Le 16 févr. 2012 à 20:51, Bináris a écrit : > 2012/2/16 Nicolas Brouard INED <[email protected]> > >> For people having multiple usernames (pseudos) with the same e-mail but >> different passwords for each, a better patch could be to test the password >> entered and to link with the unique username. But I am not an expert in >> mediawiki and php and don't know how to get the password within the >> function idFromName. >> > > This is an important point. For example, I have 3 bot accounts that all > have my e-mail for practical reasons. I wouldn't be happy with logging in > as one of them. :-)
For bot accounts, you can and should still log using a specific bot username. There is no ambiguity in the proposed patch, it checks if the username (user_name field) exists and if yes it checks the corresponding password. It is only when the username doesn't exist that it checks if a user_email exists. If a user_email exists it could be an array of user_id and instead of returning the first element of this array (and hoping that the password entered will match this ID) we could propose a better algorithm. That is the reason why I say that this simple patch works in most cases (90 %? A simulation could be done with the Wikipedia dbs): if you are not authenticated using an e-mail and password to the username you wanted, you need to enter the standard way i.e with username and same password. Regards, -- Nicolas _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
