* Accept null parameter to User::setPassword() as indicating the password

  field should be cleared to an unusable state. Login will only be possible
  after the password is reset, for instance by e-mail.
* (bug 6394) Invalidate the password set for "by e-mail" account creations
  to avoid accidental empty password creations.

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 8bcf68d..50d381c 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -296,6 +296,11 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
 * (bug 8241) Don't consider user pages of User:Foo.css to be CSS subpages
 * Set an explicit class on framed thumbnail inner divs and images, changed some 
   CSS to use these instead of using descendent selectors.
+* Accept null parameter to User::setPassword() as indicating the password
+  field should be cleared to an unusable state. Login will only be possible
+  after the password is reset, for instance by e-mail.
+* (bug 6394) Invalidate the password set for "by e-mail" account creations
+  to avoid accidental empty password creations.
 
 
 == Languages updated ==

diff --git a/includes/AuthPlugin.php b/includes/AuthPlugin.php
index cf06e42..e33ef1b 100644 (file)
--- a/includes/AuthPlugin.php
+++ b/includes/AuthPlugin.php
@@ -146,6 +146,10 @@ class AuthPlugin {
 
        /**
         * Set the given password in the authentication database.
+        * As a special case, the password may be set to null to request
+        * locking the password to an unusable value, with the expectation
+        * that it will be set later through a mail reset or other method.
+        *
         * Return true if successful.
         *
         * @param $user User object.

diff --git a/includes/SpecialUserlogin.php b/includes/SpecialUserlogin.php
index 3288d80..29281e6 100644 (file)
--- a/includes/SpecialUserlogin.php
+++ b/includes/SpecialUserlogin.php
@@ -123,6 +123,8 @@ class LoginForm {
                        return;
                }
 
+               // Wipe the initial password and mail a temporary one
+               $u->setPassword( null );
                $u->saveSettings();
                $result = $this->mailPasswordInternal( $u, false );
 

diff --git a/includes/User.php b/includes/User.php
index 597d003..87f75a4 100644 (file)
--- a/includes/User.php
+++ b/includes/User.php
@@ -1303,20 +1303,26 @@ class User {
         * pass the change through or if the legal password
         * checks fail.
         *
+        * As a special case, setting the password to null
+        * wipes it, so the account cannot be logged in until
+        * a new password is set, for instance via e-mail.
+        *
         * @param string $str
         * @throws PasswordError on failure
         */
        function setPassword( $str ) {
                global $wgAuth;
                
-               if( !$wgAuth->allowPasswordChange() ) {
-                       throw new PasswordError( wfMsg( 'password-change-forbidden' ) );
-               }
+               if( $str !== null ) {
+                       if( !$wgAuth->allowPasswordChange() ) {
+                               throw new PasswordError( wfMsg( 'password-change-forbidden' ) );
+                       }
                
-               if( !$this->isValidPassword( $str ) ) {
-                       global $wgMinimalPasswordLength;
-                       throw new PasswordError( wfMsg( 'passwordtooshort',
-                               $wgMinimalPasswordLength ) );
+                       if( !$this->isValidPassword( $str ) ) {
+                               global $wgMinimalPasswordLength;
+                               throw new PasswordError( wfMsg( 'passwordtooshort',
+                                       $wgMinimalPasswordLength ) );
+                       }
                }
                
                if( !$wgAuth->setPassword( $this, $str ) ) {
@@ -1325,9 +1331,15 @@ class User {
                
                $this->load();
                $this->setToken();
-               $this->mPassword = $this->encryptPassword( $str );
+               
+               if( $str === null ) {
+                       // Save an invalid hash...
+                       $this->mPassword = '';
+               } else {
+                       $this->mPassword = $this->encryptPassword( $str );
+               }
                $this->mNewpassword = '';
-               $this->mNewpassTime = NULL;
+               $this->mNewpassTime = null;
                
                return true;
        }