From e588383c86c5df81b3d9de64feb1223db6aa33c7 Mon Sep 17 00:00:00 2001 From: Andrew Garrett Date: Wed, 28 May 2008 11:26:05 +0000 Subject: [PATCH] * Respect hooks' decisions when autocreating accounts. * New parameter for AbortCreateAccount: (whether the account is being autocreated). Used in CentralAuth. --- docs/hooks.txt | 1 + includes/SpecialUserlogin.php | 23 ++++++++++++++++++----- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/docs/hooks.txt b/docs/hooks.txt index 2f9291c718..e0373bfc65 100644 --- a/docs/hooks.txt +++ b/docs/hooks.txt @@ -258,6 +258,7 @@ $err: error message 'AbortNewAccount': Return false to cancel account creation. $user: the User object about to be created (read-only, incomplete) $message: out parameter: error message to display on abort +$autocreate: whether the account is being automatically created. 'AddNewAccount': after a user account is created $user: the User object that was created. (Parameter added in 1.7) diff --git a/includes/SpecialUserlogin.php b/includes/SpecialUserlogin.php index 58b1280f18..aaedc3cf5a 100644 --- a/includes/SpecialUserlogin.php +++ b/includes/SpecialUserlogin.php @@ -296,7 +296,7 @@ class LoginForm { $u->setRealName( $this->mRealName ); $abortError = ''; - if( !wfRunHooks( 'AbortNewAccount', array( $u, &$abortError ) ) ) { + if( !wfRunHooks( 'AbortNewAccount', array( $u, &$abortError, false /* autocreate */ ) ) ) { // Hook point to add extra creation throttles and blocks wfDebug( "LoginForm::addNewAccountInternal: a hook blocked creation\n" ); $this->mainLoginForm( $abortError ); @@ -366,7 +366,7 @@ class LoginForm { * * @public */ - function authenticateUserData() { + function authenticateUserData(&$error_extra) { global $wgUser, $wgAuth; if ( '' == $this->mName ) { return self::NO_NAME; @@ -388,7 +388,7 @@ class LoginForm { $isAutoCreated = false; if ( 0 == $u->getID() ) { - $status = $this->attemptAutoCreate( $u ); + $status = $this->attemptAutoCreate( $u, &$error_extra ); if ( $status !== self::SUCCESS ) { return $status; } else { @@ -458,7 +458,7 @@ class LoginForm { * Only succeeds if there is an external authentication method which allows it. * @return integer Status code */ - function attemptAutoCreate( $user ) { + function attemptAutoCreate( $user, &$error_extra ) { global $wgAuth, $wgUser; /** * If the external authentication plugin allows it, @@ -469,6 +469,7 @@ class LoginForm { return self::NOT_EXISTS; } if ( !$wgAuth->userExists( $user->getName() ) ) { + die("Doesn't exist: ".$user->getName()); wfDebug( __METHOD__.": user does not exist\n" ); return self::NOT_EXISTS; } @@ -480,6 +481,14 @@ class LoginForm { wfDebug( __METHOD__.": user is blocked from account creation\n" ); return self::CREATE_BLOCKED; } + + $abortError = ''; + if( !wfRunHooks( 'AbortNewAccount', array( $user, &$abortError, true /* autocreate */ ) ) ) { + // Hook point to add extra creation throttles and blocks + wfDebug( __METHOD__.": a hook blocked creation\n" ); + $error_extra = $abortError; + return self::ABORTED; + } wfDebug( __METHOD__.": creating account\n" ); $user = $this->initUser( $user, true ); @@ -489,7 +498,8 @@ class LoginForm { function processLogin() { global $wgUser, $wgAuth; - switch ($this->authenticateUserData()) + $error_extra = ''; + switch ($this->authenticateUserData(&$error_extra)) { case self::SUCCESS: # We've verified now, update the real record @@ -540,6 +550,9 @@ class LoginForm { case self::CREATE_BLOCKED: $this->userBlockedMessage(); break; + case self::ABORTED: + $this->mainLoginForm( $error_extra ); + break; default: throw new MWException( "Unhandled case value" ); } -- 2.20.1