* User::isValidPassword now only returns boolean results, User::getPasswordValidity...

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 8adfccb..0b5de5a 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -598,8 +598,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
 * (bug 18019) Users are now warned when moving a file to a name in use on a
   shared repository and only users with the 'reupload-shared' permission can
   complete the move.
-* Any strings returned by the isValidPassword hook are now shown as error messages
-  instead of MediaWiki thinking that the hook said the password was valid.
+* User::isValidPassword now only returns boolean results, User::getPasswordValidity
+  can be used to get an error message string
 * The error message shown in Special:ChangePassword now parses wiki markup
 
 == API changes in 1.16 ==

diff --git a/includes/User.php b/includes/User.php
index 0b53fe6..7998f1b 100644 (file)
--- a/includes/User.php
+++ b/includes/User.php
@@ -621,19 +621,11 @@ class User {
         * Is the input a valid password for this user?
         *
         * @param $password String Desired password
-        * @return mixed: bool True or false or a message key explaining why the password is invalid
+        * @return bool True or false
         */
        function isValidPassword( $password ) {
-               global $wgMinimalPasswordLength, $wgContLang;
-
-               if( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) )
-                       return $result;
-               if( $result === false )
-                       return false;
- 
-               // Password needs to be long enough, and can't be the same as the username
-               return strlen( $password ) >= $wgMinimalPasswordLength
-                       && $wgContLang->lc( $password ) !== $wgContLang->lc( $this->mName );
+               //simple boolean wrapper for getPasswordValidity
+               return $this->getPasswordValidity( $password ) === true;
        }
 
        /**
@@ -645,7 +637,12 @@ class User {
        function getPasswordValidity( $password ) {
                global $wgMinimalPasswordLength, $wgContLang;
                
-               if ( ( $result = $this->isValidPassword( $password ) ) === false ) {
+               $result = false; //init $result to false for the internal checks
+               
+               if( !wfRunHooks( 'isValidPassword', array( $password, &$result, $this ) ) )
+                       return $result;
+               
+               if ( $result === false ) {
                        if( strlen( $password ) < $wgMinimalPasswordLength ) {
                                return 'passwordtooshort';
                        } elseif ( $wgContLang->lc( $password ) == $wgContLang->lc( $this->mName ) ) {
@@ -654,7 +651,7 @@ class User {
                } elseif( $result === true ) {
                        return true;
                } else {
-                       return $result; //the isValidPassword hook set a string $result and returned false
+                       return $result; //the isValidPassword hook set a string $result and returned true
                }
        }
 
@@ -1770,7 +1767,7 @@ class User {
                                throw new PasswordError( wfMsg( 'password-change-forbidden' ) );
                        }
  
-                       if( $this->isValidPassword( $str ) !== true ) {
+                       if( !$this->isValidPassword( $str ) ) {
                                global $wgMinimalPasswordLength;
                                $valid = $this->getPasswordValidity( $str );
                                throw new PasswordError( wfMsgExt( $valid, array( 'parsemag' ),