X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FBlock.php;h=fa98692c8370932aa6587fe4591f0b1731fc8e67;hb=e66412fc34f5f3a0721062c00545be78833bf3cd;hp=e05047429044d224b8ae262ea4a23059e951b5eb;hpb=0c04d9885c02371877758c1a728a007ac992698c;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/Block.php b/includes/Block.php index e050474290..fa98692c83 100644 --- a/includes/Block.php +++ b/includes/Block.php @@ -1,7 +1,6 @@ mId = 0; + # Expand valid IPv6 addresses + $address = IP::sanitizeIP( $address ); $this->mAddress = $address; $this->mUser = $user; $this->mBy = $by; @@ -38,6 +39,7 @@ class Block $this->mCreateAccount = $createAccount; $this->mExpiry = self::decodeExpiry( $expiry ); $this->mEnableAutoblock = $enableAutoblock; + $this->mHideName = $hideName; $this->mForUpdate = false; $this->mFromMaster = false; @@ -58,7 +60,7 @@ class Block static function newFromID( $id ) { - $dbr =& wfGetDB( DB_SLAVE ); + $dbr = wfGetDB( DB_SLAVE ); $res = $dbr->resultObject( $dbr->select( 'ipblocks', '*', array( 'ipb_id' => $id ), __METHOD__ ) ); $block = new Block; @@ -74,7 +76,7 @@ class Block $this->mAddress = $this->mReason = $this->mTimestamp = ''; $this->mId = $this->mAnonOnly = $this->mCreateAccount = $this->mEnableAutoblock = $this->mAuto = $this->mUser = - $this->mBy = 0; + $this->mBy = $this->mHideName = 0; $this->mByName = false; } @@ -85,14 +87,14 @@ class Block { global $wgAntiLockFlags; if ( $this->mForUpdate || $this->mFromMaster ) { - $db =& wfGetDB( DB_MASTER ); + $db = wfGetDB( DB_MASTER ); if ( !$this->mForUpdate || ($wgAntiLockFlags & ALF_NO_BLOCK_LOCK) ) { $options = array(); } else { $options = array( 'FOR UPDATE' ); } } else { - $db =& wfGetDB( DB_SLAVE ); + $db = wfGetDB( DB_SLAVE ); $options = array(); } return $db; @@ -113,9 +115,6 @@ class Block $options = array(); $db =& $this->getDBOptions( $options ); - $ret = false; - $killed = false; - if ( 0 == $user && $address == '' ) { # Invalid user specification, not blocked $this->clear(); @@ -150,7 +149,7 @@ class Block } # Try range block - if ( $this->loadRange( $address, $killExpired, $user == 0 ) ) { + if ( $this->loadRange( $address, $killExpired, $user ) ) { if ( $user && $this->mAnonOnly ) { $this->clear(); return false; @@ -179,7 +178,8 @@ class Block /** * Fill in member variables from a result wrapper */ - function loadFromResult( ResultWrapper $res, $killExpired = true ) { + function loadFromResult( ResultWrapper $res, $killExpired = true ) + { $ret = false; if ( 0 != $res->numRows() ) { # Get first block @@ -214,7 +214,7 @@ class Block * Search the database for any range blocks matching the given address, and * load the row if one is found. */ - function loadRange( $address, $killExpired = true ) + function loadRange( $address, $killExpired = true, $user = 0 ) { $iaddr = IP::toHex( $address ); if ( $iaddr === false ) { @@ -233,6 +233,10 @@ class Block "ipb_range_start <= '$iaddr'", "ipb_range_end >= '$iaddr'" ); + + if ( $user ) { + $conds['ipb_anon_only'] = 0; + } $res = $db->resultObject( $db->select( 'ipblocks', '*', $conds, __METHOD__, $options ) ); $success = $this->loadFromResult( $res, $killExpired ); @@ -241,10 +245,10 @@ class Block /** * Determine if a given integer IPv4 address is in a given CIDR network - * @deprecated Use IP::isAddressInRange + * @deprecated Use IP::isInRange */ function isAddressInRange( $addr, $range ) { - return IP::isAddressInRange( $addr, $range ); + return IP::isInRange( $addr, $range ); } function initFromRow( $row ) @@ -258,6 +262,7 @@ class Block $this->mAnonOnly = $row->ipb_anon_only; $this->mCreateAccount = $row->ipb_create_account; $this->mEnableAutoblock = $row->ipb_enable_autoblock; + $this->mHideName = $row->ipb_deleted; $this->mId = $row->ipb_id; $this->mExpiry = self::decodeExpiry( $row->ipb_expiry ); if ( isset( $row->user_name ) ) { @@ -275,7 +280,7 @@ class Block $this->mRangeEnd = ''; if ( $this->mUser == 0 ) { - list($this->mRangeStart, $this->mRangeEnd) = IP::parseRange$this->mAddress); + list( $this->mRangeStart, $this->mRangeEnd ) = IP::parseRange( $this->mAddress ); } } @@ -289,7 +294,7 @@ class Block $block = new Block(); if ( $flags & Block::EB_FOR_UPDATE ) { - $db =& wfGetDB( DB_MASTER ); + $db = wfGetDB( DB_MASTER ); if ( $wgAntiLockFlags & ALF_NO_BLOCK_LOCK ) { $options = ''; } else { @@ -297,7 +302,7 @@ class Block } $block->forUpdate( true ); } else { - $db =& wfGetDB( DB_SLAVE ); + $db = wfGetDB( DB_SLAVE ); $options = ''; } if ( $flags & Block::EB_RANGE_ONLY ) { @@ -308,7 +313,7 @@ class Block $now = wfTimestampNow(); - extract( $db->tableNames( 'ipblocks', 'user' ) ); + list( $ipblocks, $user ) = $db->tableNamesN( 'ipblocks', 'user' ); $sql = "SELECT $ipblocks.*,user_name FROM $ipblocks,$user " . "WHERE user_id=ipb_by $cond ORDER BY ipb_timestamp DESC $options"; @@ -344,7 +349,7 @@ class Block throw new MWException( "Block::delete() now requires that the mId member be filled\n" ); } - $dbw =& wfGetDB( DB_MASTER ); + $dbw = wfGetDB( DB_MASTER ); $dbw->delete( 'ipblocks', array( 'ipb_id' => $this->mId ), __METHOD__ ); return $dbw->affectedRows() > 0; } @@ -356,8 +361,7 @@ class Block function insert() { wfDebug( "Block::insert; timestamp {$this->mTimestamp}\n" ); - $dbw =& wfGetDB( DB_MASTER ); - $dbw->begin(); + $dbw = wfGetDB( DB_MASTER ); # Unset ipb_anon_only for user blocks, makes no sense if ( $this->mUser ) { @@ -388,6 +392,7 @@ class Block 'ipb_expiry' => self::encodeExpiry( $this->mExpiry, $dbw ), 'ipb_range_start' => $this->mRangeStart, 'ipb_range_end' => $this->mRangeEnd, + 'ipb_deleted' => $this->mHideName ), 'Block::insert', array( 'IGNORE' ) ); $affected = $dbw->affectedRows(); @@ -405,7 +410,7 @@ class Block *@return Whether or not a retroactive autoblock was made. */ function doRetroactiveAutoblock() { - $dbr = wfGetDb( DB_SLAVE ); + $dbr = wfGetDB( DB_SLAVE ); #If autoblock is enabled, autoblock the LAST IP used # - stolen shamelessly from CheckUser_body.php @@ -413,7 +418,7 @@ class Block wfDebug("Doing retroactive autoblocks for " . $this->mAddress . "\n"); $row = $dbr->selectRow( 'recentchanges', array( 'rc_ip' ), array( 'rc_user_text' => $this->mAddress ), - $fname, array( 'ORDER BY' => 'rc_timestamp DESC' ) ); + __METHOD__ , array( 'ORDER BY' => 'rc_timestamp DESC' ) ); if ( !$row || !$row->rc_ip ) { #No results, don't autoblock anything @@ -421,24 +426,51 @@ class Block } else { #Limit is 1, so no loop needed. $retroblockip = $row->rc_ip; - return $this->doAutoblock($retroblockip); + return $this->doAutoblock( $retroblockip, true ); } } } /** * Autoblocks the given IP, referring to this Block. - * @param string $autoblockip The IP to autoblock, dotted-quad. - * @return bool True if an autoblock was inserted OR redundant to preexisting block. + * @param string $autoblockip The IP to autoblock. + * @param bool $justInserted The main block was just inserted + * @return bool Whether or not an autoblock was inserted. */ - public function doAutoblock( $autoblockip ) { - # Check if this IP address is already blocked - $dbw =& wfGetDb( DB_MASTER ); - $dbw->begin(); + function doAutoblock( $autoblockip, $justInserted = false ) { + # If autoblocks are disabled, go away. + if ( !$this->mEnableAutoblock ) { + return; + } - # If autoblocks are disabled, or if this IP is whitelisted, go away. - if ( !$this->mEnableAutoblock || self::isWhitelistedIp( $autoblockip ) ) { - return false; + # Check for presence on the autoblock whitelist + # TODO cache this? + $lines = explode( "\n", wfMsgForContentNoTrans( 'autoblock_whitelist' ) ); + + $ip = $autoblockip; + + wfDebug("Checking the autoblock whitelist..\n"); + + foreach( $lines as $line ) { + # List items only + if ( substr( $line, 0, 1 ) !== '*' ) { + continue; + } + + $wlEntry = substr($line, 1); + $wlEntry = trim($wlEntry); + + wfDebug("Checking $ip against $wlEntry..."); + + # Is the IP in this range? + if (IP::isInRange( $ip, $wlEntry )) { + wfDebug(" IP $ip matches $wlEntry, not autoblocking\n"); + #$autoblockip = null; # Don't autoblock a whitelisted IP. + return; #This /SHOULD/ introduce a dummy block - but + # I don't know a safe way to do so. -werdna + } else { + wfDebug( " No match\n" ); + } } # It's okay to autoblock. Go ahead and create/insert the block. @@ -450,11 +482,13 @@ class Block # prolong block time if ($this->mExpiry && ($this->mExpiry < Block::getAutoblockExpiry($ipblock->mTimestamp))) { - return true; + return; } # Just update the timestamp - $ipblock->updateTimestamp(); - return true; + if ( !$justInserted ) { + $ipblock->updateTimestamp(); + } + return; } else { $ipblock = new Block; } @@ -468,6 +502,8 @@ class Block $ipblock->mTimestamp = wfTimestampNow(); $ipblock->mAuto = 1; $ipblock->mCreateAccount = $this->mCreateAccount; + # Continue suppressing the name if needed + $ipblock->mHideName = $this->mHideName; # If the user is already blocked with an expiry date, we don't # want to pile on top of that! @@ -480,38 +516,6 @@ class Block return $ipblock->insert(); } - /** - * Checks whether an IP is whitelisted in the autoblock_whitelist message. - * @todo Cache this? - * - * @param string $ip Dotted quad - * @return bool - */ - private static function isWhitelistedIp( $ip ) { - $lines = explode( "\n", wfMsgForContentNoTrans( 'autoblock_whitelist' ) ); - - wfDebug("Checking the autoblock whitelist..\n"); - - foreach( $lines as $line ) { - # Parse list items only - if ( substr( $line, 0, 1 ) !== '*' ) { - continue; - } - - $wlEntry = substr($line, 1); - $wlEntry = trim($wlEntry); - - wfDebug("Checking $wlEntry\n"); - - # Is the IP in this range? - if (IP::isAddressInRange( $autoblockip, $wlEntry )) { - wfDebug("IP $autoblockip matches $wlEntry, not autoblocking\n"); - return true; #This /SHOULD/ introduce a dummy block - but - # I don't know a safe way to do so. -werdna - } - } - return false; - } function deleteIfExpired() { $fname = 'Block::deleteIfExpired'; @@ -549,7 +553,7 @@ class Block $this->mTimestamp = wfTimestamp(); $this->mExpiry = Block::getAutoblockExpiry( $this->mTimestamp ); - $dbw =& wfGetDB( DB_MASTER ); + $dbw = wfGetDB( DB_MASTER ); $dbw->update( 'ipblocks', array( /* SET */ 'ipb_timestamp' => $dbw->timestamp($this->mTimestamp), @@ -633,16 +637,36 @@ class Block global $wgAutoblockExpiry; return wfTimestamp( TS_MW, wfTimestamp( TS_UNIX, $timestamp ) + $wgAutoblockExpiry ); } - - static function normaliseRange( $range ) - { + + /** + * Gets rid of uneeded numbers in quad-dotted/octet IP strings + * For example, 127.111.113.151/24 -> 127.111.113.0/24 + */ + static function normaliseRange( $range ) { $parts = explode( '/', $range ); if ( count( $parts ) == 2 ) { - $shift = 32 - $parts[1]; - $ipint = IP::toUnsigned( $parts[0] ); - $ipint = $ipint >> $shift << $shift; - $newip = long2ip( $ipint ); - $range = "$newip/{$parts[1]}"; + // IPv6 + if ( IP::isIPv6($range) && $parts[1] >= 64 && $parts[1] <= 128 ) { + $bits = $parts[1]; + $ipint = IP::toUnsigned6( $parts[0] ); + # Native 32 bit functions WONT work here!!! + # Convert to a padded binary number + $network = wfBaseConvert( $ipint, 10, 2, 128 ); + # Truncate the last (128-$bits) bits and replace them with zeros + $network = str_pad( substr( $network, 0, $bits ), 128, 0, STR_PAD_RIGHT ); + # Convert back to an integer + $network = wfBaseConvert( $network, 2, 10 ); + # Reform octet address + $newip = IP::toOctet( $network ); + $range = "$newip/{$parts[1]}"; + } // IPv4 + else if ( IP::isIPv4($range) && $parts[1] >= 16 && $parts[1] <= 32 ) { + $shift = 32 - $parts[1]; + $ipint = IP::toUnsigned( $parts[0] ); + $ipint = $ipint >> $shift << $shift; + $newip = long2ip( $ipint ); + $range = "$newip/{$parts[1]}"; + } } return $range; } @@ -651,7 +675,7 @@ class Block * Purge expired blocks from the ipblocks table */ static function purgeExpired() { - $dbw =& wfGetDB( DB_MASTER ); + $dbw = wfGetDB( DB_MASTER ); $dbw->delete( 'ipblocks', array( 'ipb_expiry < ' . $dbw->addQuotes( $dbw->timestamp() ) ), __METHOD__ ); } @@ -663,7 +687,7 @@ class Block /* static $infinity; if ( !isset( $infinity ) ) { - $dbr =& wfGetDB( DB_SLAVE ); + $dbr = wfGetDB( DB_SLAVE ); $infinity = $dbr->bigTimestamp(); } return $infinity;