diff options
| author | lpsolit%gmail.com <> | 2008-09-20 03:00:25 +0200 |
|---|---|---|
| committer | lpsolit%gmail.com <> | 2008-09-20 03:00:25 +0200 |
| commit | bea6f25db1bf8f4333b3bf72d73015c7cdb9a197 (patch) | |
| tree | 379228d8bbaea08dde2719bd1f44aa9f3db4e62b /token.cgi | |
| parent | 7499f716a31d86e87e62705bb479567f8df08d72 (diff) | |
| download | bugzilla-bea6f25db1bf8f4333b3bf72d73015c7cdb9a197.tar.gz bugzilla-bea6f25db1bf8f4333b3bf72d73015c7cdb9a197.tar.xz | |
Bug 455814: token.cgi should reject password change requests for disabled accounts - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit
Diffstat (limited to 'token.cgi')
| -rwxr-xr-x | token.cgi | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -111,6 +111,12 @@ if ( $action eq 'reqpw' ) { || ThrowUserError('illegal_email_address', {addr => $login_name}); $user_account = Bugzilla::User->check($login_name); + + # Make sure the user account is active. + if ($user_account->is_disabled) { + ThrowUserError('account_disabled', + {disabled_reason => get_text('account_disabled', {account => $login_name})}); + } } # If the user is changing their password, make sure they submitted a new |