cc216a9b34
Patch for bug 253360: replace IF() with CASE WHEN for database compatibility; patch by Tomas Kopal <Tomas.Kopal@altap.cz>; r=vladd, a=justdave.
2004-07-31 09:36:18 +00:00
6a571305a4
Bug 251837: Extend group_group_map to control which groups can see each other
...
r=kiko
a=justdave
2004-07-27 16:33:41 +00:00
8c40429c5a
Bug 253088: Fix ability of users with bless privileges to bless users
...
r=kiko
a=justdave
2004-07-27 00:25:55 +00:00
5668738aae
Bug 252190: Fix unitialized value in editusers.cgi
...
r=vlad
a=justdave
2004-07-21 21:26:20 +00:00
c70d1cf583
Bug 241900: Allow Bugzilla::Auth to have multiple login and validation styles
...
patch by erik
r=joel, kiko
a=myk
2004-07-20 22:41:22 +00:00
6f03ea2c37
Backing out bug 241900
2004-07-12 03:48:48 +00:00
f64858f4e9
Bug 241900: Allow Bugzilla::Auth to have multiple login and validation styles
...
patch by erik
r=joel
a=justdave
2004-07-11 23:36:53 +00:00
dd438054ff
Bug 244272: Remove editusers 'query' parameter
...
r=justdave
a=justdave
2004-07-10 07:52:11 +00:00
84ebedc167
Bug 233486: Only process groups user is supposed to be able to bless in editgroups.cgi
...
r=justdave
a=justdave
2004-07-10 07:39:56 +00:00
827b94d34e
Bug 236650: html_quote and validate email addresses in editueser.cgi
...
patch by vlad
r=joel,justdave
a=justdave
2004-07-10 07:27:48 +00:00
fe49fca7e1
Bug 240325: Keep regexp-based groups up-to-date
2004-06-16 05:04:48 +00:00
20ee092ca8
Bug 224021: taint issues in editusers.cgi
...
Patch by byron jones <bugzilla@glob.com.au>
r=jouni, a=justdave
2004-05-23 07:32:00 +00:00
90aa16f36e
Bug 141006: Run edit*.cgis in taint mode.
...
Patch by byron jones <bugzilla@glob.com.au>
r=jouni, a=justdave
2004-05-23 07:22:32 +00:00
102c7f3fc7
Bug 240439: "Edit user again" link didn't work if the user had a + in their email address
...
R= timeless, vladd; a= justdave
2004-04-13 21:45:35 +00:00
3b89b856c7
Bug 235265: Getting rid of some unwanted form value dumps.
...
Patch by Jouni Heikniemi <jouni@heikniemi.net>
r= justdave, kiko; a= justdave
2004-03-27 04:35:37 +00:00
b87ad5c610
Fix for bug 234175: Remove deprecated ConnectToDatabase() and
...
quietly_check_login()/confirm_login() calls. Cleans up callsites
(consisting of most of our CGIs), swapping (where appropriate) for calls
to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>.
r=bbaetz, kiko. a=justdave.
2004-03-27 03:51:44 +00:00
ddab364f3c
Fix for bug 226764: Move InvalidateLogins into Bugzilla::Auth::CGI.
...
Consolidates the logout code into Bugzilla::Auth::CGI, and provides
simple front-end wrappers in Bugzilla.pm for use in the CGIs we have.
r=bbaetz, joel; a=justdave.
Adds a set of constants to the logout() API which allow specifying "how
much" we should log out -- all sessions, the current session, or all
sessions but the current one.
Fixes callsites to use this new API; cleans and documents things a
bit while we're at it. Part I in the great COOKIE apocalypse.
2004-03-27 01:28:29 +00:00
89741fe607
Patch for bug 238033: eliminate HTML closing tags that haven't been opened and fix an identation issue; patch by Rudolf Ramler <rudolf.ramler@scch.at>; r=vlad, a=justdave.
2004-03-21 14:26:58 +00:00
2a3031ee6b
Fix for bug 232397: .bz_obsolete shouldn't specify "underline". Define
...
specific bz_obsolete/closed/inactive classes (that don't specify
underline, but line-through instead) and additional Template filters for
conveniently applying them. Change occurences of <strike> to use new
classes and clean up callsites. Patch by byron jones
<bugzilla@glob.com.au>. r=myk, gerv. a=myk.
2004-03-16 23:53:01 +00:00
774226bfb4
Bug 214457 Updated user page is useless
...
r=justdave a=justdave
2004-03-14 06:30:35 +00:00
be1a646c3d
Bug 225234: Wrong comment in editusers.cgi; r=timeless; a=myk.
2003-11-10 17:56:03 +00:00
2db7758877
Bug 65316: Typos on edit*.cgi. Change use of PutTrailer() (and the
...
default output, in certain cases) in the edit pages. Patch by Vlad
Dascalu <jocuri@softhome.net>, r=kiko, a=justdave
2003-09-26 23:47:07 +00:00
c8d524bed2
Bug 178935: Eliminating the "Add another user" link on the confirmation screen after editing a user if the user doing the editing doesn't have permission to add users.
...
Patch by kniht@us.ibm.com
r= justdave, a= justdave
2003-07-19 20:37:20 +00:00
7177c5af4a
Bug 180635 - Enhance Bugzilla::User to store additional information
...
r=myk,jake
2003-06-03 09:48:15 +00:00
cf4e631923
Bug 201816 - use CGI.pm for header output
...
r=joel, a=justdave
2003-05-05 01:15:38 +00:00
e1a7fe3032
Bug 201018 - editusers.cgi never calls DeriveGroup prior to changing a bug
...
patch mostly by justdave, bits by me
r=bbaetz,justdave,myk
a=justdave
2003-04-24 23:12:00 +00:00
774aa5e232
Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang line
...
r=justdave
a=justdave
2003-03-27 00:07:02 +00:00
eb75d91aeb
Bug 180642 - Move authentication code into a module
...
r=gerv, justdave
a=justdave
2003-03-22 04:47:35 +00:00
342d43845b
bug 157756 - Groups_20020716_Branch Tracking : > 55 groups now supported
...
r=bbaetz, gerv
2002-09-22 17:15:13 +00:00
aacda75fc3
Bug 76923 - Don't |use diagnostics| (its really expensive at startup time)
...
r=joel x2
2002-08-26 06:17:26 +00:00
900e798ac1
Bug 43600 - Convert products/components to use ids instead of names.
...
Initial attempt by jake@bugzilla.org , updated by me
r=joel, preed
2002-08-12 05:43:05 +00:00
8a8238c7ef
Bug 151053, ConnectToDatabase/quietly_check_login sometimes not called
...
early enough
r=mattyt, jouni
2002-06-17 09:39:00 +00:00
06859d2a12
Bug 147486 - Fixes cross site scripting issues; first checked in on the 2.14.1 branch, but I forgot the 2.16 branch/trunk (thanks bbaetz); patch=preed, r=bbaetz,myk
2002-06-01 09:26:25 +00:00
f8dd6171f2
Bug 141557 - modification to user deletion code in editusers.cgi - prevent allowuserdeletion being bypassed. Patch by gerv; 2xr=myk.
2002-05-01 20:54:10 +00:00
17277729f2
Bug 140784 - edit*.cgi need a use lib "." on Win32/IIS w/ taint. Patch by jouni@heikniemi.net; r=bbaetz, gerv.
2002-04-29 19:32:29 +00:00
d7d119963b
Bug 139051 - fix misspelling of "privilege". Patch by mental <xor@ivwnet.com>, 2xr=bbaetz.
2002-04-22 21:09:19 +00:00
747fddce5a
Remaining pieces of Bug 23067 from yesterday... no idea why the first commit didn't pick these up.
2002-04-01 22:52:40 +00:00
3495d47bda
Bug 92905 - perl error when editing user and no groups defined
...
r=justdave x 2
2002-03-17 22:07:29 +00:00
7074a237c6
Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies from
...
the db when required instead.
(Also fixes bug 58242 as a side effect)
r=myk, kiko
2002-02-04 12:23:05 +00:00
cba5adf358
Fix for bug 108821: Prevent users with any blessgroupset privileges from blessing any group set.
...
Patch by Jake <jake@acutex.net> and Bradley <bbaetz@cs.mcgill.ca>.
r=jake,myk for Bradley's portion, r=bbaetz,myk for Jake's portion.
2001-11-08 00:52:13 +00:00
e101daceeb
Bug 81594 - SQL error after editing user entry when changing numerous things at once (including the login name).
...
Patch by Matthew Tuck <matty@chariot.net.au>
r= dkl@redhat.com , jake@acutex.net
2001-10-26 18:35:04 +00:00
3eb400cda4
Fix for bug 104516: No code changes in this patch, all this checkin does is remove all tabs from the bugzilla source and replace it with the appropriate number of spaces (in most cases 8) to line up with existing code. This is part of the effort to bring the existing codebase up to par with our style guidelines.
...
Patch by Jake Steehagen <jake@acutex.net>
r= justdave x2
2001-10-13 01:36:17 +00:00
52bd262467
partial backout of the checkin from bug 103121, because it collided with the patch from bug 51519. This should satifactorily
...
meet the goals of both patches. patch by kiko, r= justdave
2001-10-10 06:36:45 +00:00
d9d2292794
Bugzilla Bug 103121 editusers.cgi needs an Add link on the query page.
...
patch by dkl. r=kiko
2001-10-10 04:57:30 +00:00
62360e8331
Fix for bug 57821 - Empty regular expression causes a software error.
...
Patch by Nick Hibma <n_hibma@qubesoft.com>
r= jake@acutex.net
2001-10-05 23:06:08 +00:00
7bbb20c84e
Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password.
...
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com , jake@acutex.net
2001-07-11 05:29:21 +00:00
477a26a860
Fix for bug 45164 - New users created by the admin were not subject to the userregexp for groupsets.
...
Patch by Joe Robins <jmrobins@tgix.com>
r= jake@acutex.net
2001-05-30 15:47:30 +00:00
097ab228ca
Bug 71552 - Remove oldemailtech from Bugzilla
...
r= justdave@syndicomm.com
2001-05-24 03:10:49 +00:00
62dd9d3d1a
Correcting my email address in the comments
2001-04-17 02:26:16 +00:00
f9845d93d6
fix for 66876: Using userids (mediumint) for initialowner and initialqacontact
...
based on patch submitted by baulig@suse.de (Martin Baulig).
2001-02-22 18:11:29 +00:00
jocuri%softhome.net
bugreport%peshkin.net
jouni%heikniemi.net
justdave%syndicomm.com
kiko%async.com.br
timeless%mozdev.org
bbaetz%acm.org
jake%bugzilla.org
bbaetz%student.usyd.edu.au
preed%sigkill.com
gerv%gerv.net
myk%mozilla.org
jake%acutex.net
timeless%mac.com
cyeh%bluemartini.com