[MediaWiki-CVS] SVN: [115046] trunk/extensions/ConfirmAccount

Wed, 25 Apr 2012 04:17:47 -0700 

https://www.mediawiki.org/wiki/Special:Code/MediaWiki/115046

Revision: 115046
Author:   aaron
Date:     2012-04-25 11:17:38 +0000 (Wed, 25 Apr 2012)
Log Message:
-----------
Track user-agent and XFF in addition to IPs

Modified Paths:
--------------
    trunk/extensions/ConfirmAccount/backend/UserAccountRequest.php
    
trunk/extensions/ConfirmAccount/backend/schema/ConfirmAccountUpdater.hooks.php
    trunk/extensions/ConfirmAccount/backend/schema/mysql/ConfirmAccount.sql
    
trunk/extensions/ConfirmAccount/backend/schema/postgres/ConfirmAccount.pg.sql
    trunk/extensions/ConfirmAccount/business/AccountConfirmSubmission.php
    trunk/extensions/ConfirmAccount/business/AccountRequestSubmission.php
    
trunk/extensions/ConfirmAccount/frontend/language/ConfirmAccountPage.i18n.php
    
trunk/extensions/ConfirmAccount/frontend/language/UserCredentialsPage.i18n.php
    
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/ConfirmAccount_body.php
    
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php
    
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/UserCredentials_body.php

Added Paths:
-----------
    trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql
    trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql

Modified: trunk/extensions/ConfirmAccount/backend/UserAccountRequest.php
===================================================================
--- trunk/extensions/ConfirmAccount/backend/UserAccountRequest.php      
2012-04-25 10:45:17 UTC (rev 115045)
+++ trunk/extensions/ConfirmAccount/backend/UserAccountRequest.php      
2012-04-25 11:17:38 UTC (rev 115046)
@@ -15,6 +15,8 @@
        protected $fileName;
        protected $fileStorageKey;
        protected $ip;
+       protected $xff;
+       protected $agent;
        protected $emailToken;
        protected $emailTokenExpires;
        /* Fields set if user later confirms email */
@@ -50,6 +52,8 @@
                        : null;
                $req->fileStorageKey = $row->acr_storage_key;
                $req->ip = $row->acr_ip;
+               $req->xff = $row->acr_xff;
+               $req->agent = $row->acr_agent;
                $req->emailToken = $row->acr_email_token; // MD5 of token
                $req->emailTokenExpires = wfTimestampOrNull( TS_MW, 
$row->acr_email_token_expires );
                $req->emailAuthTimestamp = wfTimestampOrNull( TS_MW, 
$row->acr_email_authenticated );
@@ -88,6 +92,8 @@
                        : null;
                $req->fileStorageKey = $fields['storage_key'];
                $req->ip = $fields['ip'];
+               $req->xff = $fields['xff'];
+               $req->agent = $fields['agent'];
                $req->emailToken = $fields['email_token']; // MD5 of token
                $req->emailTokenExpires = wfTimestampOrNull( TS_MW, 
$fields['email_token_expires'] );
                // These fields are typically left to default on insertion...
@@ -245,6 +251,20 @@
        /**
         * @return string
         */
+       public function getXFF() {
+               return $this->xff;
+       }
+
+       /**
+        * @return string
+        */
+       public function getAgent() {
+               return $this->agent;
+       }
+
+       /**
+        * @return string
+        */
        public function getEmailToken() {
                return $this->emailToken;
        }
@@ -327,7 +347,9 @@
                                        ? $this->fileStorageKey
                                        : null,
                                'acr_comment'           => strval( 
$this->comment ),
-                               'acr_ip'                        => strval( 
$this->ip ), // possible use for spam blocking
+                               'acr_ip'                        => strval( 
$this->ip ), // for spam blocking
+                               'acr_xff'                       => strval( 
$this->xff ), // for spam blocking
+                               'acr_agent'             => strval( $this->agent 
), // for spam blocking
                                'acr_deleted'           => (int)$this->deleted,
                                'acr_email_token'       => strval( 
$this->emailToken ), // MD5 of token
                                'acr_email_token_expires' => $dbw->timestamp( 
$this->emailTokenExpires ),

Modified: 
trunk/extensions/ConfirmAccount/backend/schema/ConfirmAccountUpdater.hooks.php
===================================================================
--- 
trunk/extensions/ConfirmAccount/backend/schema/ConfirmAccountUpdater.hooks.php  
    2012-04-25 10:45:17 UTC (rev 115045)
+++ 
trunk/extensions/ConfirmAccount/backend/schema/ConfirmAccountUpdater.hooks.php  
    2012-04-25 11:17:38 UTC (rev 115046)
@@ -18,6 +18,7 @@
                        $updater->addExtensionTable( 'account_credentials', 
"$base/patch-account_credentials.sql" );
                        $updater->addExtensionField( 'account_requests', 
'acr_areas', "$base/patch-acr_areas.sql" );
                        $updater->addExtensionIndex( 'account_requests', 
'acr_email', "$base/patch-email-index.sql" );
+                       $updater->addExtensionField( 'account_requests', 
'acr_agent', "$base/patch-acr_agent.sql" );
                } elseif ( $updater->getDB()->getType() == 'postgres' ) {
                        $base = "$base/postgres";
 
@@ -31,6 +32,7 @@
                        $updater->addExtensionUpdate( array( 'addPgField', 
'account_requests', 'acr_areas', "TEXT" ) );
                        $updater->addExtensionUpdate( array( 'addPgField', 
'account_credentials', 'acd_areas', "TEXT" ) );
                        $updater->addExtensionUpdate( array( 'addIndex', 
'account_requests', 'acr_email', "$base/patch-email-index.sql", true ) );
+                       $updater->addExtensionUpdate( array( 'addPgField', 
'account_requests', 'acr_agent', "$base/patch-acr_agent.sql", true ) );
                }
                return true;
        }

Modified: 
trunk/extensions/ConfirmAccount/backend/schema/mysql/ConfirmAccount.sql
===================================================================
--- trunk/extensions/ConfirmAccount/backend/schema/mysql/ConfirmAccount.sql     
2012-04-25 10:45:17 UTC (rev 115045)
+++ trunk/extensions/ConfirmAccount/backend/schema/mysql/ConfirmAccount.sql     
2012-04-25 11:17:38 UTC (rev 115046)
@@ -35,6 +35,9 @@
   acr_urls mediumblob NOT NULL,
   -- IP address
   acr_ip VARCHAR(255) NULL default '',
+  acr_xff VARCHAR(255) NULL default '',
+  -- User-Agent header
+  acr_agent VARCHAR(255) NULL default '',
   -- Name of attached file (.pdf,.doc,.txt etc...)
   acr_filename VARCHAR(255) NULL,
   acr_storage_key VARCHAR(64) NULL,
@@ -87,6 +90,9 @@
   acd_urls mediumblob NOT NULL,
   -- IP address
   acd_ip VARCHAR(255) NULL default '',
+  acd_xff VARCHAR(255) NULL default '',
+  -- User-Agent header
+  acd_agent VARCHAR(255) NULL default '',
   -- Name of attached file (.pdf,.doc,.txt etc...)
   acd_filename VARCHAR(255) NULL,
   acd_storage_key VARCHAR(64) NULL,

Added: trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql
===================================================================
--- trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql    
                        (rev 0)
+++ trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql    
2012-04-25 11:17:38 UTC (rev 115046)
@@ -0,0 +1,9 @@
+-- (c) Aaron Schulz, 2007
+
+ALTER TABLE /*$wgDBprefix*/account_requests
+       ADD acr_xff VARCHAR(255) NULL default '',
+       ADD acr_agent VARCHAR(255) NULL default '';
+
+ALTER TABLE /*$wgDBprefix*/account_credentials
+       ADD acd_xff VARCHAR(255) NULL default '',
+       ADD acd_agent VARCHAR(255) NULL default '';


Property changes on: 
trunk/extensions/ConfirmAccount/backend/schema/mysql/patch-acr_agent.sql
___________________________________________________________________
Added: svn:eol-style
   + native

Modified: 
trunk/extensions/ConfirmAccount/backend/schema/postgres/ConfirmAccount.pg.sql
===================================================================
--- 
trunk/extensions/ConfirmAccount/backend/schema/postgres/ConfirmAccount.pg.sql   
    2012-04-25 10:45:17 UTC (rev 115045)
+++ 
trunk/extensions/ConfirmAccount/backend/schema/postgres/ConfirmAccount.pg.sql   
    2012-04-25 11:17:38 UTC (rev 115046)
@@ -18,6 +18,8 @@
   acr_notes                TEXT,
   acr_urls                 TEXT,
   acr_ip                   CIDR,
+  acr_xff               TEXT,
+  acr_agent                TEXT,
   acr_filename             TEXT,
   acr_storage_key          TEXT,
   acr_type                 INTEGER NOT NULL DEFAULT 0,
@@ -45,6 +47,8 @@
   acd_notes                TEXT,
   acd_urls                 TEXT,
   acd_ip                   CIDR,
+  acd_xff               TEXT,
+  acd_agent                TEXT,
   acd_filename             TEXT,
   acd_storage_key          TEXT,
   acd_areas                TEXT,

Added: 
trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql
===================================================================
--- trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql 
                        (rev 0)
+++ trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql 
2012-04-25 11:17:38 UTC (rev 115046)
@@ -0,0 +1,11 @@
+BEGIN;
+
+ALTER TABLE account_requests
+       ADD acr_xff TEXT,
+       ADD acr_agent TEXT;
+
+ALTER TABLE account_credentials
+       ADD acd_xff TEXT,
+       ADD acd_agent TEXT;
+
+COMMIT;


Property changes on: 
trunk/extensions/ConfirmAccount/backend/schema/postgres/patch-acr_agent.sql
___________________________________________________________________
Added: svn:eol-style
   + native

Modified: trunk/extensions/ConfirmAccount/business/AccountConfirmSubmission.php
===================================================================
--- trunk/extensions/ConfirmAccount/business/AccountConfirmSubmission.php       
2012-04-25 10:45:17 UTC (rev 115045)
+++ trunk/extensions/ConfirmAccount/business/AccountConfirmSubmission.php       
2012-04-25 11:17:38 UTC (rev 115046)
@@ -220,6 +220,8 @@
                                        'acd_notes'               => 
$accReq->getNotes(),
                                        'acd_urls'                => 
$accReq->getUrls(),
                                        'acd_ip'                  => 
$accReq->getIP(),
+                                       'acd_xff'                 => 
$accReq->getXFF(),
+                                       'acd_agent'               => 
$accReq->getAgent(),
                                        'acd_filename'            => 
$accReq->getFileName(),
                                        'acd_storage_key'         => 
$accReq->getFileStorageKey(),
                                        'acd_areas'               => 
$accReq->getAreas( 'flat' ),

Modified: trunk/extensions/ConfirmAccount/business/AccountRequestSubmission.php
===================================================================
--- trunk/extensions/ConfirmAccount/business/AccountRequestSubmission.php       
2012-04-25 10:45:17 UTC (rev 115045)
+++ trunk/extensions/ConfirmAccount/business/AccountRequestSubmission.php       
2012-04-25 11:17:38 UTC (rev 115046)
@@ -16,6 +16,8 @@
        protected $areas;
        protected $registration;
        protected $ip;
+       protected $xff;
+       protected $agent;
        /* File attachment fields */
        protected $attachmentSrcName; // user given attachment base name
        protected $attachmentPrevName; // user given attachment base name last 
attempt
@@ -35,6 +37,8 @@
                $this->type = $params['type'];
                $this->areas = $params['areas'];
                $this->ip = $params['ip'];
+               $this->xff = $params['xff'];
+               $this->agent = $params['agent'];
                $this->registration = wfTimestamp( TS_MW, 
$params['registration'] );
                $this->attachmentPrevName = $params['attachmentPrevName'];
                $this->attachmentSrcName = $params['attachmentSrcName'];
@@ -206,6 +210,8 @@
                        'email_token'   => md5( $token ),
                        'email_token_expires' => $expires,
                        'ip'                    => $this->ip,
+                       'xff'           => $this->xff,
+                       'agent'         => $this->agent
                ) );
                $req->insertOn();
                # Send confirmation, required!

Modified: 
trunk/extensions/ConfirmAccount/frontend/language/ConfirmAccountPage.i18n.php
===================================================================
--- 
trunk/extensions/ConfirmAccount/frontend/language/ConfirmAccountPage.i18n.php   
    2012-04-25 10:45:17 UTC (rev 115045)
+++ 
trunk/extensions/ConfirmAccount/frontend/language/ConfirmAccountPage.i18n.php   
    2012-04-25 11:17:38 UTC (rev 115046)
@@ -62,7 +62,7 @@
        'confirmaccount-leg-areas' => 'Main areas of interest',
        'confirmaccount-leg-person' => 'Personal information',
        'confirmaccount-leg-other'  => 'Other information',
-       'confirmaccount-leg-ip'   => 'IP data',
+       'confirmaccount-leg-ip'   => 'IP address data',
        'confirmaccount-name'     => 'Username',
        'confirmaccount-real'     => 'Name:',
        'confirmaccount-email'    => 'E-mail:',
@@ -87,6 +87,8 @@
        'confirmaccount-spam'     => 'Spam (do not send e-mail)',
        'confirmaccount-reason'   => 'Comment (will be included in e-mail):',
        'confirmaccount-ip'       => 'IP address:',
+       'confirmaccount-xff'      => 'X-Forwarded-For:',
+       'confirmaccount-agent'    => 'User-Agent:',
        'confirmaccount-legend'   => 'Confirm/reject this account',
        'confirmaccount-submit'   => 'Confirm',
        'confirmaccount-needreason' => 'You must provide a reason in the 
comment box below.',

Modified: 
trunk/extensions/ConfirmAccount/frontend/language/UserCredentialsPage.i18n.php
===================================================================
--- 
trunk/extensions/ConfirmAccount/frontend/language/UserCredentialsPage.i18n.php  
    2012-04-25 10:45:17 UTC (rev 115045)
+++ 
trunk/extensions/ConfirmAccount/frontend/language/UserCredentialsPage.i18n.php  
    2012-04-25 11:17:38 UTC (rev 115046)
@@ -17,7 +17,7 @@
        'usercredentials-leg-areas' => 'Main areas of interest',
        'usercredentials-leg-person' => 'Personal information',
        'usercredentials-leg-other' => 'Other information',
-       'usercredentials-leg-ip' => 'IP data',
+       'usercredentials-leg-ip' => 'IP address data',
        'usercredentials-email'  => 'E-mail:',
        'usercredentials-real'   => 'Real name:',
        'usercredentials-bio'    => 'Biography:',
@@ -25,6 +25,8 @@
        'usercredentials-notes'  => 'Additional notes:',
        'usercredentials-urls'   => 'List of websites:',
        'usercredentials-ip'     => 'Original IP address:',
+       'usercredentials-xff'    => 'Original X-Forwarded-For:',
+       'usercredentials-agent'  => 'Original User-Agent:',
        'usercredentials-member' => 'Rights:',
        'usercredentials-badid'  => 'No credentials found for this user.
 Check that the name is spelled correctly.',

Modified: 
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/ConfirmAccount_body.php
===================================================================
--- 
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/ConfirmAccount_body.php
       2012-04-25 10:45:17 UTC (rev 115045)
+++ 
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/ConfirmAccount_body.php
       2012-04-25 11:17:38 UTC (rev 115046)
@@ -373,9 +373,17 @@
                        $form .= '<legend>' . 
wfMsgHtml('confirmaccount-leg-ip') . '</legend>';
                        $blokip = SpecialPage::getTitleFor( 'Block' );
                        $form .= "<p>".wfMsgHtml('confirmaccount-ip') .
-                               " " . htmlspecialchars( $accountReq->getIP() ).
+                               " " . htmlspecialchars( $accountReq->getIP() ) .
                                " (" . Linker::makeKnownLinkObj( $blokip, 
wfMsgHtml('blockip'),
                                'ip=' . $accountReq->getIP() . 
'&wpCreateAccount=1' ).")</p>\n";
+                       if ( $accountReq->getXFF() ) {
+                               $form .= "<p>".wfMsgHtml('confirmaccount-xff') .
+                               " " . htmlspecialchars( $accountReq->getXFF() ) 
. "</p>\n";
+                       }
+                       if ( $accountReq->getAgent() ) {
+                               $form .= 
"<p>".wfMsgHtml('confirmaccount-agent') .
+                               " " . htmlspecialchars( $accountReq->getAgent() 
) . "</p>\n";
+                       }
                        $form .= '</fieldset>';
                }
 

Modified: 
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php
===================================================================
--- 
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php
       2012-04-25 10:45:17 UTC (rev 115045)
+++ 
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/RequestAccount_body.php
       2012-04-25 11:17:38 UTC (rev 115046)
@@ -300,6 +300,8 @@
                                'areas'                     => $areaSet,
                                'registration'              => wfTimestampNow(),
                                'ip'                        => 
$this->getRequest()->getIP(),
+                               'xff'                       => 
$this->getRequest()->getHeader( 'X-Forwarded-For' ),
+                               'agent'                     => 
$this->getRequest()->getHeader( 'User-Agent' ),
                                'attachmentPrevName'        => 
$this->mPrevAttachment,
                                'attachmentSrcName'         => $this->mSrcName,
                                'attachmentDidNotForget'    => 
$this->mForgotAttachment, // confusing name :)

Modified: 
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/UserCredentials_body.php
===================================================================
--- 
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/UserCredentials_body.php
      2012-04-25 10:45:17 UTC (rev 115045)
+++ 
trunk/extensions/ConfirmAccount/frontend/specialpages/actions/UserCredentials_body.php
      2012-04-25 11:17:38 UTC (rev 115046)
@@ -164,7 +164,16 @@
                if ( $reqUser->isAllowed( 'requestips' ) ) {
                        $form .= '<fieldset>';
                        $form .= '<legend>' . 
wfMsgHtml('usercredentials-leg-ip') . '</legend>';
-                       $form .= "<p>" . wfMsgHtml( 'usercredentials-ip' ) . " 
" . htmlspecialchars( $row->acd_ip ) . "</p>\n";
+                       $form .= "<p>" . wfMsgHtml( 'usercredentials-ip' ) .
+                               " " . htmlspecialchars( $row->acd_ip ) . 
"</p>\n";
+                       if ( $row->acd_xff ) {
+                               $form .= "<p>".wfMsgHtml('usercredentials-xff') 
.
+                                       " " . htmlspecialchars( $row->acd_xff ) 
. "</p>\n";
+                       }
+                       if ( $row->acd_agent ) {
+                               $form .= 
"<p>".wfMsgHtml('usercredentials-agent') .
+                                       " " . htmlspecialchars( $row->acd_agent 
) . "</p>\n";
+                       }
                        $form .= '</fieldset>';
                }
 


_______________________________________________
MediaWiki-CVS mailing list
MediaWiki-CVS@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs

Reply via email to