diff options
Diffstat (limited to 'includes/specials/SpecialUserlogin.php')
-rw-r--r-- | includes/specials/SpecialUserlogin.php | 330 |
1 files changed, 194 insertions, 136 deletions
diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index 58da77da..eef66914 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -95,9 +95,9 @@ class LoginForm extends SpecialPage { $this->mReason = $request->getText( 'wpReason' ); $this->mCookieCheck = $request->getVal( 'wpCookieCheck' ); $this->mPosted = $request->wasPosted(); - $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' ); $this->mCreateaccountMail = $request->getCheck( 'wpCreateaccountMail' ) && $wgEnableEmail; + $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' ) && !$this->mCreateaccountMail; $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' ); $this->mAction = $request->getVal( 'action' ); $this->mRemember = $request->getCheck( 'wpRemember' ); @@ -149,6 +149,23 @@ class LoginForm extends SpecialPage { $this->load(); $this->setHeaders(); + global $wgSecureLogin; + if ( + $this->mType !== 'signup' && + $wgSecureLogin && + WebRequest::detectProtocol() !== 'https' + ) { + $title = $this->getFullTitle(); + $query = array( + 'returnto' => $this->mReturnTo, + 'returntoquery' => $this->mReturnToQuery, + 'wpStickHTTPS' => $this->mStickHTTPS + ); + $url = $title->getFullURL( $query, false, PROTO_HTTPS ); + $this->getOutput()->redirect( $url ); + return; + } + if ( $par == 'signup' ) { # Check for [[Special:Userlogin/signup]] $this->mType = 'signup'; } @@ -180,19 +197,22 @@ class LoginForm extends SpecialPage { return; } - $u = $this->addNewaccountInternal(); - - if ( $u == null ) { + $status = $this->addNewaccountInternal(); + if( !$status->isGood() ) { + $error = $this->getOutput()->parse( $status->getWikiText() ); + $this->mainLoginForm( $error ); return; } + $u = $status->getValue(); + // Wipe the initial password and mail a temporary one $u->setPassword( null ); $u->saveSettings(); $result = $this->mailPasswordInternal( $u, false, 'createaccount-title', 'createaccount-text' ); wfRunHooks( 'AddNewAccount', array( $u, true ) ); - $u->addNewUserLogEntry( true, $this->mReason ); + $u->addNewUserLogEntry( 'byemail', $this->mReason ); $out = $this->getOutput(); $out->setPageTitle( $this->msg( 'accmailtitle' ) ); @@ -210,18 +230,34 @@ class LoginForm extends SpecialPage { * @return bool */ function addNewAccount() { - global $wgUser, $wgEmailAuthentication, $wgLoginLanguageSelector; + global $wgContLang, $wgUser, $wgEmailAuthentication, $wgLoginLanguageSelector; # Create the account and abort if there's a problem doing so - $u = $this->addNewAccountInternal(); - if( $u == null ) { + $status = $this->addNewAccountInternal(); + if( !$status->isGood() ) { + $error = $this->getOutput()->parse( $status->getWikiText() ); + $this->mainLoginForm( $error ); return false; } - # If we showed up language selection links, and one was in use, be - # smart (and sensible) and save that language as the user's preference - if( $wgLoginLanguageSelector && $this->mLanguage ) { - $u->setOption( 'language', $this->mLanguage ); + $u = $status->getValue(); + + # Only save preferences if the user is not creating an account for someone else. + if ( $this->getUser()->isAnon() ) { + # If we showed up language selection links, and one was in use, be + # smart (and sensible) and save that language as the user's preference + if( $wgLoginLanguageSelector && $this->mLanguage ) { + $u->setOption( 'language', $this->mLanguage ); + } else { + + # Otherwise the user's language preference defaults to $wgContLang, + # but it may be better to set it to their preferred $wgContLang variant, + # based on browser preferences or URL parameters. + $u->setOption( 'language', $wgContLang->getPreferredVariant() ); + } + if ( $wgContLang->hasVariants() ) { + $u->setOption( 'variant', $wgContLang->getPreferredVariant() ); + } } $out = $this->getOutput(); @@ -250,7 +286,7 @@ class LoginForm extends SpecialPage { // wrong. $this->getContext()->setUser( $u ); wfRunHooks( 'AddNewAccount', array( $u, false ) ); - $u->addNewUserLogEntry(); + $u->addNewUserLogEntry( 'create' ); if( $this->hasSessionCookie() ) { $this->successfulCreation(); } else { @@ -262,23 +298,24 @@ class LoginForm extends SpecialPage { $out->addWikiMsg( 'accountcreatedtext', $u->getName() ); $out->addReturnTo( $this->getTitle() ); wfRunHooks( 'AddNewAccount', array( $u, false ) ); - $u->addNewUserLogEntry( false, $this->mReason ); + $u->addNewUserLogEntry( 'create2', $this->mReason ); } return true; } /** + * Make a new user account using the loaded data. * @private - * @return bool|User + * @throws PermissionsError|ReadOnlyError + * @return Status */ - function addNewAccountInternal() { + public function addNewAccountInternal() { global $wgAuth, $wgMemc, $wgAccountCreationThrottle, $wgMinimalPasswordLength, $wgEmailConfirmToEdit; // If the user passes an invalid domain, something is fishy if( !$wgAuth->validDomain( $this->mDomain ) ) { - $this->mainLoginForm( $this->msg( 'wrongpassword' )->text() ); - return false; + return Status::newFatal( 'wrongpassword' ); } // If we are not allowing users to login locally, we should be checking @@ -287,10 +324,14 @@ class LoginForm extends SpecialPage { // create a local account and login as any domain user). We only need // to check this for domains that aren't local. if( 'local' != $this->mDomain && $this->mDomain != '' ) { - if( !$wgAuth->canCreateAccounts() && ( !$wgAuth->userExists( $this->mUsername ) - || !$wgAuth->authenticate( $this->mUsername, $this->mPassword ) ) ) { - $this->mainLoginForm( $this->msg( 'wrongpassword' )->text() ); - return false; + if( + !$wgAuth->canCreateAccounts() && + ( + !$wgAuth->userExists( $this->mUsername ) || + !$wgAuth->authenticate( $this->mUsername, $this->mPassword ) + ) + ) { + return Status::newFatal( 'wrongpassword' ); } } @@ -301,28 +342,28 @@ class LoginForm extends SpecialPage { # Request forgery checks. if ( !self::getCreateaccountToken() ) { self::setCreateaccountToken(); - $this->mainLoginForm( $this->msg( 'nocookiesfornew' )->parse() ); - return false; + return Status::newFatal( 'nocookiesfornew' ); } # The user didn't pass a createaccount token if ( !$this->mToken ) { - $this->mainLoginForm( $this->msg( 'sessionfailure' )->text() ); - return false; + return Status::newFatal( 'sessionfailure' ); } # Validate the createaccount token if ( $this->mToken !== self::getCreateaccountToken() ) { - $this->mainLoginForm( $this->msg( 'sessionfailure' )->text() ); - return false; + return Status::newFatal( 'sessionfailure' ); } # Check permissions $currentUser = $this->getUser(); + $creationBlock = $currentUser->isBlockedFromCreateAccount(); if ( !$currentUser->isAllowed( 'createaccount' ) ) { throw new PermissionsError( 'createaccount' ); - } elseif ( $currentUser->isBlockedFromCreateAccount() ) { - $this->userBlockedMessage( $currentUser->isBlockedFromCreateAccount() ); + } elseif ( $creationBlock instanceof Block ) { + // Throws an ErrorPageError. + $this->userBlockedMessage( $creationBlock ); + // This should never be reached. return false; } @@ -334,58 +375,45 @@ class LoginForm extends SpecialPage { $ip = $this->getRequest()->getIP(); if ( $currentUser->isDnsBlacklisted( $ip, true /* check $wgProxyWhitelist */ ) ) { - $this->mainLoginForm( $this->msg( 'sorbs_create_account_reason' )->text() . ' ' . $this->msg( 'parentheses', $ip )->escaped() ); - return false; + return Status::newFatal( 'sorbs_create_account_reason' ); } # Now create a dummy user ($u) and check if it is valid $name = trim( $this->mUsername ); $u = User::newFromName( $name, 'creatable' ); if ( !is_object( $u ) ) { - $this->mainLoginForm( $this->msg( 'noname' )->text() ); - return false; - } - - if ( 0 != $u->idForName() ) { - $this->mainLoginForm( $this->msg( 'userexists' )->text() ); - return false; + return Status::newFatal( 'noname' ); + } elseif ( 0 != $u->idForName() ) { + return Status::newFatal( 'userexists' ); } - if ( 0 != strcmp( $this->mPassword, $this->mRetype ) ) { - $this->mainLoginForm( $this->msg( 'badretype' )->text() ); - return false; - } + if ( $this->mCreateaccountMail ) { + # do not force a password for account creation by email + # set invalid password, it will be replaced later by a random generated password + $this->mPassword = null; + } else { + if ( $this->mPassword !== $this->mRetype ) { + return Status::newFatal( 'badretype' ); + } - # check for minimal password length - $valid = $u->getPasswordValidity( $this->mPassword ); - if ( $valid !== true ) { - if ( !$this->mCreateaccountMail ) { - if ( is_array( $valid ) ) { - $message = array_shift( $valid ); - $params = $valid; - } else { - $message = $valid; - $params = array( $wgMinimalPasswordLength ); + # check for minimal password length + $valid = $u->getPasswordValidity( $this->mPassword ); + if ( $valid !== true ) { + if ( !is_array( $valid ) ) { + $valid = array( $valid, $wgMinimalPasswordLength ); } - $this->mainLoginForm( $this->msg( $message, $params )->text() ); - return false; - } else { - # do not force a password for account creation by email - # set invalid password, it will be replaced later by a random generated password - $this->mPassword = null; + return call_user_func_array( 'Status::newFatal', $valid ); } } # if you need a confirmed email address to edit, then obviously you # need an email address. - if ( $wgEmailConfirmToEdit && empty( $this->mEmail ) ) { - $this->mainLoginForm( $this->msg( 'noemailtitle' )->text() ); - return false; + if ( $wgEmailConfirmToEdit && strval( $this->mEmail ) === '' ) { + return Status::newFatal( 'noemailtitle' ); } - if( !empty( $this->mEmail ) && !Sanitizer::validateEmail( $this->mEmail ) ) { - $this->mainLoginForm( $this->msg( 'invalidemailaddress' )->text() ); - return false; + if ( strval( $this->mEmail ) !== '' && !Sanitizer::validateEmail( $this->mEmail ) ) { + return Status::newFatal( 'invalidemailaddress' ); } # Set some additional data so the AbortNewAccount hook can be used for @@ -397,8 +425,7 @@ class LoginForm extends SpecialPage { if( !wfRunHooks( 'AbortNewAccount', array( $u, &$abortError ) ) ) { // Hook point to add extra creation throttles and blocks wfDebug( "LoginForm::addNewAccountInternal: a hook blocked creation\n" ); - $this->mainLoginForm( $abortError ); - return false; + return Status::newFatal( new RawMessage( $abortError ) ); } // Hook point to check for exempt from account creation throttle @@ -412,16 +439,14 @@ class LoginForm extends SpecialPage { $wgMemc->set( $key, 0, 86400 ); } if ( $value >= $wgAccountCreationThrottle ) { - $this->throttleHit( $wgAccountCreationThrottle ); - return false; + return Status::newFatal( 'acct_creation_throttle_hit', $wgAccountCreationThrottle ); } $wgMemc->incr( $key ); } } if( !$wgAuth->addUser( $u, $this->mPassword, $this->mEmail, $this->mRealName ) ) { - $this->mainLoginForm( $this->msg( 'externaldberror' )->text() ); - return false; + return Status::newFatal( 'externaldberror' ); } self::clearCreateaccountToken(); @@ -434,13 +459,16 @@ class LoginForm extends SpecialPage { * * @param $u User object. * @param $autocreate boolean -- true if this is an autocreation via auth plugin - * @return User object. + * @return Status object, with the User object in the value member on success * @private */ function initUser( $u, $autocreate ) { global $wgAuth; - $u->addToDatabase(); + $status = $u->addToDatabase(); + if ( !$status->isOK() ) { + return $status; + } if ( $wgAuth->allowPasswordChange() ) { $u->setPassword( $this->mPassword ); @@ -464,10 +492,9 @@ class LoginForm extends SpecialPage { $u->saveSettings(); # Update user count - $ssUpdate = new SiteStatsUpdate( 0, 0, 0, 0, 1 ); - $ssUpdate->doUpdate(); + DeferredUpdates::addUpdate( new SiteStatsUpdate( 0, 0, 0, 0, 1 ) ); - return $u; + return Status::newGood( $u ); } /** @@ -533,7 +560,7 @@ class LoginForm extends SpecialPage { } $isAutoCreated = false; - if ( 0 == $u->getID() ) { + if ( $u->getID() == 0 ) { $status = $this->attemptAutoCreate( $u ); if ( $status !== self::SUCCESS ) { return $status; @@ -543,8 +570,9 @@ class LoginForm extends SpecialPage { } else { global $wgExternalAuthType, $wgAutocreatePolicy; if ( $wgExternalAuthType && $wgAutocreatePolicy != 'never' - && is_object( $this->mExtUser ) - && $this->mExtUser->authenticate( $this->mPassword ) ) { + && is_object( $this->mExtUser ) + && $this->mExtUser->authenticate( $this->mPassword ) + ) { # The external user and local user have the same name and # password, so we assume they're the same. $this->mExtUser->linkToLocal( $u->getID() ); @@ -588,7 +616,7 @@ class LoginForm extends SpecialPage { // faces etc will probably just fail cleanly here. $retval = self::RESET_PASS; } else { - $retval = ( $this->mPassword == '' ) ? self::EMPTY_PASS : self::WRONG_PASS; + $retval = ( $this->mPassword == '' ) ? self::EMPTY_PASS : self::WRONG_PASS; } } elseif ( $wgBlockDisablesLogin && $u->isBlocked() ) { // If we've enabled it, make it so that a blocked user cannot login @@ -620,7 +648,7 @@ class LoginForm extends SpecialPage { /** * Increment the login attempt throttle hit count for the (username,current IP) * tuple unless the throttle was already reached. - * @param $username string The user name + * @param string $username The user name * @return Bool|Integer The integer hit count or True if it is already at the limit */ public static function incLoginThrottle( $username ) { @@ -648,7 +676,7 @@ class LoginForm extends SpecialPage { /** * Clear the login attempt throttle hit count for the (username,current IP) tuple. - * @param $username string The user name + * @param string $username The user name * @return void */ public static function clearLoginThrottle( $username ) { @@ -713,24 +741,36 @@ class LoginForm extends SpecialPage { } wfDebug( __METHOD__ . ": creating account\n" ); - $this->initUser( $user, true ); + $status = $this->initUser( $user, true ); + + if ( !$status->isOK() ) { + $errors = $status->getErrorsByType( 'error' ); + $this->mAbortLoginErrorMsg = $errors[0]['message']; + return self::ABORTED; + } + return self::SUCCESS; } function processLogin() { - global $wgMemc, $wgLang; + global $wgMemc, $wgLang, $wgSecureLogin; switch ( $this->authenticateUserData() ) { case self::SUCCESS: # We've verified now, update the real record $user = $this->getUser(); - if( (bool)$this->mRemember != (bool)$user->getOption( 'rememberpassword' ) ) { + if( (bool)$this->mRemember != $user->getBoolOption( 'rememberpassword' ) ) { $user->setOption( 'rememberpassword', $this->mRemember ? 1 : 0 ); $user->saveSettings(); } else { $user->invalidateCache(); } - $user->setCookies(); + + if( $wgSecureLogin && !$this->mStickHTTPS ) { + $user->setCookies( null, false ); + } else { + $user->setCookies(); + } self::clearLoginToken(); // Reset the throttle @@ -803,8 +843,11 @@ class LoginForm extends SpecialPage { } } + /** + * @param $error string + */ function resetLoginForm( $error ) { - $this->getOutput()->addHTML( Xml::element('p', array( 'class' => 'error' ), $error ) ); + $this->getOutput()->addHTML( Xml::element( 'p', array( 'class' => 'error' ), $error ) ); $reset = new SpecialChangePassword(); $reset->setContext( $this->getContext() ); $reset->execute( null ); @@ -813,12 +856,12 @@ class LoginForm extends SpecialPage { /** * @param $u User object * @param $throttle Boolean - * @param $emailTitle String: message name of email title - * @param $emailText String: message name of email text + * @param string $emailTitle message name of email title + * @param string $emailText message name of email text * @return Status object */ function mailPasswordInternal( $u, $throttle = true, $emailTitle = 'passwordremindertitle', $emailText = 'passwordremindertext' ) { - global $wgServer, $wgScript, $wgNewPasswordExpiry; + global $wgCanonicalServer, $wgScript, $wgNewPasswordExpiry; if ( $u->getEmail() == '' ) { return Status::newFatal( 'noemail', $u->getName() ); @@ -835,14 +878,13 @@ class LoginForm extends SpecialPage { $u->setNewpassword( $np, $throttle ); $u->saveSettings(); $userLanguage = $u->getOption( 'language' ); - $m = $this->msg( $emailText, $ip, $u->getName(), $np, $wgServer . $wgScript, + $m = $this->msg( $emailText, $ip, $u->getName(), $np, '<' . $wgCanonicalServer . $wgScript . '>', round( $wgNewPasswordExpiry / 86400 ) )->inLanguage( $userLanguage )->text(); $result = $u->sendMail( $this->msg( $emailTitle )->inLanguage( $userLanguage )->text(), $m ); return $result; } - /** * Run any hooks registered for logins, then HTTP redirect to * $this->mReturnTo (or Main Page if that's undefined). Formerly we had a @@ -860,7 +902,8 @@ class LoginForm extends SpecialPage { wfRunHooks( 'UserLoginComplete', array( &$currentUser, &$injected_html ) ); if( $injected_html !== '' ) { - $this->displaySuccessfulLogin( 'loginsuccess', $injected_html ); + $this->displaySuccessfulAction( $this->msg( 'loginsuccesstitle' ), + 'loginsuccess', $injected_html ); } else { $this->executeReturnTo( 'successredirect' ); } @@ -876,7 +919,7 @@ class LoginForm extends SpecialPage { # Run any hooks; display injected HTML $currentUser = $this->getUser(); $injected_html = ''; - $welcome_creation_msg = 'welcomecreation'; + $welcome_creation_msg = 'welcomecreation-msg'; wfRunHooks( 'UserLoginComplete', array( &$currentUser, &$injected_html ) ); @@ -887,18 +930,21 @@ class LoginForm extends SpecialPage { */ wfRunHooks( 'BeforeWelcomeCreation', array( &$welcome_creation_msg, &$injected_html ) ); - $this->displaySuccessfulLogin( $welcome_creation_msg, $injected_html ); + $this->displaySuccessfulAction( $this->msg( 'welcomeuser', $this->getUser()->getName() ), + $welcome_creation_msg, $injected_html ); } /** - * Display a "login successful" page. + * Display an "successful action" page. + * + * @param string|Message $title page's title * @param $msgname string * @param $injected_html string */ - private function displaySuccessfulLogin( $msgname, $injected_html ) { + private function displaySuccessfulAction( $title, $msgname, $injected_html ) { $out = $this->getOutput(); - $out->setPageTitle( $this->msg( 'loginsuccesstitle' ) ); - if( $msgname ){ + $out->setPageTitle( $title ); + if ( $msgname ) { $out->addWikiMsg( $msgname, wfEscapeWikiText( $this->getUser()->getName() ) ); } @@ -913,6 +959,7 @@ class LoginForm extends SpecialPage { * User::isBlockedFromCreateAccount(), which gets this block, ignores the 'hardblock' * setting on blocks (bug 13611). * @param $block Block the block causing this error + * @throws ErrorPageError */ function userBlockedMessage( Block $block ) { # Let's be nice about this, it's likely that this feature will be used @@ -922,23 +969,15 @@ class LoginForm extends SpecialPage { # haven't bothered to log out before trying to create an account to # evade it, but we'll leave that to their guilty conscience to figure # out. - - $out = $this->getOutput(); - $out->setPageTitle( $this->msg( 'cantcreateaccounttitle' ) ); - - $block_reason = $block->mReason; - if ( strval( $block_reason ) === '' ) { - $block_reason = $this->msg( 'blockednoreason' )->text(); - } - - $out->addWikiMsg( + throw new ErrorPageError( + 'cantcreateaccounttitle', 'cantcreateaccount-text', - $block->getTarget(), - $block_reason, - $block->getByName() + array( + $block->getTarget(), + $block->mReason ? $block->mReason : $this->msg( 'blockednoreason' )->text(), + $block->getByName() + ) ); - - $this->executeReturnTo( 'error' ); } /** @@ -965,14 +1004,22 @@ class LoginForm extends SpecialPage { $returnToTitle = Title::newMainPage(); } + if ( $wgSecureLogin && !$this->mStickHTTPS ) { + $options = array( 'http' ); + $proto = PROTO_HTTP; + } elseif( $wgSecureLogin ) { + $options = array( 'https' ); + $proto = PROTO_HTTPS; + } else { + $options = array(); + $proto = PROTO_RELATIVE; + } + if ( $type == 'successredirect' ) { - $redirectUrl = $returnToTitle->getFullURL( $returnToQuery ); - if( $wgSecureLogin && !$this->mStickHTTPS ) { - $redirectUrl = preg_replace( '/^https:/', 'http:', $redirectUrl ); - } + $redirectUrl = $returnToTitle->getFullURL( $returnToQuery, false, $proto ); $this->getOutput()->redirect( $redirectUrl ); } else { - $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery ); + $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery, null, $options ); } } @@ -983,7 +1030,7 @@ class LoginForm extends SpecialPage { global $wgEnableEmail, $wgEnableUserEmail; global $wgHiddenPrefs, $wgLoginLanguageSelector; global $wgAuth, $wgEmailConfirmToEdit, $wgCookieExpiration; - global $wgSecureLogin, $wgPasswordResetRoutes; + global $wgSecureLogin, $wgSecureLoginDefaultHTTPS, $wgPasswordResetRoutes; $titleObj = $this->getTitle(); $user = $this->getUser(); @@ -1003,7 +1050,8 @@ class LoginForm extends SpecialPage { } } - if ( $this->mUsername == '' ) { + // Pre-fill username (if not creating an account, bug 44775). + if ( $this->mUsername == '' && $this->mType != 'signup' ) { if ( $user->isLoggedIn() ) { $this->mUsername = $user->getName(); } else { @@ -1016,6 +1064,7 @@ class LoginForm extends SpecialPage { $q = 'action=submitlogin&type=signup'; $linkq = 'type=login'; $linkmsg = 'gotaccount'; + $this->getOutput()->addModules( 'mediawiki.special.userlogin.signup' ); } else { $template = new UserloginTemplate(); $q = 'action=submitlogin&type=login'; @@ -1047,6 +1096,11 @@ class LoginForm extends SpecialPage { $template->set( 'link', '' ); } + // Decide if we default stickHTTPS on + if ( $wgSecureLoginDefaultHTTPS && $this->mAction != 'submitlogin' && !$this->mLoginattempt ) { + $this->mStickHTTPS = true; + } + $resetLink = $this->mType == 'signup' ? null : is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) ); @@ -1055,6 +1109,7 @@ class LoginForm extends SpecialPage { $template->set( 'name', $this->mUsername ); $template->set( 'password', $this->mPassword ); $template->set( 'retype', $this->mRetype ); + $template->set( 'createemailset', $this->mCreateaccountMail ); $template->set( 'email', $this->mEmail ); $template->set( 'realname', $this->mRealName ); $template->set( 'domain', $this->mDomain ); @@ -1213,15 +1268,21 @@ class LoginForm extends SpecialPage { * Renew the user's session id, using strong entropy */ private function renewSessionId() { - if ( wfCheckEntropy() ) { + global $wgSecureLogin, $wgCookieSecure; + if( $wgSecureLogin && !$this->mStickHTTPS ) { + $wgCookieSecure = false; + } + + // If either we don't trust PHP's entropy, or if we need + // to change cookie settings when logging in because of + // wpStickHTTPS, then change the session ID manually. + $cookieParams = session_get_cookie_params(); + if ( wfCheckEntropy() && $wgCookieSecure == $cookieParams['secure'] ) { session_regenerate_id( false ); } else { - //If we don't trust PHP's entropy, we have to replace the session manually $tmp = $_SESSION; - session_unset(); - session_write_close(); - session_id( MWCryptRand::generateHex( 32 ) ); - session_start(); + session_destroy(); + wfSetupSession( MWCryptRand::generateHex( 32 ) ); $_SESSION = $tmp; } } @@ -1260,13 +1321,6 @@ class LoginForm extends SpecialPage { } /** - * @private - */ - function throttleHit( $limit ) { - $this->mainLoginForm( $this->msg( 'acct_creation_throttle_hit' )->numParams( $limit )->parse() ); - } - - /** * Produce a bar of links which allow the user to select another language * during login/registration but retain "returnto" * @@ -1295,8 +1349,8 @@ class LoginForm extends SpecialPage { * Create a language selector link for a particular language * Links back to this page preserving type and returnto * - * @param $text Link text - * @param $lang Language code + * @param string $text Link text + * @param string $lang Language code * @return string */ function makeLanguageSelectorLink( $text, $lang ) { @@ -1324,4 +1378,8 @@ class LoginForm extends SpecialPage { $query ); } + + protected function getGroupName() { + return 'login'; + } } |