From: Tim Starling Date: Fri, 30 Jul 2004 11:13:54 +0000 (+0000) Subject: committing Hendrik Brummermann's checkPassword() patch, plus some modifications to... X-Git-Tag: 1.5.0alpha1~2567 X-Git-Url: https://git.cyclocoop.org/%28%28?a=commitdiff_plain;h=8f147fa900d1b57702aa47d95093aff8480d8849;p=lhc%2Fweb%2Fwiklou.git committing Hendrik Brummermann's checkPassword() patch, plus some modifications to fix a UTF-8 post-conversion problem --- diff --git a/includes/SpecialPreferences.php b/includes/SpecialPreferences.php index 37ec5946c5..6f6e75b945 100644 --- a/includes/SpecialPreferences.php +++ b/includes/SpecialPreferences.php @@ -134,12 +134,10 @@ class PreferencesForm { $this->mainPrefsForm( wfMsg( "badretype" ) ); return; } - $ep = $wgUser->encryptPassword( $this->mOldpass ); - if ( $ep != $wgUser->getPassword() ) { - if ( $ep != $wgUser->getNewpassword() ) { - $this->mainPrefsForm( wfMsg( "wrongpassword" ) ); - return; - } + + if (!$wgUser->checkPassword( $this->mOldpass )) { + $this->mainPrefsForm( wfMsg( "wrongpassword" ) ); + return; } $wgUser->setPassword( $this->mNewpass ); } diff --git a/includes/SpecialUserlogin.php b/includes/SpecialUserlogin.php index 5c68b846e3..f69fc8ba49 100644 --- a/includes/SpecialUserlogin.php +++ b/includes/SpecialUserlogin.php @@ -201,12 +201,9 @@ class LoginForm { } $u->setId( $id ); $u->loadFromDatabase(); - $ep = $u->encryptPassword( $this->mPassword ); - if ( 0 != strcmp( $ep, $u->getPassword() ) ) { - if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) { - $this->mainLoginForm( wfMsg( "wrongpassword" ) ); - return; - } + if (!$u->checkPassword( $this->mPassword )) { + $this->mainLoginForm( wfMsg( "wrongpassword" ) ); + return; } # We've verified now, update the real record diff --git a/includes/User.php b/includes/User.php index f31c81bfa7..7d10777141 100644 --- a/includes/User.php +++ b/includes/User.php @@ -319,16 +319,6 @@ class User { return ($timestamp >= $this->mTouched); } - function getPassword() { - $this->loadFromDatabase(); - return $this->mPassword; - } - - function getNewpassword() { - $this->loadFromDatabase(); - return $this->mNewpassword; - } - function addSalt( $p ) { global $wgPasswordSalt; if($wgPasswordSalt) @@ -721,6 +711,26 @@ class User { function isNewbie() { return $this->mId > User::getMaxID() * 0.99 && !$this->isSysop() && !$this->isBot() || $this->getID() == 0; } + + # Check to see if the given clear-text password is one of the accepted passwords + function checkPassword( $password ) { + print "hello\n"; + $this->loadFromDatabase(); + $ep = $this->encryptPassword( $password ); + if ( 0 == strcmp( $ep, $this->mPassword ) ) { + return true; + } elseif ( 0 == strcmp( $ep, $this->mNewpassword ) ) { + return true; + } elseif ( function_exists( 'iconv' ) ) { + # Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted + # Check for this with iconv +/* $cp1252hash = $this->encryptPassword( iconv( 'UTF-8', 'WINDOWS-1252', $password ) ); + if ( 0 == strcmp( $cp1252hash, $this->mPassword ) ) { + return true; + }*/ + } + return false; + } } ?>