X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fspecials%2FSpecialUserlogin.php;h=38d35490e8ed3a808cfd174004fe6d6297cc7ed2;hb=7d78861743a4c03519046d42f06d44cf437e7804;hp=085cfee4f0786735f182b69255481fd324abb9cc;hpb=c97d773e1427a8827e3e6889547cd054c51c86e7;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index 085cfee4f0..38d35490e8 100644
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -485,7 +485,7 @@ class LoginForm extends SpecialPage {
 	 * @return Status
 	 */
 	public function addNewAccountInternal() {
-		global $wgAuth, $wgMemc, $wgAccountCreationThrottle, $wgEmailConfirmToEdit;
+		global $wgAuth, $wgAccountCreationThrottle, $wgEmailConfirmToEdit;
 
 		// If the user passes an invalid domain, something is fishy
 		if ( !$wgAuth->validDomain( $this->mDomain ) ) {
@@ -565,8 +565,9 @@ class LoginForm extends SpecialPage {
 			return Status::newFatal( 'noname' );
 		}
 
+		$cache = ObjectCache::getLocalClusterInstance();
 		# Make sure the user does not exist already
-		$lock = $wgMemc->getScopedLock( wfGlobalCacheKey( 'account', md5( $this->mUsername ) ) );
+		$lock = $cache->getScopedLock( $cache->makeGlobalKey( 'account', md5( $this->mUsername ) ) );
 		if ( !$lock ) {
 			return Status::newFatal( 'usernameinprogress' );
 		} elseif ( $u->idForName( User::READ_LOCKING ) ) {
@@ -633,14 +634,14 @@ class LoginForm extends SpecialPage {
 		} else {
 			if ( ( $wgAccountCreationThrottle && $currentUser->isPingLimitable() ) ) {
 				$key = wfMemcKey( 'acctcreate', 'ip', $ip );
-				$value = $wgMemc->get( $key );
+				$value = $cache->get( $key );
 				if ( !$value ) {
-					$wgMemc->set( $key, 0, 86400 );
+					$cache->set( $key, 0, $cache::TTL_DAY );
 				}
 				if ( $value >= $wgAccountCreationThrottle ) {
 					return Status::newFatal( 'acct_creation_throttle_hit', $wgAccountCreationThrottle );
 				}
-				$wgMemc->incr( $key );
+				$cache->incr( $key );
 			}
 		}
 
@@ -783,8 +784,10 @@ class LoginForm extends SpecialPage {
 		// Give general extensions, such as a captcha, a chance to abort logins
 		$abort = self::ABORTED;
 		if ( !Hooks::run( 'AbortLogin', array( $u, $this->mPassword, &$abort, &$msg ) ) ) {
+			if ( !in_array( $abort, array_keys( self::$statusCodes ), true ) ) {
+				throw new Exception( 'Invalid status code returned from AbortLogin hook: ' . $abort );
+			}
 			$this->mAbortLoginErrorMsg = $msg;
-
 			return $abort;
 		}
 
@@ -826,7 +829,7 @@ class LoginForm extends SpecialPage {
 		} elseif ( $wgBlockDisablesLogin && $u->isBlocked() ) {
 			// If we've enabled it, make it so that a blocked user cannot login
 			$retval = self::USER_BLOCKED;
-		} elseif ( $u->getPasswordExpired() == 'hard' ) {
+		} elseif ( $this->checkUserPasswordExpired( $u ) == 'hard' ) {
 			// Force reset now, without logging in
 			$retval = self::RESET_PASS;
 			$this->mAbortLoginErrorMsg = 'resetpass-expired';
@@ -867,7 +870,7 @@ class LoginForm extends SpecialPage {
 	 * @return bool|int The integer hit count or True if it is already at the limit
 	 */
 	public static function incLoginThrottle( $username ) {
-		global $wgPasswordAttemptThrottle, $wgMemc, $wgRequest;
+		global $wgPasswordAttemptThrottle, $wgRequest;
 		$username = trim( $username ); // sanity
 
 		$throttleCount = 0;
@@ -876,11 +879,12 @@ class LoginForm extends SpecialPage {
 			$count = $wgPasswordAttemptThrottle['count'];
 			$period = $wgPasswordAttemptThrottle['seconds'];
 
-			$throttleCount = $wgMemc->get( $throttleKey );
+			$cache = ObjectCache::getLocalClusterInstance();
+			$throttleCount = $cache->get( $throttleKey );
 			if ( !$throttleCount ) {
-				$wgMemc->add( $throttleKey, 1, $period ); // start counter
+				$cache->add( $throttleKey, 1, $period ); // start counter
 			} elseif ( $throttleCount < $count ) {
-				$wgMemc->incr( $throttleKey );
+				$cache->incr( $throttleKey );
 			} elseif ( $throttleCount >= $count ) {
 				return true;
 			}
@@ -895,11 +899,11 @@ class LoginForm extends SpecialPage {
 	 * @return void
 	 */
 	public static function clearLoginThrottle( $username ) {
-		global $wgMemc, $wgRequest;
+		global $wgRequest;
 		$username = trim( $username ); // sanity
 
 		$throttleKey = wfMemcKey( 'password-throttle', $wgRequest->getIP(), md5( $username ) );
-		$wgMemc->delete( $throttleKey );
+		ObjectCache::getLocalClusterInstance()->delete( $throttleKey );
 	}
 
 	/**
@@ -958,9 +962,9 @@ class LoginForm extends SpecialPage {
 	}
 
 	function processLogin() {
-		global $wgMemc, $wgLang, $wgSecureLogin, $wgPasswordAttemptThrottle,
-			$wgInvalidPasswordReset;
+		global $wgLang, $wgSecureLogin, $wgPasswordAttemptThrottle, $wgInvalidPasswordReset;
 
+		$cache = ObjectCache::getLocalClusterInstance();
 		$authRes = $this->authenticateUserData();
 		switch ( $authRes ) {
 			case self::SUCCESS:
@@ -982,7 +986,7 @@ class LoginForm extends SpecialPage {
 				// Reset the throttle
 				$request = $this->getRequest();
 				$key = wfMemcKey( 'password-throttle', $request->getIP(), md5( $this->mUsername ) );
-				$wgMemc->delete( $key );
+				$cache->delete( $key );
 
 				if ( $this->hasSessionCookie() || $this->mSkipCookieCheck ) {
 					/* Replace the language object to provide user interface in
@@ -994,7 +998,7 @@ class LoginForm extends SpecialPage {
 					$this->getContext()->setLanguage( $userLang );
 					// Reset SessionID on Successful login (bug 40995)
 					$this->renewSessionId();
-					if ( $this->getUser()->getPasswordExpired() == 'soft' ) {
+					if ( $this->checkUserPasswordExpired( $this->getUser() ) == 'soft' ) {
 						$this->resetLoginForm( $this->msg( 'resetpass-expired-soft' ) );
 					} elseif ( $wgInvalidPasswordReset
 						&& !$user->isValidPassword( $this->mPassword )
@@ -1121,7 +1125,7 @@ class LoginForm extends SpecialPage {
 	function mailPasswordInternal( $u, $throttle = true, $emailTitle = 'passwordremindertitle',
 		$emailText = 'passwordremindertext'
 	) {
-		global $wgNewPasswordExpiry;
+		global $wgNewPasswordExpiry, $wgMinimalPasswordLength;
 
 		if ( $u->getEmail() == '' ) {
 			return Status::newFatal( 'noemail', $u->getName() );
@@ -1134,7 +1138,7 @@ class LoginForm extends SpecialPage {
 		$currentUser = $this->getUser();
 		Hooks::run( 'User::mailPasswordInternal', array( &$currentUser, &$ip, &$u ) );
 
-		$np = $u->randomPassword();
+		$np = PasswordFactory::generateRandomPasswordString( $wgMinimalPasswordLength );
 		$u->setNewpassword( $np, $throttle );
 		$u->saveSettings();
 		$userLanguage = $u->getOption( 'language' );
@@ -1385,11 +1389,6 @@ class LoginForm extends SpecialPage {
 		) );
 
 		if ( $this->mType == 'signup' ) {
-			// XXX hack pending RL or JS parse() support for complex content messages
-			// https://phabricator.wikimedia.org/T27349
-			$out->addJsConfigVars( 'wgCreateacctImgcaptchaHelp',
-				$this->msg( 'createacct-imgcaptcha-help' )->parse() );
-
 			// Additional styles and scripts for signup form
 			$out->addModules( array(
 				'mediawiki.special.userlogin.signup.js'
@@ -1717,4 +1716,25 @@ class LoginForm extends SpecialPage {
 	protected function getGroupName() {
 		return 'login';
 	}
+
+	/**
+	 * Private function to check password expiration, until AuthManager comes
+	 * along to handle that.
+	 * @param User $user
+	 * @return string|bool
+	 */
+	private function checkUserPasswordExpired( User $user ) {
+		global $wgPasswordExpireGrace;
+		$dbr = wfGetDB( DB_SLAVE );
+		$ts = $dbr->selectField( 'user', 'user_password_expires', array( 'user_id' => $user->getId() ) );
+
+		$expired = false;
+		$now = wfTimestamp();
+		$expUnix = wfTimestamp( TS_UNIX, $ts );
+		if ( $ts !== null && $expUnix < $now ) {
+			$expired = ( $expUnix + $wgPasswordExpireGrace < $now ) ? 'hard' : 'soft';
+		}
+		return $expired;
+	}
+
 }