Update User::getOption() PHPDoc
[lhc/web/wiklou.git] / includes / user / User.php
1 <?php
2 /**
3 * Implements the User class for the %MediaWiki software.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 use MediaWiki\MediaWikiServices;
24 use MediaWiki\Session\SessionManager;
25 use MediaWiki\Session\Token;
26 use MediaWiki\Auth\AuthManager;
27 use MediaWiki\Auth\AuthenticationResponse;
28 use MediaWiki\Auth\AuthenticationRequest;
29 use MediaWiki\User\UserIdentity;
30 use Wikimedia\IPSet;
31 use Wikimedia\ScopedCallback;
32 use Wikimedia\Rdbms\Database;
33 use Wikimedia\Rdbms\DBExpectedError;
34 use Wikimedia\Rdbms\IDatabase;
35
36 /**
37 * String Some punctuation to prevent editing from broken text-mangling proxies.
38 * @deprecated since 1.27, use \MediaWiki\Session\Token::SUFFIX
39 * @ingroup Constants
40 */
41 define( 'EDIT_TOKEN_SUFFIX', Token::SUFFIX );
42
43 /**
44 * The User object encapsulates all of the user-specific settings (user_id,
45 * name, rights, email address, options, last login time). Client
46 * classes use the getXXX() functions to access these fields. These functions
47 * do all the work of determining whether the user is logged in,
48 * whether the requested option can be satisfied from cookies or
49 * whether a database query is needed. Most of the settings needed
50 * for rendering normal pages are set in the cookie to minimize use
51 * of the database.
52 */
53 class User implements IDBAccessObject, UserIdentity {
54 /**
55 * @const int Number of characters in user_token field.
56 */
57 const TOKEN_LENGTH = 32;
58
59 /**
60 * @const string An invalid value for user_token
61 */
62 const INVALID_TOKEN = '*** INVALID ***';
63
64 /**
65 * Global constant made accessible as class constants so that autoloader
66 * magic can be used.
67 * @deprecated since 1.27, use \MediaWiki\Session\Token::SUFFIX
68 */
69 const EDIT_TOKEN_SUFFIX = EDIT_TOKEN_SUFFIX;
70
71 /**
72 * @const int Serialized record version.
73 */
74 const VERSION = 12;
75
76 /**
77 * Exclude user options that are set to their default value.
78 * @since 1.25
79 */
80 const GETOPTIONS_EXCLUDE_DEFAULTS = 1;
81
82 /**
83 * @since 1.27
84 */
85 const CHECK_USER_RIGHTS = true;
86
87 /**
88 * @since 1.27
89 */
90 const IGNORE_USER_RIGHTS = false;
91
92 /**
93 * Array of Strings List of member variables which are saved to the
94 * shared cache (memcached). Any operation which changes the
95 * corresponding database fields must call a cache-clearing function.
96 * @showinitializer
97 */
98 protected static $mCacheVars = [
99 // user table
100 'mId',
101 'mName',
102 'mRealName',
103 'mEmail',
104 'mTouched',
105 'mToken',
106 'mEmailAuthenticated',
107 'mEmailToken',
108 'mEmailTokenExpires',
109 'mRegistration',
110 'mEditCount',
111 // user_groups table
112 'mGroupMemberships',
113 // user_properties table
114 'mOptionOverrides',
115 // actor table
116 'mActorId',
117 ];
118
119 /**
120 * Array of Strings Core rights.
121 * Each of these should have a corresponding message of the form
122 * "right-$right".
123 * @showinitializer
124 */
125 protected static $mCoreRights = [
126 'apihighlimits',
127 'applychangetags',
128 'autoconfirmed',
129 'autocreateaccount',
130 'autopatrol',
131 'bigdelete',
132 'block',
133 'blockemail',
134 'bot',
135 'browsearchive',
136 'changetags',
137 'createaccount',
138 'createpage',
139 'createtalk',
140 'delete',
141 'deletechangetags',
142 'deletedhistory',
143 'deletedtext',
144 'deletelogentry',
145 'deleterevision',
146 'edit',
147 'editcontentmodel',
148 'editinterface',
149 'editprotected',
150 'editmyoptions',
151 'editmyprivateinfo',
152 'editmyusercss',
153 'editmyuserjson',
154 'editmyuserjs',
155 'editmywatchlist',
156 'editsemiprotected',
157 'editusercss',
158 'edituserjson',
159 'edituserjs',
160 'hideuser',
161 'import',
162 'importupload',
163 'ipblock-exempt',
164 'managechangetags',
165 'markbotedits',
166 'mergehistory',
167 'minoredit',
168 'move',
169 'movefile',
170 'move-categorypages',
171 'move-rootuserpages',
172 'move-subpages',
173 'nominornewtalk',
174 'noratelimit',
175 'override-export-depth',
176 'pagelang',
177 'patrol',
178 'patrolmarks',
179 'protect',
180 'purge',
181 'read',
182 'reupload',
183 'reupload-own',
184 'reupload-shared',
185 'rollback',
186 'sendemail',
187 'siteadmin',
188 'suppressionlog',
189 'suppressredirect',
190 'suppressrevision',
191 'unblockself',
192 'undelete',
193 'unwatchedpages',
194 'upload',
195 'upload_by_url',
196 'userrights',
197 'userrights-interwiki',
198 'viewmyprivateinfo',
199 'viewmywatchlist',
200 'viewsuppressed',
201 'writeapi',
202 ];
203
204 /**
205 * String Cached results of getAllRights()
206 */
207 protected static $mAllRights = false;
208
209 /** Cache variables */
210 // @{
211 /** @var int */
212 public $mId;
213 /** @var string */
214 public $mName;
215 /** @var int|null */
216 protected $mActorId;
217 /** @var string */
218 public $mRealName;
219
220 /** @var string */
221 public $mEmail;
222 /** @var string TS_MW timestamp from the DB */
223 public $mTouched;
224 /** @var string TS_MW timestamp from cache */
225 protected $mQuickTouched;
226 /** @var string */
227 protected $mToken;
228 /** @var string */
229 public $mEmailAuthenticated;
230 /** @var string */
231 protected $mEmailToken;
232 /** @var string */
233 protected $mEmailTokenExpires;
234 /** @var string */
235 protected $mRegistration;
236 /** @var int */
237 protected $mEditCount;
238 /** @var UserGroupMembership[] Associative array of (group name => UserGroupMembership object) */
239 protected $mGroupMemberships;
240 /** @var array */
241 protected $mOptionOverrides;
242 // @}
243
244 /**
245 * Bool Whether the cache variables have been loaded.
246 */
247 // @{
248 public $mOptionsLoaded;
249
250 /**
251 * Array with already loaded items or true if all items have been loaded.
252 */
253 protected $mLoadedItems = [];
254 // @}
255
256 /**
257 * String Initialization data source if mLoadedItems!==true. May be one of:
258 * - 'defaults' anonymous user initialised from class defaults
259 * - 'name' initialise from mName
260 * - 'id' initialise from mId
261 * - 'actor' initialise from mActorId
262 * - 'session' log in from session if possible
263 *
264 * Use the User::newFrom*() family of functions to set this.
265 */
266 public $mFrom;
267
268 /**
269 * Lazy-initialized variables, invalidated with clearInstanceCache
270 */
271 protected $mNewtalk;
272 /** @var string */
273 protected $mDatePreference;
274 /** @var string */
275 public $mBlockedby;
276 /** @var string */
277 protected $mHash;
278 /** @var array */
279 public $mRights;
280 /** @var string */
281 protected $mBlockreason;
282 /** @var array */
283 protected $mEffectiveGroups;
284 /** @var array */
285 protected $mImplicitGroups;
286 /** @var array */
287 protected $mFormerGroups;
288 /** @var Block */
289 protected $mGlobalBlock;
290 /** @var bool */
291 protected $mLocked;
292 /** @var bool */
293 public $mHideName;
294 /** @var array */
295 public $mOptions;
296
297 /** @var WebRequest */
298 private $mRequest;
299
300 /** @var Block */
301 public $mBlock;
302
303 /** @var bool */
304 protected $mAllowUsertalk;
305
306 /** @var Block */
307 private $mBlockedFromCreateAccount = false;
308
309 /** @var int User::READ_* constant bitfield used to load data */
310 protected $queryFlagsUsed = self::READ_NORMAL;
311
312 public static $idCacheByName = [];
313
314 /**
315 * Lightweight constructor for an anonymous user.
316 * Use the User::newFrom* factory functions for other kinds of users.
317 *
318 * @see newFromName()
319 * @see newFromId()
320 * @see newFromActorId()
321 * @see newFromConfirmationCode()
322 * @see newFromSession()
323 * @see newFromRow()
324 */
325 public function __construct() {
326 $this->clearInstanceCache( 'defaults' );
327 }
328
329 /**
330 * @return string
331 */
332 public function __toString() {
333 return (string)$this->getName();
334 }
335
336 /**
337 * Test if it's safe to load this User object.
338 *
339 * You should typically check this before using $wgUser or
340 * RequestContext::getUser in a method that might be called before the
341 * system has been fully initialized. If the object is unsafe, you should
342 * use an anonymous user:
343 * \code
344 * $user = $wgUser->isSafeToLoad() ? $wgUser : new User;
345 * \endcode
346 *
347 * @since 1.27
348 * @return bool
349 */
350 public function isSafeToLoad() {
351 global $wgFullyInitialised;
352
353 // The user is safe to load if:
354 // * MW_NO_SESSION is undefined AND $wgFullyInitialised is true (safe to use session data)
355 // * mLoadedItems === true (already loaded)
356 // * mFrom !== 'session' (sessions not involved at all)
357
358 return ( !defined( 'MW_NO_SESSION' ) && $wgFullyInitialised ) ||
359 $this->mLoadedItems === true || $this->mFrom !== 'session';
360 }
361
362 /**
363 * Load the user table data for this object from the source given by mFrom.
364 *
365 * @param int $flags User::READ_* constant bitfield
366 */
367 public function load( $flags = self::READ_NORMAL ) {
368 global $wgFullyInitialised;
369
370 if ( $this->mLoadedItems === true ) {
371 return;
372 }
373
374 // Set it now to avoid infinite recursion in accessors
375 $oldLoadedItems = $this->mLoadedItems;
376 $this->mLoadedItems = true;
377 $this->queryFlagsUsed = $flags;
378
379 // If this is called too early, things are likely to break.
380 if ( !$wgFullyInitialised && $this->mFrom === 'session' ) {
381 \MediaWiki\Logger\LoggerFactory::getInstance( 'session' )
382 ->warning( 'User::loadFromSession called before the end of Setup.php', [
383 'exception' => new Exception( 'User::loadFromSession called before the end of Setup.php' ),
384 ] );
385 $this->loadDefaults();
386 $this->mLoadedItems = $oldLoadedItems;
387 return;
388 }
389
390 switch ( $this->mFrom ) {
391 case 'defaults':
392 $this->loadDefaults();
393 break;
394 case 'name':
395 // Make sure this thread sees its own changes
396 $lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
397 if ( $lb->hasOrMadeRecentMasterChanges() ) {
398 $flags |= self::READ_LATEST;
399 $this->queryFlagsUsed = $flags;
400 }
401
402 $this->mId = self::idFromName( $this->mName, $flags );
403 if ( !$this->mId ) {
404 // Nonexistent user placeholder object
405 $this->loadDefaults( $this->mName );
406 } else {
407 $this->loadFromId( $flags );
408 }
409 break;
410 case 'id':
411 // Make sure this thread sees its own changes, if the ID isn't 0
412 if ( $this->mId != 0 ) {
413 $lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
414 if ( $lb->hasOrMadeRecentMasterChanges() ) {
415 $flags |= self::READ_LATEST;
416 $this->queryFlagsUsed = $flags;
417 }
418 }
419
420 $this->loadFromId( $flags );
421 break;
422 case 'actor':
423 // Make sure this thread sees its own changes
424 if ( wfGetLB()->hasOrMadeRecentMasterChanges() ) {
425 $flags |= self::READ_LATEST;
426 $this->queryFlagsUsed = $flags;
427 }
428
429 list( $index, $options ) = DBAccessObjectUtils::getDBOptions( $flags );
430 $row = wfGetDB( $index )->selectRow(
431 'actor',
432 [ 'actor_user', 'actor_name' ],
433 [ 'actor_id' => $this->mActorId ],
434 __METHOD__,
435 $options
436 );
437
438 if ( !$row ) {
439 // Ugh.
440 $this->loadDefaults();
441 } elseif ( $row->actor_user ) {
442 $this->mId = $row->actor_user;
443 $this->loadFromId( $flags );
444 } else {
445 $this->loadDefaults( $row->actor_name );
446 }
447 break;
448 case 'session':
449 if ( !$this->loadFromSession() ) {
450 // Loading from session failed. Load defaults.
451 $this->loadDefaults();
452 }
453 Hooks::run( 'UserLoadAfterLoadFromSession', [ $this ] );
454 break;
455 default:
456 throw new UnexpectedValueException(
457 "Unrecognised value for User->mFrom: \"{$this->mFrom}\"" );
458 }
459 }
460
461 /**
462 * Load user table data, given mId has already been set.
463 * @param int $flags User::READ_* constant bitfield
464 * @return bool False if the ID does not exist, true otherwise
465 */
466 public function loadFromId( $flags = self::READ_NORMAL ) {
467 if ( $this->mId == 0 ) {
468 // Anonymous users are not in the database (don't need cache)
469 $this->loadDefaults();
470 return false;
471 }
472
473 // Try cache (unless this needs data from the master DB).
474 // NOTE: if this thread called saveSettings(), the cache was cleared.
475 $latest = DBAccessObjectUtils::hasFlags( $flags, self::READ_LATEST );
476 if ( $latest ) {
477 if ( !$this->loadFromDatabase( $flags ) ) {
478 // Can't load from ID
479 return false;
480 }
481 } else {
482 $this->loadFromCache();
483 }
484
485 $this->mLoadedItems = true;
486 $this->queryFlagsUsed = $flags;
487
488 return true;
489 }
490
491 /**
492 * @since 1.27
493 * @param string $wikiId
494 * @param int $userId
495 */
496 public static function purge( $wikiId, $userId ) {
497 $cache = ObjectCache::getMainWANInstance();
498 $key = $cache->makeGlobalKey( 'user', 'id', $wikiId, $userId );
499 $cache->delete( $key );
500 }
501
502 /**
503 * @since 1.27
504 * @param WANObjectCache $cache
505 * @return string
506 */
507 protected function getCacheKey( WANObjectCache $cache ) {
508 return $cache->makeGlobalKey( 'user', 'id', wfWikiID(), $this->mId );
509 }
510
511 /**
512 * @param WANObjectCache $cache
513 * @return string[]
514 * @since 1.28
515 */
516 public function getMutableCacheKeys( WANObjectCache $cache ) {
517 $id = $this->getId();
518
519 return $id ? [ $this->getCacheKey( $cache ) ] : [];
520 }
521
522 /**
523 * Load user data from shared cache, given mId has already been set.
524 *
525 * @return bool True
526 * @since 1.25
527 */
528 protected function loadFromCache() {
529 $cache = ObjectCache::getMainWANInstance();
530 $data = $cache->getWithSetCallback(
531 $this->getCacheKey( $cache ),
532 $cache::TTL_HOUR,
533 function ( $oldValue, &$ttl, array &$setOpts ) use ( $cache ) {
534 $setOpts += Database::getCacheSetOptions( wfGetDB( DB_REPLICA ) );
535 wfDebug( "User: cache miss for user {$this->mId}\n" );
536
537 $this->loadFromDatabase( self::READ_NORMAL );
538 $this->loadGroups();
539 $this->loadOptions();
540
541 $data = [];
542 foreach ( self::$mCacheVars as $name ) {
543 $data[$name] = $this->$name;
544 }
545
546 $ttl = $cache->adaptiveTTL( wfTimestamp( TS_UNIX, $this->mTouched ), $ttl );
547
548 // if a user group membership is about to expire, the cache needs to
549 // expire at that time (T163691)
550 foreach ( $this->mGroupMemberships as $ugm ) {
551 if ( $ugm->getExpiry() ) {
552 $secondsUntilExpiry = wfTimestamp( TS_UNIX, $ugm->getExpiry() ) - time();
553 if ( $secondsUntilExpiry > 0 && $secondsUntilExpiry < $ttl ) {
554 $ttl = $secondsUntilExpiry;
555 }
556 }
557 }
558
559 return $data;
560 },
561 [ 'pcTTL' => $cache::TTL_PROC_LONG, 'version' => self::VERSION ]
562 );
563
564 // Restore from cache
565 foreach ( self::$mCacheVars as $name ) {
566 $this->$name = $data[$name];
567 }
568
569 return true;
570 }
571
572 /** @name newFrom*() static factory methods */
573 // @{
574
575 /**
576 * Static factory method for creation from username.
577 *
578 * This is slightly less efficient than newFromId(), so use newFromId() if
579 * you have both an ID and a name handy.
580 *
581 * @param string $name Username, validated by Title::newFromText()
582 * @param string|bool $validate Validate username. Takes the same parameters as
583 * User::getCanonicalName(), except that true is accepted as an alias
584 * for 'valid', for BC.
585 *
586 * @return User|bool User object, or false if the username is invalid
587 * (e.g. if it contains illegal characters or is an IP address). If the
588 * username is not present in the database, the result will be a user object
589 * with a name, zero user ID and default settings.
590 */
591 public static function newFromName( $name, $validate = 'valid' ) {
592 if ( $validate === true ) {
593 $validate = 'valid';
594 }
595 $name = self::getCanonicalName( $name, $validate );
596 if ( $name === false ) {
597 return false;
598 } else {
599 // Create unloaded user object
600 $u = new User;
601 $u->mName = $name;
602 $u->mFrom = 'name';
603 $u->setItemLoaded( 'name' );
604 return $u;
605 }
606 }
607
608 /**
609 * Static factory method for creation from a given user ID.
610 *
611 * @param int $id Valid user ID
612 * @return User The corresponding User object
613 */
614 public static function newFromId( $id ) {
615 $u = new User;
616 $u->mId = $id;
617 $u->mFrom = 'id';
618 $u->setItemLoaded( 'id' );
619 return $u;
620 }
621
622 /**
623 * Static factory method for creation from a given actor ID.
624 *
625 * @since 1.31
626 * @param int $id Valid actor ID
627 * @return User The corresponding User object
628 */
629 public static function newFromActorId( $id ) {
630 global $wgActorTableSchemaMigrationStage;
631
632 if ( $wgActorTableSchemaMigrationStage <= MIGRATION_OLD ) {
633 throw new BadMethodCallException(
634 'Cannot use ' . __METHOD__ . ' when $wgActorTableSchemaMigrationStage is MIGRATION_OLD'
635 );
636 }
637
638 $u = new User;
639 $u->mActorId = $id;
640 $u->mFrom = 'actor';
641 $u->setItemLoaded( 'actor' );
642 return $u;
643 }
644
645 /**
646 * Static factory method for creation from an ID, name, and/or actor ID
647 *
648 * This does not check that the ID, name, and actor ID all correspond to
649 * the same user.
650 *
651 * @since 1.31
652 * @param int|null $userId User ID, if known
653 * @param string|null $userName User name, if known
654 * @param int|null $actorId Actor ID, if known
655 * @return User
656 */
657 public static function newFromAnyId( $userId, $userName, $actorId ) {
658 global $wgActorTableSchemaMigrationStage;
659
660 $user = new User;
661 $user->mFrom = 'defaults';
662
663 if ( $wgActorTableSchemaMigrationStage > MIGRATION_OLD && $actorId !== null ) {
664 $user->mActorId = (int)$actorId;
665 if ( $user->mActorId !== 0 ) {
666 $user->mFrom = 'actor';
667 }
668 $user->setItemLoaded( 'actor' );
669 }
670
671 if ( $userName !== null && $userName !== '' ) {
672 $user->mName = $userName;
673 $user->mFrom = 'name';
674 $user->setItemLoaded( 'name' );
675 }
676
677 if ( $userId !== null ) {
678 $user->mId = (int)$userId;
679 if ( $user->mId !== 0 ) {
680 $user->mFrom = 'id';
681 }
682 $user->setItemLoaded( 'id' );
683 }
684
685 if ( $user->mFrom === 'defaults' ) {
686 throw new InvalidArgumentException(
687 'Cannot create a user with no name, no ID, and no actor ID'
688 );
689 }
690
691 return $user;
692 }
693
694 /**
695 * Factory method to fetch whichever user has a given email confirmation code.
696 * This code is generated when an account is created or its e-mail address
697 * has changed.
698 *
699 * If the code is invalid or has expired, returns NULL.
700 *
701 * @param string $code Confirmation code
702 * @param int $flags User::READ_* bitfield
703 * @return User|null
704 */
705 public static function newFromConfirmationCode( $code, $flags = 0 ) {
706 $db = ( $flags & self::READ_LATEST ) == self::READ_LATEST
707 ? wfGetDB( DB_MASTER )
708 : wfGetDB( DB_REPLICA );
709
710 $id = $db->selectField(
711 'user',
712 'user_id',
713 [
714 'user_email_token' => md5( $code ),
715 'user_email_token_expires > ' . $db->addQuotes( $db->timestamp() ),
716 ]
717 );
718
719 return $id ? self::newFromId( $id ) : null;
720 }
721
722 /**
723 * Create a new user object using data from session. If the login
724 * credentials are invalid, the result is an anonymous user.
725 *
726 * @param WebRequest|null $request Object to use; $wgRequest will be used if omitted.
727 * @return User
728 */
729 public static function newFromSession( WebRequest $request = null ) {
730 $user = new User;
731 $user->mFrom = 'session';
732 $user->mRequest = $request;
733 return $user;
734 }
735
736 /**
737 * Create a new user object from a user row.
738 * The row should have the following fields from the user table in it:
739 * - either user_name or user_id to load further data if needed (or both)
740 * - user_real_name
741 * - all other fields (email, etc.)
742 * It is useless to provide the remaining fields if either user_id,
743 * user_name and user_real_name are not provided because the whole row
744 * will be loaded once more from the database when accessing them.
745 *
746 * @param stdClass $row A row from the user table
747 * @param array $data Further data to load into the object (see User::loadFromRow for valid keys)
748 * @return User
749 */
750 public static function newFromRow( $row, $data = null ) {
751 $user = new User;
752 $user->loadFromRow( $row, $data );
753 return $user;
754 }
755
756 /**
757 * Static factory method for creation of a "system" user from username.
758 *
759 * A "system" user is an account that's used to attribute logged actions
760 * taken by MediaWiki itself, as opposed to a bot or human user. Examples
761 * might include the 'Maintenance script' or 'Conversion script' accounts
762 * used by various scripts in the maintenance/ directory or accounts such
763 * as 'MediaWiki message delivery' used by the MassMessage extension.
764 *
765 * This can optionally create the user if it doesn't exist, and "steal" the
766 * account if it does exist.
767 *
768 * "Stealing" an existing user is intended to make it impossible for normal
769 * authentication processes to use the account, effectively disabling the
770 * account for normal use:
771 * - Email is invalidated, to prevent account recovery by emailing a
772 * temporary password and to disassociate the account from the existing
773 * human.
774 * - The token is set to a magic invalid value, to kill existing sessions
775 * and to prevent $this->setToken() calls from resetting the token to a
776 * valid value.
777 * - SessionManager is instructed to prevent new sessions for the user, to
778 * do things like deauthorizing OAuth consumers.
779 * - AuthManager is instructed to revoke access, to invalidate or remove
780 * passwords and other credentials.
781 *
782 * @param string $name Username
783 * @param array $options Options are:
784 * - validate: As for User::getCanonicalName(), default 'valid'
785 * - create: Whether to create the user if it doesn't already exist, default true
786 * - steal: Whether to "disable" the account for normal use if it already
787 * exists, default false
788 * @return User|null
789 * @since 1.27
790 */
791 public static function newSystemUser( $name, $options = [] ) {
792 $options += [
793 'validate' => 'valid',
794 'create' => true,
795 'steal' => false,
796 ];
797
798 $name = self::getCanonicalName( $name, $options['validate'] );
799 if ( $name === false ) {
800 return null;
801 }
802
803 $dbr = wfGetDB( DB_REPLICA );
804 $userQuery = self::getQueryInfo();
805 $row = $dbr->selectRow(
806 $userQuery['tables'],
807 $userQuery['fields'],
808 [ 'user_name' => $name ],
809 __METHOD__,
810 [],
811 $userQuery['joins']
812 );
813 if ( !$row ) {
814 // Try the master database...
815 $dbw = wfGetDB( DB_MASTER );
816 $row = $dbw->selectRow(
817 $userQuery['tables'],
818 $userQuery['fields'],
819 [ 'user_name' => $name ],
820 __METHOD__,
821 [],
822 $userQuery['joins']
823 );
824 }
825
826 if ( !$row ) {
827 // No user. Create it?
828 return $options['create']
829 ? self::createNew( $name, [ 'token' => self::INVALID_TOKEN ] )
830 : null;
831 }
832
833 $user = self::newFromRow( $row );
834
835 // A user is considered to exist as a non-system user if it can
836 // authenticate, or has an email set, or has a non-invalid token.
837 if ( $user->mEmail || $user->mToken !== self::INVALID_TOKEN ||
838 AuthManager::singleton()->userCanAuthenticate( $name )
839 ) {
840 // User exists. Steal it?
841 if ( !$options['steal'] ) {
842 return null;
843 }
844
845 AuthManager::singleton()->revokeAccessForUser( $name );
846
847 $user->invalidateEmail();
848 $user->mToken = self::INVALID_TOKEN;
849 $user->saveSettings();
850 SessionManager::singleton()->preventSessionsForUser( $user->getName() );
851 }
852
853 return $user;
854 }
855
856 // @}
857
858 /**
859 * Get the username corresponding to a given user ID
860 * @param int $id User ID
861 * @return string|bool The corresponding username
862 */
863 public static function whoIs( $id ) {
864 return UserCache::singleton()->getProp( $id, 'name' );
865 }
866
867 /**
868 * Get the real name of a user given their user ID
869 *
870 * @param int $id User ID
871 * @return string|bool The corresponding user's real name
872 */
873 public static function whoIsReal( $id ) {
874 return UserCache::singleton()->getProp( $id, 'real_name' );
875 }
876
877 /**
878 * Get database id given a user name
879 * @param string $name Username
880 * @param int $flags User::READ_* constant bitfield
881 * @return int|null The corresponding user's ID, or null if user is nonexistent
882 */
883 public static function idFromName( $name, $flags = self::READ_NORMAL ) {
884 $nt = Title::makeTitleSafe( NS_USER, $name );
885 if ( is_null( $nt ) ) {
886 // Illegal name
887 return null;
888 }
889
890 if ( !( $flags & self::READ_LATEST ) && array_key_exists( $name, self::$idCacheByName ) ) {
891 return self::$idCacheByName[$name];
892 }
893
894 list( $index, $options ) = DBAccessObjectUtils::getDBOptions( $flags );
895 $db = wfGetDB( $index );
896
897 $s = $db->selectRow(
898 'user',
899 [ 'user_id' ],
900 [ 'user_name' => $nt->getText() ],
901 __METHOD__,
902 $options
903 );
904
905 if ( $s === false ) {
906 $result = null;
907 } else {
908 $result = $s->user_id;
909 }
910
911 self::$idCacheByName[$name] = $result;
912
913 if ( count( self::$idCacheByName ) > 1000 ) {
914 self::$idCacheByName = [];
915 }
916
917 return $result;
918 }
919
920 /**
921 * Reset the cache used in idFromName(). For use in tests.
922 */
923 public static function resetIdByNameCache() {
924 self::$idCacheByName = [];
925 }
926
927 /**
928 * Does the string match an anonymous IP address?
929 *
930 * This function exists for username validation, in order to reject
931 * usernames which are similar in form to IP addresses. Strings such
932 * as 300.300.300.300 will return true because it looks like an IP
933 * address, despite not being strictly valid.
934 *
935 * We match "\d{1,3}\.\d{1,3}\.\d{1,3}\.xxx" as an anonymous IP
936 * address because the usemod software would "cloak" anonymous IP
937 * addresses like this, if we allowed accounts like this to be created
938 * new users could get the old edits of these anonymous users.
939 *
940 * @param string $name Name to match
941 * @return bool
942 */
943 public static function isIP( $name ) {
944 return preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/', $name )
945 || IP::isIPv6( $name );
946 }
947
948 /**
949 * Is the user an IP range?
950 *
951 * @since 1.30
952 * @return bool
953 */
954 public function isIPRange() {
955 return IP::isValidRange( $this->mName );
956 }
957
958 /**
959 * Is the input a valid username?
960 *
961 * Checks if the input is a valid username, we don't want an empty string,
962 * an IP address, anything that contains slashes (would mess up subpages),
963 * is longer than the maximum allowed username size or doesn't begin with
964 * a capital letter.
965 *
966 * @param string $name Name to match
967 * @return bool
968 */
969 public static function isValidUserName( $name ) {
970 global $wgContLang, $wgMaxNameChars;
971
972 if ( $name == ''
973 || self::isIP( $name )
974 || strpos( $name, '/' ) !== false
975 || strlen( $name ) > $wgMaxNameChars
976 || $name != $wgContLang->ucfirst( $name )
977 ) {
978 return false;
979 }
980
981 // Ensure that the name can't be misresolved as a different title,
982 // such as with extra namespace keys at the start.
983 $parsed = Title::newFromText( $name );
984 if ( is_null( $parsed )
985 || $parsed->getNamespace()
986 || strcmp( $name, $parsed->getPrefixedText() ) ) {
987 return false;
988 }
989
990 // Check an additional blacklist of troublemaker characters.
991 // Should these be merged into the title char list?
992 $unicodeBlacklist = '/[' .
993 '\x{0080}-\x{009f}' . # iso-8859-1 control chars
994 '\x{00a0}' . # non-breaking space
995 '\x{2000}-\x{200f}' . # various whitespace
996 '\x{2028}-\x{202f}' . # breaks and control chars
997 '\x{3000}' . # ideographic space
998 '\x{e000}-\x{f8ff}' . # private use
999 ']/u';
1000 if ( preg_match( $unicodeBlacklist, $name ) ) {
1001 return false;
1002 }
1003
1004 return true;
1005 }
1006
1007 /**
1008 * Usernames which fail to pass this function will be blocked
1009 * from user login and new account registrations, but may be used
1010 * internally by batch processes.
1011 *
1012 * If an account already exists in this form, login will be blocked
1013 * by a failure to pass this function.
1014 *
1015 * @param string $name Name to match
1016 * @return bool
1017 */
1018 public static function isUsableName( $name ) {
1019 global $wgReservedUsernames;
1020 // Must be a valid username, obviously ;)
1021 if ( !self::isValidUserName( $name ) ) {
1022 return false;
1023 }
1024
1025 static $reservedUsernames = false;
1026 if ( !$reservedUsernames ) {
1027 $reservedUsernames = $wgReservedUsernames;
1028 Hooks::run( 'UserGetReservedNames', [ &$reservedUsernames ] );
1029 }
1030
1031 // Certain names may be reserved for batch processes.
1032 foreach ( $reservedUsernames as $reserved ) {
1033 if ( substr( $reserved, 0, 4 ) == 'msg:' ) {
1034 $reserved = wfMessage( substr( $reserved, 4 ) )->inContentLanguage()->text();
1035 }
1036 if ( $reserved == $name ) {
1037 return false;
1038 }
1039 }
1040 return true;
1041 }
1042
1043 /**
1044 * Return the users who are members of the given group(s). In case of multiple groups,
1045 * users who are members of at least one of them are returned.
1046 *
1047 * @param string|array $groups A single group name or an array of group names
1048 * @param int $limit Max number of users to return. The actual limit will never exceed 5000
1049 * records; larger values are ignored.
1050 * @param int $after ID the user to start after
1051 * @return UserArrayFromResult
1052 */
1053 public static function findUsersByGroup( $groups, $limit = 5000, $after = null ) {
1054 if ( $groups === [] ) {
1055 return UserArrayFromResult::newFromIDs( [] );
1056 }
1057
1058 $groups = array_unique( (array)$groups );
1059 $limit = min( 5000, $limit );
1060
1061 $conds = [ 'ug_group' => $groups ];
1062 if ( $after !== null ) {
1063 $conds[] = 'ug_user > ' . (int)$after;
1064 }
1065
1066 $dbr = wfGetDB( DB_REPLICA );
1067 $ids = $dbr->selectFieldValues(
1068 'user_groups',
1069 'ug_user',
1070 $conds,
1071 __METHOD__,
1072 [
1073 'DISTINCT' => true,
1074 'ORDER BY' => 'ug_user',
1075 'LIMIT' => $limit,
1076 ]
1077 ) ?: [];
1078 return UserArray::newFromIDs( $ids );
1079 }
1080
1081 /**
1082 * Usernames which fail to pass this function will be blocked
1083 * from new account registrations, but may be used internally
1084 * either by batch processes or by user accounts which have
1085 * already been created.
1086 *
1087 * Additional blacklisting may be added here rather than in
1088 * isValidUserName() to avoid disrupting existing accounts.
1089 *
1090 * @param string $name String to match
1091 * @return bool
1092 */
1093 public static function isCreatableName( $name ) {
1094 global $wgInvalidUsernameCharacters;
1095
1096 // Ensure that the username isn't longer than 235 bytes, so that
1097 // (at least for the builtin skins) user javascript and css files
1098 // will work. (T25080)
1099 if ( strlen( $name ) > 235 ) {
1100 wfDebugLog( 'username', __METHOD__ .
1101 ": '$name' invalid due to length" );
1102 return false;
1103 }
1104
1105 // Preg yells if you try to give it an empty string
1106 if ( $wgInvalidUsernameCharacters !== '' ) {
1107 if ( preg_match( '/[' . preg_quote( $wgInvalidUsernameCharacters, '/' ) . ']/', $name ) ) {
1108 wfDebugLog( 'username', __METHOD__ .
1109 ": '$name' invalid due to wgInvalidUsernameCharacters" );
1110 return false;
1111 }
1112 }
1113
1114 return self::isUsableName( $name );
1115 }
1116
1117 /**
1118 * Is the input a valid password for this user?
1119 *
1120 * @param string $password Desired password
1121 * @return bool
1122 */
1123 public function isValidPassword( $password ) {
1124 // simple boolean wrapper for getPasswordValidity
1125 return $this->getPasswordValidity( $password ) === true;
1126 }
1127
1128 /**
1129 * Given unvalidated password input, return error message on failure.
1130 *
1131 * @param string $password Desired password
1132 * @return bool|string|array True on success, string or array of error message on failure
1133 */
1134 public function getPasswordValidity( $password ) {
1135 $result = $this->checkPasswordValidity( $password );
1136 if ( $result->isGood() ) {
1137 return true;
1138 } else {
1139 $messages = [];
1140 foreach ( $result->getErrorsByType( 'error' ) as $error ) {
1141 $messages[] = $error['message'];
1142 }
1143 foreach ( $result->getErrorsByType( 'warning' ) as $warning ) {
1144 $messages[] = $warning['message'];
1145 }
1146 if ( count( $messages ) === 1 ) {
1147 return $messages[0];
1148 }
1149 return $messages;
1150 }
1151 }
1152
1153 /**
1154 * Check if this is a valid password for this user
1155 *
1156 * Create a Status object based on the password's validity.
1157 * The Status should be set to fatal if the user should not
1158 * be allowed to log in, and should have any errors that
1159 * would block changing the password.
1160 *
1161 * If the return value of this is not OK, the password
1162 * should not be checked. If the return value is not Good,
1163 * the password can be checked, but the user should not be
1164 * able to set their password to this.
1165 *
1166 * @param string $password Desired password
1167 * @return Status
1168 * @since 1.23
1169 */
1170 public function checkPasswordValidity( $password ) {
1171 global $wgPasswordPolicy;
1172
1173 $upp = new UserPasswordPolicy(
1174 $wgPasswordPolicy['policies'],
1175 $wgPasswordPolicy['checks']
1176 );
1177
1178 $status = Status::newGood();
1179 $result = false; // init $result to false for the internal checks
1180
1181 if ( !Hooks::run( 'isValidPassword', [ $password, &$result, $this ] ) ) {
1182 $status->error( $result );
1183 return $status;
1184 }
1185
1186 if ( $result === false ) {
1187 $status->merge( $upp->checkUserPassword( $this, $password ) );
1188 return $status;
1189 } elseif ( $result === true ) {
1190 return $status;
1191 } else {
1192 $status->error( $result );
1193 return $status; // the isValidPassword hook set a string $result and returned true
1194 }
1195 }
1196
1197 /**
1198 * Given unvalidated user input, return a canonical username, or false if
1199 * the username is invalid.
1200 * @param string $name User input
1201 * @param string|bool $validate Type of validation to use:
1202 * - false No validation
1203 * - 'valid' Valid for batch processes
1204 * - 'usable' Valid for batch processes and login
1205 * - 'creatable' Valid for batch processes, login and account creation
1206 *
1207 * @throws InvalidArgumentException
1208 * @return bool|string
1209 */
1210 public static function getCanonicalName( $name, $validate = 'valid' ) {
1211 // Force usernames to capital
1212 global $wgContLang;
1213 $name = $wgContLang->ucfirst( $name );
1214
1215 # Reject names containing '#'; these will be cleaned up
1216 # with title normalisation, but then it's too late to
1217 # check elsewhere
1218 if ( strpos( $name, '#' ) !== false ) {
1219 return false;
1220 }
1221
1222 // Clean up name according to title rules,
1223 // but only when validation is requested (T14654)
1224 $t = ( $validate !== false ) ?
1225 Title::newFromText( $name, NS_USER ) : Title::makeTitle( NS_USER, $name );
1226 // Check for invalid titles
1227 if ( is_null( $t ) || $t->getNamespace() !== NS_USER || $t->isExternal() ) {
1228 return false;
1229 }
1230
1231 // Reject various classes of invalid names
1232 $name = AuthManager::callLegacyAuthPlugin(
1233 'getCanonicalName', [ $t->getText() ], $t->getText()
1234 );
1235
1236 switch ( $validate ) {
1237 case false:
1238 break;
1239 case 'valid':
1240 if ( !self::isValidUserName( $name ) ) {
1241 $name = false;
1242 }
1243 break;
1244 case 'usable':
1245 if ( !self::isUsableName( $name ) ) {
1246 $name = false;
1247 }
1248 break;
1249 case 'creatable':
1250 if ( !self::isCreatableName( $name ) ) {
1251 $name = false;
1252 }
1253 break;
1254 default:
1255 throw new InvalidArgumentException(
1256 'Invalid parameter value for $validate in ' . __METHOD__ );
1257 }
1258 return $name;
1259 }
1260
1261 /**
1262 * Return a random password.
1263 *
1264 * @deprecated since 1.27, use PasswordFactory::generateRandomPasswordString()
1265 * @return string New random password
1266 */
1267 public static function randomPassword() {
1268 global $wgMinimalPasswordLength;
1269 return PasswordFactory::generateRandomPasswordString( $wgMinimalPasswordLength );
1270 }
1271
1272 /**
1273 * Set cached properties to default.
1274 *
1275 * @note This no longer clears uncached lazy-initialised properties;
1276 * the constructor does that instead.
1277 *
1278 * @param string|bool $name
1279 */
1280 public function loadDefaults( $name = false ) {
1281 $this->mId = 0;
1282 $this->mName = $name;
1283 $this->mActorId = null;
1284 $this->mRealName = '';
1285 $this->mEmail = '';
1286 $this->mOptionOverrides = null;
1287 $this->mOptionsLoaded = false;
1288
1289 $loggedOut = $this->mRequest && !defined( 'MW_NO_SESSION' )
1290 ? $this->mRequest->getSession()->getLoggedOutTimestamp() : 0;
1291 if ( $loggedOut !== 0 ) {
1292 $this->mTouched = wfTimestamp( TS_MW, $loggedOut );
1293 } else {
1294 $this->mTouched = '1'; # Allow any pages to be cached
1295 }
1296
1297 $this->mToken = null; // Don't run cryptographic functions till we need a token
1298 $this->mEmailAuthenticated = null;
1299 $this->mEmailToken = '';
1300 $this->mEmailTokenExpires = null;
1301 $this->mRegistration = wfTimestamp( TS_MW );
1302 $this->mGroupMemberships = [];
1303
1304 Hooks::run( 'UserLoadDefaults', [ $this, $name ] );
1305 }
1306
1307 /**
1308 * Return whether an item has been loaded.
1309 *
1310 * @param string $item Item to check. Current possibilities:
1311 * - id
1312 * - name
1313 * - realname
1314 * @param string $all 'all' to check if the whole object has been loaded
1315 * or any other string to check if only the item is available (e.g.
1316 * for optimisation)
1317 * @return bool
1318 */
1319 public function isItemLoaded( $item, $all = 'all' ) {
1320 return ( $this->mLoadedItems === true && $all === 'all' ) ||
1321 ( isset( $this->mLoadedItems[$item] ) && $this->mLoadedItems[$item] === true );
1322 }
1323
1324 /**
1325 * Set that an item has been loaded
1326 *
1327 * @param string $item
1328 */
1329 protected function setItemLoaded( $item ) {
1330 if ( is_array( $this->mLoadedItems ) ) {
1331 $this->mLoadedItems[$item] = true;
1332 }
1333 }
1334
1335 /**
1336 * Load user data from the session.
1337 *
1338 * @return bool True if the user is logged in, false otherwise.
1339 */
1340 private function loadFromSession() {
1341 // Deprecated hook
1342 $result = null;
1343 Hooks::run( 'UserLoadFromSession', [ $this, &$result ], '1.27' );
1344 if ( $result !== null ) {
1345 return $result;
1346 }
1347
1348 // MediaWiki\Session\Session already did the necessary authentication of the user
1349 // returned here, so just use it if applicable.
1350 $session = $this->getRequest()->getSession();
1351 $user = $session->getUser();
1352 if ( $user->isLoggedIn() ) {
1353 $this->loadFromUserObject( $user );
1354
1355 // If this user is autoblocked, set a cookie to track the Block. This has to be done on
1356 // every session load, because an autoblocked editor might not edit again from the same
1357 // IP address after being blocked.
1358 $config = RequestContext::getMain()->getConfig();
1359 if ( $config->get( 'CookieSetOnAutoblock' ) === true ) {
1360 $block = $this->getBlock();
1361 $shouldSetCookie = $this->getRequest()->getCookie( 'BlockID' ) === null
1362 && $block
1363 && $block->getType() === Block::TYPE_USER
1364 && $block->isAutoblocking();
1365 if ( $shouldSetCookie ) {
1366 wfDebug( __METHOD__ . ': User is autoblocked, setting cookie to track' );
1367 $block->setCookie( $this->getRequest()->response() );
1368 }
1369 }
1370
1371 // Other code expects these to be set in the session, so set them.
1372 $session->set( 'wsUserID', $this->getId() );
1373 $session->set( 'wsUserName', $this->getName() );
1374 $session->set( 'wsToken', $this->getToken() );
1375 return true;
1376 }
1377 return false;
1378 }
1379
1380 /**
1381 * Load user and user_group data from the database.
1382 * $this->mId must be set, this is how the user is identified.
1383 *
1384 * @param int $flags User::READ_* constant bitfield
1385 * @return bool True if the user exists, false if the user is anonymous
1386 */
1387 public function loadFromDatabase( $flags = self::READ_LATEST ) {
1388 // Paranoia
1389 $this->mId = intval( $this->mId );
1390
1391 if ( !$this->mId ) {
1392 // Anonymous users are not in the database
1393 $this->loadDefaults();
1394 return false;
1395 }
1396
1397 list( $index, $options ) = DBAccessObjectUtils::getDBOptions( $flags );
1398 $db = wfGetDB( $index );
1399
1400 $userQuery = self::getQueryInfo();
1401 $s = $db->selectRow(
1402 $userQuery['tables'],
1403 $userQuery['fields'],
1404 [ 'user_id' => $this->mId ],
1405 __METHOD__,
1406 $options,
1407 $userQuery['joins']
1408 );
1409
1410 $this->queryFlagsUsed = $flags;
1411 Hooks::run( 'UserLoadFromDatabase', [ $this, &$s ] );
1412
1413 if ( $s !== false ) {
1414 // Initialise user table data
1415 $this->loadFromRow( $s );
1416 $this->mGroupMemberships = null; // deferred
1417 $this->getEditCount(); // revalidation for nulls
1418 return true;
1419 } else {
1420 // Invalid user_id
1421 $this->mId = 0;
1422 $this->loadDefaults();
1423 return false;
1424 }
1425 }
1426
1427 /**
1428 * Initialize this object from a row from the user table.
1429 *
1430 * @param stdClass $row Row from the user table to load.
1431 * @param array $data Further user data to load into the object
1432 *
1433 * user_groups Array of arrays or stdClass result rows out of the user_groups
1434 * table. Previously you were supposed to pass an array of strings
1435 * here, but we also need expiry info nowadays, so an array of
1436 * strings is ignored.
1437 * user_properties Array with properties out of the user_properties table
1438 */
1439 protected function loadFromRow( $row, $data = null ) {
1440 global $wgActorTableSchemaMigrationStage;
1441
1442 if ( !is_object( $row ) ) {
1443 throw new InvalidArgumentException( '$row must be an object' );
1444 }
1445
1446 $all = true;
1447
1448 $this->mGroupMemberships = null; // deferred
1449
1450 if ( $wgActorTableSchemaMigrationStage > MIGRATION_OLD ) {
1451 if ( isset( $row->actor_id ) ) {
1452 $this->mActorId = (int)$row->actor_id;
1453 if ( $this->mActorId !== 0 ) {
1454 $this->mFrom = 'actor';
1455 }
1456 $this->setItemLoaded( 'actor' );
1457 } else {
1458 $all = false;
1459 }
1460 }
1461
1462 if ( isset( $row->user_name ) && $row->user_name !== '' ) {
1463 $this->mName = $row->user_name;
1464 $this->mFrom = 'name';
1465 $this->setItemLoaded( 'name' );
1466 } else {
1467 $all = false;
1468 }
1469
1470 if ( isset( $row->user_real_name ) ) {
1471 $this->mRealName = $row->user_real_name;
1472 $this->setItemLoaded( 'realname' );
1473 } else {
1474 $all = false;
1475 }
1476
1477 if ( isset( $row->user_id ) ) {
1478 $this->mId = intval( $row->user_id );
1479 if ( $this->mId !== 0 ) {
1480 $this->mFrom = 'id';
1481 }
1482 $this->setItemLoaded( 'id' );
1483 } else {
1484 $all = false;
1485 }
1486
1487 if ( isset( $row->user_id ) && isset( $row->user_name ) && $row->user_name !== '' ) {
1488 self::$idCacheByName[$row->user_name] = $row->user_id;
1489 }
1490
1491 if ( isset( $row->user_editcount ) ) {
1492 $this->mEditCount = $row->user_editcount;
1493 } else {
1494 $all = false;
1495 }
1496
1497 if ( isset( $row->user_touched ) ) {
1498 $this->mTouched = wfTimestamp( TS_MW, $row->user_touched );
1499 } else {
1500 $all = false;
1501 }
1502
1503 if ( isset( $row->user_token ) ) {
1504 // The definition for the column is binary(32), so trim the NULs
1505 // that appends. The previous definition was char(32), so trim
1506 // spaces too.
1507 $this->mToken = rtrim( $row->user_token, " \0" );
1508 if ( $this->mToken === '' ) {
1509 $this->mToken = null;
1510 }
1511 } else {
1512 $all = false;
1513 }
1514
1515 if ( isset( $row->user_email ) ) {
1516 $this->mEmail = $row->user_email;
1517 $this->mEmailAuthenticated = wfTimestampOrNull( TS_MW, $row->user_email_authenticated );
1518 $this->mEmailToken = $row->user_email_token;
1519 $this->mEmailTokenExpires = wfTimestampOrNull( TS_MW, $row->user_email_token_expires );
1520 $this->mRegistration = wfTimestampOrNull( TS_MW, $row->user_registration );
1521 } else {
1522 $all = false;
1523 }
1524
1525 if ( $all ) {
1526 $this->mLoadedItems = true;
1527 }
1528
1529 if ( is_array( $data ) ) {
1530 if ( isset( $data['user_groups'] ) && is_array( $data['user_groups'] ) ) {
1531 if ( !count( $data['user_groups'] ) ) {
1532 $this->mGroupMemberships = [];
1533 } else {
1534 $firstGroup = reset( $data['user_groups'] );
1535 if ( is_array( $firstGroup ) || is_object( $firstGroup ) ) {
1536 $this->mGroupMemberships = [];
1537 foreach ( $data['user_groups'] as $row ) {
1538 $ugm = UserGroupMembership::newFromRow( (object)$row );
1539 $this->mGroupMemberships[$ugm->getGroup()] = $ugm;
1540 }
1541 }
1542 }
1543 }
1544 if ( isset( $data['user_properties'] ) && is_array( $data['user_properties'] ) ) {
1545 $this->loadOptions( $data['user_properties'] );
1546 }
1547 }
1548 }
1549
1550 /**
1551 * Load the data for this user object from another user object.
1552 *
1553 * @param User $user
1554 */
1555 protected function loadFromUserObject( $user ) {
1556 $user->load();
1557 foreach ( self::$mCacheVars as $var ) {
1558 $this->$var = $user->$var;
1559 }
1560 }
1561
1562 /**
1563 * Load the groups from the database if they aren't already loaded.
1564 */
1565 private function loadGroups() {
1566 if ( is_null( $this->mGroupMemberships ) ) {
1567 $db = ( $this->queryFlagsUsed & self::READ_LATEST )
1568 ? wfGetDB( DB_MASTER )
1569 : wfGetDB( DB_REPLICA );
1570 $this->mGroupMemberships = UserGroupMembership::getMembershipsForUser(
1571 $this->mId, $db );
1572 }
1573 }
1574
1575 /**
1576 * Add the user to the group if he/she meets given criteria.
1577 *
1578 * Contrary to autopromotion by \ref $wgAutopromote, the group will be
1579 * possible to remove manually via Special:UserRights. In such case it
1580 * will not be re-added automatically. The user will also not lose the
1581 * group if they no longer meet the criteria.
1582 *
1583 * @param string $event Key in $wgAutopromoteOnce (each one has groups/criteria)
1584 *
1585 * @return array Array of groups the user has been promoted to.
1586 *
1587 * @see $wgAutopromoteOnce
1588 */
1589 public function addAutopromoteOnceGroups( $event ) {
1590 global $wgAutopromoteOnceLogInRC;
1591
1592 if ( wfReadOnly() || !$this->getId() ) {
1593 return [];
1594 }
1595
1596 $toPromote = Autopromote::getAutopromoteOnceGroups( $this, $event );
1597 if ( !count( $toPromote ) ) {
1598 return [];
1599 }
1600
1601 if ( !$this->checkAndSetTouched() ) {
1602 return []; // raced out (bug T48834)
1603 }
1604
1605 $oldGroups = $this->getGroups(); // previous groups
1606 $oldUGMs = $this->getGroupMemberships();
1607 foreach ( $toPromote as $group ) {
1608 $this->addGroup( $group );
1609 }
1610 $newGroups = array_merge( $oldGroups, $toPromote ); // all groups
1611 $newUGMs = $this->getGroupMemberships();
1612
1613 // update groups in external authentication database
1614 Hooks::run( 'UserGroupsChanged', [ $this, $toPromote, [], false, false, $oldUGMs, $newUGMs ] );
1615 AuthManager::callLegacyAuthPlugin( 'updateExternalDBGroups', [ $this, $toPromote ] );
1616
1617 $logEntry = new ManualLogEntry( 'rights', 'autopromote' );
1618 $logEntry->setPerformer( $this );
1619 $logEntry->setTarget( $this->getUserPage() );
1620 $logEntry->setParameters( [
1621 '4::oldgroups' => $oldGroups,
1622 '5::newgroups' => $newGroups,
1623 ] );
1624 $logid = $logEntry->insert();
1625 if ( $wgAutopromoteOnceLogInRC ) {
1626 $logEntry->publish( $logid );
1627 }
1628
1629 return $toPromote;
1630 }
1631
1632 /**
1633 * Builds update conditions. Additional conditions may be added to $conditions to
1634 * protected against race conditions using a compare-and-set (CAS) mechanism
1635 * based on comparing $this->mTouched with the user_touched field.
1636 *
1637 * @param Database $db
1638 * @param array $conditions WHERE conditions for use with Database::update
1639 * @return array WHERE conditions for use with Database::update
1640 */
1641 protected function makeUpdateConditions( Database $db, array $conditions ) {
1642 if ( $this->mTouched ) {
1643 // CAS check: only update if the row wasn't changed sicne it was loaded.
1644 $conditions['user_touched'] = $db->timestamp( $this->mTouched );
1645 }
1646
1647 return $conditions;
1648 }
1649
1650 /**
1651 * Bump user_touched if it didn't change since this object was loaded
1652 *
1653 * On success, the mTouched field is updated.
1654 * The user serialization cache is always cleared.
1655 *
1656 * @return bool Whether user_touched was actually updated
1657 * @since 1.26
1658 */
1659 protected function checkAndSetTouched() {
1660 $this->load();
1661
1662 if ( !$this->mId ) {
1663 return false; // anon
1664 }
1665
1666 // Get a new user_touched that is higher than the old one
1667 $newTouched = $this->newTouchedTimestamp();
1668
1669 $dbw = wfGetDB( DB_MASTER );
1670 $dbw->update( 'user',
1671 [ 'user_touched' => $dbw->timestamp( $newTouched ) ],
1672 $this->makeUpdateConditions( $dbw, [
1673 'user_id' => $this->mId,
1674 ] ),
1675 __METHOD__
1676 );
1677 $success = ( $dbw->affectedRows() > 0 );
1678
1679 if ( $success ) {
1680 $this->mTouched = $newTouched;
1681 $this->clearSharedCache();
1682 } else {
1683 // Clears on failure too since that is desired if the cache is stale
1684 $this->clearSharedCache( 'refresh' );
1685 }
1686
1687 return $success;
1688 }
1689
1690 /**
1691 * Clear various cached data stored in this object. The cache of the user table
1692 * data (i.e. self::$mCacheVars) is not cleared unless $reloadFrom is given.
1693 *
1694 * @param bool|string $reloadFrom Reload user and user_groups table data from a
1695 * given source. May be "name", "id", "actor", "defaults", "session", or false for no reload.
1696 */
1697 public function clearInstanceCache( $reloadFrom = false ) {
1698 $this->mNewtalk = -1;
1699 $this->mDatePreference = null;
1700 $this->mBlockedby = -1; # Unset
1701 $this->mHash = false;
1702 $this->mRights = null;
1703 $this->mEffectiveGroups = null;
1704 $this->mImplicitGroups = null;
1705 $this->mGroupMemberships = null;
1706 $this->mOptions = null;
1707 $this->mOptionsLoaded = false;
1708 $this->mEditCount = null;
1709
1710 if ( $reloadFrom ) {
1711 $this->mLoadedItems = [];
1712 $this->mFrom = $reloadFrom;
1713 }
1714 }
1715
1716 /**
1717 * Combine the language default options with any site-specific options
1718 * and add the default language variants.
1719 *
1720 * @return array Array of String options
1721 */
1722 public static function getDefaultOptions() {
1723 global $wgNamespacesToBeSearchedDefault, $wgDefaultUserOptions, $wgContLang, $wgDefaultSkin;
1724
1725 static $defOpt = null;
1726 static $defOptLang = null;
1727
1728 if ( $defOpt !== null && $defOptLang === $wgContLang->getCode() ) {
1729 // $wgContLang does not change (and should not change) mid-request,
1730 // but the unit tests change it anyway, and expect this method to
1731 // return values relevant to the current $wgContLang.
1732 return $defOpt;
1733 }
1734
1735 $defOpt = $wgDefaultUserOptions;
1736 // Default language setting
1737 $defOptLang = $wgContLang->getCode();
1738 $defOpt['language'] = $defOptLang;
1739 foreach ( LanguageConverter::$languagesWithVariants as $langCode ) {
1740 $defOpt[$langCode == $wgContLang->getCode() ? 'variant' : "variant-$langCode"] = $langCode;
1741 }
1742
1743 // NOTE: don't use SearchEngineConfig::getSearchableNamespaces here,
1744 // since extensions may change the set of searchable namespaces depending
1745 // on user groups/permissions.
1746 foreach ( $wgNamespacesToBeSearchedDefault as $nsnum => $val ) {
1747 $defOpt['searchNs' . $nsnum] = (bool)$val;
1748 }
1749 $defOpt['skin'] = Skin::normalizeKey( $wgDefaultSkin );
1750
1751 Hooks::run( 'UserGetDefaultOptions', [ &$defOpt ] );
1752
1753 return $defOpt;
1754 }
1755
1756 /**
1757 * Get a given default option value.
1758 *
1759 * @param string $opt Name of option to retrieve
1760 * @return string Default option value
1761 */
1762 public static function getDefaultOption( $opt ) {
1763 $defOpts = self::getDefaultOptions();
1764 if ( isset( $defOpts[$opt] ) ) {
1765 return $defOpts[$opt];
1766 } else {
1767 return null;
1768 }
1769 }
1770
1771 /**
1772 * Get blocking information
1773 * @param bool $bFromSlave Whether to check the replica DB first.
1774 * To improve performance, non-critical checks are done against replica DBs.
1775 * Check when actually saving should be done against master.
1776 */
1777 private function getBlockedStatus( $bFromSlave = true ) {
1778 global $wgProxyWhitelist, $wgUser, $wgApplyIpBlocksToXff, $wgSoftBlockRanges;
1779
1780 if ( -1 != $this->mBlockedby ) {
1781 return;
1782 }
1783
1784 wfDebug( __METHOD__ . ": checking...\n" );
1785
1786 // Initialize data...
1787 // Otherwise something ends up stomping on $this->mBlockedby when
1788 // things get lazy-loaded later, causing false positive block hits
1789 // due to -1 !== 0. Probably session-related... Nothing should be
1790 // overwriting mBlockedby, surely?
1791 $this->load();
1792
1793 # We only need to worry about passing the IP address to the Block generator if the
1794 # user is not immune to autoblocks/hardblocks, and they are the current user so we
1795 # know which IP address they're actually coming from
1796 $ip = null;
1797 if ( !$this->isAllowed( 'ipblock-exempt' ) ) {
1798 // $wgUser->getName() only works after the end of Setup.php. Until
1799 // then, assume it's a logged-out user.
1800 $globalUserName = $wgUser->isSafeToLoad()
1801 ? $wgUser->getName()
1802 : IP::sanitizeIP( $wgUser->getRequest()->getIP() );
1803 if ( $this->getName() === $globalUserName ) {
1804 $ip = $this->getRequest()->getIP();
1805 }
1806 }
1807
1808 // User/IP blocking
1809 $block = Block::newFromTarget( $this, $ip, !$bFromSlave );
1810
1811 // Cookie blocking
1812 if ( !$block instanceof Block ) {
1813 $block = $this->getBlockFromCookieValue( $this->getRequest()->getCookie( 'BlockID' ) );
1814 }
1815
1816 // Proxy blocking
1817 if ( !$block instanceof Block && $ip !== null && !in_array( $ip, $wgProxyWhitelist ) ) {
1818 // Local list
1819 if ( self::isLocallyBlockedProxy( $ip ) ) {
1820 $block = new Block( [
1821 'byText' => wfMessage( 'proxyblocker' )->text(),
1822 'reason' => wfMessage( 'proxyblockreason' )->text(),
1823 'address' => $ip,
1824 'systemBlock' => 'proxy',
1825 ] );
1826 } elseif ( $this->isAnon() && $this->isDnsBlacklisted( $ip ) ) {
1827 $block = new Block( [
1828 'byText' => wfMessage( 'sorbs' )->text(),
1829 'reason' => wfMessage( 'sorbsreason' )->text(),
1830 'address' => $ip,
1831 'systemBlock' => 'dnsbl',
1832 ] );
1833 }
1834 }
1835
1836 // (T25343) Apply IP blocks to the contents of XFF headers, if enabled
1837 if ( !$block instanceof Block
1838 && $wgApplyIpBlocksToXff
1839 && $ip !== null
1840 && !in_array( $ip, $wgProxyWhitelist )
1841 ) {
1842 $xff = $this->getRequest()->getHeader( 'X-Forwarded-For' );
1843 $xff = array_map( 'trim', explode( ',', $xff ) );
1844 $xff = array_diff( $xff, [ $ip ] );
1845 $xffblocks = Block::getBlocksForIPList( $xff, $this->isAnon(), !$bFromSlave );
1846 $block = Block::chooseBlock( $xffblocks, $xff );
1847 if ( $block instanceof Block ) {
1848 # Mangle the reason to alert the user that the block
1849 # originated from matching the X-Forwarded-For header.
1850 $block->mReason = wfMessage( 'xffblockreason', $block->mReason )->text();
1851 }
1852 }
1853
1854 if ( !$block instanceof Block
1855 && $ip !== null
1856 && $this->isAnon()
1857 && IP::isInRanges( $ip, $wgSoftBlockRanges )
1858 ) {
1859 $block = new Block( [
1860 'address' => $ip,
1861 'byText' => 'MediaWiki default',
1862 'reason' => wfMessage( 'softblockrangesreason', $ip )->text(),
1863 'anonOnly' => true,
1864 'systemBlock' => 'wgSoftBlockRanges',
1865 ] );
1866 }
1867
1868 if ( $block instanceof Block ) {
1869 wfDebug( __METHOD__ . ": Found block.\n" );
1870 $this->mBlock = $block;
1871 $this->mBlockedby = $block->getByName();
1872 $this->mBlockreason = $block->mReason;
1873 $this->mHideName = $block->mHideName;
1874 $this->mAllowUsertalk = !$block->prevents( 'editownusertalk' );
1875 } else {
1876 $this->mBlock = null;
1877 $this->mBlockedby = '';
1878 $this->mBlockreason = '';
1879 $this->mHideName = 0;
1880 $this->mAllowUsertalk = false;
1881 }
1882
1883 // Avoid PHP 7.1 warning of passing $this by reference
1884 $user = $this;
1885 // Extensions
1886 Hooks::run( 'GetBlockedStatus', [ &$user ] );
1887 }
1888
1889 /**
1890 * Try to load a Block from an ID given in a cookie value.
1891 * @param string|null $blockCookieVal The cookie value to check.
1892 * @return Block|bool The Block object, or false if none could be loaded.
1893 */
1894 protected function getBlockFromCookieValue( $blockCookieVal ) {
1895 // Make sure there's something to check. The cookie value must start with a number.
1896 if ( strlen( $blockCookieVal ) < 1 || !is_numeric( substr( $blockCookieVal, 0, 1 ) ) ) {
1897 return false;
1898 }
1899 // Load the Block from the ID in the cookie.
1900 $blockCookieId = Block::getIdFromCookieValue( $blockCookieVal );
1901 if ( $blockCookieId !== null ) {
1902 // An ID was found in the cookie.
1903 $tmpBlock = Block::newFromID( $blockCookieId );
1904 if ( $tmpBlock instanceof Block ) {
1905 // Check the validity of the block.
1906 $blockIsValid = $tmpBlock->getType() == Block::TYPE_USER
1907 && !$tmpBlock->isExpired()
1908 && $tmpBlock->isAutoblocking();
1909 $config = RequestContext::getMain()->getConfig();
1910 $useBlockCookie = ( $config->get( 'CookieSetOnAutoblock' ) === true );
1911 if ( $blockIsValid && $useBlockCookie ) {
1912 // Use the block.
1913 return $tmpBlock;
1914 } else {
1915 // If the block is not valid, remove the cookie.
1916 Block::clearCookie( $this->getRequest()->response() );
1917 }
1918 } else {
1919 // If the block doesn't exist, remove the cookie.
1920 Block::clearCookie( $this->getRequest()->response() );
1921 }
1922 }
1923 return false;
1924 }
1925
1926 /**
1927 * Whether the given IP is in a DNS blacklist.
1928 *
1929 * @param string $ip IP to check
1930 * @param bool $checkWhitelist Whether to check the whitelist first
1931 * @return bool True if blacklisted.
1932 */
1933 public function isDnsBlacklisted( $ip, $checkWhitelist = false ) {
1934 global $wgEnableDnsBlacklist, $wgDnsBlacklistUrls, $wgProxyWhitelist;
1935
1936 if ( !$wgEnableDnsBlacklist ) {
1937 return false;
1938 }
1939
1940 if ( $checkWhitelist && in_array( $ip, $wgProxyWhitelist ) ) {
1941 return false;
1942 }
1943
1944 return $this->inDnsBlacklist( $ip, $wgDnsBlacklistUrls );
1945 }
1946
1947 /**
1948 * Whether the given IP is in a given DNS blacklist.
1949 *
1950 * @param string $ip IP to check
1951 * @param string|array $bases Array of Strings: URL of the DNS blacklist
1952 * @return bool True if blacklisted.
1953 */
1954 public function inDnsBlacklist( $ip, $bases ) {
1955 $found = false;
1956 // @todo FIXME: IPv6 ??? (https://bugs.php.net/bug.php?id=33170)
1957 if ( IP::isIPv4( $ip ) ) {
1958 // Reverse IP, T23255
1959 $ipReversed = implode( '.', array_reverse( explode( '.', $ip ) ) );
1960
1961 foreach ( (array)$bases as $base ) {
1962 // Make hostname
1963 // If we have an access key, use that too (ProjectHoneypot, etc.)
1964 $basename = $base;
1965 if ( is_array( $base ) ) {
1966 if ( count( $base ) >= 2 ) {
1967 // Access key is 1, base URL is 0
1968 $host = "{$base[1]}.$ipReversed.{$base[0]}";
1969 } else {
1970 $host = "$ipReversed.{$base[0]}";
1971 }
1972 $basename = $base[0];
1973 } else {
1974 $host = "$ipReversed.$base";
1975 }
1976
1977 // Send query
1978 $ipList = gethostbynamel( $host );
1979
1980 if ( $ipList ) {
1981 wfDebugLog( 'dnsblacklist', "Hostname $host is {$ipList[0]}, it's a proxy says $basename!" );
1982 $found = true;
1983 break;
1984 } else {
1985 wfDebugLog( 'dnsblacklist', "Requested $host, not found in $basename." );
1986 }
1987 }
1988 }
1989
1990 return $found;
1991 }
1992
1993 /**
1994 * Check if an IP address is in the local proxy list
1995 *
1996 * @param string $ip
1997 *
1998 * @return bool
1999 */
2000 public static function isLocallyBlockedProxy( $ip ) {
2001 global $wgProxyList;
2002
2003 if ( !$wgProxyList ) {
2004 return false;
2005 }
2006
2007 if ( !is_array( $wgProxyList ) ) {
2008 // Load values from the specified file
2009 $wgProxyList = array_map( 'trim', file( $wgProxyList ) );
2010 }
2011
2012 $resultProxyList = [];
2013 $deprecatedIPEntries = [];
2014
2015 // backward compatibility: move all ip addresses in keys to values
2016 foreach ( $wgProxyList as $key => $value ) {
2017 $keyIsIP = IP::isIPAddress( $key );
2018 $valueIsIP = IP::isIPAddress( $value );
2019 if ( $keyIsIP && !$valueIsIP ) {
2020 $deprecatedIPEntries[] = $key;
2021 $resultProxyList[] = $key;
2022 } elseif ( $keyIsIP && $valueIsIP ) {
2023 $deprecatedIPEntries[] = $key;
2024 $resultProxyList[] = $key;
2025 $resultProxyList[] = $value;
2026 } else {
2027 $resultProxyList[] = $value;
2028 }
2029 }
2030
2031 if ( $deprecatedIPEntries ) {
2032 wfDeprecated(
2033 'IP addresses in the keys of $wgProxyList (found the following IP addresses in keys: ' .
2034 implode( ', ', $deprecatedIPEntries ) . ', please move them to values)', '1.30' );
2035 }
2036
2037 $proxyListIPSet = new IPSet( $resultProxyList );
2038 return $proxyListIPSet->match( $ip );
2039 }
2040
2041 /**
2042 * Is this user subject to rate limiting?
2043 *
2044 * @return bool True if rate limited
2045 */
2046 public function isPingLimitable() {
2047 global $wgRateLimitsExcludedIPs;
2048 if ( IP::isInRanges( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
2049 // No other good way currently to disable rate limits
2050 // for specific IPs. :P
2051 // But this is a crappy hack and should die.
2052 return false;
2053 }
2054 return !$this->isAllowed( 'noratelimit' );
2055 }
2056
2057 /**
2058 * Primitive rate limits: enforce maximum actions per time period
2059 * to put a brake on flooding.
2060 *
2061 * The method generates both a generic profiling point and a per action one
2062 * (suffix being "-$action".
2063 *
2064 * @note When using a shared cache like memcached, IP-address
2065 * last-hit counters will be shared across wikis.
2066 *
2067 * @param string $action Action to enforce; 'edit' if unspecified
2068 * @param int $incrBy Positive amount to increment counter by [defaults to 1]
2069 * @return bool True if a rate limiter was tripped
2070 */
2071 public function pingLimiter( $action = 'edit', $incrBy = 1 ) {
2072 // Avoid PHP 7.1 warning of passing $this by reference
2073 $user = $this;
2074 // Call the 'PingLimiter' hook
2075 $result = false;
2076 if ( !Hooks::run( 'PingLimiter', [ &$user, $action, &$result, $incrBy ] ) ) {
2077 return $result;
2078 }
2079
2080 global $wgRateLimits;
2081 if ( !isset( $wgRateLimits[$action] ) ) {
2082 return false;
2083 }
2084
2085 $limits = array_merge(
2086 [ '&can-bypass' => true ],
2087 $wgRateLimits[$action]
2088 );
2089
2090 // Some groups shouldn't trigger the ping limiter, ever
2091 if ( $limits['&can-bypass'] && !$this->isPingLimitable() ) {
2092 return false;
2093 }
2094
2095 $keys = [];
2096 $id = $this->getId();
2097 $userLimit = false;
2098 $isNewbie = $this->isNewbie();
2099 $cache = ObjectCache::getLocalClusterInstance();
2100
2101 if ( $id == 0 ) {
2102 // limits for anons
2103 if ( isset( $limits['anon'] ) ) {
2104 $keys[$cache->makeKey( 'limiter', $action, 'anon' )] = $limits['anon'];
2105 }
2106 } else {
2107 // limits for logged-in users
2108 if ( isset( $limits['user'] ) ) {
2109 $userLimit = $limits['user'];
2110 }
2111 // limits for newbie logged-in users
2112 if ( $isNewbie && isset( $limits['newbie'] ) ) {
2113 $keys[$cache->makeKey( 'limiter', $action, 'user', $id )] = $limits['newbie'];
2114 }
2115 }
2116
2117 // limits for anons and for newbie logged-in users
2118 if ( $isNewbie ) {
2119 // ip-based limits
2120 if ( isset( $limits['ip'] ) ) {
2121 $ip = $this->getRequest()->getIP();
2122 $keys["mediawiki:limiter:$action:ip:$ip"] = $limits['ip'];
2123 }
2124 // subnet-based limits
2125 if ( isset( $limits['subnet'] ) ) {
2126 $ip = $this->getRequest()->getIP();
2127 $subnet = IP::getSubnet( $ip );
2128 if ( $subnet !== false ) {
2129 $keys["mediawiki:limiter:$action:subnet:$subnet"] = $limits['subnet'];
2130 }
2131 }
2132 }
2133
2134 // Check for group-specific permissions
2135 // If more than one group applies, use the group with the highest limit ratio (max/period)
2136 foreach ( $this->getGroups() as $group ) {
2137 if ( isset( $limits[$group] ) ) {
2138 if ( $userLimit === false
2139 || $limits[$group][0] / $limits[$group][1] > $userLimit[0] / $userLimit[1]
2140 ) {
2141 $userLimit = $limits[$group];
2142 }
2143 }
2144 }
2145
2146 // Set the user limit key
2147 if ( $userLimit !== false ) {
2148 list( $max, $period ) = $userLimit;
2149 wfDebug( __METHOD__ . ": effective user limit: $max in {$period}s\n" );
2150 $keys[$cache->makeKey( 'limiter', $action, 'user', $id )] = $userLimit;
2151 }
2152
2153 // ip-based limits for all ping-limitable users
2154 if ( isset( $limits['ip-all'] ) ) {
2155 $ip = $this->getRequest()->getIP();
2156 // ignore if user limit is more permissive
2157 if ( $isNewbie || $userLimit === false
2158 || $limits['ip-all'][0] / $limits['ip-all'][1] > $userLimit[0] / $userLimit[1] ) {
2159 $keys["mediawiki:limiter:$action:ip-all:$ip"] = $limits['ip-all'];
2160 }
2161 }
2162
2163 // subnet-based limits for all ping-limitable users
2164 if ( isset( $limits['subnet-all'] ) ) {
2165 $ip = $this->getRequest()->getIP();
2166 $subnet = IP::getSubnet( $ip );
2167 if ( $subnet !== false ) {
2168 // ignore if user limit is more permissive
2169 if ( $isNewbie || $userLimit === false
2170 || $limits['ip-all'][0] / $limits['ip-all'][1]
2171 > $userLimit[0] / $userLimit[1] ) {
2172 $keys["mediawiki:limiter:$action:subnet-all:$subnet"] = $limits['subnet-all'];
2173 }
2174 }
2175 }
2176
2177 $triggered = false;
2178 foreach ( $keys as $key => $limit ) {
2179 list( $max, $period ) = $limit;
2180 $summary = "(limit $max in {$period}s)";
2181 $count = $cache->get( $key );
2182 // Already pinged?
2183 if ( $count ) {
2184 if ( $count >= $max ) {
2185 wfDebugLog( 'ratelimit', "User '{$this->getName()}' " .
2186 "(IP {$this->getRequest()->getIP()}) tripped $key at $count $summary" );
2187 $triggered = true;
2188 } else {
2189 wfDebug( __METHOD__ . ": ok. $key at $count $summary\n" );
2190 }
2191 } else {
2192 wfDebug( __METHOD__ . ": adding record for $key $summary\n" );
2193 if ( $incrBy > 0 ) {
2194 $cache->add( $key, 0, intval( $period ) ); // first ping
2195 }
2196 }
2197 if ( $incrBy > 0 ) {
2198 $cache->incr( $key, $incrBy );
2199 }
2200 }
2201
2202 return $triggered;
2203 }
2204
2205 /**
2206 * Check if user is blocked
2207 *
2208 * @param bool $bFromSlave Whether to check the replica DB instead of
2209 * the master. Hacked from false due to horrible probs on site.
2210 * @return bool True if blocked, false otherwise
2211 */
2212 public function isBlocked( $bFromSlave = true ) {
2213 return $this->getBlock( $bFromSlave ) instanceof Block && $this->getBlock()->prevents( 'edit' );
2214 }
2215
2216 /**
2217 * Get the block affecting the user, or null if the user is not blocked
2218 *
2219 * @param bool $bFromSlave Whether to check the replica DB instead of the master
2220 * @return Block|null
2221 */
2222 public function getBlock( $bFromSlave = true ) {
2223 $this->getBlockedStatus( $bFromSlave );
2224 return $this->mBlock instanceof Block ? $this->mBlock : null;
2225 }
2226
2227 /**
2228 * Check if user is blocked from editing a particular article
2229 *
2230 * @param Title $title Title to check
2231 * @param bool $bFromSlave Whether to check the replica DB instead of the master
2232 * @return bool
2233 */
2234 public function isBlockedFrom( $title, $bFromSlave = false ) {
2235 global $wgBlockAllowsUTEdit;
2236
2237 $blocked = $this->isBlocked( $bFromSlave );
2238 $allowUsertalk = ( $wgBlockAllowsUTEdit ? $this->mAllowUsertalk : false );
2239 // If a user's name is suppressed, they cannot make edits anywhere
2240 if ( !$this->mHideName && $allowUsertalk && $title->getText() === $this->getName()
2241 && $title->getNamespace() == NS_USER_TALK ) {
2242 $blocked = false;
2243 wfDebug( __METHOD__ . ": self-talk page, ignoring any blocks\n" );
2244 }
2245
2246 Hooks::run( 'UserIsBlockedFrom', [ $this, $title, &$blocked, &$allowUsertalk ] );
2247
2248 return $blocked;
2249 }
2250
2251 /**
2252 * If user is blocked, return the name of the user who placed the block
2253 * @return string Name of blocker
2254 */
2255 public function blockedBy() {
2256 $this->getBlockedStatus();
2257 return $this->mBlockedby;
2258 }
2259
2260 /**
2261 * If user is blocked, return the specified reason for the block
2262 * @return string Blocking reason
2263 */
2264 public function blockedFor() {
2265 $this->getBlockedStatus();
2266 return $this->mBlockreason;
2267 }
2268
2269 /**
2270 * If user is blocked, return the ID for the block
2271 * @return int Block ID
2272 */
2273 public function getBlockId() {
2274 $this->getBlockedStatus();
2275 return ( $this->mBlock ? $this->mBlock->getId() : false );
2276 }
2277
2278 /**
2279 * Check if user is blocked on all wikis.
2280 * Do not use for actual edit permission checks!
2281 * This is intended for quick UI checks.
2282 *
2283 * @param string $ip IP address, uses current client if none given
2284 * @return bool True if blocked, false otherwise
2285 */
2286 public function isBlockedGlobally( $ip = '' ) {
2287 return $this->getGlobalBlock( $ip ) instanceof Block;
2288 }
2289
2290 /**
2291 * Check if user is blocked on all wikis.
2292 * Do not use for actual edit permission checks!
2293 * This is intended for quick UI checks.
2294 *
2295 * @param string $ip IP address, uses current client if none given
2296 * @return Block|null Block object if blocked, null otherwise
2297 * @throws FatalError
2298 * @throws MWException
2299 */
2300 public function getGlobalBlock( $ip = '' ) {
2301 if ( $this->mGlobalBlock !== null ) {
2302 return $this->mGlobalBlock ?: null;
2303 }
2304 // User is already an IP?
2305 if ( IP::isIPAddress( $this->getName() ) ) {
2306 $ip = $this->getName();
2307 } elseif ( !$ip ) {
2308 $ip = $this->getRequest()->getIP();
2309 }
2310 // Avoid PHP 7.1 warning of passing $this by reference
2311 $user = $this;
2312 $blocked = false;
2313 $block = null;
2314 Hooks::run( 'UserIsBlockedGlobally', [ &$user, $ip, &$blocked, &$block ] );
2315
2316 if ( $blocked && $block === null ) {
2317 // back-compat: UserIsBlockedGlobally didn't have $block param first
2318 $block = new Block( [
2319 'address' => $ip,
2320 'systemBlock' => 'global-block'
2321 ] );
2322 }
2323
2324 $this->mGlobalBlock = $blocked ? $block : false;
2325 return $this->mGlobalBlock ?: null;
2326 }
2327
2328 /**
2329 * Check if user account is locked
2330 *
2331 * @return bool True if locked, false otherwise
2332 */
2333 public function isLocked() {
2334 if ( $this->mLocked !== null ) {
2335 return $this->mLocked;
2336 }
2337 // Avoid PHP 7.1 warning of passing $this by reference
2338 $user = $this;
2339 $authUser = AuthManager::callLegacyAuthPlugin( 'getUserInstance', [ &$user ], null );
2340 $this->mLocked = $authUser && $authUser->isLocked();
2341 Hooks::run( 'UserIsLocked', [ $this, &$this->mLocked ] );
2342 return $this->mLocked;
2343 }
2344
2345 /**
2346 * Check if user account is hidden
2347 *
2348 * @return bool True if hidden, false otherwise
2349 */
2350 public function isHidden() {
2351 if ( $this->mHideName !== null ) {
2352 return $this->mHideName;
2353 }
2354 $this->getBlockedStatus();
2355 if ( !$this->mHideName ) {
2356 // Avoid PHP 7.1 warning of passing $this by reference
2357 $user = $this;
2358 $authUser = AuthManager::callLegacyAuthPlugin( 'getUserInstance', [ &$user ], null );
2359 $this->mHideName = $authUser && $authUser->isHidden();
2360 Hooks::run( 'UserIsHidden', [ $this, &$this->mHideName ] );
2361 }
2362 return $this->mHideName;
2363 }
2364
2365 /**
2366 * Get the user's ID.
2367 * @return int The user's ID; 0 if the user is anonymous or nonexistent
2368 */
2369 public function getId() {
2370 if ( $this->mId === null && $this->mName !== null && self::isIP( $this->mName ) ) {
2371 // Special case, we know the user is anonymous
2372 return 0;
2373 } elseif ( !$this->isItemLoaded( 'id' ) ) {
2374 // Don't load if this was initialized from an ID
2375 $this->load();
2376 }
2377
2378 return (int)$this->mId;
2379 }
2380
2381 /**
2382 * Set the user and reload all fields according to a given ID
2383 * @param int $v User ID to reload
2384 */
2385 public function setId( $v ) {
2386 $this->mId = $v;
2387 $this->clearInstanceCache( 'id' );
2388 }
2389
2390 /**
2391 * Get the user name, or the IP of an anonymous user
2392 * @return string User's name or IP address
2393 */
2394 public function getName() {
2395 if ( $this->isItemLoaded( 'name', 'only' ) ) {
2396 // Special case optimisation
2397 return $this->mName;
2398 } else {
2399 $this->load();
2400 if ( $this->mName === false ) {
2401 // Clean up IPs
2402 $this->mName = IP::sanitizeIP( $this->getRequest()->getIP() );
2403 }
2404 return $this->mName;
2405 }
2406 }
2407
2408 /**
2409 * Set the user name.
2410 *
2411 * This does not reload fields from the database according to the given
2412 * name. Rather, it is used to create a temporary "nonexistent user" for
2413 * later addition to the database. It can also be used to set the IP
2414 * address for an anonymous user to something other than the current
2415 * remote IP.
2416 *
2417 * @note User::newFromName() has roughly the same function, when the named user
2418 * does not exist.
2419 * @param string $str New user name to set
2420 */
2421 public function setName( $str ) {
2422 $this->load();
2423 $this->mName = $str;
2424 }
2425
2426 /**
2427 * Get the user's actor ID.
2428 * @since 1.31
2429 * @param IDatabase|null $dbw Assign a new actor ID, using this DB handle, if none exists
2430 * @return int The actor's ID, or 0 if no actor ID exists and $dbw was null
2431 */
2432 public function getActorId( IDatabase $dbw = null ) {
2433 global $wgActorTableSchemaMigrationStage;
2434
2435 if ( $wgActorTableSchemaMigrationStage <= MIGRATION_OLD ) {
2436 return 0;
2437 }
2438
2439 if ( !$this->isItemLoaded( 'actor' ) ) {
2440 $this->load();
2441 }
2442
2443 // Currently $this->mActorId might be null if $this was loaded from a
2444 // cache entry that was written when $wgActorTableSchemaMigrationStage
2445 // was MIGRATION_OLD. Once that is no longer a possibility (i.e. when
2446 // User::VERSION is incremented after $wgActorTableSchemaMigrationStage
2447 // has been removed), that condition may be removed.
2448 if ( $this->mActorId === null || !$this->mActorId && $dbw ) {
2449 $q = [
2450 'actor_user' => $this->getId() ?: null,
2451 'actor_name' => (string)$this->getName(),
2452 ];
2453 if ( $dbw ) {
2454 if ( $q['actor_user'] === null && self::isUsableName( $q['actor_name'] ) ) {
2455 throw new CannotCreateActorException(
2456 'Cannot create an actor for a usable name that is not an existing user'
2457 );
2458 }
2459 if ( $q['actor_name'] === '' ) {
2460 throw new CannotCreateActorException( 'Cannot create an actor for a user with no name' );
2461 }
2462 $dbw->insert( 'actor', $q, __METHOD__, [ 'IGNORE' ] );
2463 if ( $dbw->affectedRows() ) {
2464 $this->mActorId = (int)$dbw->insertId();
2465 } else {
2466 // Outdated cache?
2467 list( , $options ) = DBAccessObjectUtils::getDBOptions( $this->queryFlagsUsed );
2468 $this->mActorId = (int)$dbw->selectField( 'actor', 'actor_id', $q, __METHOD__, $options );
2469 if ( !$this->mActorId ) {
2470 throw new CannotCreateActorException(
2471 "Cannot create actor ID for user_id={$this->getId()} user_name={$this->getName()}"
2472 );
2473 }
2474 }
2475 $this->invalidateCache();
2476 } else {
2477 list( $index, $options ) = DBAccessObjectUtils::getDBOptions( $this->queryFlagsUsed );
2478 $db = wfGetDB( $index );
2479 $this->mActorId = (int)$db->selectField( 'actor', 'actor_id', $q, __METHOD__, $options );
2480 }
2481 $this->setItemLoaded( 'actor' );
2482 }
2483
2484 return (int)$this->mActorId;
2485 }
2486
2487 /**
2488 * Get the user's name escaped by underscores.
2489 * @return string Username escaped by underscores.
2490 */
2491 public function getTitleKey() {
2492 return str_replace( ' ', '_', $this->getName() );
2493 }
2494
2495 /**
2496 * Check if the user has new messages.
2497 * @return bool True if the user has new messages
2498 */
2499 public function getNewtalk() {
2500 $this->load();
2501
2502 // Load the newtalk status if it is unloaded (mNewtalk=-1)
2503 if ( $this->mNewtalk === -1 ) {
2504 $this->mNewtalk = false; # reset talk page status
2505
2506 // Check memcached separately for anons, who have no
2507 // entire User object stored in there.
2508 if ( !$this->mId ) {
2509 global $wgDisableAnonTalk;
2510 if ( $wgDisableAnonTalk ) {
2511 // Anon newtalk disabled by configuration.
2512 $this->mNewtalk = false;
2513 } else {
2514 $this->mNewtalk = $this->checkNewtalk( 'user_ip', $this->getName() );
2515 }
2516 } else {
2517 $this->mNewtalk = $this->checkNewtalk( 'user_id', $this->mId );
2518 }
2519 }
2520
2521 return (bool)$this->mNewtalk;
2522 }
2523
2524 /**
2525 * Return the data needed to construct links for new talk page message
2526 * alerts. If there are new messages, this will return an associative array
2527 * with the following data:
2528 * wiki: The database name of the wiki
2529 * link: Root-relative link to the user's talk page
2530 * rev: The last talk page revision that the user has seen or null. This
2531 * is useful for building diff links.
2532 * If there are no new messages, it returns an empty array.
2533 * @note This function was designed to accomodate multiple talk pages, but
2534 * currently only returns a single link and revision.
2535 * @return array
2536 */
2537 public function getNewMessageLinks() {
2538 // Avoid PHP 7.1 warning of passing $this by reference
2539 $user = $this;
2540 $talks = [];
2541 if ( !Hooks::run( 'UserRetrieveNewTalks', [ &$user, &$talks ] ) ) {
2542 return $talks;
2543 } elseif ( !$this->getNewtalk() ) {
2544 return [];
2545 }
2546 $utp = $this->getTalkPage();
2547 $dbr = wfGetDB( DB_REPLICA );
2548 // Get the "last viewed rev" timestamp from the oldest message notification
2549 $timestamp = $dbr->selectField( 'user_newtalk',
2550 'MIN(user_last_timestamp)',
2551 $this->isAnon() ? [ 'user_ip' => $this->getName() ] : [ 'user_id' => $this->getId() ],
2552 __METHOD__ );
2553 $rev = $timestamp ? Revision::loadFromTimestamp( $dbr, $utp, $timestamp ) : null;
2554 return [ [ 'wiki' => wfWikiID(), 'link' => $utp->getLocalURL(), 'rev' => $rev ] ];
2555 }
2556
2557 /**
2558 * Get the revision ID for the last talk page revision viewed by the talk
2559 * page owner.
2560 * @return int|null Revision ID or null
2561 */
2562 public function getNewMessageRevisionId() {
2563 $newMessageRevisionId = null;
2564 $newMessageLinks = $this->getNewMessageLinks();
2565 if ( $newMessageLinks ) {
2566 // Note: getNewMessageLinks() never returns more than a single link
2567 // and it is always for the same wiki, but we double-check here in
2568 // case that changes some time in the future.
2569 if ( count( $newMessageLinks ) === 1
2570 && $newMessageLinks[0]['wiki'] === wfWikiID()
2571 && $newMessageLinks[0]['rev']
2572 ) {
2573 /** @var Revision $newMessageRevision */
2574 $newMessageRevision = $newMessageLinks[0]['rev'];
2575 $newMessageRevisionId = $newMessageRevision->getId();
2576 }
2577 }
2578 return $newMessageRevisionId;
2579 }
2580
2581 /**
2582 * Internal uncached check for new messages
2583 *
2584 * @see getNewtalk()
2585 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
2586 * @param string|int $id User's IP address for anonymous users, User ID otherwise
2587 * @return bool True if the user has new messages
2588 */
2589 protected function checkNewtalk( $field, $id ) {
2590 $dbr = wfGetDB( DB_REPLICA );
2591
2592 $ok = $dbr->selectField( 'user_newtalk', $field, [ $field => $id ], __METHOD__ );
2593
2594 return $ok !== false;
2595 }
2596
2597 /**
2598 * Add or update the new messages flag
2599 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
2600 * @param string|int $id User's IP address for anonymous users, User ID otherwise
2601 * @param Revision|null $curRev New, as yet unseen revision of the user talk page. Ignored if null.
2602 * @return bool True if successful, false otherwise
2603 */
2604 protected function updateNewtalk( $field, $id, $curRev = null ) {
2605 // Get timestamp of the talk page revision prior to the current one
2606 $prevRev = $curRev ? $curRev->getPrevious() : false;
2607 $ts = $prevRev ? $prevRev->getTimestamp() : null;
2608 // Mark the user as having new messages since this revision
2609 $dbw = wfGetDB( DB_MASTER );
2610 $dbw->insert( 'user_newtalk',
2611 [ $field => $id, 'user_last_timestamp' => $dbw->timestampOrNull( $ts ) ],
2612 __METHOD__,
2613 'IGNORE' );
2614 if ( $dbw->affectedRows() ) {
2615 wfDebug( __METHOD__ . ": set on ($field, $id)\n" );
2616 return true;
2617 } else {
2618 wfDebug( __METHOD__ . " already set ($field, $id)\n" );
2619 return false;
2620 }
2621 }
2622
2623 /**
2624 * Clear the new messages flag for the given user
2625 * @param string $field 'user_ip' for anonymous users, 'user_id' otherwise
2626 * @param string|int $id User's IP address for anonymous users, User ID otherwise
2627 * @return bool True if successful, false otherwise
2628 */
2629 protected function deleteNewtalk( $field, $id ) {
2630 $dbw = wfGetDB( DB_MASTER );
2631 $dbw->delete( 'user_newtalk',
2632 [ $field => $id ],
2633 __METHOD__ );
2634 if ( $dbw->affectedRows() ) {
2635 wfDebug( __METHOD__ . ": killed on ($field, $id)\n" );
2636 return true;
2637 } else {
2638 wfDebug( __METHOD__ . ": already gone ($field, $id)\n" );
2639 return false;
2640 }
2641 }
2642
2643 /**
2644 * Update the 'You have new messages!' status.
2645 * @param bool $val Whether the user has new messages
2646 * @param Revision $curRev New, as yet unseen revision of the user talk
2647 * page. Ignored if null or !$val.
2648 */
2649 public function setNewtalk( $val, $curRev = null ) {
2650 if ( wfReadOnly() ) {
2651 return;
2652 }
2653
2654 $this->load();
2655 $this->mNewtalk = $val;
2656
2657 if ( $this->isAnon() ) {
2658 $field = 'user_ip';
2659 $id = $this->getName();
2660 } else {
2661 $field = 'user_id';
2662 $id = $this->getId();
2663 }
2664
2665 if ( $val ) {
2666 $changed = $this->updateNewtalk( $field, $id, $curRev );
2667 } else {
2668 $changed = $this->deleteNewtalk( $field, $id );
2669 }
2670
2671 if ( $changed ) {
2672 $this->invalidateCache();
2673 }
2674 }
2675
2676 /**
2677 * Generate a current or new-future timestamp to be stored in the
2678 * user_touched field when we update things.
2679 * @return string Timestamp in TS_MW format
2680 */
2681 private function newTouchedTimestamp() {
2682 global $wgClockSkewFudge;
2683
2684 $time = wfTimestamp( TS_MW, time() + $wgClockSkewFudge );
2685 if ( $this->mTouched && $time <= $this->mTouched ) {
2686 $time = wfTimestamp( TS_MW, wfTimestamp( TS_UNIX, $this->mTouched ) + 1 );
2687 }
2688
2689 return $time;
2690 }
2691
2692 /**
2693 * Clear user data from memcached
2694 *
2695 * Use after applying updates to the database; caller's
2696 * responsibility to update user_touched if appropriate.
2697 *
2698 * Called implicitly from invalidateCache() and saveSettings().
2699 *
2700 * @param string $mode Use 'refresh' to clear now; otherwise before DB commit
2701 */
2702 public function clearSharedCache( $mode = 'changed' ) {
2703 if ( !$this->getId() ) {
2704 return;
2705 }
2706
2707 $cache = ObjectCache::getMainWANInstance();
2708 $key = $this->getCacheKey( $cache );
2709 if ( $mode === 'refresh' ) {
2710 $cache->delete( $key, 1 );
2711 } else {
2712 $lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
2713 if ( $lb->hasOrMadeRecentMasterChanges() ) {
2714 $lb->getConnection( DB_MASTER )->onTransactionPreCommitOrIdle(
2715 function () use ( $cache, $key ) {
2716 $cache->delete( $key );
2717 },
2718 __METHOD__
2719 );
2720 } else {
2721 $cache->delete( $key );
2722 }
2723 }
2724 }
2725
2726 /**
2727 * Immediately touch the user data cache for this account
2728 *
2729 * Calls touch() and removes account data from memcached
2730 */
2731 public function invalidateCache() {
2732 $this->touch();
2733 $this->clearSharedCache();
2734 }
2735
2736 /**
2737 * Update the "touched" timestamp for the user
2738 *
2739 * This is useful on various login/logout events when making sure that
2740 * a browser or proxy that has multiple tenants does not suffer cache
2741 * pollution where the new user sees the old users content. The value
2742 * of getTouched() is checked when determining 304 vs 200 responses.
2743 * Unlike invalidateCache(), this preserves the User object cache and
2744 * avoids database writes.
2745 *
2746 * @since 1.25
2747 */
2748 public function touch() {
2749 $id = $this->getId();
2750 if ( $id ) {
2751 $cache = MediaWikiServices::getInstance()->getMainWANObjectCache();
2752 $key = $cache->makeKey( 'user-quicktouched', 'id', $id );
2753 $cache->touchCheckKey( $key );
2754 $this->mQuickTouched = null;
2755 }
2756 }
2757
2758 /**
2759 * Validate the cache for this account.
2760 * @param string $timestamp A timestamp in TS_MW format
2761 * @return bool
2762 */
2763 public function validateCache( $timestamp ) {
2764 return ( $timestamp >= $this->getTouched() );
2765 }
2766
2767 /**
2768 * Get the user touched timestamp
2769 *
2770 * Use this value only to validate caches via inequalities
2771 * such as in the case of HTTP If-Modified-Since response logic
2772 *
2773 * @return string TS_MW Timestamp
2774 */
2775 public function getTouched() {
2776 $this->load();
2777
2778 if ( $this->mId ) {
2779 if ( $this->mQuickTouched === null ) {
2780 $cache = MediaWikiServices::getInstance()->getMainWANObjectCache();
2781 $key = $cache->makeKey( 'user-quicktouched', 'id', $this->mId );
2782
2783 $this->mQuickTouched = wfTimestamp( TS_MW, $cache->getCheckKeyTime( $key ) );
2784 }
2785
2786 return max( $this->mTouched, $this->mQuickTouched );
2787 }
2788
2789 return $this->mTouched;
2790 }
2791
2792 /**
2793 * Get the user_touched timestamp field (time of last DB updates)
2794 * @return string TS_MW Timestamp
2795 * @since 1.26
2796 */
2797 public function getDBTouched() {
2798 $this->load();
2799
2800 return $this->mTouched;
2801 }
2802
2803 /**
2804 * Set the password and reset the random token.
2805 * Calls through to authentication plugin if necessary;
2806 * will have no effect if the auth plugin refuses to
2807 * pass the change through or if the legal password
2808 * checks fail.
2809 *
2810 * As a special case, setting the password to null
2811 * wipes it, so the account cannot be logged in until
2812 * a new password is set, for instance via e-mail.
2813 *
2814 * @deprecated since 1.27, use AuthManager instead
2815 * @param string $str New password to set
2816 * @throws PasswordError On failure
2817 * @return bool
2818 */
2819 public function setPassword( $str ) {
2820 return $this->setPasswordInternal( $str );
2821 }
2822
2823 /**
2824 * Set the password and reset the random token unconditionally.
2825 *
2826 * @deprecated since 1.27, use AuthManager instead
2827 * @param string|null $str New password to set or null to set an invalid
2828 * password hash meaning that the user will not be able to log in
2829 * through the web interface.
2830 */
2831 public function setInternalPassword( $str ) {
2832 $this->setPasswordInternal( $str );
2833 }
2834
2835 /**
2836 * Actually set the password and such
2837 * @since 1.27 cannot set a password for a user not in the database
2838 * @param string|null $str New password to set or null to set an invalid
2839 * password hash meaning that the user will not be able to log in
2840 * through the web interface.
2841 * @return bool Success
2842 */
2843 private function setPasswordInternal( $str ) {
2844 $manager = AuthManager::singleton();
2845
2846 // If the user doesn't exist yet, fail
2847 if ( !$manager->userExists( $this->getName() ) ) {
2848 throw new LogicException( 'Cannot set a password for a user that is not in the database.' );
2849 }
2850
2851 $status = $this->changeAuthenticationData( [
2852 'username' => $this->getName(),
2853 'password' => $str,
2854 'retype' => $str,
2855 ] );
2856 if ( !$status->isGood() ) {
2857 \MediaWiki\Logger\LoggerFactory::getInstance( 'authentication' )
2858 ->info( __METHOD__ . ': Password change rejected: '
2859 . $status->getWikiText( null, null, 'en' ) );
2860 return false;
2861 }
2862
2863 $this->setOption( 'watchlisttoken', false );
2864 SessionManager::singleton()->invalidateSessionsForUser( $this );
2865
2866 return true;
2867 }
2868
2869 /**
2870 * Changes credentials of the user.
2871 *
2872 * This is a convenience wrapper around AuthManager::changeAuthenticationData.
2873 * Note that this can return a status that isOK() but not isGood() on certain types of failures,
2874 * e.g. when no provider handled the change.
2875 *
2876 * @param array $data A set of authentication data in fieldname => value format. This is the
2877 * same data you would pass the changeauthenticationdata API - 'username', 'password' etc.
2878 * @return Status
2879 * @since 1.27
2880 */
2881 public function changeAuthenticationData( array $data ) {
2882 $manager = AuthManager::singleton();
2883 $reqs = $manager->getAuthenticationRequests( AuthManager::ACTION_CHANGE, $this );
2884 $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );
2885
2886 $status = Status::newGood( 'ignored' );
2887 foreach ( $reqs as $req ) {
2888 $status->merge( $manager->allowsAuthenticationDataChange( $req ), true );
2889 }
2890 if ( $status->getValue() === 'ignored' ) {
2891 $status->warning( 'authenticationdatachange-ignored' );
2892 }
2893
2894 if ( $status->isGood() ) {
2895 foreach ( $reqs as $req ) {
2896 $manager->changeAuthenticationData( $req );
2897 }
2898 }
2899 return $status;
2900 }
2901
2902 /**
2903 * Get the user's current token.
2904 * @param bool $forceCreation Force the generation of a new token if the
2905 * user doesn't have one (default=true for backwards compatibility).
2906 * @return string|null Token
2907 */
2908 public function getToken( $forceCreation = true ) {
2909 global $wgAuthenticationTokenVersion;
2910
2911 $this->load();
2912 if ( !$this->mToken && $forceCreation ) {
2913 $this->setToken();
2914 }
2915
2916 if ( !$this->mToken ) {
2917 // The user doesn't have a token, return null to indicate that.
2918 return null;
2919 } elseif ( $this->mToken === self::INVALID_TOKEN ) {
2920 // We return a random value here so existing token checks are very
2921 // likely to fail.
2922 return MWCryptRand::generateHex( self::TOKEN_LENGTH );
2923 } elseif ( $wgAuthenticationTokenVersion === null ) {
2924 // $wgAuthenticationTokenVersion not in use, so return the raw secret
2925 return $this->mToken;
2926 } else {
2927 // $wgAuthenticationTokenVersion in use, so hmac it.
2928 $ret = MWCryptHash::hmac( $wgAuthenticationTokenVersion, $this->mToken, false );
2929
2930 // The raw hash can be overly long. Shorten it up.
2931 $len = max( 32, self::TOKEN_LENGTH );
2932 if ( strlen( $ret ) < $len ) {
2933 // Should never happen, even md5 is 128 bits
2934 throw new \UnexpectedValueException( 'Hmac returned less than 128 bits' );
2935 }
2936 return substr( $ret, -$len );
2937 }
2938 }
2939
2940 /**
2941 * Set the random token (used for persistent authentication)
2942 * Called from loadDefaults() among other places.
2943 *
2944 * @param string|bool $token If specified, set the token to this value
2945 */
2946 public function setToken( $token = false ) {
2947 $this->load();
2948 if ( $this->mToken === self::INVALID_TOKEN ) {
2949 \MediaWiki\Logger\LoggerFactory::getInstance( 'session' )
2950 ->debug( __METHOD__ . ": Ignoring attempt to set token for system user \"$this\"" );
2951 } elseif ( !$token ) {
2952 $this->mToken = MWCryptRand::generateHex( self::TOKEN_LENGTH );
2953 } else {
2954 $this->mToken = $token;
2955 }
2956 }
2957
2958 /**
2959 * Set the password for a password reminder or new account email
2960 *
2961 * @deprecated Removed in 1.27. Use PasswordReset instead.
2962 * @param string $str New password to set or null to set an invalid
2963 * password hash meaning that the user will not be able to use it
2964 * @param bool $throttle If true, reset the throttle timestamp to the present
2965 */
2966 public function setNewpassword( $str, $throttle = true ) {
2967 throw new BadMethodCallException( __METHOD__ . ' has been removed in 1.27' );
2968 }
2969
2970 /**
2971 * Get the user's e-mail address
2972 * @return string User's email address
2973 */
2974 public function getEmail() {
2975 $this->load();
2976 Hooks::run( 'UserGetEmail', [ $this, &$this->mEmail ] );
2977 return $this->mEmail;
2978 }
2979
2980 /**
2981 * Get the timestamp of the user's e-mail authentication
2982 * @return string TS_MW timestamp
2983 */
2984 public function getEmailAuthenticationTimestamp() {
2985 $this->load();
2986 Hooks::run( 'UserGetEmailAuthenticationTimestamp', [ $this, &$this->mEmailAuthenticated ] );
2987 return $this->mEmailAuthenticated;
2988 }
2989
2990 /**
2991 * Set the user's e-mail address
2992 * @param string $str New e-mail address
2993 */
2994 public function setEmail( $str ) {
2995 $this->load();
2996 if ( $str == $this->mEmail ) {
2997 return;
2998 }
2999 $this->invalidateEmail();
3000 $this->mEmail = $str;
3001 Hooks::run( 'UserSetEmail', [ $this, &$this->mEmail ] );
3002 }
3003
3004 /**
3005 * Set the user's e-mail address and a confirmation mail if needed.
3006 *
3007 * @since 1.20
3008 * @param string $str New e-mail address
3009 * @return Status
3010 */
3011 public function setEmailWithConfirmation( $str ) {
3012 global $wgEnableEmail, $wgEmailAuthentication;
3013
3014 if ( !$wgEnableEmail ) {
3015 return Status::newFatal( 'emaildisabled' );
3016 }
3017
3018 $oldaddr = $this->getEmail();
3019 if ( $str === $oldaddr ) {
3020 return Status::newGood( true );
3021 }
3022
3023 $type = $oldaddr != '' ? 'changed' : 'set';
3024 $notificationResult = null;
3025
3026 if ( $wgEmailAuthentication ) {
3027 // Send the user an email notifying the user of the change in registered
3028 // email address on their previous email address
3029 if ( $type == 'changed' ) {
3030 $change = $str != '' ? 'changed' : 'removed';
3031 $notificationResult = $this->sendMail(
3032 wfMessage( 'notificationemail_subject_' . $change )->text(),
3033 wfMessage( 'notificationemail_body_' . $change,
3034 $this->getRequest()->getIP(),
3035 $this->getName(),
3036 $str )->text()
3037 );
3038 }
3039 }
3040
3041 $this->setEmail( $str );
3042
3043 if ( $str !== '' && $wgEmailAuthentication ) {
3044 // Send a confirmation request to the new address if needed
3045 $result = $this->sendConfirmationMail( $type );
3046
3047 if ( $notificationResult !== null ) {
3048 $result->merge( $notificationResult );
3049 }
3050
3051 if ( $result->isGood() ) {
3052 // Say to the caller that a confirmation and notification mail has been sent
3053 $result->value = 'eauth';
3054 }
3055 } else {
3056 $result = Status::newGood( true );
3057 }
3058
3059 return $result;
3060 }
3061
3062 /**
3063 * Get the user's real name
3064 * @return string User's real name