dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
SECURITY: Fix reauth in Special:ChangeEmail
[lhc/web/wiklou.git]
/
includes
/
specials
/
SpecialChangeEmail.php
diff --git
a/includes/specials/SpecialChangeEmail.php
b/includes/specials/SpecialChangeEmail.php
index
785447f
..
1bd42ac
100644
(file)
--- a/
includes/specials/SpecialChangeEmail.php
+++ b/
includes/specials/SpecialChangeEmail.php
@@
-22,6
+22,7
@@
*/
use MediaWiki\Auth\AuthManager;
*/
use MediaWiki\Auth\AuthManager;
+use MediaWiki\Logger\LoggerFactory;
/**
* Let users change their email address.
/**
* Let users change their email address.
@@
-54,16
+55,17
@@
class SpecialChangeEmail extends FormSpecialPage {
* @param string $par
*/
function execute( $par ) {
* @param string $par
*/
function execute( $par ) {
- $this->checkLoginSecurityLevel();
-
$out = $this->getOutput();
$out->disallowUserJs();
parent::execute( $par );
}
$out = $this->getOutput();
$out->disallowUserJs();
parent::execute( $par );
}
- protected function checkExecutePermissions( User $user ) {
+ protected function getLoginSecurityLevel() {
+ return $this->getName();
+ }
+ protected function checkExecutePermissions( User $user ) {
if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) {
throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
}
if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) {
throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
}
@@
-136,7
+138,7
@@
class SpecialChangeEmail extends FormSpecialPage {
$query = $request->getVal( 'returntoquery' );
if ( $this->status->value === true ) {
$query = $request->getVal( 'returntoquery' );
if ( $this->status->value === true ) {
- $this->getOutput()->redirect( $titleObj->getFullU
RL
( $query ) );
+ $this->getOutput()->redirect( $titleObj->getFullU
rlForRedirect
( $query ) );
} elseif ( $this->status->value === 'eauth' ) {
# Notify user that a confirmation email has been sent...
$this->getOutput()->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>",
} elseif ( $this->status->value === 'eauth' ) {
# Notify user that a confirmation email has been sent...
$this->getOutput()->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>",
@@
-168,6
+170,14
@@
class SpecialChangeEmail extends FormSpecialPage {
return $status;
}
return $status;
}
+ LoggerFactory::getInstance( 'authentication' )->info(
+ 'Changing email address for {user} from {oldemail} to {newemail}', [
+ 'user' => $user->getName(),
+ 'oldemail' => $oldaddr,
+ 'newemail' => $newaddr,
+ ]
+ );
+
Hooks::run( 'PrefsEmailAudit', [ $user, $oldaddr, $newaddr ] );
$user->saveSettings();
Hooks::run( 'PrefsEmailAudit', [ $user, $oldaddr, $newaddr ] );
$user->saveSettings();