MediaWiki  master
resetUserTokens.php
Go to the documentation of this file.
1 <?php
27 require_once __DIR__ . '/Maintenance.php';
28 
30 
38  public function __construct() {
39  parent::__construct();
40  $this->addDescription(
41  "Reset the user_token of all users on the wiki. Note that this may log some of them out.\n"
42  . "Deprecated, use \$wgAuthenticationTokenVersion instead."
43  );
44  $this->addOption( 'nowarn', "Hides the 5 seconds warning", false, false );
45  $this->addOption(
46  'nulls',
47  'Only reset tokens that are currently null (string of \x00\'s)',
48  false,
49  false
50  );
51  $this->setBatchSize( 1000 );
52  }
53 
54  public function execute() {
55  $nullsOnly = $this->getOption( 'nulls' );
56 
57  if ( !$this->getOption( 'nowarn' ) ) {
58  if ( $nullsOnly ) {
59  $this->output( "The script is about to reset the user_token "
60  . "for USERS WITH NULL TOKENS in the database.\n" );
61  } else {
62  $this->output( "The script is about to reset the user_token for ALL USERS in the database.\n" );
63  $this->output( "This may log some of them out and is not necessary unless you believe your\n" );
64  $this->output( "user table has been compromised.\n" );
65  }
66  $this->output( "\n" );
67  $this->output( "Abort with control-c in the next five seconds "
68  . "(skip this countdown with --nowarn) ... " );
69  $this->countDown( 5 );
70  }
71 
72  // We list user by user_id from one of the replica DBs
73  $dbr = $this->getDB( DB_REPLICA );
74 
75  $where = [];
76  if ( $nullsOnly ) {
77  // Have to build this by hand, because \ is escaped in helper functions
78  $where = [ 'user_token = \'' . str_repeat( '\0', 32 ) . '\'' ];
79  }
80 
81  $maxid = $dbr->selectField( 'user', 'MAX(user_id)', [], __METHOD__ );
82 
83  $min = 0;
84  $max = $this->getBatchSize();
85  $lbFactory = MediaWikiServices::getInstance()->getDBLoadBalancerFactory();
86 
87  do {
88  $result = $dbr->select( 'user',
89  [ 'user_id' ],
90  array_merge(
91  $where,
92  [ 'user_id > ' . $dbr->addQuotes( $min ),
93  'user_id <= ' . $dbr->addQuotes( $max )
94  ]
95  ),
96  __METHOD__
97  );
98 
99  foreach ( $result as $user ) {
100  $this->updateUser( $user->user_id );
101  }
102 
103  $min = $max;
104  $max = $min + $this->getBatchSize();
105 
106  $lbFactory->waitForReplication();
107  } while ( $min <= $maxid );
108  }
109 
110  private function updateUser( $userid ) {
111  $user = User::newFromId( $userid );
112  $username = $user->getName();
113  $this->output( 'Resetting user_token for "' . $username . '": ' );
114  // Change value
115  $user->setToken();
116  $user->saveSettings();
117  $this->output( " OK\n" );
118  }
119 }
120 
121 $maintClass = ResetUserTokens::class;
122 require_once RUN_MAINTENANCE_IF_MAIN;
RUN_MAINTENANCE_IF_MAIN
const RUN_MAINTENANCE_IF_MAIN
Definition: Maintenance.php:38
ResetUserTokens\execute
execute()
Do the actual work.
Definition: resetUserTokens.php:54
User\newFromId
static newFromId( $id)
Static factory method for creation from a given user ID.
Definition: User.php:562
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition: MediaWikiServices.php:154
Maintenance\addDescription
addDescription( $text)
Set the description text.
Definition: Maintenance.php:327
$maintClass
$maintClass
Definition: resetUserTokens.php:121
ResetUserTokens
Maintenance script to reset the user_token for all users on the wiki.
Definition: resetUserTokens.php:37
ResetUserTokens\__construct
__construct()
Default constructor.
Definition: resetUserTokens.php:38
Maintenance
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
Definition: Maintenance.php:55
$dbr
$dbr
Definition: testCompression.php:54
Maintenance\addOption
addOption( $name, $description, $required=false, $withArg=false, $shortName=false, $multiOccurrence=false)
Add a parameter to the script.
Definition: Maintenance.php:245
DB_REPLICA
const DB_REPLICA
Definition: defines.php:25
Maintenance\countDown
countDown( $seconds)
Count down from $seconds to zero on the terminal, with a one-second pause between showing each number...
Definition: Maintenance.php:1544
Maintenance\getDB
getDB( $db, $groups=[], $dbDomain=false)
Returns a database to be used by current maintenance script.
Definition: Maintenance.php:1366
Maintenance\getOption
getOption( $name, $default=null)
Get an option, or return the default.
Definition: Maintenance.php:281
Maintenance\getBatchSize
getBatchSize()
Returns batch size.
Definition: Maintenance.php:366
ResetUserTokens\updateUser
updateUser( $userid)
Definition: resetUserTokens.php:110
Maintenance\output
output( $out, $channel=null)
Throw some output to the user.
Definition: Maintenance.php:434
Maintenance\setBatchSize
setBatchSize( $s=0)
Set the batch size.
Definition: Maintenance.php:374