Fixing minor problem caused by the original bug 77473 checkin where an SQL error…

Fixing minor problem caused by the original bug 77473 checkin where an SQL error was being produced if you tried to log in with an invalid username. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com

Fixing minor problem caused by the original bug 77473 checkin where an SQL error…
22936f2b · justdave%syndicomm.com · 02226521 · 22936f2b
Commit 22936f2b authored Jul 17, 2001 by justdave%syndicomm.com
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 0 deletions

CGI.pl CGI.pl +6 -0

No files found.
--- a/CGI.pl
+++ b/CGI.pl
@@ -727,6 +727,12 @@ sub confirm_login {
                 WHERE login_name = " . SqlQuote($enteredlogin));
        ($userid, $realcryptpwd) = FetchSQLData();

+        # Make sure the user exists or throw an error (but do not admit it was a username
+        # error to make it harder for a cracker to find account names by brute force).
+        $userid
+          || DisplayError("The username or password you entered is not valid.")
+          && exit;
+
        # If this is a new user, generate a password, insert a record
        # into the database, and email their password to them.
        if ( defined $::FORM{"PleaseMailAPassword"} && !$userid ) {