/**
* @param User $user
* @param string $newaddr
* @return Status
*/
private function attemptChange(User $user, $newaddr)
{
$authManager = AuthManager::singleton();
if ($newaddr != '' && !Sanitizer::validateEmail($newaddr)) {
return Status::newFatal('invalidemailaddress');
}
if ($newaddr === $user->getEmail()) {
return Status::newFatal('changeemail-nochange');
}
$oldaddr = $user->getEmail();
$status = $user->setEmailWithConfirmation($newaddr);
if (!$status->isGood()) {
return $status;
}
Hooks::run('PrefsEmailAudit', [$user, $oldaddr, $newaddr]);
$user->saveSettings();
MediaWiki\Auth\AuthManager::callLegacyAuthPlugin('updateExternalDB', [$user]);
return $status;
}
public function invalidateSessionsForUser(User $user)
{
$user->setToken();
$user->saveSettings();
$authUser = \MediaWiki\Auth\AuthManager::callLegacyAuthPlugin('getUserInstance', [&$user]);
if ($authUser) {
$authUser->resetAuthToken();
}
foreach ($this->getProviders() as $provider) {
$provider->invalidateSessionsForUser($user);
}
}
/**
* Handle the form submission if everything validated properly
*
* @param array $formData
* @param PreferencesForm $form
* @return bool|Status|string
*/
static function tryFormSubmit($formData, $form)
{
$user = $form->getModifiedUser();
$hiddenPrefs = $form->getConfig()->get('HiddenPrefs');
$result = true;
if (!$user->isAllowedAny('editmyprivateinfo', 'editmyoptions')) {
return Status::newFatal('mypreferencesprotected');
}
// Filter input
foreach (array_keys($formData) as $name) {
if (isset(self::$saveFilters[$name])) {
$formData[$name] = call_user_func(self::$saveFilters[$name], $formData[$name], $formData);
}
}
// Fortunately, the realname field is MUCH simpler
// (not really "private", but still shouldn't be edited without permission)
if (!in_array('realname', $hiddenPrefs) && $user->isAllowed('editmyprivateinfo') && array_key_exists('realname', $formData)) {
$realName = $formData['realname'];
$user->setRealName($realName);
}
if ($user->isAllowed('editmyoptions')) {
foreach (self::$saveBlacklist as $b) {
unset($formData[$b]);
}
# If users have saved a value for a preference which has subsequently been disabled
# via $wgHiddenPrefs, we don't want to destroy that setting in case the preference
# is subsequently re-enabled
foreach ($hiddenPrefs as $pref) {
# If the user has not set a non-default value here, the default will be returned
# and subsequently discarded
$formData[$pref] = $user->getOption($pref, null, true);
}
// Keep old preferences from interfering due to back-compat code, etc.
$user->resetOptions('unused', $form->getContext());
foreach ($formData as $key => $value) {
$user->setOption($key, $value);
}
Hooks::run('PreferencesFormPreSave', [$formData, $form, $user, &$result]);
}
MediaWiki\Auth\AuthManager::callLegacyAuthPlugin('updateExternalDB', [$user]);
$user->saveSettings();
return $result;
}
/**
* Check if user account is hidden
*
* @return bool True if hidden, false otherwise
*/
public function isHidden()
{
if ($this->mHideName !== null) {
return $this->mHideName;
}
$this->getBlockedStatus();
if (!$this->mHideName) {
$authUser = AuthManager::callLegacyAuthPlugin('getUserInstance', [&$this], null);
$this->mHideName = $authUser && $authUser->isHidden();
Hooks::run('UserIsHidden', [$this, &$this->mHideName]);
}
return $this->mHideName;
}
