r92937 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r92936‎ \| r92937 \| r92938 >
Date:	09:49, 23 July 2011
Author:	aaron
Status:	ok (Comments)
Tags:
Comment:	Dummy-proof incLoginThrottle/clearLoginThrottle with trim()
Modified paths:	/trunk/phase3/includes/specials/SpecialUserlogin.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/specials/SpecialUserlogin.php
—	—	@@ -589,6 +589,7 @@
590	590	*/
591	591	public static function incLoginThrottle( $username ) {
592	592	global $wgPasswordAttemptThrottle, $wgMemc;
	593	+ $username = trim( $username ); // sanity
593	594
594	595	$throttleCount = 0;
595	596	if ( is_array( $wgPasswordAttemptThrottle ) ) {
—	—	@@ -616,6 +617,7 @@
617	618	*/
618	619	public static function clearLoginThrottle( $username ) {
619	620	global $wgMemc;
	621	+ $username = trim( $username ); // sanity
620	622
621	623	$throttleKey = wfMemcKey( 'password-throttle', wfGetIP(), md5( $username ) );
622	624	$wgMemc->delete( $throttleKey );

Follow-up revisions

Revision	Commit summary	Author	Date
r92938	MFT r92937	aaron	09:51, 23 July 2011

Comments

#Comment by Aaron Schulz (talk | contribs) 09:54, 23 July 2011

Unit tests might be nice to prevent this from coming up again.

Status & tagging log

23:03, 25 July 2011 😂 (talk | contribs) changed the status of r92937 [removed: new added: ok]