From befd48c5f7d3d073de96c87375d7380f6187deb6 Mon Sep 17 00:00:00 2001
From: Chad Horohoe <chadh@wikimedia.org>
Date: Tue, 13 Mar 2018 18:43:30 +0000
Subject: [PATCH] SECURITY: Make 'newbie' limit in $wgRateLimits really
 override 'user' limit

The order of operations was incorrect.

Bug: T169545
Change-Id: Ia910aa2a494914d3b0017daac9ab294ea9fa8705
---
 includes/user/User.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/includes/user/User.php b/includes/user/User.php
index d6d4db25f3..84b95b4c33 100644
--- a/includes/user/User.php
+++ b/includes/user/User.php
@@ -2165,10 +2165,6 @@ class User implements IDBAccessObject, UserIdentity {
 			if ( isset( $limits['user'] ) ) {
 				$userLimit = $limits['user'];
 			}
-			// limits for newbie logged-in users
-			if ( $isNewbie && isset( $limits['newbie'] ) ) {
-				$keys[$cache->makeKey( 'limiter', $action, 'user', $id )] = $limits['newbie'];
-			}
 		}
 
 		// limits for anons and for newbie logged-in users
@@ -2200,6 +2196,11 @@ class User implements IDBAccessObject, UserIdentity {
 			}
 		}
 
+		// limits for newbie logged-in users (override all the normal user limits)
+		if ( $id !== 0 && $isNewbie && isset( $limits['newbie'] ) ) {
+			$userLimit = $limits['newbie'];
+		}
+
 		// Set the user limit key
 		if ( $userLimit !== false ) {
 			list( $max, $period ) = $userLimit;
-- 
2.20.1