$wgHideUserContribLimit = 1000;
/**
- * Number of accounts each IP address may create, 0 to disable.
+ * Number of accounts each IP address may create per specified period(s).
+ *
+ * @par Example:
+ * @code
+ * $wgAccountCreationThrottle = [
+ * // no more than 100 per month
+ * [
+ * 'count' => 100,
+ * 'seconds' => 30*86400,
+ * ],
+ * // no more than 10 per day
+ * [
+ * 'count' => 10,
+ * 'seconds' => 86400,
+ * ],
+ * ];
+ * @endcode
*
* @warning Requires $wgMainCacheType to be enabled
*/
-$wgAccountCreationThrottle = 0;
+$wgAccountCreationThrottle = [ [
+ 'count' => 0,
+ 'seconds' => 86400,
+] ];
/**
* Edits matching these regular expressions in body text
public function setConfig( Config $config ) {
parent::setConfig( $config );
+ $accountCreationThrottle = $this->config->get( 'AccountCreationThrottle' );
+ // Handle old $wgAccountCreationThrottle format (number of attempts per 24 hours)
+ if ( !is_array( $accountCreationThrottle ) ) {
+ $accountCreationThrottle = [ [
+ 'count' => $accountCreationThrottle,
+ 'seconds' => 86400,
+ ] ];
+ }
+
// @codeCoverageIgnoreStart
$this->throttleSettings += [
// @codeCoverageIgnoreEnd
- 'accountCreationThrottle' => [ [
- 'count' => $this->config->get( 'AccountCreationThrottle' ),
- 'seconds' => 86400,
- ] ],
+ 'accountCreationThrottle' => $accountCreationThrottle,
'passwordAttemptThrottle' => $this->config->get( 'PasswordAttemptThrottle' ),
];
$result = $this->accountCreationThrottle->increase( null, $ip, __METHOD__ );
if ( $result ) {
- return \StatusValue::newFatal( 'acct_creation_throttle_hit', $result['count'] );
+ $message = wfMessage( 'acct_creation_throttle_hit' )->params( $result['count'] )
+ ->durationParams( $result['wait'] );
+ return \StatusValue::newFatal( $message );
}
return \StatusValue::newGood();
"signupend": "",
"signupend-https": "",
"mailerror": "Error sending mail: $1",
- "acct_creation_throttle_hit": "Visitors to this wiki using your IP address have created {{PLURAL:$1|1 account|$1 accounts}} in the last day, which is the maximum allowed in this time period.\nAs a result, visitors using this IP address cannot create any more accounts at the moment.",
+ "acct_creation_throttle_hit": "Visitors to this wiki using your IP address have created {{PLURAL:$1|1 account|$1 accounts}} in the last $2, which is the maximum allowed in this time period.\nAs a result, visitors using this IP address cannot create any more accounts at the moment.",
"emailauthenticated": "Your email address was confirmed on $2 at $3.",
"emailnotauthenticated": "Your email address is not yet confirmed.\nNo email will be sent for any of the following features.",
"noemailprefs": "Specify an email address in your preferences for these features to work.",
"signupend": "{{notranslate}}",
"signupend-https": "{{notranslate}}",
"mailerror": "Used as error message in sending confirmation mail to user. Parameters:\n* $1 - new mail address",
- "acct_creation_throttle_hit": "Error message at [[Special:CreateAccount]].\n\n\"in the last day\" precisely means: during the lasts 86400 seconds (24 hours) ending right now.\n\nParameters:\n* $1 - number of accounts",
+ "acct_creation_throttle_hit": "Error message at [[Special:CreateAccount]].\n\nParameters:\n* $1 - number of accounts\n* $2 - period",
"emailauthenticated": "In user preferences ([[Special:Preferences]] > {{int:prefs-personal}} > {{int:email}}) and on [[Special:ConfirmEmail]].\n\nParameters:\n* $1 - (Unused) obsolete, date and time\n* $2 - date\n* $3 - time",
"emailnotauthenticated": "Message in [[Special:Preferences]] > {{int:prefs-personal}} > {{int:email}}.\n\nIt appears after saving your email address but before you confirm it.",
"noemailprefs": "Message appearing in the \"Email options\" section of the \"User profile\" page in [[Special:Preferences|Preferences]], when no user email address has been entered.",
$provider = new ThrottlePreAuthenticationProvider();
$providerPriv = \TestingAccessWrapper::newFromObject( $provider );
$config = new \HashConfig( [
- 'AccountCreationThrottle' => 123,
+ 'AccountCreationThrottle' => [ [
+ 'count' => 123,
+ 'seconds' => 86400,
+ ] ],
'PasswordAttemptThrottle' => [ [
'count' => 5,
'seconds' => 300,
] );
$providerPriv = \TestingAccessWrapper::newFromObject( $provider );
$config = new \HashConfig( [
- 'AccountCreationThrottle' => 123,
+ 'AccountCreationThrottle' => [ [
+ 'count' => 123,
+ 'seconds' => 86400,
+ ] ],
'PasswordAttemptThrottle' => [ [
'count' => 5,
'seconds' => 300,
}
$this->assertEquals(
- \StatusValue::newGood(),
- $provider->testForAccountCreation( $user, $creator, [] ),
+ true,
+ $provider->testForAccountCreation( $user, $creator, [] )->isOK(),
'attempt #1'
);
$this->assertEquals(
- \StatusValue::newGood(),
- $provider->testForAccountCreation( $user, $creator, [] ),
+ true,
+ $provider->testForAccountCreation( $user, $creator, [] )->isOK(),
'attempt #2'
);
$this->assertEquals(
- $succeed ? \StatusValue::newGood() : \StatusValue::newFatal( 'acct_creation_throttle_hit', 2 ),
- $provider->testForAccountCreation( $user, $creator, [] ),
+ $succeed ? true : false,
+ $provider->testForAccountCreation( $user, $creator, [] )->isOK(),
'attempt #3'
);
}