master/php/UserNameUtils_8php_source.html

<?php


namespace MediaWiki\User;


use InvalidArgumentException;

use Language;

use MalformedTitleException;

use MediaWiki\Config\ServiceOptions;

use MediaWiki\HookContainer\HookContainer;

use MediaWiki\HookContainer\HookRunner;

use Psr\Log\LoggerInterface;

use TitleParser;

use Wikimedia\IPUtils;

use Wikimedia\Message\ITextFormatter;

use Wikimedia\Message\MessageValue;


class UserNameUtils {


    public const CONSTRUCTOR_OPTIONS = [

        'MaxNameChars',

        'ReservedUsernames',

        'InvalidUsernameCharacters'

    ];


    public const RIGOR_CREATABLE = 'creatable';

    public const RIGOR_USABLE = 'usable';

    public const RIGOR_VALID = 'valid';

    public const RIGOR_NONE = 'none';


    private $options;


    private $contentLang;


    private $logger;


    private $titleParser;


    private $textFormatter;


    private $reservedUsernames = false;


    private $hookRunner;


    public function __construct(

        ServiceOptions $options,

        Language $contentLang,

        LoggerInterface $logger,

        TitleParser $titleParser,

        ITextFormatter $textFormatter,

        HookContainer $hookContainer

    ) {

        $options->assertRequiredOptions( self::CONSTRUCTOR_OPTIONS );

        $this->options = $options;

        $this->contentLang = $contentLang;

        $this->logger = $logger;

        $this->titleParser = $titleParser;

        $this->textFormatter = $textFormatter;

        $this->hookRunner = new HookRunner( $hookContainer );

    }


    public function isValid( string $name ) : bool {

        if ( $name === ''

            || $this->isIP( $name )

            || strpos( $name, '/' ) !== false

            || strlen( $name ) > $this->options->get( 'MaxNameChars' )

            || $name !== $this->contentLang->ucfirst( $name )

        ) {

            return false;

        }


        // Ensure that the name can't be misresolved as a different title,

        // such as with extra namespace keys at the start.

        try {

            $title = $this->titleParser->parseTitle( $name );

        } catch ( MalformedTitleException $_ ) {

            $title = null;

        }


        if ( $title === null

            || $title->getNamespace()

            || strcmp( $name, $title->getText() )

        ) {

            return false;

        }


        // Check an additional blacklist of troublemaker characters.

        // Should these be merged into the title char list?

        $unicodeBlacklist = '/[' .

            '\x{0080}-\x{009f}' . # iso-8859-1 control chars

            '\x{00a0}' . # non-breaking space

            '\x{2000}-\x{200f}' . # various whitespace

            '\x{2028}-\x{202f}' . # breaks and control chars

            '\x{3000}' . # ideographic space

            '\x{e000}-\x{f8ff}' . # private use

            ']/u';

        if ( preg_match( $unicodeBlacklist, $name ) ) {

            return false;

        }


        return true;

    }


    public function isUsable( string $name ) : bool {

        // Must be a valid username, obviously ;)

        if ( !$this->isValid( $name ) ) {

            return false;

        }


        if ( !$this->reservedUsernames ) {

            $reservedUsernames = $this->options->get( 'ReservedUsernames' );

            $this->hookRunner->onUserGetReservedNames( $reservedUsernames );

            $this->reservedUsernames = $reservedUsernames;

        }


        // Certain names may be reserved for batch processes.

        foreach ( $this->reservedUsernames as $reserved ) {

            if ( substr( $reserved, 0, 4 ) === 'msg:' ) {

                $reserved = $this->textFormatter->format(

                    MessageValue::new( substr( $reserved, 4 ) )

                );

            }

            if ( $reserved === $name ) {

                return false;

            }

        }

        return true;

    }


    public function isCreatable( string $name ) : bool {

        // Ensure that the username isn't longer than 235 bytes, so that

        // (at least for the builtin skins) user javascript and css files

        // will work. (T25080)

        if ( strlen( $name ) > 235 ) {

            $this->logger->debug(

                __METHOD__ . ": '$name' uncreatable due to length"

            );

            return false;

        }


        $invalid = $this->options->get( 'InvalidUsernameCharacters' );

        // Preg yells if you try to give it an empty string

        if ( $invalid !== '' &&

            preg_match( '/[' . preg_quote( $invalid, '/' ) . ']/', $name )

        ) {

            $this->logger->debug(

                __METHOD__ . ": '$name' uncreatable due to wgInvalidUsernameCharacters"

            );

            return false;

        }


        return $this->isUsable( $name );

    }


    public function getCanonical( string $name, string $validate = self::RIGOR_VALID ) {

        // Force usernames to capital

        $name = $this->contentLang->ucfirst( $name );


        // Reject names containing '#'; these will be cleaned up

        // with title normalisation, but then it's too late to

        // check elsewhere

        if ( strpos( $name, '#' ) !== false ) {

            return false;

        }


        // No need to proceed if no validation is requested, just

        // clean up underscores and return

        if ( $validate === self::RIGOR_NONE ) {

            $name = strtr( $name, '_', ' ' );

            return $name;

        }


        // Clean up name according to title rules,

        // but only when validation is requested (T14654)

        try {

            $title = $this->titleParser->parseTitle( $name, NS_USER );

        } catch ( MalformedTitleException $_ ) {

            $title = null;

        }


        // Check for invalid titles

        if ( $title === null

            || $title->getNamespace() !== NS_USER

            || $title->isExternal()

        ) {

            return false;

        }


        $name = $title->getText();


        // RIGOR_NONE handled above

        switch ( $validate ) {

            case self::RIGOR_VALID:

                if ( !$this->isValid( $name ) ) {

                    return false;

                }

                return $name;

            case self::RIGOR_USABLE:

                if ( !$this->isUsable( $name ) ) {

                    return false;

                }

                return $name;

            case self::RIGOR_CREATABLE:

                if ( !$this->isCreatable( $name ) ) {

                    return false;

                }

                return $name;

            default:

                throw new InvalidArgumentException(

                    "Invalid parameter value for validation ($validate) in " .

                    __METHOD__

                );

        }

    }


    public function isIP( string $name ) : bool {

        $anyIPv4 = '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.(?:xxx|\d{1,3})$/';

        $validIP = IPUtils::isValid( $name );

        return $validIP || preg_match( $anyIPv4, $name );

    }


    public function isValidIPRange( string $range ) : bool {

        return IPUtils::isValidRange( $range );

    }


}