35dfb8f0be525d29e840adfabba3684ac74919e3
chinhli
  Tue Jun 26 12:43:53 2012 -0700
Bug #8341 Do not send user name to non-exist email address.
diff --git src/hg/hgLogin/hgLogin.c src/hg/hgLogin/hgLogin.c
index 066f88a..9ea82e3 100644
--- src/hg/hgLogin/hgLogin.c
+++ src/hg/hgLogin/hgLogin.c
@@ -1008,30 +1008,40 @@
         {
         freez(&errMsg);
         errMsg = cloneString("Email address cannot be blank.");
         displayAccHelpPage(conn);
         return;
         }
     else if (spc_email_isvalid(email) == 0)
         {
         freez(&errMsg);
         errMsg = cloneString("Invalid email address format.");
         displayAccHelpPage(conn);
         return;
         }
     else 
         {
+        safef(query,sizeof(query),
+            "select password from gbMembers where email='%s'", email);
+        char *password = sqlQuickString(conn, query);
+        if (!password)
+            {
+            freez(&errMsg);
+            errMsg = cloneString("Email address not found.");
+            displayAccHelpPage(conn);
+            return;
+            }
         sendUsername(conn, email);
         return;
         }
     }
 /* Forgot password */
 if (sameString(helpWith,"password"))
     {
     /* validate username first */
     if (sameString(username,""))
         {
         freez(&errMsg);
         errMsg = cloneString("Username cannot be blank.");
         displayAccHelpPage(conn);
         return;
         }