search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Oops, left debug output in
[mediawiki.git] / includes / User.php
blob0948c9ea1265ca10ac8f907c27c45c5ac52efa4b
1 <?php
2 # See user.doc
3
4 include_once( "WatchedItem.php" );
5
6 class User {
7 /* private */ var $mId, $mName, $mPassword, $mEmail, $mNewtalk;
8 /* private */ var $mRights, $mOptions;
9 /* private */ var $mDataLoaded, $mNewpassword;
10 /* private */ var $mSkin;
11 /* private */ var $mBlockedby, $mBlockreason;
12 /* private */ var $mTouched;
13 /* private */ var $mCookiePassword;
14
15 function User()
16 {
17 $this->loadDefaults();
18 }
19
20 # Static factory method
21 #
22 function newFromName( $name )
23 {
24 $u = new User();
25
26 # Clean up name according to title rules
27
28 $t = Title::newFromText( $name );
29 $u->setName( $t->getText() );
30 return $u;
31 }
32
33 /* static */ function whoIs( $id )
34 {
35 return wfGetSQL( "user", "user_name", "user_id=$id" );
36 }
37
38 /* static */ function idFromName( $name )
39 {
40 $nt = Title::newFromText( $name );
41 $sql = "SELECT user_id FROM user WHERE user_name='" .
42 wfStrencode( $nt->getText() ) . "'";
43 $res = wfQuery( $sql, DB_READ, "User::idFromName" );
44
45 if ( 0 == wfNumRows( $res ) ) { return 0; }
46 else {
47 $s = wfFetchObject( $res );
48 return $s->user_id;
49 }
50 }
51
52 # does the string match an anonymous user IP address?
53 /* static */ function isIP( $name ) {
54 return preg_match("/^\d{1,3}\.\d{1,3}.\d{1,3}\.\d{1,3}$/",$name);
55
56 }
57
58 /* static */ function randomPassword()
59 {
60 $pwchars = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz";
61 $l = strlen( $pwchars ) - 1;
62
63 wfSeedRandom();
64 $np = $pwchars{mt_rand( 0, $l )} . $pwchars{mt_rand( 0, $l )} .
65 $pwchars{mt_rand( 0, $l )} . chr( mt_rand(48, 57) ) .
66 $pwchars{mt_rand( 0, $l )} . $pwchars{mt_rand( 0, $l )} .
67 $pwchars{mt_rand( 0, $l )};
68 return $np;
69 }
70
71 function loadDefaults()
72 {
73 global $wgLang, $wgIP;
74 global $wgNamespacesToBeSearchedDefault;
75
76 $this->mId = $this->mNewtalk = 0;
77 $this->mName = $wgIP;
78 $this->mEmail = "";
79 $this->mPassword = $this->mNewpassword = "";
80 $this->mRights = array();
81 $defOpt = $wgLang->getDefaultUserOptions() ;
82 foreach ( $defOpt as $oname => $val ) {
83 $this->mOptions[$oname] = $val;
84 }
85 foreach ($wgNamespacesToBeSearchedDefault as $nsnum => $val) {
86 $this->mOptions["searchNs".$nsnum] = $val;
87 }
88 unset( $this->mSkin );
89 $this->mDataLoaded = false;
90 $this->mBlockedby = -1; # Unset
91 $this->mTouched = '0'; # Allow any pages to be cached
92 $this->cookiePassword = "";
93 }
94
95 /* private */ function getBlockedStatus()
96 {
97 global $wgIP, $wgBlockCache;
98
99 if ( -1 != $this->mBlockedby ) { return; }
100
101 $this->mBlockedby = 0;
102
103 # User blocking
104 if ( $this->mId ) {
105 $block = new Block();
106 if ( $block->load( $wgIP , $this->mId ) ) {
107 $this->mBlockedby = $block->mBy;
108 $this->mBlockreason = $block->mReason;
109 }
110 }
111
112 # IP/range blocking
113 if ( !$this->mBlockedby ) {
114 $block = $wgBlockCache->get( $wgIP );
115 if ( $block !== false ) {
116 $this->mBlockedby = $block->mBy;
117 $this->mBlockreason = $block->mReason;
118 }
119 }
120 }
121
122 function isBlocked()
123 {
124 $this->getBlockedStatus();
125 if ( 0 == $this->mBlockedby ) { return false; }
126 return true;
127 }
128
129 function blockedBy() {
130 $this->getBlockedStatus();
131 return $this->mBlockedby;
132 }
133
134 function blockedFor() {
135 $this->getBlockedStatus();
136 return $this->mBlockreason;
137 }
138
139 function SetupSession() {
140 global $wgSessionsInMemcached, $wgCookiePath, $wgCookieDomain;
141 global $wsUserID, $wsUserName, $wsUserPassword, $wsUploadFiles;
142 if( $wgSessionsInMemcached ) {
143 include_once( "MemcachedSessions.php" );
144 }
145 session_set_cookie_params( 0, $wgCookiePath, $wgCookieDomain );
146 session_cache_limiter( "private, must-revalidate" );
147 session_start();
148 session_register( "wsUserID" );
149 session_register( "wsUserName" );
150 session_register( "wsUserPassword" );
151 session_register( "wsUploadFiles" );
152 }
153
154 /* static */ function loadFromSession()
155 {
156 global $HTTP_COOKIE_VARS, $wsUserID, $wsUserName, $wsUserPassword;
157 global $wgMemc, $wgDBname;
158
159 if ( isset( $wsUserID ) ) {
160 if ( 0 != $wsUserID ) {
161 $sId = $wsUserID;
162 } else {
163 return new User();
164 }
165 } else if ( isset( $HTTP_COOKIE_VARS["{$wgDBname}UserID"] ) ) {
166 $sId = IntVal( $HTTP_COOKIE_VARS["{$wgDBname}UserID"] );
167 $wsUserID = $sId;
168 } else {
169 return new User();
170 }
171 if ( isset( $wsUserName ) ) {
172 $sName = $wsUserName;
173 } else if ( isset( $HTTP_COOKIE_VARS["{$wgDBname}UserName"] ) ) {
174 $sName = $HTTP_COOKIE_VARS["{$wgDBname}UserName"];
175 $wsUserName = $sName;
176 } else {
177 return new User();
178 }
179
180 $passwordCorrect = FALSE;
181 $user = $wgMemc->get( $key = "$wgDBname:user:id:$sId" );
182 if($makenew = !$user) {
183 wfDebug( "User::loadFromSession() unable to load from memcached\n" );
184 $user = new User();
185 $user->mId = $sId;
186 $user->loadFromDatabase();
187 } else {
188 wfDebug( "User::loadFromSession() got from cache!\n" );
189 }
190
191 if ( isset( $wsUserPassword ) ) {
192 $passwordCorrect = $wsUserPassword == $user->mPassword;
193 } else if ( isset( $HTTP_COOKIE_VARS["{$wgDBname}Password"] ) ) {
194 $user->mCookiePassword = $HTTP_COOKIE_VARS["{$wgDBname}Password"];
195 $wsUserPassword = $user->addSalt( $user->mCookiePassword );
196 $passwordCorrect = $wsUserPassword == $user->mPassword;
197 } else {
198 return new User(); # Can't log in from session
199 }
200
201 if ( ( $sName == $user->mName ) && $passwordCorrect ) {
202 if($makenew) {
203 if($wgMemc->set( $key, $user ))
204 wfDebug( "User::loadFromSession() successfully saved user\n" );
205 else
206 wfDebug( "User::loadFromSession() unable to save to memcached\n" );
207 }
208 $user->spreadBlock();
209 return $user;
210 }
211 return new User(); # Can't log in from session
212 }
213
214 function loadFromDatabase()
215 {
216 global $wgCommandLineMode;
217 if ( $this->mDataLoaded || $wgCommandLineMode ) {
218 return;
219 }
220
221 # Paranoia
222 $this->mId = IntVal( $this->mId );
223
224 # check in separate table if there are changes to the talk page
225 $this->mNewtalk=0; # reset talk page status
226 if($this->mId) {
227 $sql = "SELECT 1 FROM user_newtalk WHERE user_id={$this->mId}";
228 $res = wfQuery ($sql, DB_READ, "User::loadFromDatabase" );
229
230 if (wfNumRows($res)>0) {
231 $this->mNewtalk= 1;
232 }
233 wfFreeResult( $res );
234 } else {
235 # TEST THIS @@@
236 global $wgDBname, $wgMemc;
237 $key = "$wgDBname:newtalk:ip:{$this->mName}";
238 $newtalk = $wgMemc->get( $key );
239 if( ! is_integer( $newtalk ) ){
240 $sql = "SELECT 1 FROM user_newtalk WHERE user_ip='{$this->mName}'";
241 $res = wfQuery ($sql, DB_READ, "User::loadFromDatabase" );
242
243 $this->mNewtalk = (wfNumRows($res)>0) ? 1 : 0;
244 wfFreeResult( $res );
245
246 $wgMemc->set( $key, $this->mNewtalk, time() ); // + 1800 );
247 } else {
248 $this->mNewtalk = $newtalk ? 1 : 0;
249 }
250 }
251 if(!$this->mId) {
252 $this->mDataLoaded = true;
253 return;
254 } # the following stuff is for non-anonymous users only
255
256 $sql = "SELECT user_name,user_password,user_newpassword,user_email," .
257 "user_options,user_rights,user_touched FROM user WHERE user_id=" .
258 "{$this->mId}";
259 $res = wfQuery( $sql, DB_READ, "User::loadFromDatabase" );
260
261 if ( wfNumRows( $res ) > 0 ) {
262 $s = wfFetchObject( $res );
263 $this->mName = $s->user_name;
264 $this->mEmail = $s->user_email;
265 $this->mPassword = $s->user_password;
266 $this->mNewpassword = $s->user_newpassword;
267 $this->decodeOptions( $s->user_options );
268 $this->mRights = explode( ",", strtolower( $s->user_rights ) );
269 $this->mTouched = $s->user_touched;
270 }
271
272 wfFreeResult( $res );
273 $this->mDataLoaded = true;
274 }
275
276 function getID() { return $this->mId; }
277 function setID( $v ) {
278 $this->mId = $v;
279 $this->mDataLoaded = false;
280 }
281
282 function getName() {
283 $this->loadFromDatabase();
284 return $this->mName;
285 }
286
287 function setName( $str )
288 {
289 $this->loadFromDatabase();
290 $this->mName = $str;
291 }
292
293 function getNewtalk()
294 {
295 $this->loadFromDatabase();
296 return ( 0 != $this->mNewtalk );
297 }
298
299 function setNewtalk( $val )
300 {
301 $this->loadFromDatabase();
302 $this->mNewtalk = $val;
303 $this->invalidateCache();
304 }
305
306 function invalidateCache() {
307 $this->loadFromDatabase();
308 $this->mTouched = wfTimestampNow();
309 # Don't forget to save the options after this or
310 # it won't take effect!
311 }
312
313 function validateCache( $timestamp ) {
314 $this->loadFromDatabase();
315 return ($timestamp >= $this->mTouched);
316 }
317
318 function getPassword()
319 {
320 $this->loadFromDatabase();
321 return $this->mPassword;
322 }
323
324 function getNewpassword()
325 {
326 $this->loadFromDatabase();
327 return $this->mNewpassword;
328 }
329
330 function addSalt( $p )
331 {
332 global $wgPasswordSalt;
333 if($wgPasswordSalt)
334 return md5( "{$this->mId}-{$p}" );
335 else
336 return $p;
337 }
338
339 function encryptPassword( $p )
340 {
341 return $this->addSalt( md5( $p ) );
342 }
343
344 function setPassword( $str )
345 {
346 $this->loadFromDatabase();
347 $this->setCookiePassword( $str );
348 $this->mPassword = $this->encryptPassword( $str );
349 $this->mNewpassword = "";
350 }
351
352 function setCookiePassword( $str )
353 {
354 $this->loadFromDatabase();
355 $this->mCookiePassword = md5( $str );
356 }
357
358 function setNewpassword( $str )
359 {
360 $this->loadFromDatabase();
361 $this->mNewpassword = $this->encryptPassword( $str );
362 }
363
364 function getEmail()
365 {
366 $this->loadFromDatabase();
367 return $this->mEmail;
368 }
369
370 function setEmail( $str )
371 {
372 $this->loadFromDatabase();
373 $this->mEmail = $str;
374 }
375
376 function getOption( $oname )
377 {
378 $this->loadFromDatabase();
379 if ( array_key_exists( $oname, $this->mOptions ) ) {
380 return $this->mOptions[$oname];
381 } else {
382 return "";
383 }
384 }
385
386 function setOption( $oname, $val )
387 {
388 $this->loadFromDatabase();
389 $this->mOptions[$oname] = $val;
390 $this->invalidateCache();
391 }
392
393 function getRights()
394 {
395 $this->loadFromDatabase();
396 return $this->mRights;
397 }
398
399 function addRight( $rname )
400 {
401 $this->loadFromDatabase();
402 array_push( $this->mRights, $rname );
403 $this->invalidateCache();
404 }
405
406 function isSysop()
407 {
408 $this->loadFromDatabase();
409 if ( 0 == $this->mId ) { return false; }
410
411 return in_array( "sysop", $this->mRights );
412 }
413
414 function isDeveloper()
415 {
416 $this->loadFromDatabase();
417 if ( 0 == $this->mId ) { return false; }
418
419 return in_array( "developer", $this->mRights );
420 }
421
422 function isBureaucrat()
423 {
424 $this->loadFromDatabase();
425 if ( 0 == $this->mId ) { return false; }
426
427 return in_array( "bureaucrat", $this->mRights );
428 }
429
430 function isBot()
431 {
432 $this->loadFromDatabase();
433 if ( 0 == $this->mId ) { return false; }
434
435 return in_array( "bot", $this->mRights );
436 }
437
438 function &getSkin()
439 {
440 if ( ! isset( $this->mSkin ) ) {
441 $skinNames = Skin::getSkinNames();
442 $s = $this->getOption( "skin" );
443 if ( "" == $s ) { $s = 0; }
444
445 if ( $s >= count( $skinNames ) ) { $sn = "SkinStandard"; }
446 else $sn = "Skin" . $skinNames[$s];
447 $this->mSkin = new $sn;
448 }
449 return $this->mSkin;
450 }
451
452 function isWatched( $title ) {
453 $wl = WatchedItem::fromUserTitle( $this, $title );
454 return $wl->isWatched();
455 }
456
457 function addWatch( $title ) {
458 $wl = WatchedItem::fromUserTitle( $this, $title );
459 $wl->addWatch();
460 $this->invalidateCache();
461 }
462
463 function removeWatch( $title ) {
464 $wl = WatchedItem::fromUserTitle( $this, $title );
465 $wl->removeWatch();
466 $this->invalidateCache();
467 }
468
469
470 /* private */ function encodeOptions()
471 {
472 $a = array();
473 foreach ( $this->mOptions as $oname => $oval ) {
474 array_push( $a, "{$oname}={$oval}" );
475 }
476 $s = implode( "\n", $a );
477 return wfStrencode( $s );
478 }
479
480 /* private */ function decodeOptions( $str )
481 {
482 $a = explode( "\n", $str );
483 foreach ( $a as $s ) {
484 if ( preg_match( "/^(.[^=]*)=(.*)$/", $s, $m ) ) {
485 $this->mOptions[$m[1]] = $m[2];
486 }
487 }
488 }
489
490 function setCookies()
491 {
492 global $wsUserID, $wsUserName, $wsUserPassword;
493 global $wgCookieExpiration, $wgCookiePath, $wgCookieDomain, $wgDBname;
494 if ( 0 == $this->mId ) return;
495 $this->loadFromDatabase();
496 $exp = time() + $wgCookieExpiration;
497
498 $wsUserID = $this->mId;
499 setcookie( "{$wgDBname}UserID", $this->mId, $exp, $wgCookiePath, $wgCookieDomain );
500
501 $wsUserName = $this->mName;
502 setcookie( "{$wgDBname}UserName", $this->mName, $exp, $wgCookiePath, $wgCookieDomain );
503
504 $wsUserPassword = $this->mPassword;
505 if ( 1 == $this->getOption( "rememberpassword" ) ) {
506 setcookie( "{$wgDBname}Password", $this->mCookiePassword, $exp, $wgCookiePath, $wgCookieDomain );
507 } else {
508 setcookie( "{$wgDBname}Password", "", time() - 3600 );
509 }
510 }
511
512 function logout()
513 {
514 global $wsUserID, $wgCookiePath, $wgCookieDomain, $wgDBname;
515 $this->mId = 0;
516
517 $wsUserID = 0;
518
519 setcookie( "{$wgDBname}UserID", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
520 setcookie( "{$wgDBname}Password", "", time() - 3600, $wgCookiePath, $wgCookieDomain );
521 }
522
523 function saveSettings()
524 {
525 global $wgMemc, $wgDBname;
526
527 if ( ! $this->mNewtalk ) {
528 if( $this->mId ) {
529 $sql="DELETE FROM user_newtalk WHERE user_id={$this->mId}";
530 wfQuery ($sql, DB_WRITE, "User::saveSettings");
531 } else {
532 $sql="DELETE FROM user_newtalk WHERE user_ip='{$this->mName}'";
533 wfQuery ($sql, DB_WRITE, "User::saveSettings");
534 $wgMemc->delete( "$wgDBname:newtalk:ip:{$this->mName}" );
535 }
536 }
537 if ( 0 == $this->mId ) { return; }
538
539 $sql = "UPDATE user SET " .
540 "user_name= '" . wfStrencode( $this->mName ) . "', " .
541 "user_password= '" . wfStrencode( $this->mPassword ) . "', " .
542 "user_newpassword= '" . wfStrencode( $this->mNewpassword ) . "', " .
543 "user_email= '" . wfStrencode( $this->mEmail ) . "', " .
544 "user_options= '" . $this->encodeOptions() . "', " .
545 "user_rights= '" . wfStrencode( implode( ",", $this->mRights ) ) . "', " .
546 "user_touched= '" . wfStrencode( $this->mTouched ) .
547 "' WHERE user_id={$this->mId}";
548 wfQuery( $sql, DB_WRITE, "User::saveSettings" );
549 $wgMemc->delete( "$wgDBname:user:id:$this->mId" );
550 }
551
552 # Checks if a user with the given name exists
553 #
554 function idForName()
555 {
556 $gotid = 0;
557 $s = trim( $this->mName );
558 if ( 0 == strcmp( "", $s ) ) return 0;
559
560 $sql = "SELECT user_id FROM user WHERE user_name='" .
561 wfStrencode( $s ) . "'";
562 $res = wfQuery( $sql, DB_READ, "User::idForName" );
563 if ( 0 == wfNumRows( $res ) ) { return 0; }
564
565 $s = wfFetchObject( $res );
566 if ( "" == $s ) return 0;
567
568 $gotid = $s->user_id;
569 wfFreeResult( $res );
570 return $gotid;
571 }
572
573 function addToDatabase()
574 {
575 $sql = "INSERT INTO user (user_name,user_password,user_newpassword," .
576 "user_email, user_rights, user_options) " .
577 " VALUES ('" . wfStrencode( $this->mName ) . "', '" .
578 wfStrencode( $this->mPassword ) . "', '" .
579 wfStrencode( $this->mNewpassword ) . "', '" .
580 wfStrencode( $this->mEmail ) . "', '" .
581 wfStrencode( implode( ",", $this->mRights ) ) . "', '" .
582 $this->encodeOptions() . "')";
583 wfQuery( $sql, DB_WRITE, "User::addToDatabase" );
584 $this->mId = $this->idForName();
585 }
586
587 function spreadBlock()
588 {
589 global $wgIP;
590 # If the (non-anonymous) user is blocked, this function will block any IP address
591 # that they successfully log on from.
592 $fname = "User::spreadBlock";
593
594 wfDebug( "User:spreadBlock()\n" );
595 if ( $this->mId == 0 ) {
596 return;
597 }
598
599 $userblock = Block::newFromDB( "", $this->mId );
600 if ( !$userblock->isValid() ) {
601 return;
602 }
603
604 # Check if this IP address is already blocked
605 $ipblock = Block::newFromDB( $wgIP );
606 if ( $ipblock->isValid() ) {
607 # Just update the timestamp
608 $ipblock->updateTimestamp();
609 return;
610 }
611
612 # Make a new block object with the desired properties
613 wfDebug( "Autoblocking {$this->mUserName}@{$wgIP}\n" );
614 $ipblock->mAddress = $wgIP;
615 $ipblock->mUser = 0;
616 $ipblock->mBy = $userblock->mBy;
617 $ipblock->mReason = wfMsg( "autoblocker", $this->getName(), $userblock->mReason );
618 $ipblock->mTimestamp = wfTimestampNow();
619 $ipblock->mAuto = 1;
620 $ipblock->mExpiry = Block::getAutoblockExpiry( $ipblock->mTimestamp );
621
622 # Insert it
623 $ipblock->insert();
624
625 }
626
627 function getPageRenderingHash(){
628 static $hash = false;
629 if( $hash ){
630 return $hash;
631 }
632
633 // stubthreshold is only included below for completeness,
634 // it will always be 0 when this function is called by parsercache.
635
636 $confstr = $this->getOption( "quickbar" );
637 $confstr .= "!" . $this->getOption( "underline" );
638 $confstr .= "!" . $this->getOption( "hover" );
639 $confstr .= "!" . $this->getOption( "skin" );
640 $confstr .= "!" . $this->getOption( "math" );
641 $confstr .= "!" . $this->getOption( "highlightbroken" );
642 $confstr .= "!" . $this->getOption( "stubthreshold" );
643 $confstr .= "!" . $this->getOption( "editsection" );
644 $confstr .= "!" . $this->getOption( "editsectiononrightclick" );
645 $confstr .= "!" . $this->getOption( "showtoc" );
646 $confstr .= "!" . $this->getOption( "date" );
647
648 if(strlen($confstr) > 32)
649 $hash = md5($confstr);
650 else
651 $hash = $confstr;
652 return $hash;
653 }
654
655 function isAllowedToCreateAccount()
656 {
657 global $wgWhitelistAccount;
658 $allowed = false;
659
660 if (!$wgWhitelistAccount) { return 1; }; // default behaviour
661 foreach ($wgWhitelistAccount as $right => $ok) {
662 $userHasRight = (!strcmp($right, "user") || in_array($right, $this->getRights()));
663 $allowed |= ($ok && $userHasRight);
664 }
665 return $allowed;
666 }
667
668
669
670 }
671
672 ?>
MediaWiki Core