These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
0 ignored issues
–
show
|
|||
2 | /** |
||
3 | * Maintenance script to wrap all old-style passwords in a layered type |
||
4 | * |
||
5 | * This program is free software; you can redistribute it and/or modify |
||
6 | * it under the terms of the GNU General Public License as published by |
||
7 | * the Free Software Foundation; either version 2 of the License, or |
||
8 | * (at your option) any later version. |
||
9 | * |
||
10 | * This program is distributed in the hope that it will be useful, |
||
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
13 | * GNU General Public License for more details. |
||
14 | * |
||
15 | * You should have received a copy of the GNU General Public License along |
||
16 | * with this program; if not, write to the Free Software Foundation, Inc., |
||
17 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||
18 | * http://www.gnu.org/copyleft/gpl.html |
||
19 | * |
||
20 | * @file |
||
21 | * @ingroup Maintenance |
||
22 | */ |
||
23 | require_once __DIR__ . '/Maintenance.php'; |
||
24 | |||
25 | /** |
||
26 | * Maintenance script to wrap all passwords of a certain type in a specified layered |
||
27 | * type that wraps around the old type. |
||
28 | * |
||
29 | * @since 1.24 |
||
30 | * @ingroup Maintenance |
||
31 | */ |
||
32 | class WrapOldPasswords extends Maintenance { |
||
33 | View Code Duplication | public function __construct() { |
|
34 | parent::__construct(); |
||
35 | $this->addDescription( 'Wrap all passwords of a certain type in a new layered type' ); |
||
36 | $this->addOption( 'type', |
||
37 | 'Password type to wrap passwords in (must inherit LayeredParameterizedPassword)', true, true ); |
||
38 | $this->addOption( 'verbose', 'Enables verbose output', false, false, 'v' ); |
||
39 | $this->setBatchSize( 100 ); |
||
40 | } |
||
41 | |||
42 | public function execute() { |
||
43 | global $wgAuth; |
||
44 | |||
45 | if ( !$wgAuth->allowSetLocalPassword() ) { |
||
46 | $this->error( '$wgAuth does not allow local passwords. Aborting.', true ); |
||
47 | } |
||
48 | |||
49 | $passwordFactory = new PasswordFactory(); |
||
50 | $passwordFactory->init( RequestContext::getMain()->getConfig() ); |
||
51 | |||
52 | $typeInfo = $passwordFactory->getTypes(); |
||
53 | $layeredType = $this->getOption( 'type' ); |
||
54 | |||
55 | // Check that type exists and is a layered type |
||
56 | if ( !isset( $typeInfo[$layeredType] ) ) { |
||
57 | $this->error( 'Undefined password type', true ); |
||
58 | } |
||
59 | |||
60 | $passObj = $passwordFactory->newFromType( $layeredType ); |
||
61 | if ( !$passObj instanceof LayeredParameterizedPassword ) { |
||
62 | $this->error( 'Layered parameterized password type must be used.', true ); |
||
63 | } |
||
64 | |||
65 | // Extract the first layer type |
||
66 | $typeConfig = $typeInfo[$layeredType]; |
||
67 | $firstType = $typeConfig['types'][0]; |
||
68 | |||
69 | // Get a list of password types that are applicable |
||
70 | $dbw = $this->getDB( DB_MASTER ); |
||
71 | $typeCond = 'user_password' . $dbw->buildLike( ":$firstType:", $dbw->anyString() ); |
||
72 | |||
73 | $minUserId = 0; |
||
74 | do { |
||
75 | $this->beginTransaction( $dbw, __METHOD__ ); |
||
76 | |||
77 | $res = $dbw->select( 'user', |
||
78 | [ 'user_id', 'user_name', 'user_password' ], |
||
79 | [ |
||
80 | 'user_id > ' . $dbw->addQuotes( $minUserId ), |
||
81 | $typeCond |
||
82 | ], |
||
83 | __METHOD__, |
||
84 | [ |
||
85 | 'ORDER BY' => 'user_id', |
||
86 | 'LIMIT' => $this->mBatchSize, |
||
87 | 'LOCK IN SHARE MODE', |
||
88 | ] |
||
89 | ); |
||
90 | |||
91 | /** @var User[] $updateUsers */ |
||
92 | $updateUsers = []; |
||
93 | foreach ( $res as $row ) { |
||
94 | if ( $this->hasOption( 'verbose' ) ) { |
||
95 | $this->output( "Updating password for user {$row->user_name} ({$row->user_id}).\n" ); |
||
96 | } |
||
97 | |||
98 | $user = User::newFromId( $row->user_id ); |
||
99 | /** @var ParameterizedPassword $password */ |
||
100 | $password = $passwordFactory->newFromCiphertext( $row->user_password ); |
||
101 | /** @var LayeredParameterizedPassword $layeredPassword */ |
||
102 | $layeredPassword = $passwordFactory->newFromType( $layeredType ); |
||
103 | $layeredPassword->partialCrypt( $password ); |
||
104 | |||
105 | $updateUsers[] = $user; |
||
106 | $dbw->update( 'user', |
||
107 | [ 'user_password' => $layeredPassword->toString() ], |
||
108 | [ 'user_id' => $row->user_id ], |
||
109 | __METHOD__ |
||
110 | ); |
||
111 | |||
112 | $minUserId = $row->user_id; |
||
113 | } |
||
114 | |||
115 | $this->commitTransaction( $dbw, __METHOD__ ); |
||
116 | |||
117 | // Clear memcached so old passwords are wiped out |
||
118 | foreach ( $updateUsers as $user ) { |
||
119 | $user->clearSharedCache(); |
||
120 | } |
||
121 | } while ( $res->numRows() ); |
||
122 | } |
||
123 | } |
||
124 | |||
125 | $maintClass = "WrapOldPasswords"; |
||
126 | require_once RUN_MAINTENANCE_IF_MAIN; |
||
127 |
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.