Extension:EditAccount/de-formal
Warning: The code or configuration described here poses a major security risk. Site administrators: You are advised against using it until this security issue is resolved. Problem: This extension is believed to pose serious security and/or privacy risks! Users with access to this extension can change a user's email address and password, which basically gives them the ability to take over another user's account. Additionally, users can indefinitely disable a user account which is not reversible via an extension or other special page. Therefore, do NOT grant a user access to this extension unless you 100% trust them not to abuse it. It is recommended to only grant access to bureaucrat or higher access levels. We are not responsible for any security and/or privacy leaks. Solution: If unsure, do not install this extension. |
 Release status: stable |
|
|---|---|
 |
|
| Implementation | Special page |
| Description | Allows editing account details, or disabling an account |
| Author(s) | Łukasz Garczewski, Jack Phoenix |
| Maintainer(s) | WikiTeq team |
| Latest version | 1.3.4 (2022-12-13) |
| Compatibility policy | For every MediaWiki release that is a Long Term Support release there is a corresponding branch in the extension. |
| MediaWiki | 1.35-1.39 |
| License | GNU General Public License 2.0 or later |
| Download | |
|
editaccount |
|
| Quarterly downloads | 66 (Ranked 114th) |
| Translate the EditAccount extension if it is available at translatewiki.net | |
| Issues | Open tasks · Report a bug |
The EditAccount extension has two main purposes. One is to change the password, real name, or email address of another user. The second is to disable the account of another user.
The special page may be limited to a certain user group such as staff or bureaucrats.
Effects
Changing the password
Changing the password will automatically log out the user. Since the password is changed, it can prevent access to their account. This can be an alternative to disabling the user's account.
Disabling an account
Similar to the above, the user will be logged out immediately. Alongside that, the following will take effect:
- The user's password will be scrambled, preventing them from logging in.
- The user's email address will be removed, and the email authentication status will be also set to "not authenticated".
- The user's real name will be set to "Account Disabled".
Note that the registration date and other preferences info will not be affected.
When viewing the contributions of a disabled user account, a note appears stating "This account has been disabled." (View example).
All account edits are automatically logged.
Installation
- Die Erweiterung herunterladen und die Datei(en) in ein Verzeichnis namens
EditAccountim Ordnerextensions/ablegen. - Folgenden Code am Ende Ihrer
LocalSettings.phphinzufügen:wfLoadExtension( 'EditAccount' );
- Configure user group and user right at your convenience.
Done – Zu Special:Version in dem Wiki (bei Einstellung auf deutsch nach Spezial:Version) navigieren, um die erfolgreiche Installierung der Erweiterung zu überprüfen.
Für Benutzer, die MediaWiki in der Version 1.28 und früher betreiben:
Die oben stehenden Anweisungen beschreiben die neue Installationsanweisung für diese Erweiterung unter der Verwendung von wfLoadExtension().
Wird diese Erweiterung in einer dieser früheren Versionen (MediaWiki 1.28 und früher) – an Stelle von wfLoadExtension( 'EditAccount' ); – installiert, benutzen Sie:
require_once "$IP/extensions/EditAccount/EditAccount.php";
Configuration
By default, all user groups will only have permission to close their own accounts. The user right "editaccount" will have to be set for an existing user group, e.g. "bureaucrat" or for a new user group to allow editing or closing all accounts:
$wgGroupPermissions['bureaucrat']['editaccount'] = true;
$wgGroupPermissions['editaccount']['editaccount'] = true;
Logging
Use of the special pages "CloseAccount" and "EditAccount" is logged at Special:Log/editaccnt. This log can be set to private if needed.
- Example log entries
* 04:41, March 18, 2011 WikiAdmin (Talk | contribs | block) disabled account User:Example user
* 02:11, February 17, 2011 StaffMember (Talk | contribs | block) changed password for user User:Jimbo Wales
Related extensions
- Sudo - Allows logging into other user's accounts.
- DisableAccount - Allows administrators to disable individual accounts.
- UserMerge - Allows merging and deleting user accounts.
| This extension is included in the following packages and/or wiki farms: This is not an authoritative list. Some wiki farms/hosts may contain this extension even if they are not listed here. Always check with your wiki farms/hosts or bundle to confirm. |