From: Sam Reed <reedy@users.mediawiki.org>
Date: Wed, 6 Jan 2010 13:45:06 +0000 (+0000)
Subject: * (bug 20233) ApiLogin::execute() doesn't handle LoginForm :: RESET_PASS
X-Git-Tag: 1.31.0-rc.0~38392
X-Git-Url: http://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/operations/recherche.php?a=commitdiff_plain;h=b6aa2eb5bf9b4be04e2640b040c8ada11ac8c729;p=lhc%2Fweb%2Fwiklou.git

* (bug 20233) ApiLogin::execute() doesn't handle LoginForm :: RESET_PASS

As per Bryans comment, and as per SpecialUserlogin - "The e-mailed temporary password should not be used for actual logins;"

Therefore treat RESET_PASS as WRONG_PASS
---

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 332d23a76f..87b87fa58b 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -755,6 +755,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
 * (bug 21945) Add chomp control in YAML
 * Expand the thumburl to an absolute url to make it consistent with url and 
   descriptionurl 
+* (bug 20233) ApiLogin::execute() doesn't handle LoginForm :: RESET_PASS
 
 === Languages updated in 1.16 ===
 
diff --git a/includes/api/ApiLogin.php b/includes/api/ApiLogin.php
index 66ff8dfbd4..6cde44a694 100644
--- a/includes/api/ApiLogin.php
+++ b/includes/api/ApiLogin.php
@@ -92,30 +92,39 @@ class ApiLogin extends ApiBase {
 			case LoginForm :: NO_NAME :
 				$result['result'] = 'NoName';
 				break;
+
 			case LoginForm :: ILLEGAL :
 				$result['result'] = 'Illegal';
 				break;
+
 			case LoginForm :: WRONG_PLUGIN_PASS :
 				$result['result'] = 'WrongPluginPass';
 				break;
+
 			case LoginForm :: NOT_EXISTS :
 				$result['result'] = 'NotExists';
 				break;
+	
+			case LoginForm :: RESET_PASS : //bug 20223 - Treat a temporary password as wrong. Per SpecialUserLogin - "The e-mailed temporary password should not be used for actual logins;"
 			case LoginForm :: WRONG_PASS :
 				$result['result'] = 'WrongPass';
 				break;
+
 			case LoginForm :: EMPTY_PASS :
 				$result['result'] = 'EmptyPass';
 				break;
+
 			case LoginForm :: CREATE_BLOCKED :
 				$result['result'] = 'CreateBlocked';
 				$result['details'] = 'Your IP address is blocked from account creation';
 				break;
+
 			case LoginForm :: THROTTLED :
 				global $wgPasswordAttemptThrottle;
 				$result['result'] = 'Throttled';
 				$result['wait'] = intval($wgPasswordAttemptThrottle['seconds']);
 				break;
+
 			default :
 				ApiBase :: dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
 		}