https://www.mediawiki.org/wiki/Special:Code/MediaWiki/115046
Revision: 115046
Author: aaron
Date: 2012-04-25 11:17:38 +0000 (Wed, 25 Apr 2012)
Log Message:
-----------
Track user-agent and XFF in addition to IPs
Modified Paths:
--------------
trunk/extensions/ConfirmAccount/backend/UserAccountRequest.php
trunk/extensions/ConfirmAccount/backend/schema/ConfirmAccountUpdater.hooks.php
trunk/extensions/ConfirmAccount/backend/schema/mysql/ConfirmAccount.sql
trunk/extensions/ConfirmAccount/backend/schema/postgres/ConfirmAccount.pg.sql
trunk/extensions/ConfirmAccount/business/AccountConfirmSubmission.php
trunk/extensions/ConfirmAccount/business/AccountRequestSubmission.php
trunk/extensions/ConfirmAccount/frontend/language/ConfirmAccountPage.i18n.php
trunk/extensions/ConfirmAccount/frontend/language/UserCredentialsPage.i18n.php
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/ConfirmAccount_body.php
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/UserCredentials_body.php
Added Paths:
-----------
trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql
trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql
Modified: trunk/extensions/ConfirmAccount/backend/UserAccountRequest.php
===================================================================
--- trunk/extensions/ConfirmAccount/backend/UserAccountRequest.php
2012-04-25 10:45:17 UTC (rev 115045)
+++ trunk/extensions/ConfirmAccount/backend/UserAccountRequest.php
2012-04-25 11:17:38 UTC (rev 115046)
@@ -15,6 +15,8 @@
protected $fileName;
protected $fileStorageKey;
protected $ip;
+ protected $xff;
+ protected $agent;
protected $emailToken;
protected $emailTokenExpires;
/* Fields set if user later confirms email */
@@ -50,6 +52,8 @@
: null;
$req->fileStorageKey = $row->acr_storage_key;
$req->ip = $row->acr_ip;
+ $req->xff = $row->acr_xff;
+ $req->agent = $row->acr_agent;
$req->emailToken = $row->acr_email_token; // MD5 of token
$req->emailTokenExpires = wfTimestampOrNull( TS_MW,
$row->acr_email_token_expires );
$req->emailAuthTimestamp = wfTimestampOrNull( TS_MW,
$row->acr_email_authenticated );
@@ -88,6 +92,8 @@
: null;
$req->fileStorageKey = $fields['storage_key'];
$req->ip = $fields['ip'];
+ $req->xff = $fields['xff'];
+ $req->agent = $fields['agent'];
$req->emailToken = $fields['email_token']; // MD5 of token
$req->emailTokenExpires = wfTimestampOrNull( TS_MW,
$fields['email_token_expires'] );
// These fields are typically left to default on insertion...
@@ -245,6 +251,20 @@
/**
* @return string
*/
+ public function getXFF() {
+ return $this->xff;
+ }
+
+ /**
+ * @return string
+ */
+ public function getAgent() {
+ return $this->agent;
+ }
+
+ /**
+ * @return string
+ */
public function getEmailToken() {
return $this->emailToken;
}
@@ -327,7 +347,9 @@
? $this->fileStorageKey
: null,
'acr_comment' => strval(
$this->comment ),
- 'acr_ip' => strval(
$this->ip ), // possible use for spam blocking
+ 'acr_ip' => strval(
$this->ip ), // for spam blocking
+ 'acr_xff' => strval(
$this->xff ), // for spam blocking
+ 'acr_agent' => strval( $this->agent
), // for spam blocking
'acr_deleted' => (int)$this->deleted,
'acr_email_token' => strval(
$this->emailToken ), // MD5 of token
'acr_email_token_expires' => $dbw->timestamp(
$this->emailTokenExpires ),
Modified:
trunk/extensions/ConfirmAccount/backend/schema/ConfirmAccountUpdater.hooks.php
===================================================================
---
trunk/extensions/ConfirmAccount/backend/schema/ConfirmAccountUpdater.hooks.php
2012-04-25 10:45:17 UTC (rev 115045)
+++
trunk/extensions/ConfirmAccount/backend/schema/ConfirmAccountUpdater.hooks.php
2012-04-25 11:17:38 UTC (rev 115046)
@@ -18,6 +18,7 @@
$updater->addExtensionTable( 'account_credentials',
"$base/patch-account_credentials.sql" );
$updater->addExtensionField( 'account_requests',
'acr_areas', "$base/patch-acr_areas.sql" );
$updater->addExtensionIndex( 'account_requests',
'acr_email', "$base/patch-email-index.sql" );
+ $updater->addExtensionField( 'account_requests',
'acr_agent', "$base/patch-acr_agent.sql" );
} elseif ( $updater->getDB()->getType() == 'postgres' ) {
$base = "$base/postgres";
@@ -31,6 +32,7 @@
$updater->addExtensionUpdate( array( 'addPgField',
'account_requests', 'acr_areas', "TEXT" ) );
$updater->addExtensionUpdate( array( 'addPgField',
'account_credentials', 'acd_areas', "TEXT" ) );
$updater->addExtensionUpdate( array( 'addIndex',
'account_requests', 'acr_email', "$base/patch-email-index.sql", true ) );
+ $updater->addExtensionUpdate( array( 'addPgField',
'account_requests', 'acr_agent', "$base/patch-acr_agent.sql", true ) );
}
return true;
}
Modified:
trunk/extensions/ConfirmAccount/backend/schema/mysql/ConfirmAccount.sql
===================================================================
--- trunk/extensions/ConfirmAccount/backend/schema/mysql/ConfirmAccount.sql
2012-04-25 10:45:17 UTC (rev 115045)
+++ trunk/extensions/ConfirmAccount/backend/schema/mysql/ConfirmAccount.sql
2012-04-25 11:17:38 UTC (rev 115046)
@@ -35,6 +35,9 @@
acr_urls mediumblob NOT NULL,
-- IP address
acr_ip VARCHAR(255) NULL default '',
+ acr_xff VARCHAR(255) NULL default '',
+ -- User-Agent header
+ acr_agent VARCHAR(255) NULL default '',
-- Name of attached file (.pdf,.doc,.txt etc...)
acr_filename VARCHAR(255) NULL,
acr_storage_key VARCHAR(64) NULL,
@@ -87,6 +90,9 @@
acd_urls mediumblob NOT NULL,
-- IP address
acd_ip VARCHAR(255) NULL default '',
+ acd_xff VARCHAR(255) NULL default '',
+ -- User-Agent header
+ acd_agent VARCHAR(255) NULL default '',
-- Name of attached file (.pdf,.doc,.txt etc...)
acd_filename VARCHAR(255) NULL,
acd_storage_key VARCHAR(64) NULL,
Added: trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql
===================================================================
--- trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql
(rev 0)
+++ trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql
2012-04-25 11:17:38 UTC (rev 115046)
@@ -0,0 +1,9 @@
+-- (c) Aaron Schulz, 2007
+
+ALTER TABLE /*$wgDBprefix*/account_requests
+ ADD acr_xff VARCHAR(255) NULL default '',
+ ADD acr_agent VARCHAR(255) NULL default '';
+
+ALTER TABLE /*$wgDBprefix*/account_credentials
+ ADD acd_xff VARCHAR(255) NULL default '',
+ ADD acd_agent VARCHAR(255) NULL default '';
Property changes on:
trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql
___________________________________________________________________
Added: svn:eol-style
+ native
Modified:
trunk/extensions/ConfirmAccount/backend/schema/postgres/ConfirmAccount.pg.sql
===================================================================
---
trunk/extensions/ConfirmAccount/backend/schema/postgres/ConfirmAccount.pg.sql
2012-04-25 10:45:17 UTC (rev 115045)
+++
trunk/extensions/ConfirmAccount/backend/schema/postgres/ConfirmAccount.pg.sql
2012-04-25 11:17:38 UTC (rev 115046)
@@ -18,6 +18,8 @@
acr_notes TEXT,
acr_urls TEXT,
acr_ip CIDR,
+ acr_xff TEXT,
+ acr_agent TEXT,
acr_filename TEXT,
acr_storage_key TEXT,
acr_type INTEGER NOT NULL DEFAULT 0,
@@ -45,6 +47,8 @@
acd_notes TEXT,
acd_urls TEXT,
acd_ip CIDR,
+ acd_xff TEXT,
+ acd_agent TEXT,
acd_filename TEXT,
acd_storage_key TEXT,
acd_areas TEXT,
Added:
trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql
===================================================================
--- trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql
(rev 0)
+++ trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql
2012-04-25 11:17:38 UTC (rev 115046)
@@ -0,0 +1,11 @@
+BEGIN;
+
+ALTER TABLE account_requests
+ ADD acr_xff TEXT,
+ ADD acr_agent TEXT;
+
+ALTER TABLE account_credentials
+ ADD acd_xff TEXT,
+ ADD acd_agent TEXT;
+
+COMMIT;
Property changes on:
trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql
___________________________________________________________________
Added: svn:eol-style
+ native
Modified: trunk/extensions/ConfirmAccount/business/AccountConfirmSubmission.php
===================================================================
--- trunk/extensions/ConfirmAccount/business/AccountConfirmSubmission.php
2012-04-25 10:45:17 UTC (rev 115045)
+++ trunk/extensions/ConfirmAccount/business/AccountConfirmSubmission.php
2012-04-25 11:17:38 UTC (rev 115046)
@@ -220,6 +220,8 @@
'acd_notes' =>
$accReq->getNotes(),
'acd_urls' =>
$accReq->getUrls(),
'acd_ip' =>
$accReq->getIP(),
+ 'acd_xff' =>
$accReq->getXFF(),
+ 'acd_agent' =>
$accReq->getAgent(),
'acd_filename' =>
$accReq->getFileName(),
'acd_storage_key' =>
$accReq->getFileStorageKey(),
'acd_areas' =>
$accReq->getAreas( 'flat' ),
Modified: trunk/extensions/ConfirmAccount/business/AccountRequestSubmission.php
===================================================================
--- trunk/extensions/ConfirmAccount/business/AccountRequestSubmission.php
2012-04-25 10:45:17 UTC (rev 115045)
+++ trunk/extensions/ConfirmAccount/business/AccountRequestSubmission.php
2012-04-25 11:17:38 UTC (rev 115046)
@@ -16,6 +16,8 @@
protected $areas;
protected $registration;
protected $ip;
+ protected $xff;
+ protected $agent;
/* File attachment fields */
protected $attachmentSrcName; // user given attachment base name
protected $attachmentPrevName; // user given attachment base name last
attempt
@@ -35,6 +37,8 @@
$this->type = $params['type'];
$this->areas = $params['areas'];
$this->ip = $params['ip'];
+ $this->xff = $params['xff'];
+ $this->agent = $params['agent'];
$this->registration = wfTimestamp( TS_MW,
$params['registration'] );
$this->attachmentPrevName = $params['attachmentPrevName'];
$this->attachmentSrcName = $params['attachmentSrcName'];
@@ -206,6 +210,8 @@
'email_token' => md5( $token ),
'email_token_expires' => $expires,
'ip' => $this->ip,
+ 'xff' => $this->xff,
+ 'agent' => $this->agent
) );
$req->insertOn();
# Send confirmation, required!
Modified:
trunk/extensions/ConfirmAccount/frontend/language/ConfirmAccountPage.i18n.php
===================================================================
---
trunk/extensions/ConfirmAccount/frontend/language/ConfirmAccountPage.i18n.php
2012-04-25 10:45:17 UTC (rev 115045)
+++
trunk/extensions/ConfirmAccount/frontend/language/ConfirmAccountPage.i18n.php
2012-04-25 11:17:38 UTC (rev 115046)
@@ -62,7 +62,7 @@
'confirmaccount-leg-areas' => 'Main areas of interest',
'confirmaccount-leg-person' => 'Personal information',
'confirmaccount-leg-other' => 'Other information',
- 'confirmaccount-leg-ip' => 'IP data',
+ 'confirmaccount-leg-ip' => 'IP address data',
'confirmaccount-name' => 'Username',
'confirmaccount-real' => 'Name:',
'confirmaccount-email' => 'E-mail:',
@@ -87,6 +87,8 @@
'confirmaccount-spam' => 'Spam (do not send e-mail)',
'confirmaccount-reason' => 'Comment (will be included in e-mail):',
'confirmaccount-ip' => 'IP address:',
+ 'confirmaccount-xff' => 'X-Forwarded-For:',
+ 'confirmaccount-agent' => 'User-Agent:',
'confirmaccount-legend' => 'Confirm/reject this account',
'confirmaccount-submit' => 'Confirm',
'confirmaccount-needreason' => 'You must provide a reason in the
comment box below.',
Modified:
trunk/extensions/ConfirmAccount/frontend/language/UserCredentialsPage.i18n.php
===================================================================
---
trunk/extensions/ConfirmAccount/frontend/language/UserCredentialsPage.i18n.php
2012-04-25 10:45:17 UTC (rev 115045)
+++
trunk/extensions/ConfirmAccount/frontend/language/UserCredentialsPage.i18n.php
2012-04-25 11:17:38 UTC (rev 115046)
@@ -17,7 +17,7 @@
'usercredentials-leg-areas' => 'Main areas of interest',
'usercredentials-leg-person' => 'Personal information',
'usercredentials-leg-other' => 'Other information',
- 'usercredentials-leg-ip' => 'IP data',
+ 'usercredentials-leg-ip' => 'IP address data',
'usercredentials-email' => 'E-mail:',
'usercredentials-real' => 'Real name:',
'usercredentials-bio' => 'Biography:',
@@ -25,6 +25,8 @@
'usercredentials-notes' => 'Additional notes:',
'usercredentials-urls' => 'List of websites:',
'usercredentials-ip' => 'Original IP address:',
+ 'usercredentials-xff' => 'Original X-Forwarded-For:',
+ 'usercredentials-agent' => 'Original User-Agent:',
'usercredentials-member' => 'Rights:',
'usercredentials-badid' => 'No credentials found for this user.
Check that the name is spelled correctly.',
Modified:
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/ConfirmAccount_body.php
===================================================================
---
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/ConfirmAccount_body.php
2012-04-25 10:45:17 UTC (rev 115045)
+++
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/ConfirmAccount_body.php
2012-04-25 11:17:38 UTC (rev 115046)
@@ -373,9 +373,17 @@
$form .= '<legend>' .
wfMsgHtml('confirmaccount-leg-ip') . '</legend>';
$blokip = SpecialPage::getTitleFor( 'Block' );
$form .= "<p>".wfMsgHtml('confirmaccount-ip') .
- " " . htmlspecialchars( $accountReq->getIP() ).
+ " " . htmlspecialchars( $accountReq->getIP() ) .
" (" . Linker::makeKnownLinkObj( $blokip,
wfMsgHtml('blockip'),
'ip=' . $accountReq->getIP() .
'&wpCreateAccount=1' ).")</p>\n";
+ if ( $accountReq->getXFF() ) {
+ $form .= "<p>".wfMsgHtml('confirmaccount-xff') .
+ " " . htmlspecialchars( $accountReq->getXFF() )
. "</p>\n";
+ }
+ if ( $accountReq->getAgent() ) {
+ $form .=
"<p>".wfMsgHtml('confirmaccount-agent') .
+ " " . htmlspecialchars( $accountReq->getAgent()
) . "</p>\n";
+ }
$form .= '</fieldset>';
}
Modified:
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php
===================================================================
---
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php
2012-04-25 10:45:17 UTC (rev 115045)
+++
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php
2012-04-25 11:17:38 UTC (rev 115046)
@@ -300,6 +300,8 @@
'areas' => $areaSet,
'registration' => wfTimestampNow(),
'ip' =>
$this->getRequest()->getIP(),
+ 'xff' =>
$this->getRequest()->getHeader( 'X-Forwarded-For' ),
+ 'agent' =>
$this->getRequest()->getHeader( 'User-Agent' ),
'attachmentPrevName' =>
$this->mPrevAttachment,
'attachmentSrcName' => $this->mSrcName,
'attachmentDidNotForget' =>
$this->mForgotAttachment, // confusing name :)
Modified:
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/UserCredentials_body.php
===================================================================
---
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/UserCredentials_body.php
2012-04-25 10:45:17 UTC (rev 115045)
+++
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/UserCredentials_body.php
2012-04-25 11:17:38 UTC (rev 115046)
@@ -164,7 +164,16 @@
if ( $reqUser->isAllowed( 'requestips' ) ) {
$form .= '<fieldset>';
$form .= '<legend>' .
wfMsgHtml('usercredentials-leg-ip') . '</legend>';
- $form .= "<p>" . wfMsgHtml( 'usercredentials-ip' ) . "
" . htmlspecialchars( $row->acd_ip ) . "</p>\n";
+ $form .= "<p>" . wfMsgHtml( 'usercredentials-ip' ) .
+ " " . htmlspecialchars( $row->acd_ip ) .
"</p>\n";
+ if ( $row->acd_xff ) {
+ $form .= "<p>".wfMsgHtml('usercredentials-xff')
.
+ " " . htmlspecialchars( $row->acd_xff )
. "</p>\n";
+ }
+ if ( $row->acd_agent ) {
+ $form .=
"<p>".wfMsgHtml('usercredentials-agent') .
+ " " . htmlspecialchars( $row->acd_agent
) . "</p>\n";
+ }
$form .= '</fieldset>';
}
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
