From c1123f72723cbec3183a0035be4ee2bfb2b903af Mon Sep 17 00:00:00 2001
From: Brad Jorsch <bjorsch@wikimedia.org>
Date: Wed, 2 Oct 2013 13:46:30 -0400
Subject: [PATCH] Allow AbortLogin hook to override error messages

The AbortLogin hook has a $msg argument that allows for specifying a
MediaWiki message to display to the user. But this message is only used
when the hook is aborted with LoginForm::ABORTED. There's no reason not
to use this same parameter for the other possible failure constants.

Note this is a slight change in behavior for the hook, as previously the
$msg parameter would be coming in as "login-abort-generic" unless an
earlier hook altered it, while now it will be null.

Change-Id: Ib03a1aed9dfb566a027c31c015aa30619174a6c2
---
 includes/specials/SpecialUserlogin.php | 43 +++++++++++++++++---------
 1 file changed, 28 insertions(+), 15 deletions(-)

diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index 9429f10472..7a93ade09a 100644
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -48,7 +48,7 @@ class LoginForm extends SpecialPage {
 	var $mLoginattempt, $mRemember, $mEmail, $mDomain, $mLanguage;
 	var $mSkipCookieCheck, $mReturnToQuery, $mToken, $mStickHTTPS;
 	var $mType, $mReason, $mRealName;
-	var $mAbortLoginErrorMsg = 'login-abort-generic';
+	var $mAbortLoginErrorMsg = null;
 	private $mLoaded = false;
 	private $mSecureLoginUrl;
 
@@ -582,7 +582,9 @@ class LoginForm extends SpecialPage {
 
 		// Give general extensions, such as a captcha, a chance to abort logins
 		$abort = self::ABORTED;
-		if ( !wfRunHooks( 'AbortLogin', array( $u, $this->mPassword, &$abort, &$this->mAbortLoginErrorMsg ) ) ) {
+		$msg = null;
+		if ( !wfRunHooks( 'AbortLogin', array( $u, $this->mPassword, &$abort, &$msg ) ) ) {
+			$this->mAbortLoginErrorMsg = $msg;
 			return $abort;
 		}
 
@@ -780,51 +782,62 @@ class LoginForm extends SpecialPage {
 				break;
 
 			case self::NEED_TOKEN:
-				$this->mainLoginForm( $this->msg( 'nocookiesforlogin' )->parse() );
+				$error = $this->mAbortLoginErrorMsg ?: 'nocookiesforlogin';
+				$this->mainLoginForm( $this->msg( $error )->parse() );
 				break;
 			case self::WRONG_TOKEN:
-				$this->mainLoginForm( $this->msg( 'sessionfailure' )->text() );
+				$error = $this->mAbortLoginErrorMsg ?: 'sessionfailure';
+				$this->mainLoginForm( $this->msg( $error )->text() );
 				break;
 			case self::NO_NAME:
 			case self::ILLEGAL:
-				$this->mainLoginForm( $this->msg( 'noname' )->text() );
+				$error = $this->mAbortLoginErrorMsg ?: 'noname';
+				$this->mainLoginForm( $this->msg( $error )->text() );
 				break;
 			case self::WRONG_PLUGIN_PASS:
-				$this->mainLoginForm( $this->msg( 'wrongpassword' )->text() );
+				$error = $this->mAbortLoginErrorMsg ?: 'wrongpassword';
+				$this->mainLoginForm( $this->msg( $error )->text() );
 				break;
 			case self::NOT_EXISTS:
 				if ( $this->getUser()->isAllowed( 'createaccount' ) ) {
-					$this->mainLoginForm( $this->msg( 'nosuchuser',
+					$error = $this->mAbortLoginErrorMsg ?: 'nosuchuser';
+					$this->mainLoginForm( $this->msg( $error,
 						wfEscapeWikiText( $this->mUsername ) )->parse() );
 				} else {
-					$this->mainLoginForm( $this->msg( 'nosuchusershort',
+					$error = $this->mAbortLoginErrorMsg ?: 'nosuchusershort';
+					$this->mainLoginForm( $this->msg( $error,
 						wfEscapeWikiText( $this->mUsername ) )->text() );
 				}
 				break;
 			case self::WRONG_PASS:
-				$this->mainLoginForm( $this->msg( 'wrongpassword' )->text() );
+				$error = $this->mAbortLoginErrorMsg ?: 'wrongpassword';
+				$this->mainLoginForm( $this->msg( $error )->text() );
 				break;
 			case self::EMPTY_PASS:
-				$this->mainLoginForm( $this->msg( 'wrongpasswordempty' )->text() );
+				$error = $this->mAbortLoginErrorMsg ?: 'wrongpasswordempty';
+				$this->mainLoginForm( $this->msg( $error )->text() );
 				break;
 			case self::RESET_PASS:
-				$this->resetLoginForm( $this->msg( 'resetpass_announce' )->text() );
+				$error = $this->mAbortLoginErrorMsg ?: 'resetpass_announce';
+				$this->resetLoginForm( $this->msg( $error )->text() );
 				break;
 			case self::CREATE_BLOCKED:
 				$this->userBlockedMessage( $this->getUser()->isBlockedFromCreateAccount() );
 				break;
 			case self::THROTTLED:
-				$this->mainLoginForm( $this->msg( 'login-throttled' )
+				$error = $this->mAbortLoginErrorMsg ?: 'login-throttled';
+				$this->mainLoginForm( $this->msg( $error )
 				->params ( $this->getLanguage()->formatDuration( $wgPasswordAttemptThrottle['seconds'] ) )
 				->text()
 				);
 				break;
 			case self::USER_BLOCKED:
-				$this->mainLoginForm( $this->msg( 'login-userblocked',
-					$this->mUsername )->escaped() );
+				$error = $this->mAbortLoginErrorMsg ?: 'login-userblocked';
+				$this->mainLoginForm( $this->msg( $error, $this->mUsername )->escaped() );
 				break;
 			case self::ABORTED:
-				$this->mainLoginForm( $this->msg( $this->mAbortLoginErrorMsg )->text() );
+				$error = $this->mAbortLoginErrorMsg ?: 'login-abort-generic';
+				$this->mainLoginForm( $this->msg( $error )->text() );
 				break;
 			default:
 				throw new MWException( 'Unhandled case value' );
-- 
2.20.1