e24c04e22a
Fix for bug 108982: enable taint mode for all user-facing CGI files.
...
Patch by Brad Baetz <bbaetz@student.usyd.edu.au>
r= jake, justdave
2002-01-20 01:44:52 +00:00
66cd4cbf7f
Fix for bug 19910: Bugzilla installs on the same server would interfere with each others' cookies. Cookies now have a path value that can be set to indicate which bugzilla install they belong to. Browsers will only send the cookie to the appropriate installation. The path can be set in the 'cookiepath' parameter in editparams.cgi.
...
Patch by Dave Lawrence <dkl@redhat.com>
r= myk, justdave
2001-10-13 00:40:41 +00:00
61845a9e58
Fix for bug 55630 - email-suffix is not shown in createaccount-page
...
Patch by kai morich <mail@kai-morich.de>
r= matty@chariot.net.au
2001-10-05 19:38:26 +00:00
b1ef6bb6e8
Fix for bug 93388: Full name should be trimmed of whitespace before going
...
into database.
r1=Zach Lipton <zach@zachlipton.com> r2=Andreas Franke
<afranke@ags.uni-sb.de>. Patch by Christopher Aillon
<caillon@returnzero.com>.
2001-09-23 17:20:50 +00:00
6b3b75de75
Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password.
...
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com , jake@acutex.net
2001-07-11 05:29:21 +00:00
4d3e4473b0
refix for 40603: Assumes user is coming from different page
...
reduce wording
2001-03-09 21:41:27 +00:00
5f18a20d2d
fixes for 51184, 51185, 51186: allow for ldap authentication. patches
...
by jmrobins@tgix.com (Joe Robins). LDAP sections haven't been
tested yet, but the code is arranged such that it shouldn't disturb
existing user authentication system.
2000-09-15 18:35:18 +00:00
4dd018a6bb
fix for 40603: Assumes user is coming from different page
...
patch by zach@zachlipton.com
2000-08-30 22:42:44 +00:00
4b4280722d
Fixing bug #17779 with patch from cdurst@world.std.com
2000-06-15 05:07:13 +00:00
f5e622daa8
Patch by Ramon Felciano <felciano@ingenuity.com>, with many tweaks by
...
me. Added a footer to every page. Add some options to do things like
display checkboxes instead of scrolling lists, and a new formatting
for email diffs, and show list items capitalized instead of all upper
case.
2000-01-14 22:35:49 +00:00
2db9bdbbbe
updated license boilerplate
1999-11-01 23:33:56 +00:00
7739b60824
Patch by holger@holger.om.org (Holger Schurig) -- was displaying header twice in some cases.
1999-09-27 22:22:24 +00:00
54026d1e4e
Patch by Chris Baldwin <chris.baldwin@siara.com> -- allow optional
...
entry of the user's realname. Note that nothing actually makes use of
this info at present.
1999-08-19 00:06:01 +00:00
e554277ef1
Oops. Accounts created via the "createaccount.cgi" page were not
...
getting their password emailed to them.
1999-05-07 22:07:21 +00:00
c8ea70e26a
Added stuff to make it more obvious how to create an account.
1999-03-27 02:28:51 +00:00
justdave%syndicomm.com
jake%acutex.net
zach%zachlipton.com
cyeh%bluemartini.com
tara%tequilarista.org
terry%mozilla.org
dmose%mozilla.org
terry%netscape.com