X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FSpecialBlockip.php;h=942ebe8bde2c21d6b3c499626da82f8d967a3512;hb=396524f67413c69576cd84b3c29cfc1045c05718;hp=c621ebecd3a3e2dd6d67ec0e9767f4bd077052a9;hpb=a26d5a49d755ff4b8039b11d1f26abb5d7bc7e8c;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/SpecialBlockip.php b/includes/SpecialBlockip.php index c621ebecd3..942ebe8bde 100644 --- a/includes/SpecialBlockip.php +++ b/includes/SpecialBlockip.php @@ -2,8 +2,7 @@ /** * Constructor for Special:Blockip page * - * @package MediaWiki - * @subpackage SpecialPage + * @addtogroup SpecialPage */ /** @@ -12,10 +11,18 @@ function wfSpecialBlockip( $par ) { global $wgUser, $wgOut, $wgRequest; - if ( ! $wgUser->isAllowed('block') ) { - $wgOut->sysopRequired(); + # Can't block when the database is locked + if( wfReadOnly() ) { + $wgOut->readOnlyPage(); return; } + + # Permission check + if( !$wgUser->isAllowed( 'block' ) ) { + $wgOut->permissionRequired( 'block' ); + return; + } + $ipb = new IPBlockForm( $par ); $action = $wgRequest->getVal( 'action' ); @@ -30,52 +37,63 @@ function wfSpecialBlockip( $par ) { } /** - * Form object + * Form object for the Special:Blockip page. * - * @package MediaWiki - * @subpackage SpecialPage + * @addtogroup SpecialPage */ class IPBlockForm { var $BlockAddress, $BlockExpiry, $BlockReason; +# var $BlockEmail; function IPBlockForm( $par ) { - global $wgRequest; + global $wgRequest, $wgUser; $this->BlockAddress = $wgRequest->getVal( 'wpBlockAddress', $wgRequest->getVal( 'ip', $par ) ); + $this->BlockAddress = strtr( $this->BlockAddress, '_', ' ' ); $this->BlockReason = $wgRequest->getText( 'wpBlockReason' ); + $this->BlockReasonList = $wgRequest->getText( 'wpBlockReasonList' ); $this->BlockExpiry = $wgRequest->getVal( 'wpBlockExpiry', wfMsg('ipbotheroption') ); $this->BlockOther = $wgRequest->getVal( 'wpBlockOther', '' ); + + # Unchecked checkboxes are not included in the form data at all, so having one + # that is true by default is a bit tricky + $byDefault = !$wgRequest->wasPosted(); + $this->BlockAnonOnly = $wgRequest->getBool( 'wpAnonOnly', $byDefault ); + $this->BlockCreateAccount = $wgRequest->getBool( 'wpCreateAccount', $byDefault ); + $this->BlockEnableAutoblock = $wgRequest->getBool( 'wpEnableAutoblock', $byDefault ); + $this->BlockEmail = $wgRequest->getBool( 'wpEmailBan', false ); + # Re-check user's rights to hide names, very serious, defaults to 0 + $this->BlockHideName = ( $wgRequest->getBool( 'wpHideName', 0 ) && $wgUser->isAllowed( 'hideuser' ) ) ? 1 : 0; } function showForm( $err ) { - global $wgOut, $wgUser, $wgRequest, $wgSysopUserBans; + global $wgOut, $wgUser, $wgSysopUserBans, $wgContLang; $wgOut->setPagetitle( wfMsg( 'blockip' ) ); $wgOut->addWikiText( wfMsg( 'blockiptext' ) ); if($wgSysopUserBans) { - $mIpaddress = wfMsgHtml( 'ipadressorusername' ); + $mIpaddress = Xml::label( wfMsg( 'ipadressorusername' ), 'mw-bi-target' ); } else { - $mIpaddress = wfMsgHtml( 'ipaddress' ); + $mIpaddress = Xml::label( wfMsg( 'ipadress' ), 'mw-bi-target' ); } - $mIpbexpiry = wfMsgHtml( 'ipbexpiry' ); - $mIpbother = wfMsgHtml( 'ipbother' ); + $mIpbexpiry = Xml::label( wfMsg( 'ipbexpiry' ), 'wpBlockExpiry' ); + $mIpbother = Xml::label( wfMsg( 'ipbother' ), 'mw-bi-other' ); $mIpbothertime = wfMsgHtml( 'ipbotheroption' ); - $mIpbreason = wfMsgHtml( 'ipbreason' ); - $mIpbsubmit = wfMsgHtml( 'ipbsubmit' ); - $titleObj = Title::makeTitle( NS_SPECIAL, 'Blockip' ); + $mIpbreasonother = Xml::label( wfMsg( 'ipbreason' ), 'wpBlockReasonList' ); + $mIpbreason = Xml::label( wfMsg( 'ipbotherreason' ), 'mw-bi-reason' ); + $mIpbreasonotherlist = wfMsgHtml( 'ipbreasonotherlist' ); + + $titleObj = SpecialPage::getTitleFor( 'Blockip' ); $action = $titleObj->escapeLocalURL( "action=submit" ); + $alignRight = $wgContLang->isRtl() ? 'left' : 'right'; if ( "" != $err ) { $wgOut->setSubtitle( wfMsgHtml( 'formerror' ) ); $wgOut->addHTML( "

{$err}

\n" ); } - $scBlockAddress = htmlspecialchars( $this->BlockAddress ); - $scBlockExpiry = htmlspecialchars( $this->BlockExpiry ); - $scBlockReason = htmlspecialchars( $this->BlockReason ); - $scBlockOtherTime = htmlspecialchars( $this->BlockOther ); - $scBlockExpiryOptions = htmlspecialchars( wfMsgForContent( 'ipboptions' ) ); + $scBlockExpiryOptions = wfMsgForContent( 'ipboptions' ); $showblockoptions = $scBlockExpiryOptions != '-'; if (!$showblockoptions) @@ -93,22 +111,62 @@ class IPBlockForm { $blockExpiryFormOptions .= ""; } - $token = htmlspecialchars( $wgUser->editToken() ); + $scBlockReasonList = wfMsgForContent( 'ipbreason-dropdown' ); + $blockReasonList = ''; + if ( $scBlockReasonList != '' && $scBlockReasonList != '-' ) { + $blockReasonList = ""; + $optgroup = ""; + foreach ( explode( "\n", $scBlockReasonList ) as $option) { + $value = trim( htmlspecialchars($option) ); + if ( $value == '' ) { + continue; + } elseif ( substr( $value, 0, 1) == '*' && substr( $value, 1, 1) != '*' ) { + // A new group is starting ... + $value = trim( substr( $value, 1 ) ); + $blockReasonList .= "$optgroup"; + $optgroup = ""; + } elseif ( substr( $value, 0, 2) == '**' ) { + // groupmember + $selected = ""; + $value = trim( substr( $value, 2 ) ); + if ( $this->BlockReasonList === $value) + $selected = ' selected="selected"'; + $blockReasonList .= ""; + } else { + // groupless block reason + $selected = ""; + if ( $this->BlockReasonList === $value) + $selected = ' selected="selected"'; + $blockReasonList .= "$optgroup"; + $optgroup = ""; + } + } + $blockReasonList .= $optgroup; + } + + $token = $wgUser->editToken(); + global $wgStylePath, $wgStyleVersion; $wgOut->addHTML( " +
- - + "); if ($showblockoptions) { $wgOut->addHTML(" - - + - - + + "); + if ( $blockReasonList != '' ) { + $wgOut->addHTML(" + + + + "); + } + $wgOut->addHTML(" + + + - - - + + - + + + + + - -
{$mIpaddress}: - + {$mIpaddress} + " . Xml::input( 'wpBlockAddress', 45, $this->BlockAddress, + array( + 'tabindex' => '1', + 'id' => 'mw-bi-target', + 'onchange' => 'updateBlockOptions()' ) ) . "
{$mIpbexpiry}: + {$mIpbexpiry} @@ -118,41 +176,142 @@ class IPBlockForm { $wgOut->addHTML("
{$mIpbother}: - + {$mIpbother} + " . Xml::input( 'wpBlockOther', 45, $this->BlockOther, + array( 'tabindex' => '3', 'id' => 'mw-bi-other' ) ) . " +
{$mIpbreasonother} + +
{$mIpbreason} + " . Xml::input( 'wpBlockReason', 45, $this->BlockReason, + array( 'tabindex' => '5', 'id' => 'mw-bi-reason', + 'maxlength'=> '200' ) ) . "
{$mIpbreason}: - +
  + " . wfCheckLabel( wfMsgHtml( 'ipbanononly' ), + 'wpAnonOnly', 'wpAnonOnly', $this->BlockAnonOnly, + array( 'tabindex' => '6' ) ) . "
  + " . wfCheckLabel( wfMsgHtml( 'ipbcreateaccount' ), + 'wpCreateAccount', 'wpCreateAccount', $this->BlockCreateAccount, + array( 'tabindex' => '7' ) ) . " +
  - + + " . wfCheckLabel( wfMsgHtml( 'ipbenableautoblock' ), + 'wpEnableAutoblock', 'wpEnableAutoblock', $this->BlockEnableAutoblock, + array( 'tabindex' => '8' ) ) . "
- -
\n" ); + "); + // Allow some users to hide name from block log, blocklist and listusers + if ( $wgUser->isAllowed( 'hideuser' ) ) { + $wgOut->addHTML(" + +   + + " . wfCheckLabel( wfMsgHtml( 'ipbhidename' ), + 'wpHideName', 'wpHideName', $this->BlockHideName, + array( 'tabindex' => '9' ) ) . " + + + "); + } + global $wgSysopEmailBans; + + if ( $wgSysopEmailBans && $wgUser->isAllowed( 'blockemail' ) ) { + $wgOut->addHTML(" + +   + + " . wfCheckLabel( wfMsgHtml( 'ipbemailban' ), + 'wpEmailBan', 'wpEmailBan', $this->BlockEmail, + array( 'tabindex' => '10' )) . " + + + "); + } + $wgOut->addHTML(" + +   + + " . Xml::submitButton( wfMsg( 'ipbsubmit' ), + array( 'name' => 'wpBlock', 'tabindex' => '11' ) ) . " + + + " . + Xml::hidden( 'wpEditToken', $token ) . +" + +\n" ); + + $wgOut->addHtml( $this->getConvenienceLinks() ); + + $user = User::newFromName( $this->BlockAddress ); + if( is_object( $user ) ) { + $this->showLogFragment( $wgOut, $user->getUserPage() ); + } elseif( preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/', $this->BlockAddress ) ) { + $this->showLogFragment( $wgOut, Title::makeTitle( NS_USER, $this->BlockAddress ) ); + } elseif( preg_match( '/^\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}/', $this->BlockAddress ) ) { + $this->showLogFragment( $wgOut, Title::makeTitle( NS_USER, $this->BlockAddress ) ); + } } function doSubmit() { global $wgOut, $wgUser, $wgSysopUserBans, $wgSysopRangeBans; $userId = 0; - $this->BlockAddress = trim( $this->BlockAddress ); - $rxIP = '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}'; - + # Expand valid IPv6 addresses, usernames are left as is + $this->BlockAddress = IP::sanitizeIP( $this->BlockAddress ); + # isIPv4() and IPv6() are used for final validation + $rxIP4 = '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}'; + $rxIP6 = '\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}'; + $rxIP = "($rxIP4|$rxIP6)"; + # Check for invalid specifications - if ( ! preg_match( "/^$rxIP$/", $this->BlockAddress ) ) { - if ( preg_match( "/^($rxIP)\\/(\\d{1,2})$/", $this->BlockAddress, $matches ) ) { + if ( !preg_match( "/^$rxIP$/", $this->BlockAddress ) ) { + $matches = array(); + if ( preg_match( "/^($rxIP4)\\/(\\d{1,2})$/", $this->BlockAddress, $matches ) ) { + # IPv4 + if ( $wgSysopRangeBans ) { + if ( !IP::isIPv4( $this->BlockAddress ) || $matches[2] < 16 || $matches[2] > 32 ) { + $this->showForm( wfMsg( 'ip_range_invalid' ) ); + return; + } + $this->BlockAddress = Block::normaliseRange( $this->BlockAddress ); + } else { + # Range block illegal + $this->showForm( wfMsg( 'range_block_disabled' ) ); + return; + } + } else if ( preg_match( "/^($rxIP6)\\/(\\d{1,3})$/", $this->BlockAddress, $matches ) ) { + # IPv6 if ( $wgSysopRangeBans ) { - if ( $matches[2] > 31 || $matches[2] < 16 ) { + if ( !IP::isIPv6( $this->BlockAddress ) || $matches[2] < 64 || $matches[2] > 128 ) { $this->showForm( wfMsg( 'ip_range_invalid' ) ); return; } @@ -165,8 +324,12 @@ class IPBlockForm { } else { # Username block if ( $wgSysopUserBans ) { - $userId = User::idFromName( $this->BlockAddress ); - if ( $userId == 0 ) { + $user = User::newFromName( $this->BlockAddress ); + if( !is_null( $user ) && $user->getID() ) { + # Use canonical name + $this->BlockAddress = $user->getName(); + $userId = $user->getID(); + } else { $this->showForm( wfMsg( 'nosuchusershort', htmlspecialchars( $this->BlockAddress ) ) ); return; } @@ -177,6 +340,14 @@ class IPBlockForm { } } + $reasonstr = $this->BlockReasonList; + if ( $reasonstr != 'other' && $this->BlockReason != '') { + // Entry from drop down menu + additional comment + $reasonstr .= ': ' . $this->BlockReason; + } elseif ( $reasonstr == 'other' ) { + $reasonstr = $this->BlockReason; + } + $expirestr = $this->BlockExpiry; if( $expirestr == 'other' ) $expirestr = $this->BlockOther; @@ -187,7 +358,7 @@ class IPBlockForm { } if ( $expirestr == 'infinite' || $expirestr == 'indefinite' ) { - $expiry = ''; + $expiry = Block::infinity(); } else { # Convert GNU-style date, on error returns -1 for PHP <5.1 and false for PHP >=5.1 $expiry = strtotime( $expirestr ); @@ -198,41 +369,127 @@ class IPBlockForm { } $expiry = wfTimestamp( TS_MW, $expiry ); - } # Create block # Note: for a user block, ipb_address is only for display purposes + $block = new Block( $this->BlockAddress, $userId, $wgUser->getID(), + $reasonstr, wfTimestampNow(), 0, $expiry, $this->BlockAnonOnly, + $this->BlockCreateAccount, $this->BlockEnableAutoblock, $this->BlockHideName, + $this->BlockEmail); - $ban = new Block( $this->BlockAddress, $userId, $wgUser->getID(), - $this->BlockReason, wfTimestampNow(), 0, $expiry ); + if (wfRunHooks('BlockIp', array(&$block, &$wgUser))) { - if (wfRunHooks('BlockIp', array(&$ban, &$wgUser))) { + if ( !$block->insert() ) { + $this->showForm( wfMsg( 'ipb_already_blocked', + htmlspecialchars( $this->BlockAddress ) ) ); + return; + } - $ban->insert(); + wfRunHooks('BlockIpComplete', array($block, $wgUser)); - wfRunHooks('BlockIpComplete', array($ban, $wgUser)); + # Prepare log parameters + $logParams = array(); + $logParams[] = $expirestr; + $logParams[] = $this->blockLogFlags(); - # Make log entry - $log = new LogPage( 'block' ); + # Make log entry, if the name is hidden, put it in the oversight log + $log_type = ($this->BlockHideName) ? 'oversight' : 'block'; + $log = new LogPage( $log_type ); $log->addEntry( 'block', Title::makeTitle( NS_USER, $this->BlockAddress ), - $this->BlockReason, $expirestr ); + $reasonstr, $logParams ); # Report to the user - $titleObj = Title::makeTitle( NS_SPECIAL, 'Blockip' ); + $titleObj = SpecialPage::getTitleFor( 'Blockip' ); $wgOut->redirect( $titleObj->getFullURL( 'action=success&ip=' . urlencode( $this->BlockAddress ) ) ); } } function showSuccess() { - global $wgOut, $wgUser; + global $wgOut; $wgOut->setPagetitle( wfMsg( 'blockip' ) ); $wgOut->setSubtitle( wfMsg( 'blockipsuccesssub' ) ); $text = wfMsg( 'blockipsuccesstext', $this->BlockAddress ); $wgOut->addWikiText( $text ); } + + function showLogFragment( $out, $title ) { + $out->addHtml( wfElement( 'h2', NULL, LogPage::logName( 'block' ) ) ); + $request = new FauxRequest( array( 'page' => $title->getPrefixedText(), 'type' => 'block' ) ); + $viewer = new LogViewer( new LogReader( $request ) ); + $viewer->showList( $out ); + } + + /** + * Return a comma-delimited list of "flags" to be passed to the log + * reader for this block, to provide more information in the logs + * + * @return array + */ + private function blockLogFlags() { + $flags = array(); + if( $this->BlockAnonOnly && IP::isIPAddress( $this->BlockAddress ) ) + // when blocking a user the option 'anononly' is not available/has no effect -> do not write this into log + $flags[] = 'anononly'; + if( $this->BlockCreateAccount ) + $flags[] = 'nocreate'; + if( !$this->BlockEnableAutoblock ) + $flags[] = 'noautoblock'; + if ( $this->BlockEmail ) + $flags[] = 'noemail'; + return implode( ',', $flags ); + } + + /** + * Builds unblock and block list links + * + * @return string + */ + private function getConvenienceLinks() { + global $wgUser; + $skin = $wgUser->getSkin(); + $links[] = $skin->makeLink ( 'MediaWiki:ipbreason-dropdown', wfMsgHtml( 'ipb-edit-dropdown' ) ); + $links[] = $this->getUnblockLink( $skin ); + $links[] = $this->getBlockListLink( $skin ); + return '

' . implode( ' | ', $links ) . '

'; + } + + /** + * Build a convenient link to unblock the given username or IP + * address, if available; otherwise link to a blank unblock + * form + * + * @param $skin Skin to use + * @return string + */ + private function getUnblockLink( $skin ) { + $list = SpecialPage::getTitleFor( 'Ipblocklist' ); + if( $this->BlockAddress ) { + $addr = htmlspecialchars( strtr( $this->BlockAddress, '_', ' ' ) ); + return $skin->makeKnownLinkObj( $list, wfMsgHtml( 'ipb-unblock-addr', $addr ), + 'action=unblock&ip=' . urlencode( $this->BlockAddress ) ); + } else { + return $skin->makeKnownLinkObj( $list, wfMsgHtml( 'ipb-unblock' ), 'action=unblock' ); + } + } + + /** + * Build a convenience link to the block list + * + * @param $skin Skin to use + * @return string + */ + private function getBlockListLink( $skin ) { + $list = SpecialPage::getTitleFor( 'Ipblocklist' ); + if( $this->BlockAddress ) { + $addr = htmlspecialchars( strtr( $this->BlockAddress, '_', ' ' ) ); + return $skin->makeKnownLinkObj( $list, wfMsgHtml( 'ipb-blocklist-addr', $addr ), + 'ip=' . urlencode( $this->BlockAddress ) ); + } else { + return $skin->makeKnownLinkObj( $list, wfMsgHtml( 'ipb-blocklist' ) ); + } + } } -?>