MediaWiki REL1_39
TemporaryPasswordPrimaryAuthenticationProvider.php
Go to the documentation of this file.
1<?php
22namespace MediaWiki\Auth;
23
24use MediaWiki\MainConfigNames;
25use MediaWiki\User\UserOptionsLookup;
26use MediaWiki\User\UserRigorOptions;
27use SpecialPage;
28use User;
29use Wikimedia\IPUtils;
30use Wikimedia\Rdbms\ILoadBalancer;
31
43class TemporaryPasswordPrimaryAuthenticationProvider
44 extends AbstractPasswordPrimaryAuthenticationProvider
45{
47 protected $emailEnabled = null;
48
50 protected $newPasswordExpiry = null;
51
53 protected $passwordReminderResendTime = null;
54
56 protected $allowRequiringEmail = null;
57
59 private $loadBalancer;
60
62 private $userOptionsLookup;
63
73 public function __construct(
74 ILoadBalancer $loadBalancer,
75 UserOptionsLookup $userOptionsLookup,
76 $params = []
77 ) {
78 parent::__construct( $params );
79
80 if ( isset( $params['emailEnabled'] ) ) {
81 $this->emailEnabled = (bool)$params['emailEnabled'];
82 }
83 if ( isset( $params['newPasswordExpiry'] ) ) {
84 $this->newPasswordExpiry = (int)$params['newPasswordExpiry'];
85 }
86 if ( isset( $params['passwordReminderResendTime'] ) ) {
87 $this->passwordReminderResendTime = $params['passwordReminderResendTime'];
88 }
89 if ( isset( $params['allowRequiringEmailForResets'] ) ) {
90 $this->allowRequiringEmail = $params['allowRequiringEmailForResets'];
91 }
92 $this->loadBalancer = $loadBalancer;
93 $this->userOptionsLookup = $userOptionsLookup;
94 }
95
96 protected function postInitSetup() {
97 if ( $this->emailEnabled === null ) {
98 $this->emailEnabled = $this->config->get( MainConfigNames::EnableEmail );
99 }
100 if ( $this->newPasswordExpiry === null ) {
101 $this->newPasswordExpiry = $this->config->get( MainConfigNames::NewPasswordExpiry );
102 }
103 if ( $this->passwordReminderResendTime === null ) {
104 $this->passwordReminderResendTime =
105 $this->config->get( MainConfigNames::PasswordReminderResendTime );
106 }
107 if ( $this->allowRequiringEmail === null ) {
108 $this->allowRequiringEmail =
109 $this->config->get( MainConfigNames::AllowRequiringEmailForResets );
110 }
111 }
112
113 protected function getPasswordResetData( $username, $data ) {
114 // Always reset
115 return (object)[
116 'msg' => wfMessage( 'resetpass-temp-emailed' ),
117 'hard' => true,
118 ];
119 }
120
121 public function getAuthenticationRequests( $action, array $options ) {
122 switch ( $action ) {
123 case AuthManager::ACTION_LOGIN:
124 return [ new PasswordAuthenticationRequest() ];
125
126 case AuthManager::ACTION_CHANGE:
127 return [ TemporaryPasswordAuthenticationRequest::newRandom() ];
128
129 case AuthManager::ACTION_CREATE:
130 if ( isset( $options['username'] ) && $this->emailEnabled ) {
131 // Creating an account for someone else
132 return [ TemporaryPasswordAuthenticationRequest::newRandom() ];
133 } else {
134 // It's not terribly likely that an anonymous user will
135 // be creating an account for someone else.
136 return [];
137 }
138
139 case AuthManager::ACTION_REMOVE:
140 return [ new TemporaryPasswordAuthenticationRequest ];
141
142 default:
143 return [];
144 }
145 }
146
147 public function beginPrimaryAuthentication( array $reqs ) {
148 $req = AuthenticationRequest::getRequestByClass( $reqs, PasswordAuthenticationRequest::class );
149 if ( !$req || $req->username === null || $req->password === null ) {
150 return AuthenticationResponse::newAbstain();
151 }
152
153 $username = $this->userNameUtils->getCanonical(
154 $req->username, UserRigorOptions::RIGOR_USABLE );
155 if ( $username === false ) {
156 return AuthenticationResponse::newAbstain();
157 }
158
159 $dbr = $this->loadBalancer->getConnectionRef( DB_REPLICA );
160 $row = $dbr->selectRow(
161 'user',
162 [
163 'user_id', 'user_newpassword', 'user_newpass_time',
164 ],
165 [ 'user_name' => $username ],
166 __METHOD__
167 );
168 if ( !$row ) {
169 return AuthenticationResponse::newAbstain();
170 }
171
172 $status = $this->checkPasswordValidity( $username, $req->password );
173 if ( !$status->isOK() ) {
174 // Fatal, can't log in
175 return AuthenticationResponse::newFail( $status->getMessage() );
176 }
177
178 $pwhash = $this->getPassword( $row->user_newpassword );
179 if ( !$pwhash->verify( $req->password ) ) {
180 return $this->failResponse( $req );
181 }
182
183 if ( !$this->isTimestampValid( $row->user_newpass_time ) ) {
184 return $this->failResponse( $req );
185 }
186
187 // Add an extra log entry since a temporary password is
188 // an unusual way to log in, so its important to keep track
189 // of in case of abuse.
190 $this->logger->info( "{user} successfully logged in using temp password",
191 [
192 'user' => $username,
193 'requestIP' => $this->manager->getRequest()->getIP()
194 ]
195 );
196
197 $this->setPasswordResetFlag( $username, $status );
198
199 return AuthenticationResponse::newPass( $username );
200 }
201
202 public function testUserCanAuthenticate( $username ) {
203 $username = $this->userNameUtils->getCanonical( $username, UserRigorOptions::RIGOR_USABLE );
204 if ( $username === false ) {
205 return false;
206 }
207
208 $dbr = $this->loadBalancer->getConnectionRef( DB_REPLICA );
209 $row = $dbr->selectRow(
210 'user',
211 [ 'user_newpassword', 'user_newpass_time' ],
212 [ 'user_name' => $username ],
213 __METHOD__
214 );
215 if ( !$row ) {
216 return false;
217 }
218
219 if ( $this->getPassword( $row->user_newpassword ) instanceof \InvalidPassword ) {
220 return false;
221 }
222
223 if ( !$this->isTimestampValid( $row->user_newpass_time ) ) {
224 return false;
225 }
226
227 return true;
228 }
229
230 public function testUserExists( $username, $flags = User::READ_NORMAL ) {
231 $username = $this->userNameUtils->getCanonical( $username, UserRigorOptions::RIGOR_USABLE );
232 if ( $username === false ) {
233 return false;
234 }
235
236 list( $db, $options ) = \DBAccessObjectUtils::getDBOptions( $flags );
237 return (bool)$this->loadBalancer->getConnectionRef( $db )->selectField(
238 [ 'user' ],
239 'user_id',
240 [ 'user_name' => $username ],
241 __METHOD__,
242 $options
243 );
244 }
245
246 public function providerAllowsAuthenticationDataChange(
247 AuthenticationRequest $req, $checkData = true
248 ) {
249 if ( get_class( $req ) !== TemporaryPasswordAuthenticationRequest::class ) {
250 // We don't really ignore it, but this is what the caller expects.
251 return \StatusValue::newGood( 'ignored' );
252 }
253
254 if ( !$checkData ) {
255 return \StatusValue::newGood();
256 }
257
258 $username = $this->userNameUtils->getCanonical(
259 $req->username, UserRigorOptions::RIGOR_USABLE );
260 if ( $username === false ) {
261 return \StatusValue::newGood( 'ignored' );
262 }
263
264 $row = $this->loadBalancer->getConnectionRef( DB_PRIMARY )->selectRow(
265 'user',
266 [ 'user_id', 'user_newpass_time' ],
267 [ 'user_name' => $username ],
268 __METHOD__
269 );
270
271 if ( !$row ) {
272 return \StatusValue::newGood( 'ignored' );
273 }
274
275 $sv = \StatusValue::newGood();
276 if ( $req->password !== null ) {
277 $sv->merge( $this->checkPasswordValidity( $username, $req->password ) );
278
279 if ( $req->mailpassword ) {
280 if ( !$this->emailEnabled ) {
281 return \StatusValue::newFatal( 'passwordreset-emaildisabled' );
282 }
283
284 // We don't check whether the user has an email address;
285 // that information should not be exposed to the caller.
286
287 // do not allow temporary password creation within
288 // $wgPasswordReminderResendTime from the last attempt
289 if (
290 $this->passwordReminderResendTime
291 && $row->user_newpass_time
292 && time() < (int)wfTimestamp( TS_UNIX, $row->user_newpass_time )
293 + $this->passwordReminderResendTime * 3600
294 ) {
295 // Round the time in hours to 3 d.p., in case someone is specifying
296 // minutes or seconds.
297 return \StatusValue::newFatal( 'throttled-mailpassword',
298 round( $this->passwordReminderResendTime, 3 ) );
299 }
300
301 if ( !$req->caller ) {
302 return \StatusValue::newFatal( 'passwordreset-nocaller' );
303 }
304 if ( !IPUtils::isValid( $req->caller ) ) {
305 $caller = User::newFromName( $req->caller );
306 if ( !$caller ) {
307 return \StatusValue::newFatal( 'passwordreset-nosuchcaller', $req->caller );
308 }
309 }
310 }
311 }
312 return $sv;
313 }
314
315 public function providerChangeAuthenticationData( AuthenticationRequest $req ) {
316 $username = $req->username !== null ?
317 $this->userNameUtils->getCanonical( $req->username, UserRigorOptions::RIGOR_USABLE ) : false;
318 if ( $username === false ) {
319 return;
320 }
321
322 $dbw = $this->loadBalancer->getConnectionRef( DB_PRIMARY );
323
324 $sendMail = false;
325 if ( $req->action !== AuthManager::ACTION_REMOVE &&
326 get_class( $req ) === TemporaryPasswordAuthenticationRequest::class
327 ) {
328 $pwhash = $this->getPasswordFactory()->newFromPlaintext( $req->password );
329 $newpassTime = $dbw->timestamp();
330 $sendMail = $req->mailpassword;
331 } else {
332 // Invalidate the temporary password when any other auth is reset, or when removing
333 $pwhash = $this->getPasswordFactory()->newFromCiphertext( null );
334 $newpassTime = null;
335 }
336
337 $dbw->update(
338 'user',
339 [
340 'user_newpassword' => $pwhash->toString(),
341 'user_newpass_time' => $newpassTime,
342 ],
343 [ 'user_name' => $username ],
344 __METHOD__
345 );
346
347 if ( $sendMail ) {
348 // Send email after DB commit
349 $dbw->onTransactionCommitOrIdle(
350 function () use ( $req ) {
352 $this->sendPasswordResetEmail( $req );
353 },
354 __METHOD__
355 );
356 }
357 }
358
359 public function accountCreationType() {
360 return self::TYPE_CREATE;
361 }
362
363 public function testForAccountCreation( $user, $creator, array $reqs ) {
365 $req = AuthenticationRequest::getRequestByClass(
366 $reqs, TemporaryPasswordAuthenticationRequest::class
367 );
368
369 $ret = \StatusValue::newGood();
370 if ( $req ) {
371 if ( $req->mailpassword ) {
372 if ( !$this->emailEnabled ) {
373 $ret->merge( \StatusValue::newFatal( 'emaildisabled' ) );
374 } elseif ( !$user->getEmail() ) {
375 $ret->merge( \StatusValue::newFatal( 'noemailcreate' ) );
376 }
377 }
378
379 $ret->merge(
380 $this->checkPasswordValidity( $user->getName(), $req->password )
381 );
382 }
383 return $ret;
384 }
385
386 public function beginPrimaryAccountCreation( $user, $creator, array $reqs ) {
388 $req = AuthenticationRequest::getRequestByClass(
389 $reqs, TemporaryPasswordAuthenticationRequest::class
390 );
391 if ( $req && $req->username !== null && $req->password !== null ) {
392 // Nothing we can do yet, because the user isn't in the DB yet
393 if ( $req->username !== $user->getName() ) {
394 $req = clone $req;
395 $req->username = $user->getName();
396 }
397
398 if ( $req->mailpassword ) {
399 // prevent EmailNotificationSecondaryAuthenticationProvider from sending another mail
400 $this->manager->setAuthenticationSessionData( 'no-email', true );
401 }
402
403 $ret = AuthenticationResponse::newPass( $req->username );
404 $ret->createRequest = $req;
405 return $ret;
406 }
407 return AuthenticationResponse::newAbstain();
408 }
409
410 public function finishAccountCreation( $user, $creator, AuthenticationResponse $res ) {
412 $req = $res->createRequest;
413 $mailpassword = $req->mailpassword;
414 $req->mailpassword = false; // providerChangeAuthenticationData would send the wrong email
415
416 // Now that the user is in the DB, set the password on it.
417 $this->providerChangeAuthenticationData( $req );
418
419 if ( $mailpassword ) {
420 // Send email after DB commit
421 $this->loadBalancer->getConnectionRef( DB_PRIMARY )->onTransactionCommitOrIdle(
422 function () use ( $user, $creator, $req ) {
423 $this->sendNewAccountEmail( $user, $creator, $req->password );
424 },
425 __METHOD__
426 );
427 }
428
429 return $mailpassword ? 'byemail' : null;
430 }
431
437 protected function isTimestampValid( $timestamp ) {
438 $time = wfTimestampOrNull( TS_MW, $timestamp );
439 if ( $time !== null ) {
440 $expiry = (int)wfTimestamp( TS_UNIX, $time ) + $this->newPasswordExpiry;
441 if ( time() >= $expiry ) {
442 return false;
443 }
444 }
445 return true;
446 }
447
455 protected function sendNewAccountEmail( User $user, User $creatingUser, $password ) {
456 $ip = $creatingUser->getRequest()->getIP();
457 // @codeCoverageIgnoreStart
458 if ( !$ip ) {
459 return \Status::newFatal( 'badipaddress' );
460 }
461 // @codeCoverageIgnoreEnd
462
463 $this->getHookRunner()->onUser__mailPasswordInternal( $creatingUser, $ip, $user );
464
465 $mainPageUrl = \Title::newMainPage()->getCanonicalURL();
466 $userLanguage = $this->userOptionsLookup->getOption( $user, 'language' );
467 $subjectMessage = wfMessage( 'createaccount-title' )->inLanguage( $userLanguage );
468 $bodyMessage = wfMessage( 'createaccount-text', $ip, $user->getName(), $password,
469 '<' . $mainPageUrl . '>', round( $this->newPasswordExpiry / 86400 ) )
470 ->inLanguage( $userLanguage );
471
472 $status = $user->sendMail( $subjectMessage->text(), $bodyMessage->text() );
473
474 // TODO show 'mailerror' message on error, 'accmailtext' success message otherwise?
475 // @codeCoverageIgnoreStart
476 if ( !$status->isGood() ) {
477 $this->logger->warning( 'Could not send account creation email: ' .
478 $status->getWikiText( false, false, 'en' ) );
479 }
480 // @codeCoverageIgnoreEnd
481
482 return $status;
483 }
484
489 protected function sendPasswordResetEmail( TemporaryPasswordAuthenticationRequest $req ) {
490 $user = User::newFromName( $req->username );
491 if ( !$user ) {
492 return \Status::newFatal( 'noname' );
493 }
494 $userLanguage = $this->userOptionsLookup->getOption( $user, 'language' );
495 $callerIsAnon = IPUtils::isValid( $req->caller );
496 $callerName = $callerIsAnon ? $req->caller : User::newFromName( $req->caller )->getName();
497 $passwordMessage = wfMessage( 'passwordreset-emailelement', $user->getName(),
498 $req->password )->inLanguage( $userLanguage );
499 $emailMessage = wfMessage( $callerIsAnon ? 'passwordreset-emailtext-ip'
500 : 'passwordreset-emailtext-user' )->inLanguage( $userLanguage );
501 $body = $emailMessage->params( $callerName, $passwordMessage->text(), 1,
502 '<' . \Title::newMainPage()->getCanonicalURL() . '>',
503 round( $this->newPasswordExpiry / 86400 ) )->text();
504
505 if ( $this->allowRequiringEmail && !$this->userOptionsLookup
506 ->getBoolOption( $user, 'requireemail' )
507 ) {
508 $body .= "\n\n";
509 $url = SpecialPage::getTitleFor( 'Preferences', false, 'mw-prefsection-personal-email' )
510 ->getCanonicalURL();
511 $body .= wfMessage( 'passwordreset-emailtext-require-email' )
512 ->inLanguage( $userLanguage )
513 ->params( "<$url>" )
514 ->text();
515 }
516
517 $emailTitle = wfMessage( 'passwordreset-emailtitle' )->inLanguage( $userLanguage );
518 return $user->sendMail( $emailTitle->text(), $body );
519 }
520}
wfTimestampOrNull
wfTimestampOrNull( $outputtype=TS_UNIX, $ts=null)
Return a formatted timestamp, or null if input is null.
Definition GlobalFunctions.php:1440
wfTimestamp
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
Definition GlobalFunctions.php:1424
wfMessage
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
Definition GlobalFunctions.php:934
InvalidPassword
Represents an invalid password hash.
Definition InvalidPassword.php:34
MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider
Basic framework for a primary authentication provider that uses passwords.
Definition AbstractPasswordPrimaryAuthenticationProvider.php:38
MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\failResponse
failResponse(PasswordAuthenticationRequest $req)
Return the appropriate response for failure.
Definition AbstractPasswordPrimaryAuthenticationProvider.php:88
MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\setPasswordResetFlag
setPasswordResetFlag( $username, Status $status, $data=null)
Check if the password should be reset.
Definition AbstractPasswordPrimaryAuthenticationProvider.php:123
MediaWiki\Auth\AuthManager\ACTION_CHANGE
const ACTION_CHANGE
Change a user's credentials.
Definition AuthManager.php:126
MediaWiki\Auth\AuthManager\ACTION_REMOVE
const ACTION_REMOVE
Remove a user's credentials.
Definition AuthManager.php:128
MediaWiki\Auth\AuthManager\ACTION_LOGIN
const ACTION_LOGIN
Log in with an existing (not necessarily local) user.
Definition AuthManager.php:108
MediaWiki\Auth\AuthManager\ACTION_CREATE
const ACTION_CREATE
Create a new user.
Definition AuthManager.php:114
MediaWiki\Auth\AuthenticationRequest
This is a value object for authentication requests.
Definition AuthenticationRequest.php:42
MediaWiki\Auth\AuthenticationRequest\getRequestByClass
static getRequestByClass(array $reqs, $class, $allowSubclasses=false)
Select a request by class name.
Definition AuthenticationRequest.php:280
MediaWiki\Auth\AuthenticationResponse
This is a value object to hold authentication response data.
Definition AuthenticationResponse.php:37
MediaWiki\Auth\AuthenticationResponse\newFail
static newFail(Message $msg, array $failReasons=[])
Definition AuthenticationResponse.php:157
MediaWiki\Auth\PasswordAuthenticationRequest
This is a value object for authentication requests with a username and password.
Definition PasswordAuthenticationRequest.php:30
MediaWiki\Auth\TemporaryPasswordAuthenticationRequest
This represents the intention to set a temporary password for the user.
Definition TemporaryPasswordAuthenticationRequest.php:33
MediaWiki\Auth\TemporaryPasswordAuthenticationRequest\newRandom
static newRandom()
Return an instance with a new, random password.
Definition TemporaryPasswordAuthenticationRequest.php:72
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider
A primary authentication provider that uses the temporary password field in the 'user' table.
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:45
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\beginPrimaryAccountCreation
beginPrimaryAccountCreation( $user, $creator, array $reqs)
Start an account creation flow.
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:386
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\sendNewAccountEmail
sendNewAccountEmail(User $user, User $creatingUser, $password)
Send an email about the new account creation and the temporary password.
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:455
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\providerAllowsAuthenticationDataChange
providerAllowsAuthenticationDataChange(AuthenticationRequest $req, $checkData=true)
Validate a change of authentication data (e.g.
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:246
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\finishAccountCreation
finishAccountCreation( $user, $creator, AuthenticationResponse $res)
Post-creation callback.Called after the user is added to the database, before secondary authenticatio...
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:410
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\testForAccountCreation
testForAccountCreation( $user, $creator, array $reqs)
Determine whether an account creation may begin.Called from AuthManager::beginAccountCreation()No nee...
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:363
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\providerChangeAuthenticationData
providerChangeAuthenticationData(AuthenticationRequest $req)
Change or remove authentication data (e.g.
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:315
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\__construct
__construct(ILoadBalancer $loadBalancer, UserOptionsLookup $userOptionsLookup, $params=[])
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:73
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\isTimestampValid
isTimestampValid( $timestamp)
Check that a temporary password is still valid (hasn't expired).
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:437
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\postInitSetup
postInitSetup()
A provider can override this to do any necessary setup after init() is called.
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:96
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\testUserExists
testUserExists( $username, $flags=User::READ_NORMAL)
Test whether the named user exists.
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:230
MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\testUserCanAuthenticate
testUserCanAuthenticate( $username)
Test whether the named user can authenticate with this provider.Should return true if the provider ha...
Definition TemporaryPasswordPrimaryAuthenticationProvider.php:202
MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:23
MediaWiki\MainConfigNames\PasswordReminderResendTime
const PasswordReminderResendTime
Name constant for the PasswordReminderResendTime setting, for use with Config::get()
Definition MainConfigNames.php:939
MediaWiki\MainConfigNames\EnableEmail
const EnableEmail
Name constant for the EnableEmail setting, for use with Config::get()
Definition MainConfigNames.php:909
MediaWiki\MainConfigNames\NewPasswordExpiry
const NewPasswordExpiry
Name constant for the NewPasswordExpiry setting, for use with Config::get()
Definition MainConfigNames.php:945
MediaWiki\MainConfigNames\AllowRequiringEmailForResets
const AllowRequiringEmailForResets
Name constant for the AllowRequiringEmailForResets setting, for use with Config::get()
Definition MainConfigNames.php:2643
MediaWiki\User\UserOptionsLookup
Provides access to user options.
Definition UserOptionsLookup.php:29
SpecialPage
Parent class for all special pages.
Definition SpecialPage.php:44
SpecialPage\getTitleFor
static getTitleFor( $name, $subpage=false, $fragment='')
Get a localised Title object for a specified special page name If you don't need a full Title object,...
Definition SpecialPage.php:132
User
internal since 1.36
Definition User.php:70
User\getRequest
getRequest()
Get the WebRequest object to use with this object.
Definition User.php:2415
User\getName
getName()
Get the user name, or the IP of an anonymous user.
Definition User.php:1679
User\newFromName
static newFromName( $name, $validate='valid')
Definition User.php:598
User\sendMail
sendMail( $subject, $body, $from=null, $replyto=null)
Send an e-mail to this user's account.
Definition User.php:3056
MediaWiki\User\UserRigorOptions
Shared interface for rigor levels when dealing with User methods.
Definition UserRigorOptions.php:30
Wikimedia\Rdbms\ILoadBalancer
Create and track the database connections and transactions for a given database cluster.
Definition ILoadBalancer.php:77
DB_REPLICA
const DB_REPLICA
Definition defines.php:26
DB_PRIMARY
const DB_PRIMARY
Definition defines.php:28