c11313b78b
Bug 283237: Move DBname_to_id out of globals.pl
...
Patch By Max Kanat-Alexander <mkanat@kerio.com> r=wurblzap, a=myk
2005-02-24 23:42:48 +00:00
9a4b0a2ac1
Bug 280494: Replace "SELECT LAST_INSERT_ID()" with Bugzilla::DB function call
...
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat, a=justdave
2005-02-18 16:01:48 +00:00
dd30767b63
Bug 280495: Replace "REGEXP" with Bugzilla::DB function call
...
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=wurblzap, a=myk
2005-02-16 18:40:13 +00:00
e21c91451c
Bug 281845 : Possible to delete users who are initial QA contacts (Regression from bug 43600)
...
Patch by Shane H. W. Travis <travis@sedsystems.ca> r=justdave, a=justdave
2005-02-10 21:34:48 +00:00
140f3c1905
Bug 280994 : Move ValidateNewUser out of globals.pl
...
Patch by Max Kanat-Alexander <mkanat@kerio.com> r=vladd a=justdave
2005-02-09 06:42:43 +00:00
94087628c8
Bug 278792 : Move Crypt() to Bugzilla::Auth
...
Patch by Max Kanat-Alexander <mkanat@kerio.com> r=vladd a=justdave
2005-01-31 19:26:01 +00:00
99386be3d9
Patch for bug 265898: edit*.cgi files should all use ThrowUserError(); patch by Fr�d�ric Buclin <LpSolit@gmail.com>, r=vladd, a=myk.
2005-01-16 14:07:31 +00:00
a21e27d8a3
Bug 108870: Bugzilla does not set email prefs for new user until user visits userprefs.cgi
...
Patch: travis r=mkanat a=justdave
Also includes fixes for
Bug 109573: New bugzilla accounts should by default have 'CC field changes' turned off, and
Bug 275599: flag request email prefs not behaving correctly
2005-01-07 20:56:01 +00:00
6976bb0f22
Patch for bug 261434: implement functionality to delete a user semi-properly (only works for users with no bugs/comments); patch by Ivan Todoroski <grnch@gmx.net>; r=justdave, a=justdave.
2004-10-17 11:07:39 +00:00
5af84e034b
Patch for bug 253360: replace IF() with CASE WHEN for database compatibility; patch by Tomas Kopal <Tomas.Kopal@altap.cz>; r=vladd, a=justdave.
2004-07-31 09:36:18 +00:00
40ca95b00d
Bug 251837: Extend group_group_map to control which groups can see each other
...
r=kiko
a=justdave
2004-07-27 16:33:41 +00:00
f83173d6c0
Bug 253088: Fix ability of users with bless privileges to bless users
...
r=kiko
a=justdave
2004-07-27 00:25:55 +00:00
e3915ea7f5
Bug 252190: Fix unitialized value in editusers.cgi
...
r=vlad
a=justdave
2004-07-21 21:26:20 +00:00
7d92a11646
Bug 241900: Allow Bugzilla::Auth to have multiple login and validation styles
...
patch by erik
r=joel, kiko
a=myk
2004-07-20 22:41:22 +00:00
7aa52bd11a
Backing out bug 241900
2004-07-12 03:48:48 +00:00
fc257e2ff0
Bug 241900: Allow Bugzilla::Auth to have multiple login and validation styles
...
patch by erik
r=joel
a=justdave
2004-07-11 23:36:53 +00:00
addc71db41
Bug 244272: Remove editusers 'query' parameter
...
r=justdave
a=justdave
2004-07-10 07:52:11 +00:00
3a532d9eaf
Bug 233486: Only process groups user is supposed to be able to bless in editgroups.cgi
...
r=justdave
a=justdave
2004-07-10 07:39:56 +00:00
4a6e40541c
Bug 236650: html_quote and validate email addresses in editueser.cgi
...
patch by vlad
r=joel,justdave
a=justdave
2004-07-10 07:27:48 +00:00
c086db9377
Bug 240325: Keep regexp-based groups up-to-date
2004-06-16 05:04:48 +00:00
17531a3296
Bug 224021: taint issues in editusers.cgi
...
Patch by byron jones <bugzilla@glob.com.au>
r=jouni, a=justdave
2004-05-23 07:32:00 +00:00
616a0ea416
Bug 141006: Run edit*.cgis in taint mode.
...
Patch by byron jones <bugzilla@glob.com.au>
r=jouni, a=justdave
2004-05-23 07:22:32 +00:00
20239cff2e
Bug 240439: "Edit user again" link didn't work if the user had a + in their email address
...
R= timeless, vladd; a= justdave
2004-04-13 21:45:35 +00:00
1febc28eec
Bug 235265: Getting rid of some unwanted form value dumps.
...
Patch by Jouni Heikniemi <jouni@heikniemi.net>
r= justdave, kiko; a= justdave
2004-03-27 04:35:37 +00:00
6f3fb84923
Fix for bug 234175: Remove deprecated ConnectToDatabase() and
...
quietly_check_login()/confirm_login() calls. Cleans up callsites
(consisting of most of our CGIs), swapping (where appropriate) for calls
to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>.
r=bbaetz, kiko. a=justdave.
2004-03-27 03:51:44 +00:00
2b54f4f614
Fix for bug 226764: Move InvalidateLogins into Bugzilla::Auth::CGI.
...
Consolidates the logout code into Bugzilla::Auth::CGI, and provides
simple front-end wrappers in Bugzilla.pm for use in the CGIs we have.
r=bbaetz, joel; a=justdave.
Adds a set of constants to the logout() API which allow specifying "how
much" we should log out -- all sessions, the current session, or all
sessions but the current one.
Fixes callsites to use this new API; cleans and documents things a
bit while we're at it. Part I in the great COOKIE apocalypse.
2004-03-27 01:28:29 +00:00
dd0467124a
Patch for bug 238033: eliminate HTML closing tags that haven't been opened and fix an identation issue; patch by Rudolf Ramler <rudolf.ramler@scch.at>; r=vlad, a=justdave.
2004-03-21 14:26:58 +00:00
06e65cf6b9
Fix for bug 232397: .bz_obsolete shouldn't specify "underline". Define
...
specific bz_obsolete/closed/inactive classes (that don't specify
underline, but line-through instead) and additional Template filters for
conveniently applying them. Change occurences of <strike> to use new
classes and clean up callsites. Patch by byron jones
<bugzilla@glob.com.au>. r=myk, gerv. a=myk.
2004-03-16 23:53:01 +00:00
c35d11c9c9
Bug 214457 Updated user page is useless
...
r=justdave a=justdave
2004-03-14 06:30:35 +00:00
fa25a30a13
Bug 225234: Wrong comment in editusers.cgi; r=timeless; a=myk.
2003-11-10 17:56:03 +00:00
04968b8a9f
Bug 65316: Typos on edit*.cgi. Change use of PutTrailer() (and the
...
default output, in certain cases) in the edit pages. Patch by Vlad
Dascalu <jocuri@softhome.net>, r=kiko, a=justdave
2003-09-26 23:47:07 +00:00
e3431fb511
Bug 178935: Eliminating the "Add another user" link on the confirmation screen after editing a user if the user doing the editing doesn't have permission to add users.
...
Patch by kniht@us.ibm.com
r= justdave, a= justdave
2003-07-19 20:37:20 +00:00
c1e4afb682
Bug 180635 - Enhance Bugzilla::User to store additional information
...
r=myk,jake
2003-06-03 09:48:15 +00:00
325350ad59
Bug 201816 - use CGI.pm for header output
...
r=joel, a=justdave
2003-05-05 01:15:38 +00:00
72da8784bf
Bug 201018 - editusers.cgi never calls DeriveGroup prior to changing a bug
...
patch mostly by justdave, bits by me
r=bbaetz,justdave,myk
a=justdave
2003-04-24 23:12:00 +00:00
3c915014e3
Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang line
...
r=justdave
a=justdave
2003-03-27 00:07:02 +00:00
f6fabc003f
Bug 180642 - Move authentication code into a module
...
r=gerv, justdave
a=justdave
2003-03-22 04:47:35 +00:00
1c0ddbd1ae
bug 157756 - Groups_20020716_Branch Tracking : > 55 groups now supported
...
r=bbaetz, gerv
2002-09-22 17:15:13 +00:00
2b781fd427
Bug 76923 - Don't |use diagnostics| (its really expensive at startup time)
...
r=joel x2
2002-08-26 06:17:26 +00:00
80f3e185c0
Bug 43600 - Convert products/components to use ids instead of names.
...
Initial attempt by jake@bugzilla.org , updated by me
r=joel, preed
2002-08-12 05:43:05 +00:00
693d63dda2
Bug 151053, ConnectToDatabase/quietly_check_login sometimes not called
...
early enough
r=mattyt, jouni
2002-06-17 09:39:00 +00:00
6990c6f133
Bug 147486 - Fixes cross site scripting issues; first checked in on the 2.14.1 branch, but I forgot the 2.16 branch/trunk (thanks bbaetz); patch=preed, r=bbaetz,myk
2002-06-01 09:26:25 +00:00
c2c1a1574f
Bug 141557 - modification to user deletion code in editusers.cgi - prevent allowuserdeletion being bypassed. Patch by gerv; 2xr=myk.
2002-05-01 20:54:10 +00:00
d1cca234fb
Bug 140784 - edit*.cgi need a use lib "." on Win32/IIS w/ taint. Patch by jouni@heikniemi.net; r=bbaetz, gerv.
2002-04-29 19:32:29 +00:00
92f27196c9
Bug 139051 - fix misspelling of "privilege". Patch by mental <xor@ivwnet.com>, 2xr=bbaetz.
2002-04-22 21:09:19 +00:00
04a1b81006
Remaining pieces of Bug 23067 from yesterday... no idea why the first commit didn't pick these up.
2002-04-01 22:52:40 +00:00
c4119e5418
Bug 92905 - perl error when editing user and no groups defined
...
r=justdave x 2
2002-03-17 22:07:29 +00:00
12965a910a
Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies from
...
the db when required instead.
(Also fixes bug 58242 as a side effect)
r=myk, kiko
2002-02-04 12:23:05 +00:00
a216712f0a
Fix for bug 108821: Prevent users with any blessgroupset privileges from blessing any group set.
...
Patch by Jake <jake@acutex.net> and Bradley <bbaetz@cs.mcgill.ca>.
r=jake,myk for Bradley's portion, r=bbaetz,myk for Jake's portion.
2001-11-08 00:52:13 +00:00
5c374686dd
Bug 81594 - SQL error after editing user entry when changing numerous things at once (including the login name).
...
Patch by Matthew Tuck <matty@chariot.net.au>
r= dkl@redhat.com , jake@acutex.net
2001-10-26 18:35:04 +00:00
93a2f50358
Fix for bug 104516: No code changes in this patch, all this checkin does is remove all tabs from the bugzilla source and replace it with the appropriate number of spaces (in most cases 8) to line up with existing code. This is part of the effort to bring the existing codebase up to par with our style guidelines.
...
Patch by Jake Steehagen <jake@acutex.net>
r= justdave x2
2001-10-13 01:36:17 +00:00
a56cf30d34
partial backout of the checkin from bug 103121, because it collided with the patch from bug 51519. This should satifactorily
...
meet the goals of both patches. patch by kiko, r= justdave
2001-10-10 06:36:45 +00:00
06b9d8a67f
Bugzilla Bug 103121 editusers.cgi needs an Add link on the query page.
...
patch by dkl. r=kiko
2001-10-10 04:57:30 +00:00
f2720e0228
Fix for bug 57821 - Empty regular expression causes a software error.
...
Patch by Nick Hibma <n_hibma@qubesoft.com>
r= jake@acutex.net
2001-10-05 23:06:08 +00:00
6b3b75de75
Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password.
...
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com , jake@acutex.net
2001-07-11 05:29:21 +00:00
8cbb7741ca
Fix for bug 45164 - New users created by the admin were not subject to the userregexp for groupsets.
...
Patch by Joe Robins <jmrobins@tgix.com>
r= jake@acutex.net
2001-05-30 15:47:30 +00:00
7d7408335b
Bug 71552 - Remove oldemailtech from Bugzilla
...
r= justdave@syndicomm.com
2001-05-24 03:10:49 +00:00
8e2cc80353
Correcting my email address in the comments
2001-04-17 02:26:16 +00:00
5a2b170f3f
fix for 66876: Using userids (mediumint) for initialowner and initialqacontact
...
based on patch submitted by baulig@suse.de (Martin Baulig).
2001-02-22 18:11:29 +00:00
4c96f21aae
patch from bug 17464 to give user some control over what sorts of bug mail get sent to an account. Original patch by al_raetz@yahoo.com and lots of additional hacking by me; r=donm@bluemartini.com
2001-01-24 20:26:24 +00:00
b11c2767ae
front end fix for 31456: Editing a superuser clears their access flags
...
patch by jmrobin@tgix.com
2000-09-15 22:20:55 +00:00
5f18a20d2d
fixes for 51184, 51185, 51186: allow for ldap authentication. patches
...
by jmrobins@tgix.com (Joe Robins). LDAP sections haven't been
tested yet, but the code is arranged such that it shouldn't disturb
existing user authentication system.
2000-09-15 18:35:18 +00:00
5353c7483c
Fix for bug 51519: Links to index are too specific. Patch by
...
john.beranek@pace.co.uk (John Beranek)
2000-09-07 06:31:12 +00:00
2047a0cd93
Removing a couple lines from the patch for bug 31336 that got left in by
...
accident.
2000-08-04 23:16:01 +00:00
133606438f
Landing Adam Spiers' contributions for security and small functional issues
2000-07-25 18:58:54 +00:00
6680ca2f94
Fix for bug 31336 (separate bug groups from access groups in user editor)
2000-07-20 01:31:10 +00:00
ddd11a0927
Fix for bug 42037 (user passwords visible in editusers.cgi). Patch
...
submitted by JRobertson@medevolve.com (Jon Robertson)
2000-07-18 16:01:42 +00:00
98c22799b7
Fix for bug 32971, patch submitted by mtakacs@pacbell.net
2000-07-18 02:15:24 +00:00
4f4ff99904
checkin to fix Bug 25010 "Need a way to edit the list of available groups".
...
Patches and work contributed by dave@intrec.com (Dave Miller).
Some cleanup work needs to be done with regards to permissions and bit-twiddling
see other bugs that are dependent on 25010 for details.
2000-06-23 18:03:47 +00:00
d8660034bf
Was crashing when logging profile activity.
2000-02-17 16:46:36 +00:00
718ebdae52
Major spankage. Added a new state, UNCONFIRMED. Added new groups,
...
"editbugs" and "canconfirm". People without these states are now much
more limited in what they can do.
For backwards compatability, by default all users will have the
editbugs and canconfirm bits on them. Installing this changes as is
should only have one major visible effect -- an UNCONFIRMED state
will appear in the query page. But no bugs will become in that state,
until you tweak some of the new voting-related parameters you'll find
when editing products.
2000-02-17 05:15:23 +00:00
4e67064f23
Added a way to disable a user.
2000-01-18 22:41:26 +00:00
0b8942fa37
Spruced up "editusers.cgi". Added an "editusers" group.
2000-01-18 18:34:01 +00:00
27c97fdec5
Stop ever using perl's crypt() function; only use mysql's. (Using
...
both was causing corruption on about 1 in 40 passwords.)
2000-01-18 14:40:21 +00:00
f5e622daa8
Patch by Ramon Felciano <felciano@ingenuity.com>, with many tweaks by
...
me. Added a footer to every page. Add some options to do things like
display checkboxes instead of scrolling lists, and a new formatting
for email diffs, and show list items capitalized instead of all upper
case.
2000-01-14 22:35:49 +00:00
2db9bdbbbe
updated license boilerplate
1999-11-01 23:33:56 +00:00
30d63a4c52
Patch by Holger Schurig <holger@holger.om.org> -- rewriting and enhancing the
...
ability to edit components, products, and versions. Yay!
1999-10-12 23:00:35 +00:00
mkanat%kerio.com
travis%sedsystems.ca
jocuri%softhome.net
bugreport%peshkin.net
jouni%heikniemi.net
justdave%syndicomm.com
kiko%async.com.br
timeless%mozdev.org
bbaetz%acm.org
jake%bugzilla.org
bbaetz%student.usyd.edu.au
preed%sigkill.com
gerv%gerv.net
myk%mozilla.org
jake%acutex.net
timeless%mac.com
cyeh%bluemartini.com
dmose%mozilla.org
dave%intrec.com
tara%tequilarista.org
terry%mozilla.org