Mention that User::setInternalPassword() accepts null as password string

This allows to set an invalid hash preventing the user from logging in.

Change-Id: I8869eda42fd902dd26660c63e5f213b63e7e77ef

diff --git a/includes/User.php b/includes/User.php
index a73414c..65d8628 100644 (file)
--- a/includes/User.php
+++ b/includes/User.php
@@ -2046,7 +2046,9 @@ class User {
        /**
         * Set the password and reset the random token unconditionally.
         *
-        * @param $str String New password to set
+        * @param $str string|null New password to set or null to set an invalid
+        *        password hash meaning that the user will not be able to log in
+        *        through the web interface.
         */
        public function setInternalPassword( $str ) {
                $this->load();