function spreadBlock()
{
# If the (non-anonymous) user is blocked, this function will block any IP address
# that they successfully log on from.
$fname = 'User::spreadBlock';
wfDebug("User:spreadBlock()\n");
if ($this->mId == 0) {
return;
}
$userblock = Block::newFromDB('', $this->mId);
if (!$userblock->isValid()) {
return;
}
# Check if this IP address is already blocked
$ipblock = Block::newFromDB(wfGetIP());
if ($ipblock->isValid()) {
# If the user is already blocked. Then check if the autoblock would
# excede the user block. If it would excede, then do nothing, else
# prolong block time
if ($userblock->mExpiry && $userblock->mExpiry < Block::getAutoblockExpiry($ipblock->mTimestamp)) {
return;
}
# Just update the timestamp
$ipblock->updateTimestamp();
return;
}
# Make a new block object with the desired properties
wfDebug("Autoblocking {$this->mName}@" . wfGetIP() . "\n");
$ipblock->mAddress = wfGetIP();
$ipblock->mUser = 0;
$ipblock->mBy = $userblock->mBy;
$ipblock->mReason = wfMsg('autoblocker', $this->getName(), $userblock->mReason);
$ipblock->mTimestamp = wfTimestampNow();
$ipblock->mAuto = 1;
# If the user is already blocked with an expiry date, we don't
# want to pile on top of that!
if ($userblock->mExpiry) {
$ipblock->mExpiry = min($userblock->mExpiry, Block::getAutoblockExpiry($ipblock->mTimestamp));
} else {
$ipblock->mExpiry = Block::getAutoblockExpiry($ipblock->mTimestamp);
}
# Insert it
$ipblock->insert();
}
/**
* Block a list of selected users
* @param array $users
* @param string $reason
* @param string $tag replaces user pages
* @param string $talkTag replaces user talk pages
* @returns array, list of html-safe usernames
*/
public static function doMassUserBlock($users, $reason = '', $tag = '', $talkTag = '')
{
global $wgUser;
$counter = $blockSize = 0;
$safeUsers = array();
$log = new LogPage('block');
foreach ($users as $name) {
# Enforce limits
$counter++;
$blockSize++;
# Lets not go *too* fast
if ($blockSize >= 20) {
$blockSize = 0;
wfWaitForSlaves(5);
}
$u = User::newFromName($name, false);
// If user doesn't exist, it ought to be an IP then
if (is_null($u) || !$u->getId() && !IP::isIPAddress($u->getName())) {
continue;
}
$userTitle = $u->getUserPage();
$userTalkTitle = $u->getTalkPage();
$userpage = new Article($userTitle);
$usertalk = new Article($userTalkTitle);
$safeUsers[] = '[[' . $userTitle->getPrefixedText() . '|' . $userTitle->getText() . ']]';
$expirestr = $u->getId() ? 'indefinite' : '1 week';
$expiry = Block::parseExpiryInput($expirestr);
$anonOnly = IP::isIPAddress($u->getName()) ? 1 : 0;
// Create the block
$block = new Block($u->getName(), $u->getId(), $wgUser->getId(), $reason, wfTimestampNow(), 0, $expiry, $anonOnly, 1, 1, 0, 0);
$oldblock = Block::newFromDB($u->getName(), $u->getId());
if (!$oldblock) {
$block->insert();
# Prepare log parameters
$logParams = array();
$logParams[] = $expirestr;
if ($anonOnly) {
$logParams[] = 'anononly';
}
$logParams[] = 'nocreate';
# Add log entry
$log->addEntry('block', $userTitle, $reason, $logParams);
}
# Tag userpage! (check length to avoid mistakes)
if (strlen($tag) > 2) {
$userpage->doEdit($tag, $reason, EDIT_MINOR);
}
if (strlen($talkTag) > 2) {
$usertalk->doEdit($talkTag, $reason, EDIT_MINOR);
}
}
return $safeUsers;
}
/**
* If the (non-anonymous) user is blocked, this function will block any IP address
* that they successfully log on from.
*/
function spreadBlock()
{
wfDebug(__METHOD__ . "()\n");
$this->load();
if ($this->mId == 0) {
return;
}
$userblock = Block::newFromDB('', $this->mId);
if (!$userblock) {
return;
}
$userblock->doAutoblock(wfGetIp());
}
/**
* Autoblocks the given IP, referring to this Block.
* @param string $autoblockip The IP to autoblock.
* @param bool $justInserted The main block was just inserted
* @return bool Whether or not an autoblock was inserted.
*/
function doAutoblock($autoblockip, $justInserted = false)
{
# If autoblocks are disabled, go away.
if (!$this->mEnableAutoblock) {
return;
}
# Check for presence on the autoblock whitelist
# TODO cache this?
$lines = explode("\n", wfMsgForContentNoTrans('autoblock_whitelist'));
$ip = $autoblockip;
wfDebug("Checking the autoblock whitelist..\n");
foreach ($lines as $line) {
# List items only
if (substr($line, 0, 1) !== '*') {
continue;
}
$wlEntry = substr($line, 1);
$wlEntry = trim($wlEntry);
wfDebug("Checking {$ip} against {$wlEntry}...");
# Is the IP in this range?
if (IP::isInRange($ip, $wlEntry)) {
wfDebug(" IP {$ip} matches {$wlEntry}, not autoblocking\n");
#$autoblockip = null; # Don't autoblock a whitelisted IP.
return;
#This /SHOULD/ introduce a dummy block - but
# I don't know a safe way to do so. -werdna
} else {
wfDebug(" No match\n");
}
}
# It's okay to autoblock. Go ahead and create/insert the block.
$ipblock = Block::newFromDB($autoblockip);
if ($ipblock) {
# If the user is already blocked. Then check if the autoblock would
# exceed the user block. If it would exceed, then do nothing, else
# prolong block time
if ($this->mExpiry && $this->mExpiry < Block::getAutoblockExpiry($ipblock->mTimestamp)) {
return;
}
# Just update the timestamp
if (!$justInserted) {
$ipblock->updateTimestamp();
}
return;
} else {
$ipblock = new Block();
}
# Make a new block object with the desired properties
wfDebug("Autoblocking {$this->mAddress}@" . $autoblockip . "\n");
$ipblock->mAddress = $autoblockip;
$ipblock->mUser = 0;
$ipblock->mBy = $this->mBy;
$ipblock->mReason = wfMsgForContent('autoblocker', $this->mAddress, $this->mReason);
$ipblock->mTimestamp = wfTimestampNow();
$ipblock->mAuto = 1;
$ipblock->mCreateAccount = $this->mCreateAccount;
# Continue suppressing the name if needed
$ipblock->mHideName = $this->mHideName;
# If the user is already blocked with an expiry date, we don't
# want to pile on top of that!
if ($this->mExpiry) {
$ipblock->mExpiry = min($this->mExpiry, Block::getAutoblockExpiry($this->mTimestamp));
} else {
$ipblock->mExpiry = Block::getAutoblockExpiry($this->mTimestamp);
}
# Insert it
return $ipblock->insert();
}
function doSubmit()
{
global $wgOut;
if ($this->id) {
$block = Block::newFromID($this->id);
if ($block) {
$this->ip = $block->getRedactedName();
}
} else {
$block = new Block();
$this->ip = trim($this->ip);
if (substr($this->ip, 0, 1) == "#") {
$id = substr($this->ip, 1);
$block = Block::newFromID($id);
} else {
$block = Block::newFromDB($this->ip);
if (!$block) {
$block = null;
}
}
}
$success = false;
if ($block) {
# Delete block
if ($block->delete()) {
# Make log entry
$log = new LogPage('block');
$log->addEntry('unblock', Title::makeTitle(NS_USER, $this->ip), $this->reason);
$success = true;
}
}
if ($success) {
# Report to the user
$titleObj = Title::makeTitle(NS_SPECIAL, "Ipblocklist");
$success = $titleObj->getFullURL("action=success&successip=" . urlencode($this->ip));
$wgOut->redirect($success);
} else {
if (!$this->ip && $this->id) {
$this->ip = '#' . $this->id;
}
$this->showForm(wfMsg('ipb_cant_unblock', htmlspecialchars($this->id)));
}
}
/**
* Autoblocks the given IP, referring to this Block.
*
* @param $autoblockIP String: the IP to autoblock.
* @param $justInserted Boolean: the main block was just inserted
* @return Boolean: whether or not an autoblock was inserted.
*/
public function doAutoblock($autoblockIP, $justInserted = false)
{
# If autoblocks are disabled, go away.
if (!$this->mEnableAutoblock) {
return;
}
# Check for presence on the autoblock whitelist
if (Block::isWhitelistedFromAutoblocks($autoblockIP)) {
return;
}
## Allow hooks to cancel the autoblock.
if (!wfRunHooks('AbortAutoblock', array($autoblockIP, &$this))) {
wfDebug("Autoblock aborted by hook.\n");
return false;
}
# It's okay to autoblock. Go ahead and create/insert the block.
$ipblock = Block::newFromDB($autoblockIP);
if ($ipblock) {
# If the user is already blocked. Then check if the autoblock would
# exceed the user block. If it would exceed, then do nothing, else
# prolong block time
if ($this->mExpiry && $this->mExpiry < Block::getAutoblockExpiry($ipblock->mTimestamp)) {
return;
}
# Just update the timestamp
if (!$justInserted) {
$ipblock->updateTimestamp();
}
return;
} else {
$ipblock = new Block();
}
# Make a new block object with the desired properties
wfDebug("Autoblocking {$this->mAddress}@" . $autoblockIP . "\n");
$ipblock->mAddress = $autoblockIP;
$ipblock->mUser = 0;
$ipblock->mBy = $this->mBy;
$ipblock->mByName = $this->mByName;
$ipblock->mReason = wfMsgForContent('autoblocker', $this->mAddress, $this->mReason);
$ipblock->mTimestamp = wfTimestampNow();
$ipblock->mAuto = 1;
$ipblock->mCreateAccount = $this->mCreateAccount;
# Continue suppressing the name if needed
$ipblock->mHideName = $this->mHideName;
$ipblock->mAllowUsertalk = $this->mAllowUsertalk;
# If the user is already blocked with an expiry date, we don't
# want to pile on top of that!
if ($this->mExpiry) {
$ipblock->mExpiry = min($this->mExpiry, Block::getAutoblockExpiry($this->mTimestamp));
} else {
$ipblock->mExpiry = Block::getAutoblockExpiry($this->mTimestamp);
}
# Insert it
return $ipblock->insert();
}
/**
* If the (non-anonymous) user is blocked, this function will block any IP address
* that they successfully log on from.
*/
function spreadBlock()
{
wfDebug(__METHOD__ . "()\n");
$this->load();
if ($this->mId == 0) {
return;
}
$userblock = Block::newFromDB('', $this->mId);
if (!$userblock) {
return;
}
$currentIP = wfGetIp();
error_log(__METHOD__ . ": calling Autoblock for user " . $this->mName . " id=" . $this->mId . " ip=" . $currentIP . "\n", 3, '/tmp/block.log');
// Reuben commented this spreading because it was causing problems in the
// wikiHaus. There is a banned user that keeps doing activity with our IP
// address somehow but it's been a few hours debugging without result,
// so this is the best compromise. Oct 24, 2013
//$userblock->doAutoblock( $currentIP );
}
/**
* Backend code for unblocking. doSubmit() wraps around this.
* $range is only used when UNBLOCK_BLOCKED_AS_RANGE is returned, in which
* case it contains the range $ip is part of.
* @return array array(message key, parameters) on failure, empty array on success
*/
static function doUnblock(&$id, &$ip, &$reason, &$range = null)
{
if ($id) {
$block = Block::newFromID($id);
if (!$block) {
return array('ipb_cant_unblock', htmlspecialchars($id));
}
$ip = $block->getRedactedName();
} else {
$block = new Block();
$ip = trim($ip);
if (substr($ip, 0, 1) == "#") {
$id = substr($ip, 1);
$block = Block::newFromID($id);
if (!$block) {
return array('ipb_cant_unblock', htmlspecialchars($id));
}
$ip = $block->getRedactedName();
} else {
$block = Block::newFromDB($ip);
if (!$block) {
return array('ipb_cant_unblock', htmlspecialchars($id));
}
if ($block->mRangeStart != $block->mRangeEnd && !strstr($ip, "/")) {
/* If the specified IP is a single address, and the block is
* a range block, don't unblock the range. */
$range = $block->mAddress;
return array('ipb_blocked_as_range', $ip, $range);
}
}
}
// Yes, this is really necessary
$id = $block->mId;
# Delete block
if (!$block->delete()) {
return array('ipb_cant_unblock', htmlspecialchars($id));
}
# Make log entry
$log = new LogPage('block');
$log->addEntry('unblock', Title::makeTitle(NS_USER, $ip), $reason);
return array();
}
/**
* Backend code for unblocking. doSubmit() wraps around this.
* $range is only used when UNBLOCK_BLOCKED_AS_RANGE is returned, in which
* case it contains the range $ip is part of.
* @return array array(message key, parameters) on failure, empty array on success
*/
static function doUnblock(&$id, &$ip, &$reason, &$range = null, $blocker = null)
{
if ($id) {
$block = Block::newFromID($id);
if (!$block) {
return array('ipb_cant_unblock', htmlspecialchars($id));
}
$ip = $block->getRedactedName();
} else {
$block = new Block();
$ip = trim($ip);
if (substr($ip, 0, 1) == "#") {
$id = substr($ip, 1);
$block = Block::newFromID($id);
if (!$block) {
return array('ipb_cant_unblock', htmlspecialchars($id));
}
$ip = $block->getRedactedName();
} else {
$block = Block::newFromDB($ip);
if (!$block) {
return array('ipb_cant_unblock', htmlspecialchars($id));
}
if ($block->mRangeStart != $block->mRangeEnd && !strstr($ip, "/")) {
/* If the specified IP is a single address, and the block is
* a range block, don't unblock the range. */
$range = $block->mAddress;
return array('ipb_blocked_as_range', $ip, $range);
}
}
}
// Yes, this is really necessary
$id = $block->mId;
# If the name was hidden and the blocking user cannot hide
# names, then don't allow any block removals...
if ($blocker && $block->mHideName && !$blocker->isAllowed('hideuser')) {
return array('ipb_cant_unblock', htmlspecialchars($id));
}
# Delete block
if (!$block->delete()) {
return array('ipb_cant_unblock', htmlspecialchars($id));
}
# Unset _deleted fields as needed
if ($block->mHideName) {
IPBlockForm::unsuppressUserName($block->mAddress, $block->mUser);
}
# Make log entry
$log = new LogPage('block');
$log->addEntry('unblock', Title::makeTitle(NS_USER, $ip), $reason);
return array();
}
function revertAction($action, $result)
{
switch ($action) {
case 'block':
$block = Block::newFromDB('', $result['userid'], false);
if (!$block || $block->getBy() != AbuseFilter::getFilterUser()->getId()) {
return false;
}
// Not blocked by abuse filter.
$block->delete();
$log = new LogPage('block');
$log->addEntry('unblock', Title::makeTitle(NS_USER, $result['user']), wfMsgForContent('abusefilter-revert-reason', $this->mPage->mFilter, $this->mReason));
break;
case 'blockautopromote':
global $wgMemc;
$wgMemc->delete(AbuseFilter::autopromoteBlockKey(User::newFromId($result['userid'])));
break;
case 'degroup':
// Pull the user's groups from the vars.
$oldGroups = $result['vars']['USER_GROUPS'];
$oldGroups = explode(',', $oldGroups);
$oldGroups = array_diff($oldGroups, array_intersect($oldGroups, User::getImplicitGroups()));
$rows = array();
foreach ($oldGroups as $group) {
$rows[] = array('ug_user' => $result['userid'], 'ug_group' => $group);
}
// Cheat a little bit. User::addGroup repeatedly is too slow.
$user = User::newFromId($result['userid']);
$currentGroups = $user->getGroups();
$newGroups = array_merge($oldGroups, $currentGroups);
// Don't do anything if there are no groups to add.
if (!count(array_diff($newGroups, $currentGroups))) {
return;
}
$dbw = wfGetDB(DB_MASTER);
$dbw->insert('user_groups', $rows, __METHOD__, array('IGNORE'));
$user->invalidateCache();
$log = new LogPage('rights');
$log->addEntry('rights', $user->getUserPage(), wfMsgForContent('abusefilter-revert-reason', $this->mPage->mFilter, $this->mReason), array(implode(',', $currentGroups), implode(',', $newGroups)));
}
}
