diff options
| author | Dave Lawrence <dlawrence@mozilla.com> | 2011-12-15 00:18:12 +0100 |
|---|---|---|
| committer | Dave Lawrence <dlawrence@mozilla.com> | 2011-12-15 00:18:12 +0100 |
| commit | 15e4810e7986b3b631320da6f20925888b7c923c (patch) | |
| tree | ab65c7e9dfdc09fe53a727b75bf1b74ffd975212 /createaccount.cgi | |
| parent | 6b9320eab2e848a2b2ac2f454af939f467f3d738 (diff) | |
| parent | a6aa75fc6f96527f01e8b4f0da414d9fa8ad8ce1 (diff) | |
| download | bugzilla-15e4810e7986b3b631320da6f20925888b7c923c.tar.gz bugzilla-15e4810e7986b3b631320da6f20925888b7c923c.tar.xz | |
merged with bugzilla/4.2
Diffstat (limited to 'createaccount.cgi')
| -rwxr-xr-x | createaccount.cgi | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/createaccount.cgi b/createaccount.cgi index db0727add..2348d4e91 100755 --- a/createaccount.cgi +++ b/createaccount.cgi @@ -62,6 +62,11 @@ unless ($createexp) { my $login = $cgi->param('login'); if (defined($login)) { + # Check the hash token to make sure this user actually submitted + # the create account form. + my $token = $cgi->param('token'); + check_hash_token($token, ['create_account']); + $login = Bugzilla::User->check_login_name_for_creation($login); $vars->{'login'} = $login; |