summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Auth/Login/WWW
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2005-11-22 04:35:02 +0100
committerlpsolit%gmail.com <>2005-11-22 04:35:02 +0100
commit16b3aa28d839fa105a6690d40b5b7a05b88ec8fc (patch)
tree46168e3f72509720dc25fd984cfe3c997fad75f6 /Bugzilla/Auth/Login/WWW
parent405a787e44373028939d953263aa6a8f4f126203 (diff)
downloadbugzilla-16b3aa28d839fa105a6690d40b5b7a05b88ec8fc.tar.gz
bugzilla-16b3aa28d839fa105a6690d40b5b7a05b88ec8fc.tar.xz
Bug 279716: Users have to relogin when changing their own password - Patch by Marc Schumann <wurblzap@gmail.com> r=wicked a=justdave
Diffstat (limited to 'Bugzilla/Auth/Login/WWW')
-rw-r--r--Bugzilla/Auth/Login/WWW/CGI.pm14
1 files changed, 12 insertions, 2 deletions
diff --git a/Bugzilla/Auth/Login/WWW/CGI.pm b/Bugzilla/Auth/Login/WWW/CGI.pm
index 00d5e382a..22b2bf1fb 100644
--- a/Bugzilla/Auth/Login/WWW/CGI.pm
+++ b/Bugzilla/Auth/Login/WWW/CGI.pm
@@ -195,6 +195,7 @@ sub can_logout { return 1; }
sub logout {
my ($class, $user, $option) = @_;
my $dbh = Bugzilla->dbh;
+ my $cgi = Bugzilla->cgi;
$option = LOGOUT_ALL unless defined $option;
if ($option == LOGOUT_ALL) {
@@ -203,8 +204,17 @@ sub logout {
return;
}
- # The LOGOUT_*_CURRENT options require a cookie
- my $cookie = Bugzilla->cgi->cookie("Bugzilla_logincookie");
+ # The LOGOUT_*_CURRENT options require the current login cookie.
+ # If a new cookie has been issued during this run, that's the current one.
+ # If not, it's the one we've received.
+ my $cookie;
+ foreach (@{$cgi->{'Bugzilla_cookie_list'}}) {
+ if ($_->name() eq 'Bugzilla_logincookie') {
+ $cookie = $_->value();
+ last;
+ }
+ }
+ $cookie ||= $cgi->cookie("Bugzilla_logincookie");
detaint_natural($cookie);
# These queries use both the cookie ID and the user ID as keys. Even