Bug 1061247 - Successfully using a password change token should invalidate all…

Bug 1061247 - Successfully using a password change token should invalidate all other password change tokens for that user r=gerv a=glob

Bug 1061247 - Successfully using a password change token should invalidate all…
8222ed65 · Reed Loden · f5a7c7d2 · 8222ed65
Commit 8222ed65 authored Sep 30, 2014 by Reed Loden
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

token.cgi token.cgi +2 -0

No files found.
--- a/token.cgi
+++ b/token.cgi
@@ -180,6 +180,8 @@ sub changePassword {
    $user->set_password($password);
    $user->update();
    delete_token($token);
+    $dbh->do(q{DELETE FROM tokens WHERE userid = ?
+               AND tokentype = 'password'}, undef, $user_id);

    Bugzilla->logout_user_by_id($user_id);