diff options
author | justdave%syndicomm.com <> | 2001-08-16 15:52:55 +0200 |
---|---|---|
committer | justdave%syndicomm.com <> | 2001-08-16 15:52:55 +0200 |
commit | 9700dfd057fe8267b4359d5497b56f0c2c8aa6bb (patch) | |
tree | 2c240394bb5aa2901a693a660c754f7a351cce96 /Token.pm | |
parent | 0bfa7b2752e0f78477fa6ea64b0f6e8eddb4d87c (diff) | |
download | bugzilla-9700dfd057fe8267b4359d5497b56f0c2c8aa6bb.tar.gz bugzilla-9700dfd057fe8267b4359d5497b56f0c2c8aa6bb.tar.xz |
Fix for bug 95535: the token generator for password resets is allowing the & character to be used for tokens, but wasn't escaping them for the URL it emailed to users to use to get in to reset their password.
Patch by Dave Miller <justdave@syndicomm.com>
r= myk@mozilla.org
Diffstat (limited to 'Token.pm')
-rw-r--r-- | Token.pm | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -100,6 +100,7 @@ sub MailPasswordToken { my $urlbase = &::Param("urlbase"); my $emailsuffix = &::Param('emailsuffix'); + $token = &::url_quote($token); open SENDMAIL, "|/usr/lib/sendmail -t"; |