$this->loginOnly = !empty( $params['loginOnly'] );
}
+ /**
+ * Check if the password has expired and needs a reset
+ *
+ * @param string $username
+ * @param \stdClass $row A row from the user table
+ * @return \stdClass|null
+ */
protected function getPasswordResetData( $username, $row ) {
$now = wfTimestamp();
$expiration = wfTimestampOrNull( TS_UNIX, $row->user_password_expires );
}
$pwhash = $this->getPassword( $row->user_password );
- if ( !$pwhash->equals( $req->password ) ) {
+ if ( !$pwhash->verify( $req->password ) ) {
if ( $this->config->get( 'LegacyEncoding' ) ) {
// Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted
// Check for this with iconv
$cp1252Password = iconv( 'UTF-8', 'WINDOWS-1252//TRANSLIT', $req->password );
- if ( $cp1252Password === $req->password || !$pwhash->equals( $cp1252Password ) ) {
+ if ( $cp1252Password === $req->password || !$pwhash->verify( $cp1252Password ) ) {
return $this->failResponse( $req );
}
} else {