throw new MWException( "Passed User has not been added to the database yet!" );
}
- $passwordFactory = new PasswordFactory();
- $passwordFactory->init( RequestContext::getMain()->getConfig() );
- // A is unsalted MD5 (thus fast) ... we don't care about security here, this is test only
- $passwordFactory->setDefaultType( 'A' );
- $pwhash = $passwordFactory->newFromPlaintext( $password );
- wfGetDB( DB_MASTER )->update(
+ $dbw = wfGetDB( DB_MASTER );
+ $row = $dbw->selectRow(
'user',
- [ 'user_password' => $pwhash->toString() ],
+ [ 'user_password' ],
[ 'user_id' => $user->getId() ],
__METHOD__
);
+ if ( !$row ) {
+ throw new MWException( "Passed User has an ID but is not in the database?" );
+ }
+
+ $passwordFactory = new PasswordFactory();
+ $passwordFactory->init( RequestContext::getMain()->getConfig() );
+ if ( !$passwordFactory->newFromCiphertext( $row->user_password )->equals( $password ) ) {
+ $passwordHash = $passwordFactory->newFromPlaintext( $password );
+ $dbw->update(
+ 'user',
+ [ 'user_password' => $passwordHash->toString() ],
+ [ 'user_id' => $user->getId() ],
+ __METHOD__
+ );
+ }
}
/**