diff options
| author | lpsolit%gmail.com <> | 2005-11-22 04:35:02 +0100 |
|---|---|---|
| committer | lpsolit%gmail.com <> | 2005-11-22 04:35:02 +0100 |
| commit | 16b3aa28d839fa105a6690d40b5b7a05b88ec8fc (patch) | |
| tree | 46168e3f72509720dc25fd984cfe3c997fad75f6 /Bugzilla | |
| parent | 405a787e44373028939d953263aa6a8f4f126203 (diff) | |
| download | bugzilla-16b3aa28d839fa105a6690d40b5b7a05b88ec8fc.tar.gz bugzilla-16b3aa28d839fa105a6690d40b5b7a05b88ec8fc.tar.xz | |
Bug 279716: Users have to relogin when changing their own password - Patch by Marc Schumann <wurblzap@gmail.com> r=wicked a=justdave
Diffstat (limited to 'Bugzilla')
| -rw-r--r-- | Bugzilla/Auth/Login/WWW/CGI.pm | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/Bugzilla/Auth/Login/WWW/CGI.pm b/Bugzilla/Auth/Login/WWW/CGI.pm index 00d5e382a..22b2bf1fb 100644 --- a/Bugzilla/Auth/Login/WWW/CGI.pm +++ b/Bugzilla/Auth/Login/WWW/CGI.pm @@ -195,6 +195,7 @@ sub can_logout { return 1; } sub logout { my ($class, $user, $option) = @_; my $dbh = Bugzilla->dbh; + my $cgi = Bugzilla->cgi; $option = LOGOUT_ALL unless defined $option; if ($option == LOGOUT_ALL) { @@ -203,8 +204,17 @@ sub logout { return; } - # The LOGOUT_*_CURRENT options require a cookie - my $cookie = Bugzilla->cgi->cookie("Bugzilla_logincookie"); + # The LOGOUT_*_CURRENT options require the current login cookie. + # If a new cookie has been issued during this run, that's the current one. + # If not, it's the one we've received. + my $cookie; + foreach (@{$cgi->{'Bugzilla_cookie_list'}}) { + if ($_->name() eq 'Bugzilla_logincookie') { + $cookie = $_->value(); + last; + } + } + $cookie ||= $cgi->cookie("Bugzilla_logincookie"); detaint_natural($cookie); # These queries use both the cookie ID and the user ID as keys. Even |