diff options
Diffstat (limited to 'Bugzilla/Auth.pm')
-rw-r--r-- | Bugzilla/Auth.pm | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/Bugzilla/Auth.pm b/Bugzilla/Auth.pm index 74678afa8..8e18f8699 100644 --- a/Bugzilla/Auth.pm +++ b/Bugzilla/Auth.pm @@ -151,23 +151,17 @@ sub _handle_login_result { ThrowCodeError($result->{error}, $result->{details}); } elsif ($fail_code == AUTH_NODATA) { - if ($login_type == LOGIN_REQUIRED) { - # This seems like as good as time as any to get rid of - # old crufty junk in the logincookies table. Get rid - # of any entry that hasn't been used in a month. - $dbh->do("DELETE FROM logincookies WHERE " . - $dbh->sql_to_days('NOW()') . " - " . - $dbh->sql_to_days('lastused') . " > 30"); - $self->{_info_getter}->fail_nodata($self); - } - # Otherwise, we just return the "default" user. + $self->{_info_getter}->fail_nodata($self) + if $login_type == LOGIN_REQUIRED; + + # If we're not LOGIN_REQUIRED, we just return the default user. $user = Bugzilla->user; } # The username/password may be wrong # Don't let the user know whether the username exists or whether # the password was just wrong. (This makes it harder for a cracker # to find account names by brute force) - elsif (($fail_code == AUTH_LOGINFAILED) || ($fail_code == AUTH_NO_SUCH_USER)) { + elsif ($fail_code == AUTH_LOGINFAILED or $fail_code == AUTH_NO_SUCH_USER) { ThrowUserError("invalid_username_or_password"); } # The account may be disabled |