r58172 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r58171‎ | r58172 | r58173 >
Date:23:19, 26 October 2009
Author:skizzerz
Status:reverted (Comments)
Tags:
Comment:
* User::isValidPassword now only returns boolean results, User::getPasswordValidity can be used to get an error message string
Modified paths:
  • /trunk/phase3/RELEASE-NOTES (modified) (history)
  • /trunk/phase3/includes/User.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/User.php
@@ -621,19 +621,11 @@
622622 * Is the input a valid password for this user?
623623 *
624624 * @param $password String Desired password
625 - * @return mixed: bool True or false or a message key explaining why the password is invalid
 625+ * @return bool True or false
626626 */
627627 function isValidPassword( $password ) {
628 - global $wgMinimalPasswordLength, $wgContLang;
629 -
630 - if( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) )
631 - return $result;
632 - if( $result === false )
633 - return false;
634 -
635 - // Password needs to be long enough, and can't be the same as the username
636 - return strlen( $password ) >= $wgMinimalPasswordLength
637 - && $wgContLang->lc( $password ) !== $wgContLang->lc( $this->mName );
 628+ //simple boolean wrapper for getPasswordValidity
 629+ return $this->getPasswordValidity( $password ) === true;
638630 }
639631
640632 /**
@@ -645,7 +637,12 @@
646638 function getPasswordValidity( $password ) {
647639 global $wgMinimalPasswordLength, $wgContLang;
648640
649 - if ( ( $result = $this->isValidPassword( $password ) ) === false ) {
 641+ $result = false; //init $result to false for the internal checks
 642+
 643+ if( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) )
 644+ return $result;
 645+
 646+ if ( $result === false ) {
650647 if( strlen( $password ) < $wgMinimalPasswordLength ) {
651648 return 'passwordtooshort';
652649 } elseif ( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
@@ -654,7 +651,7 @@
655652 } elseif( $result === true ) {
656653 return true;
657654 } else {
658 - return $result; //the isValidPassword hook set a string $result and returned false
 655+ return $result; //the isValidPassword hook set a string $result and returned true
659656 }
660657 }
661658
@@ -1770,7 +1767,7 @@
17711768 throw new PasswordError( wfMsg( 'password-change-forbidden' ) );
17721769 }
17731770
1774 - if( $this->isValidPassword( $str ) !== true ) {
 1771+ if( !$this->isValidPassword( $str ) ) {
17751772 global $wgMinimalPasswordLength;
17761773 $valid = $this->getPasswordValidity( $str );
17771774 throw new PasswordError( wfMsgExt( $valid, array( 'parsemag' ),
Index: trunk/phase3/RELEASE-NOTES
@@ -598,8 +598,8 @@
599599 * (bug 18019) Users are now warned when moving a file to a name in use on a
600600 shared repository and only users with the 'reupload-shared' permission can
601601 complete the move.
602 -* Any strings returned by the isValidPassword hook are now shown as error messages
603 - instead of MediaWiki thinking that the hook said the password was valid.
 602+* User::isValidPassword now only returns boolean results, User::getPasswordValidity
 603+ can be used to get an error message string
604604 * The error message shown in Special:ChangePassword now parses wiki markup
605605
606606 == API changes in 1.16 ==

Follow-up revisions

RevisionCommit summaryAuthorDate
r58182Revert r58171/r58172 for now. It seems it breaks login to translatewiki.netraymond07:13, 27 October 2009
r58266* re-commit r58172 with the fix for the issue mentioned where users would not...skizzerz17:53, 28 October 2009

Comments

#Comment by Nikerabbit (talk | contribs)   07:20, 27 October 2009

This (or the previous) commit breaks user logins on twn with invalid password error.

#Comment by 😂 (talk | contribs)   16:11, 27 October 2009

Ew. Suggest keeping User.php at this state until it's fixed properly. It's less-than-pretty but at least it works.

Status & tagging log