Revert r103467, r106446 (bug 24464: calling LoginAuthenticateAudit hook more often)

Pretty narrow use case isn't very well defined, and this has *felt wrong* to me since
it was committed in November. Easier to pull for now rather than blocking release.

diff --git a/RELEASE-NOTES-1.19 b/RELEASE-NOTES-1.19
index cbee2e2..8b90f0f 100644 (file)
--- a/RELEASE-NOTES-1.19
+++ b/RELEASE-NOTES-1.19
@@ -11,9 +11,6 @@ MediaWiki 1.19 is an alpha-quality branch and is not recommended for use in
 production.
 
 === Configuration changes in 1.19 ===
-* Changed LoginAuthenticateAudit hook so that it may be called before a
-  valid user is available.  In those cases, an anonymouse user object
-  will be supplied.
 * Removed SkinTemplateSetupPageCss hook; use BeforePageDisplay instead.
 * (bug 27132) movefile right granted by default to registered users.
 * Default cookie lifetime ($wgCookieExpiration) is increased to 180 days.

diff --git a/docs/hooks.txt b/docs/hooks.txt
index b4b5bb1..844e019 100644 (file)
--- a/docs/hooks.txt
+++ b/docs/hooks.txt
@@ -1238,10 +1238,8 @@ $data: Associative array of data for handlers to record. It must include values
  - 'comment'   Wikitext string in the same format as an edit summary
  - 'timestamp' Timestamp when the action occured
 
-'LoginAuthenticateAudit': a login attempt either succeeded or
-failed. This may be called before the User object is populated, so a
-user object equivalent to an anonymous user. No return data is
-accepted; this hook is for auditing only.
+LoginAuthenticateAudit': a login attempt for a valid user account either
+succeeded or failed. No return data is accepted; this hook is for auditing only.
 $user: the User object being authenticated against
 $password: the password being submitted and found wanting
 $retval: a LoginForm class constant with authenticateUserData() return

diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index e801683..c5843c4 100644 (file)
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -477,7 +477,6 @@ class LoginForm extends SpecialPage {
                $this->load();
 
                if ( $this->mUsername == '' ) {
-                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, $this->mPassword, self::NO_NAME ) );
                        return self::NO_NAME;
                }
 
@@ -489,24 +488,20 @@ class LoginForm extends SpecialPage {
                // If the user doesn't have a login token yet, set one.
                if ( !self::getLoginToken() ) {
                        self::setLoginToken();
-                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, $this->mPassword, self::NEED_TOKEN ) );
                        return self::NEED_TOKEN;
                }
                // If the user didn't pass a login token, tell them we need one
                if ( !$this->mToken ) {
-                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, $this->mPassword, self::NEED_TOKEN ) );
                        return self::NEED_TOKEN;
                }
 
                $throttleCount = self::incLoginThrottle( $this->mUsername );
                if ( $throttleCount === true ) {
-                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, $this->mPassword, self::THROTTLED ) );
                        return self::THROTTLED;
                }
 
                // Validate the login token
                if ( $this->mToken !== self::getLoginToken() ) {
-                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, $this->mPassword, self::WRONG_TOKEN ) );
                        return self::WRONG_TOKEN;
                }
 
@@ -526,12 +521,7 @@ class LoginForm extends SpecialPage {
                # TODO: Allow some magic here for invalid external names, e.g., let the
                # user choose a different wiki name.
                $u = User::newFromName( $this->mUsername );
-               if( !( $u instanceof User ) ) {
-                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, $this->mPassword, self::ILLEGAL ) );
-                       return self::ILLEGAL;
-               }
-               if( !User::isUsableName( $u->getName() ) ) {
-                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::ILLEGAL ) );
+               if( !( $u instanceof User ) || !User::isUsableName( $u->getName() ) ) {
                        return self::ILLEGAL;
                }
 
@@ -539,7 +529,6 @@ class LoginForm extends SpecialPage {
                if ( 0 == $u->getID() ) {
                        $status = $this->attemptAutoCreate( $u );
                        if ( $status !== self::SUCCESS ) {
-                               wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, $status ) );
                                return $status;
                        } else {
                                $isAutoCreated = true;
@@ -560,7 +549,6 @@ class LoginForm extends SpecialPage {
                // Give general extensions, such as a captcha, a chance to abort logins
                $abort = self::ABORTED;
                if( !wfRunHooks( 'AbortLogin', array( $u, $this->mPassword, &$abort, &$this->mAbortLoginErrorMsg ) ) ) {
-                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, $abort ) );
                        return $abort;
                }