mirror of
https://gerrit.wikimedia.org/r/mediawiki/extensions/ConfirmEdit
synced 2024-11-25 00:26:06 +00:00
Revert broken rewrite of login system; totally broken.
* Login doesn't attach to session properly, so can't stay logged in! * Password field shown in plaintext! If it just DOESN'T WORK please keep it on a work branch, don't put it in trunk! Reverted: r56682 r56683 r56684 r56686 r56688 r56696 r56699 r56702 r56703 r56704 r56782 r56896
This commit is contained in:
parent
aa124c43c0
commit
61d0788893
|
@ -39,8 +39,8 @@ class ConfirmEditHooks {
|
|||
return self::getInstance()->triggerUserLogin( $user, $password, $retval );
|
||||
}
|
||||
|
||||
static function injectUserLogin( &$sp ) {
|
||||
return self::getInstance()->injectUserLogin( $sp );
|
||||
static function injectUserLogin( &$template ) {
|
||||
return self::getInstance()->injectUserLogin( $template );
|
||||
}
|
||||
|
||||
static function confirmUserLogin( $u, $pass, &$retval ) {
|
||||
|
@ -144,19 +144,18 @@ class SimpleCaptcha {
|
|||
* @param SimpleTemplate $template
|
||||
* @return bool true to keep running callbacks
|
||||
*/
|
||||
function injectUserCreate( &$sp ) {
|
||||
function injectUserCreate( &$template ) {
|
||||
global $wgCaptchaTriggers, $wgOut, $wgUser;
|
||||
if ( $wgCaptchaTriggers['createaccount'] ) {
|
||||
if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
|
||||
wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" );
|
||||
return true;
|
||||
}
|
||||
$sp->addFormHeader(
|
||||
$template->set( 'header',
|
||||
"<div class='captcha'>" .
|
||||
$wgOut->parse( $this->getMessage( 'createaccount' ) ) .
|
||||
$this->getForm() .
|
||||
"</div>\n"
|
||||
);
|
||||
"</div>\n" );
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
@ -164,18 +163,18 @@ class SimpleCaptcha {
|
|||
/**
|
||||
* Inject a captcha into the user login form after a failed
|
||||
* password attempt as a speedbump for mass attacks.
|
||||
* @fixme if multiple thingies insert a header, could break
|
||||
* @param SimpleTemplate $template
|
||||
* @return bool true to keep running callbacks
|
||||
*/
|
||||
function injectUserLogin( &$sp ) {
|
||||
function injectUserLogin( &$template ) {
|
||||
if ( $this->isBadLoginTriggered() ) {
|
||||
global $wgOut;
|
||||
$sp->addFormHeader(
|
||||
$template->set( 'header',
|
||||
"<div class='captcha'>" .
|
||||
$wgOut->parse( $this->getMessage( 'badlogin' ) ) .
|
||||
$this->getForm() .
|
||||
"</div>\n"
|
||||
);
|
||||
"</div>\n" );
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
@ -191,7 +190,7 @@ class SimpleCaptcha {
|
|||
*/
|
||||
function triggerUserLogin( $user, $password, $retval ) {
|
||||
global $wgCaptchaTriggers, $wgCaptchaBadLoginExpiration, $wgMemc;
|
||||
if ( $retval == Login::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
|
||||
if ( $retval == LoginForm::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
|
||||
$key = $this->badLoginKey();
|
||||
$count = $wgMemc->get( $key );
|
||||
if ( !$count ) {
|
||||
|
@ -558,7 +557,7 @@ class SimpleCaptcha {
|
|||
if ( !$this->passCaptcha() ) {
|
||||
$message = wfMsg( 'captcha-badlogin-fail' );
|
||||
// Emulate a bad-password return to confuse the shit out of attackers
|
||||
$retval = Login::WRONG_PASS;
|
||||
$retval = LoginForm::WRONG_PASS;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue