PHPXRef 0.7.1 : MediaWiki-1.24.0 : Detail view of User.php

Class: User - X-Ref

The User object encapsulates all of the user-specific settings (user_id,
name, rights, password, email address, options, last login time). Client
classes use the getXXX() functions to access these fields. These functions
do all the work of determining whether the user is logged in,
whether the requested option can be satisfied from cookies or
whether a database query is needed. Most of the settings needed
for rendering normal pages are set in the cookie to minimize use
of the database.

__construct() X-Ref

Lightweight constructor for an anonymous user.
Use the User::newFrom* factory functions for other kinds of users.

__toString() X-Ref

return: string

load() X-Ref

Load the user table data for this object from the source given by mFrom.

loadFromId() X-Ref

Load user table data, given mId has already been set.

return: bool False if the ID does not exist, true otherwise

saveToCache() X-Ref

Save user data to the shared cache

newFromName( $name, $validate = 'valid' ) X-Ref

Static factory method for creation from username.

This is slightly less efficient than newFromId(), so use newFromId() if
you have both an ID and a name handy.

param: string $name Username, validated by Title::newFromText()
param: string|bool $validate Validate username. Takes the same parameters as
return: User|bool User object, or false if the username is invalid

newFromId( $id ) X-Ref

Static factory method for creation from a given user ID.

param: int $id Valid user ID
return: User The corresponding User object

newFromConfirmationCode( $code ) X-Ref

Factory method to fetch whichever user has a given email confirmation code.
This code is generated when an account is created or its e-mail address
has changed.

If the code is invalid or has expired, returns NULL.

param: string $code Confirmation code
return: User|null

newFromSession( WebRequest $request = null ) X-Ref

Create a new user object using data from session or cookies. If the
login credentials are invalid, the result is an anonymous user.

param: WebRequest|null $request Object to use; $wgRequest will be used if omitted.
return: User

newFromRow( $row, $data = null ) X-Ref

Create a new user object from a user row.
The row should have the following fields from the user table in it:
- either user_name or user_id to load further data if needed (or both)
- user_real_name
- all other fields (email, password, etc.)
It is useless to provide the remaining fields if either user_id,
user_name and user_real_name are not provided because the whole row
will be loaded once more from the database when accessing them.

param: stdClass $row A row from the user table
param: array $data Further data to load into the object (see User::loadFromRow for valid keys)
return: User

whoIs( $id ) X-Ref

Get the username corresponding to a given user ID

param: int $id User ID
return: string|bool The corresponding username

whoIsReal( $id ) X-Ref

Get the real name of a user given their user ID

param: int $id User ID
return: string|bool The corresponding user's real name

idFromName( $name ) X-Ref

Get database id given a user name

param: string $name Username
return: int|null The corresponding user's ID, or null if user is nonexistent

resetIdByNameCache() X-Ref

Reset the cache used in idFromName(). For use in tests.

isIP( $name ) X-Ref

Does the string match an anonymous IPv4 address?

This function exists for username validation, in order to reject
usernames which are similar in form to IP addresses. Strings such
as 300.300.300.300 will return true because it looks like an IP
address, despite not being strictly valid.

We match "\d{1,3}\.\d{1,3}\.\d{1,3}\.xxx" as an anonymous IP
address because the usemod software would "cloak" anonymous IP
addresses like this, if we allowed accounts like this to be created
new users could get the old edits of these anonymous users.

param: string $name Name to match
return: bool

isValidUserName( $name ) X-Ref

Is the input a valid username?

Checks if the input is a valid username, we don't want an empty string,
an IP address, anything that contains slashes (would mess up subpages),
is longer than the maximum allowed username size or doesn't begin with
a capital letter.

param: string $name Name to match
return: bool

isUsableName( $name ) X-Ref

Usernames which fail to pass this function will be blocked
from user login and new account registrations, but may be used
internally by batch processes.

If an account already exists in this form, login will be blocked
by a failure to pass this function.

param: string $name Name to match
return: bool

isCreatableName( $name ) X-Ref

Usernames which fail to pass this function will be blocked
from new account registrations, but may be used internally
either by batch processes or by user accounts which have
already been created.

Additional blacklisting may be added here rather than in
isValidUserName() to avoid disrupting existing accounts.

param: string $name String to match
return: bool

isValidPassword( $password ) X-Ref

Is the input a valid password for this user?

param: string $password Desired password
return: bool

getPasswordValidity( $password ) X-Ref

Given unvalidated password input, return error message on failure.

param: string $password Desired password
return: bool|string|array True on success, string or array of error message on failure

checkPasswordValidity( $password ) X-Ref

Check if this is a valid password for this user. Status will be good if
the password is valid, or have an array of error messages if not.

param: string $password Desired password
return: Status

expirePassword( $ts = 0 ) X-Ref

Expire a user's password

param: int $ts Optional timestamp to convert, default 0 for the current time

resetPasswordExpiration( $load = true ) X-Ref

Clear the password expiration for a user

param: bool $load Ensure user object is loaded first

getPasswordExpired() X-Ref

Check if the user's password is expired.
TODO: Put this and password length into a PasswordPolicy object

return: string|bool The expiration type, or false if not expired

getPasswordExpireDate() X-Ref

Get this user's password expiration date. Since this may be using
the cached User object, we assume that whatever mechanism is setting
the expiration date is also expiring the User cache.

return: string|bool The datestamp of the expiration, or null if not set

getCanonicalName( $name, $validate = 'valid' ) X-Ref

Given unvalidated user input, return a canonical username, or false if
the username is invalid.

param: string $name User input
param: string|bool $validate Type of validation to use:
return: bool|string

edits( $uid ) X-Ref

Count the number of edits of a user

param: int $uid User ID to check
return: int The user's edit count

randomPassword() X-Ref

Return a random password.

return: string New random password

loadDefaults( $name = false ) X-Ref

Set cached properties to default.

param: string|bool $name

isItemLoaded( $item, $all = 'all' ) X-Ref

Return whether an item has been loaded.

param: string $item Item to check. Current possibilities:
param: string $all 'all' to check if the whole object has been loaded
return: bool

setItemLoaded( $item ) X-Ref

Set that an item has been loaded

param: string $item

loadFromSession() X-Ref

Load user data from the session or login cookie.

return: bool True if the user is logged in, false otherwise.

loadFromDatabase( $flags = 0 ) X-Ref

Load user and user_group data from the database.
$this->mId must be set, this is how the user is identified.

param: int $flags Supports User::READ_LOCKING
return: bool True if the user exists, false if the user is anonymous

loadFromRow( $row, $data = null ) X-Ref

Initialize this object from a row from the user table.

param: stdClass $row Row from the user table to load.
param: array $data Further user data to load into the object

loadFromUserObject( $user ) X-Ref

Load the data for this user object from another user object.

param: User $user

loadGroups() X-Ref

Load the groups from the database if they aren't already loaded.

loadPasswords() X-Ref

Load the user's password hashes from the database

This is usually called in a scenario where the actual User object was
loaded from the cache, and then password comparison needs to be performed.
Password hashes are not stored in memcached.

addAutopromoteOnceGroups( $event ) X-Ref

Add the user to the group if he/she meets given criteria.

Contrary to autopromotion by \ref $wgAutopromote, the group will be
possible to remove manually via Special:UserRights. In such case it
will not be re-added automatically. The user will also not lose the
group if they no longer meet the criteria.

param: string $event Key in $wgAutopromoteOnce (each one has groups/criteria)
return: array Array of groups the user has been promoted to.

clearInstanceCache( $reloadFrom = false ) X-Ref

Clear various cached data stored in this object. The cache of the user table
data (i.e. self::$mCacheVars) is not cleared unless $reloadFrom is given.

param: bool|string $reloadFrom Reload user and user_groups table data from a

getDefaultOptions() X-Ref

Combine the language default options with any site-specific options
and add the default language variants.

return: array Array of String options

getDefaultOption( $opt ) X-Ref

Get a given default option value.

param: string $opt Name of option to retrieve
return: string Default option value

getBlockedStatus( $bFromSlave = true ) X-Ref

Get blocking information

param: bool $bFromSlave Whether to check the slave database first.

isDnsBlacklisted( $ip, $checkWhitelist = false ) X-Ref

Whether the given IP is in a DNS blacklist.

param: string $ip IP to check
param: bool $checkWhitelist Whether to check the whitelist first
return: bool True if blacklisted.

inDnsBlacklist( $ip, $bases ) X-Ref

Whether the given IP is in a given DNS blacklist.

param: string $ip IP to check
param: string|array $bases Array of Strings: URL of the DNS blacklist
return: bool True if blacklisted.

isLocallyBlockedProxy( $ip ) X-Ref

Check if an IP address is in the local proxy list

param: string $ip
return: bool

isPingLimitable() X-Ref

Is this user subject to rate limiting?

return: bool True if rate limited

pingLimiter( $action = 'edit', $incrBy = 1 ) X-Ref

Primitive rate limits: enforce maximum actions per time period
to put a brake on flooding.

The method generates both a generic profiling point and a per action one
(suffix being "-$action".

param: string $action Action to enforce; 'edit' if unspecified
param: int $incrBy Positive amount to increment counter by [defaults to 1]
return: bool True if a rate limiter was tripped

isBlocked( $bFromSlave = true ) X-Ref

Check if user is blocked

param: bool $bFromSlave Whether to check the slave database instead of
return: bool True if blocked, false otherwise

getBlock( $bFromSlave = true ) X-Ref

Get the block affecting the user, or null if the user is not blocked

param: bool $bFromSlave Whether to check the slave database instead of the master
return: Block|null

isBlockedFrom( $title, $bFromSlave = false ) X-Ref

Check if user is blocked from editing a particular article

param: Title $title Title to check
param: bool $bFromSlave Whether to check the slave database instead of the master
return: bool

blockedBy() X-Ref

If user is blocked, return the name of the user who placed the block

return: string Name of blocker

blockedFor() X-Ref

If user is blocked, return the specified reason for the block

return: string Blocking reason

getBlockId() X-Ref

If user is blocked, return the ID for the block

return: int Block ID

isBlockedGlobally( $ip = '' ) X-Ref

Check if user is blocked on all wikis.
Do not use for actual edit permission checks!
This is intended for quick UI checks.

param: string $ip IP address, uses current client if none given
return: bool True if blocked, false otherwise

isLocked() X-Ref

Check if user account is locked

return: bool True if locked, false otherwise

isHidden() X-Ref

Check if user account is hidden

return: bool True if hidden, false otherwise

getId() X-Ref

Get the user's ID.

return: int The user's ID; 0 if the user is anonymous or nonexistent

setId( $v ) X-Ref

Set the user and reload all fields according to a given ID

param: int $v User ID to reload

getName() X-Ref

Get the user name, or the IP of an anonymous user

return: string User's name or IP address

setName( $str ) X-Ref

Set the user name.

This does not reload fields from the database according to the given
name. Rather, it is used to create a temporary "nonexistent user" for
later addition to the database. It can also be used to set the IP
address for an anonymous user to something other than the current
remote IP.

param: string $str New user name to set

getTitleKey() X-Ref

Get the user's name escaped by underscores.

return: string Username escaped by underscores.

getNewtalk() X-Ref

Check if the user has new messages.

return: bool True if the user has new messages

getNewMessageLinks() X-Ref

Return the data needed to construct links for new talk page message
alerts. If there are new messages, this will return an associative array
with the following data:
wiki: The database name of the wiki
link: Root-relative link to the user's talk page
rev: The last talk page revision that the user has seen or null. This
is useful for building diff links.
If there are no new messages, it returns an empty array.

return: array

getNewMessageRevisionId() X-Ref

Get the revision ID for the last talk page revision viewed by the talk
page owner.

return: int|null Revision ID or null

checkNewtalk( $field, $id, $fromMaster = false ) X-Ref

Internal uncached check for new messages

param: string $field 'user_ip' for anonymous users, 'user_id' otherwise
param: string|int $id User's IP address for anonymous users, User ID otherwise
param: bool $fromMaster True to fetch from the master, false for a slave
return: bool True if the user has new messages

updateNewtalk( $field, $id, $curRev = null ) X-Ref

Add or update the new messages flag

param: string $field 'user_ip' for anonymous users, 'user_id' otherwise
param: string|int $id User's IP address for anonymous users, User ID otherwise
param: Revision|null $curRev New, as yet unseen revision of the user talk page. Ignored if null.
return: bool True if successful, false otherwise

deleteNewtalk( $field, $id ) X-Ref

Clear the new messages flag for the given user

param: string $field 'user_ip' for anonymous users, 'user_id' otherwise
param: string|int $id User's IP address for anonymous users, User ID otherwise
return: bool True if successful, false otherwise

setNewtalk( $val, $curRev = null ) X-Ref

Update the 'You have new messages!' status.

param: bool $val Whether the user has new messages
param: Revision $curRev New, as yet unseen revision of the user talk

newTouchedTimestamp() X-Ref

Generate a current or new-future timestamp to be stored in the
user_touched field when we update things.

return: string Timestamp in TS_MW format

clearSharedCache() X-Ref

Clear user data from memcached.
Use after applying fun updates to the database; caller's
responsibility to update user_touched if appropriate.

Called implicitly from invalidateCache() and saveSettings().

invalidateCache() X-Ref

Immediately touch the user data cache for this account.
Updates user_touched field, and removes account data from memcached
for reload on the next hit.

validateCache( $timestamp ) X-Ref

Validate the cache for this account.

param: string $timestamp A timestamp in TS_MW format
return: bool

getTouched() X-Ref

Get the user touched timestamp

return: string Timestamp

getPassword() X-Ref

return: Password

getTemporaryPassword() X-Ref

return: Password

setPassword( $str ) X-Ref

Set the password and reset the random token.
Calls through to authentication plugin if necessary;
will have no effect if the auth plugin refuses to
pass the change through or if the legal password
checks fail.

As a special case, setting the password to null
wipes it, so the account cannot be logged in until
a new password is set, for instance via e-mail.

param: string $str New password to set
return: bool

setInternalPassword( $str ) X-Ref

Set the password and reset the random token unconditionally.

param: string|null $str New password to set or null to set an invalid

getToken( $forceCreation = true ) X-Ref

Get the user's current token.

param: bool $forceCreation Force the generation of a new token if the
return: string Token

setToken( $token = false ) X-Ref

Set the random token (used for persistent authentication)
Called from loadDefaults() among other places.

param: string|bool $token If specified, set the token to this value

setNewpassword( $str, $throttle = true ) X-Ref

Set the password for a password reminder or new account email

param: string $str New password to set or null to set an invalid
param: bool $throttle If true, reset the throttle timestamp to the present

isPasswordReminderThrottled() X-Ref

Has password reminder email been sent within the last
$wgPasswordReminderResendTime hours?

return: bool

getEmail() X-Ref

Get the user's e-mail address

return: string User's email address

getEmailAuthenticationTimestamp() X-Ref

Get the timestamp of the user's e-mail authentication

return: string TS_MW timestamp

setEmail( $str ) X-Ref

Set the user's e-mail address

param: string $str New e-mail address

setEmailWithConfirmation( $str ) X-Ref

Set the user's e-mail address and a confirmation mail if needed.

param: string $str New e-mail address
return: Status

getRealName() X-Ref

Get the user's real name

return: string User's real name

setRealName( $str ) X-Ref

Set the user's real name

param: string $str New real name

getOption( $oname, $defaultOverride = null, $ignoreHidden = false ) X-Ref

Get the user's current setting for a given option.

param: string $oname The option to check
param: string $defaultOverride A default value returned if the option does not exist
param: bool $ignoreHidden Whether to ignore the effects of $wgHiddenPrefs
return: string User's current value for the option

getOptions() X-Ref

Get all user's options

return: array

getBoolOption( $oname ) X-Ref

Get the user's current setting for a given option, as a boolean value.

param: string $oname The option to check
return: bool User's current value for the option

getIntOption( $oname, $defaultOverride = 0 ) X-Ref

Get the user's current setting for a given option, as an integer value.

param: string $oname The option to check
param: int $defaultOverride A default value returned if the option does not exist
return: int User's current value for the option

setOption( $oname, $val ) X-Ref

Set the given option for a user.

You need to call saveSettings() to actually write to the database.

param: string $oname The option to set
param: mixed $val New value to set

getTokenFromOption( $oname ) X-Ref

Get a token stored in the preferences (like the watchlist one),
resetting it if it's empty (and saving changes).

param: string $oname The option name to retrieve the token from
return: string|bool User's current value for the option, or false if this option is disabled.

resetTokenFromOption( $oname ) X-Ref

Reset a token stored in the preferences (like the watchlist one).
*Does not* save user's preferences (similarly to setOption()).

param: string $oname The option name to reset the token in
return: string|bool New token value, or false if this option is disabled.

listOptionKinds() X-Ref

Return a list of the types of user options currently returned by
User::getOptionKinds().

Currently, the option kinds are:
- 'registered' - preferences which are registered in core MediaWiki or
by extensions using the UserGetDefaultOptions hook.
- 'registered-multiselect' - as above, using the 'multiselect' type.
- 'registered-checkmatrix' - as above, using the 'checkmatrix' type.
- 'userjs' - preferences with names starting with 'userjs-', intended to
be used by user scripts.
- 'special' - "preferences" that are not accessible via User::getOptions
or User::setOptions.
- 'unused' - preferences about which MediaWiki doesn't know anything.
These are usually legacy options, removed in newer versions.

The API (and possibly others) use this function to determine the possible
option types for validation purposes, so make sure to update this when a
new option kind is added.

return: array Option kinds

getOptionKinds( IContextSource $context, $options = null ) X-Ref

Return an associative array mapping preferences keys to the kind of a preference they're
used for. Different kinds are handled differently when setting or reading preferences.

See User::listOptionKinds for the list of valid option types that can be provided.

param: IContextSource $context
param: array $options Assoc. array with options keys to check as keys.
return: array The key => kind mapping data

resetOptions($resetKinds = array( 'registered', 'registered-multiselect', 'registered-checkmatrix', 'unused' ) X-Ref

Reset certain (or all) options to the site defaults

The optional parameter determines which kinds of preferences will be reset.
Supported values are everything that can be reported by getOptionKinds()
and 'all', which forces a reset of *all* preferences and overrides everything else.

param: array|string $resetKinds Which kinds of preferences to reset. Defaults to
param: IContextSource|null $context Context source used when $resetKinds

getDatePreference() X-Ref

Get the user's preferred date format.

return: string User's preferred date format

requiresHTTPS() X-Ref

Determine based on the wiki configuration and the user's options,
whether this user must be over HTTPS no matter what.

return: bool

getStubThreshold() X-Ref

Get the user preferred stub threshold

return: int

getRights() X-Ref

Get the permissions this user has.

return: array Array of String permission names

getGroups() X-Ref

Get the list of explicit group memberships this user has.
The implicit * and user groups are not included.

return: array Array of String internal group names

getEffectiveGroups( $recache = false ) X-Ref

Get the list of implicit group memberships this user has.
This includes all explicit groups, plus 'user' if logged in,
'*' for all accounts, and autopromoted groups

param: bool $recache Whether to avoid the cache
return: array Array of String internal group names

getAutomaticGroups( $recache = false ) X-Ref

Get the list of implicit group memberships this user has.
This includes 'user' if logged in, '*' for all accounts,
and autopromoted groups

param: bool $recache Whether to avoid the cache
return: array Array of String internal group names

getFormerGroups() X-Ref

Returns the groups the user has belonged to.

The user may still belong to the returned groups. Compare with getGroups().

The function will not return groups the user had belonged to before MW 1.17

return: array Names of the groups the user has belonged to.

getEditCount() X-Ref

Get the user's edit count.

return: int|null Null for anonymous users

addGroup( $group ) X-Ref

Add the user to the given group.
This takes immediate effect.

param: string $group Name of the group to add

removeGroup( $group ) X-Ref

Remove the user from the given group.
This takes immediate effect.

param: string $group Name of the group to remove

isLoggedIn() X-Ref

Get whether the user is logged in

return: bool

isAnon() X-Ref

Get whether the user is anonymous

return: bool

isAllowedAny( ) X-Ref

Check if user is allowed to access a feature / make an action

param: string $permissions,... Permissions to test
return: bool True if user is allowed to perform *any* of the given actions

isAllowedAll( ) X-Ref

param: string $permissions,... Permissions to test
return: bool True if the user is allowed to perform *all* of the given actions

isAllowed( $action = '' ) X-Ref

Internal mechanics of testing a permission

param: string $action
return: bool

useRCPatrol() X-Ref

Check whether to enable recent changes patrol features for this user

return: bool True or false

useNPPatrol() X-Ref

Check whether to enable new pages patrol features for this user

return: bool True or false

getRequest() X-Ref

Get the WebRequest object to use with this object

return: WebRequest

getSkin() X-Ref

Get the current skin, loading it if required

return: Skin The current skin

getWatchedItem( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) X-Ref

Get a WatchedItem for this user and $title.

param: Title $title
param: int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
return: WatchedItem

isWatched( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) X-Ref

Check the watched status of an article.

param: Title $title Title of the article to look at
param: int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.
return: bool

addWatch( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) X-Ref

Watch an article.

param: Title $title Title of the article to look at
param: int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.

removeWatch( $title, $checkRights = WatchedItem::CHECK_USER_RIGHTS ) X-Ref

Stop watching an article.

param: Title $title Title of the article to look at
param: int $checkRights Whether to check 'viewmywatchlist'/'editmywatchlist' rights.

clearNotification( &$title, $oldid = 0 ) X-Ref

Clear the user's notification timestamp for the given title.
If e-notif e-mails are on, they will receive notification mails on
the next change of the page if it's watched etc.

param: Title $title Title of the article to look at
param: int $oldid The revision id being viewed. If not given or 0, latest revision is assumed.

clearAllNotifications() X-Ref

Resets all of the given user's page-change notification timestamps.
If e-notif e-mails are on, they will receive notification mails on
the next change of any watched page.

setCookie( $name, $value, $exp = 0, $secure = null, $params = array() X-Ref

Set a cookie on the user's client. Wrapper for
WebResponse::setCookie

param: string $name Name of the cookie to set
param: string $value Value to set
param: int $exp Expiration time, as a UNIX time value;
param: bool $secure
param: array $params Array of options sent passed to WebResponse::setcookie()

clearCookie( $name, $secure = null, $params = array() X-Ref

Clear a cookie on the user's client

param: string $name Name of the cookie to clear
param: bool $secure
param: array $params Array of options sent passed to WebResponse::setcookie()

setCookies( $request = null, $secure = null, $rememberMe = false ) X-Ref

Set the default cookies for this session on the user's client.

param: WebRequest|null $request WebRequest object to use; $wgRequest will be used if null
param: bool $secure Whether to force secure/insecure cookies or use default
param: bool $rememberMe Whether to add a Token cookie for elongated sessions

logout() X-Ref

Log this user out.

doLogout() X-Ref

Clear the user's cookies and session, and reset the instance cache.

saveSettings() X-Ref

Save this user's settings into the database.

idForName() X-Ref

If only this user's username is known, and it exists, return the user ID.

return: int

createNew( $name, $params = array() X-Ref

Add a user to the database, return the user object

param: string $name Username to add
param: array $params Array of Strings Non-default parameters to save to
return: User|null User object, or null if the username already exists.

addToDatabase() X-Ref

Add this existing user object to the database. If the user already
exists, a fatal status object is returned, and the user object is
initialised with the data from the database.

Previously, this function generated a DB error due to a key conflict
if the user already existed. Many extension callers use this function
in code along the lines of:

$user = User::newFromName( $name );
if ( !$user->isLoggedIn() ) {
$user->addToDatabase();
}
// do something with $user...

However, this was vulnerable to a race condition (bug 16020). By
initialising the user object if the user exists, we aim to support this
calling sequence as far as possible.

Note that if the user exists, this function will acquire a write lock,
so it is still advisable to make the call conditional on isLoggedIn(),
and to commit the transaction after calling.

return: Status

spreadAnyEditBlock() X-Ref

If this user is logged-in and blocked,
block any IP address they've successfully logged in from.

return: bool A block was spread

spreadBlock() X-Ref

If this (non-anonymous) user is blocked,
block the IP address they've successfully logged in from.

return: bool A block was spread

isBlockedFromCreateAccount() X-Ref

Get whether the user is explicitly blocked from account creation.

return: bool|Block

isBlockedFromEmailuser() X-Ref

Get whether the user is blocked from using Special:Emailuser.

return: bool

isAllowedToCreateAccount() X-Ref

Get whether the user is allowed to create an account.

return: bool

getUserPage() X-Ref

Get this user's personal page title.

return: Title User's personal page title

getTalkPage() X-Ref

Get this user's talk page title.

return: Title User's talk page title

isNewbie() X-Ref

Determine whether the user is a newbie. Newbies are either
anonymous IPs, or the most recently created accounts.

return: bool

checkPassword( $password ) X-Ref

Check to see if the given clear-text password is one of the accepted passwords

param: string $password User password
return: bool True if the given password is correct, otherwise False

checkTemporaryPassword( $plaintext ) X-Ref

Check if the given clear-text password matches the temporary password
sent by e-mail for password reset operations.

param: string $plaintext
return: bool True if matches, false otherwise

editToken( $salt = '', $request = null ) X-Ref

Alias for getEditToken.

param: string|array $salt Array of Strings Optional function-specific data for hashing
param: WebRequest|null $request WebRequest object to use or null to use $wgRequest
return: string The new edit token

getEditToken( $salt = '', $request = null ) X-Ref

Initialize (if necessary) and return a session token value
which can be used in edit forms to show that the user's
login credentials aren't being hijacked with a foreign form
submission.

param: string|array $salt Array of Strings Optional function-specific data for hashing
param: WebRequest|null $request WebRequest object to use or null to use $wgRequest
return: string The new edit token

generateToken() X-Ref

Generate a looking random token for various uses.

return: string The new random token

matchEditToken( $val, $salt = '', $request = null ) X-Ref

Check given value against the token value stored in the session.
A match should confirm that the form was submitted from the
user's own login session, not a form submission from a third-party
site.

param: string $val Input value to compare
param: string $salt Optional function-specific data for hashing
param: WebRequest|null $request Object to use or null to use $wgRequest
return: bool Whether the token matches

matchEditTokenNoSuffix( $val, $salt = '', $request = null ) X-Ref

Check given value against the token value stored in the session,
ignoring the suffix.

param: string $val Input value to compare
param: string $salt Optional function-specific data for hashing
param: WebRequest|null $request Object to use or null to use $wgRequest
return: bool Whether the token matches

sendConfirmationMail( $type = 'created' ) X-Ref

Generate a new e-mail confirmation token and send a confirmation/invalidation
mail to the user's given address.

param: string $type Message to send, either "created", "changed" or "set"
return: Status

sendMail( $subject, $body, $from = null, $replyto = null ) X-Ref

Send an e-mail to this user's account. Does not check for
confirmed status or validity.

param: string $subject Message subject
param: string $body Message body
param: string $from Optional From address; if unspecified, default
param: string $replyto Reply-To address
return: Status

confirmationToken( &$expiration ) X-Ref

Generate, store, and return a new e-mail confirmation code.
A hash (unsalted, since it's used as a key) is stored.

param: string &$expiration Accepts the expiration time
return: string New token

confirmationTokenUrl( $token ) X-Ref

Return a URL the user can use to confirm their email address.

param: string $token Accepts the email confirmation token
return: string New token URL

invalidationTokenUrl( $token ) X-Ref

Return a URL the user can use to invalidate their email address.

param: string $token Accepts the email confirmation token
return: string New token URL

getTokenUrl( $page, $token ) X-Ref

Internal function to format the e-mail validation/invalidation URLs.
This uses a quickie hack to use the
hardcoded English names of the Special: pages, for ASCII safety.

param: string $page Special page
param: string $token Token
return: string Formatted URL

confirmEmail() X-Ref

Mark the e-mail address confirmed.

return: bool

invalidateEmail() X-Ref

Invalidate the user's e-mail confirmation, and unauthenticate the e-mail
address if it was already confirmed.

return: bool Returns true

setEmailAuthenticationTimestamp( $timestamp ) X-Ref

Set the e-mail authentication timestamp.

param: string $timestamp TS_MW timestamp

canSendEmail() X-Ref

Is this user allowed to send e-mails within limits of current
site configuration?

return: bool

canReceiveEmail() X-Ref

Is this user allowed to receive e-mails within limits of current
site configuration?

return: bool

isEmailConfirmed() X-Ref

Is this user's e-mail address valid-looking and confirmed within
limits of the current site configuration?

return: bool

isEmailConfirmationPending() X-Ref

Check whether there is an outstanding request for e-mail confirmation.

return: bool

getRegistration() X-Ref

Get the timestamp of account creation.

return: string|bool|null Timestamp of account creation, false for

getFirstEditTimestamp() X-Ref

Get the timestamp of the first edit

return: string|bool Timestamp of first edit, or false for

getGroupPermissions( $groups ) X-Ref

Get the permissions associated with a given list of groups

param: array $groups Array of Strings List of internal group names
return: array Array of Strings List of permission key names for given groups combined

getGroupsWithPermission( $role ) X-Ref

Get all the groups who have a given permission

param: string $role Role to check
return: array Array of Strings List of internal group names with the given permission

groupHasPermission( $group, $role ) X-Ref

Check, if the given group has the given permission

If you're wanting to check whether all users have a permission, use
User::isEveryoneAllowed() instead. That properly checks if it's revoked
from anyone.

param: string $group Group to check
param: string $role Role to check
return: bool

isEveryoneAllowed( $right ) X-Ref

Check if all users have the given permission

param: string $right Right to check
return: bool

getGroupName( $group ) X-Ref

Get the localized descriptive name for a group, if it exists

param: string $group Internal group name
return: string Localized descriptive group name

getGroupMember( $group, $username = ') X-Ref

Get the localized descriptive name for a member of a group, if it exists

param: string $group Internal group name
param: string $username Username for gender (since 1.19)
return: string Localized name for group member

getAllGroups() X-Ref

Return the set of defined explicit groups.
The implicit groups (by default *, 'user' and 'autoconfirmed')
are not included, as they are defined automatically, not in the database.

return: array Array of internal group names

getAllRights() X-Ref

Get a list of all available permissions.

return: array Array of permission names

getImplicitGroups() X-Ref

Get a list of implicit groups

return: array Array of Strings Array of internal group names

getGroupPage( $group ) X-Ref

Get the title of a page describing a particular group

param: string $group Internal group name
return: Title|bool Title of the page if it exists, false otherwise

makeGroupLinkHTML( $group, $text = '' ) X-Ref

Create a link to the group in HTML, if available;
else return the group name.

param: string $group Internal name of the group
param: string $text The text of the link
return: string HTML link to the group

makeGroupLinkWiki( $group, $text = '' ) X-Ref

Create a link to the group in Wikitext, if available;
else return the group name.

param: string $group Internal name of the group
param: string $text The text of the link
return: string Wikilink to the group

changeableByGroup( $group ) X-Ref

Returns an array of the groups that a particular group can add/remove.

param: string $group The group to check for whether it can add/remove
return: array Array( 'add' => array( addablegroups ),

changeableGroups() X-Ref

Returns an array of groups that this user can add and remove

return: array Array( 'add' => array( addablegroups ),

incEditCount() X-Ref

Increment the user's edit-count field.
Will have no effect for anonymous users.

initEditCount( $add = 0 ) X-Ref

Initialize user_editcount from data out of the revision table

param: int $add Edits to add to the count from the revision table
return: int Number of edits

getRightDescription( $right ) X-Ref

Get the description of a given right

param: string $right Right to query
return: string Localized description of the right

crypt( $password, $salt = false ) X-Ref

Make a new-style password hash

param: string $password Plain-text password
param: bool|string $salt Optional salt, may be random or the user ID.
return: string Password hash

comparePasswords( $hash, $password, $userId = false ) X-Ref

Compare a password hash with a plain-text password. Requires the user
ID if there's a chance that the hash is an old-style hash.

param: string $hash Password hash
param: string $password Plain-text password to compare
param: string|bool $userId User ID for old-style password salt
return: bool

addNewUserLogEntry( $action = false, $reason = '' ) X-Ref

Add a newuser log entry for this user.
Before 1.19 the return value was always true.

param: string|bool $action Account creation type.
param: string $reason User supplied reason
return: int|bool True if not $wgNewUserLog; otherwise ID of log item or 0 on failure

addNewUserLogEntryAutoCreate() X-Ref

Add an autocreate newuser log entry for this user
Used by things like CentralAuth and perhaps other authplugins.
Consider calling addNewUserLogEntry() directly instead.

return: bool

loadOptions( $data = null ) X-Ref

Load the user options either from cache, the database or an array

param: array $data Rows for the current user out of the user_properties table

saveOptions() X-Ref

Saves the non-default options for this user, as previously set e.g. via
setOption(), in the database's "user_properties" (preferences) table.
Usually used via saveSettings().

getPasswordFactory() X-Ref

Lazily instantiate and return a factory object for making passwords

return: PasswordFactory

passwordChangeInputAttribs() X-Ref

Provide an array of HTML5 attributes to put on an input element
intended for the user to enter a new password. This may include
required, title, and/or pattern, depending on $wgMinimalPasswordLength.

Do *not* use this when asking the user to enter his current password!
Regardless of configuration, users may have invalid passwords for whatever
reason (e.g., they were set before requirements were tightened up).
Only use it when asking for a new password, like on account creation or
ResetPass.

Obviously, you still need to do server-side checking.

NOTE: A combination of bugs in various browsers means that this function
actually just returns array() unconditionally at the moment. May as
well keep it around for when the browser bugs get fixed, though.

return: array Array of HTML attributes suitable for feeding to

selectFields() X-Ref

Return the list of user fields that should be selected to create
a new user object.

return: array

newFatalPermissionDeniedStatus( $permission ) X-Ref

Factory function for fatal permission-denied errors

param: string $permission User right required
return: Status

File Size:	4989 lines (148 kb)
Included or required:	0 times
Referenced:	1 time
Includes or requires:	0 files

PHP Cross Reference of MediaWiki-1.24.0

/includes/ -> User.php (summary)

Defines 1 class