jenkins-bot has submitted this change and it was merged.
Change subject: In login-throttled, specify how long you have to wait before
logging in
......................................................................
In login-throttled, specify how long you have to wait before logging in
Throttle time will be enough to give an idea of the time to wait.
The actual time seems to be the time since the first of the last n
attempts in time t as per $wgPasswordAttemptThrottle, but it does not
seem too bad if the user gets a new full pool of allowed attempts.
Bug: 46965
Change-Id: Id385be840f340476fbe7a818ff1d05154fe86d68
---
M includes/specials/SpecialUserlogin.php
M languages/messages/MessagesEn.php
M languages/messages/MessagesQqq.php
3 files changed, 9 insertions(+), 4 deletions(-)
Approvals:
Nikerabbit: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/specials/SpecialUserlogin.php
b/includes/specials/SpecialUserlogin.php
index df1b16e..cfd617e 100644
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -734,7 +734,7 @@
}
function processLogin() {
- global $wgMemc, $wgLang, $wgSecureLogin;
+ global $wgMemc, $wgLang, $wgSecureLogin,
$wgPasswordAttemptThrottle;
switch ( $this->authenticateUserData() ) {
case self::SUCCESS:
@@ -810,7 +810,10 @@
$this->userBlockedMessage(
$this->getUser()->isBlockedFromCreateAccount() );
break;
case self::THROTTLED:
- $this->mainLoginForm( $this->msg(
'login-throttled' )->text() );
+ $this->mainLoginForm( $this->msg(
'login-throttled' )
+ ->params ( $lang->formatDuration(
$wgPasswordAttemptThrottle['seconds'] ) )
+ ->text()
+ );
break;
case self::USER_BLOCKED:
$this->mainLoginForm( $this->msg(
'login-userblocked',
diff --git a/languages/messages/MessagesEn.php
b/languages/messages/MessagesEn.php
index 67fe889..bfe6bd0 100644
--- a/languages/messages/MessagesEn.php
+++ b/languages/messages/MessagesEn.php
@@ -1246,7 +1246,7 @@
You may ignore this message, if this account was created in error.',
'usernamehasherror' => 'Username cannot contain hash characters',
'login-throttled' => 'You have made too many recent login
attempts.
-Please wait before trying again.',
+Please wait $1 before trying again.',
'login-abort-generic' => 'Your login was unsuccessful - Aborted',
'loginlanguagelabel' => 'Language: $1',
'loginlanguagelinks' => '* {{#language:de}}|de
diff --git a/languages/messages/MessagesQqq.php
b/languages/messages/MessagesQqq.php
index 8665330..3cfc222 100644
--- a/languages/messages/MessagesQqq.php
+++ b/languages/messages/MessagesQqq.php
@@ -1466,7 +1466,9 @@
*Parameter $2 is the name entered as username.
*Parameter $3 is a password (randomly generated).
*Parameter $4 is a URL to the wiki',
-'login-throttled' => 'Error message shown at [[Special:UserLogin]] after 5
wrong passwords. The hardcoded waiting time is 300 seconds.',
+'login-throttled' => 'Error message shown at [[Special:UserLogin]] after the
user has tried to login with incorrect password too many times. The user has to
wait a certain time before trying to log in again.
+* $1: the time to wait before the next login attempt. Automatically formatted
using the
[//www.mediawiki.org/w/index.php?title=Special%3AAllMessages&prefix=duration&filter=all
duration-* messages].
+This is a protection against robots trying to find the password by trying lots
of them. The number of attempts and waiting time are configured via
[[mw:Manual:$wgPasswordAttemptThrottle|$wgPasswordAttemptThrottle]].',
'login-abort-generic' => 'The generic unsuccessful login message is used
unless otherwise specified by hook writers',
'loginlanguagelabel' => 'Used on [[Special:UserLogin]] if
$wgLoginLanguageSelector is true. $1 is a pipe-separated list built from the
names that appear in the message {{msg-mw|Loginlanguagelinks}}.
{{Identical|Language}}',
--
To view, visit https://gerrit.wikimedia.org/r/78649
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Id385be840f340476fbe7a818ff1d05154fe86d68
Gerrit-PatchSet: 3
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Nemo bis <[email protected]>
Gerrit-Reviewer: CSteipp <[email protected]>
Gerrit-Reviewer: Mattflaschen <[email protected]>
Gerrit-Reviewer: Nikerabbit <[email protected]>
Gerrit-Reviewer: Parent5446 <[email protected]>
Gerrit-Reviewer: Siebrand <[email protected]>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
