whether the user is a newbie. Newbies are either
3115 * anonymous IPs, or the most recently created accounts.
3116 * @return Bool
3117 */
3118 public function isNewbie() {
3119 return !$this->isAllowed( 'autoconfirmed' );
3120 }
3121
3122 /**
3123 * Check to see if the given clear-text password is one of the accepted passwords
3124 * @param $password String: user password.
3125 * @return Boolean: True if the given password is correct, otherwise False.
3126 */
3127 public function checkPassword( $password ) {
3128 global $wgAuth, $wgLegacyEncoding;
3129 $this->load();
3130
3131 // Even though we stop people from creating passwords that
3132 // are shorter than this, doesn't mean people wont be able
3133 // to. Certain authentication plugins do NOT want to save
3134 // domain passwords in a mysql database, so we should
3135 // check this (in case $wgAuth->strict() is false).
3136 if( !$this->isValidPassword( $password ) ) {
3137 return false;
3138 }
3139
3140 if( $wgAuth->authenticate( $this->getName(), $password ) ) {
3141 return true;
3142 } elseif( $wgAuth->strict() ) {
3143 /* Auth plugin doesn't allow local authentication */
3144 return false;
3145 } elseif( $wgAuth->strictUserAuth( $this->getName() ) ) {
3146 /* Auth plugin doesn't allow local authentication for this user name */
3147 return false;
3148 }
3149 if ( self::comparePasswords( $this->mPassword, $password, $this->mId ) ) {
3150 return true;
3151 } elseif ( $wgLegacyEncoding ) {
3152 # Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted
3153 # Check for this with iconv
3154 $cp1252Password = iconv( 'UTF-8', 'WINDOWS-1252//TRANSLIT', $password );
3155 if ( $cp1252Password != $password &&
3156 self::comparePasswords( $this->mPassword, $cp1252Password, $this->mId ) )
3157 {
3158 return true;
3159 }
3160 }
3161 return false;
3162 }
3163
3164 /**
3165 * Check if the given clear-text password matches the temporary password
3166 * sent by e-mail for password reset operations.
3167 *
3168 * @param $plaintext string
3169 *
3170 * @return Boolean: True if matches, false otherwise
3171 */
3172 public function checkTemporaryPassword( $plaintext ) {
3173 global $wgNewPasswordExpiry;
3174
3175 $this->load();
3176 if( self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ) ) {
3177 if ( is_null( $this->mNewpassTime ) ) {
3178 return true;
3179 }
3180 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry;
3181 return ( time() < $expiry );
3182 } else {
3183 return false;
3184 }
3185 }
3186
3187 /**
3188 * Alias for getEditToken.
3189 * @deprecated since 1.19, use getEditToken instead.
3190 *
3191 * @param $salt String|Array of Strings Optional function-specific data for hashing
3192 * @param $request WebRequest object to use or null to use $wgRequest
3193 * @return String The new edit token
3194 */
3195 public function editToken( $salt = '', $request = null ) {
3196 wfDeprecated( __METHOD__, '1.19' );
3197 return $this->getEditToken( $salt, $request );
3198 }
3199
3200 /**
3201 * Initialize (if necessary) and return a session token value
3202 * which can be used in edit forms to show that the user's
3203 * login credentials aren't being hijacked with a foreign form
3204 * submission.
3205 *
3206 * @since 1.19
3207 *
3208 * @param $salt String|Array of Strings Optional function-specific data for hashing
3209 * @param $request WebRequest object to use or null to use $wgRequest
3210 * @return String The new edit token
3211 */
3212 public function getEditToken( $salt = '', $request = null ) {
3213 if ( $request == null ) {
3214 $request = $this->getRequest();
3215 }
3216
3217 if ( $this->isAnon() ) {
3218 return EDIT_TOKEN_SUFFIX;
3219 } else {
3220 $token = $request->getSessionData( 'wsEditToken' );
3221 if ( $token === null ) {
3222 $token = self::generateToken();
3223 $request->setSessionData( 'wsEditToken', $token );
3224 }
3225 if( is_array( $salt ) ) {
3226 $salt = implode( '|', $salt );
3227 }
3228 return md5( $token . $salt ) . EDIT_TOKEN_SUFFIX;
3229 }
3230 }
3231
3232 /**
3233 * Generate a looking random token for various uses.
3234 *
3235 * @param $salt String Optional salt value
3236 * @return String The new random token
3237 */
3238 public static function generateToken( $salt = '' ) {
3239 $token = dechex( mt_rand() ) . dechex( mt_rand() );
3240 return md5( $token . $salt );
3241 }
3242
3243 /**
3244 * Check given value against the token value stored in the session.
3245 * A match should confirm that the form was submitted from the
3246 * user's own login session, not a form submission from a third-party
3247 * site.
3248 *
3249 * @param $val String Input value to compare
3250 * @param $salt String Optional function-specific data for hashing
3251 * @param $request WebRequest object to use or null to use $wgRequest
3252 * @return Boolean: Whether the token matches
3253 */
3254 public function matchEditToken( $val, $salt = '', $request = null ) {
3255 $sessionToken = $this->getEditToken( $salt, $request );
3256 if ( $val != $sessionToken ) {
3257 wfDebug( "User::matchEditToken: broken session data\n" );
3258 }
3259 return $val == $sessionToken;
3260 }
3261
3262 /**
3263 * Check given value against the token value stored in the session,
3264 * ignoring the suffix.
3265 *
3266 * @param $val String Input value to compare
3267 * @param $salt String Optional function-specific data for hashing
3268 * @param $request WebRequest object to use or null to use $wgRequest
3269 * @return Boolean: Whether the token matches
3270 */
3271 public function matchEditTokenNoSuffix( $val, $salt = '', $request = null ) {
3272 $sessionToken = $this->getEditToken( $salt, $request );
3273 return substr( $sessionToken, 0, 32 ) == substr( $val, 0, 32 );
3274 }
3275
3276 /**
3277 * Generate a new e-mail confirmation token and send a confirmation/invalidation
3278 * mail to the user's given address.
3279 *
3280 * @param $type String: message to send, either "created", "changed" or "set"
3281 * @return Status object
3282 */
3283 public function sendConfirmationMail( $type = 'created' ) {
3284 global $wgLang;
3285 $expiration = null; // gets passed-by-ref and defined in next line.
3286 $token = $this->confirmationToken( $expiration );
3287 $url = $this->confirmationTokenUrl( $token );
3288 $invalidateURL = $this->invalidationTokenUrl( $token );
3289 $this->saveSettings();
3290
3291 if ( $type == 'created' || $type === false ) {
3292 $message = 'confirmemail_body';
3293 } elseif ( $type === true ) {
3294 $message = 'confirmemail_body_changed';
3295 } else {
3296 $message = 'confirmemail_body_' . $type;
3297 }
3298
3299 return $this->sendMail( wfMsg( 'confirmemail_subject' ),
3300 wfMsg( $message,
3301 $this->getRequest()->getIP(),
3302 $this->getName(),
3303 $url,
3304 $wgLang->timeanddate( $expiration, false ),
3305 $invalidateURL,
3306 $wgLang->date( $expiration, false ),
3307 $wgLang->time( $expiration, false ) ) );
3308 }
3309
3310 /**
3311 * Send an e-mail to this user's account. Does not check for
3312 * confirmed status or validity.
3313 *
3314 * @param $subject String Message subject
3315 * @param $body String Message body
3316 * @param $from String Optional From address; if unspecified, default $wgPasswordSender will be used
3317 * @param $replyto String Reply-To address
3318 * @return Status
3319 */
3320 public function sendMail( $subject, $body, $from = null, $replyto = null ) {
3321 if( is_null( $from ) ) {
3322 global $wgPasswordSender, $wgPasswordSenderName;
3323 $sender = new MailAddress( $wgPasswordSender, $wgPasswordSenderName );
3324 } else {
3325 $sender = new MailAddress( $from );
3326 }
3327
3328 $to = new MailAddress( $this );
3329 return UserMailer::send( $to, $sender, $subject, $body, $replyto );
3330 }
3331
3332 /**
3333 * Generate, store, and return a new e-mail confirmation code.
3334 * A hash (unsalted, since it's used as a key) is stored.
3335 *
3336 * @note Call saveSettings() after calling this function to commit
3337 * this change to the database.
3338 *
3339 * @param &$expiration \mixed Accepts the expiration time
3340 * @return String New token
3341 */
3342 private function confirmationToken( &$expiration ) {
3343 global $wgUserEmailConfirmationTokenExpiry;
3344 $now = time();
3345 $expires = $now + $wgUserEmailConfirmationTokenExpiry;
3346 $expiration = wfTimestamp( TS_MW, $expires );
3347 $token = self::generateToken( $this->mId . $this->mEmail . $expires );
3348 $hash = md5( $token );
3349 $this->load();
3350 $this->mEmailToken = $hash;
3351 $this->mEmailTokenExpires = $expiration;
3352 return $token;
3353 }
3354
3355 /**
3356 * Return a URL the user can use to confirm their email address.
3357 * @param $token String Accepts the email confirmation token
3358 * @return String New token URL
3359 */
3360 private function confirmationTokenUrl( $token ) {
3361 return $this->getTokenUrl( 'ConfirmEmail', $token );
3362 }
3363
3364 /**
3365 * Return a URL the user can use to invalidate their email address.
3366 * @param $token String Accepts the email confirmation token
3367 * @return String New token URL
3368 */
3369 private function invalidationTokenUrl( $token ) {
3370 return $this->getTokenUrl( 'Invalidateemail', $token );
3371 }
3372
3373 /**
3374 * Internal function to format the e-mail validation/invalidation URLs.
3375 * This uses a quickie hack to use the
3376 * hardcoded English names of the Special: pages, for ASCII safety.
3377 *
3378 * @note Since these URLs get dropped directly into emails, using the
3379 * short English names avoids insanely long URL-encoded links, which
3380 * also sometimes can get corrupted in some browsers/mailers
3381 * (bug 6957 with Gmail and Internet Explorer).
3382 *
3383 * @param $page String Special page
3384 * @param $token String Token
3385 * @return String Formatted URL
3386 */
3387 protected function getTokenUrl( $page, $token ) {
3388 // Hack to bypass localization of 'Special:'
3389 $title = Title::makeTitle( NS_MAIN, "Special:$page/$token" );
3390 return $title->getCanonicalUrl();
3391 }
3392
3393 /**
3394 * Mark the e-mail address confirmed.
3395 *
3396 * @note Call saveSettings() after calling this function to commit the change.
3397 *
3398 * @return true
3399 */
3400 public function confirmEmail() {
3401 $this->setEmailAuthenticationTimestamp( wfTimestampNow() );
3402 wfRunHooks( 'ConfirmEmailComplete', array( $this ) );
3403 return true;
3404 }
3405
3406 /**
3407 * Invalidate the user's e-mail confirmation, and unauthenticate the e-mail
3408 * address if it was already confirmed.
3409 *
3410 * @note Call saveSettings() after calling this function to commit the change.
3411 * @return true
3412 */
3413 function invalidateEmail() {
3414 $this->load();
3415 $this->mEmailToken = null;
3416 $this->mEmailTokenExpires = null;
3417 $this->setEmailAuthenticationTimestamp( null );
3418 wfRunHooks( 'InvalidateEmailComplete', array( $this ) );
3419 return true;
3420 }
3421
3422 /**
3423 * Set the e-mail authentication timestamp.
3424 * @param $timestamp String TS_MW timestamp
3425 */
3426 function setEmailAuthenticationTimestamp( $timestamp ) {
3427 $this->load();
3428 $this->mEmailAuthenticated = $timestamp;
3429 wfRunHooks( 'UserSetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
3430 }
3431
3432 /**
3433 * Is this user allowed to send e-mails within limits of current
3434 * site configuration?
3435 * @return Bool
3436 */
3437 public function canSendEmail() {
3438 global $wgEnableEmail, $wgEnableUserEmail;
3439 if( !$wgEnableEmail || !$wgEnableUserEmail || !$this->isAllowed( 'sendemail' ) ) {
3440 return false;
3441 }
3442 $canSend = $this->isEmailConfirmed();
3443 wfRunHooks( 'UserCanSendEmail', array( &$this, &$canSend ) );
3444 return $canSend;
3445 }
3446
3447 /**
3448 * Is this user allowed to receive e-mails within limits of current
3449 * site configuration?
3450 * @return Bool
3451 */
3452 public function canReceiveEmail() {
3453 return $this->isEmailConfirmed() && !$this->getOption( 'disablemail' );
3454 }
3455
3456 /**
3457 * Is this user's e-mail address valid-looking and confirmed within
3458 * limits of the current site configuration?
3459 *
3460 * @note If $wgEmailAuthentication is on, this may require the user to have
3461 * confirmed their address by returning a code or using a password
3462 * sent to the address from the wiki.
3463 *
3464 * @return Bool
3465 */
3466 public function isEmailConfirmed() {
3467 global $wgEmailAuthentication;
3468 $this->load();
3469 $confirmed = true;
3470 if( wfRunHooks( 'EmailConfirmed', array( &$this, &$confirmed ) ) ) {
3471 if( $this->isAnon() ) {
3472 return false;
3473 }
3474 if( !Sanitizer::validateEmail( $this->mEmail ) ) {
3475 return false;
3476 }
3477 if( $wgEmailAuthentication && !$this->getEmailAuthenticationTimestamp() ) {
3478 return false;
3479 }
3480 return true;
3481 } else {
3482 return $confirmed;
3483 }
3484 }
3485
3486 /**
3487 * Check whether there is an outstanding request for e-mail confirmation.
3488 * @return Bool
3489 */
3490 public function isEmailConfirmationPending() {
3491 global $wgEmailAuthentication;
3492 return $wgEmailAuthentication &&
3493 !$this->isEmailConfirmed() &&
3494 $this->mEmailToken &&
3495 $this->mEmailTokenExpires > wfTimestamp();
3496 }
3497
3498 /**
3499 * Get the timestamp of account creation.
3500 *
3501 * @return String|Bool Timestamp of account creation, or false for
3502 * non-existent/anonymous user accounts.
3503 */
3504 public function getRegistration() {
3505 if ( $this->isAnon() ) {
3506 return false;
3507 }
3508 $this->load();
3509 return $this->mRegistration;
3510 }
3511
3512 /**
3513 * Get the timestamp of the first edit
3514 *
3515 * @return String|Bool Timestamp of first edit, or false for
3516 * non-existent/anonymous user accounts.
3517 */
3518 public function getFirstEditTimestamp() {
3519 if( $this->getId() == 0 ) {
3520 return false; // anons
3521 }
3522 $dbr = wfGetDB( DB_SLAVE );
3523 $time = $dbr->selectField( 'revision', 'rev_timestamp',
3524 array( 'rev_user' => $this->getId() ),
3525 __METHOD__,
3526 array( 'ORDER BY' => 'rev_timestamp ASC' )
3527 );
3528 if( !$time ) {
3529 return false; // no edits
3530 }
3531 return wfTimestamp( TS_MW, $time );
3532 }
3533
3534 /**
3535 * Get the permissions associated with a given list of groups
3536 *
3537 * @param $groups Array of Strings List of internal group names
3538 * @return Array of Strings List of permission key names for given groups combined
3539 */
3540 public static function getGroupPermissions( $groups ) {
3541 global $wgGroupPermissions, $wgRevokePermissions;
3542 $rights = array();
3543 // grant every granted permission first
3544 foreach( $groups as $group ) {
3545 if( isset( $wgGroupPermissions[$group] ) ) {
3546 $rights = array_merge( $rights,
3547 // array_filter removes empty items
3548 array_keys( array_filter( $wgGroupPermissions[$group] ) ) );
3549 }
3550 }
3551 // now revoke the revoked permissions
3552 foreach( $groups as $group ) {
3553 if( isset( $wgRevokePermissions[$group] ) ) {
3554 $rights = array_diff( $rights,
3555 array_keys( array_filter( $wgRevokePermissions[$group] ) ) );
3556 }
3557 }
3558 return array_unique( $rights );
3559 }
3560
3561 /**
3562 * Get all the groups who have a given permission
3563 *
3564 * @param $role String Role to check
3565 * @return Array of Strings List of internal group names with the given permission
3566 */
3567 public static function getGroupsWithPermission( $role ) {
3568 global $wgGroupPermissions;
3569 $allowedGroups = array();
3570 foreach ( $wgGroupPermissions as $group => $rights ) {
3571 if ( isset( $rights[$role] ) && $rights[$role] ) {
3572 $allowedGroups[] = $group;
3573 }
3574 }
3575 return $allowedGroups;
3576 }
3577
3578 /**
3579 * Get the localized descriptive name for a group, if it exists
3580 *
3581 * @param $group String Internal group name
3582 * @return String Localized descriptive group name
3583 */
3584 public static function getGroupName( $group ) {
3585 $msg = wfMessage( "group-$group" );
3586 return $msg->isBlank() ? $group : $msg->text();
3587 }
3588
3589 /**
3590 * Get the localized descriptive name for a member of a group, if it exists
3591 *
3592 * @param $group String Internal group name
3593 * @param $username String Username for gender (since 1.19)
3594 * @return String Localized name for group member
3595 */
3596 public static function getGroupMember( $group, $username = '#' ) {
3597 $msg = wfMessage( "group-$group-member", $username );
3598 return $msg->isBlank() ? $group : $msg->text();
3599 }
3600
3601 /**
3602 * Return the set of defined explicit groups.
3603 * The implicit groups (by default *, 'user' and 'autoconfirmed')
3604 * are not included, as they are defined automatically, not in the database.
3605 * @return Array of internal group names
3606 */
3607 public static function getAllGroups() {
3608 global $wgGroupPermissions, $wgRevokePermissions;
3609 return array_diff(
3610 array_merge( array_keys( $wgGroupPermissions ), array_keys( $wgRevokePermissions ) ),
3611 self::getImplicitGroups()
3612 );
3613 }
3614
3615 /**
3616 * Get a list of all available permissions.
3617 * @return Array of permission names
3618 */
3619 public static function getAllRights() {
3620 if ( self::$mAllRights === false ) {
3621 global $wgAvailableRights;
3622 if ( count( $wgAvailableRights ) ) {
3623 self::$mAllRights = array_unique( array_merge( self::$mCoreRights, $wgAvailableRights ) );
3624 } else {
3625 self::$mAllRights = self::$mCoreRights;
3626 }
3627 wfRunHooks( 'UserGetAllRights', array( &self::$mAllRights ) );
3628 }
3629 return self::$mAllRights;
3630 }
3631
3632 /**
3633 * Get a list of implicit groups
3634 * @return Array of Strings Array of internal group names
3635 */
3636 public static function getImplicitGroups() {
3637 global $wgImplicitGroups;
3638 $groups = $wgImplicitGroups;
3639 wfRunHooks( 'UserGetImplicitGroups', array( &$groups ) ); #deprecated, use $wgImplictGroups instead
3640 return $groups;
3641 }
3642
3643 /**
3644 * Get the title of a page describing a particular group
3645 *
3646 * @param $group String Internal group name
3647 * @return Title|Bool Title of the page if it exists, false otherwise
3648 */
3649 public static function getGroupPage( $group ) {
3650 $msg = wfMessage( 'grouppage-' . $group )->inContentLanguage();
3651 if( $msg->exists() ) {
3652 $title = Title::newFromText( $msg->text() );
3653 if( is_object( $title ) )
3654 return $title;
3655 }
3656 return false;
3657 }
3658
3659 /**
3660 * Create a link to the group in HTML, if available;
3661 * else return the group name.
3662 *
3663 * @param $group String Internal name of the group
3664 * @param $text String The text of the link
3665 * @return String HTML link to the group
3666 */
3667 public static function makeGroupLinkHTML( $group, $text = '' ) {
3668 if( $text == '' ) {
3669 $text = self::getGroupName( $group );
3670 }
3671 $title = self::getGroupPage( $group );
3672 if( $title ) {
3673 return Linker::link( $title, htmlspecialchars( $text ) );
3674 } else {
3675 return $text;
3676 }
3677 }
3678
3679 /**
3680 * Create a link to the group in Wikitext, if available;
3681 * else return the group name.
3682 *
3683 * @param $group String Internal name of the group
3684 * @param $text String The text of the link
3685 * @return String Wikilink to the group
3686 */
3687 public static function makeGroupLinkWiki( $group, $text = '' ) {
3688 if( $text == '' ) {
3689 $text = self::getGroupName( $group );
3690 }
3691 $title = self::getGroupPage( $group );
3692 if( $title ) {
3693 $page = $title->getPrefixedText();
3694 return "[[$page|$text]]";
3695 } else {
3696 return $text;
3697 }
3698 }
3699
3700 /**
3701 * Returns an array of the groups that a particular group can add/remove.
3702 *
3703 * @param $group String: the group to check for whether it can add/remove
3704 * @return Array array( 'add' => array( addablegroups ),
3705 * 'remove' => array( removablegroups ),
3706 * 'add-self' => array( addablegroups to self),
3707 * 'remove-self' => array( removable groups from self) )
3708 */
3709 public static function changeableByGroup( $group ) {
3710 global $wgAddGroups, $wgRemoveGroups, $wgGroupsAddToSelf, $wgGroupsRemoveFromSelf;
3711
3712 $groups = array( 'add' => array(), 'remove' => array(), 'add-self' => array(), 'remove-self' => array() );
3713 if( empty( $wgAddGroups[$group] ) ) {
3714 // Don't add anything to $groups
3715 } elseif( $wgAddGroups[$group] === true ) {
3716 // You get everything
3717 $groups['add'] = self::getAllGroups();
3718 } elseif( is_array( $wgAddGroups[$group] ) ) {
3719 $groups['add'] = $wgAddGroups[$group];
3720 }
3721
3722 // Same thing for remove
3723 if( empty( $wgRemoveGroups[$group] ) ) {
3724 } elseif( $wgRemoveGroups[$group] === true ) {
3725 $groups['remove'] = self::getAllGroups();
3726 } elseif( is_array( $wgRemoveGroups[$group] ) ) {
3727 $groups['remove'] = $wgRemoveGroups[$group];
3728 }
3729
3730 // Re-map numeric keys of AddToSelf/RemoveFromSelf to the 'user' key for backwards compatibility
3731 if( empty( $wgGroupsAddToSelf['user']) || $wgGroupsAddToSelf['user'] !== true ) {
3732 foreach( $wgGroupsAddToSelf as $key => $value ) {
3733 if( is_int( $key ) ) {
3734 $wgGroupsAddToSelf['user'][] = $value;
3735 }
3736 }
3737 }
3738
3739 if( empty( $wgGroupsRemoveFromSelf['user']) || $wgGroupsRemoveFromSelf['user'] !== true ) {
3740 foreach( $wgGroupsRemoveFromSelf as $key => $value ) {
3741 if( is_int( $key ) ) {
3742 $wgGroupsRemoveFromSelf['user'][] = $value;
3743 }
3744 }
3745 }
3746
3747 // Now figure out what groups the user can add to him/herself
3748 if( empty( $wgGroupsAddToSelf[$group] ) ) {
3749 } elseif( $wgGroupsAddToSelf[$group] === true ) {
3750 // No idea WHY this would be used, but it's there
3751 $groups['add-self'] = User::getAllGroups();
3752 } elseif( is_array( $wgGroupsAddToSelf[$group] ) ) {
3753 $groups['add-self'] = $wgGroupsAddToSelf[$group];
3754 }
3755
3756 if( empty( $wgGroupsRemoveFromSelf[$group] ) ) {
3757 } elseif( $wgGroupsRemoveFromSelf[$group] === true ) {
3758 $groups['remove-self'] = User::getAllGroups();
3759 } elseif( is_array( $wgGroupsRemoveFromSelf[$group] ) ) {
3760 $groups['remove-self'] = $wgGroupsRemoveFromSelf[$group];
3761 }
3762
3763 return $groups;
3764 }
3765
3766 /**
3767 * Returns an array of groups that this user can add and remove
3768 * @return Array array( 'add' => array( addablegroups ),
3769 * 'remove' => array( removablegroups ),
3770 * 'add-self' => array( addablegroups to self),
3771 * 'remove-self' => array( removable groups from self) )
3772 */
3773 public function changeableGroups() {
3774 if( $this->isAllowed( 'userrights' ) ) {
3775 // This group gives the right to modify everything (reverse-
3776 // compatibility with old "userrights lets you change
3777 // everything")
3778 // Using array_merge to make the groups reindexed
3779 $all = array_merge( User::getAllGroups() );
3780 return array(
3781 'add' => $all,
3782 'remove' => $all,
3783 'add-self' => array(),
3784 'remove-self' => array()
3785 );
3786 }
3787
3788 // Okay, it's not so simple, we will have to go through the arrays
3789 $groups = array(
3790 'add' => array(),
3791 'remove' => array(),
3792 'add-self' => array(),
3793 'remove-self' => array()
3794 );
3795 $addergroups = $this->getEffectiveGroups();
3796
3797 foreach( $addergroups as $addergroup ) {
3798 $groups = array_merge_recursive(
3799 $groups, $this->changeableByGroup( $addergroup )
3800 );
3801 $groups['add'] = array_unique( $groups['add'] );
3802 $groups['remove'] = array_unique( $groups['remove'] );
3803 $groups['add-self'] = array_unique( $groups['add-self'] );
3804 $groups['remove-self'] = array_unique( $groups['remove-self'] );
3805 }
3806 return $groups;
3807 }
3808
3809 /**
3810 * Increment the user's edit-count field.
3811 * Will have no effect for anonymous users.
3812 */
3813 public function incEditCount() {
3814 if( !$this->isAnon() ) {
3815 $dbw = wfGetDB( DB_MASTER );
3816 $dbw->update( 'user',
3817 array( 'user_editcount=user_editcount+1' ),
3818 array( 'user_id' => $this->getId() ),
3819 __METHOD__ );
3820
3821 // Lazy initialization check...
3822 if( $dbw->affectedRows() == 0 ) {
3823 // Pull from a slave to be less cruel to servers
3824 // Accuracy isn't the point anyway here
3825 $dbr = wfGetDB( DB_SLAVE );
3826 $count = $dbr->selectField( 'revision',
3827 'COUNT(rev_user)',
3828 array( 'rev_user' => $this->getId() ),
3829 __METHOD__ );
3830
3831 // Now here's a goddamn hack...
3832 if( $dbr !== $dbw ) {
3833 // If we actually have a slave server, the count is
3834 // at least one behind because the current transaction
3835 // has not been committed and replicated.
3836 $count++;
3837 } else {
3838 // But if DB_SLAVE is selecting the master, then the
3839 // count we just read includes the revision that was
3840 // just added in the working transaction.
3841 }
3842
3843 $dbw->update( 'user',
3844 array( 'user_editcount' => $count ),
3845 array( 'user_id' => $this->getId() ),
3846 __METHOD__ );
3847 }
3848 }
3849 // edit count in user cache too
3850 $this->invalidateCache();
3851 }
3852
3853 /**
3854 * Get the description of a given right
3855 *
3856 * @param $right String Right to query
3857 * @return String Localized description of the right
3858 */
3859 public static function getRightDescription( $right ) {
3860 $key = "right-$right";
3861 $msg = wfMessage( $key );
3862 return $msg->isBlank() ? $right : $msg->text();
3863 }
3864
3865 /**
3866 * Make an old-style password hash
3867 *
3868 * @param $password String Plain-text password
3869 * @param $userId String User ID
3870 * @return String Password hash
3871 */
3872 public static function oldCrypt( $password, $userId ) {
3873 global $wgPasswordSalt;
3874 if ( $wgPasswordSalt ) {
3875 return md5( $userId . '-' . md5( $password ) );
3876 } else {
3877 return md5( $password );
3878 }
3879 }
3880
3881 /**
3882 * Make a new-style password hash
3883 *
3884 * @param $password String Plain-text password
3885 * @param bool|string $salt Optional salt, may be random or the user ID.
3886
3887 * If unspecified or false, will generate one automatically
3888 * @return String Password hash
3889 */
3890 public static function crypt( $password, $salt = false ) {
3891 global $wgPasswordSalt;
3892
3893 $hash = '';
3894 if( !wfRunHooks( 'UserCryptPassword', array( &$password, &$salt, &$wgPasswordSalt, &$hash ) ) ) {
3895 return $hash;
3896 }
3897
3898 if( $wgPasswordSalt ) {
3899 if ( $salt === false ) {
3900 $salt = substr( wfGenerateToken(), 0, 8 );
3901 }
3902 return ':B:' . $salt . ':' . md5( $salt . '-' . md5( $password ) );
3903 } else {
3904 return ':A:' . md5( $password );
3905 }
3906 }
3907
3908 /**
3909 * Compare a password hash with a plain-text password. Requires the user
3910 * ID if there's a chance that the hash is an old-style hash.
3911 *
3912 * @param $hash String Password hash
3913 * @param $password String Plain-text password to compare
3914 * @param $userId String|bool User ID for old-style password salt
3915 *
3916 * @return Boolean
3917 */
3918 public static function comparePasswords( $hash, $password, $userId = false ) {
3919 $type = substr( $hash, 0, 3 );
3920
3921 $result = false;
3922 if( !wfRunHooks( 'UserComparePasswords', array( &$hash, &$password, &$userId, &$result ) ) ) {
3923 return $result;
3924 }
3925
3926 if ( $type == ':A:' ) {
3927 # Unsalted
3928 return md5( $password ) === substr( $hash, 3 );
3929 } elseif ( $type == ':B:' ) {
3930 # Salted
3931 list( $salt, $realHash ) = explode( ':', substr( $hash, 3 ), 2 );
3932 return md5( $salt.'-'.md5( $password ) ) == $realHash;
3933 } else {
3934 # Old-style
3935 return self::oldCrypt( $password, $userId ) === $hash;
3936 }
3937 }
3938
3939 /**
3940 * Add a newuser log entry for this user. Before 1.19 the return value was always true.
3941 *
3942 * @param $byEmail Boolean: account made by email?
3943 * @param $reason String: user supplied reason
3944 *
3945 * @return int|bool True if not $wgNewUserLog; otherwise ID of log item or 0 on failure
3946 */
3947 public function addNewUserLogEntry( $byEmail = false, $reason = '' ) {
3948 global $wgUser, $wgContLang, $wgNewUserLog;
3949 if( empty( $wgNewUserLog ) ) {
3950 return true; // disabled
3951 }
3952
3953 if( $this->getName() == $wgUser->getName() ) {
3954 $action = 'create';
3955 } else {
3956 $action = 'create2';
3957 if ( $byEmail ) {
3958 if ( $reason === '' ) {
3959 $reason = wfMsgForContent( 'newuserlog-byemail' );
3960 } else {
3961 $reason = $wgContLang->commaList( array(
3962 $reason, wfMsgForContent( 'newuserlog-byemail' ) ) );
3963 }
3964 }
3965 }
3966 $log = new LogPage( 'newusers' );
3967 return (int)$log->addEntry(
3968 $action,
3969 $this->getUserPage(),
3970 $reason,
3971 array( $this->getId() )
3972 );
3973 }
3974
3975 /**
3976 * Add an autocreate newuser log entry for this user
3977 * Used by things like CentralAuth and perhaps other authplugins.
3978 *
3979 * @return true
3980 */
3981 public function addNewUserLogEntryAutoCreate() {
3982 global $wgNewUserLog;
3983 if( !$wgNewUserLog ) {
3984 return true; // disabled
3985 }
3986 $log = new LogPage( 'newusers', false );
3987 $log->addEntry( 'autocreate', $this->getUserPage(), '', array( $this->getId() ) );
3988 return true;
3989 }
3990
3991 /**
3992 * @todo document
3993 */
3994 protected function loadOptions() {
3995 $this->load();
3996 if ( $this->mOptionsLoaded || !$this->getId() )
3997 return;
3998
3999 $this->mOptions = self::getDefaultOptions();
4000
4001 // Maybe load from the object
4002 if ( !is_null( $this->mOptionOverrides ) ) {
4003 wfDebug( "User: loading options for user " . $this->getId() . " from override cache.\n" );
4004 foreach( $this->mOptionOverrides as $key => $value ) {
4005 $this->mOptions[$key] = $value;
4006 }
4007 } else {
4008 wfDebug( "User: loading options for user " . $this->getId() . " from database.\n" );
4009 // Load from database
4010 $dbr = wfGetDB( DB_SLAVE );
4011
4012 $res = $dbr->select(
4013 'user_properties',
4014 '*',
4015 array( 'up_user' => $this->getId() ),
4016 __METHOD__
4017 );
4018
4019 foreach ( $res as $row ) {
4020 $this->mOptionOverrides[$row->up_property] = $row->up_value;
4021 $this->mOptions[$row->up_property] = $row->up_value;
4022 }
4023 }
4024
4025 $this->mOptionsLoaded = true;
4026
4027 wfRunHooks( 'UserLoadOptions', array( $this, &$this->mOptions ) );
4028 }
4029
4030 /**
4031 * @todo document
4032 */
4033 protected function saveOptions() {
4034 global $wgAllowPrefChange;
4035
4036 $extuser = ExternalUser::newFromUser( $this );
4037
4038 $this->loadOptions();
4039 $dbw = wfGetDB( DB_MASTER );
4040
4041 $insert_rows = array();
4042
4043 $saveOptions = $this->mOptions;
4044
4045 // Allow hooks to abort, for instance to save to a global profile.
4046 // Reset options to default state before saving.
4047 if( !wfRunHooks( 'UserSaveOptions', array( $this, &$saveOptions ) ) ) {
4048 return;
4049 }
4050
4051 foreach( $saveOptions as $key => $value ) {
4052 # Don't bother storing default values
4053 if ( ( is_null( self::getDefaultOption( $key ) ) &&
4054 !( $value === false || is_null($value) ) ) ||
4055 $value != self::getDefaultOption( $key ) ) {
4056 $insert_rows[] = array(
4057 'up_user' => $this->getId(),
4058 'up_property' => $key,
4059 'up_value' => $value,
4060 );
4061 }
4062 if ( $extuser && isset( $wgAllowPrefChange[$key] ) ) {
4063 switch ( $wgAllowPrefChange[$key] ) {
4064 case 'local':
4065 case 'message':
4066 break;
4067 case 'semiglobal':
4068 case 'global':
4069 $extuser->setPref( $key, $value );
4070 }
4071 }
4072 }
4073
4074 $dbw->delete( 'user_properties', array( 'up_user' => $this->getId() ), __METHOD__ );
4075 $dbw->insert( 'user_properties', $insert_rows, __METHOD__ );
4076 }
4077
4078 /**
4079 * Provide an array of HTML5 attributes to put on an input element
4080 * intended for the user to enter a new password. This may include
4081 * required, title, and/or pattern, depending on $wgMinimalPasswordLength.
4082 *
4083 * Do *not* use this when asking the user to enter his current password!
4084 * Regardless of configuration, users may have invalid passwords for whatever
4085 * reason (e.g., they were set before requirements were tightened up).
4086 * Only use it when asking for a new password, like on account creation or
4087 * ResetPass.
4088 *
4089 * Obviously, you still need to do server-side checking.
4090 *
4091 * NOTE: A combination of bugs in various browsers means that this function
4092 * actually just returns array() unconditionally at the moment. May as
4093 * well keep it around for when the browser bugs get fixed, though.
4094 *
4095 * @todo FIXME: This does not belong here; put it in Html or Linker or somewhere
4096 *
4097 * @return array Array of HTML attributes suitable for feeding to
4098 * Html::element(), directly or indirectly. (Don't feed to Xml::*()!
4099 * That will potentially output invalid XHTML 1.0 Transitional, and will
4100 * get confused by the boolean attribute syntax used.)
4101 */
4102 public static function passwordChangeInputAttribs() {
4103 global $wgMinimalPasswordLength;
4104
4105 if ( $wgMinimalPasswordLength == 0 ) {
4106 return array();
4107 }
4108
4109 # Note that the pattern requirement will always be satisfied if the
4110 # input is empty, so we need required in all cases.
4111 #
4112 # @todo FIXME: Bug 23769: This needs to not claim the password is required
4113 # if e-mail confirmation is being used. Since HTML5 input validation
4114 # is b0rked anyway in some browsers, just return nothing. When it's
4115 # re-enabled, fix this code to not output required for e-mail
4116 # registration.
4117 #$ret = array( 'required' );
4118 $ret = array();
4119
4120 # We can't actually do this right now, because Opera 9.6 will print out
4121 # the entered password visibly in its error message! When other
4122 # browsers add support for this attribute, or Opera fixes its support,
4123 # we can add support with a version check to avoid doing this on Opera
4124 # versions where it will be a problem. Reported to Opera as
4125 # DSK-262266, but they don't have a public bug tracker for us to follow.
4126 /*
4127 if ( $wgMinimalPasswordLength > 1 ) {
4128 $ret['pattern'] = '.{' . intval( $wgMinimalPasswordLength ) . ',}';
4129 $ret['title'] = wfMsgExt( 'passwordtooshort', 'parsemag',
4130 $wgMinimalPasswordLength );
4131 }
4132 */
4133
4134 return $ret;
4135 }
4136 }
MediaWiki Core