Abe Hassan (burr86) wrote in changelog,
Abe Hassan
burr86
changelog

[livejournal] r10621: Allow for rate-limiting on friend additi...

Committer: ahassan
Allow for rate-limiting on friend additions.


U   branches/r3/bin/upgrading/base-data.sql
U   branches/r3/cgi-bin/LJ/User.pm
Modified: branches/r3/bin/upgrading/base-data.sql
===================================================================
--- branches/r3/bin/upgrading/base-data.sql	2007-03-03 05:13:06 UTC (rev 10620)
+++ branches/r3/bin/upgrading/base-data.sql	2007-03-03 05:14:35 UTC (rev 10621)
@@ -495,6 +495,8 @@
 UPDATE priv_list SET des='Allows a user to approve or deny entries that are submitted to the directory. arg=Unique category number that the user has access in, or \"*\" for all categories',is_public='1',privname='Topic Dir - Screen Submissions',scope='general' WHERE privcode='topicscreencat';
 INSERT IGNORE INTO priv_list (des, is_public, privcode, privname, scope) VALUES ('Allows a user to edit site text in a given language. arg=Unique language code, optionally appended by |domainid.domaincode', '1', 'translate', 'Translate/Update Text', 'general');
 UPDATE priv_list SET des='Allows a user to edit site text in a given language. arg=Unique language code, optionally appended by |domainid.domaincode',is_public='1',privname='Translate/Update Text',scope='general' WHERE privcode='translate';
+INSERT IGNORE INTO ratelist (des, name) VALUES ('Logged when a user adds someone to their Friends list', 'addfriend');
+UPDATE ratelist SET des='Logged when a user adds someone to their Friends list' WHERE name='addfriend';
 INSERT IGNORE INTO ratelist (des, name) VALUES ('Logged when wrong username/password is used.', 'failed_login');
 UPDATE ratelist SET des='Logged when wrong username/password is used.' WHERE name='failed_login';
 INSERT IGNORE INTO ratelist (des, name) VALUES ('Logged when a user sends a friend invite', 'invitefriend');

Modified: branches/r3/cgi-bin/LJ/User.pm
===================================================================
--- branches/r3/cgi-bin/LJ/User.pm	2007-03-03 05:13:06 UTC (rev 10620)
+++ branches/r3/cgi-bin/LJ/User.pm	2007-03-03 05:14:35 UTC (rev 10621)
@@ -3332,6 +3332,12 @@
         return 0;
     }
 
+    # are they trying to add friends too quickly?
+    unless ($u->rate_log('addfriend', 1)) {
+        $$err = "You are trying to add too many friends in too short a period of time.";
+        return 0;
+    }
+
     return 1;
 }
 

Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 2 comments