aboutsummaryrefslogtreecommitdiffstats
path: root/userprefs.cgi
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2005-08-13 19:35:12 +0000
committerlpsolit%gmail.com <>2005-08-13 19:35:12 +0000
commit9ab537a54529b0444df941fed04565bd1f1a32b2 (patch)
treefd5a027e2f78fa0b972b51ae1c39057932f81a50 /userprefs.cgi
parentdddc17ec8b38d7f90b7be7d9fd6ab9629077f3df (diff)
downloadbugs-9ab537a54529b0444df941fed04565bd1f1a32b2.tar
bugs-9ab537a54529b0444df941fed04565bd1f1a32b2.tar.gz
bugs-9ab537a54529b0444df941fed04565bd1f1a32b2.tar.bz2
bugs-9ab537a54529b0444df941fed04565bd1f1a32b2.tar.xz
bugs-9ab537a54529b0444df941fed04565bd1f1a32b2.zip
Bug 304044: Missing scalar() for some parameters - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave
Diffstat (limited to 'userprefs.cgi')
-rwxr-xr-xuserprefs.cgi3
1 files changed, 1 insertions, 2 deletions
diff --git a/userprefs.cgi b/userprefs.cgi
index 833f2bfa8..0a6ffe288 100755
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -76,12 +76,11 @@ sub SaveAccount {
if ($cgi->param('Bugzilla_password') ne "" ||
$pwd1 ne "" || $pwd2 ne "")
{
- my $old = SqlQuote($cgi->param('Bugzilla_password'));
SendSQL("SELECT cryptpassword FROM profiles WHERE userid = $userid");
my $oldcryptedpwd = FetchOneColumn();
$oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password");
- if (crypt($cgi->param('Bugzilla_password'), $oldcryptedpwd) ne
+ if (crypt(scalar($cgi->param('Bugzilla_password')), $oldcryptedpwd) ne
$oldcryptedpwd)
{
ThrowUserError("old_password_incorrect");