Sebek Nowaczynski wrote:

I have:

example.com and example.com/w/ in which it is MediaWiki.

I want to have login form (with a different look than the standard) in example.com/index.php

I copied the source code of login form, and in this I have there:

I'd modify includes/templates/Userlogin.php to suit your needs instead of copying it anywhere elese.

<input type="hidden" name="wpLoginToken" value="f695ba23114fe495f3f03f2ab23d0294" />

Where/How to retrieve this value(wpLoginToken)?

Create with a random value (eg. User::generateToken()) and store in $_SESSION['wsLoginToken']

I can login once to my page, but, in the twice I see:

"Login error There seems to be a problem with your login session; this action has been canceled as a precaution against session hijacking. Go back to the previous page, reload that page and then try again. "

I think this is problem with wpLoginToken. If I delete this hidden walue, there is communicate like "Login error There seens to be...".

Right. That token is needed to avoid a CSRF vulnerability.

I have MediaWiki 1.17alpha (r69213), directly from SVN (clean installation), PHP 5.2.13 (cgi-fcgi), MySql 5.1.47.

Thank you for your reply and sorry for my weak English.

S. Nowaczynski