From 16b3aa28d839fa105a6690d40b5b7a05b88ec8fc Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Tue, 22 Nov 2005 03:35:02 +0000
Subject: Bug 279716: Users have to relogin when changing their own password -
 Patch by Marc Schumann <wurblzap@gmail.com> r=wicked a=justdave

---
 Bugzilla/Auth/Login/WWW/CGI.pm | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'Bugzilla')

diff --git a/Bugzilla/Auth/Login/WWW/CGI.pm b/Bugzilla/Auth/Login/WWW/CGI.pm
index 00d5e382a..22b2bf1fb 100644
--- a/Bugzilla/Auth/Login/WWW/CGI.pm
+++ b/Bugzilla/Auth/Login/WWW/CGI.pm
@@ -195,6 +195,7 @@ sub can_logout { return 1; }
 sub logout {
     my ($class, $user, $option) = @_;
     my $dbh = Bugzilla->dbh;
+    my $cgi = Bugzilla->cgi;
     $option = LOGOUT_ALL unless defined $option;
 
     if ($option == LOGOUT_ALL) {
@@ -203,8 +204,17 @@ sub logout {
             return;
     }
 
-    # The LOGOUT_*_CURRENT options require a cookie 
-    my $cookie = Bugzilla->cgi->cookie("Bugzilla_logincookie");
+    # The LOGOUT_*_CURRENT options require the current login cookie.
+    # If a new cookie has been issued during this run, that's the current one.
+    # If not, it's the one we've received.
+    my $cookie;
+    foreach (@{$cgi->{'Bugzilla_cookie_list'}}) {
+        if ($_->name() eq 'Bugzilla_logincookie') {
+            $cookie = $_->value();
+            last;
+        }
+    }
+    $cookie ||= $cgi->cookie("Bugzilla_logincookie");
     detaint_natural($cookie);
 
     # These queries use both the cookie ID and the user ID as keys. Even
-- 
cgit v1.2.3-24-g4f1b