This has nothing to do with CAPTCHA generation, and the only thing it
needs from the SimpleCaptcha class is checking whether a CAPTCHA on
bad login is enabled at all.
Also improve comments in CaptchaPreAuthenticationProvider. I found the
session flag business really difficult to understand.
Change-Id: I8200531718aaa11effcb07539204e1a05ed432e0
Changes to the use statements done automatically via script
Addition of missing use statements done manually
Change-Id: Id44f211320e56bc83e4c8f243369dc4eb562cf37
Status now provides declared $statusData property for holding
arbitrary data that can be used instead.
Bug: T326479
Depends-On: Ibe3f1f8b81bcfcb18551d3ca4cda464e4bdbcbce
Change-Id: I1342a8a8ca64b4040ed2b2d101d4574aedd888af
isBadLoginPerUserTriggered() can never return null. This comment was
added in 2016 in 31c59374a4 and it was
already incorrect then. I don't know where this idea came from.
Change-Id: Ib919999fe83562cb4fa80246ae7c6b4707da775c
This allows the dynamic activation of CAPTCHAS triggering without the
need to change the configuration.
This lays the foundation for stewards to later be able to activate
'emergency captchas' via an on-wiki interface.
Bug: T303433
Change-Id: If48689fe068aa3ec56e51e01b84cf25c63bcbf0b
Use CacheKeyHelper to collect status of captchas that was activated instead of set random properties on page object.
Bug: T275710
Change-Id: I7942ccd6b58584f436f872bf7c9deb63ab84482a
This just won't work:
- For edits via the UI, errors are wrapped in an errorbox div by
EditPage.php, so this code is outputting an errorbox inside an
errorbox, which is simply painful to see.
- API edits don't format errors via HTML, so trying to pass raw HTML
there results in broken formatting
Bug: T293818
Change-Id: Ib74d128cc71246c7cfa72456cbe453e8086f2d63
* Avoid double-escaping the captcha-edit-fail message
via both Html::element and RawMessage.
* Also add suppress comment due to overall taint of
RawMessage.
Bug: T293818
Change-Id: I6b985266a26f6b152bca05a91f6054ed1a5f2a5a
ParserOptions::__construct() and Parser::preSaveTransform() both
accept an UserIdentity and don't need a full user object.
Bug: T289731
Change-Id: I9e3d3f21452167ae1b1e9dca664605ee471f90e2
ContentHandler::getContentText() is deprecated and should be
replaced with Content::getText() for TextContent instances.
Change-Id: Iafe14100b3776510c5159657f42f6c0c8d551539
Remove using of User::getCanonicalName since this method will be hard-deprecated. Now it is soft-deprecated
Bug: T275030
Change-Id: Ic11a4259271c8941225882ddce64b53d44280409
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationPrivate
* MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationProtected
* MediaWiki.Commenting.PropertyDocumentation.WrongStyle
Change-Id: I8479cfb5fbc67a6472e28045ece5ea2ae1ba6ac6
Changes:
* Do not return anything in a method that is not expected to return
something.
* Inline some previously hard to read code.
* More specific type hints, if possible.
Change-Id: I0e460899eea07d8733f638a11133adc3000f0542
Although there was no docblock on CaptchaAuthenticationRequest::__construct,
the method is supposed to get a string and an array, as that's how the
class members are documented and used. Trying to access offsets of null
resulted in PHP notices on PHP 7.4, as seen in the experimental job
for various repos.
Bug: T239726
Change-Id: Idd073ebf3d560543ec225479de060e3c198847eb
Deprecated in 1.30 and makeGlobalKey() on a BagOStuff was available
since 1.27. This extension requires 1.31 so the migration seems fine.
Change-Id: Ia7b276ee65fdf58c4fc0859563930528d44a03ca
Replacement with services made available in 1.28 and this extension
requires 1.31. So, the replacement is good.
Change-Id: Idd5dda1e7cfa34b71ffb13446eb0f9e4f113f678