MediaWiki  master
HTMLUserTextField.php
Go to the documentation of this file.
1 <?php
2 
3 use MediaWiki\MediaWikiServices;
4 use MediaWiki\User\ExternalUserNames;
5 use MediaWiki\Widget\UserInputWidget;
6 use Wikimedia\IPUtils;
7 
22 class HTMLUserTextField extends HTMLTextField {
27  public function __construct( $params ) {
28  $params = wfArrayPlus2d( $params, [
29  'exists' => false,
30  'external' => false,
31  'ipallowed' => false,
32  'iprange' => false,
33  'iprangelimits' => [
34  'IPv4' => 0,
35  'IPv6' => 0,
36  ],
37  ]
38  );
39 
40  parent::__construct( $params );
41  }
42 
43  public function validate( $value, $alldata ) {
44  // If the value is null, reset it to an empty string which is what is expected by the parent.
45  if ( $value === null ) {
46  $value = '';
47  }
48 
49  // If the value is empty, there are no additional checks that can be performed.
50  if ( $value === '' ) {
51  return parent::validate( $value, $alldata );
52  }
53 
54  // check if the input is a valid username
55  $user = MediaWikiServices::getInstance()->getUserFactory()->newFromName( $value );
56  if ( $user ) {
57  // check if the user exists, if requested
58  if ( $this->mParams['exists'] && !(
59  $user->isRegistered() &&
60  // Treat hidden users as unregistered if current user can't view them (T309894)
61  !( $user->isHidden() && !( $this->mParent && $this->mParent->getUser()->isAllowed( 'hideuser' ) ) )
62  ) ) {
63  return $this->msg( 'htmlform-user-not-exists', $user->getName() );
64  }
65  } else {
66  // not a valid username
67  $valid = false;
68  // check if the input is a valid external user
69  if ( $this->mParams['external'] && ExternalUserNames::isExternal( $value ) ) {
70  $valid = true;
71  }
72  // check if the input is a valid IP address
73  if ( $this->mParams['ipallowed'] && IPUtils::isValid( $value ) ) {
74  $valid = true;
75  }
76  // check if the input is a valid IP range
77  if ( $this->mParams['iprange'] ) {
78  $rangeError = $this->isValidIPRange( $value );
79  if ( $rangeError === true ) {
80  $valid = true;
81  } elseif ( $rangeError !== false ) {
82  return $rangeError;
83  }
84  }
85  if ( !$valid ) {
86  return $this->msg( 'htmlform-user-not-valid', $value );
87  }
88  }
89 
90  return parent::validate( $value, $alldata );
91  }
92 
93  protected function isValidIPRange( $value ) {
94  $cidrIPRanges = $this->mParams['iprangelimits'];
95 
96  if ( !IPUtils::isValidRange( $value ) ) {
97  return false;
98  }
99 
100  [ $ip, $range ] = explode( '/', $value, 2 );
101 
102  if (
103  ( IPUtils::isIPv4( $ip ) && $cidrIPRanges['IPv4'] == 32 ) ||
104  ( IPUtils::isIPv6( $ip ) && $cidrIPRanges['IPv6'] == 128 )
105  ) {
106  // Range block effectively disabled
107  return $this->msg( 'ip_range_toolow' );
108  }
109 
110  if (
111  ( IPUtils::isIPv4( $ip ) && $range > 32 ) ||
112  ( IPUtils::isIPv6( $ip ) && $range > 128 )
113  ) {
114  // Dodgy range
115  return $this->msg( 'ip_range_invalid' );
116  }
117 
118  if ( IPUtils::isIPv4( $ip ) && $range < $cidrIPRanges['IPv4'] ) {
119  return $this->msg( 'ip_range_exceeded', $cidrIPRanges['IPv4'] );
120  }
121 
122  if ( IPUtils::isIPv6( $ip ) && $range < $cidrIPRanges['IPv6'] ) {
123  return $this->msg( 'ip_range_exceeded', $cidrIPRanges['IPv6'] );
124  }
125 
126  return true;
127  }
128 
129  protected function getInputWidget( $params ) {
130  return new UserInputWidget( $params );
131  }
132 
133  protected function shouldInfuseOOUI() {
134  return true;
135  }
136 
137  protected function getOOUIModules() {
138  return [ 'mediawiki.widgets.UserInputWidget' ];
139  }
140 
141  public function getInputHtml( $value ) {
142  // add the required module and css class for user suggestions in non-OOUI mode
143  $this->mParent->getOutput()->addModules( 'mediawiki.userSuggest' );
144  $this->mClass .= ' mw-autocomplete-user';
145 
146  // return parent html
147  return parent::getInputHTML( $value );
148  }
149 }
wfArrayPlus2d
wfArrayPlus2d(array $baseArray, array $newValues)
Merges two (possibly) 2 dimensional arrays into the target array ($baseArray).
Definition: GlobalFunctions.php:2182
HTMLFormField\msg
msg( $key,... $params)
Get a translated interface message.
Definition: HTMLFormField.php:99
HTMLTextField
<input> field.
Definition: HTMLTextField.php:16
HTMLUserTextField
Implements a text input field for user names.
Definition: HTMLUserTextField.php:22
HTMLUserTextField\shouldInfuseOOUI
shouldInfuseOOUI()
Whether the field should be automatically infused.
Definition: HTMLUserTextField.php:133
HTMLUserTextField\getOOUIModules
getOOUIModules()
Get the list of extra ResourceLoader modules which must be loaded client-side before it's possible to...
Definition: HTMLUserTextField.php:137
HTMLUserTextField\validate
validate( $value, $alldata)
Override this function to add specific validation checks on the field input.
Definition: HTMLUserTextField.php:43
MediaWiki\MediaWikiServices
Service locator for MediaWiki core services.
Definition: MediaWikiServices.php:232
MediaWiki\User\ExternalUserNames
Class to parse and build external user names.
Definition: ExternalUserNames.php:35