Mediawiki/Anonymous IP Hash: Difference between revisions
Antonizoon (talk | contribs) No edit summary |
Antonizoon (talk | contribs) No edit summary |
||
Line 1: | Line 1: | ||
Here's the gist of my anon ID hack to MediaWiki. I can't really package it as an extension or anything because it involves hacking things that | Here's the gist of my anon ID hack to MediaWiki. I can't really package it as an extension or anything because it involves hacking things that | ||
apparently aren't supposed to be hacked, but it's not hard to do. - Halcy | apparently aren't supposed to be hacked, but it's not hard to do. - Halcy <!-- Note that this mod makes banning edits quite hard. Maybe if there was a way to just not show the IP address to non-Admin users, and still store the IP in the database, that would be better. But on the flip side, tanasinn.info seems to be doing fine. --> | ||
<!-- Note that this mod makes banning edits quite hard. Maybe if there was a way to just | |||
1. Add the following to your LocalSettings.php: | 1. Add the following to your LocalSettings.php: | ||
Line 11: | Line 9: | ||
$wgDisableAnonTalk = true; | $wgDisableAnonTalk = true; | ||
function AnonUsername($IP) { | function AnonUsername($IP) { | ||
// Expiry time for hashes: dmY = new ID per day, WY = per week. | |||
// | $key = $IP.'PUT RANDOM TEXT HERE'.gmdate('dmY'); | ||
return 'ID:'.substr(password_hash($key, PASSWORD_DEFAULT), 'id'), 8, 8); // uses bcrypt level 10 | return 'ID:'.substr(password_hash($key, PASSWORD_DEFAULT), 'id'), 8, 8); // uses bcrypt level 10 | ||
} | } |
Revision as of 19:59, 9 December 2016
Here's the gist of my anon ID hack to MediaWiki. I can't really package it as an extension or anything because it involves hacking things that apparently aren't supposed to be hacked, but it's not hard to do. - Halcy
1. Add the following to your LocalSettings.php:
// you can leave anon talk pages on, but you'll // likely end up with useless crud after IDs expire $wgDisableAnonTalk = true; function AnonUsername($IP) { // Expiry time for hashes: dmY = new ID per day, WY = per week. $key = $IP.'PUT RANDOM TEXT HERE'.gmdate('dmY'); return 'ID:'.substr(password_hash($key, PASSWORD_DEFAULT), 'id'), 8, 8); // uses bcrypt level 10 }
The ID is a truncated hash, which, although it increases the risk of collisions, that may be a benefit rather than a liability when it comes to IPs. http://www.perlmonks.org/?node_id=111524
2. In includes/user/User.php
, (Mediawiki 1.27.1: getName() Line 2109) find the line that says:
$this->mName = IP::sanitizeIP( $this->getRequest()->getIP() );
and change it to:
$this->mName = AnonUsername( $this->getRequest()->getIP() );
3. In includes/user/User.php
, (Mediawiki 1.27.1: getBlockedStatus() Line 1600) find the line that says:
: IP::sanitizeIP( $wgUser->getRequest()->getIP() );
and change it to:
: AnonUsername( $this->getRequest()->getIP() );
You will need to repeat this mod whenever you update MediaWiki, since obviously an update replaces the system files. And of course the lines may vary, but have generally been similar.
aa tags
On a slightly related note, I hacked an extension together for <aa> tags.
- Music:DQN-kun / >>6 is not a panda