Skip to content

bugzilla
bugzilla
Commit 38b44914 authored by lpsolit%gmail.com's avatar lpsolit%gmail.com
Browse files
Options

Bug 344106: Error upgrading Bugzilla to version 2.23.2+ with perl 5.8.0 - Patch…

Bug 344106: Error upgrading Bugzilla to version 2.23.2+ with perl 5.8.0 - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=myk
parent 8b6eecc5
Hide whitespace changes
Inline Side-by-side
Showing with 34 additions and 45 deletions
Bugzilla/Auth.pm
View file @ 38b44914
...@@ -36,8 +36,6 @@ use Bugzilla::Auth::Login::Stack; ...@@ -36,8 +36,6 @@ use Bugzilla::Auth::Login::Stack;
use Bugzilla::Auth::Verify::Stack; use Bugzilla::Auth::Verify::Stack;
use Bugzilla::Auth::Persist::Cookie; use Bugzilla::Auth::Persist::Cookie;
use Switch;
sub new { sub new {
my ($class, $params) = @_; my ($class, $params) = @_;
my $self = fields::new($class); my $self = fields::new($class);
...@@ -149,50 +147,41 @@ sub _handle_login_result { ...@@ -149,50 +147,41 @@ sub _handle_login_result {
$self->{_persister}->persist_login($user); $self->{_persister}->persist_login($user);
} }
} }
else { elsif ($fail_code == AUTH_ERROR) {
switch ($fail_code) { ThrowCodeError($result->{error}, $result->{details});
case AUTH_ERROR { }
ThrowCodeError($result->{error}, $result->{details}); elsif ($fail_code == AUTH_NODATA) {
} if ($login_type == LOGIN_REQUIRED) {
case AUTH_NODATA { # This seems like as good as time as any to get rid of
if ($login_type == LOGIN_REQUIRED) { # old crufty junk in the logincookies table. Get rid
# This seems like as good as time as any to get rid of # of any entry that hasn't been used in a month.
# old crufty junk in the logincookies table. Get rid $dbh->do("DELETE FROM logincookies WHERE " .
# of any entry that hasn't been used in a month. $dbh->sql_to_days('NOW()') . " - " .
$dbh->do("DELETE FROM logincookies WHERE " . $dbh->sql_to_days('lastused') . " > 30");
$dbh->sql_to_days('NOW()') . " - " . $self->{_info_getter}->fail_nodata($self);
$dbh->sql_to_days('lastused') . " > 30");
$self->{_info_getter}->fail_nodata($self);
}
# Otherwise, we just return the "default" user.
$user = Bugzilla->user;
}
# The username/password may be wrong
# Don't let the user know whether the username exists or whether
# the password was just wrong. (This makes it harder for a cracker
# to find account names by brute force)
case [AUTH_LOGINFAILED, AUTH_NO_SUCH_USER] {
ThrowUserError("invalid_username_or_password");
}
# The account may be disabled
case AUTH_DISABLED {
$self->{_persister}->logout();
# XXX This is NOT a good way to do this, architecturally.
$self->{_persister}->clear_browser_cookies();
# and throw a user error
ThrowUserError("account_disabled",
{'disabled_reason' => $result->{user}->disabledtext});
}
# If we get here, then we've run out of options, which
# shouldn't happen.
else {
ThrowCodeError("authres_unhandled",
{ value => $fail_code });
}
} }
# Otherwise, we just return the "default" user.
$user = Bugzilla->user;
}
# The username/password may be wrong
# Don't let the user know whether the username exists or whether
# the password was just wrong. (This makes it harder for a cracker
# to find account names by brute force)
elsif (($fail_code == AUTH_LOGINFAILED) || ($fail_code == AUTH_NO_SUCH_USER)) {
ThrowUserError("invalid_username_or_password");
}
# The account may be disabled
elsif ($fail_code == AUTH_DISABLED) {
$self->{_persister}->logout();
# XXX This is NOT a good way to do this, architecturally.
$self->{_persister}->clear_browser_cookies();
# and throw a user error
ThrowUserError("account_disabled",
{'disabled_reason' => $result->{user}->disabledtext});
}
# If we get here, then we've run out of options, which shouldn't happen.
else {
ThrowCodeError("authres_unhandled", { value => $fail_code });
} }
return $user; return $user;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment