X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FSpecialUserlogin.php;h=32799e55ab891065c6d97b95d159bc1fdf587bbb;hb=aeeec5397bb8d3b6fa9ad407a5fd7a102ef7f70f;hp=5c68b846e3ce15373ebe5c78cd58bccc46cbddaf;hpb=ea2e8d38e467af509da2fb1d73763e67c388eb1c;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/SpecialUserlogin.php b/includes/SpecialUserlogin.php
index 5c68b846e3..32799e55ab 100644
--- a/includes/SpecialUserlogin.php
+++ b/includes/SpecialUserlogin.php
@@ -128,18 +128,6 @@ class LoginForm {
 		global $wgMaxNameChars;
 		global $wgMemc, $wgAccountCreationThrottle, $wgDBname, $wgIP;
 
-		if ( $wgAccountCreationThrottle ) {
-			$key = "$wgDBname:acctcreate:ip:$wgIP";
-			$value = $wgMemc->incr( $key );
-			if ( !$value ) {
-				$wgMemc->set( $key, 1, 86400 );
-			}
-			if ( $value > $wgAccountCreationThrottle ) {
-				$this->throttleHit( $wgAccountCreationThrottle );
-				return;
-			}
-		}
-
 		if (!$wgUser->isAllowedToCreateAccount()) {
 			$this->userNotPrivilegedMessage();
 			return;
@@ -170,6 +158,19 @@ class LoginForm {
 			$this->mainLoginForm( wfMsg( "userexists" ) );
 			return;
 		}
+
+		if ( $wgAccountCreationThrottle ) {
+			$key = "$wgDBname:acctcreate:ip:$wgIP";
+			$value = $wgMemc->incr( $key );
+			if ( !$value ) {
+				$wgMemc->set( $key, 1, 86400 );
+			}
+			if ( $value > $wgAccountCreationThrottle ) {
+				$this->throttleHit( $wgAccountCreationThrottle );
+				return;
+			}
+		}
+
 		$u->addToDatabase();
 		$u->setPassword( $this->mPassword );
 		$u->setEmail( $this->mEmail );
@@ -201,12 +202,9 @@ class LoginForm {
 		}
 		$u->setId( $id );
 		$u->loadFromDatabase();
-		$ep = $u->encryptPassword( $this->mPassword );
-		if ( 0 != strcmp( $ep, $u->getPassword() ) ) {
-			if ( 0 != strcmp( $ep, $u->getNewpassword() ) ) {
-				$this->mainLoginForm( wfMsg( "wrongpassword" ) );
-				return;
-			}
+		if (!$u->checkPassword( $this->mPassword )) {
+			$this->mainLoginForm( wfMsg( "wrongpassword" ) );
+			return;
 		}
 
 		# We've verified now, update the real record