mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/ConfirmEdit
synced 2024-11-28 18:10:16 +00:00
Revert broken rewrite of login forms:
r55990 "* Totally refactor includes/specials/SpecialUserlogin.php:" r55991 "Followup to r55990 - Remove debugging hack :(" r55994 "Followup to r55990 - rename method to avoid PHP Strict warnings" r55997 "Follow-up to r55990, per comments:" Continued reports of breakage with the new version... Non-vital changes of this magnitude should probably be worked up on a branch to ensure everything's consistent before pushing them to trunk.
This commit is contained in:
parent
f81c299c27
commit
0f5ffad924
|
@ -39,8 +39,8 @@ class ConfirmEditHooks {
|
|||
return self::getInstance()->triggerUserLogin( $user, $password, $retval );
|
||||
}
|
||||
|
||||
static function injectUserLogin( &$sp ) {
|
||||
return self::getInstance()->injectUserLogin( $sp );
|
||||
static function injectUserLogin( &$template ) {
|
||||
return self::getInstance()->injectUserLogin( $template );
|
||||
}
|
||||
|
||||
static function confirmUserLogin( $u, $pass, &$retval ) {
|
||||
|
@ -144,18 +144,18 @@ class SimpleCaptcha {
|
|||
* @param SimpleTemplate $template
|
||||
* @return bool true to keep running callbacks
|
||||
*/
|
||||
function injectUserCreate( &$sp ) {
|
||||
function injectUserCreate( &$template ) {
|
||||
global $wgCaptchaTriggers, $wgOut, $wgUser;
|
||||
if ( $wgCaptchaTriggers['createaccount'] ) {
|
||||
if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
|
||||
wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" );
|
||||
return true;
|
||||
}
|
||||
$sp->mFormHeader .=
|
||||
$template->set( 'header',
|
||||
"<div class='captcha'>" .
|
||||
$wgOut->parse( $this->getMessage( 'createaccount' ) ) .
|
||||
$this->getForm() .
|
||||
"</div>\n";
|
||||
"</div>\n" );
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
@ -163,17 +163,18 @@ class SimpleCaptcha {
|
|||
/**
|
||||
* Inject a captcha into the user login form after a failed
|
||||
* password attempt as a speedbump for mass attacks.
|
||||
* @fixme if multiple thingies insert a header, could break
|
||||
* @param SimpleTemplate $template
|
||||
* @return bool true to keep running callbacks
|
||||
*/
|
||||
function injectUserLogin( &$sp ) {
|
||||
function injectUserLogin( &$template ) {
|
||||
if ( $this->isBadLoginTriggered() ) {
|
||||
global $wgOut;
|
||||
$sp->mFormHeader .=
|
||||
$template->set( 'header',
|
||||
"<div class='captcha'>" .
|
||||
$wgOut->parse( $this->getMessage( 'badlogin' ) ) .
|
||||
$this->getForm() .
|
||||
"</div>\n";
|
||||
"</div>\n" );
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
@ -189,7 +190,7 @@ class SimpleCaptcha {
|
|||
*/
|
||||
function triggerUserLogin( $user, $password, $retval ) {
|
||||
global $wgCaptchaTriggers, $wgCaptchaBadLoginExpiration, $wgMemc;
|
||||
if ( $retval == Login::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
|
||||
if ( $retval == LoginForm::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
|
||||
$key = $this->badLoginKey();
|
||||
$count = $wgMemc->get( $key );
|
||||
if ( !$count ) {
|
||||
|
@ -556,7 +557,7 @@ class SimpleCaptcha {
|
|||
if ( !$this->passCaptcha() ) {
|
||||
$message = wfMsg( 'captcha-badlogin-fail' );
|
||||
// Emulate a bad-password return to confuse the shit out of attackers
|
||||
$retval = Login::WRONG_PASS;
|
||||
$retval = LoginForm::WRONG_PASS;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue