From 7bdd1cbe564883cd12abee3657e671e97e85a8e5 Mon Sep 17 00:00:00 2001
From: "bugreport%peshkin.net" <>
Date: Wed, 21 Jul 2004 05:41:18 +0000
Subject: Bug 241900: Allow Bugzilla::Auth to have multiple login and
 validation styles patch by erik r=joel, kiko a=myk

---
 token.cgi | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'token.cgi')

diff --git a/token.cgi b/token.cgi
index 36508f0a5..03d0e8b03 100755
--- a/token.cgi
+++ b/token.cgi
@@ -95,12 +95,19 @@ if ($cgi->param('t')) {
   }
 }
 
+
 # If the user is requesting a password change, make sure they submitted
-# their login name and it exists in the database.
+# their login name and it exists in the database, and that the DB module is in
+# the list of allowed verification methids.
 if ( $::action eq 'reqpw' ) {
     defined $cgi->param('loginname')
       || ThrowUserError("login_needed_for_password_change");
 
+    # check verification methods
+    unless (Bugzilla::Auth->has_db) {
+        ThrowUserError("password_change_requests_not_allowed");
+    }
+
     # Make sure the login name looks like an email address.  This function
     # displays its own error and stops execution if the login name looks wrong.
     CheckEmailSyntax($cgi->param('loginname'));
-- 
cgit v1.2.3-24-g4f1b