bbaetz%acm.org
0969b6b902
Bug 208699 - Move Throw{Code,Template}Error into Error.pm
...
r,a=justdave
2003-09-14 06:05:23 +00:00
bbaetz%acm.org
114bfcf4b0
Bug 205463 - Tokens aren't canceled after a successful login.
...
patch by 'Randall M! Gee', r=bbaetz, a=justdave
2003-06-07 03:36:46 +00:00
bbaetz%acm.org
eb75d91aeb
Bug 180642 - Move authentication code into a module
...
r=gerv, justdave
a=justdave
2003-03-22 04:47:35 +00:00
justdave%syndicomm.com
70213438c9
Bug 193989: EmailSuffix wasn't getting used for password change tokens. Also removes real name from To: header which wasn't being escaped properly for RFC2822 specs.
...
Patch by Jeff Lawson <jlawson-mozilla@bovine.net>
r=justdave, a=justdave
2003-03-14 05:43:38 +00:00
gerv%gerv.net
6db9dc12f6
Bug 164038 - token.cgi: Cancel token messages should be moved into the templates. Patch by burnus; r=gerv.
2002-09-30 07:22:44 +00:00
bbaetz%student.usyd.edu.au
3acaacd78e
Bug 163829 - move pref code into a separate package
...
r=joel, preed
2002-08-29 09:25:54 +00:00
bbaetz%student.usyd.edu.au
aacda75fc3
Bug 76923 - Don't |use diagnostics| (its really expensive at startup time)
...
r=joel x2
2002-08-26 06:17:26 +00:00
myk%mozilla.org
773aca105c
Fix for bug 150925: make email address changes work.
...
2xr=bbaetz
2002-07-09 02:16:56 +00:00
gerv%gerv.net
68693e09c4
Bug 135836 - change requests should include expiration details. Patch by zeroJ@null.net; r=gerv, justdave.
2002-05-03 06:37:47 +00:00
gerv%gerv.net
eb7da00c88
Bug 135817 - update template filename. Oops.
2002-04-26 06:46:16 +00:00
gerv%gerv.net
db6d0c3ca0
Bug 135814 - templatise Token.pm. Patch by zeroj; 2xr=bbaetz.
2002-04-26 06:01:30 +00:00
gerv%gerv.net
dafe5cefe2
Bug 136180 - use uri/url_quote filters correctly. Patch by ddk; 2xr=gerv.
2002-04-24 18:27:43 +00:00
gerv%gerv.net
db4ad2cb68
Bug 138588 - change to use new template structure. Patch by gerv, r=myk, afranke.
2002-04-24 07:24:50 +00:00
justdave%syndicomm.com
747fddce5a
Remaining pieces of Bug 23067 from yesterday... no idea why the first commit didn't pick these up.
2002-04-01 22:52:40 +00:00
justdave%syndicomm.com
fea3c79db3
Fix for bug 125516: the recent fix for emails truncating when a period occurred on a line by itself broke Exim because it
...
needs the -t and -i as separate parameters instead of stacked (the original patch had -ti)
Patch by Tobias Burnus <burnus@gmx.de>
r= justdave, gerv
2002-02-17 08:22:31 +00:00
justdave%syndicomm.com
8a7b873c47
Fix for bug 117055: Emails were being truncated if they contained a line with nothing but a period on them. We now pass -i to
...
sendmail and its clones to tell it to ignore periods (since we close the pipe when we're done, rather than signalling it with
a period). Has been tested with sendmail and postfix.
Patch by Dave Miller <justdave@syndicomm.com>
r= afranke, bugzilla@bkor.dhs.org , jake
2002-02-06 02:47:00 +00:00
justdave%syndicomm.com
d9529b08af
Fix for bug 108982: enable taint mode for all user-facing CGI files.
...
Patch by Brad Baetz <bbaetz@student.usyd.edu.au>
r= jake, justdave
2002-01-20 01:44:52 +00:00
justdave%syndicomm.com
a70b156a17
Fix for bug 95731: "INSERT INTO shadowlog" failed because "Table 'shadowlog' not locked", fixed typo in lock tables command.
...
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com
2001-08-17 08:38:54 +00:00
justdave%syndicomm.com
007829877b
Fix for bug 95535: the token generator for password resets is allowing the & character to be used for tokens, but wasn't escaping them for the URL it emailed to users to use to get in to reset their password.
...
Patch by Dave Miller <justdave@syndicomm.com>
r= myk@mozilla.org
2001-08-16 06:52:55 +00:00
justdave%syndicomm.com
7bbb20c84e
Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password.
...
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com , jake@acutex.net
2001-07-11 05:29:21 +00:00