2 files changed, 7 insertions, 8 deletions

diff --git a/Bugzilla/Auth/Login/CGI.pm b/Bugzilla/Auth/Login/CGI.pm
index a93bc3d3a..407582af4 100644
--- a/Bugzilla/Auth/Login/CGI.pm
+++ b/Bugzilla/Auth/Login/CGI.pm
@@ -40,12 +40,10 @@ use Bugzilla::Error;
 
 sub get_login_info {
     my ($self) = @_;
-    my $cgi = Bugzilla->cgi;
-
-    my $username = trim($cgi->param("Bugzilla_login"));
-    my $password = $cgi->param("Bugzilla_password");
+    my $params = Bugzilla->input_params;
 
-    $cgi->delete('Bugzilla_login', 'Bugzilla_password');
+    my $username = trim(delete $params->{"Bugzilla_login"});
+    my $password = delete $params->{"Bugzilla_password"};
 
     if (!defined $username || !defined $password) {
         return { failure => AUTH_NODATA };
diff --git a/Bugzilla/Auth/Persist/Cookie.pm b/Bugzilla/Auth/Persist/Cookie.pm
index 4458e31b5..1e1b3a871 100644
--- a/Bugzilla/Auth/Persist/Cookie.pm
+++ b/Bugzilla/Auth/Persist/Cookie.pm
@@ -48,9 +48,10 @@ sub persist_login {
     my ($self, $user) = @_;
     my $dbh = Bugzilla->dbh;
     my $cgi = Bugzilla->cgi;
+    my $input_params = Bugzilla->input_params;
 
     my $ip_addr;
-    if ($cgi->param('Bugzilla_restrictlogin')) {
+    if ($input_params->{'Bugzilla_restrictlogin'}) {
         $ip_addr = $cgi->remote_addr;
         # The IP address is valid, at least for comparing with itself in a
         # subsequent login
@@ -80,8 +81,8 @@ sub persist_login {
     # or admin didn't forbid it and user told to remember.
     if ( Bugzilla->params->{'rememberlogin'} eq 'on' ||
          (Bugzilla->params->{'rememberlogin'} ne 'off' &&
-          $cgi->param('Bugzilla_remember') &&
-          $cgi->param('Bugzilla_remember') eq 'on') ) 
+          $input_params->{'Bugzilla_remember'} &&
+          $input_params->{'Bugzilla_remember'} eq 'on') ) 
     {
         # Not a session cookie, so set an infinite expiry
         $cookieargs{'-expires'} = 'Fri, 01-Jan-2038 00:00:00 GMT';