summaryrefslogtreecommitdiffstats
path: root/token.cgi
diff options
context:
space:
mode:
authorbbaetz%acm.org <>2003-06-03 18:47:37 +0200
committerbbaetz%acm.org <>2003-06-03 18:47:37 +0200
commit1d057f02b277d29ad4d232d598c49b0344798b40 (patch)
tree5dd73500b1cf10b51875179f7559c8ec97f0b5be /token.cgi
parent3a843833f4ab5d07f10e199daa7ec317e03b9959 (diff)
downloadbugzilla-1d057f02b277d29ad4d232d598c49b0344798b40.tar.gz
bugzilla-1d057f02b277d29ad4d232d598c49b0344798b40.tar.xz
Bug 180635 - Enhance Bugzilla::User to store additional information
r=myk,jake
Diffstat (limited to 'token.cgi')
-rwxr-xr-xtoken.cgi18
1 files changed, 16 insertions, 2 deletions
diff --git a/token.cgi b/token.cgi
index 7f7299a57..25f68b70e 100755
--- a/token.cgi
+++ b/token.cgi
@@ -44,6 +44,8 @@ quietly_check_login('permit_anonymous');
# token-related tasks.
use Token;
+use Bugzilla::User;
+
################################################################################
# Data Validation / Security Authorization
################################################################################
@@ -248,7 +250,10 @@ sub changeEmail {
SendSQL("DELETE FROM tokens WHERE userid = $userid
AND tokentype = 'emailnew'");
SendSQL("UNLOCK TABLES");
- DeriveGroup($userid);
+
+ # The email address has been changed, so we need to rederive the groups
+ my $user = new Bugzilla::User($userid);
+ $user->derive_groups;
# Return HTTP response headers.
print Bugzilla->cgi->header();
@@ -283,7 +288,16 @@ sub cancelChangeEmail {
SET login_name = $quotedoldemail
WHERE userid = $userid");
SendSQL("UNLOCK TABLES");
- DeriveGroup($userid);
+
+ # email has changed, so rederive groups
+ # Note that this is done _after_ the tables are unlocked
+ # This is sort of a race condition (given the lack of transactions)
+ # but the user had access to it just now, so it's not a security
+ # issue
+
+ my $user = new Bugzilla::User($userid);
+ $user->derive_groups;
+
$vars->{'message'} = "email_change_cancelled_reinstated";
}
}