Dummy-proof incLoginThrottle/clearLoginThrottle with trim()

author Aaron Schulz <aaron@users.mediawiki.org>

Sat, 23 Jul 2011 09:49:54 +0000 (09:49 +0000)

committer Aaron Schulz <aaron@users.mediawiki.org>

Sat, 23 Jul 2011 09:49:54 +0000 (09:49 +0000)
author Aaron Schulz <aaron@users.mediawiki.org>
Sat, 23 Jul 2011 09:49:54 +0000 (09:49 +0000)
committer Aaron Schulz <aaron@users.mediawiki.org>
Sat, 23 Jul 2011 09:49:54 +0000 (09:49 +0000)
diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php

index 37408cd..a933041 100644 (file)
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -589,6 +589,7 @@ class LoginForm extends SpecialPage {
          */
         public static function incLoginThrottle( $username ) {
                 global $wgPasswordAttemptThrottle, $wgMemc;
+               $username = trim( $username ); // sanity
  
                 $throttleCount = 0;
                 if ( is_array( $wgPasswordAttemptThrottle ) ) {
@@ -616,6 +617,7 @@ class LoginForm extends SpecialPage {
          */
         public static function clearLoginThrottle( $username ) {
                 global $wgMemc;
+               $username = trim( $username ); // sanity
  
                 $throttleKey = wfMemcKey( 'password-throttle', wfGetIP(), md5( $username ) );
                 $wgMemc->delete( $throttleKey );
author	Aaron Schulz <aaron@users.mediawiki.org>
	Sat, 23 Jul 2011 09:49:54 +0000 (09:49 +0000)
committer	Aaron Schulz <aaron@users.mediawiki.org>
	Sat, 23 Jul 2011 09:49:54 +0000 (09:49 +0000)