diff options
author | lpsolit%gmail.com <> | 2005-08-13 19:35:12 +0000 |
---|---|---|
committer | lpsolit%gmail.com <> | 2005-08-13 19:35:12 +0000 |
commit | 9ab537a54529b0444df941fed04565bd1f1a32b2 (patch) | |
tree | fd5a027e2f78fa0b972b51ae1c39057932f81a50 /userprefs.cgi | |
parent | dddc17ec8b38d7f90b7be7d9fd6ab9629077f3df (diff) | |
download | bugs-9ab537a54529b0444df941fed04565bd1f1a32b2.tar bugs-9ab537a54529b0444df941fed04565bd1f1a32b2.tar.gz bugs-9ab537a54529b0444df941fed04565bd1f1a32b2.tar.bz2 bugs-9ab537a54529b0444df941fed04565bd1f1a32b2.tar.xz bugs-9ab537a54529b0444df941fed04565bd1f1a32b2.zip |
Bug 304044: Missing scalar() for some parameters - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave
Diffstat (limited to 'userprefs.cgi')
-rwxr-xr-x | userprefs.cgi | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/userprefs.cgi b/userprefs.cgi index 833f2bfa8..0a6ffe288 100755 --- a/userprefs.cgi +++ b/userprefs.cgi @@ -76,12 +76,11 @@ sub SaveAccount { if ($cgi->param('Bugzilla_password') ne "" || $pwd1 ne "" || $pwd2 ne "") { - my $old = SqlQuote($cgi->param('Bugzilla_password')); SendSQL("SELECT cryptpassword FROM profiles WHERE userid = $userid"); my $oldcryptedpwd = FetchOneColumn(); $oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password"); - if (crypt($cgi->param('Bugzilla_password'), $oldcryptedpwd) ne + if (crypt(scalar($cgi->param('Bugzilla_password')), $oldcryptedpwd) ne $oldcryptedpwd) { ThrowUserError("old_password_incorrect"); |