From: Platonides <platonides@users.mediawiki.org>
Date: Thu, 26 Aug 2010 18:28:33 +0000 (+0000)
Subject: When the CSRF token on is not available in the session, show the
X-Git-Tag: 1.31.0-rc.0~35314
X-Git-Url: https://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/banques/%7B%7B%20url_for%28%27admin_users%27%29%20%7D%7D?a=commitdiff_plain;h=ff191117375d57812d0125b02523bbc1123b16b1;p=lhc%2Fweb%2Fwiklou.git

When the CSRF token on is not available in the session, show the
'you have cookies disabled' message instead of "Session problem,
canceled to avoid session hijacking"
---

diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index 6d074f3c67..5e41e3ff7f 100644
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -272,7 +272,7 @@ class LoginForm {
 		# Request forgery checks.
 		if ( !self::getCreateaccountToken() ) {
 			self::setCreateaccountToken();
-			$this->mainLoginForm( wfMsg( 'sessionfailure' ) );
+			$this->mainLoginForm( wfMsgExt( 'nocookiesnew', array( 'parseinline' ) ) );;
 			return false;
 		}
 
@@ -657,6 +657,8 @@ class LoginForm {
 				break;
 
 			case self::NEED_TOKEN:
+				$this->mainLoginForm( wfMsgExt( 'nocookieslogin', array( 'parseinline' ) ) );
+				break;
 			case self::WRONG_TOKEN:
 				$this->mainLoginForm( wfMsg( 'sessionfailure' ) );
 				break;