-----Original Message-----
From: mediawiki-l-bounces(a)Wikimedia.org
[mailto:mediawiki-l-bounces@Wikimedia.org]On Behalf Of Brion Vibber
Sent: Friday, April 29, 2005 11:20 AM
To: MediaWiki announcements and site admin list
Subject: Re: [Mediawiki-l] AuthPlugin always fails with fatal
error on initialauthentication
Carlton B wrote:
I am using AuthPlugin to authenticate against an
external
database. The
first time a user logs in, without exception they
see this error:
Fatal error: Call to a member function on a non-object in
/home/myaccountname/public_html/mediawiki-1.4.2/includes/SpecialUs
erlogin.ph
p on line 266
In the 1.4.2 release, Line 266 is:
if (!$u->checkPassword( $this->mPassword )) {
For this to fail in the way you describe, the LoginForm::initUser()
method would have to return something broken when called here:
if ( $wgAuth->authenticate( $u->getName(), $this->mPassword ) ) {
$u =& $this->initUser( $u );
It doesn't look like that should be possible, though, unless your
plugin's initUser method (which is called from LoginForm's to optionally
modify the user object before it's saved) looks something like this:
function initUser( &$u ) {
$u = 'This will break';
}
If you're modifying the user object in that method, make sure you're not
replacing it with a non-object.
Actually I didn't override this method at all. However, looking at the
code, that is precisely the problem. SpecialUserlogin.php requires
initUser() to return a reference to the user object. The base class
initUser() method in AuthPlugin doesn't return anything at all. Thus, if
the initUser() method is not overriden in the implementation, then it
effectively user object to null. The code contains the very vague comment
"override this to do something", and now the meaning is clear. We must, at
a minimum, return the reference that we were passed:
function initUser(&$u) {
return $u;
}
So now it occurs to me that $wgAuth->initUser() is probably where you set
the email address and other optional fields, is that right? And what other
user attributes is it meaningful, or even safe, to set? My plugin has a
method of determining whether the external account is in a "banned" state,
so I would love to be able to use this information in MW.
I think the documentation could be a bit clearer on this issue. Also I
think the initUser() method in the base AuthPlugin class should be modified
to return the user object, because we know there is at least one case where
important code will break if it doesn't.
Thanks for your help...
Carlton