r65699 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r65698‎ \| r65699 \| r65700 >
Date:	16:12, 30 April 2010
Author:	avar
Status:	ok
Tags:
Comment:	Use User::getPasswordValidity in addition to the custom new-installer hacks $pwd === $cname is guaranteed to fail because we disallow lc($pwd) eq lc($cname) later in getPasswordValidity() when creating the account. Drop that check and just outsource our check to getPasswordValidity's more accurate check.
Modified paths:	/branches/new-installer/phase3/includes/installer/WebInstaller.php (modified) (history)

Diff [purge]

Index: branches/new-installer/phase3/includes/installer/WebInstaller.php
—	—	@@ -1270,12 +1270,18 @@
1271	1271	// Validate password
1272	1272	$msg = false;
1273	1273	$pwd = $this->getVar( '_AdminPassword' );
	1274	+ $user = User::newFromName( $cname );
	1275	+ $valid = $user->getPasswordValidity( $pwd );
1274	1276	if ( strval( $pwd ) === '' ) {
	1277	+ # $user->getPasswordValidity just checks for $wgMinimalPasswordLength.
	1278	+ # This message is more specific and helpful.
1275	1279	$msg = 'config-admin-password-blank';
1276		~~- } elseif ( $pwd === $cname ) {~~
1277		~~- $msg = 'config-admin-password-same';~~
1278	1280	} elseif ( $pwd !== $this->getVar( '_AdminPassword2' ) ) {
1279	1281	$msg = 'config-admin-password-mismatch';
	1282	+ } elseif ( $valid !== true ) {
	1283	+ # As of writing this will only catch the username being e.g. 'FOO' and
	1284	+ # the password 'foo'
	1285	+ $msg = $valid;
1280	1286	}
1281	1287	if ( $msg !== false ) {
1282	1288	$this->parent->showError( $msg );

22:45, 18 October 2010 😂 (talk | contribs) changed the status of r65699 [removed: new added: ok]