Bug 287741: changing password from 'password' to 'password' should not…

Bug 287741: changing password from 'password' to 'password' should not invalidate login cookies - Patch by Marc Schumann <wurblzap@gmail.com> r=LpSolit a=justdave

Bug 287741: changing password from 'password' to 'password' should not…
a2a422ca · lpsolit%gmail.com · 77788555 · a2a422ca
Commit a2a422ca authored Dec 21, 2005 by lpsolit%gmail.com
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

userprefs.cgi userprefs.cgi +2 -0

No files found.
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -98,6 +98,7 @@ sub SaveAccount {
              || ThrowUserError("new_password_missing");
            ValidatePassword($pwd1, $pwd2);

+            if ($cgi->param('Bugzilla_password') ne $pwd1) {
                my $cryptedpassword = bz_crypt($pwd1);
                trick_taint($cryptedpassword); # Only used in a placeholder
                $dbh->do(q{UPDATE profiles
@@ -109,6 +110,7 @@ sub SaveAccount {
                Bugzilla->logout(LOGOUT_KEEP_CURRENT);
            }
        }
+    }

    if(Param("allowemailchange") && $cgi->param('new_login_name')) {
        my $old_login_name = $cgi->param('Bugzilla_login');