From 788e94b41f8124a05c6f25bf3084fcdaa36f4d63 Mon Sep 17 00:00:00 2001
From: "bbaetz%student.usyd.edu.au" <>
Date: Mon, 4 Feb 2002 20:23:04 +0000
Subject: Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies
 from the db when required instead. (Also fixes bug 58242 as a side effect)

r=myk, kiko
---
 userprefs.cgi | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'userprefs.cgi')

diff --git a/userprefs.cgi b/userprefs.cgi
index 531d57c0e..eb823326a 100755
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -171,6 +171,8 @@ sub SaveAccount {
         SendSQL("UPDATE  profiles 
                  SET     cryptpassword = $cryptedpassword 
                  WHERE   userid = $userid");
+        # Invalidate all logins except for the current one
+        InvalidateLogins($userid, $::COOKIE{"Bugzilla_logincookie"});
     }
     SendSQL("UPDATE profiles SET " .
             "realname = " . SqlQuote(trim($::FORM{'realname'})) .
-- 
cgit v1.2.3-24-g4f1b