/**
* Load user data from the session or login cookie. If there are no valid
* credentials, initialises the user as an anonymous user.
* @return Bool True if the user is logged in, false otherwise.
*/
private function loadFromSession()
{
global $wgExternalAuthType, $wgAutocreatePolicy;
$result = null;
wfRunHooks('UserLoadFromSession', array($this, &$result));
if ($result !== null) {
return $result;
}
$request = $this->getRequest();
$cookieId = $request->getCookie('UserID');
$sessId = $request->getSessionData('wsUserID');
if ($cookieId !== null) {
$sId = intval($cookieId);
if ($sessId !== null && $cookieId != $sessId) {
$this->loadDefaults();
// Possible collision!
wfDebugLog('loginSessions', "Session user ID ({$sessId}) and\n\t\t\t\t\tcookie user ID ({$sId}) don't match!");
return false;
}
$request->setSessionData('wsUserID', $sId);
} elseif ($sessId !== null && $sessId != 0) {
$sId = $sessId;
} else {
$this->loadDefaults();
return false;
}
if ($request->getSessionData('wsUserName') !== null) {
$sName = $request->getSessionData('wsUserName');
} elseif ($request->getCookie('UserName') !== null) {
$sName = $request->getCookie('UserName');
$request->setSessionData('wsUserName', $sName);
} else {
$this->loadDefaults();
return false;
}
// wikia change start
if ($wgExternalAuthType && $wgAutocreatePolicy == 'view') {
$extUser = ExternalUser::newFromCookie();
if ($extUser) {
$extUser->linkToLocal($sId);
}
}
$passwordCorrect = FALSE;
// wikia change end
$proposedUser = User::newFromId($sId);
if (!$proposedUser->isLoggedIn()) {
# Not a valid ID
$this->loadDefaults();
return false;
}
global $wgBlockDisablesLogin;
if ($wgBlockDisablesLogin && $proposedUser->isBlocked()) {
# User blocked and we've disabled blocked user logins
$this->loadDefaults();
return false;
}
if ($request->getSessionData('wsToken')) {
$passwordCorrect = $proposedUser->getToken(false) === $request->getSessionData('wsToken');
$from = 'session';
} elseif ($request->getCookie('Token')) {
$passwordCorrect = $proposedUser->getToken(false) === $request->getCookie('Token');
$from = 'cookie';
} else {
# No session or persistent login cookie
$this->loadDefaults();
return false;
}
if ($sName === $proposedUser->getName() && $passwordCorrect) {
$this->loadFromUserObject($proposedUser);
$request->setSessionData('wsToken', $this->mToken);
wfDebug("User: logged in from {$from}\n");
wfRunHooks('UserLoadFromSessionInfo', array($this, $from));
return true;
} else {
# Invalid credentials
wfDebug("User: can't log in from {$from}, invalid credentials\n");
$this->loadDefaults();
return false;
}
}
/**
* Load user data from the session or login cookie. If there are no valid
* credentials, initialises the user as an anonymous user.
* @return Bool True if the user is logged in, false otherwise.
*/
private function loadFromSession()
{
global $wgExternalAuthType, $wgAutocreatePolicy;
$result = null;
wfRunHooks('UserLoadFromSession', array($this, &$result));
if ($result !== null) {
return $result;
}
if ($wgExternalAuthType && $wgAutocreatePolicy == 'view') {
$extUser = ExternalUser::newFromCookie();
if ($extUser) {
# TODO: Automatically create the user here (or probably a bit
# lower down, in fact)
}
}
$request = $this->getRequest();
$cookieId = $request->getCookie('UserID');
$sessId = $request->getSessionData('wsUserID');
if ($cookieId !== null) {
$sId = intval($cookieId);
if ($sessId !== null && $cookieId != $sessId) {
$this->loadDefaults();
// Possible collision!
wfDebugLog('loginSessions', "Session user ID ({$sessId}) and\n\t\t\t\t\tcookie user ID ({$sId}) don't match!");
return false;
}
$request->setSessionData('wsUserID', $sId);
} elseif ($sessId !== null && $sessId != 0) {
$sId = $sessId;
} else {
$this->loadDefaults();
return false;
}
if ($request->getSessionData('wsUserName') !== null) {
$sName = $request->getSessionData('wsUserName');
} elseif ($request->getCookie('UserName') !== null) {
$sName = $request->getCookie('UserName');
$request->setSessionData('wsUserName', $sName);
} else {
$this->loadDefaults();
return false;
}
$proposedUser = User::newFromId($sId);
if (!$proposedUser->isLoggedIn()) {
# Not a valid ID
$this->loadDefaults();
return false;
}
global $wgBlockDisablesLogin;
if ($wgBlockDisablesLogin && $proposedUser->isBlocked()) {
# User blocked and we've disabled blocked user logins
$this->loadDefaults();
return false;
}
if ($request->getSessionData('wsToken')) {
$passwordCorrect = $proposedUser->getToken(false) === $request->getSessionData('wsToken');
$from = 'session';
} elseif ($request->getCookie('Token')) {
# Get the token from DB/cache and clean it up to remove garbage padding.
# This deals with historical problems with bugs and the default column value.
$token = rtrim($proposedUser->getToken(false));
// correct token
// Make comparison in constant time (bug 61346)
$passwordCorrect = strlen($token) && $this->compareSecrets($token, $request->getCookie('Token'));
$from = 'cookie';
} else {
# No session or persistent login cookie
$this->loadDefaults();
return false;
}
if ($sName === $proposedUser->getName() && $passwordCorrect) {
$this->loadFromUserObject($proposedUser);
$request->setSessionData('wsToken', $this->mToken);
wfDebug("User: logged in from {$from}\n");
return true;
} else {
# Invalid credentials
wfDebug("User: can't log in from {$from}, invalid credentials\n");
$this->loadDefaults();
return false;
}
}
/**
* Load user data from the session or login cookie. If there are no valid
* credentials, initialises the user as an anonymous user.
* @return \bool True if the user is logged in, false otherwise.
*/
private function loadFromSession()
{
global $wgMemc, $wgCookiePrefix, $wgExternalAuthType, $wgAutocreatePolicy;
$result = null;
wfRunHooks('UserLoadFromSession', array($this, &$result));
if ($result !== null) {
return $result;
}
if ($wgExternalAuthType && $wgAutocreatePolicy == 'view') {
$extUser = ExternalUser::newFromCookie();
if ($extUser) {
# TODO: Automatically create the user here (or probably a bit
# lower down, in fact)
}
}
if (isset($_COOKIE["{$wgCookiePrefix}UserID"])) {
$sId = intval($_COOKIE["{$wgCookiePrefix}UserID"]);
if (isset($_SESSION['wsUserID']) && $sId != $_SESSION['wsUserID']) {
$this->loadDefaults();
// Possible collision!
wfDebugLog('loginSessions', "Session user ID ({$_SESSION['wsUserID']}) and\n\t\t\t\t\tcookie user ID ({$sId}) don't match!");
return false;
}
$_SESSION['wsUserID'] = $sId;
} else {
if (isset($_SESSION['wsUserID'])) {
if ($_SESSION['wsUserID'] != 0) {
$sId = $_SESSION['wsUserID'];
} else {
$this->loadDefaults();
return false;
}
} else {
$this->loadDefaults();
return false;
}
}
if (isset($_SESSION['wsUserName'])) {
$sName = $_SESSION['wsUserName'];
} else {
if (isset($_COOKIE["{$wgCookiePrefix}UserName"])) {
$sName = $_COOKIE["{$wgCookiePrefix}UserName"];
$_SESSION['wsUserName'] = $sName;
} else {
$this->loadDefaults();
return false;
}
}
$passwordCorrect = FALSE;
$proposedUser = User::newFromId($sId);
if (!$proposedUser->isLoggedIn()) {
# Not a valid ID
$this->loadDefaults();
return false;
}
global $wgBlockDisablesLogin;
if ($wgBlockDisablesLogin && $proposedUser->isBlocked()) {
# User blocked and we've disabled blocked user logins
$this->loadDefaults();
return false;
}
if (isset($_SESSION['wsToken'])) {
$passwordCorrect = $proposedUser->getToken() === $_SESSION['wsToken'];
$from = 'session';
} else {
if (isset($_COOKIE["{$wgCookiePrefix}Token"])) {
$passwordCorrect = $proposedUser->getToken() === $_COOKIE["{$wgCookiePrefix}Token"];
$from = 'cookie';
} else {
# No session or persistent login cookie
$this->loadDefaults();
return false;
}
}
if ($sName === $proposedUser->getName() && $passwordCorrect) {
$this->loadFromUserObject($proposedUser);
$_SESSION['wsToken'] = $this->mToken;
wfDebug("Logged in from {$from}\n");
return true;
} else {
# Invalid credentials
wfDebug("Can't log in from {$from}, invalid credentials\n");
$this->loadDefaults();
return false;
}
}
