'format' => $this->format,
'useDatabase' => $this->useDatabase,
'title' => $this->title,
+ 'titlestr' => $this->title ? $this->title->getFullText() : null,
] );
}
*/
public function unserialize( $serialized ) {
$data = unserialize( $serialized );
+ if ( !is_array( $data ) ) {
+ throw new InvalidArgumentException( __METHOD__ . ': Invalid serialized data' );
+ }
+
$this->interface = $data['interface'];
$this->key = $data['key'];
$this->keysToTry = $data['keysToTry'];
$this->format = $data['format'];
$this->useDatabase = $data['useDatabase'];
$this->language = $data['language'] ? Language::factory( $data['language'] ) : false;
- $this->title = $data['title'];
+
+ if ( isset( $data['titlestr'] ) ) {
+ $this->title = Title::newFromText( $data['titlestr'] );
+ } elseif ( isset( $data['title'] ) && $data['title'] instanceof Title ) {
+ // Old serializations from before December 2018
+ $this->title = $data['title'];
+ } else {
+ $this->title = null; // Explicit for sanity
+ }
}
/**
$username = $user->getName();
$contLang = MediaWikiServices::getInstance()->getContentLanguage();
if (
- $policyVal && $contLang->lc( $password ) === $contLang->lc( $username )
+ $policyVal && hash_equals( $contLang->lc( $username ), $contLang->lc( $password ) )
) {
$status->error( 'password-name-match' );
}
$status = Status::newGood();
$username = $user->getName();
if ( $policyVal ) {
- if ( isset( $blockedLogins[$username] ) && $password == $blockedLogins[$username] ) {
+ if (
+ isset( $blockedLogins[$username] ) &&
+ hash_equals( $blockedLogins[$username], $password )
+ ) {
$status->error( 'password-login-forbidden' );
}
// Example from ApiChangeAuthenticationRequest
- if ( $password === 'ExamplePassword' ) {
+ if ( hash_equals( 'ExamplePassword', $password ) ) {
$status->error( 'password-login-forbidden' );
}
}
'ul',
[],
implode( '', array_map( function ( $prop ) {
- return HTML::rawElement(
+ return Html::rawElement(
'li',
[],
$prop
continue;
}
- $items[] = HTML::rawElement(
+ $items[] = Html::rawElement(
'li',
[],
Linker::link( $restriction->getTitle() )