MediaWiki master
MediaWiki\User\User Class Reference

internal since 1.36 More...

Inherits MediaWiki\Permissions\Authority, MediaWiki\User\UserIdentity, and MediaWiki\Mail\UserEmailContact.

Collaboration diagram for MediaWiki\User\User:

Public Member Functions

 __construct ()
 Lightweight constructor for an anonymous user.
 
__get ( $name)
 
 __set ( $name, $value)
 
 __sleep ()
 
 __toString ()
 
 addToDatabase ()
 Add this existing user object to the database.
 
 authorizeAction (string $action, PermissionStatus $status=null)
 Authorize an action.This should be used immediately before performing the action.Calling this method may have non-trivial side-effects, such as incrementing a rate limit counter.
Since
1.41
See also
isDefinitelyAllowed
authorizeRead
authorizeWrite
Parameters
string$action
PermissionStatus | null$statusaggregator for failures
Returns
bool

 
 authorizeRead (string $action, PageIdentity $target, PermissionStatus $status=null)
 
 authorizeWrite (string $action, PageIdentity $target, PermissionStatus $status=null)
 
 canExist ()
 Check if user can exist as an entry in the user table, i.e.
 
 canReceiveEmail ()
 Is this user allowed to receive e-mails within limits of current site configuration?
 
 canSendEmail ()
 Is this user allowed to send e-mails within limits of current site configuration?
 
 changeAuthenticationData (array $data)
 Changes credentials of the user.
 
 checkAndSetTouched ()
 Bump user_touched if it didn't change since this object was loaded.
 
 checkPasswordValidity ( $password)
 Check if this is a valid password for this user.
 
 clearInstanceCache ( $reloadFrom=false)
 Clear various cached data stored in this object.
 
 clearSharedCache ( $mode='refresh')
 Clear user data from memcached.
 
 confirmEmail ()
 Mark the e-mail address confirmed.
 
 definitelyCan (string $action, PageIdentity $target, PermissionStatus $status=null)
 
 doLogout ()
 Clear the user's session, and reset the instance cache.
 
 equals (?UserIdentity $user)
 Checks if two user objects point to the same user.
 
 getActorId ( $dbwOrWikiId=self::LOCAL)
 Get the user's actor ID.
 
 getBlock ( $freshness=IDBAccessObject::READ_NORMAL, $disableIpBlockExemptChecking=false)
 Get the block affecting the user, or null if the user is not blocked.
 
 getDatePreference ()
 Get the user's preferred date format.
 
 getDBTouched ()
 Get the user_touched timestamp field (time of last DB updates)
 
 getEditCount ()
 Get the user's edit count.
 
 getEditToken ( $salt='', $request=null)
 Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission.
 
 getEditTokenObject ( $salt='', $request=null)
 Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission.
 
 getEmail ()
 Get the user's e-mail address.
 
 getEmailAuthenticationTimestamp ()
 Get the timestamp of the user's e-mail authentication.
 
 getExperienceLevel ()
 Compute experienced level based on edit count and registration date.
 
 getGlobalBlock ( $ip='')
 Check if user is blocked on all wikis.
 
 getId ( $wikiId=self::LOCAL)
 Get the user's ID.
 
 getInstanceForUpdate ()
 Get a new instance of this user that was loaded from the primary DB via a locking read.
 
 getName ()
 Get the user name, or the IP of an anonymous user.
 
 getRealName ()
 Get the user's real name.
 
 getRegistration ()
 Get the timestamp of account creation.
 
 getRequest ()
 Get the WebRequest object to use with this object.
 
 getTalkPage ()
 Get this user's talk page title.
 
 getTitleKey ()
 Get the user's name escaped by underscores.
 
 getToken ( $forceCreation=true)
 Get the user's current token.
 
 getTokenFromOption ( $oname)
 Get a token stored in the preferences (like the watchlist one), resetting it if it's empty (and saving changes).
 
 getTouched ()
 Get the user touched timestamp.
 
 getUser ()
 
 getUserPage ()
 Get this user's personal page title.
 
 getWikiId ()
 Returns self::LOCAL to indicate the user is associated with the local wiki.
 
 idForName ( $flags=IDBAccessObject::READ_NORMAL)
 If only this user's username is known, and it exists, return the user ID.
 
 invalidateCache ()
 Immediately touch the user data cache for this account.
 
 invalidateEmail ()
 Invalidate the user's e-mail confirmation, and unauthenticate the e-mail address if it was already confirmed.
 
 isAllowed (string $permission, PermissionStatus $status=null)
 Checks whether this authority has the given permission in general.
 
 isAllowedAll (... $permissions)
 Checks whether this authority has any of the given permissions in general.
 
 isAllowedAny (... $permissions)
 Checks whether this authority has any of the given permissions in general.
 
 isAllowedToCreateAccount ()
 Get whether the user is allowed to create an account.
 
 isAnon ()
 Get whether the user is anonymous.
 
 isBlockedFromEmailuser ()
 Get whether the user is blocked from using Special:Emailuser.
 
 isBlockedFromUpload ()
 Get whether the user is blocked from using Special:Upload.
 
 isBlockedGlobally ( $ip='')
 Check if user is blocked on all wikis.
 
 isBot ()
 
 isDefinitelyAllowed (string $action, PermissionStatus $status=null)
 Checks whether this authority is allowed to perform the given action.This method performs a thorough check, but does not protect against race conditions. It is intended to be used when a user is intending to perform an action, but has not yet committed to it. For example, when a user visits their preferences page, this method may be used to determine whether the user should have the option to change their email address.This method may apply rate limit checks and evaluate user blocks.
Since
1.41
See also
isAllowed
definitelyCan
Parameters
string$action
PermissionStatus | null$statusaggregator for failures
Returns
bool

 
 isEmailConfirmationPending ()
 Check whether there is an outstanding request for e-mail confirmation.
 
 isEmailConfirmed ()
 Is this user's e-mail address valid-looking and confirmed within limits of the current site configuration?
 
 isHidden ()
 Check if user account is hidden.
 
 isItemLoaded ( $item, $all='all')
 Return whether an item has been loaded.
 
 isLocked ()
 Check if user account is locked.
 
 isNamed ()
 Is the user a normal non-temporary registered user?
 
 isNewbie ()
 Determine whether the user is a newbie.
 
 isPingLimitable ()
 Is this user subject to rate limiting?
 
 isRegistered ()
 Get whether the user is registered.
 
 isSafeToLoad ()
 Test if it's safe to load this User object.
 
 isSystemUser ()
 Get whether the user is a system user.
 
 isTemp ()
 Is the user an autocreated temporary user?
 
 isValidPassword ( $password)
 Is the input a valid password for this user?
 
 load ( $flags=IDBAccessObject::READ_NORMAL)
 Load the user table data for this object from the source given by mFrom.
 
 loadDefaults ( $name=false, $actorId=null)
 Set cached properties to default.
 
 loadFromDatabase ( $flags=IDBAccessObject::READ_LATEST)
 Load user data from the database.
 
 loadFromId ( $flags=IDBAccessObject::READ_NORMAL)
 Load user table data, given mId has already been set.
 
 logout ()
 Log this user out.
 
 matchEditToken ( $val, $salt='', $request=null, $maxage=null)
 Check given value against the token value stored in the session.
 
 pingLimiter ( $action='edit', $incrBy=1)
 Primitive rate limits: enforce maximum actions per time period to put a brake on flooding.
 
 probablyCan (string $action, PageIdentity $target, PermissionStatus $status=null)
 
 requiresHTTPS ()
 Determine based on the wiki configuration and the user's options, whether this user must be over HTTPS no matter what.
 
 resetTokenFromOption ( $oname)
 Reset a token stored in the preferences (like the watchlist one).
 
 saveSettings ()
 Save this user's settings into the database.
 
 sendConfirmationMail ( $type='created')
 Generate a new e-mail confirmation token and send a confirmation/invalidation mail to the user's given address.
 
 sendMail ( $subject, $body, $from=null, $replyto=null)
 Send an e-mail to this user's account.
 
 setActorId (int $actorId)
 Sets the actor id.
 
 setCookies ( $request=null, $secure=null, $rememberMe=false)
 Persist this user's session (e.g.
 
 setEmail (string $str)
 Set the user's e-mail address.
 
 setEmailAuthenticationTimestamp ( $timestamp)
 Set the e-mail authentication timestamp.
 
 setEmailWithConfirmation (string $str)
 Set the user's e-mail address and send a confirmation mail if needed.
 
 setId ( $v)
 Set the user and reload all fields according to a given ID.
 
 setItemLoaded ( $item)
 Set that an item has been loaded.
 
 setName ( $str)
 Set the user name.
 
 setRealName (string $str)
 Set the user's real name.
 
 setToken ( $token=false)
 Set the random token (used for persistent authentication) Called from loadDefaults() among other places.
 
 spreadAnyEditBlock ()
 If this user is logged-in and blocked, block any IP address they've successfully logged in from.
 
 toRateLimitSubject ()
 
 touch ()
 Update the "touched" timestamp for the user.
 
 useFilePatrol ()
 Check whether to enable new files patrol features for this user.
 
 useNPPatrol ()
 Check whether to enable new pages patrol features for this user.
 
 useRCPatrol ()
 Check whether to enable recent changes patrol features for this user.
 
 validateCache ( $timestamp)
 Validate the cache for this account.
 
- Public Member Functions inherited from MediaWiki\Permissions\Authority
 getBlock (int $freshness=IDBAccessObject::READ_NORMAL)
 Returns any user block affecting the Authority.
 
- Public Member Functions inherited from MediaWiki\DAO\WikiAwareEntity
 assertWiki ( $wikiId)
 Throws if $wikiId is different from the return value of getWikiId().
 

Static Public Member Functions

static createNew ( $name, $params=[])
 Add a user to the database, return the user object.
 
static findUsersByGroup ( $groups, $limit=5000, $after=null)
 Return the users who are members of the given group(s).
 
static getQueryInfo ()
 Return the tables, fields, and join conditions to be selected to create a new user object.
 
static getRightDescription ( $right)
 Get the description of a given right as wikitext.
 
static getRightDescriptionHtml ( $right)
 Get the description of a given right as rendered HTML.
 
static isWellFormedConfirmationToken (string $token)
 Check if the given email confirmation token is well-formed (to detect mangling by email clients).
 
static newFatalPermissionDeniedStatus ( $permission)
 Factory function for fatal permission-denied errors.
 
static newQueryBuilder (IReadableDatabase $db)
 Get a SelectQueryBuilder with the tables, fields and join conditions needed to create a new User object.
 
static purge ( $dbDomain, $userId)
 
static whoIs ( $id)
 Get the username corresponding to a given user ID.
 
static whoIsReal ( $id)
 Get the real name of a user given their user ID.
 
newFrom*() static factory methods
static newFromName ( $name, $validate='valid')
 
static newFromId ( $id)
 Static factory method for creation from a given user ID.
 
static newFromActorId ( $id)
 Static factory method for creation from a given actor ID.
 
static newFromIdentity (UserIdentity $identity)
 Returns a User object corresponding to the given UserIdentity.
 
static newFromAnyId ( $userId, $userName, $actorId, $dbDomain=false)
 Static factory method for creation from an ID, name, and/or actor ID.
 
static newFromConfirmationCode ( $code, $flags=IDBAccessObject::READ_NORMAL)
 Factory method to fetch whichever user has a given email confirmation code.
 
static newFromSession (WebRequest $request=null)
 Create a new user object using data from session.
 
static newFromRow ( $row, $data=null)
 Create a new user object from a user row.
 
static newSystemUser ( $name, $options=[])
 Static factory method for creation of a "system" user from username.
 

Public Attributes

int null $mActorId
 Switched from protected to public for use in UserFactory.
 
string $mEmail
 
string null $mEmailAuthenticated
 
string $mFrom
 Initialization data source if mLoadedItems!==true.
 
int $mId
 Cache variables.
 
string $mName
 
string $mRealName
 
string $mTouched
 TS_MW timestamp from the DB.
 
const INVALID_TOKEN = '*** INVALID ***'
 An invalid string value for the user_token field.
 
const MAINTENANCE_SCRIPT_USER = 'Maintenance script'
 Username used for various maintenance scripts.
 
const TOKEN_LENGTH = 32
 Number of characters required for the user_token field.
 

Protected Member Functions

 confirmationToken (&$expiration)
 Generate, store, and return a new e-mail confirmation code.
 
 confirmationTokenUrl ( $token)
 Return a URL the user can use to confirm their email address.
 
 getCacheKey (WANObjectCache $cache)
 
 getTokenUrl ( $page, $token)
 Internal function to format the e-mail validation/invalidation URLs.
 
 invalidationTokenUrl ( $token)
 Return a URL the user can use to invalidate their email address.
 
 loadFromCache ()
 Load user data from shared cache, given mId has already been set.
 
 loadFromRow ( $row, $data=null)
 Initialize this object from a row from the user table.
 
 loadFromUserObject ( $user)
 Load the data for this user object from another user object.
 
 makeUpdateConditions (IDatabase $db, array $conditions)
 Builds update conditions.
 
 spreadBlock ()
 If this (non-anonymous) user is blocked, block the IP address they've successfully logged in from.
 

Protected Attributes

string null $mDatePreference
 Lazy-initialized variables, invalidated with clearInstanceCache.
 
string null $mEmailToken
 
string null $mEmailTokenExpires
 
AbstractBlock $mGlobalBlock
 
string false $mHash
 
array bool $mLoadedItems = []
 Array with already loaded items or true if all items have been loaded.
 
bool $mLocked
 
string null $mQuickTouched
 TS_MW timestamp from cache.
 
string null $mRegistration
 
string null $mToken
 
int $queryFlagsUsed = IDBAccessObject::READ_NORMAL
 IDBAccessObject::READ_* constant bitfield used to load data.
 

Static Protected Attributes

static string[] $mCacheVars
 List of member variables which are saved to the shared cache (memcached).
 

Detailed Description

internal since 1.36

Definition at line 93 of file User.php.

Constructor & Destructor Documentation

◆ __construct()

MediaWiki\User\User::__construct ( )

Lightweight constructor for an anonymous user.

Stability: stable
to call since 1.35
Access: internal
since 1.36, use the UserFactory service instead
See also
MediaWiki\User\UserFactory
newFromName()
newFromId()
newFromActorId()
newFromConfirmationCode()
newFromSession()
newFromRow()

Definition at line 251 of file User.php.

References MediaWiki\User\User\clearInstanceCache().

Member Function Documentation

◆ __get()

& MediaWiki\User\User::__get ( $name)

◆ __set()

MediaWiki\User\User::__set ( $name,
$value )

◆ __sleep()

MediaWiki\User\User::__sleep ( )

Definition at line 310 of file User.php.

◆ __toString()

MediaWiki\User\User::__toString ( )
Returns
string

Definition at line 268 of file User.php.

References MediaWiki\User\User\getName().

◆ addToDatabase()

MediaWiki\User\User::addToDatabase ( )

Add this existing user object to the database.

If the user already exists, a fatal status object is returned, and the user object is initialised with the data from the database.

Previously, this function generated a DB error due to a key conflict if the user already existed. Many extension callers use this function in code along the lines of:

$user = User::newFromName( $name ); if ( !$user->isRegistered() ) { $user->addToDatabase(); } // do something with $user...

However, this was vulnerable to a race condition (T18020). By initialising the user object if the user exists, we aim to support this calling sequence as far as possible.

Note that if the user exists, this function will acquire a write lock, so it is still advisable to make the call conditional on isRegistered(), and to commit the transaction after calling.

Returns
Status

Definition at line 2584 of file User.php.

References Wikimedia\Rdbms\IDatabase\affectedRows(), Wikimedia\Rdbms\IDatabase\insertId(), Wikimedia\Rdbms\IDatabase\newInsertQueryBuilder(), Wikimedia\Rdbms\IReadableDatabase\newSelectQueryBuilder(), Wikimedia\Rdbms\Platform\ISQLPlatform\timestamp(), and Wikimedia\Rdbms\Platform\ISQLPlatform\timestampOrNull().

Referenced by MediaWiki\Auth\AuthManager\autoCreateUser().

◆ authorizeAction()

MediaWiki\User\User::authorizeAction ( string $action,
PermissionStatus $status = null )

Authorize an action.This should be used immediately before performing the action.Calling this method may have non-trivial side-effects, such as incrementing a rate limit counter.

Since
1.41
See also
isDefinitelyAllowed
authorizeRead
authorizeWrite
Parameters
string$action
PermissionStatus | null$statusaggregator for failures
Returns
bool

Since
1.41
Parameters
string$action
PermissionStatus | null$status
Returns
bool

Implements MediaWiki\Permissions\Authority.

Definition at line 3305 of file User.php.

◆ authorizeRead()

MediaWiki\User\User::authorizeRead ( string $action,
PageIdentity $target,
PermissionStatus $status = null )
Since
1.36
Parameters
string$action
PageIdentity$target
PermissionStatus | null$status
Returns
bool

Implements MediaWiki\Permissions\Authority.

Definition at line 3316 of file User.php.

◆ authorizeWrite()

MediaWiki\User\User::authorizeWrite ( string $action,
PageIdentity $target,
PermissionStatus $status = null )
Since
1.36
Parameters
string$action
PageIdentity$target
PermissionStatus | null$status
Returns
bool

Implements MediaWiki\Permissions\Authority.

Definition at line 3331 of file User.php.

◆ canExist()

MediaWiki\User\User::canExist ( )

Check if user can exist as an entry in the user table, i.e.

it is a user that is not an IP address or an external user. Users that can exist are either created from a name, or the user is registered (temp or permanent user).

See T316303 for the use case for this. This method is likely only useful for wiki farms where a central user exists and processing is being done with the user name, but the corresponding local user on a wiki may not yet have been created.

Returns
bool
Since
1.43

Definition at line 1608 of file User.php.

◆ canReceiveEmail()

MediaWiki\User\User::canReceiveEmail ( )

Is this user allowed to receive e-mails within limits of current site configuration?

Returns
bool

Definition at line 3042 of file User.php.

◆ canSendEmail()

MediaWiki\User\User::canSendEmail ( )

Is this user allowed to send e-mails within limits of current site configuration?

Deprecated
since 1.41, emits deprecation warnings since 1.43. Use EmailUser::canSend() instead.
Returns
bool

Definition at line 3029 of file User.php.

References wfDeprecated().

◆ changeAuthenticationData()

MediaWiki\User\User::changeAuthenticationData ( array $data)

Changes credentials of the user.

This is a convenience wrapper around AuthManager::changeAuthenticationData. Note that this can return a status that isOK() but not isGood() on certain types of failures, e.g. when no provider handled the change.

Parameters
array$dataA set of authentication data in fieldname => value format. This is the same data you would pass the changeauthenticationdata API - 'username', 'password' etc.
Returns
Status
Since
1.27

Definition at line 1811 of file User.php.

◆ checkAndSetTouched()

MediaWiki\User\User::checkAndSetTouched ( )

Bump user_touched if it didn't change since this object was loaded.

On success, the mTouched field is updated. The user serialization cache is always cleared.

Access: internal
Returns
bool Whether user_touched was actually updated
Since
1.26

Definition at line 1277 of file User.php.

References $success, and MediaWiki\MediaWikiServices\getInstance().

◆ checkPasswordValidity()

MediaWiki\User\User::checkPasswordValidity ( $password)

Check if this is a valid password for this user.

Returns a Status object with a set of messages describing problems with the password. If the return status is fatal, the action should be refused and the password should not be checked at all (this is mainly meant for DoS mitigation). If the return value is OK but not good, the password can be checked, but the user should not be able to set their password to this. The value of the returned Status object will be an array which can have the following fields:

  • forceChange (bool): if set to true, the user should not be allowed to log with this password unless they change it during the login process (see ResetPasswordSecondaryAuthenticationProvider).
  • suggestChangeOnLogin (bool): if set to true, the user should be prompted for a password change on login.
Parameters
string$passwordDesired password
Returns
Status
Since
1.23

Definition at line 965 of file User.php.

References MediaWiki\MediaWikiServices\getInstance(), and MediaWiki\MainConfigNames\PasswordPolicy.

◆ clearInstanceCache()

MediaWiki\User\User::clearInstanceCache ( $reloadFrom = false)

Clear various cached data stored in this object.

The cache of the user table data (i.e. self::$mCacheVars) is not cleared unless $reloadFrom is given.

Parameters
bool | string$reloadFromReload user and user_groups table data from a given source. May be "name", "id", "actor", "defaults", "session", or false for no reload.

Definition at line 1315 of file User.php.

References $wgFullyInitialised, and MediaWiki\MediaWikiServices\getInstance().

Referenced by MediaWiki\User\User\__construct().

◆ clearSharedCache()

MediaWiki\User\User::clearSharedCache ( $mode = 'refresh')

Clear user data from memcached.

Use after applying updates to the database; caller's responsibility to update user_touched if appropriate.

Called implicitly from invalidateCache() and saveSettings().

Parameters
string$modeUse 'refresh' to clear now or 'changed' to clear before DB commit

Definition at line 1701 of file User.php.

References getCacheKey().

◆ confirmationToken()

MediaWiki\User\User::confirmationToken ( & $expiration)
protected

Generate, store, and return a new e-mail confirmation code.

A hash (unsalted, since it's used as a key) is stored.

Note
Call saveSettings() after calling this function to commit this change to the database.
Parameters
string&$expirationAccepts the expiration time
Returns
string New token

Definition at line 2915 of file User.php.

References wfTimestamp().

◆ confirmationTokenUrl()

MediaWiki\User\User::confirmationTokenUrl ( $token)
protected

Return a URL the user can use to confirm their email address.

Parameters
string$tokenAccepts the email confirmation token
Returns
string New token URL

Definition at line 2944 of file User.php.

◆ confirmEmail()

MediaWiki\User\User::confirmEmail ( )

Mark the e-mail address confirmed.

Note
Call saveSettings() after calling this function to commit the change.
Returns
bool

Definition at line 2984 of file User.php.

References wfTimestampNow().

◆ createNew()

static MediaWiki\User\User::createNew ( $name,
$params = [] )
static

Add a user to the database, return the user object.

Parameters
string$nameUsername to add
array$paramsArray of Strings Non-default parameters to save to the database as user_* fields:
  • email: The user's email address.
  • email_authenticated: The email authentication timestamp.
  • real_name: The user's real name.
  • options: An associative array of non-default options.
  • token: Random authentication token. Do not set.
  • registration: Registration timestamp. Do not set.
Returns
User|null User object, or null if the username already exists.

Definition at line 2483 of file User.php.

References $params.

◆ definitelyCan()

MediaWiki\User\User::definitelyCan ( string $action,
PageIdentity $target,
PermissionStatus $status = null )
Since
1.36
Parameters
string$action
PageIdentity$target
PermissionStatus | null$status
Returns
bool

Implements MediaWiki\Permissions\Authority.

Definition at line 3277 of file User.php.

◆ doLogout()

MediaWiki\User\User::doLogout ( )

Clear the user's session, and reset the instance cache.

See also
logout()

Definition at line 2334 of file User.php.

References getRequest().

◆ equals()

MediaWiki\User\User::equals ( ?UserIdentity $user)

Checks if two user objects point to the same user.

Since
1.25 ; takes a UserIdentity instead of a User since 1.32
Parameters
UserIdentity | null$user
Returns
bool

Implements MediaWiki\User\UserIdentity.

Definition at line 3238 of file User.php.

◆ findUsersByGroup()

static MediaWiki\User\User::findUsersByGroup ( $groups,
$limit = 5000,
$after = null )
static

Return the users who are members of the given group(s).

In case of multiple groups, users who are members of at least one of them are returned.

Parameters
string | array$groupsA single group name or an array of group names
int$limitMax number of users to return. The actual limit will never exceed 5000 records; larger values are ignored.
int | null$afterID the user to start after
Returns
UserArrayFromResult|ArrayIterator

Definition at line 912 of file User.php.

References MediaWiki\MediaWikiServices\getInstance(), and MediaWiki\User\UserArray\newFromIDs().

◆ getActorId()

MediaWiki\User\User::getActorId ( $dbwOrWikiId = self::LOCAL)

Get the user's actor ID.

Since
1.31
Note
This method was removed from the UserIdentity interface in 1.36, but remains supported in the User class for now. New code should use ActorNormalization::findActorId() or ActorNormalization::acquireActorId() instead.
Parameters
IDatabase | string | false$dbwOrWikiIdDeprecated since 1.36. If a database connection is passed, a new actor ID is assigned if needed. ActorNormalization::acquireActorId() should be used for that purpose instead.
Returns
int The actor's ID, or 0 if no actor ID exists and $dbw was null
Exceptions
PreconditionExceptionif $dbwOrWikiId is a string and does not match the local wiki

Definition at line 1626 of file User.php.

References wfDeprecatedMsg().

◆ getBlock()

MediaWiki\User\User::getBlock ( $freshness = IDBAccessObject::READ_NORMAL,
$disableIpBlockExemptChecking = false )

Get the block affecting the user, or null if the user is not blocked.

Parameters
int | bool$freshnessOne of the IDBAccessObject::READ_XXX constants. For backwards compatibility, a boolean is also accepted, with true meaning READ_NORMAL and false meaning READ_LATEST.
bool$disableIpBlockExemptCheckingThis is used internally to prevent a infinite recursion with autopromote. See T270145.
Returns
?AbstractBlock

Definition at line 1415 of file User.php.

Referenced by Action\checkCanExecute(), MediaWiki\SpecialPage\FormSpecialPage\checkExecutePermissions(), and MediaWiki\Block\BlockManager\trackBlockWithCookie().

◆ getCacheKey()

MediaWiki\User\User::getCacheKey ( WANObjectCache $cache)
protected
Since
1.27
Parameters
WANObjectCache$cache
Returns
string

Definition at line 485 of file User.php.

References MediaWiki\MediaWikiServices\getInstance(), and WANObjectCache\makeGlobalKey().

◆ getDatePreference()

MediaWiki\User\User::getDatePreference ( )

Get the user's preferred date format.

Returns
string User's preferred date format

Definition at line 2071 of file User.php.

References $wgLang.

◆ getDBTouched()

MediaWiki\User\User::getDBTouched ( )

Get the user_touched timestamp field (time of last DB updates)

Returns
string TS_MW Timestamp
Since
1.26

Definition at line 1793 of file User.php.

◆ getEditCount()

MediaWiki\User\User::getEditCount ( )

Get the user's edit count.

Returns
int|null Null for anonymous users

Definition at line 2114 of file User.php.

Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().

◆ getEditToken()

MediaWiki\User\User::getEditToken ( $salt = '',
$request = null )

Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission.

The $salt for 'edit' and 'csrf' tokens is the default (empty string).

Since
1.19
Deprecated
since 1.37. Use CsrfTokenSet::getToken instead
Parameters
string | string[]$saltOptional function-specific data for hashing
WebRequest | null$requestWebRequest object to use, or null to use the global request
Returns
string The new edit token

Definition at line 2791 of file User.php.

◆ getEditTokenObject()

MediaWiki\User\User::getEditTokenObject ( $salt = '',
$request = null )

Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission.

Since
1.27
Deprecated
since 1.37. Use CsrfTokenSet::getToken instead
Parameters
string | string[]$saltOptional function-specific data for hashing
WebRequest | null$requestWebRequest object to use, or null to use the global request
Returns
Token The new edit token

Definition at line 2766 of file User.php.

References getRequest().

Referenced by ApiQueryTokens\getToken().

◆ getEmail()

MediaWiki\User\User::getEmail ( )

Get the user's e-mail address.

Returns
string User's email address

Implements MediaWiki\Mail\UserEmailContact.

Definition at line 1898 of file User.php.

Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().

◆ getEmailAuthenticationTimestamp()

MediaWiki\User\User::getEmailAuthenticationTimestamp ( )

Get the timestamp of the user's e-mail authentication.

Returns
string TS_MW timestamp

Definition at line 1911 of file User.php.

Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().

◆ getExperienceLevel()

MediaWiki\User\User::getExperienceLevel ( )

Compute experienced level based on edit count and registration date.

Returns
string|false 'newcomer', 'learner', or 'experienced', false for anonymous users

Definition at line 2243 of file User.php.

References wfTimestamp().

◆ getGlobalBlock()

MediaWiki\User\User::getGlobalBlock ( $ip = '')

Check if user is blocked on all wikis.

Do not use for actual edit permission checks! This is intended for quick UI checks.

Parameters
string$ipIP address, uses current client if none given
Returns
AbstractBlock|null Block object if blocked, null otherwise
Deprecated
since 1.40. Use getBlock instead

Definition at line 1474 of file User.php.

References getRequest().

◆ getId()

MediaWiki\User\User::getId ( $wikiId = self::LOCAL)

Get the user's ID.

Parameters
string | false$wikiIdThe wiki ID expected by the caller.
Returns
int The user's ID; 0 if the user is anonymous or nonexistent

Implements MediaWiki\User\UserIdentity.

Definition at line 1530 of file User.php.

Referenced by UploadFromChunks\__construct(), MediaWiki\Auth\AuthManager\autoCreateUser(), MediaWiki\Auth\AuthManager\beginAccountLink(), MediaWiki\User\PasswordReset\execute(), and CreditsAction\link().

◆ getInstanceForUpdate()

MediaWiki\User\User::getInstanceForUpdate ( )

Get a new instance of this user that was loaded from the primary DB via a locking read.

Use this instead of the main context User when updating that user. This avoids races where that user was loaded from a replica DB or even the primary DB but without proper locks.

Returns
User|null Returns null if the user was not found in the DB
Since
1.27

Definition at line 3218 of file User.php.

◆ getName()

◆ getQueryInfo()

static MediaWiki\User\User::getQueryInfo ( )
static

Return the tables, fields, and join conditions to be selected to create a new user object.

Since
1.31
Returns
array[] With three keys:
  • tables: (string[]) to include in the $table to IDatabase->select() or SelectQueryBuilder::tables
  • fields: (string[]) to include in the $vars to IDatabase->select() or SelectQueryBuilder::fields
  • joins: (array) to include in the $join_conds to IDatabase->select() or SelectQueryBuilder::joinConds

Definition at line 3137 of file User.php.

◆ getRealName()

MediaWiki\User\User::getRealName ( )

Get the user's real name.

Returns
string User's real name

Implements MediaWiki\Mail\UserEmailContact.

Definition at line 1995 of file User.php.

Referenced by CreditsAction\link(), MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences(), and CreditsAction\userLink().

◆ getRegistration()

MediaWiki\User\User::getRegistration ( )

Get the timestamp of account creation.

Returns
string|false|null Timestamp of account creation, false for non-existent/anonymous user accounts, or null if existing account but information is not in database.

Definition at line 3092 of file User.php.

Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().

◆ getRequest()

MediaWiki\User\User::getRequest ( )

Get the WebRequest object to use with this object.

Returns
WebRequest

Definition at line 2234 of file User.php.

Referenced by MediaWiki\User\PasswordReset\execute(), MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\sendNewAccountEmail(), and MediaWiki\Block\BlockManager\trackBlockWithCookie().

◆ getRightDescription()

static MediaWiki\User\User::getRightDescription ( $right)
static

Get the description of a given right as wikitext.

Since
1.29
Parameters
string$rightRight to query
Returns
string Localized description of the right

Definition at line 3107 of file User.php.

References wfMessage().

◆ getRightDescriptionHtml()

static MediaWiki\User\User::getRightDescriptionHtml ( $right)
static

Get the description of a given right as rendered HTML.

Since
1.42
Parameters
string$rightRight to query
Returns
string HTML description of the right

Definition at line 3120 of file User.php.

References wfMessage().

◆ getTalkPage()

MediaWiki\User\User::getTalkPage ( )

Get this user's talk page title.

Returns
Title

Definition at line 2737 of file User.php.

◆ getTitleKey()

MediaWiki\User\User::getTitleKey ( )

Get the user's name escaped by underscores.

Returns
string Username escaped by underscores.

Definition at line 1672 of file User.php.

Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().

◆ getToken()

MediaWiki\User\User::getToken ( $forceCreation = true)

Get the user's current token.

Parameters
bool$forceCreationForce the generation of a new token if the user doesn't have one (default=true for backwards compatibility).
Returns
string|null Token

Definition at line 1838 of file User.php.

◆ getTokenFromOption()

MediaWiki\User\User::getTokenFromOption ( $oname)

Get a token stored in the preferences (like the watchlist one), resetting it if it's empty (and saving changes).

Parameters
string$onameThe option name to retrieve the token from
Returns
string|false User's current value for the option, or false if this option is disabled.
See also
resetTokenFromOption()
getOption()
Deprecated
since 1.26 Applications should use the OAuth extension

Definition at line 2022 of file User.php.

◆ getTokenUrl()

MediaWiki\User\User::getTokenUrl ( $page,
$token )
protected

Internal function to format the e-mail validation/invalidation URLs.

This uses a quickie hack to use the hardcoded English names of the Special: pages, for ASCII safety.

Note
Since these URLs get dropped directly into emails, using the short English names avoids really long URL-encoded links, which also sometimes can get corrupted in some browsers/mailers (T8957 with Gmail and Internet Explorer).
Parameters
string$pageSpecial page
string$token
Returns
string Formatted URL

Definition at line 2971 of file User.php.

References NS_MAIN.

◆ getTouched()

MediaWiki\User\User::getTouched ( )

Get the user touched timestamp.

Use this value only to validate caches via inequalities such as in the case of HTTP If-Modified-Since response logic

Returns
string TS_MW Timestamp

Definition at line 1771 of file User.php.

References wfTimestamp().

◆ getUser()

MediaWiki\User\User::getUser ( )
Note
This is only here for compatibility with the Authority interface.
Since
1.36
Returns
UserIdentity $this

Implements MediaWiki\Permissions\Authority.

Definition at line 3251 of file User.php.

◆ getUserPage()

MediaWiki\User\User::getUserPage ( )

Get this user's personal page title.

Returns
Title User's personal page title

Definition at line 2728 of file User.php.

References NS_USER.

Referenced by MediaWiki\Auth\AuthManager\autoCreateUser(), and MediaWiki\Specials\SpecialEmailUser\getFormFields().

◆ getWikiId()

MediaWiki\User\User::getWikiId ( )

Returns self::LOCAL to indicate the user is associated with the local wiki.

Since
1.36
Returns
string|false

Implements MediaWiki\DAO\WikiAwareEntity.

Definition at line 261 of file User.php.

◆ idForName()

MediaWiki\User\User::idForName ( $flags = IDBAccessObject::READ_NORMAL)

If only this user's username is known, and it exists, return the user ID.

Parameters
int$flagsBitfield of IDBAccessObject::READ_* constants; useful for existence checks
Returns
int

Definition at line 2449 of file User.php.

◆ invalidateCache()

MediaWiki\User\User::invalidateCache ( )

Immediately touch the user data cache for this account.

Calls touch() and removes account data from memcached

Definition at line 1727 of file User.php.

◆ invalidateEmail()

MediaWiki\User\User::invalidateEmail ( )

Invalidate the user's e-mail confirmation, and unauthenticate the e-mail address if it was already confirmed.

Note
Call saveSettings() after calling this function to commit the change.
Returns
bool Returns true

Definition at line 3001 of file User.php.

◆ invalidationTokenUrl()

MediaWiki\User\User::invalidationTokenUrl ( $token)
protected

Return a URL the user can use to invalidate their email address.

Parameters
string$tokenAccepts the email confirmation token
Returns
string New token URL

Definition at line 2953 of file User.php.

◆ isAllowed()

MediaWiki\User\User::isAllowed ( string $permission,
PermissionStatus $status = null )

Checks whether this authority has the given permission in general.

For some permissions, exceptions may exist, both positive and negative, on a per-target basis. This method offers a fast, lightweight check, but may produce false positives. It is intended for determining which UI elements should be offered to the user.

This method will not apply rate limit checks or evaluate user blocks.

Parameters
string$permission
PermissionStatus | null$status
Returns
bool
See also
isDefinitelyAllowed
probablyCan

Implements MediaWiki\Permissions\Authority.

Definition at line 2185 of file User.php.

Referenced by WatchAction\checkCanExecute(), MediaWiki\Preferences\DefaultPreferencesFactory\editingPreferences(), MediaWiki\Preferences\DefaultPreferencesFactory\getForm(), MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences(), MediaWiki\Preferences\DefaultPreferencesFactory\renderingPreferences(), and MediaWiki\Preferences\DefaultPreferencesFactory\watchlistPreferences().

◆ isAllowedAll()

MediaWiki\User\User::isAllowedAll ( $permissions)

Checks whether this authority has any of the given permissions in general.

Implementations must ensure that this method returns false if isAllowed would return false for any of the given permissions. Calling isAllowedAll() with one parameter must be equivalent to calling isAllowed(). Calling isAllowedAny() with no parameter is not allowed.

See also
isAllowed
Parameters
string...$permissions Permissions to test. At least one must be given.
Returns
bool True if the user is allowed to perform all of the given actions

Implements MediaWiki\Permissions\Authority.

Definition at line 2181 of file User.php.

◆ isAllowedAny()

MediaWiki\User\User::isAllowedAny ( $permissions)

Checks whether this authority has any of the given permissions in general.

Implementations must ensure that this method returns true if isAllowed would return true for any of the given permissions. Calling isAllowedAny() with one parameter must be equivalent to calling isAllowed(). Calling isAllowedAny() with no parameter is not allowed.

See also
isAllowed
Parameters
string...$permissions Permissions to test. At least one must be given.
Returns
bool True if user is allowed to perform any of the given actions

Implements MediaWiki\Permissions\Authority.

Definition at line 2177 of file User.php.

Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\watchlistPreferences().

◆ isAllowedToCreateAccount()

MediaWiki\User\User::isAllowedToCreateAccount ( )

Get whether the user is allowed to create an account.

Returns
bool

Definition at line 2719 of file User.php.

◆ isAnon()

MediaWiki\User\User::isAnon ( )

Get whether the user is anonymous.

Returns
bool

Definition at line 2136 of file User.php.

Referenced by CreditsAction\link(), MediaWiki\Session\UserInfo\newFromId(), MediaWiki\Block\BlockManager\trackBlockWithCookie(), and CreditsAction\userLink().

◆ isBlockedFromEmailuser()

MediaWiki\User\User::isBlockedFromEmailuser ( )

Get whether the user is blocked from using Special:Emailuser.

Returns
bool
Deprecated
since 1.41, emits deprecation warnings since 1.43. EmailUser::canSend checks blocks amongst other things. If you only need this check, use ::getBlock()->appliesToRight( 'sendemail' ).

Definition at line 2698 of file User.php.

References wfDeprecated().

◆ isBlockedFromUpload()

MediaWiki\User\User::isBlockedFromUpload ( )

Get whether the user is blocked from using Special:Upload.

Since
1.33
Returns
bool

Definition at line 2710 of file User.php.

◆ isBlockedGlobally()

MediaWiki\User\User::isBlockedGlobally ( $ip = '')

Check if user is blocked on all wikis.

Do not use for actual edit permission checks! This is intended for quick UI checks.

Parameters
string$ipIP address, uses current client if none given
Returns
bool True if blocked, false otherwise
Deprecated
since 1.40, emits deprecation warnings since 1.43. Use getBlock instead.

Definition at line 1460 of file User.php.

References wfDeprecated().

◆ isBot()

MediaWiki\User\User::isBot ( )
Returns
bool Whether this user is flagged as being a bot role account
Since
1.28

Definition at line 2144 of file User.php.

Referenced by getWatchlistValue().

◆ isDefinitelyAllowed()

MediaWiki\User\User::isDefinitelyAllowed ( string $action,
PermissionStatus $status = null )

Checks whether this authority is allowed to perform the given action.This method performs a thorough check, but does not protect against race conditions. It is intended to be used when a user is intending to perform an action, but has not yet committed to it. For example, when a user visits their preferences page, this method may be used to determine whether the user should have the option to change their email address.This method may apply rate limit checks and evaluate user blocks.

Since
1.41
See also
isAllowed
definitelyCan
Parameters
string$action
PermissionStatus | null$statusaggregator for failures
Returns
bool

Since
1.41
Parameters
string$action
PermissionStatus | null$status
Returns
bool

Implements MediaWiki\Permissions\Authority.

Definition at line 3293 of file User.php.

◆ isEmailConfirmationPending()

MediaWiki\User\User::isEmailConfirmationPending ( )

Check whether there is an outstanding request for e-mail confirmation.

Returns
bool

Definition at line 3076 of file User.php.

References wfTimestamp().

◆ isEmailConfirmed()

MediaWiki\User\User::isEmailConfirmed ( )

Is this user's e-mail address valid-looking and confirmed within limits of the current site configuration?

Note
If $wgEmailAuthentication is on, this may require the user to have confirmed their address by returning a code or using a password sent to the address from the wiki.
Returns
bool

Implements MediaWiki\Mail\UserEmailContact.

Definition at line 3058 of file User.php.

◆ isHidden()

MediaWiki\User\User::isHidden ( )

Check if user account is hidden.

Returns
bool True if hidden, false otherwise

Definition at line 1520 of file User.php.

◆ isItemLoaded()

MediaWiki\User\User::isItemLoaded ( $item,
$all = 'all' )

Return whether an item has been loaded.

Parameters
string$itemItem to check. Current possibilities:
  • id
  • name
  • realname
string$all'all' to check if the whole object has been loaded or any other string to check if only the item is available (e.g. for optimisation)
Returns
bool

Definition at line 1040 of file User.php.

◆ isLocked()

MediaWiki\User\User::isLocked ( )

Check if user account is locked.

Returns
bool True if locked, false otherwise

Definition at line 1505 of file User.php.

◆ isNamed()

MediaWiki\User\User::isNamed ( )

Is the user a normal non-temporary registered user?

Since
1.39
Returns
bool

Implements MediaWiki\Permissions\Authority.

Definition at line 3402 of file User.php.

◆ isNewbie()

MediaWiki\User\User::isNewbie ( )

Determine whether the user is a newbie.

Newbies are one of:

  • IP address editors
  • temporary accounts
  • most recently created full accounts.
    Returns
    bool

Definition at line 2749 of file User.php.

◆ isPingLimitable()

MediaWiki\User\User::isPingLimitable ( )

Is this user subject to rate limiting?

Returns
bool True if rate limited

Definition at line 1365 of file User.php.

References MediaWiki\MediaWikiServices\getInstance().

◆ isRegistered()

MediaWiki\User\User::isRegistered ( )

Get whether the user is registered.

Returns
bool True if user is registered on this wiki, i.e., has a user ID. False if user is anonymous or has no local account (which can happen when importing). This is equivalent to getId() != 0 and is provided for code readability.
Since
1.34

Implements MediaWiki\Permissions\Authority.

Definition at line 2128 of file User.php.

Referenced by MediaWiki\Auth\AuthManager\beginAccountLink(), WatchAction\checkCanExecute(), UppercaseTitlesForUnicodeTransition\execute(), and LanguageConverter\getUserVariant().

◆ isSafeToLoad()

MediaWiki\User\User::isSafeToLoad ( )

Test if it's safe to load this User object.

You should typically check this before using $wgUser or RequestContext::getUser in a method that might be called before the system has been fully initialized. If the object is unsafe, you should use an anonymous user: \code $user = $wgUser->isSafeToLoad() ? $wgUser : new User; \endcode

Since
1.27
Returns
bool

Definition at line 333 of file User.php.

References $wgFullyInitialised.

Referenced by LanguageConverter\getUserVariant(), and MediaWiki\Block\BlockManager\trackBlockWithCookie().

◆ isSystemUser()

MediaWiki\User\User::isSystemUser ( )

Get whether the user is a system user.

A user is considered to exist as a non-system user if it can authenticate, or has an email set, or has a non-invalid token.

Returns
bool Whether this user is a system user
Since
1.35

Definition at line 2167 of file User.php.

◆ isTemp()

MediaWiki\User\User::isTemp ( )

Is the user an autocreated temporary user?

Since
1.39
Returns
bool

Implements MediaWiki\Permissions\Authority.

Definition at line 3388 of file User.php.

Referenced by WatchAction\checkCanExecute().

◆ isValidPassword()

MediaWiki\User\User::isValidPassword ( $password)

Is the input a valid password for this user?

Parameters
string$passwordDesired password
Returns
bool

Definition at line 939 of file User.php.

◆ isWellFormedConfirmationToken()

static MediaWiki\User\User::isWellFormedConfirmationToken ( string $token)
static

Check if the given email confirmation token is well-formed (to detect mangling by email clients).

This does not check whether the token is valid.

Parameters
string$token
Returns
bool

Definition at line 2935 of file User.php.

◆ load()

MediaWiki\User\User::load ( $flags = IDBAccessObject::READ_NORMAL)

Load the user table data for this object from the source given by mFrom.

Parameters
int$flagsIDBAccessObject::READ_* constant bitfield

Definition at line 350 of file User.php.

References $wgFullyInitialised, and MediaWiki\MediaWikiServices\getInstance().

Referenced by MediaWiki\Session\UserInfo\newFromId().

◆ loadDefaults()

MediaWiki\User\User::loadDefaults ( $name = false,
$actorId = null )

Set cached properties to default.

Note
This no longer clears uncached lazy-initialised properties; the constructor does that instead.
Parameters
string | false$name
int | null$actorId

Definition at line 1004 of file User.php.

References wfTimestamp().

◆ loadFromCache()

MediaWiki\User\User::loadFromCache ( )
protected

Load user data from shared cache, given mId has already been set.

Returns
bool True
Since
1.25

Definition at line 498 of file User.php.

References $wgFullyInitialised, getCacheKey(), Wikimedia\Rdbms\Database\getCacheSetOptions(), MediaWiki\MediaWikiServices\getInstance(), wfDebug(), and wfTimestamp().

◆ loadFromDatabase()

MediaWiki\User\User::loadFromDatabase ( $flags = IDBAccessObject::READ_LATEST)

Load user data from the database.

$this->mId must be set, this is how the user is identified.

Parameters
int$flagsIDBAccessObject::READ_* constant bitfield
Returns
bool True if the user exists, false if the user is anonymous

Definition at line 1089 of file User.php.

References MediaWiki\MediaWikiServices\getInstance().

◆ loadFromId()

MediaWiki\User\User::loadFromId ( $flags = IDBAccessObject::READ_NORMAL)

Load user table data, given mId has already been set.

Parameters
int$flagsIDBAccessObject::READ_* constant bitfield
Returns
bool False if the ID does not exist, true otherwise

Definition at line 444 of file User.php.

Referenced by MediaWiki\Auth\AuthManager\autoCreateUser().

◆ loadFromRow()

MediaWiki\User\User::loadFromRow ( $row,
$data = null )
protected

Initialize this object from a row from the user table.

Parameters
stdClass$rowRow from the user table to load.
array | null$dataFurther user data to load into the object

user_groups Array of arrays or stdClass result rows out of the user_groups table. Previously you were supposed to pass an array of strings here, but we also need expiry info nowadays, so an array of strings is ignored.

Definition at line 1135 of file User.php.

References MediaWiki\MediaWikiServices\getInstance(), wfTimestamp(), and wfTimestampOrNull().

Referenced by MediaWiki\User\User\newFromRow().

◆ loadFromUserObject()

MediaWiki\User\User::loadFromUserObject ( $user)
protected

Load the data for this user object from another user object.

Parameters
User$user

Definition at line 1242 of file User.php.

◆ logout()

MediaWiki\User\User::logout ( )

Log this user out.

Definition at line 2324 of file User.php.

◆ makeUpdateConditions()

MediaWiki\User\User::makeUpdateConditions ( IDatabase $db,
array $conditions )
protected

Builds update conditions.

Additional conditions may be added to $conditions to protected against race conditions using a compare-and-set (CAS) mechanism based on comparing $this->mTouched with the user_touched field.

Parameters
IDatabase$db
array$conditionsWHERE conditions for use with Database::update
Returns
array WHERE conditions for use with Database::update

Definition at line 1258 of file User.php.

References Wikimedia\Rdbms\Platform\ISQLPlatform\timestamp().

◆ matchEditToken()

MediaWiki\User\User::matchEditToken ( $val,
$salt = '',
$request = null,
$maxage = null )

Check given value against the token value stored in the session.

A match should confirm that the form was submitted from the user's own login session, not a form submission from a third-party site.

Deprecated
since 1.37. Use CsrfTokenSet::matchToken instead
Parameters
string | null$valInput value to compare
string | array$saltOptional function-specific data for hashing
WebRequest | null$requestObject to use, or null to use the global request
int | null$maxageFail tokens older than this, in seconds
Returns
bool Whether the token matches

Definition at line 2808 of file User.php.

◆ newFatalPermissionDeniedStatus()

static MediaWiki\User\User::newFatalPermissionDeniedStatus ( $permission)
static

Factory function for fatal permission-denied errors.

Since
1.22
Deprecated
since 1.41, use Authority::isAllowed instead. Core code can also use PermissionManager::newFatalPermissionDeniedStatus.
Parameters
string$permissionUser right required
Returns
Status

Definition at line 3201 of file User.php.

◆ newFromActorId()

static MediaWiki\User\User::newFromActorId ( $id)
static

Static factory method for creation from a given actor ID.

See also
UserFactory::newFromActorId
Deprecated
since 1.36, use a UserFactory instead
Since
1.31
Parameters
int$idValid actor ID
Returns
User

Definition at line 633 of file User.php.

References MediaWiki\MediaWikiServices\getInstance().

◆ newFromAnyId()

static MediaWiki\User\User::newFromAnyId ( $userId,
$userName,
$actorId,
$dbDomain = false )
static

Static factory method for creation from an ID, name, and/or actor ID.

This does not check that the ID, name, and actor ID all correspond to the same user.

See also
UserFactory::newFromAnyId
Deprecated
since 1.36, use a UserFactory instead
Since
1.31
Parameters
int | null$userIdUser ID, if known
string | null$userNameUser name, if known
int | null$actorIdActor ID, if known
string | false$dbDomainremote wiki to which the User/Actor ID applies, or false if none
Returns
User

Definition at line 682 of file User.php.

References MediaWiki\MediaWikiServices\getInstance().

◆ newFromConfirmationCode()

static MediaWiki\User\User::newFromConfirmationCode ( $code,
$flags = IDBAccessObject::READ_NORMAL )
static

Factory method to fetch whichever user has a given email confirmation code.

This code is generated when an account is created or its e-mail address has changed.

If the code is invalid or has expired, returns NULL.

See also
UserFactory::newFromConfirmationCode
Deprecated
since 1.36, use a UserFactory instead
Parameters
string$codeConfirmation code
int$flagsIDBAccessObject::READ_* bitfield
Returns
User|null

Definition at line 703 of file User.php.

References MediaWiki\MediaWikiServices\getInstance().

◆ newFromId()

static MediaWiki\User\User::newFromId ( $id)
static

Static factory method for creation from a given user ID.

See also
UserFactory::newFromId
Deprecated
since 1.36, use a UserFactory instead
Parameters
int$idValid user ID
Returns
User

Definition at line 616 of file User.php.

References MediaWiki\MediaWikiServices\getInstance().

Referenced by MediaWiki\Session\UserInfo\newFromId().

◆ newFromIdentity()

static MediaWiki\User\User::newFromIdentity ( UserIdentity $identity)
static

Returns a User object corresponding to the given UserIdentity.

See also
UserFactory::newFromUserIdentity
Deprecated
since 1.36, use a UserFactory instead
Since
1.32
Parameters
UserIdentity$identity
Returns
User

Definition at line 652 of file User.php.

References MediaWiki\MediaWikiServices\getInstance().

◆ newFromName()

static MediaWiki\User\User::newFromName ( $name,
$validate = 'valid' )
static
See also
UserFactory::newFromName
Deprecated
since 1.36, use a UserFactory instead

This is slightly less efficient than newFromId(), so use newFromId() if you have both an ID and a name handy.

Parameters
string$nameUsername, validated by Title::newFromText()
string | bool$validateValidate username.Type of validation to use:
  • false No validation
  • 'valid' Valid for batch processes
  • 'usable' Valid for batch processes and login
  • 'creatable' Valid for batch processes, login and account creation, except that true is accepted as an alias for 'valid', for BC.
Returns
User|false User object, or false if the username is invalid (e.g. if it contains illegal characters or is an IP address). If the username is not present in the database, the result will be a user object with a name, zero user ID and default settings.

Definition at line 582 of file User.php.

References MediaWiki\MediaWikiServices\getInstance().

Referenced by RenameUsersMatchingPattern\execute(), and MediaWiki\Session\UserInfo\newFromName().

◆ newFromRow()

static MediaWiki\User\User::newFromRow ( $row,
$data = null )
static

Create a new user object from a user row.

The row should have the following fields from the user table in it:

  • either user_name or user_id to load further data if needed (or both)
  • user_real_name
  • all other fields (email, etc.) It is useless to provide the remaining fields if either user_id, user_name and user_real_name are not provided because the whole row will be loaded once more from the database when accessing them.
Parameters
stdClass$rowA row from the user table
array | null$dataFurther data to load into the object (see User::loadFromRow for valid keys)
Returns
User

Definition at line 738 of file User.php.

References MediaWiki\User\User\loadFromRow().

Referenced by MediaWiki\User\UserArrayFromResult\setCurrent().

◆ newFromSession()

static MediaWiki\User\User::newFromSession ( WebRequest $request = null)
static

Create a new user object using data from session.

If the login credentials are invalid, the result is an anonymous user.

Parameters
WebRequest | null$requestObject to use; the global request will be used if omitted.
Returns
User

Definition at line 716 of file User.php.

◆ newQueryBuilder()

static MediaWiki\User\User::newQueryBuilder ( IReadableDatabase $db)
static

Get a SelectQueryBuilder with the tables, fields and join conditions needed to create a new User object.

The return value is a plain SelectQueryBuilder, not a UserSelectQueryBuilder. That way, there is no need for an ActorStore.

Returns
SelectQueryBuilder

Definition at line 3171 of file User.php.

References Wikimedia\Rdbms\IReadableDatabase\newSelectQueryBuilder().

Referenced by MediaWiki\User\UserArray\newFromIDs(), and MediaWiki\User\UserArray\newFromNames().

◆ newSystemUser()

static MediaWiki\User\User::newSystemUser ( $name,
$options = [] )
static

Static factory method for creation of a "system" user from username.

A "system" user is an account that's used to attribute logged actions taken by MediaWiki itself, as opposed to a bot or human user. Examples might include the 'Maintenance script' or 'Conversion script' accounts used by various scripts in the maintenance/ directory or accounts such as 'MediaWiki message delivery' used by the MassMessage extension.

This can optionally create the user if it doesn't exist, and "steal" the account if it does exist.

"Stealing" an existing user is intended to make it impossible for normal authentication processes to use the account, effectively disabling the account for normal use:

  • Email is invalidated, to prevent account recovery by emailing a temporary password and to disassociate the account from the existing human.
  • The token is set to a magic invalid value, to kill existing sessions and to prevent $this->setToken() calls from resetting the token to a valid value.
  • SessionManager is instructed to prevent new sessions for the user, to do things like deauthorizing OAuth consumers.
  • AuthManager is instructed to revoke access, to invalidate or remove passwords and other credentials.

System users should usually be listed in $wgReservedUsernames.

Parameters
string$nameUsername
array$optionsOptions are:
  • validate: Type of validation to use:
    • false No validation
    • 'valid' Valid for batch processes
    • 'usable' Valid for batch processes and login
    • 'creatable' Valid for batch processes, login and account creation, default 'valid'. Deprecated since 1.36.
  • create: Whether to create the user if it doesn't already exist, default true
  • steal: Whether to "disable" the account for normal use if it already exists, default false
Returns
User|null
Since
1.27
See also
self::isSystemUser()
MainConfigSchema::ReservedUsernames

Definition at line 788 of file User.php.

References MediaWiki\MediaWikiServices\getInstance(), and wfDeprecatedMsg().

◆ pingLimiter()

MediaWiki\User\User::pingLimiter ( $action = 'edit',
$incrBy = 1 )

Primitive rate limits: enforce maximum actions per time period to put a brake on flooding.

The method generates both a generic profiling point and a per action one (suffix being "-$action").

Note
When using a shared cache like memcached, IP-address last-hit counters will be shared across wikis.
Parameters
string$actionAction to enforce; 'edit' if unspecified
int$incrByPositive amount to increment counter by [defaults to 1]
Returns
bool True if a rate limiter was tripped

Definition at line 1386 of file User.php.

Referenced by MediaWiki\User\PasswordReset\execute().

◆ probablyCan()

MediaWiki\User\User::probablyCan ( string $action,
PageIdentity $target,
PermissionStatus $status = null )
Since
1.36
Parameters
string$action
PageIdentity$target
PermissionStatus | null$status
Returns
bool

Implements MediaWiki\Permissions\Authority.

Definition at line 3262 of file User.php.

◆ purge()

static MediaWiki\User\User::purge ( $dbDomain,
$userId )
static
Since
1.27
Parameters
string$dbDomain
int$userId

Definition at line 474 of file User.php.

References MediaWiki\MediaWikiServices\getInstance().

◆ requiresHTTPS()

MediaWiki\User\User::requiresHTTPS ( )

Determine based on the wiki configuration and the user's options, whether this user must be over HTTPS no matter what.

Returns
bool

Definition at line 2093 of file User.php.

◆ resetTokenFromOption()

MediaWiki\User\User::resetTokenFromOption ( $oname)

Reset a token stored in the preferences (like the watchlist one).

Does not save user's preferences (similarly to UserOptionsManager::setOption()).

Parameters
string$onameThe option name to reset the token in
Returns
string|false New token value, or false if this option is disabled.
See also
getTokenFromOption()
\MediaWiki\User\Options\UserOptionsManager::setOption

Definition at line 2053 of file User.php.

◆ saveSettings()

◆ sendConfirmationMail()

MediaWiki\User\User::sendConfirmationMail ( $type = 'created')

Generate a new e-mail confirmation token and send a confirmation/invalidation mail to the user's given address.

Parameters
string$typeMessage to send, either "created", "changed" or "set"
Returns
Status

Definition at line 2819 of file User.php.

References $wgLang, getRequest(), and wfMessage().

◆ sendMail()

MediaWiki\User\User::sendMail ( $subject,
$body,
$from = null,
$replyto = null )

Send an e-mail to this user's account.

Does not check for confirmed status or validity.

Parameters
string$subjectMessage subject
string | string[]$bodyMessage body or array containing keys text and html
User | null$fromOptional sending user; if unspecified, default $wgPasswordSender will be used.
MailAddress | null$replytoReply-To address
Returns
Status

Definition at line 2874 of file User.php.

References wfMessage().

Referenced by MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\sendNewAccountEmail().

◆ setActorId()

MediaWiki\User\User::setActorId ( int $actorId)

Sets the actor id.

For use by ActorStore only. Should be removed once callers of getActorId() have been migrated to using ActorNormalization.

Access: internal
Deprecated
since 1.36
Parameters
int$actorId

Definition at line 1663 of file User.php.

◆ setCookies()

MediaWiki\User\User::setCookies ( $request = null,
$secure = null,
$rememberMe = false )

Persist this user's session (e.g.

set cookies)

Parameters
WebRequest | null$requestWebRequest object to use; the global request will be used if null is passed.
bool | null$secureWhether to force secure/insecure cookies or use default
bool$rememberMeWhether to add a Token cookie for elongated sessions

Definition at line 2287 of file User.php.

References getRequest().

◆ setEmail()

MediaWiki\User\User::setEmail ( string $str)

Set the user's e-mail address.

Parameters
string$strNew e-mail address

Definition at line 1922 of file User.php.

◆ setEmailAuthenticationTimestamp()

MediaWiki\User\User::setEmailAuthenticationTimestamp ( $timestamp)

Set the e-mail authentication timestamp.

Parameters
string | null$timestampTS_MW timestamp

Definition at line 3015 of file User.php.

◆ setEmailWithConfirmation()

MediaWiki\User\User::setEmailWithConfirmation ( string $str)

Set the user's e-mail address and send a confirmation mail if needed.

Since
1.20
Parameters
string$strNew e-mail address
Returns
Status

Definition at line 1939 of file User.php.

References getRequest(), and wfMessage().

◆ setId()

MediaWiki\User\User::setId ( $v)

Set the user and reload all fields according to a given ID.

Parameters
int$vUser ID to reload

Definition at line 1554 of file User.php.

Referenced by MediaWiki\Auth\AuthManager\autoCreateUser().

◆ setItemLoaded()

MediaWiki\User\User::setItemLoaded ( $item)

Set that an item has been loaded.

Access: internal
Only public for use in UserFactory
Parameters
string$item

Definition at line 1052 of file User.php.

◆ setName()

MediaWiki\User\User::setName ( $str)

Set the user name.

This does not reload fields from the database according to the given name. Rather, it is used to create a temporary "nonexistent user" for later addition to the database. It can also be used to set the IP address for an anonymous user to something other than the current remote IP.

Note
User::newFromName() has roughly the same function, when the named user does not exist.
Parameters
string$strNew user name to set

Definition at line 1591 of file User.php.

◆ setRealName()

MediaWiki\User\User::setRealName ( string $str)

Set the user's real name.

Parameters
string$strNew real name

Definition at line 2007 of file User.php.

◆ setToken()

MediaWiki\User\User::setToken ( $token = false)

Set the random token (used for persistent authentication) Called from loadDefaults() among other places.

Parameters
string | false$tokenIf specified, set the token to this value

Definition at line 1882 of file User.php.

Referenced by MediaWiki\Session\SessionManager\invalidateSessionsForUser().

◆ spreadAnyEditBlock()

MediaWiki\User\User::spreadAnyEditBlock ( )

If this user is logged-in and blocked, block any IP address they've successfully logged in from.

Returns
bool A block was spread

Definition at line 2661 of file User.php.

◆ spreadBlock()

MediaWiki\User\User::spreadBlock ( )
protected

If this (non-anonymous) user is blocked, block the IP address they've successfully logged in from.

Returns
bool A block was spread

Definition at line 2674 of file User.php.

References getRequest(), and wfDebug().

◆ toRateLimitSubject()

MediaWiki\User\User::toRateLimitSubject ( )
Access: internal
for use by UserAuthority only!
Returns
RateLimitSubject

Definition at line 1394 of file User.php.

◆ touch()

MediaWiki\User\User::touch ( )

Update the "touched" timestamp for the user.

This is useful on various login/logout events when making sure that a browser or proxy that has multiple tenants does not suffer cache pollution where the new user sees the old users content. The value of getTouched() is checked when determining 304 vs 200 responses. Unlike invalidateCache(), this preserves the User object cache and avoids database writes.

Since
1.25

Definition at line 1744 of file User.php.

◆ useFilePatrol()

MediaWiki\User\User::useFilePatrol ( )

Check whether to enable new files patrol features for this user.

Returns
bool True or false

Definition at line 2218 of file User.php.

Referenced by ChangesList\isUnpatrolled().

◆ useNPPatrol()

MediaWiki\User\User::useNPPatrol ( )

Check whether to enable new pages patrol features for this user.

Returns
bool True or false

Definition at line 2203 of file User.php.

Referenced by ChangesList\isUnpatrolled(), and MediaWiki\Preferences\DefaultPreferencesFactory\rcPreferences().

◆ useRCPatrol()

MediaWiki\User\User::useRCPatrol ( )

Check whether to enable recent changes patrol features for this user.

Returns
bool True or false

Definition at line 2193 of file User.php.

Referenced by ChangesList\isUnpatrolled(), MediaWiki\Preferences\DefaultPreferencesFactory\rcPreferences(), and MediaWiki\Preferences\DefaultPreferencesFactory\watchlistPreferences().

◆ validateCache()

MediaWiki\User\User::validateCache ( $timestamp)

Validate the cache for this account.

Parameters
string$timestampA timestamp in TS_MW format
Returns
bool

Definition at line 1759 of file User.php.

◆ whoIs()

static MediaWiki\User\User::whoIs ( $id)
static

Get the username corresponding to a given user ID.

Parameters
int$idUser ID
Returns
string|false The corresponding username

Definition at line 888 of file User.php.

References MediaWiki\Cache\UserCache\singleton().

◆ whoIsReal()

static MediaWiki\User\User::whoIsReal ( $id)
static

Get the real name of a user given their user ID.

Parameters
int$idUser ID
Returns
string|false The corresponding user's real name

Definition at line 898 of file User.php.

References MediaWiki\Cache\UserCache\singleton().

Member Data Documentation

◆ $mActorId

int null MediaWiki\User\User::$mActorId

Switched from protected to public for use in UserFactory.

Definition at line 168 of file User.php.

◆ $mCacheVars

string [] MediaWiki\User\User::$mCacheVars
staticprotected
Initial value:
= [
'mId',
'mName',
'mRealName',
'mEmail',
'mTouched',
'mToken',
'mEmailAuthenticated',
'mEmailToken',
'mEmailTokenExpires',
'mRegistration',
'mActorId',
]

List of member variables which are saved to the shared cache (memcached).

Any operation which changes the corresponding database fields must call a cache-clearing function.

Definition at line 139 of file User.php.

◆ $mDatePreference

string null MediaWiki\User\User::$mDatePreference
protected

Lazy-initialized variables, invalidated with clearInstanceCache.

Definition at line 213 of file User.php.

◆ $mEmail

string MediaWiki\User\User::$mEmail

Definition at line 173 of file User.php.

◆ $mEmailAuthenticated

string null MediaWiki\User\User::$mEmailAuthenticated

Definition at line 181 of file User.php.

◆ $mEmailToken

string null MediaWiki\User\User::$mEmailToken
protected

Definition at line 183 of file User.php.

◆ $mEmailTokenExpires

string null MediaWiki\User\User::$mEmailTokenExpires
protected

Definition at line 185 of file User.php.

◆ $mFrom

string MediaWiki\User\User::$mFrom

Initialization data source if mLoadedItems!==true.

May be one of:

  • 'defaults' anonymous user initialised from class defaults
  • 'name' initialise from mName
  • 'id' initialise from mId
  • 'actor' initialise from mActorId
  • 'session' log in from session if possible

Use the User::newFrom*() family of functions to set this.

Definition at line 207 of file User.php.

◆ $mGlobalBlock

AbstractBlock MediaWiki\User\User::$mGlobalBlock
protected

Definition at line 217 of file User.php.

◆ $mHash

string false MediaWiki\User\User::$mHash
protected

Definition at line 215 of file User.php.

◆ $mId

int MediaWiki\User\User::$mId

Cache variables.

Definition at line 160 of file User.php.

◆ $mLoadedItems

array bool MediaWiki\User\User::$mLoadedItems = []
protected

Array with already loaded items or true if all items have been loaded.

Definition at line 194 of file User.php.

◆ $mLocked

bool MediaWiki\User\User::$mLocked
protected

Definition at line 219 of file User.php.

◆ $mName

string MediaWiki\User\User::$mName

Definition at line 162 of file User.php.

◆ $mQuickTouched

string null MediaWiki\User\User::$mQuickTouched
protected

TS_MW timestamp from cache.

Definition at line 177 of file User.php.

◆ $mRealName

string MediaWiki\User\User::$mRealName

Definition at line 170 of file User.php.

◆ $mRegistration

string null MediaWiki\User\User::$mRegistration
protected

Definition at line 187 of file User.php.

◆ $mToken

string null MediaWiki\User\User::$mToken
protected

Definition at line 179 of file User.php.

◆ $mTouched

string MediaWiki\User\User::$mTouched

TS_MW timestamp from the DB.

Definition at line 175 of file User.php.

◆ $queryFlagsUsed

int MediaWiki\User\User::$queryFlagsUsed = IDBAccessObject::READ_NORMAL
protected

IDBAccessObject::READ_* constant bitfield used to load data.

Definition at line 225 of file User.php.

◆ INVALID_TOKEN

const MediaWiki\User\User::INVALID_TOKEN = '*** INVALID ***'

An invalid string value for the user_token field.

Definition at line 118 of file User.php.

◆ MAINTENANCE_SCRIPT_USER

const MediaWiki\User\User::MAINTENANCE_SCRIPT_USER = 'Maintenance script'

Username used for various maintenance scripts.

Since
1.37

Definition at line 130 of file User.php.

◆ TOKEN_LENGTH

const MediaWiki\User\User::TOKEN_LENGTH = 32

Number of characters required for the user_token field.

Definition at line 113 of file User.php.


The documentation for this class was generated from the following file: