summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2001-07-26fix for bug 91903: insecure dependency in require in importxml.pl under ↵justdave%syndicomm.com1-1/+2
taint mode only in Perl 5.005. Patch by Jake Steenhagen <jake@acutex.net> r= justdave@syndicomm.com
2001-07-26Fix for bug 90933: inconsistant field types for profiles.disabledtextjustdave%syndicomm.com1-1/+5
Patch by Jake Steenhagen <jake@acutex.net> r= justdave@syndicomm.com
2001-07-25re-fix bug 76154: permissions weren't being set correctly on the .htaccess ↵justdave%syndicomm.com2-0/+4
files when checksetup.pl was run again. Also adding .htaccess to .cvsignore so it won't show up as ? in cvs diffs and updates. Patch by Dave Miller <justdave@syndicomm.com> r= jake@acutex.net
2001-07-23Remove the code for rejecting the version of MySQL with broken encryption ↵jake%acutex.net1-9/+8
(as bugzilla no longer uses MySQL's encrypt routine). Also, point to mysql.com for downloading newer versions. Patch by Myk Melez <myk@mozilla.org> r= jake@acutex.net
2001-07-23re-fix for bug 55161: buglist works again if you search for change history ↵justdave%syndicomm.com1-2/+2
on a bug Patch by Jake Steenhagen <jake@acutex.net> r= justdave@syndicomm.com
2001-07-22Fix for bug 76154: Bugzilla can now optionally provide .htaccess files for ↵justdave%syndicomm.com1-0/+71
Apache to help restrict viewing of private data Patch by Dave Miller <justdave@syndicomm.com> r= jake@acutex.net
2001-07-22fix "used only once" error reported by tinderboxjustdave%syndicomm.com1-0/+1
2001-07-22Fix for bug 84714 and bug 88797: You can now change bug groups from the ↵justdave%syndicomm.com1-30/+29
"change several bugs" form even if the bugs aren't all in the same groups. Also, the groups are no longer cleared when you make a change from the "change several bugs" form (unless you tell it to) Patch by Joe Robins <jmrobins@tgix.com> and Dave Miller <justdave@syndicomm.com> r= zach@zachlipton.com a= justdave@syndicomm.com
2001-07-22Fix for bug 84714 and bug 88797: You can now change bug groups from the ↵justdave%syndicomm.com1-21/+46
"change several bugs" form even if the bugs aren't all in the same groups. Also, the groups are no longer cleared when you make a change from the "change several bugs" form (unless you tell it to) Patch by Joe Robins <jmrobins@tgix.com> and Dave Miller <justdave@syndicomm.com> r= zach@zachlipton.com a= justdave@syndicomm.com
2001-07-21Fix for bugs 55161 and 12819. The activity log now stores only what's ↵jake%acutex.net7-80/+203
changed in multi-value fields. r= justdave@syndicomm.com
2001-07-20Re-fix for bug 77699: the undefined error affected other browsers than just ↵justdave%syndicomm.com1-25/+17
IE5, so work around it for all browsers. Patch by Stephen Lee <slee@uk.bnsmc.com> r= afranke@ags.uni-sb.de
2001-07-17Correcting the URL for MySQL's web page. Bug 90553.jake%acutex.net1-1/+1
Patch by Myk Melez <myk@mozilla.org>
2001-07-17Fixing minor problem caused by the original bug 77473 checkin where an SQL ↵justdave%syndicomm.com1-0/+6
error was being produced if you tried to log in with an invalid username. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com
2001-07-11Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored ↵justdave%syndicomm.com10-130/+938
in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com, jake@acutex.net
2001-07-04Fix for bug 87701: Invalid username in bug changes echoed back without ↵justdave%syndicomm.com3-6/+10
escaping HTML data Patch by Gervase Markham <gervase.markham@univ.ox.ac.uk> r= justdave@syndicomm.com
2001-07-04Killing the "used only once" error that suddenly popped up out of nowhere on ↵justdave%syndicomm.com1-0/+1
tinderbox.
2001-07-04removing "Use Carp" and "sub die_with_dignity" that I was supposed to remove ↵justdave%syndicomm.com1-7/+7
from the previous patch before checking it in.
2001-07-04Fix for bug 59349: Processmail now runs in taint (perl -T and ↵justdave%syndicomm.com2-10/+68
$db->{Taint}=1) mode. Hooks also added to globals.pl to make converting other files in Bugzilla to run in Taint mode easier. Patch by Jake Steenhagen <jake@acutex.net> r= justdave@syndicomm.com
2001-07-02Add strikethrough to resolved bug numbers. Bug 79816. r=jake.gerv%gerv.net1-19/+31
2001-07-02Make bug chart filenames other-OS friendly by removing colons. Bug 88179. ↵gerv%gerv.net1-13/+3
r=jake.
2001-07-01Fix for bug 87596: improper definition of $::components in globals.pljustdave%syndicomm.com2-2/+2
Patch by Dave Miller <justdave@syndicomm.com> r= jake@acutex.net
2001-06-29Fix for bug 76183 and bug 71555: consolidates chmod activity in one place in ↵justdave%syndicomm.com1-104/+119
checksetup.pl and also provides permission setting for bugzilla installations installed in a personal user directory as opposed to the server's main web space. (makes the files world-readable so the webserver can see them, since you can't set the group) Patch by Christian Reis <kiko@async.com.br> r= justdave@syndicomm.com
2001-06-29Fix for but 76073: - and + didn't work in quicksearch in IE and Operajustdave%syndicomm.com1-2/+2
Patch by Andreas Franke <afranke@ags.uni-sb.de> r= justdave@syndicomm.com
2001-06-29Refix bug 80289. Don't print header for groups if there aren't any groups to ↵jake%acutex.net2-7/+12
display (was printing a header without groups in rare instances). Patch by Joe Robins <jmrobins@tgix.com> r= jake@acutex.net
2001-06-28Fix for bug 87983: backdoor.cgi is Netscape-specific, and not part of the ↵justdave%syndicomm.com1-178/+0
bugzilla package. Removing from CVS.
2001-06-27Fixing "used only once" errors flagged by tinderbox on the last checkin.justdave%syndicomm.com2-0/+2
2001-06-27Fix for bug 80289: Group restrictions are now identified with checkboxes ↵justdave%syndicomm.com5-51/+105
instead of select widgets. Also, product groups are now only offered if they are either already set, or match the current product (i.e. the option to set a product bit for a product other than the one the bug is in is no longer available) This results in much less clutter for the admin folks on sites with lots of products. Patch by Joe Robbins <jmrobins@tgix.com> r= justdave@syndicomm.com
2001-06-22Re-fix for bug 28458: AddFDef always replaces the fielddefs every time you ↵justdave%syndicomm.com2-7/+1
run checksetup.pl, so the change to them during doeditparams was nullified if you updated. Other recent changes have nullified the reason for changing it in editparams anyway, so just backing that part out. Patch by Jake Steenhagen <jake@acutex.net> r= justdave@syndicomm.com
2001-06-21Fix for "used only once" error reported by tinderbox after the last checkin. ↵justdave%syndicomm.com1-0/+1
(Aaargh!)
2001-06-21Fix for bug 47914: buglist.cgi always had a not-logged-in footer if you were ↵justdave%syndicomm.com1-0/+6
unlucky enough to have a login cookie that got corrupted in the shadow database. This patch makes buglist.cgi switch back to the primary database before looking up your login cookie for the footer. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com
2001-06-20Fix for bug 86447 - ChangeFieldType() wasn't dealing with 'not null' properly.jake%acutex.net1-5/+9
r= justdave@syndicomm.com
2001-06-20Fix for bug 85833: show_bug.cgi (and probably others) now allow leading or ↵justdave%syndicomm.com1-1/+2
trailing spaces in the bug id, to allow for user input error. This used to work, and recent bug validation changes broke it. Patch by Jake Steenhagen <jake@acutex.net> r= justdave@syndicomm.com
2001-06-20Fix for bug 45918: the old password field on the userprefs page is now used ↵justdave%syndicomm.com1-4/+5
to log you back in if you try to change your password with cookies turned off, which avoids the confusing login screen after entering your new password in which you used to have to enter your old password one more time in order to let it set your new password (yes, it used to be as confusing as that just sounded :) r= tara@tequilarista.org
2001-06-19Running a query using the Added Comment option was very slow (bug 57350).jake%acutex.net2-2/+13
Patch by Myk Melez <myk@mozilla.org> and Dave Miller <justdave@syndicomm.com> r= jake@acutex.net
2001-06-19Refixing bug 71396. Each PushGlobalSQLState() needs a PopGlobalSQLState() ↵jake%acutex.net1-1/+1
and this file instead had two "pushes".
2001-06-19Allow '\' as a path delimiter (bug 29064)jake%acutex.net1-2/+2
Patch Concept by <timeless@mac.com> r= jake@acutex.net
2001-06-19Fix for bug 85832 - QuickSearch should strip leading and trailing spaces.jake%acutex.net1-0/+7
Patch by Andreas Franke <afranke@ags.uni-sb.de>
2001-06-17applying handy patch to refix version table to be 64 instead of 16--partial ↵tara%tequilarista.org1-1/+5
fix of bug 9352
2001-06-16Fix for bug 71396 - $::db->do isn't needed anymorejake%acutex.net4-36/+20
Patch by Christian Reis <kiko@async.com.br> r= jake@acutex.net
2001-06-16Fix for bug 83619 - QuickSearch was crashing Netscape 4.76 and 4.77 on Unixjake%acutex.net1-2/+4
Patch by Andreas Franke <afranke@ags.uni-sb.de>
2001-06-15Checking in the cleaner version of the fix for "No Available Products". ↵jake%acutex.net1-15/+15
This was attached to bug 65311. Patch by Dave Miller <justdave@syndicomm.com> r= jake@acutex.net
2001-06-15Backing out previous changes as there was a better patch already attached to ↵jake%acutex.net1-28/+9
a different bug
2001-06-14Bugzilla shouldn't display empty header in the New: email notifications (bug ↵jake%acutex.net1-2/+2
85734) r=timeless
2001-06-11Fix for bug 84596: Syncshadowdb wasn't using the db_user and db_pass from ↵justdave%syndicomm.com1-8/+11
localconfig, which meant that it previously wouldn't run unless it was running under a user that had access to the bugs and shadowbugs dbs and didn't have a password. It now looks for db_user and db_pass and specifies them on the command line to mysqldump and mysql if they're in use. r= tara
2001-06-11Re-fix for bug 21253: fix calling conventions for syncshadowdb so that a ↵justdave%syndicomm.com2-4/+8
phony parameter to get past the multi-param system() test in tinderbox actually works. r= tara
2001-06-08Give a logical error message if no products are available to a user for bug ↵jake%acutex.net1-9/+28
entry (bug 84285). Patch by Paul Thomas <paul.thomas@sse.ie> r= jake@acutex.net
2001-06-08Hopefully the fix for bug 77778: component lists, etc stuttering due to ↵justdave%syndicomm.com1-0/+3
corruption in data/versioncache. Patch design by Terry Weissman <terry@mozilla.org> Patch implemented by Dave Miller <justdave@syndicomm.com> r= tara@tequilarista.org
2001-06-08Fix for bug 15980: Password is no longer shown in the location bar on the ↵justdave%syndicomm.com2-5/+17
first page you load after logging in. Patch by Dave Miller <justdave@syndicomm.com> r= jake@acutex.net
2001-06-07fix typojustdave%syndicomm.com1-1/+1
2001-06-07Fix "used only once" error, per tinderbox build log.justdave%syndicomm.com1-0/+1