Previously, whenever we blocked a user, its IP address would be
autoblocked whenever he tries to edit a page. Thus when later unblocking
the username, he would be automatically blocked again if we forgot to
clean up is IP.
This patch introduces a the ipb_parent_block_id column in ipblocks table
to track which block triggered the autoblock command. Thus, when deleting
the original block we can easily remove all subsequentautoblocks.
Schema updaters for MySQL, SQLite and postgres have been added to the
patch but not for the other database types such as ibm_db2, mssql and
Oracle.
Change-Id: I4aa820ae9bbd962a12d0b48b6c638a1b6ff4efc9
* Block::parseTarget() first called trim() on its parameter which was converting objects into string, thus making the checks for object and null useless; now trim() is called after these checks.
* User::getBlockedStatus() was passing $this->getName() to Block::newFromTargert() which in turn was passed to Block::parseTarget() where a new User object was created.
Instead of this, the User object is directly passed to Block::newFromTargert(), which avoids creating a new object for the same user.
Change-Id: Iffea21d4f53e8692072749264f7486c22b6be5fd
Change 1:
* Delete any pre-existing block for the tests
* Renamed test function and fixed comment typo
Change-Id: I4804ccae81dd0455e9d3ddf48960c4b5cd6e4f5f
* Added $wgAutoblockHandlers variable for alternative autoblock handling functions
* Gave CheckUser a potential $wgAutoblockHandlers function (bug 29330)
This bug was showing up in test results like this:
BlockTest::testInitializerFunctionsReturnCorrectBlock
Trying to get property of non-object
/home/ci/cruisecontrol-bin-2.8.3/projects/mw/source/includes/Block.php:340
/home/ci/cruisecontrol-bin-2.8.3/projects/mw/source/includes/Block.php:365
/home/ci/cruisecontrol-bin-2.8.3/projects/mw/source/includes/Block.php:118
/home/ci/cruisecontrol-bin-2.8.3/projects/mw/source/tests/phpunit/includes/BlockTest.php:60
/home/ci/cruisecontrol-bin-2.8.3/projects/mw/source/tests/phpunit/MediaWikiTestCase.php:60
/home/ci/cruisecontrol-bin-2.8.3/projects/mw/source/tests/phpunit/MediaWikiPHPUnitCommand.php:20
/home/ci/cruisecontrol-bin-2.8.3/projects/mw/source/tests/phpunit/phpunit.php:60
However, that only triggers because the actual test is failing -- it's expecting to get a return back. This can only be reproduce when using the suite.xml configuration file, and not when running the BlockTest standalone.
Fixes regression from r84475 and friends which made Block->load() and its new front-end Block::newFromTarget() fail when an empty string was passed in as the IP / $vagueTarget parameter to indicate skipping IP-based lookups.
Added phpunit test cases to confirm that both Block->load() and Block::newFromTarget() work when given null (already ok), '' (as done from CheckUser), or false (not seen, but perfectly legit sounding).
Adjusted comparisons to work as expected.
* Block.php: Set mExpiry to the value we store in the database, so that Block::equals() returns true. Fixes BlockTest::testInitializerFunctionsReturnCorrectBlock.
* In Title::checkUserBlock(): Convert message parameters to plain strings to make strict comparisons work. Fixes TitlePermissionTest::testUserBlock().
* ApiBlock.php: Follow-Up r85166, add 'Confirm' parameter to data array. Fixes ApiBlockTest::testMakeNormalBlock().
* ApiQueryTest.php: Use $wgMetaNamespace instead of $wgSitename to account for customizations.
* RandomImageGenerator.php: Use default value for constructor param to prevent fatals.
* ApiTestCaseUpload.php:
** Fix undefined variable $fileName.
** Remove stray ini_set statements, they don't belong there. Especially ini_set( 'error_reporting', 1 ) will effectively disable all reporting, which makes errors hard to track.
* ArticleTablesTest.php: Put testbug14404() in group Broken, as the fix for the bug has been reverted in r83868.
Removed unused globals $wgHooks, $wgBlockAllowsUTEdit, $wgUser, $wgOut
$wgUser was already set global at function beginning.
Moved global out of switch
* Internalise $mAddress/$mUser, $mBy/$mByName, $mEnableAutoblock, $mId as getTarget(), getBlockers(), isAutoblocking(), getId().
* This required editing AbuseFilter and CheckUser backwards-incompatibly, so push the rest of the changes out to those extensions.
* Attack the evil 14-parameter constructor and gratuitously-confusing newFromDB( $notVeryImportantParameter, $moreImportantParameter)
* Reimplement the hack for bug 13611 in a slightly less fragile fashion; could still do with further cleanup, but then again the login frontend is its own can of worms... :S
* Remove transitionary getTargetAndType() and newFromTargetAndType() methods
* Some optimisation in parseTarget()
* Fix the broken phpunit test mentioned in r84251
* Implement accessors for isHardblock() and getRangeStart()/getRangeEnd() in the same fashion.
* Make the corresponding variables private, removing external accessors. This required updating AbuseFilter with non-B/C code, so I also implemented the rest of the changes I've made to the blocking backend in that extension.
* Move the "get an IP range which encompasses the given IP/range" logic to Block.php; will be needed later... :D
* Move Block::parseExpiryInput() to the frontend SpecialBlock::parseExpiryInput()
* consolidate the several implementations of the MediaWiki:Ipblockoptions parsing into SpecialBlock::getSuggestedDurations()
* Move to SpecialBlock.php, and rename class appropriately
* Complete refactor
* Use HTMLForm in block form. This changes most of the ids and field names on the form, but allows proper validation, nicer formatting, clears up several fixmes, and is generally Better(TM).
* Spin various parts out into static functions, several of which properly belong in the backend (but Block.php is a worse mess still)
* Invert some of the block options so that every checkbox makes the block more severe (so "check to disable email" is fine, but "check to allow usertalk edit" (default true) is inverted to "check to disable usertalk edit" (default false).
* revert r40359 (move doMassUserBlock() to core). No one seems to be using this function, which has nothing to do with the frontend UI in SpecialBlock (it might perhaps belong in Block.php); it is pretty bespoke for CheckUser, doesn't seem to have very much utility elsewhere.
current timestamp. This caused Block::__construct to put all sort of
messages in the debug log about invalid timestamp. So change Block to use
timestamp of 0 instead of '' if unspecified.
Updated all nextSequenceValue calls with new sequence names.
OverlordQ stated he'll handle changes to Postgres scripts.
Need someone to change DB2 scripts.
* All manually built LIKE queries in the core are replaced with a wrapper function Database::buildLike()
* This function automatically performs all escaping, so Database::escapeLike() is now almost never used
* Adds database field to ipblocks table, ipb_allow_usertalk, storing whether or not the user can edit their own talk page. Defaults to 0 to coincide with the default value of $wgBlockAllowsUTEdit.
* Recommended to update all current blocks to have a allow_usertalk value of whatever the current setting is
* Retasks $wgBlockAllowsUTEdit to be the default value of the field in the blocking screen - unless a sysop changes the checkbox, will use whatever that variable is set to.
* Fix K&R style braces, since demon started, we may as well finish. This was one of the last files I wrote before I was converted to Brion-style braces.
* Renamed a variable
* Improve docs (formatExpiry() is fine, abstracting wouldn't do anything, as it would just become a wrapper for $wgLang->timeanddate())
* Abstract out some param validation from insert()
* Add an update() method to make modification of existing blocks a bit nicer.
* Cache the autoblock whitelist in $wgMemc
* Remove old commented out code from when 'infinity' wasn't really 'infinity' but just really far in the future
In particular:
Xml.php
* Add textarea method to Xml class.
* Make submit button optional for Xml::buildForm
* Right-align labels in buildForm.
Article.php:
* Make ArticleDelete hook display a real error
EditPage.php:
* Split off getBaseRevision()
Title.php:
* Allow errors to be ignored to be sent to getUserPermissionsErrors.
* Allow AbortMove hook to display a real error.
Block.php:
* Add 'mAngryAutoblock' option, for blocks by software, which does retroactive autoblocks on the last 5 IPs used in the last 7 days.
* Instead of saying 'do that' in a permissions error, actually list what the action is (drawn from the right-$1 messages). This isn't perfect - it says you don't have permission to edit pages when
you can't edit a single page, but it's better than 'do that'.
* Refactor out some code from various block files into Block::formatExpiry and Block::parseExpiryInput.
* Don't display 'you cannot edit special pages' when you're trying to execute, or create an account, or something like that.
* New AbortAutoblock hook (for use in TorBlock extension), which allows extensions to cancel autoblocks.
Doxygen documentation update:
* Changed alls @addtogroup to @ingroup. @addtogroup adds the comment to the group description, but doesn't add the file, class, function, ... to the group like @ingroup does. See for example http://svn.wikimedia.org/doc/group__SpecialPage.html where it's impossible to see related files, classes, ... that should belong to that group.
* Added @file to file description, it seems that it should be explicitely decalred for file descriptions, otherwise doxygen will think that the comment document the first class, variabled, function, ... that is in that file.
* Removed some empty comments
* Removed some ?>
Added following groups:
* ExternalStorage
* JobQueue
* MaintenanceLanguage
One more thing: there are still a lot of warnings when generating the doc.
* Convert "$dbw =& wfGetDB( DB_MASTER );" --> "$dbw = wfGetDB( DB_MASTER );"
* convert "$skin =& $wgUser->getSkin();" --> "$skin = $wgUser->getSkin();"
For the time being have not changed the function definitions of wfGetDB() or User::getSkin() [i.e. they are still both return-by-ref], so as to ensure the interface does not change for extensions [some of which may still be trying to run on PHP4 environments]. However presumably at some point this can be changed too.
Also includes tiny tweak to newlines in parserTests - will show 1 rather than 2 newlines between the "Reading tests from" strings when in quiet mode.
Three reasons for this:
1) It's better for analysis tools [which want explicit variable declaration]
2) It's easier for a human to read, as it's completely explicit where the variables came from [which is something you don't get with extract() ]
3) It makes it easier to find everywhere where a variable is used with search/grep [which you can't currently do with $tbl_page variables from things like: "extract($db->tableNames( 'page', 'revision'), EXTR_PREFIX_ALL, 'tbl');"].
Otherwise, from a functionality/efficiency perspective the two forms should be identical.
By doing this have been able run static analysis over the usages of these variables, thus eliminating 5 unneeded table names from calls, plus removing 3 unused calls entirely, and it just feels subjectively slightly nicer to me.
* Handle bad input to new IP::isAddressInRange gracefully (return false)
* Block::doAutoblock always returns a bool now, as the docs say
* Split off Block::isWhitelistedIp from Block::doAutoblock
* Put AOL proxy IPs in whitelist, and also one from Singapore that was troublesome on enwiki (more should be added, probably?)
* Improve some docs
* Fix a bug: check if the passed IP is in the whitelist, not if the request IP is in the whitelist
* Removed some backtracking regexes with an O(N^2) worst case, replaced with StringUtils::delimiterReplace(). There is a beneficial functional difference: /*/ is no longer considered to be a complete CSS comment.
* Changed the parser strip state from an array to an object. This should hopefully avoid the PHP bugs with array references. StripState uses the new ReplacementArray to do the replacements, thereby supporting FSS.
* Removed DatabaseFunctions.php from the default startup sequence. Moved wfGetDB() to GlobalFunctions.php.
* Introduced the SiteStats class, with a collection of cached site stats accessor functions.
* Removed all global functions from Parser.php, they don't belong there.
* Made LanguageConverter use the new ReplacementArray class instead of managing its own FSS objects.
* Add an index on (rc_user_text,rc_timestamp) on the recentchanges table. This will make CheckUser.php and the new retroactive autoblock functionality faster.
* Allow or disallow account creation from blocked IP addressess on a per-block basis.
* Prevent duplicate blocks.
* Fixed the problem of expiry and unblocking erroneously affecting multiple blocks.
* Fixed confusing lack of error message when a blocked user attempts to create an account.
* Fixed inefficiency of Special:Ipblocklist in the presence of large numbers of blocks; added indexes and implemented an indexed pager.
* remove require_once() throughout whole code, yet left in few places
* move global functions in HttpUtils, ProxyTools, Credits to class methods
* php5 only: __autoload() now used, combined with class->file map and require()
* move initialization of $wgValidSkinNames to Skin::getSkinNames()
* few more changes that will surely break stuff.
