aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2008-09-20 01:00:25 +0000
committerlpsolit%gmail.com <>2008-09-20 01:00:25 +0000
commitbea6f25db1bf8f4333b3bf72d73015c7cdb9a197 (patch)
tree379228d8bbaea08dde2719bd1f44aa9f3db4e62b /token.cgi
parentBug 455815: Remove global variables from token.cgi - Patch by Frédéric ... (diff)
downloadbugzilla-bea6f25db1bf8f4333b3bf72d73015c7cdb9a197.tar.gz
bugzilla-bea6f25db1bf8f4333b3bf72d73015c7cdb9a197.tar.bz2
bugzilla-bea6f25db1bf8f4333b3bf72d73015c7cdb9a197.zip
Bug 455814: token.cgi should reject password change requests for disabled accounts - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit
Diffstat (limited to 'token.cgi')
-rwxr-xr-xtoken.cgi6
1 files changed, 6 insertions, 0 deletions
diff --git a/token.cgi b/token.cgi
index bbbbe01c6..34a017376 100755
--- a/token.cgi
+++ b/token.cgi
@@ -111,6 +111,12 @@ if ( $action eq 'reqpw' ) {
|| ThrowUserError('illegal_email_address', {addr => $login_name});
$user_account = Bugzilla::User->check($login_name);
+
+ # Make sure the user account is active.
+ if ($user_account->is_disabled) {
+ ThrowUserError('account_disabled',
+ {disabled_reason => get_text('account_disabled', {account => $login_name})});
+ }
}
# If the user is changing their password, make sure they submitted a new