X-Git-Url: https://scripts.mit.edu/gitweb/autoinstallsdev/mediawiki.git/blobdiff_plain/51ff73d1c23dde7d9149040d018c42ae27b20a0c..8c41e2cbfa5bfcd79f0aec6e34220379ccc842fd:/includes/specials/SpecialIpblocklist.php diff --git a/includes/specials/SpecialIpblocklist.php b/includes/specials/SpecialIpblocklist.php index 8d573547..24d7f008 100644 --- a/includes/specials/SpecialIpblocklist.php +++ b/includes/specials/SpecialIpblocklist.php @@ -1,102 +1,134 @@ getVal( 'wpUnblockAddress', $wgRequest->getVal( 'ip' ) ) ); - $id = $wgRequest->getVal( 'id' ); - $reason = $wgRequest->getText( 'wpUnblockReason' ); - $action = $wgRequest->getText( 'action' ); - $successip = $wgRequest->getVal( 'successip' ); - - $ipu = new IPUnblockForm( $ip, $id, $reason ); +class IPUnblockForm extends SpecialPage { + var $ip, $reason, $id; + var $hideuserblocks, $hidetempblocks, $hideaddressblocks; - if( $action == 'unblock' ) { - # Check permissions - if( !$wgUser->isAllowed( 'block' ) ) { - $wgOut->permissionRequired( 'block' ); - return; - } - # Check for database lock - if( wfReadOnly() ) { - $wgOut->readOnlyPage(); - return; - } - # Show unblock form - $ipu->showForm( '' ); - } elseif( $action == 'submit' && $wgRequest->wasPosted() - && $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) { - # Check permissions - if( !$wgUser->isAllowed( 'block' ) ) { - $wgOut->permissionRequired( 'block' ); - return; - } - # Check for database lock - if( wfReadOnly() ) { - $wgOut->readOnlyPage(); - return; - } - # Remove blocks and redirect user to success page - $ipu->doSubmit(); - } elseif( $action == 'success' ) { - # Inform the user of a successful unblock - # (No need to check permissions or locks here, - # if something was done, then it's too late!) - if ( substr( $successip, 0, 1) == '#' ) { - // A block ID was unblocked - $ipu->showList( $wgOut->parse( wfMsg( 'unblocked-id', $successip ) ) ); - } else { - // A username/IP was unblocked - $ipu->showList( $wgOut->parse( wfMsg( 'unblocked', $successip ) ) ); - } - } else { - # Just show the block list - $ipu->showList( '' ); + function __construct() { + parent::__construct( 'Ipblocklist' ); } -} + /** + * Main execution point + * + * @param $ip part of title: Special:Ipblocklist/. + */ + function execute( $ip ) { + global $wgUser, $wgOut, $wgRequest; -/** - * implements Special:ipblocklist GUI - * @ingroup SpecialPage - */ -class IPUnblockForm { - var $ip, $reason, $id; + $this->setHeaders(); + $this->outputHeader(); - function IPUnblockForm( $ip, $id, $reason ) { - global $wgRequest; - $this->ip = strtr( $ip, '_', ' ' ); - $this->id = $id; - $this->reason = $reason; + $ip = $wgRequest->getVal( 'ip', $ip ); + $this->ip = trim( $wgRequest->getVal( 'wpUnblockAddress', $ip ) ); + $this->id = $wgRequest->getVal( 'id' ); + $this->reason = $wgRequest->getText( 'wpUnblockReason' ); $this->hideuserblocks = $wgRequest->getBool( 'hideuserblocks' ); $this->hidetempblocks = $wgRequest->getBool( 'hidetempblocks' ); $this->hideaddressblocks = $wgRequest->getBool( 'hideaddressblocks' ); + + $action = $wgRequest->getText( 'action' ); + $successip = $wgRequest->getVal( 'successip' ); + + if( $action == 'unblock' || $action == 'submit' && $wgRequest->wasPosted() ) { + # Check permissions + if( !$wgUser->isAllowed( 'block' ) ) { + $wgOut->permissionRequired( 'block' ); + return; + } + # Check for database lock + if( wfReadOnly() ) { + $wgOut->readOnlyPage(); + return; + } + + # bug 15810: blocked admins should have limited access here + if ( $wgUser->isBlocked() ) { + if ( $this->id ) { + # This doesn't pick up on autoblocks, but admins + # should have the ipblock-exempt permission anyway + $block = Block::newFromID( $this->id ); + $user = User::newFromName( $block->mAddress ); + } else { + $user = User::newFromName( $this->ip ); + } + $status = IPBlockForm::checkUnblockSelf( $user ); + if ( $status !== true ) { + throw new ErrorPageError( 'badaccess', $status ); + } + } + + if( $action == 'unblock' ){ + # Show unblock form + $this->showForm( '' ); + } elseif( $action == 'submit' + && $wgRequest->wasPosted() + && $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) + { + # Remove blocks and redirect user to success page + $this->doSubmit(); + } + + } elseif( $action == 'success' ) { + # Inform the user of a successful unblock + # (No need to check permissions or locks here, + # if something was done, then it's too late!) + if ( substr( $successip, 0, 1) == '#' ) { + // A block ID was unblocked + $this->showList( $wgOut->parse( wfMsg( 'unblocked-id', $successip ) ) ); + } else { + // A username/IP was unblocked + $this->showList( $wgOut->parse( wfMsg( 'unblocked', $successip ) ) ); + } + } else { + # Just show the block list + $this->showList( '' ); + } } /** * Generates the unblock form + * * @param $err string: error message * @return $out string: HTML form */ function showForm( $err ) { global $wgOut, $wgUser, $wgSysopUserBans; - $wgOut->setPagetitle( wfMsg( 'unblockip' ) ); $wgOut->addWikiMsg( 'unblockiptext' ); - $titleObj = SpecialPage::getTitleFor( "Ipblocklist" ); - $action = $titleObj->getLocalURL( "action=submit" ); + $action = $this->getTitle()->getLocalURL( 'action=submit' ); - if ( "" != $err ) { - $wgOut->setSubtitle( wfMsg( "formerror" ) ); - $wgOut->addWikiText( Xml::tags( 'span', array( 'class' => 'error' ), $err ) . "\n" ); + if ( $err != '' ) { + $wgOut->setSubtitle( wfMsg( 'formerror' ) ); + $wgOut->addWikiText( Html::rawElement( 'span', array( 'class' => 'error' ), $err ) . "\n" ); } $addressPart = false; @@ -105,7 +137,7 @@ class IPUnblockForm { if ( $block ) { $encName = htmlspecialchars( $block->getRedactedName() ); $encId = $this->id; - $addressPart = $encName . Xml::hidden( 'id', $encId ); + $addressPart = $encName . Html::hidden( 'id', $encId ); $ipa = wfMsgHtml( $wgSysopUserBans ? 'ipadressorusername' : 'ipaddress' ); } } @@ -115,10 +147,10 @@ class IPUnblockForm { } $wgOut->addHTML( - Xml::openElement( 'form', array( 'method' => 'post', 'action' => $action, 'id' => 'unblockip' ) ) . - Xml::openElement( 'fieldset' ) . - Xml::element( 'legend', null, wfMsg( 'ipb-unblock' ) ) . - Xml::openElement( 'table', array( 'id' => 'mw-unblock-table' ) ). + Html::openElement( 'form', array( 'method' => 'post', 'action' => $action, 'id' => 'unblockip' ) ) . + Html::openElement( 'fieldset' ) . + Html::element( 'legend', null, wfMsg( 'ipb-unblock' ) ) . + Html::openElement( 'table', array( 'id' => 'mw-unblock-table' ) ). " {$ipa} @@ -136,15 +168,15 @@ class IPUnblockForm { " -   +   " . Xml::submitButton( wfMsg( 'ipusubmit' ), array( 'name' => 'wpBlock', 'tabindex' => '3' ) ) . " " . - Xml::closeElement( 'table' ) . - Xml::closeElement( 'fieldset' ) . - Xml::hidden( 'wpEditToken', $wgUser->editToken() ) . - Xml::closeElement( 'form' ) . "\n" + Html::closeElement( 'table' ) . + Html::closeElement( 'fieldset' ) . + Html::hidden( 'wpEditToken', $wgUser->editToken() ) . + Html::closeElement( 'form' ) . "\n" ); } @@ -161,44 +193,55 @@ class IPUnblockForm { * case it contains the range $ip is part of. * @return array array(message key, parameters) on failure, empty array on success */ - - static function doUnblock(&$id, &$ip, &$reason, &$range = null) { + public static function doUnblock( &$id, &$ip, &$reason, &$range = null, $blocker = null ) { if ( $id ) { $block = Block::newFromID( $id ); if ( !$block ) { - return array('ipb_cant_unblock', htmlspecialchars($id)); + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); } $ip = $block->getRedactedName(); } else { - $block = new Block(); $ip = trim( $ip ); if ( substr( $ip, 0, 1 ) == "#" ) { $id = substr( $ip, 1 ); $block = Block::newFromID( $id ); if( !$block ) { - return array('ipb_cant_unblock', htmlspecialchars($id)); + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); } $ip = $block->getRedactedName(); } else { + # FIXME: do proper sanitisation/cleanup here + $ip = str_replace( '_', ' ', $ip ); + $block = Block::newFromDB( $ip ); if ( !$block ) { - return array('ipb_cant_unblock', htmlspecialchars($id)); + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); } - if( $block->mRangeStart != $block->mRangeEnd - && !strstr( $ip, "/" ) ) { + if( $block->mRangeStart != $block->mRangeEnd && !strstr( $ip, "/" ) ) { /* If the specified IP is a single address, and the block is * a range block, don't unblock the range. */ $range = $block->mAddress; - return array('ipb_blocked_as_range', $ip, $range); + return array( 'ipb_blocked_as_range', $ip, $range ); } } } // Yes, this is really necessary $id = $block->mId; + + # If the name was hidden and the blocking user cannot hide + # names, then don't allow any block removals... + if( $blocker && $block->mHideName && !$blocker->isAllowed( 'hideuser' ) ) { + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); + } # Delete block if ( !$block->delete() ) { - return array('ipb_cant_unblock', htmlspecialchars($id)); + return array( 'ipb_cant_unblock', htmlspecialchars( $id ) ); + } + + # Unset _deleted fields as needed + if( $block->mHideName ) { + IPBlockForm::unsuppressUserName( $block->mAddress, $block->mUser ); } # Make log entry @@ -208,25 +251,24 @@ class IPUnblockForm { } function doSubmit() { - global $wgOut; - $retval = self::doUnblock($this->id, $this->ip, $this->reason, $range); - if(!empty($retval)) - { - $key = array_shift($retval); - $this->showForm(wfMsgReal($key, $retval)); + global $wgOut, $wgUser; + + $retval = self::doUnblock( $this->id, $this->ip, $this->reason, $range, $wgUser ); + if( !empty( $retval ) ) { + $key = array_shift( $retval ); + $this->showForm( wfMsgReal( $key, $retval ) ); return; } + # Report to the user - $titleObj = SpecialPage::getTitleFor( "Ipblocklist" ); - $success = $titleObj->getFullURL( "action=success&successip=" . urlencode( $this->ip ) ); + $success = $this->getTitle()->getFullURL( 'action=success&successip=' . urlencode( $this->ip ) ); $wgOut->redirect( $success ); } function showList( $msg ) { global $wgOut, $wgUser; - $wgOut->setPagetitle( wfMsg( "ipblocklist" ) ); - if ( "" != $msg ) { + if ( $msg != '' ) { $wgOut->setSubtitle( $msg ); } @@ -236,35 +278,34 @@ class IPUnblockForm { } $conds = array(); - $matches = array(); // Is user allowed to see all the blocks? - if ( !$wgUser->isAllowed( 'suppress' ) ) + if ( !$wgUser->isAllowed( 'hideuser' ) ) $conds['ipb_deleted'] = 0; if ( $this->ip == '' ) { // No extra conditions } elseif ( substr( $this->ip, 0, 1 ) == '#' ) { $conds['ipb_id'] = substr( $this->ip, 1 ); // Single IPs - } elseif ( IP::isIPAddress($this->ip) && strpos($this->ip,'/') === false ) { - if( $iaddr = IP::toHex($this->ip) ) { + } elseif ( IP::isIPAddress( $this->ip ) && strpos( $this->ip, '/' ) === false ) { + $iaddr = IP::toHex( $this->ip ); + if( $iaddr ) { # Only scan ranges which start in this /16, this improves search speed # Blocks should not cross a /16 boundary. $range = substr( $iaddr, 0, 4 ); // Fixme -- encapsulate this sort of query-building. $dbr = wfGetDB( DB_SLAVE ); - $encIp = $dbr->addQuotes( IP::sanitizeIP($this->ip) ); - $encRange = $dbr->addQuotes( "$range%" ); + $encIp = $dbr->addQuotes( IP::sanitizeIP( $this->ip ) ); $encAddr = $dbr->addQuotes( $iaddr ); $conds[] = "(ipb_address = $encIp) OR - (ipb_range_start LIKE $encRange AND + (ipb_range_start" . $dbr->buildLike( $range, $dbr->anyString() ) . " AND ipb_range_start <= $encAddr AND ipb_range_end >= $encAddr)"; } else { - $conds['ipb_address'] = IP::sanitizeIP($this->ip); + $conds['ipb_address'] = IP::sanitizeIP( $this->ip ); } $conds['ipb_auto'] = 0; // IP range - } elseif ( IP::isIPAddress($this->ip) ) { + } elseif ( IP::isIPAddress( $this->ip ) ) { $conds['ipb_address'] = Block::normaliseRange( $this->ip ); $conds['ipb_auto'] = 0; } else { @@ -288,25 +329,48 @@ class IPUnblockForm { $conds[] = "ipb_user != 0 OR ipb_range_end > ipb_range_start"; } + // Search form + $wgOut->addHTML( $this->searchForm() ); + + // Check for other blocks, i.e. global/tor blocks + $otherBlockLink = array(); + wfRunHooks( 'OtherBlockLogLink', array( &$otherBlockLink, $this->ip ) ); + + // Show additional header for the local block only when other blocks exists. + // Not necessary in a standard installation without such extensions enabled + if( count( $otherBlockLink ) ) { + $wgOut->addHTML( + Html::rawElement( 'h2', array(), wfMsg( 'ipblocklist-localblock' ) ) . "\n" + ); + } $pager = new IPBlocklistPager( $this, $conds ); if ( $pager->getNumRows() ) { $wgOut->addHTML( - $this->searchForm() . $pager->getNavigationBar() . - Xml::tags( 'ul', null, $pager->getBody() ) . + Html::rawElement( 'ul', null, $pager->getBody() ) . $pager->getNavigationBar() ); } elseif ( $this->ip != '') { - $wgOut->addHTML( $this->searchForm() ); $wgOut->addWikiMsg( 'ipblocklist-no-results' ); } else { - $wgOut->addHTML( $this->searchForm() ); $wgOut->addWikiMsg( 'ipblocklist-empty' ); } + + if( count( $otherBlockLink ) ) { + $wgOut->addHTML( + Html::rawElement( 'h2', array(), wfMsgExt( 'ipblocklist-otherblocks', 'parseinline', count( $otherBlockLink ) ) ) . "\n" + ); + $list = ''; + foreach( $otherBlockLink as $link ) { + $list .= Html::rawElement( 'li', array(), $link ) . "\n"; + } + $wgOut->addHTML( Html::rawElement( 'ul', array( 'class' => 'mw-ipblocklist-otherblocks' ), $list ) . "\n" ); + } + } function searchForm() { - global $wgTitle, $wgScript, $wgRequest; + global $wgScript, $wgLang; $showhide = array( wfMsg( 'show' ), wfMsg( 'hide' ) ); $nondefaults = array(); @@ -330,33 +394,35 @@ class IPUnblockForm { $links[] = wfMsgHtml( 'ipblocklist-sh-userblocks', $ubLink ); $links[] = wfMsgHtml( 'ipblocklist-sh-tempblocks', $tbLink ); $links[] = wfMsgHtml( 'ipblocklist-sh-addressblocks', $sipbLink ); - $hl = implode( ' ' . wfMsg( 'pipe-separator' ) . ' ', $links ); + $hl = $wgLang->pipeList( $links ); return - Xml::tags( 'form', array( 'action' => $wgScript ), - Xml::hidden( 'title', $wgTitle->getPrefixedDbKey() ) . - Xml::openElement( 'fieldset' ) . - Xml::element( 'legend', null, wfMsg( 'ipblocklist-legend' ) ) . + Html::rawElement( 'form', array( 'action' => $wgScript ), + Html::hidden( 'title', $this->getTitle()->getPrefixedDbKey() ) . + Html::openElement( 'fieldset' ) . + Html::element( 'legend', null, wfMsg( 'ipblocklist-legend' ) ) . Xml::inputLabel( wfMsg( 'ipblocklist-username' ), 'ip', 'ip', /* size */ false, $this->ip ) . - ' ' . + ' ' . Xml::submitButton( wfMsg( 'ipblocklist-submit' ) ) . '
' . $hl . - Xml::closeElement( 'fieldset' ) + Html::closeElement( 'fieldset' ) ); } /** * Makes change an option link which carries all the other options + * * @param $title see Title - * @param $override - * @param $options + * @param $override Array: special query string options, will override the + * ones in $options + * @param $options Array: query string options + * @param $active Boolean: whether to display the link in bold */ function makeOptionsLink( $title, $override, $options, $active = false ) { global $wgUser; $sk = $wgUser->getSkin(); $params = $override + $options; - $ipblocklist = SpecialPage::getTitleFor( 'IPBlockList' ); - return $sk->link( $ipblocklist, htmlspecialchars( $title ), + return $sk->link( $this->getTitle(), htmlspecialchars( $title ), ( $active ? array( 'style'=>'font-weight: bold;' ) : array() ), $params, array( 'known' ) ); } @@ -375,11 +441,10 @@ class IPUnblockForm { if( is_null( $msg ) ) { $msg = array(); $keys = array( 'infiniteblock', 'expiringblock', 'unblocklink', 'change-blocklink', - 'anononlyblock', 'createaccountblock', 'noautoblockblock', 'emailblock', 'blocklist-nousertalk' ); + 'anononlyblock', 'createaccountblock', 'noautoblockblock', 'emailblock', 'blocklist-nousertalk', 'blocklistline' ); foreach( $keys as $key ) { $msg[$key] = wfMsgHtml( $key ); } - $msg['blocklistline'] = wfMsg( 'blocklistline' ); } # Prepare links to the blocker's user and talk pages @@ -396,7 +461,7 @@ class IPUnblockForm { . $sk->userToolLinks( $block->mUser, $block->mAddress, false, Linker::TOOL_LINKS_NOBLOCK ); } - $formattedTime = $wgLang->timeanddate( $block->mTimestamp, true ); + $formattedTime = htmlspecialchars( $wgLang->timeanddate( $block->mTimestamp, true ) ); $properties = array(); $properties[] = Block::formatExpiry( $block->mExpiry ); @@ -418,15 +483,14 @@ class IPUnblockForm { $properties[] = $msg['blocklist-nousertalk']; } - $properties = implode( ', ', $properties ); + $properties = $wgLang->commaList( $properties ); $line = wfMsgReplaceArgs( $msg['blocklistline'], array( $formattedTime, $blocker, $target, $properties ) ); - $unblocklink = ''; $changeblocklink = ''; $toolLinks = ''; if ( $wgUser->isAllowed( 'block' ) ) { - $unblocklink = $sk->link( SpecialPage::getTitleFor( 'Ipblocklist' ), + $unblocklink = $sk->link( $this->getTitle(), $msg['unblocklink'], array(), array( 'action' => 'unblock', 'id' => $block->mId ), @@ -434,7 +498,7 @@ class IPUnblockForm { # Create changeblocklink for all blocks with exception of autoblocks if( !$block->mAuto ) { - $changeblocklink = ' ' . wfMsg( 'pipe-separator' ) . ' ' . + $changeblocklink = wfMsgExt( 'pipe-separator', 'escapenoentities' ) . $sk->link( SpecialPage::getTitleFor( 'Blockip', $block->mAddress ), $msg['change-blocklink'], array(), array(), 'known' ); @@ -442,7 +506,7 @@ class IPUnblockForm { $toolLinks = "($unblocklink$changeblocklink)"; } - $comment = $sk->commentBlock( $block->mReason ); + $comment = $sk->commentBlock( htmlspecialchars($block->mReason) ); $s = "{$line} $comment"; if ( $block->mHideName ) @@ -482,7 +546,7 @@ class IPBlocklistPager extends ReverseChronologicalPager { # Faster way # Usernames and titles are in fact related by a simple substitution of space -> underscore # The last few lines of Title::secureAndSplit() tell the story. - while ( $row = $this->mResult->fetchObject() ) { + foreach ( $this->mResult as $row ) { $name = str_replace( ' ', '_', $row->ipb_by_text ); $lb->add( NS_USER, $name ); $lb->add( NS_USER_TALK, $name );