function loadParameters()
{
global $wgRequest;
$ip = trim($wgRequest->getText('address'));
$this->mAddress = $ip !== '' || $wgRequest->wasPosted() ? Block::normaliseRange($ip) : '';
$this->mReason = $wgRequest->getText('wpReason');
$this->mWhitelistStatus = $wgRequest->getCheck('wpWhitelistStatus');
$this->mEditToken = $wgRequest->getText('wpEditToken');
if ($this->mAddress) {
$this->mCurrentStatus = GlobalBlocking::getWhitelistInfoByIP($this->mAddress) !== false;
if (!$wgRequest->wasPosted()) {
$this->mWhitelistStatus = $this->mCurrentStatus;
}
} else {
$this->mCurrentStatus = true;
}
}
function doSubmit()
{
global $wgOut, $wgUser, $wgSysopUserBans, $wgSysopRangeBans;
$userId = 0;
$this->BlockAddress = trim($this->BlockAddress);
$rxIP = '\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}';
# Check for invalid specifications
if (!preg_match("/^{$rxIP}\$/", $this->BlockAddress)) {
if (preg_match("/^({$rxIP})\\/(\\d{1,2})\$/", $this->BlockAddress, $matches)) {
if ($wgSysopRangeBans) {
if ($matches[2] > 31 || $matches[2] < 16) {
$this->showForm(wfMsg('ip_range_invalid'));
return;
}
$this->BlockAddress = Block::normaliseRange($this->BlockAddress);
} else {
# Range block illegal
$this->showForm(wfMsg('range_block_disabled'));
return;
}
} else {
# Username block
if ($wgSysopUserBans) {
$user = User::newFromName($this->BlockAddress);
if (!is_null($user) && $user->getID()) {
# Use canonical name
$this->BlockAddress = $user->getName();
$userId = $user->getID();
} else {
$this->showForm(wfMsg('nosuchusershort', htmlspecialchars($this->BlockAddress)));
return;
}
} else {
$this->showForm(wfMsg('badipaddress'));
return;
}
}
}
$expirestr = $this->BlockExpiry;
if ($expirestr == 'other') {
$expirestr = $this->BlockOther;
}
if (strlen($expirestr) == 0) {
$this->showForm(wfMsg('ipb_expiry_invalid'));
return;
}
if ($expirestr == 'infinite' || $expirestr == 'indefinite') {
$expiry = Block::infinity();
} else {
# Convert GNU-style date, on error returns -1 for PHP <5.1 and false for PHP >=5.1
$expiry = strtotime($expirestr);
if ($expiry < 0 || $expiry === false) {
$this->showForm(wfMsg('ipb_expiry_invalid'));
return;
}
$expiry = wfTimestamp(TS_MW, $expiry);
}
# Create block
# Note: for a user block, ipb_address is only for display purposes
$block = new Block($this->BlockAddress, $userId, $wgUser->getID(), $this->BlockReason, wfTimestampNow(), 0, $expiry, $this->BlockAnonOnly, $this->BlockCreateAccount);
if (wfRunHooks('BlockIp', array(&$block, &$wgUser))) {
if (!$block->insert()) {
$this->showForm(wfMsg('ipb_already_blocked', htmlspecialchars($this->BlockAddress)));
return;
}
wfRunHooks('BlockIpComplete', array($block, $wgUser));
# Make log entry
$log = new LogPage('block');
$log->addEntry('block', Title::makeTitle(NS_USER, $this->BlockAddress), $this->BlockReason, $expirestr);
# Report to the user
$titleObj = Title::makeTitle(NS_SPECIAL, 'Blockip');
$wgOut->redirect($titleObj->getFullURL('action=success&ip=' . urlencode($this->BlockAddress)));
}
}
/**
* Backend block code.
* $userID and $expiry will be filled accordingly
* @return array(message key, arguments) on failure, empty array on success
*/
function doBlock(&$userId = null, &$expiry = null)
{
global $wgUser, $wgSysopUserBans, $wgSysopRangeBans, $wgBlockAllowsUTEdit, $wgBlockCIDRLimit;
$userId = 0;
# Expand valid IPv6 addresses, usernames are left as is
$this->BlockAddress = IP::sanitizeIP($this->BlockAddress);
# isIPv4() and IPv6() are used for final validation
$rxIP4 = '\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}';
$rxIP6 = '\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}';
$rxIP = "({$rxIP4}|{$rxIP6})";
# Check for invalid specifications
if (!preg_match("/^{$rxIP}\$/", $this->BlockAddress)) {
$matches = array();
if (preg_match("/^({$rxIP4})\\/(\\d{1,2})\$/", $this->BlockAddress, $matches)) {
# IPv4
if ($wgSysopRangeBans) {
if (!IP::isIPv4($this->BlockAddress) || $matches[2] > 32) {
return array('ip_range_invalid');
} elseif ($matches[2] < $wgBlockCIDRLimit['IPv4']) {
return array('ip_range_toolarge', $wgBlockCIDRLimit['IPv4']);
}
$this->BlockAddress = Block::normaliseRange($this->BlockAddress);
} else {
# Range block illegal
return array('range_block_disabled');
}
} elseif (preg_match("/^({$rxIP6})\\/(\\d{1,3})\$/", $this->BlockAddress, $matches)) {
# IPv6
if ($wgSysopRangeBans) {
if (!IP::isIPv6($this->BlockAddress) || $matches[2] > 128) {
return array('ip_range_invalid');
} elseif ($matches[2] < $wgBlockCIDRLimit['IPv6']) {
return array('ip_range_toolarge', $wgBlockCIDRLimit['IPv6']);
}
$this->BlockAddress = Block::normaliseRange($this->BlockAddress);
} else {
# Range block illegal
return array('range_block_disabled');
}
} else {
# Username block
if ($wgSysopUserBans) {
$user = User::newFromName($this->BlockAddress);
if (!is_null($user) && $user->getId()) {
# Use canonical name
$userId = $user->getId();
$this->BlockAddress = $user->getName();
} else {
return array('nosuchusershort', htmlspecialchars($user ? $user->getName() : $this->BlockAddress));
}
} else {
return array('badipaddress');
}
}
}
if ($wgUser->isBlocked() && $wgUser->getId() !== $userId) {
return array('cant-block-while-blocked');
}
$reasonstr = $this->BlockReasonList;
if ($reasonstr != 'other' && $this->BlockReason != '') {
// Entry from drop down menu + additional comment
$reasonstr .= wfMsgForContent('colon-separator') . $this->BlockReason;
} elseif ($reasonstr == 'other') {
$reasonstr = $this->BlockReason;
}
$expirestr = $this->BlockExpiry;
if ($expirestr == 'other') {
$expirestr = $this->BlockOther;
}
if (strlen($expirestr) == 0 || strlen($expirestr) > 50) {
return array('ipb_expiry_invalid');
}
if (false === ($expiry = Block::parseExpiryInput($expirestr))) {
// Bad expiry.
return array('ipb_expiry_invalid');
}
if ($this->BlockHideName) {
// Recheck params here...
if (!$userId || !$wgUser->isAllowed('hideuser')) {
$this->BlockHideName = false;
// IP users should not be hidden
} elseif ($expiry !== 'infinity') {
// Bad expiry.
return array('ipb_expiry_temp');
} elseif (User::edits($userId) > self::HIDEUSER_CONTRIBLIMIT) {
// Typically, the user should have a handful of edits.
// Disallow hiding users with many edits for performance.
return array('ipb_hide_invalid');
}
}
# Create block object
# Note: for a user block, ipb_address is only for display purposes
$block = new Block($this->BlockAddress, $userId, $wgUser->getId(), $reasonstr, wfTimestampNow(), 0, $expiry, $this->BlockAnonOnly, $this->BlockCreateAccount, $this->BlockEnableAutoblock, $this->BlockHideName, $this->BlockEmail, isset($this->BlockAllowUsertalk) ? $this->BlockAllowUsertalk : $wgBlockAllowsUTEdit);
# Should this be privately logged?
$suppressLog = (bool) $this->BlockHideName;
if (wfRunHooks('BlockIp', array(&$block, &$wgUser))) {
# Try to insert block. Is there a conflicting block?
if (!$block->insert()) {
# Show form unless the user is already aware of this...
if (!$this->BlockReblock) {
return array('ipb_already_blocked');
# Otherwise, try to update the block...
} else {
# This returns direct blocks before autoblocks/rangeblocks, since we should
# be sure the user is blocked by now it should work for our purposes
$currentBlock = Block::newFromDB($this->BlockAddress, $userId);
if ($block->equals($currentBlock)) {
return array('ipb_already_blocked');
}
# If the name was hidden and the blocking user cannot hide
# names, then don't allow any block changes...
if ($currentBlock->mHideName && !$wgUser->isAllowed('hideuser')) {
return array('cant-see-hidden-user');
}
$currentBlock->delete();
$block->insert();
# If hiding/unhiding a name, this should go in the private logs
$suppressLog = $suppressLog || (bool) $currentBlock->mHideName;
$log_action = 'reblock';
# Unset _deleted fields if requested
if ($currentBlock->mHideName && !$this->BlockHideName) {
self::unsuppressUserName($this->BlockAddress, $userId);
}
}
} else {
$log_action = 'block';
}
wfRunHooks('BlockIpComplete', array($block, $wgUser));
# Set *_deleted fields if requested
if ($this->BlockHideName) {
self::suppressUserName($this->BlockAddress, $userId);
}
# Only show watch link when this is no range block
if ($this->BlockWatchUser && $block->mRangeStart == $block->mRangeEnd) {
$wgUser->addWatch(Title::makeTitle(NS_USER, $this->BlockAddress));
}
# Block constructor sanitizes certain block options on insert
$this->BlockEmail = $block->mBlockEmail;
$this->BlockEnableAutoblock = $block->mEnableAutoblock;
# Prepare log parameters
$logParams = array();
$logParams[] = $expirestr;
$logParams[] = $this->blockLogFlags();
# Make log entry, if the name is hidden, put it in the oversight log
$log_type = $suppressLog ? 'suppress' : 'block';
$log = new LogPage($log_type);
$log->addEntry($log_action, Title::makeTitle(NS_USER, $this->BlockAddress), $reasonstr, $logParams);
# Report to the user
return array();
} else {
return array('hookaborted');
}
}
/**
* Backend block code.
* $userID and $expiry will be filled accordingly
* @return array(message key, arguments) on failure, empty array on success
*/
function doBlock(&$userId = null, &$expiry = null)
{
global $wgUser, $wgSysopUserBans, $wgSysopRangeBans;
$userId = 0;
# Expand valid IPv6 addresses, usernames are left as is
$this->BlockAddress = IP::sanitizeIP($this->BlockAddress);
# isIPv4() and IPv6() are used for final validation
$rxIP4 = '\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}';
$rxIP6 = '\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}';
$rxIP = "({$rxIP4}|{$rxIP6})";
# Check for invalid specifications
if (!preg_match("/^{$rxIP}\$/", $this->BlockAddress)) {
$matches = array();
if (preg_match("/^({$rxIP4})\\/(\\d{1,2})\$/", $this->BlockAddress, $matches)) {
# IPv4
if ($wgSysopRangeBans) {
if (!IP::isIPv4($this->BlockAddress) || $matches[2] < 16 || $matches[2] > 32) {
return array('ip_range_invalid');
}
$this->BlockAddress = Block::normaliseRange($this->BlockAddress);
} else {
# Range block illegal
return array('range_block_disabled');
}
} else {
if (preg_match("/^({$rxIP6})\\/(\\d{1,3})\$/", $this->BlockAddress, $matches)) {
# IPv6
if ($wgSysopRangeBans) {
if (!IP::isIPv6($this->BlockAddress) || $matches[2] < 64 || $matches[2] > 128) {
return array('ip_range_invalid');
}
$this->BlockAddress = Block::normaliseRange($this->BlockAddress);
} else {
# Range block illegal
return array('range_block_disabled');
}
} else {
# Username block
if ($wgSysopUserBans) {
$user = User::newFromName($this->BlockAddress);
if (!is_null($user) && $user->getID()) {
# Use canonical name
$userId = $user->getID();
$this->BlockAddress = $user->getName();
} else {
return array('nosuchusershort', htmlspecialchars($user ? $user->getName() : $this->BlockAddress));
}
} else {
return array('badipaddress');
}
}
}
}
$reasonstr = $this->BlockReasonList;
if ($reasonstr != 'other' && $this->BlockReason != '') {
// Entry from drop down menu + additional comment
$reasonstr .= ': ' . $this->BlockReason;
} elseif ($reasonstr == 'other') {
$reasonstr = $this->BlockReason;
}
$expirestr = $this->BlockExpiry;
if ($expirestr == 'other') {
$expirestr = $this->BlockOther;
}
if (strlen($expirestr) == 0) {
return array('ipb_expiry_invalid');
}
if ($expirestr == 'infinite' || $expirestr == 'indefinite') {
$expiry = Block::infinity();
} else {
# Convert GNU-style date, on error returns -1 for PHP <5.1 and false for PHP >=5.1
$expiry = strtotime($expirestr);
if ($expiry < 0 || $expiry === false) {
return array('ipb_expiry_invalid');
}
$expiry = wfTimestamp(TS_MW, $expiry);
}
# Create block
# Note: for a user block, ipb_address is only for display purposes
$block = new Block($this->BlockAddress, $userId, $wgUser->getID(), $reasonstr, wfTimestampNow(), 0, $expiry, $this->BlockAnonOnly, $this->BlockCreateAccount, $this->BlockEnableAutoblock, $this->BlockHideName, $this->BlockEmail);
if (wfRunHooks('BlockIp', array(&$block, &$wgUser))) {
if (!$block->insert()) {
return array('ipb_already_blocked', htmlspecialchars($this->BlockAddress));
}
wfRunHooks('BlockIpComplete', array($block, $wgUser));
# Prepare log parameters
$logParams = array();
$logParams[] = $expirestr;
$logParams[] = $this->blockLogFlags();
# Make log entry, if the name is hidden, put it in the oversight log
$log_type = $this->BlockHideName ? 'oversight' : 'block';
$log = new LogPage($log_type);
$log->addEntry('block', Title::makeTitle(NS_USER, $this->BlockAddress), $reasonstr, $logParams);
# Report to the user
return array();
} else {
return array('hookaborted');
}
}
function loadParameters($ip)
{
$ip = trim($ip);
$this->mSearchIP = $ip !== '' ? Block::normaliseRange($ip) : '';
}
function showList($msg)
{
global $wgOut;
$wgOut->setPagetitle(wfMsg("ipblocklist"));
if ("" != $msg) {
$wgOut->setSubtitle($msg);
}
// Purge expired entries on one in every 10 queries
if (!mt_rand(0, 10)) {
Block::purgeExpired();
}
$conds = array();
if ($this->ip == '') {
// No extra conditions
} elseif (substr($this->ip, 0, 1) == '#') {
$conds['ipb_id'] = substr($this->ip, 1);
} elseif (IP::toUnsigned($this->ip) !== false) {
$conds['ipb_address'] = $this->ip;
$conds['ipb_auto'] = 0;
} elseif (preg_match("/^(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\\/(\\d{1,2})\$/", $this->ip, $matches)) {
$conds['ipb_address'] = Block::normaliseRange($this->ip);
$conds['ipb_auto'] = 0;
} else {
$user = User::newFromName($this->ip);
if ($user && ($id = $user->getID()) != 0) {
$conds['ipb_user'] = $id;
} else {
// Uh...?
$conds['ipb_address'] = $this->ip;
$conds['ipb_auto'] = 0;
}
}
$pager = new IPBlocklistPager($this, $conds);
$s = $pager->getNavigationBar() . $this->searchForm();
if ($pager->getNumRows()) {
$s .= "<ul>" . $pager->getBody() . "</ul>";
} else {
$s .= '<p>' . wfMsgHTML('ipblocklistempty') . '</p>';
}
$s .= $pager->getNavigationBar();
$wgOut->addHTML($s);
}
public static function takeConsequenceAction($action, $parameters, $title, $vars, $rule_desc)
{
wfLoadExtensionMessages('AbuseFilter');
$display = '';
switch ($action) {
case 'disallow':
if (strlen($parameters[0])) {
$display .= wfMsgExt($parameters[0], 'parseinline', array($rule_desc)) . "\n";
} else {
// Generic message.
$display .= wfMsgExt('abusefilter-disallowed', 'parseinline', array($rule_desc)) . "<br />\n";
}
break;
case 'block':
global $wgUser, $wgAbuseFilterBlockDuration;
$filterUser = AbuseFilter::getFilterUser();
// Create a block.
$block = new Block();
$block->mAddress = $wgUser->getName();
$block->mUser = $wgUser->getId();
$block->mBy = $filterUser->getId();
$block->mByName = $filterUser->getName();
$block->mReason = wfMsgForContent('abusefilter-blockreason', $rule_desc);
$block->mTimestamp = wfTimestampNow();
$block->mAnonOnly = 1;
$block->mCreateAccount = 1;
$block->mExpiry = Block::parseExpiryInput($wgAbuseFilterBlockDuration);
$block->insert();
// Log it
# Prepare log parameters
$logParams = array();
if ($block->mExpiry == 'infinity') {
$logParams[] = 'indefinite';
} else {
$logParams[] = $wgAbuseFilterBlockDuration;
}
$logParams[] = 'nocreate, angry-autoblock';
$log = new LogPage('block');
$log->addEntry('block', Title::makeTitle(NS_USER, $wgUser->getName()), wfMsgForContent('abusefilter-blockreason', $rule_desc), $logParams, self::getFilterUser());
$display .= wfMsgExt('abusefilter-blocked-display', 'parseinline', array($rule_desc)) . "<br />\n";
break;
case 'rangeblock':
global $wgUser;
$filterUser = AbuseFilter::getFilterUser();
$range = IP::toHex(wfGetIP());
$range = substr($range, 0, 4) . '0000';
$range = long2ip(hexdec($range));
$range .= '/16';
$range = Block::normaliseRange($range);
// Create a block.
$block = new Block();
$block->mAddress = $range;
$block->mUser = 0;
$block->mBy = $filterUser->getId();
$block->mByName = $filterUser->getName();
$block->mReason = wfMsgForContent('abusefilter-blockreason', $rule_desc);
$block->mTimestamp = wfTimestampNow();
$block->mAnonOnly = 0;
$block->mCreateAccount = 1;
$block->mExpiry = Block::parseExpiryInput('1 week');
$block->insert();
// Log it
# Prepare log parameters
$logParams = array();
$logParams[] = 'indefinite';
$logParams[] = 'nocreate, angry-autoblock';
$log = new LogPage('block');
$log->addEntry('block', Title::makeTitle(NS_USER, $range), wfMsgForContent('abusefilter-blockreason', $rule_desc), $logParams, self::getFilterUser());
$display .= wfMsgExt('abusefilter-blocked-display', 'parseinline', $rule_desc) . "<br />\n";
break;
case 'degroup':
global $wgUser;
if (!$wgUser->isAnon()) {
// Remove all groups from the user. Ouch.
$groups = $wgUser->getGroups();
foreach ($groups as $group) {
$wgUser->removeGroup($group);
}
$display .= wfMsgExt('abusefilter-degrouped', 'parseinline', array($rule_desc)) . "<br />\n";
// Don't log it if there aren't any groups being removed!
if (!count($groups)) {
break;
}
// Log it.
$log = new LogPage('rights');
$log->addEntry('rights', $wgUser->getUserPage(), wfMsgForContent('abusefilter-degroupreason', $rule_desc), array(implode(', ', $groups), wfMsgForContent('rightsnone')), self::getFilterUser());
}
break;
case 'blockautopromote':
global $wgUser, $wgMemc;
if (!$wgUser->isAnon()) {
$blockPeriod = (int) mt_rand(3 * 86400, 7 * 86400);
// Block for 3-7 days.
$wgMemc->set(self::autoPromoteBlockKey($wgUser), true, $blockPeriod);
$display .= wfMsgExt('abusefilter-autopromote-blocked', 'parseinline', array($rule_desc)) . "<br />\n";
}
break;
case 'flag':
// Do nothing. Here for completeness.
break;
case 'tag':
// Mark with a tag on recentchanges.
global $wgUser;
$actionID = implode('-', array($title->getPrefixedText(), $wgUser->getName(), $vars->getVar('ACTION')->toString()));
AbuseFilter::$tagsToSet[$actionID] = $parameters;
break;
default:
wfDebugLog('AbuseFilter', "Unrecognised action {$action}");
}
return $display;
}
function showList($msg)
{
global $wgOut, $wgUser;
$wgOut->setPagetitle(wfMsg("ipblocklist"));
if ("" != $msg) {
$wgOut->setSubtitle($msg);
}
// Purge expired entries on one in every 10 queries
if (!mt_rand(0, 10)) {
Block::purgeExpired();
}
$conds = array();
$matches = array();
// Is user allowed to see all the blocks?
if (!$wgUser->isAllowed('oversight')) {
$conds['ipb_deleted'] = 0;
}
if ($this->ip == '') {
// No extra conditions
} elseif (substr($this->ip, 0, 1) == '#') {
$conds['ipb_id'] = substr($this->ip, 1);
} elseif (IP::toUnsigned($this->ip) !== false) {
$conds['ipb_address'] = $this->ip;
$conds['ipb_auto'] = 0;
} elseif (preg_match('/^(\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\\/(\\d{1,2})$/', $this->ip, $matches)) {
$conds['ipb_address'] = Block::normaliseRange($this->ip);
$conds['ipb_auto'] = 0;
} else {
$user = User::newFromName($this->ip);
if ($user && ($id = $user->getID()) != 0) {
$conds['ipb_user'] = $id;
} else {
// Uh...?
$conds['ipb_address'] = $this->ip;
$conds['ipb_auto'] = 0;
}
}
$pager = new IPBlocklistPager($this, $conds);
if ($pager->getNumRows()) {
$wgOut->addHTML($this->searchForm() . $pager->getNavigationBar() . Xml::tags('ul', null, $pager->getBody()) . $pager->getNavigationBar());
} elseif ($this->ip != '') {
$wgOut->addHTML($this->searchForm());
$wgOut->addWikiText(wfMsg('ipblocklist-no-results'));
} else {
$wgOut->addWikiText(wfMsg('ipblocklist-empty'));
}
}
/**
* Find out if a given IP address is blocked
*
* @param String $ip IP address
* @param bool $bFromSlave True means to load check against slave, else check against master.
*/
function get($ip, $bFromSlave)
{
$this->load($bFromSlave);
$ipint = ip2long($ip);
$blocked = false;
foreach ($this->mData as $networkBits => $blockInts) {
if (array_key_exists($ipint >> 32 - $networkBits, $blockInts)) {
$blocked = true;
break;
}
}
if ($blocked) {
# Clear low order bits
if ($networkBits != 32) {
$ip .= '/' . $networkBits;
$ip = Block::normaliseRange($ip);
}
$block = new Block();
$block->forUpdate($bFromSlave);
$block->load($ip);
} else {
$block = false;
}
return $block;
}
function showList($msg)
{
global $wgOut, $wgUser;
$wgOut->setPagetitle(wfMsg("ipblocklist"));
if ("" != $msg) {
$wgOut->setSubtitle($msg);
}
// Purge expired entries on one in every 10 queries
if (!mt_rand(0, 10)) {
Block::purgeExpired();
}
$conds = array();
$matches = array();
// Is user allowed to see all the blocks?
if (!$wgUser->isAllowed('suppress')) {
$conds['ipb_deleted'] = 0;
}
if ($this->ip == '') {
// No extra conditions
} elseif (substr($this->ip, 0, 1) == '#') {
$conds['ipb_id'] = substr($this->ip, 1);
// Single IPs
} elseif (IP::isIPAddress($this->ip) && strpos($this->ip, '/') === false) {
if ($iaddr = IP::toHex($this->ip)) {
# Only scan ranges which start in this /16, this improves search speed
# Blocks should not cross a /16 boundary.
$range = substr($iaddr, 0, 4);
// Fixme -- encapsulate this sort of query-building.
$dbr = wfGetDB(DB_SLAVE);
$encIp = $dbr->addQuotes(IP::sanitizeIP($this->ip));
$encRange = $dbr->addQuotes("{$range}%");
$encAddr = $dbr->addQuotes($iaddr);
$conds[] = "(ipb_address = {$encIp}) OR \n\t\t\t\t\t(ipb_range_start LIKE {$encRange} AND\n\t\t\t\t\tipb_range_start <= {$encAddr}\n\t\t\t\t\tAND ipb_range_end >= {$encAddr})";
} else {
$conds['ipb_address'] = IP::sanitizeIP($this->ip);
}
$conds['ipb_auto'] = 0;
// IP range
} elseif (IP::isIPAddress($this->ip)) {
$conds['ipb_address'] = Block::normaliseRange($this->ip);
$conds['ipb_auto'] = 0;
} else {
$user = User::newFromName($this->ip);
if ($user && ($id = $user->getId()) != 0) {
$conds['ipb_user'] = $id;
} else {
// Uh...?
$conds['ipb_address'] = $this->ip;
$conds['ipb_auto'] = 0;
}
}
// Apply filters
if ($this->hideuserblocks) {
$conds['ipb_user'] = 0;
}
if ($this->hidetempblocks) {
$conds['ipb_expiry'] = 'infinity';
}
if ($this->hideaddressblocks) {
$conds[] = "ipb_user != 0 OR ipb_range_end > ipb_range_start";
}
$pager = new IPBlocklistPager($this, $conds);
if ($pager->getNumRows()) {
$wgOut->addHTML($this->searchForm() . $pager->getNavigationBar() . Xml::tags('ul', null, $pager->getBody()) . $pager->getNavigationBar());
} elseif ($this->ip != '') {
$wgOut->addHTML($this->searchForm());
$wgOut->addWikiMsg('ipblocklist-no-results');
} else {
$wgOut->addHTML($this->searchForm());
$wgOut->addWikiMsg('ipblocklist-empty');
}
}
/**
* Backend block code.
* $userID and $expiry will be filled accordingly
* @return array(message key, arguments) on failure, empty array on success
*/
function doBlock(&$userId = null, &$expiry = null)
{
global $wgUser, $wgSysopUserBans, $wgSysopRangeBans, $wgBlockAllowsUTEdit;
$userId = 0;
# Expand valid IPv6 addresses, usernames are left as is
$this->BlockAddress = IP::sanitizeIP($this->BlockAddress);
# isIPv4() and IPv6() are used for final validation
$rxIP4 = '\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}';
$rxIP6 = '\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}:\\w{1,4}';
$rxIP = "({$rxIP4}|{$rxIP6})";
# Check for invalid specifications
if (!preg_match("/^{$rxIP}\$/", $this->BlockAddress)) {
$matches = array();
if (preg_match("/^({$rxIP4})\\/(\\d{1,2})\$/", $this->BlockAddress, $matches)) {
# IPv4
if ($wgSysopRangeBans) {
if (!IP::isIPv4($this->BlockAddress) || $matches[2] < 16 || $matches[2] > 32) {
return array('ip_range_invalid');
}
$this->BlockAddress = Block::normaliseRange($this->BlockAddress);
} else {
# Range block illegal
return array('range_block_disabled');
}
} else {
if (preg_match("/^({$rxIP6})\\/(\\d{1,3})\$/", $this->BlockAddress, $matches)) {
# IPv6
if ($wgSysopRangeBans) {
if (!IP::isIPv6($this->BlockAddress) || $matches[2] < 64 || $matches[2] > 128) {
return array('ip_range_invalid');
}
$this->BlockAddress = Block::normaliseRange($this->BlockAddress);
} else {
# Range block illegal
return array('range_block_disabled');
}
} else {
# Username block
if ($wgSysopUserBans) {
$user = User::newFromName($this->BlockAddress);
if (!is_null($user) && $user->getId()) {
# Use canonical name
$userId = $user->getId();
$this->BlockAddress = $user->getName();
} else {
return array('nosuchusershort', htmlspecialchars($user ? $user->getName() : $this->BlockAddress));
}
} else {
return array('badipaddress');
}
}
}
}
if ($wgUser->isBlocked() && $wgUser->getId() !== $userId) {
return array('cant-block-while-blocked');
}
$reasonstr = $this->BlockReasonList;
if ($reasonstr != 'other' && $this->BlockReason != '') {
// Entry from drop down menu + additional comment
$reasonstr .= ': ' . $this->BlockReason;
} elseif ($reasonstr == 'other') {
$reasonstr = $this->BlockReason;
}
$expirestr = $this->BlockExpiry;
if ($expirestr == 'other') {
$expirestr = $this->BlockOther;
}
if (strlen($expirestr) == 0 || strlen($expirestr) > 50) {
return array('ipb_expiry_invalid');
}
if (false === ($expiry = Block::parseExpiryInput($expirestr))) {
// Bad expiry.
return array('ipb_expiry_invalid');
}
if ($this->BlockHideName && $expiry != 'infinity') {
// Bad expiry.
return array('ipb_expiry_temp');
}
# Create block
# Note: for a user block, ipb_address is only for display purposes
$block = new Block($this->BlockAddress, $userId, $wgUser->getId(), $reasonstr, wfTimestampNow(), 0, $expiry, $this->BlockAnonOnly, $this->BlockCreateAccount, $this->BlockEnableAutoblock, $this->BlockHideName, $this->BlockEmail, isset($this->BlockAllowUsertalk) ? $this->BlockAllowUsertalk : $wgBlockAllowsUTEdit);
if (wfRunHooks('BlockIp', array(&$block, &$wgUser))) {
if (!$block->insert()) {
if (!$this->BlockReblock) {
return array('ipb_already_blocked');
} else {
# This returns direct blocks before autoblocks/rangeblocks, since we should
# be sure the user is blocked by now it should work for our purposes
$currentBlock = Block::newFromDB($this->BlockAddress, $userId);
if ($block->equals($currentBlock)) {
return array('ipb_already_blocked');
}
$currentBlock->delete();
$block->insert();
$log_action = 'reblock';
}
} else {
$log_action = 'block';
}
wfRunHooks('BlockIpComplete', array($block, $wgUser));
if ($this->BlockWatchUser) {
$wgUser->addWatch(Title::makeTitle(NS_USER, $this->BlockAddress));
}
# Prepare log parameters
$logParams = array();
$logParams[] = $expirestr;
$logParams[] = $this->blockLogFlags();
# Make log entry, if the name is hidden, put it in the oversight log
$log_type = $this->BlockHideName ? 'suppress' : 'block';
$log = new LogPage($log_type);
$log->addEntry($log_action, Title::makeTitle(NS_USER, $this->BlockAddress), $reasonstr, $logParams);
# Report to the user
return array();
} else {
return array('hookaborted');
}
}
function showList($msg)
{
global $wgOut, $wgUser;
$wgOut->setPagetitle(wfMsg("ipblocklist"));
if ($msg != "") {
$wgOut->setSubtitle($msg);
}
// Purge expired entries on one in every 10 queries
if (!mt_rand(0, 10)) {
Block::purgeExpired();
}
$conds = array();
$matches = array();
// Is user allowed to see all the blocks?
if (!$wgUser->isAllowed('hideuser')) {
$conds['ipb_deleted'] = 0;
}
if ($this->ip == '') {
// No extra conditions
} elseif (substr($this->ip, 0, 1) == '#') {
$conds['ipb_id'] = substr($this->ip, 1);
// Single IPs
} elseif (IP::isIPAddress($this->ip) && strpos($this->ip, '/') === false) {
if ($iaddr = IP::toHex($this->ip)) {
# Only scan ranges which start in this /16, this improves search speed
# Blocks should not cross a /16 boundary.
$range = substr($iaddr, 0, 4);
// Fixme -- encapsulate this sort of query-building.
$dbr = wfGetDB(DB_SLAVE);
$encIp = $dbr->addQuotes(IP::sanitizeIP($this->ip));
$encAddr = $dbr->addQuotes($iaddr);
$conds[] = "(ipb_address = {$encIp}) OR \n\t\t\t\t\t(ipb_range_start" . $dbr->buildLike($range, $dbr->anyString()) . " AND\n\t\t\t\t\tipb_range_start <= {$encAddr}\n\t\t\t\t\tAND ipb_range_end >= {$encAddr})";
} else {
$conds['ipb_address'] = IP::sanitizeIP($this->ip);
}
$conds['ipb_auto'] = 0;
// IP range
} elseif (IP::isIPAddress($this->ip)) {
$conds['ipb_address'] = Block::normaliseRange($this->ip);
$conds['ipb_auto'] = 0;
} else {
$user = User::newFromName($this->ip);
if ($user && ($id = $user->getId()) != 0) {
$conds['ipb_user'] = $id;
} else {
// Uh...?
$conds['ipb_address'] = $this->ip;
$conds['ipb_auto'] = 0;
}
}
// Apply filters
if ($this->hideuserblocks) {
$conds['ipb_user'] = 0;
}
if ($this->hidetempblocks) {
$conds['ipb_expiry'] = 'infinity';
}
if ($this->hideaddressblocks) {
$conds[] = "ipb_user != 0 OR ipb_range_end > ipb_range_start";
}
// Search form
$wgOut->addHTML($this->searchForm());
// Check for other blocks, i.e. global/tor blocks
$otherBlockLink = array();
wfRunHooks('OtherBlockLogLink', array(&$otherBlockLink, $this->ip));
// Show additional header for the local block only when other blocks exists.
// Not necessary in a standard installation without such extensions enabled
if (count($otherBlockLink)) {
$wgOut->addHTML(Html::rawElement('h2', array(), wfMsg('ipblocklist-localblock')) . "\n");
}
$pager = new IPBlocklistPager($this, $conds);
if ($pager->getNumRows()) {
$wgOut->addHTML($pager->getNavigationBar() . Xml::tags('ul', null, $pager->getBody()) . $pager->getNavigationBar());
} elseif ($this->ip != '') {
$wgOut->addWikiMsg('ipblocklist-no-results');
} else {
$wgOut->addWikiMsg('ipblocklist-empty');
}
if (count($otherBlockLink)) {
$wgOut->addHTML(Html::rawElement('h2', array(), wfMsgExt('ipblocklist-otherblocks', 'parseinline', count($otherBlockLink))) . "\n");
$list = '';
foreach ($otherBlockLink as $link) {
$list .= Html::rawElement('li', array(), $link) . "\n";
}
$wgOut->addHTML(Html::rawElement('ul', array('class' => 'mw-ipblocklist-otherblocks'), $list) . "\n");
}
}
static function insertBlock($address, $reason, $expiry, $options = array())
{
global $wgUser;
$errors = array();
## Purge expired blocks.
GlobalBlocking::purgeExpired();
## Validate input
$ip = IP::sanitizeIP($address);
$anonOnly = in_array('anon-only', $options);
$modify = in_array('modify', $options);
if (!IP::isIPAddress($ip)) {
// Invalid IP address.
$errors[] = array('globalblocking-block-ipinvalid', $ip);
}
if (false === $expiry) {
$errors[] = array('globalblocking-block-expiryinvalid', $expiry);
}
$existingBlock = GlobalBlocking::getGlobalBlockId($ip);
if (!$modify && $existingBlock) {
$errors[] = array('globalblocking-block-alreadyblocked', $ip);
}
// Check for too-big ranges.
list($range_start, $range_end) = IP::parseRange($ip);
if (substr($range_start, 0, 4) != substr($range_end, 0, 4)) {
// Range crosses a /16 boundary.
$errors[] = array('globalblocking-block-bigrange', $ip);
}
// Normalise the range
if ($range_start != $range_end) {
$ip = Block::normaliseRange($ip);
}
if (count($errors) > 0) {
return $errors;
}
// We're a-ok.
$dbw = GlobalBlocking::getGlobalBlockingMaster();
// Delete the old block, if applicable
if ($modify) {
$dbw->delete('globalblocks', array('gb_id' => $existingBlock), __METHOD__);
}
$row = array();
$row['gb_address'] = $ip;
$row['gb_by'] = $wgUser->getName();
$row['gb_by_wiki'] = wfWikiId();
$row['gb_reason'] = $reason;
$row['gb_timestamp'] = $dbw->timestamp(wfTimestampNow());
$row['gb_anon_only'] = $anonOnly;
$row['gb_expiry'] = Block::encodeExpiry($expiry, $dbw);
list($row['gb_range_start'], $row['gb_range_end']) = array($range_start, $range_end);
$dbw->insert('globalblocks', $row, __METHOD__);
return array();
}
