public function postCreationSetup($params) { global $wgErrorLog, $wgServer, $wgInternalServer, $wgStatsDBEnabled; $wgServer = rtrim($params['url'], '/'); $wgInternalServer = $wgServer; $wgStatsDBEnabled = false; // disable any DW queries/hooks during wiki creation $wgErrorLog = false; if ($params['founderId']) { $this->info('loading founding user', ['founder_id' => $params['founderId']]); $this->founder = \User::newFromId($params['founderId']); $this->founder->load(); } if (!$this->founder || $this->founder->isAnon()) { $this->warning('cannot load founding user', ['founder_id' => $params['founderId']]); if (!empty($params['founderName'])) { $this->founder = \User::newFromName($params['founderName']); $this->founder->load(); } } if (!$this->founder || $this->founder->isAnon()) { global $wgExternalAuthType; if ($wgExternalAuthType) { $extUser = \ExternalUser::newFromName($params['founderName']); if (is_object($extUser)) { $extUser->linkToLocal($extUser->getId()); } } } $this->wikiName = isset($params['sitename']) ? $params['sitename'] : \WikiFactory::getVarValueByName('wgSitename', $params['city_id'], true); $this->wikiLang = isset($params['language']) ? $params['language'] : \WikiFactory::getVarValueByName('wgLanguageCode', $params['city_id']); $this->moveMainPage(); $this->changeStarterContributions($params); $this->setWelcomeTalkPage(); $this->populateCheckUserTables(); $this->protectKeyPages(); $this->sendRevisionToScribe(); $hookParams = ['title' => $params['sitename'], 'url' => $params['url'], 'city_id' => $params['city_id']]; if (empty($params['disableCompleteHook'])) { wfRunHooks('CreateWikiLocalJob-complete', array($hookParams)); } return true; }
/** * Tests whether the name is OK to use as a user name. */ public function userNameOK($name) { global $wgReservedUsernames; $name = trim($name); if (empty($name)) { return false; } $u = User::newFromName($name, 'creatable'); if (!is_object($u)) { return false; } if (!empty($wgReservedUsernames) && in_array($name, $wgReservedUsernames)) { return false; } $mExtUser = ExternalUser::newFromName($name); if (is_object($mExtUser) && 0 != $mExtUser->getId()) { return false; } elseif (0 != $u->idForName(true)) { return false; } return true; }
/** * Internally authenticate the login request. * * This may create a local account as a side effect if the * authentication plugin allows transparent local account * creation. */ public function authenticateUserData() { global $wgUser, $wgAuth; if ($this->mName == '') { return self::NO_NAME; } // We require a login token to prevent login CSRF // Handle part of this before incrementing the throttle so // token-less login attempts don't count towards the throttle // but wrong-token attempts do. // If the user doesn't have a login token yet, set one. if (!self::getLoginToken()) { self::setLoginToken(); return self::NEED_TOKEN; } // If the user didn't pass a login token, tell them we need one if (!$this->mToken) { return self::NEED_TOKEN; } global $wgPasswordAttemptThrottle; $throttleCount = 0; if (is_array($wgPasswordAttemptThrottle)) { $throttleKey = wfMemcKey('password-throttle', wfGetIP(), md5($this->mName)); $count = $wgPasswordAttemptThrottle['count']; $period = $wgPasswordAttemptThrottle['seconds']; global $wgMemc; $throttleCount = $wgMemc->get($throttleKey); if (!$throttleCount) { $wgMemc->add($throttleKey, 1, $period); // start counter } else { if ($throttleCount < $count) { $wgMemc->incr($throttleKey); } else { if ($throttleCount >= $count) { return self::THROTTLED; } } } } // Validate the login token if ($this->mToken !== self::getLoginToken()) { return self::WRONG_TOKEN; } // Load $wgUser now, and check to see if we're logging in as the same // name. This is necessary because loading $wgUser (say by calling // getName()) calls the UserLoadFromSession hook, which potentially // creates the user in the database. Until we load $wgUser, checking // for user existence using User::newFromName($name)->getId() below // will effectively be using stale data. if ($wgUser->getName() === $this->mName) { wfDebug(__METHOD__ . ": already logged in as {$this->mName}\n"); return self::SUCCESS; } $this->mExtUser = ExternalUser::newFromName($this->mName); # TODO: Allow some magic here for invalid external names, e.g., let the # user choose a different wiki name. $u = User::newFromName($this->mName); if (!$u instanceof User || !User::isUsableName($u->getName())) { return self::ILLEGAL; } $isAutoCreated = false; if (0 == $u->getID()) { $status = $this->attemptAutoCreate($u); if ($status !== self::SUCCESS) { return $status; } else { $isAutoCreated = true; } } else { global $wgExternalAuthType, $wgAutocreatePolicy; if ($wgExternalAuthType && $wgAutocreatePolicy != 'never' && is_object($this->mExtUser) && $this->mExtUser->authenticate($this->mPassword)) { # The external user and local user have the same name and # password, so we assume they're the same. $this->mExtUser->linkToLocal($u->getID()); } $u->load(); } // Give general extensions, such as a captcha, a chance to abort logins $abort = self::ABORTED; if (!wfRunHooks('AbortLogin', array($u, $this->mPassword, &$abort))) { return $abort; } global $wgBlockDisablesLogin; if (!$u->checkPassword($this->mPassword)) { if ($u->checkTemporaryPassword($this->mPassword)) { // The e-mailed temporary password should not be used for actu- // al logins; that's a very sloppy habit, and insecure if an // attacker has a few seconds to click "search" on someone's o- // pen mail reader. // // Allow it to be used only to reset the password a single time // to a new value, which won't be in the user's e-mail ar- // chives. // // For backwards compatibility, we'll still recognize it at the // login form to minimize surprises for people who have been // logging in with a temporary password for some time. // // As a side-effect, we can authenticate the user's e-mail ad- // dress if it's not already done, since the temporary password // was sent via e-mail. if (!$u->isEmailConfirmed()) { $u->confirmEmail(); $u->saveSettings(); } // At this point we just return an appropriate code/ indicating // that the UI should show a password reset form; bot inter- // faces etc will probably just fail cleanly here. $retval = self::RESET_PASS; } else { $retval = $this->mPassword == '' ? self::EMPTY_PASS : self::WRONG_PASS; } } elseif ($wgBlockDisablesLogin && $u->isBlocked()) { // If we've enabled it, make it so that a blocked user cannot login $retval = self::USER_BLOCKED; } else { $wgAuth->updateUser($u); $wgUser = $u; // Please reset throttle for successful logins, thanks! if ($throttleCount) { $wgMemc->delete($throttleKey); } if ($isAutoCreated) { // Must be run after $wgUser is set, for correct new user log wfRunHooks('AuthPluginAutoCreate', array($wgUser)); } $retval = self::SUCCESS; } wfRunHooks('LoginAuthenticateAudit', array($u, $this->mPassword, $retval)); return $retval; }
public static function onUserNameLoadFromId($user_name, &$s, $bUserObject = false) { global $wgExternalAuthType; if ($wgExternalAuthType) { $mExtUser = ExternalUser::newFromName($user_name); if (is_object($mExtUser) && 0 != $mExtUser->getId()) { $mExtUser->linkToLocal($mExtUser->getId()); $s = $mExtUser->getLocalUser($bUserObject); } } return true; }
public function initUser($u, $autocreate, $createTempUser = true) { global $wgAuth, $wgExternalAuthType; // for FBconnect we don't want to create temp users if ($createTempUser === false) { return parent::initUser($u, $autocreate); } // add TempUser, update User object, set TempUser session $tempUser = TempUser::createNewFromUser($u, $this->mReturnTo); if ($wgExternalAuthType) { $u = ExternalUser::addUser($u, "", "", ""); if (is_object($u)) { $this->mExtUser = ExternalUser::newFromName($this->mUsername); } } else { $u->addToDatabase(); } $u->setToken(); $wgAuth->initUser($u, $autocreate); if (is_object($this->mExtUser)) { $this->mExtUser->linkToLocal($u->getId()); } $u->setOption('rememberpassword', $this->mRemember ? 1 : 0); $u->setOption('marketingallowed', $this->mMarketingOptIn ? 1 : 0); if ($this->mLanguage) { $u->setOption('language', $this->mLanguage); } $u->setOption('skinoverwrite', 1); $u->setPassword($this->mPassword); $tempUser->setPassword($u->mPassword); $tempUser->setId($u->getId()); $tempUser->addToDatabase(); wfRunHooks('AddNewAccountTempUser', array($u, false)); $tempUser->saveSettingsTempUserToUser($u); $tempUser->setTempUserSession(); return $u; }
/** * Get database id given a user name * @param $name String Username * @return Int|Null The corresponding user's ID, or null if user is nonexistent */ public static function idFromName($name) { $nt = Title::makeTitleSafe(NS_USER, $name); if (is_null($nt)) { # Illegal name return null; } if (isset(self::$idCacheByName[$name])) { return self::$idCacheByName[$name]; } $dbr = wfGetDB(DB_SLAVE); $s = $dbr->selectRow('user', array('user_id'), array('user_name' => $nt->getText()), __METHOD__); if ($s === false) { $user_name = $nt->getText(); wfRunHooks('UserNameLoadFromId', array($user_name, &$s)); } /* wikia change */ if ($s === false) { global $wgExternalAuthType; if ($wgExternalAuthType) { $mExtUser = ExternalUser::newFromName($nt->getText()); if (is_object($mExtUser) && 0 != $mExtUser->getId()) { $mExtUser->linkToLocal($mExtUser->getId()); } } } if ($s === false) { $result = null; } else { $result = $s->user_id; } self::$idCacheByName[$name] = $result; if (count(self::$idCacheByName) > 1000) { self::$idCacheByName = array(); } return $result; }
/** * main entry point * * @access public */ public function run() { global $wgUser, $wgErrorLog, $wgExtensionMessagesFiles, $wgDebugLogFile, $wgServer, $wgInternalServer; wfProfileIn(__METHOD__); /** * overwrite $wgServer. It is sometimes set as localhost which sends broken url * to purgers * * @see SquidUpdate::expand */ $wgServer = rtrim($this->mParams->url, "/"); $wgInternalServer = $wgServer; $wgExtensionMessagesFiles["AutoCreateWiki"] = dirname(__FILE__) . "/AutoCreateWiki.i18n.php"; /** * very verbose */ $debugLogFile = $wgDebugLogFile; $wgDebugLogFile = "php://stdout"; $wgErrorLog = false; /** * setup founder user */ if ($this->mParams->founderId) { Wikia::log(__METHOD__, "user", "Loading user with user_id = {$this->mParams->founderId}"); $this->mFounder = User::newFromId($this->mParams->founderId); $this->mFounder->load(); } else { Wikia::log(__METHOD__, "user", "Founder user_id is unknown {$this->mParams->founderId}"); } # check user name if (!$this->mFounder || $this->mFounder->isAnon()) { Wikia::log(__METHOD__, "user", "Cannot load user with user_id = {$this->mParams->founderId}"); if (!empty($this->mParams->founderName)) { $this->mFounder = User::newFromName($this->mParams->founderName); $this->mFounder->load(); } } # use ExternalUser to check if (!$this->mFounder || $this->mFounder->isAnon()) { global $wgExternalAuthType; if ($wgExternalAuthType) { $oExtUser = ExternalUser::newFromName($this->mParams->founderName); if (is_object($oExtUser)) { $oExtUser->linkToLocal($oExtUser->getId()); } } } $wgUser = User::newFromName("CreateWiki script"); /** * main page should be move in first stage of create wiki, but sometimes * is too early for that. This is fallback function */ $this->wikiaName = isset($this->mParams->sitename) ? $this->mParams->sitename : WikiFactory::getVarValueByName("wgSitename", $this->mParams->city_id, true); $this->wikiaLang = isset($this->mParams->language) ? $this->mParams->language : WikiFactory::getVarValueByName("wgLanguageCode", $this->mParams->city_id); $this->moveMainPage(); $this->changeStarterContributions(); $this->changeImagesTimestamps(); $this->setWelcomeTalkPage(); $this->sendWelcomeMail(); $this->populateCheckUserTables(); $this->protectKeyPages(); $this->queueReminderMail(); $this->sendRevisionToScribe(); $this->addStarterImagesToUploadLog(); /** * different things for different types */ switch ($this->mParams->type) { case "answers": $this->copyDefaultAvatars(); break; } $params = array('title' => $this->mParams->sitename, 'url' => $this->mParams->url, 'city_id' => $this->mParams->city_id); wfRunHooks('CreateWikiLocalJob-complete', array($params)); wfProfileOut(__METHOD__); $wgDebugLogFile = $debugLogFile; return true; }
/** * main entry point * * @access public */ public function run() { global $wgUser, $wgErrorLog, $wgDebugLogFile, $wgServer, $wgInternalServer; // Set this flag to ensure that all select operations go against master // Slave lag can cause random errors during wiki creation process global $wgForceMasterDatabase; $wgForceMasterDatabase = true; wfProfileIn(__METHOD__); /** * overwrite $wgServer. It is sometimes set as localhost which sends broken url * to purgers * * @see SquidUpdate::expand */ $wgServer = rtrim($this->mParams->url, "/"); $wgInternalServer = $wgServer; /** * very verbose */ $debugLogFile = $wgDebugLogFile; $wgDebugLogFile = "php://stdout"; $wgErrorLog = false; /** * setup founder user */ if ($this->mParams->founderId) { Wikia::log(__METHOD__, "user", "Loading user with user_id = {$this->mParams->founderId}"); $this->mFounder = User::newFromId($this->mParams->founderId); $this->mFounder->load(); } else { Wikia::log(__METHOD__, "user", "Founder user_id is unknown {$this->mParams->founderId}"); } # check user name if (!$this->mFounder || $this->mFounder->isAnon()) { Wikia::log(__METHOD__, "user", "Cannot load user with user_id = {$this->mParams->founderId}"); if (!empty($this->mParams->founderName)) { $this->mFounder = User::newFromName($this->mParams->founderName); $this->mFounder->load(); } } # use ExternalUser to check if (!$this->mFounder || $this->mFounder->isAnon()) { global $wgExternalAuthType; if ($wgExternalAuthType) { $oExtUser = ExternalUser::newFromName($this->mParams->founderName); if (is_object($oExtUser)) { $oExtUser->linkToLocal($oExtUser->getId()); } } } $wgUser = User::newFromName("CreateWiki script"); /** * main page should be move in first stage of create wiki, but sometimes * is too early for that. This is fallback function */ $this->wikiaName = isset($this->mParams->sitename) ? $this->mParams->sitename : WikiFactory::getVarValueByName("wgSitename", $this->mParams->city_id, true); $this->wikiaLang = isset($this->mParams->language) ? $this->mParams->language : WikiFactory::getVarValueByName("wgLanguageCode", $this->mParams->city_id); $this->moveMainPage(); $this->changeStarterContributions(); $this->setWelcomeTalkPage(); if (empty($this->mParams->disableWelcome)) { $this->sendWelcomeMail(); } $this->populateCheckUserTables(); $this->protectKeyPages(); if (empty($this->mParams->disableReminder)) { $this->queueReminderMail(); } $this->sendRevisionToScribe(); $params = array('title' => $this->mParams->sitename, 'url' => $this->mParams->url, 'city_id' => $this->mParams->city_id); if (empty($this->mParams->disableCompleteHook)) { wfRunHooks('CreateWikiLocalJob-complete', array($params)); } wfProfileOut(__METHOD__); $wgDebugLogFile = $debugLogFile; return true; }
/** * Retrieves and shows the gathered info to the user * @param $target Mixed: user whose info we're looking up */ function showInfo($target, $emailUser = "") { global $wgOut, $wgLang, $wgScript, $wgEnableWallExt, $wgExternalSharedDB, $wgExternalAuthType; //Small Stuff Week - adding table from Special:LookupContribs --nAndy global $wgExtensionsPath, $wgJsMimeType, $wgResourceBasePath, $wgEnableLookupContribsExt; /** * look for @ in username */ $count = 0; $aUsers = array(); $userTarget = ""; if (strpos($target, '@') !== false) { /** * find username by email */ $emailUser = htmlspecialchars($emailUser); $dbr = wfGetDB(DB_SLAVE, array(), $wgExternalSharedDB); $oRes = $dbr->select('`user`', 'user_name', array('user_email' => $target), __METHOD__); $loop = 0; while ($oRow = $dbr->fetchObject($oRes)) { if ($loop === 0) { $userTarget = $oRow->user_name; } if (!empty($emailUser) && $emailUser == $oRow->user_name) { $userTarget = $emailUser; } $aUsers[] = $oRow->user_name; $loop++; } // Check for disabled accounts where we kept the email $dRows = $dbr->select(['`user`', 'user_properties'], ['user_name'], ['user_id = up_user', 'up_property' => 'disabled-user-email', 'up_value' => $target], __METHOD__); foreach ($dRows as $row) { if ($loop === 0) { $userTarget = $oRow->user_name; } if (!empty($emailUser) && $emailUser == $row->user_name) { $userTarget = $emailUser; } $aUsers[] = $row->user_name; $loop++; } $count = $loop; } $targetUserName = !empty($userTarget) ? $userTarget : $target; $extUser = null; $user = null; if ($wgExternalAuthType == 'ExternalUser_Wikia') { $extUser = ExternalUser::newFromName($targetUserName); } else { $user = User::newFromName($targetUserName); } if (is_object($extUser) && $extUser->getId() != 0) { $user = $extUser->mapToUser(); } elseif ($user == null || $user->getId() == 0) { $wgOut->addWikiText('<span class="error">' . wfMessage('lookupuser-nonexistent', $target)->text() . '</span>'); return; } if ($count > 1) { $options = array(); if (!empty($aUsers) && is_array($aUsers)) { foreach ($aUsers as $id => $userName) { $options[] = Xml::option($userName, $userName, $userName == $userTarget); } } $selectForm = Xml::openElement('select', array('id' => 'email_user', 'name' => "email_user")); $selectForm .= "\n" . implode("\n", $options) . "\n"; $selectForm .= Xml::closeElement('select'); $selectForm .= "({$count})"; $wgOut->addHTML(Xml::openElement('fieldset') . "\n" . Xml::openElement('form', array('method' => 'get', 'action' => $wgScript)) . "\n" . Html::hidden('title', $this->getTitle()->getPrefixedText()) . "\n" . Html::hidden('target', $target) . "\n" . Xml::openElement('table', array('border' => '0')) . "\n" . Xml::openElement('tr') . "\n" . Xml::openElement('td', array('align' => 'right')) . wfMessage('lookupuser-foundmoreusers')->escaped() . Xml::closeElement('td') . "\n" . Xml::openElement('td', array('align' => 'left')) . "\n" . $selectForm . Xml::closeElement('td') . "\n" . Xml::openElement('td', array('colspan' => '2', 'align' => 'center')) . Xml::submitButton(wfMessage('go')->escaped()) . Xml::closeElement('td') . "\n" . Xml::closeElement('tr') . "\n" . Xml::closeElement('table') . "\n" . Xml::closeElement('form') . "\n" . Xml::closeElement('fieldset')); } $authTs = $user->getEmailAuthenticationTimestamp(); if ($authTs) { $authenticated = wfMessage('lookupuser-authenticated', $wgLang->timeanddate($authTs, true))->text(); } else { $authenticated = wfMessage('lookupuser-not-authenticated')->text(); } $optionsString = ''; foreach ($user->getOptions() as $name => $value) { $optionsString .= "{$name} = {$value} <br />"; } $name = $user->getName(); $email = $user->getEmail() ?: $user->getGlobalAttribute('disabled-user-email'); if (!empty($email)) { $email_output = wfMessage('lookupuser-email', $email, urlencode($email))->text(); } else { $email_output = wfMessage('lookupuser-no-email')->text(); } if ($user->getRegistration()) { $registration = $wgLang->timeanddate($user->getRegistration(), true); } else { $registration = wfMessage('lookupuser-no-registration')->text(); } $wgOut->addWikiText('*' . wfMessage('username')->text() . ' [[User:'******'|' . $name . ']] (' . $wgLang->pipeList(array('<span id="lu-tools">[[' . (!empty($wgEnableWallExt) ? 'Message Wall:' . $name . '|' . wfMessage('wall-message-wall-shorten')->text() : 'User talk:' . $name . '|' . wfMessage('talkpagelinktext')->text()) . ']]', '[[Special:Contributions/' . $name . '|' . wfMessage('contribslink')->text() . ']]</span>)'))); $wgOut->addWikiText('*' . wfMessage('lookupuser-toollinks', $name, urlencode($name))->inContentLanguage()->text()); $wgOut->addWikiText('*' . wfMessage('lookupuser-id', $user->getId())->text()); $userStatus = wfMessage('lookupuser-account-status-realuser')->text(); $wgOut->addWikiText('*' . wfMessage('lookupuser-account-status')->text() . $userStatus); $wgOut->addWikiText('*' . $email_output); $wgOut->addWikiText('*' . wfMessage('lookupuser-realname', $user->getRealName())->text()); $wgOut->addWikiText('*' . wfMessage('lookupuser-registration', $registration)->text()); $wgOut->addWikiText('*' . wfMessage('lookupuser-touched', $wgLang->timeanddate($user->mTouched, true))->text()); $wgOut->addWikiText('*' . wfMessage('lookupuser-info-authenticated', $authenticated)->text()); if (isset($user->mBirthDate)) { $birthDate = $wgLang->date(date('Y-m-d H:i:s', strtotime($user->mBirthDate))); } else { $birthDate = wfMessage('lookupuser-no-birthdate')->text(); } $wgOut->addWikiText('*' . wfMessage('lookupuser-birthdate', $birthDate)->text()); $newEmail = $user->getGlobalAttribute('new_email'); if (!empty($newEmail)) { $wgOut->addWikiText('*' . wfMessage('lookupuser-email-change-requested', $newEmail)->plain()); } $allowedAdoption = $user->getGlobalFlag('AllowAdoption', true); $wgOut->addWikiText('*' . wfMessage('lookupuser-user' . (!$allowedAdoption ? '-not' : '') . '-allowed-adoption')->plain()); //Begin: Small Stuff Week - adding table from Special:LookupContribs --nAndy if (!empty($wgEnableLookupContribsExt)) { $wgOut->addExtensionStyle("{$wgExtensionsPath}/wikia/LookupContribs/css/table.css"); $wgOut->addExtensionStyle("{$wgExtensionsPath}/wikia/LookupUser/css/lookupuser.css"); $wgOut->addScript("<script type=\"{$wgJsMimeType}\" src=\"{$wgResourceBasePath}/resources/wikia/libraries/jquery/datatables/jquery.dataTables.min.js\"></script>\n"); //checking and setting User::mBlockedGlobally if needed //only for this instance of class User wfRunHooks('GetBlockedStatus', array(&$user)); $oTmpl = new EasyTemplate(dirname(__FILE__) . "/templates/"); $oTmpl->set_vars(array('username' => $name, 'isUsernameGloballyBlocked' => $user->isBlockedGlobally())); $wgOut->addHTML($oTmpl->render('contribution.table')); } else { $wgOut->addWikiText('*' . wfMessage('lookupuser-table-cannot-be-displayed')->text()); } //End: Small Stuff Week $wgOut->addWikiText('*' . wfMessage('lookupuser-useroptions')->text() . '<br />' . $optionsString); }
/** * Actually add a user to the database. * Give it a User object that has been initialised with a name. * * @param $oUser User object. * @param $autocreate boolean -- true if this is an autocreation via auth plugin * @return User object. * @private */ function initUser($oUser, $autocreate) { global $wgAuth, $wgExternalAuthType; wfProfileIn(__METHOD__); $oExtUser = null; if ($wgExternalAuthType) { $oUser = ExternalUser::addUser($oUser, $this->mPassword, $this->mEmail, ""); if (is_object($oUser)) { $oExtUser = ExternalUser::newFromName($this->mUsername); } } else { $oUser->addToDatabase(); } if ($wgAuth->allowPasswordChange()) { $oUser->setPassword($this->mPassword); } $oUser->setEmail($this->mEmail); $oUser->setToken(); $wgAuth->initUser($oUser, $autocreate); if (is_object($oExtUser)) { $oExtUser->linkToLocal($oUser->getId()); $email = $oExtUser->getPref('emailaddress'); if ($email && !$this->mEmail) { $oUser->setEmail($email); } } $oUser->setOption('rememberpassword', isset($this->mRemember) ? 1 : 0); $oUser->setOption('marketingallowed', isset($this->mMarketing) ? 1 : 0); $oUser->setOption('skinoverwrite', 1); $oUser->saveSettings(); # Update user count $ssUpdate = new SiteStatsUpdate(0, 0, 0, 0, 1); $ssUpdate->doUpdate(); wfProfileOut(__METHOD__); return $oUser; }