'Password' => __DIR__ . '/includes/password/Password.php',
'PasswordError' => __DIR__ . '/includes/password/PasswordError.php',
'PasswordFactory' => __DIR__ . '/includes/password/PasswordFactory.php',
+ 'PasswordPolicyChecks' => __DIR__ . '/includes/password/PasswordPolicyChecks.php',
'PatchSql' => __DIR__ . '/maintenance/patchSql.php',
'PathRouter' => __DIR__ . '/includes/PathRouter.php',
'PathRouterPatternReplacer' => __DIR__ . '/includes/PathRouter.php',
'ResourceLoaderFilePath' => __DIR__ . '/includes/resourceloader/ResourceLoaderFilePath.php',
'ResourceLoaderImage' => __DIR__ . '/includes/resourceloader/ResourceLoaderImage.php',
'ResourceLoaderImageModule' => __DIR__ . '/includes/resourceloader/ResourceLoaderImageModule.php',
- 'ResourceLoaderJqueryMsgDataModule' => __DIR__ . '/includes/resourceloader/ResourceLoaderJqueryMsgDataModule.php',
+ 'ResourceLoaderJqueryMsgModule' => __DIR__ . '/includes/resourceloader/ResourceLoaderJqueryMsgModule.php',
'ResourceLoaderLanguageDataModule' => __DIR__ . '/includes/resourceloader/ResourceLoaderLanguageDataModule.php',
'ResourceLoaderLanguageNamesModule' => __DIR__ . '/includes/resourceloader/ResourceLoaderLanguageNamesModule.php',
'ResourceLoaderModule' => __DIR__ . '/includes/resourceloader/ResourceLoaderModule.php',
'UserMailer' => __DIR__ . '/includes/mail/UserMailer.php',
'UserNotLoggedIn' => __DIR__ . '/includes/exception/UserNotLoggedIn.php',
'UserOptions' => __DIR__ . '/maintenance/userOptions.inc',
+ 'UserPasswordPolicy' => __DIR__ . '/includes/password/UserPasswordPolicy.php',
'UserRightsProxy' => __DIR__ . '/includes/UserRightsProxy.php',
'UsercreateTemplate' => __DIR__ . '/includes/templates/Usercreate.php',
'UserloginTemplate' => __DIR__ . '/includes/templates/Userlogin.php',
* @since 1.23
*/
public function checkPasswordValidity( $password ) {
- global $wgMinimalPasswordLength, $wgMaximalPasswordLength, $wgContLang;
+ global $wgPasswordPolicy;
- static $blockedLogins = array(
- 'Useruser' => 'Passpass', 'Useruser1' => 'Passpass1', # r75589
- 'Apitestsysop' => 'testpass', 'Apitestuser' => 'testpass' # r75605
+ $upp = new UserPasswordPolicy(
+ $wgPasswordPolicy['policies'],
+ $wgPasswordPolicy['checks']
);
$status = Status::newGood();
-
$result = false; //init $result to false for the internal checks
if ( !Hooks::run( 'isValidPassword', array( $password, &$result, $this ) ) ) {
}
if ( $result === false ) {
- if ( strlen( $password ) < $wgMinimalPasswordLength ) {
- $status->error( 'passwordtooshort', $wgMinimalPasswordLength );
- return $status;
- } elseif ( strlen( $password ) > $wgMaximalPasswordLength ) {
- // T64685: Password too long, might cause DoS attack
- $status->fatal( 'passwordtoolong', $wgMaximalPasswordLength );
- return $status;
- } elseif ( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
- $status->error( 'password-name-match' );
- return $status;
- } elseif ( isset( $blockedLogins[$this->getName()] )
- && $password == $blockedLogins[$this->getName()]
- ) {
- $status->error( 'password-login-forbidden' );
- return $status;
- } else {
- //it seems weird returning a Good status here, but this is because of the
- //initialization of $result to false above. If the hook is never run or it
- //doesn't modify $result, then we will likely get down into this if with
- //a valid password.
- return $status;
- }
+ $status->merge( $upp->checkUserPassword( $this, $password ) );
+ return $status;
} elseif ( $result === true ) {
return $status;
} else {
$timestamp = $cache->getCheckKeyTime( $key );
if ( $timestamp ) {
- $this->mQuickTouched = wfTimestamp( TS_MW, $timestamp );
+ $this->mQuickTouched = wfTimestamp( TS_MW, (int)$timestamp );
} else {
# Set the timestamp to get HTTP 304 cache hits
$this->touch();