From: Aaron Schulz <aaron@users.mediawiki.org>
Date: Fri, 22 Jul 2011 21:06:39 +0000 (+0000)
Subject: Fix for r86482: throttle password attempts for SpecialChangePassword (uses r92884... 
X-Git-Tag: 1.31.0-rc.0~28680
X-Git-Url: https://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/banques/ajouter.php?a=commitdiff_plain;h=c9dc6c1d69f7cf452a5801d11cb933755d2a58ac;p=lhc%2Fweb%2Fwiklou.git

Fix for r86482: throttle password attempts for SpecialChangePassword (uses r92884, r92886 code)
---

diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php
index 3004b127fe..3abfa023e6 100644
--- a/includes/specials/SpecialChangePassword.php
+++ b/includes/specials/SpecialChangePassword.php
@@ -215,6 +215,11 @@ class SpecialChangePassword extends SpecialPage {
 			throw new PasswordError( wfMsg( 'badretype' ) );
 		}
 
+		$throttleCount = LoginForm::incLoginThrottle( $this->mUserName );
+		if ( $throttleCount === true ) {
+			throw new PasswordError( wfMsg( 'login-throttled' ) );
+		}
+
 		if( !$user->checkTemporaryPassword($this->mOldpass) && !$user->checkPassword($this->mOldpass) ) {
 			wfRunHooks( 'PrefsPasswordAudit', array( $user, $newpass, 'wrongpassword' ) );
 			throw new PasswordError( wfMsg( 'resetpass-wrong-oldpass' ) );