to move LocalSettings.php
* The FailFunction "error handling" method has now been removed
* $wgAdditionalMailParams added to allow setting extra options to mail() calls.
+* $wgSecureLogin & $wgSecureLoginStickHTTPS to optionaly login using HTTPS
=== New features in 1.17 ===
* (bug 10183) Users can now add personal styles and scripts to all skins via
*/
$wgAllowPrefChange = array();
+/**
+ * This is to let user authenticate using https when they come from http.
+ * Based on an idea by George Herbert on wikitech-l:
+ * http://lists.wikimedia.org/pipermail/wikitech-l/2010-October/050065.html
+ * @since 1.17
+ */
+$wgSecureLogin = false;
+/**
+ * Default for 'use secure login' checkbox
+ * @since 1.17
+ */
+$wgSecureLoginStickHTTPS = false;
+
/** @} */ # end user accounts }
/************************************************************************//**
$loginlink = $wgUser->isAllowed( 'createaccount' )
? 'nav-login-createaccount'
: 'login';
+
+ # anonlogin & login are the same
+ $login_url = array(
+ 'text' => wfMsg( $loginlink ),
+ 'href' => self::makeSpecialUrl( 'Userlogin', $returnto ),
+ 'active' => $title->isSpecial( 'Userlogin' )
+ );
+ global $wgProto, $wgSecureLogin;
+ if( $wgProto === 'http' && $wgSecureLogin ) {
+ $title = SpecialPage::getTitleFor( 'Userlogin' );
+ $https_url = preg_replace( '/^http:/', 'https:', $title->getFullURL() );
+ $login_url['href'] = $https_url;
+ $login_url['class'] = 'link-https'; # FIXME class depends on skin
+ }
+
if( $this->showIPinHeader() ) {
$href = &$this->userpageUrlDetails['href'];
$personal_urls['anonuserpage'] = array(
'class' => $usertalkUrlDetails['exists'] ? false : 'new',
'active' => ( $pageurl == $href )
);
- $personal_urls['anonlogin'] = array(
- 'text' => wfMsg( $loginlink ),
- 'href' => self::makeSpecialUrl( 'Userlogin', $returnto ),
- 'active' => $title->isSpecial( 'Userlogin' )
- );
+ $personal_urls['anonlogin'] = $login_url;
} else {
- $personal_urls['login'] = array(
- 'text' => wfMsg( $loginlink ),
- 'href' => self::makeSpecialUrl( 'Userlogin', $returnto ),
- 'active' => $title->isSpecial( 'Userlogin' )
- );
+ $personal_urls['login'] = $login_url;
}
}
var $mName, $mPassword, $mRetype, $mReturnTo, $mCookieCheck, $mPosted;
var $mAction, $mCreateaccount, $mCreateaccountMail, $mMailmypassword;
var $mLoginattempt, $mRemember, $mEmail, $mDomain, $mLanguage;
- var $mSkipCookieCheck, $mReturnToQuery, $mToken;
+ var $mSkipCookieCheck, $mReturnToQuery, $mToken, $mStickHTTPS;
private $mExtUser = null;
$this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
$this->mAction = $request->getVal( 'action' );
$this->mRemember = $request->getCheck( 'wpRemember' );
+ $this->mStickHTTPS = $request->getCheck( 'wpStickHTTPS' );
$this->mLanguage = $request->getText( 'uselang' );
$this->mSkipCookieCheck = $request->getCheck( 'wpSkipCookieCheck' );
$this->mToken = ( $this->mType == 'signup' ) ? $request->getVal( 'wpCreateaccountToken' ) : $request->getVal( 'wpLoginToken' );
if ( !$titleObj instanceof Title ) {
$titleObj = Title::newMainPage();
}
- $wgOut->redirect( $titleObj->getFullURL( $this->mReturnToQuery ) );
+ $redirectUrl = $titleObj->getFullURL( $this->mReturnToQuery );
+ global $wgSecureLogin;
+ if( $wgSecureLogin && !$this->mStickHTTPS ) {
+ $redirectUrl = preg_replace( '/^https:/', 'http:', $redirectUrl );
+ }
+ $wgOut->redirect( $redirectUrl );
}
}
global $wgUser, $wgOut, $wgHiddenPrefs, $wgEnableEmail;
global $wgRequest, $wgLoginLanguageSelector;
global $wgAuth, $wgEmailConfirmToEdit, $wgCookieExpiration;
+ global $wgSecureLogin, $wgSecureLoginStickHTTPS;
$titleObj = SpecialPage::getTitleFor( 'Userlogin' );
$template->set( 'canremember', ( $wgCookieExpiration > 0 ) );
$template->set( 'usereason', $wgUser->isLoggedIn() );
$template->set( 'remember', $wgUser->getOption( 'rememberpassword' ) || $this->mRemember );
+ $template->set( 'cansecurelogin', ( $wgSecureLogin === true ) );
+ $template->set( 'stickHTTPS', $this->mStickHTTPS );
if ( $this->mType == 'signup' ) {
if ( !self::getCreateaccountToken() ) {
?>
</td>
</tr>
+<?php } ?>
+<?php if( $this->data['cansecurelogin'] ) { ?>
+ <tr>
+ <td></td>
+ <td class="mw-input">
+ <?php
+ echo Xml::checkLabel(
+ wfMsg( 'securelogin-stick-https' ),
+ 'wpStickHTTPS',
+ 'wpStickHTTPS',
+ $this->data['stickHTTPS'],
+ array( 'tabindex' => '9' )
+ );
+ ?>
+ </td>
+ </tr>
<?php } ?>
<tr>
<td></td>
'yourpassword' => 'Password:',
'yourpasswordagain' => 'Retype password:',
'remembermypassword' => 'Remember my login on this browser (for a maximum of $1 {{PLURAL:$1|day|days}})',
+'securelogin-stick-https' => 'Stay connected to HTTPS after login',
'yourdomainname' => 'Your domain:',
'externaldberror' => 'There was either an authentication database error or you are not allowed to update your external account.',
'login' => 'Log in',