30use Wikimedia\ScopedCallback;
39define(
'EDIT_TOKEN_SUFFIX', Token::SUFFIX );
104 'mEmailAuthenticated',
106 'mEmailTokenExpires',
164 'move-categorypages',
165 'move-rootuserpages',
169 'override-export-depth',
191 'userrights-interwiki',
328 return (
string)$this->
getName();
354 $this->mLoadedItems ===
true || $this->mFrom !==
'session';
365 if ( $this->mLoadedItems ===
true ) {
370 $oldLoadedItems = $this->mLoadedItems;
371 $this->mLoadedItems =
true;
372 $this->queryFlagsUsed =
$flags;
376 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
377 ->warning(
'User::loadFromSession called before the end of Setup.php', [
378 'exception' =>
new Exception(
'User::loadFromSession called before the end of Setup.php' ),
381 $this->mLoadedItems = $oldLoadedItems;
385 switch ( $this->mFrom ) {
391 if (
wfGetLB()->hasOrMadeRecentMasterChanges() ) {
392 $flags |= self::READ_LATEST;
393 $this->queryFlagsUsed =
$flags;
396 $this->mId = self::idFromName( $this->mName,
$flags );
412 Hooks::run(
'UserLoadAfterLoadFromSession', [ $this ] );
415 throw new UnexpectedValueException(
416 "Unrecognised value for User->mFrom: \"{$this->mFrom}\"" );
426 if ( $this->mId == 0 ) {
444 $this->mLoadedItems =
true;
445 $this->queryFlagsUsed =
$flags;
455 public static function purge( $wikiId, $userId ) {
456 $cache = ObjectCache::getMainWANInstance();
457 $key =
$cache->makeGlobalKey(
'user',
'id', $wikiId, $userId );
467 return $cache->makeGlobalKey(
'user',
'id',
wfWikiID(), $this->mId );
476 $id = $this->
getId();
488 $cache = ObjectCache::getMainWANInstance();
489 $data =
$cache->getWithSetCallback(
494 wfDebug(
"User: cache miss for user {$this->mId}\n" );
501 foreach ( self::$mCacheVars
as $name ) {
502 $data[
$name] = $this->$name;
509 foreach ( $this->mGroupMemberships
as $ugm ) {
510 if ( $ugm->getExpiry() ) {
511 $secondsUntilExpiry =
wfTimestamp( TS_UNIX, $ugm->getExpiry() ) - time();
512 if ( $secondsUntilExpiry > 0 && $secondsUntilExpiry < $ttl ) {
513 $ttl = $secondsUntilExpiry;
520 [
'pcTTL' => $cache::TTL_PROC_LONG,
'version' => self::VERSION ]
524 foreach ( self::$mCacheVars
as $name ) {
525 $this->$name = $data[
$name];
550 public static function newFromName( $name, $validate =
'valid' ) {
551 if ( $validate ===
true ) {
554 $name = self::getCanonicalName(
$name, $validate );
555 if (
$name ===
false ) {
562 $u->setItemLoaded(
'name' );
593 $db = (
$flags & self::READ_LATEST ) == self::READ_LATEST
597 $id = $db->selectField(
601 'user_email_token' => md5(
$code ),
602 'user_email_token_expires > ' . $db->addQuotes( $db->timestamp() ),
606 return $id ? self::newFromId( $id ) :
null;
618 $user->mFrom =
'session';
639 $user->loadFromRow( $row, $data );
680 'validate' =>
'valid',
686 if (
$name ===
false ) {
691 $row =
$dbr->selectRow(
693 self::selectFields(),
694 [
'user_name' =>
$name ],
700 $row = $dbw->selectRow(
702 self::selectFields(),
703 [
'user_name' =>
$name ],
711 ? self::createNew(
$name, [
'token' => self::INVALID_TOKEN ] )
715 $user = self::newFromRow( $row );
719 if (
$user->mEmail ||
$user->mToken !== self::INVALID_TOKEN ||
720 AuthManager::singleton()->userCanAuthenticate(
$name )
727 AuthManager::singleton()->revokeAccessForUser(
$name );
729 $user->invalidateEmail();
730 $user->mToken = self::INVALID_TOKEN;
731 $user->saveSettings();
732 SessionManager::singleton()->preventSessionsForUser(
$user->getName() );
745 public static function whoIs( $id ) {
767 if ( is_null( $nt ) ) {
772 if ( !(
$flags & self::READ_LATEST ) && isset( self::$idCacheByName[
$name] ) ) {
773 return self::$idCacheByName[
$name];
782 [
'user_name' => $nt->getText() ],
787 if (
$s ===
false ) {
795 if ( count( self::$idCacheByName ) > 1000 ) {
796 self::$idCacheByName = [];
806 self::$idCacheByName = [];
825 public static function isIP( $name ) {
826 return preg_match(
'/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/',
$name )
827 || IP::isIPv6(
$name );
837 return IP::isValidRange( $this->mName );
855 || self::isIP(
$name )
856 || strpos(
$name,
'/' ) !==
false
865 $parsed = Title::newFromText(
$name );
866 if ( is_null( $parsed )
867 || $parsed->getNamespace()
868 || strcmp(
$name, $parsed->getPrefixedText() ) ) {
874 $unicodeBlacklist =
'/[' .
875 '\x{0080}-\x{009f}' . # iso-8859-1 control chars
876 '\x{00a0}' . # non-breaking space
877 '\x{2000}-\x{200f}' . # various whitespace
878 '\x{2028}-\x{202f}' . # breaks
and control chars
879 '\x{3000}' . # ideographic space
880 '\x{e000}-\x{f8ff}' . #
private use
882 if ( preg_match( $unicodeBlacklist,
$name ) ) {
903 if ( !self::isValidUserName(
$name ) ) {
907 static $reservedUsernames =
false;
908 if ( !$reservedUsernames ) {
910 Hooks::run(
'UserGetReservedNames', [ &$reservedUsernames ] );
914 foreach ( $reservedUsernames
as $reserved ) {
915 if ( substr( $reserved, 0, 4 ) ==
'msg:' ) {
916 $reserved =
wfMessage( substr( $reserved, 4 ) )->inContentLanguage()->text();
918 if ( $reserved ==
$name ) {
936 if ( $groups === [] ) {
940 $groups = array_unique( (
array)$groups );
941 $limit = min( 5000, $limit );
943 $conds = [
'ug_group' => $groups ];
944 if ( $after !==
null ) {
945 $conds[] =
'ug_user > ' . (int)$after;
949 $ids =
$dbr->selectFieldValues(
956 'ORDER BY' =>
'ug_user',
981 if ( strlen(
$name ) > 235 ) {
983 ": '$name' invalid due to length" );
991 ": '$name' invalid due to wgInvalidUsernameCharacters" );
996 return self::isUsableName(
$name );
1022 foreach (
$result->getErrorsByType(
'error' )
as $error ) {
1025 foreach (
$result->getErrorsByType(
'warning' )
as $warning ) {
1063 if ( !Hooks::run(
'isValidPassword', [ $password, &
$result, $this ] ) ) {
1069 $status->merge( $upp->checkUserPassword( $this, $password ) );
1071 } elseif (
$result ===
true ) {
1097 # Reject names containing '#'; these will be cleaned up
1098 # with title normalisation, but then it's too late to
1100 if ( strpos(
$name,
'#' ) !==
false ) {
1106 $t = ( $validate !==
false ) ?
1109 if ( is_null(
$t ) ||
$t->getNamespace() !==
NS_USER ||
$t->isExternal() ) {
1114 $name = AuthManager::callLegacyAuthPlugin(
1115 'getCanonicalName', [
$t->getText() ],
$t->getText()
1118 switch ( $validate ) {
1122 if ( !self::isValidUserName(
$name ) ) {
1127 if ( !self::isUsableName(
$name ) ) {
1132 if ( !self::isCreatableName(
$name ) ) {
1137 throw new InvalidArgumentException(
1138 'Invalid parameter value for $validate in ' . __METHOD__ );
1164 $this->mName =
$name;
1165 $this->mRealName =
'';
1167 $this->mOptionOverrides =
null;
1168 $this->mOptionsLoaded =
false;
1170 $loggedOut = $this->mRequest && !defined(
'MW_NO_SESSION' )
1171 ? $this->mRequest->getSession()->getLoggedOutTimestamp() : 0;
1172 if ( $loggedOut !== 0 ) {
1173 $this->mTouched =
wfTimestamp( TS_MW, $loggedOut );
1175 $this->mTouched =
'1'; # Allow any
pages to be cached
1178 $this->mToken =
null;
1179 $this->mEmailAuthenticated =
null;
1180 $this->mEmailToken =
'';
1181 $this->mEmailTokenExpires =
null;
1183 $this->mGroupMemberships = [];
1185 Hooks::run(
'UserLoadDefaults', [ $this,
$name ] );
1201 return ( $this->mLoadedItems ===
true && $all ===
'all' ) ||
1202 ( isset( $this->mLoadedItems[$item] ) && $this->mLoadedItems[$item] ===
true );
1211 if ( is_array( $this->mLoadedItems ) ) {
1212 $this->mLoadedItems[$item] =
true;
1224 Hooks::run(
'UserLoadFromSession', [ $this, &
$result ],
'1.27' );
1231 $session = $this->
getRequest()->getSession();
1232 $user = $session->getUser();
1233 if (
$user->isLoggedIn() ) {
1240 if ( $config->get(
'CookieSetOnAutoblock' ) ===
true ) {
1242 $shouldSetCookie = $this->
getRequest()->getCookie(
'BlockID' ) ===
null
1245 && $block->isAutoblocking();
1246 if ( $shouldSetCookie ) {
1247 wfDebug( __METHOD__ .
': User is autoblocked, setting cookie to track' );
1248 $block->setCookie( $this->
getRequest()->response() );
1253 $session->set(
'wsUserID', $this->
getId() );
1254 $session->set(
'wsUserName', $this->
getName() );
1255 $session->set(
'wsToken', $this->
getToken() );
1270 $this->mId = intval( $this->mId );
1272 if ( !$this->mId ) {
1281 $s = $db->selectRow(
1283 self::selectFields(),
1284 [
'user_id' => $this->mId ],
1289 $this->queryFlagsUsed =
$flags;
1290 Hooks::run(
'UserLoadFromDatabase', [ $this, &
$s ] );
1292 if (
$s !==
false ) {
1295 $this->mGroupMemberships =
null;
1321 $this->mGroupMemberships =
null;
1323 if ( isset( $row->user_name ) ) {
1324 $this->mName = $row->user_name;
1325 $this->mFrom =
'name';
1331 if ( isset( $row->user_real_name ) ) {
1332 $this->mRealName = $row->user_real_name;
1338 if ( isset( $row->user_id ) ) {
1339 $this->mId = intval( $row->user_id );
1340 $this->mFrom =
'id';
1346 if ( isset( $row->user_id ) && isset( $row->user_name ) ) {
1347 self::$idCacheByName[$row->user_name] = $row->user_id;
1350 if ( isset( $row->user_editcount ) ) {
1351 $this->mEditCount = $row->user_editcount;
1356 if ( isset( $row->user_touched ) ) {
1357 $this->mTouched =
wfTimestamp( TS_MW, $row->user_touched );
1362 if ( isset( $row->user_token ) ) {
1366 $this->mToken = rtrim( $row->user_token,
" \0" );
1367 if ( $this->mToken ===
'' ) {
1368 $this->mToken =
null;
1374 if ( isset( $row->user_email ) ) {
1375 $this->mEmail = $row->user_email;
1376 $this->mEmailAuthenticated =
wfTimestampOrNull( TS_MW, $row->user_email_authenticated );
1377 $this->mEmailToken = $row->user_email_token;
1378 $this->mEmailTokenExpires =
wfTimestampOrNull( TS_MW, $row->user_email_token_expires );
1385 $this->mLoadedItems =
true;
1388 if ( is_array( $data ) ) {
1389 if ( isset( $data[
'user_groups'] ) && is_array( $data[
'user_groups'] ) ) {
1390 if ( !count( $data[
'user_groups'] ) ) {
1391 $this->mGroupMemberships = [];
1393 $firstGroup = reset( $data[
'user_groups'] );
1394 if ( is_array( $firstGroup ) || is_object( $firstGroup ) ) {
1395 $this->mGroupMemberships = [];
1396 foreach ( $data[
'user_groups']
as $row ) {
1398 $this->mGroupMemberships[$ugm->getGroup()] = $ugm;
1403 if ( isset( $data[
'user_properties'] ) && is_array( $data[
'user_properties'] ) ) {
1416 foreach ( self::$mCacheVars
as $var ) {
1417 $this->$var =
$user->$var;
1425 if ( is_null( $this->mGroupMemberships ) ) {
1426 $db = ( $this->queryFlagsUsed & self::READ_LATEST )
1456 if ( !count( $toPromote ) ) {
1465 foreach ( $toPromote
as $group ) {
1469 Hooks::run(
'UserGroupsChanged', [ $this, $toPromote, [],
false,
false ] );
1470 AuthManager::callLegacyAuthPlugin(
'updateExternalDBGroups', [ $this, $toPromote ] );
1472 $newGroups = array_merge( $oldGroups, $toPromote );
1475 $logEntry->setPerformer( $this );
1477 $logEntry->setParameters( [
1478 '4::oldgroups' => $oldGroups,
1479 '5::newgroups' => $newGroups,
1481 $logid = $logEntry->insert();
1483 $logEntry->publish( $logid );
1499 if ( $this->mTouched ) {
1501 $conditions[
'user_touched'] = $db->
timestamp( $this->mTouched );
1519 if ( !$this->mId ) {
1527 $dbw->update(
'user',
1528 [
'user_touched' => $dbw->timestamp( $newTouched ) ],
1529 $this->makeUpdateConditions( $dbw, [
1530 'user_id' => $this->mId,
1534 $success = ( $dbw->affectedRows() > 0 );
1537 $this->mTouched = $newTouched;
1555 $this->mNewtalk = -1;
1556 $this->mDatePreference =
null;
1557 $this->mBlockedby = -1; # Unset
1558 $this->mHash =
false;
1559 $this->mRights =
null;
1560 $this->mEffectiveGroups =
null;
1561 $this->mImplicitGroups =
null;
1562 $this->mGroupMemberships =
null;
1563 $this->mOptions =
null;
1564 $this->mOptionsLoaded =
false;
1565 $this->mEditCount =
null;
1567 if ( $reloadFrom ) {
1568 $this->mLoadedItems = [];
1569 $this->mFrom = $reloadFrom;
1582 static $defOpt =
null;
1583 static $defOptLang =
null;
1585 if ( $defOpt !==
null && $defOptLang ===
$wgContLang->getCode() ) {
1595 $defOpt[
'language'] = $defOptLang;
1597 $defOpt[$langCode ==
$wgContLang->getCode() ?
'variant' :
"variant-$langCode"] = $langCode;
1604 $defOpt[
'searchNs' . $nsnum] = (bool)$val;
1608 Hooks::run(
'UserGetDefaultOptions', [ &$defOpt ] );
1620 $defOpts = self::getDefaultOptions();
1621 if ( isset( $defOpts[
$opt] ) ) {
1622 return $defOpts[
$opt];
1637 if ( -1 != $this->mBlockedby ) {
1641 wfDebug( __METHOD__ .
": checking...\n" );
1650 # We only need to worry about passing the IP address to the Block generator if the
1651 # user is not immune to autoblocks/hardblocks, and they are the current user so we
1652 # know which IP address they're actually coming from
1657 $globalUserName = $sessionUser->isSafeToLoad()
1658 ? $sessionUser->getName()
1659 : IP::sanitizeIP( $sessionUser->getRequest()->getIP() );
1660 if ( $this->
getName() === $globalUserName && !$this->
isAllowed(
'ipblock-exempt' ) ) {
1668 if ( !$block instanceof
Block ) {
1675 if ( self::isLocallyBlockedProxy( $ip ) ) {
1676 $block =
new Block( [
1680 'systemBlock' =>
'proxy',
1683 $block =
new Block( [
1687 'systemBlock' =>
'dnsbl',
1693 if ( !$block instanceof
Block
1698 $xff = $this->
getRequest()->getHeader(
'X-Forwarded-For' );
1699 $xff = array_map(
'trim', explode(
',', $xff ) );
1700 $xff = array_diff( $xff, [ $ip ] );
1703 if ( $block instanceof
Block ) {
1704 # Mangle the reason to alert the user that the block
1705 # originated from matching the X-Forwarded-For header.
1706 $block->mReason =
wfMessage(
'xffblockreason', $block->mReason )->text();
1710 if ( !$block instanceof
Block
1715 $block =
new Block( [
1717 'byText' =>
'MediaWiki default',
1718 'reason' =>
wfMessage(
'softblockrangesreason', $ip )->
text(),
1720 'systemBlock' =>
'wgSoftBlockRanges',
1724 if ( $block instanceof
Block ) {
1725 wfDebug( __METHOD__ .
": Found block.\n" );
1726 $this->mBlock = $block;
1727 $this->mBlockedby = $block->getByName();
1728 $this->mBlockreason = $block->mReason;
1729 $this->mHideName = $block->mHideName;
1730 $this->mAllowUsertalk = !$block->prevents(
'editownusertalk' );
1732 $this->mBlockedby =
'';
1733 $this->mHideName = 0;
1734 $this->mAllowUsertalk =
false;
1740 Hooks::run(
'GetBlockedStatus', [ &$thisUser ] );
1750 if ( strlen( $blockCookieVal ) < 1 || !is_numeric( substr( $blockCookieVal, 0, 1 ) ) ) {
1755 if ( $blockCookieId !==
null ) {
1758 if ( $tmpBlock instanceof
Block ) {
1761 && !$tmpBlock->isExpired()
1762 && $tmpBlock->isAutoblocking();
1764 $useBlockCookie = ( $config->get(
'CookieSetOnAutoblock' ) ===
true );
1765 if ( $blockIsValid && $useBlockCookie ) {
1811 if ( IP::isIPv4( $ip ) ) {
1813 $ipReversed = implode(
'.', array_reverse( explode(
'.', $ip ) ) );
1819 if ( is_array(
$base ) ) {
1820 if ( count(
$base ) >= 2 ) {
1822 $host =
"{$base[1]}.$ipReversed.{$base[0]}";
1824 $host =
"$ipReversed.{$base[0]}";
1826 $basename =
$base[0];
1828 $host =
"$ipReversed.$base";
1832 $ipList = gethostbynamel( $host );
1835 wfDebugLog(
'dnsblacklist',
"Hostname $host is {$ipList[0]}, it's a proxy says $basename!" );
1839 wfDebugLog(
'dnsblacklist',
"Requested $host, not found in $basename." );
1866 $resultProxyList = [];
1867 $deprecatedIPEntries = [];
1871 $keyIsIP = IP::isIPAddress( $key );
1872 $valueIsIP = IP::isIPAddress(
$value );
1873 if ( $keyIsIP && !$valueIsIP ) {
1874 $deprecatedIPEntries[] = $key;
1875 $resultProxyList[] = $key;
1876 } elseif ( $keyIsIP && $valueIsIP ) {
1877 $deprecatedIPEntries[] = $key;
1878 $resultProxyList[] = $key;
1879 $resultProxyList[] =
$value;
1881 $resultProxyList[] =
$value;
1885 if ( $deprecatedIPEntries ) {
1887 'IP addresses in the keys of $wgProxyList (found the following IP addresses in keys: ' .
1888 implode(
', ', $deprecatedIPEntries ) .
', please move them to values)',
'1.30' );
1891 $proxyListIPSet =
new IPSet( $resultProxyList );
1892 return $proxyListIPSet->match( $ip );
1908 return !$this->
isAllowed(
'noratelimit' );
1930 if ( !Hooks::run(
'PingLimiter', [ &
$user, $action, &
$result, $incrBy ] ) ) {
1939 $limits = array_merge(
1940 [
'&can-bypass' =>
true ],
1950 $id = $this->
getId();
1953 $cache = ObjectCache::getLocalClusterInstance();
1957 if ( isset( $limits[
'anon'] ) ) {
1958 $keys[
$cache->makeKey(
'limiter', $action,
'anon' )] = $limits[
'anon'];
1962 if ( isset( $limits[
'user'] ) ) {
1963 $userLimit = $limits[
'user'];
1970 if ( isset( $limits[
'ip'] ) ) {
1972 $keys[
"mediawiki:limiter:$action:ip:$ip"] = $limits[
'ip'];
1975 if ( isset( $limits[
'subnet'] ) ) {
1977 $subnet = IP::getSubnet( $ip );
1978 if ( $subnet !==
false ) {
1979 $keys[
"mediawiki:limiter:$action:subnet:$subnet"] = $limits[
'subnet'];
1987 if ( isset( $limits[$group] ) ) {
1988 if ( $userLimit ===
false
1989 || $limits[$group][0] / $limits[$group][1] > $userLimit[0] / $userLimit[1]
1991 $userLimit = $limits[$group];
1997 if ( $id !== 0 && $isNewbie && isset( $limits[
'newbie'] ) ) {
1998 $userLimit = $limits[
'newbie'];
2002 if ( $userLimit !==
false ) {
2003 list( $max, $period ) = $userLimit;
2004 wfDebug( __METHOD__ .
": effective user limit: $max in {$period}s\n" );
2005 $keys[
$cache->makeKey(
'limiter', $action,
'user', $id )] = $userLimit;
2009 if ( isset( $limits[
'ip-all'] ) ) {
2012 if ( $isNewbie || $userLimit ===
false
2013 || $limits[
'ip-all'][0] / $limits[
'ip-all'][1] > $userLimit[0] / $userLimit[1] ) {
2014 $keys[
"mediawiki:limiter:$action:ip-all:$ip"] = $limits[
'ip-all'];
2019 if ( isset( $limits[
'subnet-all'] ) ) {
2021 $subnet = IP::getSubnet( $ip );
2022 if ( $subnet !==
false ) {
2024 if ( $isNewbie || $userLimit ===
false
2025 || $limits[
'ip-all'][0] / $limits[
'ip-all'][1]
2026 > $userLimit[0] / $userLimit[1] ) {
2027 $keys[
"mediawiki:limiter:$action:subnet-all:$subnet"] = $limits[
'subnet-all'];
2033 foreach (
$keys as $key => $limit ) {
2034 list( $max, $period ) = $limit;
2035 $summary =
"(limit $max in {$period}s)";
2036 $count =
$cache->get( $key );
2039 if ( $count >= $max ) {
2040 wfDebugLog(
'ratelimit',
"User '{$this->getName()}' " .
2041 "(IP {$this->getRequest()->getIP()}) tripped $key at $count $summary" );
2044 wfDebug( __METHOD__ .
": ok. $key at $count $summary\n" );
2047 wfDebug( __METHOD__ .
": adding record for $key $summary\n" );
2048 if ( $incrBy > 0 ) {
2049 $cache->add( $key, 0, intval( $period ) );
2052 if ( $incrBy > 0 ) {
2053 $cache->incr( $key, $incrBy );
2079 return $this->mBlock instanceof
Block ? $this->mBlock :
null;
2092 $blocked = $this->
isBlocked( $bFromSlave );
2095 if ( !$this->mHideName && $allowUsertalk &&
$title->getText() === $this->
getName()
2098 wfDebug( __METHOD__ .
": self-talk page, ignoring any blocks\n" );
2101 Hooks::run(
'UserIsBlockedFrom', [ $this,
$title, &$blocked, &$allowUsertalk ] );
2112 return $this->mBlockedby;
2121 return $this->mBlockreason;
2130 return ( $this->mBlock ? $this->mBlock->getId() :
false );
2156 if ( $this->mGlobalBlock !==
null ) {
2157 return $this->mGlobalBlock ?:
null;
2160 if ( IP::isIPAddress( $this->
getName() ) ) {
2169 Hooks::run(
'UserIsBlockedGlobally', [ &
$user, $ip, &$blocked, &$block ] );
2171 if ( $blocked && $block ===
null ) {
2173 $block =
new Block( [
2175 'systemBlock' =>
'global-block'
2179 $this->mGlobalBlock = $blocked ? $block :
false;
2180 return $this->mGlobalBlock ?:
null;
2189 if ( $this->mLocked !==
null ) {
2190 return $this->mLocked;
2194 $authUser = AuthManager::callLegacyAuthPlugin(
'getUserInstance', [ &
$user ],
null );
2195 $this->mLocked = $authUser && $authUser->isLocked();
2196 Hooks::run(
'UserIsLocked', [ $this, &$this->mLocked ] );
2197 return $this->mLocked;
2206 if ( $this->mHideName !==
null ) {
2207 return $this->mHideName;
2210 if ( !$this->mHideName ) {
2213 $authUser = AuthManager::callLegacyAuthPlugin(
'getUserInstance', [ &
$user ],
null );
2214 $this->mHideName = $authUser && $authUser->isHidden();
2215 Hooks::run(
'UserIsHidden', [ $this, &$this->mHideName ] );
2217 return $this->mHideName;
2225 if ( $this->mId ===
null && $this->mName !==
null && self::isIP( $this->mName ) ) {
2233 return (
int)$this->mId;
2252 return $this->mName;
2255 if ( $this->mName ===
false ) {
2257 $this->mName = IP::sanitizeIP( $this->
getRequest()->getIP() );
2259 return $this->mName;
2278 $this->mName = $str;
2286 return str_replace(
' ',
'_', $this->
getName() );
2297 if ( $this->mNewtalk === -1 ) {
2298 $this->mNewtalk =
false; # reset talk
page status
2302 if ( !$this->mId ) {
2306 $this->mNewtalk =
false;
2311 $this->mNewtalk = $this->
checkNewtalk(
'user_id', $this->mId );
2315 return (
bool)$this->mNewtalk;
2335 if ( !Hooks::run(
'UserRetrieveNewTalks', [ &
$user, &$talks ] ) ) {
2343 $timestamp =
$dbr->selectField(
'user_newtalk',
2344 'MIN(user_last_timestamp)',
2345 $this->
isAnon() ? [
'user_ip' => $this->
getName() ] : [
'user_id' => $this->
getId() ],
2348 return [ [
'wiki' =>
wfWikiID(),
'link' => $utp->getLocalURL(),
'rev' =>
$rev ] ];
2357 $newMessageRevisionId =
null;
2359 if ( $newMessageLinks ) {
2363 if ( count( $newMessageLinks ) === 1
2364 && $newMessageLinks[0][
'wiki'] ===
wfWikiID()
2365 && $newMessageLinks[0][
'rev']
2368 $newMessageRevision = $newMessageLinks[0][
'rev'];
2369 $newMessageRevisionId = $newMessageRevision->getId();
2372 return $newMessageRevisionId;
2386 $ok =
$dbr->selectField(
'user_newtalk', $field, [ $field => $id ], __METHOD__ );
2388 return $ok !==
false;
2400 $prevRev = $curRev ? $curRev->getPrevious() :
false;
2401 $ts = $prevRev ? $prevRev->getTimestamp() :
null;
2404 $dbw->insert(
'user_newtalk',
2405 [ $field => $id,
'user_last_timestamp' => $dbw->timestampOrNull( $ts ) ],
2408 if ( $dbw->affectedRows() ) {
2409 wfDebug( __METHOD__ .
": set on ($field, $id)\n" );
2412 wfDebug( __METHOD__ .
" already set ($field, $id)\n" );
2425 $dbw->delete(
'user_newtalk',
2428 if ( $dbw->affectedRows() ) {
2429 wfDebug( __METHOD__ .
": killed on ($field, $id)\n" );
2432 wfDebug( __METHOD__ .
": already gone ($field, $id)\n" );
2449 $this->mNewtalk = $val;
2456 $id = $this->
getId();
2479 if ( $this->mTouched && $time <= $this->mTouched ) {
2497 if ( !$this->
getId() ) {
2501 $cache = ObjectCache::getMainWANInstance();
2503 if ( $mode ===
'refresh' ) {
2504 $cache->delete( $key, 1 );
2538 $id = $this->
getId();
2540 $cache = MediaWikiServices::getInstance()->getMainWANObjectCache();
2541 $key =
$cache->makeKey(
'user-quicktouched',
'id', $id );
2542 $cache->touchCheckKey( $key );
2543 $this->mQuickTouched =
null;
2553 return ( $timestamp >= $this->
getTouched() );
2568 if ( $this->mQuickTouched ===
null ) {
2569 $cache = MediaWikiServices::getInstance()->getMainWANObjectCache();
2570 $key =
$cache->makeKey(
'user-quicktouched',
'id', $this->mId );
2575 return max( $this->mTouched, $this->mQuickTouched );
2578 return $this->mTouched;
2589 return $this->mTouched;
2633 $manager = AuthManager::singleton();
2636 if ( !$manager->userExists( $this->getName() ) ) {
2637 throw new LogicException(
'Cannot set a password for a user that is not in the database.' );
2641 'username' => $this->
getName(),
2646 \MediaWiki\Logger\LoggerFactory::getInstance(
'authentication' )
2647 ->info( __METHOD__ .
': Password change rejected: '
2648 .
$status->getWikiText(
null,
null,
'en' ) );
2652 $this->
setOption(
'watchlisttoken',
false );
2653 SessionManager::singleton()->invalidateSessionsForUser( $this );
2671 $manager = AuthManager::singleton();
2672 $reqs = $manager->getAuthenticationRequests( AuthManager::ACTION_CHANGE, $this );
2673 $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );
2675 $status = Status::newGood(
'ignored' );
2676 foreach ( $reqs
as $req ) {
2677 $status->merge( $manager->allowsAuthenticationDataChange(
$req ),
true );
2679 if (
$status->getValue() ===
'ignored' ) {
2680 $status->warning(
'authenticationdatachange-ignored' );
2684 foreach ( $reqs
as $req ) {
2685 $manager->changeAuthenticationData(
$req );
2701 if ( !$this->mToken && $forceCreation ) {
2705 if ( !$this->mToken ) {
2708 } elseif ( $this->mToken === self::INVALID_TOKEN ) {
2714 return $this->mToken;
2720 $len = max( 32, self::TOKEN_LENGTH );
2721 if ( strlen(
$ret ) < $len ) {
2723 throw new \UnexpectedValueException(
'Hmac returned less than 128 bits' );
2725 return substr(
$ret, -$len );
2737 if ( $this->mToken === self::INVALID_TOKEN ) {
2738 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
2739 ->debug( __METHOD__ .
": Ignoring attempt to set token for system user \"$this\"" );
2740 } elseif ( !$token ) {
2743 $this->mToken = $token;
2756 throw new BadMethodCallException( __METHOD__ .
' has been removed in 1.27' );
2765 Hooks::run(
'UserGetEmail', [ $this, &$this->mEmail ] );
2766 return $this->mEmail;
2775 Hooks::run(
'UserGetEmailAuthenticationTimestamp', [ $this, &$this->mEmailAuthenticated ] );
2776 return $this->mEmailAuthenticated;
2785 if ( $str == $this->mEmail ) {
2789 $this->mEmail = $str;
2790 Hooks::run(
'UserSetEmail', [ $this, &$this->mEmail ] );
2804 return Status::newFatal(
'emaildisabled' );
2808 if ( $str === $oldaddr ) {
2809 return Status::newGood(
true );
2812 $type = $oldaddr !=
'' ?
'changed' :
'set';
2813 $notificationResult =
null;
2818 if (
$type ==
'changed' ) {
2819 $change = $str !=
'' ?
'changed' :
'removed';
2820 $notificationResult = $this->
sendMail(
2821 wfMessage(
'notificationemail_subject_' . $change )->
text(),
2822 wfMessage(
'notificationemail_body_' . $change,
2836 if ( $notificationResult !==
null ) {
2837 $result->merge( $notificationResult );
2845 $result = Status::newGood(
true );
2860 return $this->mRealName;
2869 $this->mRealName = $str;
2882 public function getOption( $oname, $defaultOverride =
null, $ignoreHidden =
false ) {
2886 # We want 'disabled' preferences to always behave as the default value for
2887 # users, even if they have set the option explicitly in their settings (ie they
2888 # set it, and then it was disabled removing their ability to change it). But
2889 # we don't want to erase the preferences in the database in case the preference
2890 # is re-enabled again. So don't touch $mOptions, just override the returned value
2892 return self::getDefaultOption( $oname );
2895 if ( array_key_exists( $oname, $this->mOptions ) ) {
2896 return $this->mOptions[$oname];
2898 return $defaultOverride;
2915 # We want 'disabled' preferences to always behave as the default value for
2916 # users, even if they have set the option explicitly in their settings (ie they
2917 # set it, and then it was disabled removing their ability to change it). But
2918 # we don't want to erase the preferences in the database in case the preference
2919 # is re-enabled again. So don't touch $mOptions, just override the returned value
2921 $default = self::getDefaultOption( $pref );
2922 if ( $default !==
null ) {
2927 if (
$flags & self::GETOPTIONS_EXCLUDE_DEFAULTS ) {
2942 return (
bool)$this->
getOption( $oname );
2956 $val = $defaultOverride;
2958 return intval( $val );
2973 if ( is_null( $val ) ) {
2974 $val = self::getDefaultOption( $oname );
2977 $this->mOptions[$oname] = $val;
2993 $id = $this->
getId();
3003 $token = hash_hmac(
'sha1',
"$oname:$id", $this->
getToken() );
3055 'registered-multiselect',
3056 'registered-checkmatrix',
3088 unset( $prefs[
$name] );
3093 $multiselectOptions = [];
3094 foreach ( $prefs
as $name => $info ) {
3095 if ( ( isset( $info[
'type'] ) && $info[
'type'] ==
'multiselect' ) ||
3096 ( isset( $info[
'class'] ) && $info[
'class'] ==
'HTMLMultiSelectField' ) ) {
3098 $prefix = isset( $info[
'prefix'] ) ? $info[
'prefix'] :
$name;
3101 $multiselectOptions[
"$prefix$value"] =
true;
3104 unset( $prefs[
$name] );
3107 $checkmatrixOptions = [];
3108 foreach ( $prefs
as $name => $info ) {
3109 if ( ( isset( $info[
'type'] ) && $info[
'type'] ==
'checkmatrix' ) ||
3110 ( isset( $info[
'class'] ) && $info[
'class'] ==
'HTMLCheckMatrix' ) ) {
3113 $prefix = isset( $info[
'prefix'] ) ? $info[
'prefix'] :
$name;
3115 foreach ( $columns
as $column ) {
3117 $checkmatrixOptions[
"$prefix$column-$row"] =
true;
3121 unset( $prefs[
$name] );
3127 if ( isset( $prefs[$key] ) ) {
3128 $mapping[$key] =
'registered';
3129 } elseif ( isset( $multiselectOptions[$key] ) ) {
3130 $mapping[$key] =
'registered-multiselect';
3131 } elseif ( isset( $checkmatrixOptions[$key] ) ) {
3132 $mapping[$key] =
'registered-checkmatrix';
3133 } elseif ( isset( $specialOptions[$key] ) ) {
3134 $mapping[$key] =
'special';
3135 } elseif ( substr( $key, 0, 7 ) ===
'userjs-' ) {
3136 $mapping[$key] =
'userjs';
3138 $mapping[$key] =
'unused';
3160 $resetKinds = [
'registered',
'registered-multiselect',
'registered-checkmatrix',
'unused' ],
3164 $defaultOptions = self::getDefaultOptions();
3166 if ( !is_array( $resetKinds ) ) {
3167 $resetKinds = [ $resetKinds ];
3170 if ( in_array(
'all', $resetKinds ) ) {
3171 $newOptions = $defaultOptions;
3178 $resetKinds = array_intersect( $resetKinds, self::listOptionKinds() );
3183 foreach ( $this->mOptions
as $key =>
$value ) {
3184 if ( in_array( $optionKinds[$key], $resetKinds ) ) {
3185 if ( array_key_exists( $key, $defaultOptions ) ) {
3186 $newOptions[$key] = $defaultOptions[$key];
3189 $newOptions[$key] =
$value;
3194 Hooks::run(
'UserResetAllOptions', [ $this, &$newOptions, $this->mOptions, $resetKinds ] );
3196 $this->mOptions = $newOptions;
3197 $this->mOptionsLoaded =
true;
3206 if ( is_null( $this->mDatePreference ) ) {
3209 $map =
$wgLang->getDatePreferenceMigrationMap();
3210 if ( isset( $map[
$value] ) ) {
3213 $this->mDatePreference =
$value;
3215 return $this->mDatePreference;
3230 Hooks::run(
'UserRequiresHTTPS', [ $this, &$https ] );
3259 if ( is_null( $this->mRights ) ) {
3261 Hooks::run(
'UserGetRights', [ $this, &$this->mRights ] );
3265 if ( !defined(
'MW_NO_SESSION' ) ) {
3266 $allowedRights = $this->
getRequest()->getSession()->getAllowedUserRights();
3267 if ( $allowedRights !==
null ) {
3268 $this->mRights = array_intersect( $this->mRights, $allowedRights );
3273 $this->mRights = array_values( array_unique( $this->mRights ) );
3284 $config->get(
'BlockDisablesLogin' ) &&
3288 $this->mRights = array_intersect( $this->mRights, $anon->getRights() );
3291 return $this->mRights;
3302 return array_keys( $this->mGroupMemberships );
3315 return $this->mGroupMemberships;
3326 if ( $recache || is_null( $this->mEffectiveGroups ) ) {
3327 $this->mEffectiveGroups = array_unique( array_merge(
3334 Hooks::run(
'UserEffectiveGroups', [ &
$user, &$this->mEffectiveGroups ] );
3336 $this->mEffectiveGroups = array_values( array_unique( $this->mEffectiveGroups ) );
3338 return $this->mEffectiveGroups;
3349 if ( $recache || is_null( $this->mImplicitGroups ) ) {
3350 $this->mImplicitGroups = [
'*' ];
3351 if ( $this->
getId() ) {
3352 $this->mImplicitGroups[] =
'user';
3354 $this->mImplicitGroups = array_unique( array_merge(
3355 $this->mImplicitGroups,
3362 $this->mEffectiveGroups =
null;
3365 return $this->mImplicitGroups;
3380 if ( is_null( $this->mFormerGroups ) ) {
3381 $db = ( $this->queryFlagsUsed & self::READ_LATEST )
3384 $res = $db->select(
'user_former_groups',
3386 [
'ufg_user' => $this->mId ],
3388 $this->mFormerGroups = [];
3389 foreach (
$res as $row ) {
3390 $this->mFormerGroups[] = $row->ufg_group;
3394 return $this->mFormerGroups;
3402 if ( !$this->
getId() ) {
3406 if ( $this->mEditCount ===
null ) {
3410 $count =
$dbr->selectField(
3411 'user',
'user_editcount',
3412 [
'user_id' => $this->mId ],
3416 if ( $count ===
null ) {
3420 $this->mEditCount = $count;
3422 return (
int)$this->mEditCount;
3444 if ( !Hooks::run(
'UserAddGroup', [ $this, &$group, &$expiry ] ) ) {
3450 if ( !$ugm->insert(
true ) ) {
3454 $this->mGroupMemberships[$group] = $ugm;
3459 $this->mRights =
null;
3475 if ( !Hooks::run(
'UserRemoveGroup', [ $this, &$group ] ) ) {
3481 if ( !$ugm || !$ugm->delete() ) {
3486 unset( $this->mGroupMemberships[$group] );
3491 $this->mRights =
null;
3503 return $this->
getId() != 0;
3524 Hooks::run(
"UserIsBot", [ $this, &$isBot ] );
3536 $permissions = func_get_args();
3537 foreach ( $permissions
as $permission ) {
3538 if ( $this->
isAllowed( $permission ) ) {
3551 $permissions = func_get_args();
3552 foreach ( $permissions
as $permission ) {
3553 if ( !$this->
isAllowed( $permission ) ) {
3566 if ( $action ===
'' ) {
3571 return in_array( $action, $this->
getRights(),
true );
3613 if ( $this->mRequest ) {
3614 return $this->mRequest;
3629 public function isWatched( $title, $checkRights = self::CHECK_USER_RIGHTS ) {
3630 if (
$title->isWatchable() && ( !$checkRights || $this->isAllowed(
'viewmywatchlist' ) ) ) {
3631 return MediaWikiServices::getInstance()->getWatchedItemStore()->isWatched( $this,
$title );
3643 public function addWatch( $title, $checkRights = self::CHECK_USER_RIGHTS ) {
3644 if ( !$checkRights || $this->
isAllowed(
'editmywatchlist' ) ) {
3645 MediaWikiServices::getInstance()->getWatchedItemStore()->addWatchBatchForUser(
3660 public function removeWatch( $title, $checkRights = self::CHECK_USER_RIGHTS ) {
3661 if ( !$checkRights || $this->
isAllowed(
'editmywatchlist' ) ) {
3662 $store = MediaWikiServices::getInstance()->getWatchedItemStore();
3663 $store->removeWatch( $this,
$title->getSubjectPage() );
3664 $store->removeWatch( $this,
$title->getTalkPage() );
3686 if ( !$this->
isAllowed(
'editmywatchlist' ) ) {
3694 if ( !Hooks::run(
'UserClearNewTalkNotification', [ &
$user, $oldid ] ) ) {
3699 DeferredUpdates::addCallableUpdate(
function ()
use (
$title, $oldid ) {
3709 ?
$title->getNextRevisionID( $oldid, Title::GAID_FOR_UPDATE )
3735 MediaWikiServices::getInstance()->getWatchedItemStore()
3736 ->resetNotificationTimestamp( $this,
$title, $force, $oldid );
3757 $id = $this->
getId();
3763 $asOfTimes = array_unique( $dbw->selectFieldValues(
3765 'wl_notificationtimestamp',
3766 [
'wl_user' => $id,
'wl_notificationtimestamp IS NOT NULL' ],
3768 [
'ORDER BY' =>
'wl_notificationtimestamp DESC',
'LIMIT' => 500 ]
3770 if ( !$asOfTimes ) {
3777 [
'wl_notificationtimestamp' =>
null ],
3778 [
'wl_user' => $id,
'wl_notificationtimestamp' => $asOfTimes ],
3785 function ()
use ( $dbw, $id ) {
3788 $lbFactory = MediaWikiServices::getInstance()->getDBLoadBalancerFactory();
3789 $ticket = $lbFactory->getEmptyTransactionTicket( __METHOD__ );
3790 $asOfTimes = array_unique( $dbw->selectFieldValues(
3792 'wl_notificationtimestamp',
3793 [
'wl_user' => $id,
'wl_notificationtimestamp IS NOT NULL' ],
3799 [
'wl_notificationtimestamp' =>
null ],
3800 [
'wl_user' => $id,
'wl_notificationtimestamp' => $asOfTimeBatch ],
3803 $lbFactory->commitAndWaitForReplication( __METHOD__, $ticket );
3834 $registration > $learnerRegistration
3839 $registration <= $experiencedRegistration
3841 return 'experienced';
3927 if ( 0 == $this->mId ) {
3931 $session = $this->
getRequest()->getSession();
3933 $session = $session->sessionWithRequest(
$request );
3935 $delay = $session->delaySave();
3937 if ( !$session->getUser()->equals( $this ) ) {
3938 if ( !$session->canSetUser() ) {
3939 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
3940 ->warning( __METHOD__ .
3941 ": Cannot save user \"$this\" to a user \"{$session->getUser()}\"'s immutable session"
3945 $session->setUser( $this );
3948 $session->setRememberUser( $rememberMe );
3949 if ( $secure !==
null ) {
3950 $session->setForceHTTPS( $secure );
3953 $session->persist();
3955 ScopedCallback::consume( $delay );
3964 if ( Hooks::run(
'UserLogout', [ &
$user ] ) ) {
3974 $session = $this->
getRequest()->getSession();
3975 if ( !$session->canSetUser() ) {
3976 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
3977 ->warning( __METHOD__ .
": Cannot log out of an immutable session" );
3978 $error =
'immutable';
3979 } elseif ( !$session->getUser()->equals( $this ) ) {
3980 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
3981 ->warning( __METHOD__ .
3982 ": Cannot log user \"$this\" out of a user \"{$session->getUser()}\"'s session"
3986 $error =
'wronguser';
3989 $delay = $session->delaySave();
3990 $session->unpersist();
3991 $session->setLoggedOutTimestamp( time() );
3992 $session->setUser(
new User );
3993 $session->set(
'wsUserID', 0 );
3994 $session->resetAllTokens();
3995 ScopedCallback::consume( $delay );
3998 \MediaWiki\Logger\LoggerFactory::getInstance(
'authevents' )->info(
'Logout', [
3999 'event' =>
'logout',
4000 'successful' => $error ===
false,
4001 'status' => $error ?:
'success',
4015 "Could not update user with ID '{$this->mId}'; DB is read-only."
4021 if ( 0 == $this->mId ) {
4031 $dbw->update(
'user',
4033 'user_name' => $this->mName,
4034 'user_real_name' => $this->mRealName,
4035 'user_email' => $this->mEmail,
4036 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
4037 'user_touched' => $dbw->timestamp( $newTouched ),
4038 'user_token' => strval( $this->mToken ),
4039 'user_email_token' => $this->mEmailToken,
4040 'user_email_token_expires' => $dbw->timestampOrNull( $this->mEmailTokenExpires ),
4041 ], $this->makeUpdateConditions( $dbw, [
4042 'user_id' => $this->mId,
4046 if ( !$dbw->affectedRows() ) {
4050 $from = ( $this->queryFlagsUsed & self::READ_LATEST ) ?
'master' :
'replica';
4052 "CAS update failed on user_touched for user ID '{$this->mId}' (read from $from);" .
4053 " the version of the user to be saved is older than the current version."
4057 $this->mTouched = $newTouched;
4060 Hooks::run(
'UserSaveSettings', [ $this ] );
4077 $db = ( (
$flags & self::READ_LATEST ) == self::READ_LATEST )
4081 $options = ( (
$flags & self::READ_LOCKING ) == self::READ_LOCKING )
4082 ? [
'LOCK IN SHARE MODE' ]
4085 $id = $db->selectField(
'user',
4086 'user_id', [
'user_name' =>
$s ], __METHOD__,
$options );
4107 foreach ( [
'password',
'newpassword',
'newpass_time',
'password_expires' ]
as $field ) {
4108 if ( isset(
$params[$field] ) ) {
4109 wfDeprecated( __METHOD__ .
" with param '$field'",
'1.27' );
4117 if ( isset(
$params[
'options'] ) ) {
4123 $noPass = PasswordFactory::newInvalidPassword()->toString();
4126 'user_name' =>
$name,
4127 'user_password' => $noPass,
4128 'user_newpassword' => $noPass,
4129 'user_email' =>
$user->mEmail,
4130 'user_email_authenticated' => $dbw->timestampOrNull(
$user->mEmailAuthenticated ),
4131 'user_real_name' =>
$user->mRealName,
4132 'user_token' => strval(
$user->mToken ),
4133 'user_registration' => $dbw->timestamp(
$user->mRegistration ),
4134 'user_editcount' => 0,
4135 'user_touched' => $dbw->timestamp(
$user->newTouchedTimestamp() ),
4138 $fields[
"user_$name"] =
$value;
4140 $dbw->insert(
'user', $fields, __METHOD__, [
'IGNORE' ] );
4141 if ( $dbw->affectedRows() ) {
4142 $newUser = self::newFromId( $dbw->insertId() );
4177 if ( !$this->mToken ) {
4181 if ( !is_string( $this->mName ) ) {
4182 throw new RuntimeException(
"User name field is not set." );
4187 $noPass = PasswordFactory::newInvalidPassword()->toString();
4190 $dbw->insert(
'user',
4192 'user_name' => $this->mName,
4193 'user_password' => $noPass,
4194 'user_newpassword' => $noPass,
4195 'user_email' => $this->mEmail,
4196 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
4197 'user_real_name' => $this->mRealName,
4198 'user_token' => strval( $this->mToken ),
4199 'user_registration' => $dbw->timestamp( $this->mRegistration ),
4200 'user_editcount' => 0,
4201 'user_touched' => $dbw->timestamp( $this->mTouched ),
4205 if ( !$dbw->affectedRows() ) {
4207 $this->mId = $dbw->selectField(
4210 [
'user_name' => $this->mName ],
4212 [
'LOCK IN SHARE MODE' ]
4221 throw new MWException( __METHOD__ .
": hit a key conflict attempting " .
4222 "to insert user '{$this->mName}' row, but it was not present in select!" );
4224 return Status::newFatal(
'userexists' );
4226 $this->mId = $dbw->insertId();
4227 self::$idCacheByName[$this->mName] = $this->mId;
4233 return Status::newGood();
4255 wfDebug( __METHOD__ .
"()\n" );
4257 if ( $this->mId == 0 ) {
4262 if ( !$userblock ) {
4266 return (
bool)$userblock->doAutoblock( $this->
getRequest()->getIP() );
4275 if ( $this->mBlock && $this->mBlock->prevents(
'createaccount' ) ) {
4276 return $this->mBlock;
4279 # T15611: if the IP address the user is trying to create an account from is
4280 # blocked with createaccount disabled, prevent new account creation there even
4281 # when the user is logged in
4282 if ( $this->mBlockedFromCreateAccount ===
false && !$this->
isAllowed(
'ipblock-exempt' ) ) {
4285 return $this->mBlockedFromCreateAccount instanceof
Block
4286 && $this->mBlockedFromCreateAccount->
prevents(
'createaccount' )
4287 ? $this->mBlockedFromCreateAccount
4297 return $this->mBlock && $this->mBlock->prevents(
'sendemail' );
4324 return $title->getTalkPage();
4333 return !$this->
isAllowed(
'autoconfirmed' );
4343 $manager = AuthManager::singleton();
4344 $reqs = AuthenticationRequest::loadRequestsFromSubmission(
4345 $manager->getAuthenticationRequests( AuthManager::ACTION_LOGIN ),
4347 'username' => $this->getName(),
4348 'password' => $password,
4351 $res = AuthManager::singleton()->beginAuthentication( $reqs,
'null:' );
4352 switch (
$res->status ) {
4353 case AuthenticationResponse::PASS:
4355 case AuthenticationResponse::FAIL:
4357 \MediaWiki\Logger\LoggerFactory::getInstance(
'authentication' )
4358 ->info( __METHOD__ .
': Authentication failed: ' .
$res->message->plain() );
4361 throw new BadMethodCallException(
4362 'AuthManager returned a response unsupported by ' . __METHOD__
4399 return $request->getSession()->getToken( $salt );
4427 return MediaWiki\Session\Token::getTimestamp( $val );
4457 $val = substr( $val, 0, strspn( $val,
'0123456789abcdef' ) ) . Token::SUFFIX;
4476 if (
$type ==
'created' ||
$type ===
false ) {
4477 $message =
'confirmemail_body';
4478 } elseif (
$type ===
true ) {
4479 $message =
'confirmemail_body_changed';
4482 $message =
'confirmemail_body_' .
$type;
4490 $wgLang->userTimeAndDate( $expiration, $this ),
4492 $wgLang->userDate( $expiration, $this ),
4493 $wgLang->userTime( $expiration, $this ) )->text() );
4507 public function sendMail( $subject, $body, $from =
null, $replyto =
null ) {
4510 if ( $from instanceof
User ) {
4519 'replyTo' => $replyto,
4540 $hash = md5( $token );
4541 $this->mEmailToken = $hash;
4542 $this->mEmailTokenExpires = $expiration;
4552 return $this->
getTokenUrl(
'ConfirmEmail', $token );
4561 return $this->
getTokenUrl(
'InvalidateEmail', $token );
4580 $title = Title::makeTitle(
NS_MAIN,
"Special:$page/$token" );
4581 return $title->getCanonicalURL();
4596 Hooks::run(
'ConfirmEmailComplete', [ $this ] );
4610 $this->mEmailToken =
null;
4611 $this->mEmailTokenExpires =
null;
4614 Hooks::run(
'InvalidateEmailComplete', [ $this ] );
4624 $this->mEmailAuthenticated = $timestamp;
4625 Hooks::run(
'UserSetEmailAuthenticationTimestamp', [ $this, &$this->mEmailAuthenticated ] );
4641 Hooks::run(
'UserCanSendEmail', [ &
$user, &$canSend ] );
4670 if ( Hooks::run(
'EmailConfirmed', [ &
$user, &$confirmed ] ) ) {
4674 if ( !Sanitizer::validateEmail( $this->mEmail ) ) {
4694 $this->mEmailToken &&
4710 return $this->mRegistration;
4720 if ( $this->
getId() == 0 ) {
4724 $time =
$dbr->selectField(
'revision',
'rev_timestamp',
4725 [
'rev_user' => $this->
getId() ],
4727 [
'ORDER BY' =>
'rev_timestamp ASC' ]
4745 foreach ( $groups
as $group ) {
4747 $rights = array_merge( $rights,
4753 foreach ( $groups
as $group ) {
4755 $rights = array_diff( $rights,
4759 return array_unique( $rights );
4770 $allowedGroups = [];
4772 if ( self::groupHasPermission( $group, $role ) ) {
4773 $allowedGroups[] = $group;
4776 return $allowedGroups;
4817 if ( isset(
$cache[$right] ) && !defined(
'MW_PHPUNIT_TEST' ) ) {
4828 if ( isset( $rights[$right] ) && $rights[$right] ) {
4836 if ( !defined(
'MW_NO_SESSION' ) ) {
4837 $allowedRights = SessionManager::getGlobalSession()->getAllowedUserRights();
4838 if ( $allowedRights !==
null && !in_array( $right, $allowedRights,
true ) ) {
4845 if ( !Hooks::run(
'UserIsEveryoneAllowed', [ $right ] ) ) {
4889 self::getImplicitGroups()
4898 if ( self::$mAllRights ===
false ) {
4901 self::$mAllRights = array_unique( array_merge( self::$mCoreRights,
$wgAvailableRights ) );
4903 self::$mAllRights = self::$mCoreRights;
4905 Hooks::run(
'UserGetAllRights', [ &self::$mAllRights ] );
4907 return self::$mAllRights;
4918 # Deprecated, use $wgImplicitGroups instead
4919 Hooks::run(
'UserGetImplicitGroups', [ &$groups ],
'1.25' );
4949 if ( $text ==
'' ) {
4954 return MediaWikiServices::getInstance()
4955 ->getLinkRenderer()->makeLink(
$title, $text );
4957 return htmlspecialchars( $text );
4974 if ( $text ==
'' ) {
4979 $page =
$title->getFullText();
4980 return "[[$page|$text]]";
5009 $groups[
'add'] = self::getAllGroups();
5018 $groups[
'remove'] = self::getAllGroups();
5026 if ( is_int( $key ) ) {
5034 if ( is_int( $key ) ) {
5045 $groups[
'add-self'] = self::getAllGroups();
5053 $groups[
'remove-self'] = self::getAllGroups();
5069 if ( $this->
isAllowed(
'userrights' ) ) {
5074 $all = array_merge( self::getAllGroups() );
5092 foreach ( $addergroups
as $addergroup ) {
5093 $groups = array_merge_recursive(
5096 $groups[
'add'] = array_unique( $groups[
'add'] );
5097 $groups[
'remove'] = array_unique( $groups[
'remove'] );
5098 $groups[
'add-self'] = array_unique( $groups[
'add-self'] );
5099 $groups[
'remove-self'] = array_unique( $groups[
'remove-self'] );
5133 [
'user_editcount=user_editcount+1' ],
5134 [
'user_id' => $this->
getId(),
'user_editcount IS NOT NULL' ],
5138 if ( $dbw->affectedRows() == 0 ) {
5141 if (
$dbr !== $dbw ) {
5153 if ( $this->mEditCount ===
null ) {
5156 $this->mEditCount += (
$dbr !== $dbw ) ? 1 : 0;
5158 $this->mEditCount++;
5175 $count = (int)
$dbr->selectField(
5178 [
'rev_user' => $this->getId() ],
5181 $count = $count + $add;
5186 [
'user_editcount' => $count ],
5187 [
'user_id' => $this->
getId() ],
5202 $key =
"right-$right";
5204 return $msg->isDisabled() ? $right : $msg->text();
5215 $key =
"grant-$grant";
5217 return $msg->isDisabled() ? $grant : $msg->text();
5268 if ( $this->mOptionsLoaded ) {
5272 $this->mOptions = self::getDefaultOptions();
5274 if ( !$this->
getId() ) {
5280 $this->mOptions[
'variant'] = $variant;
5281 $this->mOptions[
'language'] = $variant;
5282 $this->mOptionsLoaded =
true;
5287 if ( !is_null( $this->mOptionOverrides ) ) {
5288 wfDebug(
"User: loading options for user " . $this->
getId() .
" from override cache.\n" );
5289 foreach ( $this->mOptionOverrides
as $key =>
$value ) {
5290 $this->mOptions[$key] =
$value;
5293 if ( !is_array( $data ) ) {
5294 wfDebug(
"User: loading options for user " . $this->
getId() .
" from database.\n" );
5296 $dbr = ( $this->queryFlagsUsed & self::READ_LATEST )
5302 [
'up_property',
'up_value' ],
5303 [
'up_user' => $this->
getId() ],
5307 $this->mOptionOverrides = [];
5309 foreach (
$res as $row ) {
5314 if ( $row->up_value ===
'0' ) {
5317 $data[$row->up_property] = $row->up_value;
5323 if ( isset( $data[
'email-blacklist'] ) && $data[
'email-blacklist'] ) {
5324 $data[
'email-blacklist'] = array_map(
'intval', explode(
"\n", $data[
'email-blacklist'] ) );
5333 $this->mOptionsLoaded =
true;
5335 Hooks::run(
'UserLoadOptions', [ $this, &$this->mOptions ] );
5347 $saveOptions = $this->mOptions;
5350 if ( isset( $this->mOptions[
'email-blacklist'] ) ) {
5351 if ( $this->mOptions[
'email-blacklist'] ) {
5352 $value = $this->mOptions[
'email-blacklist'];
5355 if ( is_array(
$value ) ) {
5356 $ids = array_filter(
$value,
'is_numeric' );
5359 $ids = $lookup->centralIdsFromNames( explode(
"\n",
$value ), $this );
5361 $this->mOptions[
'email-blacklist'] = $ids;
5362 $saveOptions[
'email-blacklist'] = implode(
"\n", $this->mOptions[
'email-blacklist'] );
5365 $this->mOptions[
'email-blacklist'] =
null;
5371 if ( !Hooks::run(
'UserSaveOptions', [ $this, &$saveOptions ] ) ) {
5375 $userId = $this->
getId();
5378 foreach ( $saveOptions
as $key =>
$value ) {
5380 $defaultOption = self::getDefaultOption( $key );
5381 if ( ( $defaultOption ===
null &&
$value !==
false &&
$value !==
null )
5382 ||
$value != $defaultOption
5385 'up_user' => $userId,
5386 'up_property' => $key,
5394 $res = $dbw->select(
'user_properties',
5395 [
'up_property',
'up_value' ], [
'up_user' => $userId ], __METHOD__ );
5400 foreach (
$res as $row ) {
5401 if ( !isset( $saveOptions[$row->up_property] )
5402 || strcmp( $saveOptions[$row->up_property], $row->up_value ) != 0
5404 $keysDelete[] = $row->up_property;
5408 if ( count( $keysDelete ) ) {
5416 $dbw->delete(
'user_properties',
5417 [
'up_user' => $userId,
'up_property' => $keysDelete ], __METHOD__ );
5420 $dbw->insert(
'user_properties', $insert_rows, __METHOD__, [
'IGNORE' ] );
5467 # Note that the pattern requirement will always be satisfied if the
5468 # input is empty, so we need required in all cases.
5470 # @todo FIXME: T25769: This needs to not claim the password is required
5471 # if e-mail confirmation is being used. Since HTML5 input validation
5472 # is b0rked anyway in some browsers, just return nothing. When it's
5473 # re-enabled, fix this code to not output required for e-mail
5475 # $ret = array( 'required' );
5478 # We can't actually do this right now, because Opera 9.6 will print out
5479 # the entered password visibly in its error message! When other
5480 # browsers add support for this attribute, or Opera fixes its support,
5481 # we can add support with a version check to avoid doing this on Opera
5482 # versions where it will be a problem. Reported to Opera as
5483 # DSK-262266, but they don't have a public bug tracker for us to follow.
5508 'user_email_authenticated',
5510 'user_email_token_expires',
5511 'user_registration',
5527 foreach ( self::getGroupsWithPermission( $permission )
as $group ) {
5532 return Status::newFatal(
'badaccess-groups',
$wgLang->commaList( $groups ), count( $groups ) );
5534 return Status::newFatal(
'badaccess-group0' );
5548 if ( !$this->
getId() ) {
5553 if ( !
$user->loadFromId( self::READ_EXCLUSIVE ) ) {
and(b) You must cause any modified files to carry prominent notices stating that You changed the files
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
$wgRateLimitsExcludedIPs
Array of IPs / CIDR ranges which should be excluded from rate limits.
$wgApplyIpBlocksToXff
Whether to look at the X-Forwarded-For header's list of (potentially spoofed) IPs and apply IP blocks...
$wgUserEmailConfirmationTokenExpiry
The time, in seconds, when an email confirmation email expires.
$wgMaxArticleSize
Maximum article size in kilobytes.
$wgLearnerMemberSince
Name of the external diff engine to use.
$wgProxyList
Big list of banned IP addresses.
$wgHiddenPrefs
An array of preferences to not show for the user.
$wgDefaultUserOptions
Settings added to this array will override the default globals for the user preferences used by anony...
$wgDisableAnonTalk
Disable links to talk pages of anonymous users (IPs) in listings on special pages like page history,...
$wgAutopromoteOnceLogInRC
Put user rights log entries for autopromotion in recent changes?
$wgEnableUserEmail
Set to true to enable user-to-user e-mail.
$wgCookieExpiration
Default cookie lifetime, in seconds.
$wgPasswordPolicy
Password policy for local wiki users.
$wgExperiencedUserMemberSince
Name of the external diff engine to use.
$wgUseFilePatrol
Use file patrolling to check new files on Special:Newfiles.
string null $wgAuthenticationTokenVersion
Versioning for authentication tokens.
string[] $wgSoftBlockRanges
IP ranges that should be considered soft-blocked (anon-only, account creation allowed).
$wgProxyWhitelist
Proxy whitelist, list of addresses that are assumed to be non-proxy despite what the other methods mi...
$wgClockSkewFudge
Clock skew or the one-second resolution of time() can occasionally cause cache problems when the user...
$wgGroupsAddToSelf
A map of group names that the user is in, to group names that those users are allowed to add or revok...
$wgAvailableRights
A list of available rights, in addition to the ones defined by the core.
$wgShowUpdatedMarker
Show "Updated (since my last visit)" marker in RC view, watchlist and history view for watched pages ...
$wgUseRCPatrol
Use RC Patrolling to check for vandalism (from recent changes and watchlists) New pages and new files...
$wgLearnerEdits
The following variables define 3 user experience levels:
$wgUseNPPatrol
Use new page patrolling to check new pages on Special:Newpages.
$wgInvalidUsernameCharacters
Characters to prevent during new account creations.
$wgExtendedLoginCookieExpiration
Default login cookie lifetime, in seconds.
$wgEnableEmail
Set to true to enable the e-mail basic features: Password reminders, etc.
$wgMaxNameChars
Maximum number of bytes in username.
$wgSecureLogin
This is to let user authenticate using https when they come from http.
$wgImplicitGroups
Implicit groups, aren't shown on Special:Listusers or somewhere else.
$wgAddGroups
$wgAddGroups and $wgRemoveGroups can be used to give finer control over who can assign which groups a...
$wgBlockAllowsUTEdit
Set this to true to allow blocked users to edit their own user talk page.
$wgGroupPermissions
Permission keys given to users in each group.
$wgExperiencedUserEdits
Name of the external diff engine to use.
$wgReservedUsernames
Array of usernames which may not be registered or logged in from Maintenance scripts can still use th...
$wgDefaultSkin
Default skin, for new users and anonymous visitors.
$wgRevokePermissions
Permission keys revoked from users in each group.
$wgEnableDnsBlacklist
Whether to use DNS blacklists in $wgDnsBlacklistUrls to check for open proxies.
$wgDnsBlacklistUrls
List of DNS blacklists to use, if $wgEnableDnsBlacklist is true.
$wgMinimalPasswordLength
Specifies the minimal length of a user password.
$wgEmailAuthentication
Require email authentication before sending mail to an email address.
$wgPasswordSender
Sender email address for e-mail notifications.
$wgRateLimits
Simple rate limiter options to brake edit floods.
$wgNamespacesToBeSearchedDefault
List of namespaces which are searched by default.
$wgUpdateRowsPerQuery
Number of rows to update per query.
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
wfTimestampOrNull( $outputtype=TS_UNIX, $ts=null)
Return a formatted timestamp, or null if input is null.
wfTimestampNow()
Convenience function; returns MediaWiki timestamp for the present time.
wfGetLB( $wiki=false)
Get a load balancer object.
wfReadOnly()
Check whether the wiki is in read-only mode.
wfGetDB( $db, $groups=[], $wiki=false)
Get a Database object.
wfCanIPUseHTTPS( $ip)
Determine whether the client at a given source IP is likely to be able to access the wiki via HTTPS.
wfDebugLog( $logGroup, $text, $dest='all', array $context=[])
Send a line to a supplementary debug log file, if configured, or main debug log if not.
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
wfDeprecated( $function, $version=false, $component=false, $callerOffset=2)
Throws a warning that $function is deprecated.
wfWikiID()
Get an ASCII string identifying this wiki This is used as a prefix in memcached keys.
foreach( $wgExtensionFunctions as $func) if(!defined('MW_NO_SESSION') &&! $wgCommandLineMode) if(! $wgCommandLineMode) $wgFullyInitialised
if(! $wgDBerrorLogTZ) $wgRequest
Deferrable Update for closure/callback updates that should use auto-commit mode.
static clearCookie(WebResponse $response)
Unset the 'BlockID' cookie.
prevents( $action, $x=null)
Get/set whether the Block prevents a given action.
static newFromID( $id)
Load a blocked user from their block id.
static getBlocksForIPList(array $ipChain, $isAnon, $fromMaster=false)
Get all blocks that match any IP from an array of IP addresses.
static chooseBlock(array $blocks, array $ipChain)
From a list of multiple blocks, find the most exact and strongest Block.
static getIdFromCookieValue( $cookieValue)
Get the stored ID from the 'BlockID' cookie.
static newFromTarget( $specificTarget, $vagueTarget=null, $fromMaster=false)
Given a target and the target's type, get an existing Block object if possible.
static factory( $providerId=null)
Fetch a CentralIdLookup.
static getDBOptions( $bitfield)
Get an appropriate DB index, options, and fallback DB index for a query.
static hasFlags( $bitfield, $flags)
static array $languagesWithVariants
languages supporting variants
Value object representing a logged-out user's edit token.
static hmac( $data, $key, $raw=true)
Generate an acceptably unstable one-way-hmac of some text making use of the best hash algorithm that ...
static generateHex( $chars, $forceStrong=false)
Generate a run of (ideally) cryptographically random data and return it in hexadecimal string format.
Stores a single person's name and email address.
static newFromUser(User $user)
Create a new MailAddress object for the given user.
Class for creating log entries manually, to inject them into the database.
Factory class for creating and checking Password objects.
static getSaveBlacklist()
static getPreferences( $user, IContextSource $context)
static getMain()
Static methods.
static loadFromTimestamp( $db, $title, $timestamp)
Load the revision for the given title with the given timestamp.
static newFromId( $id, $flags=0)
Load a page revision from a given revision ID number.
static normalizeKey( $key)
Normalize a skin preference value to a form that can be loaded.
Represents a "user group membership" – a specific instance of a user belonging to a group.
static newFromRow( $row)
Creates a new UserGroupMembership object from a database row.
static getMembershipsForUser( $userId, IDatabase $db=null)
Returns UserGroupMembership objects for all the groups a user currently belongs to.
static getGroupPage( $group)
Gets the title of a page describing a particular user group.
static getMembership( $userId, $group, IDatabase $db=null)
Returns a UserGroupMembership object that pertains to the given user and group, or false if the user ...
static getLink( $ugm, IContextSource $context, $format, $userName=null)
Gets a link for a user group, possibly including the expiry date if relevant.
static getGroupName( $group)
Gets the localized friendly name for a group, if it exists.
static getGroupMemberName( $group, $username)
Gets the localized name for a member of a group, if it exists.
static send( $to, $from, $subject, $body, $options=[])
This function will perform a direct (authenticated) login to a SMTP Server to use for mail relaying i...
Check if a user's password complies with any password policies that apply to that user,...
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
loadFromSession()
Load user data from the session.
addWatch( $title, $checkRights=self::CHECK_USER_RIGHTS)
Watch an article.
string $mTouched
TS_MW timestamp from the DB.
logout()
Log this user out.
getOptions( $flags=0)
Get all user's options.
getRequest()
Get the WebRequest object to use with this object.
getPasswordValidity( $password)
Given unvalidated password input, return error message on failure.
Block $mBlockedFromCreateAccount
getName()
Get the user name, or the IP of an anonymous user.
addToDatabase()
Add this existing user object to the database.
static passwordChangeInputAttribs()
Provide an array of HTML5 attributes to put on an input element intended for the user to enter a new ...
requiresHTTPS()
Determine based on the wiki configuration and the user's options, whether this user must be over HTTP...
isBlocked( $bFromSlave=true)
Check if user is blocked.
getExperienceLevel()
Compute experienced level based on edit count and registration date.
static isEveryoneAllowed( $right)
Check if all users may be assumed to have the given permission.
static newFromName( $name, $validate='valid')
Static factory method for creation from username.
resetOptions( $resetKinds=[ 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused'], IContextSource $context=null)
Reset certain (or all) options to the site defaults.
static whoIsReal( $id)
Get the real name of a user given their user ID.
invalidateCache()
Immediately touch the user data cache for this account.
static $mCacheVars
Array of Strings List of member variables which are saved to the shared cache (memcached).
getEmailAuthenticationTimestamp()
Get the timestamp of the user's e-mail authentication.
isBlockedFromEmailuser()
Get whether the user is blocked from using Special:Emailuser.
$mOptionsLoaded
Bool Whether the cache variables have been loaded.
static isCreatableName( $name)
Usernames which fail to pass this function will be blocked from new account registrations,...
getFirstEditTimestamp()
Get the timestamp of the first edit.
getOptionKinds(IContextSource $context, $options=null)
Return an associative array mapping preferences keys to the kind of a preference they're used for.
getBlockedStatus( $bFromSlave=true)
Get blocking information.
static changeableByGroup( $group)
Returns an array of the groups that a particular group can add/remove.
const VERSION
@const int Serialized record version.
getEditTokenObject( $salt='', $request=null)
Initialize (if necessary) and return a session token value which can be used in edit forms to show th...
static getAllGroups()
Return the set of defined explicit groups.
string $mEmailTokenExpires
setCookies( $request=null, $secure=null, $rememberMe=false)
Persist this user's session (e.g.
getEditToken( $salt='', $request=null)
Initialize (if necessary) and return a session token value which can be used in edit forms to show th...
isDnsBlacklisted( $ip, $checkWhitelist=false)
Whether the given IP is in a DNS blacklist.
int $queryFlagsUsed
User::READ_* constant bitfield used to load data.
static $mAllRights
String Cached results of getAllRights()
getTokenUrl( $page, $token)
Internal function to format the e-mail validation/invalidation URLs.
addGroup( $group, $expiry=null)
Add the user to the given group.
isBlockedGlobally( $ip='')
Check if user is blocked on all wikis.
string $mQuickTouched
TS_MW timestamp from cache.
const INVALID_TOKEN
@const string An invalid value for user_token
isSafeToLoad()
Test if it's safe to load this User object.
static groupHasPermission( $group, $role)
Check, if the given group has the given permission.
isEmailConfirmed()
Is this user's e-mail address valid-looking and confirmed within limits of the current site configura...
spreadAnyEditBlock()
If this user is logged-in and blocked, block any IP address they've successfully logged in from.
useFilePatrol()
Check whether to enable new files patrol features for this user.
loadFromId( $flags=self::READ_NORMAL)
Load user table data, given mId has already been set.
isAllowed( $action='')
Internal mechanics of testing a permission.
getDBTouched()
Get the user_touched timestamp field (time of last DB updates)
array $mGroups
No longer used since 1.29; use User::getGroups() instead.
setName( $str)
Set the user name.
changeAuthenticationData(array $data)
Changes credentials of the user.
static $mCoreRights
Array of Strings Core rights.
getId()
Get the user's ID.
getRealName()
Get the user's real name.
loadOptions( $data=null)
Load the user options either from cache, the database or an array.
getBoolOption( $oname)
Get the user's current setting for a given option, as a boolean value.
clearCookie( $name, $secure=null, $params=[])
Clear a cookie on the user's client.
getRegistration()
Get the timestamp of account creation.
static isLocallyBlockedProxy( $ip)
Check if an IP address is in the local proxy list.
getGlobalBlock( $ip='')
Check if user is blocked on all wikis.
isItemLoaded( $item, $all='all')
Return whether an item has been loaded.
getMutableCacheKeys(WANObjectCache $cache)
getTokenFromOption( $oname)
Get a token stored in the preferences (like the watchlist one), resetting it if it's empty (and savin...
isNewbie()
Determine whether the user is a newbie.
clearNotification(&$title, $oldid=0)
Clear the user's notification timestamp for the given title.
array $mGroupMemberships
Associative array of (group name => UserGroupMembership object)
static resetIdByNameCache()
Reset the cache used in idFromName().
deleteNewtalk( $field, $id)
Clear the new messages flag for the given user.
loadFromDatabase( $flags=self::READ_LATEST)
Load user and user_group data from the database.
invalidationTokenUrl( $token)
Return a URL the user can use to invalidate their email address.
useNPPatrol()
Check whether to enable new pages patrol features for this user.
static randomPassword()
Return a random password.
static purge( $wikiId, $userId)
getIntOption( $oname, $defaultOverride=0)
Get the user's current setting for a given option, as an integer value.
clearInstanceCache( $reloadFrom=false)
Clear various cached data stored in this object.
canReceiveEmail()
Is this user allowed to receive e-mails within limits of current site configuration?
loadDefaults( $name=false)
Set cached properties to default.
getOption( $oname, $defaultOverride=null, $ignoreHidden=false)
Get the user's current setting for a given option.
touch()
Update the "touched" timestamp for the user.
checkTemporaryPassword( $plaintext)
Check if the given clear-text password matches the temporary password sent by e-mail for password res...
isPingLimitable()
Is this user subject to rate limiting?
clearSharedCache( $mode='changed')
Clear user data from memcached.
static getCanonicalName( $name, $validate='valid')
Given unvalidated user input, return a canonical username, or false if the username is invalid.
static newFromRow( $row, $data=null)
Create a new user object from a user row.
getToken( $forceCreation=true)
Get the user's current token.
static newFromId( $id)
Static factory method for creation from a given user ID.
setInternalPassword( $str)
Set the password and reset the random token unconditionally.
confirmEmail()
Mark the e-mail address confirmed.
static getGroupsWithPermission( $role)
Get all the groups who have a given permission.
setId( $v)
Set the user and reload all fields according to a given ID.
static getGroupPermissions( $groups)
Get the permissions associated with a given list of groups.
$mNewtalk
Lazy-initialized variables, invalidated with clearInstanceCache.
static getDefaultOptions()
Combine the language default options with any site-specific options and add the default language vari...
static findUsersByGroup( $groups, $limit=5000, $after=null)
Return the users who are members of the given group(s).
getEffectiveGroups( $recache=false)
Get the list of implicit group memberships this user has.
static selectFields()
Return the list of user fields that should be selected to create a new user object.
isHidden()
Check if user account is hidden.
static newFromConfirmationCode( $code, $flags=0)
Factory method to fetch whichever user has a given email confirmation code.
setEmailWithConfirmation( $str)
Set the user's e-mail address and a confirmation mail if needed.
newTouchedTimestamp()
Generate a current or new-future timestamp to be stored in the user_touched field when we update thin...
inDnsBlacklist( $ip, $bases)
Whether the given IP is in a given DNS blacklist.
loadFromUserObject( $user)
Load the data for this user object from another user object.
static isUsableName( $name)
Usernames which fail to pass this function will be blocked from user login and new account registrati...
static getDefaultOption( $opt)
Get a given default option value.
getDatePreference()
Get the user's preferred date format.
checkPasswordValidity( $password)
Check if this is a valid password for this user.
static getGroupPage( $group)
Get the title of a page describing a particular group.
idForName( $flags=0)
If only this user's username is known, and it exists, return the user ID.
getGroupMemberships()
Get the list of explicit group memberships this user has, stored as UserGroupMembership objects.
matchEditTokenNoSuffix( $val, $salt='', $request=null, $maxage=null)
Check given value against the token value stored in the session, ignoring the suffix.
isWatched( $title, $checkRights=self::CHECK_USER_RIGHTS)
Check the watched status of an article.
loadFromRow( $row, $data=null)
Initialize this object from a row from the user table.
setPassword( $str)
Set the password and reset the random token.
confirmationTokenUrl( $token)
Return a URL the user can use to confirm their email address.
isAllowedToCreateAccount()
Get whether the user is allowed to create an account.
static newFromSession(WebRequest $request=null)
Create a new user object using data from session.
incEditCountImmediate()
Increment the user's edit-count field.
setExtendedLoginCookie( $name, $value, $secure)
Set an extended login cookie on the user's client.
static getAllRights()
Get a list of all available permissions.
getNewtalk()
Check if the user has new messages.
getGroups()
Get the list of explicit group memberships this user has.
addNewUserLogEntry( $action=false, $reason='')
Add a newuser log entry for this user.
validateCache( $timestamp)
Validate the cache for this account.
useRCPatrol()
Check whether to enable recent changes patrol features for this user.
loadGroups()
Load the groups from the database if they aren't already loaded.
static whoIs( $id)
Get the username corresponding to a given user ID.
invalidateEmail()
Invalidate the user's e-mail confirmation, and unauthenticate the e-mail address if it was already co...
setEmailAuthenticationTimestamp( $timestamp)
Set the e-mail authentication timestamp.
static newSystemUser( $name, $options=[])
Static factory method for creation of a "system" user from username.
setOption( $oname, $val)
Set the given option for a user.
saveOptions()
Saves the non-default options for this user, as previously set e.g.
static getRightDescription( $right)
Get the description of a given right.
getEditCount()
Get the user's edit count.
addAutopromoteOnceGroups( $event)
Add the user to the group if he/she meets given criteria.
isValidPassword( $password)
Is the input a valid password for this user?
getBlock( $bFromSlave=true)
Get the block affecting the user, or null if the user is not blocked.
isBlockedFromCreateAccount()
Get whether the user is explicitly blocked from account creation.
spreadBlock()
If this (non-anonymous) user is blocked, block the IP address they've successfully logged in from.
getFormerGroups()
Returns the groups the user has belonged to.
setRealName( $str)
Set the user's real name.
static getPasswordFactory()
Lazily instantiate and return a factory object for making passwords.
getTitleKey()
Get the user's name escaped by underscores.
static isIP( $name)
Does the string match an anonymous IP address?
static makeGroupLinkWiki( $group, $text='')
Create a link to the group in Wikitext, if available; else return the group name.
getTouched()
Get the user touched timestamp.
sendMail( $subject, $body, $from=null, $replyto=null)
Send an e-mail to this user's account.
isLocked()
Check if user account is locked.
checkAndSetTouched()
Bump user_touched if it didn't change since this object was loaded.
removeWatch( $title, $checkRights=self::CHECK_USER_RIGHTS)
Stop watching an article.
setPasswordInternal( $str)
Actually set the password and such.
isEmailConfirmationPending()
Check whether there is an outstanding request for e-mail confirmation.
checkNewtalk( $field, $id)
Internal uncached check for new messages.
isBlockedFrom( $title, $bFromSlave=false)
Check if user is blocked from editing a particular article.
getUserPage()
Get this user's personal page title.
isIPRange()
Is the user an IP range?
$mFrom
String Initialization data source if mLoadedItems!==true.
confirmationToken(&$expiration)
Generate, store, and return a new e-mail confirmation code.
canSendEmail()
Is this user allowed to send e-mails within limits of current site configuration?
getBlockId()
If user is blocked, return the ID for the block.
__construct()
Lightweight constructor for an anonymous user.
setNewtalk( $val, $curRev=null)
Update the 'You have new messages!' status.
getStubThreshold()
Get the user preferred stub threshold.
pingLimiter( $action='edit', $incrBy=1)
Primitive rate limits: enforce maximum actions per time period to put a brake on flooding.
static isValidUserName( $name)
Is the input a valid username?
sendConfirmationMail( $type='created')
Generate a new e-mail confirmation token and send a confirmation/invalidation mail to the user's give...
getTalkPage()
Get this user's talk page title.
isLoggedIn()
Get whether the user is logged in.
static idFromName( $name, $flags=self::READ_NORMAL)
Get database id given a user name.
loadFromCache()
Load user data from shared cache, given mId has already been set.
getCacheKey(WANObjectCache $cache)
initEditCount( $add=0)
Initialize user_editcount from data out of the revision table.
saveSettings()
Save this user's settings into the database.
getNewMessageRevisionId()
Get the revision ID for the last talk page revision viewed by the talk page owner.
getBlockFromCookieValue( $blockCookieVal)
Try to load a Block from an ID given in a cookie value.
static getGrantName( $grant)
Get the name of a given grant.
isAllowedAny()
Check if user is allowed to access a feature / make an action.
getEmail()
Get the user's e-mail address.
static newFatalPermissionDeniedStatus( $permission)
Factory function for fatal permission-denied errors.
setNewpassword( $str, $throttle=true)
Set the password for a password reminder or new account email.
getAutomaticGroups( $recache=false)
Get the list of implicit group memberships this user has.
load( $flags=self::READ_NORMAL)
Load the user table data for this object from the source given by mFrom.
blockedBy()
If user is blocked, return the name of the user who placed the block.
getRights()
Get the permissions this user has.
matchEditToken( $val, $salt='', $request=null, $maxage=null)
Check given value against the token value stored in the session.
string $mEmailAuthenticated
const GETOPTIONS_EXCLUDE_DEFAULTS
Exclude user options that are set to their default value.
const TOKEN_LENGTH
@const int Number of characters in user_token field.
equals(User $user)
Checks if two user objects point to the same user.
setToken( $token=false)
Set the random token (used for persistent authentication) Called from loadDefaults() among other plac...
updateNewtalk( $field, $id, $curRev=null)
Add or update the new messages flag.
static createNew( $name, $params=[])
Add a user to the database, return the user object.
static getGroupMember( $group, $username='#')
Get the localized descriptive name for a member of a group, if it exists.
addNewUserLogEntryAutoCreate()
Add an autocreate newuser log entry for this user Used by things like CentralAuth and perhaps other a...
doLogout()
Clear the user's session, and reset the instance cache.
setCookie( $name, $value, $exp=0, $secure=null, $params=[], $request=null)
Set a cookie on the user's client.
setItemLoaded( $item)
Set that an item has been loaded.
incEditCount()
Deferred version of incEditCountImmediate()
$mLoadedItems
Array with already loaded items or true if all items have been loaded.
blockedFor()
If user is blocked, return the specified reason for the block.
static getGroupName( $group)
Get the localized descriptive name for a group, if it exists.
static listOptionKinds()
Return a list of the types of user options currently returned by User::getOptionKinds().
resetTokenFromOption( $oname)
Reset a token stored in the preferences (like the watchlist one).
static makeGroupLinkHTML( $group, $text='')
Create a link to the group in HTML, if available; else return the group name.
static getImplicitGroups()
Get a list of implicit groups.
changeableGroups()
Returns an array of groups that this user can add and remove.
getNewMessageLinks()
Return the data needed to construct links for new talk page message alerts.
isAnon()
Get whether the user is anonymous.
setEmail( $str)
Set the user's e-mail address.
static getEditTokenTimestamp( $val)
Get the embedded timestamp from a token.
checkPassword( $password)
Check to see if the given clear-text password is one of the accepted passwords.
getInstanceForUpdate()
Get a new instance of this user that was loaded from the master via a locking read.
makeUpdateConditions(Database $db, array $conditions)
Builds update conditions.
const EDIT_TOKEN_SUFFIX
Global constant made accessible as class constants so that autoloader magic can be used.
clearAllNotifications()
Resets all of the given user's page-change notification timestamps.
removeGroup( $group)
Remove the user from the given group.
Multi-datacenter aware caching interface.
The WebRequest class encapsulates getting at data passed in the URL or via a POSTed form stripping il...
The ContentHandler facility adds support for arbitrary content types on wiki pages
deferred txt A few of the database updates required by various functions here can be deferred until after the result page is displayed to the user For updating the view updating the linked to tables after a etc PHP does not yet have any way to tell the server to actually return and disconnect while still running these but it might have such a feature in the future We handle these by creating a deferred update object and putting those objects on a global list
design txt This is a brief overview of the new design More thorough and up to date information is available on the documentation wiki at etc Handles the details of getting and saving to the user table of the and dealing with sessions and cookies OutputPage Encapsulates the entire HTML page that will be sent in response to any server request It is used by calling its functions to add in any and then calling but I prefer the flexibility This should also do the output encoding The system allocates a global one in $wgOut Title Represents the title of an article
this class mediates it Skin Encapsulates a look and feel for the wiki All of the functions that render HTML and make choices about how to render it are here and are called from various other places when and is meant to be subclassed with other skins that may override some of its functions The User object contains a reference to a and so rather than having a global skin object we just rely on the global User and get the skin with $wgUser and also has some character encoding functions and other locale stuff The current user interface language is instantiated as and the local content language as $wgContLang
when a variable name is used in a it is silently declared as a new local masking the global
design txt This is a brief overview of the new design More thorough and up to date information is available on the documentation wiki at etc Handles the details of getting and saving to the user table of the and dealing with sessions and cookies OutputPage Encapsulates the entire HTML page that will be sent in response to any server request It is used by calling its functions to add text
this class mediates it Skin Encapsulates a look and feel for the wiki All of the functions that render HTML and make choices about how to render it are here and are called from various other places when and is meant to be subclassed with other skins that may override some of its functions The User object contains a reference to a and so rather than having a global skin object we just rely on the global User and get the skin with $wgUser and also has some character encoding functions and other locale stuff The current user interface language is instantiated as $wgLang
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
const EDIT_TOKEN_SUFFIX
String Some punctuation to prevent editing from broken text-mangling proxies.
Status::newGood()` to allow deletion, and then `return false` from the hook function. Ensure you consume the 'ChangeTagAfterDelete' hook to carry out custom deletion actions. $tag:name of the tag $user:user initiating the action & $status:Status object. See above. 'ChangeTagsListActive':Allows you to nominate which of the tags your extension uses are in active use. & $tags:list of all active tags. Append to this array. 'ChangeTagsAfterUpdateTags':Called after tags have been updated with the ChangeTags::updateTags function. Params:$addedTags:tags effectively added in the update $removedTags:tags effectively removed in the update $prevTags:tags that were present prior to the update $rc_id:recentchanges table id $rev_id:revision table id $log_id:logging table id $params:tag params $rc:RecentChange being tagged when the tagging accompanies the action or null $user:User who performed the tagging when the tagging is subsequent to the action or null 'ChangeTagsAllowedAdd':Called when checking if a user can add tags to a change. & $allowedTags:List of all the tags the user is allowed to add. Any tags the user wants to add( $addTags) that are not in this array will cause it to fail. You may add or remove tags to this array as required. $addTags:List of tags user intends to add. $user:User who is adding the tags. 'ChangeUserGroups':Called before user groups are changed. $performer:The User who will perform the change $user:The User whose groups will be changed & $add:The groups that will be added & $remove:The groups that will be removed 'Collation::factory':Called if $wgCategoryCollation is an unknown collation. $collationName:Name of the collation in question & $collationObject:Null. Replace with a subclass of the Collation class that implements the collation given in $collationName. 'ConfirmEmailComplete':Called after a user 's email has been confirmed successfully. $user:user(object) whose email is being confirmed 'ContentAlterParserOutput':Modify parser output for a given content object. Called by Content::getParserOutput after parsing has finished. Can be used for changes that depend on the result of the parsing but have to be done before LinksUpdate is called(such as adding tracking categories based on the rendered HTML). $content:The Content to render $title:Title of the page, as context $parserOutput:ParserOutput to manipulate 'ContentGetParserOutput':Customize parser output for a given content object, called by AbstractContent::getParserOutput. May be used to override the normal model-specific rendering of page content. $content:The Content to render $title:Title of the page, as context $revId:The revision ID, as context $options:ParserOptions for rendering. To avoid confusing the parser cache, the output can only depend on parameters provided to this hook function, not on global state. $generateHtml:boolean, indicating whether full HTML should be generated. If false, generation of HTML may be skipped, but other information should still be present in the ParserOutput object. & $output:ParserOutput, to manipulate or replace 'ContentHandlerDefaultModelFor':Called when the default content model is determined for a given title. May be used to assign a different model for that title. $title:the Title in question & $model:the model name. Use with CONTENT_MODEL_XXX constants. 'ContentHandlerForModelID':Called when a ContentHandler is requested for a given content model name, but no entry for that model exists in $wgContentHandlers. Note:if your extension implements additional models via this hook, please use GetContentModels hook to make them known to core. $modeName:the requested content model name & $handler:set this to a ContentHandler object, if desired. 'ContentModelCanBeUsedOn':Called to determine whether that content model can be used on a given page. This is especially useful to prevent some content models to be used in some special location. $contentModel:ID of the content model in question $title:the Title in question. & $ok:Output parameter, whether it is OK to use $contentModel on $title. Handler functions that modify $ok should generally return false to prevent further hooks from further modifying $ok. 'ContribsPager::getQueryInfo':Before the contributions query is about to run & $pager:Pager object for contributions & $queryInfo:The query for the contribs Pager 'ContribsPager::reallyDoQuery':Called before really executing the query for My Contributions & $data:an array of results of all contribs queries $pager:The ContribsPager object hooked into $offset:Index offset, inclusive $limit:Exact query limit $descending:Query direction, false for ascending, true for descending 'ContributionsLineEnding':Called before a contributions HTML line is finished $page:SpecialPage object for contributions & $ret:the HTML line $row:the DB row for this line & $classes:the classes to add to the surrounding< li > & $attribs:associative array of other HTML attributes for the< li > element. Currently only data attributes reserved to MediaWiki are allowed(see Sanitizer::isReservedDataAttribute). 'ContributionsToolLinks':Change tool links above Special:Contributions $id:User identifier $title:User page title & $tools:Array of tool links $specialPage:SpecialPage instance for context and services. Can be either SpecialContributions or DeletedContributionsPage. Extensions should type hint against a generic SpecialPage though. 'ConvertContent':Called by AbstractContent::convert when a conversion to another content model is requested. Handler functions that modify $result should generally return false to disable further attempts at conversion. $content:The Content object to be converted. $toModel:The ID of the content model to convert to. $lossy:boolean indicating whether lossy conversion is allowed. & $result:Output parameter, in case the handler function wants to provide a converted Content object. Note that $result->getContentModel() must return $toModel. 'CustomEditor':When invoking the page editor Return true to allow the normal editor to be used, or false if implementing a custom editor, e.g. for a special namespace, etc. $article:Article being edited $user:User performing the edit 'DatabaseOraclePostInit':Called after initialising an Oracle database $db:the DatabaseOracle object 'DeletedContribsPager::reallyDoQuery':Called before really executing the query for Special:DeletedContributions Similar to ContribsPager::reallyDoQuery & $data:an array of results of all contribs queries $pager:The DeletedContribsPager object hooked into $offset:Index offset, inclusive $limit:Exact query limit $descending:Query direction, false for ascending, true for descending 'DeletedContributionsLineEnding':Called before a DeletedContributions HTML line is finished. Similar to ContributionsLineEnding $page:SpecialPage object for DeletedContributions & $ret:the HTML line $row:the DB row for this line & $classes:the classes to add to the surrounding< li > & $attribs:associative array of other HTML attributes for the< li > element. Currently only data attributes reserved to MediaWiki are allowed(see Sanitizer::isReservedDataAttribute). 'DifferenceEngineAfterLoadNewText':called in DifferenceEngine::loadNewText() after the new revision 's content has been loaded into the class member variable $differenceEngine->mNewContent but before returning true from this function. $differenceEngine:DifferenceEngine object 'DifferenceEngineLoadTextAfterNewContentIsLoaded':called in DifferenceEngine::loadText() after the new revision 's content has been loaded into the class member variable $differenceEngine->mNewContent but before checking if the variable 's value is null. This hook can be used to inject content into said class member variable. $differenceEngine:DifferenceEngine object 'DifferenceEngineMarkPatrolledLink':Allows extensions to change the "mark as patrolled" link which is shown both on the diff header as well as on the bottom of a page, usually wrapped in a span element which has class="patrollink". $differenceEngine:DifferenceEngine object & $markAsPatrolledLink:The "mark as patrolled" link HTML(string) $rcid:Recent change ID(rc_id) for this change(int) 'DifferenceEngineMarkPatrolledRCID':Allows extensions to possibly change the rcid parameter. For example the rcid might be set to zero due to the user being the same as the performer of the change but an extension might still want to show it under certain conditions. & $rcid:rc_id(int) of the change or 0 $differenceEngine:DifferenceEngine object $change:RecentChange object $user:User object representing the current user 'DifferenceEngineNewHeader':Allows extensions to change the $newHeader variable, which contains information about the new revision, such as the revision 's author, whether the revision was marked as a minor edit or not, etc. $differenceEngine:DifferenceEngine object & $newHeader:The string containing the various #mw-diff-otitle[1-5] divs, which include things like revision author info, revision comment, RevisionDelete link and more $formattedRevisionTools:Array containing revision tools, some of which may have been injected with the DiffRevisionTools hook $nextlink:String containing the link to the next revision(if any) $status
this hook is for auditing only $req
the array() calling protocol came about after MediaWiki 1.4rc1.
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction $rows
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on $request
see documentation in includes Linker php for Linker::makeImageLink & $time
The index of the header message $result[1]=The index of the body text message $result[2 through n]=Parameters passed to body text message. Please note the header message cannot receive/use parameters. 'ImportHandleLogItemXMLTag':When parsing a XML tag in a log item. Return false to stop further processing of the tag $reader:XMLReader object $logInfo:Array of information 'ImportHandlePageXMLTag':When parsing a XML tag in a page. Return false to stop further processing of the tag $reader:XMLReader object & $pageInfo:Array of information 'ImportHandleRevisionXMLTag':When parsing a XML tag in a page revision. Return false to stop further processing of the tag $reader:XMLReader object $pageInfo:Array of page information $revisionInfo:Array of revision information 'ImportHandleToplevelXMLTag':When parsing a top level XML tag. Return false to stop further processing of the tag $reader:XMLReader object 'ImportHandleUploadXMLTag':When parsing a XML tag in a file upload. Return false to stop further processing of the tag $reader:XMLReader object $revisionInfo:Array of information 'ImportLogInterwikiLink':Hook to change the interwiki link used in log entries and edit summaries for transwiki imports. & $fullInterwikiPrefix:Interwiki prefix, may contain colons. & $pageTitle:String that contains page title. 'ImportSources':Called when reading from the $wgImportSources configuration variable. Can be used to lazy-load the import sources list. & $importSources:The value of $wgImportSources. Modify as necessary. See the comment in DefaultSettings.php for the detail of how to structure this array. 'InfoAction':When building information to display on the action=info page. $context:IContextSource object & $pageInfo:Array of information 'InitializeArticleMaybeRedirect':MediaWiki check to see if title is a redirect. & $title:Title object for the current page & $request:WebRequest & $ignoreRedirect:boolean to skip redirect check & $target:Title/string of redirect target & $article:Article object 'InternalParseBeforeLinks':during Parser 's internalParse method before links but after nowiki/noinclude/includeonly/onlyinclude and other processings. & $parser:Parser object & $text:string containing partially parsed text & $stripState:Parser 's internal StripState object 'InternalParseBeforeSanitize':during Parser 's internalParse method just before the parser removes unwanted/dangerous HTML tags and after nowiki/noinclude/includeonly/onlyinclude and other processings. Ideal for syntax-extensions after template/parser function execution which respect nowiki and HTML-comments. & $parser:Parser object & $text:string containing partially parsed text & $stripState:Parser 's internal StripState object 'InterwikiLoadPrefix':When resolving if a given prefix is an interwiki or not. Return true without providing an interwiki to continue interwiki search. $prefix:interwiki prefix we are looking for. & $iwData:output array describing the interwiki with keys iw_url, iw_local, iw_trans and optionally iw_api and iw_wikiid. 'InvalidateEmailComplete':Called after a user 's email has been invalidated successfully. $user:user(object) whose email is being invalidated 'IRCLineURL':When constructing the URL to use in an IRC notification. Callee may modify $url and $query, URL will be constructed as $url . $query & $url:URL to index.php & $query:Query string $rc:RecentChange object that triggered url generation 'IsFileCacheable':Override the result of Article::isFileCacheable()(if true) & $article:article(object) being checked 'IsTrustedProxy':Override the result of IP::isTrustedProxy() & $ip:IP being check & $result:Change this value to override the result of IP::isTrustedProxy() 'IsUploadAllowedFromUrl':Override the result of UploadFromUrl::isAllowedUrl() $url:URL used to upload from & $allowed:Boolean indicating if uploading is allowed for given URL 'isValidEmailAddr':Override the result of Sanitizer::validateEmail(), for instance to return false if the domain name doesn 't match your organization. $addr:The e-mail address entered by the user & $result:Set this and return false to override the internal checks 'isValidPassword':Override the result of User::isValidPassword() $password:The password entered by the user & $result:Set this and return false to override the internal checks $user:User the password is being validated for 'Language::getMessagesFileName':$code:The language code or the language we 're looking for a messages file for & $file:The messages file path, you can override this to change the location. 'LanguageGetMagic':DEPRECATED! Use $magicWords in a file listed in $wgExtensionMessagesFiles instead. Use this to define synonyms of magic words depending of the language & $magicExtensions:associative array of magic words synonyms $lang:language code(string) 'LanguageGetNamespaces':Provide custom ordering for namespaces or remove namespaces. Do not use this hook to add namespaces. Use CanonicalNamespaces for that. & $namespaces:Array of namespaces indexed by their numbers 'LanguageGetSpecialPageAliases':DEPRECATED! Use $specialPageAliases in a file listed in $wgExtensionMessagesFiles instead. Use to define aliases of special pages names depending of the language & $specialPageAliases:associative array of magic words synonyms $lang:language code(string) 'LanguageGetTranslatedLanguageNames':Provide translated language names. & $names:array of language code=> language name $code:language of the preferred translations 'LanguageLinks':Manipulate a page 's language links. This is called in various places to allow extensions to define the effective language links for a page. $title:The page 's Title. & $links:Array with elements of the form "language:title" in the order that they will be output. & $linkFlags:Associative array mapping prefixed links to arrays of flags. Currently unused, but planned to provide support for marking individual language links in the UI, e.g. for featured articles. 'LanguageSelector':Hook to change the language selector available on a page. $out:The output page. $cssClassName:CSS class name of the language selector. 'LinkBegin':DEPRECATED! Use HtmlPageLinkRendererBegin instead. Used when generating internal and interwiki links in Linker::link(), before processing starts. Return false to skip default processing and return $ret. See documentation for Linker::link() for details on the expected meanings of parameters. $skin:the Skin object $target:the Title that the link is pointing to & $html:the contents that the< a > tag should have(raw HTML) $result
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output modifiable & $code
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on and they can depend only on the ResourceLoaderContext $context
namespace and then decline to actually register it file or subcat img or subcat $title
either a unescaped string or a HtmlArmor object after in associative array form externallinks including delete and has completed for all link tables whether this was an auto creation default is conds Array Extra conditions for the No matching items in log is displayed if loglist is empty msgKey Array If you want a nice box with a set this to the key of the message First element is the message additional optional elements are parameters for the key that are processed with wfMessage() -> params() ->parseAsBlock() - offset Set to overwrite offset parameter in $wgRequest set to '' to unset offset - wrap String Wrap the message in html(usually something like "<div ...>$1</div>"). - flags Integer display flags(NO_ACTION_LINK, NO_EXTRA_USER_LINKS) 'LogException':Called before an exception(or PHP error) is logged. This is meant for integration with external error aggregation services
null for the local wiki Added in
it s the revision text itself In either if gzip is the revision text is gzipped $flags
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
this hook is for auditing only or null if authentication failed before getting that far $username
Allows to change the fields on the form that will be generated $name
We ve cleaned up the code here by removing clumps of infrequently used code and moving them off somewhere else It s much easier for someone working with this code to see what s _really_ going and make changes or fix bugs In we can take all the code that deals with the little used title reversing we can concentrate it all in an extension file
presenting them properly to the user as errors is done by the caller return true use this to change the list i e etc $rev
processing should stop and the error should be shown to the user * false
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account $user
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Interface for objects which can provide a MediaWiki context on request.
Interface for database access objects.
MediaWiki has optional support for a high distributed memory object caching system For general information on but for a larger site with heavy load
1.9.8