From f78497baebf2e0647faf4267d7eb5daae0ec06ed Mon Sep 17 00:00:00 2001 From: Aaron Schulz Date: Fri, 8 Aug 2008 21:43:34 +0000 Subject: [PATCH] $wgPasswordAttemptThrottle cleanup --- includes/DefaultSettings.php | 2 +- includes/specials/SpecialUserlogin.php | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 2feb33c0fa..a9e300970f 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -3362,4 +3362,4 @@ $wgUseAutomaticEditSummaries = true; * Limit password attempts to X attempts per Y seconds per IP per account. * Requires memcached. */ -$wgPasswordAttemptThrottle = array( 5, 300 ); \ No newline at end of file +$wgPasswordAttemptThrottle = array( 'count' => 5, 'seconds' => 300 ); diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index f597d62b16..4719a71b91 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -375,19 +375,19 @@ class LoginForm { } global $wgPasswordAttemptThrottle; - if (is_array($wgPasswordAttemptThrottle) && count($wgPasswordAttemptThrottle) >=2) { - list($count,$period) = $wgPasswordAttemptThrottle; + if ( is_array($wgPasswordAttemptThrottle) ) { $key = wfMemcKey( 'password-throttle', wfGetIP(), $this->mName ); + $count = $wgPasswordAttemptThrottle['count']; + $period = $wgPasswordAttemptThrottle['seconds']; global $wgMemc; $cur = $wgMemc->get($key); - if ($cur>0 && $cur<$count) { + if ( !$cur ) { + $wgMemc->add( $key, 1, $period ); // start counter + } else if ( $cur < $count ) { $wgMemc->incr($key); - // Okay - } elseif ($cur>0) { + } else if ( $cur >= $count ) { return self::THROTTLED; - } elseif (!$cur) { - $wgMemc->add( $key, 1, $period ); } } -- 2.20.1