public function __construct(Block $block)
{
global $wgLang, $wgRequest;
$blocker = $block->getBlocker();
if ($blocker instanceof User) {
// local user
$blockerUserpage = $block->getBlocker()->getUserPage();
$link = "[[{$blockerUserpage->getPrefixedText()}|{$blockerUserpage->getText()}]]";
} else {
// foreign user
$link = $blocker;
}
$reason = $block->mReason;
if ($reason == '') {
$reason = wfMsg('blockednoreason');
}
/* $ip returns who *is* being blocked, $intended contains who was meant to be blocked.
* This could be a username, an IP range, or a single IP. */
$intended = $block->getTarget();
parent::__construct('blockedtitle', $block->mAuto ? 'autoblockedtext' : 'blockedtext', array($link, $reason, $wgRequest->getIP(), $block->getByName(), $block->getId(), $wgLang->formatExpiry($block->mExpiry), $intended, $wgLang->timeanddate(wfTimestamp(TS_MW, $block->mTimestamp), true)));
}
/**
* Retroactively autoblocks the last IP used by the user (if it is a user)
* blocked by this Block.
*
* @param Block $block
* @param Array &$blockIds
*/
public static function doRetroactiveAutoblock(Block $block, array &$blockIds)
{
$dbr = wfGetDB(DB_SLAVE);
$user = User::newFromName((string) $block->getTarget(), false);
if (!$user->getId()) {
return array();
// user in an IP?
}
$options = array('ORDER BY' => 'cuc_timestamp DESC');
$options['LIMIT'] = 1;
// just the last IP used
$res = $dbr->select('cu_changes', array('cuc_ip'), array('cuc_user' => $user->getId()), __METHOD__, $options);
# Iterate through IPs used (this is just one or zero for now)
foreach ($res as $row) {
if ($row->cuc_ip) {
$id = $block->doAutoblock($row->cuc_ip);
if ($id) {
$blockIds[] = $id;
}
}
}
return false;
// autoblock handled
}
/**
* Retroactively autoblocks the last IP used by the user (if it is a user)
* blocked by this Block. This will use the recentchanges table.
*
* @param Block $block
* @param array &$blockIds
*/
protected static function defaultRetroactiveAutoblock(Block $block, array &$blockIds)
{
global $wgPutIPinRC;
// No IPs are in recentchanges table, so nothing to select
if (!$wgPutIPinRC) {
return;
}
$dbr = wfGetDB(DB_SLAVE);
$options = array('ORDER BY' => 'rc_timestamp DESC');
$conds = array('rc_user_text' => (string) $block->getTarget());
// Just the last IP used.
$options['LIMIT'] = 1;
$res = $dbr->select('recentchanges', array('rc_ip'), $conds, __METHOD__, $options);
if (!$res->numRows()) {
# No results, don't autoblock anything
wfDebug("No IP found to retroactively autoblock\n");
} else {
foreach ($res as $row) {
if ($row->rc_ip) {
$id = $block->doAutoblock($row->rc_ip);
if ($id) {
$blockIds[] = $id;
}
}
}
}
}
/**
* Given the form data, actually implement a block
* @param $data Array
* @param $context IContextSource
* @return Bool|String
*/
public static function processForm(array $data, IContextSource $context)
{
global $wgBlockAllowsUTEdit;
$performer = $context->getUser();
// Handled by field validator callback
// self::validateTargetField( $data['Target'] );
# This might have been a hidden field or a checkbox, so interesting data
# can come from it
$data['Confirm'] = !in_array($data['Confirm'], array('', '0', null, false), true);
list($target, $type) = self::getTargetAndType($data['Target']);
if ($type == Block::TYPE_USER) {
$user = $target;
$target = $user->getName();
$userId = $user->getId();
# Give admins a heads-up before they go and block themselves. Much messier
# to do this for IPs, but it's pretty unlikely they'd ever get the 'block'
# permission anyway, although the code does allow for it.
# Note: Important to use $target instead of $data['Target']
# since both $data['PreviousTarget'] and $target are normalized
# but $data['target'] gets overriden by (non-normalized) request variable
# from previous request.
if ($target === $performer->getName() && ($data['PreviousTarget'] !== $target || !$data['Confirm'])) {
return array('ipb-blockingself');
}
} elseif ($type == Block::TYPE_RANGE) {
$userId = 0;
} elseif ($type == Block::TYPE_IP) {
$target = $target->getName();
$userId = 0;
} else {
# This should have been caught in the form field validation
return array('badipaddress');
}
if (strlen($data['Expiry']) == 0 || strlen($data['Expiry']) > 50 || !self::parseExpiryInput($data['Expiry'])) {
return array('ipb_expiry_invalid');
}
if (!isset($data['DisableEmail'])) {
$data['DisableEmail'] = false;
}
# If the user has done the form 'properly', they won't even have been given the
# option to suppress-block unless they have the 'hideuser' permission
if (!isset($data['HideUser'])) {
$data['HideUser'] = false;
}
if ($data['HideUser']) {
if (!$performer->isAllowed('hideuser')) {
# this codepath is unreachable except by a malicious user spoofing forms,
# or by race conditions (user has oversight and sysop, loads block form,
# and is de-oversighted before submission); so need to fail completely
# rather than just silently disable hiding
return array('badaccess-group0');
}
# Recheck params here...
if ($type != Block::TYPE_USER) {
$data['HideUser'] = false;
# IP users should not be hidden
} elseif (!in_array($data['Expiry'], array('infinite', 'infinity', 'indefinite'))) {
# Bad expiry.
return array('ipb_expiry_temp');
} elseif ($user->getEditCount() > self::HIDEUSER_CONTRIBLIMIT) {
# Typically, the user should have a handful of edits.
# Disallow hiding users with many edits for performance.
return array('ipb_hide_invalid');
} elseif (!$data['Confirm']) {
return array('ipb-confirmhideuser');
}
}
# Create block object.
$block = new Block();
$block->setTarget($target);
$block->setBlocker($performer);
$block->mReason = $data['Reason'][0];
$block->mExpiry = self::parseExpiryInput($data['Expiry']);
$block->prevents('createaccount', $data['CreateAccount']);
$block->prevents('editownusertalk', !$wgBlockAllowsUTEdit || $data['DisableUTEdit']);
$block->prevents('sendemail', $data['DisableEmail']);
$block->isHardblock($data['HardBlock']);
$block->isAutoblocking($data['AutoBlock']);
$block->mHideName = $data['HideUser'];
if (!wfRunHooks('BlockIp', array(&$block, &$performer))) {
return array('hookaborted');
}
# Try to insert block. Is there a conflicting block?
$status = $block->insert();
if (!$status) {
# Show form unless the user is already aware of this...
if (!$data['Confirm'] || array_key_exists('PreviousTarget', $data) && $data['PreviousTarget'] !== $target) {
return array(array('ipb_already_blocked', $block->getTarget()));
# Otherwise, try to update the block...
} else {
# This returns direct blocks before autoblocks/rangeblocks, since we should
# be sure the user is blocked by now it should work for our purposes
$currentBlock = Block::newFromTarget($target);
if ($block->equals($currentBlock)) {
return array(array('ipb_already_blocked', $block->getTarget()));
}
# If the name was hidden and the blocking user cannot hide
# names, then don't allow any block changes...
if ($currentBlock->mHideName && !$performer->isAllowed('hideuser')) {
return array('cant-see-hidden-user');
}
$currentBlock->delete();
$status = $block->insert();
$logaction = 'reblock';
# Unset _deleted fields if requested
if ($currentBlock->mHideName && !$data['HideUser']) {
RevisionDeleteUser::unsuppressUserName($target, $userId);
}
# If hiding/unhiding a name, this should go in the private logs
if ((bool) $currentBlock->mHideName) {
$data['HideUser'] = true;
}
}
} else {
$logaction = 'block';
}
wfRunHooks('BlockIpComplete', array($block, $performer));
# Set *_deleted fields if requested
if ($data['HideUser']) {
RevisionDeleteUser::suppressUserName($target, $userId);
}
# Can't watch a rangeblock
if ($type != Block::TYPE_RANGE && $data['Watch']) {
$performer->addWatch(Title::makeTitle(NS_USER, $target));
}
# Block constructor sanitizes certain block options on insert
$data['BlockEmail'] = $block->prevents('sendemail');
$data['AutoBlock'] = $block->isAutoblocking();
# Prepare log parameters
$logParams = array();
$logParams[] = $data['Expiry'];
$logParams[] = self::blockLogFlags($data, $type);
# Make log entry, if the name is hidden, put it in the oversight log
$log_type = $data['HideUser'] ? 'suppress' : 'block';
$log = new LogPage($log_type);
$log_id = $log->addEntry($logaction, Title::makeTitle(NS_USER, $target), $data['Reason'][0], $logParams);
# Relate log ID to block IDs (bug 25763)
$blockIds = array_merge(array($status['id']), $status['autoIds']);
$log->addRelations('ipb_id', $blockIds, $log_id);
# Report to the user
return true;
}
/**
* Output a message that informs the user that they cannot create an account because
* there is a block on them or their IP which prevents account creation. Note that
* User::isBlockedFromCreateAccount(), which gets this block, ignores the 'hardblock'
* setting on blocks (bug 13611).
* @param $block Block the block causing this error
*/
function userBlockedMessage( Block $block ) {
global $wgOut;
# Let's be nice about this, it's likely that this feature will be used
# for blocking large numbers of innocent people, e.g. range blocks on
# schools. Don't blame it on the user. There's a small chance that it
# really is the user's fault, i.e. the username is blocked and they
# haven't bothered to log out before trying to create an account to
# evade it, but we'll leave that to their guilty conscience to figure
# out.
$wgOut->setPageTitle( wfMsg( 'cantcreateaccounttitle' ) );
$block_reason = $block->mReason;
if ( strval( $block_reason ) === '' ) {
$block_reason = wfMsg( 'blockednoreason' );
}
$wgOut->addWikiMsg(
'cantcreateaccount-text',
$block->getTarget(),
$block_reason,
$block->getByName()
);
$wgOut->returnToMain( false );
}
/**
* Output a message that informs the user that they cannot create an account because
* there is a block on them or their IP which prevents account creation. Note that
* User::isBlockedFromCreateAccount(), which gets this block, ignores the 'hardblock'
* setting on blocks (bug 13611).
* @param Block $block The block causing this error
* @throws ErrorPageError
*/
function userBlockedMessage(Block $block)
{
# Let's be nice about this, it's likely that this feature will be used
# for blocking large numbers of innocent people, e.g. range blocks on
# schools. Don't blame it on the user. There's a small chance that it
# really is the user's fault, i.e. the username is blocked and they
# haven't bothered to log out before trying to create an account to
# evade it, but we'll leave that to their guilty conscience to figure
# out.
$errorParams = array($block->getTarget(), $block->mReason ? $block->mReason : $this->msg('blockednoreason')->text(), $block->getByName());
if ($block->getType() === Block::TYPE_RANGE) {
$errorMessage = 'cantcreateaccount-range-text';
$errorParams[] = $this->getRequest()->getIP();
} else {
$errorMessage = 'cantcreateaccount-text';
}
throw new ErrorPageError('cantcreateaccounttitle', $errorMessage, $errorParams);
}
/**
* @static
* @param Block $block
* @param $user
* @return bool
*/
public static function onBlockIpComplete($block, $user)
{
$blockTarget = $block->getTarget();
if ($blockTarget instanceof User && $blockTarget->isLoggedIn()) {
$vote = new VoteHelper($block->getTarget(), null);
$vote->invalidateUser();
}
return true;
}
/**
* Given the form data, actually implement a block. This is also called from ApiBlock.
*
* @param array $data
* @param IContextSource $context
* @return bool|string
*/
public static function processForm(array $data, IContextSource $context)
{
global $wgBlockAllowsUTEdit, $wgHideUserContribLimit, $wgContLang;
$performer = $context->getUser();
// Handled by field validator callback
// self::validateTargetField( $data['Target'] );
# This might have been a hidden field or a checkbox, so interesting data
# can come from it
$data['Confirm'] = !in_array($data['Confirm'], ['', '0', null, false], true);
/** @var User $target */
list($target, $type) = self::getTargetAndType($data['Target']);
if ($type == Block::TYPE_USER) {
$user = $target;
$target = $user->getName();
$userId = $user->getId();
# Give admins a heads-up before they go and block themselves. Much messier
# to do this for IPs, but it's pretty unlikely they'd ever get the 'block'
# permission anyway, although the code does allow for it.
# Note: Important to use $target instead of $data['Target']
# since both $data['PreviousTarget'] and $target are normalized
# but $data['target'] gets overridden by (non-normalized) request variable
# from previous request.
if ($target === $performer->getName() && ($data['PreviousTarget'] !== $target || !$data['Confirm'])) {
return ['ipb-blockingself', 'ipb-confirmaction'];
}
} elseif ($type == Block::TYPE_RANGE) {
$userId = 0;
} elseif ($type == Block::TYPE_IP) {
$target = $target->getName();
$userId = 0;
} else {
# This should have been caught in the form field validation
return ['badipaddress'];
}
$expiryTime = self::parseExpiryInput($data['Expiry']);
if (strlen($data['Expiry']) == 0 || strlen($data['Expiry']) > 50 || !$expiryTime) {
return ['ipb_expiry_invalid'];
}
// an expiry time should be in the future, not in the
// past (wouldn't make any sense) - bug T123069
if ($expiryTime < wfTimestampNow()) {
return ['ipb_expiry_old'];
}
if (!isset($data['DisableEmail'])) {
$data['DisableEmail'] = false;
}
# If the user has done the form 'properly', they won't even have been given the
# option to suppress-block unless they have the 'hideuser' permission
if (!isset($data['HideUser'])) {
$data['HideUser'] = false;
}
if ($data['HideUser']) {
if (!$performer->isAllowed('hideuser')) {
# this codepath is unreachable except by a malicious user spoofing forms,
# or by race conditions (user has hideuser and block rights, loads block form,
# and loses hideuser rights before submission); so need to fail completely
# rather than just silently disable hiding
return ['badaccess-group0'];
}
# Recheck params here...
if ($type != Block::TYPE_USER) {
$data['HideUser'] = false;
# IP users should not be hidden
} elseif (!wfIsInfinity($data['Expiry'])) {
# Bad expiry.
return ['ipb_expiry_temp'];
} elseif ($wgHideUserContribLimit !== false && $user->getEditCount() > $wgHideUserContribLimit) {
# Typically, the user should have a handful of edits.
# Disallow hiding users with many edits for performance.
return [['ipb_hide_invalid', Message::numParam($wgHideUserContribLimit)]];
} elseif (!$data['Confirm']) {
return ['ipb-confirmhideuser', 'ipb-confirmaction'];
}
}
# Create block object.
$block = new Block();
$block->setTarget($target);
$block->setBlocker($performer);
# Truncate reason for whole multibyte characters
$block->mReason = $wgContLang->truncate($data['Reason'][0], 255);
$block->mExpiry = $expiryTime;
$block->prevents('createaccount', $data['CreateAccount']);
$block->prevents('editownusertalk', !$wgBlockAllowsUTEdit || $data['DisableUTEdit']);
$block->prevents('sendemail', $data['DisableEmail']);
$block->isHardblock($data['HardBlock']);
$block->isAutoblocking($data['AutoBlock']);
$block->mHideName = $data['HideUser'];
$reason = ['hookaborted'];
if (!Hooks::run('BlockIp', [&$block, &$performer, &$reason])) {
return $reason;
}
# Try to insert block. Is there a conflicting block?
$status = $block->insert();
if (!$status) {
# Indicates whether the user is confirming the block and is aware of
# the conflict (did not change the block target in the meantime)
$blockNotConfirmed = !$data['Confirm'] || array_key_exists('PreviousTarget', $data) && $data['PreviousTarget'] !== $target;
# Special case for API - bug 32434
$reblockNotAllowed = array_key_exists('Reblock', $data) && !$data['Reblock'];
# Show form unless the user is already aware of this...
if ($blockNotConfirmed || $reblockNotAllowed) {
return [['ipb_already_blocked', $block->getTarget()]];
# Otherwise, try to update the block...
} else {
# This returns direct blocks before autoblocks/rangeblocks, since we should
# be sure the user is blocked by now it should work for our purposes
$currentBlock = Block::newFromTarget($target);
if ($block->equals($currentBlock)) {
return [['ipb_already_blocked', $block->getTarget()]];
}
# If the name was hidden and the blocking user cannot hide
# names, then don't allow any block changes...
if ($currentBlock->mHideName && !$performer->isAllowed('hideuser')) {
return ['cant-see-hidden-user'];
}
$currentBlock->isHardblock($block->isHardblock());
$currentBlock->prevents('createaccount', $block->prevents('createaccount'));
$currentBlock->mExpiry = $block->mExpiry;
$currentBlock->isAutoblocking($block->isAutoblocking());
$currentBlock->mHideName = $block->mHideName;
$currentBlock->prevents('sendemail', $block->prevents('sendemail'));
$currentBlock->prevents('editownusertalk', $block->prevents('editownusertalk'));
$currentBlock->mReason = $block->mReason;
$status = $currentBlock->update();
$logaction = 'reblock';
# Unset _deleted fields if requested
if ($currentBlock->mHideName && !$data['HideUser']) {
RevisionDeleteUser::unsuppressUserName($target, $userId);
}
# If hiding/unhiding a name, this should go in the private logs
if ((bool) $currentBlock->mHideName) {
$data['HideUser'] = true;
}
}
} else {
$logaction = 'block';
}
Hooks::run('BlockIpComplete', [$block, $performer]);
# Set *_deleted fields if requested
if ($data['HideUser']) {
RevisionDeleteUser::suppressUserName($target, $userId);
}
# Can't watch a rangeblock
if ($type != Block::TYPE_RANGE && $data['Watch']) {
WatchAction::doWatch(Title::makeTitle(NS_USER, $target), $performer, User::IGNORE_USER_RIGHTS);
}
# Block constructor sanitizes certain block options on insert
$data['BlockEmail'] = $block->prevents('sendemail');
$data['AutoBlock'] = $block->isAutoblocking();
# Prepare log parameters
$logParams = [];
$logParams['5::duration'] = $data['Expiry'];
$logParams['6::flags'] = self::blockLogFlags($data, $type);
# Make log entry, if the name is hidden, put it in the suppression log
$log_type = $data['HideUser'] ? 'suppress' : 'block';
$logEntry = new ManualLogEntry($log_type, $logaction);
$logEntry->setTarget(Title::makeTitle(NS_USER, $target));
$logEntry->setComment($data['Reason'][0]);
$logEntry->setPerformer($performer);
$logEntry->setParameters($logParams);
# Relate log ID to block IDs (bug 25763)
$blockIds = array_merge([$status['id']], $status['autoIds']);
$logEntry->setRelations(['ipb_id' => $blockIds]);
$logId = $logEntry->insert();
$logEntry->publish($logId);
# Report to the user
return true;
}
/**
* Occurs after the request to block an IP or user has been processed
* @see http://www.mediawiki.org/wiki/Manual:MediaWiki_hooks/BlockIpComplete
*/
function slack_user_blocked(Block $block, $user)
{
global $wgWikiUrl, $wgWikiUrlEnding, $wgWikiUrlEndingBlockList;
$message = sprintf("%s has blocked %s %s Block expiration: %s. %s", getSlackUserText($user), getSlackUserText($block->getTarget()), $block->mReason == "" ? "" : "with reason '" . $block->mReason . "'.", $block->mExpiry, "<" . $wgWikiUrl . $wgWikiUrlEnding . $wgWikiUrlEndingBlockList . "|List of all blocks>.");
push_slack_notify($message, "red");
return true;
}
public function testDeprecatedConstructor()
{
$this->hideDeprecated('Block::__construct with multiple arguments');
$username = '******';
$reason = 'being irrational';
# Set up the target
$u = User::newFromName($username);
if ($u->getID() == 0) {
$u->addToDatabase();
TestUser::setPasswordForUser($u, 'TotallyObvious');
}
unset($u);
# Make sure the user isn't blocked
$this->assertNull(Block::newFromTarget($username), "{$username} should not be blocked");
# Perform the block
$block = new Block($username, 0, 0, $reason, 0, false, 0);
$block->insert();
# Check target
$this->assertEquals($block->getTarget()->getName(), $username, "Target should be set properly");
# Check supplied parameter
$this->assertEquals($block->mReason, $reason, "Reason should be non-default");
# Check default parameter
$this->assertFalse((bool) $block->prevents('createaccount'), "Account creation should not be blocked by default");
}
/**
* @static
* @param Block $block instance of Block class includes/Block.php
* @param User $user instance of User class includes/User.php
* @return bool true 'cause it's a hook
*/
public static function eventlogBlockIp($block, $user)
{
self::log("block", "block", $user->getID(), $user->getName(), $block->getBlocker(), $block->getTarget(), $block->mReason);
return true;
}
