The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time). More...
Public Member Functions | |
| __construct () | |
| Lightweight constructor for an anonymous user. More... | |
| & | __get ( $name) |
| __set ( $name, $value) | |
| __sleep () | |
| __toString () | |
| addGroup ( $group, $expiry=null) | |
| Add the user to the given group. More... | |
| addToDatabase () | |
| Add this existing user object to the database. More... | |
| authorizeRead (string $action, PageIdentity $target, PermissionStatus $status=null) | |
| authorizeWrite (string $action, PageIdentity $target, PermissionStatus $status=null) | |
| blockedFor () | |
| If user is blocked, return the specified reason for the block. More... | |
| canReceiveEmail () | |
| Is this user allowed to receive e-mails within limits of current site configuration? More... | |
| canSendEmail () | |
| Is this user allowed to send e-mails within limits of current site configuration? More... | |
| changeAuthenticationData (array $data) | |
| Changes credentials of the user. More... | |
| checkAndSetTouched () | |
| Bump user_touched if it didn't change since this object was loaded. More... | |
| checkPasswordValidity ( $password) | |
| Check if this is a valid password for this user. More... | |
| clearInstanceCache ( $reloadFrom=false) | |
| Clear various cached data stored in this object. More... | |
| clearSharedCache ( $mode='refresh') | |
| Clear user data from memcached. More... | |
| confirmEmail () | |
| Mark the e-mail address confirmed. More... | |
| definitelyCan (string $action, PageIdentity $target, PermissionStatus $status=null) | |
| doLogout () | |
| Clear the user's session, and reset the instance cache. More... | |
| equals (?UserIdentity $user) | |
| Checks if two user objects point to the same user. More... | |
| getActorId ( $dbwOrWikiId=self::LOCAL) | |
| Get the user's actor ID. More... | |
| getBlock ( $freshness=self::READ_NORMAL, $disableIpBlockExemptChecking=false) | |
| Get the block affecting the user, or null if the user is not blocked. More... | |
| getDatePreference () | |
| Get the user's preferred date format. More... | |
| getDBTouched () | |
| Get the user_touched timestamp field (time of last DB updates) More... | |
| getEditCount () | |
| Get the user's edit count. More... | |
| getEditToken ( $salt='', $request=null) | |
| Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission. More... | |
| getEditTokenObject ( $salt='', $request=null) | |
| Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission. More... | |
| getEmail () | |
| Get the user's e-mail address. More... | |
| getEmailAuthenticationTimestamp () | |
| Get the timestamp of the user's e-mail authentication. More... | |
| getExperienceLevel () | |
| Compute experienced level based on edit count and registration date. More... | |
| getGlobalBlock ( $ip='') | |
| Check if user is blocked on all wikis. More... | |
| getGroupMemberships () | |
| Get the list of explicit group memberships this user has, stored as UserGroupMembership objects. More... | |
| getGroups () | |
| Get the list of explicit group memberships this user has. More... | |
| getId ( $wikiId=self::LOCAL) | |
| Get the user's ID. More... | |
| getInstanceForUpdate () | |
| Get a new instance of this user that was loaded from the primary DB via a locking read. More... | |
| getMutableCacheKeys (WANObjectCache $cache) | |
| getName () | |
| Get the user name, or the IP of an anonymous user. More... | |
| getOption ( $oname, $defaultOverride=null, $ignoreHidden=false) | |
| Get the user's current setting for a given option. More... | |
| getRealName () | |
| Get the user's real name. More... | |
| getRegistration () | |
| Get the timestamp of account creation. More... | |
| getRequest () | |
| Get the WebRequest object to use with this object. More... | |
| getTalkPage () | |
| Get this user's talk page title. More... | |
| getTitleKey () | |
| Get the user's name escaped by underscores. More... | |
| getToken ( $forceCreation=true) | |
| Get the user's current token. More... | |
| getTokenFromOption ( $oname) | |
| Get a token stored in the preferences (like the watchlist one), resetting it if it's empty (and saving changes). More... | |
| getTouched () | |
| Get the user touched timestamp. More... | |
| getUser () | |
| getUserPage () | |
| Get this user's personal page title. More... | |
| getWikiId () | |
| Returns self::LOCAL to indicate the user is associated with the local wiki. More... | |
| idForName ( $flags=self::READ_NORMAL) | |
| If only this user's username is known, and it exists, return the user ID. More... | |
| incEditCount () | |
| Schedule a deferred update to update the user's edit count. More... | |
| invalidateCache () | |
| Immediately touch the user data cache for this account. More... | |
| invalidateEmail () | |
| Invalidate the user's e-mail confirmation, and unauthenticate the e-mail address if it was already confirmed. More... | |
| isAllowed (string $permission) | |
| Checks whether this authority has the given permission in general. More... | |
| isAllowedAll (... $permissions) | |
| Checks whether this authority has any of the given permissions in general. More... | |
| isAllowedAny (... $permissions) | |
| Checks whether this authority has any of the given permissions in general. More... | |
| isAllowedToCreateAccount () | |
| Get whether the user is allowed to create an account. More... | |
| isAnon () | |
| Get whether the user is anonymous. More... | |
| isBlocked ( $fromReplica=true) | |
| Check if user is blocked. More... | |
| isBlockedFrom ( $title, $fromReplica=false) | |
| Check if user is blocked from editing a particular article. More... | |
| isBlockedFromCreateAccount () | |
| Get whether the user is explicitly blocked from account creation. More... | |
| isBlockedFromEmailuser () | |
| Get whether the user is blocked from using Special:Emailuser. More... | |
| isBlockedFromUpload () | |
| Get whether the user is blocked from using Special:Upload. More... | |
| isBlockedGlobally ( $ip='') | |
| Check if user is blocked on all wikis. More... | |
| isBot () | |
| isEmailConfirmationPending () | |
| Check whether there is an outstanding request for e-mail confirmation. More... | |
| isEmailConfirmed () | |
| Is this user's e-mail address valid-looking and confirmed within limits of the current site configuration? More... | |
| isHidden () | |
| Check if user account is hidden. More... | |
| isItemLoaded ( $item, $all='all') | |
| Return whether an item has been loaded. More... | |
| isLocked () | |
| Check if user account is locked. More... | |
| isNamed () | |
| Is the user a normal non-temporary registered user? More... | |
| isNewbie () | |
| Determine whether the user is a newbie. More... | |
| isPingLimitable () | |
| Is this user subject to rate limiting? More... | |
| isRegistered () | |
| Get whether the user is registered. More... | |
| isSafeToLoad () | |
| Test if it's safe to load this User object. More... | |
| isSystemUser () | |
| Get whether the user is a system user. More... | |
| isTemp () | |
| Is the user an autocreated temporary user? More... | |
| isValidPassword ( $password) | |
| Is the input a valid password for this user? More... | |
| load ( $flags=self::READ_NORMAL) | |
| Load the user table data for this object from the source given by mFrom. More... | |
| loadDefaults ( $name=false, $actorId=null) | |
| Set cached properties to default. More... | |
| loadFromDatabase ( $flags=self::READ_LATEST) | |
| Load user data from the database. More... | |
| loadFromId ( $flags=self::READ_NORMAL) | |
| Load user table data, given mId has already been set. More... | |
| logout () | |
| Log this user out. More... | |
| matchEditToken ( $val, $salt='', $request=null, $maxage=null) | |
| Check given value against the token value stored in the session. More... | |
| pingLimiter ( $action='edit', $incrBy=1) | |
| Primitive rate limits: enforce maximum actions per time period to put a brake on flooding. More... | |
| probablyCan (string $action, PageIdentity $target, PermissionStatus $status=null) | |
| removeGroup ( $group) | |
| Remove the user from the given group. More... | |
| requiresHTTPS () | |
| Determine based on the wiki configuration and the user's options, whether this user must be over HTTPS no matter what. More... | |
| resetTokenFromOption ( $oname) | |
| Reset a token stored in the preferences (like the watchlist one). More... | |
| saveSettings () | |
| Save this user's settings into the database. More... | |
| sendConfirmationMail ( $type='created') | |
| Generate a new e-mail confirmation token and send a confirmation/invalidation mail to the user's given address. More... | |
| sendMail ( $subject, $body, $from=null, $replyto=null) | |
| Send an e-mail to this user's account. More... | |
| setActorId (int $actorId) | |
| Sets the actor id. More... | |
| setCookies ( $request=null, $secure=null, $rememberMe=false) | |
| Persist this user's session (e.g. More... | |
| setEmail (string $str) | |
| Set the user's e-mail address. More... | |
| setEmailAuthenticationTimestamp ( $timestamp) | |
| Set the e-mail authentication timestamp. More... | |
| setEmailWithConfirmation (string $str) | |
| Set the user's e-mail address and send a confirmation mail if needed. More... | |
| setId ( $v) | |
| Set the user and reload all fields according to a given ID. More... | |
| setItemLoaded ( $item) | |
| Set that an item has been loaded. More... | |
| setName ( $str) | |
| Set the user name. More... | |
| setRealName (string $str) | |
| Set the user's real name. More... | |
| setToken ( $token=false) | |
| Set the random token (used for persistent authentication) Called from loadDefaults() among other places. More... | |
| spreadAnyEditBlock () | |
| If this user is logged-in and blocked, block any IP address they've successfully logged in from. More... | |
| touch () | |
| Update the "touched" timestamp for the user. More... | |
| useFilePatrol () | |
| Check whether to enable new files patrol features for this user. More... | |
| useNPPatrol () | |
| Check whether to enable new pages patrol features for this user. More... | |
| useRCPatrol () | |
| Check whether to enable recent changes patrol features for this user. More... | |
| validateCache ( $timestamp) | |
| Validate the cache for this account. More... | |
 Public Member Functions inherited from MediaWiki\Permissions\Authority | |
| getBlock (int $freshness=self::READ_NORMAL) | |
| Returns any user block affecting the Authority. More... | |
| Public Member Functions inherited from MediaWiki\DAO\WikiAwareEntity | |
| assertWiki ( $wikiId) | |
| Throws if $wikiId is different from the return value of getWikiId(). More... | |
Static Public Member Functions | |
| static | createNew ( $name, $params=[]) |
| Add a user to the database, return the user object. More... | |
| static | findUsersByGroup ( $groups, $limit=5000, $after=null) |
| Return the users who are members of the given group(s). More... | |
| static | getAllGroups () |
| Return the set of defined explicit groups. More... | |
| static | getGroupPermissions ( $groups) |
| Get the permissions associated with a given list of groups. More... | |
| static | getGroupsWithPermission ( $role) |
| Get all the groups who have a given permission. More... | |
| static | getImplicitGroups () |
| static | getQueryInfo () |
| Return the tables, fields, and join conditions to be selected to create a new user object. More... | |
| static | getRightDescription ( $right) |
| Get the description of a given right. More... | |
| static | groupHasPermission ( $group, $role) |
| Check, if the given group has the given permission. More... | |
| static | idFromName ( $name, $flags=self::READ_NORMAL) |
| Get database id given a user name. More... | |
| static | newFatalPermissionDeniedStatus ( $permission) |
| Factory function for fatal permission-denied errors. More... | |
| static | purge ( $dbDomain, $userId) |
| static | whoIs ( $id) |
| Get the username corresponding to a given user ID. More... | |
| static | whoIsReal ( $id) |
| Get the real name of a user given their user ID. More... | |
newFrom*() static factory methods | |
| static | newFromName ( $name, $validate='valid') |
| static | newFromId ( $id) |
| Static factory method for creation from a given user ID. More... | |
| static | newFromActorId ( $id) |
| Static factory method for creation from a given actor ID. More... | |
| static | newFromIdentity (UserIdentity $identity) |
| Returns a User object corresponding to the given UserIdentity. More... | |
| static | newFromAnyId ( $userId, $userName, $actorId, $dbDomain=false) |
| Static factory method for creation from an ID, name, and/or actor ID. More... | |
| static | newFromConfirmationCode ( $code, $flags=self::READ_NORMAL) |
| Factory method to fetch whichever user has a given email confirmation code. More... | |
| static | newFromSession (WebRequest $request=null) |
| Create a new user object using data from session. More... | |
| static | newFromRow ( $row, $data=null) |
| Create a new user object from a user row. More... | |
| static | newSystemUser ( $name, $options=[]) |
| Static factory method for creation of a "system" user from username. More... | |
Public Attributes | |
| int null | $mActorId |
| Switched from protected to public for use in UserFactory. More... | |
| string | $mEmail |
| string null | $mEmailAuthenticated |
| string | $mFrom |
| Initialization data source if mLoadedItems!==true. More... | |
| int | $mId |
| Cache variables. More... | |
| string | $mName |
| string | $mRealName |
| string | $mTouched |
| TS_MW timestamp from the DB. More... | |
| const | CHECK_USER_RIGHTS = true |
| const | IGNORE_USER_RIGHTS = false |
| const | INVALID_TOKEN = '*** INVALID ***' |
| An invalid string value for the user_token field. More... | |
| const | MAINTENANCE_SCRIPT_USER = 'Maintenance script' |
| Username used for various maintenance scripts. More... | |
| const | TOKEN_LENGTH = 32 |
| Number of characters required for the user_token field. More... | |
Protected Member Functions | |
| confirmationToken (&$expiration) | |
| Generate, store, and return a new e-mail confirmation code. More... | |
| confirmationTokenUrl ( $token) | |
| Return a URL the user can use to confirm their email address. More... | |
| getCacheKey (WANObjectCache $cache) | |
| getTokenUrl ( $page, $token) | |
| Internal function to format the e-mail validation/invalidation URLs. More... | |
| invalidationTokenUrl ( $token) | |
| Return a URL the user can use to invalidate their email address. More... | |
| loadFromCache () | |
| Load user data from shared cache, given mId has already been set. More... | |
| loadFromRow ( $row, $data=null) | |
| Initialize this object from a row from the user table. More... | |
| loadFromUserObject ( $user) | |
| Load the data for this user object from another user object. More... | |
| makeUpdateConditions (IDatabase $db, array $conditions) | |
| Builds update conditions. More... | |
| spreadBlock () | |
| If this (non-anonymous) user is blocked, block the IP address they've successfully logged in from. More... | |
Protected Attributes | |
| string | $mBlockreason |
| TODO: This should be removed when User::blockedFor and AbstractBlock::getReason are hard deprecated. More... | |
| string null | $mDatePreference |
| Lazy-initialized variables, invalidated with clearInstanceCache. More... | |
| string null | $mEmailToken |
| string null | $mEmailTokenExpires |
| AbstractBlock | $mGlobalBlock |
| string false | $mHash |
| array bool | $mLoadedItems = [] |
| Array with already loaded items or true if all items have been loaded. More... | |
| bool | $mLocked |
| string null | $mQuickTouched |
| TS_MW timestamp from cache. More... | |
| string null | $mRegistration |
| string null | $mToken |
| int | $queryFlagsUsed = self::READ_NORMAL |
| User::READ_* constant bitfield used to load data. More... | |
Static Protected Attributes | |
| static string[] | $mCacheVars |
| List of member variables which are saved to the shared cache (memcached). More... | |
Detailed Description
The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time).
Client classes use the getXXX() functions to access these fields. These functions do all the work of determining whether the user is logged in, whether the requested option can be satisfied from cookies or whether a database query is needed. Most of the settings needed for rendering normal pages are set in the cookie to minimize use of the database.
- Note
- User implements Authority to ease transition. Always prefer using existing Authority or obtaining a proper Authority implementation.
- Stability: newable
- in 1.35 only, the constructor is
- Access: internal
- since 1.36
Constructor & Destructor Documentation
◆ __construct()
| User::__construct | ( | ) |
Lightweight constructor for an anonymous user.
- Stability: stable
- to call since 1.35
- Access: internal
- since 1.36, use the UserFactory service instead
- See also
- MediaWiki\User\UserFactory
- newFromName()
- newFromId()
- newFromActorId()
- newFromConfirmationCode()
- newFromSession()
- newFromRow()
Definition at line 252 of file User.php.
References clearInstanceCache().
Member Function Documentation
◆ __get()
| & User::__get | ( | $name | ) |
Definition at line 273 of file User.php.
References wfDeprecated(), and wfLogWarning().
◆ __set()
| User::__set | ( | $name, | |
| $value | |||
| ) |
Definition at line 301 of file User.php.
References wfDeprecated(), and wfLogWarning().
◆ __sleep()
◆ __toString()
◆ addGroup()
| User::addGroup | ( | $group, | |
$expiry = null |
|||
| ) |
Add the user to the given group.
This takes immediate effect. If the user is already in the group, the expiry time will be updated to the new expiry time. (If $expiry is omitted or null, the membership will be altered to never expire.)
- Deprecated:
- since 1.35 Use UserGroupManager::addUserToGroup instead
- Parameters
-
string $group Name of the group to add string | null $expiry Optional expiry timestamp in any format acceptable to wfTimestamp(), or null if the group assignment should not expire
- Returns
- bool
◆ addToDatabase()
| User::addToDatabase | ( | ) |
Add this existing user object to the database.
If the user already exists, a fatal status object is returned, and the user object is initialised with the data from the database.
Previously, this function generated a DB error due to a key conflict if the user already existed. Many extension callers use this function in code along the lines of:
$user = User::newFromName( $name ); if ( !$user->isRegistered() ) { $user->addToDatabase(); } // do something with $user...
However, this was vulnerable to a race condition (T18020). By initialising the user object if the user exists, we aim to support this calling sequence as far as possible.
Note that if the user exists, this function will acquire a write lock, so it is still advisable to make the call conditional on isRegistered(), and to commit the transaction after calling.
- Exceptions
-
MWException
- Returns
- Status
Definition at line 2751 of file User.php.
References Wikimedia\Rdbms\IDatabase\affectedRows(), DB_PRIMARY, Wikimedia\Rdbms\IDatabase\doAtomicSection(), Wikimedia\Rdbms\IDatabase\insert(), Wikimedia\Rdbms\IDatabase\insertId(), StatusValue\newFatal(), StatusValue\newGood(), PasswordFactory\newInvalidPassword(), Wikimedia\Rdbms\IDatabase\selectField(), Wikimedia\Rdbms\Platform\ISQLPlatform\timestamp(), Wikimedia\Rdbms\Platform\ISQLPlatform\timestampOrNull(), and wfGetDB().
Referenced by MediaWiki\Auth\AuthManager\autoCreateUser().
◆ authorizeRead()
| User::authorizeRead | ( | string | $action, |
| PageIdentity | $target, | ||
| PermissionStatus | $status = null |
||
| ) |
- Since
- 1.36
- Parameters
-
string $action PageIdentity $target PermissionStatus | null $status
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
◆ authorizeWrite()
| User::authorizeWrite | ( | string | $action, |
| PageIdentity | $target, | ||
| PermissionStatus | $status = null |
||
| ) |
- Since
- 1.36
- Parameters
-
string $action PageIdentity $target PermissionStatus | null $status
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
◆ blockedFor()
| User::blockedFor | ( | ) |
If user is blocked, return the specified reason for the block.
- Deprecated:
- since 1.35 Use AbstractBlock::getReasonComment instead Hard deprecated since 1.39.
- Returns
- string Blocking reason
Definition at line 1557 of file User.php.
References wfDeprecated().
◆ canReceiveEmail()
| User::canReceiveEmail | ( | ) |
◆ canSendEmail()
| User::canSendEmail | ( | ) |
◆ changeAuthenticationData()
| User::changeAuthenticationData | ( | array | $data | ) |
Changes credentials of the user.
This is a convenience wrapper around AuthManager::changeAuthenticationData. Note that this can return a status that isOK() but not isGood() on certain types of failures, e.g. when no provider handled the change.
- Parameters
-
array $data A set of authentication data in fieldname => value format. This is the same data you would pass the changeauthenticationdata API - 'username', 'password' etc.
- Returns
- Status
- Since
- 1.27
Definition at line 1908 of file User.php.
References StatusValue\newGood().
◆ checkAndSetTouched()
| User::checkAndSetTouched | ( | ) |
Bump user_touched if it didn't change since this object was loaded.
On success, the mTouched field is updated. The user serialization cache is always cleared.
- Access: internal
- Returns
- bool Whether user_touched was actually updated
- Since
- 1.26
Definition at line 1332 of file User.php.
References $success, DB_PRIMARY, and wfGetDB().
◆ checkPasswordValidity()
| User::checkPasswordValidity | ( | $password | ) |
Check if this is a valid password for this user.
Returns a Status object with a set of messages describing problems with the password. If the return status is fatal, the action should be refused and the password should not be checked at all (this is mainly meant for DoS mitigation). If the return value is OK but not good, the password can be checked, but the user should not be able to set their password to this. The value of the returned Status object will be an array which can have the following fields:
- forceChange (bool): if set to true, the user should not be allowed to log with this password unless they change it during the login process (see ResetPasswordSecondaryAuthenticationProvider).
- suggestChangeOnLogin (bool): if set to true, the user should be prompted for a password change on login.
- Parameters
-
string $password Desired password
- Returns
- Status
- Since
- 1.23
Definition at line 1014 of file User.php.
References StatusValue\newGood().
◆ clearInstanceCache()
| User::clearInstanceCache | ( | $reloadFrom = false | ) |
Clear various cached data stored in this object.
The cache of the user table data (i.e. self::$mCacheVars) is not cleared unless $reloadFrom is given.
- Parameters
-
bool | string $reloadFrom Reload user and user_groups table data from a given source. May be "name", "id", "actor", "defaults", "session", or false for no reload.
Definition at line 1370 of file User.php.
References $wgFullyInitialised.
Referenced by __construct(), and UserrightsPage\execute().
◆ clearSharedCache()
| User::clearSharedCache | ( | $mode = 'refresh' | ) |
Clear user data from memcached.
Use after applying updates to the database; caller's responsibility to update user_touched if appropriate.
Called implicitly from invalidateCache() and saveSettings().
- Parameters
-
string $mode Use 'refresh' to clear now or 'changed' to clear before DB commit
Definition at line 1798 of file User.php.
References $cache, and DB_PRIMARY.
◆ confirmationToken()
|
protected |
Generate, store, and return a new e-mail confirmation code.
A hash (unsalted, since it's used as a key) is stored.
- Note
- Call saveSettings() after calling this function to commit this change to the database.
- Parameters
-
string &$expiration Accepts the expiration time
- Returns
- string New token
Definition at line 3081 of file User.php.
References MWCryptRand\generateHex(), and wfTimestamp().
◆ confirmationTokenUrl()
|
protected |
◆ confirmEmail()
| User::confirmEmail | ( | ) |
Mark the e-mail address confirmed.
- Note
- Call saveSettings() after calling this function to commit the change.
- Returns
- bool
Definition at line 3140 of file User.php.
References wfTimestampNow().
◆ createNew()
|
static |
Add a user to the database, return the user object.
- Parameters
-
string $name Username to add array $params Array of Strings Non-default parameters to save to the database as user_* fields: - email: The user's email address.
- email_authenticated: The email authentication timestamp.
- real_name: The user's real name.
- options: An associative array of non-default options.
- token: Random authentication token. Do not set.
- registration: Registration timestamp. Do not set.
- Returns
- User|null User object, or null if the username already exists.
◆ definitelyCan()
| User::definitelyCan | ( | string | $action, |
| PageIdentity | $target, | ||
| PermissionStatus | $status = null |
||
| ) |
- Since
- 1.36
- Parameters
-
string $action PageIdentity $target PermissionStatus | null $status
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
◆ doLogout()
| User::doLogout | ( | ) |
◆ equals()
| User::equals | ( | ?UserIdentity | $user | ) |
Checks if two user objects point to the same user.
- Since
- 1.25 ; takes a UserIdentity instead of a User since 1.32
- Parameters
-
UserIdentity | null $user
- Returns
- bool
Implements MediaWiki\User\UserIdentity.
◆ findUsersByGroup()
|
static |
Return the users who are members of the given group(s).
In case of multiple groups, users who are members of at least one of them are returned.
- Parameters
-
string | array $groups A single group name or an array of group names int $limit Max number of users to return. The actual limit will never exceed 5000 records; larger values are ignored. int | null $after ID the user to start after
- Returns
- UserArrayFromResult|ArrayIterator
Definition at line 954 of file User.php.
References $dbr, DB_REPLICA, UserArray\newFromIDs(), and wfGetDB().
Referenced by EmptyUserGroup\execute().
◆ getActorId()
| User::getActorId | ( | $dbwOrWikiId = self::LOCAL | ) |
Get the user's actor ID.
- Since
- 1.31
- Note
- This method was removed from the UserIdentity interface in 1.36, but remains supported in the User class for now. New code should use ActorNormalization::findActorId() or ActorNormalization::acquireActorId() instead.
- Parameters
-
IDatabase | string | false $dbwOrWikiId Deprecated since 1.36. If a database connection is passed, a new actor ID is assigned if needed. ActorNormalization::acquireActorId() should be used for that purpose instead.
- Returns
- int The actor's ID, or 0 if no actor ID exists and $dbw was null
- Exceptions
-
PreconditionException if $dbwOrWikiId is a string and does not match the local wiki
Definition at line 1723 of file User.php.
References wfDeprecatedMsg().
◆ getAllGroups()
|
static |
Return the set of defined explicit groups.
The implicit groups (by default *, 'user' and 'autoconfirmed') are not included, as they are defined automatically, not in the database.
- Deprecated:
- since 1.35, use UserGroupManager::listAllGroups instead
- Returns
- string[] internal group names
◆ getBlock()
| User::getBlock | ( | $freshness = self::READ_NORMAL, |
|
$disableIpBlockExemptChecking = false |
|||
| ) |
Get the block affecting the user, or null if the user is not blocked.
- Parameters
-
int | bool $freshness One of the Authority::READ_XXX constants. For backwards compatibility, a boolean is also accepted, with true meaning READ_NORMAL and false meaning READ_LATEST. bool $disableIpBlockExemptChecking This is used internally to prevent a infinite recursion with autopromote. See T270145.
- Returns
- ?AbstractBlock
Definition at line 1520 of file User.php.
Referenced by Action\checkCanExecute(), FormSpecialPage\checkExecutePermissions(), and MediaWiki\Block\BlockManager\trackBlockWithCookie().
◆ getCacheKey()
|
protected |
- Since
- 1.27
- Parameters
-
WANObjectCache $cache
- Returns
- string
Definition at line 496 of file User.php.
References $cache.
◆ getDatePreference()
| User::getDatePreference | ( | ) |
◆ getDBTouched()
| User::getDBTouched | ( | ) |
◆ getEditCount()
| User::getEditCount | ( | ) |
Get the user's edit count.
- Returns
- int|null Null for anonymous users
Definition at line 2261 of file User.php.
Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().
◆ getEditToken()
| User::getEditToken | ( | $salt = '', |
|
$request = null |
|||
| ) |
Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission.
The $salt for 'edit' and 'csrf' tokens is the default (empty string).
- Since
- 1.19
- Deprecated:
- since 1.37. Use CsrfTokenSet::getToken instead
- Parameters
-
string | string[] $salt Optional function-specific data for hashing WebRequest | null $request WebRequest object to use, or null to use the global request
- Returns
- string The new edit token
◆ getEditTokenObject()
| User::getEditTokenObject | ( | $salt = '', |
|
$request = null |
|||
| ) |
Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission.
- Since
- 1.27
- Deprecated:
- since 1.37. Use CsrfTokenSet::getToken instead
- Parameters
-
string | string[] $salt Optional function-specific data for hashing WebRequest | null $request WebRequest object to use, or null to use the global request
- Returns
- MediaWiki\Session\Token The new edit token
Definition at line 2946 of file User.php.
Referenced by ApiQueryTokens\getToken().
◆ getEmail()
| User::getEmail | ( | ) |
Get the user's e-mail address.
- Returns
- string User's email address
Implements MediaWiki\Mail\UserEmailContact.
Definition at line 1995 of file User.php.
Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().
◆ getEmailAuthenticationTimestamp()
| User::getEmailAuthenticationTimestamp | ( | ) |
Get the timestamp of the user's e-mail authentication.
- Returns
- string TS_MW timestamp
Definition at line 2008 of file User.php.
Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().
◆ getExperienceLevel()
| User::getExperienceLevel | ( | ) |
Compute experienced level based on edit count and registration date.
- Returns
- string|false 'newcomer', 'learner', or 'experienced', false for anonymous users
Definition at line 2425 of file User.php.
References wfTimestamp().
◆ getGlobalBlock()
| User::getGlobalBlock | ( | $ip = '' | ) |
Check if user is blocked on all wikis.
Do not use for actual edit permission checks! This is intended for quick UI checks.
- Parameters
-
string $ip IP address, uses current client if none given
- Returns
- AbstractBlock|null Block object if blocked, null otherwise
- Exceptions
-
FatalError MWException
◆ getGroupMemberships()
| User::getGroupMemberships | ( | ) |
Get the list of explicit group memberships this user has, stored as UserGroupMembership objects.
Implicit groups are not included.
- Deprecated:
- since 1.35 Use UserGroupManager::getUserGroupMemberships instead
- Returns
- UserGroupMembership[] Associative array of (group name => UserGroupMembership object)
- Since
- 1.29
◆ getGroupPermissions()
|
static |
Get the permissions associated with a given list of groups.
- Deprecated:
- since 1.34, use GroupPermissionsLookup::getGroupPermissions() instead in 1.36+, or PermissionManager::getGroupPermissions() in 1.34 and 1.35
- Parameters
-
string[] $groups internal group names
- Returns
- string[] permission key names for given groups combined
◆ getGroups()
| User::getGroups | ( | ) |
Get the list of explicit group memberships this user has.
The implicit * and user groups are not included.
- Deprecated:
- since 1.35 Use UserGroupManager::getUserGroups instead.
- Returns
- string[] Array of internal group names (sorted since 1.33)
◆ getGroupsWithPermission()
|
static |
Get all the groups who have a given permission.
- Deprecated:
- since 1.34, use GroupPermissionsLookup::getGroupsWithPermission() instead in 1.36+, or PermissionManager::getGroupsWithPermission() in 1.34 and 1.35
- Parameters
-
string $role Role to check
- Returns
- string[] internal group names with the given permission
◆ getId()
| User::getId | ( | $wikiId = self::LOCAL | ) |
Get the user's ID.
- Parameters
-
string | false $wikiId The wiki ID expected by the caller.
- Returns
- int The user's ID; 0 if the user is anonymous or nonexistent
Implements MediaWiki\User\UserIdentity.
Definition at line 1644 of file User.php.
References ExternalUserNames\isExternal().
Referenced by UploadFromChunks\__construct(), MediaWiki\Auth\AuthManager\autoCreateUser(), MediaWiki\Auth\AuthManager\beginAccountLink(), CreditsAction\link(), and SpecialEmailUser\validateTarget().
◆ getImplicitGroups()
|
static |
- Deprecated:
- since 1.35, use UserGroupManager::listAllImplicitGroups() instead
- Returns
- string[] internal group names
◆ getInstanceForUpdate()
| User::getInstanceForUpdate | ( | ) |
Get a new instance of this user that was loaded from the primary DB via a locking read.
Use this instead of the main context User when updating that user. This avoids races where that user was loaded from a replica DB or even the primary DB but without proper locks.
- Returns
- User|null Returns null if the user was not found in the DB
- Since
- 1.27
◆ getMutableCacheKeys()
| User::getMutableCacheKeys | ( | WANObjectCache | $cache | ) |
- Parameters
-
WANObjectCache $cache
- Returns
- string[]
- Since
- 1.28
Definition at line 507 of file User.php.
References $cache.
◆ getName()
| User::getName | ( | ) |
Get the user name, or the IP of an anonymous user.
- Returns
- string User's name or IP address
Implements MediaWiki\User\UserIdentity.
Definition at line 1677 of file User.php.
Referenced by __toString(), MediaWiki\Auth\AuthManager\autoCreateUser(), MediaWiki\Auth\AuthManager\beginAccountLink(), PasswordReset\execute(), MediaWiki\Preferences\DefaultPreferencesFactory\generateSkinOptions(), PasswordReset\isAllowed(), CreditsAction\link(), MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences(), MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\sendNewAccountEmail(), MediaWiki\Preferences\DefaultPreferencesFactory\skinPreferences(), MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider\tryReset(), and CreditsAction\userLink().
◆ getOption()
| User::getOption | ( | $oname, | |
$defaultOverride = null, |
|||
$ignoreHidden = false |
|||
| ) |
Get the user's current setting for a given option.
- Parameters
-
string $oname The option to check mixed | null $defaultOverride A default value returned if the option does not exist. Default values set via $wgDefaultUserOptions / UserGetDefaultOptions take precedence. bool $ignoreHidden Whether to ignore the effects of $wgHiddenPrefs
- Returns
- mixed|null User's current value for the option
- Deprecated:
- since 1.35 Hard-deprecated since 1.39. Use UserOptionsLookup::getOption instead.
Reimplemented in PPFuzzUser.
Definition at line 2120 of file User.php.
References wfDeprecated().
◆ getQueryInfo()
|
static |
Return the tables, fields, and join conditions to be selected to create a new user object.
- Since
- 1.31
- Returns
- array[] With three keys:
- tables: (string[]) to include in the
$tabletoIDatabase->select()orSelectQueryBuilder::tables - fields: (string[]) to include in the
$varstoIDatabase->select()orSelectQueryBuilder::fields - joins: (array) to include in the
$join_condstoIDatabase->select()orSelectQueryBuilder::joinConds
- tables: (string[]) to include in the
Definition at line 3368 of file User.php.
Referenced by ApiQueryUsers\execute(), PasswordReset\getUsersByEmail(), UserArray\newFromIDs(), and UserArray\newFromNames().
◆ getRealName()
| User::getRealName | ( | ) |
Get the user's real name.
- Returns
- string User's real name
Implements MediaWiki\Mail\UserEmailContact.
Definition at line 2092 of file User.php.
Referenced by CreditsAction\link(), MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences(), and CreditsAction\userLink().
◆ getRegistration()
| User::getRegistration | ( | ) |
Get the timestamp of account creation.
- Returns
- string|bool|null Timestamp of account creation, false for non-existent/anonymous user accounts, or null if existing account but information is not in database.
Definition at line 3260 of file User.php.
Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().
◆ getRequest()
| User::getRequest | ( | ) |
Get the WebRequest object to use with this object.
- Returns
- WebRequest
Definition at line 2413 of file User.php.
References RequestContext\getMain().
Referenced by PasswordReset\execute(), MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\sendNewAccountEmail(), and MediaWiki\Block\BlockManager\trackBlockWithCookie().
◆ getRightDescription()
|
static |
Get the description of a given right.
- Since
- 1.29
- Parameters
-
string $right Right to query
- Returns
- string Localized description of the right
Definition at line 3352 of file User.php.
References wfMessage().
Referenced by SpecialListGrants\execute(), and CreateBotPassword\showGrants().
◆ getTalkPage()
| User::getTalkPage | ( | ) |
◆ getTitleKey()
| User::getTitleKey | ( | ) |
Get the user's name escaped by underscores.
- Returns
- string Username escaped by underscores.
Definition at line 1769 of file User.php.
Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences().
◆ getToken()
| User::getToken | ( | $forceCreation = true | ) |
Get the user's current token.
- Parameters
-
bool $forceCreation Force the generation of a new token if the user doesn't have one (default=true for backwards compatibility).
- Returns
- string|null Token
Definition at line 1935 of file User.php.
References MWCryptRand\generateHex(), and MWCryptHash\hmac().
◆ getTokenFromOption()
| User::getTokenFromOption | ( | $oname | ) |
Get a token stored in the preferences (like the watchlist one), resetting it if it's empty (and saving changes).
- Parameters
-
string $oname The option name to retrieve the token from
- Returns
- string|bool User's current value for the option, or false if this option is disabled.
- See also
- resetTokenFromOption()
- getOption()
- Deprecated:
- since 1.26 Applications should use the OAuth extension
◆ getTokenUrl()
|
protected |
Internal function to format the e-mail validation/invalidation URLs.
This uses a quickie hack to use the hardcoded English names of the Special: pages, for ASCII safety.
- Note
- Since these URLs get dropped directly into emails, using the short English names avoids really long URL-encoded links, which also sometimes can get corrupted in some browsers/mailers (T8957 with Gmail and Internet Explorer).
- Parameters
-
string $page Special page string $token
- Returns
- string Formatted URL
Definition at line 3127 of file User.php.
References $title, Title\makeTitle(), and NS_MAIN.
◆ getTouched()
| User::getTouched | ( | ) |
Get the user touched timestamp.
Use this value only to validate caches via inequalities such as in the case of HTTP If-Modified-Since response logic
- Returns
- string TS_MW Timestamp
Definition at line 1868 of file User.php.
References $cache, and wfTimestamp().
◆ getUser()
| User::getUser | ( | ) |
- Note
- This is only here for compatibility with the Authority interface.
- Since
- 1.36
- Returns
- UserIdentity $this
Implements MediaWiki\Mail\UserEmailContact.
◆ getUserPage()
| User::getUserPage | ( | ) |
Get this user's personal page title.
Definition at line 2911 of file User.php.
References Title\makeTitle(), and NS_USER.
Referenced by MediaWiki\Auth\AuthManager\autoCreateUser().
◆ getWikiId()
| User::getWikiId | ( | ) |
Returns self::LOCAL to indicate the user is associated with the local wiki.
- Since
- 1.36
- Returns
- string|false
Implements MediaWiki\DAO\WikiAwareEntity.
◆ groupHasPermission()
|
static |
Check, if the given group has the given permission.
If you're wanting to check whether all users have a permission, use PermissionManager::isEveryoneAllowed() instead. That properly checks if it's revoked from anyone.
- Deprecated:
- since 1.34, use GroupPermissionsLookup::groupHasPermission() instead in 1.36+, or PermissionManager::groupHasPermission() in 1.34 and 1.35
- Since
- 1.21
- Parameters
-
string $group Group to check string $role Role to check
- Returns
- bool
◆ idForName()
| User::idForName | ( | $flags = self::READ_NORMAL | ) |
◆ idFromName()
|
static |
Get database id given a user name.
- Deprecated:
- since 1.37.
Use UserIdentityLookup::getUserIdentityByName instead.
- Parameters
-
string $name Username int $flags User::READ_* constant bitfield
- Returns
- int|null The corresponding user's ID, or null if user is nonexistent
Definition at line 934 of file User.php.
Referenced by ExternalUserNames\applyPrefix(), CleanupUsersWithNoId\cleanup(), CreateBotPassword\execute(), and UsersPager\getQueryInfo().
◆ incEditCount()
| User::incEditCount | ( | ) |
Schedule a deferred update to update the user's edit count.
- Deprecated:
- since 1.37
◆ invalidateCache()
| User::invalidateCache | ( | ) |
◆ invalidateEmail()
| User::invalidateEmail | ( | ) |
Invalidate the user's e-mail confirmation, and unauthenticate the e-mail address if it was already confirmed.
- Note
- Call saveSettings() after calling this function to commit the change.
- Returns
- bool Returns true
◆ invalidationTokenUrl()
|
protected |
◆ isAllowed()
| User::isAllowed | ( | string | $permission | ) |
Checks whether this authority has the given permission in general.
For some permissions, exceptions may exist, both positive and negative, on a per-target basis.
- Parameters
-
string $permission
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
Definition at line 2364 of file User.php.
Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\editingPreferences(), MediaWiki\Preferences\DefaultPreferencesFactory\getForm(), MediaWiki\Preferences\DefaultPreferencesFactory\profilePreferences(), MediaWiki\Preferences\DefaultPreferencesFactory\renderingPreferences(), MediaWiki\Preferences\DefaultPreferencesFactory\saveFormData(), and MediaWiki\Preferences\DefaultPreferencesFactory\watchlistPreferences().
◆ isAllowedAll()
| User::isAllowedAll | ( | $permissions | ) |
Checks whether this authority has any of the given permissions in general.
Implementations must ensure that this method returns false if isAllowed would return false for any of the given permissions. Calling isAllowedAll() with one parameter must be equivalent to calling isAllowed(). Calling isAllowedAny() with no parameter is not allowed.
- See also
- isAllowed
- Parameters
-
string ...$permissions Permissions to test. At least one must be given.
- Returns
- bool True if the user is allowed to perform all of the given actions
Implements MediaWiki\Permissions\Authority.
◆ isAllowedAny()
| User::isAllowedAny | ( | $permissions | ) |
Checks whether this authority has any of the given permissions in general.
Implementations must ensure that this method returns true if isAllowed would return true for any of the given permissions. Calling isAllowedAny() with one parameter must be equivalent to calling isAllowed(). Calling isAllowedAny() with no parameter is not allowed.
- See also
- isAllowed
- Parameters
-
string ...$permissions Permissions to test. At least one must be given.
- Returns
- bool True if user is allowed to perform any of the given actions
Implements MediaWiki\Permissions\Authority.
Definition at line 2356 of file User.php.
Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\saveFormData(), and MediaWiki\Preferences\DefaultPreferencesFactory\watchlistPreferences().
◆ isAllowedToCreateAccount()
| User::isAllowedToCreateAccount | ( | ) |
◆ isAnon()
| User::isAnon | ( | ) |
Get whether the user is anonymous.
- Returns
- bool
Definition at line 2317 of file User.php.
Referenced by CreditsAction\link(), MediaWiki\Session\UserInfo\newFromId(), MediaWiki\Block\BlockManager\trackBlockWithCookie(), and CreditsAction\userLink().
◆ isBlocked()
| User::isBlocked | ( | $fromReplica = true | ) |
Check if user is blocked.
- Deprecated:
- since 1.34, use User::getBlock() or Authority:getBlock() or Authority:definitelyCan() or Authority:authorizeRead() or Authority:authorizeWrite() or PermissionManager::isBlockedFrom(), as appropriate.
- Parameters
-
bool $fromReplica Whether to check the replica DB instead of the primary DB. Hacked from false due to horrible probs on site.
- Returns
- bool True if blocked, false otherwise
◆ isBlockedFrom()
| User::isBlockedFrom | ( | $title, | |
$fromReplica = false |
|||
| ) |
Check if user is blocked from editing a particular article.
- Parameters
-
PageIdentity $title Title to check bool $fromReplica Whether to check the replica DB instead of the primary DB
- Returns
- bool
- Deprecated:
- since 1.33, use MediaWikiServices::getInstance()->getPermissionManager()->isBlockedFrom(..)
Definition at line 1545 of file User.php.
References $title.
◆ isBlockedFromCreateAccount()
| User::isBlockedFromCreateAccount | ( | ) |
Get whether the user is explicitly blocked from account creation.
- Deprecated:
- since 1.37. Instead use Authority::authorize* for createaccount permission.
- Returns
- bool|AbstractBlock
Definition at line 2858 of file User.php.
References MediaWiki\Block\AbstractBlock\appliesToRight().
◆ isBlockedFromEmailuser()
| User::isBlockedFromEmailuser | ( | ) |
◆ isBlockedFromUpload()
| User::isBlockedFromUpload | ( | ) |
◆ isBlockedGlobally()
| User::isBlockedGlobally | ( | $ip = '' | ) |
◆ isBot()
| User::isBot | ( | ) |
◆ isEmailConfirmationPending()
| User::isEmailConfirmationPending | ( | ) |
Check whether there is an outstanding request for e-mail confirmation.
- Returns
- bool
Definition at line 3244 of file User.php.
References wfTimestamp().
◆ isEmailConfirmed()
| User::isEmailConfirmed | ( | ) |
Is this user's e-mail address valid-looking and confirmed within limits of the current site configuration?
- Note
- If $wgEmailAuthentication is on, this may require the user to have confirmed their address by returning a code or using a password sent to the address from the wiki.
- Returns
- bool
Implements MediaWiki\Mail\UserEmailContact.
◆ isHidden()
| User::isHidden | ( | ) |
Check if user account is hidden.
- Returns
- bool True if hidden, false otherwise
Definition at line 1631 of file User.php.
Referenced by UserrightsPage\fetchUser().
◆ isItemLoaded()
| User::isItemLoaded | ( | $item, | |
$all = 'all' |
|||
| ) |
Return whether an item has been loaded.
- Parameters
-
string $item Item to check. Current possibilities: - id
- name
- realname
string $all 'all' to check if the whole object has been loaded or any other string to check if only the item is available (e.g. for optimisation)
- Returns
- bool
Definition at line 1089 of file User.php.
References true.
◆ isLocked()
| User::isLocked | ( | ) |
◆ isNamed()
| User::isNamed | ( | ) |
Is the user a normal non-temporary registered user?
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
Definition at line 3561 of file User.php.
Referenced by WatchAction\checkCanExecute().
◆ isNewbie()
| User::isNewbie | ( | ) |
Determine whether the user is a newbie.
Newbies are either anonymous IPs, or the most recently created accounts.
- Returns
- bool
Definition at line 2930 of file User.php.
Referenced by SpecialEmailUser\validateTarget().
◆ isPingLimitable()
| User::isPingLimitable | ( | ) |
◆ isRegistered()
| User::isRegistered | ( | ) |
Get whether the user is registered.
- Returns
- bool True if user is registered on this wiki, i.e., has a user ID. False if user is anonymous or has no local account (which can happen when importing). This is equivalent to getId() != 0 and is provided for code readability.
- Since
- 1.34
Implements MediaWiki\Permissions\Authority.
Definition at line 2309 of file User.php.
Referenced by MediaWiki\Auth\AuthManager\beginAccountLink(), UppercaseTitlesForUnicodeTransition\execute(), and LanguageConverter\getUserVariant().
◆ isSafeToLoad()
| User::isSafeToLoad | ( | ) |
Test if it's safe to load this User object.
You should typically check this before using $wgUser or RequestContext::getUser in a method that might be called before the system has been fully initialized. If the object is unsafe, you should use an anonymous user: \code $user = $wgUser->isSafeToLoad() ? $wgUser : new User; \endcode
- Since
- 1.27
- Returns
- bool
Definition at line 350 of file User.php.
References $wgFullyInitialised.
Referenced by LanguageConverter\getUserVariant(), and MediaWiki\Block\BlockManager\trackBlockWithCookie().
◆ isSystemUser()
| User::isSystemUser | ( | ) |
◆ isTemp()
| User::isTemp | ( | ) |
◆ isValidPassword()
| User::isValidPassword | ( | $password | ) |
◆ load()
| User::load | ( | $flags = self::READ_NORMAL | ) |
Load the user table data for this object from the source given by mFrom.
- Parameters
-
int $flags User::READ_* constant bitfield
Reimplemented in PPFuzzUser.
Definition at line 367 of file User.php.
References $wgFullyInitialised, DBAccessObjectUtils\getDBOptions(), and wfGetDB().
Referenced by MediaWiki\Session\UserInfo\newFromId().
◆ loadDefaults()
| User::loadDefaults | ( | $name = false, |
|
$actorId = null |
|||
| ) |
Set cached properties to default.
- Note
- This no longer clears uncached lazy-initialised properties; the constructor does that instead.
- Parameters
-
string | bool $name int | null $actorId
Definition at line 1053 of file User.php.
References wfTimestamp().
Referenced by PPFuzzUser\load().
◆ loadFromCache()
|
protected |
Load user data from shared cache, given mId has already been set.
- Returns
- bool True
- Since
- 1.25
Definition at line 519 of file User.php.
References $cache, $wgFullyInitialised, DB_REPLICA, wfDebug(), wfGetDB(), and wfTimestamp().
◆ loadFromDatabase()
| User::loadFromDatabase | ( | $flags = self::READ_LATEST | ) |
Load user data from the database.
$this->mId must be set, this is how the user is identified.
- Parameters
-
int $flags User::READ_* constant bitfield
- Returns
- bool True if the user exists, false if the user is anonymous
Definition at line 1138 of file User.php.
References $s, DBAccessObjectUtils\getDBOptions(), and wfGetDB().
◆ loadFromId()
| User::loadFromId | ( | $flags = self::READ_NORMAL | ) |
Load user table data, given mId has already been set.
- Parameters
-
int $flags User::READ_* constant bitfield
- Returns
- bool False if the ID does not exist, true otherwise
Definition at line 455 of file User.php.
References DBAccessObjectUtils\hasFlags().
Referenced by MediaWiki\Auth\AuthManager\autoCreateUser().
◆ loadFromRow()
|
protected |
Initialize this object from a row from the user table.
- Parameters
-
stdClass $row Row from the user table to load. array | null $data Further user data to load into the object
user_groups Array of arrays or stdClass result rows out of the user_groups table. Previously you were supposed to pass an array of strings here, but we also need expiry info nowadays, so an array of strings is ignored.
Definition at line 1190 of file User.php.
References if, wfTimestamp(), and wfTimestampOrNull().
Referenced by newFromRow().
◆ loadFromUserObject()
|
protected |
◆ logout()
◆ makeUpdateConditions()
|
protected |
Builds update conditions.
Additional conditions may be added to $conditions to protected against race conditions using a compare-and-set (CAS) mechanism based on comparing $this->mTouched with the user_touched field.
- Parameters
-
IDatabase $db array $conditions WHERE conditions for use with Database::update
- Returns
- array WHERE conditions for use with Database::update
Definition at line 1313 of file User.php.
References Wikimedia\Rdbms\Platform\ISQLPlatform\timestamp().
◆ matchEditToken()
| User::matchEditToken | ( | $val, | |
$salt = '', |
|||
$request = null, |
|||
$maxage = null |
|||
| ) |
Check given value against the token value stored in the session.
A match should confirm that the form was submitted from the user's own login session, not a form submission from a third-party site.
- Deprecated:
- since 1.37. Use CsrfTokenSet::matchToken instead
- Parameters
-
string | null $val Input value to compare string | array $salt Optional function-specific data for hashing WebRequest | null $request Object to use, or null to use the global request int | null $maxage Fail tokens older than this, in seconds
- Returns
- bool Whether the token matches
◆ newFatalPermissionDeniedStatus()
|
static |
Factory function for fatal permission-denied errors.
- Since
- 1.22
- Parameters
-
string $permission User right required
- Returns
- Status
Definition at line 3400 of file User.php.
References $wgLang, UserGroupMembership\getLink(), RequestContext\getMain(), and StatusValue\newFatal().
Referenced by MediaWiki\Watchlist\WatchlistManager\addWatch(), ApiUpload\checkPermissions(), and MediaWiki\Watchlist\WatchlistManager\removeWatch().
◆ newFromActorId()
|
static |
Static factory method for creation from a given actor ID.
- See also
- UserFactory::newFromActorId
- Deprecated:
- since 1.36, use a UserFactory instead
- Since
- 1.31
- Parameters
-
int $id Valid actor ID
- Returns
- User
◆ newFromAnyId()
|
static |
Static factory method for creation from an ID, name, and/or actor ID.
This does not check that the ID, name, and actor ID all correspond to the same user.
- See also
- UserFactory::newFromAnyId
- Deprecated:
- since 1.36, use a UserFactory instead
- Since
- 1.31
- Parameters
-
int | null $userId User ID, if known string | null $userName User name, if known int | null $actorId Actor ID, if known bool | string $dbDomain remote wiki to which the User/Actor ID applies, or false if none
- Returns
- User
◆ newFromConfirmationCode()
|
static |
Factory method to fetch whichever user has a given email confirmation code.
This code is generated when an account is created or its e-mail address has changed.
If the code is invalid or has expired, returns NULL.
- See also
- UserFactory::newFromConfirmationCode
- Deprecated:
- since 1.36, use a UserFactory instead
- Parameters
-
string $code Confirmation code int $flags User::READ_* bitfield
- Returns
- User|null
◆ newFromId()
|
static |
Static factory method for creation from a given user ID.
- See also
- UserFactory::newFromId
- Deprecated:
- since 1.36, use a UserFactory instead
- Parameters
-
int $id Valid user ID
- Returns
- User
Definition at line 639 of file User.php.
Referenced by LogPage\addEntry(), FixUserRegistration\execute(), MigrateUserGroup\execute(), RemoveInvalidEmails\execute(), ResetUserEmail\execute(), WrapOldPasswords\execute(), WikiPage\getContributors(), NewUsersLogFormatter\getMessageParameters(), RequestContext\importScopedSession(), Installer\resetMediaWikiServices(), EnotifNotifyJob\run(), UserOptionsUpdateJob\run(), Skin\showEmailUser(), Linker\userToolLinks(), and Maintenance\validateUserOption().
◆ newFromIdentity()
|
static |
Returns a User object corresponding to the given UserIdentity.
- See also
- UserFactory::newFromUserIdentity
- Deprecated:
- since 1.36, use a UserFactory instead
- Since
- 1.32
- Parameters
-
UserIdentity $identity
- Returns
- User
Definition at line 675 of file User.php.
Referenced by SpecialBlock\canBlockEmail(), SpecialMute\getFormFields(), RecentChange\getPerformer(), MWTimestamp\getRelativeTimestamp(), MediaWiki\User\UserGroupManager\getUserAutopromoteOnceGroups(), MediaWiki\User\UserGroupManager\getUserEffectiveGroups(), MediaWiki\Permissions\PermissionManager\getUserPermissions(), MediaWiki\User\UserGroupManager\removeUserFromGroup(), and Skin\showEmailUser().
◆ newFromName()
|
static |
- See also
- UserFactory::newFromName
- Deprecated:
- since 1.36, use a UserFactory instead
This is slightly less efficient than newFromId(), so use newFromId() if you have both an ID and a name handy.
- Parameters
-
string $name Username, validated by Title::newFromText() string | bool $validate Validate username.Type of validation to use: - false No validation
- 'valid' Valid for batch processes
- 'usable' Valid for batch processes and login
- 'creatable' Valid for batch processes, login and account creation, except that true is accepted as an alias for 'valid', for BC.
- Returns
- User|bool User object, or false if the username is invalid (e.g. if it contains illegal characters or is an IP address). If the username is not present in the database, the result will be a user object with a name, zero user ID and default settings.
Definition at line 598 of file User.php.
Referenced by CliInstaller\__construct(), ImageListPager\__construct(), EmailNotification\actuallyNotifyOnPageChange(), Parser\braceSubstitution(), Installer\createSysop(), MediaWiki\Storage\DerivedPageDataUpdater\doUpdates(), LoginSignupSpecialPage\execute(), ApiQueryUserContribs\execute(), BlockUsers\execute(), DeleteBatch\execute(), EditCLI\execute(), ImportImages\execute(), ImportSiteScripts\execute(), ImportTextFiles\execute(), InvalidateUserSessions\execute(), MakeTestEdits\execute(), MoveBatch\execute(), Protect\execute(), ResetUserEmail\execute(), Undelete\execute(), UppercaseTitlesForUnicodeTransition\execute(), LogFormatter\formatParameterValue(), LogFormatter\formatParameterValueForApi(), BlockListPager\formatValue(), WikiPage\getContributors(), WANCacheReapUpdate\getEventAffectedKeys(), BlockLogFormatter\getMessageParameters(), NewUsersLogFormatter\getMessageParameters(), MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\getNewPasswordExpiry(), SpecialEmailUser\getTarget(), MediaWiki\ResourceLoader\Context\getUserObj(), ImportableUploadRevisionImporter\import(), WikiRevision\importLogItem(), RequestContext\importScopedSession(), BotPassword\login(), RequestContext\newExtraneousContext(), WikiPage\onArticleDelete(), RawAction\onView(), InfoAction\pageInfo(), MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\providerAllowsAuthenticationDataChange(), EnotifNotifyJob\run(), MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\sendPasswordResetEmail(), Article\showMissingArticle(), WebInstallerName\submit(), HTMLUserTextField\validate(), and Maintenance\validateUserOption().
◆ newFromRow()
|
static |
Create a new user object from a user row.
The row should have the following fields from the user table in it:
- either user_name or user_id to load further data if needed (or both)
- user_real_name
- all other fields (email, etc.) It is useless to provide the remaining fields if either user_id, user_name and user_real_name are not provided because the whole row will be loaded once more from the database when accessing them.
- Parameters
-
stdClass $row A row from the user table array | null $data Further data to load into the object (see User::loadFromRow for valid keys)
- Returns
- User
Definition at line 760 of file User.php.
References loadFromRow().
Referenced by MediaWiki\User\UserFactory\newFromRow(), and UserArrayFromResult\setCurrent().
◆ newFromSession()
|
static |
Create a new user object using data from session.
If the login credentials are invalid, the result is an anonymous user.
- Parameters
-
WebRequest | null $request Object to use; the global request will be used if omitted.
- Returns
- User
Definition at line 738 of file User.php.
Referenced by RequestContext\getUser().
◆ newSystemUser()
|
static |
Static factory method for creation of a "system" user from username.
A "system" user is an account that's used to attribute logged actions taken by MediaWiki itself, as opposed to a bot or human user. Examples might include the 'Maintenance script' or 'Conversion script' accounts used by various scripts in the maintenance/ directory or accounts such as 'MediaWiki message delivery' used by the MassMessage extension.
This can optionally create the user if it doesn't exist, and "steal" the account if it does exist.
"Stealing" an existing user is intended to make it impossible for normal authentication processes to use the account, effectively disabling the account for normal use:
- Email is invalidated, to prevent account recovery by emailing a temporary password and to disassociate the account from the existing human.
- The token is set to a magic invalid value, to kill existing sessions and to prevent $this->setToken() calls from resetting the token to a valid value.
- SessionManager is instructed to prevent new sessions for the user, to do things like deauthorizing OAuth consumers.
- AuthManager is instructed to revoke access, to invalidate or remove passwords and other credentials.
- Parameters
-
string $name Username array $options Options are: - validate: Type of validation to use:
- false No validation
- 'valid' Valid for batch processes
- 'usable' Valid for batch processes and login
- 'creatable' Valid for batch processes, login and account creation, default 'valid'. Deprecated since 1.36.
- create: Whether to create the user if it doesn't already exist, default true
- steal: Whether to "disable" the account for normal use if it already exists, default false
- validate: Type of validation to use:
- Returns
- User|null
- Since
- 1.27
Definition at line 806 of file User.php.
References $dbr, DB_PRIMARY, DB_REPLICA, and wfDeprecatedMsg().
Referenced by Installer\createMainpage(), AddChangeTag\execute(), BlockUsers\execute(), CleanupCaps\execute(), CleanupSpam\execute(), DeleteBatch\execute(), DeleteDefaultMessages\execute(), DeleteEqualMessages\execute(), EditCLI\execute(), ImportImages\execute(), ImportSiteScripts\execute(), ImportTextFiles\execute(), MoveBatch\execute(), Protect\execute(), RollbackEdits\execute(), Undelete\execute(), and UppercaseTitlesForUnicodeTransition\execute().
◆ pingLimiter()
| User::pingLimiter | ( | $action = 'edit', |
|
$incrBy = 1 |
|||
| ) |
Primitive rate limits: enforce maximum actions per time period to put a brake on flooding.
The method generates both a generic profiling point and a per action one (suffix being "-$action").
- Note
- When using a shared cache like memcached, IP-address last-hit counters will be shared across wikis.
- Parameters
-
string $action Action to enforce; 'edit' if unspecified int $incrBy Positive amount to increment counter by [defaults to 1]
- Returns
- bool True if a rate limiter was tripped
- Exceptions
-
MWException
Definition at line 1478 of file User.php.
Referenced by PasswordReset\execute().
◆ probablyCan()
| User::probablyCan | ( | string | $action, |
| PageIdentity | $target, | ||
| PermissionStatus | $status = null |
||
| ) |
- Since
- 1.36
- Parameters
-
string $action PageIdentity $target PermissionStatus | null $status
- Returns
- bool
Implements MediaWiki\Permissions\Authority.
◆ purge()
|
static |
- Since
- 1.27
- Parameters
-
string $dbDomain int $userId
Definition at line 485 of file User.php.
References $cache.
Referenced by UserRightsProxy\invalidateCache().
◆ removeGroup()
| User::removeGroup | ( | $group | ) |
Remove the user from the given group.
This takes immediate effect.
- Deprecated:
- since 1.35 Use UserGroupManager::removeUserFromGroup instead.
- Parameters
-
string $group Name of the group to remove
- Returns
- bool
◆ requiresHTTPS()
| User::requiresHTTPS | ( | ) |
◆ resetTokenFromOption()
| User::resetTokenFromOption | ( | $oname | ) |
Reset a token stored in the preferences (like the watchlist one).
Does not save user's preferences (similarly to UserOptionsManager::setOption()).
- Parameters
-
string $oname The option name to reset the token in
- Returns
- string|bool New token value, or false if this option is disabled.
- See also
- getTokenFromOption()
- UserOptionsManager::setOption
Definition at line 2171 of file User.php.
References MWCryptRand\generateHex().
◆ saveSettings()
| User::saveSettings | ( | ) |
Save this user's settings into the database.
- Todo:
- Only rarely do all these fields need to be set!
Definition at line 2553 of file User.php.
References Wikimedia\Rdbms\IDatabase\affectedRows(), DB_PRIMARY, if, MWExceptionHandler\logException(), Wikimedia\Rdbms\Platform\ISQLPlatform\timestamp(), Wikimedia\Rdbms\Platform\ISQLPlatform\timestampOrNull(), Wikimedia\Rdbms\IDatabase\update(), and wfGetDB().
Referenced by MediaWiki\Auth\AuthManager\autoCreateUser(), MediaWiki\Session\SessionManager\invalidateSessionsForUser(), MediaWiki\Session\SessionBackend\save(), and MediaWiki\Preferences\DefaultPreferencesFactory\saveFormData().
◆ sendConfirmationMail()
| User::sendConfirmationMail | ( | $type = 'created' | ) |
◆ sendMail()
| User::sendMail | ( | $subject, | |
| $body, | |||
$from = null, |
|||
$replyto = null |
|||
| ) |
Send an e-mail to this user's account.
Does not check for confirmed status or validity.
- Parameters
-
string $subject Message subject string $body Message body User | null $from Optional sending user; if unspecified, default $wgPasswordSender will be used. MailAddress | null $replyto Reply-To address
- Returns
- Status
Definition at line 3054 of file User.php.
References MailAddress\newFromUser(), UserMailer\send(), and wfMessage().
Referenced by MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider\sendNewAccountEmail().
◆ setActorId()
| User::setActorId | ( | int | $actorId | ) |
Sets the actor id.
For use by ActorStore only. Should be removed once callers of getActorId() have been migrated to using ActorNormalization.
- Access: internal
- Deprecated:
- since 1.36
- Parameters
-
int $actorId
◆ setCookies()
| User::setCookies | ( | $request = null, |
|
$secure = null, |
|||
$rememberMe = false |
|||
| ) |
Persist this user's session (e.g.
set cookies)
- Parameters
-
WebRequest | null $request WebRequest object to use; the global request will be used if null is passed. bool | null $secure Whether to force secure/insecure cookies or use default bool $rememberMe Whether to add a Token cookie for elongated sessions
◆ setEmail()
| User::setEmail | ( | string | $str | ) |
◆ setEmailAuthenticationTimestamp()
| User::setEmailAuthenticationTimestamp | ( | $timestamp | ) |
◆ setEmailWithConfirmation()
| User::setEmailWithConfirmation | ( | string | $str | ) |
Set the user's e-mail address and send a confirmation mail if needed.
- Since
- 1.20
- Parameters
-
string $str New e-mail address
- Returns
- Status
Definition at line 2036 of file User.php.
References $type, StatusValue\newFatal(), StatusValue\newGood(), and wfMessage().
◆ setId()
| User::setId | ( | $v | ) |
Set the user and reload all fields according to a given ID.
- Parameters
-
int $v User ID to reload
Definition at line 1668 of file User.php.
Referenced by MediaWiki\Auth\AuthManager\autoCreateUser().
◆ setItemLoaded()
| User::setItemLoaded | ( | $item | ) |
◆ setName()
| User::setName | ( | $str | ) |
Set the user name.
This does not reload fields from the database according to the given name. Rather, it is used to create a temporary "nonexistent user" for later addition to the database. It can also be used to set the IP address for an anonymous user to something other than the current remote IP.
- Note
- User::newFromName() has roughly the same function, when the named user does not exist.
- Parameters
-
string $str New user name to set
◆ setRealName()
| User::setRealName | ( | string | $str | ) |
Set the user's real name.
- Parameters
-
string $str New real name
Definition at line 2104 of file User.php.
Referenced by MediaWiki\Preferences\DefaultPreferencesFactory\saveFormData().
◆ setToken()
| User::setToken | ( | $token = false | ) |
Set the random token (used for persistent authentication) Called from loadDefaults() among other places.
- Parameters
-
string | bool $token If specified, set the token to this value
Definition at line 1979 of file User.php.
References MWCryptRand\generateHex().
Referenced by MediaWiki\Session\SessionManager\invalidateSessionsForUser().
◆ spreadAnyEditBlock()
| User::spreadAnyEditBlock | ( | ) |
◆ spreadBlock()
|
protected |
◆ touch()
| User::touch | ( | ) |
Update the "touched" timestamp for the user.
This is useful on various login/logout events when making sure that a browser or proxy that has multiple tenants does not suffer cache pollution where the new user sees the old users content. The value of getTouched() is checked when determining 304 vs 200 responses. Unlike invalidateCache(), this preserves the User object cache and avoids database writes.
- Since
- 1.25
Definition at line 1841 of file User.php.
References $cache.
◆ useFilePatrol()
| User::useFilePatrol | ( | ) |
Check whether to enable new files patrol features for this user.
- Returns
- bool True or false
Definition at line 2397 of file User.php.
Referenced by ChangesList\isUnpatrolled().
◆ useNPPatrol()
| User::useNPPatrol | ( | ) |
Check whether to enable new pages patrol features for this user.
- Returns
- bool True or false
Definition at line 2382 of file User.php.
Referenced by ChangesList\isUnpatrolled(), and MediaWiki\Preferences\DefaultPreferencesFactory\rcPreferences().
◆ useRCPatrol()
| User::useRCPatrol | ( | ) |
Check whether to enable recent changes patrol features for this user.
- Returns
- bool True or false
Definition at line 2372 of file User.php.
Referenced by ChangesList\isUnpatrolled(), MediaWiki\Preferences\DefaultPreferencesFactory\rcPreferences(), and MediaWiki\Preferences\DefaultPreferencesFactory\watchlistPreferences().
◆ validateCache()
| User::validateCache | ( | $timestamp | ) |
◆ whoIs()
|
static |
Get the username corresponding to a given user ID.
- Parameters
-
int $id User ID
- Returns
- string|false The corresponding username
Definition at line 913 of file User.php.
References UserCache\singleton().
Referenced by UserrightsPage\fetchUser().
◆ whoIsReal()
|
static |
Get the real name of a user given their user ID.
- Parameters
-
int $id User ID
- Returns
- string|false The corresponding user's real name
Definition at line 923 of file User.php.
References UserCache\singleton().
Member Data Documentation
◆ $mActorId
| int null User::$mActorId |
◆ $mBlockreason
|
protected |
TODO: This should be removed when User::blockedFor and AbstractBlock::getReason are hard deprecated.
◆ $mCacheVars
|
staticprotected |
List of member variables which are saved to the shared cache (memcached).
Any operation which changes the corresponding database fields must call a cache-clearing function.
◆ $mDatePreference
|
protected |
◆ $mEmail
◆ $mEmailAuthenticated
◆ $mEmailToken
◆ $mEmailTokenExpires
◆ $mFrom
| string User::$mFrom |
Initialization data source if mLoadedItems!==true.
May be one of:
- 'defaults' anonymous user initialised from class defaults
- 'name' initialise from mName
- 'id' initialise from mId
- 'actor' initialise from mActorId
- 'session' log in from session if possible
Use the User::newFrom*() family of functions to set this.
◆ $mGlobalBlock
|
protected |
◆ $mHash
◆ $mId
◆ $mLoadedItems
|
protected |
◆ $mLocked
◆ $mName
◆ $mQuickTouched
|
protected |
◆ $mRealName
◆ $mRegistration
◆ $mToken
◆ $mTouched
◆ $queryFlagsUsed
|
protected |
◆ CHECK_USER_RIGHTS
◆ IGNORE_USER_RIGHTS
◆ INVALID_TOKEN
| const User::INVALID_TOKEN = '*** INVALID ***' |
◆ MAINTENANCE_SCRIPT_USER
| const User::MAINTENANCE_SCRIPT_USER = 'Maintenance script' |
Username used for various maintenance scripts.
- Since
- 1.37
Definition at line 116 of file User.php.
Referenced by AddChangeTag\execute(), BlockUsers\execute(), EditCLI\execute(), ImportImages\execute(), ImportTextFiles\execute(), Protect\execute(), RollbackEdits\execute(), and UppercaseTitlesForUnicodeTransition\execute().
◆ TOKEN_LENGTH
| const User::TOKEN_LENGTH = 32 |
The documentation for this class was generated from the following file:
- includes/user/User.php
