*/
use MediaWiki\Session\SessionManager;
+use MediaWiki\Session\Token;
/**
* String Some punctuation to prevent editing from broken text-mangling proxies.
- * @deprecated since 1.27, use \\MediaWiki\\Session\\Token::SUFFIX
+ * @deprecated since 1.27, use \MediaWiki\Session\Token::SUFFIX
* @ingroup Constants
*/
-define( 'EDIT_TOKEN_SUFFIX', MediaWiki\Session\Token::SUFFIX );
+define( 'EDIT_TOKEN_SUFFIX', Token::SUFFIX );
/**
* The User object encapsulates all of the user-specific settings (user_id,
/**
* Global constant made accessible as class constants so that autoloader
* magic can be used.
- * @deprecated since 1.27, use \\MediaWiki\\Session\\Token::SUFFIX
+ * @deprecated since 1.27, use \MediaWiki\Session\Token::SUFFIX
*/
const EDIT_TOKEN_SUFFIX = EDIT_TOKEN_SUFFIX;
protected $mImplicitGroups;
/** @var array */
protected $mFormerGroups;
- /** @var bool */
- protected $mBlockedGlobally;
+ /** @var Block */
+ protected $mGlobalBlock;
/** @var bool */
protected $mLocked;
/** @var bool */
// Clean up name according to title rules,
// but only when validation is requested (bug 12654)
$t = ( $validate !== false ) ?
- Title::newFromText( $name ) : Title::makeTitle( NS_USER, $name );
+ Title::newFromText( $name, NS_USER ) : Title::makeTitle( NS_USER, $name );
// Check for invalid titles
- if ( is_null( $t ) ) {
+ if ( is_null( $t ) || $t->getNamespace() !== NS_USER || $t->isExternal() ) {
return false;
}
* @return bool True if blocked, false otherwise
*/
public function isBlockedGlobally( $ip = '' ) {
- if ( $this->mBlockedGlobally !== null ) {
- return $this->mBlockedGlobally;
+ return $this->getGlobalBlock( $ip ) instanceof Block;
+ }
+
+ /**
+ * Check if user is blocked on all wikis.
+ * Do not use for actual edit permission checks!
+ * This is intended for quick UI checks.
+ *
+ * @param string $ip IP address, uses current client if none given
+ * @return Block|null Block object if blocked, null otherwise
+ * @throws FatalError
+ * @throws MWException
+ */
+ public function getGlobalBlock( $ip = '' ) {
+ if ( $this->mGlobalBlock !== null ) {
+ return $this->mGlobalBlock ?: null;
}
// User is already an IP?
if ( IP::isIPAddress( $this->getName() ) ) {
$ip = $this->getRequest()->getIP();
}
$blocked = false;
- Hooks::run( 'UserIsBlockedGlobally', [ &$this, $ip, &$blocked ] );
- $this->mBlockedGlobally = (bool)$blocked;
- return $this->mBlockedGlobally;
+ $block = null;
+ Hooks::run( 'UserIsBlockedGlobally', [ &$this, $ip, &$blocked, &$block ] );
+
+ if ( $blocked && $block === null ) {
+ // back-compat: UserIsBlockedGlobally didn't have $block param first
+ $block = new Block;
+ $block->setTarget( $ip );
+ }
+
+ $this->mGlobalBlock = $blocked ? $block : false;
+ return $this->mGlobalBlock ?: null;
}
/**
return Status::newGood( true );
}
+ $type = $oldaddr != '' ? 'changed' : 'set';
+ $notificationResult = null;
+
+ if ( $wgEmailAuthentication ) {
+ // Send the user an email notifying the user of the change in registered
+ // email address on their previous email address
+ if ( $type == 'changed' ) {
+ $change = $str != '' ? 'changed' : 'removed';
+ $notificationResult = $this->sendMail(
+ wfMessage( 'notificationemail_subject_' . $change )->text(),
+ wfMessage( 'notificationemail_body_' . $change,
+ $this->getRequest()->getIP(),
+ $this->getName(),
+ $str )->text()
+ );
+ }
+ }
+
$this->setEmail( $str );
if ( $str !== '' && $wgEmailAuthentication ) {
// Send a confirmation request to the new address if needed
- $type = $oldaddr != '' ? 'changed' : 'set';
$result = $this->sendConfirmationMail( $type );
+
+ if ( $notificationResult !== null ) {
+ $result->merge( $notificationResult );
+ }
+
if ( $result->isGood() ) {
- // Say to the caller that a confirmation mail has been sent
+ // Say to the caller that a confirmation and notification mail has been sent
$result->value = 'eauth';
}
} else {
* @since 1.27
* @param string|array $salt Array of Strings Optional function-specific data for hashing
* @param WebRequest|null $request WebRequest object to use or null to use $wgRequest
- * @return MediaWiki\\Session\\Token The new edit token
+ * @return MediaWiki\Session\Token The new edit token
*/
public function getEditTokenObject( $salt = '', $request = null ) {
if ( $this->isAnon() ) {
/**
* Get the embedded timestamp from a token.
- * @deprecated since 1.27, use \\MediaWiki\\Session\\Token::getTimestamp instead.
+ * @deprecated since 1.27, use \MediaWiki\Session\Token::getTimestamp instead.
* @param string $val Input token
* @return int|null
*/
* @return bool Whether the token matches
*/
public function matchEditTokenNoSuffix( $val, $salt = '', $request = null, $maxage = null ) {
- $val = substr( $val, 0, strspn( $val, '0123456789abcdef' ) ) . self::EDIT_TOKEN_SUFFIX;
+ $val = substr( $val, 0, strspn( $val, '0123456789abcdef' ) ) . Token::SUFFIX;
return $this->matchEditToken( $val, $salt, $request, $maxage );
}