diff options
Diffstat (limited to 'Bugzilla.pm')
| -rw-r--r-- | Bugzilla.pm | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/Bugzilla.pm b/Bugzilla.pm index d3b1a5970..99e5c3add 100644 --- a/Bugzilla.pm +++ b/Bugzilla.pm @@ -54,7 +54,7 @@ use constant SHUTDOWNHTML_EXEMPT => [ ##################################################################### # If Bugzilla is shut down, do not allow anything to run, just display a -# message to the user about the downtime. Scripts listed in +# message to the user about the downtime and log out. Scripts listed in # SHUTDOWNHTML_EXEMPT are exempt from this message. # # This code must go here. It cannot go anywhere in Bugzilla::CGI, because @@ -62,9 +62,16 @@ use constant SHUTDOWNHTML_EXEMPT => [ if (Param("shutdownhtml") && lsearch(SHUTDOWNHTML_EXEMPT, basename($0)) == -1) { + # For security reasons, log out users when Bugzilla is down. + # Bugzilla->login() is required to catch the logincookie, if any. + my $user = Bugzilla->login(LOGIN_OPTIONAL); + my $userid = $user->id; + Bugzilla->logout(); + my $template = Bugzilla->template; my $vars = {}; $vars->{'message'} = 'shutdown'; + $vars->{'userid'} = $userid; # Generate and return a message about the downtime, appropriately # for if we're a command-line script or a CGI sript. my $extension; |