$userLimit was used inline in the message, causing an "array to string conversion"
notice and a mangled log entry.
Change-Id: I8c5199f1bf01b56e955d8d15c48061b5301b1745
And added/removed spaces around some other tokens,
like +, -, *, /, <, >, =, !
Fixed windows newline style
Change-Id: I0b9c8c408f3f6bfc0d685a074d7ec468fb848fc8
This was an experimental authentication system intoduced a couple
of years ago with a pretty narrow use-case. It's been pretty much
ignored since introduction, and makes login more complicated than
it needs to be.
I didn't drop the external_user table on the off-chance someone
out there actually has data in it, but they should use AuthPlugin
for their external authentication needs.
Change-Id: I794338dbb75961ee033d41fa44bb7aa22e54f447
Adds a new configuration variable ($wgApplyIpBlocksToXff), which when
enabled will scan the XFF header for IP addresses and check if any of
them have been blocked. $wgApplyIpBlocksToXff is disabled by default.
Bug: 23343
Change-Id: I3faa9c3e8107c6e46cdf21f8c18adda1f42890d7
Adds a new configuration variable ($wgApplyIpBlocksToXff), which when
enabled will scan the XFF header for IP addresses and check if any of
them have been blocked. $wgApplyIpBlocksToXff is disabled by default.
Bug: 23343
Change-Id: I3e38b94d10600a60d2d4857de54307f34c4662c4
* Removed spaces around array index
* Removed double spaces or added spaces to begin or end of function
calls, method signature, conditions or foreachs
* Added braces to one-line ifs
* Changed multi line conditions to one line conditions
* Realigned some arrays
Change-Id: Ia04d2a99d663b07101013c2d53b3b2e872fd9cc3
* Ran spell-checker over code comments in /includes/
* A few spellchecking fixes for wfDebug() calls
Found one very strange (NOOP?) line in Linker.php - see "TODO: BUG?"
Change-Id: Ibb86b51073b980eda9ecce2cf0b8dd33f058adbf
Doxygen expects parameter types to come before the
parameter name in @param tags. Used a quick regex
to switch everything around where possible. This
only fixes cases where a primitve variable (or a
primitive followed by other types) is the variable
type. Other cases will need to be fixed manually.
Change-Id: Ic59fd20856eb0489d70f3469a56ebce0efb3db13
Added/removed spaces around logical/arithmetic operator
Reduced multiple empty lines to one empty line
Removed wrong tabs before comments at end of line
Removed too many spaces in assigments
Change-Id: I2bba4e72f9b5f88c53324d7b70e6042f1aad8f6b
* The DB column has garbage padding as the default value, which
was intented to just be "". Since the the insert functions cast
the value to a string, inserting a user without creating a token
causes garbage to be inserted. The logic to automatically fix
empty tokens does not trigger. This fixes createNew() to set the
token and makes sure that addToDatabase() does.
Change-Id: I3529fe8afbc62bac37063217d5aa0179a4a6e169
* This is much more useful if it can be passed to new Date. As a side
effect, this means straight arithmetic comparisons can be done.
* Add a method for this to mediawiki.user (getRegistrationDate).
* Improve docs on server User::getRegistration method by documenting possibility that data is null.
Change-Id: Id7ae0faa930433876939b73d47fc294975e14fb1
* Do not allow working on Special:EditWatchlist
* Do not reset all notification markers
* Do not delete expired restrictions
Change-Id: I7a990c0a80b9c7a6340465dd082a110dafea8f14
Remove $wgUseDynamicDates and everything related to it.
I left DateFormatter::reformat() alone, since it might possibly be
used elsewhere, and to be honest I'm afraid to touch it.
Change-Id: I609db8471c14e5e5946916f085d2ee5b96204d81
Changed third parameter of PingLimiter hook to a
reference since that's what all the docs say and because
extensions need to be able to override the result of
the ping limiting.
Change-Id: Ia8e9d3c4de9a6f298a00949007cad53021ab782c
This allows to display the "password sent by e-mail." string in the user's language
since it's now in the action text rather than always in content language due to the
fact it was hardcoded in the log's comment.
Insertion of log entries for the new users log is now acomplished using the
ManualLogEntry class rather than the old LogPage one.
Removed 'newuserlog-byemail' message since it's no longer used (also checked
extensions in Wikimedia's Git repo).
IRC notifications will use the same message for 'create2' and 'byemail' for backward
compatibility. The only difference is that 'byemail' entries will no longer have
"password sent by email." in the comment.
Change-Id: Icdf1d714259d054cf8c256faf894c533be0dc73c
This happens when an anonymous user wants to create an account for himself through
the API. This is due to the fact that User::addNewUserLogEntry() was always using
$wgUser as performer, but the API does not replace $wgUser by the newly created user
object when the peformer is an anonymous user.
Changed User::addNewUserLogEntry() to directly take the log action as first parameter,
rather than a boolean value saying whether the password was sent by e-mail or not,
and force the performer to be the user itself in the log action is "create". This
avoids such problems in that case, no matter the value of $wgUser, and it makes this
parameter much more readable that the old one. Backward compatibility is maintained.
Creating an user and sending its password by e-mail will still log the performer's
IP address in the log if this is made by an anonymous user.
Finally the second parameter of the AddNewAccount is now correct when creating an
account from the API, it was always false previously.
Change-Id: I188ecf420b85e9d1dab6fb933ed50d5f58532109
Added the "resetkinds" option to action=options, so that when the
"reset" option is set, the user can control which kinds of options
are reset, rather than having to do all or none.
Also added documentation to the "change" parameter, since passing
it option keys without any "=value" after it will result in resetting
that specific option to its default value.
Change-Id: Id5bc1fffa0d487c0f152b79115205d2722f380d3
Before change I98df55f2 it was possible to set arbitrary preferences (ie.
with anything as the key) using the action=options API. That change
removed this ability by enforcing full validation of the preferences, also
introducing several regressions which were fixed by follow-ups.
Per the discussion on bug 40124, this changeset aims to restore this
ability, but in a slightly restricted way: arbitrary preferences' names
must start with userjs- prefix, to avoid any possibility of conflicting
with new MediaWiki versions or extensions.
The contents of these preferences is not escaped, sanitized nor validated
in any way; script authors are expected to sanitize them themselves to
prevent XSS attacks and other security vulnerabilities.
This commit also adds the User::getOptionsKinds() method (to determine
whether given preference keys are used by MediaWiki itself or an extension,
intended to be used via the API, or entirely unknown) and enhances the
User::resetOptions() method to allow for resetting only preferences of
chosen kinds.
These changes allow for fixing of Special:Preferences not to clear those
additional fields when saving user settings.
Change-Id: I5f9ba5b0dfe7c2ea5458d836f03429cf6d93969d
CentralAuth calls User::loadFromId() directly after calling setId().
This avoid having to load the object two times in this case.
Change-Id: Iade37631a9346dff45e18acfa078af37c1fbbfab
* migrateUserGroup.php: Call User::invalidateCache
* While at it, also fix the issue where User::clearInstanceCache
did not clear cache for User::getGroups.
Although it does clear the caches of methods used to calculate
other group-related lists (such as User::getEffectiveGroups),
the one for the query from user_groups was still cached in
$this->mGroups.
Presumably this was forgotten when this pattern was introduced
as the instance cache precedes the user_group table.
Change-Id: I22abdba00f8ccf587a3d7696e57970ed4653afc8
