Applying Michael Newton's patch from Bug 24464 - Execute

LoginAuthenticateAudit hook more often

Tested and it *seems* reasonable to me.

diff --git a/CREDITS b/CREDITS
index 4e559f2..00d1fd8 100644 (file)
--- a/CREDITS
+++ b/CREDITS
@@ -131,6 +131,7 @@ following names for their contribution to the product.
 * Michael Dale
 * Michael De La Rue
 * Michael M.
+* Michael Newton
 * Michael Walsh
 * Mike Horvath
 * Mormegil

diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index 8892d97..c47195a 100644 (file)
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -475,6 +475,7 @@ class LoginForm extends SpecialPage {
                $this->load();
 
                if ( $this->mUsername == '' ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::NO_NAME ) );
                        return self::NO_NAME;
                }
 
@@ -486,20 +487,24 @@ class LoginForm extends SpecialPage {
                // If the user doesn't have a login token yet, set one.
                if ( !self::getLoginToken() ) {
                        self::setLoginToken();
+                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::NEED_TOKEN ) );
                        return self::NEED_TOKEN;
                }
                // If the user didn't pass a login token, tell them we need one
                if ( !$this->mToken ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::NEED_TOKEN ) );
                        return self::NEED_TOKEN;
                }
 
                $throttleCount = self::incLoginThrottle( $this->mUsername );
                if ( $throttleCount === true ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::THROTTLED ) );
                        return self::THROTTLED;
                }
 
                // Validate the login token
                if ( $this->mToken !== self::getLoginToken() ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::WRONG_TOKEN ) );
                        return self::WRONG_TOKEN;
                }
 
@@ -520,6 +525,7 @@ class LoginForm extends SpecialPage {
                # user choose a different wiki name.
                $u = User::newFromName( $this->mUsername );
                if( !( $u instanceof User ) || !User::isUsableName( $u->getName() ) ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, self::ILLEGAL ) );
                        return self::ILLEGAL;
                }
 
@@ -527,6 +533,7 @@ class LoginForm extends SpecialPage {
                if ( 0 == $u->getID() ) {
                        $status = $this->attemptAutoCreate( $u );
                        if ( $status !== self::SUCCESS ) {
+                               wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, $status ) );
                                return $status;
                        } else {
                                $isAutoCreated = true;
@@ -547,6 +554,7 @@ class LoginForm extends SpecialPage {
                // Give general extensions, such as a captcha, a chance to abort logins
                $abort = self::ABORTED;
                if( !wfRunHooks( 'AbortLogin', array( $u, $this->mPassword, &$abort, &$this->mAbortLoginErrorMsg ) ) ) {
+                       wfRunHooks( 'LoginAuthenticateAudit', array( $u, $this->mPassword, $abort ) );
                        return $abort;
                }