MediaWiki REL1_30
TitleBlacklist.list.php
Go to the documentation of this file.
1<?php
17class TitleBlacklist {
19 private $mBlacklist = null;
20
22 private $mWhitelist = null;
23
25 protected static $instance = null;
26
27 const VERSION = 3; // Blacklist format
28
34 public static function singleton() {
35 if ( self::$instance === null ) {
36 self::$instance = new self;
37 }
38 return self::$instance;
39 }
40
47 public static function destroySingleton() {
48 if ( !defined( 'MW_PHPUNIT_TEST' ) ) {
49 throw new MWException(
50 'Can not invoke ' . __METHOD__ . '() ' .
51 'out of tests (MW_PHPUNIT_TEST not set).'
52 );
53 }
54
55 self::$instance = null;
56 }
57
61 public function load() {
62 global $wgTitleBlacklistSources, $wgTitleBlacklistCaching;
63
64 $cache = ObjectCache::getMainWANInstance();
65 // Try to find something in the cache
66 $cachedBlacklist = $cache->get( wfMemcKey( "title_blacklist_entries" ) );
67 if ( is_array( $cachedBlacklist ) && count( $cachedBlacklist ) > 0
68 && ( $cachedBlacklist[0]->getFormatVersion() == self::VERSION )
69 ) {
70 $this->mBlacklist = $cachedBlacklist;
71 return;
72 }
73
74 $sources = $wgTitleBlacklistSources;
75 $sources['local'] = [ 'type' => 'message' ];
76 $this->mBlacklist = [];
77 foreach ( $sources as $sourceName => $source ) {
78 $this->mBlacklist = array_merge(
79 $this->mBlacklist,
80 $this->parseBlacklist( $this->getBlacklistText( $source ), $sourceName )
81 );
82 }
83 $cache->set( wfMemcKey( "title_blacklist_entries" ),
84 $this->mBlacklist, $wgTitleBlacklistCaching['expiry'] );
85 wfDebugLog( 'TitleBlacklist-cache', 'Updated ' . wfMemcKey( "title_blacklist_entries" )
86 . ' with ' . count( $this->mBlacklist ) . ' entries.' );
87 }
88
92 public function loadWhitelist() {
93 global $wgTitleBlacklistCaching;
94
95 $cache = ObjectCache::getMainWANInstance();
96 $cachedWhitelist = $cache->get( wfMemcKey( "title_whitelist_entries" ) );
97 if ( is_array( $cachedWhitelist ) && count( $cachedWhitelist ) > 0
98 && ( $cachedWhitelist[0]->getFormatVersion() != self::VERSION )
99 ) {
100 $this->mWhitelist = $cachedWhitelist;
101 return;
102 }
103 $this->mWhitelist = $this->parseBlacklist( wfMessage( 'titlewhitelist' )
104 ->inContentLanguage()->text(), 'whitelist' );
105 $cache->set( wfMemcKey( "title_whitelist_entries" ),
106 $this->mWhitelist, $wgTitleBlacklistCaching['expiry'] );
107 }
108
115 private static function getBlacklistText( $source ) {
116 if ( !is_array( $source ) || count( $source ) <= 0 ) {
117 return ''; // Return empty string in error case
118 }
119
120 if ( $source['type'] == 'message' ) {
121 return wfMessage( 'titleblacklist' )->inContentLanguage()->text();
122 } elseif ( $source['type'] == 'localpage' && count( $source ) >= 2 ) {
123 $title = Title::newFromText( $source['src'] );
124 if ( is_null( $title ) ) {
125 return '';
126 }
127 if ( $title->getNamespace() == NS_MEDIAWIKI ) {
128 $msg = wfMessage( $title->getText() )->inContentLanguage();
129 if ( !$msg->isDisabled() ) {
130 return $msg->text();
131 } else {
132 return '';
133 }
134 } else {
135 $page = WikiPage::factory( $title );
136 if ( $page->exists() ) {
137 return ContentHandler::getContentText( $page->getContent() );
138 }
139 }
140 } elseif ( $source['type'] == 'url' && count( $source ) >= 2 ) {
141 return self::getHttp( $source['src'] );
142 } elseif ( $source['type'] == 'file' && count( $source ) >= 2 ) {
143 if ( file_exists( $source['src'] ) ) {
144 return file_get_contents( $source['src'] );
145 } else {
146 return '';
147 }
148 }
149
150 return '';
151 }
152
160 public static function parseBlacklist( $list, $sourceName ) {
161 $lines = preg_split( "/\r?\n/", $list );
162 $result = [];
163 foreach ( $lines as $line ) {
164 $line = TitleBlacklistEntry::newFromString( $line, $sourceName );
165 if ( $line ) {
166 $result[] = $line;
167 }
168 }
169
170 return $result;
171 }
172
184 public function userCannot( $title, $user, $action = 'edit', $override = true ) {
185 $entry = $this->isBlacklisted( $title, $action );
186 if ( !$entry ) {
187 return false;
188 }
189 $params = $entry->getParams();
190 if ( isset( $params['autoconfirmed'] ) && $user->isAllowed( 'autoconfirmed' ) ) {
191 return false;
192 }
193 if ( $override && self::userCanOverride( $user, $action ) ) {
194 return false;
195 }
196 return $entry;
197 }
198
208 public function isBlacklisted( $title, $action = 'edit' ) {
209 if ( !( $title instanceof Title ) ) {
210 $title = Title::newFromText( $title );
211 if ( !( $title instanceof Title ) ) {
212 // The fact that the page name is invalid will stop whatever
213 // action is going through. No sense in doing more work here.
214 return false;
215 }
216 }
217 $blacklist = $this->getBlacklist();
218 $autoconfirmedItem = false;
219 foreach ( $blacklist as $item ) {
220 if ( $item->matches( $title->getFullText(), $action ) ) {
221 if ( $this->isWhitelisted( $title, $action ) ) {
222 return false;
223 }
224 $params = $item->getParams();
225 if ( !isset( $params['autoconfirmed'] ) ) {
226 return $item;
227 }
228 if ( !$autoconfirmedItem ) {
229 $autoconfirmedItem = $item;
230 }
231 }
232 }
233 return $autoconfirmedItem;
234 }
235
244 public function isWhitelisted( $title, $action = 'edit' ) {
245 if ( !( $title instanceof Title ) ) {
246 $title = Title::newFromText( $title );
247 }
248 $whitelist = $this->getWhitelist();
249 foreach ( $whitelist as $item ) {
250 if ( $item->matches( $title->getFullText(), $action ) ) {
251 return true;
252 }
253 }
254 return false;
255 }
256
262 public function getBlacklist() {
263 if ( is_null( $this->mBlacklist ) ) {
264 $this->load();
265 }
266 return $this->mBlacklist;
267 }
268
274 public function getWhitelist() {
275 if ( is_null( $this->mWhitelist ) ) {
276 $this->loadWhitelist();
277 }
278 return $this->mWhitelist;
279 }
280
287 private static function getHttp( $url ) {
288 global $messageMemc, $wgTitleBlacklistCaching;
289 $key = "title_blacklist_source:" . md5( $url ); // Global shared
290 $warnkey = wfMemcKey( "titleblacklistwarning", md5( $url ) );
291 $result = $messageMemc->get( $key );
292 $warn = $messageMemc->get( $warnkey );
293 if ( !is_string( $result )
294 || ( !$warn && !mt_rand( 0, $wgTitleBlacklistCaching['warningchance'] ) )
295 ) {
296 $result = Http::get( $url );
297 $messageMemc->set( $warnkey, 1, $wgTitleBlacklistCaching['warningexpiry'] );
298 $messageMemc->set( $key, $result, $wgTitleBlacklistCaching['expiry'] );
299 }
300 return $result;
301 }
302
306 public function invalidate() {
307 $cache = ObjectCache::getMainWANInstance();
308 $cache->delete( wfMemcKey( "title_blacklist_entries" ) );
309 }
310
317 public function validate( $blacklist ) {
318 $badEntries = [];
319 foreach ( $blacklist as $e ) {
320 wfSuppressWarnings();
321 $regex = $e->getRegex();
322 if ( preg_match( "/{$regex}/u", '' ) === false ) {
323 $badEntries[] = $e->getRaw();
324 }
325 wfRestoreWarnings();
326 }
327 return $badEntries;
328 }
329
338 public static function userCanOverride( $user, $action ) {
339 return $user->isAllowed( 'tboverride' ) ||
340 ( $action == 'new-account' && $user->isAllowed( 'tboverride-account' ) );
341 }
342}
343
347class TitleBlacklistEntry {
352 private $mRaw;
353
358 private $mRegex;
359
364 private $mParams;
365
370 private $mFormatVersion;
371
376 private $mSource;
377
385 private function __construct( $regex, $params, $raw, $source ) {
386 $this->mRaw = $raw;
387 $this->mRegex = $regex;
388 $this->mParams = $params;
389 $this->mFormatVersion = TitleBlacklist::VERSION;
390 $this->mSource = $source;
391 }
392
396 private function filtersNewAccounts() {
397 global $wgTitleBlacklistUsernameSources;
398
399 if ( $wgTitleBlacklistUsernameSources === '*' ) {
400 return true;
401 }
402
403 if ( !$wgTitleBlacklistUsernameSources ) {
404 return false;
405 }
406
407 if ( !is_array( $wgTitleBlacklistUsernameSources ) ) {
408 throw new Exception(
409 '$wgTitleBlacklistUsernameSources must be "*", false or an array' );
410 }
411
412 return in_array( $this->mSource, $wgTitleBlacklistUsernameSources, true );
413 }
414
423 public function matches( $title, $action ) {
424 if ( $title == '' ) {
425 return false;
426 }
427
428 if ( $action === 'new-account' && !$this->filtersNewAccounts() ) {
429 return false;
430 }
431
432 if ( isset( $this->mParams['antispoof'] )
433 && is_callable( 'AntiSpoof::checkUnicodeString' )
434 ) {
435 if ( $action === 'edit' ) {
436 // Use process cache for frequently edited pages
437 $cache = ObjectCache::getMainWANInstance();
438 list( $ok, $norm ) = $cache->getWithSetCallback(
439 $cache->makeKey( 'titleblacklist', 'normalized-unicode', md5( $title ) ),
440 $cache::TTL_MONTH,
441 function () use ( $title ) {
442 return AntiSpoof::checkUnicodeString( $title );
443 },
444 [ 'pcTTL' => $cache::TTL_PROC_LONG ]
445 );
446 } else {
447 list( $ok, $norm ) = AntiSpoof::checkUnicodeString( $title );
448 }
449
450 if ( $ok === "OK" ) {
451 list( $ver, $title ) = explode( ':', $norm, 2 );
452 } else {
453 wfDebugLog( 'TitleBlacklist', 'AntiSpoof could not normalize "' . $title . '".' );
454 }
455 }
456
457 wfSuppressWarnings();
458 $match = preg_match(
459 "/^(?:{$this->mRegex})$/us" . ( isset( $this->mParams['casesensitive'] ) ? '' : 'i' ),
460 $title
461 );
462 wfRestoreWarnings();
463
464 if ( $match ) {
465 if ( isset( $this->mParams['moveonly'] ) && $action != 'move' ) {
466 return false;
467 }
468 if ( isset( $this->mParams['newaccountonly'] ) && $action != 'new-account' ) {
469 return false;
470 }
471 if ( !isset( $this->mParams['noedit'] ) && $action == 'edit' ) {
472 return false;
473 }
474 if ( isset( $this->mParams['reupload'] ) && $action == 'upload' ) {
475 // Special:Upload also checks 'create' permissions when not reuploading
476 return false;
477 }
478 return true;
479 }
480
481 return false;
482 }
483
491 public static function newFromString( $line, $source ) {
492 $raw = $line; // Keep line for raw data
493 $options = [];
494 // Strip comments
495 $line = preg_replace( "/^\\s*([^#]*)\\s*((.*)?)$/", "\\1", $line );
496 $line = trim( $line );
497 // A blank string causes problems later on
498 if ( $line === '' ) {
499 return null;
500 }
501 // Parse the rest of message
502 $pockets = [];
503 if ( !preg_match( '/^(.*?)(\s*<([^<>]*)>)?$/', $line, $pockets ) ) {
504 return null;
505 }
506 $regex = trim( $pockets[1] );
507 $regex = str_replace( '_', ' ', $regex ); // We'll be matching against text form
508 $opts_str = isset( $pockets[3] ) ? trim( $pockets[3] ) : '';
509 // Parse opts
510 $opts = preg_split( '/\s*\|\s*/', $opts_str );
511 foreach ( $opts as $opt ) {
512 $opt2 = strtolower( $opt );
513 if ( $opt2 == 'autoconfirmed' ) {
514 $options['autoconfirmed'] = true;
515 }
516 if ( $opt2 == 'moveonly' ) {
517 $options['moveonly'] = true;
518 }
519 if ( $opt2 == 'newaccountonly' ) {
520 $options['newaccountonly'] = true;
521 }
522 if ( $opt2 == 'noedit' ) {
523 $options['noedit'] = true;
524 }
525 if ( $opt2 == 'casesensitive' ) {
526 $options['casesensitive'] = true;
527 }
528 if ( $opt2 == 'reupload' ) {
529 $options['reupload'] = true;
530 }
531 if ( preg_match( '/errmsg\s*=\s*(.+)/i', $opt, $matches ) ) {
532 $options['errmsg'] = $matches[1];
533 }
534 if ( $opt2 == 'antispoof' ) {
535 $options['antispoof'] = true;
536 }
537 }
538 // Process magic words
539 preg_match_all( '/{{\s*([a-z]+)\s*:\s*(.+?)\s*}}/', $regex, $magicwords, PREG_SET_ORDER );
540 foreach ( $magicwords as $mword ) {
541 global $wgParser; // Functions we're calling don't need, nevertheless let's use it
542 switch ( strtolower( $mword[1] ) ) {
543 case 'ns':
544 $cpf_result = CoreParserFunctions::ns( $wgParser, $mword[2] );
545 if ( is_string( $cpf_result ) ) {
546 // All result will have the same value, so we can just use str_seplace()
547 $regex = str_replace( $mword[0], $cpf_result, $regex );
548 }
549 break;
550 case 'int':
551 $cpf_result = wfMessage( $mword[2] )->inContentLanguage()->text();
552 if ( is_string( $cpf_result ) ) {
553 $regex = str_replace( $mword[0], $cpf_result, $regex );
554 }
555 }
556 }
557 // Return result
558 if ( $regex ) {
559 return new TitleBlacklistEntry( $regex, $options, $raw, $source );
560 } else {
561 return null;
562 }
563 }
564
568 public function getRegex() {
569 return $this->mRegex;
570 }
571
575 public function getRaw() {
576 return $this->mRaw;
577 }
578
582 public function getParams() {
583 return $this->mParams;
584 }
585
589 public function getCustomMessage() {
590 return isset( $this->mParams['errmsg'] ) ? $this->mParams['errmsg'] : null;
591 }
592
596 public function getFormatVersion() {
597 return $this->mFormatVersion;
598 }
599
605 public function setFormatVersion( $v ) {
606 $this->mFormatVersion = $v;
607 }
608
616 public function getErrorMessage( $operation ) {
617 $message = $this->getCustomMessage();
618 // For grep:
619 // titleblacklist-forbidden-edit, titleblacklist-forbidden-move,
620 // titleblacklist-forbidden-upload, titleblacklist-forbidden-new-account
621 return $message ? $message : "titleblacklist-forbidden-{$operation}";
622 }
623}
wfRestoreWarnings
wfRestoreWarnings()
Definition GlobalFunctions.php:2029
wfMemcKey
wfMemcKey()
Make a cache key for the local wiki.
Definition GlobalFunctions.php:2757
wfSuppressWarnings
wfSuppressWarnings( $end=false)
Reference-counted warning suppression.
Definition GlobalFunctions.php:2021
wfDebugLog
wfDebugLog( $logGroup, $text, $dest='all', array $context=[])
Send a line to a supplementary debug log file, if configured, or main debug log if not.
Definition GlobalFunctions.php:1141
$wgParser
$wgParser
Definition Setup.php:832
$line
$line
Definition cdb.php:58
ContentHandler\getContentText
static getContentText(Content $content=null)
Convenience function for getting flat text from a Content object.
Definition ContentHandler.php:79
CoreParserFunctions\ns
static ns( $parser, $part1='')
Definition CoreParserFunctions.php:137
MWException
MediaWiki exception.
Definition MWException.php:26
TitleBlacklistEntry
Represents a title blacklist entry.
Definition TitleBlacklist.list.php:347
TitleBlacklistEntry\$mFormatVersion
string $mFormatVersion
Entry format version.
Definition TitleBlacklist.list.php:370
TitleBlacklistEntry\$mSource
string $mSource
Source of this entry.
Definition TitleBlacklist.list.php:376
TitleBlacklistEntry\newFromString
static newFromString( $line, $source)
Create a new TitleBlacklistEntry from a line of text.
Definition TitleBlacklist.list.php:491
TitleBlacklistEntry\getErrorMessage
getErrorMessage( $operation)
Return the error message name for the blacklist entry.
Definition TitleBlacklist.list.php:616
TitleBlacklistEntry\$mParams
array $mParams
Parameters for this entry.
Definition TitleBlacklist.list.php:364
TitleBlacklistEntry\$mRegex
string $mRegex
Regular expression to match.
Definition TitleBlacklist.list.php:358
TitleBlacklistEntry\__construct
__construct( $regex, $params, $raw, $source)
Construct a new TitleBlacklistEntry.
Definition TitleBlacklist.list.php:385
TitleBlacklistEntry\matches
matches( $title, $action)
Check whether a user can perform the specified action on the specified Title.
Definition TitleBlacklist.list.php:423
TitleBlacklistEntry\filtersNewAccounts
filtersNewAccounts()
Returns whether this entry is capable of filtering new accounts.
Definition TitleBlacklist.list.php:396
TitleBlacklistEntry\setFormatVersion
setFormatVersion( $v)
Set the format version.
Definition TitleBlacklist.list.php:605
TitleBlacklist
Implements a title blacklist for MediaWiki.
Definition TitleBlacklist.list.php:17
TitleBlacklist\destroySingleton
static destroySingleton()
Destroy/reset the current singleton instance.
Definition TitleBlacklist.list.php:47
TitleBlacklist\getBlacklist
getBlacklist()
Get the current blacklist.
Definition TitleBlacklist.list.php:262
TitleBlacklist\getWhitelist
getWhitelist()
Get the current whitelist.
Definition TitleBlacklist.list.php:274
TitleBlacklist\invalidate
invalidate()
Invalidate the blacklist cache.
Definition TitleBlacklist.list.php:306
TitleBlacklist\singleton
static singleton()
Get an instance of this class.
Definition TitleBlacklist.list.php:34
TitleBlacklist\userCannot
userCannot( $title, $user, $action='edit', $override=true)
Check whether the blacklist restricts given user performing a specific action on the given Title.
Definition TitleBlacklist.list.php:184
TitleBlacklist\userCanOverride
static userCanOverride( $user, $action)
Inidcates whether user can override blacklist on certain action.
Definition TitleBlacklist.list.php:338
TitleBlacklist\parseBlacklist
static parseBlacklist( $list, $sourceName)
Parse blacklist from a string.
Definition TitleBlacklist.list.php:160
TitleBlacklist\getHttp
static getHttp( $url)
Get the text of a blacklist source via HTTP.
Definition TitleBlacklist.list.php:287
TitleBlacklist\load
load()
Load all configured blacklist sources.
Definition TitleBlacklist.list.php:61
TitleBlacklist\$instance
static TitleBlacklist $instance
Definition TitleBlacklist.list.php:25
TitleBlacklist\isWhitelisted
isWhitelisted( $title, $action='edit')
Check whether it has been explicitly whitelisted that the current User may perform a specific action ...
Definition TitleBlacklist.list.php:244
TitleBlacklist\loadWhitelist
loadWhitelist()
Load local whitelist.
Definition TitleBlacklist.list.php:92
TitleBlacklist\isBlacklisted
isBlacklisted( $title, $action='edit')
Check whether the blacklist restricts performing a specific action on the given Title.
Definition TitleBlacklist.list.php:208
TitleBlacklist\getBlacklistText
static getBlacklistText( $source)
Get the text of a blacklist from a specified source.
Definition TitleBlacklist.list.php:115
TitleBlacklist\validate
validate( $blacklist)
Validate a new blacklist.
Definition TitleBlacklist.list.php:317
Title
Represents a title within MediaWiki.
Definition Title.php:39
WikiPage\factory
static factory(Title $title)
Create a WikiPage object of the appropriate class for the given title.
Definition WikiPage.php:121
list
deferred txt A few of the database updates required by various functions here can be deferred until after the result page is displayed to the user For updating the view updating the linked to tables after a etc PHP does not yet have any way to tell the server to actually return and disconnect while still running these but it might have such a feature in the future We handle these by creating a deferred update object and putting those objects on a global list
Definition deferred.txt:11
text
design txt This is a brief overview of the new design More thorough and up to date information is available on the documentation wiki at etc Handles the details of getting and saving to the user table of the and dealing with sessions and cookies OutputPage Encapsulates the entire HTML page that will be sent in response to any server request It is used by calling its functions to add text
Definition design.txt:18
$result
namespace being checked & $result
Definition hooks.txt:2293
$options
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
Definition hooks.txt:1971
wfMessage
either a unescaped string or a HtmlArmor object after in associative array form externallinks including delete and has completed for all link tables whether this was an auto creation default is conds Array Extra conditions for the No matching items in log is displayed if loglist is empty msgKey Array If you want a nice box with a set this to the key of the message First element is the message additional optional elements are parameters for the key that are processed with wfMessage() -> params() ->parseAsBlock() - offset Set to overwrite offset parameter in $wgRequest set to '' to unset offset - wrap String Wrap the message in html(usually something like "&lt;div ...>$1&lt;/div>"). - flags Integer display flags(NO_ACTION_LINK, NO_EXTRA_USER_LINKS) 'LogException':Called before an exception(or PHP error) is logged. This is meant for integration with external error aggregation services
$e
returning false will NOT prevent logging $e
Definition hooks.txt:2146
$messageMemc
globals will be eliminated from MediaWiki replaced by an application object which would be passed to constructors Whether that would be an convenient solution remains to be but certainly PHP makes such object oriented programming models easier than they were in previous versions For the time being MediaWiki programmers will have to work in an environment with some global context At the time of globals were initialised on startup by MediaWiki of these were configuration which are documented in DefaultSettings php There is no comprehensive documentation for the remaining however some of the most important ones are listed below They are typically initialised either in index php or in Setup php For a description of the see design txt $wgTitle Title object created from the request URL $wgOut OutputPage object for HTTP response $wgUser User object for the user associated with the current request $wgLang Language object selected by user preferences $wgContLang Language object associated with the wiki being viewed $wgParser Parser object Parser extensions register their hooks here $wgRequest WebRequest to get request data $messageMemc
Definition globals.txt:66
$cache
$cache
Definition mcc.php:33
$source
$source
Definition mwdoc-filter.php:46
$lines
$lines
Definition router.php:61
$params
$params
Definition styleTest.css.php:40