MediaWiki REL1_30
resetUserTokens.php
Go to the documentation of this file.
1<?php
27require_once __DIR__ . '/Maintenance.php';
28
36 public function __construct() {
37 parent::__construct();
38 $this->addDescription(
39 "Reset the user_token of all users on the wiki. Note that this may log some of them out.\n"
40 . "Deprecated, use \$wgAuthenticationTokenVersion instead."
41 );
42 $this->addOption( 'nowarn', "Hides the 5 seconds warning", false, false );
43 $this->addOption(
44 'nulls',
45 'Only reset tokens that are currently null (string of \x00\'s)',
46 false,
47 false
48 );
49 $this->setBatchSize( 1000 );
50 }
51
52 public function execute() {
53 $this->nullsOnly = $this->getOption( 'nulls' );
54
55 if ( !$this->getOption( 'nowarn' ) ) {
56 if ( $this->nullsOnly ) {
57 $this->output( "The script is about to reset the user_token "
58 . "for USERS WITH NULL TOKENS in the database.\n" );
59 } else {
60 $this->output( "The script is about to reset the user_token for ALL USERS in the database.\n" );
61 $this->output( "This may log some of them out and is not necessary unless you believe your\n" );
62 $this->output( "user table has been compromised.\n" );
63 }
64 $this->output( "\n" );
65 $this->output( "Abort with control-c in the next five seconds "
66 . "(skip this countdown with --nowarn) ... " );
67 wfCountDown( 5 );
68 }
69
70 // We list user by user_id from one of the replica DBs
71 // We list user by user_id from one of the slave database
72 $dbr = $this->getDB( DB_REPLICA );
73
74 $where = [];
75 if ( $this->nullsOnly ) {
76 // Have to build this by hand, because \ is escaped in helper functions
77 $where = [ 'user_token = \'' . str_repeat( '\0', 32 ) . '\'' ];
78 }
79
80 $maxid = $dbr->selectField( 'user', 'MAX(user_id)', [], __METHOD__ );
81
82 $min = 0;
83 $max = $this->mBatchSize;
84
85 do {
86 $result = $dbr->select( 'user',
87 [ 'user_id' ],
88 array_merge(
89 $where,
90 [ 'user_id > ' . $dbr->addQuotes( $min ),
91 'user_id <= ' . $dbr->addQuotes( $max )
92 ]
93 ),
94 __METHOD__
95 );
96
97 foreach ( $result as $user ) {
98 $this->updateUser( $user->user_id );
99 }
100
101 $min = $max;
102 $max = $min + $this->mBatchSize;
103
105 } while ( $min <= $maxid );
106 }
107
108 private function updateUser( $userid ) {
109 $user = User::newFromId( $userid );
110 $username = $user->getName();
111 $this->output( 'Resetting user_token for "' . $username . '": ' );
112 // Change value
113 $user->setToken();
114 $user->saveSettings();
115 $this->output( " OK\n" );
116 }
117}
118
119$maintClass = "ResetUserTokens";
120require_once RUN_MAINTENANCE_IF_MAIN;
wfWaitForSlaves( $ifWritesSince=null, $wiki=false, $cluster=false, $timeout=null)
Waits for the replica DBs to catch up to the master position.
wfCountDown( $seconds)
Count down from $seconds to zero on the terminal, with a one-second pause between showing each number...
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
int $mBatchSize
Batch size.
getDB( $db, $groups=[], $wiki=false)
Returns a database to be used by current maintenance script.
addDescription( $text)
Set the description text.
addOption( $name, $description, $required=false, $withArg=false, $shortName=false, $multiOccurrence=false)
Add a parameter to the script.
getOption( $name, $default=null)
Get an option, or return the default.
setBatchSize( $s=0)
Set the batch size.
Maintenance script to reset the user_token for all users on the wiki.
__construct()
Default constructor.
execute()
Do the actual work.
if(! $regexes) $dbr
Definition cleanup.php:94
design txt This is a brief overview of the new design More thorough and up to date information is available on the documentation wiki at etc Handles the details of getting and saving to the user table of the and dealing with sessions and cookies OutputPage Encapsulates the entire HTML page that will be sent in response to any server request It is used by calling its functions to add in any and then calling output() to send it all. It could be easily changed to send incrementally if that becomes useful
this hook is for auditing only or null if authentication failed before getting that far $username
Definition hooks.txt:783
require_once RUN_MAINTENANCE_IF_MAIN
const DB_REPLICA
Definition defines.php:25