summaryrefslogtreecommitdiffstats
path: root/CGI.pl
diff options
context:
space:
mode:
authorbbaetz%student.usyd.edu.au <>2002-02-04 21:23:04 +0100
committerbbaetz%student.usyd.edu.au <>2002-02-04 21:23:04 +0100
commit788e94b41f8124a05c6f25bf3084fcdaa36f4d63 (patch)
treee7313868133ce351cc5719c3da5da944ee2a6515 /CGI.pl
parent7398c1d65281cf04584652f3b854dc5e9d471175 (diff)
downloadbugzilla-788e94b41f8124a05c6f25bf3084fcdaa36f4d63.tar.gz
bugzilla-788e94b41f8124a05c6f25bf3084fcdaa36f4d63.tar.xz
Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies from
the db when required instead. (Also fixes bug 58242 as a side effect) r=myk, kiko
Diffstat (limited to 'CGI.pl')
-rw-r--r--CGI.pl5
1 files changed, 2 insertions, 3 deletions
diff --git a/CGI.pl b/CGI.pl
index f99013e25..d1a274680 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -689,8 +689,7 @@ sub quietly_check_login() {
"profiles.login_name, " .
"profiles.login_name = " .
SqlQuote($::COOKIE{"Bugzilla_login"}) .
- " AND profiles.cryptpassword = logincookies.cryptpassword " .
- "AND logincookies.hostname = " .
+ " AND logincookies.hostname = " .
SqlQuote($ENV{"REMOTE_HOST"}) .
", profiles.disabledtext " .
" FROM profiles, logincookies WHERE logincookies.cookie = " .
@@ -979,7 +978,7 @@ sub confirm_login {
if (!defined $ENV{'REMOTE_HOST'}) {
$ENV{'REMOTE_HOST'} = $ENV{'REMOTE_ADDR'};
}
- SendSQL("insert into logincookies (userid,cryptpassword,hostname) values (@{[DBNameToIdAndCheck($enteredlogin)]}, @{[SqlQuote($realcryptpwd)]}, @{[SqlQuote($ENV{'REMOTE_HOST'})]})");
+ SendSQL("insert into logincookies (userid,hostname) values (@{[DBNameToIdAndCheck($enteredlogin)]}, @{[SqlQuote($ENV{'REMOTE_HOST'})]})");
SendSQL("select LAST_INSERT_ID()");
my $logincookie = FetchOneColumn();
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-04-28 14:19:53 +0200