I really don't like the idea of invalid IPs sending these passwords out

diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index 99ba68e..13df18a 100644 (file)
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -651,7 +651,10 @@ class LoginForm {
                $u->saveSettings();
 
                $ip = wfGetIP();
-               if ( '' == $ip ) { $ip = '(Unknown)'; }
+               if( !$ip ) {
+                       return new WikiError( wfMsg( 'badipaddress' ) );
+               }
+               #if ( '' == $ip ) { $ip = '(Unknown)'; }
 
                $m = wfMsg( $emailText, $ip, $u->getName(), $np, $wgServer . $wgScript );
                $result = $u->sendMail( wfMsg( $emailTitle ), $m );