diff options
author | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-08-02 16:31:15 -0400 |
---|---|---|
committer | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-08-02 16:31:15 -0400 |
commit | 7099c40bcc035e3b96ddd3e976d1cdbcfbf09398 (patch) | |
tree | 2fbc86f9c4cba01c0a266b7fefdd38b1ec3b5c01 /includes/specials | |
parent | a5f917bbc55e295896b8084f6657eb8b6abaf8a8 (diff) | |
parent | b5e7f46db0fcb6f251206eaf36339ad3ad589f8b (diff) |
Merge branch 'archwiki' into lukeshu/masterHEADproductionmaster
Diffstat (limited to 'includes/specials')
-rw-r--r-- | includes/specials/SpecialUserlogin.php | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index 21f1194f..2d6737bd 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -628,7 +628,7 @@ class LoginForm extends SpecialPage { "allowed account creation w/o throttle\n" ); } else { if ( ( $wgAccountCreationThrottle && $currentUser->isPingLimitable() ) ) { - $key = wfMemcKey( 'acctcreate', 'ip', $ip ); + $key = wfGlobalCacheKey( 'acctcreate', 'ip', $ip ); $value = $wgMemc->get( $key ); if ( !$value ) { $wgMemc->set( $key, 0, 86400 ); @@ -862,11 +862,12 @@ class LoginForm extends SpecialPage { */ public static function incLoginThrottle( $username ) { global $wgPasswordAttemptThrottle, $wgMemc, $wgRequest; - $username = trim( $username ); // sanity + $canUsername = User::getCanonicalName( $username, 'usable' ); + $username = $canUsername !== false ? $canUsername : $username; $throttleCount = 0; if ( is_array( $wgPasswordAttemptThrottle ) ) { - $throttleKey = wfMemcKey( 'password-throttle', $wgRequest->getIP(), md5( $username ) ); + $throttleKey = wfGlobalCacheKey( 'password-throttle', $wgRequest->getIP(), md5( $username ) ); $count = $wgPasswordAttemptThrottle['count']; $period = $wgPasswordAttemptThrottle['seconds']; @@ -890,9 +891,10 @@ class LoginForm extends SpecialPage { */ public static function clearLoginThrottle( $username ) { global $wgMemc, $wgRequest; - $username = trim( $username ); // sanity + $canUsername = User::getCanonicalName( $username, 'usable' ); + $username = $canUsername !== false ? $canUsername : $username; - $throttleKey = wfMemcKey( 'password-throttle', $wgRequest->getIP(), md5( $username ) ); + $throttleKey = wfGlobalCacheKey( 'password-throttle', $wgRequest->getIP(), md5( $username ) ); $wgMemc->delete( $throttleKey ); } @@ -1608,7 +1610,8 @@ class LoginForm extends SpecialPage { if ( $wgSecureLogin && !$this->mStickHTTPS ) { $wgCookieSecure = false; } - + // Always make sure edit token is regenerated. (T114419) + $this->getRequest()->setSessionData( 'wsEditToken', null ); wfResetSessionID(); } |