User "Aaron Schulz" posted a comment on MediaWiki.r86482. Full URL: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/86482#c20016 Commit summary:
(bug 13015, bug 18347, bug 18996, bug 20473, bug 23669, bug 28244) separate the password-reset request dialogue from SpecialUserlogin. * Refactor with all the latest bells and whistles * Allow wikis to enable resettting by entering an email address (bug 13015). This is currently an unindexed query, but it is disabled by default so no immediate problem. * Allow resetting to be disabled entirely (bug 20473). * Don't send registered users' IP addresses in the emails (bug 18347) * Check that a user is not globally blocked before letting them send messages (bug 23669) * Display a more useful error message when an account exists globally but not locally (bug 18996). Comment: This does check $wgPasswordAttemptThrottle, so people could keep guessing passwords at high speed. And when the get it right, they both login as the user and change the password. This lets someone take over the user and locking them out all at once for added convenience :) _______________________________________________ MediaWiki-CodeReview mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
