Last modified: 2006-07-04 08:31:58 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T6762, the corresponding Phabricator task for complete and up-to-date bug report information.

Bug 4762 - Allow disabling of "change password" section in user preferences (for alternate authentication methods)


Summary:	Allow disabling of "change password" section in user preferences (for alterna...

Status:	RESOLVED FIXED

Product:	MediaWiki
Classification:	Unclassified
Component:	User preferences (Other open bugs)
Version:	1.6.x
Hardware:	All All

Importance:	Normal enhancement (vote)
Target Milestone:	---
Assigned To:	Nobody - You can work on this!

URL:
Whiteboard:
Keywords:	patch, patch-need-review

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2006-01-26 17:44 UTC by Coltrey Mather
Modified:	2006-07-04 08:31 UTC (History)
CC List:	0 users

See Also:
Web browser:	---
Mobile Platform:	---
Assignee Huggle Beta Tester:	---

Attachments
Patch as file. (2.25 KB, patch) 2006-01-26 17:45 UTC, Coltrey Mather	Details
Add an attachment (proposed patch, testcase, etc.)

Description Coltrey Mather 2006-01-26 17:44:48 UTC

Using LDAP authentication (apache mod_ldap with REMOTE_USER, autologins) --
users are unable to change their password through the wiki forms, so it's
helpful to disable the option (to avoid confusion).

Simple patch below to check a variable (might be better to hook the preferences
page such that an extension can change the HTML generated for the change
password section, or disable it altogether):

(diff is against 1.159 version of includes/SpecialPreferences.php in CVS)

--- SpecialPreferences.php	2006-01-26 10:35:08.000000000 -0700
+++ SpecialPreferences.php.new	2006-01-26 10:35:02.000000000 -0700
@@ -632,27 +632,28 @@
 		$wgOut->addHTML('</table>');
 
 		# Password
-		$this->mOldpass = htmlspecialchars( $this->mOldpass );
-		$this->mNewpass = htmlspecialchars( $this->mNewpass );
-		$this->mRetypePass = htmlspecialchars( $this->mRetypePass );
-
-		$wgOut->addHTML( '<fieldset><legend>' . wfMsg( 'changepassword' ) .
'</legend><table>');
-		$wgOut->addHTML(
-			$this->addRow(
-				'<label for="wpOldpass">' . wfMsg( 'oldpassword' ) . '</label>',
-				"<input type='password' name='wpOldpass' id='wpOldpass'
value=\"{$this->mOldpass}\" size='20' />"
-			) .
-			$this->addRow(
-				'<label for="wpNewpass">' . wfMsg( 'newpassword' ) . '</label>',
-				"<input type='password' name='wpNewpass' id='wpNewpass'
value=\"{$this->mNewpass}\" size='20' />"
-			) .
-			$this->addRow(
-				'<label for="wpRetypePass">' . wfMsg( 'retypenew' ) . '</label>',
-				"<input type='password' name='wpRetypePass' id='wpRetypePass'
value=\"{$this->mRetypePass}\" size='20' />"
-			) .
-			"</table>\n" .
-			$this->getToggle( "rememberpassword" ) . "</fieldset>\n\n" );
-
+		if ( !$wgDisablePasswordChange ) {
+			$this->mOldpass = htmlspecialchars( $this->mOldpass );
+			$this->mNewpass = htmlspecialchars( $this->mNewpass );
+			$this->mRetypePass = htmlspecialchars( $this->mRetypePass );
+
+			$wgOut->addHTML( '<fieldset><legend>' . wfMsg( 'changepassword' ) .
'</legend><table>');
+			$wgOut->addHTML(
+				$this->addRow(
+					'<label for="wpOldpass">' . wfMsg( 'oldpassword' ) . '</label>',
+					"<input type='password' name='wpOldpass' id='wpOldpass'
value=\"{$this->mOldpass}\" size='20' />"
+				) .
+				$this->addRow(
+					'<label for="wpNewpass">' . wfMsg( 'newpassword' ) . '</label>',
+					"<input type='password' name='wpNewpass' id='wpNewpass'
value=\"{$this->mNewpass}\" size='20' />"
+				) .
+				$this->addRow(
+					'<label for="wpRetypePass">' . wfMsg( 'retypenew' ) . '</label>',
+					"<input type='password' name='wpRetypePass' id='wpRetypePass'
value=\"{$this->mRetypePass}\" size='20' />"
+				) .
+				"</table>\n" .
+				$this->getToggle( "rememberpassword" ) . "</fieldset>\n\n" );
+		}
 		# <FIXME>
 		# Enotif
                 if ($wgEnableEmail) {

Comment 1 Coltrey Mather 2006-01-26 17:45:31 UTC

Created attachment 1326 [details]
Patch as file.

Comment 2 Coltrey Mather 2006-01-26 18:03:56 UTC

(In reply to comment #0)

On further inspection, the logic in that if statement just disables it all the
time (in my tests) -- sadly, I am unfamiliar with the nuances of PHP and have
been unable to get it to work as expected...

Comment 3 Brion Vibber 2006-01-26 20:30:15 UTC

Further, this just removes some fields from the form. It doesn't disable 
processing if the data is sent.

Comment 4 Rob Church 2006-07-04 08:31:58 UTC

Authentication plugins can now prevent users from changing their password.

Note You need to log in before you can comment on or make changes to this bug.

Wikimedia Bugzilla is closed!

Search

Personal tools

Navigation

Links