SpecialLinkSearch: clean up munged query variable handling
[mediawiki.git] / includes / User.php
blobc2db67a2a7518560979b0f6207147fbfe4757c68
1 <?php
2 /**
3 * Implements the User class for the %MediaWiki software.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
20 * @file
23 /**
24 * String Some punctuation to prevent editing from broken text-mangling proxies.
25 * @ingroup Constants
27 define( 'EDIT_TOKEN_SUFFIX', '+\\' );
29 /**
30 * The User object encapsulates all of the user-specific settings (user_id,
31 * name, rights, password, email address, options, last login time). Client
32 * classes use the getXXX() functions to access these fields. These functions
33 * do all the work of determining whether the user is logged in,
34 * whether the requested option can be satisfied from cookies or
35 * whether a database query is needed. Most of the settings needed
36 * for rendering normal pages are set in the cookie to minimize use
37 * of the database.
39 class User implements IDBAccessObject {
40 /**
41 * @const int Number of characters in user_token field.
43 const TOKEN_LENGTH = 32;
45 /**
46 * Global constant made accessible as class constants so that autoloader
47 * magic can be used.
49 const EDIT_TOKEN_SUFFIX = EDIT_TOKEN_SUFFIX;
51 /**
52 * @const int Serialized record version.
54 const VERSION = 10;
56 /**
57 * Maximum items in $mWatchedItems
59 const MAX_WATCHED_ITEMS_CACHE = 100;
61 /**
62 * Exclude user options that are set to their default value.
63 * @since 1.25
65 const GETOPTIONS_EXCLUDE_DEFAULTS = 1;
67 /**
68 * @var PasswordFactory Lazily loaded factory object for passwords
70 private static $mPasswordFactory = null;
72 /**
73 * Array of Strings List of member variables which are saved to the
74 * shared cache (memcached). Any operation which changes the
75 * corresponding database fields must call a cache-clearing function.
76 * @showinitializer
78 protected static $mCacheVars = array(
79 // user table
80 'mId',
81 'mName',
82 'mRealName',
83 'mEmail',
84 'mTouched',
85 'mToken',
86 'mEmailAuthenticated',
87 'mEmailToken',
88 'mEmailTokenExpires',
89 'mRegistration',
90 'mEditCount',
91 // user_groups table
92 'mGroups',
93 // user_properties table
94 'mOptionOverrides',
97 /**
98 * Array of Strings Core rights.
99 * Each of these should have a corresponding message of the form
100 * "right-$right".
101 * @showinitializer
103 protected static $mCoreRights = array(
104 'apihighlimits',
105 'autoconfirmed',
106 'autopatrol',
107 'bigdelete',
108 'block',
109 'blockemail',
110 'bot',
111 'browsearchive',
112 'createaccount',
113 'createpage',
114 'createtalk',
115 'delete',
116 'deletedhistory',
117 'deletedtext',
118 'deletelogentry',
119 'deleterevision',
120 'edit',
121 'editcontentmodel',
122 'editinterface',
123 'editprotected',
124 'editmyoptions',
125 'editmyprivateinfo',
126 'editmyusercss',
127 'editmyuserjs',
128 'editmywatchlist',
129 'editsemiprotected',
130 'editusercssjs', #deprecated
131 'editusercss',
132 'edituserjs',
133 'hideuser',
134 'import',
135 'importupload',
136 'ipblock-exempt',
137 'managechangetags',
138 'markbotedits',
139 'mergehistory',
140 'minoredit',
141 'move',
142 'movefile',
143 'move-categorypages',
144 'move-rootuserpages',
145 'move-subpages',
146 'nominornewtalk',
147 'noratelimit',
148 'override-export-depth',
149 'pagelang',
150 'passwordreset',
151 'patrol',
152 'patrolmarks',
153 'protect',
154 'proxyunbannable',
155 'purge',
156 'read',
157 'reupload',
158 'reupload-own',
159 'reupload-shared',
160 'rollback',
161 'sendemail',
162 'siteadmin',
163 'suppressionlog',
164 'suppressredirect',
165 'suppressrevision',
166 'unblockself',
167 'undelete',
168 'unwatchedpages',
169 'upload',
170 'upload_by_url',
171 'userrights',
172 'userrights-interwiki',
173 'viewmyprivateinfo',
174 'viewmywatchlist',
175 'viewsuppressed',
176 'writeapi',
180 * String Cached results of getAllRights()
182 protected static $mAllRights = false;
184 /** @name Cache variables */
185 //@{
186 public $mId;
188 public $mName;
190 public $mRealName;
193 * @todo Make this actually private
194 * @private
196 public $mPassword;
199 * @todo Make this actually private
200 * @private
202 public $mNewpassword;
204 public $mNewpassTime;
206 public $mEmail;
208 public $mTouched;
210 protected $mToken;
212 public $mEmailAuthenticated;
214 protected $mEmailToken;
216 protected $mEmailTokenExpires;
218 protected $mRegistration;
220 protected $mEditCount;
222 public $mGroups;
224 protected $mOptionOverrides;
226 protected $mPasswordExpires;
227 //@}
230 * Bool Whether the cache variables have been loaded.
232 //@{
233 public $mOptionsLoaded;
236 * Array with already loaded items or true if all items have been loaded.
238 protected $mLoadedItems = array();
239 //@}
242 * String Initialization data source if mLoadedItems!==true. May be one of:
243 * - 'defaults' anonymous user initialised from class defaults
244 * - 'name' initialise from mName
245 * - 'id' initialise from mId
246 * - 'session' log in from cookies or session if possible
248 * Use the User::newFrom*() family of functions to set this.
250 public $mFrom;
253 * Lazy-initialized variables, invalidated with clearInstanceCache
255 protected $mNewtalk;
257 protected $mDatePreference;
259 public $mBlockedby;
261 protected $mHash;
263 public $mRights;
265 protected $mBlockreason;
267 protected $mEffectiveGroups;
269 protected $mImplicitGroups;
271 protected $mFormerGroups;
273 protected $mBlockedGlobally;
275 protected $mLocked;
277 public $mHideName;
279 public $mOptions;
282 * @var WebRequest
284 private $mRequest;
286 /** @var Block */
287 public $mBlock;
289 /** @var bool */
290 protected $mAllowUsertalk;
292 /** @var Block */
293 private $mBlockedFromCreateAccount = false;
295 /** @var array */
296 private $mWatchedItems = array();
298 public static $idCacheByName = array();
301 * Lightweight constructor for an anonymous user.
302 * Use the User::newFrom* factory functions for other kinds of users.
304 * @see newFromName()
305 * @see newFromId()
306 * @see newFromConfirmationCode()
307 * @see newFromSession()
308 * @see newFromRow()
310 public function __construct() {
311 $this->clearInstanceCache( 'defaults' );
315 * @return string
317 public function __toString() {
318 return $this->getName();
322 * Load the user table data for this object from the source given by mFrom.
324 public function load() {
325 if ( $this->mLoadedItems === true ) {
326 return;
329 // Set it now to avoid infinite recursion in accessors
330 $this->mLoadedItems = true;
332 switch ( $this->mFrom ) {
333 case 'defaults':
334 $this->loadDefaults();
335 break;
336 case 'name':
337 $this->mId = self::idFromName( $this->mName );
338 if ( !$this->mId ) {
339 // Nonexistent user placeholder object
340 $this->loadDefaults( $this->mName );
341 } else {
342 $this->loadFromId();
344 break;
345 case 'id':
346 $this->loadFromId();
347 break;
348 case 'session':
349 if ( !$this->loadFromSession() ) {
350 // Loading from session failed. Load defaults.
351 $this->loadDefaults();
353 Hooks::run( 'UserLoadAfterLoadFromSession', array( $this ) );
354 break;
355 default:
356 throw new MWException( "Unrecognised value for User->mFrom: \"{$this->mFrom}\"" );
361 * Load user table data, given mId has already been set.
362 * @return bool False if the ID does not exist, true otherwise
364 public function loadFromId() {
365 if ( $this->mId == 0 ) {
366 $this->loadDefaults();
367 return false;
370 // Try cache
371 $cache = $this->loadFromCache();
372 if ( !$cache ) {
373 wfDebug( "User: cache miss for user {$this->mId}\n" );
374 // Load from DB
375 if ( !$this->loadFromDatabase() ) {
376 // Can't load from ID, user is anonymous
377 return false;
379 $this->saveToCache();
382 $this->mLoadedItems = true;
384 return true;
388 * Load user data from shared cache, given mId has already been set.
390 * @return bool false if the ID does not exist or data is invalid, true otherwise
391 * @since 1.25
393 public function loadFromCache() {
394 global $wgMemc;
396 if ( $this->mId == 0 ) {
397 $this->loadDefaults();
398 return false;
401 $key = wfMemcKey( 'user', 'id', $this->mId );
402 $data = $wgMemc->get( $key );
403 if ( !is_array( $data ) || $data['mVersion'] < self::VERSION ) {
404 // Object is expired
405 return false;
408 wfDebug( "User: got user {$this->mId} from cache\n" );
410 // Restore from cache
411 foreach ( self::$mCacheVars as $name ) {
412 $this->$name = $data[$name];
415 return true;
419 * Save user data to the shared cache
421 public function saveToCache() {
422 $this->load();
423 $this->loadGroups();
424 $this->loadOptions();
425 if ( $this->isAnon() ) {
426 // Anonymous users are uncached
427 return;
429 $data = array();
430 foreach ( self::$mCacheVars as $name ) {
431 $data[$name] = $this->$name;
433 $data['mVersion'] = self::VERSION;
434 $key = wfMemcKey( 'user', 'id', $this->mId );
435 global $wgMemc;
436 $wgMemc->set( $key, $data );
439 /** @name newFrom*() static factory methods */
440 //@{
443 * Static factory method for creation from username.
445 * This is slightly less efficient than newFromId(), so use newFromId() if
446 * you have both an ID and a name handy.
448 * @param string $name Username, validated by Title::newFromText()
449 * @param string|bool $validate Validate username. Takes the same parameters as
450 * User::getCanonicalName(), except that true is accepted as an alias
451 * for 'valid', for BC.
453 * @return User|bool User object, or false if the username is invalid
454 * (e.g. if it contains illegal characters or is an IP address). If the
455 * username is not present in the database, the result will be a user object
456 * with a name, zero user ID and default settings.
458 public static function newFromName( $name, $validate = 'valid' ) {
459 if ( $validate === true ) {
460 $validate = 'valid';
462 $name = self::getCanonicalName( $name, $validate );
463 if ( $name === false ) {
464 return false;
465 } else {
466 // Create unloaded user object
467 $u = new User;
468 $u->mName = $name;
469 $u->mFrom = 'name';
470 $u->setItemLoaded( 'name' );
471 return $u;
476 * Static factory method for creation from a given user ID.
478 * @param int $id Valid user ID
479 * @return User The corresponding User object
481 public static function newFromId( $id ) {
482 $u = new User;
483 $u->mId = $id;
484 $u->mFrom = 'id';
485 $u->setItemLoaded( 'id' );
486 return $u;
490 * Factory method to fetch whichever user has a given email confirmation code.
491 * This code is generated when an account is created or its e-mail address
492 * has changed.
494 * If the code is invalid or has expired, returns NULL.
496 * @param string $code Confirmation code
497 * @return User|null
499 public static function newFromConfirmationCode( $code ) {
500 $dbr = wfGetDB( DB_SLAVE );
501 $id = $dbr->selectField( 'user', 'user_id', array(
502 'user_email_token' => md5( $code ),
503 'user_email_token_expires > ' . $dbr->addQuotes( $dbr->timestamp() ),
504 ) );
505 if ( $id !== false ) {
506 return User::newFromId( $id );
507 } else {
508 return null;
513 * Create a new user object using data from session or cookies. If the
514 * login credentials are invalid, the result is an anonymous user.
516 * @param WebRequest|null $request Object to use; $wgRequest will be used if omitted.
517 * @return User
519 public static function newFromSession( WebRequest $request = null ) {
520 $user = new User;
521 $user->mFrom = 'session';
522 $user->mRequest = $request;
523 return $user;
527 * Create a new user object from a user row.
528 * The row should have the following fields from the user table in it:
529 * - either user_name or user_id to load further data if needed (or both)
530 * - user_real_name
531 * - all other fields (email, password, etc.)
532 * It is useless to provide the remaining fields if either user_id,
533 * user_name and user_real_name are not provided because the whole row
534 * will be loaded once more from the database when accessing them.
536 * @param stdClass $row A row from the user table
537 * @param array $data Further data to load into the object (see User::loadFromRow for valid keys)
538 * @return User
540 public static function newFromRow( $row, $data = null ) {
541 $user = new User;
542 $user->loadFromRow( $row, $data );
543 return $user;
546 //@}
549 * Get the username corresponding to a given user ID
550 * @param int $id User ID
551 * @return string|bool The corresponding username
553 public static function whoIs( $id ) {
554 return UserCache::singleton()->getProp( $id, 'name' );
558 * Get the real name of a user given their user ID
560 * @param int $id User ID
561 * @return string|bool The corresponding user's real name
563 public static function whoIsReal( $id ) {
564 return UserCache::singleton()->getProp( $id, 'real_name' );
568 * Get database id given a user name
569 * @param string $name Username
570 * @return int|null The corresponding user's ID, or null if user is nonexistent
572 public static function idFromName( $name ) {
573 $nt = Title::makeTitleSafe( NS_USER, $name );
574 if ( is_null( $nt ) ) {
575 // Illegal name
576 return null;
579 if ( isset( self::$idCacheByName[$name] ) ) {
580 return self::$idCacheByName[$name];
583 $dbr = wfGetDB( DB_SLAVE );
584 $s = $dbr->selectRow(
585 'user',
586 array( 'user_id' ),
587 array( 'user_name' => $nt->getText() ),
588 __METHOD__
591 if ( $s === false ) {
592 $result = null;
593 } else {
594 $result = $s->user_id;
597 self::$idCacheByName[$name] = $result;
599 if ( count( self::$idCacheByName ) > 1000 ) {
600 self::$idCacheByName = array();
603 return $result;
607 * Reset the cache used in idFromName(). For use in tests.
609 public static function resetIdByNameCache() {
610 self::$idCacheByName = array();
614 * Does the string match an anonymous IPv4 address?
616 * This function exists for username validation, in order to reject
617 * usernames which are similar in form to IP addresses. Strings such
618 * as 300.300.300.300 will return true because it looks like an IP
619 * address, despite not being strictly valid.
621 * We match "\d{1,3}\.\d{1,3}\.\d{1,3}\.xxx" as an anonymous IP
622 * address because the usemod software would "cloak" anonymous IP
623 * addresses like this, if we allowed accounts like this to be created
624 * new users could get the old edits of these anonymous users.
626 * @param string $name Name to match
627 * @return bool
629 public static function isIP( $name ) {
630 return preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/', $name )
631 || IP::isIPv6( $name );
635 * Is the input a valid username?
637 * Checks if the input is a valid username, we don't want an empty string,
638 * an IP address, anything that contains slashes (would mess up subpages),
639 * is longer than the maximum allowed username size or doesn't begin with
640 * a capital letter.
642 * @param string $name Name to match
643 * @return bool
645 public static function isValidUserName( $name ) {
646 global $wgContLang, $wgMaxNameChars;
648 if ( $name == ''
649 || User::isIP( $name )
650 || strpos( $name, '/' ) !== false
651 || strlen( $name ) > $wgMaxNameChars
652 || $name != $wgContLang->ucfirst( $name )
654 wfDebugLog( 'username', __METHOD__ .
655 ": '$name' invalid due to empty, IP, slash, length, or lowercase" );
656 return false;
659 // Ensure that the name can't be misresolved as a different title,
660 // such as with extra namespace keys at the start.
661 $parsed = Title::newFromText( $name );
662 if ( is_null( $parsed )
663 || $parsed->getNamespace()
664 || strcmp( $name, $parsed->getPrefixedText() ) ) {
665 wfDebugLog( 'username', __METHOD__ .
666 ": '$name' invalid due to ambiguous prefixes" );
667 return false;
670 // Check an additional blacklist of troublemaker characters.
671 // Should these be merged into the title char list?
672 $unicodeBlacklist = '/[' .
673 '\x{0080}-\x{009f}' . # iso-8859-1 control chars
674 '\x{00a0}' . # non-breaking space
675 '\x{2000}-\x{200f}' . # various whitespace
676 '\x{2028}-\x{202f}' . # breaks and control chars
677 '\x{3000}' . # ideographic space
678 '\x{e000}-\x{f8ff}' . # private use
679 ']/u';
680 if ( preg_match( $unicodeBlacklist, $name ) ) {
681 wfDebugLog( 'username', __METHOD__ .
682 ": '$name' invalid due to blacklisted characters" );
683 return false;
686 return true;
690 * Usernames which fail to pass this function will be blocked
691 * from user login and new account registrations, but may be used
692 * internally by batch processes.
694 * If an account already exists in this form, login will be blocked
695 * by a failure to pass this function.
697 * @param string $name Name to match
698 * @return bool
700 public static function isUsableName( $name ) {
701 global $wgReservedUsernames;
702 // Must be a valid username, obviously ;)
703 if ( !self::isValidUserName( $name ) ) {
704 return false;
707 static $reservedUsernames = false;
708 if ( !$reservedUsernames ) {
709 $reservedUsernames = $wgReservedUsernames;
710 Hooks::run( 'UserGetReservedNames', array( &$reservedUsernames ) );
713 // Certain names may be reserved for batch processes.
714 foreach ( $reservedUsernames as $reserved ) {
715 if ( substr( $reserved, 0, 4 ) == 'msg:' ) {
716 $reserved = wfMessage( substr( $reserved, 4 ) )->inContentLanguage()->text();
718 if ( $reserved == $name ) {
719 return false;
722 return true;
726 * Usernames which fail to pass this function will be blocked
727 * from new account registrations, but may be used internally
728 * either by batch processes or by user accounts which have
729 * already been created.
731 * Additional blacklisting may be added here rather than in
732 * isValidUserName() to avoid disrupting existing accounts.
734 * @param string $name String to match
735 * @return bool
737 public static function isCreatableName( $name ) {
738 global $wgInvalidUsernameCharacters;
740 // Ensure that the username isn't longer than 235 bytes, so that
741 // (at least for the builtin skins) user javascript and css files
742 // will work. (bug 23080)
743 if ( strlen( $name ) > 235 ) {
744 wfDebugLog( 'username', __METHOD__ .
745 ": '$name' invalid due to length" );
746 return false;
749 // Preg yells if you try to give it an empty string
750 if ( $wgInvalidUsernameCharacters !== '' ) {
751 if ( preg_match( '/[' . preg_quote( $wgInvalidUsernameCharacters, '/' ) . ']/', $name ) ) {
752 wfDebugLog( 'username', __METHOD__ .
753 ": '$name' invalid due to wgInvalidUsernameCharacters" );
754 return false;
758 return self::isUsableName( $name );
762 * Is the input a valid password for this user?
764 * @param string $password Desired password
765 * @return bool
767 public function isValidPassword( $password ) {
768 //simple boolean wrapper for getPasswordValidity
769 return $this->getPasswordValidity( $password ) === true;
774 * Given unvalidated password input, return error message on failure.
776 * @param string $password Desired password
777 * @return bool|string|array True on success, string or array of error message on failure
779 public function getPasswordValidity( $password ) {
780 $result = $this->checkPasswordValidity( $password );
781 if ( $result->isGood() ) {
782 return true;
783 } else {
784 $messages = array();
785 foreach ( $result->getErrorsByType( 'error' ) as $error ) {
786 $messages[] = $error['message'];
788 foreach ( $result->getErrorsByType( 'warning' ) as $warning ) {
789 $messages[] = $warning['message'];
791 if ( count( $messages ) === 1 ) {
792 return $messages[0];
794 return $messages;
799 * Check if this is a valid password for this user. Status will be good if
800 * the password is valid, or have an array of error messages if not.
802 * @param string $password Desired password
803 * @return Status
804 * @since 1.23
806 public function checkPasswordValidity( $password ) {
807 global $wgMinimalPasswordLength, $wgContLang;
809 static $blockedLogins = array(
810 'Useruser' => 'Passpass', 'Useruser1' => 'Passpass1', # r75589
811 'Apitestsysop' => 'testpass', 'Apitestuser' => 'testpass' # r75605
814 $status = Status::newGood();
816 $result = false; //init $result to false for the internal checks
818 if ( !Hooks::run( 'isValidPassword', array( $password, &$result, $this ) ) ) {
819 $status->error( $result );
820 return $status;
823 if ( $result === false ) {
824 if ( strlen( $password ) < $wgMinimalPasswordLength ) {
825 $status->error( 'passwordtooshort', $wgMinimalPasswordLength );
826 return $status;
827 } elseif ( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
828 $status->error( 'password-name-match' );
829 return $status;
830 } elseif ( isset( $blockedLogins[$this->getName()] )
831 && $password == $blockedLogins[$this->getName()]
833 $status->error( 'password-login-forbidden' );
834 return $status;
835 } else {
836 //it seems weird returning a Good status here, but this is because of the
837 //initialization of $result to false above. If the hook is never run or it
838 //doesn't modify $result, then we will likely get down into this if with
839 //a valid password.
840 return $status;
842 } elseif ( $result === true ) {
843 return $status;
844 } else {
845 $status->error( $result );
846 return $status; //the isValidPassword hook set a string $result and returned true
851 * Expire a user's password
852 * @since 1.23
853 * @param int $ts Optional timestamp to convert, default 0 for the current time
855 public function expirePassword( $ts = 0 ) {
856 $this->loadPasswords();
857 $timestamp = wfTimestamp( TS_MW, $ts );
858 $this->mPasswordExpires = $timestamp;
859 $this->saveSettings();
863 * Clear the password expiration for a user
864 * @since 1.23
865 * @param bool $load Ensure user object is loaded first
867 public function resetPasswordExpiration( $load = true ) {
868 global $wgPasswordExpirationDays;
869 if ( $load ) {
870 $this->load();
872 $newExpire = null;
873 if ( $wgPasswordExpirationDays ) {
874 $newExpire = wfTimestamp(
875 TS_MW,
876 time() + ( $wgPasswordExpirationDays * 24 * 3600 )
879 // Give extensions a chance to force an expiration
880 Hooks::run( 'ResetPasswordExpiration', array( $this, &$newExpire ) );
881 $this->mPasswordExpires = $newExpire;
885 * Check if the user's password is expired.
886 * TODO: Put this and password length into a PasswordPolicy object
887 * @since 1.23
888 * @return string|bool The expiration type, or false if not expired
889 * hard: A password change is required to login
890 * soft: Allow login, but encourage password change
891 * false: Password is not expired
893 public function getPasswordExpired() {
894 global $wgPasswordExpireGrace;
895 $expired = false;
896 $now = wfTimestamp();
897 $expiration = $this->getPasswordExpireDate();
898 $expUnix = wfTimestamp( TS_UNIX, $expiration );
899 if ( $expiration !== null && $expUnix < $now ) {
900 $expired = ( $expUnix + $wgPasswordExpireGrace < $now ) ? 'hard' : 'soft';
902 return $expired;
906 * Get this user's password expiration date. Since this may be using
907 * the cached User object, we assume that whatever mechanism is setting
908 * the expiration date is also expiring the User cache.
909 * @since 1.23
910 * @return string|bool The datestamp of the expiration, or null if not set
912 public function getPasswordExpireDate() {
913 $this->load();
914 return $this->mPasswordExpires;
918 * Given unvalidated user input, return a canonical username, or false if
919 * the username is invalid.
920 * @param string $name User input
921 * @param string|bool $validate Type of validation to use:
922 * - false No validation
923 * - 'valid' Valid for batch processes
924 * - 'usable' Valid for batch processes and login
925 * - 'creatable' Valid for batch processes, login and account creation
927 * @throws MWException
928 * @return bool|string
930 public static function getCanonicalName( $name, $validate = 'valid' ) {
931 // Force usernames to capital
932 global $wgContLang;
933 $name = $wgContLang->ucfirst( $name );
935 # Reject names containing '#'; these will be cleaned up
936 # with title normalisation, but then it's too late to
937 # check elsewhere
938 if ( strpos( $name, '#' ) !== false ) {
939 return false;
942 // Clean up name according to title rules,
943 // but only when validation is requested (bug 12654)
944 $t = ( $validate !== false ) ?
945 Title::newFromText( $name ) : Title::makeTitle( NS_USER, $name );
946 // Check for invalid titles
947 if ( is_null( $t ) ) {
948 return false;
951 // Reject various classes of invalid names
952 global $wgAuth;
953 $name = $wgAuth->getCanonicalName( $t->getText() );
955 switch ( $validate ) {
956 case false:
957 break;
958 case 'valid':
959 if ( !User::isValidUserName( $name ) ) {
960 $name = false;
962 break;
963 case 'usable':
964 if ( !User::isUsableName( $name ) ) {
965 $name = false;
967 break;
968 case 'creatable':
969 if ( !User::isCreatableName( $name ) ) {
970 $name = false;
972 break;
973 default:
974 throw new MWException( 'Invalid parameter value for $validate in ' . __METHOD__ );
976 return $name;
980 * Count the number of edits of a user
982 * @param int $uid User ID to check
983 * @return int The user's edit count
985 * @deprecated since 1.21 in favour of User::getEditCount
987 public static function edits( $uid ) {
988 wfDeprecated( __METHOD__, '1.21' );
989 $user = self::newFromId( $uid );
990 return $user->getEditCount();
994 * Return a random password.
996 * @return string New random password
998 public static function randomPassword() {
999 global $wgMinimalPasswordLength;
1000 // Decide the final password length based on our min password length,
1001 // stopping at a minimum of 10 chars.
1002 $length = max( 10, $wgMinimalPasswordLength );
1003 // Multiply by 1.25 to get the number of hex characters we need
1004 $length = $length * 1.25;
1005 // Generate random hex chars
1006 $hex = MWCryptRand::generateHex( $length );
1007 // Convert from base 16 to base 32 to get a proper password like string
1008 return wfBaseConvert( $hex, 16, 32 );
1012 * Set cached properties to default.
1014 * @note This no longer clears uncached lazy-initialised properties;
1015 * the constructor does that instead.
1017 * @param string|bool $name
1019 public function loadDefaults( $name = false ) {
1021 $passwordFactory = self::getPasswordFactory();
1023 $this->mId = 0;
1024 $this->mName = $name;
1025 $this->mRealName = '';
1026 $this->mPassword = $passwordFactory->newFromCiphertext( null );
1027 $this->mNewpassword = $passwordFactory->newFromCiphertext( null );
1028 $this->mNewpassTime = null;
1029 $this->mEmail = '';
1030 $this->mOptionOverrides = null;
1031 $this->mOptionsLoaded = false;
1033 $loggedOut = $this->getRequest()->getCookie( 'LoggedOut' );
1034 if ( $loggedOut !== null ) {
1035 $this->mTouched = wfTimestamp( TS_MW, $loggedOut );
1036 } else {
1037 $this->mTouched = '1'; # Allow any pages to be cached
1040 $this->mToken = null; // Don't run cryptographic functions till we need a token
1041 $this->mEmailAuthenticated = null;
1042 $this->mEmailToken = '';
1043 $this->mEmailTokenExpires = null;
1044 $this->mPasswordExpires = null;
1045 $this->resetPasswordExpiration( false );
1046 $this->mRegistration = wfTimestamp( TS_MW );
1047 $this->mGroups = array();
1049 Hooks::run( 'UserLoadDefaults', array( $this, $name ) );
1054 * Return whether an item has been loaded.
1056 * @param string $item Item to check. Current possibilities:
1057 * - id
1058 * - name
1059 * - realname
1060 * @param string $all 'all' to check if the whole object has been loaded
1061 * or any other string to check if only the item is available (e.g.
1062 * for optimisation)
1063 * @return bool
1065 public function isItemLoaded( $item, $all = 'all' ) {
1066 return ( $this->mLoadedItems === true && $all === 'all' ) ||
1067 ( isset( $this->mLoadedItems[$item] ) && $this->mLoadedItems[$item] === true );
1071 * Set that an item has been loaded
1073 * @param string $item
1075 protected function setItemLoaded( $item ) {
1076 if ( is_array( $this->mLoadedItems ) ) {
1077 $this->mLoadedItems[$item] = true;
1082 * Load user data from the session or login cookie.
1083 * @return bool True if the user is logged in, false otherwise.
1085 private function loadFromSession() {
1086 $result = null;
1087 Hooks::run( 'UserLoadFromSession', array( $this, &$result ) );
1088 if ( $result !== null ) {
1089 return $result;
1092 $request = $this->getRequest();
1094 $cookieId = $request->getCookie( 'UserID' );
1095 $sessId = $request->getSessionData( 'wsUserID' );
1097 if ( $cookieId !== null ) {
1098 $sId = intval( $cookieId );
1099 if ( $sessId !== null && $cookieId != $sessId ) {
1100 wfDebugLog( 'loginSessions', "Session user ID ($sessId) and
1101 cookie user ID ($sId) don't match!" );
1102 return false;
1104 $request->setSessionData( 'wsUserID', $sId );
1105 } elseif ( $sessId !== null && $sessId != 0 ) {
1106 $sId = $sessId;
1107 } else {
1108 return false;
1111 if ( $request->getSessionData( 'wsUserName' ) !== null ) {
1112 $sName = $request->getSessionData( 'wsUserName' );
1113 } elseif ( $request->getCookie( 'UserName' ) !== null ) {
1114 $sName = $request->getCookie( 'UserName' );
1115 $request->setSessionData( 'wsUserName', $sName );
1116 } else {
1117 return false;
1120 $proposedUser = User::newFromId( $sId );
1121 if ( !$proposedUser->isLoggedIn() ) {
1122 // Not a valid ID
1123 return false;
1126 global $wgBlockDisablesLogin;
1127 if ( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
1128 // User blocked and we've disabled blocked user logins
1129 return false;
1132 if ( $request->getSessionData( 'wsToken' ) ) {
1133 $passwordCorrect =
1134 ( $proposedUser->getToken( false ) === $request->getSessionData( 'wsToken' ) );
1135 $from = 'session';
1136 } elseif ( $request->getCookie( 'Token' ) ) {
1137 # Get the token from DB/cache and clean it up to remove garbage padding.
1138 # This deals with historical problems with bugs and the default column value.
1139 $token = rtrim( $proposedUser->getToken( false ) ); // correct token
1140 // Make comparison in constant time (bug 61346)
1141 $passwordCorrect = strlen( $token )
1142 && hash_equals( $token, $request->getCookie( 'Token' ) );
1143 $from = 'cookie';
1144 } else {
1145 // No session or persistent login cookie
1146 return false;
1149 if ( ( $sName === $proposedUser->getName() ) && $passwordCorrect ) {
1150 $this->loadFromUserObject( $proposedUser );
1151 $request->setSessionData( 'wsToken', $this->mToken );
1152 wfDebug( "User: logged in from $from\n" );
1153 return true;
1154 } else {
1155 // Invalid credentials
1156 wfDebug( "User: can't log in from $from, invalid credentials\n" );
1157 return false;
1162 * Load user and user_group data from the database.
1163 * $this->mId must be set, this is how the user is identified.
1165 * @param int $flags Supports User::READ_LOCKING
1166 * @return bool True if the user exists, false if the user is anonymous
1168 public function loadFromDatabase( $flags = 0 ) {
1169 // Paranoia
1170 $this->mId = intval( $this->mId );
1172 // Anonymous user
1173 if ( !$this->mId ) {
1174 $this->loadDefaults();
1175 return false;
1178 $dbr = wfGetDB( DB_MASTER );
1179 $s = $dbr->selectRow(
1180 'user',
1181 self::selectFields(),
1182 array( 'user_id' => $this->mId ),
1183 __METHOD__,
1184 ( $flags & self::READ_LOCKING == self::READ_LOCKING )
1185 ? array( 'LOCK IN SHARE MODE' )
1186 : array()
1189 Hooks::run( 'UserLoadFromDatabase', array( $this, &$s ) );
1191 if ( $s !== false ) {
1192 // Initialise user table data
1193 $this->loadFromRow( $s );
1194 $this->mGroups = null; // deferred
1195 $this->getEditCount(); // revalidation for nulls
1196 return true;
1197 } else {
1198 // Invalid user_id
1199 $this->mId = 0;
1200 $this->loadDefaults();
1201 return false;
1206 * Initialize this object from a row from the user table.
1208 * @param stdClass $row Row from the user table to load.
1209 * @param array $data Further user data to load into the object
1211 * user_groups Array with groups out of the user_groups table
1212 * user_properties Array with properties out of the user_properties table
1214 public function loadFromRow( $row, $data = null ) {
1215 $all = true;
1216 $passwordFactory = self::getPasswordFactory();
1218 $this->mGroups = null; // deferred
1220 if ( isset( $row->user_name ) ) {
1221 $this->mName = $row->user_name;
1222 $this->mFrom = 'name';
1223 $this->setItemLoaded( 'name' );
1224 } else {
1225 $all = false;
1228 if ( isset( $row->user_real_name ) ) {
1229 $this->mRealName = $row->user_real_name;
1230 $this->setItemLoaded( 'realname' );
1231 } else {
1232 $all = false;
1235 if ( isset( $row->user_id ) ) {
1236 $this->mId = intval( $row->user_id );
1237 $this->mFrom = 'id';
1238 $this->setItemLoaded( 'id' );
1239 } else {
1240 $all = false;
1243 if ( isset( $row->user_editcount ) ) {
1244 $this->mEditCount = $row->user_editcount;
1245 } else {
1246 $all = false;
1249 if ( isset( $row->user_password ) ) {
1250 // Check for *really* old password hashes that don't even have a type
1251 // The old hash format was just an md5 hex hash, with no type information
1252 if ( preg_match( '/^[0-9a-f]{32}$/', $row->user_password ) ) {
1253 $row->user_password = ":A:{$this->mId}:{$row->user_password}";
1256 try {
1257 $this->mPassword = $passwordFactory->newFromCiphertext( $row->user_password );
1258 } catch ( PasswordError $e ) {
1259 wfDebug( 'Invalid password hash found in database.' );
1260 $this->mPassword = $passwordFactory->newFromCiphertext( null );
1263 try {
1264 $this->mNewpassword = $passwordFactory->newFromCiphertext( $row->user_newpassword );
1265 } catch ( PasswordError $e ) {
1266 wfDebug( 'Invalid password hash found in database.' );
1267 $this->mNewpassword = $passwordFactory->newFromCiphertext( null );
1270 $this->mNewpassTime = wfTimestampOrNull( TS_MW, $row->user_newpass_time );
1271 $this->mPasswordExpires = wfTimestampOrNull( TS_MW, $row->user_password_expires );
1274 if ( isset( $row->user_email ) ) {
1275 $this->mEmail = $row->user_email;
1276 $this->mTouched = wfTimestamp( TS_MW, $row->user_touched );
1277 $this->mToken = $row->user_token;
1278 if ( $this->mToken == '' ) {
1279 $this->mToken = null;
1281 $this->mEmailAuthenticated = wfTimestampOrNull( TS_MW, $row->user_email_authenticated );
1282 $this->mEmailToken = $row->user_email_token;
1283 $this->mEmailTokenExpires = wfTimestampOrNull( TS_MW, $row->user_email_token_expires );
1284 $this->mRegistration = wfTimestampOrNull( TS_MW, $row->user_registration );
1285 } else {
1286 $all = false;
1289 if ( $all ) {
1290 $this->mLoadedItems = true;
1293 if ( is_array( $data ) ) {
1294 if ( isset( $data['user_groups'] ) && is_array( $data['user_groups'] ) ) {
1295 $this->mGroups = $data['user_groups'];
1297 if ( isset( $data['user_properties'] ) && is_array( $data['user_properties'] ) ) {
1298 $this->loadOptions( $data['user_properties'] );
1304 * Load the data for this user object from another user object.
1306 * @param User $user
1308 protected function loadFromUserObject( $user ) {
1309 $user->load();
1310 $user->loadGroups();
1311 $user->loadOptions();
1312 foreach ( self::$mCacheVars as $var ) {
1313 $this->$var = $user->$var;
1318 * Load the groups from the database if they aren't already loaded.
1320 private function loadGroups() {
1321 if ( is_null( $this->mGroups ) ) {
1322 $dbr = wfGetDB( DB_MASTER );
1323 $res = $dbr->select( 'user_groups',
1324 array( 'ug_group' ),
1325 array( 'ug_user' => $this->mId ),
1326 __METHOD__ );
1327 $this->mGroups = array();
1328 foreach ( $res as $row ) {
1329 $this->mGroups[] = $row->ug_group;
1335 * Load the user's password hashes from the database
1337 * This is usually called in a scenario where the actual User object was
1338 * loaded from the cache, and then password comparison needs to be performed.
1339 * Password hashes are not stored in memcached.
1341 * @since 1.24
1343 private function loadPasswords() {
1344 if ( $this->getId() !== 0 && ( $this->mPassword === null || $this->mNewpassword === null ) ) {
1345 $this->loadFromRow( wfGetDB( DB_MASTER )->selectRow(
1346 'user',
1347 array( 'user_password', 'user_newpassword', 'user_newpass_time', 'user_password_expires' ),
1348 array( 'user_id' => $this->getId() ),
1349 __METHOD__
1350 ) );
1355 * Add the user to the group if he/she meets given criteria.
1357 * Contrary to autopromotion by \ref $wgAutopromote, the group will be
1358 * possible to remove manually via Special:UserRights. In such case it
1359 * will not be re-added automatically. The user will also not lose the
1360 * group if they no longer meet the criteria.
1362 * @param string $event Key in $wgAutopromoteOnce (each one has groups/criteria)
1364 * @return array Array of groups the user has been promoted to.
1366 * @see $wgAutopromoteOnce
1368 public function addAutopromoteOnceGroups( $event ) {
1369 global $wgAutopromoteOnceLogInRC, $wgAuth;
1371 $toPromote = array();
1372 if ( $this->getId() ) {
1373 $toPromote = Autopromote::getAutopromoteOnceGroups( $this, $event );
1374 if ( count( $toPromote ) ) {
1375 $oldGroups = $this->getGroups(); // previous groups
1377 foreach ( $toPromote as $group ) {
1378 $this->addGroup( $group );
1380 // update groups in external authentication database
1381 $wgAuth->updateExternalDBGroups( $this, $toPromote );
1383 $newGroups = array_merge( $oldGroups, $toPromote ); // all groups
1385 $logEntry = new ManualLogEntry( 'rights', 'autopromote' );
1386 $logEntry->setPerformer( $this );
1387 $logEntry->setTarget( $this->getUserPage() );
1388 $logEntry->setParameters( array(
1389 '4::oldgroups' => $oldGroups,
1390 '5::newgroups' => $newGroups,
1391 ) );
1392 $logid = $logEntry->insert();
1393 if ( $wgAutopromoteOnceLogInRC ) {
1394 $logEntry->publish( $logid );
1398 return $toPromote;
1402 * Clear various cached data stored in this object. The cache of the user table
1403 * data (i.e. self::$mCacheVars) is not cleared unless $reloadFrom is given.
1405 * @param bool|string $reloadFrom Reload user and user_groups table data from a
1406 * given source. May be "name", "id", "defaults", "session", or false for no reload.
1408 public function clearInstanceCache( $reloadFrom = false ) {
1409 $this->mNewtalk = -1;
1410 $this->mDatePreference = null;
1411 $this->mBlockedby = -1; # Unset
1412 $this->mHash = false;
1413 $this->mRights = null;
1414 $this->mEffectiveGroups = null;
1415 $this->mImplicitGroups = null;
1416 $this->mGroups = null;
1417 $this->mOptions = null;
1418 $this->mOptionsLoaded = false;
1419 $this->mEditCount = null;
1421 if ( $reloadFrom ) {
1422 $this->mLoadedItems = array();
1423 $this->mFrom = $reloadFrom;
1428 * Combine the language default options with any site-specific options
1429 * and add the default language variants.
1431 * @return array Array of String options
1433 public static function getDefaultOptions() {
1434 global $wgNamespacesToBeSearchedDefault, $wgDefaultUserOptions, $wgContLang, $wgDefaultSkin;
1436 static $defOpt = null;
1437 if ( !defined( 'MW_PHPUNIT_TEST' ) && $defOpt !== null ) {
1438 // Disabling this for the unit tests, as they rely on being able to change $wgContLang
1439 // mid-request and see that change reflected in the return value of this function.
1440 // Which is insane and would never happen during normal MW operation
1441 return $defOpt;
1444 $defOpt = $wgDefaultUserOptions;
1445 // Default language setting
1446 $defOpt['language'] = $wgContLang->getCode();
1447 foreach ( LanguageConverter::$languagesWithVariants as $langCode ) {
1448 $defOpt[$langCode == $wgContLang->getCode() ? 'variant' : "variant-$langCode"] = $langCode;
1450 foreach ( SearchEngine::searchableNamespaces() as $nsnum => $nsname ) {
1451 $defOpt['searchNs' . $nsnum] = !empty( $wgNamespacesToBeSearchedDefault[$nsnum] );
1453 $defOpt['skin'] = Skin::normalizeKey( $wgDefaultSkin );
1455 Hooks::run( 'UserGetDefaultOptions', array( &$defOpt ) );
1457 return $defOpt;
1461 * Get a given default option value.
1463 * @param string $opt Name of option to retrieve
1464 * @return string Default option value
1466 public static function getDefaultOption( $opt ) {
1467 $defOpts = self::getDefaultOptions();
1468 if ( isset( $defOpts[$opt] ) ) {
1469 return $defOpts[$opt];
1470 } else {
1471 return null;
1476 * Get blocking information
1477 * @param bool $bFromSlave Whether to check the slave database first.
1478 * To improve performance, non-critical checks are done against slaves.
1479 * Check when actually saving should be done against master.
1481 private function getBlockedStatus( $bFromSlave = true ) {
1482 global $wgProxyWhitelist, $wgUser, $wgApplyIpBlocksToXff;
1484 if ( -1 != $this->mBlockedby ) {
1485 return;
1488 wfDebug( __METHOD__ . ": checking...\n" );
1490 // Initialize data...
1491 // Otherwise something ends up stomping on $this->mBlockedby when
1492 // things get lazy-loaded later, causing false positive block hits
1493 // due to -1 !== 0. Probably session-related... Nothing should be
1494 // overwriting mBlockedby, surely?
1495 $this->load();
1497 # We only need to worry about passing the IP address to the Block generator if the
1498 # user is not immune to autoblocks/hardblocks, and they are the current user so we
1499 # know which IP address they're actually coming from
1500 if ( !$this->isAllowed( 'ipblock-exempt' ) && $this->getID() == $wgUser->getID() ) {
1501 $ip = $this->getRequest()->getIP();
1502 } else {
1503 $ip = null;
1506 // User/IP blocking
1507 $block = Block::newFromTarget( $this, $ip, !$bFromSlave );
1509 // Proxy blocking
1510 if ( !$block instanceof Block && $ip !== null && !$this->isAllowed( 'proxyunbannable' )
1511 && !in_array( $ip, $wgProxyWhitelist )
1513 // Local list
1514 if ( self::isLocallyBlockedProxy( $ip ) ) {
1515 $block = new Block;
1516 $block->setBlocker( wfMessage( 'proxyblocker' )->text() );
1517 $block->mReason = wfMessage( 'proxyblockreason' )->text();
1518 $block->setTarget( $ip );
1519 } elseif ( $this->isAnon() && $this->isDnsBlacklisted( $ip ) ) {
1520 $block = new Block;
1521 $block->setBlocker( wfMessage( 'sorbs' )->text() );
1522 $block->mReason = wfMessage( 'sorbsreason' )->text();
1523 $block->setTarget( $ip );
1527 // (bug 23343) Apply IP blocks to the contents of XFF headers, if enabled
1528 if ( !$block instanceof Block
1529 && $wgApplyIpBlocksToXff
1530 && $ip !== null
1531 && !$this->isAllowed( 'proxyunbannable' )
1532 && !in_array( $ip, $wgProxyWhitelist )
1534 $xff = $this->getRequest()->getHeader( 'X-Forwarded-For' );
1535 $xff = array_map( 'trim', explode( ',', $xff ) );
1536 $xff = array_diff( $xff, array( $ip ) );
1537 $xffblocks = Block::getBlocksForIPList( $xff, $this->isAnon(), !$bFromSlave );
1538 $block = Block::chooseBlock( $xffblocks, $xff );
1539 if ( $block instanceof Block ) {
1540 # Mangle the reason to alert the user that the block
1541 # originated from matching the X-Forwarded-For header.
1542 $block->mReason = wfMessage( 'xffblockreason', $block->mReason )->text();
1546 if ( $block instanceof Block ) {
1547 wfDebug( __METHOD__ . ": Found block.\n" );
1548 $this->mBlock = $block;
1549 $this->mBlockedby = $block->getByName();
1550 $this->mBlockreason = $block->mReason;
1551 $this->mHideName = $block->mHideName;
1552 $this->mAllowUsertalk = !$block->prevents( 'editownusertalk' );
1553 } else {
1554 $this->mBlockedby = '';
1555 $this->mHideName = 0;
1556 $this->mAllowUsertalk = false;
1559 // Extensions
1560 Hooks::run( 'GetBlockedStatus', array( &$this ) );
1565 * Whether the given IP is in a DNS blacklist.
1567 * @param string $ip IP to check
1568 * @param bool $checkWhitelist Whether to check the whitelist first
1569 * @return bool True if blacklisted.
1571 public function isDnsBlacklisted( $ip, $checkWhitelist = false ) {
1572 global $wgEnableDnsBlacklist, $wgDnsBlacklistUrls, $wgProxyWhitelist;
1574 if ( !$wgEnableDnsBlacklist ) {
1575 return false;
1578 if ( $checkWhitelist && in_array( $ip, $wgProxyWhitelist ) ) {
1579 return false;
1582 return $this->inDnsBlacklist( $ip, $wgDnsBlacklistUrls );
1586 * Whether the given IP is in a given DNS blacklist.
1588 * @param string $ip IP to check
1589 * @param string|array $bases Array of Strings: URL of the DNS blacklist
1590 * @return bool True if blacklisted.
1592 public function inDnsBlacklist( $ip, $bases ) {
1594 $found = false;
1595 // @todo FIXME: IPv6 ??? (http://bugs.php.net/bug.php?id=33170)
1596 if ( IP::isIPv4( $ip ) ) {
1597 // Reverse IP, bug 21255
1598 $ipReversed = implode( '.', array_reverse( explode( '.', $ip ) ) );
1600 foreach ( (array)$bases as $base ) {
1601 // Make hostname
1602 // If we have an access key, use that too (ProjectHoneypot, etc.)
1603 if ( is_array( $base ) ) {
1604 if ( count( $base ) >= 2 ) {
1605 // Access key is 1, base URL is 0
1606 $host = "{$base[1]}.$ipReversed.{$base[0]}";
1607 } else {
1608 $host = "$ipReversed.{$base[0]}";
1610 } else {
1611 $host = "$ipReversed.$base";
1614 // Send query
1615 $ipList = gethostbynamel( $host );
1617 if ( $ipList ) {
1618 wfDebugLog( 'dnsblacklist', "Hostname $host is {$ipList[0]}, it's a proxy says $base!" );
1619 $found = true;
1620 break;
1621 } else {
1622 wfDebugLog( 'dnsblacklist', "Requested $host, not found in $base." );
1627 return $found;
1631 * Check if an IP address is in the local proxy list
1633 * @param string $ip
1635 * @return bool
1637 public static function isLocallyBlockedProxy( $ip ) {
1638 global $wgProxyList;
1640 if ( !$wgProxyList ) {
1641 return false;
1644 if ( !is_array( $wgProxyList ) ) {
1645 // Load from the specified file
1646 $wgProxyList = array_map( 'trim', file( $wgProxyList ) );
1649 if ( !is_array( $wgProxyList ) ) {
1650 $ret = false;
1651 } elseif ( array_search( $ip, $wgProxyList ) !== false ) {
1652 $ret = true;
1653 } elseif ( array_key_exists( $ip, $wgProxyList ) ) {
1654 // Old-style flipped proxy list
1655 $ret = true;
1656 } else {
1657 $ret = false;
1659 return $ret;
1663 * Is this user subject to rate limiting?
1665 * @return bool True if rate limited
1667 public function isPingLimitable() {
1668 global $wgRateLimitsExcludedIPs;
1669 if ( in_array( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
1670 // No other good way currently to disable rate limits
1671 // for specific IPs. :P
1672 // But this is a crappy hack and should die.
1673 return false;
1675 return !$this->isAllowed( 'noratelimit' );
1679 * Primitive rate limits: enforce maximum actions per time period
1680 * to put a brake on flooding.
1682 * The method generates both a generic profiling point and a per action one
1683 * (suffix being "-$action".
1685 * @note When using a shared cache like memcached, IP-address
1686 * last-hit counters will be shared across wikis.
1688 * @param string $action Action to enforce; 'edit' if unspecified
1689 * @param int $incrBy Positive amount to increment counter by [defaults to 1]
1690 * @return bool True if a rate limiter was tripped
1692 public function pingLimiter( $action = 'edit', $incrBy = 1 ) {
1693 // Call the 'PingLimiter' hook
1694 $result = false;
1695 if ( !Hooks::run( 'PingLimiter', array( &$this, $action, &$result, $incrBy ) ) ) {
1696 return $result;
1699 global $wgRateLimits;
1700 if ( !isset( $wgRateLimits[$action] ) ) {
1701 return false;
1704 // Some groups shouldn't trigger the ping limiter, ever
1705 if ( !$this->isPingLimitable() ) {
1706 return false;
1709 global $wgMemc;
1711 $limits = $wgRateLimits[$action];
1712 $keys = array();
1713 $id = $this->getId();
1714 $userLimit = false;
1716 if ( isset( $limits['anon'] ) && $id == 0 ) {
1717 $keys[wfMemcKey( 'limiter', $action, 'anon' )] = $limits['anon'];
1720 if ( isset( $limits['user'] ) && $id != 0 ) {
1721 $userLimit = $limits['user'];
1723 if ( $this->isNewbie() ) {
1724 if ( isset( $limits['newbie'] ) && $id != 0 ) {
1725 $keys[wfMemcKey( 'limiter', $action, 'user', $id )] = $limits['newbie'];
1727 if ( isset( $limits['ip'] ) ) {
1728 $ip = $this->getRequest()->getIP();
1729 $keys["mediawiki:limiter:$action:ip:$ip"] = $limits['ip'];
1731 if ( isset( $limits['subnet'] ) ) {
1732 $ip = $this->getRequest()->getIP();
1733 $matches = array();
1734 $subnet = false;
1735 if ( IP::isIPv6( $ip ) ) {
1736 $parts = IP::parseRange( "$ip/64" );
1737 $subnet = $parts[0];
1738 } elseif ( preg_match( '/^(\d+\.\d+\.\d+)\.\d+$/', $ip, $matches ) ) {
1739 // IPv4
1740 $subnet = $matches[1];
1742 if ( $subnet !== false ) {
1743 $keys["mediawiki:limiter:$action:subnet:$subnet"] = $limits['subnet'];
1747 // Check for group-specific permissions
1748 // If more than one group applies, use the group with the highest limit
1749 foreach ( $this->getGroups() as $group ) {
1750 if ( isset( $limits[$group] ) ) {
1751 if ( $userLimit === false
1752 || $limits[$group][0] / $limits[$group][1] > $userLimit[0] / $userLimit[1]
1754 $userLimit = $limits[$group];
1758 // Set the user limit key
1759 if ( $userLimit !== false ) {
1760 list( $max, $period ) = $userLimit;
1761 wfDebug( __METHOD__ . ": effective user limit: $max in {$period}s\n" );
1762 $keys[wfMemcKey( 'limiter', $action, 'user', $id )] = $userLimit;
1765 $triggered = false;
1766 foreach ( $keys as $key => $limit ) {
1767 list( $max, $period ) = $limit;
1768 $summary = "(limit $max in {$period}s)";
1769 $count = $wgMemc->get( $key );
1770 // Already pinged?
1771 if ( $count ) {
1772 if ( $count >= $max ) {
1773 wfDebugLog( 'ratelimit', "User '{$this->getName()}' " .
1774 "(IP {$this->getRequest()->getIP()}) tripped $key at $count $summary" );
1775 $triggered = true;
1776 } else {
1777 wfDebug( __METHOD__ . ": ok. $key at $count $summary\n" );
1779 } else {
1780 wfDebug( __METHOD__ . ": adding record for $key $summary\n" );
1781 if ( $incrBy > 0 ) {
1782 $wgMemc->add( $key, 0, intval( $period ) ); // first ping
1785 if ( $incrBy > 0 ) {
1786 $wgMemc->incr( $key, $incrBy );
1790 return $triggered;
1794 * Check if user is blocked
1796 * @param bool $bFromSlave Whether to check the slave database instead of
1797 * the master. Hacked from false due to horrible probs on site.
1798 * @return bool True if blocked, false otherwise
1800 public function isBlocked( $bFromSlave = true ) {
1801 return $this->getBlock( $bFromSlave ) instanceof Block && $this->getBlock()->prevents( 'edit' );
1805 * Get the block affecting the user, or null if the user is not blocked
1807 * @param bool $bFromSlave Whether to check the slave database instead of the master
1808 * @return Block|null
1810 public function getBlock( $bFromSlave = true ) {
1811 $this->getBlockedStatus( $bFromSlave );
1812 return $this->mBlock instanceof Block ? $this->mBlock : null;
1816 * Check if user is blocked from editing a particular article
1818 * @param Title $title Title to check
1819 * @param bool $bFromSlave Whether to check the slave database instead of the master
1820 * @return bool
1822 public function isBlockedFrom( $title, $bFromSlave = false ) {
1823 global $wgBlockAllowsUTEdit;
1825 $blocked = $this->isBlocked( $bFromSlave );
1826 $allowUsertalk = ( $wgBlockAllowsUTEdit ? $this->mAllowUsertalk : false );
1827 // If a user's name is suppressed, they cannot make edits anywhere
1828 if ( !$this->mHideName && $allowUsertalk && $title->getText() === $this->getName()
1829 && $title->getNamespace() == NS_USER_TALK ) {
1830 $blocked = false;
1831 wfDebug( __METHOD__ . ": self-talk page, ignoring any blocks\n" );
1834 Hooks::run( 'UserIsBlockedFrom', array( $this, $title, &$blocked, &$allowUsertalk ) );
1836 return $blocked;
1840 * If user is blocked, return the name of the user who placed the block
1841 * @return string Name of blocker
1843 public function blockedBy() {
1844 $this->getBlockedStatus();
1845 return $this->mBlockedby;
1849 * If user is blocked, return the specified reason for the block
1850 * @return string Blocking reason
1852 public function blockedFor() {
1853 $this->getBlockedStatus();
1854 return $this->mBlockreason;
1858 * If user is blocked, return the ID for the block
1859 * @return int Block ID
1861 public function getBlockId() {
1862 $this->getBlockedStatus();
1863 return ( $this->mBlock ? $this->mBlock->getId() : false );
1867 * Check if user is blocked on all wikis.
1868 * Do not use for actual edit permission checks!
1869 * This is intended for quick UI checks.
1871 * @param string $ip IP address, uses current client if none given
1872 * @return bool True if blocked, false otherwise
1874 public function isBlockedGlobally( $ip = '' ) {
1875 if ( $this->mBlockedGlobally !== null ) {
1876 return $this->mBlockedGlobally;
1878 // User is already an IP?
1879 if ( IP::isIPAddress( $this->getName() ) ) {
1880 $ip = $this->getName();
1881 } elseif ( !$ip ) {
1882 $ip = $this->getRequest()->getIP();
1884 $blocked = false;
1885 Hooks::run( 'UserIsBlockedGlobally', array( &$this, $ip, &$blocked ) );
1886 $this->mBlockedGlobally = (bool)$blocked;
1887 return $this->mBlockedGlobally;
1891 * Check if user account is locked
1893 * @return bool True if locked, false otherwise
1895 public function isLocked() {
1896 if ( $this->mLocked !== null ) {
1897 return $this->mLocked;
1899 global $wgAuth;
1900 $authUser = $wgAuth->getUserInstance( $this );
1901 $this->mLocked = (bool)$authUser->isLocked();
1902 return $this->mLocked;
1906 * Check if user account is hidden
1908 * @return bool True if hidden, false otherwise
1910 public function isHidden() {
1911 if ( $this->mHideName !== null ) {
1912 return $this->mHideName;
1914 $this->getBlockedStatus();
1915 if ( !$this->mHideName ) {
1916 global $wgAuth;
1917 $authUser = $wgAuth->getUserInstance( $this );
1918 $this->mHideName = (bool)$authUser->isHidden();
1920 return $this->mHideName;
1924 * Get the user's ID.
1925 * @return int The user's ID; 0 if the user is anonymous or nonexistent
1927 public function getId() {
1928 if ( $this->mId === null && $this->mName !== null && User::isIP( $this->mName ) ) {
1929 // Special case, we know the user is anonymous
1930 return 0;
1931 } elseif ( !$this->isItemLoaded( 'id' ) ) {
1932 // Don't load if this was initialized from an ID
1933 $this->load();
1935 return $this->mId;
1939 * Set the user and reload all fields according to a given ID
1940 * @param int $v User ID to reload
1942 public function setId( $v ) {
1943 $this->mId = $v;
1944 $this->clearInstanceCache( 'id' );
1948 * Get the user name, or the IP of an anonymous user
1949 * @return string User's name or IP address
1951 public function getName() {
1952 if ( $this->isItemLoaded( 'name', 'only' ) ) {
1953 // Special case optimisation
1954 return $this->mName;
1955 } else {
1956 $this->load();
1957 if ( $this->mName === false ) {
1958 // Clean up IPs
1959 $this->mName = IP::sanitizeIP( $this->getRequest()->getIP() );
1961 return $this->mName;
1966 * Set the user name.
1968 * This does not reload fields from the database according to the given
1969 * name. Rather, it is used to create a temporary "nonexistent user" for
1970 * later addition to the database. It can also be used to set the IP
1971 * address for an anonymous user to something other than the current
1972 * remote IP.
1974 * @note User::newFromName() has roughly the same function, when the named user
1975 * does not exist.
1976 * @param string $str New user name to set
1978 public function setName( $str ) {
1979 $this->load();
1980 $this->mName = $str;
1984 * Get the user's name escaped by underscores.
1985 * @return string Username escaped by underscores.
1987 public function getTitleKey() {
1988 return str_replace( ' ', '_', $this->getName() );
1992 * Check if the user has new messages.
1993 * @return bool True if the user has new messages
1995 public function getNewtalk() {
1996 $this->load();
1998 // Load the newtalk status if it is unloaded (mNewtalk=-1)
1999 if ( $this->mNewtalk === -1 ) {
2000 $this->mNewtalk = false; # reset talk page status
2002 // Check memcached separately for anons, who have no
2003 // entire User object stored in there.
2004 if ( !$this->mId ) {
2005 global $wgDisableAnonTalk;
2006 if ( $wgDisableAnonTalk ) {
2007 // Anon newtalk disabled by configuration.
2008 $this->mNewtalk = false;
2009 } else {
2010 global $wgMemc;
2011 $key = wfMemcKey( 'newtalk', 'ip', $this->getName() );
2012 $newtalk = $wgMemc->get( $key );
2013 if ( strval( $newtalk ) !== '' ) {
2014 $this->mNewtalk = (bool)$newtalk;
2015 } else {
2016 // Since we are caching this, make sure it is up to date by getting it
2017 // from the master
2018 $this->mNewtalk = $this->checkNewtalk( 'user_ip', $this->getName(), true );
2019 $wgMemc->set( $key, (int)$this->mNewtalk, 1800 );
2022 } else {
2023 $this->mNewtalk = $this->checkNewtalk( 'user_id', $this->mId );
2027 return (bool)$this->mNewtalk;
2031 * Return the data needed to construct links for new talk page message
2032 * alerts. If there are new messages, this will return an associative array
2033 * with the following data:
2034 * wiki: The database name of the wiki
2035 * link: Root-relative link to the user's talk page
2036 * rev: The last talk page revision that the user has seen or null. This
2037 * is useful for building diff links.
2038 * If there are no new messages, it returns an empty array.
2039 * @note This function was designed to accomodate multiple talk pages, but
2040 * currently only returns a single link and revision.
2041 * @return array
2043 public function getNewMessageLinks() {
2044 $talks = array();
2045 if ( !Hooks::run( 'UserRetrieveNewTalks', array( &$this, &$talks ) ) ) {
2046 return $talks;
2047 } elseif ( !$this->getNewtalk() ) {
2048 return array();
2050 $utp = $this->getTalkPage();
2051 $dbr = wfGetDB( DB_SLAVE );
2052 // Get the "last viewed rev" timestamp from the oldest message notification
2053 $timestamp = $dbr->selectField( 'user_newtalk',
2054 'MIN(user_last_timestamp)',
2055 $this->isAnon() ? array( 'user_ip' => $this->getName() ) : array( 'user_id' => $this->getID() ),
2056 __METHOD__ );
2057 $rev = $timestamp ? Revision::loadFromTimestamp( $dbr, $utp, $timestamp ) : null;
2058 return array( array( 'wiki' => wfWikiID(), 'link' => $utp->getLocalURL(), 'rev' => $rev ) );
2062 * Get the revision ID for the last talk page revision viewed by the talk
2063 * page owner.
2064 * @return int|null Revision ID or null
2066 public function getNewMessageRevisionId() {
2067 $newMessageRevisionId = null;
2068 $newMessageLinks = $this->getNewMessageLinks();
2069 if ( $newMessageLinks ) {
2070 // Note: getNewMessageLinks() never returns more than a single link
2071 // and it is always for the same wiki, but we double-check here in
2072 // case that changes some time in the future.
2073 if ( count( $newMessageLinks ) === 1
2074 && $newMessageLinks[0]['wiki'] === wfWikiID()
2075 && $newMessageLinks[0]['rev']
2077 $newMessageRevision = $newMessageLinks[0]['rev'];
2078 $newMessageRevisionId = $newMessageRevision->getId();
2081 return $newMessageRevisionId;
2085 * Internal uncached check for new messages
2087 * @see getNewtalk()
2088 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
2089 * @param string|int $id User's IP address for anonymous users, User ID otherwise
2090 * @param bool $fromMaster True to fetch from the master, false for a slave
2091 * @return bool True if the user has new messages
2093 protected function checkNewtalk( $field, $id, $fromMaster = false ) {
2094 if ( $fromMaster ) {
2095 $db = wfGetDB( DB_MASTER );
2096 } else {
2097 $db = wfGetDB( DB_SLAVE );
2099 $ok = $db->selectField( 'user_newtalk', $field,
2100 array( $field => $id ), __METHOD__ );
2101 return $ok !== false;
2105 * Add or update the new messages flag
2106 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
2107 * @param string|int $id User's IP address for anonymous users, User ID otherwise
2108 * @param Revision|null $curRev New, as yet unseen revision of the user talk page. Ignored if null.
2109 * @return bool True if successful, false otherwise
2111 protected function updateNewtalk( $field, $id, $curRev = null ) {
2112 // Get timestamp of the talk page revision prior to the current one
2113 $prevRev = $curRev ? $curRev->getPrevious() : false;
2114 $ts = $prevRev ? $prevRev->getTimestamp() : null;
2115 // Mark the user as having new messages since this revision
2116 $dbw = wfGetDB( DB_MASTER );
2117 $dbw->insert( 'user_newtalk',
2118 array( $field => $id, 'user_last_timestamp' => $dbw->timestampOrNull( $ts ) ),
2119 __METHOD__,
2120 'IGNORE' );
2121 if ( $dbw->affectedRows() ) {
2122 wfDebug( __METHOD__ . ": set on ($field, $id)\n" );
2123 return true;
2124 } else {
2125 wfDebug( __METHOD__ . " already set ($field, $id)\n" );
2126 return false;
2131 * Clear the new messages flag for the given user
2132 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
2133 * @param string|int $id User's IP address for anonymous users, User ID otherwise
2134 * @return bool True if successful, false otherwise
2136 protected function deleteNewtalk( $field, $id ) {
2137 $dbw = wfGetDB( DB_MASTER );
2138 $dbw->delete( 'user_newtalk',
2139 array( $field => $id ),
2140 __METHOD__ );
2141 if ( $dbw->affectedRows() ) {
2142 wfDebug( __METHOD__ . ": killed on ($field, $id)\n" );
2143 return true;
2144 } else {
2145 wfDebug( __METHOD__ . ": already gone ($field, $id)\n" );
2146 return false;
2151 * Update the 'You have new messages!' status.
2152 * @param bool $val Whether the user has new messages
2153 * @param Revision $curRev New, as yet unseen revision of the user talk
2154 * page. Ignored if null or !$val.
2156 public function setNewtalk( $val, $curRev = null ) {
2157 if ( wfReadOnly() ) {
2158 return;
2161 $this->load();
2162 $this->mNewtalk = $val;
2164 if ( $this->isAnon() ) {
2165 $field = 'user_ip';
2166 $id = $this->getName();
2167 } else {
2168 $field = 'user_id';
2169 $id = $this->getId();
2171 global $wgMemc;
2173 if ( $val ) {
2174 $changed = $this->updateNewtalk( $field, $id, $curRev );
2175 } else {
2176 $changed = $this->deleteNewtalk( $field, $id );
2179 if ( $this->isAnon() ) {
2180 // Anons have a separate memcached space, since
2181 // user records aren't kept for them.
2182 $key = wfMemcKey( 'newtalk', 'ip', $id );
2183 $wgMemc->set( $key, $val ? 1 : 0, 1800 );
2185 if ( $changed ) {
2186 $this->invalidateCache();
2191 * Generate a current or new-future timestamp to be stored in the
2192 * user_touched field when we update things.
2193 * @return string Timestamp in TS_MW format
2195 private static function newTouchedTimestamp() {
2196 global $wgClockSkewFudge;
2197 return wfTimestamp( TS_MW, time() + $wgClockSkewFudge );
2201 * Clear user data from memcached.
2202 * Use after applying fun updates to the database; caller's
2203 * responsibility to update user_touched if appropriate.
2205 * Called implicitly from invalidateCache() and saveSettings().
2207 public function clearSharedCache() {
2208 $this->load();
2209 if ( $this->mId ) {
2210 global $wgMemc;
2211 $wgMemc->delete( wfMemcKey( 'user', 'id', $this->mId ) );
2216 * Immediately touch the user data cache for this account.
2217 * Updates user_touched field, and removes account data from memcached
2218 * for reload on the next hit.
2220 public function invalidateCache() {
2221 if ( wfReadOnly() ) {
2222 return;
2224 $this->load();
2225 if ( $this->mId ) {
2226 $this->mTouched = self::newTouchedTimestamp();
2228 $dbw = wfGetDB( DB_MASTER );
2229 $userid = $this->mId;
2230 $touched = $this->mTouched;
2231 $method = __METHOD__;
2232 $dbw->onTransactionIdle( function () use ( $dbw, $userid, $touched, $method ) {
2233 // Prevent contention slams by checking user_touched first
2234 $encTouched = $dbw->addQuotes( $dbw->timestamp( $touched ) );
2235 $needsPurge = $dbw->selectField( 'user', '1',
2236 array( 'user_id' => $userid, 'user_touched < ' . $encTouched ) );
2237 if ( $needsPurge ) {
2238 $dbw->update( 'user',
2239 array( 'user_touched' => $dbw->timestamp( $touched ) ),
2240 array( 'user_id' => $userid, 'user_touched < ' . $encTouched ),
2241 $method
2244 } );
2245 $this->clearSharedCache();
2250 * Validate the cache for this account.
2251 * @param string $timestamp A timestamp in TS_MW format
2252 * @return bool
2254 public function validateCache( $timestamp ) {
2255 $this->load();
2256 return ( $timestamp >= $this->mTouched );
2260 * Get the user touched timestamp
2261 * @return string Timestamp
2263 public function getTouched() {
2264 $this->load();
2265 return $this->mTouched;
2269 * @return Password
2270 * @since 1.24
2272 public function getPassword() {
2273 $this->loadPasswords();
2275 return $this->mPassword;
2279 * @return Password
2280 * @since 1.24
2282 public function getTemporaryPassword() {
2283 $this->loadPasswords();
2285 return $this->mNewpassword;
2289 * Set the password and reset the random token.
2290 * Calls through to authentication plugin if necessary;
2291 * will have no effect if the auth plugin refuses to
2292 * pass the change through or if the legal password
2293 * checks fail.
2295 * As a special case, setting the password to null
2296 * wipes it, so the account cannot be logged in until
2297 * a new password is set, for instance via e-mail.
2299 * @param string $str New password to set
2300 * @throws PasswordError On failure
2302 * @return bool
2304 public function setPassword( $str ) {
2305 global $wgAuth;
2307 $this->loadPasswords();
2309 if ( $str !== null ) {
2310 if ( !$wgAuth->allowPasswordChange() ) {
2311 throw new PasswordError( wfMessage( 'password-change-forbidden' )->text() );
2314 if ( !$this->isValidPassword( $str ) ) {
2315 global $wgMinimalPasswordLength;
2316 $valid = $this->getPasswordValidity( $str );
2317 if ( is_array( $valid ) ) {
2318 $message = array_shift( $valid );
2319 $params = $valid;
2320 } else {
2321 $message = $valid;
2322 $params = array( $wgMinimalPasswordLength );
2324 throw new PasswordError( wfMessage( $message, $params )->text() );
2328 if ( !$wgAuth->setPassword( $this, $str ) ) {
2329 throw new PasswordError( wfMessage( 'externaldberror' )->text() );
2332 $this->setInternalPassword( $str );
2334 return true;
2338 * Set the password and reset the random token unconditionally.
2340 * @param string|null $str New password to set or null to set an invalid
2341 * password hash meaning that the user will not be able to log in
2342 * through the web interface.
2344 public function setInternalPassword( $str ) {
2345 $this->setToken();
2347 $passwordFactory = self::getPasswordFactory();
2348 $this->mPassword = $passwordFactory->newFromPlaintext( $str );
2350 $this->mNewpassword = $passwordFactory->newFromCiphertext( null );
2351 $this->mNewpassTime = null;
2355 * Get the user's current token.
2356 * @param bool $forceCreation Force the generation of a new token if the
2357 * user doesn't have one (default=true for backwards compatibility).
2358 * @return string Token
2360 public function getToken( $forceCreation = true ) {
2361 $this->load();
2362 if ( !$this->mToken && $forceCreation ) {
2363 $this->setToken();
2365 return $this->mToken;
2369 * Set the random token (used for persistent authentication)
2370 * Called from loadDefaults() among other places.
2372 * @param string|bool $token If specified, set the token to this value
2374 public function setToken( $token = false ) {
2375 $this->load();
2376 if ( !$token ) {
2377 $this->mToken = MWCryptRand::generateHex( self::TOKEN_LENGTH );
2378 } else {
2379 $this->mToken = $token;
2384 * Set the password for a password reminder or new account email
2386 * @param string $str New password to set or null to set an invalid
2387 * password hash meaning that the user will not be able to use it
2388 * @param bool $throttle If true, reset the throttle timestamp to the present
2390 public function setNewpassword( $str, $throttle = true ) {
2391 $this->loadPasswords();
2393 $this->mNewpassword = self::getPasswordFactory()->newFromPlaintext( $str );
2394 if ( $str === null ) {
2395 $this->mNewpassTime = null;
2396 } elseif ( $throttle ) {
2397 $this->mNewpassTime = wfTimestampNow();
2402 * Has password reminder email been sent within the last
2403 * $wgPasswordReminderResendTime hours?
2404 * @return bool
2406 public function isPasswordReminderThrottled() {
2407 global $wgPasswordReminderResendTime;
2408 $this->load();
2409 if ( !$this->mNewpassTime || !$wgPasswordReminderResendTime ) {
2410 return false;
2412 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgPasswordReminderResendTime * 3600;
2413 return time() < $expiry;
2417 * Get the user's e-mail address
2418 * @return string User's email address
2420 public function getEmail() {
2421 $this->load();
2422 Hooks::run( 'UserGetEmail', array( $this, &$this->mEmail ) );
2423 return $this->mEmail;
2427 * Get the timestamp of the user's e-mail authentication
2428 * @return string TS_MW timestamp
2430 public function getEmailAuthenticationTimestamp() {
2431 $this->load();
2432 Hooks::run( 'UserGetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
2433 return $this->mEmailAuthenticated;
2437 * Set the user's e-mail address
2438 * @param string $str New e-mail address
2440 public function setEmail( $str ) {
2441 $this->load();
2442 if ( $str == $this->mEmail ) {
2443 return;
2445 $this->invalidateEmail();
2446 $this->mEmail = $str;
2447 Hooks::run( 'UserSetEmail', array( $this, &$this->mEmail ) );
2451 * Set the user's e-mail address and a confirmation mail if needed.
2453 * @since 1.20
2454 * @param string $str New e-mail address
2455 * @return Status
2457 public function setEmailWithConfirmation( $str ) {
2458 global $wgEnableEmail, $wgEmailAuthentication;
2460 if ( !$wgEnableEmail ) {
2461 return Status::newFatal( 'emaildisabled' );
2464 $oldaddr = $this->getEmail();
2465 if ( $str === $oldaddr ) {
2466 return Status::newGood( true );
2469 $this->setEmail( $str );
2471 if ( $str !== '' && $wgEmailAuthentication ) {
2472 // Send a confirmation request to the new address if needed
2473 $type = $oldaddr != '' ? 'changed' : 'set';
2474 $result = $this->sendConfirmationMail( $type );
2475 if ( $result->isGood() ) {
2476 // Say to the caller that a confirmation mail has been sent
2477 $result->value = 'eauth';
2479 } else {
2480 $result = Status::newGood( true );
2483 return $result;
2487 * Get the user's real name
2488 * @return string User's real name
2490 public function getRealName() {
2491 if ( !$this->isItemLoaded( 'realname' ) ) {
2492 $this->load();
2495 return $this->mRealName;
2499 * Set the user's real name
2500 * @param string $str New real name
2502 public function setRealName( $str ) {
2503 $this->load();
2504 $this->mRealName = $str;
2508 * Get the user's current setting for a given option.
2510 * @param string $oname The option to check
2511 * @param string $defaultOverride A default value returned if the option does not exist
2512 * @param bool $ignoreHidden Whether to ignore the effects of $wgHiddenPrefs
2513 * @return string User's current value for the option
2514 * @see getBoolOption()
2515 * @see getIntOption()
2517 public function getOption( $oname, $defaultOverride = null, $ignoreHidden = false ) {
2518 global $wgHiddenPrefs;
2519 $this->loadOptions();
2521 # We want 'disabled' preferences to always behave as the default value for
2522 # users, even if they have set the option explicitly in their settings (ie they
2523 # set it, and then it was disabled removing their ability to change it). But
2524 # we don't want to erase the preferences in the database in case the preference
2525 # is re-enabled again. So don't touch $mOptions, just override the returned value
2526 if ( !$ignoreHidden && in_array( $oname, $wgHiddenPrefs ) ) {
2527 return self::getDefaultOption( $oname );
2530 if ( array_key_exists( $oname, $this->mOptions ) ) {
2531 return $this->mOptions[$oname];
2532 } else {
2533 return $defaultOverride;
2538 * Get all user's options
2540 * @param int $flags Bitwise combination of:
2541 * User::GETOPTIONS_EXCLUDE_DEFAULTS Exclude user options that are set
2542 * to the default value. (Since 1.25)
2543 * @return array
2545 public function getOptions( $flags = 0 ) {
2546 global $wgHiddenPrefs;
2547 $this->loadOptions();
2548 $options = $this->mOptions;
2550 # We want 'disabled' preferences to always behave as the default value for
2551 # users, even if they have set the option explicitly in their settings (ie they
2552 # set it, and then it was disabled removing their ability to change it). But
2553 # we don't want to erase the preferences in the database in case the preference
2554 # is re-enabled again. So don't touch $mOptions, just override the returned value
2555 foreach ( $wgHiddenPrefs as $pref ) {
2556 $default = self::getDefaultOption( $pref );
2557 if ( $default !== null ) {
2558 $options[$pref] = $default;
2562 if ( $flags & self::GETOPTIONS_EXCLUDE_DEFAULTS ) {
2563 $options = array_diff_assoc( $options, self::getDefaultOptions() );
2566 return $options;
2570 * Get the user's current setting for a given option, as a boolean value.
2572 * @param string $oname The option to check
2573 * @return bool User's current value for the option
2574 * @see getOption()
2576 public function getBoolOption( $oname ) {
2577 return (bool)$this->getOption( $oname );
2581 * Get the user's current setting for a given option, as an integer value.
2583 * @param string $oname The option to check
2584 * @param int $defaultOverride A default value returned if the option does not exist
2585 * @return int User's current value for the option
2586 * @see getOption()
2588 public function getIntOption( $oname, $defaultOverride = 0 ) {
2589 $val = $this->getOption( $oname );
2590 if ( $val == '' ) {
2591 $val = $defaultOverride;
2593 return intval( $val );
2597 * Set the given option for a user.
2599 * You need to call saveSettings() to actually write to the database.
2601 * @param string $oname The option to set
2602 * @param mixed $val New value to set
2604 public function setOption( $oname, $val ) {
2605 $this->loadOptions();
2607 // Explicitly NULL values should refer to defaults
2608 if ( is_null( $val ) ) {
2609 $val = self::getDefaultOption( $oname );
2612 $this->mOptions[$oname] = $val;
2616 * Get a token stored in the preferences (like the watchlist one),
2617 * resetting it if it's empty (and saving changes).
2619 * @param string $oname The option name to retrieve the token from
2620 * @return string|bool User's current value for the option, or false if this option is disabled.
2621 * @see resetTokenFromOption()
2622 * @see getOption()
2624 public function getTokenFromOption( $oname ) {
2625 global $wgHiddenPrefs;
2626 if ( in_array( $oname, $wgHiddenPrefs ) ) {
2627 return false;
2630 $token = $this->getOption( $oname );
2631 if ( !$token ) {
2632 $token = $this->resetTokenFromOption( $oname );
2633 $this->saveSettings();
2635 return $token;
2639 * Reset a token stored in the preferences (like the watchlist one).
2640 * *Does not* save user's preferences (similarly to setOption()).
2642 * @param string $oname The option name to reset the token in
2643 * @return string|bool New token value, or false if this option is disabled.
2644 * @see getTokenFromOption()
2645 * @see setOption()
2647 public function resetTokenFromOption( $oname ) {
2648 global $wgHiddenPrefs;
2649 if ( in_array( $oname, $wgHiddenPrefs ) ) {
2650 return false;
2653 $token = MWCryptRand::generateHex( 40 );
2654 $this->setOption( $oname, $token );
2655 return $token;
2659 * Return a list of the types of user options currently returned by
2660 * User::getOptionKinds().
2662 * Currently, the option kinds are:
2663 * - 'registered' - preferences which are registered in core MediaWiki or
2664 * by extensions using the UserGetDefaultOptions hook.
2665 * - 'registered-multiselect' - as above, using the 'multiselect' type.
2666 * - 'registered-checkmatrix' - as above, using the 'checkmatrix' type.
2667 * - 'userjs' - preferences with names starting with 'userjs-', intended to
2668 * be used by user scripts.
2669 * - 'special' - "preferences" that are not accessible via User::getOptions
2670 * or User::setOptions.
2671 * - 'unused' - preferences about which MediaWiki doesn't know anything.
2672 * These are usually legacy options, removed in newer versions.
2674 * The API (and possibly others) use this function to determine the possible
2675 * option types for validation purposes, so make sure to update this when a
2676 * new option kind is added.
2678 * @see User::getOptionKinds
2679 * @return array Option kinds
2681 public static function listOptionKinds() {
2682 return array(
2683 'registered',
2684 'registered-multiselect',
2685 'registered-checkmatrix',
2686 'userjs',
2687 'special',
2688 'unused'
2693 * Return an associative array mapping preferences keys to the kind of a preference they're
2694 * used for. Different kinds are handled differently when setting or reading preferences.
2696 * See User::listOptionKinds for the list of valid option types that can be provided.
2698 * @see User::listOptionKinds
2699 * @param IContextSource $context
2700 * @param array $options Assoc. array with options keys to check as keys.
2701 * Defaults to $this->mOptions.
2702 * @return array The key => kind mapping data
2704 public function getOptionKinds( IContextSource $context, $options = null ) {
2705 $this->loadOptions();
2706 if ( $options === null ) {
2707 $options = $this->mOptions;
2710 $prefs = Preferences::getPreferences( $this, $context );
2711 $mapping = array();
2713 // Pull out the "special" options, so they don't get converted as
2714 // multiselect or checkmatrix.
2715 $specialOptions = array_fill_keys( Preferences::getSaveBlacklist(), true );
2716 foreach ( $specialOptions as $name => $value ) {
2717 unset( $prefs[$name] );
2720 // Multiselect and checkmatrix options are stored in the database with
2721 // one key per option, each having a boolean value. Extract those keys.
2722 $multiselectOptions = array();
2723 foreach ( $prefs as $name => $info ) {
2724 if ( ( isset( $info['type'] ) && $info['type'] == 'multiselect' ) ||
2725 ( isset( $info['class'] ) && $info['class'] == 'HTMLMultiSelectField' ) ) {
2726 $opts = HTMLFormField::flattenOptions( $info['options'] );
2727 $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $name;
2729 foreach ( $opts as $value ) {
2730 $multiselectOptions["$prefix$value"] = true;
2733 unset( $prefs[$name] );
2736 $checkmatrixOptions = array();
2737 foreach ( $prefs as $name => $info ) {
2738 if ( ( isset( $info['type'] ) && $info['type'] == 'checkmatrix' ) ||
2739 ( isset( $info['class'] ) && $info['class'] == 'HTMLCheckMatrix' ) ) {
2740 $columns = HTMLFormField::flattenOptions( $info['columns'] );
2741 $rows = HTMLFormField::flattenOptions( $info['rows'] );
2742 $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $name;
2744 foreach ( $columns as $column ) {
2745 foreach ( $rows as $row ) {
2746 $checkmatrixOptions["$prefix$column-$row"] = true;
2750 unset( $prefs[$name] );
2754 // $value is ignored
2755 foreach ( $options as $key => $value ) {
2756 if ( isset( $prefs[$key] ) ) {
2757 $mapping[$key] = 'registered';
2758 } elseif ( isset( $multiselectOptions[$key] ) ) {
2759 $mapping[$key] = 'registered-multiselect';
2760 } elseif ( isset( $checkmatrixOptions[$key] ) ) {
2761 $mapping[$key] = 'registered-checkmatrix';
2762 } elseif ( isset( $specialOptions[$key] ) ) {
2763 $mapping[$key] = 'special';
2764 } elseif ( substr( $key, 0, 7 ) === 'userjs-' ) {
2765 $mapping[$key] = 'userjs';
2766 } else {
2767 $mapping[$key] = 'unused';
2771 return $mapping;
2775 * Reset certain (or all) options to the site defaults
2777 * The optional parameter determines which kinds of preferences will be reset.
2778 * Supported values are everything that can be reported by getOptionKinds()
2779 * and 'all', which forces a reset of *all* preferences and overrides everything else.
2781 * @param array|string $resetKinds Which kinds of preferences to reset. Defaults to
2782 * array( 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused' )
2783 * for backwards-compatibility.
2784 * @param IContextSource|null $context Context source used when $resetKinds
2785 * does not contain 'all', passed to getOptionKinds().
2786 * Defaults to RequestContext::getMain() when null.
2788 public function resetOptions(
2789 $resetKinds = array( 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused' ),
2790 IContextSource $context = null
2792 $this->load();
2793 $defaultOptions = self::getDefaultOptions();
2795 if ( !is_array( $resetKinds ) ) {
2796 $resetKinds = array( $resetKinds );
2799 if ( in_array( 'all', $resetKinds ) ) {
2800 $newOptions = $defaultOptions;
2801 } else {
2802 if ( $context === null ) {
2803 $context = RequestContext::getMain();
2806 $optionKinds = $this->getOptionKinds( $context );
2807 $resetKinds = array_intersect( $resetKinds, self::listOptionKinds() );
2808 $newOptions = array();
2810 // Use default values for the options that should be deleted, and
2811 // copy old values for the ones that shouldn't.
2812 foreach ( $this->mOptions as $key => $value ) {
2813 if ( in_array( $optionKinds[$key], $resetKinds ) ) {
2814 if ( array_key_exists( $key, $defaultOptions ) ) {
2815 $newOptions[$key] = $defaultOptions[$key];
2817 } else {
2818 $newOptions[$key] = $value;
2823 Hooks::run( 'UserResetAllOptions', array( $this, &$newOptions, $this->mOptions, $resetKinds ) );
2825 $this->mOptions = $newOptions;
2826 $this->mOptionsLoaded = true;
2830 * Get the user's preferred date format.
2831 * @return string User's preferred date format
2833 public function getDatePreference() {
2834 // Important migration for old data rows
2835 if ( is_null( $this->mDatePreference ) ) {
2836 global $wgLang;
2837 $value = $this->getOption( 'date' );
2838 $map = $wgLang->getDatePreferenceMigrationMap();
2839 if ( isset( $map[$value] ) ) {
2840 $value = $map[$value];
2842 $this->mDatePreference = $value;
2844 return $this->mDatePreference;
2848 * Determine based on the wiki configuration and the user's options,
2849 * whether this user must be over HTTPS no matter what.
2851 * @return bool
2853 public function requiresHTTPS() {
2854 global $wgSecureLogin;
2855 if ( !$wgSecureLogin ) {
2856 return false;
2857 } else {
2858 $https = $this->getBoolOption( 'prefershttps' );
2859 Hooks::run( 'UserRequiresHTTPS', array( $this, &$https ) );
2860 if ( $https ) {
2861 $https = wfCanIPUseHTTPS( $this->getRequest()->getIP() );
2863 return $https;
2868 * Get the user preferred stub threshold
2870 * @return int
2872 public function getStubThreshold() {
2873 global $wgMaxArticleSize; # Maximum article size, in Kb
2874 $threshold = $this->getIntOption( 'stubthreshold' );
2875 if ( $threshold > $wgMaxArticleSize * 1024 ) {
2876 // If they have set an impossible value, disable the preference
2877 // so we can use the parser cache again.
2878 $threshold = 0;
2880 return $threshold;
2884 * Get the permissions this user has.
2885 * @return array Array of String permission names
2887 public function getRights() {
2888 if ( is_null( $this->mRights ) ) {
2889 $this->mRights = self::getGroupPermissions( $this->getEffectiveGroups() );
2890 Hooks::run( 'UserGetRights', array( $this, &$this->mRights ) );
2891 // Force reindexation of rights when a hook has unset one of them
2892 $this->mRights = array_values( array_unique( $this->mRights ) );
2894 return $this->mRights;
2898 * Get the list of explicit group memberships this user has.
2899 * The implicit * and user groups are not included.
2900 * @return array Array of String internal group names
2902 public function getGroups() {
2903 $this->load();
2904 $this->loadGroups();
2905 return $this->mGroups;
2909 * Get the list of implicit group memberships this user has.
2910 * This includes all explicit groups, plus 'user' if logged in,
2911 * '*' for all accounts, and autopromoted groups
2912 * @param bool $recache Whether to avoid the cache
2913 * @return array Array of String internal group names
2915 public function getEffectiveGroups( $recache = false ) {
2916 if ( $recache || is_null( $this->mEffectiveGroups ) ) {
2917 $this->mEffectiveGroups = array_unique( array_merge(
2918 $this->getGroups(), // explicit groups
2919 $this->getAutomaticGroups( $recache ) // implicit groups
2920 ) );
2921 // Hook for additional groups
2922 Hooks::run( 'UserEffectiveGroups', array( &$this, &$this->mEffectiveGroups ) );
2923 // Force reindexation of groups when a hook has unset one of them
2924 $this->mEffectiveGroups = array_values( array_unique( $this->mEffectiveGroups ) );
2926 return $this->mEffectiveGroups;
2930 * Get the list of implicit group memberships this user has.
2931 * This includes 'user' if logged in, '*' for all accounts,
2932 * and autopromoted groups
2933 * @param bool $recache Whether to avoid the cache
2934 * @return array Array of String internal group names
2936 public function getAutomaticGroups( $recache = false ) {
2937 if ( $recache || is_null( $this->mImplicitGroups ) ) {
2938 $this->mImplicitGroups = array( '*' );
2939 if ( $this->getId() ) {
2940 $this->mImplicitGroups[] = 'user';
2942 $this->mImplicitGroups = array_unique( array_merge(
2943 $this->mImplicitGroups,
2944 Autopromote::getAutopromoteGroups( $this )
2945 ) );
2947 if ( $recache ) {
2948 // Assure data consistency with rights/groups,
2949 // as getEffectiveGroups() depends on this function
2950 $this->mEffectiveGroups = null;
2953 return $this->mImplicitGroups;
2957 * Returns the groups the user has belonged to.
2959 * The user may still belong to the returned groups. Compare with getGroups().
2961 * The function will not return groups the user had belonged to before MW 1.17
2963 * @return array Names of the groups the user has belonged to.
2965 public function getFormerGroups() {
2966 if ( is_null( $this->mFormerGroups ) ) {
2967 $dbr = wfGetDB( DB_MASTER );
2968 $res = $dbr->select( 'user_former_groups',
2969 array( 'ufg_group' ),
2970 array( 'ufg_user' => $this->mId ),
2971 __METHOD__ );
2972 $this->mFormerGroups = array();
2973 foreach ( $res as $row ) {
2974 $this->mFormerGroups[] = $row->ufg_group;
2977 return $this->mFormerGroups;
2981 * Get the user's edit count.
2982 * @return int|null Null for anonymous users
2984 public function getEditCount() {
2985 if ( !$this->getId() ) {
2986 return null;
2989 if ( $this->mEditCount === null ) {
2990 /* Populate the count, if it has not been populated yet */
2991 $dbr = wfGetDB( DB_SLAVE );
2992 // check if the user_editcount field has been initialized
2993 $count = $dbr->selectField(
2994 'user', 'user_editcount',
2995 array( 'user_id' => $this->mId ),
2996 __METHOD__
2999 if ( $count === null ) {
3000 // it has not been initialized. do so.
3001 $count = $this->initEditCount();
3003 $this->mEditCount = $count;
3005 return (int)$this->mEditCount;
3009 * Add the user to the given group.
3010 * This takes immediate effect.
3011 * @param string $group Name of the group to add
3012 * @return bool
3014 public function addGroup( $group ) {
3015 if ( !Hooks::run( 'UserAddGroup', array( $this, &$group ) ) ) {
3016 return false;
3019 $dbw = wfGetDB( DB_MASTER );
3020 if ( $this->getId() ) {
3021 $dbw->insert( 'user_groups',
3022 array(
3023 'ug_user' => $this->getID(),
3024 'ug_group' => $group,
3026 __METHOD__,
3027 array( 'IGNORE' ) );
3030 $this->loadGroups();
3031 $this->mGroups[] = $group;
3032 // In case loadGroups was not called before, we now have the right twice.
3033 // Get rid of the duplicate.
3034 $this->mGroups = array_unique( $this->mGroups );
3036 // Refresh the groups caches, and clear the rights cache so it will be
3037 // refreshed on the next call to $this->getRights().
3038 $this->getEffectiveGroups( true );
3039 $this->mRights = null;
3041 $this->invalidateCache();
3043 return true;
3047 * Remove the user from the given group.
3048 * This takes immediate effect.
3049 * @param string $group Name of the group to remove
3050 * @return bool
3052 public function removeGroup( $group ) {
3053 $this->load();
3054 if ( !Hooks::run( 'UserRemoveGroup', array( $this, &$group ) ) ) {
3055 return false;
3058 $dbw = wfGetDB( DB_MASTER );
3059 $dbw->delete( 'user_groups',
3060 array(
3061 'ug_user' => $this->getID(),
3062 'ug_group' => $group,
3063 ), __METHOD__
3065 // Remember that the user was in this group
3066 $dbw->insert( 'user_former_groups',
3067 array(
3068 'ufg_user' => $this->getID(),
3069 'ufg_group' => $group,
3071 __METHOD__,
3072 array( 'IGNORE' )
3075 $this->loadGroups();
3076 $this->mGroups = array_diff( $this->mGroups, array( $group ) );
3078 // Refresh the groups caches, and clear the rights cache so it will be
3079 // refreshed on the next call to $this->getRights().
3080 $this->getEffectiveGroups( true );
3081 $this->mRights = null;
3083 $this->invalidateCache();
3085 return true;
3089 * Get whether the user is logged in
3090 * @return bool
3092 public function isLoggedIn() {
3093 return $this->getID() != 0;
3097 * Get whether the user is anonymous
3098 * @return bool
3100 public function isAnon() {
3101 return !$this->isLoggedIn();
3105 * Check if user is allowed to access a feature / make an action
3107 * @param string $permissions,... Permissions to test
3108 * @return bool True if user is allowed to perform *any* of the given actions
3110 public function isAllowedAny( /*...*/ ) {
3111 $permissions = func_get_args();
3112 foreach ( $permissions as $permission ) {
3113 if ( $this->isAllowed( $permission ) ) {
3114 return true;
3117 return false;
3122 * @param string $permissions,... Permissions to test
3123 * @return bool True if the user is allowed to perform *all* of the given actions
3125 public function isAllowedAll( /*...*/ ) {
3126 $permissions = func_get_args();
3127 foreach ( $permissions as $permission ) {
3128 if ( !$this->isAllowed( $permission ) ) {
3129 return false;
3132 return true;
3136 * Internal mechanics of testing a permission
3137 * @param string $action
3138 * @return bool
3140 public function isAllowed( $action = '' ) {
3141 if ( $action === '' ) {
3142 return true; // In the spirit of DWIM
3144 // Patrolling may not be enabled
3145 if ( $action === 'patrol' || $action === 'autopatrol' ) {
3146 global $wgUseRCPatrol, $wgUseNPPatrol;
3147 if ( !$wgUseRCPatrol && !$wgUseNPPatrol ) {
3148 return false;
3151 // Use strict parameter to avoid matching numeric 0 accidentally inserted
3152 // by misconfiguration: 0 == 'foo'
3153 return in_array( $action, $this->getRights(), true );
3157 * Check whether to enable recent changes patrol features for this user
3158 * @return bool True or false
3160 public function useRCPatrol() {
3161 global $wgUseRCPatrol;
3162 return $wgUseRCPatrol && $this->isAllowedAny( 'patrol', 'patrolmarks' );
3166 * Check whether to enable new pages patrol features for this user
3167 * @return bool True or false
3169 public function useNPPatrol() {
3170 global $wgUseRCPatrol, $wgUseNPPatrol;
3171 return (
3172 ( $wgUseRCPatrol || $wgUseNPPatrol )
3173 && ( $this->isAllowedAny( 'patrol', 'patrolmarks' ) )
3178 * Get the WebRequest object to use with this object
3180 * @return WebRequest
3182 public function getRequest() {
3183 if ( $this->mRequest ) {
3184 return $this->mRequest;
3185 } else {
3186 global $wgRequest;
3187 return $wgRequest;
3192 * Get the current skin, loading it if required
3193 * @return Skin The current skin
3194 * @todo FIXME: Need to check the old failback system [AV]
3195 * @deprecated since 1.18 Use ->getSkin() in the most relevant outputting context you have
3197 public function getSkin() {
3198 wfDeprecated( __METHOD__, '1.18' );
3199 return RequestContext::getMain()->getSkin();
3203 * Get a WatchedItem for this user and $title.
3205 * @since 1.22 $checkRights parameter added
3206 * @param Title $title
3207 * @param int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
3208 * Pass WatchedItem::CHECK_USER_RIGHTS or WatchedItem::IGNORE_USER_RIGHTS.
3209 * @return WatchedItem
3211 public function getWatchedItem( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
3212 $key = $checkRights . ':' . $title->getNamespace() . ':' . $title->getDBkey();
3214 if ( isset( $this->mWatchedItems[$key] ) ) {
3215 return $this->mWatchedItems[$key];
3218 if ( count( $this->mWatchedItems ) >= self::MAX_WATCHED_ITEMS_CACHE ) {
3219 $this->mWatchedItems = array();
3222 $this->mWatchedItems[$key] = WatchedItem::fromUserTitle( $this, $title, $checkRights );
3223 return $this->mWatchedItems[$key];
3227 * Check the watched status of an article.
3228 * @since 1.22 $checkRights parameter added
3229 * @param Title $title Title of the article to look at
3230 * @param int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
3231 * Pass WatchedItem::CHECK_USER_RIGHTS or WatchedItem::IGNORE_USER_RIGHTS.
3232 * @return bool
3234 public function isWatched( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
3235 return $this->getWatchedItem( $title, $checkRights )->isWatched();
3239 * Watch an article.
3240 * @since 1.22 $checkRights parameter added
3241 * @param Title $title Title of the article to look at
3242 * @param int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
3243 * Pass WatchedItem::CHECK_USER_RIGHTS or WatchedItem::IGNORE_USER_RIGHTS.
3245 public function addWatch( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
3246 $this->getWatchedItem( $title, $checkRights )->addWatch();
3247 $this->invalidateCache();
3251 * Stop watching an article.
3252 * @since 1.22 $checkRights parameter added
3253 * @param Title $title Title of the article to look at
3254 * @param int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
3255 * Pass WatchedItem::CHECK_USER_RIGHTS or WatchedItem::IGNORE_USER_RIGHTS.
3257 public function removeWatch( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) {
3258 $this->getWatchedItem( $title, $checkRights )->removeWatch();
3259 $this->invalidateCache();
3263 * Clear the user's notification timestamp for the given title.
3264 * If e-notif e-mails are on, they will receive notification mails on
3265 * the next change of the page if it's watched etc.
3266 * @note If the user doesn't have 'editmywatchlist', this will do nothing.
3267 * @param Title $title Title of the article to look at
3268 * @param int $oldid The revision id being viewed. If not given or 0, latest revision is assumed.
3270 public function clearNotification( &$title, $oldid = 0 ) {
3271 global $wgUseEnotif, $wgShowUpdatedMarker;
3273 // Do nothing if the database is locked to writes
3274 if ( wfReadOnly() ) {
3275 return;
3278 // Do nothing if not allowed to edit the watchlist
3279 if ( !$this->isAllowed( 'editmywatchlist' ) ) {
3280 return;
3283 // If we're working on user's talk page, we should update the talk page message indicator
3284 if ( $title->getNamespace() == NS_USER_TALK && $title->getText() == $this->getName() ) {
3285 if ( !Hooks::run( 'UserClearNewTalkNotification', array( &$this, $oldid ) ) ) {
3286 return;
3289 $nextid = $oldid ? $title->getNextRevisionID( $oldid ) : null;
3291 if ( !$oldid || !$nextid ) {
3292 // If we're looking at the latest revision, we should definitely clear it
3293 $this->setNewtalk( false );
3294 } else {
3295 // Otherwise we should update its revision, if it's present
3296 if ( $this->getNewtalk() ) {
3297 // Naturally the other one won't clear by itself
3298 $this->setNewtalk( false );
3299 $this->setNewtalk( true, Revision::newFromId( $nextid ) );
3304 if ( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
3305 return;
3308 if ( $this->isAnon() ) {
3309 // Nothing else to do...
3310 return;
3313 // Only update the timestamp if the page is being watched.
3314 // The query to find out if it is watched is cached both in memcached and per-invocation,
3315 // and when it does have to be executed, it can be on a slave
3316 // If this is the user's newtalk page, we always update the timestamp
3317 $force = '';
3318 if ( $title->getNamespace() == NS_USER_TALK && $title->getText() == $this->getName() ) {
3319 $force = 'force';
3322 $this->getWatchedItem( $title )->resetNotificationTimestamp( $force, $oldid );
3326 * Resets all of the given user's page-change notification timestamps.
3327 * If e-notif e-mails are on, they will receive notification mails on
3328 * the next change of any watched page.
3329 * @note If the user doesn't have 'editmywatchlist', this will do nothing.
3331 public function clearAllNotifications() {
3332 if ( wfReadOnly() ) {
3333 return;
3336 // Do nothing if not allowed to edit the watchlist
3337 if ( !$this->isAllowed( 'editmywatchlist' ) ) {
3338 return;
3341 global $wgUseEnotif, $wgShowUpdatedMarker;
3342 if ( !$wgUseEnotif && !$wgShowUpdatedMarker ) {
3343 $this->setNewtalk( false );
3344 return;
3346 $id = $this->getId();
3347 if ( $id != 0 ) {
3348 $dbw = wfGetDB( DB_MASTER );
3349 $dbw->update( 'watchlist',
3350 array( /* SET */ 'wl_notificationtimestamp' => null ),
3351 array( /* WHERE */ 'wl_user' => $id ),
3352 __METHOD__
3354 // We also need to clear here the "you have new message" notification for the own user_talk page;
3355 // it's cleared one page view later in WikiPage::doViewUpdates().
3360 * Set a cookie on the user's client. Wrapper for
3361 * WebResponse::setCookie
3362 * @param string $name Name of the cookie to set
3363 * @param string $value Value to set
3364 * @param int $exp Expiration time, as a UNIX time value;
3365 * if 0 or not specified, use the default $wgCookieExpiration
3366 * @param bool $secure
3367 * true: Force setting the secure attribute when setting the cookie
3368 * false: Force NOT setting the secure attribute when setting the cookie
3369 * null (default): Use the default ($wgCookieSecure) to set the secure attribute
3370 * @param array $params Array of options sent passed to WebResponse::setcookie()
3372 protected function setCookie( $name, $value, $exp = 0, $secure = null, $params = array() ) {
3373 $params['secure'] = $secure;
3374 $this->getRequest()->response()->setcookie( $name, $value, $exp, $params );
3378 * Clear a cookie on the user's client
3379 * @param string $name Name of the cookie to clear
3380 * @param bool $secure
3381 * true: Force setting the secure attribute when setting the cookie
3382 * false: Force NOT setting the secure attribute when setting the cookie
3383 * null (default): Use the default ($wgCookieSecure) to set the secure attribute
3384 * @param array $params Array of options sent passed to WebResponse::setcookie()
3386 protected function clearCookie( $name, $secure = null, $params = array() ) {
3387 $this->setCookie( $name, '', time() - 86400, $secure, $params );
3391 * Set the default cookies for this session on the user's client.
3393 * @param WebRequest|null $request WebRequest object to use; $wgRequest will be used if null
3394 * is passed.
3395 * @param bool $secure Whether to force secure/insecure cookies or use default
3396 * @param bool $rememberMe Whether to add a Token cookie for elongated sessions
3398 public function setCookies( $request = null, $secure = null, $rememberMe = false ) {
3399 if ( $request === null ) {
3400 $request = $this->getRequest();
3403 $this->load();
3404 if ( 0 == $this->mId ) {
3405 return;
3407 if ( !$this->mToken ) {
3408 // When token is empty or NULL generate a new one and then save it to the database
3409 // This allows a wiki to re-secure itself after a leak of it's user table or $wgSecretKey
3410 // Simply by setting every cell in the user_token column to NULL and letting them be
3411 // regenerated as users log back into the wiki.
3412 $this->setToken();
3413 $this->saveSettings();
3415 $session = array(
3416 'wsUserID' => $this->mId,
3417 'wsToken' => $this->mToken,
3418 'wsUserName' => $this->getName()
3420 $cookies = array(
3421 'UserID' => $this->mId,
3422 'UserName' => $this->getName(),
3424 if ( $rememberMe ) {
3425 $cookies['Token'] = $this->mToken;
3426 } else {
3427 $cookies['Token'] = false;
3430 Hooks::run( 'UserSetCookies', array( $this, &$session, &$cookies ) );
3432 foreach ( $session as $name => $value ) {
3433 $request->setSessionData( $name, $value );
3435 foreach ( $cookies as $name => $value ) {
3436 if ( $value === false ) {
3437 $this->clearCookie( $name );
3438 } else {
3439 $this->setCookie( $name, $value, 0, $secure );
3444 * If wpStickHTTPS was selected, also set an insecure cookie that
3445 * will cause the site to redirect the user to HTTPS, if they access
3446 * it over HTTP. Bug 29898. Use an un-prefixed cookie, so it's the same
3447 * as the one set by centralauth (bug 53538). Also set it to session, or
3448 * standard time setting, based on if rememberme was set.
3450 if ( $request->getCheck( 'wpStickHTTPS' ) || $this->requiresHTTPS() ) {
3451 $this->setCookie(
3452 'forceHTTPS',
3453 'true',
3454 $rememberMe ? 0 : null,
3455 false,
3456 array( 'prefix' => '' ) // no prefix
3462 * Log this user out.
3464 public function logout() {
3465 if ( Hooks::run( 'UserLogout', array( &$this ) ) ) {
3466 $this->doLogout();
3471 * Clear the user's cookies and session, and reset the instance cache.
3472 * @see logout()
3474 public function doLogout() {
3475 $this->clearInstanceCache( 'defaults' );
3477 $this->getRequest()->setSessionData( 'wsUserID', 0 );
3479 $this->clearCookie( 'UserID' );
3480 $this->clearCookie( 'Token' );
3481 $this->clearCookie( 'forceHTTPS', false, array( 'prefix' => '' ) );
3483 // Remember when user logged out, to prevent seeing cached pages
3484 $this->setCookie( 'LoggedOut', time(), time() + 86400 );
3488 * Save this user's settings into the database.
3489 * @todo Only rarely do all these fields need to be set!
3491 public function saveSettings() {
3492 global $wgAuth;
3494 $this->load();
3495 $this->loadPasswords();
3496 if ( wfReadOnly() ) {
3497 return;
3499 if ( 0 == $this->mId ) {
3500 return;
3503 $this->mTouched = self::newTouchedTimestamp();
3504 if ( !$wgAuth->allowSetLocalPassword() ) {
3505 $this->mPassword = self::getPasswordFactory()->newFromCiphertext( null );
3508 $dbw = wfGetDB( DB_MASTER );
3509 $dbw->update( 'user',
3510 array( /* SET */
3511 'user_name' => $this->mName,
3512 'user_password' => $this->mPassword->toString(),
3513 'user_newpassword' => $this->mNewpassword->toString(),
3514 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
3515 'user_real_name' => $this->mRealName,
3516 'user_email' => $this->mEmail,
3517 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
3518 'user_touched' => $dbw->timestamp( $this->mTouched ),
3519 'user_token' => strval( $this->mToken ),
3520 'user_email_token' => $this->mEmailToken,
3521 'user_email_token_expires' => $dbw->timestampOrNull( $this->mEmailTokenExpires ),
3522 'user_password_expires' => $dbw->timestampOrNull( $this->mPasswordExpires ),
3523 ), array( /* WHERE */
3524 'user_id' => $this->mId
3525 ), __METHOD__
3528 $this->saveOptions();
3530 Hooks::run( 'UserSaveSettings', array( $this ) );
3531 $this->clearSharedCache();
3532 $this->getUserPage()->invalidateCache();
3536 * If only this user's username is known, and it exists, return the user ID.
3537 * @return int
3539 public function idForName() {
3540 $s = trim( $this->getName() );
3541 if ( $s === '' ) {
3542 return 0;
3545 $dbr = wfGetDB( DB_SLAVE );
3546 $id = $dbr->selectField( 'user', 'user_id', array( 'user_name' => $s ), __METHOD__ );
3547 if ( $id === false ) {
3548 $id = 0;
3550 return $id;
3554 * Add a user to the database, return the user object
3556 * @param string $name Username to add
3557 * @param array $params Array of Strings Non-default parameters to save to
3558 * the database as user_* fields:
3559 * - password: The user's password hash. Password logins will be disabled
3560 * if this is omitted.
3561 * - newpassword: Hash for a temporary password that has been mailed to
3562 * the user.
3563 * - email: The user's email address.
3564 * - email_authenticated: The email authentication timestamp.
3565 * - real_name: The user's real name.
3566 * - options: An associative array of non-default options.
3567 * - token: Random authentication token. Do not set.
3568 * - registration: Registration timestamp. Do not set.
3570 * @return User|null User object, or null if the username already exists.
3572 public static function createNew( $name, $params = array() ) {
3573 $user = new User;
3574 $user->load();
3575 $user->loadPasswords();
3576 $user->setToken(); // init token
3577 if ( isset( $params['options'] ) ) {
3578 $user->mOptions = $params['options'] + (array)$user->mOptions;
3579 unset( $params['options'] );
3581 $dbw = wfGetDB( DB_MASTER );
3582 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
3584 $fields = array(
3585 'user_id' => $seqVal,
3586 'user_name' => $name,
3587 'user_password' => $user->mPassword->toString(),
3588 'user_newpassword' => $user->mNewpassword->toString(),
3589 'user_newpass_time' => $dbw->timestampOrNull( $user->mNewpassTime ),
3590 'user_email' => $user->mEmail,
3591 'user_email_authenticated' => $dbw->timestampOrNull( $user->mEmailAuthenticated ),
3592 'user_real_name' => $user->mRealName,
3593 'user_token' => strval( $user->mToken ),
3594 'user_registration' => $dbw->timestamp( $user->mRegistration ),
3595 'user_editcount' => 0,
3596 'user_touched' => $dbw->timestamp( self::newTouchedTimestamp() ),
3598 foreach ( $params as $name => $value ) {
3599 $fields["user_$name"] = $value;
3601 $dbw->insert( 'user', $fields, __METHOD__, array( 'IGNORE' ) );
3602 if ( $dbw->affectedRows() ) {
3603 $newUser = User::newFromId( $dbw->insertId() );
3604 } else {
3605 $newUser = null;
3607 return $newUser;
3611 * Add this existing user object to the database. If the user already
3612 * exists, a fatal status object is returned, and the user object is
3613 * initialised with the data from the database.
3615 * Previously, this function generated a DB error due to a key conflict
3616 * if the user already existed. Many extension callers use this function
3617 * in code along the lines of:
3619 * $user = User::newFromName( $name );
3620 * if ( !$user->isLoggedIn() ) {
3621 * $user->addToDatabase();
3623 * // do something with $user...
3625 * However, this was vulnerable to a race condition (bug 16020). By
3626 * initialising the user object if the user exists, we aim to support this
3627 * calling sequence as far as possible.
3629 * Note that if the user exists, this function will acquire a write lock,
3630 * so it is still advisable to make the call conditional on isLoggedIn(),
3631 * and to commit the transaction after calling.
3633 * @throws MWException
3634 * @return Status
3636 public function addToDatabase() {
3637 $this->load();
3638 $this->loadPasswords();
3639 if ( !$this->mToken ) {
3640 $this->setToken(); // init token
3643 $this->mTouched = self::newTouchedTimestamp();
3645 $dbw = wfGetDB( DB_MASTER );
3646 $inWrite = $dbw->writesOrCallbacksPending();
3647 $seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
3648 $dbw->insert( 'user',
3649 array(
3650 'user_id' => $seqVal,
3651 'user_name' => $this->mName,
3652 'user_password' => $this->mPassword->toString(),
3653 'user_newpassword' => $this->mNewpassword->toString(),
3654 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
3655 'user_email' => $this->mEmail,
3656 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
3657 'user_real_name' => $this->mRealName,
3658 'user_token' => strval( $this->mToken ),
3659 'user_registration' => $dbw->timestamp( $this->mRegistration ),
3660 'user_editcount' => 0,
3661 'user_touched' => $dbw->timestamp( $this->mTouched ),
3662 ), __METHOD__,
3663 array( 'IGNORE' )
3665 if ( !$dbw->affectedRows() ) {
3666 // The queries below cannot happen in the same REPEATABLE-READ snapshot.
3667 // Handle this by COMMIT, if possible, or by LOCK IN SHARE MODE otherwise.
3668 if ( $inWrite ) {
3669 // Can't commit due to pending writes that may need atomicity.
3670 // This may cause some lock contention unlike the case below.
3671 $options = array( 'LOCK IN SHARE MODE' );
3672 $flags = self::READ_LOCKING;
3673 } else {
3674 // Often, this case happens early in views before any writes when
3675 // using CentralAuth. It's should be OK to commit and break the snapshot.
3676 $dbw->commit( __METHOD__, 'flush' );
3677 $options = array();
3678 $flags = 0;
3680 $this->mId = $dbw->selectField( 'user', 'user_id',
3681 array( 'user_name' => $this->mName ), __METHOD__, $options );
3682 $loaded = false;
3683 if ( $this->mId ) {
3684 if ( $this->loadFromDatabase( $flags ) ) {
3685 $loaded = true;
3688 if ( !$loaded ) {
3689 throw new MWException( __METHOD__ . ": hit a key conflict attempting " .
3690 "to insert user '{$this->mName}' row, but it was not present in select!" );
3692 return Status::newFatal( 'userexists' );
3694 $this->mId = $dbw->insertId();
3696 // Clear instance cache other than user table data, which is already accurate
3697 $this->clearInstanceCache();
3699 $this->saveOptions();
3700 return Status::newGood();
3704 * If this user is logged-in and blocked,
3705 * block any IP address they've successfully logged in from.
3706 * @return bool A block was spread
3708 public function spreadAnyEditBlock() {
3709 if ( $this->isLoggedIn() && $this->isBlocked() ) {
3710 return $this->spreadBlock();
3712 return false;
3716 * If this (non-anonymous) user is blocked,
3717 * block the IP address they've successfully logged in from.
3718 * @return bool A block was spread
3720 protected function spreadBlock() {
3721 wfDebug( __METHOD__ . "()\n" );
3722 $this->load();
3723 if ( $this->mId == 0 ) {
3724 return false;
3727 $userblock = Block::newFromTarget( $this->getName() );
3728 if ( !$userblock ) {
3729 return false;
3732 return (bool)$userblock->doAutoblock( $this->getRequest()->getIP() );
3736 * Get whether the user is explicitly blocked from account creation.
3737 * @return bool|Block
3739 public function isBlockedFromCreateAccount() {
3740 $this->getBlockedStatus();
3741 if ( $this->mBlock && $this->mBlock->prevents( 'createaccount' ) ) {
3742 return $this->mBlock;
3745 # bug 13611: if the IP address the user is trying to create an account from is
3746 # blocked with createaccount disabled, prevent new account creation there even
3747 # when the user is logged in
3748 if ( $this->mBlockedFromCreateAccount === false && !$this->isAllowed( 'ipblock-exempt' ) ) {
3749 $this->mBlockedFromCreateAccount = Block::newFromTarget( null, $this->getRequest()->getIP() );
3751 return $this->mBlockedFromCreateAccount instanceof Block
3752 && $this->mBlockedFromCreateAccount->prevents( 'createaccount' )
3753 ? $this->mBlockedFromCreateAccount
3754 : false;
3758 * Get whether the user is blocked from using Special:Emailuser.
3759 * @return bool
3761 public function isBlockedFromEmailuser() {
3762 $this->getBlockedStatus();
3763 return $this->mBlock && $this->mBlock->prevents( 'sendemail' );
3767 * Get whether the user is allowed to create an account.
3768 * @return bool
3770 public function isAllowedToCreateAccount() {
3771 return $this->isAllowed( 'createaccount' ) && !$this->isBlockedFromCreateAccount();
3775 * Get this user's personal page title.
3777 * @return Title User's personal page title
3779 public function getUserPage() {
3780 return Title::makeTitle( NS_USER, $this->getName() );
3784 * Get this user's talk page title.
3786 * @return Title User's talk page title
3788 public function getTalkPage() {
3789 $title = $this->getUserPage();
3790 return $title->getTalkPage();
3794 * Determine whether the user is a newbie. Newbies are either
3795 * anonymous IPs, or the most recently created accounts.
3796 * @return bool
3798 public function isNewbie() {
3799 return !$this->isAllowed( 'autoconfirmed' );
3803 * Check to see if the given clear-text password is one of the accepted passwords
3804 * @param string $password User password
3805 * @return bool True if the given password is correct, otherwise False
3807 public function checkPassword( $password ) {
3808 global $wgAuth, $wgLegacyEncoding;
3810 $this->loadPasswords();
3812 // Certain authentication plugins do NOT want to save
3813 // domain passwords in a mysql database, so we should
3814 // check this (in case $wgAuth->strict() is false).
3815 if ( $wgAuth->authenticate( $this->getName(), $password ) ) {
3816 return true;
3817 } elseif ( $wgAuth->strict() ) {
3818 // Auth plugin doesn't allow local authentication
3819 return false;
3820 } elseif ( $wgAuth->strictUserAuth( $this->getName() ) ) {
3821 // Auth plugin doesn't allow local authentication for this user name
3822 return false;
3825 if ( !$this->mPassword->equals( $password ) ) {
3826 if ( $wgLegacyEncoding ) {
3827 // Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted
3828 // Check for this with iconv
3829 $cp1252Password = iconv( 'UTF-8', 'WINDOWS-1252//TRANSLIT', $password );
3830 if ( $cp1252Password === $password || !$this->mPassword->equals( $cp1252Password ) ) {
3831 return false;
3833 } else {
3834 return false;
3838 $passwordFactory = self::getPasswordFactory();
3839 if ( $passwordFactory->needsUpdate( $this->mPassword ) ) {
3840 $this->mPassword = $passwordFactory->newFromPlaintext( $password );
3841 $this->saveSettings();
3844 return true;
3848 * Check if the given clear-text password matches the temporary password
3849 * sent by e-mail for password reset operations.
3851 * @param string $plaintext
3853 * @return bool True if matches, false otherwise
3855 public function checkTemporaryPassword( $plaintext ) {
3856 global $wgNewPasswordExpiry;
3858 $this->load();
3859 $this->loadPasswords();
3860 if ( $this->mNewpassword->equals( $plaintext ) ) {
3861 if ( is_null( $this->mNewpassTime ) ) {
3862 return true;
3864 $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry;
3865 return ( time() < $expiry );
3866 } else {
3867 return false;
3872 * Alias for getEditToken.
3873 * @deprecated since 1.19, use getEditToken instead.
3875 * @param string|array $salt Array of Strings Optional function-specific data for hashing
3876 * @param WebRequest|null $request WebRequest object to use or null to use $wgRequest
3877 * @return string The new edit token
3879 public function editToken( $salt = '', $request = null ) {
3880 wfDeprecated( __METHOD__, '1.19' );
3881 return $this->getEditToken( $salt, $request );
3885 * Internal implementation for self::getEditToken() and
3886 * self::matchEditToken().
3888 * @param string|array $salt
3889 * @param WebRequest $request
3890 * @param string|int $timestamp
3891 * @return string
3893 private function getEditTokenAtTimestamp( $salt, $request, $timestamp ) {
3894 if ( $this->isAnon() ) {
3895 return self::EDIT_TOKEN_SUFFIX;
3896 } else {
3897 $token = $request->getSessionData( 'wsEditToken' );
3898 if ( $token === null ) {
3899 $token = MWCryptRand::generateHex( 32 );
3900 $request->setSessionData( 'wsEditToken', $token );
3902 if ( is_array( $salt ) ) {
3903 $salt = implode( '|', $salt );
3905 return hash_hmac( 'md5', $timestamp . $salt, $token, false ) .
3906 dechex( $timestamp ) .
3907 self::EDIT_TOKEN_SUFFIX;
3912 * Initialize (if necessary) and return a session token value
3913 * which can be used in edit forms to show that the user's
3914 * login credentials aren't being hijacked with a foreign form
3915 * submission.
3917 * @since 1.19
3919 * @param string|array $salt Array of Strings Optional function-specific data for hashing
3920 * @param WebRequest|null $request WebRequest object to use or null to use $wgRequest
3921 * @return string The new edit token
3923 public function getEditToken( $salt = '', $request = null ) {
3924 return $this->getEditTokenAtTimestamp(
3925 $salt, $request ?: $this->getRequest(), wfTimestamp()
3930 * Generate a looking random token for various uses.
3932 * @return string The new random token
3933 * @deprecated since 1.20: Use MWCryptRand for secure purposes or
3934 * wfRandomString for pseudo-randomness.
3936 public static function generateToken() {
3937 return MWCryptRand::generateHex( 32 );
3941 * Check given value against the token value stored in the session.
3942 * A match should confirm that the form was submitted from the
3943 * user's own login session, not a form submission from a third-party
3944 * site.
3946 * @param string $val Input value to compare
3947 * @param string $salt Optional function-specific data for hashing
3948 * @param WebRequest|null $request Object to use or null to use $wgRequest
3949 * @param int $maxage Fail tokens older than this, in seconds
3950 * @return bool Whether the token matches
3952 public function matchEditToken( $val, $salt = '', $request = null, $maxage = null ) {
3953 if ( $this->isAnon() ) {
3954 return $val === self::EDIT_TOKEN_SUFFIX;
3957 $suffixLen = strlen( self::EDIT_TOKEN_SUFFIX );
3958 if ( strlen( $val ) <= 32 + $suffixLen ) {
3959 return false;
3962 $timestamp = hexdec( substr( $val, 32, -$suffixLen ) );
3963 if ( $maxage !== null && $timestamp < wfTimestamp() - $maxage ) {
3964 // Expired token
3965 return false;
3968 $sessionToken = $this->getEditTokenAtTimestamp(
3969 $salt, $request ?: $this->getRequest(), $timestamp
3972 if ( $val != $sessionToken ) {
3973 wfDebug( "User::matchEditToken: broken session data\n" );
3976 return hash_equals( $sessionToken, $val );
3980 * Check given value against the token value stored in the session,
3981 * ignoring the suffix.
3983 * @param string $val Input value to compare
3984 * @param string $salt Optional function-specific data for hashing
3985 * @param WebRequest|null $request Object to use or null to use $wgRequest
3986 * @param int $maxage Fail tokens older than this, in seconds
3987 * @return bool Whether the token matches
3989 public function matchEditTokenNoSuffix( $val, $salt = '', $request = null, $maxage = null ) {
3990 $val = substr( $val, 0, strspn( $val, '0123456789abcdef' ) ) . self::EDIT_TOKEN_SUFFIX;
3991 return $this->matchEditToken( $val, $salt, $request, $maxage );
3995 * Generate a new e-mail confirmation token and send a confirmation/invalidation
3996 * mail to the user's given address.
3998 * @param string $type Message to send, either "created", "changed" or "set"
3999 * @return Status
4001 public function sendConfirmationMail( $type = 'created' ) {
4002 global $wgLang;
4003 $expiration = null; // gets passed-by-ref and defined in next line.
4004 $token = $this->confirmationToken( $expiration );
4005 $url = $this->confirmationTokenUrl( $token );
4006 $invalidateURL = $this->invalidationTokenUrl( $token );
4007 $this->saveSettings();
4009 if ( $type == 'created' || $type === false ) {
4010 $message = 'confirmemail_body';
4011 } elseif ( $type === true ) {
4012 $message = 'confirmemail_body_changed';
4013 } else {
4014 // Messages: confirmemail_body_changed, confirmemail_body_set
4015 $message = 'confirmemail_body_' . $type;
4018 return $this->sendMail( wfMessage( 'confirmemail_subject' )->text(),
4019 wfMessage( $message,
4020 $this->getRequest()->getIP(),
4021 $this->getName(),
4022 $url,
4023 $wgLang->timeanddate( $expiration, false ),
4024 $invalidateURL,
4025 $wgLang->date( $expiration, false ),
4026 $wgLang->time( $expiration, false ) )->text() );
4030 * Send an e-mail to this user's account. Does not check for
4031 * confirmed status or validity.
4033 * @param string $subject Message subject
4034 * @param string $body Message body
4035 * @param string $from Optional From address; if unspecified, default
4036 * $wgPasswordSender will be used.
4037 * @param string $replyto Reply-To address
4038 * @return Status
4040 public function sendMail( $subject, $body, $from = null, $replyto = null ) {
4041 if ( is_null( $from ) ) {
4042 global $wgPasswordSender;
4043 $sender = new MailAddress( $wgPasswordSender,
4044 wfMessage( 'emailsender' )->inContentLanguage()->text() );
4045 } else {
4046 $sender = MailAddress::newFromUser( $from );
4049 $to = MailAddress::newFromUser( $this );
4050 return UserMailer::send( $to, $sender, $subject, $body, $replyto );
4054 * Generate, store, and return a new e-mail confirmation code.
4055 * A hash (unsalted, since it's used as a key) is stored.
4057 * @note Call saveSettings() after calling this function to commit
4058 * this change to the database.
4060 * @param string &$expiration Accepts the expiration time
4061 * @return string New token
4063 protected function confirmationToken( &$expiration ) {
4064 global $wgUserEmailConfirmationTokenExpiry;
4065 $now = time();
4066 $expires = $now + $wgUserEmailConfirmationTokenExpiry;
4067 $expiration = wfTimestamp( TS_MW, $expires );
4068 $this->load();
4069 $token = MWCryptRand::generateHex( 32 );
4070 $hash = md5( $token );
4071 $this->mEmailToken = $hash;
4072 $this->mEmailTokenExpires = $expiration;
4073 return $token;
4077 * Return a URL the user can use to confirm their email address.
4078 * @param string $token Accepts the email confirmation token
4079 * @return string New token URL
4081 protected function confirmationTokenUrl( $token ) {
4082 return $this->getTokenUrl( 'ConfirmEmail', $token );
4086 * Return a URL the user can use to invalidate their email address.
4087 * @param string $token Accepts the email confirmation token
4088 * @return string New token URL
4090 protected function invalidationTokenUrl( $token ) {
4091 return $this->getTokenUrl( 'InvalidateEmail', $token );
4095 * Internal function to format the e-mail validation/invalidation URLs.
4096 * This uses a quickie hack to use the
4097 * hardcoded English names of the Special: pages, for ASCII safety.
4099 * @note Since these URLs get dropped directly into emails, using the
4100 * short English names avoids insanely long URL-encoded links, which
4101 * also sometimes can get corrupted in some browsers/mailers
4102 * (bug 6957 with Gmail and Internet Explorer).
4104 * @param string $page Special page
4105 * @param string $token Token
4106 * @return string Formatted URL
4108 protected function getTokenUrl( $page, $token ) {
4109 // Hack to bypass localization of 'Special:'
4110 $title = Title::makeTitle( NS_MAIN, "Special:$page/$token" );
4111 return $title->getCanonicalURL();
4115 * Mark the e-mail address confirmed.
4117 * @note Call saveSettings() after calling this function to commit the change.
4119 * @return bool
4121 public function confirmEmail() {
4122 // Check if it's already confirmed, so we don't touch the database
4123 // and fire the ConfirmEmailComplete hook on redundant confirmations.
4124 if ( !$this->isEmailConfirmed() ) {
4125 $this->setEmailAuthenticationTimestamp( wfTimestampNow() );
4126 Hooks::run( 'ConfirmEmailComplete', array( $this ) );
4128 return true;
4132 * Invalidate the user's e-mail confirmation, and unauthenticate the e-mail
4133 * address if it was already confirmed.
4135 * @note Call saveSettings() after calling this function to commit the change.
4136 * @return bool Returns true
4138 public function invalidateEmail() {
4139 $this->load();
4140 $this->mEmailToken = null;
4141 $this->mEmailTokenExpires = null;
4142 $this->setEmailAuthenticationTimestamp( null );
4143 $this->mEmail = '';
4144 Hooks::run( 'InvalidateEmailComplete', array( $this ) );
4145 return true;
4149 * Set the e-mail authentication timestamp.
4150 * @param string $timestamp TS_MW timestamp
4152 public function setEmailAuthenticationTimestamp( $timestamp ) {
4153 $this->load();
4154 $this->mEmailAuthenticated = $timestamp;
4155 Hooks::run( 'UserSetEmailAuthenticationTimestamp', array( $this, &$this->mEmailAuthenticated ) );
4159 * Is this user allowed to send e-mails within limits of current
4160 * site configuration?
4161 * @return bool
4163 public function canSendEmail() {
4164 global $wgEnableEmail, $wgEnableUserEmail;
4165 if ( !$wgEnableEmail || !$wgEnableUserEmail || !$this->isAllowed( 'sendemail' ) ) {
4166 return false;
4168 $canSend = $this->isEmailConfirmed();
4169 Hooks::run( 'UserCanSendEmail', array( &$this, &$canSend ) );
4170 return $canSend;
4174 * Is this user allowed to receive e-mails within limits of current
4175 * site configuration?
4176 * @return bool
4178 public function canReceiveEmail() {
4179 return $this->isEmailConfirmed() && !$this->getOption( 'disablemail' );
4183 * Is this user's e-mail address valid-looking and confirmed within
4184 * limits of the current site configuration?
4186 * @note If $wgEmailAuthentication is on, this may require the user to have
4187 * confirmed their address by returning a code or using a password
4188 * sent to the address from the wiki.
4190 * @return bool
4192 public function isEmailConfirmed() {
4193 global $wgEmailAuthentication;
4194 $this->load();
4195 $confirmed = true;
4196 if ( Hooks::run( 'EmailConfirmed', array( &$this, &$confirmed ) ) ) {
4197 if ( $this->isAnon() ) {
4198 return false;
4200 if ( !Sanitizer::validateEmail( $this->mEmail ) ) {
4201 return false;
4203 if ( $wgEmailAuthentication && !$this->getEmailAuthenticationTimestamp() ) {
4204 return false;
4206 return true;
4207 } else {
4208 return $confirmed;
4213 * Check whether there is an outstanding request for e-mail confirmation.
4214 * @return bool
4216 public function isEmailConfirmationPending() {
4217 global $wgEmailAuthentication;
4218 return $wgEmailAuthentication &&
4219 !$this->isEmailConfirmed() &&
4220 $this->mEmailToken &&
4221 $this->mEmailTokenExpires > wfTimestamp();
4225 * Get the timestamp of account creation.
4227 * @return string|bool|null Timestamp of account creation, false for
4228 * non-existent/anonymous user accounts, or null if existing account
4229 * but information is not in database.
4231 public function getRegistration() {
4232 if ( $this->isAnon() ) {
4233 return false;
4235 $this->load();
4236 return $this->mRegistration;
4240 * Get the timestamp of the first edit
4242 * @return string|bool Timestamp of first edit, or false for
4243 * non-existent/anonymous user accounts.
4245 public function getFirstEditTimestamp() {
4246 if ( $this->getId() == 0 ) {
4247 return false; // anons
4249 $dbr = wfGetDB( DB_SLAVE );
4250 $time = $dbr->selectField( 'revision', 'rev_timestamp',
4251 array( 'rev_user' => $this->getId() ),
4252 __METHOD__,
4253 array( 'ORDER BY' => 'rev_timestamp ASC' )
4255 if ( !$time ) {
4256 return false; // no edits
4258 return wfTimestamp( TS_MW, $time );
4262 * Get the permissions associated with a given list of groups
4264 * @param array $groups Array of Strings List of internal group names
4265 * @return array Array of Strings List of permission key names for given groups combined
4267 public static function getGroupPermissions( $groups ) {
4268 global $wgGroupPermissions, $wgRevokePermissions;
4269 $rights = array();
4270 // grant every granted permission first
4271 foreach ( $groups as $group ) {
4272 if ( isset( $wgGroupPermissions[$group] ) ) {
4273 $rights = array_merge( $rights,
4274 // array_filter removes empty items
4275 array_keys( array_filter( $wgGroupPermissions[$group] ) ) );
4278 // now revoke the revoked permissions
4279 foreach ( $groups as $group ) {
4280 if ( isset( $wgRevokePermissions[$group] ) ) {
4281 $rights = array_diff( $rights,
4282 array_keys( array_filter( $wgRevokePermissions[$group] ) ) );
4285 return array_unique( $rights );
4289 * Get all the groups who have a given permission
4291 * @param string $role Role to check
4292 * @return array Array of Strings List of internal group names with the given permission
4294 public static function getGroupsWithPermission( $role ) {
4295 global $wgGroupPermissions;
4296 $allowedGroups = array();
4297 foreach ( array_keys( $wgGroupPermissions ) as $group ) {
4298 if ( self::groupHasPermission( $group, $role ) ) {
4299 $allowedGroups[] = $group;
4302 return $allowedGroups;
4306 * Check, if the given group has the given permission
4308 * If you're wanting to check whether all users have a permission, use
4309 * User::isEveryoneAllowed() instead. That properly checks if it's revoked
4310 * from anyone.
4312 * @since 1.21
4313 * @param string $group Group to check
4314 * @param string $role Role to check
4315 * @return bool
4317 public static function groupHasPermission( $group, $role ) {
4318 global $wgGroupPermissions, $wgRevokePermissions;
4319 return isset( $wgGroupPermissions[$group][$role] ) && $wgGroupPermissions[$group][$role]
4320 && !( isset( $wgRevokePermissions[$group][$role] ) && $wgRevokePermissions[$group][$role] );
4324 * Check if all users have the given permission
4326 * @since 1.22
4327 * @param string $right Right to check
4328 * @return bool
4330 public static function isEveryoneAllowed( $right ) {
4331 global $wgGroupPermissions, $wgRevokePermissions;
4332 static $cache = array();
4334 // Use the cached results, except in unit tests which rely on
4335 // being able change the permission mid-request
4336 if ( isset( $cache[$right] ) && !defined( 'MW_PHPUNIT_TEST' ) ) {
4337 return $cache[$right];
4340 if ( !isset( $wgGroupPermissions['*'][$right] ) || !$wgGroupPermissions['*'][$right] ) {
4341 $cache[$right] = false;
4342 return false;
4345 // If it's revoked anywhere, then everyone doesn't have it
4346 foreach ( $wgRevokePermissions as $rights ) {
4347 if ( isset( $rights[$right] ) && $rights[$right] ) {
4348 $cache[$right] = false;
4349 return false;
4353 // Allow extensions (e.g. OAuth) to say false
4354 if ( !Hooks::run( 'UserIsEveryoneAllowed', array( $right ) ) ) {
4355 $cache[$right] = false;
4356 return false;
4359 $cache[$right] = true;
4360 return true;
4364 * Get the localized descriptive name for a group, if it exists
4366 * @param string $group Internal group name
4367 * @return string Localized descriptive group name
4369 public static function getGroupName( $group ) {
4370 $msg = wfMessage( "group-$group" );
4371 return $msg->isBlank() ? $group : $msg->text();
4375 * Get the localized descriptive name for a member of a group, if it exists
4377 * @param string $group Internal group name
4378 * @param string $username Username for gender (since 1.19)
4379 * @return string Localized name for group member
4381 public static function getGroupMember( $group, $username = '#' ) {
4382 $msg = wfMessage( "group-$group-member", $username );
4383 return $msg->isBlank() ? $group : $msg->text();
4387 * Return the set of defined explicit groups.
4388 * The implicit groups (by default *, 'user' and 'autoconfirmed')
4389 * are not included, as they are defined automatically, not in the database.
4390 * @return array Array of internal group names
4392 public static function getAllGroups() {
4393 global $wgGroupPermissions, $wgRevokePermissions;
4394 return array_diff(
4395 array_merge( array_keys( $wgGroupPermissions ), array_keys( $wgRevokePermissions ) ),
4396 self::getImplicitGroups()
4401 * Get a list of all available permissions.
4402 * @return array Array of permission names
4404 public static function getAllRights() {
4405 if ( self::$mAllRights === false ) {
4406 global $wgAvailableRights;
4407 if ( count( $wgAvailableRights ) ) {
4408 self::$mAllRights = array_unique( array_merge( self::$mCoreRights, $wgAvailableRights ) );
4409 } else {
4410 self::$mAllRights = self::$mCoreRights;
4412 Hooks::run( 'UserGetAllRights', array( &self::$mAllRights ) );
4414 return self::$mAllRights;
4418 * Get a list of implicit groups
4419 * @return array Array of Strings Array of internal group names
4421 public static function getImplicitGroups() {
4422 global $wgImplicitGroups;
4424 $groups = $wgImplicitGroups;
4425 # Deprecated, use $wgImplicitGroups instead
4426 Hooks::run( 'UserGetImplicitGroups', array( &$groups ), '1.25' );
4428 return $groups;
4432 * Get the title of a page describing a particular group
4434 * @param string $group Internal group name
4435 * @return Title|bool Title of the page if it exists, false otherwise
4437 public static function getGroupPage( $group ) {
4438 $msg = wfMessage( 'grouppage-' . $group )->inContentLanguage();
4439 if ( $msg->exists() ) {
4440 $title = Title::newFromText( $msg->text() );
4441 if ( is_object( $title ) ) {
4442 return $title;
4445 return false;
4449 * Create a link to the group in HTML, if available;
4450 * else return the group name.
4452 * @param string $group Internal name of the group
4453 * @param string $text The text of the link
4454 * @return string HTML link to the group
4456 public static function makeGroupLinkHTML( $group, $text = '' ) {
4457 if ( $text == '' ) {
4458 $text = self::getGroupName( $group );
4460 $title = self::getGroupPage( $group );
4461 if ( $title ) {
4462 return Linker::link( $title, htmlspecialchars( $text ) );
4463 } else {
4464 return htmlspecialchars( $text );
4469 * Create a link to the group in Wikitext, if available;
4470 * else return the group name.
4472 * @param string $group Internal name of the group
4473 * @param string $text The text of the link
4474 * @return string Wikilink to the group
4476 public static function makeGroupLinkWiki( $group, $text = '' ) {
4477 if ( $text == '' ) {
4478 $text = self::getGroupName( $group );
4480 $title = self::getGroupPage( $group );
4481 if ( $title ) {
4482 $page = $title->getFullText();
4483 return "[[$page|$text]]";
4484 } else {
4485 return $text;
4490 * Returns an array of the groups that a particular group can add/remove.
4492 * @param string $group The group to check for whether it can add/remove
4493 * @return array Array( 'add' => array( addablegroups ),
4494 * 'remove' => array( removablegroups ),
4495 * 'add-self' => array( addablegroups to self),
4496 * 'remove-self' => array( removable groups from self) )
4498 public static function changeableByGroup( $group ) {
4499 global $wgAddGroups, $wgRemoveGroups, $wgGroupsAddToSelf, $wgGroupsRemoveFromSelf;
4501 $groups = array(
4502 'add' => array(),
4503 'remove' => array(),
4504 'add-self' => array(),
4505 'remove-self' => array()
4508 if ( empty( $wgAddGroups[$group] ) ) {
4509 // Don't add anything to $groups
4510 } elseif ( $wgAddGroups[$group] === true ) {
4511 // You get everything
4512 $groups['add'] = self::getAllGroups();
4513 } elseif ( is_array( $wgAddGroups[$group] ) ) {
4514 $groups['add'] = $wgAddGroups[$group];
4517 // Same thing for remove
4518 if ( empty( $wgRemoveGroups[$group] ) ) {
4519 // Do nothing
4520 } elseif ( $wgRemoveGroups[$group] === true ) {
4521 $groups['remove'] = self::getAllGroups();
4522 } elseif ( is_array( $wgRemoveGroups[$group] ) ) {
4523 $groups['remove'] = $wgRemoveGroups[$group];
4526 // Re-map numeric keys of AddToSelf/RemoveFromSelf to the 'user' key for backwards compatibility
4527 if ( empty( $wgGroupsAddToSelf['user'] ) || $wgGroupsAddToSelf['user'] !== true ) {
4528 foreach ( $wgGroupsAddToSelf as $key => $value ) {
4529 if ( is_int( $key ) ) {
4530 $wgGroupsAddToSelf['user'][] = $value;
4535 if ( empty( $wgGroupsRemoveFromSelf['user'] ) || $wgGroupsRemoveFromSelf['user'] !== true ) {
4536 foreach ( $wgGroupsRemoveFromSelf as $key => $value ) {
4537 if ( is_int( $key ) ) {
4538 $wgGroupsRemoveFromSelf['user'][] = $value;
4543 // Now figure out what groups the user can add to him/herself
4544 if ( empty( $wgGroupsAddToSelf[$group] ) ) {
4545 // Do nothing
4546 } elseif ( $wgGroupsAddToSelf[$group] === true ) {
4547 // No idea WHY this would be used, but it's there
4548 $groups['add-self'] = User::getAllGroups();
4549 } elseif ( is_array( $wgGroupsAddToSelf[$group] ) ) {
4550 $groups['add-self'] = $wgGroupsAddToSelf[$group];
4553 if ( empty( $wgGroupsRemoveFromSelf[$group] ) ) {
4554 // Do nothing
4555 } elseif ( $wgGroupsRemoveFromSelf[$group] === true ) {
4556 $groups['remove-self'] = User::getAllGroups();
4557 } elseif ( is_array( $wgGroupsRemoveFromSelf[$group] ) ) {
4558 $groups['remove-self'] = $wgGroupsRemoveFromSelf[$group];
4561 return $groups;
4565 * Returns an array of groups that this user can add and remove
4566 * @return array Array( 'add' => array( addablegroups ),
4567 * 'remove' => array( removablegroups ),
4568 * 'add-self' => array( addablegroups to self),
4569 * 'remove-self' => array( removable groups from self) )
4571 public function changeableGroups() {
4572 if ( $this->isAllowed( 'userrights' ) ) {
4573 // This group gives the right to modify everything (reverse-
4574 // compatibility with old "userrights lets you change
4575 // everything")
4576 // Using array_merge to make the groups reindexed
4577 $all = array_merge( User::getAllGroups() );
4578 return array(
4579 'add' => $all,
4580 'remove' => $all,
4581 'add-self' => array(),
4582 'remove-self' => array()
4586 // Okay, it's not so simple, we will have to go through the arrays
4587 $groups = array(
4588 'add' => array(),
4589 'remove' => array(),
4590 'add-self' => array(),
4591 'remove-self' => array()
4593 $addergroups = $this->getEffectiveGroups();
4595 foreach ( $addergroups as $addergroup ) {
4596 $groups = array_merge_recursive(
4597 $groups, $this->changeableByGroup( $addergroup )
4599 $groups['add'] = array_unique( $groups['add'] );
4600 $groups['remove'] = array_unique( $groups['remove'] );
4601 $groups['add-self'] = array_unique( $groups['add-self'] );
4602 $groups['remove-self'] = array_unique( $groups['remove-self'] );
4604 return $groups;
4608 * Increment the user's edit-count field.
4609 * Will have no effect for anonymous users.
4611 public function incEditCount() {
4612 if ( !$this->isAnon() ) {
4613 $dbw = wfGetDB( DB_MASTER );
4614 $dbw->update(
4615 'user',
4616 array( 'user_editcount=user_editcount+1' ),
4617 array( 'user_id' => $this->getId() ),
4618 __METHOD__
4621 // Lazy initialization check...
4622 if ( $dbw->affectedRows() == 0 ) {
4623 // Now here's a goddamn hack...
4624 $dbr = wfGetDB( DB_SLAVE );
4625 if ( $dbr !== $dbw ) {
4626 // If we actually have a slave server, the count is
4627 // at least one behind because the current transaction
4628 // has not been committed and replicated.
4629 $this->initEditCount( 1 );
4630 } else {
4631 // But if DB_SLAVE is selecting the master, then the
4632 // count we just read includes the revision that was
4633 // just added in the working transaction.
4634 $this->initEditCount();
4638 // edit count in user cache too
4639 $this->invalidateCache();
4643 * Initialize user_editcount from data out of the revision table
4645 * @param int $add Edits to add to the count from the revision table
4646 * @return int Number of edits
4648 protected function initEditCount( $add = 0 ) {
4649 // Pull from a slave to be less cruel to servers
4650 // Accuracy isn't the point anyway here
4651 $dbr = wfGetDB( DB_SLAVE );
4652 $count = (int)$dbr->selectField(
4653 'revision',
4654 'COUNT(rev_user)',
4655 array( 'rev_user' => $this->getId() ),
4656 __METHOD__
4658 $count = $count + $add;
4660 $dbw = wfGetDB( DB_MASTER );
4661 $dbw->update(
4662 'user',
4663 array( 'user_editcount' => $count ),
4664 array( 'user_id' => $this->getId() ),
4665 __METHOD__
4668 return $count;
4672 * Get the description of a given right
4674 * @param string $right Right to query
4675 * @return string Localized description of the right
4677 public static function getRightDescription( $right ) {
4678 $key = "right-$right";
4679 $msg = wfMessage( $key );
4680 return $msg->isBlank() ? $right : $msg->text();
4684 * Make a new-style password hash
4686 * @param string $password Plain-text password
4687 * @param bool|string $salt Optional salt, may be random or the user ID.
4688 * If unspecified or false, will generate one automatically
4689 * @return string Password hash
4690 * @deprecated since 1.24, use Password class
4692 public static function crypt( $password, $salt = false ) {
4693 wfDeprecated( __METHOD__, '1.24' );
4694 $hash = self::getPasswordFactory()->newFromPlaintext( $password );
4695 return $hash->toString();
4699 * Compare a password hash with a plain-text password. Requires the user
4700 * ID if there's a chance that the hash is an old-style hash.
4702 * @param string $hash Password hash
4703 * @param string $password Plain-text password to compare
4704 * @param string|bool $userId User ID for old-style password salt
4706 * @return bool
4707 * @deprecated since 1.24, use Password class
4709 public static function comparePasswords( $hash, $password, $userId = false ) {
4710 wfDeprecated( __METHOD__, '1.24' );
4712 // Check for *really* old password hashes that don't even have a type
4713 // The old hash format was just an md5 hex hash, with no type information
4714 if ( preg_match( '/^[0-9a-f]{32}$/', $hash ) ) {
4715 global $wgPasswordSalt;
4716 if ( $wgPasswordSalt ) {
4717 $password = ":B:{$userId}:{$hash}";
4718 } else {
4719 $password = ":A:{$hash}";
4723 $hash = self::getPasswordFactory()->newFromCiphertext( $hash );
4724 return $hash->equals( $password );
4728 * Add a newuser log entry for this user.
4729 * Before 1.19 the return value was always true.
4731 * @param string|bool $action Account creation type.
4732 * - String, one of the following values:
4733 * - 'create' for an anonymous user creating an account for himself.
4734 * This will force the action's performer to be the created user itself,
4735 * no matter the value of $wgUser
4736 * - 'create2' for a logged in user creating an account for someone else
4737 * - 'byemail' when the created user will receive its password by e-mail
4738 * - 'autocreate' when the user is automatically created (such as by CentralAuth).
4739 * - Boolean means whether the account was created by e-mail (deprecated):
4740 * - true will be converted to 'byemail'
4741 * - false will be converted to 'create' if this object is the same as
4742 * $wgUser and to 'create2' otherwise
4744 * @param string $reason User supplied reason
4746 * @return int|bool True if not $wgNewUserLog; otherwise ID of log item or 0 on failure
4748 public function addNewUserLogEntry( $action = false, $reason = '' ) {
4749 global $wgUser, $wgNewUserLog;
4750 if ( empty( $wgNewUserLog ) ) {
4751 return true; // disabled
4754 if ( $action === true ) {
4755 $action = 'byemail';
4756 } elseif ( $action === false ) {
4757 if ( $this->equals( $wgUser ) ) {
4758 $action = 'create';
4759 } else {
4760 $action = 'create2';
4764 if ( $action === 'create' || $action === 'autocreate' ) {
4765 $performer = $this;
4766 } else {
4767 $performer = $wgUser;
4770 $logEntry = new ManualLogEntry( 'newusers', $action );
4771 $logEntry->setPerformer( $performer );
4772 $logEntry->setTarget( $this->getUserPage() );
4773 $logEntry->setComment( $reason );
4774 $logEntry->setParameters( array(
4775 '4::userid' => $this->getId(),
4776 ) );
4777 $logid = $logEntry->insert();
4779 if ( $action !== 'autocreate' ) {
4780 $logEntry->publish( $logid );
4783 return (int)$logid;
4787 * Add an autocreate newuser log entry for this user
4788 * Used by things like CentralAuth and perhaps other authplugins.
4789 * Consider calling addNewUserLogEntry() directly instead.
4791 * @return bool
4793 public function addNewUserLogEntryAutoCreate() {
4794 $this->addNewUserLogEntry( 'autocreate' );
4796 return true;
4800 * Load the user options either from cache, the database or an array
4802 * @param array $data Rows for the current user out of the user_properties table
4804 protected function loadOptions( $data = null ) {
4805 global $wgContLang;
4807 $this->load();
4809 if ( $this->mOptionsLoaded ) {
4810 return;
4813 $this->mOptions = self::getDefaultOptions();
4815 if ( !$this->getId() ) {
4816 // For unlogged-in users, load language/variant options from request.
4817 // There's no need to do it for logged-in users: they can set preferences,
4818 // and handling of page content is done by $pageLang->getPreferredVariant() and such,
4819 // so don't override user's choice (especially when the user chooses site default).
4820 $variant = $wgContLang->getDefaultVariant();
4821 $this->mOptions['variant'] = $variant;
4822 $this->mOptions['language'] = $variant;
4823 $this->mOptionsLoaded = true;
4824 return;
4827 // Maybe load from the object
4828 if ( !is_null( $this->mOptionOverrides ) ) {
4829 wfDebug( "User: loading options for user " . $this->getId() . " from override cache.\n" );
4830 foreach ( $this->mOptionOverrides as $key => $value ) {
4831 $this->mOptions[$key] = $value;
4833 } else {
4834 if ( !is_array( $data ) ) {
4835 wfDebug( "User: loading options for user " . $this->getId() . " from database.\n" );
4836 // Load from database
4837 $dbr = wfGetDB( DB_SLAVE );
4839 $res = $dbr->select(
4840 'user_properties',
4841 array( 'up_property', 'up_value' ),
4842 array( 'up_user' => $this->getId() ),
4843 __METHOD__
4846 $this->mOptionOverrides = array();
4847 $data = array();
4848 foreach ( $res as $row ) {
4849 $data[$row->up_property] = $row->up_value;
4852 foreach ( $data as $property => $value ) {
4853 $this->mOptionOverrides[$property] = $value;
4854 $this->mOptions[$property] = $value;
4858 $this->mOptionsLoaded = true;
4860 Hooks::run( 'UserLoadOptions', array( $this, &$this->mOptions ) );
4864 * Saves the non-default options for this user, as previously set e.g. via
4865 * setOption(), in the database's "user_properties" (preferences) table.
4866 * Usually used via saveSettings().
4868 protected function saveOptions() {
4869 $this->loadOptions();
4871 // Not using getOptions(), to keep hidden preferences in database
4872 $saveOptions = $this->mOptions;
4874 // Allow hooks to abort, for instance to save to a global profile.
4875 // Reset options to default state before saving.
4876 if ( !Hooks::run( 'UserSaveOptions', array( $this, &$saveOptions ) ) ) {
4877 return;
4880 $userId = $this->getId();
4882 $insert_rows = array(); // all the new preference rows
4883 foreach ( $saveOptions as $key => $value ) {
4884 // Don't bother storing default values
4885 $defaultOption = self::getDefaultOption( $key );
4886 if ( ( $defaultOption === null && $value !== false && $value !== null )
4887 || $value != $defaultOption
4889 $insert_rows[] = array(
4890 'up_user' => $userId,
4891 'up_property' => $key,
4892 'up_value' => $value,
4897 $dbw = wfGetDB( DB_MASTER );
4899 $res = $dbw->select( 'user_properties',
4900 array( 'up_property', 'up_value' ), array( 'up_user' => $userId ), __METHOD__ );
4902 // Find prior rows that need to be removed or updated. These rows will
4903 // all be deleted (the later so that INSERT IGNORE applies the new values).
4904 $keysDelete = array();
4905 foreach ( $res as $row ) {
4906 if ( !isset( $saveOptions[$row->up_property] )
4907 || strcmp( $saveOptions[$row->up_property], $row->up_value ) != 0
4909 $keysDelete[] = $row->up_property;
4913 if ( count( $keysDelete ) ) {
4914 // Do the DELETE by PRIMARY KEY for prior rows.
4915 // In the past a very large portion of calls to this function are for setting
4916 // 'rememberpassword' for new accounts (a preference that has since been removed).
4917 // Doing a blanket per-user DELETE for new accounts with no rows in the table
4918 // caused gap locks on [max user ID,+infinity) which caused high contention since
4919 // updates would pile up on each other as they are for higher (newer) user IDs.
4920 // It might not be necessary these days, but it shouldn't hurt either.
4921 $dbw->delete( 'user_properties',
4922 array( 'up_user' => $userId, 'up_property' => $keysDelete ), __METHOD__ );
4924 // Insert the new preference rows
4925 $dbw->insert( 'user_properties', $insert_rows, __METHOD__, array( 'IGNORE' ) );
4929 * Lazily instantiate and return a factory object for making passwords
4931 * @return PasswordFactory
4933 public static function getPasswordFactory() {
4934 if ( self::$mPasswordFactory === null ) {
4935 self::$mPasswordFactory = new PasswordFactory();
4936 self::$mPasswordFactory->init( RequestContext::getMain()->getConfig() );
4939 return self::$mPasswordFactory;
4943 * Provide an array of HTML5 attributes to put on an input element
4944 * intended for the user to enter a new password. This may include
4945 * required, title, and/or pattern, depending on $wgMinimalPasswordLength.
4947 * Do *not* use this when asking the user to enter his current password!
4948 * Regardless of configuration, users may have invalid passwords for whatever
4949 * reason (e.g., they were set before requirements were tightened up).
4950 * Only use it when asking for a new password, like on account creation or
4951 * ResetPass.
4953 * Obviously, you still need to do server-side checking.
4955 * NOTE: A combination of bugs in various browsers means that this function
4956 * actually just returns array() unconditionally at the moment. May as
4957 * well keep it around for when the browser bugs get fixed, though.
4959 * @todo FIXME: This does not belong here; put it in Html or Linker or somewhere
4961 * @return array Array of HTML attributes suitable for feeding to
4962 * Html::element(), directly or indirectly. (Don't feed to Xml::*()!
4963 * That will get confused by the boolean attribute syntax used.)
4965 public static function passwordChangeInputAttribs() {
4966 global $wgMinimalPasswordLength;
4968 if ( $wgMinimalPasswordLength == 0 ) {
4969 return array();
4972 # Note that the pattern requirement will always be satisfied if the
4973 # input is empty, so we need required in all cases.
4975 # @todo FIXME: Bug 23769: This needs to not claim the password is required
4976 # if e-mail confirmation is being used. Since HTML5 input validation
4977 # is b0rked anyway in some browsers, just return nothing. When it's
4978 # re-enabled, fix this code to not output required for e-mail
4979 # registration.
4980 #$ret = array( 'required' );
4981 $ret = array();
4983 # We can't actually do this right now, because Opera 9.6 will print out
4984 # the entered password visibly in its error message! When other
4985 # browsers add support for this attribute, or Opera fixes its support,
4986 # we can add support with a version check to avoid doing this on Opera
4987 # versions where it will be a problem. Reported to Opera as
4988 # DSK-262266, but they don't have a public bug tracker for us to follow.
4990 if ( $wgMinimalPasswordLength > 1 ) {
4991 $ret['pattern'] = '.{' . intval( $wgMinimalPasswordLength ) . ',}';
4992 $ret['title'] = wfMessage( 'passwordtooshort' )
4993 ->numParams( $wgMinimalPasswordLength )->text();
4997 return $ret;
5001 * Return the list of user fields that should be selected to create
5002 * a new user object.
5003 * @return array
5005 public static function selectFields() {
5006 return array(
5007 'user_id',
5008 'user_name',
5009 'user_real_name',
5010 'user_email',
5011 'user_touched',
5012 'user_token',
5013 'user_email_authenticated',
5014 'user_email_token',
5015 'user_email_token_expires',
5016 'user_registration',
5017 'user_editcount',
5022 * Factory function for fatal permission-denied errors
5024 * @since 1.22
5025 * @param string $permission User right required
5026 * @return Status
5028 static function newFatalPermissionDeniedStatus( $permission ) {
5029 global $wgLang;
5031 $groups = array_map(
5032 array( 'User', 'makeGroupLinkWiki' ),
5033 User::getGroupsWithPermission( $permission )
5036 if ( $groups ) {
5037 return Status::newFatal( 'badaccess-groups', $wgLang->commaList( $groups ), count( $groups ) );
5038 } else {
5039 return Status::newFatal( 'badaccess-group0' );
5044 * Checks if two user objects point to the same user.
5046 * @since 1.25
5047 * @param User $user
5048 * @return bool
5050 public function equals( User $user ) {
5051 return $this->getName() === $user->getName();