r45119 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r45118‎ \| r45119 \| r45120 >
Date:	11:50, 28 December 2008
Author:	aaron
Status:	ok
Tags:
Comment:	(bug 16721) Reset auth token to stop auto-login. Auto-login defeats the user rename/touch change to break the login since the user can just get logged in again under the old name without noticing, which results in edits under the old name.
Modified paths:	/trunk/extensions/Renameuser/SpecialRenameuser_body.php (modified) (history) /trunk/phase3/includes/AuthPlugin.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/AuthPlugin.php
—	—	@@ -258,4 +258,9 @@
259	259	# Override this!
260	260	return false;
261	261	}
	262	+
	263	+ public function resetAuthToken() {
	264	+ # Override this!
	265	+ return true;
	266	+ }
262	267	}
Index: trunk/extensions/Renameuser/SpecialRenameuser_body.php
—	—	@@ -419,6 +419,11 @@
420	420	if( !$dbw->affectedRows() ) {
421	421	return false;
422	422	}
	423	+ // Reset token to break login with central auth systems.
	424	+ // Again, avoids user being logged in with old name.
	425	+ $user = User::newFromId( $this->uid );
	426	+ $authUser = $wgAuth->getUserInstance( $user );
	427	+ $authUser->resetAuthToken();
423	428
424	429	// Delete from memcached.
425	430	global $wgMemc;

22:59, 31 December 2008 Brion VIBBER (talk | contribs) changed the status of r45119 [removed: new added: ok]