"SELECT cryptpassword FROM profiles WHERE userid = ?",
undef, $user_id);
+ # Wide characters cause crypt to die
+ if (Bugzilla->params->{'utf8'}) {
+ utf8::encode($password) if utf8::is_utf8($password);
+ }
+
# Using the internal crypted password as the salt,
# crypt the password the user entered.
my $entered_password_crypted = crypt($password, $real_password_crypted);
$salt .= $saltchars[rand(64)];
}
+ # Wide characters cause crypt to die
+ if (Bugzilla->params->{'utf8'}) {
+ utf8::encode($password) if utf8::is_utf8($password);
+ }
+
# Crypt the password.
my $cryptedpassword = crypt($password, $salt);
undef, $user->id);
$oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password");
- if (crypt(scalar($cgi->param('Bugzilla_password')), $oldcryptedpwd) ne
- $oldcryptedpwd)
+ my $oldpassword = $cgi->param('Bugzilla_password');
+
+ # Wide characters cause crypt to die
+ if (Bugzilla->params->{'utf8'}) {
+ utf8::encode($oldpassword) if utf8::is_utf8($oldpassword);
+ }
+
+ if (crypt($oldpassword, $oldcryptedpwd) ne $oldcryptedpwd)
{
ThrowUserError("old_password_incorrect");
}
projects / thirdparty / bugzilla.git / commitdiff
