[MediaWiki-CVS] SVN: [103467] trunk/phase3

Thu, 17 Nov 2011 07:16:09 -0800 

https://www.mediawiki.org/wiki/Special:Code/MediaWiki/103467

Revision: 103467
Author:   mah
Date:     2011-11-17 15:16:03 +0000 (Thu, 17 Nov 2011)
Log Message:
-----------
Adapt and re-apply Michael Newton's patch from Bug 24464 - Execute
LoginAuthenticateAudit hook more often.

Also updated release notes.

Modified Paths:
--------------
    trunk/phase3/RELEASE-NOTES-1.19
    trunk/phase3/docs/hooks.txt
    trunk/phase3/includes/specials/SpecialUserlogin.php

Modified: trunk/phase3/RELEASE-NOTES-1.19
===================================================================
--- trunk/phase3/RELEASE-NOTES-1.19     2011-11-17 15:01:47 UTC (rev 103466)
+++ trunk/phase3/RELEASE-NOTES-1.19     2011-11-17 15:16:03 UTC (rev 103467)
@@ -11,6 +11,9 @@
 production.
 
 === Configuration changes in 1.19 ===
+* Changed LoginAuthenticateAudit hook so that it may be called before a
+  valid user is available.  In those cases, an anonymouse user object
+  will be supplied
 * Removed SkinTemplateSetupPageCss hook; use BeforePageDisplay instead.
 * (bug 27132) movefile right granted by default to registered users.
 * Default cookie lifetime ($wgCookieExpiration) is increased to 180 days.

Modified: trunk/phase3/docs/hooks.txt
===================================================================
--- trunk/phase3/docs/hooks.txt 2011-11-17 15:01:47 UTC (rev 103466)
+++ trunk/phase3/docs/hooks.txt 2011-11-17 15:16:03 UTC (rev 103467)
@@ -1212,8 +1212,10 @@
  - wrap String Wrap the message in html (usually something like "<div 
...>$1</div>").
  - flags Integer display flags (NO_ACTION_LINK,NO_EXTRA_USER_LINKS)
 
-'LoginAuthenticateAudit': a login attempt for a valid user account either
-succeeded or failed. No return data is accepted; this hook is for auditing 
only.
+'LoginAuthenticateAudit': a login attempt either succeeded or
+failed. This may be called before the User object is populated, so a
+user object equivalent to an anonymous user. No return data is
+accepted; this hook is for auditing only.
 $user: the User object being authenticated against
 $password: the password being submitted and found wanting
 $retval: a LoginForm class constant with authenticateUserData() return

Modified: trunk/phase3/includes/specials/SpecialUserlogin.php
===================================================================
--- trunk/phase3/includes/specials/SpecialUserlogin.php 2011-11-17 15:01:47 UTC 
(rev 103466)
+++ trunk/phase3/includes/specials/SpecialUserlogin.php 2011-11-17 15:16:03 UTC 
(rev 103467)
@@ -475,6 +475,7 @@
                $this->load();
 
                if ( $this->mUsername == '' ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, 
$this->mPassword, self::NO_NAME ) );
                        return self::NO_NAME;
                }
 
@@ -486,20 +487,24 @@
                // If the user doesn't have a login token yet, set one.
                if ( !self::getLoginToken() ) {
                        self::setLoginToken();
+                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, 
$this->mPassword, self::NEED_TOKEN ) );
                        return self::NEED_TOKEN;
                }
                // If the user didn't pass a login token, tell them we need one
                if ( !$this->mToken ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, 
$this->mPassword, self::NEED_TOKEN ) );
                        return self::NEED_TOKEN;
                }
 
                $throttleCount = self::incLoginThrottle( $this->mUsername );
                if ( $throttleCount === true ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, 
$this->mPassword, self::THROTTLED ) );
                        return self::THROTTLED;
                }
 
                // Validate the login token
                if ( $this->mToken !== self::getLoginToken() ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( new User, 
$this->mPassword, self::WRONG_TOKEN ) );
                        return self::WRONG_TOKEN;
                }
 
@@ -520,6 +525,7 @@
                # user choose a different wiki name.
                $u = User::newFromName( $this->mUsername );
                if( !( $u instanceof User ) || !User::isUsableName( 
$u->getName() ) ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, 
$this->mPassword, self::ILLEGAL ) );
                        return self::ILLEGAL;
                }
 
@@ -527,6 +533,7 @@
                if ( 0 == $u->getID() ) {
                        $status = $this->attemptAutoCreate( $u );
                        if ( $status !== self::SUCCESS ) {
+                               wfRunHooks( 'LoginAuthenticateAudit', array( 
$u, $this->mPassword, $status ) );
                                return $status;
                        } else {
                                $isAutoCreated = true;
@@ -547,6 +554,7 @@
                // Give general extensions, such as a captcha, a chance to 
abort logins
                $abort = self::ABORTED;
                if( !wfRunHooks( 'AbortLogin', array( $u, $this->mPassword, 
&$abort, &$this->mAbortLoginErrorMsg ) ) ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, 
$this->mPassword, $abort ) );
                        return $abort;
                }
 


_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs

Reply via email to