| Index: trunk/phase3/includes/DefaultSettings.php |
| — | — | @@ -3362,4 +3362,4 @@ |
| 3363 | 3363 | * Limit password attempts to X attempts per Y seconds per IP per account. |
| 3364 | 3364 | * Requires memcached. |
| 3365 | 3365 | */ |
| 3366 | | -$wgPasswordAttemptThrottle = array( 5, 300 ); |
| \ No newline at end of file |
| | 3366 | +$wgPasswordAttemptThrottle = array( 'count' => 5, 'seconds' => 300 ); |
| Index: trunk/phase3/includes/specials/SpecialUserlogin.php |
| — | — | @@ -375,19 +375,19 @@ |
| 376 | 376 | } |
| 377 | 377 | |
| 378 | 378 | global $wgPasswordAttemptThrottle; |
| 379 | | - if (is_array($wgPasswordAttemptThrottle) && count($wgPasswordAttemptThrottle) >=2) { |
| 380 | | - list($count,$period) = $wgPasswordAttemptThrottle; |
| | 379 | + if ( is_array($wgPasswordAttemptThrottle) ) { |
| 381 | 380 | $key = wfMemcKey( 'password-throttle', wfGetIP(), $this->mName ); |
| | 381 | + $count = $wgPasswordAttemptThrottle['count']; |
| | 382 | + $period = $wgPasswordAttemptThrottle['seconds']; |
| 382 | 383 | |
| 383 | 384 | global $wgMemc; |
| 384 | 385 | $cur = $wgMemc->get($key); |
| 385 | | - if ($cur>0 && $cur<$count) { |
| | 386 | + if ( !$cur ) { |
| | 387 | + $wgMemc->add( $key, 1, $period ); // start counter |
| | 388 | + } else if ( $cur < $count ) { |
| 386 | 389 | $wgMemc->incr($key); |
| 387 | | - // Okay |
| 388 | | - } elseif ($cur>0) { |
| | 390 | + } else if ( $cur >= $count ) { |
| 389 | 391 | return self::THROTTLED; |
| 390 | | - } elseif (!$cur) { |
| 391 | | - $wgMemc->add( $key, 1, $period ); |
| 392 | 392 | } |
| 393 | 393 | } |
| 394 | 394 | |