r61704 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r61703‎ | r61704 | r61705 >
Date:01:28, 30 January 2010
Author:demon
Status:ok
Tags:
Comment:
Followup r61694, expand comment based on [[Extension:Lockout]] and also deny login from session
Modified paths:
  • /trunk/phase3/includes/DefaultSettings.php (modified) (history)
  • /trunk/phase3/includes/User.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/User.php
@@ -904,6 +904,13 @@
905905 return false;
906906 }
907907
 908+ global $wgBlockDisablesLogin;
 909+ if( $wgBlockDisablesLogin && $this->isBlocked() ) {
 910+ # User blocked and we've disabled blocked user logins
 911+ $this->loadDefaults();
 912+ return false;
 913+ }
 914+
908915 if ( isset( $_SESSION['wsToken'] ) ) {
909916 $passwordCorrect = $_SESSION['wsToken'] == $this->mToken;
910917 $from = 'session';
Index: trunk/phase3/includes/DefaultSettings.php
@@ -1343,8 +1343,16 @@
13441344 'IPv4' => 16, # Blocks larger than a /16 (64k addresses) will not be allowed
13451345 'IPv6' => 64, # 2^64 = ~1.8x10^19 addresses
13461346 );
1347 -$wgBlockDisablesLogin = false; # If true, blocked users will not be allowed to login
13481347
 1348+/**
 1349+ * If true, blocked users will not be allowed to login. When using this with
 1350+ * a public wiki, the effect of logging out blocked users may actually be
 1351+ * avers: unless the user's address is also blocked (e.g. auto-block),
 1352+ * logging the user out will again allow reading and editing, just as for
 1353+ * anonymous visitors.
 1354+ */
 1355+$wgBlockDisablesLogin = false; #
 1356+
13491357 # Pages anonymous user may see as an array, e.g.:
13501358 # array ( "Main Page", "Wikipedia:Help");
13511359 # Special:Userlogin and Special:Resetpass are always whitelisted.

Past revisions this follows-up on

RevisionCommit summaryAuthorDate
r61694Add new global $wgBlockDisablesLogin to prevent logging in by blocked users, ...demon23:29, 29 January 2010

Status & tagging log