Revert broken rewrite of login forms:

r55990 "* Totally refactor includes/specials/SpecialUserlogin.php:"
r55991 "Followup to r55990 - Remove debugging hack :("
r55994 "Followup to r55990 - rename method to avoid PHP Strict warnings"
r55997 "Follow-up to r55990, per comments:"

Continued reports of breakage with the new version...
Non-vital changes of this magnitude should probably be worked up on a branch to ensure everything's consistent before pushing them to trunk.
This commit is contained in:
Brion Vibber 2009-09-08 18:40:05 +00:00
parent f81c299c27
commit 0f5ffad924

View file

@ -39,8 +39,8 @@ class ConfirmEditHooks {
return self::getInstance()->triggerUserLogin( $user, $password, $retval ); return self::getInstance()->triggerUserLogin( $user, $password, $retval );
} }
static function injectUserLogin( &$sp ) { static function injectUserLogin( &$template ) {
return self::getInstance()->injectUserLogin( $sp ); return self::getInstance()->injectUserLogin( $template );
} }
static function confirmUserLogin( $u, $pass, &$retval ) { static function confirmUserLogin( $u, $pass, &$retval ) {
@ -144,18 +144,18 @@ class SimpleCaptcha {
* @param SimpleTemplate $template * @param SimpleTemplate $template
* @return bool true to keep running callbacks * @return bool true to keep running callbacks
*/ */
function injectUserCreate( &$sp ) { function injectUserCreate( &$template ) {
global $wgCaptchaTriggers, $wgOut, $wgUser; global $wgCaptchaTriggers, $wgOut, $wgUser;
if ( $wgCaptchaTriggers['createaccount'] ) { if ( $wgCaptchaTriggers['createaccount'] ) {
if ( $wgUser->isAllowed( 'skipcaptcha' ) ) { if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" ); wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" );
return true; return true;
} }
$sp->mFormHeader .= $template->set( 'header',
"<div class='captcha'>" . "<div class='captcha'>" .
$wgOut->parse( $this->getMessage( 'createaccount' ) ) . $wgOut->parse( $this->getMessage( 'createaccount' ) ) .
$this->getForm() . $this->getForm() .
"</div>\n"; "</div>\n" );
} }
return true; return true;
} }
@ -163,17 +163,18 @@ class SimpleCaptcha {
/** /**
* Inject a captcha into the user login form after a failed * Inject a captcha into the user login form after a failed
* password attempt as a speedbump for mass attacks. * password attempt as a speedbump for mass attacks.
* @fixme if multiple thingies insert a header, could break
* @param SimpleTemplate $template * @param SimpleTemplate $template
* @return bool true to keep running callbacks * @return bool true to keep running callbacks
*/ */
function injectUserLogin( &$sp ) { function injectUserLogin( &$template ) {
if ( $this->isBadLoginTriggered() ) { if ( $this->isBadLoginTriggered() ) {
global $wgOut; global $wgOut;
$sp->mFormHeader .= $template->set( 'header',
"<div class='captcha'>" . "<div class='captcha'>" .
$wgOut->parse( $this->getMessage( 'badlogin' ) ) . $wgOut->parse( $this->getMessage( 'badlogin' ) ) .
$this->getForm() . $this->getForm() .
"</div>\n"; "</div>\n" );
} }
return true; return true;
} }
@ -189,7 +190,7 @@ class SimpleCaptcha {
*/ */
function triggerUserLogin( $user, $password, $retval ) { function triggerUserLogin( $user, $password, $retval ) {
global $wgCaptchaTriggers, $wgCaptchaBadLoginExpiration, $wgMemc; global $wgCaptchaTriggers, $wgCaptchaBadLoginExpiration, $wgMemc;
if ( $retval == Login::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) { if ( $retval == LoginForm::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
$key = $this->badLoginKey(); $key = $this->badLoginKey();
$count = $wgMemc->get( $key ); $count = $wgMemc->get( $key );
if ( !$count ) { if ( !$count ) {
@ -556,7 +557,7 @@ class SimpleCaptcha {
if ( !$this->passCaptcha() ) { if ( !$this->passCaptcha() ) {
$message = wfMsg( 'captcha-badlogin-fail' ); $message = wfMsg( 'captcha-badlogin-fail' );
// Emulate a bad-password return to confuse the shit out of attackers // Emulate a bad-password return to confuse the shit out of attackers
$retval = Login::WRONG_PASS; $retval = LoginForm::WRONG_PASS;
return false; return false;
} }
} }