Author: ammatsun
Description:
When setting $wgMinimalPasswordLength to some non-zero value and allowing an special category of users to create account for others "by e-mail", it is not possible to create new accounts as "Login error:Your password is invalid or too short. It must have at least X characters and be different from your username." is displayed.
The special user can type some password just to pass the validation, but it would be better if either the password is not validated when account is being created "by e-mail" or the random password is generated and set before the validation.
For the first case, the fix can be the aaddition of the following if in function addNewAccountInternal, on line 263 of includes/SpecialUserlogin.php file:
if ( $this->mPosted && !$this->mCreateaccountMail ) { if ( !$u->isValidPassword( $this->mPassword ) ) { $this->mainLoginForm( wfMsg( 'passwordtooshort', $wgMinimalPasswordLength ) ); return false; } }
Version: 1.11.x
Severity: blocker