94 'mEmailAuthenticated',
161 'move-categorypages',
162 'move-rootuserpages',
166 'override-export-depth',
188 'userrights-interwiki',
324 return (
string)$this->
getName();
350 $this->mLoadedItems ===
true || $this->mFrom !==
'session';
358 public function load( $flags = self::READ_NORMAL ) {
361 if ( $this->mLoadedItems ===
true ) {
367 $this->mLoadedItems =
true;
368 $this->queryFlagsUsed = $flags;
372 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
373 ->warning(
'User::loadFromSession called before the end of Setup.php', [
374 'exception' =>
new Exception(
'User::loadFromSession called before the end of Setup.php' ),
381 switch ( $this->mFrom ) {
387 $lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
388 if ( $lb->hasOrMadeRecentMasterChanges() ) {
389 $flags |= self::READ_LATEST;
390 $this->queryFlagsUsed = $flags;
403 if ( $this->mId != 0 ) {
404 $lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
405 if ( $lb->hasOrMadeRecentMasterChanges() ) {
406 $flags |= self::READ_LATEST;
407 $this->queryFlagsUsed = $flags;
415 $lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
416 if ( $lb->hasOrMadeRecentMasterChanges() ) {
417 $flags |= self::READ_LATEST;
418 $this->queryFlagsUsed = $flags;
421 list( $index,
$options ) = DBAccessObjectUtils::getDBOptions( $flags );
422 $row =
wfGetDB( $index )->selectRow(
424 [
'actor_user',
'actor_name' ],
425 [
'actor_id' => $this->mActorId ],
433 }
elseif ( $row->actor_user ) {
434 $this->mId = $row->actor_user;
445 Hooks::run(
'UserLoadAfterLoadFromSession', [ $this ] );
448 throw new UnexpectedValueException(
449 "Unrecognised value for User->mFrom: \"{$this->mFrom}\"" );
459 if ( $this->mId == 0 ) {
467 $latest = DBAccessObjectUtils::hasFlags( $flags, self::READ_LATEST );
477 $this->mLoadedItems =
true;
478 $this->queryFlagsUsed = $flags;
488 public static function purge( $wikiId, $userId ) {
489 $cache = MediaWikiServices::getInstance()->getMainWANObjectCache();
490 $key =
$cache->makeGlobalKey(
'user',
'id', $wikiId, $userId );
500 $lbFactory = MediaWikiServices::getInstance()->getDBLoadBalancerFactory();
502 return $cache->makeGlobalKey(
'user',
'id', $lbFactory->getLocalDomainID(), $this->mId );
511 $id = $this->
getId();
513 return $id ? [ $this->
getCacheKey( $cache ) ] : [];
523 $cache = MediaWikiServices::getInstance()->getMainWANObjectCache();
527 function ( $oldValue, &$ttl,
array &$setOpts ) use (
$cache ) {
529 wfDebug(
"User: cache miss for user {$this->mId}\n" );
536 foreach ( self::$mCacheVars as $name ) {
544 foreach ( $this->mGroupMemberships as $ugm ) {
545 if ( $ugm->getExpiry() ) {
546 $secondsUntilExpiry =
wfTimestamp( TS_UNIX, $ugm->getExpiry() ) - time();
547 if ( $secondsUntilExpiry > 0 && $secondsUntilExpiry < $ttl ) {
555 [
'pcTTL' => $cache::TTL_PROC_LONG,
'version' =>
self::VERSION ]
559 foreach ( self::$mCacheVars as $name ) {
585 public static function newFromName( $name, $validate =
'valid' ) {
586 if ( $validate ===
true ) {
590 if ( $name ===
false ) {
598 $u->setItemLoaded(
'name' );
630 throw new BadMethodCallException(
631 'Cannot use ' . __METHOD__
632 .
' when $wgActorTableSchemaMigrationStage lacks SCHEMA_COMPAT_NEW'
653 if ( $identity instanceof
User ) {
658 $identity->getId() === 0 ?
null : $identity->getId(),
659 $identity->getName() ===
'' ?
null : $identity->getName(),
660 $identity->getActorId() === 0 ?
null : $identity->getActorId()
680 $user->mFrom =
'defaults';
685 $user->mActorId = (
int)$actorId;
686 if ( $user->mActorId !== 0 ) {
687 $user->mFrom =
'actor';
692 if ( $userName !==
null && $userName !==
'' ) {
693 $user->mName = $userName;
694 $user->mFrom =
'name';
695 $user->setItemLoaded(
'name' );
698 if ( $userId !==
null ) {
699 $user->mId = (
int)$userId;
700 if ( $user->mId !== 0 ) {
703 $user->setItemLoaded(
'id' );
706 if ( $user->mFrom ===
'defaults' ) {
707 throw new InvalidArgumentException(
708 'Cannot create a user with no name, no ID, and no actor ID'
727 $db = ( $flags & self::READ_LATEST ) == self::READ_LATEST
731 $id = $db->selectField(
736 'user_email_token_expires > ' . $db->addQuotes( $db->timestamp() ),
752 $user->mFrom =
'session';
815 'validate' =>
'valid',
821 if ( $name ===
false ) {
827 $row =
$dbr->selectRow(
828 $userQuery[
'tables'],
829 $userQuery[
'fields'],
830 [
'user_name' => $name ],
838 $row = $dbw->selectRow(
839 $userQuery[
'tables'],
840 $userQuery[
'fields'],
841 [
'user_name' => $name ],
859 if ( $user->mEmail || $user->mToken !== self::INVALID_TOKEN ||
860 AuthManager::singleton()->userCanAuthenticate( $name )
867 AuthManager::singleton()->revokeAccessForUser( $name );
869 $user->invalidateEmail();
871 $user->saveSettings();
872 SessionManager::singleton()->preventSessionsForUser( $user->getName() );
885 public static function whoIs( $id ) {
905 public static function idFromName( $name, $flags = self::READ_NORMAL ) {
908 $nt = Title::makeTitleSafe( NS_USER, $name );
914 if ( !( $flags & self::READ_LATEST ) &&
array_key_exists( $name, self::$idCacheByName ) ) {
915 return self::$idCacheByName[
$name];
918 list( $index,
$options ) = DBAccessObjectUtils::getDBOptions( $flags );
924 [
'user_name' => $nt->getText() ],
929 if (
$s ===
false ) {
932 $result = (
int)
$s->user_id;
937 if ( count( self::$idCacheByName ) > 1000 ) {
938 self::$idCacheByName = [];
948 self::$idCacheByName = [];
967 public static function isIP( $name ) {
968 return preg_match(
'/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/', $name )
969 || IP::isIPv6( $name );
979 return IP::isValidRange( $this->mName );
997 || self::isIP( $name )
998 ||
strpos( $name,
'/' ) !==
false
1000 || $name != MediaWikiServices::getInstance()->getContentLanguage()->ucfirst( $name )
1007 $parsed = Title::newFromText( $name );
1009 || $parsed->getNamespace()
1010 || strcmp( $name, $parsed->getPrefixedText() ) ) {
1016 $unicodeBlacklist =
'/[' .
1017 '\x{0080}-\x{009f}' . # iso-8859-1 control chars
1018 '\x{00a0}' . # non-breaking space
1019 '\x{2000}-\x{200f}' . # various whitespace
1020 '\x{2028}-\x{202f}' . # breaks and control chars
1021 '\x{3000}' . # ideographic space
1022 '\x{e000}-\x{f8ff}' . #
private use
1024 if (
preg_match( $unicodeBlacklist, $name ) ) {
1045 if ( !self::isValidUserName( $name ) ) {
1049 static $reservedUsernames =
false;
1050 if ( !$reservedUsernames ) {
1052 Hooks::run(
'UserGetReservedNames', [ &$reservedUsernames ] );
1056 foreach ( $reservedUsernames as $reserved ) {
1057 if (
substr( $reserved, 0, 4 ) ==
'msg:' ) {
1058 $reserved =
wfMessage(
substr( $reserved, 4 ) )->inContentLanguage()->plain();
1060 if ( $reserved == $name ) {
1078 if ( $groups === [] ) {
1083 $limit = min( 5000, $limit );
1085 $conds = [
'ug_group' => $groups ];
1086 if ( $after !==
null ) {
1087 $conds[] =
'ug_user > ' . (
int)$after;
1091 $ids =
$dbr->selectFieldValues(
1098 'ORDER BY' =>
'ug_user',
1123 if (
strlen( $name ) > 235 ) {
1125 ": '$name' invalid due to length" );
1134 ": '$name' invalid due to wgInvalidUsernameCharacters" );
1163 if ( $result->isGood() ) {
1168 foreach ( $result->getErrorsByType(
'error' ) as $error ) {
1171 foreach ( $result->getErrorsByType(
'warning' ) as $warning ) {
1210 $status = Status::newGood( [] );
1213 if ( !Hooks::run(
'isValidPassword', [ $password, &$result, $this ] ) ) {
1218 if ( $result ===
false ) {
1219 $status->merge( $upp->checkUserPassword( $this, $password ),
true );
1223 if ( $result ===
true ) {
1246 $name = MediaWikiServices::getInstance()->getContentLanguage()->ucfirst( $name );
1248 # Reject names containing '#'; these will be cleaned up
1249 # with title normalisation, but then it's too late to
1251 if (
strpos( $name,
'#' ) !==
false ) {
1257 $t = ( $validate !==
false ) ?
1258 Title::newFromText( $name, NS_USER ) : Title::makeTitle( NS_USER, $name );
1260 if (
is_null(
$t ) ||
$t->getNamespace() !== NS_USER ||
$t->isExternal() ) {
1264 $name =
$t->getText();
1266 switch ( $validate ) {
1270 if ( !self::isValidUserName( $name ) ) {
1275 if ( !self::isUsableName( $name ) ) {
1280 if ( !self::isCreatableName( $name ) ) {
1285 throw new InvalidArgumentException(
1286 'Invalid parameter value for $validate in ' . __METHOD__ );
1312 $this->mName =
$name;
1313 $this->mActorId =
null;
1314 $this->mRealName =
'';
1316 $this->mOptionOverrides =
null;
1317 $this->mOptionsLoaded =
false;
1319 $loggedOut = $this->mRequest && !defined(
'MW_NO_SESSION' )
1320 ? $this->mRequest->getSession()->getLoggedOutTimestamp() : 0;
1321 if ( $loggedOut !== 0 ) {
1322 $this->mTouched =
wfTimestamp( TS_MW, $loggedOut );
1324 $this->mTouched =
'1'; # Allow any
pages to be cached
1327 $this->mToken =
null;
1328 $this->mEmailAuthenticated =
null;
1329 $this->mEmailToken =
'';
1330 $this->mEmailTokenExpires =
null;
1332 $this->mGroupMemberships = [];
1334 Hooks::run(
'UserLoadDefaults', [ $this, $name ] );
1350 return ( $this->mLoadedItems ===
true && $all ===
'all' ) ||
1351 (
isset( $this->mLoadedItems[$item] ) && $this->mLoadedItems[
$item] ===
true );
1360 if (
is_array( $this->mLoadedItems ) ) {
1361 $this->mLoadedItems[
$item] =
true;
1373 Hooks::run(
'UserLoadFromSession', [ $this, &$result ],
'1.27' );
1374 if ( $result !==
null ) {
1380 $session = $this->
getRequest()->getSession();
1381 $user = $session->getUser();
1382 if ( $user->isLoggedIn() ) {
1384 if ( $user->isBlocked() ) {
1392 $session->set(
'wsUserID', $this->
getId() );
1393 $session->set(
'wsUserName', $this->
getName() );
1394 $session->set(
'wsToken', $this->
getToken() );
1408 if ( $block && $this->
getRequest()->getCookie(
'BlockID' ) ===
null
1409 && $block->shouldTrackWithCookie( $this->isAnon() )
1411 $block->setCookie( $this->
getRequest()->response() );
1424 $this->mId =
intval( $this->mId );
1426 if ( !$this->mId ) {
1432 list( $index,
$options ) = DBAccessObjectUtils::getDBOptions( $flags );
1436 $s = $db->selectRow(
1437 $userQuery[
'tables'],
1438 $userQuery[
'fields'],
1439 [
'user_id' => $this->mId ],
1445 $this->queryFlagsUsed = $flags;
1446 Hooks::run(
'UserLoadFromDatabase', [ $this, &
$s ] );
1448 if (
$s !==
false ) {
1451 $this->mGroupMemberships =
null;
1479 throw new InvalidArgumentException(
'$row must be an object' );
1484 $this->mGroupMemberships =
null;
1489 if (
isset( $row->actor_id ) ) {
1490 $this->mActorId = (
int)$row->actor_id;
1491 if ( $this->mActorId !== 0 ) {
1492 $this->mFrom =
'actor';
1500 if (
isset( $row->user_name ) && $row->user_name !==
'' ) {
1501 $this->mName = $row->user_name;
1502 $this->mFrom =
'name';
1508 if (
isset( $row->user_real_name ) ) {
1509 $this->mRealName = $row->user_real_name;
1515 if (
isset( $row->user_id ) ) {
1516 $this->mId =
intval( $row->user_id );
1517 if ( $this->mId !== 0 ) {
1518 $this->mFrom =
'id';
1525 if (
isset( $row->user_id ) && isset( $row->user_name ) && $row->user_name !==
'' ) {
1526 self::$idCacheByName[$row->user_name] = $row->user_id;
1529 if (
isset( $row->user_editcount ) ) {
1530 $this->mEditCount = $row->user_editcount;
1535 if (
isset( $row->user_touched ) ) {
1536 $this->mTouched =
wfTimestamp( TS_MW, $row->user_touched );
1541 if (
isset( $row->user_token ) ) {
1545 $this->mToken =
rtrim( $row->user_token,
" \0" );
1546 if ( $this->mToken ===
'' ) {
1547 $this->mToken =
null;
1553 if (
isset( $row->user_email ) ) {
1554 $this->mEmail = $row->user_email;
1555 $this->mEmailAuthenticated =
wfTimestampOrNull( TS_MW, $row->user_email_authenticated );
1556 $this->mEmailToken = $row->user_email_token;
1557 $this->mEmailTokenExpires =
wfTimestampOrNull( TS_MW, $row->user_email_token_expires );
1564 $this->mLoadedItems =
true;
1569 if (
$data[
'user_groups'] === [] ) {
1570 $this->mGroupMemberships = [];
1572 $firstGroup = reset(
$data[
'user_groups'] );
1574 $this->mGroupMemberships = [];
1575 foreach (
$data[
'user_groups'] as $row ) {
1576 $ugm = UserGroupMembership::newFromRow( (
object)$row );
1577 $this->mGroupMemberships[$ugm->getGroup()] =
$ugm;
1595 foreach ( self::$mCacheVars as $var ) {
1596 $this->$var = $user->$var;
1604 if (
is_null( $this->mGroupMemberships ) ) {
1605 $db = ( $this->queryFlagsUsed & self::READ_LATEST )
1608 $this->mGroupMemberships = UserGroupMembership::getMembershipsForUser(
1635 if ( $toPromote === [] ) {
1645 foreach ( $toPromote as $group ) {
1648 $newGroups =
array_merge( $oldGroups, $toPromote );
1652 Hooks::run(
'UserGroupsChanged', [ $this, $toPromote, [],
false,
false, $oldUGMs, $newUGMs ] );
1655 $logEntry->setPerformer( $this );
1657 $logEntry->setParameters( [
1658 '4::oldgroups' => $oldGroups,
1659 '5::newgroups' => $newGroups,
1661 $logid = $logEntry->insert();
1663 $logEntry->publish( $logid );
1679 if ( $this->mTouched ) {
1681 $conditions[
'user_touched'] = $db->
timestamp( $this->mTouched );
1699 if ( !$this->mId ) {
1707 $dbw->update(
'user',
1708 [
'user_touched' => $dbw->timestamp( $newTouched ) ],
1709 $this->makeUpdateConditions( $dbw, [
1710 'user_id' => $this->mId,
1714 $success = ( $dbw->affectedRows() > 0 );
1735 $this->mNewtalk = -1;
1736 $this->mDatePreference =
null;
1737 $this->mBlockedby = -1; # Unset
1738 $this->mHash =
false;
1739 $this->mRights =
null;
1740 $this->mEffectiveGroups =
null;
1741 $this->mImplicitGroups =
null;
1742 $this->mGroupMemberships =
null;
1743 $this->mOptions =
null;
1744 $this->mOptionsLoaded =
false;
1745 $this->mEditCount =
null;
1747 if ( $reloadFrom ) {
1748 $this->mLoadedItems = [];
1765 Assert::invariant( defined(
'MW_PHPUNIT_TEST' ),
'Unit tests only' );
1766 self::$defOpt =
null;
1767 self::$defOptLang =
null;
1779 $contLang = MediaWikiServices::getInstance()->getContentLanguage();
1780 if ( self::$defOpt !==
null && self::$defOptLang === $contLang->getCode() ) {
1789 self::$defOptLang = $contLang->getCode();
1791 foreach ( LanguageConverter::$languagesWithVariants as $langCode ) {
1792 if ( $langCode === $contLang->getCode() ) {
1795 self::$defOpt[
"variant-$langCode"] =
$langCode;
1803 self::$defOpt[
'searchNs' .
$nsnum] = (
bool)$val;
1807 Hooks::run(
'UserGetDefaultOptions', [ &self::$defOpt ] );
1820 return $defOpts[
$opt] ??
null;
1832 if ( $this->mBlockedby != -1 ) {
1836 wfDebug( __METHOD__ .
": checking...\n" );
1845 # We only need to worry about passing the IP address to the Block generator if the
1846 # user is not immune to autoblocks/hardblocks, and they are the current user so we
1847 # know which IP address they're actually coming from
1849 $sessionUser = RequestContext::getMain()->getUser();
1852 $globalUserName = $sessionUser->isSafeToLoad()
1853 ? $sessionUser->getName()
1854 : IP::sanitizeIP( $sessionUser->getRequest()->getIP() );
1855 if ( $this->
getName() === $globalUserName && !$this->
isAllowed(
'ipblock-exempt' ) ) {
1863 if ( !$block instanceof
Block ) {
1870 if ( self::isLocallyBlockedProxy( $ip ) ) {
1871 $block =
new Block( [
1875 'systemBlock' =>
'proxy',
1878 $block =
new Block( [
1882 'systemBlock' =>
'dnsbl',
1888 if ( !$block instanceof
Block
1893 $xff = $this->
getRequest()->getHeader(
'X-Forwarded-For' );
1894 $xff =
array_map(
'trim', explode(
',', $xff ) );
1898 if ( $block instanceof
Block ) {
1899 # Mangle the reason to alert the user that the block
1900 # originated from matching the X-Forwarded-For header.
1901 $block->setReason(
wfMessage(
'xffblockreason', $block->getReason() )->plain() );
1905 if ( !$block instanceof
Block
1910 $block =
new Block( [
1912 'byText' =>
'MediaWiki default',
1915 'systemBlock' =>
'wgSoftBlockRanges',
1919 if ( $block instanceof
Block ) {
1920 wfDebug( __METHOD__ .
": Found block.\n" );
1921 $this->mBlock = $block;
1922 $this->mBlockedby = $block->getByName();
1923 $this->mBlockreason = $block->getReason();
1924 $this->mHideName = $block->getHideName();
1925 $this->mAllowUsertalk = $block->isUsertalkEditAllowed();
1927 $this->mBlock =
null;
1928 $this->mBlockedby =
'';
1929 $this->mBlockreason =
'';
1930 $this->mHideName = 0;
1931 $this->mAllowUsertalk =
false;
1937 Hooks::run(
'GetBlockedStatus', [ &$thisUser ] );
1952 if ( $blockCookieId !==
null ) {
1955 if ( $tmpBlock instanceof
Block ) {
1956 $config = RequestContext::getMain()->getConfig();
1958 switch ( $tmpBlock->getType() ) {
1960 $blockIsValid = !$tmpBlock->isExpired() && $tmpBlock->isAutoblocking();
1961 $useBlockCookie = ( $config->get(
'CookieSetOnAutoblock' ) ===
true );
1966 $blockIsValid = !$tmpBlock->isExpired() && !$this->
isLoggedIn();
1967 $useBlockCookie = ( $config->get(
'CookieSetOnIpBlock' ) ===
true );
1970 $blockIsValid =
false;
1971 $useBlockCookie =
false;
1974 if ( $blockIsValid && $useBlockCookie ) {
2018 if ( IP::isIPv4( $ip ) ) {
2020 $ipReversed = implode(
'.',
array_reverse( explode(
'.', $ip ) ) );
2027 if ( count(
$base ) >= 2 ) {
2029 $host =
"{$base[1]}.$ipReversed.{$base[0]}";
2031 $host =
"$ipReversed.{$base[0]}";
2033 $basename =
$base[0];
2035 $host =
"$ipReversed.$base";
2042 wfDebugLog(
'dnsblacklist',
"Hostname $host is {$ipList[0]}, it's a proxy says $basename!" );
2047 wfDebugLog(
'dnsblacklist',
"Requested $host, not found in $basename." );
2073 $resultProxyList = [];
2074 $deprecatedIPEntries = [];
2078 $keyIsIP = IP::isIPAddress( $key );
2079 $valueIsIP = IP::isIPAddress(
$value );
2080 if ( $keyIsIP && !$valueIsIP ) {
2081 $deprecatedIPEntries[] = $key;
2082 $resultProxyList[] = $key;
2083 }
elseif ( $keyIsIP && $valueIsIP ) {
2084 $deprecatedIPEntries[] = $key;
2085 $resultProxyList[] = $key;
2086 $resultProxyList[] =
$value;
2088 $resultProxyList[] =
$value;
2092 if ( $deprecatedIPEntries ) {
2094 'IP addresses in the keys of $wgProxyList (found the following IP addresses in keys: ' .
2095 implode(
', ', $deprecatedIPEntries ) .
', please move them to values)',
'1.30' );
2098 $proxyListIPSet =
new IPSet( $resultProxyList );
2099 return $proxyListIPSet->match( $ip );
2115 return !$this->
isAllowed(
'noratelimit' );
2137 if ( !Hooks::run(
'PingLimiter', [ &$user, $action, &$result, $incrBy ] ) ) {
2147 [
'&can-bypass' =>
true ],
2157 $id = $this->
getId();
2160 $cache = ObjectCache::getLocalClusterInstance();
2164 if (
isset( $limits[
'anon'] ) ) {
2165 $keys[
$cache->makeKey(
'limiter', $action,
'anon' )] = $limits[
'anon'];
2169 $userLimit = $limits[
'user'];
2175 if (
isset( $limits[
'ip'] ) ) {
2177 $keys[
"mediawiki:limiter:$action:ip:$ip"] = $limits[
'ip'];
2180 if (
isset( $limits[
'subnet'] ) ) {
2182 $subnet = IP::getSubnet( $ip );
2183 if ( $subnet !==
false ) {
2184 $keys[
"mediawiki:limiter:$action:subnet:$subnet"] = $limits[
'subnet'];
2191 foreach ( $this->
getGroups() as $group ) {
2192 if (
isset( $limits[$group] ) ) {
2193 if ( $userLimit ===
false
2194 || $limits[$group][0] / $limits[$group][1] > $userLimit[0] / $userLimit[1]
2196 $userLimit = $limits[$group];
2202 if ( $id !== 0 && $isNewbie &&
isset( $limits[
'newbie'] ) ) {
2203 $userLimit = $limits[
'newbie'];
2207 if ( $userLimit !==
false ) {
2212 wfDebug( __METHOD__ .
": effective user limit: $max in {$period}s\n" );
2217 if (
isset( $limits[
'ip-all'] ) ) {
2220 if ( $isNewbie || $userLimit ===
false
2221 || $limits[
'ip-all'][0] / $limits[
'ip-all'][1] > $userLimit[0] / $userLimit[1] ) {
2222 $keys[
"mediawiki:limiter:$action:ip-all:$ip"] = $limits[
'ip-all'];
2227 if (
isset( $limits[
'subnet-all'] ) ) {
2229 $subnet = IP::getSubnet( $ip );
2230 if ( $subnet !==
false ) {
2232 if ( $isNewbie || $userLimit ===
false
2233 || $limits[
'ip-all'][0] / $limits[
'ip-all'][1]
2234 > $userLimit[0] / $userLimit[1] ) {
2235 $keys[
"mediawiki:limiter:$action:subnet-all:$subnet"] = $limits[
'subnet-all'];
2241 foreach (
$keys as $key => $limit ) {
2245 list( $max, $period ) = $limit;
2246 $summary =
"(limit $max in {$period}s)";
2247 $count =
$cache->get( $key );
2250 if ( $count >= $max ) {
2251 wfDebugLog(
'ratelimit',
"User '{$this->getName()}' " .
2252 "(IP {$this->getRequest()->getIP()}) tripped $key at $count $summary" );
2255 wfDebug( __METHOD__ .
": ok. $key at $count $summary\n" );
2258 wfDebug( __METHOD__ .
": adding record for $key $summary\n" );
2259 if ( $incrBy > 0 ) {
2263 if ( $incrBy > 0 ) {
2264 $cache->incr( $key, $incrBy );
2291 return $this->mBlock instanceof
Block ? $this->
mBlock :
null;
2307 return MediaWikiServices::getInstance()->getPermissionManager()
2308 ->isBlockedFrom( $this, $title, $fromReplica );
2335 return ( $this->mBlock ? $this->mBlock->getId() :
false );
2361 if ( $this->mGlobalBlock !==
null ) {
2362 return $this->mGlobalBlock ?:
null;
2365 if ( IP::isIPAddress( $this->
getName() ) ) {
2374 Hooks::run(
'UserIsBlockedGlobally', [ &$user, $ip, &$blocked, &$block ] );
2376 if ( $blocked && $block ===
null ) {
2378 $block =
new Block( [
2380 'systemBlock' =>
'global-block'
2384 $this->mGlobalBlock = $blocked ? $block :
false;
2385 return $this->mGlobalBlock ?:
null;
2394 if ( $this->mLocked !==
null ) {
2398 $this->mLocked =
false;
2399 Hooks::run(
'UserIsLocked', [ $this, &$this->mLocked ] );
2409 if ( $this->mHideName !==
null ) {
2413 if ( !$this->mHideName ) {
2415 $this->mHideName =
false;
2416 Hooks::run(
'UserIsHidden', [ $this, &$this->mHideName ] );
2426 if ( $this->mId ===
null && $this->mName !==
null && self::isIP( $this->mName ) ) {
2459 if ( $this->mName ===
false ) {
2461 $this->mName = IP::sanitizeIP( $this->
getRequest()->getIP() );
2482 $this->mName = $str;
2509 if ( $this->mActorId ===
null || !$this->mActorId && $dbw ) {
2511 'actor_user' => $this->
getId() ?:
null,
2515 if ( $q[
'actor_user'] ===
null && self::isUsableName( $q[
'actor_name'] ) ) {
2517 'Cannot create an actor for a usable name that is not an existing user'
2520 if ( $q[
'actor_name'] ===
'' ) {
2523 $dbw->insert(
'actor', $q, __METHOD__, [
'IGNORE' ] );
2524 if ( $dbw->affectedRows() ) {
2525 $this->mActorId = (
int)$dbw->insertId();
2529 $this->mActorId = (
int)$dbw->selectField(
2534 [
'LOCK IN SHARE MODE' ]
2536 if ( !$this->mActorId ) {
2538 "Cannot create actor ID for user_id={$this->getId()} user_name={$this->getName()}"
2544 list( $index,
$options ) = DBAccessObjectUtils::getDBOptions( $this->queryFlagsUsed );
2546 $this->mActorId = (
int)$db->selectField(
'actor',
'actor_id', $q, __METHOD__,
$options );
2570 if ( $this->mNewtalk === -1 ) {
2571 $this->mNewtalk =
false; # reset talk page status
2575 if ( !$this->mId ) {
2579 $this->mNewtalk =
false;
2584 $this->mNewtalk = $this->
checkNewtalk(
'user_id', $this->mId );
2608 if ( !Hooks::run(
'UserRetrieveNewTalks', [ &$user, &$talks ] ) ) {
2618 $timestamp =
$dbr->selectField(
'user_newtalk',
2619 'MIN(user_last_timestamp)',
2620 $this->
isAnon() ? [
'user_ip' => $this->
getName() ] : [
'user_id' => $this->
getId() ],
2625 'wiki' => WikiMap::getWikiIdFromDbDomain( WikiMap::getCurrentWikiDbDomain() ),
2626 'link' => $utp->getLocalURL(),
2638 $newMessageRevisionId =
null;
2644 if ( $newMessageLinks && count( $newMessageLinks ) === 1
2645 && WikiMap::isCurrentWikiId( $newMessageLinks[0][
'wiki'] )
2646 && $newMessageLinks[0][
'rev']
2649 $newMessageRevision = $newMessageLinks[0][
'rev'];
2650 $newMessageRevisionId = $newMessageRevision->getId();
2667 $ok =
$dbr->selectField(
'user_newtalk', $field, [ $field => $id ], __METHOD__ );
2669 return $ok !==
false;
2681 $prevRev = $curRev ? $curRev->getPrevious() :
false;
2682 $ts = $prevRev ? $prevRev->getTimestamp() :
null;
2685 $dbw->insert(
'user_newtalk',
2686 [ $field => $id,
'user_last_timestamp' => $dbw->timestampOrNull( $ts ) ],
2689 if ( $dbw->affectedRows() ) {
2690 wfDebug( __METHOD__ .
": set on ($field, $id)\n" );
2694 wfDebug( __METHOD__ .
" already set ($field, $id)\n" );
2706 $dbw->delete(
'user_newtalk',
2709 if ( $dbw->affectedRows() ) {
2710 wfDebug( __METHOD__ .
": killed on ($field, $id)\n" );
2714 wfDebug( __METHOD__ .
": already gone ($field, $id)\n" );
2730 $this->mNewtalk =
$val;
2737 $id = $this->
getId();
2759 if ( $this->mTouched ) {
2777 if ( !$this->
getId() ) {
2781 $lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
2782 $cache = MediaWikiServices::getInstance()->getMainWANObjectCache();
2785 if ( $mode ===
'refresh' ) {
2786 $cache->delete( $key, 1 );
2788 $lb->getConnection(
DB_MASTER )->onTransactionPreCommitOrIdle(
2789 function () use (
$cache, $key ) {
2820 $id = $this->
getId();
2822 $cache = MediaWikiServices::getInstance()->getMainWANObjectCache();
2823 $key =
$cache->makeKey(
'user-quicktouched',
'id', $id );
2824 $cache->touchCheckKey( $key );
2825 $this->mQuickTouched =
null;
2835 return ( $timestamp >= $this->
getTouched() );
2850 if ( $this->mQuickTouched ===
null ) {
2851 $cache = MediaWikiServices::getInstance()->getMainWANObjectCache();
2852 $key =
$cache->makeKey(
'user-quicktouched',
'id', $this->mId );
2857 return max( $this->mTouched, $this->mQuickTouched );
2917 $manager = AuthManager::singleton();
2920 if ( !$manager->userExists( $this->getName() ) ) {
2921 throw new LogicException(
'Cannot set a password for a user that is not in the database.' );
2925 'username' => $this->
getName(),
2930 \MediaWiki\Logger\LoggerFactory::getInstance(
'authentication' )
2931 ->info( __METHOD__ .
': Password change rejected: '
2932 .
$status->getWikiText(
null,
null,
'en' ) );
2936 $this->
setOption(
'watchlisttoken',
false );
2937 SessionManager::singleton()->invalidateSessionsForUser( $this );
2955 $manager = AuthManager::singleton();
2956 $reqs = $manager->getAuthenticationRequests( AuthManager::ACTION_CHANGE, $this );
2957 $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs,
$data );
2959 $status = Status::newGood(
'ignored' );
2960 foreach ( $reqs as
$req ) {
2961 $status->merge( $manager->allowsAuthenticationDataChange(
$req ),
true );
2963 if (
$status->getValue() ===
'ignored' ) {
2964 $status->warning(
'authenticationdatachange-ignored' );
2968 foreach ( $reqs as
$req ) {
2969 $manager->changeAuthenticationData(
$req );
2985 if ( !$this->mToken && $forceCreation ) {
2989 if ( !$this->mToken ) {
2994 if ( $this->mToken === self::INVALID_TOKEN ) {
3009 $len =
max( 32, self::TOKEN_LENGTH );
3026 if ( $this->mToken === self::INVALID_TOKEN ) {
3027 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
3028 ->debug( __METHOD__ .
": Ignoring attempt to set token for system user \"$this\"" );
3032 $this->mToken = $token;
3045 throw new BadMethodCallException( __METHOD__ .
' has been removed in 1.27' );
3054 Hooks::run(
'UserGetEmail', [ $this, &$this->mEmail ] );
3064 Hooks::run(
'UserGetEmailAuthenticationTimestamp', [ $this, &$this->mEmailAuthenticated ] );
3074 if ( $str == $this->mEmail ) {
3078 $this->mEmail = $str;
3079 Hooks::run(
'UserSetEmail', [ $this, &$this->mEmail ] );
3093 return Status::newFatal(
'emaildisabled' );
3097 if ( $str === $oldaddr ) {
3098 return Status::newGood(
true );
3101 $type = $oldaddr !=
'' ?
'changed' :
'set';
3102 $notificationResult =
null;
3107 $change = $str !=
'' ?
'changed' :
'removed';
3108 $notificationResult = $this->
sendMail(
3109 wfMessage(
'notificationemail_subject_' . $change )->
text(),
3110 wfMessage(
'notificationemail_body_' . $change,
3123 if ( $notificationResult !==
null ) {
3124 $result->merge( $notificationResult );
3127 if ( $result->isGood() ) {
3129 $result->value =
'eauth';
3132 $result = Status::newGood(
true );
3156 $this->mRealName = $str;
3169 public function getOption( $oname, $defaultOverride =
null, $ignoreHidden =
false ) {
3173 # We want 'disabled' preferences to always behave as the default value for
3174 # users, even if they have set the option explicitly in their settings (ie they
3175 # set it, and then it was disabled removing their ability to change it). But
3176 # we don't want to erase the preferences in the database in case the preference
3177 # is re-enabled again. So don't touch $mOptions, just override the returned value
3183 return $this->mOptions[
$oname];
3202 # We want 'disabled' preferences to always behave as the default value for
3203 # users, even if they have set the option explicitly in their settings (ie they
3204 # set it, and then it was disabled removing their ability to change it). But
3205 # we don't want to erase the preferences in the database in case the preference
3206 # is re-enabled again. So don't touch $mOptions, just override the returned value
3207 foreach ( $wgHiddenPrefs as $pref ) {
3209 if ( $default !==
null ) {
3214 if ( $flags & self::GETOPTIONS_EXCLUDE_DEFAULTS ) {
3229 return (
bool)$this->
getOption( $oname );
3280 $id = $this->
getId();
3342 'registered-multiselect',
3343 'registered-checkmatrix',
3368 $preferencesFactory = MediaWikiServices::getInstance()->getPreferencesFactory();
3369 $prefs = $preferencesFactory->getFormDescriptor( $this,
$context );
3374 $specialOptions =
array_fill_keys( $preferencesFactory->getSaveBlacklist(),
true );
3375 foreach ( $specialOptions as $name =>
$value ) {
3376 unset( $prefs[$name] );
3381 $multiselectOptions = [];
3382 foreach ( $prefs as $name => $info ) {
3383 if ( (
isset( $info[
'type'] ) && $info[
'type'] ==
'multiselect' ) ||
3384 (
isset( $info[
'class'] ) && $info[
'class'] == HTMLMultiSelectField::class ) ) {
3385 $opts = HTMLFormField::flattenOptions( $info[
'options'] );
3386 $prefix = $info[
'prefix'] ??
$name;
3388 foreach ( $opts as
$value ) {
3389 $multiselectOptions[
"$prefix$value"] =
true;
3392 unset( $prefs[$name] );
3395 $checkmatrixOptions = [];
3396 foreach ( $prefs as $name => $info ) {
3397 if ( (
isset( $info[
'type'] ) && $info[
'type'] ==
'checkmatrix' ) ||
3398 (
isset( $info[
'class'] ) && $info[
'class'] == HTMLCheckMatrix::class ) ) {
3399 $columns = HTMLFormField::flattenOptions( $info[
'columns'] );
3400 $rows = HTMLFormField::flattenOptions( $info[
'rows'] );
3401 $prefix = $info[
'prefix'] ??
$name;
3403 foreach ( $columns as $column ) {
3404 foreach (
$rows as $row ) {
3405 $checkmatrixOptions[
"$prefix$column-$row"] =
true;
3409 unset( $prefs[$name] );
3415 if (
isset( $prefs[$key] ) ) {
3416 $mapping[$key] =
'registered';
3418 $mapping[$key] =
'registered-multiselect';
3420 $mapping[$key] =
'registered-checkmatrix';
3422 $mapping[$key] =
'special';
3424 $mapping[$key] =
'userjs';
3426 $mapping[$key] =
'unused';
3448 $resetKinds = [
'registered',
'registered-multiselect',
'registered-checkmatrix',
'unused' ],
3458 if (
in_array(
'all', $resetKinds ) ) {
3459 $newOptions = $defaultOptions;
3462 $context = RequestContext::getMain();
3466 $resetKinds =
array_intersect( $resetKinds, self::listOptionKinds() );
3471 foreach ( $this->mOptions as $key =>
$value ) {
3472 if (
in_array( $optionKinds[$key], $resetKinds ) ) {
3474 $newOptions[$key] = $defaultOptions[$key];
3477 $newOptions[$key] =
$value;
3482 Hooks::run(
'UserResetAllOptions', [ $this, &$newOptions, $this->mOptions, $resetKinds ] );
3484 $this->mOptions = $newOptions;
3485 $this->mOptionsLoaded =
true;
3494 if (
is_null( $this->mDatePreference ) ) {
3497 $map =
$wgLang->getDatePreferenceMigrationMap();
3501 $this->mDatePreference =
$value;
3519 Hooks::run(
'UserRequiresHTTPS', [ $this, &$https ] );
3548 if (
is_null( $this->mRights ) ) {
3550 Hooks::run(
'UserGetRights', [ $this, &$this->mRights ] );
3554 if ( !defined(
'MW_NO_SESSION' ) ) {
3555 $allowedRights = $this->
getRequest()->getSession()->getAllowedUserRights();
3556 if ( $allowedRights !==
null ) {
3561 Hooks::run(
'UserGetRightsRemove', [ $this, &$this->mRights ] );
3571 $config = RequestContext::getMain()->getConfig();
3574 $config->get(
'BlockDisablesLogin' ) &&
3578 $this->mRights =
array_intersect( $this->mRights, $anon->getRights() );
3593 return array_keys( $this->mGroupMemberships );
3617 if ( $recache ||
is_null( $this->mEffectiveGroups ) ) {
3625 Hooks::run(
'UserEffectiveGroups', [ &$user, &$this->mEffectiveGroups ] );
3640 if ( $recache ||
is_null( $this->mImplicitGroups ) ) {
3641 $this->mImplicitGroups = [
'*' ];
3642 if ( $this->
getId() ) {
3643 $this->mImplicitGroups[] =
'user';
3646 $this->mImplicitGroups,
3653 $this->mEffectiveGroups =
null;
3671 if (
is_null( $this->mFormerGroups ) ) {
3672 $db = ( $this->queryFlagsUsed & self::READ_LATEST )
3675 $res = $db->select(
'user_former_groups',
3677 [
'ufg_user' => $this->mId ],
3679 $this->mFormerGroups = [];
3680 foreach (
$res as $row ) {
3681 $this->mFormerGroups[] = $row->ufg_group;
3693 if ( !$this->
getId() ) {
3697 if ( $this->mEditCount ===
null ) {
3701 $count =
$dbr->selectField(
3702 'user',
'user_editcount',
3703 [
'user_id' => $this->mId ],
3707 if ( $count ===
null ) {
3711 $this->mEditCount = $count;
3735 if ( !Hooks::run(
'UserAddGroup', [ $this, &$group, &$expiry ] ) ) {
3741 if ( !$ugm->insert(
true ) ) {
3745 $this->mGroupMemberships[$group] =
$ugm;
3750 $this->mRights =
null;
3766 if ( !Hooks::run(
'UserRemoveGroup', [ $this, &$group ] ) ) {
3770 $ugm = UserGroupMembership::getMembership( $this->mId, $group );
3772 if ( !$ugm || !$ugm->delete() ) {
3777 unset( $this->mGroupMemberships[$group] );
3782 $this->mRights =
null;
3794 return $this->
getId() != 0;
3815 Hooks::run(
"UserIsBot", [ $this, &$isBot ] );
3828 foreach ( $permissions as $permission ) {
3829 if ( $this->
isAllowed( $permission ) ) {
3843 foreach ( $permissions as $permission ) {
3844 if ( !$this->
isAllowed( $permission ) ) {
3857 if ( $action ===
'' ) {
3904 if ( $this->mRequest ) {
3920 public function isWatched( $title, $checkRights = self::CHECK_USER_RIGHTS ) {
3921 if ( $title->isWatchable() && ( !$checkRights || $this->isAllowed(
'viewmywatchlist' ) ) ) {
3922 return MediaWikiServices::getInstance()->getWatchedItemStore()->isWatched( $this, $title );
3934 public function addWatch( $title, $checkRights = self::CHECK_USER_RIGHTS ) {
3935 if ( !$checkRights || $this->
isAllowed(
'editmywatchlist' ) ) {
3936 MediaWikiServices::getInstance()->getWatchedItemStore()->addWatchBatchForUser(
3938 [ $title->getSubjectPage(), $title->getTalkPage() ]
3951 public function removeWatch( $title, $checkRights = self::CHECK_USER_RIGHTS ) {
3952 if ( !$checkRights || $this->
isAllowed(
'editmywatchlist' ) ) {
3953 $store = MediaWikiServices::getInstance()->getWatchedItemStore();
3954 $store->removeWatch( $this, $title->getSubjectPage() );
3955 $store->removeWatch( $this, $title->getTalkPage() );
3977 if ( !$this->
isAllowed(
'editmywatchlist' ) ) {
3982 if ( $title->getNamespace() ==
NS_USER_TALK && $title->getText() == $this->getName() ) {
3985 if ( !Hooks::run(
'UserClearNewTalkNotification', [ &$user, $oldid ] ) ) {
3990 DeferredUpdates::addCallableUpdate(
function () use ( $title, $oldid ) {
4000 ? $title->getNextRevisionID( $oldid, Title::GAID_FOR_UPDATE )
4026 MediaWikiServices::getInstance()->getWatchedItemStore()
4027 ->resetNotificationTimestamp( $this, $title, $force, $oldid );
4048 $id = $this->
getId();
4053 $watchedItemStore = MediaWikiServices::getInstance()->getWatchedItemStore();
4054 $watchedItemStore->resetAllNotificationTimestampsForUser( $this );
4082 $registration > $learnerRegistration ) {
4087 $registration <= $experiencedRegistration
4089 return 'experienced';
4105 if ( $this->mId == 0 ) {
4109 $session = $this->
getRequest()->getSession();
4111 $session = $session->sessionWithRequest(
$request );
4113 $delay = $session->delaySave();
4115 if ( !$session->getUser()->equals( $this ) ) {
4116 if ( !$session->canSetUser() ) {
4117 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
4118 ->warning( __METHOD__ .
4119 ": Cannot save user \"$this\" to a user \"{$session->getUser()}\"'s immutable session"
4123 $session->setUser( $this );
4126 $session->setRememberUser( $rememberMe );
4127 if ( $secure !==
null ) {
4128 $session->setForceHTTPS( $secure );
4131 $session->persist();
4133 ScopedCallback::consume( $delay );
4142 if ( Hooks::run(
'UserLogout', [ &$user ] ) ) {
4152 $session = $this->
getRequest()->getSession();
4153 if ( !$session->canSetUser() ) {
4154 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
4155 ->warning( __METHOD__ .
": Cannot log out of an immutable session" );
4156 $error =
'immutable';
4157 }
elseif ( !$session->getUser()->equals( $this ) ) {
4158 \MediaWiki\Logger\LoggerFactory::getInstance(
'session' )
4159 ->warning( __METHOD__ .
4160 ": Cannot log user \"$this\" out of a user \"{$session->getUser()}\"'s session"
4164 $error =
'wronguser';
4167 $delay = $session->delaySave();
4168 $session->unpersist();
4169 $session->setLoggedOutTimestamp( time() );
4170 $session->setUser(
new User );
4171 $session->set(
'wsUserID', 0 );
4172 $session->resetAllTokens();
4173 ScopedCallback::consume( $delay );
4176 \MediaWiki\Logger\LoggerFactory::getInstance(
'authevents' )->info(
'Logout', [
4177 'event' =>
'logout',
4178 'successful' => $error ===
false,
4179 'status' => $error ?:
'success',
4193 "Could not update user with ID '{$this->mId}'; DB is read-only."
4199 if ( $this->mId == 0 ) {
4209 $dbw->doAtomicSection( __METHOD__,
function ( $dbw,
$fname ) use ( $newTouched ) {
4212 $dbw->update(
'user',
4214 'user_name' => $this->mName,
4215 'user_real_name' => $this->mRealName,
4216 'user_email' => $this->mEmail,
4217 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
4218 'user_touched' => $dbw->timestamp( $newTouched ),
4219 'user_token' => strval( $this->mToken ),
4220 'user_email_token' => $this->mEmailToken,
4221 'user_email_token_expires' => $dbw->timestampOrNull( $this->mEmailTokenExpires ),
4222 ], $this->makeUpdateConditions( $dbw, [
4223 'user_id' => $this->mId,
4227 if ( !$dbw->affectedRows() ) {
4231 $from = ( $this->queryFlagsUsed & self::READ_LATEST ) ?
'master' :
'replica';
4232 LoggerFactory::getInstance(
'preferences' )->warning(
4233 "CAS update failed on user_touched for user ID '{user_id}' ({db_flag} read)",
4234 [
'user_id' => $this->mId,
'db_flag' => $from ]
4236 throw new MWException(
"CAS update failed on user_touched. " .
4237 "The version of the user to be saved is older than the current version."
4244 [
'actor_name' => $this->mName ],
4245 [
'actor_user' => $this->mId ],
4254 Hooks::run(
'UserSaveSettings', [ $this ] );
4271 $db = ( ( $flags & self::READ_LATEST ) == self::READ_LATEST )
4276 ? [
'LOCK IN SHARE MODE' ]
4279 $id = $db->selectField(
'user',
4280 'user_id', [
'user_name' =>
$s ], __METHOD__,
$options );
4301 foreach ( [
'password',
'newpassword',
'newpass_time',
'password_expires' ] as $field ) {
4303 wfDeprecated( __METHOD__ .
" with param '$field'",
'1.27' );
4312 $user->mOptions =
$params[
'options'] + (
array)$user->mOptions;
4317 $noPass = PasswordFactory::newInvalidPassword()->toString();
4320 'user_name' =>
$name,
4322 'user_newpassword' =>
$noPass,
4323 'user_email' => $user->mEmail,
4324 'user_email_authenticated' => $dbw->timestampOrNull( $user->mEmailAuthenticated ),
4325 'user_real_name' => $user->mRealName,
4326 'user_token' =>
strval( $user->mToken ),
4327 'user_registration' => $dbw->timestamp( $user->mRegistration ),
4328 'user_editcount' => 0,
4329 'user_touched' => $dbw->timestamp( $user->newTouchedTimestamp() ),
4332 $fields[
"user_$name"] =
$value;
4335 return $dbw->doAtomicSection( __METHOD__,
function ( $dbw,
$fname ) use ( $fields ) {
4336 $dbw->insert(
'user', $fields,
$fname, [
'IGNORE' ] );
4337 if ( $dbw->affectedRows() ) {
4338 $newUser = self::newFromId( $dbw->insertId() );
4339 $newUser->mName = $fields[
'user_name'];
4340 $newUser->updateActorId( $dbw );
4342 $newUser->load( self::READ_LATEST );
4378 if ( !$this->mToken ) {
4383 throw new RuntimeException(
"User name field is not set." );
4389 $status = $dbw->doAtomicSection( __METHOD__,
function ( $dbw,
$fname ) {
4390 $noPass = PasswordFactory::newInvalidPassword()->toString();
4391 $dbw->insert(
'user',
4393 'user_name' => $this->mName,
4394 'user_password' => $noPass,
4395 'user_newpassword' => $noPass,
4396 'user_email' => $this->mEmail,
4397 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
4398 'user_real_name' => $this->mRealName,
4399 'user_token' => strval( $this->mToken ),
4400 'user_registration' => $dbw->timestamp( $this->mRegistration ),
4401 'user_editcount' => 0,
4402 'user_touched' => $dbw->timestamp( $this->mTouched ),
4406 if ( !$dbw->affectedRows() ) {
4408 $this->mId = $dbw->selectField(
4411 [
'user_name' => $this->mName ],
4413 [
'LOCK IN SHARE MODE' ]
4421 "to insert user '{$this->mName}' row, but it was not present in select!" );
4423 return Status::newFatal(
'userexists' );
4425 $this->mId = $dbw->insertId();
4429 return Status::newGood();
4439 return Status::newGood();
4452 [
'actor_user' => $this->mId,
'actor_name' => $this->mName ],
4478 wfDebug( __METHOD__ .
"()\n" );
4480 if ( $this->mId == 0 ) {
4485 if ( !$userblock ) {
4489 return (
bool)$userblock->doAutoblock( $this->
getRequest()->getIP() );
4498 if ( $this->mBlock && $this->mBlock->appliesToRight(
'createaccount' ) ) {
4502 # T15611: if the IP address the user is trying to create an account from is
4503 # blocked with createaccount disabled, prevent new account creation there even
4504 # when the user is logged in
4505 if ( $this->mBlockedFromCreateAccount ===
false && !$this->
isAllowed(
'ipblock-exempt' ) ) {
4508 return $this->mBlockedFromCreateAccount instanceof
Block
4509 && $this->mBlockedFromCreateAccount->
appliesToRight(
'createaccount' )
4520 return $this->mBlock && $this->mBlock->appliesToRight(
'sendemail' );
4531 return $this->mBlock && $this->mBlock->appliesToRight(
'upload' );
4548 return Title::makeTitle( NS_USER, $this->
getName() );
4558 return $title->getTalkPage();
4567 return !$this->
isAllowed(
'autoconfirmed' );
4579 $manager = AuthManager::singleton();
4580 $reqs = AuthenticationRequest::loadRequestsFromSubmission(
4581 $manager->getAuthenticationRequests( AuthManager::ACTION_LOGIN ),
4583 'username' => $this->getName(),
4584 'password' => $password,
4587 $res = AuthManager::singleton()->beginAuthentication( $reqs,
'null:' );
4588 switch (
$res->status ) {
4589 case AuthenticationResponse::PASS:
4591 case AuthenticationResponse::FAIL:
4593 \MediaWiki\Logger\LoggerFactory::getInstance(
'authentication' )
4594 ->info( __METHOD__ .
': Authentication failed: ' .
$res->message->plain() );
4597 throw new BadMethodCallException(
4598 'AuthManager returned a response unsupported by ' . __METHOD__
4636 return $request->getSession()->getToken( $salt );
4683 $val =
substr( $val, 0,
strspn( $val,
'0123456789abcdef' ) ) . Token::SUFFIX;
4702 if (
$type ==
'created' ||
$type ===
false ) {
4703 $message =
'confirmemail_body';
4706 $message =
'confirmemail_body_changed';
4710 $message =
'confirmemail_body_' .
$type;
4714 'subject' =>
wfMessage(
'confirmemail_subject' )->text(),
4719 $wgLang->userTimeAndDate( $expiration, $this ),
4721 $wgLang->userDate( $expiration, $this ),
4722 $wgLang->userTime( $expiration, $this ) )->text(),
4729 'confirmURL' => $url,
4731 'expiration' => $expiration
4734 Hooks::run(
'UserSendConfirmationMail', [ $this, &$mail, $info ] );
4735 return $this->
sendMail( $mail[
'subject'], $mail[
'body'], $mail[
'from'], $mail[
'replyTo'] );
4749 public function sendMail( $subject, $body, $from =
null, $replyto =
null ) {
4752 if ( $from instanceof
User ) {
4761 'replyTo' => $replyto,
4782 $hash =
md5( $token );
4783 $this->mEmailToken = $hash;
4784 $this->mEmailTokenExpires = $expiration;
4794 return $this->
getTokenUrl(
'ConfirmEmail', $token );
4803 return $this->
getTokenUrl(
'InvalidateEmail', $token );
4822 $title = Title::makeTitle(
NS_MAIN,
"Special:$page/$token" );
4823 return $title->getCanonicalURL();
4838 Hooks::run(
'ConfirmEmailComplete', [ $this ] );
4852 $this->mEmailToken =
null;
4853 $this->mEmailTokenExpires =
null;
4856 Hooks::run(
'InvalidateEmailComplete', [ $this ] );
4866 $this->mEmailAuthenticated = $timestamp;
4867 Hooks::run(
'UserSetEmailAuthenticationTimestamp', [ $this, &$this->mEmailAuthenticated ] );
4883 Hooks::run(
'UserCanSendEmail', [ &$user, &$canSend ] );
4912 if ( Hooks::run(
'EmailConfirmed', [ &$user, &$confirmed ] ) ) {
4916 if ( !Sanitizer::validateEmail( $this->mEmail ) ) {
4936 $this->mEmailToken &&
4984 if ( $this->
getId() == 0 ) {
4988 $actorWhere = ActorMigration::newMigration()->getWhere(
$dbr,
'rev_user', $this );
4989 $tsField =
isset( $actorWhere[
'tables'][
'temp_rev_user'] )
4990 ?
'revactor_timestamp' :
'rev_timestamp';
4991 $sortOrder = $first ?
'ASC' :
'DESC';
4993 [
'revision' ] + $actorWhere[
'tables'],
4995 [ $actorWhere[
'conds'] ],
4997 [
'ORDER BY' =>
"$tsField $sortOrder" ],
4998 $actorWhere[
'joins']
5016 foreach ( $groups as $group ) {
5024 foreach ( $groups as $group ) {
5041 $allowedGroups = [];
5043 if ( self::groupHasPermission( $group, $role ) ) {
5044 $allowedGroups[] = $group;
5088 if (
isset(
$cache[$right] ) && !defined(
'MW_PHPUNIT_TEST' ) ) {
5099 if (
isset( $rights[$right] ) && $rights[$right] ) {
5107 if ( !defined(
'MW_NO_SESSION' ) ) {
5108 $allowedRights = SessionManager::getGlobalSession()->getAllowedUserRights();
5109 if ( $allowedRights !==
null && !
in_array( $right, $allowedRights,
true ) ) {
5116 if ( !Hooks::run(
'UserIsEveryoneAllowed', [ $right ] ) ) {
5135 self::getImplicitGroups()
5144 if ( self::$mAllRights ===
false ) {
5151 Hooks::run(
'UserGetAllRights', [ &self::$mAllRights ] );
5176 return UserGroupMembership::getGroupPage( $group );
5192 if ( $text ==
'' ) {
5193 $text = UserGroupMembership::getGroupName( $group );
5195 $title = UserGroupMembership::getGroupPage( $group );
5197 return MediaWikiServices::getInstance()
5198 ->getLinkRenderer()->makeLink( $title, $text );
5217 if ( $text ==
'' ) {
5218 $text = UserGroupMembership::getGroupName( $group );
5220 $title = UserGroupMembership::getGroupPage( $group );
5222 $page = $title->getFullText();
5223 return "[[$page|$text]]";
5312 if ( $this->
isAllowed(
'userrights' ) ) {
5335 foreach ( $addergroups as $addergroup ) {
5341 $groups[
'add-self'] =
array_unique( $groups[
'add-self'] );
5342 $groups[
'remove-self'] =
array_unique( $groups[
'remove-self'] );
5355 DeferredUpdates::addUpdate(
5357 DeferredUpdates::POSTSEND
5367 $this->mEditCount = $count;
5381 $actorWhere = ActorMigration::newMigration()->getWhere(
$dbr,
'rev_user', $this );
5382 $count = (
int)
$dbr->selectField(
5383 [
'revision' ] + $actorWhere[
'tables'],
5385 [ $actorWhere[
'conds'] ],
5388 $actorWhere[
'joins']
5394 [
'user_editcount' => $count ],
5396 'user_id' => $this->
getId(),
5397 'user_editcount IS NULL OR user_editcount < ' . (
int)$count
5413 $key =
"right-$right";
5415 return $msg->isDisabled() ?
$right : $msg->text();
5426 $key =
"grant-$grant";
5428 return $msg->isDisabled() ?
$grant : $msg->text();
5477 if ( $this->mOptionsLoaded ) {
5483 if ( !$this->
getId() ) {
5488 $variant = MediaWikiServices::getInstance()->getContentLanguage()->getDefaultVariant();
5489 $this->mOptions[
'variant'] = $variant;
5490 $this->mOptions[
'language'] = $variant;
5491 $this->mOptionsLoaded =
true;
5496 if ( !
is_null( $this->mOptionOverrides ) ) {
5497 wfDebug(
"User: loading options for user " . $this->
getId() .
" from override cache.\n" );
5498 foreach ( $this->mOptionOverrides as $key =>
$value ) {
5499 $this->mOptions[$key] =
$value;
5503 wfDebug(
"User: loading options for user " . $this->
getId() .
" from database.\n" );
5505 $dbr = ( $this->queryFlagsUsed & self::READ_LATEST )
5511 [
'up_property',
'up_value' ],
5512 [
'up_user' => $this->
getId() ],
5516 $this->mOptionOverrides = [];
5518 foreach (
$res as $row ) {
5523 if ( $row->up_value ===
'0' ) {
5526 $data[$row->up_property] = $row->up_value;
5537 $this->mOptions[
'language'] = LanguageCode::replaceDeprecatedCodes(
5538 $this->mOptions[
'language']
5541 $this->mOptionsLoaded =
true;
5543 Hooks::run(
'UserLoadOptions', [ $this, &$this->mOptions ] );
5559 if ( !Hooks::run(
'UserSaveOptions', [ $this, &$saveOptions ] ) ) {
5563 $userId = $this->
getId();
5566 foreach ( $saveOptions as $key =>
$value ) {
5569 if ( ( $defaultOption ===
null &&
$value !==
false &&
$value !==
null )
5570 ||
$value != $defaultOption
5573 'up_user' => $userId,
5574 'up_property' => $key,
5582 $res = $dbw->select(
'user_properties',
5583 [
'up_property',
'up_value' ], [
'up_user' => $userId ], __METHOD__ );
5588 foreach (
$res as $row ) {
5589 if ( !
isset( $saveOptions[$row->up_property] )
5590 || strcmp( $saveOptions[$row->up_property], $row->up_value ) != 0
5592 $keysDelete[] = $row->up_property;
5596 if ( count( $keysDelete ) ) {
5604 $dbw->delete(
'user_properties',
5605 [
'up_user' => $userId,
'up_property' => $keysDelete ], __METHOD__ );
5608 $dbw->insert(
'user_properties', $insert_rows, __METHOD__, [
'IGNORE' ] );
5626 'user_email_authenticated',
5628 'user_email_token_expires',
5629 'user_registration',
5647 'tables' => [
'user' ],
5655 'user_email_authenticated',
5657 'user_email_token_expires',
5658 'user_registration',
5667 $ret[
'tables'][
'user_actor'] =
'actor';
5668 $ret[
'fields'][] =
'user_actor.actor_id';
5669 $ret[
'joins'][
'user_actor'] = [
5671 [
'user_actor.actor_user = user_id' ]
5689 foreach ( self::getGroupsWithPermission( $permission ) as $group ) {
5690 $groups[] = UserGroupMembership::getLink( $group, RequestContext::getMain(),
'wiki' );
5694 return Status::newFatal(
'badaccess-groups',
$wgLang->commaList( $groups ), count( $groups ) );
5697 return Status::newFatal(
'badaccess-group0' );
5710 if ( !$this->
getId() ) {
5715 if ( !$user->loadFromId( self::READ_EXCLUSIVE ) ) {
This list may contain false positives That usually means there is additional text with links below the first Each row contains links to the first and second as well as the first line of the second redirect text
and that you know you can do these things To protect your we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certain responsibilities for you if you distribute copies of the or if you modify it For if you distribute copies of such a whether gratis or for a you must give the recipients all the rights that you have You must make sure that receive or can get the source code And you must show them these terms so they know their rights We protect your rights with two and(2) offer you this license which gives you legal permission to copy
$wgRateLimitsExcludedIPs
Array of IPs / CIDR ranges which should be excluded from rate limits.
$wgApplyIpBlocksToXff
Whether to look at the X-Forwarded-For header's list of (potentially spoofed) IPs and apply IP blocks...
$wgUserEmailConfirmationTokenExpiry
The time, in seconds, when an email confirmation email expires.
$wgMaxArticleSize
Maximum article size in kilobytes.
$wgLearnerMemberSince
Name of the external diff engine to use.
$wgProxyList
Big list of banned IP addresses.
$wgHiddenPrefs
An array of preferences to not show for the user.
$wgDefaultUserOptions
Settings added to this array will override the default globals for the user preferences used by anony...
$wgDisableAnonTalk
Disable links to talk pages of anonymous users (IPs) in listings on special pages like page history,...
$wgAutopromoteOnceLogInRC
Put user rights log entries for autopromotion in recent changes?
$wgEnableUserEmail
Set to true to enable user-to-user e-mail.
$wgPasswordPolicy
Password policy for the wiki.
$wgExperiencedUserMemberSince
Name of the external diff engine to use.
$wgUseFilePatrol
Use file patrolling to check new files on Special:Newfiles.
string null $wgAuthenticationTokenVersion
Versioning for authentication tokens.
string[] $wgSoftBlockRanges
IP ranges that should be considered soft-blocked (anon-only, account creation allowed).
$wgProxyWhitelist
Proxy whitelist, list of addresses that are assumed to be non-proxy despite what the other methods mi...
$wgGroupsAddToSelf
A map of group names that the user is in, to group names that those users are allowed to add or revok...
$wgShowUpdatedMarker
Show "Updated (since my last visit)" marker in RC view, watchlist and history view for watched pages ...
$wgUseRCPatrol
Use RC Patrolling to check for vandalism (from recent changes and watchlists) New pages and new files...
$wgLearnerEdits
The following variables define 3 user experience levels:
$wgUseNPPatrol
Use new page patrolling to check new pages on Special:Newpages.
$wgInvalidUsernameCharacters
Characters to prevent during new account creations.
$wgEnableEmail
Set to true to enable the e-mail basic features: Password reminders, etc.
$wgMaxNameChars
Maximum number of bytes in username.
$wgSecureLogin
This is to let user authenticate using https when they come from http.
$wgImplicitGroups
Implicit groups, aren't shown on Special:Listusers or somewhere else.
$wgAddGroups
$wgAddGroups and $wgRemoveGroups can be used to give finer control over who can assign which groups a...
$wgExperiencedUserEdits
Name of the external diff engine to use.
$wgReservedUsernames
Array of usernames which may not be registered or logged in from Maintenance scripts can still use th...
$wgDefaultSkin
Default skin, for new users and anonymous visitors.
$wgRevokePermissions
Permission keys revoked from users in each group.
$wgEnableDnsBlacklist
Whether to use DNS blacklists in $wgDnsBlacklistUrls to check for open proxies.
$wgDnsBlacklistUrls
List of DNS blacklists to use, if $wgEnableDnsBlacklist is true.
$wgMinimalPasswordLength
Specifies the minimal length of a user password.
$wgEmailAuthentication
Require email authentication before sending mail to an email address.
$wgPasswordSender
Sender email address for e-mail notifications.
$wgRateLimits
Simple rate limiter options to brake edit floods.
$wgNamespacesToBeSearchedDefault
List of namespaces which are searched by default.
int $wgActorTableSchemaMigrationStage
Actor table schema migration stage.
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
wfTimestampOrNull( $outputtype=TS_UNIX, $ts=null)
Return a formatted timestamp, or null if input is null.
wfTimestampNow()
Convenience function; returns MediaWiki timestamp for the present time.
wfReadOnly()
Check whether the wiki is in read-only mode.
wfGetDB( $db, $groups=[], $wiki=false)
Get a Database object.
wfCanIPUseHTTPS( $ip)
Determine whether the client at a given source IP is likely to be able to access the wiki via HTTPS.
wfDebugLog( $logGroup, $text, $dest='all', array $context=[])
Send a line to a supplementary debug log file, if configured, or main debug log if not.
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
wfDeprecated( $function, $version=false, $component=false, $callerOffset=2)
Throws a warning that $function is deprecated.
$wgGroupPermissions['sysop']['replacetext']
if(defined( 'MW_SETUP_CALLBACK')) $fname
Customization point after all loading (constants, functions, classes, DefaultSettings,...
foreach( $wgExtensionFunctions as $func) if(!defined('MW_NO_SESSION') &&! $wgCommandLineMode) if(! $wgCommandLineMode) $wgFullyInitialised
if(! $wgDBerrorLogTZ) $wgRequest
static clearCookie(WebResponse $response)
Unset the 'BlockID' cookie.
static newFromID( $id)
Load a block from the block id.
static getBlocksForIPList(array $ipChain, $isAnon, $fromMaster=false)
Get all blocks that match any IP from an array of IP addresses.
appliesToRight( $right)
Determine whether the Block prevents a given right.
static chooseBlock(array $blocks, array $ipChain)
From a list of multiple blocks, find the most exact and strongest Block.
static getIdFromCookieValue( $cookieValue)
Get the stored ID from the 'BlockID' cookie.
static newFromTarget( $specificTarget, $vagueTarget=null, $fromMaster=false)
Given a target and the target's type, get an existing Block object if possible.
Exception thrown when an actor can't be created.
Value object representing a logged-out user's edit token.
static hmac( $data, $key, $raw=true)
Generate an acceptably unstable one-way-hmac of some text making use of the best hash algorithm that ...
static generateHex( $chars)
Generate a run of cryptographically random data and return it in hexadecimal string format.
Stores a single person's name and email address.
static newFromUser(User $user)
Create a new MailAddress object for the given user.
Class for creating new log entries and inserting them into the database.
static loadFromTimestamp( $db, $title, $timestamp)
Load the revision for the given title with the given timestamp.
static newFromId( $id, $flags=0)
Load a page revision from a given revision ID number.
Handles increment the edit count for a given set of users.
Represents a "user group membership" – a specific instance of a user belonging to a group.
static send( $to, $from, $subject, $body, $options=[])
This function will perform a direct (authenticated) login to a SMTP Server to use for mail relaying i...
Check if a user's password complies with any password policies that apply to that user,...
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
getEditTimestamp( $first)
Get the timestamp of the first or latest edit.
loadFromSession()
Load user data from the session.
addWatch( $title, $checkRights=self::CHECK_USER_RIGHTS)
Watch an article.
setEditCountInternal( $count)
This method should not be called outside User/UserEditCountUpdate.
string $mTouched
TS_MW timestamp from the DB.
logout()
Log this user out.
getOptions( $flags=0)
Get all user's options.
getRequest()
Get the WebRequest object to use with this object.
getPasswordValidity( $password)
Given unvalidated password input, return error message on failure.
Block $mBlockedFromCreateAccount
getName()
Get the user name, or the IP of an anonymous user.
addToDatabase()
Add this existing user object to the database.
requiresHTTPS()
Determine based on the wiki configuration and the user's options, whether this user must be over HTTP...
updateActorId(IDatabase $dbw)
Update the actor ID after an insert.
getExperienceLevel()
Compute experienced level based on edit count and registration date.
static isEveryoneAllowed( $right)
Check if all users may be assumed to have the given permission.
static string null $defOptLang
Is the user an IP range?
static newFromName( $name, $validate='valid')
Static factory method for creation from username.
resetOptions( $resetKinds=[ 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused'], IContextSource $context=null)
Reset certain (or all) options to the site defaults.
static whoIsReal( $id)
Get the real name of a user given their user ID.
invalidateCache()
Immediately touch the user data cache for this account.
static $mCacheVars
Array of Strings List of member variables which are saved to the shared cache (memcached).
getEmailAuthenticationTimestamp()
Get the timestamp of the user's e-mail authentication.
isBlockedFromEmailuser()
Get whether the user is blocked from using Special:Emailuser.
static getQueryInfo()
Return the tables, fields, and join conditions to be selected to create a new user object.
$mOptionsLoaded
Bool Whether the cache variables have been loaded.
static isCreatableName( $name)
Usernames which fail to pass this function will be blocked from new account registrations,...
getFirstEditTimestamp()
Get the timestamp of the first edit.
getOptionKinds(IContextSource $context, $options=null)
Return an associative array mapping preferences keys to the kind of a preference they're used for.
static changeableByGroup( $group)
Returns an array of the groups that a particular group can add/remove.
const VERSION
@const int Serialized record version.
getEditTokenObject( $salt='', $request=null)
Initialize (if necessary) and return a session token value which can be used in edit forms to show th...
static getAllGroups()
Return the set of defined explicit groups.
string $mEmailTokenExpires
isAllowUsertalk()
Checks if usertalk is allowed.
setCookies( $request=null, $secure=null, $rememberMe=false)
Persist this user's session (e.g.
getEditToken( $salt='', $request=null)
Initialize (if necessary) and return a session token value which can be used in edit forms to show th...
isDnsBlacklisted( $ip, $checkWhitelist=false)
Whether the given IP is in a DNS blacklist.
int $queryFlagsUsed
User::READ_* constant bitfield used to load data.
static $mAllRights
String Cached results of getAllRights()
equals(UserIdentity $user)
Checks if two user objects point to the same user.
getTokenUrl( $page, $token)
Internal function to format the e-mail validation/invalidation URLs.
addGroup( $group, $expiry=null)
Add the user to the given group.
isBlockedGlobally( $ip='')
Check if user is blocked on all wikis.
string $mQuickTouched
TS_MW timestamp from cache.
const INVALID_TOKEN
@const string An invalid value for user_token
isSafeToLoad()
Test if it's safe to load this User object.
static groupHasPermission( $group, $role)
Check, if the given group has the given permission.
isEmailConfirmed()
Is this user's e-mail address valid-looking and confirmed within limits of the current site configura...
spreadAnyEditBlock()
If this user is logged-in and blocked, block any IP address they've successfully logged in from.
useFilePatrol()
Check whether to enable new files patrol features for this user.
loadFromId( $flags=self::READ_NORMAL)
Load user table data, given mId has already been set.
isAllowed( $action='')
Internal mechanics of testing a permission.
getDBTouched()
Get the user_touched timestamp field (time of last DB updates)
setName( $str)
Set the user name.
changeAuthenticationData(array $data)
Changes credentials of the user.
static $mCoreRights
Array of Strings Core rights.
getId()
Get the user's ID.
getRealName()
Get the user's real name.
loadOptions( $data=null)
Load the user options either from cache, the database or an array.
getBoolOption( $oname)
Get the user's current setting for a given option, as a boolean value.
getBlockedStatus( $fromReplica=true)
Get blocking information.
getRegistration()
Get the timestamp of account creation.
static isLocallyBlockedProxy( $ip)
Check if an IP address is in the local proxy list.
getGlobalBlock( $ip='')
Check if user is blocked on all wikis.
static newFromAnyId( $userId, $userName, $actorId)
Static factory method for creation from an ID, name, and/or actor ID.
isItemLoaded( $item, $all='all')
Return whether an item has been loaded.
getMutableCacheKeys(WANObjectCache $cache)
getTokenFromOption( $oname)
Get a token stored in the preferences (like the watchlist one), resetting it if it's empty (and savin...
isNewbie()
Determine whether the user is a newbie.
clearNotification(&$title, $oldid=0)
Clear the user's notification timestamp for the given title.
static resetIdByNameCache()
Reset the cache used in idFromName().
deleteNewtalk( $field, $id)
Clear the new messages flag for the given user.
loadFromDatabase( $flags=self::READ_LATEST)
Load user and user_group data from the database.
invalidationTokenUrl( $token)
Return a URL the user can use to invalidate their email address.
useNPPatrol()
Check whether to enable new pages patrol features for this user.
static randomPassword()
Return a random password.
static purge( $wikiId, $userId)
getIntOption( $oname, $defaultOverride=0)
Get the user's current setting for a given option, as an integer value.
clearInstanceCache( $reloadFrom=false)
Clear various cached data stored in this object.
canReceiveEmail()
Is this user allowed to receive e-mails within limits of current site configuration?
loadDefaults( $name=false)
Set cached properties to default.
trackBlockWithCookie()
Set the 'BlockID' cookie depending on block type and user authentication status.
getOption( $oname, $defaultOverride=null, $ignoreHidden=false)
Get the user's current setting for a given option.
touch()
Update the "touched" timestamp for the user.
checkTemporaryPassword( $plaintext)
Check if the given clear-text password matches the temporary password sent by e-mail for password res...
isPingLimitable()
Is this user subject to rate limiting?
static getCanonicalName( $name, $validate='valid')
Given unvalidated user input, return a canonical username, or false if the username is invalid.
static newFromRow( $row, $data=null)
Create a new user object from a user row.
getToken( $forceCreation=true)
Get the user's current token.
static newFromId( $id)
Static factory method for creation from a given user ID.
setInternalPassword( $str)
Set the password and reset the random token unconditionally.
confirmEmail()
Mark the e-mail address confirmed.
static getGroupsWithPermission( $role)
Get all the groups who have a given permission.
setId( $v)
Set the user and reload all fields according to a given ID.
static getGroupPermissions( $groups)
Get the permissions associated with a given list of groups.
$mNewtalk
Lazy-initialized variables, invalidated with clearInstanceCache.
static getDefaultOptions()
Combine the language default options with any site-specific options and add the default language vari...
static findUsersByGroup( $groups, $limit=5000, $after=null)
Return the users who are members of the given group(s).
getEffectiveGroups( $recache=false)
Get the list of implicit group memberships this user has.
static selectFields()
Return the list of user fields that should be selected to create a new user object.
isHidden()
Check if user account is hidden.
static array null $defOpt
Is the user an IP range?
static newFromConfirmationCode( $code, $flags=0)
Factory method to fetch whichever user has a given email confirmation code.
setEmailWithConfirmation( $str)
Set the user's e-mail address and a confirmation mail if needed.
newTouchedTimestamp()
Generate a current or new-future timestamp to be stored in the user_touched field when we update thin...
inDnsBlacklist( $ip, $bases)
Whether the given IP is in a given DNS blacklist.
loadFromUserObject( $user)
Load the data for this user object from another user object.
static isUsableName( $name)
Usernames which fail to pass this function will be blocked from user login and new account registrati...
static getDefaultOption( $opt)
Get a given default option value.
getDatePreference()
Get the user's preferred date format.
checkPasswordValidity( $password)
Check if this is a valid password for this user.
static resetGetDefaultOptionsForTestsOnly()
Reset the process cache of default user options.
static getGroupPage( $group)
Get the title of a page describing a particular group.
idForName( $flags=0)
If only this user's username is known, and it exists, return the user ID.
getGroupMemberships()
Get the list of explicit group memberships this user has, stored as UserGroupMembership objects.
matchEditTokenNoSuffix( $val, $salt='', $request=null, $maxage=null)
Check given value against the token value stored in the session, ignoring the suffix.
isWatched( $title, $checkRights=self::CHECK_USER_RIGHTS)
Check the watched status of an article.
loadFromRow( $row, $data=null)
Initialize this object from a row from the user table.
setPassword( $str)
Set the password and reset the random token.
confirmationTokenUrl( $token)
Return a URL the user can use to confirm their email address.
isAllowedToCreateAccount()
Get whether the user is allowed to create an account.
static newFromSession(WebRequest $request=null)
Create a new user object using data from session.
static getAllRights()
Get a list of all available permissions.
getNewtalk()
Check if the user has new messages.
getGroups()
Get the list of explicit group memberships this user has.
addNewUserLogEntry( $action=false, $reason='')
Add a newuser log entry for this user.
validateCache( $timestamp)
Validate the cache for this account.
useRCPatrol()
Check whether to enable recent changes patrol features for this user.
makeUpdateConditions(IDatabase $db, array $conditions)
Builds update conditions.
loadGroups()
Load the groups from the database if they aren't already loaded.
static whoIs( $id)
Get the username corresponding to a given user ID.
invalidateEmail()
Invalidate the user's e-mail confirmation, and unauthenticate the e-mail address if it was already co...
setEmailAuthenticationTimestamp( $timestamp)
Set the e-mail authentication timestamp.
static newSystemUser( $name, $options=[])
Static factory method for creation of a "system" user from username.
setOption( $oname, $val)
Set the given option for a user.
saveOptions()
Saves the non-default options for this user, as previously set e.g.
static getRightDescription( $right)
Get the description of a given right.
getEditCount()
Get the user's edit count.
getActorId(IDatabase $dbw=null)
Get the user's actor ID.
UserGroupMembership[] $mGroupMemberships
Associative array of (group name => UserGroupMembership object)
addAutopromoteOnceGroups( $event)
Add the user to the group if he/she meets given criteria.
clearSharedCache( $mode='refresh')
Clear user data from memcached.
isValidPassword( $password)
Is the input a valid password for this user?
isBlockedFromCreateAccount()
Get whether the user is explicitly blocked from account creation.
spreadBlock()
If this (non-anonymous) user is blocked, block the IP address they've successfully logged in from.
getFormerGroups()
Returns the groups the user has belonged to.
setRealName( $str)
Set the user's real name.
getLatestEditTimestamp()
Get the timestamp of the latest edit.
static newFromIdentity(UserIdentity $identity)
Returns a User object corresponding to the given UserIdentity.
getTitleKey()
Get the user's name escaped by underscores.
static isIP( $name)
Does the string match an anonymous IP address?
static makeGroupLinkWiki( $group, $text='')
Create a link to the group in Wikitext, if available; else return the group name.
getTouched()
Get the user touched timestamp.
sendMail( $subject, $body, $from=null, $replyto=null)
Send an e-mail to this user's account.
isLocked()
Check if user account is locked.
checkAndSetTouched()
Bump user_touched if it didn't change since this object was loaded.
removeWatch( $title, $checkRights=self::CHECK_USER_RIGHTS)
Stop watching an article.
setPasswordInternal( $str)
Actually set the password and such.
isEmailConfirmationPending()
Check whether there is an outstanding request for e-mail confirmation.
checkNewtalk( $field, $id)
Internal uncached check for new messages.
getUserPage()
Get this user's personal page title.
isIPRange()
Is the user an IP range?
$mFrom
String Initialization data source if mLoadedItems!==true.
confirmationToken(&$expiration)
Generate, store, and return a new e-mail confirmation code.
canSendEmail()
Is this user allowed to send e-mails within limits of current site configuration?
getBlockId()
If user is blocked, return the ID for the block.
__construct()
Lightweight constructor for an anonymous user.
setNewtalk( $val, $curRev=null)
Update the 'You have new messages!' status.
getStubThreshold()
Get the user preferred stub threshold.
pingLimiter( $action='edit', $incrBy=1)
Primitive rate limits: enforce maximum actions per time period to put a brake on flooding.
static isValidUserName( $name)
Is the input a valid username?
sendConfirmationMail( $type='created')
Generate a new e-mail confirmation token and send a confirmation/invalidation mail to the user's give...
getTalkPage()
Get this user's talk page title.
isLoggedIn()
Get whether the user is logged in.
static idFromName( $name, $flags=self::READ_NORMAL)
Get database id given a user name.
loadFromCache()
Load user data from shared cache, given mId has already been set.
getCacheKey(WANObjectCache $cache)
saveSettings()
Save this user's settings into the database.
getNewMessageRevisionId()
Get the revision ID for the last talk page revision viewed by the talk page owner.
getBlockFromCookieValue( $blockCookieVal)
Try to load a Block from an ID given in a cookie value.
static getGrantName( $grant)
Get the name of a given grant.
isAllowedAny()
Check if user is allowed to access a feature / make an action.
getEmail()
Get the user's e-mail address.
static newFatalPermissionDeniedStatus( $permission)
Factory function for fatal permission-denied errors.
setNewpassword( $str, $throttle=true)
Set the password for a password reminder or new account email.
getAutomaticGroups( $recache=false)
Get the list of implicit group memberships this user has.
isBlockedFromUpload()
Get whether the user is blocked from using Special:Upload.
load( $flags=self::READ_NORMAL)
Load the user table data for this object from the source given by mFrom.
blockedBy()
If user is blocked, return the name of the user who placed the block.
getRights()
Get the permissions this user has.
matchEditToken( $val, $salt='', $request=null, $maxage=null)
Check given value against the token value stored in the session.
string $mEmailAuthenticated
const GETOPTIONS_EXCLUDE_DEFAULTS
Exclude user options that are set to their default value.
const TOKEN_LENGTH
@const int Number of characters in user_token field.
setToken( $token=false)
Set the random token (used for persistent authentication) Called from loadDefaults() among other plac...
updateNewtalk( $field, $id, $curRev=null)
Add or update the new messages flag.
static createNew( $name, $params=[])
Add a user to the database, return the user object.
initEditCountInternal()
Initialize user_editcount from data out of the revision table.
addNewUserLogEntryAutoCreate()
Add an autocreate newuser log entry for this user Used by things like CentralAuth and perhaps other a...
doLogout()
Clear the user's session, and reset the instance cache.
setItemLoaded( $item)
Set that an item has been loaded.
incEditCount()
Schedule a deferred update to update the user's edit count.
$mLoadedItems
Array with already loaded items or true if all items have been loaded.
blockedFor()
If user is blocked, return the specified reason for the block.
static listOptionKinds()
Return a list of the types of user options currently returned by User::getOptionKinds().
getBlock( $fromReplica=true)
Get the block affecting the user, or null if the user is not blocked.
resetTokenFromOption( $oname)
Reset a token stored in the preferences (like the watchlist one).
static makeGroupLinkHTML( $group, $text='')
Create a link to the group in HTML, if available; else return the group name.
static getImplicitGroups()
Get a list of implicit groups TODO: Should we deprecate this? It's trivial, but we don't want to enco...
changeableGroups()
Returns an array of groups that this user can add and remove.
isBlocked( $fromReplica=true)
Check if user is blocked.
getNewMessageLinks()
Return the data needed to construct links for new talk page message alerts.
isAnon()
Get whether the user is anonymous.
setEmail( $str)
Set the user's e-mail address.
checkPassword( $password)
Check to see if the given clear-text password is one of the accepted passwords.
getInstanceForUpdate()
Get a new instance of this user that was loaded from the master via a locking read.
isBlockedFrom( $title, $fromReplica=false)
Check if user is blocked from editing a particular article.
static newFromActorId( $id)
Static factory method for creation from a given actor ID.
clearAllNotifications()
Resets all of the given user's page-change notification timestamps.
removeGroup( $group)
Remove the user from the given group.
Multi-datacenter aware caching interface.
The WebRequest class encapsulates getting at data passed in the URL or via a POSTed form stripping il...
The ContentHandler facility adds support for arbitrary content types on wiki pages
deferred txt A few of the database updates required by various functions here can be deferred until after the result page is displayed to the user For updating the view updating the linked to tables after a etc PHP does not yet have any way to tell the server to actually return and disconnect while still running these but it might have such a feature in the future We handle these by creating a deferred update object and putting those objects on a global list
this hook is for auditing only $req
see documentation in includes Linker php for Linker::makeImageLink & $time
namespace being checked & $result
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction $rows
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on $request
This code would result in ircNotify being run twice when an article is and once for brion Hooks can return three possible true was required This is the default since MediaWiki *some string
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on and they can depend only on the ResourceLoaderContext $context
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not null
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not it can be in the form of< username >< more info > e g for bot passwords intended to be added to log contexts Fields it might only if the login was with a bot password it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output modifiable & $code
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
either a unescaped string or a HtmlArmor object after in associative array form externallinks including delete and has completed for all link tables whether this was an auto creation use $formDescriptor instead default is conds Array Extra conditions for the No matching items in log is displayed if loglist is empty msgKey Array If you want a nice box with a set this to the key of the message First element is the message additional optional elements are parameters for the key that are processed with wfMessage() -> params() ->parseAsBlock() - offset Set to overwrite offset parameter in $wgRequest set to '' to unset offset - wrap String Wrap the message in html(usually something like "<div ...>$1</div>"). - flags Integer display flags(NO_ACTION_LINK, NO_EXTRA_USER_LINKS) 'LogException':Called before an exception(or PHP error) is logged. This is meant for integration with external error aggregation services
Allows to change the fields on the form that will be generated $name
Status::newGood()` to allow deletion, and then `return false` from the hook function. Ensure you consume the 'ChangeTagAfterDelete' hook to carry out custom deletion actions. $tag:name of the tag $user:user initiating the action & $status:Status object. See above. 'ChangeTagsListActive':Allows you to nominate which of the tags your extension uses are in active use. & $tags:list of all active tags. Append to this array. 'ChangeTagsAfterUpdateTags':Called after tags have been updated with the ChangeTags::updateTags function. Params:$addedTags:tags effectively added in the update $removedTags:tags effectively removed in the update $prevTags:tags that were present prior to the update $rc_id:recentchanges table id $rev_id:revision table id $log_id:logging table id $params:tag params $rc:RecentChange being tagged when the tagging accompanies the action, or null $user:User who performed the tagging when the tagging is subsequent to the action, or null 'ChangeTagsAllowedAdd':Called when checking if a user can add tags to a change. & $allowedTags:List of all the tags the user is allowed to add. Any tags the user wants to add( $addTags) that are not in this array will cause it to fail. You may add or remove tags to this array as required. $addTags:List of tags user intends to add. $user:User who is adding the tags. 'ChangeUserGroups':Called before user groups are changed. $performer:The User who will perform the change $user:The User whose groups will be changed & $add:The groups that will be added & $remove:The groups that will be removed 'Collation::factory':Called if $wgCategoryCollation is an unknown collation. $collationName:Name of the collation in question & $collationObject:Null. Replace with a subclass of the Collation class that implements the collation given in $collationName. 'ConfirmEmailComplete':Called after a user 's email has been confirmed successfully. $user:user(object) whose email is being confirmed 'ContentAlterParserOutput':Modify parser output for a given content object. Called by Content::getParserOutput after parsing has finished. Can be used for changes that depend on the result of the parsing but have to be done before LinksUpdate is called(such as adding tracking categories based on the rendered HTML). $content:The Content to render $title:Title of the page, as context $parserOutput:ParserOutput to manipulate 'ContentGetParserOutput':Customize parser output for a given content object, called by AbstractContent::getParserOutput. May be used to override the normal model-specific rendering of page content. $content:The Content to render $title:Title of the page, as context $revId:The revision ID, as context $options:ParserOptions for rendering. To avoid confusing the parser cache, the output can only depend on parameters provided to this hook function, not on global state. $generateHtml:boolean, indicating whether full HTML should be generated. If false, generation of HTML may be skipped, but other information should still be present in the ParserOutput object. & $output:ParserOutput, to manipulate or replace 'ContentHandlerDefaultModelFor':Called when the default content model is determined for a given title. May be used to assign a different model for that title. $title:the Title in question & $model:the model name. Use with CONTENT_MODEL_XXX constants. 'ContentHandlerForModelID':Called when a ContentHandler is requested for a given content model name, but no entry for that model exists in $wgContentHandlers. Note:if your extension implements additional models via this hook, please use GetContentModels hook to make them known to core. $modeName:the requested content model name & $handler:set this to a ContentHandler object, if desired. 'ContentModelCanBeUsedOn':Called to determine whether that content model can be used on a given page. This is especially useful to prevent some content models to be used in some special location. $contentModel:ID of the content model in question $title:the Title in question. & $ok:Output parameter, whether it is OK to use $contentModel on $title. Handler functions that modify $ok should generally return false to prevent further hooks from further modifying $ok. 'ContribsPager::getQueryInfo':Before the contributions query is about to run & $pager:Pager object for contributions & $queryInfo:The query for the contribs Pager 'ContribsPager::reallyDoQuery':Called before really executing the query for My Contributions & $data:an array of results of all contribs queries $pager:The ContribsPager object hooked into $offset:Index offset, inclusive $limit:Exact query limit $descending:Query direction, false for ascending, true for descending 'ContributionsLineEnding':Called before a contributions HTML line is finished $page:SpecialPage object for contributions & $ret:the HTML line $row:the DB row for this line & $classes:the classes to add to the surrounding< li > & $attribs:associative array of other HTML attributes for the< li > element. Currently only data attributes reserved to MediaWiki are allowed(see Sanitizer::isReservedDataAttribute). 'ContributionsToolLinks':Change tool links above Special:Contributions $id:User identifier $title:User page title & $tools:Array of tool links $specialPage:SpecialPage instance for context and services. Can be either SpecialContributions or DeletedContributionsPage. Extensions should type hint against a generic SpecialPage though. 'ConvertContent':Called by AbstractContent::convert when a conversion to another content model is requested. Handler functions that modify $result should generally return false to disable further attempts at conversion. $content:The Content object to be converted. $toModel:The ID of the content model to convert to. $lossy: boolean indicating whether lossy conversion is allowed. & $result:Output parameter, in case the handler function wants to provide a converted Content object. Note that $result->getContentModel() must return $toModel. 'ContentSecurityPolicyDefaultSource':Modify the allowed CSP load sources. This affects all directives except for the script directive. If you want to add a script source, see ContentSecurityPolicyScriptSource hook. & $defaultSrc:Array of Content-Security-Policy allowed sources $policyConfig:Current configuration for the Content-Security-Policy header $mode:ContentSecurityPolicy::REPORT_ONLY_MODE or ContentSecurityPolicy::FULL_MODE depending on type of header 'ContentSecurityPolicyDirectives':Modify the content security policy directives. Use this only if ContentSecurityPolicyDefaultSource and ContentSecurityPolicyScriptSource do not meet your needs. & $directives:Array of CSP directives $policyConfig:Current configuration for the CSP header $mode:ContentSecurityPolicy::REPORT_ONLY_MODE or ContentSecurityPolicy::FULL_MODE depending on type of header 'ContentSecurityPolicyScriptSource':Modify the allowed CSP script sources. Note that you also have to use ContentSecurityPolicyDefaultSource if you want non-script sources to be loaded from whatever you add. & $scriptSrc:Array of CSP directives $policyConfig:Current configuration for the CSP header $mode:ContentSecurityPolicy::REPORT_ONLY_MODE or ContentSecurityPolicy::FULL_MODE depending on type of header 'CustomEditor':When invoking the page editor Return true to allow the normal editor to be used, or false if implementing a custom editor, e.g. for a special namespace, etc. $article:Article being edited $user:User performing the edit 'DatabaseOraclePostInit':Called after initialising an Oracle database $db:the DatabaseOracle object 'DeletedContribsPager::reallyDoQuery':Called before really executing the query for Special:DeletedContributions Similar to ContribsPager::reallyDoQuery & $data:an array of results of all contribs queries $pager:The DeletedContribsPager object hooked into $offset:Index offset, inclusive $limit:Exact query limit $descending:Query direction, false for ascending, true for descending 'DeletedContributionsLineEnding':Called before a DeletedContributions HTML line is finished. Similar to ContributionsLineEnding $page:SpecialPage object for DeletedContributions & $ret:the HTML line $row:the DB row for this line & $classes:the classes to add to the surrounding< li > & $attribs:associative array of other HTML attributes for the< li > element. Currently only data attributes reserved to MediaWiki are allowed(see Sanitizer::isReservedDataAttribute). 'DeleteUnknownPreferences':Called by the cleanupPreferences.php maintenance script to build a WHERE clause with which to delete preferences that are not known about. This hook is used by extensions that have dynamically-named preferences that should not be deleted in the usual cleanup process. For example, the Gadgets extension creates preferences prefixed with 'gadget-', and so anything with that prefix is excluded from the deletion. &where:An array that will be passed as the $cond parameter to IDatabase::select() to determine what will be deleted from the user_properties table. $db:The IDatabase object, useful for accessing $db->buildLike() etc. 'DifferenceEngineAfterLoadNewText':called in DifferenceEngine::loadNewText() after the new revision 's content has been loaded into the class member variable $differenceEngine->mNewContent but before returning true from this function. $differenceEngine:DifferenceEngine object 'DifferenceEngineLoadTextAfterNewContentIsLoaded':called in DifferenceEngine::loadText() after the new revision 's content has been loaded into the class member variable $differenceEngine->mNewContent but before checking if the variable 's value is null. This hook can be used to inject content into said class member variable. $differenceEngine:DifferenceEngine object 'DifferenceEngineMarkPatrolledLink':Allows extensions to change the "mark as
patrolled" link which is shown both on the diff header as well as on the bottom of a page, usually wrapped in a span element which has class="patrollink". $differenceEngine:DifferenceEngine object & $markAsPatrolledLink:The "mark as patrolled" link HTML(string) $rcid:Recent change ID(rc_id) for this change(int) 'DifferenceEngineMarkPatrolledRCID':Allows extensions to possibly change the rcid parameter. For example the rcid might be set to zero due to the user being the same as the performer of the change but an extension might still want to show it under certain conditions. & $rcid:rc_id(int) of the change or 0 $differenceEngine:DifferenceEngine object $change:RecentChange object $user:User object representing the current user 'DifferenceEngineNewHeader':Allows extensions to change the $newHeader variable, which contains information about the new revision, such as the revision 's author, whether the revision was marked as a minor edit or not, etc. $differenceEngine:DifferenceEngine object & $newHeader:The string containing the various #mw-diff-otitle[1-5] divs, which include things like revision author info, revision comment, RevisionDelete link and more $formattedRevisionTools:Array containing revision tools, some of which may have been injected with the DiffRevisionTools hook $nextlink:String containing the link to the next revision(if any) $status
Using a hook running we can avoid having all this option specific stuff in our mainline code Using the function We ve cleaned up the code here by removing clumps of infrequently used code and moving them off somewhere else It s much easier for someone working with this code to see what s _really_ going and make changes or fix bugs In we can take all the code that deals with the little used title reversing we can concentrate it all in an extension file
and how to run hooks for an and one after Each event has a preferably in CamelCase For ArticleDelete hook A clump of code and data that should be run when an event happens This can be either a function and a chunk of or an object and a method hook function The function part of a third party developers and local administrators to define code that will be run at certain points in the mainline and to modify the data run by that mainline code Hooks can keep mainline code and make it easier to write extensions Hooks are a principled alternative to local patches for two options in MediaWiki One reverses the order of a title before displaying the article
return true to allow those checks to and false if checking is done & $user
presenting them properly to the user as errors is done by the caller return true use this to change the list i e etc $rev
processing should stop and the error should be shown to the user * false
$data
Utility to generate mapping file used in mw.Title (phpCharToUpper.json)
const SCHEMA_COMPAT_READ_NEW
const SCHEMA_COMPAT_WRITE_NEW
Interface for objects which can provide a MediaWiki context on request.
Interface for database access objects.
const READ_LOCKING
Constants for object loading bitfield flags (higher => higher QoS)
The wiki should then use memcached to cache various data To use multiple just add more items to the array To increase the weight of a make its entry a array("192.168.0.1:11211", 2))
MediaWiki has optional support for a high distributed memory object caching system For general information on but for a larger site with heavy load