X-Git-Url: https://scripts.mit.edu/gitweb/autoinstallsdev/mediawiki.git/blobdiff_plain/005c63129390e462618d69b42e7fd90eb81f8b9e..8c41e2cbfa5bfcd79f0aec6e34220379ccc842fd:/includes/specials/SpecialIpblocklist.php diff --git a/includes/specials/SpecialIpblocklist.php b/includes/specials/SpecialIpblocklist.php index dfdcf1a7..24d7f008 100644 --- a/includes/specials/SpecialIpblocklist.php +++ b/includes/specials/SpecialIpblocklist.php @@ -1,103 +1,134 @@ . - * @todo document + * A special page that lists existing blocks and allows users with the 'block' + * permission to remove blocks + * + * @ingroup SpecialPage */ -function wfSpecialIpblocklist( $ip = '' ) { - global $wgUser, $wgOut, $wgRequest; - $ip = $wgRequest->getVal( 'ip', $ip ); - $ip = trim( $wgRequest->getVal( 'wpUnblockAddress', $ip ) ); - $id = $wgRequest->getVal( 'id' ); - $reason = $wgRequest->getText( 'wpUnblockReason' ); - $action = $wgRequest->getText( 'action' ); - $successip = $wgRequest->getVal( 'successip' ); - - $ipu = new IPUnblockForm( $ip, $id, $reason ); - - if( $action == 'unblock' ) { - # Check permissions - if( !$wgUser->isAllowed( 'block' ) ) { - $wgOut->permissionRequired( 'block' ); - return; - } - # Check for database lock - if( wfReadOnly() ) { - $wgOut->readOnlyPage(); - return; - } - # Show unblock form - $ipu->showForm( '' ); - } elseif( $action == 'submit' && $wgRequest->wasPosted() - && $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) { - # Check permissions - if( !$wgUser->isAllowed( 'block' ) ) { - $wgOut->permissionRequired( 'block' ); - return; - } - # Check for database lock - if( wfReadOnly() ) { - $wgOut->readOnlyPage(); - return; - } - # Remove blocks and redirect user to success page - $ipu->doSubmit(); - } elseif( $action == 'success' ) { - # Inform the user of a successful unblock - # (No need to check permissions or locks here, - # if something was done, then it's too late!) - if ( substr( $successip, 0, 1) == '#' ) { - // A block ID was unblocked - $ipu->showList( $wgOut->parse( wfMsg( 'unblocked-id', $successip ) ) ); - } else { - // A username/IP was unblocked - $ipu->showList( $wgOut->parse( wfMsg( 'unblocked', $successip ) ) ); - } - } else { - # Just show the block list - $ipu->showList( '' ); +class IPUnblockForm extends SpecialPage { + var $ip, $reason, $id; + var $hideuserblocks, $hidetempblocks, $hideaddressblocks; + + function __construct() { + parent::__construct( 'Ipblocklist' ); } -} + /** + * Main execution point + * + * @param $ip part of title: Special:Ipblocklist/. + */ + function execute( $ip ) { + global $wgUser, $wgOut, $wgRequest; -/** - * implements Special:ipblocklist GUI - * @ingroup SpecialPage - */ -class IPUnblockForm { - var $ip, $reason, $id; + $this->setHeaders(); + $this->outputHeader(); - function IPUnblockForm( $ip, $id, $reason ) { - global $wgRequest; - $this->ip = strtr( $ip, '_', ' ' ); - $this->id = $id; - $this->reason = $reason; + $ip = $wgRequest->getVal( 'ip', $ip ); + $this->ip = trim( $wgRequest->getVal( 'wpUnblockAddress', $ip ) ); + $this->id = $wgRequest->getVal( 'id' ); + $this->reason = $wgRequest->getText( 'wpUnblockReason' ); $this->hideuserblocks = $wgRequest->getBool( 'hideuserblocks' ); $this->hidetempblocks = $wgRequest->getBool( 'hidetempblocks' ); $this->hideaddressblocks = $wgRequest->getBool( 'hideaddressblocks' ); + + $action = $wgRequest->getText( 'action' ); + $successip = $wgRequest->getVal( 'successip' ); + + if( $action == 'unblock' || $action == 'submit' && $wgRequest->wasPosted() ) { + # Check permissions + if( !$wgUser->isAllowed( 'block' ) ) { + $wgOut->permissionRequired( 'block' ); + return; + } + # Check for database lock + if( wfReadOnly() ) { + $wgOut->readOnlyPage(); + return; + } + + # bug 15810: blocked admins should have limited access here + if ( $wgUser->isBlocked() ) { + if ( $this->id ) { + # This doesn't pick up on autoblocks, but admins + # should have the ipblock-exempt permission anyway + $block = Block::newFromID( $this->id ); + $user = User::newFromName( $block->mAddress ); + } else { + $user = User::newFromName( $this->ip ); + } + $status = IPBlockForm::checkUnblockSelf( $user ); + if ( $status !== true ) { + throw new ErrorPageError( 'badaccess', $status ); + } + } + + if( $action == 'unblock' ){ + # Show unblock form + $this->showForm( '' ); + } elseif( $action == 'submit' + && $wgRequest->wasPosted() + && $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) + { + # Remove blocks and redirect user to success page + $this->doSubmit(); + } + + } elseif( $action == 'success' ) { + # Inform the user of a successful unblock + # (No need to check permissions or locks here, + # if something was done, then it's too late!) + if ( substr( $successip, 0, 1) == '#' ) { + // A block ID was unblocked + $this->showList( $wgOut->parse( wfMsg( 'unblocked-id', $successip ) ) ); + } else { + // A username/IP was unblocked + $this->showList( $wgOut->parse( wfMsg( 'unblocked', $successip ) ) ); + } + } else { + # Just show the block list + $this->showList( '' ); + } } /** * Generates the unblock form + * * @param $err string: error message * @return $out string: HTML form */ function showForm( $err ) { global $wgOut, $wgUser, $wgSysopUserBans; - $wgOut->setPagetitle( wfMsg( 'unblockip' ) ); $wgOut->addWikiMsg( 'unblockiptext' ); - $titleObj = SpecialPage::getTitleFor( "Ipblocklist" ); - $action = $titleObj->getLocalURL( "action=submit" ); + $action = $this->getTitle()->getLocalURL( 'action=submit' ); - if ( $err != "" ) { - $wgOut->setSubtitle( wfMsg( "formerror" ) ); - $wgOut->addWikiText( Xml::tags( 'span', array( 'class' => 'error' ), $err ) . "\n" ); + if ( $err != '' ) { + $wgOut->setSubtitle( wfMsg( 'formerror' ) ); + $wgOut->addWikiText( Html::rawElement( 'span', array( 'class' => 'error' ), $err ) . "\n" ); } $addressPart = false; @@ -106,7 +137,7 @@ class IPUnblockForm { if ( $block ) { $encName = htmlspecialchars( $block->getRedactedName() ); $encId = $this->id; - $addressPart = $encName . Xml::hidden( 'id', $encId ); + $addressPart = $encName . Html::hidden( 'id', $encId ); $ipa = wfMsgHtml( $wgSysopUserBans ? 'ipadressorusername' : 'ipaddress' ); } } @@ -116,10 +147,10 @@ class IPUnblockForm { } $wgOut->addHTML( - Xml::openElement( 'form', array( 'method' => 'post', 'action' => $action, 'id' => 'unblockip' ) ) . - Xml::openElement( 'fieldset' ) . - Xml::element( 'legend', null, wfMsg( 'ipb-unblock' ) ) . - Xml::openElement( 'table', array( 'id' => 'mw-unblock-table' ) ). + Html::openElement( 'form', array( 'method' => 'post', 'action' => $action, 'id' => 'unblockip' ) ) . + Html::openElement( 'fieldset' ) . + Html::element( 'legend', null, wfMsg( 'ipb-unblock' ) ) . + Html::openElement( 'table', array( 'id' => 'mw-unblock-table' ) ). " {$ipa} @@ -137,15 +168,15 @@ class IPUnblockForm { " -   +   " . Xml::submitButton( wfMsg( 'ipusubmit' ), array( 'name' => 'wpBlock', 'tabindex' => '3' ) ) . " " . - Xml::closeElement( 'table' ) . - Xml::closeElement( 'fieldset' ) . - Xml::hidden( 'wpEditToken', $wgUser->editToken() ) . - Xml::closeElement( 'form' ) . "\n" + Html::closeElement( 'table' ) . + Html::closeElement( 'fieldset' ) . + Html::hidden( 'wpEditToken', $wgUser->editToken() ) . + Html::closeElement( 'form' ) . "\n" ); } @@ -162,34 +193,35 @@ class IPUnblockForm { * case it contains the range $ip is part of. * @return array array(message key, parameters) on failure, empty array on success */ - - static function doUnblock(&$id, &$ip, &$reason, &$range = null, $blocker=null) { + public static function doUnblock( &$id, &$ip, &$reason, &$range = null, $blocker = null ) { if ( $id ) { $block = Block::newFromID( $id ); if ( !$block ) { - return array('ipb_cant_unblock', htmlspecialchars($id)); + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); } $ip = $block->getRedactedName(); } else { - $block = new Block(); $ip = trim( $ip ); if ( substr( $ip, 0, 1 ) == "#" ) { $id = substr( $ip, 1 ); $block = Block::newFromID( $id ); if( !$block ) { - return array('ipb_cant_unblock', htmlspecialchars($id)); + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); } $ip = $block->getRedactedName(); } else { + # FIXME: do proper sanitisation/cleanup here + $ip = str_replace( '_', ' ', $ip ); + $block = Block::newFromDB( $ip ); if ( !$block ) { - return array('ipb_cant_unblock', htmlspecialchars($id)); + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); } if( $block->mRangeStart != $block->mRangeEnd && !strstr( $ip, "/" ) ) { /* If the specified IP is a single address, and the block is * a range block, don't unblock the range. */ $range = $block->mAddress; - return array('ipb_blocked_as_range', $ip, $range); + return array( 'ipb_blocked_as_range', $ip, $range ); } } } @@ -198,13 +230,13 @@ class IPUnblockForm { # If the name was hidden and the blocking user cannot hide # names, then don't allow any block removals... - if( $blocker && $block->mHideName && !$blocker->isAllowed('hideuser') ) { - return array('ipb_cant_unblock', htmlspecialchars($id)); + if( $blocker && $block->mHideName && !$blocker->isAllowed( 'hideuser' ) ) { + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); } # Delete block if ( !$block->delete() ) { - return array('ipb_cant_unblock', htmlspecialchars($id)); + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); } # Unset _deleted fields as needed @@ -220,23 +252,23 @@ class IPUnblockForm { function doSubmit() { global $wgOut, $wgUser; - $retval = self::doUnblock($this->id, $this->ip, $this->reason, $range, $wgUser); - if( !empty($retval) ) { - $key = array_shift($retval); - $this->showForm(wfMsgReal($key, $retval)); + + $retval = self::doUnblock( $this->id, $this->ip, $this->reason, $range, $wgUser ); + if( !empty( $retval ) ) { + $key = array_shift( $retval ); + $this->showForm( wfMsgReal( $key, $retval ) ); return; } + # Report to the user - $titleObj = SpecialPage::getTitleFor( "Ipblocklist" ); - $success = $titleObj->getFullURL( "action=success&successip=" . urlencode( $this->ip ) ); + $success = $this->getTitle()->getFullURL( 'action=success&successip=' . urlencode( $this->ip ) ); $wgOut->redirect( $success ); } function showList( $msg ) { global $wgOut, $wgUser; - $wgOut->setPagetitle( wfMsg( "ipblocklist" ) ); - if ( $msg != "" ) { + if ( $msg != '' ) { $wgOut->setSubtitle( $msg ); } @@ -246,7 +278,6 @@ class IPUnblockForm { } $conds = array(); - $matches = array(); // Is user allowed to see all the blocks? if ( !$wgUser->isAllowed( 'hideuser' ) ) $conds['ipb_deleted'] = 0; @@ -255,25 +286,26 @@ class IPUnblockForm { } elseif ( substr( $this->ip, 0, 1 ) == '#' ) { $conds['ipb_id'] = substr( $this->ip, 1 ); // Single IPs - } elseif ( IP::isIPAddress($this->ip) && strpos($this->ip,'/') === false ) { - if( $iaddr = IP::toHex($this->ip) ) { + } elseif ( IP::isIPAddress( $this->ip ) && strpos( $this->ip, '/' ) === false ) { + $iaddr = IP::toHex( $this->ip ); + if( $iaddr ) { # Only scan ranges which start in this /16, this improves search speed # Blocks should not cross a /16 boundary. $range = substr( $iaddr, 0, 4 ); // Fixme -- encapsulate this sort of query-building. $dbr = wfGetDB( DB_SLAVE ); - $encIp = $dbr->addQuotes( IP::sanitizeIP($this->ip) ); + $encIp = $dbr->addQuotes( IP::sanitizeIP( $this->ip ) ); $encAddr = $dbr->addQuotes( $iaddr ); $conds[] = "(ipb_address = $encIp) OR (ipb_range_start" . $dbr->buildLike( $range, $dbr->anyString() ) . " AND ipb_range_start <= $encAddr AND ipb_range_end >= $encAddr)"; } else { - $conds['ipb_address'] = IP::sanitizeIP($this->ip); + $conds['ipb_address'] = IP::sanitizeIP( $this->ip ); } $conds['ipb_auto'] = 0; // IP range - } elseif ( IP::isIPAddress($this->ip) ) { + } elseif ( IP::isIPAddress( $this->ip ) ) { $conds['ipb_address'] = Block::normaliseRange( $this->ip ); $conds['ipb_auto'] = 0; } else { @@ -315,7 +347,7 @@ class IPUnblockForm { if ( $pager->getNumRows() ) { $wgOut->addHTML( $pager->getNavigationBar() . - Xml::tags( 'ul', null, $pager->getBody() ) . + Html::rawElement( 'ul', null, $pager->getBody() ) . $pager->getNavigationBar() ); } elseif ( $this->ip != '') { @@ -338,7 +370,7 @@ class IPUnblockForm { } function searchForm() { - global $wgScript, $wgRequest, $wgLang; + global $wgScript, $wgLang; $showhide = array( wfMsg( 'show' ), wfMsg( 'hide' ) ); $nondefaults = array(); @@ -365,30 +397,32 @@ class IPUnblockForm { $hl = $wgLang->pipeList( $links ); return - Xml::tags( 'form', array( 'action' => $wgScript ), - Xml::hidden( 'title', SpecialPage::getTitleFor( 'Ipblocklist' )->getPrefixedDbKey() ) . - Xml::openElement( 'fieldset' ) . - Xml::element( 'legend', null, wfMsg( 'ipblocklist-legend' ) ) . + Html::rawElement( 'form', array( 'action' => $wgScript ), + Html::hidden( 'title', $this->getTitle()->getPrefixedDbKey() ) . + Html::openElement( 'fieldset' ) . + Html::element( 'legend', null, wfMsg( 'ipblocklist-legend' ) ) . Xml::inputLabel( wfMsg( 'ipblocklist-username' ), 'ip', 'ip', /* size */ false, $this->ip ) . - ' ' . + ' ' . Xml::submitButton( wfMsg( 'ipblocklist-submit' ) ) . '
' . $hl . - Xml::closeElement( 'fieldset' ) + Html::closeElement( 'fieldset' ) ); } /** * Makes change an option link which carries all the other options + * * @param $title see Title - * @param $override - * @param $options + * @param $override Array: special query string options, will override the + * ones in $options + * @param $options Array: query string options + * @param $active Boolean: whether to display the link in bold */ function makeOptionsLink( $title, $override, $options, $active = false ) { global $wgUser; $sk = $wgUser->getSkin(); $params = $override + $options; - $ipblocklist = SpecialPage::getTitleFor( 'Ipblocklist' ); - return $sk->link( $ipblocklist, htmlspecialchars( $title ), + return $sk->link( $this->getTitle(), htmlspecialchars( $title ), ( $active ? array( 'style'=>'font-weight: bold;' ) : array() ), $params, array( 'known' ) ); } @@ -453,11 +487,10 @@ class IPUnblockForm { $line = wfMsgReplaceArgs( $msg['blocklistline'], array( $formattedTime, $blocker, $target, $properties ) ); - $unblocklink = ''; $changeblocklink = ''; $toolLinks = ''; if ( $wgUser->isAllowed( 'block' ) ) { - $unblocklink = $sk->link( SpecialPage::getTitleFor( 'Ipblocklist' ), + $unblocklink = $sk->link( $this->getTitle(), $msg['unblocklink'], array(), array( 'action' => 'unblock', 'id' => $block->mId ), @@ -513,7 +546,7 @@ class IPBlocklistPager extends ReverseChronologicalPager { # Faster way # Usernames and titles are in fact related by a simple substitution of space -> underscore # The last few lines of Title::secureAndSplit() tell the story. - while ( $row = $this->mResult->fetchObject() ) { + foreach ( $this->mResult as $row ) { $name = str_replace( ' ', '_', $row->ipb_by_text ); $lb->add( NS_USER, $name ); $lb->add( NS_USER_TALK, $name );