Bug 287741: changing password from 'password' to 'password' should not invalidate...

author lpsolit%gmail.com <>

Wed, 21 Dec 2005 06:25:57 +0000 (06:25 +0000)

committer lpsolit%gmail.com <>

Wed, 21 Dec 2005 06:25:57 +0000 (06:25 +0000)
author lpsolit%gmail.com <>
Wed, 21 Dec 2005 06:25:57 +0000 (06:25 +0000)
committer lpsolit%gmail.com <>
Wed, 21 Dec 2005 06:25:57 +0000 (06:25 +0000)
diff --git a/userprefs.cgi b/userprefs.cgi

index df2255ce42c31431798dfc093c97c86816f10efd..3dc68121ef074e9e5490eea8b1a23095ec2ee1a6 100755 (executable)
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -97,16 +97,18 @@ sub SaveAccount {
              $cgi->param('new_password1')
                || ThrowUserError("new_password_missing");
              ValidatePassword($pwd1, $pwd2);
-        
-            my $cryptedpassword = bz_crypt($pwd1);
-            trick_taint($cryptedpassword); # Only used in a placeholder
-            $dbh->do(q{UPDATE profiles
-                          SET cryptpassword = ?
-                        WHERE userid = ?},
-                     undef, ($cryptedpassword, $user->id));
-
-            # Invalidate all logins except for the current one
-            Bugzilla->logout(LOGOUT_KEEP_CURRENT);
+
+            if ($cgi->param('Bugzilla_password') ne $pwd1) {
+                my $cryptedpassword = bz_crypt($pwd1);
+                trick_taint($cryptedpassword); # Only used in a placeholder
+                $dbh->do(q{UPDATE profiles
+                              SET cryptpassword = ?
+                            WHERE userid = ?},
+                         undef, ($cryptedpassword, $user->id));
+
+                # Invalidate all logins except for the current one
+                Bugzilla->logout(LOGOUT_KEEP_CURRENT);
+            }
          }
      }
author	lpsolit%gmail.com <>
	Wed, 21 Dec 2005 06:25:57 +0000 (06:25 +0000)
committer	lpsolit%gmail.com <>
	Wed, 21 Dec 2005 06:25:57 +0000 (06:25 +0000)