[MediaWiki-commits] [Gerrit] Add Captcha info to API action=createaccount results - change (mediawiki...ConfirmEdit)

Thu, 14 Mar 2013 12:42:17 -0700 

Brion VIBBER has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/53794


Change subject: Add Captcha info to API action=createaccount results
......................................................................

Add Captcha info to API action=createaccount results

Similar to how login and edit already work, the captcha is now checked
at the API layer, and if there's no match you get some info sent back
to display either a text or image captcha.

Change-Id: I56998d37b2e0f90972689e68a5c3ac845ef95052
---
M Captcha.php
M ConfirmEdit.php
M ConfirmEditHooks.php
3 files changed, 44 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/ConfirmEdit 
refs/changes/94/53794/1

diff --git a/Captcha.php b/Captcha.php
index 0f78d36..88c8826 100644
--- a/Captcha.php
+++ b/Captcha.php
@@ -494,6 +494,38 @@
                return true;
        }
 
+       function confirmCreateAccountAPI( &$resultArr ) {
+               global $wgCaptchaTriggers, $wgUser, $wgRequest;
+               if ( $wgCaptchaTriggers['createaccount'] ) {
+                       if ( $wgRequest->getVal( 'captchaid' ) ) {
+                               $wgRequest->setVal( 'wpCaptchaId', 
$wgRequest->getVal( 'captchaid' ) );
+                       }
+                       if ( $wgRequest->getVal( 'captchaword' ) ) {
+                               $wgRequest->setVal( 'wpCaptchaWord', 
$wgRequest->getVal( 'captchaword' ) );
+                       }
+                       if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
+                               wfDebug( "ConfirmEdit: user group allows 
skipping captcha on account creation\n" );
+                               return true;
+                       }
+                       if ( $this->isIPWhitelisted() )
+                               return true;
+
+                       $this->trigger = "new account (api)";
+                       if ( !$this->passCaptcha() ) {
+                               $this->addCaptchaAPI( $resultArr );
+
+                               // Tidy up login info
+                               if ( !LoginForm::getCreateaccountToken() ) {
+                                       LoginForm::setCreateaccountToken();
+                               }
+                               $resultArr['token'] = 
LoginForm::getCreateaccountToken();
+                               $resultArr['result'] = 'needcaptcha';
+                               return false;
+                       }
+               }
+               return true;
+       }
+
        /**
         * Hook for user creation form submissions.
         * @param User $u
@@ -502,6 +534,11 @@
         */
        function confirmUserCreate( $u, &$message ) {
                global $wgCaptchaTriggers, $wgUser;
+               if ( defined( 'MW_API' ) ) {
+                       # API mode
+                       # The CAPTCHA was already checked and approved
+                       return true;
+               }
                if ( $wgCaptchaTriggers['createaccount'] ) {
                        if ( $wgUser->isAllowed( 'skipcaptcha' ) ) {
                                wfDebug( "ConfirmEdit: user group allows 
skipping captcha on account creation\n" );
@@ -581,7 +618,7 @@
         * @return bool
         */
        public function APIGetAllowedParams( &$module, &$params ) {
-               if ( !$module instanceof ApiEditPage ) {
+               if ( !$module instanceof ApiEditPage && !$module instanceof 
ApiCreateAccount ) {
                        return true;
                }
                $params['captchaword'] = null;
@@ -596,7 +633,7 @@
         * @return bool
         */
        public function APIGetParamDescription( &$module, &$desc ) {
-               if ( !$module instanceof ApiEditPage ) {
+               if ( !$module instanceof ApiEditPage && !$module instanceof 
ApiCreateAccount ) {
                        return true;
                }
                $desc['captchaid'] = 'CAPTCHA ID from previous request';
diff --git a/ConfirmEdit.php b/ConfirmEdit.php
index 1abd5ae..6eed03e 100644
--- a/ConfirmEdit.php
+++ b/ConfirmEdit.php
@@ -187,6 +187,7 @@
 $wgHooks['EmailUser'][] = 'ConfirmEditHooks::confirmEmailUser';
 # Register API hook
 $wgHooks['APIEditBeforeSave'][] = 'ConfirmEditHooks::confirmEditAPI';
+$wgHooks['APICreateAccountBeforeCreate'][] = 
'ConfirmEditHooks::confirmCreateAccountAPI';
 $wgHooks['APIGetAllowedParams'][] = 'ConfirmEditHooks::APIGetAllowedParams';
 $wgHooks['APIGetParamDescription'][] = 
'ConfirmEditHooks::APIGetParamDescription';
 
diff --git a/ConfirmEditHooks.php b/ConfirmEditHooks.php
index 66e5199..1832ba1 100644
--- a/ConfirmEditHooks.php
+++ b/ConfirmEditHooks.php
@@ -27,6 +27,10 @@
                return self::getInstance()->confirmEditAPI( $editPage, 
$newtext, $resultArr );
        }
 
+       static function confirmCreateAccountAPI( &$resultArr ) {
+               return self::getInstance()->confirmCreateAccountAPI( $resultArr 
);
+       }
+
        static function injectUserCreate( &$template ) {
                return self::getInstance()->injectUserCreate( $template );
        }

-- 
To view, visit https://gerrit.wikimedia.org/r/53794
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I56998d37b2e0f90972689e68a5c3ac845ef95052
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/ConfirmEdit
Gerrit-Branch: master
Gerrit-Owner: Brion VIBBER <br...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to