}
/**
- * @todo document, briefly.
+ * implements Special:Login
* @addtogroup SpecialPage
*/
-
class LoginForm {
const SUCCESS = 0;
const WRONG_PASS = 5;
const EMPTY_PASS = 6;
const RESET_PASS = 7;
+ const ABORTED = 8;
var $mName, $mPassword, $mRetype, $mReturnTo, $mCookieCheck, $mPosted;
var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
/**
* Constructor
- * @param webrequest $request A webrequest object passed by reference
+ * @param WebRequest $request A WebRequest object passed by reference
*/
function LoginForm( &$request ) {
global $wgLang, $wgAllowRealName, $wgEnableEmail;
return false;
}
+ # Check anonymous user ($wgUser) limitations :
if (!$wgUser->isAllowedToCreateAccount()) {
$this->userNotPrivilegedMessage();
return false;
return;
}
+ # Now create a dummy user ($u) and check if it is valid
$name = trim( $this->mName );
$u = User::newFromName( $name, 'creatable' );
if ( is_null( $u ) ) {
return false;
}
- if ( !$wgUser->isValidPassword( $this->mPassword ) ) {
+ if ( !$u->isValidPassword( $this->mPassword ) ) {
$this->mainLoginForm( wfMsg( 'passwordtooshort', $wgMinimalPasswordLength ) );
return false;
}
$u->load();
}
+ // Give general extensions, such as a captcha, a chance to abort logins
+ $abort = self::ABORTED;
+ if( !wfRunHooks( 'AbortLogin', array( $u, $this->mPassword, &$abort ) ) ) {
+ return $abort;
+ }
+
if (!$u->checkPassword( $this->mPassword )) {
if( $u->checkTemporaryPassword( $this->mPassword ) ) {
// The e-mailed temporary password should not be used
// reset form; bot interfaces etc will probably just
// fail cleanly here.
//
- return self::RESET_PASS;
+ $retval = self::RESET_PASS;
} else {
- return '' == $this->mPassword ? self::EMPTY_PASS : self::WRONG_PASS;
+ $retval = '' == $this->mPassword ? self::EMPTY_PASS : self::WRONG_PASS;
}
} else {
$wgAuth->updateUser( $u );
$wgUser = $u;
- return self::SUCCESS;
+ $retval = self::SUCCESS;
}
+ wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, $retval ) );
+ return $retval;
}
function processLogin() {
$wgOut->setPageTitle( wfMsg( 'userlogin' ) );
$wgOut->setRobotpolicy( 'noindex,nofollow' );
$wgOut->setArticleRelated( false );
+ $wgOut->disallowUserJs(); // just in case...
$wgOut->addTemplate( $template );
}