Wikitech-l July 2004

wikitech-l@lists.wikimedia.org

131 participants
196 discussions

[Patch] Moving password-check to User.php

by Hendrik Brummermann

Hello, the password-check is currently done in "SpecialUserLogin.php" and "SpecialPreferences.php". This patch moves the code to a new method in User.php. This make it easier to hack a different authentication mechanism in local installs of the Wikimedia software. I removed the methods User->getPassword and User->getNewpassword because they are not used any more by the Wikimedia code. Hendrik Index: includes/SpecialPreferences.php =================================================================== RCS file: /cvsroot/wikipedia/phase3/includes/SpecialPreferences.php,v retrieving revision 1.49 diff -u -r1.49 SpecialPreferences.php --- includes/SpecialPreferences.php 9 Jun 2004 13:04:51 -0000 1.49 +++ includes/SpecialPreferences.php 3 Jul 2004 08:59:50 -0000 @@ -134,12 +134,10 @@ $this->mainPrefsForm( wfMsg( "badretype" ) ); return; } - $ep = $wgUser->encryptPassword( $this->mOldpass ); - if ( $ep != $wgUser->getPassword() ) { - if ( $ep != $wgUser->getNewpassword() ) { - $this->mainPrefsForm( wfMsg( "wrongpassword" ) ); - return; - } + + if (!$wgUser->checkPassword( $this->mOldpass )) { + $this->mainPrefsForm( wfMsg( "wrongpassword" ) ); + return; } $wgUser->setPassword( $this->mNewpass ); } Index: includes/SpecialUserlogin.php =================================================================== RCS file: /cvsroot/wikipedia/phase3/includes/SpecialUserlogin.php,v retrieving revision 1.39 diff -u -r1.39 SpecialUserlogin.php --- includes/SpecialUserlogin.php 26 Jun 2004 04:10:48 -0000 1.39 +++ includes/SpecialUserlogin.php 3 Jul 2004 08:59:50 -0000 @@ -200,12 +200,9 @@ } $u->setId( $id ); $u->loadFromDatabase(); - $ep = $u->encryptPassword( $this->mPassword ); - if ( 0 != strcmp( $ep, $u->getPassword() ) ) { - if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) { - $this->mainLoginForm( wfMsg( "wrongpassword" ) ); - return; - } + if (!$u->checkPassword( $this->mPassword )) { + $this->mainLoginForm( wfMsg( "wrongpassword" ) ); + return; } # We've verified now, update the real record Index: includes/User.php =================================================================== RCS file: /cvsroot/wikipedia/phase3/includes/User.php,v retrieving revision 1.59 diff -u -r1.59 User.php --- includes/User.php 26 Jun 2004 01:48:39 -0000 1.59 +++ includes/User.php 3 Jul 2004 08:59:50 -0000 @@ -320,16 +320,6 @@ return ($timestamp >= $this->mTouched); } - function getPassword() { - $this->loadFromDatabase(); - return $this->mPassword; - } - - function getNewpassword() { - $this->loadFromDatabase(); - return $this->mNewpassword; - } - function addSalt( $p ) { global $wgPasswordSalt; if($wgPasswordSalt) @@ -724,6 +714,17 @@ function isNewbie() { return $this->mId > User::getMaxID() * 0.99 && !$this->isSysop() || $this->getID() == 0; } + + function checkPassword( $password ) { + $this->loadFromDatabase(); + $ep = $this->encryptPassword( $password ); + if ( 0 != strcmp( $ep, $this->mPassword ) ) { + if ( 0 != strcmp( $ep, $this->mNewpassword ) ) { + return false; + } + } + return true; + } } ?>

19 years, 9 months

Re: [Wikitech-l] Number of watchers of an article

by erik_moeller＠gmx.de

Marco- > during a Wikipedia meeting in the city of Hannover we discussed about review > systems for Wikipedia and similar things. Someone asked if it would be > possible to show on each article page how many users have this article on > their watchlist. In a simple implementation, one might just retrieve a list of 100 unwatched articles. Then it should be fairly easy for regular Wikipedians to gradually distribute our current set of 300K pages among, say, 1000 people to make sure that every page is watched by someone. Unfortunately, on the English Wikipedia that would include the 30K Rambot entries. One of the many reasons I think that bot-created entries are a bad idea is that people don't feel a connection to them, and hence no responsibility to make sure that they're in a good state. Regards, Erik

19 years, 9 months

postgreSQL port

by Enrico Weigelt

Hi folks, is there anyone working on porting mediawiki to postgreSQL ? cu -- --------------------------------------------------------------------- Enrico Weigelt == metux IT service phone: +49 36207 519931 www: http://www.metux.de/ fax: +49 36207 519932 email: contact(a)metux.de cellphone: +49 174 7066481 --------------------------------------------------------------------- -- DSL ab 0 Euro. -- statische IP -- UUCP -- Hosting -- Webshops -- ---------------------------------------------------------------------

19 years, 9 months

mediawiki + patTemplate

by Enrico Weigelt

Hi folks, I'd like to implement an patTemplate-based skin for mediawiki. Is there any howto for mediawiki-Skins or something which might help ? thx -- --------------------------------------------------------------------- Enrico Weigelt == metux IT service phone: +49 36207 519931 www: http://www.metux.de/ fax: +49 36207 519932 email: contact(a)metux.de cellphone: +49 174 7066481 --------------------------------------------------------------------- -- DSL ab 0 Euro. -- statische IP -- UUCP -- Hosting -- Webshops -- ---------------------------------------------------------------------

19 years, 9 months

Pocket Internet Explorer and other handheld devices

by Brion Vibber

We've had a few complaints about really bad page layout with the MonoBook skin in Pocket Internet Explorer. It would be a *great* help if someone with access to a PocketPC device could look into this and try to tweak the CSS rules to where Pocket IE will produce a non-crappy rendering. Does it support @media handheld selectors? Is it triggering bad IE workarounds that don't work right on it? Is it just inherently really bad? :) As far as I can tell there is not a freely downloadable Pocket IE that runs on 'real' PCs for web developers to test with, so we're totally dependent on those with access to an actual device to do this. Other handheld device browsers should be checked as well; those that don't do CSS should look ok with the minimal structure of the xhtml_slim base template, while those that sort-of support CSS might be messing up like Pocket IE. -- brion vibber (brion @ pobox.com)

19 years, 9 months

__TOC__

by Gabriel Wicke

I've just committed a new magic word __TOC__ that inserts the toc at the place it is found. This implies __FORCETOC__. -- Gabriel Wicke

19 years, 9 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Wikitech-l July 2004