From 3e957cc1377a7ac9b437277ba395521d0192ca82 Mon Sep 17 00:00:00 2001
From: Happy-melon <happy-melon@users.mediawiki.org>
Date: Thu, 24 Sep 2009 12:50:12 +0000
Subject: [PATCH] Add new hook, AbortNewAccountAuto, to abort account creations
 from AuthPlugin- or ExtUser-driven requests.

---
 RELEASE-NOTES      |  2 ++
 docs/hooks.txt     |  6 ++++++
 includes/Login.php | 12 ++++++++++--
 3 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 644dc3db07..c445e05646 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -92,6 +92,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
   $template->set(), etc.  The hook has access to most of the stuff that will go into the
   Login/Create form; see the documentation on HTMLForm for syntax for extra fields.
   LoginForm class is deprecated, its state constants are now in the Login class.
+* New hook AbortNewAccountAuto, called before account creation from AuthPlugin-
+  or ExtUser-driven requests.
 
 === New features in 1.16 ===
 
diff --git a/docs/hooks.txt b/docs/hooks.txt
index 325a062dcf..4bfa457a17 100644
--- a/docs/hooks.txt
+++ b/docs/hooks.txt
@@ -259,6 +259,12 @@ $reason: the reason for the move (added in 1.13)
 $user: the User object about to be created (read-only, incomplete)
 $message: out parameter: error message to display on abort
 
+'AbortNewAccountAuto': Return false to cancel account creation when the
+    request is coming from an AuthPlugin or ExtUser, rather than a 
+    manually-submitted CreateAccount form.
+$user: the User object about to be created (read-only, incomplete)
+$message: out parameter: error message to display on abort
+
 'AddNewAccount': after a user account is created
 $user: the User object that was created. (Parameter added in 1.7)
 $byEmail: true when account was created "by email" (added in 1.12)
diff --git a/includes/Login.php b/includes/Login.php
index d13c574368..42a0e76ba9 100644
--- a/includes/Login.php
+++ b/includes/Login.php
@@ -232,12 +232,20 @@ class Login {
 		# is for an external auth plugin to autocreate the local user first.
 		if ( $this->mUser->getID() == 0 ) {
 			if ( $this->canAutoCreate() == self::SUCCESS ) {
+				
 				$isAutoCreated = true;
 				wfDebug( __METHOD__.": creating account\n" );
+				
+				if( !wfRunHooks( 'AbortNewAccountAuto', array( $this->mUser, &$this->mCreateResult ) ) ) {
+					wfDebug( __METHOD__ . ": a hook blocked creation\n" );
+					return self::ABORTED;
+				}
+				
 				$result = $this->initUser( true );
 				if( $result !== self::SUCCESS ){
 					return $result;
-				};
+				}
+				
 			} else {
 				return $this->canAutoCreate();
 			}
@@ -454,7 +462,7 @@ class Login {
 
 		if( !wfRunHooks( 'AbortNewAccount', array( $this->mUser, &$this->mCreateResult ) ) ) {
 			# Hook point to add extra creation throttles and blocks
-			wfDebug( "LoginForm::addNewAccountInternal: a hook blocked creation\n" );
+			wfDebug( __METHOD__ . ": a hook blocked creation\n" );
 			return self::ABORTED;
 		}
 
-- 
2.20.1