diff options
author | lpsolit%gmail.com <> | 2006-10-15 05:02:09 +0000 |
---|---|---|
committer | lpsolit%gmail.com <> | 2006-10-15 05:02:09 +0000 |
commit | 93815fc7619567cc962e053280c5ed0b19492feb (patch) | |
tree | ffc99d8156c41fbd0d5ab8801324adead2ef4436 /relogin.cgi | |
parent | Bug 346564: [SECURITY] timetracking deadline leaks in XML - Patch by Olav Vit... (diff) | |
download | bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.gz bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.tar.bz2 bugzilla-93815fc7619567cc962e053280c5ed0b19492feb.zip |
Bug 281181: [SECURITY] It's way too easy to delete versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
Diffstat (limited to 'relogin.cgi')
-rwxr-xr-x | relogin.cgi | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/relogin.cgi b/relogin.cgi index e47dbe003..5aa187490 100755 --- a/relogin.cgi +++ b/relogin.cgi @@ -60,7 +60,7 @@ if ($action eq 'prepare-sudo') { } # Keep a temporary record of the user visiting this page - $vars->{'token'} = Bugzilla::Token::IssueSessionToken('sudo_prepared'); + $vars->{'token'} = issue_session_token('sudo_prepared'); # Show the sudo page $vars->{'target_login_default'} = $cgi->param('target_login'); @@ -121,7 +121,7 @@ elsif ($action eq 'begin-sudo') { { target_login => scalar $cgi->param('target_login'), reason => scalar $cgi->param('reason')}); } - Bugzilla::Token::DeleteToken($cgi->param('token')); + delete_token($cgi->param('token')); # Get & verify the target user (the user who we will be impersonating) my $target_user = |