Last modified: 2010-05-15 15:38:17 UTC
Tim has recently removed an outdated part in User.php. (I first agreed to him with that but found now, that I was wrong in agreeing). Please can a developer re-add the marked lines ? ================================================ These two lines do the following: When a user comes to the wiki and uses the temporary password - which he/she could have only received via the stored e-mail address - - this in consequence is to be regarded as an implicit confirmation of the stored e-mail address. then, with the two lines, the address is also confirmed for convenience. Therefore I propose to add these lines again (which were introduced in december 2004 -within my now superseded "EAuthent" method-), which are compatible with Brion's new EConfirm method) Remark: I recommend to rename globally all variables "EmailAuthenticated" (and derivates) to "EmailConfirmed" to avoid any developers' confusion in future versions. This has been apparently forgotten, when Brion has changed to the new method. The current variables "MailAuthenticated" in CVS have nothing to any longer with "EAuthent" but refer to "EConfirm", therefore I propose to reflect this change in this variable names as well. Wikinaut Tom Test suite for this patch: - Log in as user x - store a valid e-mail address into preferences - (do not use the email address confirmation token, which is now sent to you, and do not request one) - logout as user x - on the login screen, enter username "x" - click onto "mail me a temporary password" - (receive a temp. password via mail address of step 2) - re-login as user x using the temporary password - in user preference, your email address is now marked as confirmed on ... (date) ... (time) which proves that the patch works. =================================================================== RCS file: /home/cvsenv/root//phase3/includes/User.php,v retrieving revision 1.146 retrieving revision 1.147 diff -u -p -r1.146 -r1.147 --- phase3/includes/User.php 2005/05/23 20:53:46 1.146 +++ phase3/includes/User.php 2005/05/24 04:28:00 1.147 @@ -1306,17 +1306,6 @@ class User { if ( 0 == strcmp( $ep, $this->mPassword ) ) { return true; } elseif ( ($this->mNewpassword != '') && (0 == strcmp( $ep, $this->mNewpassword )) ) { + $this->mEmailAuthenticated = wfTimestampNow(); + $this->saveSettings(); return true; } elseif ( function_exists( 'iconv' ) ) { # Some wikis were converted from ISO 8859-1 to UTF-8, the passwords can't be converted
Fixed in r18319. I also moved the check into the login form logic alongside things like on-demand account creation from authentication plugin external data, since I wasn't too happy about silent actions in a password checker function.
*** Bug 8289 has been marked as a duplicate of this bug. ***
