From 4ac9fa081a7c045f6a9f1cfc529d82423f485b2e Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Sun, 8 Dec 2013 09:55:49 +0100 Subject: Update to MediaWiki 1.22.0 --- includes/Preferences.php | 541 ++++++++++++++++++++++++----------------------- 1 file changed, 278 insertions(+), 263 deletions(-) (limited to 'includes/Preferences.php') diff --git a/includes/Preferences.php b/includes/Preferences.php index 56dba05e..c9caf4f7 100644 --- a/includes/Preferences.php +++ b/includes/Preferences.php @@ -56,6 +56,12 @@ class Preferences { 'searchlimit' => array( 'Preferences', 'filterIntval' ), ); + // Stuff that shouldn't be saved as a preference. + private static $saveBlacklist = array( + 'realname', + 'emailaddress', + ); + /** * @throws MWException * @param $user User @@ -90,10 +96,19 @@ class Preferences { } } + ## Make sure that form fields have their parent set. See bug 41337. + $dummyForm = new HTMLForm( array(), $context ); + + $disable = !$user->isAllowed( 'editmyoptions' ); + ## Prod in defaults from the user foreach ( $defaultPreferences as $name => &$info ) { $prefFromUser = self::getOptionFromUser( $name, $info, $user ); + if ( $disable && !in_array( $name, self::$saveBlacklist ) ) { + $info['disabled'] = 'disabled'; + } $field = HTMLForm::loadInputFromParameters( $name, $info ); // For validation + $field->mParent = $dummyForm; $defaultOptions = User::getDefaultOptions(); $globalDefault = isset( $defaultOptions[$name] ) ? $defaultOptions[$name] @@ -153,7 +168,7 @@ class Preferences { foreach ( $columns as $column ) { foreach ( $rows as $row ) { - if ( $user->getOption( "$prefix-$column-$row" ) ) { + if ( $user->getOption( "$prefix$column-$row" ) ) { $val[] = "$column-$row"; } } @@ -173,7 +188,8 @@ class Preferences { global $wgAuth, $wgContLang, $wgParser, $wgCookieExpiration, $wgLanguageCode, $wgDisableTitleConversion, $wgDisableLangConversion, $wgMaxSigChars, $wgEnableEmail, $wgEmailConfirmToEdit, $wgEnableUserEmail, $wgEmailAuthentication, - $wgEnotifWatchlist, $wgEnotifUserTalk, $wgEnotifRevealEditorAddress; + $wgEnotifWatchlist, $wgEnotifUserTalk, $wgEnotifRevealEditorAddress, + $wgSecureLogin; // retrieving user name for GENDER and misc. $userName = $user->getName(); @@ -225,10 +241,14 @@ class Preferences { 'section' => 'personal/info', ); + $editCount = Linker::link( SpecialPage::getTitleFor( "Contributions", $userName ), + $lang->formatNum( $user->getEditCount() ) ); + $defaultPreferences['editcount'] = array( 'type' => 'info', + 'raw' => true, 'label-message' => 'prefs-edits', - 'default' => $lang->formatNum( $user->getEditCount() ), + 'default' => $editCount, 'section' => 'personal/info', ); @@ -248,28 +268,20 @@ class Preferences { ); } + $canViewPrivateInfo = $user->isAllowed( 'viewmyprivateinfo' ); + $canEditPrivateInfo = $user->isAllowed( 'editmyprivateinfo' ); + // Actually changeable stuff $defaultPreferences['realname'] = array( - 'type' => $wgAuth->allowPropChange( 'realname' ) ? 'text' : 'info', + // (not really "private", but still shouldn't be edited without permission) + 'type' => $canEditPrivateInfo && $wgAuth->allowPropChange( 'realname' ) ? 'text' : 'info', 'default' => $user->getRealName(), 'section' => 'personal/info', 'label-message' => 'yourrealname', 'help-message' => 'prefs-help-realname', ); - $defaultPreferences['gender'] = array( - 'type' => 'select', - 'section' => 'personal/info', - 'options' => array( - $context->msg( 'gender-male' )->text() => 'male', - $context->msg( 'gender-female' )->text() => 'female', - $context->msg( 'gender-unknown' )->text() => 'unknown', - ), - 'label-message' => 'yourgender', - 'help-message' => 'prefs-help-gender', - ); - - if ( $wgAuth->allowPasswordChange() ) { + if ( $canEditPrivateInfo && $wgAuth->allowPasswordChange() ) { $link = Linker::link( SpecialPage::getTitleFor( 'ChangePassword' ), $context->msg( 'prefs-resetpass' )->escaped(), array(), array( 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() ) ); @@ -290,6 +302,15 @@ class Preferences { 'section' => 'personal/info', ); } + // Only show preferhttps if secure login is turned on + if ( $wgSecureLogin && wfCanIPUseHTTPS( $context->getRequest()->getIP() ) ) { + $defaultPreferences['prefershttps'] = array( + 'type' => 'toggle', + 'label-message' => 'tog-prefershttps', + 'help-message' => 'prefs-help-prefershttps', + 'section' => 'personal/info' + ); + } // Language $languages = Language::fetchLanguageNames( null, 'mw' ); @@ -310,39 +331,74 @@ class Preferences { 'label-message' => 'yourlanguage', ); - /* see if there are multiple language variants to choose from*/ - $variantArray = array(); + $defaultPreferences['gender'] = array( + 'type' => 'radio', + 'section' => 'personal/i18n', + 'options' => array( + $context->msg( 'parentheses', + $context->msg( 'gender-unknown' )->text() + )->text() => 'unknown', + $context->msg( 'gender-female' )->text() => 'female', + $context->msg( 'gender-male' )->text() => 'male', + ), + 'label-message' => 'yourgender', + 'help-message' => 'prefs-help-gender', + ); + + // see if there are multiple language variants to choose from if ( !$wgDisableLangConversion ) { - $variants = $wgContLang->getVariants(); + foreach ( LanguageConverter::$languagesWithVariants as $langCode ) { + if ( $langCode == $wgContLang->getCode() ) { + $variants = $wgContLang->getVariants(); - foreach ( $variants as $v ) { - $v = str_replace( '_', '-', strtolower( $v ) ); - $variantArray[$v] = $wgContLang->getVariantname( $v, false ); - } + if ( count( $variants ) <= 1 ) { + continue; + } - $options = array(); - foreach ( $variantArray as $code => $name ) { - $display = wfBCP47( $code ) . ' - ' . $name; - $options[$display] = $code; - } + $variantArray = array(); + foreach ( $variants as $v ) { + $v = str_replace( '_', '-', strtolower( $v ) ); + $variantArray[$v] = $lang->getVariantname( $v, false ); + } - if ( count( $variantArray ) > 1 ) { - $defaultPreferences['variant'] = array( - 'label-message' => 'yourvariant', - 'type' => 'select', - 'options' => $options, - 'section' => 'personal/i18n', - 'help-message' => 'prefs-help-variant', - ); + $options = array(); + foreach ( $variantArray as $code => $name ) { + $display = wfBCP47( $code ) . ' - ' . $name; + $options[$display] = $code; + } + + $defaultPreferences['variant'] = array( + 'label-message' => 'yourvariant', + 'type' => 'select', + 'options' => $options, + 'section' => 'personal/i18n', + 'help-message' => 'prefs-help-variant', + ); + + if ( !$wgDisableTitleConversion ) { + $defaultPreferences['noconvertlink'] = array( + 'type' => 'toggle', + 'section' => 'personal/i18n', + 'label-message' => 'tog-noconvertlink', + ); + } + } else { + $defaultPreferences["variant-$langCode"] = array( + 'type' => 'api', + ); + } } } - if ( count( $variantArray ) > 1 && !$wgDisableLangConversion && !$wgDisableTitleConversion ) { - $defaultPreferences['noconvertlink'] = - array( + // Stuff from Language::getExtraUserToggles() + // FIXME is this dead code? $extraUserToggles doesn't seem to be defined for any language + $toggles = $wgContLang->getExtraUserToggles(); + + foreach ( $toggles as $toggle ) { + $defaultPreferences[$toggle] = array( 'type' => 'toggle', 'section' => 'personal/i18n', - 'label-message' => 'tog-noconvertlink', + 'label-message' => "tog-$toggle", ); } @@ -374,43 +430,45 @@ class Preferences { ## Email stuff if ( $wgEnableEmail ) { - $helpMessages[] = $wgEmailConfirmToEdit - ? 'prefs-help-email-required' - : 'prefs-help-email'; - - if( $wgEnableUserEmail ) { - // additional messages when users can send email to each other - $helpMessages[] = 'prefs-help-email-others'; - } + if ( $canViewPrivateInfo ) { + $helpMessages[] = $wgEmailConfirmToEdit + ? 'prefs-help-email-required' + : 'prefs-help-email'; + + if ( $wgEnableUserEmail ) { + // additional messages when users can send email to each other + $helpMessages[] = 'prefs-help-email-others'; + } - $link = Linker::link( - SpecialPage::getTitleFor( 'ChangeEmail' ), - $context->msg( $user->getEmail() ? 'prefs-changeemail' : 'prefs-setemail' )->escaped(), - array(), - array( 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() ) ); + $emailAddress = $user->getEmail() ? htmlspecialchars( $user->getEmail() ) : ''; + if ( $canEditPrivateInfo && $wgAuth->allowPropChange( 'emailaddress' ) ) { + $link = Linker::link( + SpecialPage::getTitleFor( 'ChangeEmail' ), + $context->msg( $user->getEmail() ? 'prefs-changeemail' : 'prefs-setemail' )->escaped(), + array(), + array( 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() ) ); + + $emailAddress .= $emailAddress == '' ? $link : ( + $context->msg( 'word-separator' )->plain() + . $context->msg( 'parentheses' )->rawParams( $link )->plain() + ); + } - $emailAddress = $user->getEmail() ? htmlspecialchars( $user->getEmail() ) : ''; - if ( $wgAuth->allowPropChange( 'emailaddress' ) ) { - $emailAddress .= $emailAddress == '' ? $link : ( - $context->msg( 'word-separator' )->plain() - . $context->msg( 'parentheses' )->rawParams( $link )->plain() + $defaultPreferences['emailaddress'] = array( + 'type' => 'info', + 'raw' => true, + 'default' => $emailAddress, + 'label-message' => 'youremail', + 'section' => 'personal/email', + 'help-messages' => $helpMessages, + # 'cssclass' chosen below ); } - $defaultPreferences['emailaddress'] = array( - 'type' => 'info', - 'raw' => true, - 'default' => $emailAddress, - 'label-message' => 'youremail', - 'section' => 'personal/email', - 'help-messages' => $helpMessages, - # 'cssclass' chosen below - ); - $disableEmailPrefs = false; - $emailauthenticationclass = 'mw-email-not-authenticated'; if ( $wgEmailAuthentication ) { + $emailauthenticationclass = 'mw-email-not-authenticated'; if ( $user->getEmail() ) { if ( $user->getEmailAuthenticationTimestamp() ) { // date and time are separate parameters to facilitate localisation. @@ -432,7 +490,7 @@ class Preferences { SpecialPage::getTitleFor( 'Confirmemail' ), $context->msg( 'emailconfirmlink' )->escaped() ) . '
'; - $emailauthenticationclass="mw-email-not-authenticated"; + $emailauthenticationclass = "mw-email-not-authenticated"; } } else { $disableEmailPrefs = true; @@ -440,17 +498,19 @@ class Preferences { $emailauthenticationclass = 'mw-email-none'; } - $defaultPreferences['emailauthentication'] = array( - 'type' => 'info', - 'raw' => true, - 'section' => 'personal/email', - 'label-message' => 'prefs-emailconfirm-label', - 'default' => $emailauthenticated, - # Apply the same CSS class used on the input to the message: - 'cssclass' => $emailauthenticationclass, - ); + if ( $canViewPrivateInfo ) { + $defaultPreferences['emailauthentication'] = array( + 'type' => 'info', + 'raw' => true, + 'section' => 'personal/email', + 'label-message' => 'prefs-emailconfirm-label', + 'default' => $emailauthenticated, + # Apply the same CSS class used on the input to the message: + 'cssclass' => $emailauthenticationclass, + ); + $defaultPreferences['emailaddress']['cssclass'] = $emailauthenticationclass; + } } - $defaultPreferences['emailaddress']['cssclass'] = $emailauthenticationclass; if ( $wgEnableUserEmail && $user->isAllowed( 'sendemail' ) ) { $defaultPreferences['disablemail'] = array( @@ -546,18 +606,6 @@ class Preferences { 'section' => 'rendering/skin', ); } - - $selectedSkin = $user->getOption( 'skin' ); - if ( in_array( $selectedSkin, array( 'cologneblue', 'standard' ) ) ) { - $settings = array_flip( $context->getLanguage()->getQuickbarSettings() ); - - $defaultPreferences['quickbar'] = array( - 'type' => 'radio', - 'options' => $settings, - 'section' => 'rendering/skin', - 'label-message' => 'qbsettings', - ); - } } /** @@ -660,6 +708,18 @@ class Preferences { * @param $defaultPreferences Array */ static function renderingPreferences( $user, IContextSource $context, &$defaultPreferences ) { + ## Diffs #################################### + $defaultPreferences['diffonly'] = array( + 'type' => 'toggle', + 'section' => 'rendering/diffs', + 'label-message' => 'tog-diffonly', + ); + $defaultPreferences['norollbackdiff'] = array( + 'type' => 'toggle', + 'section' => 'rendering/diffs', + 'label-message' => 'tog-norollbackdiff', + ); + ## Page Rendering ############################## global $wgAllowUserCssPrefs; if ( $wgAllowUserCssPrefs ) { @@ -686,7 +746,7 @@ class Preferences { 'section' => 'rendering/advancedrendering', 'options' => $stubThresholdOptions, 'size' => 20, - 'label' => $context->msg( 'stub-threshold' )->text(), // Raw HTML message. Yay? + 'label-raw' => $context->msg( 'stub-threshold' )->text(), // Raw HTML message. Yay? ); if ( $wgAllowUserCssPrefs ) { @@ -706,11 +766,6 @@ class Preferences { 'section' => 'rendering/advancedrendering', 'label-message' => 'tog-showhiddencats' ); - $defaultPreferences['showjumplinks'] = array( - 'type' => 'toggle', - 'section' => 'rendering/advancedrendering', - 'label-message' => 'tog-showjumplinks', - ); if ( $wgAllowUserCssPrefs ) { $defaultPreferences['justify'] = array( @@ -733,28 +788,31 @@ class Preferences { * @param $defaultPreferences Array */ static function editingPreferences( $user, IContextSource $context, &$defaultPreferences ) { - global $wgUseExternalEditor, $wgAllowUserCssPrefs; + global $wgAllowUserCssPrefs; ## Editing ##################################### - $defaultPreferences['cols'] = array( - 'type' => 'int', - 'label-message' => 'columns', - 'section' => 'editing/textboxsize', - 'min' => 4, - 'max' => 1000, + if ( $wgAllowUserCssPrefs ) { + $defaultPreferences['editsection'] = array( + 'type' => 'toggle', + 'section' => 'editing/advancedediting', + 'label-message' => 'tog-editsection', + ); + } + $defaultPreferences['editsectiononrightclick'] = array( + 'type' => 'toggle', + 'section' => 'editing/advancedediting', + 'label-message' => 'tog-editsectiononrightclick', ); - $defaultPreferences['rows'] = array( - 'type' => 'int', - 'label-message' => 'rows', - 'section' => 'editing/textboxsize', - 'min' => 4, - 'max' => 1000, + $defaultPreferences['editondblclick'] = array( + 'type' => 'toggle', + 'section' => 'editing/advancedediting', + 'label-message' => 'tog-editondblclick', ); if ( $wgAllowUserCssPrefs ) { $defaultPreferences['editfont'] = array( 'type' => 'select', - 'section' => 'editing/advancedediting', + 'section' => 'editing/editor', 'label-message' => 'editfont-style', 'options' => array( $context->msg( 'editfont-default' )->text() => 'default', @@ -764,72 +822,59 @@ class Preferences { ) ); } - $defaultPreferences['previewontop'] = array( - 'type' => 'toggle', - 'section' => 'editing/advancedediting', - 'label-message' => 'tog-previewontop', + $defaultPreferences['cols'] = array( + 'type' => 'int', + 'label-message' => 'columns', + 'section' => 'editing/editor', + 'min' => 4, + 'max' => 1000, ); - $defaultPreferences['previewonfirst'] = array( - 'type' => 'toggle', - 'section' => 'editing/advancedediting', - 'label-message' => 'tog-previewonfirst', + $defaultPreferences['rows'] = array( + 'type' => 'int', + 'label-message' => 'rows', + 'section' => 'editing/editor', + 'min' => 4, + 'max' => 1000, ); - - if ( $wgAllowUserCssPrefs ) { - $defaultPreferences['editsection'] = array( + if ( $user->isAllowed( 'minoredit' ) ) { + $defaultPreferences['minordefault'] = array( 'type' => 'toggle', - 'section' => 'editing/advancedediting', - 'label-message' => 'tog-editsection', + 'section' => 'editing/editor', + 'label-message' => 'tog-minordefault', ); } - $defaultPreferences['editsectiononrightclick'] = array( + $defaultPreferences['forceeditsummary'] = array( 'type' => 'toggle', - 'section' => 'editing/advancedediting', - 'label-message' => 'tog-editsectiononrightclick', + 'section' => 'editing/editor', + 'label-message' => 'tog-forceeditsummary', ); - $defaultPreferences['editondblclick'] = array( + $defaultPreferences['useeditwarning'] = array( 'type' => 'toggle', - 'section' => 'editing/advancedediting', - 'label-message' => 'tog-editondblclick', + 'section' => 'editing/editor', + 'label-message' => 'tog-useeditwarning', ); $defaultPreferences['showtoolbar'] = array( 'type' => 'toggle', - 'section' => 'editing/advancedediting', + 'section' => 'editing/editor', 'label-message' => 'tog-showtoolbar', ); - if ( $user->isAllowed( 'minoredit' ) ) { - $defaultPreferences['minordefault'] = array( - 'type' => 'toggle', - 'section' => 'editing/advancedediting', - 'label-message' => 'tog-minordefault', - ); - } - - if ( $wgUseExternalEditor ) { - $defaultPreferences['externaleditor'] = array( - 'type' => 'toggle', - 'section' => 'editing/advancedediting', - 'label-message' => 'tog-externaleditor', - ); - $defaultPreferences['externaldiff'] = array( - 'type' => 'toggle', - 'section' => 'editing/advancedediting', - 'label-message' => 'tog-externaldiff', - ); - } - - $defaultPreferences['forceeditsummary'] = array( + $defaultPreferences['previewonfirst'] = array( 'type' => 'toggle', - 'section' => 'editing/advancedediting', - 'label-message' => 'tog-forceeditsummary', + 'section' => 'editing/preview', + 'label-message' => 'tog-previewonfirst', + ); + $defaultPreferences['previewontop'] = array( + 'type' => 'toggle', + 'section' => 'editing/preview', + 'label-message' => 'tog-previewontop', ); - $defaultPreferences['uselivepreview'] = array( 'type' => 'toggle', - 'section' => 'editing/advancedediting', + 'section' => 'editing/preview', 'label-message' => 'tog-uselivepreview', ); + } /** @@ -956,19 +1001,6 @@ class Preferences { ); } - if ( $wgEnableAPI ) { - # Some random gibberish as a proposed default - // @todo Fixme: this should use CryptRand but we may not want to read urandom on every view - $hash = sha1( mt_rand() . microtime( true ) ); - - $defaultPreferences['watchlisttoken'] = array( - 'type' => 'text', - 'section' => 'watchlist/advancedwatchlist', - 'label-message' => 'prefs-watchlist-token', - 'help' => $context->msg( 'prefs-help-watchlist-token', $hash )->escaped() - ); - } - $watchTypes = array( 'edit' => 'watchdefault', 'move' => 'watchmoves', @@ -982,6 +1014,8 @@ class Preferences { foreach ( $watchTypes as $action => $pref ) { if ( $user->isAllowed( $action ) ) { + // Messages: + // tog-watchdefault, tog-watchmoves, tog-watchdeletion, tog-watchcreations $defaultPreferences[$pref] = array( 'type' => 'toggle', 'section' => 'watchlist/advancedwatchlist', @@ -989,6 +1023,19 @@ class Preferences { ); } } + + if ( $wgEnableAPI ) { + $defaultPreferences['watchlisttoken'] = array( + 'type' => 'api', + ); + $defaultPreferences['watchlisttoken-info'] = array( + 'type' => 'info', + 'section' => 'watchlist/tokenwatchlist', + 'label-message' => 'prefs-watchlist-token', + 'default' => $user->getTokenFromOption( 'watchlisttoken' ), + 'help-message' => 'prefs-help-watchlist-token2', + ); + } } /** @@ -1030,8 +1077,9 @@ class Preferences { $nsOptions = $wgContLang->getFormattedNamespaces(); $nsOptions[0] = $context->msg( 'blanknamespace' )->text(); foreach ( $nsOptions as $ns => $name ) { - if ( $ns < 0 ) + if ( $ns < 0 ) { unset( $nsOptions[$ns] ); + } } $defaultPreferences['searchnamespaces'] = array( @@ -1044,35 +1092,9 @@ class Preferences { } /** - * @param $user User - * @param $context IContextSource - * @param $defaultPreferences Array + * Dummy, kept for backwards-compatibility. */ static function miscPreferences( $user, IContextSource $context, &$defaultPreferences ) { - global $wgContLang; - - ## Misc ##################################### - $defaultPreferences['diffonly'] = array( - 'type' => 'toggle', - 'section' => 'misc/diffs', - 'label-message' => 'tog-diffonly', - ); - $defaultPreferences['norollbackdiff'] = array( - 'type' => 'toggle', - 'section' => 'misc/diffs', - 'label-message' => 'tog-norollbackdiff', - ); - - // Stuff from Language::getExtraUserToggles() - $toggles = $wgContLang->getExtraUserToggles(); - - foreach ( $toggles as $toggle ) { - $defaultPreferences[$toggle] = array( - 'type' => 'toggle', - 'section' => 'personal/i18n', - 'label-message' => "tog-$toggle", - ); - } } /** @@ -1110,7 +1132,7 @@ class Preferences { } # Create preview link - $mplink = htmlspecialchars( $mptitle->getLocalURL( "useskin=$skinkey" ) ); + $mplink = htmlspecialchars( $mptitle->getLocalURL( array( 'useskin' => $skinkey ) ) ); $linkTools[] = "$previewtext"; # Create links to user CSS/JS pages @@ -1278,15 +1300,17 @@ class Preferences { } /** + * @param $context IContextSource * @return array */ static function getTimezoneOptions( IContextSource $context ) { $opt = array(); - global $wgLocalTZoffset, $wgLocaltimezone; - // Check that $wgLocalTZoffset is the same as $wgLocaltimezone - if ( $wgLocalTZoffset == date( 'Z' ) / 60 ) { - $server_tz_msg = $context->msg( 'timezoneuseserverdefault', $wgLocaltimezone )->text(); + global $wgLocalTZoffset; + $timestamp = MWTimestamp::getLocalInstance(); + // Check that $wgLocalTZoffset is the same as the local time zone offset + if ( $wgLocalTZoffset == $timestamp->format( 'Z' ) / 60 ) { + $server_tz_msg = $context->msg( 'timezoneuseserverdefault', $timestamp->getTimezone()->getName() )->text(); } else { $tzstring = sprintf( '%+03d:%02d', floor( $wgLocalTZoffset / 60 ), abs( $wgLocalTZoffset ) % 60 ); $server_tz_msg = $context->msg( 'timezoneuseserverdefault', $tzstring )->text(); @@ -1368,7 +1392,9 @@ class Preferences { $data[0] = intval( $data[0] ); $data[1] = intval( $data[1] ); $minDiff = abs( $data[0] ) * 60 + $data[1]; - if ( $data[0] < 0 ) $minDiff = - $minDiff; + if ( $data[0] < 0 ) { + $minDiff = - $minDiff; + } } else { $minDiff = intval( $data[0] ) * 60; } @@ -1382,6 +1408,8 @@ class Preferences { } /** + * Handle the form submission if everything validated properly + * * @param $formData * @param $form PreferencesForm * @param $entryPoint string @@ -1393,6 +1421,10 @@ class Preferences { $user = $form->getModifiedUser(); $result = true; + if ( !$user->isAllowedAny( 'editmyprivateinfo', 'editmyoptions' ) ) { + return Status::newFatal( 'mypreferencesprotected' ); + } + // Filter input foreach ( array_keys( $formData ) as $name ) { if ( isset( self::$saveFilters[$name] ) ) { @@ -1401,40 +1433,37 @@ class Preferences { } } - // Stuff that shouldn't be saved as a preference. - $saveBlacklist = array( - 'realname', - 'emailaddress', - ); - // Fortunately, the realname field is MUCH simpler - if ( !in_array( 'realname', $wgHiddenPrefs ) ) { + // (not really "private", but still shouldn't be edited without permission) + if ( !in_array( 'realname', $wgHiddenPrefs ) && $user->isAllowed( 'editmyprivateinfo' ) ) { $realName = $formData['realname']; $user->setRealName( $realName ); } - foreach ( $saveBlacklist as $b ) { - unset( $formData[$b] ); - } + if ( $user->isAllowed( 'editmyoptions' ) ) { + foreach ( self::$saveBlacklist as $b ) { + unset( $formData[$b] ); + } - # If users have saved a value for a preference which has subsequently been disabled - # via $wgHiddenPrefs, we don't want to destroy that setting in case the preference - # is subsequently re-enabled - # TODO: maintenance script to actually delete these - foreach( $wgHiddenPrefs as $pref ) { - # If the user has not set a non-default value here, the default will be returned - # and subsequently discarded - $formData[$pref] = $user->getOption( $pref, null, true ); - } + # If users have saved a value for a preference which has subsequently been disabled + # via $wgHiddenPrefs, we don't want to destroy that setting in case the preference + # is subsequently re-enabled + # TODO: maintenance script to actually delete these + foreach ( $wgHiddenPrefs as $pref ) { + # If the user has not set a non-default value here, the default will be returned + # and subsequently discarded + $formData[$pref] = $user->getOption( $pref, null, true ); + } - // Keep old preferences from interfering due to back-compat code, etc. - $user->resetOptions( 'unused', $form->getContext() ); + // Keep old preferences from interfering due to back-compat code, etc. + $user->resetOptions( 'unused', $form->getContext() ); - foreach ( $formData as $key => $value ) { - $user->setOption( $key, $value ); - } + foreach ( $formData as $key => $value ) { + $user->setOption( $key, $value ); + } - $user->saveSettings(); + $user->saveSettings(); + } $wgAuth->updateExternalDB( $user ); @@ -1469,7 +1498,8 @@ class Preferences { /** * Try to set a user's email address. * This does *not* try to validate the address. - * Caller is responsible for checking $wgAuth. + * Caller is responsible for checking $wgAuth and 'editmyprivateinfo' + * right. * * @deprecated in 1.20; use User::setEmailWithConfirmation() instead. * @param $user User @@ -1488,7 +1518,7 @@ class Preferences { } /** - * @deprecated in 1.19; will be removed in 1.20. + * @deprecated in 1.19 * @param $user User * @return array */ @@ -1558,52 +1588,37 @@ class PreferencesForm extends HTMLForm { * @return String */ function getButtons() { + if ( !$this->getModifiedUser()->isAllowedAny( 'editmyprivateinfo', 'editmyoptions' ) ) { + return ''; + } + $html = parent::getButtons(); - $t = SpecialPage::getTitleFor( 'Preferences', 'reset' ); + if ( $this->getModifiedUser()->isAllowed( 'editmyoptions' ) ) { + $t = SpecialPage::getTitleFor( 'Preferences', 'reset' ); - $html .= "\n" . Linker::link( $t, $this->msg( 'restoreprefs' )->escaped() ); + $html .= "\n" . Linker::link( $t, $this->msg( 'restoreprefs' )->escaped() ); - $html = Xml::tags( 'div', array( 'class' => 'mw-prefs-buttons' ), $html ); + $html = Xml::tags( 'div', array( 'class' => 'mw-prefs-buttons' ), $html ); + } return $html; } /** + * Separate multi-option preferences into multiple preferences, since we + * have to store them separately * @param $data array * @return array */ function filterDataForSubmit( $data ) { - // Support for separating multi-option preferences into multiple preferences - // Due to lack of array support. foreach ( $this->mFlatFields as $fieldname => $field ) { - $info = $field->mParams; - - if ( $field instanceof HTMLMultiSelectField ) { - $options = HTMLFormField::flattenOptions( $info['options'] ); + if ( $field instanceof HTMLNestedFilterable ) { + $info = $field->mParams; $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $fieldname; - - foreach ( $options as $opt ) { - $data["$prefix$opt"] = in_array( $opt, $data[$fieldname] ); + foreach ( $field->filterDataForSubmit( $data[$fieldname] ) as $key => $value ) { + $data["$prefix$key"] = $value; } - - unset( $data[$fieldname] ); - - } elseif ( $field instanceof HTMLCheckMatrix ) { - $columns = HTMLFormField::flattenOptions( $info['columns'] ); - $rows = HTMLFormField::flattenOptions( $info['rows'] ); - $prefix = isset( $info['prefix'] ) ? $info['prefix'] : $fieldname; - foreach ( $columns as $column ) { - foreach ( $rows as $row ) { - // Make sure option hasn't been removed - if ( !isset( $info['remove-options'] ) - || !in_array( "$column-$row", $info['remove-options'] ) ) - { - $data["$prefix-$column-$row"] = in_array( "$column-$row", $data[$fieldname] ); - } - } - } - unset( $data[$fieldname] ); } } -- cgit v1.2.2