Page MenuHomePhabricator
Create Task
Maniphest T8394

Create account "by e-mail" requires password
Closed, ResolvedPublic
Actions

Description

By call of
http://commons.wikimedia.org/w/index.php?title=Special:Userlogin&action=submitlogin&type=signup
there appears an extra button "by e-mail" (only as an already logged in user).
As I understand the function, an account will created with the entered username
and a system-generated password is send to the entered e-mail-adress.

But the fields "Password" and "Retype password" are mandatory fields. That seems
to be not logical if a password will be generated by the system. By testing
today I generated an account on de.WP "Raymond1", see
http://de.wikipedia.org/w/index.php?title=Spezial:Log&user=Raymond (15:31, 21.
Jun 2006)

Version: unspecified
Severity: normal
URL: http://commons.wikimedia.org/w/index.php?title=Special:Userlogin&action=submitlogin&type=signup

Details

Reference
bz6394

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 9:21 PM
bzimport added a project: ConfirmEdit (CAPTCHA extension).
bzimport set Reference to bz6394.
bzimport added a subscriber: Unknown Object (MLST).
Raymond created this task.Jun 21 2006, 4:16 PM
bzimport added a comment.Jun 21 2006, 4:20 PM

leon wrote:

I'd like to now what that feature should do; the function names sound like what
raymond described, but the way it workes doesn't giv e me any clue. Does
somebody know that? Who added that feature?

bzimport added a comment.Sep 19 2006, 1:35 PM

jimmy.collins wrote:

For me it seems to be a feature/bug of the Confirm Edit extension.

brion added a comment.Dec 11 2006, 8:22 PM
  • Bug 8219 has been marked as a duplicate of this bug. ***
bzimport added a comment.Dec 12 2006, 10:16 AM

bitlogic wrote:

I'm the user on IRC that Ral315 mentions on #8219.

The idea is that sysop can create an account without password (that's why
password is blank on form) and it'll be e-mailed to user without the knowledge
of sysop.

I'll try to dig into the code to discover what could be the problem. If someone
has some idea please post it here.

bzimport added a comment.Dec 12 2006, 11:55 AM

bitlogic wrote:

Proposed patch to test correctly empty password

Using this patch started to work as described on bug 8219

Attached:

User.php.patch478 BDownload

bzimport added a comment.Dec 12 2006, 12:03 PM

bitlogic wrote:

(In reply to comment #5)

Created an attachment (id=2850) [edit]
Proposed patch to test correctly empty password

Using this patch started to work as described on bug 8219

For version 1.6.8

bzimport added a comment.Dec 12 2006, 4:47 PM

robchur wrote:

Please provide patches against SVN trunk, HEAD revision.

brion added a comment.Dec 13 2006, 8:15 AM

Patch is clearly wrong; it simply rejects passwords at the specified
minimum length instead of shorter than the minimum length at account
creation time.

For instance, if the minimum is 8-character passwords, with this patch
you could not set an 8-character password, but would need at least 9
characters.

brion added a comment.Dec 13 2006, 9:02 AM

Fixed in r18307

Now nullifies the initial password so account can't be logged in with the
initial (eg blank) pass,
so can't log in until the mailed temp pass is used.

brion added a comment.Apr 30 2007, 6:48 PM
  • Bug 9727 has been marked as a duplicate of this bug. ***
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL