From c9dc6c1d69f7cf452a5801d11cb933755d2a58ac Mon Sep 17 00:00:00 2001
From: Aaron Schulz <aaron@users.mediawiki.org>
Date: Fri, 22 Jul 2011 21:06:39 +0000
Subject: [PATCH] Fix for r86482: throttle password attempts for
 SpecialChangePassword (uses r92884, r92886 code)

---
 includes/specials/SpecialChangePassword.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php
index 3004b127fe..3abfa023e6 100644
--- a/includes/specials/SpecialChangePassword.php
+++ b/includes/specials/SpecialChangePassword.php
@@ -215,6 +215,11 @@ class SpecialChangePassword extends SpecialPage {
 			throw new PasswordError( wfMsg( 'badretype' ) );
 		}
 
+		$throttleCount = LoginForm::incLoginThrottle( $this->mUserName );
+		if ( $throttleCount === true ) {
+			throw new PasswordError( wfMsg( 'login-throttled' ) );
+		}
+
 		if( !$user->checkTemporaryPassword($this->mOldpass) && !$user->checkPassword($this->mOldpass) ) {
 			wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'wrongpassword' ) );
 			throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) );
-- 
2.20.1