dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Nov. branch merge. Various features backported from stable, various bug fixes.
[lhc/web/wiklou.git] / includes / User.php
1 <?
2 # See user.doc
3
4 include_once( "WatchedItem.php" );
5
6 class User {
7 /* private */ var $mId, $mName, $mPassword, $mEmail, $mNewtalk;
8 /* private */ var $mRights, $mOptions;
9 /* private */ var $mDataLoaded, $mNewpassword;
10 /* private */ var $mSkin;
11 /* private */ var $mBlockedby, $mBlockreason;
12 /* private */ var $mTouched;
13 /* private */ var $mCookiePassword;
14
15 function User()
16 {
17 $this->loadDefaults();
18 }
19
20 # Static factory method
21 #
22 function newFromName( $name )
23 {
24 $u = new User();
25
26 # Clean up name according to title rules
27
28 $t = Title::newFromText( $name );
29 $u->setName( $t->getText() );
30 return $u;
31 }
32
33 /* static */ function whoIs( $id )
34 {
35 return wfGetSQL( "user", "user_name", "user_id=$id" );
36 }
37
38 /* static */ function idFromName( $name )
39 {
40 $nt = Title::newFromText( $name );
41 $sql = "SELECT user_id FROM user WHERE user_name='" .
42 wfStrencode( $nt->getText() ) . "'";
43 $res = wfQuery( $sql, DB_READ, "User::idFromName" );
44
45 if ( 0 == wfNumRows( $res ) ) { return 0; }
46 else {
47 $s = wfFetchObject( $res );
48 return $s->user_id;
49 }
50 }
51
52 # does the string match an anonymous user IP address?
53 /* static */ function isIP( $name ) {
54 return preg_match("/^\d{1,3}\.\d{1,3}.\d{1,3}\.\d{1,3}$/",$name);
55
56 }
57
58 /* static */ function randomPassword()
59 {
60 $pwchars = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz";
61 $l = strlen( $pwchars ) - 1;
62
63 wfSeedRandom();
64 $np = $pwchars{mt_rand( 0, $l )} . $pwchars{mt_rand( 0, $l )} .
65 $pwchars{mt_rand( 0, $l )} . chr( mt_rand(48, 57) ) .
66 $pwchars{mt_rand( 0, $l )} . $pwchars{mt_rand( 0, $l )} .
67 $pwchars{mt_rand( 0, $l )};
68 return $np;
69 }
70
71 function loadDefaults()
72 {
73 global $wgLang ;
74 global $wgNamespacesToBeSearchedDefault;
75
76 $this->mId = $this->mNewtalk = 0;
77 $this->mName = getenv( "REMOTE_ADDR" );
78 $this->mEmail = "";
79 $this->mPassword = $this->mNewpassword = "";
80 $this->mRights = array();
81 $defOpt = $wgLang->getDefaultUserOptions() ;
82 foreach ( $defOpt as $oname => $val ) {
83 $this->mOptions[$oname] = $val;
84 }
85 foreach ($wgNamespacesToBeSearchedDefault as $nsnum => $val) {
86 $this->mOptions["searchNs".$nsnum] = $val;
87 }
88 unset( $this->mSkin );
89 $this->mDataLoaded = false;
90 $this->mBlockedby = -1; # Unset
91 $this->mTouched = '0'; # Allow any pages to be cached
92 $this->cookiePassword = "";
93 }
94
95 /* private */ function getBlockedStatus()
96 {
97 if ( -1 != $this->mBlockedby ) { return; }
98
99 $block = new Block();
100 if ( !$block->load( getenv( "REMOTE_ADDR" ), $this->mId ) ) {
101 wfDebug( getenv( "REMOTE_ADDR" ) ." is not blocked\n" );
102 $this->mBlockedby = 0;
103 return;
104 }
105
106 $this->mBlockedby = $block->mBy;
107 $this->mBlockreason = $block->mReason;
108 }
109
110 function isBlocked()
111 {
112 $this->getBlockedStatus();
113 if ( 0 == $this->mBlockedby ) { return false; }
114 return true;
115 }
116
117 function blockedBy() {
118 $this->getBlockedStatus();
119 return $this->mBlockedby;
120 }
121
122 function blockedFor() {
123 $this->getBlockedStatus();
124 return $this->mBlockreason;
125 }
126
127 /* static */ function loadFromSession()
128 {
129 global $HTTP_COOKIE_VARS, $wsUserID, $wsUserName, $wsUserPassword;
130 global $wgMemc, $wgDBname;
131
132 if ( isset( $wsUserID ) ) {
133 if ( 0 != $wsUserID ) {
134 $sId = $wsUserID;
135 } else {
136 return new User();
137 }
138 } else if ( isset( $HTTP_COOKIE_VARS["wcUserID"] ) ) {
139 $sId = $HTTP_COOKIE_VARS["wcUserID"];
140 $wsUserID = $sId;
141 } else {
142 return new User();
143 }
144 if ( isset( $wsUserName ) ) {
145 $sName = $wsUserName;
146 } else if ( isset( $HTTP_COOKIE_VARS["wcUserName"] ) ) {
147 $sName = $HTTP_COOKIE_VARS["wcUserName"];
148 $wsUserName = $sName;
149 } else {
150 return new User();
151 }
152
153 $passwordCorrect = FALSE;
154 $user = $wgMemc->get( $key = "$wgDBname:user:id:$sId" );
155 if($makenew = !$user) {
156 wfDebug( "User::loadFromSession() unable to load from memcached\n" );
157 $user = new User();
158 $user->mId = $sId;
159 $user->loadFromDatabase();
160 } else {
161 wfDebug( "User::loadFromSession() got from cache!\n" );
162 }
163
164 if ( isset( $wsUserPassword ) ) {
165 $passwordCorrect = $wsUserPassword == $user->mPassword;
166 } else if ( isset( $HTTP_COOKIE_VARS["wcUserPassword"] ) ) {
167 $user->mCookiePassword = $HTTP_COOKIE_VARS["wcUserPassword"];
168 $wsUserPassword = $user->addSalt( $user->mCookiePassword );
169 $passwordCorrect = $wsUserPassword == $user->mPassword;
170 } else {
171 return new User(); # Can't log in from session
172 }
173
174 if ( ( $sName == $user->mName ) && $passwordCorrect ) {
175 if($makenew) {
176 if($wgMemc->set( $key, $user ))
177 wfDebug( "User::loadFromSession() successfully saved user\n" );
178 else
179 wfDebug( "User::loadFromSession() unable to save to memcached\n" );
180 }
181 $user->spreadBlock();
182 return $user;
183 }
184 return new User(); # Can't log in from session
185 }
186
187 function loadFromDatabase()
188 {
189 if ( $this->mDataLoaded ) { return; }
190 # check in separate table if there are changes to the talk page
191 $this->mNewtalk=0; # reset talk page status
192 if($this->mId) {
193 $sql = "SELECT 1 FROM user_newtalk WHERE user_id={$this->mId}";
194 $res = wfQuery ($sql, DB_READ, "User::loadFromDatabase" );
195
196 if (wfNumRows($res)>0) {
197 $this->mNewtalk= 1;
198 }
199 wfFreeResult( $res );
200 } else {
201 # TEST THIS @@@
202 global $wgDBname, $wgMemc;
203 $key = "$wgDBname:newtalk:ip:{$this->mName}";
204 $newtalk = $wgMemc->get( $key );
205 if($newtalk === false) {
206 $sql = "SELECT 1 FROM user_newtalk WHERE user_ip='{$this->mName}'";
207 $res = wfQuery ($sql, DB_READ, "User::loadFromDatabase" );
208
209 $this->mNewtalk = (wfNumRows($res)>0) ? 1 : 0;
210 wfFreeResult( $res );
211
212 $wgMemc->set( $key, $this->mNewtalk, time() ); // + 1800 );
213 } else {
214 $this->mNewtalk = $newtalk ? 1 : 0;
215 }
216 }
217 if(!$this->mId) {
218 $this->mDataLoaded = true;
219 return;
220 } # the following stuff is for non-anonymous users only
221
222 $sql = "SELECT user_name,user_password,user_newpassword,user_email," .
223 "user_options,user_rights,user_touched FROM user WHERE user_id=" .
224 "{$this->mId}";
225 $res = wfQuery( $sql, DB_READ, "User::loadFromDatabase" );
226
227 if ( wfNumRows( $res ) > 0 ) {
228 $s = wfFetchObject( $res );
229 $this->mName = $s->user_name;
230 $this->mEmail = $s->user_email;
231 $this->mPassword = $s->user_password;
232 $this->mNewpassword = $s->user_newpassword;
233 $this->decodeOptions( $s->user_options );
234 $this->mRights = explode( ",", strtolower( $s->user_rights ) );
235 $this->mTouched = $s->user_touched;
236 }
237
238 wfFreeResult( $res );
239 $this->mDataLoaded = true;
240 }
241
242 function getID() { return $this->mId; }
243 function setID( $v ) {
244 $this->mId = $v;
245 $this->mDataLoaded = false;
246 }
247
248 function getName() {
249 $this->loadFromDatabase();
250 return $this->mName;
251 }
252
253 function setName( $str )
254 {
255 $this->loadFromDatabase();
256 $this->mName = $str;
257 }
258
259 function getNewtalk()
260 {
261 $this->loadFromDatabase();
262 return ( 0 != $this->mNewtalk );
263 }
264
265 function setNewtalk( $val )
266 {
267 $this->loadFromDatabase();
268 $this->mNewtalk = $val;
269 $this->invalidateCache();
270 }
271
272 function invalidateCache() {
273 $this->loadFromDatabase();
274 $this->mTouched = wfTimestampNow();
275 # Don't forget to save the options after this or
276 # it won't take effect!
277 }
278
279 function validateCache( $timestamp ) {
280 $this->loadFromDatabase();
281 return ($timestamp >= $this->mTouched);
282 }
283
284 function getPassword()
285 {
286 $this->loadFromDatabase();
287 return $this->mPassword;
288 }
289
290 function getNewpassword()
291 {
292 $this->loadFromDatabase();
293 return $this->mNewpassword;
294 }
295
296 function addSalt( $p )
297 {
298 global $wgPasswordSalt;
299 if($wgPasswordSalt)
300 return md5( "{$this->mId}-{$p}" );
301 else
302 return $p;
303 }
304
305 function encryptPassword( $p )
306 {
307 return $this->addSalt( md5( $p ) );
308 }
309
310 function setPassword( $str )
311 {
312 $this->loadFromDatabase();
313 $this->setCookiePassword( $str );
314 $this->mPassword = $this->encryptPassword( $str );
315 $this->mNewpassword = "";
316 }
317
318 function setCookiePassword( $str )
319 {
320 $this->loadFromDatabase();
321 $this->mCookiePassword = md5( $str );
322 }
323
324 function setNewpassword( $str )
325 {
326 $this->loadFromDatabase();
327 $this->mNewpassword = $this->encryptPassword( $str );
328 }
329
330 function getEmail()
331 {
332 $this->loadFromDatabase();
333 return $this->mEmail;
334 }
335
336 function setEmail( $str )
337 {
338 $this->loadFromDatabase();
339 $this->mEmail = $str;
340 }
341
342 function getOption( $oname )
343 {
344 $this->loadFromDatabase();
345 if ( array_key_exists( $oname, $this->mOptions ) ) {
346 return $this->mOptions[$oname];
347 } else {
348 return "";
349 }
350 }
351
352 function setOption( $oname, $val )
353 {
354 $this->loadFromDatabase();
355 $this->mOptions[$oname] = $val;
356 $this->invalidateCache();
357 }
358
359 function getRights()
360 {
361 $this->loadFromDatabase();
362 return $this->mRights;
363 }
364
365 function addRight( $rname )
366 {
367 $this->loadFromDatabase();
368 array_push( $this->mRights, $rname );
369 $this->invalidateCache();
370 }
371
372 function isSysop()
373 {
374 $this->loadFromDatabase();
375 if ( 0 == $this->mId ) { return false; }
376
377 return in_array( "sysop", $this->mRights );
378 }
379
380 function isDeveloper()
381 {
382 $this->loadFromDatabase();
383 if ( 0 == $this->mId ) { return false; }
384
385 return in_array( "developer", $this->mRights );
386 }
387
388 function isBot()
389 {
390 $this->loadFromDatabase();
391 if ( 0 == $this->mId ) { return false; }
392
393 return in_array( "bot", $this->mRights );
394 }
395
396 function &getSkin()
397 {
398 if ( ! isset( $this->mSkin ) ) {
399 $skinNames = Skin::getSkinNames();
400 $s = $this->getOption( "skin" );
401 if ( "" == $s ) { $s = 0; }
402
403 if ( $s >= count( $skinNames ) ) { $sn = "SkinStandard"; }
404 else $sn = "Skin" . $skinNames[$s];
405 $this->mSkin = new $sn;
406 }
407 return $this->mSkin;
408 }
409
410 function isWatched( $title ) {
411 $wl = WatchedItem::fromUserTitle( $this, $title );
412 return $wl->isWatched();
413 }
414
415 function addWatch( $title ) {
416 $wl = WatchedItem::fromUserTitle( $this, $title );
417 $wl->addWatch();
418 $this->invalidateCache();
419 }
420
421 function removeWatch( $title ) {
422 $wl = WatchedItem::fromUserTitle( $this, $title );
423 $wl->removeWatch();
424 $this->invalidateCache();
425 }
426
427
428 /* private */ function encodeOptions()
429 {
430 $a = array();
431 foreach ( $this->mOptions as $oname => $oval ) {
432 array_push( $a, "{$oname}={$oval}" );
433 }
434 $s = implode( "\n", $a );
435 return wfStrencode( $s );
436 }
437
438 /* private */ function decodeOptions( $str )
439 {
440 $a = explode( "\n", $str );
441 foreach ( $a as $s ) {
442 if ( preg_match( "/^(.[^=]*)=(.*)$/", $s, $m ) ) {
443 $this->mOptions[$m[1]] = $m[2];
444 }
445 }
446 }
447
448 function setCookies()
449 {
450 global $wsUserID, $wsUserName, $wsUserPassword;
451 global $wgCookieExpiration;
452 if ( 0 == $this->mId ) return;
453 $this->loadFromDatabase();
454 $exp = time() + $wgCookieExpiration;
455
456 $wsUserID = $this->mId;
457 setcookie( "wcUserID", $this->mId, $exp, "/" );
458
459 $wsUserName = $this->mName;
460 setcookie( "wcUserName", $this->mName, $exp, "/" );
461
462 $wsUserPassword = $this->mPassword;
463 if ( 1 == $this->getOption( "rememberpassword" ) ) {
464 setcookie( "wcUserPassword", $this->mCookiePassword, $exp, "/" );
465 } else {
466 setcookie( "wcUserPassword", "", time() - 3600 );
467 }
468 }
469
470 function logout()
471 {
472 global $wsUserID;
473 $this->mId = 0;
474
475 $wsUserID = 0;
476
477 setcookie( "wcUserID", "", time() - 3600 );
478 setcookie( "wcUserPassword", "", time() - 3600 );
479 }
480
481 function saveSettings()
482 {
483 global $wgMemc, $wgDBname;
484
485 if ( ! $this->mNewtalk ) {
486 if( $this->mId ) {
487 $sql="DELETE FROM user_newtalk WHERE user_id={$this->mId}";
488 wfQuery ($sql, DB_WRITE, "User::saveSettings");
489 } else {
490 $sql="DELETE FROM user_newtalk WHERE user_ip='{$this->mName}'";
491 wfQuery ($sql, DB_WRITE, "User::saveSettings");
492 $wgMemc->delete( "$wgDBname:newtalk:ip:{$this->mName}" );
493 }
494 }
495 if ( 0 == $this->mId ) { return; }
496
497 $sql = "UPDATE user SET " .
498 "user_name= '" . wfStrencode( $this->mName ) . "', " .
499 "user_password= '" . wfStrencode( $this->mPassword ) . "', " .
500 "user_newpassword= '" . wfStrencode( $this->mNewpassword ) . "', " .
501 "user_email= '" . wfStrencode( $this->mEmail ) . "', " .
502 "user_options= '" . $this->encodeOptions() . "', " .
503 "user_rights= '" . wfStrencode( implode( ",", $this->mRights ) ) . "', " .
504 "user_touched= '" . wfStrencode( $this->mTouched ) .
505 "' WHERE user_id={$this->mId}";
506 wfQuery( $sql, DB_WRITE, "User::saveSettings" );
507 $wgMemc->delete( "$wgDBname:user:id:$this->mId" );
508 }
509
510 # Checks if a user with the given name exists
511 #
512 function idForName()
513 {
514 $gotid = 0;
515 $s = trim( $this->mName );
516 if ( 0 == strcmp( "", $s ) ) return 0;
517
518 $sql = "SELECT user_id FROM user WHERE user_name='" .
519 wfStrencode( $s ) . "'";
520 $res = wfQuery( $sql, DB_READ, "User::idForName" );
521 if ( 0 == wfNumRows( $res ) ) { return 0; }
522
523 $s = wfFetchObject( $res );
524 if ( "" == $s ) return 0;
525
526 $gotid = $s->user_id;
527 wfFreeResult( $res );
528 return $gotid;
529 }
530
531 function addToDatabase()
532 {
533 $sql = "INSERT INTO user (user_name,user_password,user_newpassword," .
534 "user_email, user_rights, user_options) " .
535 " VALUES ('" . wfStrencode( $this->mName ) . "', '" .
536 wfStrencode( $this->mPassword ) . "', '" .
537 wfStrencode( $this->mNewpassword ) . "', '" .
538 wfStrencode( $this->mEmail ) . "', '" .
539 wfStrencode( implode( ",", $this->mRights ) ) . "', '" .
540 $this->encodeOptions() . "')";
541 wfQuery( $sql, DB_WRITE, "User::addToDatabase" );
542 $this->mId = $this->idForName();
543 }
544
545 function spreadBlock()
546 {
547 # If the (non-anonymous) user is blocked, this function will block any IP address
548 # that they successfully log on from.
549 $fname = "User::spreadBlock";
550
551 wfDebug( "User:spreadBlock()\n" );
552 if ( $this->mId == 0 ) {
553 return;
554 }
555
556 $userblock = Block::newFromDB( "", $this->mId );
557 if ( !$userblock->isValid() ) {
558 return;
559 }
560
561 # Check if this IP address is already blocked
562 $addr = getenv( "REMOTE_ADDR" );
563 $ipblock = Block::newFromDB( $addr );
564 if ( $ipblock->isValid() ) {
565 # Just update the timestamp
566 $ipblock->updateTimestamp();
567 return;
568 }
569
570 # Make a new block object with the desired properties
571 wfDebug( "Autoblocking {$this->mUserName}@{$addr}\n" );
572 $ipblock->mAddress = $addr;
573 $ipblock->mUser = 0;
574 $ipblock->mBy = $userblock->mBy;
575 $ipblock->mReason = str_replace( "$1", $this->getName(), wfMsg( "autoblocker" ) );
576 $ipblock->mReason = str_replace( "$2", $userblock->mReason, $ipblock->mReason );
577 $ipblock->mTimestamp = wfTimestampNow();
578 $ipblock->mAuto = 1;
579
580 # Insert it
581 $ipblock->insert();
582
583 }
584
585
586 function isAllowedToCreateAccount()
587 {
588 global $wgWhitelistAccount;
589 $allowed = false;
590
591 if (!$wgWhitelistAccount) { return 1; }; // default behaviour
592 foreach ($wgWhitelistAccount as $right => $ok) {
593 $userHasRight = (!strcmp($right, "user") || in_array($right, $this->getRights()));
594 $allowed |= ($ok && $userHasRight);
595 }
596 return $allowed;
597 }
598
599
600
601 }
602
603 ?>
Wiklou, le Wiki du Wiklou