mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/ConfirmEdit
synced 2024-11-25 00:26:06 +00:00
Revert broken rewrite of login forms:
r55990 "* Totally refactor includes/specials/SpecialUserlogin.php:" r55991 "Followup to r55990 - Remove debugging hack :(" r55994 "Followup to r55990 - rename method to avoid PHP Strict warnings" r55997 "Follow-up to r55990, per comments:" Continued reports of breakage with the new version... Non-vital changes of this magnitude should probably be worked up on a branch to ensure everything's consistent before pushing them to trunk.
This commit is contained in:
parent
f81c299c27
commit
0f5ffad924
|
@ -39,8 +39,8 @@ class ConfirmEditHooks {
|
||||||
return self::getInstance()->triggerUserLogin( $user, $password, $retval );
|
return self::getInstance()->triggerUserLogin( $user, $password, $retval );
|
||||||
}
|
}
|
||||||
|
|
||||||
static function injectUserLogin( &$sp ) {
|
static function injectUserLogin( &$template ) {
|
||||||
return self::getInstance()->injectUserLogin( $sp );
|
return self::getInstance()->injectUserLogin( $template );
|
||||||
}
|
}
|
||||||
|
|
||||||
static function confirmUserLogin( $u, $pass, &$retval ) {
|
static function confirmUserLogin( $u, $pass, &$retval ) {
|
||||||
|
@ -144,18 +144,18 @@ class SimpleCaptcha {
|
||||||
* @param SimpleTemplate $template
|
* @param SimpleTemplate $template
|
||||||
* @return bool true to keep running callbacks
|
* @return bool true to keep running callbacks
|
||||||
*/
|
*/
|
||||||
function injectUserCreate( &$sp ) {
|
function injectUserCreate( &$template ) {
|
||||||
global $wgCaptchaTriggers, $wgOut, $wgUser;
|
global $wgCaptchaTriggers, $wgOut, $wgUser;
|
||||||
if ( $wgCaptchaTriggers['createaccount'] ) {
|
if ( $wgCaptchaTriggers['createaccount'] ) {
|
||||||
if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
|
if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
|
||||||
wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" );
|
wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" );
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
$sp->mFormHeader .=
|
$template->set( 'header',
|
||||||
"<div class='captcha'>" .
|
"<div class='captcha'>" .
|
||||||
$wgOut->parse( $this->getMessage( 'createaccount' ) ) .
|
$wgOut->parse( $this->getMessage( 'createaccount' ) ) .
|
||||||
$this->getForm() .
|
$this->getForm() .
|
||||||
"</div>\n";
|
"</div>\n" );
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -163,17 +163,18 @@ class SimpleCaptcha {
|
||||||
/**
|
/**
|
||||||
* Inject a captcha into the user login form after a failed
|
* Inject a captcha into the user login form after a failed
|
||||||
* password attempt as a speedbump for mass attacks.
|
* password attempt as a speedbump for mass attacks.
|
||||||
|
* @fixme if multiple thingies insert a header, could break
|
||||||
* @param SimpleTemplate $template
|
* @param SimpleTemplate $template
|
||||||
* @return bool true to keep running callbacks
|
* @return bool true to keep running callbacks
|
||||||
*/
|
*/
|
||||||
function injectUserLogin( &$sp ) {
|
function injectUserLogin( &$template ) {
|
||||||
if ( $this->isBadLoginTriggered() ) {
|
if ( $this->isBadLoginTriggered() ) {
|
||||||
global $wgOut;
|
global $wgOut;
|
||||||
$sp->mFormHeader .=
|
$template->set( 'header',
|
||||||
"<div class='captcha'>" .
|
"<div class='captcha'>" .
|
||||||
$wgOut->parse( $this->getMessage( 'badlogin' ) ) .
|
$wgOut->parse( $this->getMessage( 'badlogin' ) ) .
|
||||||
$this->getForm() .
|
$this->getForm() .
|
||||||
"</div>\n";
|
"</div>\n" );
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -189,7 +190,7 @@ class SimpleCaptcha {
|
||||||
*/
|
*/
|
||||||
function triggerUserLogin( $user, $password, $retval ) {
|
function triggerUserLogin( $user, $password, $retval ) {
|
||||||
global $wgCaptchaTriggers, $wgCaptchaBadLoginExpiration, $wgMemc;
|
global $wgCaptchaTriggers, $wgCaptchaBadLoginExpiration, $wgMemc;
|
||||||
if ( $retval == Login::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
|
if ( $retval == LoginForm::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
|
||||||
$key = $this->badLoginKey();
|
$key = $this->badLoginKey();
|
||||||
$count = $wgMemc->get( $key );
|
$count = $wgMemc->get( $key );
|
||||||
if ( !$count ) {
|
if ( !$count ) {
|
||||||
|
@ -556,7 +557,7 @@ class SimpleCaptcha {
|
||||||
if ( !$this->passCaptcha() ) {
|
if ( !$this->passCaptcha() ) {
|
||||||
$message = wfMsg( 'captcha-badlogin-fail' );
|
$message = wfMsg( 'captcha-badlogin-fail' );
|
||||||
// Emulate a bad-password return to confuse the shit out of attackers
|
// Emulate a bad-password return to confuse the shit out of attackers
|
||||||
$retval = Login::WRONG_PASS;
|
$retval = LoginForm::WRONG_PASS;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue