X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fuser%2FUser.php;h=601f9a5340ad1e1a18a3b36ea4252e4d9251c9a8;hb=432e10528feab333002f7c7c37f9582a197d8b66;hp=a272b37d5f8ab28918799014ff10a4f1c0dd443c;hpb=6fa889309d6dde3bcfd1c5f939e317abf0f3e790;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/user/User.php b/includes/user/User.php index a272b37d5f..601f9a5340 100644 --- a/includes/user/User.php +++ b/includes/user/User.php @@ -21,13 +21,14 @@ */ use MediaWiki\Session\SessionManager; +use MediaWiki\Session\Token; /** * String Some punctuation to prevent editing from broken text-mangling proxies. - * @deprecated since 1.27, use \\MediaWiki\\Session\\Token::SUFFIX + * @deprecated since 1.27, use \MediaWiki\Session\Token::SUFFIX * @ingroup Constants */ -define( 'EDIT_TOKEN_SUFFIX', MediaWiki\Session\Token::SUFFIX ); +define( 'EDIT_TOKEN_SUFFIX', Token::SUFFIX ); /** * The User object encapsulates all of the user-specific settings (user_id, @@ -53,7 +54,7 @@ class User implements IDBAccessObject { /** * Global constant made accessible as class constants so that autoloader * magic can be used. - * @deprecated since 1.27, use \\MediaWiki\\Session\\Token::SUFFIX + * @deprecated since 1.27, use \MediaWiki\Session\Token::SUFFIX */ const EDIT_TOKEN_SUFFIX = EDIT_TOKEN_SUFFIX; @@ -274,8 +275,8 @@ class User implements IDBAccessObject { protected $mImplicitGroups; /** @var array */ protected $mFormerGroups; - /** @var bool */ - protected $mBlockedGlobally; + /** @var Block */ + protected $mGlobalBlock; /** @var bool */ protected $mLocked; /** @var bool */ @@ -1069,9 +1070,9 @@ class User implements IDBAccessObject { // Clean up name according to title rules, // but only when validation is requested (bug 12654) $t = ( $validate !== false ) ? - Title::newFromText( $name ) : Title::makeTitle( NS_USER, $name ); + Title::newFromText( $name, NS_USER ) : Title::makeTitle( NS_USER, $name ); // Check for invalid titles - if ( is_null( $t ) ) { + if ( is_null( $t ) || $t->getNamespace() !== NS_USER || $t->isExternal() ) { return false; } @@ -1991,8 +1992,22 @@ class User implements IDBAccessObject { * @return bool True if blocked, false otherwise */ public function isBlockedGlobally( $ip = '' ) { - if ( $this->mBlockedGlobally !== null ) { - return $this->mBlockedGlobally; + return $this->getGlobalBlock( $ip ) instanceof Block; + } + + /** + * Check if user is blocked on all wikis. + * Do not use for actual edit permission checks! + * This is intended for quick UI checks. + * + * @param string $ip IP address, uses current client if none given + * @return Block|null Block object if blocked, null otherwise + * @throws FatalError + * @throws MWException + */ + public function getGlobalBlock( $ip = '' ) { + if ( $this->mGlobalBlock !== null ) { + return $this->mGlobalBlock ?: null; } // User is already an IP? if ( IP::isIPAddress( $this->getName() ) ) { @@ -2001,9 +2016,17 @@ class User implements IDBAccessObject { $ip = $this->getRequest()->getIP(); } $blocked = false; - Hooks::run( 'UserIsBlockedGlobally', [ &$this, $ip, &$blocked ] ); - $this->mBlockedGlobally = (bool)$blocked; - return $this->mBlockedGlobally; + $block = null; + Hooks::run( 'UserIsBlockedGlobally', [ &$this, $ip, &$blocked, &$block ] ); + + if ( $blocked && $block === null ) { + // back-compat: UserIsBlockedGlobally didn't have $block param first + $block = new Block; + $block->setTarget( $ip ); + } + + $this->mGlobalBlock = $blocked ? $block : false; + return $this->mGlobalBlock ?: null; } /** @@ -2693,14 +2716,36 @@ class User implements IDBAccessObject { return Status::newGood( true ); } + $type = $oldaddr != '' ? 'changed' : 'set'; + $notificationResult = null; + + if ( $wgEmailAuthentication ) { + // Send the user an email notifying the user of the change in registered + // email address on their previous email address + if ( $type == 'changed' ) { + $change = $str != '' ? 'changed' : 'removed'; + $notificationResult = $this->sendMail( + wfMessage( 'notificationemail_subject_' . $change )->text(), + wfMessage( 'notificationemail_body_' . $change, + $this->getRequest()->getIP(), + $this->getName(), + $str )->text() + ); + } + } + $this->setEmail( $str ); if ( $str !== '' && $wgEmailAuthentication ) { // Send a confirmation request to the new address if needed - $type = $oldaddr != '' ? 'changed' : 'set'; $result = $this->sendConfirmationMail( $type ); + + if ( $notificationResult !== null ) { + $result->merge( $notificationResult ); + } + if ( $result->isGood() ) { - // Say to the caller that a confirmation mail has been sent + // Say to the caller that a confirmation and notification mail has been sent $result->value = 'eauth'; } } else { @@ -4199,7 +4244,7 @@ class User implements IDBAccessObject { * @since 1.27 * @param string|array $salt Array of Strings Optional function-specific data for hashing * @param WebRequest|null $request WebRequest object to use or null to use $wgRequest - * @return MediaWiki\\Session\\Token The new edit token + * @return MediaWiki\Session\Token The new edit token */ public function getEditTokenObject( $salt = '', $request = null ) { if ( $this->isAnon() ) { @@ -4229,7 +4274,7 @@ class User implements IDBAccessObject { /** * Get the embedded timestamp from a token. - * @deprecated since 1.27, use \\MediaWiki\\Session\\Token::getTimestamp instead. + * @deprecated since 1.27, use \MediaWiki\Session\Token::getTimestamp instead. * @param string $val Input token * @return int|null */ @@ -4265,7 +4310,7 @@ class User implements IDBAccessObject { * @return bool Whether the token matches */ public function matchEditTokenNoSuffix( $val, $salt = '', $request = null, $maxage = null ) { - $val = substr( $val, 0, strspn( $val, '0123456789abcdef' ) ) . self::EDIT_TOKEN_SUFFIX; + $val = substr( $val, 0, strspn( $val, '0123456789abcdef' ) ) . Token::SUFFIX; return $this->matchEditToken( $val, $salt, $request, $maxage ); }