https://bugzilla.wikimedia.org/show_bug.cgi?id=21991
--- Comment #7 from Roan Kattouw <[email protected]> 2010-02-15 14:17:32 UTC --- (In reply to comment #5) > It seems there is only one hashed token... > > if ( !$wgUser->matchEditToken( $params['token'], $user->getName() ) ) > > in ApiUserrights.php > There's another one in ApiRollback.php > Simplest way to deal with this, would seem to be, in that module, don't have > the checks done in ApiMain for this. > > Or we have another method property like > > public function checkToken() { > return true; > } > > And default this to false for this module, and it can hash check it's own way > if it wants... > > Either or seems to be sensible I'd recommend introducing a function that returns the salt (usually the empty string, and false if there's no token to be checked), see also CR r62482. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
