* Login doesn't attach to session properly, so can't stay logged in!
* Password field shown in plaintext!
If it just DOESN'T WORK please keep it on a work branch, don't put it in trunk!
Reverted:
r56682
r56683
r56684
r56686
r56688
r56696
r56699
r56702
r56703
r56704
r56782
r56896
r55990 "* Totally refactor includes/specials/SpecialUserlogin.php:"
r55991 "Followup to r55990 - Remove debugging hack :("
r55994 "Followup to r55990 - rename method to avoid PHP Strict warnings"
r55997 "Follow-up to r55990, per comments:"
Continued reports of breakage with the new version...
Non-vital changes of this magnitude should probably be worked up on a branch to ensure everything's consistent before pushing them to trunk.
** Split backend stuff out into includes/Login.php
** Split account creation and login stuff up, into includes/specials/CreateAccount.php and includes/specials/Userlogin.php.
* Reimplement the special pages as subclasses of SpecialPage
* Use HTMLForm to generate the input forms
** Deprecate and delete includes/templates/Userlogin.php, which is horrible and old :D
This changes the syntax of the UserLoginForm and UserCreateForm hooks, and AuthPlugin::modifyUITemplate; they now receive the SpecialPage subclass rather than the template to work with. Update everything I could find in SVN to accommodate this.
* Update some URLs (pages moved from meta to mw.org)
* Update and fix some comments
* Fix indentation and whitespace in phase3/includes/filerepo/ICRepo.php
of the strict() authentication behavior.
Fixes the hole where old local passwords could still be used to log into the global account after merging.
Based on patch by Rotem Liss from http://he.wikipedia.org/wiki/%D7%9E%D7%A9%D7%AA%D7%9E%D7%A9:Rotemliss/CentralAuth#2
Changed function name from authenticateLocally() to strictUserAuth() and reversed return value to mesh a little better with strict()
optional fields, which may be considered useful at registration time.
This fixes the problem where the e-mail address given for a new account
got replaced with null. Woops!
field should be cleared to an unusable state. Login will only be possible
after the password is reset, for instance by e-mail.
* (bug 6394) Invalidate the password set for "by e-mail" account creations
to avoid accidental empty password creations.
