Pgehres has uploaded a new change for review. https://gerrit.wikimedia.org/r/56079
Change subject: Adding functions to User.php to upgrade password storage on login. ...................................................................... Adding functions to User.php to upgrade password storage on login. Change-Id: If5ca00a19180ca034edb8f9a04efb6469de07d0a --- A LocalSettings_old.php M includes/User.php 2 files changed, 147 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/core refs/changes/79/56079/1 diff --git a/LocalSettings_old.php b/LocalSettings_old.php new file mode 100644 index 0000000..d4078c0 --- /dev/null +++ b/LocalSettings_old.php @@ -0,0 +1,135 @@ +<?php +# This file was automatically generated by the MediaWiki 1.21alpha +# installer. If you make manual changes, please keep track in case you +# need to recreate them later. +# +# See includes/DefaultSettings.php for all configurable settings +# and their default values, but don't forget to make changes in _this_ +# file, not there. +# +# Further documentation for configuration settings may be found at: +# http://www.mediawiki.org/wiki/Manual:Configuration_settings + +# Protect against web entry +if ( !defined( 'MEDIAWIKI' ) ) { + exit; +} + +## Uncomment this to disable output compression +# $wgDisableOutputCompression = true; + +$wgSitename = "Dev Wiki"; +$wgMetaNamespace = "Dev_Wiki"; + +## The URL base path to the directory containing the wiki; +## defaults for all runtime URL paths are based off of this. +## For more information on customizing the URLs +## (like /w/index.php/Page_title to /wiki/Page_title) please see: +## http://www.mediawiki.org/wiki/Manual:Short_URL +$wgScriptPath = ""; +$wgScriptExtension = ".php"; + +## The protocol and server name to use in fully-qualified URLs +$wgServer = "http://core.local";; + +## The relative URL path to the skins directory +$wgStylePath = "$wgScriptPath/skins"; + +## The relative URL path to the logo. Make sure you change this from the default, +## or else you'll overwrite your logo when you upgrade! +$wgLogo = "$wgStylePath/common/images/wiki.png"; + +## UPO means: this is also a user preference option + +$wgEnableEmail = true; +$wgEnableUserEmail = true; # UPO + +$wgEmergencyContact = "[email protected]"; +$wgPasswordSender = "[email protected]"; + +$wgEnotifUserTalk = false; # UPO +$wgEnotifWatchlist = false; # UPO +$wgEmailAuthentication = true; + +## Database settings +$wgDBtype = "mysql"; +$wgDBserver = "localhost"; +$wgDBname = "core_mediawiki"; +$wgDBuser = "mediawiki"; +$wgDBpassword = "wikiwiki123"; + +# MySQL specific settings +$wgDBprefix = ""; + +# MySQL table options to use during installation or update +$wgDBTableOptions = "ENGINE=InnoDB, DEFAULT CHARSET=utf8"; + +# Experimental charset support for MySQL 5.0. +$wgDBmysql5 = false; + +## Shared memory settings +$wgMainCacheType = CACHE_NONE; +$wgMemCachedServers = array(); + +## To enable image uploads, make sure the 'images' directory +## is writable, then set this to true: +$wgEnableUploads = true; +$wgUseImageMagick = true; +$wgImageMagickConvertCommand = "/usr/bin/convert"; + +# InstantCommons allows wiki to use images from http://commons.wikimedia.org +$wgUseInstantCommons = false; + +## If you use ImageMagick (or any other shell command) on a +## Linux server, this will need to be set to the name of an +## available UTF-8 locale +$wgShellLocale = "en_US.utf8"; + +## If you want to use image uploads under safe mode, +## create the directories images/archive, images/thumb and +## images/temp, and make them all writable. Then uncomment +## this, if it's not already uncommented: +#$wgHashedUploadDirectory = false; + +## Set $wgCacheDirectory to a writable directory on the web server +## to make your wiki go slightly faster. The directory should not +## be publically accessible from the web. +#$wgCacheDirectory = "$IP/cache"; + +# Site language code, should be one of the list in ./languages/Names.php +$wgLanguageCode = "en"; + +$wgSecretKey = "300917f9eb53e46e39a1d64ee881a7bb213eaeea1b8c529cb0ebc7f3c8069e62"; + +# Site upgrade key. Must be set to a string (default provided) to turn on the +# web installer while LocalSettings.php is in place +$wgUpgradeKey = "24ed725adca38a1b"; + +## Default skin: you can change the default skin. Use the internal symbolic +## names, ie 'standard', 'nostalgia', 'cologneblue', 'monobook', 'vector': +$wgDefaultSkin = "vector"; + +## For attaching licensing metadata to pages, and displaying an +## appropriate copyright notice / icon. GNU Free Documentation +## License and Creative Commons licenses are supported so far. +$wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright +$wgRightsUrl = ""; +$wgRightsText = ""; +$wgRightsIcon = ""; + +# Path to the GNU diff3 utility. Used for conflict resolution. +$wgDiff3 = "/usr/bin/diff3"; + +# Query string length limit for ResourceLoader. You should only set this if +# your web server has a query string length limit (then set it to that limit), +# or if you have suhosin.get.max_value_length set in php.ini (then set it to +# that value) +$wgResourceLoaderMaxQueryLength = -1; + + + +# End of automatically generated settings. +# Add more configuration options below. + +$wgDebugLogFile = "/tmp/mediawiki-dev.log"; + diff --git a/includes/User.php b/includes/User.php index 0e63704..f68bd8a 100644 --- a/includes/User.php +++ b/includes/User.php @@ -71,6 +71,11 @@ const MAX_WATCHED_ITEMS_CACHE = 100; /** + * The current and preferred password storage scheme + */ + const PASSWORD_SCHEME = ":B:"; + + /** * Array of Strings List of member variables which are saved to the * shared cache (memcached). Any operation which changes the * corresponding database fields must call a cache-clearing function. @@ -3424,6 +3429,10 @@ return false; } if ( self::comparePasswords( $this->mPassword, $password, $this->mId ) ) { + if ( substr( $this->mPassword, 0, strlen( self::PASSWORD_SCHEME ) ) !== self::PASSWORD_SCHEME ) { + /* Update the password storage to the latest and greatest scheme */ + $this->setInternalPassword( $password ); + } return true; } elseif ( $wgLegacyEncoding ) { # Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted @@ -3432,6 +3441,9 @@ if ( $cp1252Password != $password && self::comparePasswords( $this->mPassword, $cp1252Password, $this->mId ) ) { + /* Update the password storage to the latest and greatest scheme in UTF-8 */ + $this->setInternalPassword( $password ); + return true; } } -- To view, visit https://gerrit.wikimedia.org/r/56079 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: If5ca00a19180ca034edb8f9a04efb6469de07d0a Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/core Gerrit-Branch: master Gerrit-Owner: Pgehres <[email protected]> _______________________________________________ MediaWiki-commits mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
