// Ensure that the username isn't longer than 235 bytes, so that
// (at least for the builtin skins) user javascript and css files
- // will work. (bug 23080)
+ // will work. (T25080)
if ( strlen( $name ) > 235 ) {
wfDebugLog( 'username', __METHOD__ .
": '$name' invalid due to length" );
}
// Clean up name according to title rules,
- // but only when validation is requested (bug 12654)
+ // but only when validation is requested (T14654)
$t = ( $validate !== false ) ?
Title::newFromText( $name, NS_USER ) : Title::makeTitle( NS_USER, $name );
// Check for invalid titles
// User/IP blocking
$block = Block::newFromTarget( $this, $ip, !$bFromSlave );
- // If no block has been found, check for a cookie indicating that the user is blocked.
- $blockCookieVal = (int)$this->getRequest()->getCookie( 'BlockID' );
- if ( !$block instanceof Block && $blockCookieVal > 0 ) {
- // Load the Block from the ID in the cookie.
- $tmpBlock = Block::newFromID( $blockCookieVal );
- if ( $tmpBlock instanceof Block ) {
- // Check the validity of the block.
- $blockIsValid = $tmpBlock->getType() == Block::TYPE_USER
- && !$tmpBlock->isExpired()
- && $tmpBlock->isAutoblocking();
- $config = RequestContext::getMain()->getConfig();
- $useBlockCookie = ( $config->get( 'CookieSetOnAutoblock' ) === true );
- if ( $blockIsValid && $useBlockCookie ) {
- // Use the block.
- $block = $tmpBlock;
- $this->blockTrigger = 'cookie-block';
- } else {
- // If the block is not valid, clear the block cookie (but don't delete it,
- // because it needs to be cleared from LocalStorage as well and an empty string
- // value is checked for in the mediawiki.user.blockcookie module).
- $tmpBlock->setCookie( $this->getRequest()->response(), true );
- }
- }
+ // Cookie blocking
+ if ( !$block instanceof Block ) {
+ $block = $this->getBlockFromCookieValue( $this->getRequest()->getCookie( 'BlockID' ) );
}
// Proxy blocking
}
}
- // (bug 23343) Apply IP blocks to the contents of XFF headers, if enabled
+ // (T25343) Apply IP blocks to the contents of XFF headers, if enabled
if ( !$block instanceof Block
&& $wgApplyIpBlocksToXff
&& $ip !== null
Hooks::run( 'GetBlockedStatus', [ &$user ] );
}
+ /**
+ * Try to load a Block from an ID given in a cookie value.
+ * @param string|null $blockCookieVal The cookie value to check.
+ * @return Block|bool The Block object, or false if none could be loaded.
+ */
+ protected function getBlockFromCookieValue( $blockCookieVal ) {
+ // Make sure there's something to check. The cookie value must start with a number.
+ if ( strlen( $blockCookieVal ) < 1 || !is_numeric( substr( $blockCookieVal, 0, 1 ) ) ) {
+ return false;
+ }
+ // Load the Block from the ID in the cookie.
+ $blockCookieId = Block::getIdFromCookieValue( $blockCookieVal );
+ if ( $blockCookieId !== null ) {
+ // An ID was found in the cookie.
+ $tmpBlock = Block::newFromID( $blockCookieId );
+ if ( $tmpBlock instanceof Block ) {
+ // Check the validity of the block.
+ $blockIsValid = $tmpBlock->getType() == Block::TYPE_USER
+ && !$tmpBlock->isExpired()
+ && $tmpBlock->isAutoblocking();
+ $config = RequestContext::getMain()->getConfig();
+ $useBlockCookie = ( $config->get( 'CookieSetOnAutoblock' ) === true );
+ if ( $blockIsValid && $useBlockCookie ) {
+ // Use the block.
+ $this->blockTrigger = 'cookie-block';
+ return $tmpBlock;
+ } else {
+ // If the block is not valid, clear the block cookie (but don't delete it,
+ // because it needs to be cleared from LocalStorage as well and an empty string
+ // value is checked for in the mediawiki.user.blockcookie module).
+ $tmpBlock->setCookie( $this->getRequest()->response(), true );
+ }
+ }
+ }
+ return false;
+ }
+
/**
* Whether the given IP is in a DNS blacklist.
*
$found = false;
// @todo FIXME: IPv6 ??? (https://bugs.php.net/bug.php?id=33170)
if ( IP::isIPv4( $ip ) ) {
- // Reverse IP, bug 21255
+ // Reverse IP, T23255
$ipReversed = implode( '.', array_reverse( explode( '.', $ip ) ) );
foreach ( (array)$bases as $base ) {
*/
public function isPingLimitable() {
global $wgRateLimitsExcludedIPs;
- if ( in_array( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
+ if ( IP::isInRanges( $this->getRequest()->getIP(), $wgRateLimitsExcludedIPs ) ) {
// No other good way currently to disable rate limits
// for specific IPs. :P
// But this is a crappy hack and should die.
// user_talk page; it's cleared one page view later in WikiPage::doViewUpdates().
}
+ /**
+ * Compute experienced level based on edit count and registration date.
+ *
+ * @return string 'newcomer', 'learner', or 'experienced'
+ */
+ public function getExperienceLevel() {
+ global $wgLearnerEdits,
+ $wgExperiencedUserEdits,
+ $wgLearnerMemberSince,
+ $wgExperiencedUserMemberSince;
+
+ if ( $this->isAnon() ) {
+ return false;
+ }
+
+ $editCount = $this->getEditCount();
+ $registration = $this->getRegistration();
+ $now = time();
+ $learnerRegistration = wfTimestamp( TS_MW, $now - $wgLearnerMemberSince * 86400 );
+ $experiencedRegistration = wfTimestamp( TS_MW, $now - $wgExperiencedUserMemberSince * 86400 );
+
+ if (
+ $editCount < $wgLearnerEdits ||
+ $registration > $learnerRegistration
+ ) {
+ return 'newcomer';
+ } elseif (
+ $editCount > $wgExperiencedUserEdits &&
+ $registration <= $experiencedRegistration
+ ) {
+ return 'experienced';
+ } else {
+ return 'learner';
+ }
+ }
+
/**
* Set a cookie on the user's client. Wrapper for
* WebResponse::setCookie
* }
* // do something with $user...
*
- * However, this was vulnerable to a race condition (bug 16020). By
+ * However, this was vulnerable to a race condition (T18020). By
* initialising the user object if the user exists, we aim to support this
* calling sequence as far as possible.
*
return $this->mBlock;
}
- # bug 13611: if the IP address the user is trying to create an account from is
+ # T15611: if the IP address the user is trying to create an account from is
# blocked with createaccount disabled, prevent new account creation there even
# when the user is logged in
if ( $this->mBlockedFromCreateAccount === false && !$this->isAllowed( 'ipblock-exempt' ) ) {
* @note Since these URLs get dropped directly into emails, using the
* short English names avoids insanely long URL-encoded links, which
* also sometimes can get corrupted in some browsers/mailers
- * (bug 6957 with Gmail and Internet Explorer).
+ * (T8957 with Gmail and Internet Explorer).
*
* @param string $page Special page
* @param string $token Token
# Note that the pattern requirement will always be satisfied if the
# input is empty, so we need required in all cases.
- # @todo FIXME: Bug 23769: This needs to not claim the password is required
+ # @todo FIXME: T25769: This needs to not claim the password is required
# if e-mail confirmation is being used. Since HTML5 input validation
# is b0rked anyway in some browsers, just return nothing. When it's
# re-enabled, fix this code to not output required for e-mail