r55990 "* Totally refactor includes/specials/SpecialUserlogin.php:"
r55991 "Followup to r55990 - Remove debugging hack :("
r55994 "Followup to r55990 - rename method to avoid PHP Strict warnings"
r55997 "Follow-up to r55990, per comments:"
Continued reports of breakage with the new version...
Non-vital changes of this magnitude should probably be worked up on a branch to ensure everything's consistent before pushing them to trunk.
** Split backend stuff out into includes/Login.php
** Split account creation and login stuff up, into includes/specials/CreateAccount.php and includes/specials/Userlogin.php.
* Reimplement the special pages as subclasses of SpecialPage
* Use HTMLForm to generate the input forms
** Deprecate and delete includes/templates/Userlogin.php, which is horrible and old :D
This changes the syntax of the UserLoginForm and UserCreateForm hooks, and AuthPlugin::modifyUITemplate; they now receive the SpecialPage subclass rather than the template to work with. Update everything I could find in SVN to accommodate this.
* Update some URLs (pages moved from meta to mw.org)
* Update and fix some comments
* Fix indentation and whitespace in phase3/includes/filerepo/ICRepo.php
of the strict() authentication behavior.
Fixes the hole where old local passwords could still be used to log into the global account after merging.
Based on patch by Rotem Liss from http://he.wikipedia.org/wiki/%D7%9E%D7%A9%D7%AA%D7%9E%D7%A9:Rotemliss/CentralAuth#2
Changed function name from authenticateLocally() to strictUserAuth() and reversed return value to mesh a little better with strict()
optional fields, which may be considered useful at registration time.
This fixes the problem where the e-mail address given for a new account
got replaced with null. Woops!
field should be cleared to an unusable state. Login will only be possible
after the password is reset, for instance by e-mail.
* (bug 6394) Invalidate the password set for "by e-mail" account creations
to avoid accidental empty password creations.
