|
1
|
|
|
<?php |
|
|
|
|
|
|
2
|
|
|
/** |
|
3
|
|
|
* Reset the user_token for all users on the wiki. Useful if you believe |
|
4
|
|
|
* that your user table was acidentally leaked to an external source. |
|
5
|
|
|
* |
|
6
|
|
|
* This program is free software; you can redistribute it and/or modify |
|
7
|
|
|
* it under the terms of the GNU General Public License as published by |
|
8
|
|
|
* the Free Software Foundation; either version 2 of the License, or |
|
9
|
|
|
* (at your option) any later version. |
|
10
|
|
|
* |
|
11
|
|
|
* This program is distributed in the hope that it will be useful, |
|
12
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
13
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
14
|
|
|
* GNU General Public License for more details. |
|
15
|
|
|
* |
|
16
|
|
|
* You should have received a copy of the GNU General Public License along |
|
17
|
|
|
* with this program; if not, write to the Free Software Foundation, Inc., |
|
18
|
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
|
19
|
|
|
* http://www.gnu.org/copyleft/gpl.html |
|
20
|
|
|
* |
|
21
|
|
|
* @file |
|
22
|
|
|
* @ingroup Maintenance |
|
23
|
|
|
* @author Daniel Friesen <[email protected]> |
|
24
|
|
|
* @author Chris Steipp <[email protected]> |
|
25
|
|
|
*/ |
|
26
|
|
|
|
|
27
|
|
|
require_once __DIR__ . '/Maintenance.php'; |
|
28
|
|
|
|
|
29
|
|
|
/** |
|
30
|
|
|
* Maintenance script to reset the user_token for all users on the wiki. |
|
31
|
|
|
* |
|
32
|
|
|
* @ingroup Maintenance |
|
33
|
|
|
* @deprecated since 1.27, use $wgAuthenticationTokenVersion instead. |
|
34
|
|
|
*/ |
|
35
|
|
|
class ResetUserTokens extends Maintenance { |
|
36
|
|
View Code Duplication |
public function __construct() { |
|
37
|
|
|
parent::__construct(); |
|
38
|
|
|
$this->addDescription( |
|
39
|
|
|
"Reset the user_token of all users on the wiki. Note that this may log some of them out.\n" |
|
40
|
|
|
. "Deprecated, use \$wgAuthenticationTokenVersion instead." |
|
41
|
|
|
); |
|
42
|
|
|
$this->addOption( 'nowarn', "Hides the 5 seconds warning", false, false ); |
|
43
|
|
|
$this->addOption( |
|
44
|
|
|
'nulls', |
|
45
|
|
|
'Only reset tokens that are currently null (string of \x00\'s)', |
|
46
|
|
|
false, |
|
47
|
|
|
false |
|
48
|
|
|
); |
|
49
|
|
|
$this->setBatchSize( 1000 ); |
|
50
|
|
|
} |
|
51
|
|
|
|
|
52
|
|
|
public function execute() { |
|
53
|
|
|
$this->nullsOnly = $this->getOption( 'nulls' ); |
|
54
|
|
|
|
|
55
|
|
|
if ( !$this->getOption( 'nowarn' ) ) { |
|
56
|
|
|
if ( $this->nullsOnly ) { |
|
57
|
|
|
$this->output( "The script is about to reset the user_token " |
|
58
|
|
|
. "for USERS WITH NULL TOKENS in the database.\n" ); |
|
59
|
|
|
} else { |
|
60
|
|
|
$this->output( "The script is about to reset the user_token for ALL USERS in the database.\n" ); |
|
61
|
|
|
$this->output( "This may log some of them out and is not necessary unless you believe your\n" ); |
|
62
|
|
|
$this->output( "user table has been compromised.\n" ); |
|
63
|
|
|
} |
|
64
|
|
|
$this->output( "\n" ); |
|
65
|
|
|
$this->output( "Abort with control-c in the next five seconds " |
|
66
|
|
|
. "(skip this countdown with --nowarn) ... " ); |
|
67
|
|
|
wfCountDown( 5 ); |
|
68
|
|
|
} |
|
69
|
|
|
|
|
70
|
|
|
// We list user by user_id from one of the replica DBs |
|
71
|
|
|
// We list user by user_id from one of the slave database |
|
72
|
|
|
$dbr = $this->getDB( DB_REPLICA ); |
|
73
|
|
|
|
|
74
|
|
|
$where = []; |
|
75
|
|
|
if ( $this->nullsOnly ) { |
|
76
|
|
|
// Have to build this by hand, because \ is escaped in helper functions |
|
77
|
|
|
$where = [ 'user_token = \'' . str_repeat( '\0', 32 ) . '\'' ]; |
|
78
|
|
|
} |
|
79
|
|
|
|
|
80
|
|
|
$maxid = $dbr->selectField( 'user', 'MAX(user_id)', [], __METHOD__ ); |
|
81
|
|
|
|
|
82
|
|
|
$min = 0; |
|
83
|
|
|
$max = $this->mBatchSize; |
|
84
|
|
|
|
|
85
|
|
|
do { |
|
86
|
|
|
$result = $dbr->select( 'user', |
|
87
|
|
|
[ 'user_id' ], |
|
88
|
|
|
array_merge( |
|
89
|
|
|
$where, |
|
90
|
|
|
[ 'user_id > ' . $dbr->addQuotes( $min ), |
|
91
|
|
|
'user_id <= ' . $dbr->addQuotes( $max ) |
|
92
|
|
|
] |
|
93
|
|
|
), |
|
94
|
|
|
__METHOD__ |
|
95
|
|
|
); |
|
96
|
|
|
|
|
97
|
|
|
foreach ( $result as $user ) { |
|
98
|
|
|
$this->updateUser( $user->user_id ); |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
$min = $max; |
|
102
|
|
|
$max = $min + $this->mBatchSize; |
|
103
|
|
|
|
|
104
|
|
|
wfWaitForSlaves(); |
|
105
|
|
|
} while ( $min <= $maxid ); |
|
106
|
|
|
} |
|
107
|
|
|
|
|
108
|
|
|
private function updateUser( $userid ) { |
|
109
|
|
|
$user = User::newFromId( $userid ); |
|
110
|
|
|
$username = $user->getName(); |
|
111
|
|
|
$this->output( 'Resetting user_token for "' . $username . '": ' ); |
|
112
|
|
|
// Change value |
|
113
|
|
|
$user->setToken(); |
|
114
|
|
|
$user->saveSettings(); |
|
115
|
|
|
$this->output( " OK\n" ); |
|
116
|
|
|
} |
|
117
|
|
|
} |
|
118
|
|
|
|
|
119
|
|
|
$maintClass = "ResetUserTokens"; |
|
120
|
|
|
require_once RUN_MAINTENANCE_IF_MAIN; |
|
121
|
|
|
|
wikimedia /
mediawiki
Daniel Friesen
Chris Steipp
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.