diff options
| author | mkanat%kerio.com <> | 2005-07-08 14:29:14 +0200 |
|---|---|---|
| committer | mkanat%kerio.com <> | 2005-07-08 14:29:14 +0200 |
| commit | 0d7a4fbf959a1c522350786e83df580476bf5642 (patch) | |
| tree | bdc9db68814ef7e0ff8a30a43d34f541b9c4c547 /template | |
| parent | 4f5fe2cd8ca790ff083d5f5a9903b13afc75cb9a (diff) | |
| download | bugzilla-0d7a4fbf959a1c522350786e83df580476bf5642.tar.gz bugzilla-0d7a4fbf959a1c522350786e83df580476bf5642.tar.xz | |
Bug 293159: [SECURITY] Anyone can change flags and access bug summaries due to a bad check in Flag::validate() and Flag::modify()
Patch By Frederic Buclin <LpSolit@gmail.com> r=myk, a=justdave
Diffstat (limited to 'template')
| -rw-r--r-- | template/en/default/global/code-error.html.tmpl | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl index fd3f8fb20..36a752949 100644 --- a/template/en/default/global/code-error.html.tmpl +++ b/template/en/default/global/code-error.html.tmpl @@ -135,6 +135,15 @@ [% title = "Invalid Dimensions" %] The width or height specified is not a positive integer. + [% ELSIF error == "invalid_flag_association" %] + [% title = "Invalid Flag Association" %] + Some flags do not belong to + [% IF attach_id %] + attachment [% attach_id FILTER html %]. + [% ELSE %] + [%+ terms.bug %] [%+ bug_id FILTER html %]. + [% END %] + [% ELSIF error == "invalid_isactive_flag" %] [% title = "Invalid isactive flag" %] The active flag was improperly set. There may be @@ -153,6 +162,20 @@ [% ELSIF error == "flag_nonexistent" %] There is no flag with ID #[% id FILTER html %]. + + [% ELSIF error == "flags_not_available" %] + [% title = "Flag Editing not Allowed" %] + [% IF type == "b" %] + Flags cannot be set or changed when + changing several [% terms.bugs %] at once. + [% ELSE %] + References to existing flags when creating + a new attachment are invalid. + [% END %] + + [% ELSIF error == "flag_requestee_disabled" %] + [% title = "Flag not Specifically Requestable" %] + The flag <em>[% name FILTER html %]</em> is not specifically requestable. [% ELSIF error == "flag_status_invalid" %] The flag status <em>[% status FILTER html %]</em> @@ -172,6 +195,10 @@ The flag type ID <em>[% id FILTER html %]</em> is not a positive integer. + [% ELSIF error == "flag_type_inactive" %] + [% title = "Inactive Flag Types" %] + Some flag types are inactive and cannot be used to create new flags. + [% ELSIF error == "flag_type_nonexistent" %] There is no flag type with the ID <em>[% id FILTER html %]</em>. |