Revert broken rewrite of login system; totally broken.
authorBrion Vibber <brion@users.mediawiki.org>
Sat, 26 Sep 2009 00:49:32 +0000 (00:49 +0000)
committerBrion Vibber <brion@users.mediawiki.org>
Sat, 26 Sep 2009 00:49:32 +0000 (00:49 +0000)
* Login doesn't attach to session properly, so can't stay logged in!
* Password field shown in plaintext!

If it just DOESN'T WORK please keep it on a work branch, don't put it in trunk!

Reverted:
r56682
r56683
r56684
r56686
r56688
r56696
r56699
r56702
r56703
r56704
r56782
r56896

ConfirmEdit_body.php

index 5bb6e7e8d1a3dc59aa53c4c20e323b8e3c04c25a..8c0d78029426d17c9d4952da14096f077ce50131 100644 (file)
@@ -39,8 +39,8 @@ class ConfirmEditHooks {
                return self::getInstance()->triggerUserLogin( $user, $password, $retval );
        }
 
-       static function injectUserLogin( &$sp ) {
-               return self::getInstance()->injectUserLogin( $sp );
+       static function injectUserLogin( &$template ) {
+               return self::getInstance()->injectUserLogin( $template );
        }
 
        static function confirmUserLogin( $u, $pass, &$retval ) {
@@ -144,19 +144,18 @@ class SimpleCaptcha {
         * @param SimpleTemplate $template
         * @return bool true to keep running callbacks
         */
-       function injectUserCreate( &$sp ) {
+       function injectUserCreate( &$template ) {
                global $wgCaptchaTriggers, $wgOut, $wgUser;
                if ( $wgCaptchaTriggers['createaccount'] ) {
                        if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
                                wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" );
                                return true;
                        }
-                       $sp->addFormHeader( 
+                       $template->set( 'header',
                                "<div class='captcha'>" .
                                $wgOut->parse( $this->getMessage( 'createaccount' ) ) .
                                $this->getForm() .
-                               "</div>\n"
-                       );
+                               "</div>\n" );
                }
                return true;
        }
@@ -164,18 +163,18 @@ class SimpleCaptcha {
        /**
         * Inject a captcha into the user login form after a failed
         * password attempt as a speedbump for mass attacks.
+        * @fixme if multiple thingies insert a header, could break
         * @param SimpleTemplate $template
         * @return bool true to keep running callbacks
         */
-       function injectUserLogin( &$sp ) {
+       function injectUserLogin( &$template ) {
                if ( $this->isBadLoginTriggered() ) {
                        global $wgOut;
-                       $sp->addFormHeader(
+                       $template->set( 'header',
                                "<div class='captcha'>" .
                                $wgOut->parse( $this->getMessage( 'badlogin' ) ) .
                                $this->getForm() .
-                               "</div>\n"
-                       );
+                               "</div>\n" );
                }
                return true;
        }
@@ -191,7 +190,7 @@ class SimpleCaptcha {
         */
        function triggerUserLogin( $user, $password, $retval ) {
                global $wgCaptchaTriggers, $wgCaptchaBadLoginExpiration, $wgMemc;
-               if ( $retval == Login::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
+               if ( $retval == LoginForm::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
                        $key = $this->badLoginKey();
                        $count = $wgMemc->get( $key );
                        if ( !$count ) {
@@ -558,7 +557,7 @@ class SimpleCaptcha {
                        if ( !$this->passCaptcha() ) {
                                $message = wfMsg( 'captcha-badlogin-fail' );
                                // Emulate a bad-password return to confuse the shit out of attackers
-                               $retval = Login::WRONG_PASS;
+                               $retval = LoginForm::WRONG_PASS;
                                return false;
                        }
                }