'deletedhistory',
'deletedtext',
'deleterevision',
+ 'disableaccount',
'edit',
'editinterface',
'editusercssjs',
* User::getCanonicalName(), except that true is accepted as an alias
* for 'valid', for BC.
*
- * @return \type{User} The User object, or false if the username is invalid
+ * @return User The User object, or false if the username is invalid
* (e.g. if it contains illegal characters or is an IP address). If the
* username is not present in the database, the result will be a user object
* with a name, zero user ID and default settings.
* either by batch processes or by user accounts which have
* already been created.
*
- * Additional blacklisting may be added here rather than in
+ * Additional blacklisting may be added here rather than in
* isValidUserName() to avoid disrupting existing accounts.
*
* @param $name \string String to match
* @return mixed: true on success, string of error message on failure
*/
function getPasswordValidity( $password ) {
- global $wgMinimalPasswordLength, $wgWeakPasswords, $wgContLang;
+ global $wgMinimalPasswordLength, $wgContLang;
+
+ static $blockedLogins = array(
+ 'Useruser' => 'Passpass', 'Useruser1' => 'Passpass1', # r75589
+ 'Apitestsysop' => 'testpass', 'Apitestuser' => 'testpass' # r75605
+ );
$result = false; //init $result to false for the internal checks
if( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) )
return $result;
- $lcPassword = $wgContLang->lc( $password );
-
if ( $result === false ) {
if( strlen( $password ) < $wgMinimalPasswordLength ) {
return 'passwordtooshort';
- } elseif ( $lcPassword == $wgContLang->lc( $this->mName ) ) {
+ } elseif ( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
return 'password-name-match';
- } elseif ( in_array( $lcPassword, $wgWeakPasswords ) ) {
- return 'password-too-weak';
+ } elseif ( isset( $blockedLogins[ $this->getName() ] ) && $password == $blockedLogins[ $this->getName() ] ) {
+ return 'password-login-forbidden';
} else {
//it seems weird returning true here, but this is because of the
//initialization of $result to false above. If the hook is never run or it
[$rfc1034_ldh_str]+ # First domain part
(\\.[$rfc1034_ldh_str]+)+ # Following part prefixed with a dot
$ # End of string
- /ix" ; // case Insensitive, eXtended
+ /ix" ; // case Insensitive, eXtended
return (bool) preg_match( $HTML5_email_regexp, $addr );
}
global $wgProxyWhitelist, $wgUser;
if ( -1 != $this->mBlockedby ) {
- wfDebug( "User::getBlockedStatus: already loaded.\n" );
return;
}
* @return \bool True if blocked, false otherwise
*/
function isBlocked( $bFromSlave = true ) { // hacked from false due to horrible probs on site
- wfDebug( "User::isBlocked: enter\n" );
$this->getBlockedStatus( $bFromSlave );
return $this->mBlockedby !== 0;
}
function isBlockedFrom( $title, $bFromSlave = false ) {
global $wgBlockAllowsUTEdit;
wfProfileIn( __METHOD__ );
- wfDebug( __METHOD__ . ": enter\n" );
- wfDebug( __METHOD__ . ": asking isBlocked()\n" );
$blocked = $this->isBlocked( $bFromSlave );
$allowUsertalk = ( $wgBlockAllowsUTEdit ? $this->mAllowUsertalk : false );
# If a user's name is suppressed, they cannot make edits anywhere
}
if( !$this->isValidPassword( $str ) ) {
- global $wgMinimalPasswordLength;
+ global $wgMinimalPasswordLength;
$valid = $this->getPasswordValidity( $str );
throw new PasswordError( wfMsgExt( $valid, array( 'parsemag' ),
$wgMinimalPasswordLength ) );
- }
+ }
}
if( !$wgAuth->setPassword( $this, $str ) ) {
global $wgMaxArticleSize; # Maximum article size, in Kb
$threshold = intval( $this->getOption( 'stubthreshold' ) );
if ( $threshold > $wgMaxArticleSize * 1024 ) {
- # If they have set an impossible value, disable the preference
+ # If they have set an impossible value, disable the preference
# so we can use the parser cache again.
$threshold = 0;
}
return $this->mSkin;
}
}
-
+
// Creates a Skin object, for getSkin()
private function createSkinObject() {
wfProfileIn( __METHOD__ );
$skin = Skin::newFromKey( $userSkin );
wfProfileOut( __METHOD__ );
-
+
return $skin;
}
// If an option is not set in $str, use the default value
$this->mOptions = self::getDefaultOptions();
-
+
$a = explode( "\n", $str );
foreach ( $a as $s ) {
$m = array();
'user_newpassword' => $this->mNewpassword,
'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
'user_real_name' => $this->mRealName,
- 'user_email' => $this->mEmail,
- 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
+ 'user_email' => $this->mEmail,
+ 'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
'user_options' => '',
'user_touched' => $dbw->timestamp( $this->mTouched ),
'user_token' => $this->mToken,
}
$dbw = wfGetDB( DB_MASTER );
$seqVal = $dbw->nextSequenceValue( 'user_user_id_seq' );
+
$fields = array(
'user_id' => $seqVal,
'user_name' => $name,
'user_password' => $user->mPassword,
'user_newpassword' => $user->mNewpassword,
- 'user_newpass_time' => $dbw->timestamp( $user->mNewpassTime ),
+ 'user_newpass_time' => $dbw->timestampOrNull( $user->mNewpassTime ),
'user_email' => $user->mEmail,
'user_email_authenticated' => $dbw->timestampOrNull( $user->mEmailAuthenticated ),
'user_real_name' => $user->mRealName,
'user_name' => $this->mName,
'user_password' => $this->mPassword,
'user_newpassword' => $this->mNewpassword,
- 'user_newpass_time' => $dbw->timestamp( $this->mNewpassTime ),
+ 'user_newpass_time' => $dbw->timestampOrNull( $this->mNewpassTime ),
'user_email' => $this->mEmail,
'user_email_authenticated' => $dbw->timestampOrNull( $this->mEmailAuthenticated ),
'user_real_name' => $this->mRealName,
wfDeprecated( __METHOD__ );
// stubthreshold is only included below for completeness,
- // since it disables the parser cache, its value will always
+ // since it disables the parser cache, its value will always
// be 0 when this function is called by parsercache.
$confstr = $this->getOption( 'math' );
global $wgAuth;
$this->load();
+ // Even though we stop people from creating passwords that
+ // are shorter than this, doesn't mean people wont be able
+ // to. Certain authentication plugins do NOT want to save
+ // domain passwords in a mysql database, so we should
+ // check this (in case $wgAuth->strict() is false).
+ if( !$this->isValidPassword( $password ) ) {
+ return false;
+ }
+
if( $wgAuth->authenticate( $this->getName(), $password ) ) {
return true;
} elseif( $wgAuth->strict() ) {
function checkTemporaryPassword( $plaintext ) {
global $wgNewPasswordExpiry;
if( self::comparePasswords( $this->mNewpassword, $plaintext, $this->getId() ) ) {
- $this->load();
+ if ( is_null( $this->mNewpassTime ) ) {
+ return true;
+ }
$expiry = wfTimestamp( TS_UNIX, $this->mNewpassTime ) + $wgNewPasswordExpiry;
return ( time() < $expiry );
} else {
* mail to the user's given address.
*
* @param $changed Boolean: whether the adress changed
- * @return \types{\bool,\type{WikiError}} True on success, a WikiError object on failure.
+ * @return Status object
*/
function sendConfirmationMail( $changed = false ) {
global $wgLang;
* @param $body \string Message body
* @param $from \string Optional From address; if unspecified, default $wgPasswordSender will be used
* @param $replyto \string Reply-To address
- * @return \types{\bool,\type{WikiError}} True on success, a WikiError object on failure
+ * @return Status object
*/
function sendMail( $subject, $body, $from = null, $replyto = null ) {
if( is_null( $from ) ) {
* Return the set of defined explicit groups.
* The implicit groups (by default *, 'user' and 'autoconfirmed')
* are not included, as they are defined automatically, not in the database.
- * @return \type{\arrayof{\string}} Array of internal group names
+ * @return Array of internal group names
*/
static function getAllGroups() {
global $wgGroupPermissions, $wgRevokePermissions;
/**
* Get a list of all available permissions.
- * @return \type{\arrayof{\string}} Array of permission names
+ * @return Array of permission names
*/
static function getAllRights() {
if ( self::$mAllRights === false ) {