Fix for r86482: throttle password attempts for SpecialChangePassword (uses r92884...

diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php
index 3004b12..3abfa02 100644 (file)
--- a/includes/specials/SpecialChangePassword.php
+++ b/includes/specials/SpecialChangePassword.php
@@ -215,6 +215,11 @@ class SpecialChangePassword extends SpecialPage {
                        throw new PasswordError( wfMsg( 'badretype' ) );
                }
 
+               $throttleCount = LoginForm::incLoginThrottle( $this->mUserName );
+               if ( $throttleCount === true ) {
+                       throw new PasswordError( wfMsg( 'login-throttled' ) );
+               }
+
                if( !$user->checkTemporaryPassword($this->mOldpass) && !$user->checkPassword($this->mOldpass) ) {
                        wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'wrongpassword' ) );
                        throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) );