SECURITY: Fix reauth in Special:ChangeEmail

author Brian Wolff <bawolff+wn@gmail.com>

Fri, 15 Jun 2018 08:19:49 +0000 (08:19 +0000)

committer Reedy <reedy@wikimedia.org>

Thu, 6 Jun 2019 16:14:57 +0000 (16:14 +0000)
author Brian Wolff <bawolff+wn@gmail.com>
Fri, 15 Jun 2018 08:19:49 +0000 (08:19 +0000)
committer Reedy <reedy@wikimedia.org>
Thu, 6 Jun 2019 16:14:57 +0000 (16:14 +0000)
diff --git a/includes/specials/SpecialChangeEmail.php b/includes/specials/SpecialChangeEmail.php

index 8d5cf85..9ce8760 100644 (file)
--- a/includes/specials/SpecialChangeEmail.php
+++ b/includes/specials/SpecialChangeEmail.php
@@ -55,14 +55,16 @@ class SpecialChangeEmail extends FormSpecialPage {
          * @param string $par
          */
         function execute( $par ) {
-               $this->checkLoginSecurityLevel();
-
                 $out = $this->getOutput();
                 $out->disallowUserJs();
  
                 parent::execute( $par );
         }
  
+       protected function getLoginSecurityLevel() {
+               return $this->getName();
+       }
+
         protected function checkExecutePermissions( User $user ) {
                 if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) {
                         throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
author	Brian Wolff <bawolff+wn@gmail.com>
	Fri, 15 Jun 2018 08:19:49 +0000 (08:19 +0000)
committer	Reedy <reedy@wikimedia.org>
	Thu, 6 Jun 2019 16:14:57 +0000 (16:14 +0000)