From 940ea75ae91db0d1b3d8c99ae7fe365e2cf0b386 Mon Sep 17 00:00:00 2001
From: Dave Lawrence <dlawrence@mozilla.com>
Date: Wed, 16 Oct 2013 12:25:10 -0400
Subject: [PATCH] Bug 906745 - In MySQL, tokens are not case-sensitive,
 reducing total entropy and allowing easier brute force r=LpSolit,a=sgreen

---
 token.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/token.cgi b/token.cgi
index 9e051bb399..65b0df8bf3 100755
--- a/token.cgi
+++ b/token.cgi
@@ -69,7 +69,7 @@ if ($token) {
   # Make sure the token exists in the database.
   my ($db_token, $tokentype) = $dbh->selectrow_array('SELECT token, tokentype FROM tokens
                                                        WHERE token = ?', undef, $token);
-  (defined $db_token && $db_token eq $token && $tokentype)
+  (defined $db_token && $db_token eq $token)
     || ThrowUserError("token_does_not_exist");
 
   # Make sure the token is the correct type for the action being taken.
-- 
2.47.3