MediaWiki master
HTMLUserTextField.php
Go to the documentation of this file.
1<?php
2
4
8use Wikimedia\IPUtils;
9
33 public function __construct( $params ) {
35 'exists' => false,
36 'external' => false,
37 'ipallowed' => false,
38 'usemodwiki-ipallowed' => false,
39 'iprange' => false,
40 'iprangelimits' => [
41 'IPv4' => 0,
42 'IPv6' => 0,
43 ],
44 'excludenamed' => false,
45 'excludetemp' => false,
46 ]
47 );
48
49 parent::__construct( $params );
50 }
51
52 public function validate( $value, $alldata ) {
53 // If the value is null, reset it to an empty string which is what is expected by the parent.
54 $value ??= '';
55
56 // If the value is empty, there are no additional checks that can be performed.
57 if ( $value === '' ) {
58 return parent::validate( $value, $alldata );
59 }
60
61 // check if the input is a valid username
62 $user = MediaWikiServices::getInstance()->getUserFactory()->newFromName( $value );
63 if ( $user ) {
64 // check if the user exists, if requested
65 if ( $this->mParams['exists'] && !(
66 $user->isRegistered() &&
67 // Treat hidden users as unregistered if current user can't view them (T309894)
68 !( $user->isHidden() && !( $this->mParent && $this->mParent->getUser()->isAllowed( 'hideuser' ) ) )
69 ) ) {
70 return $this->msg( 'htmlform-user-not-exists', $user->getName() );
71 }
72
73 // check if the user account type matches the account type filter
74 $excludeNamed = $this->mParams['excludenamed'] ?? null;
75 $excludeTemp = $this->mParams['excludetemp'] ?? null;
76 if ( ( $excludeTemp && $user->isTemp() ) || ( $excludeNamed && $user->isNamed() ) ) {
77 return $this->msg( 'htmlform-user-not-valid', $user->getName() );
78 }
79 } else {
80 // not a valid username
81 $valid = false;
82 // check if the input is a valid external user
83 if ( $this->mParams['external'] && ExternalUserNames::isExternal( $value ) ) {
84 $valid = true;
85 }
86 // check if the input is a valid IP address, optionally also checking for usemod wiki IPs
87 if ( $this->mParams['ipallowed'] ) {
88 $b = IPUtils::RE_IP_BYTE;
89 if ( IPUtils::isValid( $value ) ) {
90 $valid = true;
91 } elseif ( $this->mParams['usemodwiki-ipallowed'] && preg_match( "/^$b\.$b\.$b\.xxx$/", $value ) ) {
92 $valid = true;
93 }
94 }
95 // check if the input is a valid IP range
96 if ( $this->mParams['iprange'] ) {
97 $rangeError = $this->isValidIPRange( $value );
98 if ( $rangeError === true ) {
99 $valid = true;
100 } elseif ( $rangeError !== false ) {
101 return $rangeError;
102 }
103 }
104 if ( !$valid ) {
105 return $this->msg( 'htmlform-user-not-valid', $value );
106 }
107 }
108
109 return parent::validate( $value, $alldata );
110 }
111
112 protected function isValidIPRange( $value ) {
113 $cidrIPRanges = $this->mParams['iprangelimits'];
114
115 if ( !IPUtils::isValidRange( $value ) ) {
116 return false;
117 }
118
119 [ $ip, $range ] = explode( '/', $value, 2 );
120
121 if (
122 ( IPUtils::isIPv4( $ip ) && $cidrIPRanges['IPv4'] == 32 ) ||
123 ( IPUtils::isIPv6( $ip ) && $cidrIPRanges['IPv6'] == 128 )
124 ) {
125 // Range block effectively disabled
126 return $this->msg( 'ip_range_toolow' );
127 }
128
129 if (
130 ( IPUtils::isIPv4( $ip ) && $range > 32 ) ||
131 ( IPUtils::isIPv6( $ip ) && $range > 128 )
132 ) {
133 // Dodgy range
134 return $this->msg( 'ip_range_invalid' );
135 }
136
137 if ( IPUtils::isIPv4( $ip ) && $range < $cidrIPRanges['IPv4'] ) {
138 return $this->msg( 'ip_range_exceeded', $cidrIPRanges['IPv4'] );
139 }
140
141 if ( IPUtils::isIPv6( $ip ) && $range < $cidrIPRanges['IPv6'] ) {
142 return $this->msg( 'ip_range_exceeded', $cidrIPRanges['IPv6'] );
143 }
144
145 return true;
146 }
147
148 protected function getInputWidget( $params ) {
149 if ( isset( $this->mParams['excludenamed'] ) ) {
150 $params['excludenamed'] = $this->mParams['excludenamed'];
151 }
152
153 if ( isset( $this->mParams['excludetemp'] ) ) {
154 $params['excludetemp'] = $this->mParams['excludetemp'];
155 }
156
157 return new UserInputWidget( $params );
158 }
159
160 protected function shouldInfuseOOUI() {
161 return true;
162 }
163
164 protected function getOOUIModules() {
165 return [ 'mediawiki.widgets.UserInputWidget' ];
166 }
167
168 public function getInputHtml( $value ) {
169 // add the required module and css class for user suggestions in non-OOUI mode
170 $this->mParent->getOutput()->addModules( 'mediawiki.userSuggest' );
171 $this->mClass .= ' mw-autocomplete-user';
172
173 // return parent html
174 return parent::getInputHTML( $value );
175 }
176}
177
179class_alias( HTMLUserTextField::class, 'HTMLUserTextField' );
wfArrayPlus2d(array $baseArray, array $newValues)
Merges two (possibly) 2 dimensional arrays into the target array ($baseArray).
array $params
The job parameters.
Implements a text input field for user names.
validate( $value, $alldata)
Override this function to add specific validation checks on the field input.
shouldInfuseOOUI()
Whether the field should be automatically infused.
getOOUIModules()
Get the list of extra ResourceLoader modules which must be loaded client-side before it's possible to...
msg( $key,... $params)
Get a translated interface message.
Service locator for MediaWiki core services.
static getInstance()
Returns the global default instance of the top level service locator.
Class to parse and build external user names.