Author: sacher

Description:
There is this user account "User:Anonymous" in the list of users after installation?
Which functionality does this user account have?

Both renaming users name and viewing settings was not possible.
I would not like to have an account there that is a sort of backdoor.

Steps to reproduce:

• Showing all users, the user:Anonymous appears.
• Visiting the user's page there is no link for user contributions.
• Renaming this user says: Der Benutzername „“ ist ungültig.
• Changing rights is not possible because it is said the user did not exist.
• Creating a new accout with this name causes an

"Error: Warning: pg_query() [function.pg-query]: Query failed: ERROR: duplicate key violates unique constraint "mwuser_user_name_key" in /var/www/www.gfi.cx/wiki-gfi/includes/db/DatabasePostgres.php on line 552"

Please see detailed debugging information below.

Thanx in advance. Cheers

Server:

MediaWiki 1.13.2
PHP 5.2.0-8+etch13 (apache2handler)
PostgreSQL PostgreSQL 8.1.13 on i486-pc-linux-gnu, compiled by GCC cc (GCC) 4.1.2 20061115 (Debian 4.1.1-21)
Plugins: EditUser (Version 1.5.1) , Renameuser (Version r41963)

Error Message:

A database error has occurred Query: INSERT INTO mwuser (user_id,user_name,user_password,user_newpassword,user_newpass_time,user_email, user_email_authenticated,user_real_name,user_options, user_token,user_registration,user_editcount) VALUES ('9','Anonymous',,,'2008-11-28 13:08:53 GMT',,NULL,,'quickbar=1 underline=2 cols=80 rows=25 searchlimit=20 contextlines=5 contextchars=50 disablesuggest=0 ajaxsearch=0 skin= math=1 usenewrc=0 rcdays=7 rclimit=50 wllimit=250 hideminor=0 highlightbroken=1 stubthreshold=0 previewontop=1 previewonfirst=0 editsection=1 editsectiononrightclick=0 editondblclick=0 editwidth=0 showtoc=1 showtoolbar=1 minordefault=0 date=default imagesize=2 thumbsize=2 rememberpassword=0 enotifwatchlistpages=0 enotifusertalkpages=1 enotifminoredits=0 enotifrevealaddr=0 shownumberswatching=1 fancysig=0 externaleditor=0 externaldiff=0 showjumplinks=1 numberheadings=0 uselivepreview=0 watchlistdays=3 extendwatchlist=0 watchlisthideminor=0 watchlisthidebots=0 watchlisthideown=0 watchcreations=0 watchdefault=0 watchmoves=0 watchdeletion=0 variant=de language=de searchNs0=1','b1821d58eed30ceb814a1cdfbaf13ecc','2008-11-28 13:08:53 GMT','0') Function: User::addToDatabase Error: 1 ERROR: duplicate key violates unique constraint "mwuser_user_name_key"

Backtrace:

1. 1. 0 /var/www/wiki/includes/db/Database.php(561): DatabasePostgres->reportQueryError('ERROR: duplica...', 1, 'INSERT INTO mwu...', 'User::addToData...', )
   2. 1 /var/www/wiki/includes/db/DatabasePostgres.php(817): Database->query('INSERT INTO mwu...', 'User::addToData...', )
   3. 2 /var/www/wiki/includes/User.php(2271): DatabasePostgres->insert('user', Array, 'User::addToData...')
   4. 3 /var/www/wiki/includes/specials/SpecialUserlogin.php(339): User->addToDatabase()
   5. 4 /var/www/wiki/includes/specials/SpecialUserlogin.php(324): LoginForm->initUser(Object(User), false)
   6. 5 /var/www/wiki/includes/specials/SpecialUserlogin.php(153): LoginForm->addNewAccountInternal()
   7. 6 /var/www/wiki/includes/specials/SpecialUserlogin.php(96): LoginForm->addNewAccount()
   8. 7 /var/www/wiki/includes/specials/SpecialUserlogin.php(17): LoginForm->execute()
   9. 8 [internal function]: wfSpecialUserlogin(NULL, Object(SpecialPage))
2. 9 /var/www/wiki/includes/SpecialPage.php(748): call_user_func('wfSpecialUserlo...', NULL, Object(SpecialPage))
3. 10 /var/www/wiki/includes/SpecialPage.php(534): SpecialPage->execute(NULL)
4. 11 /var/www/www.gfi.cx/wiki-gfi/includes/Wiki.php(224): SpecialPage::executePath(Object(Title))
5. 12 /var/www/www.gfi.cx/wiki-gfi/includes/Wiki.php(55): MediaWiki->initializeSpecialCases(Object(Title), Object(OutputPage), Object(WebRequest))
6. 13 /var/www/www.gfi.cx/wiki-gfi/index.php(93): MediaWiki->initialize(Object(Title), NULL, Object(OutputPage), Object(User), Object(WebRequest))
7. 14 {main}</nowiki>

Version: 1.13.x
Severity: major