Le 18 févr. 2012 à 23:41, Nicolas Brouard a écrit:
Le 16 févr. 2012 à 22:26, Platonides a écrit :
On 16/02/12 09:51, Nicolas Brouard INED wrote:
Thanks to Platonides for his comment and also to Olivier (the author of the Realnames extension) who told me to forward the following patch to wikitech-l (which I just subscribed to) for advices, comments and critics.
I was just wondering if this small patch in User.php (function idFromName) was enough in most cases:
(...)
This is only patching User::idFromName(), which won't be enough.
Sorry, could you detail why it won't be enough!
You could well be storing the email instead of the username in the page history.
I was probably not clear enough: I don't want the email in the page history. Also the Realnames extension (quoted above) is trying to do what you seem suggesting but it is a complex extension which did not work on 1.18 for example.
The proposed patch is also a solution which manages the transition for Wikipedians. Having an authentication with e-mail only is brutal and won't be understood. I like the possibility of having both option with a priority to username for performance also.
But allowing new authors from Arabic or Asian (or Russian or ...) countries (with non Roman characters) to sign new articles in their own language with their own standard, not transliterated, signature will be appreciated if they also have an easy way to authenticate on an English keyboard (pad, smartphone etc.).
I didn't express it right. If you do $user = User::newFromName("email@address.com"), that gets cached, and if youlater use that object for eg. storing the username in the history, boom, $uset->getName() will say it's called email@address.com
That's probably not happening, but you would need to check all paths in core and the extensions...
As I said, you should fix it in SpecialUserlogin.php.
What should I fix? Is there something wrong in the proposed patch?
The patch should go against SpecialUserlogin.php, authenticateUserData() function.
Then, just try to enter your e-mail on a standard wiki in place of your username and you will be authenticated to the first ID (and user_name) having your e-mail.
The importance of e-mails as a simple way to authenticate on modern sites can't be ignored.
It can also expose the fact that someone is registered there with that email address.
I don't understand what you mean and if someone has already entered an email for a username what is the problem?
In the patch provided, it would also happily show under some circunstances the username associated to an email (not a problem for the internal wiki of a company, where everybody know each other's mail, an issue for public wikis out there).
That is the reason why I was asking this mailing list. But, as I said in a previous and detailed answer to Bergi, the patch is very short (a single "if") and thus consequences are not
tremendous.
Go to Special:Contributions and enter the email of an existing user. I think it may show the user contributions.
We made some tests on various wikis, and we haven't found yet any circumstance where the username associated to an email is displayed:
- it can't happen when the authentication works;
- the only situation that I have found is when you are asking for a new password: then the username associated with the email entered (in place of the username) is displayed in the received email, but it is not a security issue because you are the only person to read your email.
Le 19 févr. 2012 à 00:16, Platonides a écrit :
In the patch provided, it would also happily show under some circunstances the username associated to an email (not a problem for the internal wiki of a company, where everybody know each other's mail, an issue for public wikis out there).
That is the reason why I was asking this mailing list. But, as I said in a previous and detailed answer to Bergi, the patch is very short (a single "if") and thus consequences are not tremendous.
Go to Special:Contributions and enter the email of an existing user. I think it may show the user contributions.
Thank you for your comments and advices. I am looking for such tests because preserving the secret of an e-mail is crucial for Wikipedia and any Wiki too.
And here are the results of your test: (1) if you apply the proposed patch to a standard wiki, you can log in with your e-mail instead of your username. But being logged as if you logged with your username (thus forgetting any link to your e-mail) your contributions (on top right of any page) are listed according to your username; (2) If you go to Special:Contributions and enter the username of a registered user like "John Fox", you get her contributions (nothing new) under that username : for example on our test wiki currently in German only, here is the result: Von John Fox (Diskussion | Sperr-Logbuch | Hochgeladene Dateien | Logbücher | Benutzerrechteverwaltung) 14:48, 10. Sep. 2010 (Unterschied | Versionen) Vorlage:OtherLanguages (aktuell 14:09, 10. Sep. 2010 (Unterschied | Versionen) N MediaWiki:Sitesubtitle (Mehrsprachiges Demographisches Wörterbuch (zweite Ausgabe 1987)) (aktuell) (3) If you go to Special:Contributions and enter the e-mail of that registered user (thus "JFox@foo.fr"), you CAN'T FIND any username with that e-mail and no contribution: Von JFox@foo.fr (Diskussion | Sperr-Logbuch | Hochgeladene Dateien | Logbücher | Benutzerrechteverwaltung) Es wurden keine Benutzerbeiträge mit diesen Kriterien gefunden.
In summary, and as I said because the proposed patch is very short with a single test, I am not sure to find a security hole. And at least your proposed (and thank you again for it) test failed. Do any extension modify User.php? I am not sure because it can't be named an extension. Having to slightly modify the "core" of User.php and not an extension using the property of the User class is a kind of warranty (hoping).
Other tests and comments are welcome.
We made some tests on various wikis, and we haven't found yet any circumstance where the username associated to an email is displayed:
- it can't happen when the authentication works;
- the only situation that I have found is when you are asking for a new password: then the username associated with the email entered (in place of the username) is displayed in the received email, but it is not a security issue because you are the only person to read your email.
mediawiki-l@lists.wikimedia.org