Allow null to be passed to User::setNewPassword()

This allows the temporary password to be cleared. This methods now
behaves the same as User::setInternalPassword() with that value.

Bug: 57075
Change-Id: I2c446864c7eb591dcb64e5971bc9989950715d15

diff --git a/includes/User.php b/includes/User.php
index c86b966..224626b 100644 (file)
--- a/includes/User.php
+++ b/includes/User.php
@@ -2173,14 +2173,21 @@ class User {
        /**
         * Set the password for a password reminder or new account email
         *
-        * @param string $str New password to set
+        * @param $str New password to set or null to set an invalid
+        *  password hash meaning that the user will not be able to use it
         * @param bool $throttle If true, reset the throttle timestamp to the present
         */
        public function setNewpassword( $str, $throttle = true ) {
                $this->load();
-               $this->mNewpassword = self::crypt( $str );
-               if ( $throttle ) {
-                       $this->mNewpassTime = wfTimestampNow();
+
+               if ( $str === null ) {
+                       $this->mNewpassword = '';
+                       $this->mNewpassTime = null;
+               } else {
+                       $this->mNewpassword = self::crypt( $str );
+                       if ( $throttle ) {
+                               $this->mNewpassTime = wfTimestampNow();
+                       }
                }
        }