Set $lock_out_after_incorrect_logins out of the box

2024-10-22 14:05:37 +02:00 · 2014-07-05 12:53:43 +12:00 · 2014-07-05 12:53:43 +12:00 · 61ec808604
commit 61ec808604
parent 2c25358828
2 changed files with 6 additions and 1 deletions
--- a/docs/en/changelogs/3.1.7.md
+++ b/docs/en/changelogs/3.1.7.md
@ -0,0 +1,5 @@
+# 3.1.7
+
+## Security
+
+* 2014-07-05 [c247dd5](https://github.com/silverstripe/silverstripe-framework/commit/c247dd5) Add default $lock_out_after_incorrect_logins value [SS-2014-016].
--- a/security/Member.php
+++ b/security/Member.php
@ -135,7 +135,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
 	 * the user is blocked from further attempts for the timespan 
 	 * defined in {@link $lock_out_delay_mins}. 
 	 */
-	private static $lock_out_after_incorrect_logins = null;
+	private static $lock_out_after_incorrect_logins = 10;

 	/**
 	 * @config