From: Brian Wolff <bawolff+wn@gmail.com>
Date: Fri, 15 Jun 2018 08:19:49 +0000 (+0000)
Subject: SECURITY: Fix reauth in Special:ChangeEmail
X-Git-Tag: 1.34.0-rc.0~1502^2~5
X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=commitdiff_plain;h=cbe3c7c8e37d322eca797be23a9687b4b1273f97

SECURITY: Fix reauth in Special:ChangeEmail

Previously you could bypass reauthentication by directly
POSTing to Special:ChangeEmail.

Bug: T197279
Change-Id: I674557351e0e91a8105c12ddf6cd30283aac9f7a
---

diff --git a/includes/specials/SpecialChangeEmail.php b/includes/specials/SpecialChangeEmail.php
index 8d5cf85dce..9ce87605fa 100644
--- a/includes/specials/SpecialChangeEmail.php
+++ b/includes/specials/SpecialChangeEmail.php
@@ -55,14 +55,16 @@ class SpecialChangeEmail extends FormSpecialPage {
 	 * @param string $par
 	 */
 	function execute( $par ) {
-		$this->checkLoginSecurityLevel();
-
 		$out = $this->getOutput();
 		$out->disallowUserJs();
 
 		parent::execute( $par );
 	}
 
+	protected function getLoginSecurityLevel() {
+		return $this->getName();
+	}
+
 	protected function checkExecutePermissions( User $user ) {
 		if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) {
 			throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );