Adding a check into SpecialUserLogin's initUser() function to only set a password if authentication plugins allow it.
* Link from Special:log/protect to change protection form
* Fix fallback implementation of mb_strlen so it works and isn't insanely
slow for large strings, since it's used for page edit lengths
-
+* (bug 8815) Setting password in initUser() breaks LdapAuthentication plugin
== Languages updated ==
* @private
*/
function initUser( $u ) {
+ global $wgAuth;
+
$u->addToDatabase();
- $u->setPassword( $this->mPassword );
+
+ if ( $wgAuth->allowPasswordChange() ) {
+ $u->setPassword( $this->mPassword );
+ }
+
$u->setEmail( $this->mEmail );
$u->setRealName( $this->mRealName );
$u->setToken();
- global $wgAuth;
$wgAuth->initUser( $u );
$u->setOption( 'rememberpassword', $this->mRemember ? 1 : 0 );
$wgMinimalPasswordLength ) );
}
}
-
+
if( !$wgAuth->setPassword( $this, $str ) ) {
throw new PasswordError( wfMsg( 'externaldberror' ) );
}
+ $this->setInternalPassword( $str );
+
+ return true;
+ }
+
+ /**
+ * Set the password and reset the random token no matter
+ * what.
+ *
+ * @param string $str
+ */
+ function setInternalPassword( $str ) {
$this->load();
$this->setToken();
}
$this->mNewpassword = '';
$this->mNewpassTime = null;
-
- return true;
}
-
/**
* Set the random token (used for persistent authentication)
* Called from loadDefaults() among other places.