Remove 'wrongpassword' message reuse on Special:ChangeEmail
Closed, InvalidPublic

Description

dewiki has added a link to message wrongpassword which is shown as plain html when input a wrong password on Special:ChangeEmail.


Version: 1.23.0
Severity: normal

Details

Reference
bz56522
bzimport raised the priority of this task from to Normal.
bzimport set Reference to bz56522.
bzimport added a subscriber: Unknown Object (MLST).

"Das Passwort und/oder das Sicherheitswort (CAPTCHA) ist falsch oder wurde nicht eingegeben. Bitte versuche es erneut oder lass dir das Passwort per E-Mail zusenden. Du kannst auch <a href="//de.wikipedia.org/wiki/Spezial:Userlogin/signup">ein neues Benutzerkonto erstellen</a>"

as per https://de.wikipedia.org/w/index.php?title=Wikipedia:Fragen_zur_Wikipedia&oldid=124113389#E-Mail-Adresse_.C3.A4ndern

TTO added a comment.Nov 17 2013, 8:54 AM

Inconsistency between wikitext and HTML... what a surprise.

UserloginTemplate expects its messages in HTML:

<?php $this->html( 'message' ); ?>

Whereas SpecialChangeEmail expects wikitext:

$this->getOutput()->wrapWikiMsg( "<p class='error'>\n$1\n</p>", $msg );

I guess we just change ChangeEmail to expect HTML, and officially make wrongpassword a HTML message.

sigh...

Change 95848 had a related patch set uploaded by TTO:
Make Special:ChangeEmail use HTML messages instead of wikitext

https://gerrit.wikimedia.org/r/95848

Change 95848 abandoned by TTO:
Make Special:ChangeEmail use HTML messages instead of wikitext

Reason:
Per Nikerabbit. Change is not going to be accepted.

https://gerrit.wikimedia.org/r/95848

Adding many blockers of bug 38638 to the list of "easy" bugs, to mark them as candidates for [[mw:Google Code-in]] tasks (gci2013). If you think this bug is not suitable, remove the keyword.

I don't think that something should be changed here. The wiki markup for external references[1] can be used as an alternative for this message.

[1]: https://meta.wikimedia.org/wiki/Help:HTML_in_wikitext#Permitted_HTML

See comment 2, the message is used at two places in core, at the first place it is rendered as wikitext, at the other place the message is rendered as html, there is no way to create a message which is working in both cases, because the one render does not know about [], the other not about <a></a>.

(In reply to comment #7)

See comment 2, the message is used at two places in core, at the first place
it
is rendered as wikitext, at the other place the message is rendered as html,
there is no way to create a message which is working in both cases, because
the
one render does not know about [], the other not about <a></a>.

Then the message must be split. It wouldn't be bad to also get SpecialChangeEmail to not use an HTML message though.

Change 104797 had a related patch set uploaded by Umherirrender:
Add message wrongpassword as html on Special:ChangeEmail

https://gerrit.wikimedia.org/r/104797

Change 104797 abandoned by Umherirrender:
Add message wrongpassword as html on Special:ChangeEmail

Reason:
Language team prefers a new message, will rewrite bug summary.

https://gerrit.wikimedia.org/r/104797

Language team prefers a new message, so rewrite the bug summary to document the fact. Resetting to NEW, because the existing patch is no longer useful.

Similar to bug 53655

Change 121367 had a related patch set uploaded by Ganeshaditya1:
Add message wrongpassword as html and remove its reuse in Special:ChangeEmail

https://gerrit.wikimedia.org/r/121367

Change 121367 abandoned by Ganeshaditya1:
Add message wrongpassword as html and remove its reuse in Special:ChangeEmail

Reason:
Messed up ..

https://gerrit.wikimedia.org/r/121367

TTO set Security to None.
This comment was removed by Yamelnychuk.
Yamelnychuk removed Yamelnychuk as the assignee of this task.Dec 3 2014, 5:02 PM

Language team prefers a new message, so rewrite the bug summary to document the fact. Resetting to NEW, because the existing patch is no longer useful.

Similar to bug 53655

Thanks, can you also update the task description now please?

jrbs added a subscriber: jrbs.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 29 2015, 11:57 PM

Bumping

@TerraCodes: Please avoid contentless pinging.
If you have a specific question, please ask it. If you ask a specific person, please mention their name. Thanks.

Hmm, I wonder if this task is still valid/actual. Special:ChangeEmail seems to doesn't reuse wrongpassword anymore. As far as I know, Special:ChangeEmail should also use AuthManager's reauthentication feature to make sure, that an use is allowed to change his e-mail address. In case of a wrong password, the same message as for login should be used, which sounds correct.

Hmm, I wonder if this task is still valid/actual. Special:ChangeEmail seems to doesn't reuse wrongpassword anymore. As far as I know, Special:ChangeEmail should also use AuthManager's reauthentication feature to make sure, that an use is allowed to change his e-mail address. In case of a wrong password, the same message as for login should be used, which sounds correct.

So then can this task get closed as fixed?

Florian closed this task as Invalid.Oct 13 2016, 5:47 PM

I rather would call it invalid now, as we haven't changed anything to fix it explicitly. As far as I know, the code was superseeded by AuthManager. This was in commit 02b2d8da63f6dc267a23cfba29b8c59330f82d6c, the old implementationw as completely removed in 854a462dc0aef59e1c26c057792b8a9214449af5. So the original task (as I understand it) is invalid :)