BlueSpice MediaWiki master
|
Static Public Member Functions | |
static | purge ($wikiId, $userId) |
static | whoIs ($id) |
static | whoIsReal ($id) |
static | idFromName ($name, $flags=self::READ_NORMAL) |
static | resetIdByNameCache () |
static | isIP ($name) |
static | isValidUserName ($name) |
static | isUsableName ($name) |
static | findUsersByGroup ($groups, $limit=5000, $after=null) |
static | isCreatableName ($name) |
static | getCanonicalName ($name, $validate= 'valid') |
static | randomPassword () |
static | getDefaultOptions () |
static | getDefaultOption ($opt) |
static | isLocallyBlockedProxy ($ip) |
static | listOptionKinds () |
static | createNew ($name, $params=[]) |
static | getGroupPermissions ($groups) |
static | getGroupsWithPermission ($role) |
static | groupHasPermission ($group, $role) |
static | isEveryoneAllowed ($right) |
static | getGroupName ($group) |
static | getGroupMember ($group, $username= '#') |
static | getAllGroups () |
static | getAllRights () |
static | getImplicitGroups () |
static | getGroupPage ($group) |
static | makeGroupLinkHTML ($group, $text= '') |
static | makeGroupLinkWiki ($group, $text= '') |
static | changeableByGroup ($group) |
static | getRightDescription ($right) |
static | getGrantName ($grant) |
static | selectFields () |
static | getQueryInfo () |
static | newFatalPermissionDeniedStatus ($permission) |
newFrom*() static factory methods | |
static | newFromName ($name, $validate= 'valid') |
static | newFromId ($id) |
static | newFromActorId ($id) |
static | newFromAnyId ($userId, $userName, $actorId) |
static | newFromConfirmationCode ($code, $flags=0) |
static | newFromSession (WebRequest $request=null) |
static | newFromRow ($row, $data=null) |
static | newSystemUser ($name, $options=[]) |
Public Attributes | |
const | TOKEN_LENGTH = 32 |
const | INVALID_TOKEN = '*** INVALID ***' |
const | EDIT_TOKEN_SUFFIX = Token::SUFFIX |
const | VERSION = 12 |
const | GETOPTIONS_EXCLUDE_DEFAULTS = 1 |
const | CHECK_USER_RIGHTS = true |
const | IGNORE_USER_RIGHTS = false |
$mFrom | |
$mBlockedby | |
$mRights | |
$mHideName | |
$mOptions | |
$mBlock | |
![]() | |
const | READ_NORMAL = 0 |
const | READ_LATEST = 1 |
const | READ_LOCKING = 3 |
const | READ_EXCLUSIVE = 7 |
const | READ_LATEST_IMMUTABLE = 8 |
const | READ_NONE = -1 |
Static Public Attributes | |
static | $idCacheByName = [] |
Protected Member Functions | |
getCacheKey (WANObjectCache $cache) | |
loadFromCache () | |
setItemLoaded ($item) | |
loadFromRow ($row, $data=null) | |
loadFromUserObject ($user) | |
makeUpdateConditions (Database $db, array $conditions) | |
checkAndSetTouched () | |
getBlockFromCookieValue ($blockCookieVal) | |
checkNewtalk ($field, $id) | |
updateNewtalk ($field, $id, $curRev=null) | |
deleteNewtalk ($field, $id) | |
spreadBlock () | |
confirmationToken (&$expiration) | |
confirmationTokenUrl ($token) | |
invalidationTokenUrl ($token) | |
getTokenUrl ($page, $token) | |
initEditCount ($add=0) | |
loadOptions ($data=null) | |
saveOptions () | |
Protected Attributes | |
$mNewtalk | |
$mDatePreference | |
$mHash | |
$mBlockreason | |
$mEffectiveGroups | |
$mImplicitGroups | |
$mFormerGroups | |
$mGlobalBlock | |
$mLocked | |
$mAllowUsertalk | |
$queryFlagsUsed = self::READ_NORMAL | |
Static Protected Attributes | |
static | $mCacheVars |
static | $mCoreRights |
static | $mAllRights = false |
$mId | |
$mName | |
$mRealName | |
$mEmail | |
$mTouched | |
$mEmailAuthenticated | |
$mActorId | |
$mQuickTouched | |
$mToken | |
$mEmailToken | |
$mEmailTokenExpires | |
$mRegistration | |
$mEditCount | |
$mGroupMemberships | |
$mOptionOverrides | |
$mOptionsLoaded | |
$mLoadedItems = [] | |
The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time). Client classes use the getXXX() functions to access these fields. These functions do all the work of determining whether the user is logged in, whether the requested option can be satisfied from cookies or whether a database query is needed. Most of the settings needed for rendering normal pages are set in the cookie to minimize use of the database.
User::__construct | ( | ) |
Lightweight constructor for an anonymous user. Use the User::newFrom* factory functions for other kinds of users.
User::__toString | ( | ) |
User::addAutopromoteOnceGroups | ( | $event | ) |
Add the user to the group if he/she meets given criteria.
Contrary to autopromotion by $wgAutopromote, the group will be possible to remove manually via Special:UserRights. In such case it will not be re-added automatically. The user will also not lose the group if they no longer meet the criteria.
string | $event | Key in $wgAutopromoteOnce (each one has groups/criteria) |
User::addGroup | ( | $group, | |
$expiry = null |
|||
) |
Add the user to the given group. This takes immediate effect. If the user is already in the group, the expiry time will be updated to the new expiry time. (If $expiry is omitted or null, the membership will be altered to never expire.)
string | $group | Name of the group to add |
string | $expiry | Optional expiry timestamp in any format acceptable to wfTimestamp(), or null if the group assignment should not expire |
User::addNewUserLogEntry | ( | $action = false , |
|
$reason = '' |
|||
) |
Add a newuser log entry for this user. Before 1.19 the return value was always true.
string | bool | $action | Account creation type.
|
string | $reason | User supplied reason |
User::addNewUserLogEntryAutoCreate | ( | ) |
Add an autocreate newuser log entry for this user Used by things like CentralAuth and perhaps other authplugins. Consider calling addNewUserLogEntry() directly instead.
User::addToDatabase | ( | ) |
Add this existing user object to the database. If the user already exists, a fatal status object is returned, and the user object is initialised with the data from the database.
Previously, this function generated a DB error due to a key conflict if the user already existed. Many extension callers use this function in code along the lines of:
$user = User::newFromName( $name ); if ( !$user->isLoggedIn() ) { $user->addToDatabase(); } // do something with $user...
However, this was vulnerable to a race condition (T18020). By initialising the user object if the user exists, we aim to support this calling sequence as far as possible.
Note that if the user exists, this function will acquire a write lock, so it is still advisable to make the call conditional on isLoggedIn(), and to commit the transaction after calling.
MWException |
User::addWatch | ( | $title, | |
$checkRights = self::CHECK_USER_RIGHTS |
|||
) |
Watch an article.
Title | $title | Title of the article to look at |
bool | $checkRights | Whether to check 'viewmywatchlist'/'editmywatchlist' rights. Pass User::CHECK_USER_RIGHTS or User::IGNORE_USER_RIGHTS. |
User::blockedBy | ( | ) |
If user is blocked, return the name of the user who placed the block
User::blockedFor | ( | ) |
If user is blocked, return the specified reason for the block
User::canReceiveEmail | ( | ) |
Is this user allowed to receive e-mails within limits of current site configuration?
User::canSendEmail | ( | ) |
Is this user allowed to send e-mails within limits of current site configuration?
|
static |
Returns an array of the groups that a particular group can add/remove.
string | $group | The group to check for whether it can add/remove |
User::changeableGroups | ( | ) |
Returns an array of groups that this user can add and remove
User::changeAuthenticationData | ( | array | $data | ) |
Changes credentials of the user.
This is a convenience wrapper around AuthManager::changeAuthenticationData. Note that this can return a status that isOK() but not isGood() on certain types of failures, e.g. when no provider handled the change.
array | $data | A set of authentication data in fieldname => value format. This is the same data you would pass the changeauthenticationdata API - 'username', 'password' etc. |
|
protected |
Bump user_touched if it didn't change since this object was loaded
On success, the mTouched field is updated. The user serialization cache is always cleared.
|
protected |
Internal uncached check for new messages
string | $field | 'user_ip' for anonymous users, 'user_id' otherwise |
string | int | $id | User's IP address for anonymous users, User ID otherwise |
User::checkPassword | ( | $password | ) |
Check to see if the given clear-text password is one of the accepted passwords
string | $password | User password |
User::checkPasswordValidity | ( | $password | ) |
Check if this is a valid password for this user
Create a Status object based on the password's validity. The Status should be set to fatal if the user should not be allowed to log in, and should have any errors that would block changing the password.
If the return value of this is not OK, the password should not be checked. If the return value is not Good, the password can be checked, but the user should not be able to set their password to this.
string | $password | Desired password |
User::checkTemporaryPassword | ( | $plaintext | ) |
Check if the given clear-text password matches the temporary password sent by e-mail for password reset operations.
string | $plaintext |
User::clearAllNotifications | ( | ) |
Resets all of the given user's page-change notification timestamps. If e-notif e-mails are on, they will receive notification mails on the next change of any watched page.
User::clearInstanceCache | ( | $reloadFrom = false | ) |
Clear various cached data stored in this object. The cache of the user table data (i.e. self::$mCacheVars) is not cleared unless $reloadFrom is given.
bool | string | $reloadFrom | Reload user and user_groups table data from a given source. May be "name", "id", "actor", "defaults", "session", or false for no reload. |
User::clearNotification | ( | & | $title, |
$oldid = 0 |
|||
) |
Clear the user's notification timestamp for the given title. If e-notif e-mails are on, they will receive notification mails on the next change of the page if it's watched etc.
User::clearSharedCache | ( | $mode = 'changed' | ) |
Clear user data from memcached
Use after applying updates to the database; caller's responsibility to update user_touched if appropriate.
Called implicitly from invalidateCache() and saveSettings().
string | $mode | Use 'refresh' to clear now; otherwise before DB commit |
|
protected |
Generate, store, and return a new e-mail confirmation code. A hash (unsalted, since it's used as a key) is stored.
string | &$expiration | Accepts the expiration time |
|
protected |
Return a URL the user can use to confirm their email address.
string | $token | Accepts the email confirmation token |
User::confirmEmail | ( | ) |
Mark the e-mail address confirmed.
|
static |
Add a user to the database, return the user object
string | $name | Username to add |
array | $params | Array of Strings Non-default parameters to save to the database as user_* fields:
|
|
protected |
User::doLogout | ( | ) |
Clear the user's session, and reset the instance cache.
User::equals | ( | User | $user | ) |
|
static |
Return the users who are members of the given group(s). In case of multiple groups, users who are members of at least one of them are returned.
string | array | $groups | A single group name or an array of group names |
int | $limit | Max number of users to return. The actual limit will never exceed 5000 records; larger values are ignored. |
int | $after | ID the user to start after |
User::getActorId | ( | IDatabase | $dbw = null | ) |
Get the user's actor ID.
IDatabase | null | $dbw | Assign a new actor ID, using this DB handle, if none exists |
|
static |
Return the set of defined explicit groups. The implicit groups (by default *, 'user' and 'autoconfirmed') are not included, as they are defined automatically, not in the database.
|
static |
Get a list of all available permissions.
User::getAutomaticGroups | ( | $recache = false | ) |
Get the list of implicit group memberships this user has. This includes 'user' if logged in, '*' for all accounts, and autopromoted groups
bool | $recache | Whether to avoid the cache |
User::getBlock | ( | $bFromSlave = true | ) |
Get the block affecting the user, or null if the user is not blocked
bool | $bFromSlave | Whether to check the replica DB instead of the master |
|
protected |
User::getBlockId | ( | ) |
If user is blocked, return the ID for the block
User::getBoolOption | ( | $oname | ) |
Get the user's current setting for a given option, as a boolean value.
string | $oname | The option to check |
|
protected |
|
static |
Given unvalidated user input, return a canonical username, or false if the username is invalid.
string | $name | User input |
string | bool | $validate | Type of validation to use:
|
InvalidArgumentException |
User::getDatePreference | ( | ) |
Get the user's preferred date format.
User::getDBTouched | ( | ) |
Get the user_touched timestamp field (time of last DB updates)
|
static |
Get a given default option value.
string | $opt | Name of option to retrieve |
|
static |
Combine the language default options with any site-specific options and add the default language variants.
User::getEditCount | ( | ) |
Get the user's edit count.
User::getEditToken | ( | $salt = '' , |
|
$request = null |
|||
) |
Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission.
The $salt for 'edit' and 'csrf' tokens is the default (empty string).
string | array | $salt | Array of Strings Optional function-specific data for hashing |
WebRequest | null | $request | WebRequest object to use or null to use $wgRequest |
User::getEditTokenObject | ( | $salt = '' , |
|
$request = null |
|||
) |
Initialize (if necessary) and return a session token value which can be used in edit forms to show that the user's login credentials aren't being hijacked with a foreign form submission.
string | array | $salt | Array of Strings Optional function-specific data for hashing |
WebRequest | null | $request | WebRequest object to use or null to use $wgRequest |
User::getEffectiveGroups | ( | $recache = false | ) |
Get the list of implicit group memberships this user has. This includes all explicit groups, plus 'user' if logged in, '*' for all accounts, and autopromoted groups
bool | $recache | Whether to avoid the cache |
User::getEmail | ( | ) |
Get the user's e-mail address
User::getEmailAuthenticationTimestamp | ( | ) |
Get the timestamp of the user's e-mail authentication
User::getExperienceLevel | ( | ) |
Compute experienced level based on edit count and registration date.
User::getFirstEditTimestamp | ( | ) |
Get the timestamp of the first edit
User::getFormerGroups | ( | ) |
Returns the groups the user has belonged to.
The user may still belong to the returned groups. Compare with getGroups().
The function will not return groups the user had belonged to before MW 1.17
User::getGlobalBlock | ( | $ip = '' | ) |
Check if user is blocked on all wikis. Do not use for actual edit permission checks! This is intended for quick UI checks.
string | $ip | IP address, uses current client if none given |
FatalError | |
MWException |
|
static |
Get the name of a given grant
string | $grant | Grant to query |
|
static |
Get the localized descriptive name for a member of a group, if it exists
string | $group | Internal group name |
string | $username | Username for gender (since 1.19) |
User::getGroupMemberships | ( | ) |
Get the list of explicit group memberships this user has, stored as UserGroupMembership objects. Implicit groups are not included.
|
static |
Get the localized descriptive name for a group, if it exists
string | $group | Internal group name |
|
static |
Get the title of a page describing a particular group
string | $group | Internal group name |
|
static |
Get the permissions associated with a given list of groups
array | $groups | Array of Strings List of internal group names |
User::getGroups | ( | ) |
Get the list of explicit group memberships this user has. The implicit * and user groups are not included.
|
static |
Get all the groups who have a given permission
string | $role | Role to check |
User::getId | ( | ) |
Get the user's ID.
Implements MediaWiki\User\UserIdentity.
|
static |
Get a list of implicit groups
User::getInstanceForUpdate | ( | ) |
Get a new instance of this user that was loaded from the master via a locking read
Use this instead of the main context User when updating that user. This avoids races where that user was loaded from a replica DB or even the master but without proper locks.
User::getIntOption | ( | $oname, | |
$defaultOverride = 0 |
|||
) |
Get the user's current setting for a given option, as an integer value.
string | $oname | The option to check |
int | $defaultOverride | A default value returned if the option does not exist |
User::getMutableCacheKeys | ( | WANObjectCache | $cache | ) |
User::getName | ( | ) |
Get the user name, or the IP of an anonymous user
Implements MediaWiki\User\UserIdentity.
User::getNewMessageLinks | ( | ) |
Return the data needed to construct links for new talk page message alerts. If there are new messages, this will return an associative array with the following data: wiki: The database name of the wiki link: Root-relative link to the user's talk page rev: The last talk page revision that the user has seen or null. This is useful for building diff links. If there are no new messages, it returns an empty array.
User::getNewtalk | ( | ) |
Check if the user has new messages.
User::getOption | ( | $oname, | |
$defaultOverride = null , |
|||
$ignoreHidden = false |
|||
) |
Get the user's current setting for a given option.
string | $oname | The option to check |
string | array | $defaultOverride | A default value returned if the option does not exist |
bool | $ignoreHidden | Whether to ignore the effects of $wgHiddenPrefs |
User::getOptionKinds | ( | IContextSource | $context, |
$options = null |
|||
) |
Return an associative array mapping preferences keys to the kind of a preference they're used for. Different kinds are handled differently when setting or reading preferences.
See User::listOptionKinds for the list of valid option types that can be provided.
IContextSource | $context | |
array | $options | Assoc. array with options keys to check as keys. Defaults to $this->mOptions. |
User::getOptions | ( | $flags = 0 | ) |
Get all user's options
int | $flags | Bitwise combination of: User::GETOPTIONS_EXCLUDE_DEFAULTS Exclude user options that are set to the default value. (Since 1.25) |
User::getPasswordValidity | ( | $password | ) |
Given unvalidated password input, return error message on failure.
string | $password | Desired password |
|
static |
Return the tables, fields, and join conditions to be selected to create a new user object.
$table
to IDatabase->select()
$vars
to IDatabase->select()
$join_conds
to IDatabase->select()
User::getRealName | ( | ) |
Get the user's real name
User::getRegistration | ( | ) |
Get the timestamp of account creation.
User::getRequest | ( | ) |
Get the WebRequest object to use with this object
|
static |
Get the description of a given right
string | $right | Right to query |
User::getRights | ( | ) |
Get the permissions this user has.
User::getStubThreshold | ( | ) |
Get the user preferred stub threshold
User::getTitleKey | ( | ) |
Get the user's name escaped by underscores.
User::getToken | ( | $forceCreation = true | ) |
Get the user's current token.
bool | $forceCreation | Force the generation of a new token if the user doesn't have one (default=true for backwards compatibility). |
User::getTokenFromOption | ( | $oname | ) |
Get a token stored in the preferences (like the watchlist one), resetting it if it's empty (and saving changes).
string | $oname | The option name to retrieve the token from |
|
protected |
Internal function to format the e-mail validation/invalidation URLs. This uses a quickie hack to use the hardcoded English names of the Special: pages, for ASCII safety.
string | $page | Special page |
string | $token |
User::getTouched | ( | ) |
Get the user touched timestamp
Use this value only to validate caches via inequalities such as in the case of HTTP If-Modified-Since response logic
|
static |
Check, if the given group has the given permission
If you're wanting to check whether all users have a permission, use User::isEveryoneAllowed() instead. That properly checks if it's revoked from anyone.
string | $group | Group to check |
string | $role | Role to check |
User::idForName | ( | $flags = 0 | ) |
If only this user's username is known, and it exists, return the user ID.
int | $flags | Bitfield of User:READ_* constants; useful for existence checks |
|
static |
Get database id given a user name
string | $name | Username |
int | $flags | User::READ_* constant bitfield |
User::incEditCount | ( | ) |
Deferred version of incEditCountImmediate()
This function, rather than incEditCountImmediate(), should be used for most cases as it avoids potential deadlocks caused by concurrent editing.
User::incEditCountImmediate | ( | ) |
Increment the user's edit-count field. Will have no effect for anonymous users.
User::inDnsBlacklist | ( | $ip, | |
$bases | |||
) |
|
protected |
Initialize user_editcount from data out of the revision table
int | $add | Edits to add to the count from the revision table |
User::invalidateCache | ( | ) |
Immediately touch the user data cache for this account
Calls touch() and removes account data from memcached
User::invalidateEmail | ( | ) |
Invalidate the user's e-mail confirmation, and unauthenticate the e-mail address if it was already confirmed.
|
protected |
Return a URL the user can use to invalidate their email address.
string | $token | Accepts the email confirmation token |
User::isAllowed | ( | $action = '' | ) |
Internal mechanics of testing a permission
string | $action |
User::isAllowedAll | ( | ) |
string | $permissions,... | Permissions to test |
User::isAllowedAny | ( | ) |
Check if user is allowed to access a feature / make an action
string | $permissions,... | Permissions to test |
User::isAllowedToCreateAccount | ( | ) |
Get whether the user is allowed to create an account.
User::isAnon | ( | ) |
Get whether the user is anonymous
User::isBlocked | ( | $bFromSlave = true | ) |
Check if user is blocked
bool | $bFromSlave | Whether to check the replica DB instead of the master. Hacked from false due to horrible probs on site. |
User::isBlockedFrom | ( | $title, | |
$bFromSlave = false |
|||
) |
User::isBlockedFromCreateAccount | ( | ) |
Get whether the user is explicitly blocked from account creation.
User::isBlockedFromEmailuser | ( | ) |
Get whether the user is blocked from using Special:Emailuser.
User::isBlockedGlobally | ( | $ip = '' | ) |
User::isBot | ( | ) |
|
static |
Usernames which fail to pass this function will be blocked from new account registrations, but may be used internally either by batch processes or by user accounts which have already been created.
Additional blacklisting may be added here rather than in isValidUserName() to avoid disrupting existing accounts.
string | $name | String to match |
User::isDnsBlacklisted | ( | $ip, | |
$checkWhitelist = false |
|||
) |
User::isEmailConfirmationPending | ( | ) |
Check whether there is an outstanding request for e-mail confirmation.
User::isEmailConfirmed | ( | ) |
Is this user's e-mail address valid-looking and confirmed within limits of the current site configuration?
|
static |
Check if all users may be assumed to have the given permission
We generally assume so if the right is granted to '*' and isn't revoked on any group. It doesn't attempt to take grants or other extension limitations on rights into account in the general case, though, as that would require it to always return false and defeat the purpose. Specifically, session-based rights restrictions (such as OAuth or bot passwords) are applied based on the current session.
string | $right | Right to check |
User::isHidden | ( | ) |
Check if user account is hidden
|
static |
Does the string match an anonymous IP address?
This function exists for username validation, in order to reject usernames which are similar in form to IP addresses. Strings such as 300.300.300.300 will return true because it looks like an IP address, despite not being strictly valid.
We match "\d{1,3}\.\d{1,3}\.\d{1,3}\.xxx" as an anonymous IP address because the usemod software would "cloak" anonymous IP addresses like this, if we allowed accounts like this to be created new users could get the old edits of these anonymous users.
string | $name | Name to match |
User::isIPRange | ( | ) |
User::isItemLoaded | ( | $item, | |
$all = 'all' |
|||
) |
Return whether an item has been loaded.
string | $item | Item to check. Current possibilities:
|
string | $all | 'all' to check if the whole object has been loaded or any other string to check if only the item is available (e.g. for optimisation) |
|
static |
User::isLocked | ( | ) |
Check if user account is locked
User::isLoggedIn | ( | ) |
Get whether the user is logged in
User::isNewbie | ( | ) |
Determine whether the user is a newbie. Newbies are either anonymous IPs, or the most recently created accounts.
User::isPingLimitable | ( | ) |
Is this user subject to rate limiting?
User::isSafeToLoad | ( | ) |
Test if it's safe to load this User object.
You should typically check this before using $wgUser or RequestContext::getUser in a method that might be called before the system has been fully initialized. If the object is unsafe, you should use an anonymous user:
|
static |
Usernames which fail to pass this function will be blocked from user login and new account registrations, but may be used internally by batch processes.
If an account already exists in this form, login will be blocked by a failure to pass this function.
string | $name | Name to match |
User::isValidPassword | ( | $password | ) |
Is the input a valid password for this user?
string | $password | Desired password |
|
static |
Is the input a valid username?
Checks if the input is a valid username, we don't want an empty string, an IP address, anything that contains slashes (would mess up subpages), is longer than the maximum allowed username size or doesn't begin with a capital letter.
string | $name | Name to match |
User::isWatched | ( | $title, | |
$checkRights = self::CHECK_USER_RIGHTS |
|||
) |
Check the watched status of an article.
Title | $title | Title of the article to look at |
bool | $checkRights | Whether to check 'viewmywatchlist'/'editmywatchlist' rights. Pass User::CHECK_USER_RIGHTS or User::IGNORE_USER_RIGHTS. |
|
static |
Return a list of the types of user options currently returned by User::getOptionKinds().
Currently, the option kinds are:
The API (and possibly others) use this function to determine the possible option types for validation purposes, so make sure to update this when a new option kind is added.
User::load | ( | $flags = self::READ_NORMAL | ) |
Load the user table data for this object from the source given by mFrom.
int | $flags | User::READ_* constant bitfield |
User::loadDefaults | ( | $name = false | ) |
Set cached properties to default.
string | bool | $name |
|
protected |
User::loadFromDatabase | ( | $flags = self::READ_LATEST | ) |
Load user and user_group data from the database. $this->mId must be set, this is how the user is identified.
int | $flags | User::READ_* constant bitfield |
User::loadFromId | ( | $flags = self::READ_NORMAL | ) |
Load user table data, given mId has already been set.
int | $flags | User::READ_* constant bitfield |
|
protected |
Initialize this object from a row from the user table.
stdClass | $row | Row from the user table to load. |
array | $data | Further user data to load into the object |
user_groups Array of arrays or stdClass result rows out of the user_groups table. Previously you were supposed to pass an array of strings here, but we also need expiry info nowadays, so an array of strings is ignored. user_properties Array with properties out of the user_properties table
|
protected |
Load the data for this user object from another user object.
User | $user |
|
protected |
Load the user options either from cache, the database or an array
array | $data | Rows for the current user out of the user_properties table |
User::logout | ( | ) |
Log this user out.
|
static |
Create a link to the group in HTML, if available; else return the group name.
string | $group | Internal name of the group |
string | $text | The text of the link |
|
static |
Create a link to the group in Wikitext, if available; else return the group name.
string | $group | Internal name of the group |
string | $text | The text of the link |
|
protected |
Builds update conditions. Additional conditions may be added to $conditions to protected against race conditions using a compare-and-set (CAS) mechanism based on comparing $this->mTouched with the user_touched field.
Database | $db | |
array | $conditions | WHERE conditions for use with Database::update |
User::matchEditToken | ( | $val, | |
$salt = '' , |
|||
$request = null , |
|||
$maxage = null |
|||
) |
Check given value against the token value stored in the session. A match should confirm that the form was submitted from the user's own login session, not a form submission from a third-party site.
string | $val | Input value to compare |
string | array | $salt | Optional function-specific data for hashing |
WebRequest | null | $request | Object to use or null to use $wgRequest |
int | $maxage | Fail tokens older than this, in seconds |
User::matchEditTokenNoSuffix | ( | $val, | |
$salt = '' , |
|||
$request = null , |
|||
$maxage = null |
|||
) |
Check given value against the token value stored in the session, ignoring the suffix.
string | $val | Input value to compare |
string | array | $salt | Optional function-specific data for hashing |
WebRequest | null | $request | Object to use or null to use $wgRequest |
int | $maxage | Fail tokens older than this, in seconds |
|
static |
|
static |
|
static |
Static factory method for creation from an ID, name, and/or actor ID
This does not check that the ID, name, and actor ID all correspond to the same user.
int | null | $userId | User ID, if known |
string | null | $userName | User name, if known |
int | null | $actorId | Actor ID, if known |
|
static |
Factory method to fetch whichever user has a given email confirmation code. This code is generated when an account is created or its e-mail address has changed.
If the code is invalid or has expired, returns NULL.
string | $code | Confirmation code |
int | $flags | User::READ_* bitfield |
|
static |
|
static |
Static factory method for creation from username.
This is slightly less efficient than newFromId(), so use newFromId() if you have both an ID and a name handy.
string | $name | Username, validated by Title::newFromText() |
string | bool | $validate | Validate username. Takes the same parameters as User::getCanonicalName(), except that true is accepted as an alias for 'valid', for BC. |
|
static |
Create a new user object from a user row. The row should have the following fields from the user table in it:
stdClass | $row | A row from the user table |
array | $data | Further data to load into the object (see User::loadFromRow for valid keys) |
|
static |
Create a new user object using data from session. If the login credentials are invalid, the result is an anonymous user.
WebRequest | null | $request | Object to use; $wgRequest will be used if omitted. |
|
static |
Static factory method for creation of a "system" user from username.
A "system" user is an account that's used to attribute logged actions taken by MediaWiki itself, as opposed to a bot or human user. Examples might include the 'Maintenance script' or 'Conversion script' accounts used by various scripts in the maintenance/ directory or accounts such as 'MediaWiki message delivery' used by the MassMessage extension.
This can optionally create the user if it doesn't exist, and "steal" the account if it does exist.
"Stealing" an existing user is intended to make it impossible for normal authentication processes to use the account, effectively disabling the account for normal use:
string | $name | Username |
array | $options | Options are:
|
User::pingLimiter | ( | $action = 'edit' , |
|
$incrBy = 1 |
|||
) |
Primitive rate limits: enforce maximum actions per time period to put a brake on flooding.
The method generates both a generic profiling point and a per action one (suffix being "-$action".
string | $action | Action to enforce; 'edit' if unspecified |
int | $incrBy | Positive amount to increment counter by [defaults to 1] |
|
static |
string | $wikiId | |
int | $userId |
|
static |
Return a random password.
User::removeGroup | ( | $group | ) |
Remove the user from the given group. This takes immediate effect.
string | $group | Name of the group to remove |
User::removeWatch | ( | $title, | |
$checkRights = self::CHECK_USER_RIGHTS |
|||
) |
Stop watching an article.
Title | $title | Title of the article to look at |
bool | $checkRights | Whether to check 'viewmywatchlist'/'editmywatchlist' rights. Pass User::CHECK_USER_RIGHTS or User::IGNORE_USER_RIGHTS. |
User::requiresHTTPS | ( | ) |
Determine based on the wiki configuration and the user's options, whether this user must be over HTTPS no matter what.
|
static |
Reset the cache used in idFromName(). For use in tests.
User::resetOptions | ( | $resetKinds = [ 'registered' , |
|
'registered-multiselect' | , | ||
'registered-checkmatrix' | , | ||
'unused'] | , | ||
IContextSource | $context = null |
||
) |
Reset certain (or all) options to the site defaults
The optional parameter determines which kinds of preferences will be reset. Supported values are everything that can be reported by getOptionKinds() and 'all', which forces a reset of all preferences and overrides everything else.
array | string | $resetKinds | Which kinds of preferences to reset. Defaults to array( 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused' ) for backwards-compatibility. |
IContextSource | null | $context | Context source used when $resetKinds does not contain 'all', passed to getOptionKinds(). Defaults to RequestContext::getMain() when null. |
User::resetTokenFromOption | ( | $oname | ) |
Reset a token stored in the preferences (like the watchlist one). Does not save user's preferences (similarly to setOption()).
string | $oname | The option name to reset the token in |
|
protected |
Saves the non-default options for this user, as previously set e.g. via setOption(), in the database's "user_properties" (preferences) table. Usually used via saveSettings().
User::saveSettings | ( | ) |
Save this user's settings into the database.
|
static |
Return the list of user fields that should be selected to create a new user object.
User::sendConfirmationMail | ( | $type = 'created' | ) |
User::sendMail | ( | $subject, | |
$body, | |||
$from = null , |
|||
$replyto = null |
|||
) |
User::setCookies | ( | $request = null , |
|
$secure = null , |
|||
$rememberMe = false |
|||
) |
Persist this user's session (e.g. set cookies)
WebRequest | null | $request | WebRequest object to use; $wgRequest will be used if null is passed. |
bool | $secure | Whether to force secure/insecure cookies or use default |
bool | $rememberMe | Whether to add a Token cookie for elongated sessions |
User::setEmail | ( | $str | ) |
Set the user's e-mail address
string | $str | New e-mail address |
User::setEmailAuthenticationTimestamp | ( | $timestamp | ) |
Set the e-mail authentication timestamp.
string | $timestamp | TS_MW timestamp |
User::setEmailWithConfirmation | ( | $str | ) |
Set the user's e-mail address and a confirmation mail if needed.
string | $str | New e-mail address |
User::setId | ( | $v | ) |
Set the user and reload all fields according to a given ID
int | $v | User ID to reload |
User::setInternalPassword | ( | $str | ) |
Set the password and reset the random token unconditionally.
string | null | $str | New password to set or null to set an invalid password hash meaning that the user will not be able to log in through the web interface. |
|
protected |
Set that an item has been loaded
string | $item |
User::setName | ( | $str | ) |
Set the user name.
This does not reload fields from the database according to the given name. Rather, it is used to create a temporary "nonexistent user" for later addition to the database. It can also be used to set the IP address for an anonymous user to something other than the current remote IP.
string | $str | New user name to set |
User::setNewpassword | ( | $str, | |
$throttle = true |
|||
) |
Set the password for a password reminder or new account email
string | $str | New password to set or null to set an invalid password hash meaning that the user will not be able to use it |
bool | $throttle | If true, reset the throttle timestamp to the present |
User::setNewtalk | ( | $val, | |
$curRev = null |
|||
) |
Update the 'You have new messages!' status.
bool | $val | Whether the user has new messages |
Revision | $curRev | New, as yet unseen revision of the user talk page. Ignored if null or !$val. |
User::setOption | ( | $oname, | |
$val | |||
) |
Set the given option for a user.
You need to call saveSettings() to actually write to the database.
string | $oname | The option to set |
mixed | $val | New value to set |
User::setPassword | ( | $str | ) |
Set the password and reset the random token. Calls through to authentication plugin if necessary; will have no effect if the auth plugin refuses to pass the change through or if the legal password checks fail.
As a special case, setting the password to null wipes it, so the account cannot be logged in until a new password is set, for instance via e-mail.
string | $str | New password to set |
PasswordError | On failure |
User::setRealName | ( | $str | ) |
Set the user's real name
string | $str | New real name |
User::setToken | ( | $token = false | ) |
Set the random token (used for persistent authentication) Called from loadDefaults() among other places.
string | bool | $token | If specified, set the token to this value |
User::spreadAnyEditBlock | ( | ) |
|
protected |
User::touch | ( | ) |
Update the "touched" timestamp for the user
This is useful on various login/logout events when making sure that a browser or proxy that has multiple tenants does not suffer cache pollution where the new user sees the old users content. The value of getTouched() is checked when determining 304 vs 200 responses. Unlike invalidateCache(), this preserves the User object cache and avoids database writes.
|
protected |
Add or update the new messages flag
string | $field | 'user_ip' for anonymous users, 'user_id' otherwise |
string | int | $id | User's IP address for anonymous users, User ID otherwise |
Revision | null | $curRev | New, as yet unseen revision of the user talk page. Ignored if null. |
User::useFilePatrol | ( | ) |
Check whether to enable new files patrol features for this user
User::useNPPatrol | ( | ) |
Check whether to enable new pages patrol features for this user
User::useRCPatrol | ( | ) |
Check whether to enable recent changes patrol features for this user
User::validateCache | ( | $timestamp | ) |
Validate the cache for this account.
string | $timestamp | A timestamp in TS_MW format |
|
static |
Get the username corresponding to a given user ID
int | $id | User ID |
|
static |
Get the real name of a user given their user ID
int | $id | User ID |
|
staticprotected |
String Cached results of getAllRights()
|
staticprotected |
Array of Strings List of member variables which are saved to the shared cache (memcached). Any operation which changes the corresponding database fields must call a cache-clearing function.
|
staticprotected |
Array of Strings Core rights. Each of these should have a corresponding message of the form "right-$right".
User::$mFrom |
String Initialization data source if mLoadedItems!==true. May be one of:
Use the User::newFrom*() family of functions to set this.
|
protected |
Array with already loaded items or true if all items have been loaded.
|
protected |
Lazy-initialized variables, invalidated with clearInstanceCache
User::$mOptionsLoaded |
Bool Whether the cache variables have been loaded.
const User::CHECK_USER_RIGHTS = true |
const User::EDIT_TOKEN_SUFFIX = Token::SUFFIX |
Global constant made accessible as class constants so that autoloader magic can be used.
const User::GETOPTIONS_EXCLUDE_DEFAULTS = 1 |
Exclude user options that are set to their default value.
const User::IGNORE_USER_RIGHTS = false |
const User::INVALID_TOKEN = '*** INVALID ***' |
string An invalid value for user_token
const User::TOKEN_LENGTH = 32 |
int Number of characters in user_token field.
const User::VERSION = 12 |
int Serialized record version.