Merge "HTMLUserTextField: Fix validation"

1 files changed, 31 insertions, 24 deletions

diff --git a/includes/htmlform/fields/HTMLUserTextField.php b/includes/htmlform/fields/HTMLUserTextField.php
index 378d05173abc..7520c0ef1c39 100644
--- a/includes/htmlform/fields/HTMLUserTextField.php
+++ b/includes/htmlform/fields/HTMLUserTextField.php
@@ -12,7 +12,6 @@ use Wikimedia\IPUtils;
  * 'ipallowed' - Whether an IP address is interpreted as "valid"
  * 'iprange' - Whether an IP address range is interpreted as "valid"
  * 'iprangelimits' - Specifies the valid IP ranges for IPv4 and IPv6 in an array.
- *  defaults to IPv4 => 16; IPv6 => 32.
  *
  * @stable to extend
  * @since 1.26
@@ -28,8 +27,8 @@ class HTMLUserTextField extends HTMLTextField {
 				'ipallowed' => false,
 				'iprange' => false,
 				'iprangelimits' => [
-					'IPv4' => '16',
-					'IPv6' => '32',
+					'IPv4' => 0,
+					'IPv6' => 0,
 				],
 			]
 		);
@@ -48,24 +47,32 @@ class HTMLUserTextField extends HTMLTextField {
 			return parent::validate( $value, $alldata );
 		}
 
-		// check, if a user exists with the given username
-		$user = User::newFromName( $value, false );
-		$rangeError = null;
-
-		if ( !$user ) {
-			return $this->msg( 'htmlform-user-not-valid', $value );
-		} elseif (
-			// check, if the user exists, if requested
-			( $this->mParams['exists'] && !$user->isRegistered() ) &&
-			// check, if the username is a valid IP address, otherwise save the error message
-			!( $this->mParams['ipallowed'] && IPUtils::isValid( $value ) ) &&
-			// check, if the username is a valid IP range, otherwise save the error message
-			!( $this->mParams['iprange'] && ( $rangeError = $this->isValidIPRange( $value ) ) === true )
-		) {
-			if ( is_string( $rangeError ) ) {
-				return $rangeError;
+		// check if the input is a valid username
+		$user = User::newFromName( $value );
+		if ( $user ) {
+			// check if the user exists, if requested
+			if ( $this->mParams['exists'] && !$user->isRegistered() ) {
+				return $this->msg( 'htmlform-user-not-exists', $user->getName() );
+			}
+		} else {
+			// not a valid username
+			$valid = false;
+			// check if the input is a valid IP address
+			if ( $this->mParams['ipallowed'] && IPUtils::isValid( $value ) ) {
+				$valid = true;
+			}
+			// check if the input is a valid IP range
+			if ( $this->mParams['iprange'] ) {
+				$rangeError = $this->isValidIPRange( $value );
+				if ( $rangeError === true ) {
+					$valid = true;
+				} elseif ( $rangeError !== false ) {
+					return $rangeError;
+				}
+			}
+			if ( !$valid ) {
+				return $this->msg( 'htmlform-user-not-valid', $value );
 			}
-			return $this->msg( 'htmlform-user-not-exists', $user->getName() );
 		}
 
 		return parent::validate( $value, $alldata );
@@ -85,7 +92,7 @@ class HTMLUserTextField extends HTMLTextField {
 			( IPUtils::isIPv6( $ip ) && $cidrIPRanges['IPv6'] == 128 )
 		) {
 			// Range block effectively disabled
-			return $this->msg( 'ip_range_toolow' )->parse();
+			return $this->msg( 'ip_range_toolow' );
 		}
 
 		if (
@@ -93,15 +100,15 @@ class HTMLUserTextField extends HTMLTextField {
 			( IPUtils::isIPv6( $ip ) && $range > 128 )
 		) {
 			// Dodgy range
-			return $this->msg( 'ip_range_invalid' )->parse();
+			return $this->msg( 'ip_range_invalid' );
 		}
 
 		if ( IPUtils::isIPv4( $ip ) && $range < $cidrIPRanges['IPv4'] ) {
-			return $this->msg( 'ip_range_exceeded', $cidrIPRanges['IPv4'] )->parse();
+			return $this->msg( 'ip_range_exceeded', $cidrIPRanges['IPv4'] );
 		}
 
 		if ( IPUtils::isIPv6( $ip ) && $range < $cidrIPRanges['IPv6'] ) {
-			return $this->msg( 'ip_range_exceeded', $cidrIPRanges['IPv6'] )->parse();
+			return $this->msg( 'ip_range_exceeded', $cidrIPRanges['IPv6'] );
 		}
 
 		return true;