4687c51498
Bug 129466 - use IP addr (not hostname) in logincookies table
...
r=gerv, justdave
2002-03-16 06:03:09 +00:00
b488beb502
Fix for bug 103778: Rewrites and templatizes buglist.cgi.
...
Patch by Myk Melez <myk@mozilla.org>.
r=bbaetz,gerv
2002-03-12 13:55:07 +00:00
7395f6773d
Fix for bug 72184: prevents users from entering too-large comments/descriptions that get rejected by MySQL's MAX_PACKET_SIZE restrictions.
...
Patch by Myk Melez <myk@mozilla.org>.
r=bbaetz,gerv
2002-03-11 07:33:03 +00:00
065a93f81a
Fix for bug 125516: the recent fix for emails truncating when a period occurred on a line by itself broke Exim because it
...
needs the -t and -i as separate parameters instead of stacked (the original patch had -ti)
Patch by Tobias Burnus <burnus@gmx.de>
r= justdave, gerv
2002-02-17 08:22:31 +00:00
a4a033f5d4
Fix for bug 117055: Emails were being truncated if they contained a line with nothing but a period on them. We now pass -i to
...
sendmail and its clones to tell it to ignore periods (since we close the pipe when we're done, rather than signalling it with
a period). Has been tested with sendmail and postfix.
Patch by Dave Miller <justdave@syndicomm.com>
r= afranke, bugzilla@bkor.dhs.org , jake
2002-02-06 02:47:00 +00:00
0c682418d4
Bug 119715 - strictvaluechecks should always be enabled
...
r=justdave, gerv
2002-02-05 00:20:09 +00:00
12965a910a
Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies from
...
the db when required instead.
(Also fixes bug 58242 as a side effect)
r=myk, kiko
2002-02-04 12:23:05 +00:00
b6fa253e93
Fix for bug 121747: Stops every script before it does anything else if Bugzilla is currently shut down. Also adds global template
...
instantiation code to globals.pl.
Patch by Myk Melez <myk@mozilla.org>.
r=gerv,kiko
2002-02-03 09:28:48 +00:00
aba1aab698
Fix for bug 104521: Removes old attachment interface in favor of new attachment tracker.
...
Patch by Myk Melez <myk@mozilla.org>.
r=bbaetz,kiko
2002-01-30 14:14:12 +00:00
160d8f886b
Bug 117509 - createaccount.cgi templatisation.
2002-01-29 23:26:37 +00:00
12167e816a
Bug 120543 - Software error when entering a bug when not logged in & only
...
one product.
r=caillon,jake
2002-01-22 22:23:21 +00:00
e24c04e22a
Fix for bug 108982: enable taint mode for all user-facing CGI files.
...
Patch by Brad Baetz <bbaetz@student.usyd.edu.au>
r= jake, justdave
2002-01-20 01:44:52 +00:00
4ea66d33f2
SECURITY FIX bug 54901: If you were using LDAP authentication it would let you log in as anyone if you left the password
...
blank.
Patch by David Crowe <crow@waveset.com>
r= jmrobins, justdave
2001-12-09 15:56:23 +00:00
c7e781a010
Bug 108312 - The mid-air collision page was only showing the most recent changes if two people comitted changes to a bug while you were viewing it.
...
r=louie, myk
2001-11-27 15:04:52 +00:00
37c09d1017
Bug 98707. Query.cgi rewrite. Patch by me, layout by mpt and others, r=justdave, mattyt. Wahey!
2001-11-18 22:23:31 +00:00
677692909a
Moving a comment to the right place, in order to be able to make a comment about my previous check in that accidentally got checked in without a comment, and hence didn't show up on Tinderbox I think.
...
It was a change to CGI.pl, a fix for bug 105812: Rename "Components" link in sub GetCommandMenu() to "Products".
The patch was by James A Laska <jlaska@us.ibm.com>.
2001-11-18 03:54:54 +00:00
fb8ca6d4cd
*** empty log message ***
2001-11-18 03:22:50 +00:00
5c76deb7fa
Fix test bustage by removing tabs.
2001-10-31 00:21:28 +00:00
4ea5f75411
Fix for bug 98602: re-implementation of "create attachment" page.
...
Patch by Myk Melez <myk@mozilla.org>.
r=gerv@mozilla.org ,jake@acutex.net
2001-10-30 23:42:22 +00:00
99fb9b92c7
Bug 105879 - Footer links have an extra | by Sanity Check
...
Patch by Matthew Tuck <matty@chariot.net.au>
r= dkl@redhat.com , jake@acutex.net
2001-10-26 18:49:33 +00:00
543d7e522a
Bug 97469 - Assignee/QA/Reporter/CC don't get email on restricted bugs.
...
Also fixes seeing bugs in the buglist (bug 95024), dependancy lists,
tooltips, duplicates, and everywhere else I could see which checked group
bugs.groupset == 0.
Also fxed bug 101560, by clearing BASH_ENV
r=myk,justdave
2001-10-23 15:44:53 +00:00
675c319ea2
Bug 105480 - Use the friendly name from the fielddefs table when reporting strictvalue errors if it's available.
...
Patch by James A. Laska <jlaska@us.ibm.com>
r= justdave@syndicomm.com , jake@acutex.net
2001-10-20 00:50:27 +00:00
a100f9690f
Bug 104105 - cosmetic change to make it obvious that you can create an account.
2001-10-15 03:59:19 +00:00
93a2f50358
Fix for bug 104516: No code changes in this patch, all this checkin does is remove all tabs from the bugzilla source and replace it with the appropriate number of spaces (in most cases 8) to line up with existing code. This is part of the effort to bring the existing codebase up to par with our style guidelines.
...
Patch by Jake Steehagen <jake@acutex.net>
r= justdave x2
2001-10-13 01:36:17 +00:00
66cd4cbf7f
Fix for bug 19910: Bugzilla installs on the same server would interfere with each others' cookies. Cookies now have a path value that can be set to indicate which bugzilla install they belong to. Browsers will only send the cookie to the appropriate installation. The path can be set in the 'cookiepath' parameter in editparams.cgi.
...
Patch by Dave Lawrence <dkl@redhat.com>
r= myk, justdave
2001-10-13 00:40:41 +00:00
8bfe16910c
Fix for bug 101056: multiple form values of the same name were not getting correctly stashed if the user had to log in as part
...
of a form submit.
Patch by Myk Melez <myk@mozilla.org>
r= gerv, justdave
2001-10-12 21:33:21 +00:00
625ba23c02
Bug 100490 - better error message with no JavaScript for QuickSearch. Patch by afranke, r=kiko, gerv.
2001-10-12 20:54:26 +00:00
c99b12f635
Fix for bug 104180 - should only be used in the display for a saved query w/a space, not in the URL.
...
Patch by Christian Reis <kiko@async.com.br>
r= jake@acutex.net
2001-10-11 19:51:33 +00:00
eb74456062
Fix for bug 104117 - The editkeywords.cgi link was broken as a result of the fix for bug 103554.
...
Patch by Christian Reis <kiko@async.com.br>
r= jake@acutex.net
2001-10-11 19:07:00 +00:00
a8560efd7b
Fix for bug 103554: HTML generated by the PutHeader and GetCommandMenu subroutines now validates as HTML 4.01 at W3C.
...
Patch by Christian Reis <kiko@async.com.br>
r= caillon, gerv, justdave
2001-10-10 23:36:29 +00:00
b5085765bb
Fix for bug 65164 - Bugzilla wasn't sending </html> at the end of its pages.
...
Patch by Christian Reis <kiko@async.com.br>
r= gerv@mozilla.org , jake@acutex.net
2001-10-10 13:26:28 +00:00
3e18f7d361
Bugzilla Bug 97185 make_select should add a newline after each option
...
patch by kiko. r=zach, gerv
2001-10-10 04:52:09 +00:00
6912d44952
Fix for bug 76714: correctly nests the FORM and TABLE elements.
...
Patch by Gerv Markham <gerv@mozilla.org>.
r=myk@mozilla.org , no second review needed.
2001-10-06 00:03:00 +00:00
8b1f97bb8e
Fix for bug 73959: Make buglist.cgi display the "Show Votes" link at the bottom of the screen.
...
Patch by Jake <jake@acutex.net>.
r=myk@mozilla.org , no second review needed.
2001-09-28 19:17:27 +00:00
535b1d0d56
Make Bugzilla support <link> tag for buglists. Bug 87818. r=jake, caillon.
2001-09-10 21:26:05 +00:00
4eadfcc7d2
Fix for bug 69616: If you have tweakparams privs, the "Sanity check" link was listed with a group of items that said "Edit" so
...
it appeared as if you were going to edit the sanity checks if you clicked on it, when in fact you were going to run them.
This patch rewords the links so Sanity check is in a group by itself in the block of links on the right.
Patch by Matthew Tuck <matty@chariot.net.au>
r= justdave x2
2001-09-06 02:19:04 +00:00
0228e535c8
Fix for bug 84338: initial implementation of attachment tracker, which lets users flag attachments with statuses.
...
Patch by Myk Melez <myk@mozilla.org>
r=justdave@syndicomm.com
2001-08-31 03:54:37 +00:00
7750d44cdd
Bug 96085 - bypassing group security checks using duplicate bugs
...
Patch by Christopher Aillon <christopher@aillon.com>
r= jake@acutex.net
2001-08-26 18:51:45 +00:00
f3747a93ee
Fix for bug 96085: don't allow unauthorized users to access restricted bugs that do not have a QA contact.
...
Patch by Myk Melez <myk@mozilla.org>
r=Jake <jake@acutex.net>
2001-08-20 20:36:10 +00:00
39fd3ac872
Fix for bug 87779: thanks to the new password reset code, there was no clear way to create a new Bugzilla account from the login screen. There is now a link to createaccount.cgi from the login screen, and the text around the password reset button has been edited so it doesn't sound like you can get a new account by using it (because you can't)
...
Patch by Dave Miller <justdave@syndicomm.com>
r= myk@mozilla.org
2001-08-16 06:43:21 +00:00
0b2b25c6a4
Fix for bug 95082 - Param('shutdownhtml') doesn't completely shut down bugzilla.
...
r= justdave@syndicomm.com
2001-08-13 19:11:35 +00:00
43755341de
Fix for bug 39816: Anyone in CC, Reporter, QA Contact, or Asigned To fields can now be given access to view a bug even if the permissions on that bug are set to a group that would normally exclude those people.
...
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com
2001-08-13 00:46:20 +00:00
61ef377cac
Re-fix for bug 55161 - if data is partial in activity table, prepend a ? to indicate that we don't know for sure what got dropped.
...
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
2001-08-09 06:12:18 +00:00
8fe9063d4d
Fix for bug 92713, show_activity.pl displays zeros as non-breaking spaces.
...
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net
2001-07-30 12:52:21 +00:00
ed69b4acf1
Fix for bugs 55161 and 12819. The activity log now stores only what's changed in multi-value fields.
...
r= justdave@syndicomm.com
2001-07-20 15:18:30 +00:00
eae6e119bd
Fixing minor problem caused by the original bug 77473 checkin where an SQL error was being produced if you tried to log in
...
with an invalid username.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com
2001-07-16 19:38:34 +00:00
6b3b75de75
Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password.
...
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com , jake@acutex.net
2001-07-11 05:29:21 +00:00
babcf8d29e
Fix for bug 87701: Invalid username in bug changes echoed back without escaping HTML data
...
Patch by Gervase Markham <gervase.markham@univ.ox.ac.uk>
r= justdave@syndicomm.com
2001-07-04 07:06:00 +00:00
a2bac692b3
Fix for bug 85833: show_bug.cgi (and probably others) now allow leading or trailing spaces in the bug id, to allow for user input error. This used to work, and recent bug validation changes broke it.
...
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
2001-06-19 22:48:21 +00:00
a520791008
Allow '\' as a path delimiter (bug 29064)
...
Patch Concept by <timeless@mac.com>
r= jake@acutex.net
2001-06-18 23:13:18 +00:00
3b98736d18
Fix for bug 15980: Password is no longer shown in the location bar on the first page you load after logging in.
...
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
2001-06-07 20:26:40 +00:00
78dceec13b
fix typo
2001-06-07 01:31:51 +00:00
eda44f5b9f
Landing Myk's patch for bug #71767
2001-06-02 22:02:02 +00:00
d520cdb669
Bugzilla was leaking information about bugs marked secure (using bug groups). This checkin fixes bugs 39524, 39527, 39531, and 39533.
...
Patches by Myk Melez <myk@mozilla.org>.
r= jake@acutex.net
2001-05-31 15:52:25 +00:00
66952b81d2
Fix for bug 38859: escape invalid email addresses for HTML before displaying to the user.
...
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net , justdave@syndicomm.com
2001-05-11 18:02:38 +00:00
6d5e40ea64
Fix for bug 38855: showvotes.cgi needs to escape (untrusted) url params
...
Patch by Myke Melez <myk@mozilla.org>
r= jake@acutex.net
2001-05-10 02:53:22 +00:00
63223eb3b3
Attempted fix for bug 71574: footer anomoly cleanup
2001-03-10 22:06:57 +00:00
48ad57b909
fix for "My Votes" floating in space like a disconnected astronaut
2001-03-10 05:52:54 +00:00
6cd18637ba
fix for 54566: Software error generated when adding invalid dependencies
...
if we call PuntTryAgain(), make sure we've unlocked tables
2001-02-23 21:40:03 +00:00
e09b6665c4
cleanup footer when not logged in and if using voting.
2001-02-22 22:11:27 +00:00
bea0e72819
break Find and Report links to a seperate line so that it looks cleaner
...
on browser windows with shorter widths. also, the second line
matches nicely with the other table cell.
2001-02-22 21:59:25 +00:00
2ad12d19c4
fix for 67278: Footer lines need separation
...
patch submitted by shie9022@msmailhub.oulan.ou.edu (Alan Shields)
make saved queries display better
2001-02-22 02:20:58 +00:00
27ee8d4837
Fix for bug 32000 (and refixing bug 4928): extra newlines in comments made
...
with NS4-Mac
2001-01-16 21:09:33 +00:00
25d54d1057
remove problem with newer perl spewing error messages into the CGI
2000-10-24 00:44:21 +00:00
cb28da37a5
fix for 52228: Bug list title should be name of query if running named query
...
patch by dave@intrec.com (Dave Miller)
2000-09-18 21:29:45 +00:00
a8b9e30b12
Fix for bug 51270: param for bodyhtml to allow sites to customize
...
background colors/image and link colors.
2000-09-16 14:08:37 +00:00
5f18a20d2d
fixes for 51184, 51185, 51186: allow for ldap authentication. patches
...
by jmrobins@tgix.com (Joe Robins). LDAP sections haven't been
tested yet, but the code is arranged such that it shouldn't disturb
existing user authentication system.
2000-09-15 18:35:18 +00:00
bd580c2745
Fix for bug 51508: Unclosed <NOBR> around named queries in command menu.
...
Patch by john.beranek@pace.co.uk (John Beranek)
2000-09-07 06:22:10 +00:00
cbfc28ce92
Fix for bug 43821: PutHeader has unbalanced <TABLE> tags.
2000-09-04 04:10:51 +00:00
84f90e2764
fix for bug #44622 : perl5.6 vs perl5.005 -w: more anal 5.6 causes errors.
...
patches by mtakacs@pacbell.net .
2000-08-21 19:50:41 +00:00
4b5a4cd8a1
added comment to value_quote referencing bugs with quoting linebreaks
2000-06-01 23:09:14 +00:00
d329c5901c
Validate value of $::FORM{who}. Thanks to Ed Korthof (edk@collab.net) for patch.
2000-05-08 18:12:28 +00:00
bd72933797
Fixed a typo that was causing Perl to abort before printing the HTML
...
footer when a certain database inconsistency was detected.
2000-04-27 23:12:44 +00:00
dad9c2b907
bug 25010 need a way to edit groups
2000-04-26 19:35:51 +00:00
5d31497c65
backing out because this has broken bugzilla.mozilla.org. the choice is no longer given in show_bug.cgi to make bugs confidential. I need to change lounge so it no longer automatically updates.
2000-04-19 02:14:41 +00:00
9102155b3e
bug 25010 add ability to easily edit groups
2000-04-18 23:12:00 +00:00
f0c9ee4898
Fixed perl warning which occurs if $ENV{"CONTENT_TYPE"} is not set.
2000-03-30 23:56:36 +00:00
8b59d64ffe
Add a bit of helpful debugging info when we get a consistancy check problem.
2000-03-23 18:20:34 +00:00
4143031dbc
Removed warning.
2000-03-10 17:45:09 +00:00
c3ae7bc600
Patch by Brian Duggan <bduggan@oven.com> -- security improvements.
2000-03-07 18:23:00 +00:00
0e0fd005d7
Patch by Olaf Krische <krische@mbi-berlin.de> -- Fixed HTML typos.
2000-03-07 17:32:51 +00:00
10626c1f40
Make a universal routine to report errors in forms, so that we can
...
have a universal (and more noticable) way of displaying them.
2000-02-25 19:32:47 +00:00
edcc54480b
Cut down on the number of syncshadowdb processes we fork off.
2000-02-18 21:38:23 +00:00
732a4ab9f6
Added an optional ability to keep a read-only shadow database, so that
...
bug queries can be run against it, so that these slow queries won't be
able to tie up the rest of the system.
2000-02-17 21:41:39 +00:00
c67a07d986
Put the "users" link in the trailer for people who are able to tweak
...
the permissions of other users.
2000-02-17 15:52:12 +00:00
718ebdae52
Major spankage. Added a new state, UNCONFIRMED. Added new groups,
...
"editbugs" and "canconfirm". People without these states are now much
more limited in what they can do.
For backwards compatability, by default all users will have the
editbugs and canconfirm bits on them. Installing this changes as is
should only have one major visible effect -- an UNCONFIRMED state
will appear in the query page. But no bugs will become in that state,
until you tweak some of the new voting-related parameters you'll find
when editing products.
2000-02-17 05:15:23 +00:00
b9a6025e36
Patches by Ken Jenks <kjenks@abiblion.com> and jug@tellux.de -- make the Javascript behave under IE5 and under Netscape 3.x
2000-02-15 18:56:31 +00:00
775039658f
Make the "mail a new password" text be a param.
2000-02-07 22:11:55 +00:00
7ecba992bf
Massive stomp on the query page and buglist page. Added the ability
...
to use the "boolean charts" to do very powerful queries.
2000-01-28 01:01:40 +00:00
c7fc84f240
Reworked preferences UI. Added ability to turn off "My bugs" link at
...
bottom. Made "My bugs" show bugs you own AND bugs you submitted.
Added ability to display your named queries in the footer. Many
random bugfixes.
2000-01-25 07:54:57 +00:00
25fa8b8b7b
Very minor HTML tweaking.
2000-01-24 05:50:46 +00:00
2291e7e479
New email code wasn't sending to people who had voted for a bug.
...
Added "My votes" link to footer. Other minor voting-related fixes.
2000-01-24 05:41:40 +00:00
78b90d75fb
AACK! checksetup.pl was stomping all over the new fielddefs table if
...
it got run more than once. This checkin fixes that, and also changes
the DumpBugActivity() routine to give me enough information to
hopefully repair the damaged mozilla.org database...
2000-01-22 21:43:30 +00:00
b9dc656311
Remember the previous sort order in a cookie, and make that the
...
default sort order for new queries. Add a new "show list" link to the
navigation header to return you to the list of selected bugs.
2000-01-22 19:08:57 +00:00
8ed4c20ca3
Added a new table fielddefs that records information about the
...
different fields we keep an activity log on. The bugs_activity table
now has a pointer into that table instead of recording the name directly.
Set up a new, highly experimental email-notification scheme. To turn
it on, the maintainer has to turn on the "New email tech" param, and
then individual users have to turn on the "New email tech" preference.
2000-01-22 04:24:42 +00:00
055416e250
Don't try to put out the footer if we're shutdown (as that can try to access the DB which we don't want).
2000-01-20 21:36:20 +00:00
4e67064f23
Added a way to disable a user.
2000-01-18 22:41:26 +00:00
0b8942fa37
Spruced up "editusers.cgi". Added an "editusers" group.
2000-01-18 18:34:01 +00:00
27c97fdec5
Stop ever using perl's crypt() function; only use mysql's. (Using
...
both was causing corruption on about 1 in 40 passwords.)
2000-01-18 14:40:21 +00:00
a553e0fe09
Very minor formatting tweak.
2000-01-17 19:54:50 +00:00
bbaetz%student.usyd.edu.au
myk%mozilla.org
justdave%syndicomm.com
gerv%gerv.net
jake%acutex.net
matty%chariot.net.au
bbaetz%cs.mcgill.ca
timeless%mac.com
tara%tequilarista.org
dave%intrec.com
cyeh%bluemartini.com
endico%mozilla.org
dmose%mozilla.org
donm%bluemartini.com
terry%mozilla.org