1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
<?php
use MediaWiki\Auth\AbstractPreAuthenticationProvider;
use MediaWiki\Auth\AuthenticationRequest;
class AbuseFilterPreAuthenticationProvider extends AbstractPreAuthenticationProvider {
public function testForAccountCreation( $user, $creator, array $reqs ) {
return $this->testUser( $user, $creator, false );
}
public function testUserForCreation( $user, $autocreate, array $options = [] ) {
// if this is not an autocreation, testForAccountCreation already handled it
if ( $autocreate ) {
return $this->testUser( $user, $user, true );
}
return StatusValue::newGood();
}
/**
* @param User $user The user being created or autocreated
* @param User $creator The user who caused $user to be created (or $user itself on autocreation)
* @param bool $autocreate Is this an autocreation?
* @return StatusValue
*/
protected function testUser( $user, $creator, $autocreate ) {
if ( $user->getName() == wfMessage( 'abusefilter-blocker' )->inContentLanguage()->text() ) {
return StatusValue::newFatal( 'abusefilter-accountreserved' );
}
$vars = new AbuseFilterVariableHolder;
// generateUserVars records $creator->getName() which would be the IP for unregistered users
if ( $creator->isLoggedIn() ) {
$vars->addHolders( AbuseFilter::generateUserVars( $creator ) );
}
$vars->setVar( 'ACTION', $autocreate ? 'autocreateaccount' : 'createaccount' );
$vars->setVar( 'ACCOUNTNAME', $user->getName() );
// pass creator in explicitly to prevent recording the current user on autocreation - T135360
$status = AbuseFilter::filterAction( $vars, SpecialPage::getTitleFor( 'Userlogin' ),
'default', $creator );
return $status->getStatusValue();
}
}
|
