diff options
author | bbaetz%student.usyd.edu.au <> | 2002-02-04 20:23:04 +0000 |
---|---|---|
committer | bbaetz%student.usyd.edu.au <> | 2002-02-04 20:23:04 +0000 |
commit | 788e94b41f8124a05c6f25bf3084fcdaa36f4d63 (patch) | |
tree | e7313868133ce351cc5719c3da5da944ee2a6515 /CGI.pl | |
parent | 7398c1d65281cf04584652f3b854dc5e9d471175 (diff) | |
download | bugs-788e94b41f8124a05c6f25bf3084fcdaa36f4d63.tar bugs-788e94b41f8124a05c6f25bf3084fcdaa36f4d63.tar.gz bugs-788e94b41f8124a05c6f25bf3084fcdaa36f4d63.tar.bz2 bugs-788e94b41f8124a05c6f25bf3084fcdaa36f4d63.tar.xz bugs-788e94b41f8124a05c6f25bf3084fcdaa36f4d63.zip |
Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies from
the db when required instead.
(Also fixes bug 58242 as a side effect)
r=myk, kiko
Diffstat (limited to 'CGI.pl')
-rw-r--r-- | CGI.pl | 5 |
1 files changed, 2 insertions, 3 deletions
@@ -689,8 +689,7 @@ sub quietly_check_login() { "profiles.login_name, " . "profiles.login_name = " . SqlQuote($::COOKIE{"Bugzilla_login"}) . - " AND profiles.cryptpassword = logincookies.cryptpassword " . - "AND logincookies.hostname = " . + " AND logincookies.hostname = " . SqlQuote($ENV{"REMOTE_HOST"}) . ", profiles.disabledtext " . " FROM profiles, logincookies WHERE logincookies.cookie = " . @@ -979,7 +978,7 @@ sub confirm_login { if (!defined $ENV{'REMOTE_HOST'}) { $ENV{'REMOTE_HOST'} = $ENV{'REMOTE_ADDR'}; } - SendSQL("insert into logincookies (userid,cryptpassword,hostname) values (@{[DBNameToIdAndCheck($enteredlogin)]}, @{[SqlQuote($realcryptpwd)]}, @{[SqlQuote($ENV{'REMOTE_HOST'})]})"); + SendSQL("insert into logincookies (userid,hostname) values (@{[DBNameToIdAndCheck($enteredlogin)]}, @{[SqlQuote($ENV{'REMOTE_HOST'})]})"); SendSQL("select LAST_INSERT_ID()"); my $logincookie = FetchOneColumn(); |