Jump to content

Topic on Extension talk:ImportUsers/Archive 2

Patching for a 1.37 version

2
Summary by Elcapitan68

Patch is created and merged.

Daviduclsop (talkcontribs)

I rely on this extension for periodically enrolling about 200 students into a wiki. I have now upgraded to wiki 1.37 from 1.31 and need this extension.

My understanding of the mediawiki processes involved and my PHP is not up to a complete repair but I can see what is wrong and have modified a version that will work.

ImportUsers is a relatively simple extension and has broken due to one method, user->setPassword(), being removed.

This is line 134 on the 1.37 download version with the single SpecialImportusers.php file. There is a second instance further down if the 'Replace existing users' option is used.

The maintenance script referred to below this comment is not really useful in that it does not add real name and email when creating the user. However it does set passwords.

The working script section for the password can be lifted from createAndPromote.php and pasted into the extension where it needs to set the password.

This will then use the correct mediawiki process to set the password.:The section starts at line 131 in my createAndPromote.php in the 1.37 maintenance folder.

I removed the try / catch section that checks the status return both for simplicity, complexity in displaying the errors and also because it is not so useful. It does not check for invalid passwords, only for those in the common password list such as 'pass'. Then if you catch the password, the account has already been created but with no password.

The status return can be used to add a warning that the account is created with no password. A similar message can added in replace users section.

Potential password errors can best be avoided by care in generating the csv file.

The modified script section in SpecialImportusers.php is as follows. There are no other files that need to be changed.

   # $nextUser->setPassword( $newuserarray[1] ); # comment out this line - this method has now been removed with the Authentication changes

   $password = $newuserarray[1];    # changing the variable for simplicity - single variable - more readable    

   $status = $nextUser->changeAuthenticationData( [ # Sets the password with correct default type :pbkdf2:

            'username' => $nextUser->getName(),

            'password' => $password,

            'retype' => $password,

     ] );

    # the try / catch block for status check of the password is removed.

    # The status error return is not very useful. It does not check invalid passwords only those on a list of common passwords.

    if ( !$status->isGood() ) { # warning message for password error

        $output .= '<br><b> The "'.$password.'" password for user '.$nextUser->getName().' is invalid. It belongs to the group of common passwords </b><br>The user has been created with no password. Use replace user option with valid password.<br>';

    }

   # so assume password correct - check input csv file to make sure - so no errors

   # followed by

   $nextUser->saveSettings(); # this writes the user details to the database


To use the 'replace existing users' option the setPassword() function needs to be replaced in the same way in the ''} elseif ( $replace_present ) {'' block, lower down.

It will generate the original error if this is not done and the option is selected.

Care needs to be taken that the password in the csv file is valid.

I have not used the add to groups. In fact in my version I have removed the option.

However, with the simple change implemented, the extension will work.

This is not a complete repair and so I am not adding it as a working extension.

Hopefully someone else can take this and add the error checking and replace the extension as a workable unit.

Bawolff (talkcontribs)