* Make a better rate-limiting error message (i.e. a normal MW error, rather than an "Internal Server Error").
fix) was faulty. Now fixed.
* Fixed wpReason URL parameter to action=delete.
* Do not force a password for account creation by email
+* Ensure that rate-limiting is applied to rollbacks.
+* Make a better rate-limiting error message (i.e. a normal MW error,
+ rather than an "Internal Server Error").
=== API changes in 1.12 ===
const BAD_TITLE = 5; // $this is not a valid Article
const ALREADY_ROLLED = 6; // Someone else already rolled this back. $from and $summary will be set
const ONLY_AUTHOR = 7; // User is the only author of the page
+ const RATE_LIMITED = 8;
/**
* Constructor and clear the article
if( !$wgUser->matchEditToken( $token, array( $this->mTitle->getPrefixedText(), $fromP ) ) )
return self::BAD_TOKEN;
+ if ( $wgUser->pingLimiter('rollback') || $wgUser->pingLimiter() ) {
+ return self::RATE_LIMITED;
+ }
+
$dbw = wfGetDB( DB_MASTER );
# Get the last editor
$wgOut->setPageTitle( wfMsg( 'rollbackfailed' ) );
$wgOut->addHtml( wfMsg( 'cantrollback' ) );
break;
+ case self::RATE_LIMITED:
+ $wgOut->rateLimited();
+ break;
case self::SUCCESS:
$current = $details['current'];
$target = $details['target'];
if( $value == self::AS_SUCCESS_UPDATE || $value == self::AS_SUCCESS_NEW_ARTICLE ) {
$this->didSave = true;
}
-
+
switch ($value)
{
case self::AS_HOOK_ERROR_EXPECTED:
*/
public function rateLimited() {
global $wgOut;
- $wgOut->disable();
- wfHttpError( 500, 'Internal Server Error',
- 'Sorry, the server has encountered an internal error. ' .
- 'Please wait a moment and hit "refresh" to submit the request again.' );
+
+ $this->setPageTitle(wfMsg('actionthrottled'));
+ $this->setRobotPolicy( 'noindex,nofollow' );
+ $this->setArticleRelated( false );
+ $this->enableClientCache( false );
+ $this->mRedirect = '';
+ $this->clearHTML();
+ $this->setStatusCode(503);
+ $this->addWikiText( wfMsg('actionthrottledtext') );
+
+ $this->returnToMain( false, $wgTitle );
}
/**
Query: $2',
'viewsource' => 'View source',
'viewsourcefor' => 'for $1',
+'actionthrottled' => 'Action Throttled',
+'actionthrottledtext' => "As an anti-spam measure, you are limited from performing this action too many times in a short space of time, and you have exceeded this limit. Please try again in a few minutes.",
'protectedpagetext' => 'This page has been locked to prevent editing.',
'viewsourcetext' => 'You can view and copy the source of this page:',
'protectedinterface' => 'This page provides interface text for the software, and is locked to prevent abuse.',