X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fapi%2FApiQueryBlocks.php;h=e3c27f5e2ae081eaa47d7f393e78e1fd1f00cc27;hb=a14bcc6ebe8afcd06de20f10f6fdce65ce648712;hp=881269fe02c116d709110614a5c8e90e2f819784;hpb=b65669ff7adbbde55872a8ddd93214a9e1df75c6;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/api/ApiQueryBlocks.php b/includes/api/ApiQueryBlocks.php index 881269fe02..e3c27f5e2a 100644 --- a/includes/api/ApiQueryBlocks.php +++ b/includes/api/ApiQueryBlocks.php @@ -91,18 +91,30 @@ class ApiQueryBlocks extends ApiQueryBase { $this->addWhereFld( 'ipb_auto', 0 ); } if ( isset( $params['ip'] ) ) { - list( $ip, $range ) = IP::parseCIDR( $params['ip'] ); - if ( $ip && $range ) { - // We got a CIDR range - if ( $range < 16 ) { - $this->dieUsage( 'CIDR ranges broader than /16 are not accepted', 'cidrtoobroad' ); - } - $lower = wfBaseConvert( $ip, 10, 16, 8, false ); - $upper = wfBaseConvert( $ip + pow( 2, 32 - $range ) - 1, 10, 16, 8, false ); + global $wgBlockCIDRLimit; + if ( IP::isIPv4( $params['ip'] ) ) { + $type = 'IPv4'; + $cidrLimit = $wgBlockCIDRLimit['IPv4']; + $prefixLen = 0; + } elseif ( IP::isIPv6( $params['ip'] ) ) { + $type = 'IPv6'; + $cidrLimit = $wgBlockCIDRLimit['IPv6']; + $prefixLen = 3; // IP::toHex output is prefixed with "v6-" } else { - $lower = $upper = IP::toHex( $params['ip'] ); + $this->dieUsage( 'IP parameter is not valid', 'param_ip' ); + } + + # Check range validity, if it's a CIDR + list( $ip, $range ) = IP::parseCIDR( $params['ip'] ); + if ( $ip !== false && $range !== false && $range < $cidrLimit ) { + $this->dieUsage( "$type CIDR ranges broader than /$cidrLimit are not accepted", 'cidrtoobroad' ); } - $prefix = substr( $lower, 0, 4 ); + + # Let IP::parseRange handle calculating $upper, instead of duplicating the logic here. + list( $lower, $upper ) = IP::parseRange( $params['ip'] ); + + # Extract the common prefix to any rangeblock affecting this IP/CIDR + $prefix = substr( $lower, 0, $prefixLen + floor( $cidrLimit / 4 ) ); # Fairly hard to make a malicious SQL statement out of hex characters, # but it is good practice to add quotes @@ -295,6 +307,7 @@ class ApiQueryBlocks extends ApiQueryBase { } public function getParamDescription() { + global $wgBlockCIDRLimit; $p = $this->getModulePrefix(); return array( 'start' => 'The timestamp to start enumerating from', @@ -302,8 +315,12 @@ class ApiQueryBlocks extends ApiQueryBase { 'dir' => $this->getDirectionDescription( $p ), 'ids' => 'List of block IDs to list (optional)', 'users' => 'List of users to search for (optional)', - 'ip' => array( 'Get all blocks applying to this IP or CIDR range, including range blocks.', - 'Cannot be used together with bkusers. CIDR ranges broader than /16 are not accepted' ), + 'ip' => array( + 'Get all blocks applying to this IP or CIDR range, including range blocks.', + "Cannot be used together with bkusers. CIDR ranges broader than " . + "IPv4/{$wgBlockCIDRLimit['IPv4']} or IPv6/{$wgBlockCIDRLimit['IPv6']} " . + "are not accepted" + ), 'limit' => 'The maximum amount of blocks to list', 'prop' => array( 'Which properties to get', @@ -384,10 +401,19 @@ class ApiQueryBlocks extends ApiQueryBase { } public function getPossibleErrors() { + global $wgBlockCIDRLimit; return array_merge( parent::getPossibleErrors(), $this->getRequireOnlyOneParameterErrorMessages( array( 'users', 'ip' ) ), array( - array( 'code' => 'cidrtoobroad', 'info' => 'CIDR ranges broader than /16 are not accepted' ), + array( + 'code' => 'cidrtoobroad', + 'info' => "IPv4 CIDR ranges broader than /{$wgBlockCIDRLimit['IPv4']} are not accepted" + ), + array( + 'code' => 'cidrtoobroad', + 'info' => "IPv6 CIDR ranges broader than /{$wgBlockCIDRLimit['IPv6']} are not accepted" + ), + array( 'code' => 'param_ip', 'info' => 'IP parameter is not valid' ), array( 'code' => 'param_user', 'info' => 'User parameter may not be empty' ), array( 'code' => 'param_user', 'info' => 'User name user is not valid' ), array( 'show' ),