コード例 #1
0
 /**
  * Get blocking information
  * @param bool $bFromSlave Whether to check the slave database first.
  *   To improve performance, non-critical checks are done against slaves.
  *   Check when actually saving should be done against master.
  */
 private function getBlockedStatus($bFromSlave = true)
 {
     global $wgProxyWhitelist, $wgUser, $wgApplyIpBlocksToXff;
     if (-1 != $this->mBlockedby) {
         return;
     }
     wfDebug(__METHOD__ . ": checking...\n");
     // Initialize data...
     // Otherwise something ends up stomping on $this->mBlockedby when
     // things get lazy-loaded later, causing false positive block hits
     // due to -1 !== 0. Probably session-related... Nothing should be
     // overwriting mBlockedby, surely?
     $this->load();
     # We only need to worry about passing the IP address to the Block generator if the
     # user is not immune to autoblocks/hardblocks, and they are the current user so we
     # know which IP address they're actually coming from
     if (!$this->isAllowed('ipblock-exempt') && $this->equals($wgUser)) {
         $ip = $this->getRequest()->getIP();
     } else {
         $ip = null;
     }
     // User/IP blocking
     $block = Block::newFromTarget($this, $ip, !$bFromSlave);
     // Proxy blocking
     if (!$block instanceof Block && $ip !== null && !$this->isAllowed('proxyunbannable') && !in_array($ip, $wgProxyWhitelist)) {
         // Local list
         if (self::isLocallyBlockedProxy($ip)) {
             $block = new Block();
             $block->setBlocker(wfMessage('proxyblocker')->text());
             $block->mReason = wfMessage('proxyblockreason')->text();
             $block->setTarget($ip);
         } elseif ($this->isAnon() && $this->isDnsBlacklisted($ip)) {
             $block = new Block();
             $block->setBlocker(wfMessage('sorbs')->text());
             $block->mReason = wfMessage('sorbsreason')->text();
             $block->setTarget($ip);
         }
     }
     // (bug 23343) Apply IP blocks to the contents of XFF headers, if enabled
     if (!$block instanceof Block && $wgApplyIpBlocksToXff && $ip !== null && !$this->isAllowed('proxyunbannable') && !in_array($ip, $wgProxyWhitelist)) {
         $xff = $this->getRequest()->getHeader('X-Forwarded-For');
         $xff = array_map('trim', explode(',', $xff));
         $xff = array_diff($xff, array($ip));
         $xffblocks = Block::getBlocksForIPList($xff, $this->isAnon(), !$bFromSlave);
         $block = Block::chooseBlock($xffblocks, $xff);
         if ($block instanceof Block) {
             # Mangle the reason to alert the user that the block
             # originated from matching the X-Forwarded-For header.
             $block->mReason = wfMessage('xffblockreason', $block->mReason)->text();
         }
     }
     if ($block instanceof Block) {
         wfDebug(__METHOD__ . ": Found block.\n");
         $this->mBlock = $block;
         $this->mBlockedby = $block->getByName();
         $this->mBlockreason = $block->mReason;
         $this->mHideName = $block->mHideName;
         $this->mAllowUsertalk = !$block->prevents('editownusertalk');
     } else {
         $this->mBlockedby = '';
         $this->mHideName = 0;
         $this->mAllowUsertalk = false;
     }
     // Extensions
     Hooks::run('GetBlockedStatus', array(&$this));
 }
コード例 #2
0
 /**
  * @dataProvider providerXff
  * @covers Block::getBlocksForIPList
  * @covers Block::chooseBlock
  */
 public function testBlocksOnXff($xff, $exCount, $exResult)
 {
     $list = array_map('trim', explode(',', $xff));
     $xffblocks = Block::getBlocksForIPList($list, true);
     $this->assertEquals($exCount, count($xffblocks), 'Number of blocks for ' . $xff);
     $block = Block::chooseBlock($xffblocks, $list);
     $this->assertEquals($exResult, $block->mReason, 'Correct block type for XFF header ' . $xff);
 }