KeepYourHandsToYourself

From Jimbojw.com

Jump to: navigation, search
<?php //

This is a MediaWiki Extension. For more information about it, see the documentation in KeepYourHandsToYourself Extension.

Important! Unless otherwise specified, this extension is released under The MIT License. If you choose to install it, you do so at your own risk and discretion.

/*
 * KeepYourHandsToYourself.php - Keeps users from editing other users pages.
 * @author Jim R. Wilson
 * @version 0.3
 * @copyright Copyright (C) 2007 Jim R. Wilson
 * @license The MIT License - http://www.opensource.org/licenses/mit-license.php 
 * -----------------------------------------------------------------------
 * Description:
 *     This is a MediaWiki extension which prevents users from editing other users
 *     pages or subpages.
 * Requirements:
 *     MediaWiki 1.6.x, 1.9.x, 1.10.x or higher
 *     PHP 4.x, 5.x or higher.
 * Installation:
 *     1. Drop this script (KeepYourHandsToYourself.php) in $IP/extensions
 *         Note: $IP is your MediaWiki install dir.
 *     2. Enable the extension by adding this line to your LocalSettings.php:
 *         require_once('extensions/KeepYourHandsToYourself.php');
 * Version Notes:
 *     version 0.3:
 *         Added image processing hook to prepend user name to file name for non-sysops.
 *     version 0.2:
 *         Added protections for images matching the user's name followed by '--'
 *     version 0.1:
 *         Initial release.
 * -----------------------------------------------------------------------
 * Copyright (c) 2007 Jim R. Wilson
 * 
 * Permission is hereby granted, free of charge, to any person obtaining a copy 
 * of this software and associated documentation files (the "Software"), to deal 
 * in the Software without restriction, including without limitation the rights to 
 * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of 
 * the Software, and to permit persons to whom the Software is furnished to do 
 * so, subject to the following conditions:
 * 
 * The above copyright notice and this permission notice shall be included in all 
 * copies or substantial portions of the Software.
 * 
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 
 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES 
 * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 
 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 
 * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, 
 * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 
 * OTHER DEALINGS IN THE SOFTWARE. 
 * -----------------------------------------------------------------------
 */
 
# Confirm MW environment
if (defined('MEDIAWIKI')) {
 
# Credits
$wgExtensionCredits['other'][] = array(
    'name'=>'KeepYourHandsToYourself',
    'author'=>'Jim R. Wilson (wilson.jim.r&lt;at&gt;gmail.com)',
    'url'=>'http://jimbojw.com/wiki/index.php?title=KeepYourHandsToYourself',
    'description'=>'Prevents users from editing other users pages.',
    'version'=>'0.3'
);
 
# Attach Hooks
$wgExtensionFunctions[] = 'setupForKeepYourHandsToYourself';
$wgHooks['userCan'][] = 'keepYourHandsToYourself';
$wgHooks['AbortNewAccount'][] = 'rejectUsernamesWithConsecutiveDashes';
$wgHooks['UploadForm:BeforeProcessing'][] = 'prependUsernameToFilename';
 
/**
 * Setup for the KeepYourHandsToYourself extension.
 * Usage: $wgExtensionFunctions[] = 'setupForKeepYourHandsToYourself';
 */
function setupForKeepYourHandsToYourself() {
    global $wgMessageCache;
    $wgMessageCache->addMessage(
        'kyhtys-no-double-dash',
        'Usernames may not contain consecutive dashes.'
    );
}
 
/**
 * Reject edit action if user attempts to edit another user's page, subpage or image
 * Usage: $wgHooks['userCan'][] = 'keepYourHandsToYourself';
 * @param Title $title Title of the article. (passed by reference)
 * @param User $user User attempting action on article - presumably $wgUser. (passed by reference)
 * @param String $action Action being taken on article. (passed by value)
 * @param Mixed $result The result of processing. (passed by reference)
 * @return true Always true so other extensions have a chance to process 'userCan'
 */
function keepYourHandsToYourself($title, $user, $action, $result) {
 
    # Check for Namespace, edit action, and sysopship
    $ns = $title->getNamespace();
    if (
        !in_array($ns, array(NS_USER, NS_IMAGE)) || 
        $action!='edit' ||
        in_array('sysop', $user->getGroups())
    ) return true;
    
    # Check that the image contains at least one double dash (short-circuit otherwise)
    $text = $title->getText();
    if (
        $ns==NS_IMAGE &&
        strstr($text, '--')===false
    ) return true;
 
    # Check if the page name matches or starts with the username and appropriate separator
    $name = $user->getName();
    $sep = ( $title->getNamespace()==NS_USER ? '\\/' : '--' );
    if (
        $name==$text ||
        preg_match('/^'.preg_quote($name).$sep.'/', $text)
    ) return true;
    
    # If we got this far, then it's a user trying to edit another user's page or image
    $result = false;
    return false;
}
 
/**
 * Reject any user account creation attempt if the username contains consecutive dashes.
 * Usage: $wgHooks['AbortNewAccount'][] = 'rejectUsernamesWithConsecutiveDashes';
 * @param User $user Attempted user to create (passed by value)
 * @param Mixed $abortError Error string
 * @param Mixed $result The result of processing. (passed by reference)
 * @return Boolean false if username was rejected, true otherwise
 */
function rejectUsernamesWithConsecutiveDashes($user, &$abortError) {
    if (strstr($user->getName(),'--')!==false) {
        $abortError = wfMsgForContent('kyhtys-no-double-dash');
        return false;
    }
    return true;
}
 
/**
 * Under certain cercumstances, prepend the user's name to the uploaded file.
 * Usage: $wgHooks['UploadForm:BeforeProcessing'][] = 'prependUsernameToFilename';
 * @param Object $uploadForm Special Page derivitive executing the upload operation.
 * @return Boolean Always true to allow continued processing
 */
function prependUsernameToFilename( $uploadForm ) {
 
    # Skip any further checking if the user is not logged in
    global $wgUser;
    if ( !$wgUser->isLoggedIn() ) return true;
 
    # First things first, deduce the desired destination filename
    $dn = $uploadForm->mDesiredDestName;
    $filtered = wfBaseName( $dn ? $dn : $uploadForm->mSrcName );
    
    # If the first two chars are dashes, strip them and short circuit
    # Note: This is the secret trick to bypass the user name prepending.
    if ( substr( $filtered, 0, 2 ) == '--' ) {
        $uploadForm->mDesiredDestName = substr( $filtered, 2 );
        return true;
    }
    
    # Otherwise, if there are already two dashes in the name, it must have ownership specified
    if ( strpos( $filtered, '--' )!==false ) return true;
    
    # Finally, prepend the user name to the destination file name
    $uploadForm->mDesiredDestName = $wgUser->getName() . '--' . $filtered;
    return true;
}
 
} # End MW Environment wrapper
//