Last modified: 2006-07-04 08:31:58 UTC
Using LDAP authentication (apache mod_ldap with REMOTE_USER, autologins) -- users are unable to change their password through the wiki forms, so it's helpful to disable the option (to avoid confusion). Simple patch below to check a variable (might be better to hook the preferences page such that an extension can change the HTML generated for the change password section, or disable it altogether): (diff is against 1.159 version of includes/SpecialPreferences.php in CVS) --- SpecialPreferences.php 2006-01-26 10:35:08.000000000 -0700 +++ SpecialPreferences.php.new 2006-01-26 10:35:02.000000000 -0700 @@ -632,27 +632,28 @@ $wgOut->addHTML('</table>'); # Password - $this->mOldpass = htmlspecialchars( $this->mOldpass ); - $this->mNewpass = htmlspecialchars( $this->mNewpass ); - $this->mRetypePass = htmlspecialchars( $this->mRetypePass ); - - $wgOut->addHTML( '<fieldset><legend>' . wfMsg( 'changepassword' ) . '</legend><table>'); - $wgOut->addHTML( - $this->addRow( - '<label for="wpOldpass">' . wfMsg( 'oldpassword' ) . '</label>', - "<input type='password' name='wpOldpass' id='wpOldpass' value=\"{$this->mOldpass}\" size='20' />" - ) . - $this->addRow( - '<label for="wpNewpass">' . wfMsg( 'newpassword' ) . '</label>', - "<input type='password' name='wpNewpass' id='wpNewpass' value=\"{$this->mNewpass}\" size='20' />" - ) . - $this->addRow( - '<label for="wpRetypePass">' . wfMsg( 'retypenew' ) . '</label>', - "<input type='password' name='wpRetypePass' id='wpRetypePass' value=\"{$this->mRetypePass}\" size='20' />" - ) . - "</table>\n" . - $this->getToggle( "rememberpassword" ) . "</fieldset>\n\n" ); - + if ( !$wgDisablePasswordChange ) { + $this->mOldpass = htmlspecialchars( $this->mOldpass ); + $this->mNewpass = htmlspecialchars( $this->mNewpass ); + $this->mRetypePass = htmlspecialchars( $this->mRetypePass ); + + $wgOut->addHTML( '<fieldset><legend>' . wfMsg( 'changepassword' ) . '</legend><table>'); + $wgOut->addHTML( + $this->addRow( + '<label for="wpOldpass">' . wfMsg( 'oldpassword' ) . '</label>', + "<input type='password' name='wpOldpass' id='wpOldpass' value=\"{$this->mOldpass}\" size='20' />" + ) . + $this->addRow( + '<label for="wpNewpass">' . wfMsg( 'newpassword' ) . '</label>', + "<input type='password' name='wpNewpass' id='wpNewpass' value=\"{$this->mNewpass}\" size='20' />" + ) . + $this->addRow( + '<label for="wpRetypePass">' . wfMsg( 'retypenew' ) . '</label>', + "<input type='password' name='wpRetypePass' id='wpRetypePass' value=\"{$this->mRetypePass}\" size='20' />" + ) . + "</table>\n" . + $this->getToggle( "rememberpassword" ) . "</fieldset>\n\n" ); + } # <FIXME> # Enotif if ($wgEnableEmail) {
Created attachment 1326 [details] Patch as file.
(In reply to comment #0) On further inspection, the logic in that if statement just disables it all the time (in my tests) -- sadly, I am unfamiliar with the nuances of PHP and have been unable to get it to work as expected...
Further, this just removes some fields from the form. It doesn't disable processing if the data is sent.
Authentication plugins can now prevent users from changing their password.