X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FUser.php;h=4289b2ad2db538d1afa038d3b5ff22e688346841;hb=f7e4fc02c10b5c6a5ab60666b0431d6c09ed77c6;hp=463d16346fe17d6af806f25d4d342dae8415c535;hpb=7bb2cada63477039b67ee2038ba2f272d0bec4f9;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/User.php b/includes/User.php index 463d16346f..4289b2ad2d 100644 --- a/includes/User.php +++ b/includes/User.php @@ -141,15 +141,20 @@ class User { 'createtalk', 'delete', 'deletedhistory', + 'deleterevision', 'edit', 'editinterface', 'editusercssjs', + 'hideuser', 'import', 'importupload', 'ipblock-exempt', 'markbotedits', 'minoredit', 'move', + 'movefile', + 'move-rootuserpages', + 'move-subpages', 'nominornewtalk', 'noratelimit', 'patrol', @@ -157,17 +162,22 @@ class User { 'proxyunbannable', 'purge', 'read', + 'reset-passwords', 'reupload', 'reupload-shared', 'rollback', 'siteadmin', + 'suppressionlog', 'suppressredirect', + 'suppressrevision', 'trackback', 'undelete', 'unwatchedpages', 'upload', 'upload_by_url', 'userrights', + 'userrights-interwiki', + 'writeapi', ); /** * \string Cached results of getAllRights() @@ -883,6 +893,8 @@ class User { $dbr = wfGetDB( DB_MASTER ); $s = $dbr->selectRow( 'user', '*', array( 'user_id' => $this->mId ), __METHOD__ ); + wfRunHooks( 'UserLoadFromDatabase', array( $this, &$s ) ); + if ( $s !== false ) { # Initialise user table data $this->loadFromRow( $s ); @@ -906,7 +918,7 @@ class User { $this->mDataLoaded = true; if ( isset( $row->user_id ) ) { - $this->mId = $row->user_id; + $this->mId = intval( $row->user_id ); } $this->mName = $row->user_name; $this->mRealName = $row->user_real_name; @@ -1010,9 +1022,14 @@ class User { * @return \type{\arrayof{\string}} Array of user toggle names */ static function getToggles() { - global $wgContLang; + global $wgContLang, $wgUseRCPatrol; $extraToggles = array(); wfRunHooks( 'UserToggles', array( &$extraToggles ) ); + if( $wgUseRCPatrol ) { + $extraToggles[] = 'hidepatrolled'; + $extraToggles[] = 'newpageshidepatrolled'; + $extraToggles[] = 'watchlisthidepatrolled'; + } return array_merge( self::$mToggles, $extraToggles, $wgContLang->getExtraUserToggles() ); } @@ -1146,10 +1163,17 @@ class User { */ public function isPingLimitable() { global $wgRateLimitsExcludedGroups; + global $wgRateLimitsExcludedIPs; if( array_intersect( $this->getEffectiveGroups(), $wgRateLimitsExcludedGroups ) ) { // Deprecated, but kept for backwards-compatibility config return false; } + if( in_array( wfGetIP(), $wgRateLimitsExcludedIPs ) ) { + // No other good way currently to disable rate limits + // for specific IPs. :P + // But this is a crappy hack and should die. + return false; + } return !$this->isAllowed('noratelimit'); } @@ -1305,6 +1329,15 @@ class User { return $this->mBlockreason; } + /** + * If user is blocked, return the ID for the block + * @return \int Block ID + */ + function getBlockId() { + $this->getBlockedStatus(); + return ($this->mBlock ? $this->mBlock->mId : false); + } + /** * Check if user is blocked on all wikis. * Do not use for actual edit permission checks! @@ -1906,6 +1939,13 @@ class User { } $this->mOptions[$oname] = $val; } + + /** + * Reset all options to the site defaults + */ + function restoreOptions() { + $this->mOptions = User::getDefaultOptions(); + } /** * Get the user's preferred date format. @@ -1980,7 +2020,7 @@ class User { * @return \int User'e edit count */ function getEditCount() { - if ($this->mId) { + if ($this->getId()) { if ( !isset( $this->mEditCount ) ) { /* Populate the count, if it has not been populated yet */ $this->mEditCount = User::edits($this->mId); @@ -2070,11 +2110,15 @@ class User { * @param $action \string action to be checked * @return \bool True if action is allowed, else false */ - function isAllowed($action='') { + function isAllowed( $action = '' ) { if ( $action === '' ) - // In the spirit of DWIM - return true; - + return true; // In the spirit of DWIM + # Patrolling may not be enabled + if( $action === 'patrol' || $action === 'autopatrol' ) { + global $wgUseRCPatrol, $wgUseNPPatrol; + if( !$wgUseRCPatrol && !$wgUseNPPatrol ) + return false; + } # Use strict parameter to avoid matching numeric 0 accidentally inserted # by misconfiguration: 0 == 'foo' return in_array( $action, $this->getRights(), true ); @@ -2278,8 +2322,8 @@ class User { * Set a cookie on the user's client. Wrapper for * WebResponse::setCookie * @param $name \string Name of the cookie to set - * @param $name \string Value to set - * @param $name \int Expiration time, as a UNIX time value; + * @param $value \string Value to set + * @param $exp \int Expiration time, as a UNIX time value; * if 0 or not specified, use the default $wgCookieExpiration */ protected function setCookie( $name, $value, $exp=0 ) { @@ -2318,7 +2362,7 @@ class User { wfRunHooks( 'UserSetCookies', array( $this, &$session, &$cookies ) ); #check for null, since the hook could cause a null value - if ( !is_null( $session ) && !is_null( $_SESSION ) ){ + if ( !is_null( $session ) && isset( $_SESSION ) ){ $_SESSION = $session + $_SESSION; } foreach ( $cookies as $name => $value ) { @@ -2702,7 +2746,14 @@ class User { * @return \bool True if matches, false otherwise */ function checkTemporaryPassword( $plaintext ) { - return self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ); + global $wgNewPasswordExpiry; + if( self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ) ) { + $this->load(); + $expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry; + return ( time() < $expiry ); + } else { + return false; + } } /** @@ -2986,10 +3037,28 @@ class User { * non-existent/anonymous user accounts. */ public function getRegistration() { - return $this->mId > 0 + return $this->getId() > 0 ? $this->mRegistration : false; } + + /** + * Get the timestamp of the first edit + * + * @return \types{\string,\bool} string Timestamp of first edit, or false for + * non-existent/anonymous user accounts. + */ + public function getFirstEditTimestamp() { + if( $this->getId() == 0 ) return false; // anons + $dbr = wfGetDB( DB_SLAVE ); + $time = $dbr->selectField( 'revision', 'rev_timestamp', + array( 'rev_user' => $this->getId() ), + __METHOD__, + array( 'ORDER BY' => 'rev_timestamp ASC' ) + ); + if( !$time ) return false; // no edits + return wfTimestamp( TS_MW, $time ); + } /** * Get the permissions associated with a given list of groups @@ -3249,13 +3318,18 @@ class User { static function crypt( $password, $salt = false ) { global $wgPasswordSalt; - if($wgPasswordSalt) { + $hash = ''; + if( !wfRunHooks( 'UserCryptPassword', array( &$password, &$salt, &$wgPasswordSalt, &$hash ) ) ) { + return $hash; + } + + if( $wgPasswordSalt ) { if ( $salt === false ) { $salt = substr( wfGenerateToken(), 0, 8 ); } return ':B:' . $salt . ':' . md5( $salt . '-' . md5( $password ) ); } else { - return ':A:' . md5( $password); + return ':A:' . md5( $password ); } } @@ -3271,6 +3345,12 @@ class User { static function comparePasswords( $hash, $password, $userId = false ) { $m = false; $type = substr( $hash, 0, 3 ); + + $result = false; + if( !wfRunHooks( 'UserComparePasswords', array( &$hash, &$password, &$userId, &$result ) ) ) { + return $result; + } + if ( $type == ':A:' ) { # Unsalted return md5( $password ) === substr( $hash, 3 ); @@ -3286,7 +3366,7 @@ class User { /** * Add a newuser log entry for this user - * @param bool $byEmail, account made by email? + * @param $byEmail Boolean: account made by email? */ public function addNewUserLogEntry( $byEmail = false ) { global $wgUser, $wgContLang, $wgNewUserLog;