From 3b4eac415606de31a585e58cc7d0319f8edf98f7 Mon Sep 17 00:00:00 2001
From: Chad Horohoe <demon@users.mediawiki.org>
Date: Fri, 29 Jan 2010 23:29:53 +0000
Subject: [PATCH] Add new global $wgBlockDisablesLogin to prevent logging in by
 blocked users, obsoletes new Lockout extension

---
 RELEASE-NOTES                          | 2 ++
 includes/DefaultSettings.php           | 1 +
 includes/specials/SpecialUserlogin.php | 7 ++++++-
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index e901672b99..a43fe15b34 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -98,6 +98,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
   memcached servers.
 * New configuration variables $wgDebugTimestamps and $wgDebugPrintHttpHeaders
   for controlling debug output.
+* New $wgBlockDisablesLogin when set to true disallows blocked users from
+  logging in.
 
 === New features in 1.16 ===
 
diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 7d834c8c44..f711e87b32 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -1343,6 +1343,7 @@ $wgBlockCIDRLimit = array(
 	'IPv4' => 16, # Blocks larger than a /16 (64k addresses) will not be allowed
 	'IPv6' => 64, # 2^64 = ~1.8x10^19 addresses
 );
+$wgBlockDisablesLogin = false; # If true, blocked users will not be allowed to login
 
 # Pages anonymous user may see as an array, e.g.:
 # array ( "Main Page", "Wikipedia:Help");
diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index 59d584be77..f43b2962be 100644
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -417,6 +417,12 @@ class LoginForm {
 				return self::THROTTLED;
 			}
 		}
+		// If we've enabled it, make it so that a blocked user cannot login
+		global $wgBlockDisablesLogin;
+		$u = User::newFromName( $this->mName );
+		if( $wgBlockDisablesLogin && !is_null( $u ) && $u->isBlocked() ) {
+			return self::USER_BLOCKED;
+		}
 
 		// Load $wgUser now, and check to see if we're logging in as the same
 		// name. This is necessary because loading $wgUser (say by calling
@@ -433,7 +439,6 @@ class LoginForm {
 
 		# TODO: Allow some magic here for invalid external names, e.g., let the
 		# user choose a different wiki name.
-		$u = User::newFromName( $this->mName );
 		if( is_null( $u ) || !User::isUsableName( $u->getName() ) ) {
 			return self::ILLEGAL;
 		}
-- 
2.20.1