MediaWiki REL1_30
ApiQueryBlocks.php
Go to the documentation of this file.
1<?php
33
34 public function __construct( ApiQuery $query, $moduleName ) {
35 parent::__construct( $query, $moduleName, 'bk' );
36 }
37
38 public function execute() {
39 $db = $this->getDB();
40 $commentStore = new CommentStore( 'ipb_reason' );
42 $this->requireMaxOneParameter( $params, 'users', 'ip' );
43
44 $prop = array_flip( $params['prop'] );
45 $fld_id = isset( $prop['id'] );
46 $fld_user = isset( $prop['user'] );
47 $fld_userid = isset( $prop['userid'] );
48 $fld_by = isset( $prop['by'] );
49 $fld_byid = isset( $prop['byid'] );
50 $fld_timestamp = isset( $prop['timestamp'] );
51 $fld_expiry = isset( $prop['expiry'] );
52 $fld_reason = isset( $prop['reason'] );
53 $fld_range = isset( $prop['range'] );
54 $fld_flags = isset( $prop['flags'] );
55
56 $result = $this->getResult();
57
58 $this->addTables( 'ipblocks' );
59 $this->addFields( [ 'ipb_auto', 'ipb_id', 'ipb_timestamp' ] );
60
61 $this->addFieldsIf( [ 'ipb_address', 'ipb_user' ], $fld_user || $fld_userid );
62 $this->addFieldsIf( 'ipb_by_text', $fld_by );
63 $this->addFieldsIf( 'ipb_by', $fld_byid );
64 $this->addFieldsIf( 'ipb_expiry', $fld_expiry );
65 $this->addFieldsIf( [ 'ipb_range_start', 'ipb_range_end' ], $fld_range );
66 $this->addFieldsIf( [ 'ipb_anon_only', 'ipb_create_account', 'ipb_enable_autoblock',
67 'ipb_block_email', 'ipb_deleted', 'ipb_allow_usertalk' ],
68 $fld_flags );
69
70 if ( $fld_reason ) {
71 $commentQuery = $commentStore->getJoin();
72 $this->addTables( $commentQuery['tables'] );
73 $this->addFields( $commentQuery['fields'] );
74 $this->addJoinConds( $commentQuery['joins'] );
75 }
76
77 $this->addOption( 'LIMIT', $params['limit'] + 1 );
79 'ipb_timestamp',
80 $params['dir'],
81 $params['start'],
82 $params['end']
83 );
84 // Include in ORDER BY for uniqueness
85 $this->addWhereRange( 'ipb_id', $params['dir'], null, null );
86
87 if ( !is_null( $params['continue'] ) ) {
88 $cont = explode( '|', $params['continue'] );
89 $this->dieContinueUsageIf( count( $cont ) != 2 );
90 $op = ( $params['dir'] == 'newer' ? '>' : '<' );
91 $continueTimestamp = $db->addQuotes( $db->timestamp( $cont[0] ) );
92 $continueId = (int)$cont[1];
93 $this->dieContinueUsageIf( $continueId != $cont[1] );
94 $this->addWhere( "ipb_timestamp $op $continueTimestamp OR " .
95 "(ipb_timestamp = $continueTimestamp AND " .
96 "ipb_id $op= $continueId)"
97 );
98 }
99
100 if ( isset( $params['ids'] ) ) {
101 $this->addWhereFld( 'ipb_id', $params['ids'] );
102 }
103 if ( isset( $params['users'] ) ) {
104 $usernames = [];
105 foreach ( (array)$params['users'] as $u ) {
106 $usernames[] = $this->prepareUsername( $u );
107 }
108 $this->addWhereFld( 'ipb_address', $usernames );
109 $this->addWhereFld( 'ipb_auto', 0 );
110 }
111 if ( isset( $params['ip'] ) ) {
112 $blockCIDRLimit = $this->getConfig()->get( 'BlockCIDRLimit' );
113 if ( IP::isIPv4( $params['ip'] ) ) {
114 $type = 'IPv4';
115 $cidrLimit = $blockCIDRLimit['IPv4'];
116 $prefixLen = 0;
117 } elseif ( IP::isIPv6( $params['ip'] ) ) {
118 $type = 'IPv6';
119 $cidrLimit = $blockCIDRLimit['IPv6'];
120 $prefixLen = 3; // IP::toHex output is prefixed with "v6-"
121 } else {
122 $this->dieWithError( 'apierror-badip', 'param_ip' );
123 }
124
125 # Check range validity, if it's a CIDR
126 list( $ip, $range ) = IP::parseCIDR( $params['ip'] );
127 if ( $ip !== false && $range !== false && $range < $cidrLimit ) {
128 $this->dieWithError( [ 'apierror-cidrtoobroad', $type, $cidrLimit ] );
129 }
130
131 # Let IP::parseRange handle calculating $upper, instead of duplicating the logic here.
132 list( $lower, $upper ) = IP::parseRange( $params['ip'] );
133
134 # Extract the common prefix to any rangeblock affecting this IP/CIDR
135 $prefix = substr( $lower, 0, $prefixLen + floor( $cidrLimit / 4 ) );
136
137 # Fairly hard to make a malicious SQL statement out of hex characters,
138 # but it is good practice to add quotes
139 $lower = $db->addQuotes( $lower );
140 $upper = $db->addQuotes( $upper );
141
142 $this->addWhere( [
143 'ipb_range_start' . $db->buildLike( $prefix, $db->anyString() ),
144 'ipb_range_start <= ' . $lower,
145 'ipb_range_end >= ' . $upper,
146 'ipb_auto' => 0
147 ] );
148 }
149
150 if ( !is_null( $params['show'] ) ) {
151 $show = array_flip( $params['show'] );
152
153 /* Check for conflicting parameters. */
154 if ( ( isset( $show['account'] ) && isset( $show['!account'] ) )
155 || ( isset( $show['ip'] ) && isset( $show['!ip'] ) )
156 || ( isset( $show['range'] ) && isset( $show['!range'] ) )
157 || ( isset( $show['temp'] ) && isset( $show['!temp'] ) )
158 ) {
159 $this->dieWithError( 'apierror-show' );
160 }
161
162 $this->addWhereIf( 'ipb_user = 0', isset( $show['!account'] ) );
163 $this->addWhereIf( 'ipb_user != 0', isset( $show['account'] ) );
164 $this->addWhereIf( 'ipb_user != 0 OR ipb_range_end > ipb_range_start', isset( $show['!ip'] ) );
165 $this->addWhereIf( 'ipb_user = 0 AND ipb_range_end = ipb_range_start', isset( $show['ip'] ) );
166 $this->addWhereIf( 'ipb_expiry = ' .
167 $db->addQuotes( $db->getInfinity() ), isset( $show['!temp'] ) );
168 $this->addWhereIf( 'ipb_expiry != ' .
169 $db->addQuotes( $db->getInfinity() ), isset( $show['temp'] ) );
170 $this->addWhereIf( 'ipb_range_end = ipb_range_start', isset( $show['!range'] ) );
171 $this->addWhereIf( 'ipb_range_end > ipb_range_start', isset( $show['range'] ) );
172 }
173
174 if ( !$this->getUser()->isAllowed( 'hideuser' ) ) {
175 $this->addWhereFld( 'ipb_deleted', 0 );
176 }
177
178 # Filter out expired rows
179 $this->addWhere( 'ipb_expiry > ' . $db->addQuotes( $db->timestamp() ) );
180
181 $res = $this->select( __METHOD__ );
182
183 $count = 0;
184 foreach ( $res as $row ) {
185 if ( ++$count > $params['limit'] ) {
186 // We've had enough
187 $this->setContinueEnumParameter( 'continue', "$row->ipb_timestamp|$row->ipb_id" );
188 break;
189 }
190 $block = [
191 ApiResult::META_TYPE => 'assoc',
192 ];
193 if ( $fld_id ) {
194 $block['id'] = (int)$row->ipb_id;
195 }
196 if ( $fld_user && !$row->ipb_auto ) {
197 $block['user'] = $row->ipb_address;
198 }
199 if ( $fld_userid && !$row->ipb_auto ) {
200 $block['userid'] = (int)$row->ipb_user;
201 }
202 if ( $fld_by ) {
203 $block['by'] = $row->ipb_by_text;
204 }
205 if ( $fld_byid ) {
206 $block['byid'] = (int)$row->ipb_by;
207 }
208 if ( $fld_timestamp ) {
209 $block['timestamp'] = wfTimestamp( TS_ISO_8601, $row->ipb_timestamp );
210 }
211 if ( $fld_expiry ) {
212 $block['expiry'] = ApiResult::formatExpiry( $row->ipb_expiry );
213 }
214 if ( $fld_reason ) {
215 $block['reason'] = $commentStore->getComment( $row )->text;
216 }
217 if ( $fld_range && !$row->ipb_auto ) {
218 $block['rangestart'] = IP::formatHex( $row->ipb_range_start );
219 $block['rangeend'] = IP::formatHex( $row->ipb_range_end );
220 }
221 if ( $fld_flags ) {
222 // For clarity, these flags use the same names as their action=block counterparts
223 $block['automatic'] = (bool)$row->ipb_auto;
224 $block['anononly'] = (bool)$row->ipb_anon_only;
225 $block['nocreate'] = (bool)$row->ipb_create_account;
226 $block['autoblock'] = (bool)$row->ipb_enable_autoblock;
227 $block['noemail'] = (bool)$row->ipb_block_email;
228 $block['hidden'] = (bool)$row->ipb_deleted;
229 $block['allowusertalk'] = (bool)$row->ipb_allow_usertalk;
230 }
231 $fit = $result->addValue( [ 'query', $this->getModuleName() ], null, $block );
232 if ( !$fit ) {
233 $this->setContinueEnumParameter( 'continue', "$row->ipb_timestamp|$row->ipb_id" );
234 break;
235 }
236 }
237 $result->addIndexedTagName( [ 'query', $this->getModuleName() ], 'block' );
238 }
239
240 protected function prepareUsername( $user ) {
241 if ( !$user ) {
242 $encParamName = $this->encodeParamName( 'users' );
243 $this->dieWithError( [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $user ) ],
244 "baduser_{$encParamName}"
245 );
246 }
247 $name = User::isIP( $user )
248 ? $user
249 : User::getCanonicalName( $user, 'valid' );
250 if ( $name === false ) {
251 $encParamName = $this->encodeParamName( 'users' );
252 $this->dieWithError( [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $user ) ],
253 "baduser_{$encParamName}"
254 );
255 }
256 return $name;
257 }
258
259 public function getAllowedParams() {
260 $blockCIDRLimit = $this->getConfig()->get( 'BlockCIDRLimit' );
261
262 return [
263 'start' => [
264 ApiBase::PARAM_TYPE => 'timestamp'
265 ],
266 'end' => [
267 ApiBase::PARAM_TYPE => 'timestamp',
268 ],
269 'dir' => [
271 'newer',
272 'older'
273 ],
274 ApiBase::PARAM_DFLT => 'older',
275 ApiBase::PARAM_HELP_MSG => 'api-help-param-direction',
276 ],
277 'ids' => [
278 ApiBase::PARAM_TYPE => 'integer',
280 ],
281 'users' => [
282 ApiBase::PARAM_TYPE => 'user',
284 ],
285 'ip' => [
287 'apihelp-query+blocks-param-ip',
288 $blockCIDRLimit['IPv4'],
289 $blockCIDRLimit['IPv6'],
290 ],
291 ],
292 'limit' => [
294 ApiBase::PARAM_TYPE => 'limit',
298 ],
299 'prop' => [
300 ApiBase::PARAM_DFLT => 'id|user|by|timestamp|expiry|reason|flags',
302 'id',
303 'user',
304 'userid',
305 'by',
306 'byid',
307 'timestamp',
308 'expiry',
309 'reason',
310 'range',
311 'flags'
312 ],
315 ],
316 'show' => [
318 'account',
319 '!account',
320 'temp',
321 '!temp',
322 'ip',
323 '!ip',
324 'range',
325 '!range',
326 ],
328 ],
329 'continue' => [
330 ApiBase::PARAM_HELP_MSG => 'api-help-param-continue',
331 ],
332 ];
333 }
334
335 protected function getExamplesMessages() {
336 return [
337 'action=query&list=blocks'
338 => 'apihelp-query+blocks-example-simple',
339 'action=query&list=blocks&bkusers=Alice|Bob'
340 => 'apihelp-query+blocks-example-users',
341 ];
342 }
343
344 public function getHelpUrls() {
345 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Blocks';
346 }
347}
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
const PARAM_MAX2
(integer) Max value allowed for the parameter for users with the apihighlimits right,...
Definition ApiBase.php:100
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition ApiBase.php:721
const PARAM_MAX
(integer) Max value allowed for the parameter, for PARAM_TYPE 'integer' and 'limit'.
Definition ApiBase.php:94
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition ApiBase.php:1855
dieContinueUsageIf( $condition)
Die with the 'badcontinue' error.
Definition ApiBase.php:2026
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below.
Definition ApiBase.php:91
const PARAM_DFLT
(null|boolean|integer|string) Default value of the parameter.
Definition ApiBase.php:52
extractRequestParams( $parseLimit=true)
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:740
const PARAM_HELP_MSG_PER_VALUE
((string|array|Message)[]) When PARAM_TYPE is an array, this is an array mapping those values to $msg...
Definition ApiBase.php:160
const PARAM_MIN
(integer) Lowest value allowed for the parameter, for PARAM_TYPE 'integer' and 'limit'.
Definition ApiBase.php:103
const LIMIT_BIG1
Fast query, standard limit.
Definition ApiBase.php:225
getResult()
Get the result object.
Definition ApiBase.php:632
requireMaxOneParameter( $params, $required)
Die if more than one of a certain set of parameters is set and not false.
Definition ApiBase.php:814
const PARAM_HELP_MSG
(string|array|Message) Specify an alternative i18n documentation message for this parameter.
Definition ApiBase.php:128
const LIMIT_BIG2
Fast query, apihighlimits limit.
Definition ApiBase.php:227
getModuleName()
Get the name of the module being executed by this instance.
Definition ApiBase.php:512
const PARAM_ISMULTI
(boolean) Accept multiple pipe-separated values for this parameter (e.g.
Definition ApiBase.php:55
This is a base class for all Query modules.
setContinueEnumParameter( $paramName, $paramValue)
Set a query-continue value.
addWhereIf( $value, $condition)
Same as addWhere(), but add the WHERE clauses only if a condition is met.
addWhereRange( $field, $dir, $start, $end, $sort=true)
Add a WHERE clause corresponding to a range, and an ORDER BY clause to sort in the right direction.
addFields( $value)
Add a set of fields to select to the internal array.
addOption( $name, $value=null)
Add an option such as LIMIT or USE INDEX.
addTables( $tables, $alias=null)
Add a set of tables to the internal array.
addTimestampWhereRange( $field, $dir, $start, $end, $sort=true)
Add a WHERE clause corresponding to a range, similar to addWhereRange, but converts $start and $end t...
getDB()
Get the Query database connection (read-only)
addFieldsIf( $value, $condition)
Same as addFields(), but add the fields only if a condition is met.
addJoinConds( $join_conds)
Add a set of JOIN conditions to the internal array.
addWhereFld( $field, $value)
Equivalent to addWhere(array($field => $value))
addWhere( $value)
Add a set of WHERE clauses to the internal array.
Query module to enumerate all user blocks.
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
__construct(ApiQuery $query, $moduleName)
getExamplesMessages()
Returns usage examples for this module.
getHelpUrls()
Return links to more detailed help pages about the module.
This is the main query class.
Definition ApiQuery.php:40
const META_TYPE
Key for the 'type' metadata item.
static formatExpiry( $expiry, $infinity='infinity')
Format an expiry timestamp for API output.
CommentStore handles storage of comments (edit summaries, log reasons, etc) in the database.
getUser()
Get the User object.
getConfig()
Get the Config object.
We use the convention $dbr for read and $dbw for write to help you keep track of whether the database object is a the world will explode Or to be a subsequent write query which succeeded on the master may fail when replicated to the slave due to a unique key collision Replication on the slave will stop and it may take hours to repair the database and get it back online Setting read_only in my cnf on the slave will avoid this but given the dire we prefer to have as many checks as possible We provide a but the wrapper functions like select() and insert() are usually more convenient. They take care of things like table prefixes and escaping for you. If you really need to make your own SQL
$res
Definition database.txt:21
deferred txt A few of the database updates required by various functions here can be deferred until after the result page is displayed to the user For updating the view updating the linked to tables after a etc PHP does not yet have any way to tell the server to actually return and disconnect while still running these but it might have such a feature in the future We handle these by creating a deferred update object and putting those objects on a global list
Definition deferred.txt:11
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition hooks.txt:1976
Allows to change the fields on the form that will be generated $name
Definition hooks.txt:302
null for the local wiki Added should default to null in handler for backwards compatibility add a value to it if you want to add a cookie that have to vary cache options can modify $query
Definition hooks.txt:1610
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account $user
Definition hooks.txt:247
$params