protected function setCookies(PCPUserCredentials $userCredentials = NULL)
{
global $wgUser;
if (!isset($wgUser->mId) || !$wgUser->mId) {
if ($this->usedUC->lgToken == NULL) {
$this->usedUC = $userCredentials;
}
if (!$this->cookiesSet) {
// workaround: setting cookies internally
global $wgCookiePrefix;
$_COOKIE["{$wgCookiePrefix}UserID"] = $this->usedUC->id;
$_SESSION['wsUserID'] = $this->usedUC->id;
$_SESSION['wsUserName'] = $this->usedUC->un;
$_SESSION['wsToken'] = $this->usedUC->lgToken;
$wgUser = User::newFromSession();
$wgUser->load();
$this->usedUC->editToken = $wgUser->editToken();
$this->cookiesSet = true;
}
} else {
$this->usedUC->id = $wgUser->mId;
$this->usedUC->un = $wgUser->mName;
$this->usedUC->lgToken = $wgUser->mToken;
$this->usedUC->editToken = $wgUser->editToken();
$this->cookiesSet = true;
}
}
/**
* constructor
*/
public function __construct($query, $moduleName)
{
$this->mAction = $query->getModuleName();
$this->mUser = User::newFromSession();
$this->mBrowser = $this->getUniqueBrowserId();
$this->mIndexTagName = 'item';
parent::__construct($query, $moduleName, "wk");
}
function efPiggybackRequestContextOverrideUser(&$user, $request)
{
if (PBLoginForm::isPiggyback()) {
$user = User::newFromSession($request);
return false;
}
return true;
}
function login($template)
{
global $wgOut;
// Is there a user logged in already?
$wgUser = User::newFromSession();
if ($wgUser && $wgUser->isLoggedin()) {
return false;
}
// Quick hack to get round the fact that '+' often gets decoded to ' '
$ssotoken = str_replace(' ', '+', $_COOKIE[$this->mOpenssoCookieName]);
// Is there an SSO token?
if (empty($ssotoken)) {
// Redirect to OpenSSO login page then return here
$wgOut->redirect($this->mOpenssoLoginUrl . '?goto=' . urlencode($this->fullUrl()));
return false;
}
// Is the token valid?
switch ($this->isTokenValid($ssotoken)) {
case 0:
// Session expired
$wgOut->redirect($this->mOpenssoLoginUrl . '?goto=' . urlencode($this->fullUrl()));
return false;
case -1:
// Error validating token
$wgOut->showErrorPage('error', 'listusers-noresult');
return true;
}
// OK - if we get here then we have a valid session cookie
$name = $this->getMediaWikiName($ssotoken);
if (empty($name)) {
$wgOut->showErrorPage('error', 'listusers-noresult');
return true;
}
// Locate the user in MediaWiki
$wgUser = User::newFromName($name);
if (!$wgUser || !$wgUser->isLoggedin()) {
$wgOut->showErrorPage('error', 'listusers-noresult');
return true;
}
// Force reload of page
$wgUser->invalidateCache();
$wgUser->setCookies();
// Redirect to wherever the user clicked from
$action = $template->data['action'];
$wgOut->redirect($this->getReturnToUrl($action));
return false;
}
function recent_images($rsargs)
{
global $wgUploadPath, $wgDBprefix;
$u = User::newFromSession();
$dbw =& wfGetDB(DB_MASTER);
$res = $dbw->query('select img_name from ' . $wgDBprefix . 'image where img_user='******';');
$return_text = '';
$return_empty = true;
for ($i = 0; $i < $res->numRows(); $i++) {
$ret = $res->fetchRow();
$return_text = $return_text . '<tr><td><img src="' . $wgUploadPath . '/' . $ret['img_name'] . '" height="100px" width="100px" onclick="n=document.getElementById(\'image_name\'); n.value=\'' . $ret['img_name'] . '\';" /></td></tr><tr><td>' . $ret['img_name'] . '</td></tr>';
$return_empty = false;
}
if ($return_empty) {
return '<tr><td colspan="2"><strong>' . wfMsgWikiHtml('no_recent_images') . '</strong>' . ($u->isLoggedIn() ? '' : wfMsgWikiHtml('try_login')) . '</td></tr>';
} else {
return $return_text;
}
}
function GodAuth_hook()
{
global $wgUser;
global $wgRequest;
$title = $wgRequest->getVal('title');
if ($title == Title::makeName(NS_SPECIAL, 'Userlogout') || $title == Title::makeName(NS_SPECIAL, 'Userlogin')) {
return;
}
$user = User::newFromSession();
if (!$user->isAnon()) {
return;
// User is already logged in and not anonymous.
}
if (!isset($wgCommandLineMode) && !isset($_COOKIE[session_name()])) {
wfSetupSession();
}
#
# Create a new MediaWiki account if needed
#
$_user = GodAuth_getUser();
$id = User::idFromName($_user);
if (is_null($id)) {
$u = User::newFromName($_user);
$user->setName($_user);
$user->setRealName('');
$user->setEmail(GodAuth_getEmail());
$user->mEmailAuthenticated = wfTimestampNow();
$user->setToken();
$user->saveSettings();
$user->addToDatabase();
} else {
$user->mId = $id;
$user->loadFromId();
}
$wgUser = $user;
$wgUser->setCookies();
return;
}
function _newObject()
{
global $wgCommandLineMode;
if ($wgCommandLineMode) {
$user = new User();
} else {
$user = User::newFromSession();
}
return $user;
}
/**
* Logs in the user by their Facebook ID. If the Facebook user doesn't have
* an account on the wiki, then they are presented with a form prompting
* them to choose a wiki username.
*/
protected function login($fb_id)
{
global $wgUser;
// Check to see if the Connected user exists in the database
if ($fb_id) {
$user = FBConnectDB::getUser($fb_id);
}
if (isset($user) && $user instanceof User) {
$fbUser = new FBConnectUser($user);
// Update user from facebook (see class FBConnectUser)
$fbUser->updateFromFacebook();
// Setup the session
global $wgSessionStarted;
if (!$wgSessionStarted) {
wfSetupSession();
}
$user->setCookies();
$wgUser = $user;
// Similar to what's done in LoginForm::authenticateUserData().
// Load $wgUser now. This is necessary because loading $wgUser (say by calling
// getName()) calls the UserLoadFromSession hook, which potentially
// creates the user in the local database.
$sessionUser = User::newFromSession();
$sessionUser->load();
$this->sendPage('displaySuccessLogin');
} else {
if ($fb_id) {
$this->sendPage('chooseNameForm');
} else {
// TODO: send an error message saying only Connected users can log in
// or ask them to Connect.
$this->sendError('fbconnect-cancel', 'fbconnect-canceltext');
}
}
}
/**
* Get the User object
*
* @return User
*/
public function getUser()
{
if ($this->user === null) {
$this->user = User::newFromSession($this->getRequest());
}
return $this->user;
}
/**
* Execute the requested Api actions.
* @todo: Write some unit tests for API results
*/
public function execute()
{
// Logged-in users' parser options depend on preferences
$this->getMain()->setCacheMode('anon-public-user-private');
// Enough '*' keys in JSON!!!
$isXml = $this->getMain()->isInternalMode() || $this->getMain()->getPrinter()->getFormat() == 'XML';
$textElement = $isXml ? '*' : 'text';
$params = $this->extractRequestParams();
$prop = array_flip($params['prop']);
$sectionProp = array_flip($params['sectionprop']);
$this->variant = $params['variant'];
$this->followRedirects = $params['redirect'] == 'yes';
$this->noHeadings = $params['noheadings'];
$this->noTransform = $params['notransform'];
$onlyRequestedSections = $params['onlyrequestedsections'];
$this->offset = $params['offset'];
$this->maxlen = $params['maxlen'];
if ($this->offset === 0 && $this->maxlen === 0) {
$this->offset = -1;
// Disable text splitting
} elseif ($this->maxlen === 0) {
$this->maxlen = PHP_INT_MAX;
}
$title = $this->makeTitle($params['page']);
// See whether the actual page (or if enabled, the redirect target) is the main page
$this->mainPage = $this->isMainPage($title);
if ($this->mainPage && $this->noHeadings) {
$this->noHeadings = false;
$this->setWarning("``noheadings'' makes no sense on the main page, ignoring");
}
if (isset($prop['normalizedtitle']) && $title->getPrefixedText() != $params['page']) {
$this->getResult()->addValue(null, $this->getModuleName(), array('normalizedtitle' => $title->getPageLanguage()->convert($title->getPrefixedText())));
}
$data = $this->getData($title, $params['noimages']);
// Bug 73109: #getData will return an empty array if the title redirects to
// a page in a virtual namespace (NS_SPECIAL, NS_MEDIA), so make sure that
// the requested data exists too.
if (isset($prop['lastmodified']) && isset($data['lastmodified'])) {
$this->getResult()->addValue(null, $this->getModuleName(), array('lastmodified' => $data['lastmodified']));
}
if (isset($prop['lastmodifiedby']) && isset($data['lastmodifiedby'])) {
$this->getResult()->addValue(null, $this->getModuleName(), array('lastmodifiedby' => $data['lastmodifiedby']));
}
if (isset($prop['revision']) && isset($data['revision'])) {
$this->getResult()->addValue(null, $this->getModuleName(), array('revision' => $data['revision']));
}
if (isset($prop['id']) && isset($data['id'])) {
$this->getResult()->addValue(null, $this->getModuleName(), array('id' => $data['id']));
}
if (isset($prop['languagecount']) && isset($data['languagecount'])) {
$this->getResult()->addValue(null, $this->getModuleName(), array('languagecount' => $data['languagecount']));
}
if (isset($prop['hasvariants']) && isset($data['hasvariants'])) {
$this->getResult()->addValue(null, $this->getModuleName(), array('hasvariants' => $data['hasvariants']));
}
if (isset($prop['displaytitle']) && isset($data['displaytitle'])) {
$this->getResult()->addValue(null, $this->getModuleName(), array('displaytitle' => $data['displaytitle']));
}
if (isset($prop['pageprops'])) {
$propNames = $params['pageprops'];
if ($propNames == '*' && isset($data['pageprops'])) {
$pageProps = $data['pageprops'];
} else {
$propNames = explode('|', $propNames);
$pageProps = array_intersect_key($data['pageprops'], array_flip($propNames));
}
$this->getResult()->addValue(null, $this->getModuleName(), array('pageprops' => $pageProps));
}
if (isset($prop['description']) && isset($data['pageprops']['wikibase_item'])) {
$desc = ExtMobileFrontend::getWikibaseDescription($data['pageprops']['wikibase_item']);
if ($desc) {
$this->getResult()->addValue(null, $this->getModuleName(), array('description' => $desc));
}
}
if ($this->usePageImages) {
$this->addPageImage($data, $params, $prop);
}
$result = array();
$missingSections = array();
if ($this->mainPage) {
if ($onlyRequestedSections) {
$requestedSections = self::parseSections($params['sections'], $data, $missingSections);
} else {
$requestedSections = array(0);
}
$this->getResult()->addValue(null, $this->getModuleName(), array('mainpage' => ''));
} elseif (isset($params['sections'])) {
$requestedSections = self::parseSections($params['sections'], $data, $missingSections);
} else {
$requestedSections = array();
}
if (isset($data['sections'])) {
if (isset($prop['sections'])) {
$sectionCount = count($data['sections']);
for ($i = 0; $i <= $sectionCount; $i++) {
if (!isset($requestedSections[$i]) && $onlyRequestedSections) {
continue;
}
$section = array();
if ($i > 0) {
$section = array_intersect_key($data['sections'][$i - 1], $sectionProp);
}
$section['id'] = $i;
if (isset($prop['text']) && isset($requestedSections[$i]) && isset($data['text'][$i])) {
$section[$textElement] = $this->stringSplitter($this->prepareSection($data['text'][$i]));
unset($requestedSections[$i]);
}
if (isset($data['refsections'][$i])) {
$section['references'] = '';
}
$result[] = $section;
}
$missingSections = array_keys($requestedSections);
} else {
foreach (array_keys($requestedSections) as $index) {
$section = array('id' => $index);
if (isset($data['text'][$index])) {
$section[$textElement] = $this->stringSplitter($this->prepareSection($data['text'][$index]));
} else {
$missingSections[] = $index;
}
$result[] = $section;
}
}
$this->getResult()->setIndexedTagName($result, 'section');
$this->getResult()->addValue(null, $this->getModuleName(), array('sections' => $result));
}
if (isset($prop['protection'])) {
$this->addProtection($title);
}
if (isset($prop['editable'])) {
$user = $this->getUser();
if ($user->isAnon()) {
// HACK: Anons receive cached information, so don't check blocked status for them
// to avoid them receiving false positives. Currently there is no way to check
// all permissions except blocked status from the Title class.
$req = new FauxRequest();
$req->setIP('127.0.0.1');
$user = User::newFromSession($req);
}
$editable = $title->quickUserCan('edit', $user);
if ($isXml) {
$editable = intval($editable);
}
$this->getResult()->addValue(null, $this->getModuleName(), array('editable' => $editable));
}
// https://bugzilla.wikimedia.org/show_bug.cgi?id=51586
// Inform ppl if the page is infested with LiquidThreads but that's the
// only thing we support about it.
if (class_exists('LqtDispatch') && LqtDispatch::isLqtPage($title)) {
$this->getResult()->addValue(null, $this->getModuleName(), array('liquidthreads' => ''));
}
if (count($missingSections) && isset($prop['text'])) {
$this->setWarning('Section(s) ' . implode(', ', $missingSections) . ' not found');
}
if ($this->maxlen < 0) {
// There is more data available
$this->getResult()->addValue(null, $this->getModuleName(), array('continue-offset' => $params['offset'] + $params['maxlen']));
}
}
function _newObject()
{
global $wgCommandLineMode;
if ($wgCommandLineMode) {
$user = new User();
} else {
$user = User::newFromSession();
wfRunHooks('AutoAuthenticate', array(&$user));
}
return $user;
}
/**
* @dataProvider setExtendedLoginCookieDataProvider
* @covers User::getRequest
* @covers User::setCookie
* @backupGlobals enabled
*/
public function testSetExtendedLoginCookie($extendedLoginCookieExpiration, $cookieExpiration, $expectedExpiry)
{
$this->setMwGlobals(array('wgExtendedLoginCookieExpiration' => $extendedLoginCookieExpiration, 'wgCookieExpiration' => $cookieExpiration));
$response = $this->getMock('WebResponse');
$setcookieSpy = $this->any();
$response->expects($setcookieSpy)->method('setcookie');
$request = new MockWebRequest($response);
$user = new UserProxy(User::newFromSession($request));
$user->setExtendedLoginCookie('name', 'value', true);
$setcookieInvocations = $setcookieSpy->getInvocations();
$setcookieInvocation = end($setcookieInvocations);
$actualExpiry = $setcookieInvocation->parameters[2];
// TODO: ± 300 seconds compensates for
// slow-running tests. However, the dependency on the time
// function should be removed. This requires some way
// to mock/isolate User->setExtendedLoginCookie's call to time()
$this->assertEquals($expectedExpiry, $actualExpiry, '', 300);
}
/**
* Get the User object
*
* @return User
*/
public function getUser()
{
// Wikia change - begin - @author: Michał Roszka
global $wgEnableHeliosExt;
if ($this->user === null && $wgEnableHeliosExt) {
$this->user = \Wikia\Helios\User::newFromToken($this->getRequest());
}
// Wikia change - end
// Wikia change - begin - @author: wladek
global $wgUserForceAnon;
if ($this->user === null && $wgUserForceAnon) {
$this->user = new User();
}
if ($this->user === null) {
// Wikia change - end
$this->user = User::newFromSession($this->getRequest());
}
// Replace the user object according to the context, e.g. Piggyback.
wfRunHooks('RequestContextOverrideUser', [&$this->user, $this->getRequest()]);
return $this->user;
}
if (!defined('MW_NO_SESSION') && !$wgCommandLineMode) {
if ($wgRequest->checkSessionCookie() || isset($_COOKIE[$wgCookiePrefix . 'Token'])) {
wfIncrStats('request_with_session');
wfSetupSession();
$wgSessionStarted = true;
} else {
wfIncrStats('request_without_session');
$wgSessionStarted = false;
}
}
wfProfileOut($fname . '-SetupSession');
wfProfileIn($fname . '-globals');
$wgContLang = new StubContLang();
// Now that variant lists may be available...
$wgRequest->interpolateTitle();
$wgUser = $wgCommandLineMode ? new User() : User::newFromSession();
$wgLang = new StubUserLang();
$wgOut = new StubObject('wgOut', 'OutputPage');
$wgParser = new StubObject('wgParser', $wgParserConf['class'], array($wgParserConf));
$wgMessageCache = new StubObject('wgMessageCache', 'MessageCache', array($messageMemc, $wgUseDatabaseMessages, $wgMsgCacheExpiry));
wfProfileOut($fname . '-globals');
wfProfileIn($fname . '-User');
# Skin setup functions
# Entries can be added to this variable during the inclusion
# of the extension file. Skins can then perform any necessary initialisation.
#
foreach ($wgSkinExtensionFunctions as $func) {
call_user_func($func);
}
if (!is_object($wgAuth)) {
$wgAuth = new StubObject('wgAuth', 'AuthPlugin');
/**
* This hook is registered by the Auth_remoteuser constructor. It will be
* called on every page load. It serves the function of automatically logging
* in the user. The Auth_remoteuser class is an AuthPlugin and handles the
* actual authentication, user creation, etc.
*
* Details:
* 1. Check to see if the user has a session and is not anonymous. If this is
* true, check whether REMOTE_USER matches the session user. If so, we can
* just return; otherwise we must logout the session user and login as the
* REMOTE_USER.
* 2. If the user doesn't have a session, we create a login form with our own
* fake request and ask the form to authenticate the user. If the user does
* not exist authenticateUserData will attempt to create one. The login form
* uses our Auth_remoteuser class as an AuthPlugin.
*
* Note: If cookies are disabled, an infinite loop /might/ occur?
*/
function Auth_remote_user_hook()
{
global $wgUser, $wgRequest, $wgAuthRemoteuserDomain, $wgAuth;
// For a few special pages, don't do anything.
$title = $wgRequest->getVal('title');
if ($title == Title::makeName(NS_SPECIAL, 'UserLogout') || $title == Title::makeName(NS_SPECIAL, 'UserLogin')) {
return;
}
// Process the username if required
if (!isset($_SERVER['REMOTE_USER'])) {
return;
}
if (isset($wgAuthRemoteuserDomain) && strlen($wgAuthRemoteuserDomain)) {
$username = str_replace("{$wgAuthRemoteuserDomain}\\", "", $_SERVER['REMOTE_USER']);
$username = str_replace("@{$wgAuthRemoteuserDomain}", "", $username);
} else {
$username = $_SERVER['REMOTE_USER'];
}
// Check for valid session
$user = User::newFromSession();
if (!$user->isAnon()) {
if ($user->getName() == $wgAuth->getCanonicalName($username)) {
return;
// Correct user is already logged in.
} else {
$user->doLogout();
// Logout mismatched user.
}
}
// Copied from includes/SpecialUserlogin.php
if (!isset($wgCommandLineMode) && !isset($_COOKIE[session_name()])) {
wfSetupSession();
}
// If the login form returns NEED_TOKEN try once more with the right token
$trycount = 0;
$token = '';
$errormessage = '';
do {
$tryagain = false;
// Submit a fake login form to authenticate the user.
$params = new FauxRequest(array('wpName' => $username, 'wpPassword' => '', 'wpDomain' => '', 'wpLoginToken' => $token, 'wpRemember' => ''));
// Authenticate user data will automatically create new users.
$loginForm = new LoginForm($params);
$result = $loginForm->authenticateUserData();
switch ($result) {
case LoginForm::SUCCESS:
$wgUser->setOption('rememberpassword', 1);
$wgUser->setCookies();
break;
case LoginForm::NEED_TOKEN:
$token = $loginForm->getLoginToken();
$tryagain = $trycount == 0;
break;
case LoginForm::WRONG_TOKEN:
$errormessage = 'WrongToken';
break;
case LoginForm::NO_NAME:
$errormessage = 'NoName';
break;
case LoginForm::ILLEGAL:
$errormessage = 'Illegal';
break;
case LoginForm::WRONG_PLUGIN_PASS:
$errormessage = 'WrongPluginPass';
break;
case LoginForm::NOT_EXISTS:
$errormessage = 'NotExists';
break;
case LoginForm::WRONG_PASS:
$errormessage = 'WrongPass';
break;
case LoginForm::EMPTY_PASS:
$errormessage = 'EmptyPass';
break;
default:
$errormessage = 'Unknown';
break;
}
if ($result != LoginForm::SUCCESS && $result != LoginForm::NEED_TOKEN) {
error_log('Unexpected REMOTE_USER authentication failure. Login Error was:' . $errormessage);
}
$trycount++;
} while ($tryagain);
return;
}
/**
* Logs in the user by their Facebook ID.
*/
function login()
{
global $wgUser;
$this->updateFromFacebook();
// Setup the session
global $wgSessionStarted;
if (!$wgSessionStarted) {
wfSetupSession();
}
// Only log the user in if they aren't already logged in
if ($this->user->getId() && $this->user->getId() != $wgUser->getId()) {
// TODO: calling setCookies() and load() might hit the database twice
// Log the user in and store the new user as the global user object
$this->user->setCookies();
$wgUser = $this->user;
// Similar to what's done in LoginForm::authenticateUserData().
// Load $wgUser now. This is necessary because loading $wgUser (say
// by calling getName()) calls the UserLoadFromSession hook, which
// potentially creates the user in the local database.
$sessionUser = User::newFromSession();
$sessionUser->load();
// Provide user interface in correct language immediately on this first page load
global $wgLang;
$wgLang = Language::factory($wgUser->getOption('language'));
}
}
/**
* Tries to log in a user from an already existing session
*
* @param User &$user
* Reference to the global user object. This is passed on from the invoking hook function.
* @return boolean
* Success status
*/
function loginFromSession(&$user)
{
wfDebugLog('MultiAuthPlugin', __METHOD__ . ': ' . "Trying to log in a user from session.");
// try to load a new user from a saved session cookie
$user = User::newFromSession();
$user->load();
// check if the user could be logged in from a saved session
if ($user->isLoggedIn()) {
wfDebugLog('MultiAuthPlugin', __METHOD__ . ': ' . "Logged in user '{$user->getName()}' from session.");
return true;
} else {
wfDebugLog('MultiAuthPlugin', __METHOD__ . ': ' . "No session found.");
return false;
}
}
function userData($user)
{
echo json_encode(array('id' => $user->getId(), 'name' => $user->getName()));
}
/* User logging in with POST? */
if (isset($_POST["user"]) && isset($_POST["password"])) {
$user = User::newFromName($_POST["user"]);
if ($user && $user->checkPassword($_POST["password"]) && $user->getId() !== 0) {
/* login ok */
//$_SESSION["wsUserID"] = $user->getId();
//$_SESSION["wsUserName"] = $user->getName();
$user->setCookies();
userData($user);
} else {
/* login failed */
echo json_encode("fail");
}
/* User logging in with session? */
} else {
$user = User::newFromSession();
if ($user->getId() !== 0) {
if (isset($_POST["logout"])) {
$user->logout();
echo json_encode("logout");
} else {
userData($user);
}
} else {
echo json_encode("no");
}
}
