MediaWiki REL1_32
DeleteLocalPasswords.php
Go to the documentation of this file.
1<?php
26
27require_once __DIR__ . '/../Maintenance.php';
28
45 protected $user;
46
48 protected $total;
49
50 public function __construct() {
51 parent::__construct();
52 $this->mDescription = "Deletes local password for users.";
53 $this->setBatchSize( 1000 );
54
55 $this->addOption( 'user', 'If specified, only checks the given user', false, true );
56 $this->addOption( 'delete', 'Really delete. To prevent accidents, you must provide this flag.' );
57 $this->addOption( 'prefix', "Instead of deleting, make passwords invalid by prefixing with "
58 . "':null:'. Make sure PasswordConfig has a 'null' entry. This is meant for testing before "
59 . "hard delete." );
60 $this->addOption( 'unprefix', 'Instead of deleting, undo the effect of --prefix.' );
61 }
62
63 protected function initialize() {
64 if (
65 $this->hasOption( 'delete' ) + $this->hasOption( 'prefix' )
66 + $this->hasOption( 'unprefix' ) !== 1
67 ) {
68 $this->fatalError( "Exactly one of the 'delete', 'prefix', 'unprefix' options must be used\n" );
69 }
70 if ( $this->hasOption( 'prefix' ) || $this->hasOption( 'unprefix' ) ) {
71 $passwordHashTypes = MediaWikiServices::getInstance()->getPasswordFactory()->getTypes();
72 if (
73 !isset( $passwordHashTypes['null'] )
74 || $passwordHashTypes['null']['class'] !== InvalidPassword::class
75 ) {
76 $this->fatalError(
77<<<'ERROR'
78'null' password entry missing. To use password prefixing, add
79 $wgPasswordConfig['null'] = [ 'class' => InvalidPassword::class ];
80to your configuration (and remove once the passwords were deleted).
81ERROR
82 );
83 }
84 }
85
86 $user = $this->getOption( 'user', false );
87 if ( $user !== false ) {
89 if ( $this->user === false ) {
90 $this->fatalError( "Invalid user name\n" );
91 }
92 }
93 }
94
95 public function execute() {
96 $this->initialize();
97
98 foreach ( $this->getUserBatches() as $userBatch ) {
99 $this->processUsers( $userBatch, $this->getUserDB() );
100 }
101
102 $this->output( "done. (wrote $this->total rows)\n" );
103 }
104
109 protected function getUserDB() {
110 return $this->getDB( DB_MASTER );
111 }
112
113 protected function processUsers( array $userBatch, IDatabase $dbw ) {
114 if ( !$userBatch ) {
115 return;
116 }
117 if ( $this->getOption( 'delete' ) ) {
118 $dbw->update( 'user',
119 [ 'user_password' => PasswordFactory::newInvalidPassword()->toString() ],
120 [ 'user_name' => $userBatch ],
121 __METHOD__
122 );
123 } elseif ( $this->getOption( 'prefix' ) ) {
124 $dbw->update( 'user',
125 [ 'user_password = ' . $dbw->buildConcat( [ $dbw->addQuotes( ':null:' ),
126 'user_password' ] ) ],
127 [
128 'NOT (user_password ' . $dbw->buildLike( ':null:', $dbw->anyString() ) . ')',
129 "user_password != " . $dbw->addQuotes( PasswordFactory::newInvalidPassword()->toString() ),
130 'user_password IS NOT NULL',
131 'user_name' => $userBatch,
132 ],
133 __METHOD__
134 );
135 } elseif ( $this->getOption( 'unprefix' ) ) {
136 $dbw->update( 'user',
137 [ 'user_password = ' . $dbw->buildSubString( 'user_password', strlen( ':null:' ) + 1 ) ],
138 [
139 'user_password ' . $dbw->buildLike( ':null:', $dbw->anyString() ),
140 'user_name' => $userBatch,
141 ],
142 __METHOD__
143 );
144 }
145 $this->total += $dbw->affectedRows();
146 MediaWikiServices::getInstance()->getDBLoadBalancerFactory()->waitForReplication();
147 }
148
158 protected function getUserBatches() {
159 if ( !is_null( $this->user ) ) {
160 $this->output( "\t ... querying '$this->user'\n" );
161 yield [ [ $this->user ] ];
162 return;
163 }
164
165 $lastUsername = '';
166 $dbw = $this->getDB( DB_MASTER );
167 do {
168 $this->output( "\t ... querying from '$lastUsername'\n" );
169 $users = $dbw->selectFieldValues(
170 'user',
171 'user_name',
172 [
173 'user_name > ' . $dbw->addQuotes( $lastUsername ),
174 ],
175 __METHOD__,
176 [
177 'LIMIT' => $this->getBatchSize(),
178 'ORDER BY' => 'user_name ASC',
179 ]
180 );
181 if ( $users ) {
182 yield $users;
183 $lastUsername = end( $users );
184 }
185 } while ( count( $users ) === $this->getBatchSize() );
186 }
187}
and(b) You must cause any modified files to carry prominent notices stating that You changed the files
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
$wgPasswordConfig
Configuration for built-in password types.
Delete unused local passwords.
execute()
Do the actual work.
__construct()
Default constructor.
string null $user
User to run on, or null for all.
int $total
Number of deleted passwords.
processUsers(array $userBatch, IDatabase $dbw)
getUserBatches()
This method iterates through the requested users and returns their names in batches of self::$mBatchS...
getUserDB()
Get the master DB handle for the current user batch.
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
output( $out, $channel=null)
Throw some output to the user.
getDB( $db, $groups=[], $wiki=false)
Returns a database to be used by current maintenance script.
hasOption( $name)
Checks to see if a particular option exists.
getBatchSize()
Returns batch size.
addOption( $name, $description, $required=false, $withArg=false, $shortName=false, $multiOccurrence=false)
Add a parameter to the script.
getOption( $name, $default=null)
Get an option, or return the default.
setBatchSize( $s=0)
Set the batch size.
fatalError( $msg, $exitCode=1)
Output a message and terminate the current script.
MediaWikiServices is the service locator for the application scope of MediaWiki.
static getCanonicalName( $name, $validate='valid')
Given unvalidated user input, return a canonical username, or false if the username is invalid.
Definition User.php:1238
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such and we might be restricted by PHP settings such as safe mode or open_basedir We cannot assume that the software even has read access anywhere useful Many shared hosts run all users web applications under the same user
Wikitext formatted, in the key only.
An extension or a local will often add custom code to the function with or without a global variable For someone wanting email notification when an article is shown may add
Definition hooks.txt:56
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition injection.txt:37
Basic database interface for live and lazy-loaded relation database handles.
Definition IDatabase.php:38
buildSubString( $input, $startPosition, $length=null)
Build a SUBSTRING function.
affectedRows()
Get the number of rows affected by the last write query.
buildLike()
LIKE statement wrapper, receives a variable-length argument list with parts of pattern to match conta...
buildConcat( $stringList)
Build a concatenation list to feed into a SQL query.
anyString()
Returns a token for buildLike() that denotes a '' to be used in a LIKE query.
addQuotes( $s)
Adds quotes and backslashes.
update( $table, $values, $conds, $fname=__METHOD__, $options=[])
UPDATE wrapper.
The wiki should then use memcached to cache various data To use multiple just add more items to the array To increase the weight of a make its entry a array("192.168.0.1:11211", 2))
const DB_MASTER
Definition defines.php:26
skin txt MediaWiki includes four core it has been set as the default in MediaWiki since the replacing Monobook it had been the default skin since before being replaced by Vector largely rewritten in while keeping its appearance Several legacy skins were removed in the as the burden of supporting them became too heavy to bear Those were
Definition skin.txt:25