dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
In the spirit of r103745, guard against invalid user names in SpecialContributions...
[lhc/web/wiklou.git] / includes / specials / SpecialDeletedContributions.php
1 <?php
2 /**
3 * Implements Special:DeletedContributions
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 /**
25 * Implements Special:DeletedContributions to display archived revisions
26 * @ingroup SpecialPage
27 */
28
29 class DeletedContribsPager extends IndexPager {
30 public $mDefaultDirection = true;
31 var $messages, $target;
32 var $namespace = '', $mDb;
33
34 function __construct( $target, $namespace = false ) {
35 parent::__construct();
36 $msgs = array( 'deletionlog', 'undeleteviewlink', 'diff' );
37 foreach( $msgs as $msg ) {
38 $this->messages[$msg] = wfMsgExt( $msg, array( 'escapenoentities') );
39 }
40 $this->target = $target;
41 $this->namespace = $namespace;
42 $this->mDb = wfGetDB( DB_SLAVE, 'contributions' );
43 }
44
45 function getDefaultQuery() {
46 $query = parent::getDefaultQuery();
47 $query['target'] = $this->target;
48 return $query;
49 }
50
51 function getQueryInfo() {
52 list( $index, $userCond ) = $this->getUserCond();
53 $conds = array_merge( $userCond, $this->getNamespaceCond() );
54 $user = $this->getUser();
55 // Paranoia: avoid brute force searches (bug 17792)
56 if( !$user->isAllowed( 'deletedhistory' ) ) {
57 $conds[] = $this->mDb->bitAnd('ar_deleted',Revision::DELETED_USER) . ' = 0';
58 } elseif( !$user->isAllowed( 'suppressrevision' ) ) {
59 $conds[] = $this->mDb->bitAnd('ar_deleted',Revision::SUPPRESSED_USER) .
60 ' != ' . Revision::SUPPRESSED_USER;
61 }
62 return array(
63 'tables' => array( 'archive' ),
64 'fields' => array(
65 'ar_rev_id', 'ar_namespace', 'ar_title', 'ar_timestamp', 'ar_comment', 'ar_minor_edit',
66 'ar_user', 'ar_user_text', 'ar_deleted'
67 ),
68 'conds' => $conds,
69 'options' => array( 'USE INDEX' => $index )
70 );
71 }
72
73 function getUserCond() {
74 $condition = array();
75
76 $condition['ar_user_text'] = $this->target;
77 $index = 'usertext_timestamp';
78
79 return array( $index, $condition );
80 }
81
82 function getIndexField() {
83 return 'ar_timestamp';
84 }
85
86 function getStartBody() {
87 return "<ul>\n";
88 }
89
90 function getEndBody() {
91 return "</ul>\n";
92 }
93
94 function getNavigationBar() {
95 if ( isset( $this->mNavigationBar ) ) {
96 return $this->mNavigationBar;
97 }
98 $lang = $this->getLang();
99 $fmtLimit = $lang->formatNum( $this->mLimit );
100 $linkTexts = array(
101 'prev' => wfMsgExt( 'pager-newer-n', array( 'escape', 'parsemag' ), $fmtLimit ),
102 'next' => wfMsgExt( 'pager-older-n', array( 'escape', 'parsemag' ), $fmtLimit ),
103 'first' => wfMsgHtml( 'histlast' ),
104 'last' => wfMsgHtml( 'histfirst' )
105 );
106
107 $pagingLinks = $this->getPagingLinks( $linkTexts );
108 $limitLinks = $this->getLimitLinks();
109 $limits = $lang->pipeList( $limitLinks );
110
111 $this->mNavigationBar = "(" . $lang->pipeList( array( $pagingLinks['first'], $pagingLinks['last'] ) ) . ") " .
112 wfMsgExt( 'viewprevnext', array( 'parsemag', 'escape', 'replaceafter' ), $pagingLinks['prev'], $pagingLinks['next'], $limits );
113 return $this->mNavigationBar;
114 }
115
116 function getNamespaceCond() {
117 if ( $this->namespace !== '' ) {
118 return array( 'ar_namespace' => (int)$this->namespace );
119 } else {
120 return array();
121 }
122 }
123
124 /**
125 * Generates each row in the contributions list.
126 *
127 * Contributions which are marked "top" are currently on top of the history.
128 * For these contributions, a [rollback] link is shown for users with sysop
129 * privileges. The rollback link restores the most recent version that was not
130 * written by the target user.
131 *
132 * @todo This would probably look a lot nicer in a table.
133 */
134 function formatRow( $row ) {
135 wfProfileIn( __METHOD__ );
136
137 $rev = new Revision( array(
138 'id' => $row->ar_rev_id,
139 'comment' => $row->ar_comment,
140 'user' => $row->ar_user,
141 'user_text' => $row->ar_user_text,
142 'timestamp' => $row->ar_timestamp,
143 'minor_edit' => $row->ar_minor_edit,
144 'deleted' => $row->ar_deleted,
145 ) );
146
147 $page = Title::makeTitle( $row->ar_namespace, $row->ar_title );
148
149 $undelete = SpecialPage::getTitleFor( 'Undelete' );
150
151 $logs = SpecialPage::getTitleFor( 'Log' );
152 $dellog = Linker::linkKnown(
153 $logs,
154 $this->messages['deletionlog'],
155 array(),
156 array(
157 'type' => 'delete',
158 'page' => $page->getPrefixedText()
159 )
160 );
161
162 $reviewlink = Linker::linkKnown(
163 SpecialPage::getTitleFor( 'Undelete', $page->getPrefixedDBkey() ),
164 $this->messages['undeleteviewlink']
165 );
166
167 $user = $this->getUser();
168
169 if( $user->isAllowed('deletedtext') ) {
170 $last = Linker::linkKnown(
171 $undelete,
172 $this->messages['diff'],
173 array(),
174 array(
175 'target' => $page->getPrefixedText(),
176 'timestamp' => $rev->getTimestamp(),
177 'diff' => 'prev'
178 )
179 );
180 } else {
181 $last = $this->messages['diff'];
182 }
183
184 $comment = Linker::revComment( $rev );
185 $date = htmlspecialchars( $this->getLang()->timeanddate( $rev->getTimestamp(), true ) );
186
187 if( !$user->isAllowed( 'undelete' ) || !$rev->userCan( Revision::DELETED_TEXT, $user ) ) {
188 $link = $date; // unusable link
189 } else {
190 $link = Linker::linkKnown(
191 $undelete,
192 $date,
193 array(),
194 array(
195 'target' => $page->getPrefixedText(),
196 'timestamp' => $rev->getTimestamp()
197 )
198 );
199 }
200 // Style deleted items
201 if( $rev->isDeleted( Revision::DELETED_TEXT ) ) {
202 $link = '<span class="history-deleted">' . $link . '</span>';
203 }
204
205 $pagelink = Linker::link( $page );
206
207 if( $rev->isMinor() ) {
208 $mflag = ChangesList::flag( 'minor' );
209 } else {
210 $mflag = '';
211 }
212
213 // Revision delete link
214 $del = Linker::getRevDeleteLink( $user, $rev, $page );
215 if ( $del ) $del .= ' ';
216
217 $tools = Html::rawElement(
218 'span',
219 array( 'class' => 'mw-deletedcontribs-tools' ),
220 wfMsg( 'parentheses', $this->getLang()->pipeList( array( $last, $dellog, $reviewlink ) ) )
221 );
222
223 $ret = "{$del}{$link} {$tools} . . {$mflag} {$pagelink} {$comment}";
224
225 # Denote if username is redacted for this edit
226 if( $rev->isDeleted( Revision::DELETED_USER ) ) {
227 $ret .= " <strong>" . wfMsgHtml('rev-deleted-user-contribs') . "</strong>";
228 }
229
230 $ret = Html::rawElement( 'li', array(), $ret ) . "\n";
231
232 wfProfileOut( __METHOD__ );
233 return $ret;
234 }
235
236 /**
237 * Get the Database object in use
238 *
239 * @return Database
240 */
241 public function getDatabase() {
242 return $this->mDb;
243 }
244 }
245
246 class DeletedContributionsPage extends SpecialPage {
247 function __construct() {
248 parent::__construct( 'DeletedContributions', 'deletedhistory',
249 /*listed*/ true, /*function*/ false, /*file*/ false );
250 }
251
252 /**
253 * Special page "deleted user contributions".
254 * Shows a list of the deleted contributions of a user.
255 *
256 * @return none
257 * @param $par String: (optional) user name of the user for which to show the contributions
258 */
259 function execute( $par ) {
260 global $wgQueryPageDefaultLimit;
261 $this->setHeaders();
262
263 $user = $this->getUser();
264
265 if ( !$this->userCanExecute( $user ) ) {
266 $this->displayRestrictionError();
267 return;
268 }
269
270 $request = $this->getRequest();
271 $out = $this->getOutput();
272 $out->setPageTitle( $this->msg( 'deletedcontributions-title' ) );
273
274 $options = array();
275
276 if ( $par !== null ) {
277 $target = $par;
278 } else {
279 $target = $request->getVal( 'target' );
280 }
281
282 if ( !strlen( $target ) ) {
283 $out->addHTML( $this->getForm( '' ) );
284 return;
285 }
286
287 $options['limit'] = $request->getInt( 'limit', $wgQueryPageDefaultLimit );
288 $options['target'] = $target;
289
290 $userObj = User::newFromName( $target );
291 if ( !$userObj ) {
292 $out->addHTML( $this->getForm( '' ) );
293 return;
294 }
295 $nt = $userObj->getUserPage();
296 $id = $userObj->getID();
297
298 $target = $userObj->getName();
299 $out->addSubtitle( $this->getSubTitle( $userObj ) );
300
301 if ( ( $ns = $request->getVal( 'namespace', null ) ) !== null && $ns !== '' ) {
302 $options['namespace'] = intval( $ns );
303 } else {
304 $options['namespace'] = '';
305 }
306
307 $out->addHTML( $this->getForm( $options ) );
308
309 $pager = new DeletedContribsPager( $target, $options['namespace'] );
310 if ( !$pager->getNumRows() ) {
311 $out->addWikiMsg( 'nocontribs' );
312 return;
313 }
314
315 # Show a message about slave lag, if applicable
316 $lag = wfGetLB()->safeGetLag( $pager->getDatabase() );
317 if( $lag > 0 )
318 $out->showLagWarning( $lag );
319
320 $out->addHTML(
321 '<p>' . $pager->getNavigationBar() . '</p>' .
322 $pager->getBody() .
323 '<p>' . $pager->getNavigationBar() . '</p>' );
324
325 # If there were contributions, and it was a valid user or IP, show
326 # the appropriate "footer" message - WHOIS tools, etc.
327 if( $target != 'newbies' ) {
328 $message = IP::isIPAddress( $target )
329 ? 'sp-contributions-footer-anon'
330 : 'sp-contributions-footer';
331
332 if( !wfMessage( $message )->isDisabled() ) {
333 $out->wrapWikiMsg( "<div class='mw-contributions-footer'>\n$1\n</div>", array( $message, $target ) );
334 }
335 }
336 }
337
338 /**
339 * Generates the subheading with links
340 * @param $userObj User object for the target
341 * @return String: appropriately-escaped HTML to be output literally
342 * @todo FIXME: Almost the same as contributionsSub in SpecialContributions.php. Could be combined.
343 */
344 function getSubTitle( $userObj ) {
345 if ( $userObj->isAnon() ) {
346 $user = htmlspecialchars( $userObj->getName() );
347 } else {
348 $user = Linker::link( $userObj->getPage(), htmlspecialchars( $userObj->getText() ) );
349 }
350 $nt = $userObj->getUserPage();
351 $id = $userObj->getID();
352 $talk = $nt->getTalkPage();
353 if( $talk ) {
354 # Talk page link
355 $tools[] = Linker::link( $talk, wfMsgHtml( 'sp-contributions-talk' ) );
356 if( ( $id !== null ) || ( $id === null && IP::isIPAddress( $nt->getText() ) ) ) {
357 if( $this->getUser()->isAllowed( 'block' ) ) { # Block / Change block / Unblock links
358 if ( $userObj->isBlocked() ) {
359 $tools[] = Linker::linkKnown( # Change block link
360 SpecialPage::getTitleFor( 'Block', $nt->getDBkey() ),
361 wfMsgHtml( 'change-blocklink' )
362 );
363 $tools[] = Linker::linkKnown( # Unblock link
364 SpecialPage::getTitleFor( 'BlockList' ),
365 wfMsgHtml( 'unblocklink' ),
366 array(),
367 array(
368 'action' => 'unblock',
369 'ip' => $nt->getDBkey()
370 )
371 );
372 }
373 else { # User is not blocked
374 $tools[] = Linker::linkKnown( # Block link
375 SpecialPage::getTitleFor( 'Block', $nt->getDBkey() ),
376 wfMsgHtml( 'blocklink' )
377 );
378 }
379 }
380 # Block log link
381 $tools[] = Linker::linkKnown(
382 SpecialPage::getTitleFor( 'Log' ),
383 wfMsgHtml( 'sp-contributions-blocklog' ),
384 array(),
385 array(
386 'type' => 'block',
387 'page' => $nt->getPrefixedText()
388 )
389 );
390 }
391 # Other logs link
392 $tools[] = Linker::linkKnown(
393 SpecialPage::getTitleFor( 'Log' ),
394 wfMsgHtml( 'sp-contributions-logs' ),
395 array(),
396 array( 'user' => $nt->getText() )
397 );
398 # Link to contributions
399 $tools[] = Linker::linkKnown(
400 SpecialPage::getTitleFor( 'Contributions', $nt->getDBkey() ),
401 wfMsgHtml( 'sp-deletedcontributions-contribs' )
402 );
403
404 # Add a link to change user rights for privileged users
405 $userrightsPage = new UserrightsPage();
406 if( $id !== null && $userrightsPage->userCanChangeRights( User::newFromId( $id ) ) ) {
407 $tools[] = Linker::linkKnown(
408 SpecialPage::getTitleFor( 'Userrights', $nt->getDBkey() ),
409 wfMsgHtml( 'sp-contributions-userrights' )
410 );
411 }
412
413 wfRunHooks( 'ContributionsToolLinks', array( $id, $nt, &$tools ) );
414
415 $links = $this->getLang()->pipeList( $tools );
416
417 // Show a note if the user is blocked and display the last block log entry.
418 if ( $userObj->isBlocked() ) {
419 $out = $this->getOutput(); // LogEventsList::showLogExtract() wants the first parameter by ref
420 LogEventsList::showLogExtract(
421 $out,
422 'block',
423 $nt,
424 '',
425 array(
426 'lim' => 1,
427 'showIfEmpty' => false,
428 'msgKey' => array(
429 'sp-contributions-blocked-notice',
430 $nt->getText() # Support GENDER in 'sp-contributions-blocked-notice'
431 ),
432 'offset' => '' # don't use $this->getRequest() parameter offset
433 )
434 );
435 }
436 }
437
438 // Old message 'contribsub' had one parameter, but that doesn't work for
439 // languages that want to put the "for" bit right after $user but before
440 // $links. If 'contribsub' is around, use it for reverse compatibility,
441 // otherwise use 'contribsub2'.
442 $oldMsg = $this->msg( 'contribsub' );
443 if ( $oldMsg->exists() ) {
444 return $oldMsg->rawParams( "$user ($links)" );
445 } else {
446 return $this->msg( 'contribsub2' )->rawParams( $user, $links );
447 }
448 }
449
450 /**
451 * Generates the namespace selector form with hidden attributes.
452 * @param $options Array: the options to be included.
453 */
454 function getForm( $options ) {
455 global $wgScript;
456
457 $options['title'] = $this->getTitle()->getPrefixedText();
458 if ( !isset( $options['target'] ) ) {
459 $options['target'] = '';
460 } else {
461 $options['target'] = str_replace( '_' , ' ' , $options['target'] );
462 }
463
464 if ( !isset( $options['namespace'] ) ) {
465 $options['namespace'] = '';
466 }
467
468 if ( !isset( $options['contribs'] ) ) {
469 $options['contribs'] = 'user';
470 }
471
472 if ( $options['contribs'] == 'newbie' ) {
473 $options['target'] = '';
474 }
475
476 $f = Xml::openElement( 'form', array( 'method' => 'get', 'action' => $wgScript ) );
477
478 foreach ( $options as $name => $value ) {
479 if ( in_array( $name, array( 'namespace', 'target', 'contribs' ) ) ) {
480 continue;
481 }
482 $f .= "\t" . Html::hidden( $name, $value ) . "\n";
483 }
484
485 $f .= Xml::openElement( 'fieldset' ) .
486 Xml::element( 'legend', array(), wfMsg( 'sp-contributions-search' ) ) .
487 Xml::tags( 'label', array( 'for' => 'target' ), wfMsgExt( 'sp-contributions-username', 'parseinline' ) ) . ' ' .
488 Html::input( 'target', $options['target'], 'text', array(
489 'size' => '20',
490 'required' => ''
491 ) + ( $options['target'] ? array() : array( 'autofocus' ) ) ) . ' '.
492 Xml::label( wfMsg( 'namespace' ), 'namespace' ) . ' ' .
493 Xml::namespaceSelector( $options['namespace'], '' ) . ' ' .
494 Xml::submitButton( wfMsg( 'sp-contributions-submit' ) ) .
495 Xml::closeElement( 'fieldset' ) .
496 Xml::closeElement( 'form' );
497 return $f;
498 }
499 }
Wiklou, le Wiki du Wiklou