diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2013-12-21 17:42:14 +0100 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2013-12-21 17:42:14 +0100 |
commit | 61858962b06866a330960bd161591b000e26ae63 (patch) | |
tree | 52e8225f3477795496db0e70baeb9183a2a054d3 | |
parent | 9e4f74655ed3ddad46019932d4b0c036af8367da (diff) | |
download | bugzilla-61858962b06866a330960bd161591b000e26ae63.tar.gz bugzilla-61858962b06866a330960bd161591b000e26ae63.tar.xz |
Bug 748095: Bugzilla crashes when the shutdownhtml parameter is set and using a non-cookie based authentication method
r=dkl a=justdave
-rw-r--r-- | Bugzilla.pm | 4 | ||||
-rw-r--r-- | Bugzilla/Auth/Persist/Cookie.pm | 7 |
2 files changed, 5 insertions, 6 deletions
diff --git a/Bugzilla.pm b/Bugzilla.pm index 99fcbed46..5344c8bc6 100644 --- a/Bugzilla.pm +++ b/Bugzilla.pm @@ -165,10 +165,8 @@ sub init_page { print Bugzilla->cgi->header(-status => 503, -retry_after => SHUTDOWNHTML_RETRY_AFTER); } - my $t_output; - $template->process("global/message.$extension.tmpl", $vars, \$t_output) + $template->process("global/message.$extension.tmpl", $vars) || ThrowTemplateError($template->error); - say $t_output; exit; } } diff --git a/Bugzilla/Auth/Persist/Cookie.pm b/Bugzilla/Auth/Persist/Cookie.pm index 9681bcea2..939a1ac9c 100644 --- a/Bugzilla/Auth/Persist/Cookie.pm +++ b/Bugzilla/Auth/Persist/Cookie.pm @@ -108,8 +108,8 @@ sub logout { if ($cookie) { push(@login_cookies, $cookie->value); } - else { - push(@login_cookies, $cgi->cookie("Bugzilla_logincookie")); + elsif ($cookie = $cgi->cookie('Bugzilla_logincookie')) { + push(@login_cookies, $cookie); } # If we are a webservice using a token instead of cookie @@ -118,7 +118,8 @@ sub logout { push(@login_cookies, $login_token->{'login_token'}); } - return if !@login_cookies; + # Make sure that @login_cookies is not empty to not break SQL statements. + push(@login_cookies, '') unless @login_cookies; # These queries use both the cookie ID and the user ID as keys. Even # though we know the userid must match, we still check it in the SQL |