From: Chad Horohoe Date: Mon, 1 Feb 2010 14:51:46 +0000 (+0000) Subject: Cleanup r61694, move blocked check to after password check, global auth checks, etc... X-Git-Tag: 1.31.0-rc.0~37992 X-Git-Url: https://git.cyclocoop.org/%28%28?a=commitdiff_plain;h=f1bb509dfc1d8cc7c10dd72386ebdf8b400394a4;p=lhc%2Fweb%2Fwiklou.git Cleanup r61694, move blocked check to after password check, global auth checks, etc. Prevents hunting for blocked users --- diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index f43b2962be..671070b7d7 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -417,12 +417,6 @@ class LoginForm { return self::THROTTLED; } } - // If we've enabled it, make it so that a blocked user cannot login - global $wgBlockDisablesLogin; - $u = User::newFromName( $this->mName ); - if( $wgBlockDisablesLogin && !is_null( $u ) && $u->isBlocked() ) { - return self::USER_BLOCKED; - } // Load $wgUser now, and check to see if we're logging in as the same // name. This is necessary because loading $wgUser (say by calling @@ -439,6 +433,7 @@ class LoginForm { # TODO: Allow some magic here for invalid external names, e.g., let the # user choose a different wiki name. + $u = User::newFromName( $this->mName ); if( is_null( $u ) || !User::isUsableName( $u->getName() ) ) { return self::ILLEGAL; } @@ -470,6 +465,7 @@ class LoginForm { return $abort; } + global $wgBlockDisablesLogin; if (!$u->checkPassword( $this->mPassword )) { if( $u->checkTemporaryPassword( $this->mPassword ) ) { // The e-mailed temporary password should not be used for actu- @@ -500,6 +496,9 @@ class LoginForm { } else { $retval = ($this->mPassword == '') ? self::EMPTY_PASS : self::WRONG_PASS; } + } elseif ( $wgBlockDisablesLogin && $u->isBlocked() ) { + // If we've enabled it, make it so that a blocked user cannot login + $retval = self::USER_BLOCKED; } else { $wgAuth->updateUser( $u ); $wgUser = $u;