From: Brion Vibber <brion@users.mediawiki.org>
Date: Tue, 8 Sep 2009 18:40:05 +0000 (+0000)
Subject: Revert broken rewrite of login forms:
X-Git-Url: https://git.toastfreeware.priv.at/toast/cookiecaptcha.git/commitdiff_plain/0f5ffad924f2f5a0c39c363854f3eb7fcc72291d?ds=sidebyside

Revert broken rewrite of login forms:
r55990 "* Totally refactor includes/specials/SpecialUserlogin.php:"
r55991 "Followup to r55990 - Remove debugging hack :("
r55994 "Followup to r55990 - rename method to avoid PHP Strict warnings"
r55997 "Follow-up to r55990, per comments:"

Continued reports of breakage with the new version...
Non-vital changes of this magnitude should probably be worked up on a branch to ensure everything's consistent before pushing them to trunk.
---

diff --git a/ConfirmEdit_body.php b/ConfirmEdit_body.php
index 4ec7ff5..8c0d780 100644
--- a/ConfirmEdit_body.php
+++ b/ConfirmEdit_body.php
@@ -39,8 +39,8 @@ class ConfirmEditHooks {
 		return self::getInstance()->triggerUserLogin( $user, $password, $retval );
 	}
 
-	static function injectUserLogin( &$sp ) {
-		return self::getInstance()->injectUserLogin( $sp );
+	static function injectUserLogin( &$template ) {
+		return self::getInstance()->injectUserLogin( $template );
 	}
 
 	static function confirmUserLogin( $u, $pass, &$retval ) {
@@ -144,18 +144,18 @@ class SimpleCaptcha {
 	 * @param SimpleTemplate $template
 	 * @return bool true to keep running callbacks
 	 */
-	function injectUserCreate( &$sp ) {
+	function injectUserCreate( &$template ) {
 		global $wgCaptchaTriggers, $wgOut, $wgUser;
 		if ( $wgCaptchaTriggers['createaccount'] ) {
 			if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
 				wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" );
 				return true;
 			}
-			$sp->mFormHeader .= 
+			$template->set( 'header',
 				"<div class='captcha'>" .
 				$wgOut->parse( $this->getMessage( 'createaccount' ) ) .
 				$this->getForm() .
-				"</div>\n";
+				"</div>\n" );
 		}
 		return true;
 	}
@@ -163,17 +163,18 @@ class SimpleCaptcha {
 	/**
 	 * Inject a captcha into the user login form after a failed
 	 * password attempt as a speedbump for mass attacks.
+	 * @fixme if multiple thingies insert a header, could break
 	 * @param SimpleTemplate $template
 	 * @return bool true to keep running callbacks
 	 */
-	function injectUserLogin( &$sp ) {
+	function injectUserLogin( &$template ) {
 		if ( $this->isBadLoginTriggered() ) {
 			global $wgOut;
-			$sp->mFormHeader .= 
+			$template->set( 'header',
 				"<div class='captcha'>" .
 				$wgOut->parse( $this->getMessage( 'badlogin' ) ) .
 				$this->getForm() .
-				"</div>\n";
+				"</div>\n" );
 		}
 		return true;
 	}
@@ -189,7 +190,7 @@ class SimpleCaptcha {
 	 */
 	function triggerUserLogin( $user, $password, $retval ) {
 		global $wgCaptchaTriggers, $wgCaptchaBadLoginExpiration, $wgMemc;
-		if ( $retval == Login::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
+		if ( $retval == LoginForm::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) {
 			$key = $this->badLoginKey();
 			$count = $wgMemc->get( $key );
 			if ( !$count ) {
@@ -556,7 +557,7 @@ class SimpleCaptcha {
 			if ( !$this->passCaptcha() ) {
 				$message = wfMsg( 'captcha-badlogin-fail' );
 				// Emulate a bad-password return to confuse the shit out of attackers
-				$retval = Login::WRONG_PASS;
+				$retval = LoginForm::WRONG_PASS;
 				return false;
 			}
 		}