summaryrefslogtreecommitdiffstats
path: root/CGI.pl
AgeCommit message (Collapse)AuthorFilesLines
2001-07-17Fixing minor problem caused by the original bug 77473 checkin where an SQL ↵justdave%syndicomm.com1-0/+6
error was being produced if you tried to log in with an invalid username. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com
2001-07-11Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored ↵justdave%syndicomm.com1-51/+71
in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com, jake@acutex.net
2001-07-04Fix for bug 87701: Invalid username in bug changes echoed back without ↵justdave%syndicomm.com1-3/+6
escaping HTML data Patch by Gervase Markham <gervase.markham@univ.ox.ac.uk> r= justdave@syndicomm.com
2001-06-20Fix for bug 85833: show_bug.cgi (and probably others) now allow leading or ↵justdave%syndicomm.com1-1/+2
trailing spaces in the bug id, to allow for user input error. This used to work, and recent bug validation changes broke it. Patch by Jake Steenhagen <jake@acutex.net> r= justdave@syndicomm.com
2001-06-19Allow '\' as a path delimiter (bug 29064)jake%acutex.net1-2/+2
Patch Concept by <timeless@mac.com> r= jake@acutex.net
2001-06-08Fix for bug 15980: Password is no longer shown in the location bar on the ↵justdave%syndicomm.com1-3/+9
first page you load after logging in. Patch by Dave Miller <justdave@syndicomm.com> r= jake@acutex.net
2001-06-07fix typojustdave%syndicomm.com1-1/+1
2001-06-03Landing Myk's patch for bug #71767tara%tequilarista.org1-46/+64
2001-06-01Bugzilla was leaking information about bugs marked secure (using bug ↵jake%acutex.net1-0/+49
groups). This checkin fixes bugs 39524, 39527, 39531, and 39533. Patches by Myk Melez <myk@mozilla.org>. r= jake@acutex.net
2001-05-12Fix for bug 38859: escape invalid email addresses for HTML before displaying ↵justdave%syndicomm.com1-0/+3
to the user. Patch by Myk Melez <myk@mozilla.org> r= jake@acutex.net, justdave@syndicomm.com
2001-05-10Fix for bug 38855: showvotes.cgi needs to escape (untrusted) url paramsjustdave%syndicomm.com1-0/+14
Patch by Myke Melez <myk@mozilla.org> r= jake@acutex.net
2001-03-11Attempted fix for bug 71574: footer anomoly cleanupdave%intrec.com1-10/+13
2001-03-10fix for "My Votes" floating in space like a disconnected astronautcyeh%bluemartini.com1-4/+7
2001-02-24fix for 54566: Software error generated when adding invalid dependenciescyeh%bluemartini.com1-0/+1
if we call PuntTryAgain(), make sure we've unlocked tables
2001-02-23cleanup footer when not logged in and if using voting.cyeh%bluemartini.com1-2/+2
2001-02-23break Find and Report links to a seperate line so that it looks cleanercyeh%bluemartini.com1-1/+1
on browser windows with shorter widths. also, the second line matches nicely with the other table cell.
2001-02-22fix for 67278: Footer lines need separationcyeh%bluemartini.com1-25/+44
patch submitted by shie9022@msmailhub.oulan.ou.edu (Alan Shields) make saved queries display better
2001-01-17Fix for bug 32000 (and refixing bug 4928): extra newlines in comments madedave%intrec.com1-1/+3
with NS4-Mac
2000-10-24remove problem with newer perl spewing error messages into the CGIcyeh%bluemartini.com1-11/+17
2000-09-19fix for 52228: Bug list title should be name of query if running named querycyeh%bluemartini.com1-3/+4
patch by dave@intrec.com (Dave Miller)
2000-09-16Fix for bug 51270: param for bodyhtml to allow sites to customizedave%intrec.com1-2/+1
background colors/image and link colors.
2000-09-16fixes for 51184, 51185, 51186: allow for ldap authentication. patchescyeh%bluemartini.com1-53/+197
by jmrobins@tgix.com (Joe Robins). LDAP sections haven't been tested yet, but the code is arranged such that it shouldn't disturb existing user authentication system.
2000-09-07Fix for bug 51508: Unclosed <NOBR> around named queries in command menu.dave%intrec.com1-1/+1
Patch by john.beranek@pace.co.uk (John Beranek)
2000-09-04Fix for bug 43821: PutHeader has unbalanced <TABLE> tags.dave%intrec.com1-2/+0
2000-08-22fix for bug #44622: perl5.6 vs perl5.005 -w: more anal 5.6 causes errors.cyeh%bluemartini.com1-1/+1
patches by mtakacs@pacbell.net.
2000-06-02added comment to value_quote referencing bugs with quoting linebreaksendico%mozilla.org1-0/+3
2000-05-09Validate value of $::FORM{who}. Thanks to Ed Korthof (edk@collab.net) for patch.cyeh%bluemartini.com1-0/+5
2000-04-28Fixed a typo that was causing Perl to abort before printing the HTMLdmose%mozilla.org1-1/+1
footer when a certain database inconsistency was detected.
2000-04-27bug 25010 need a way to edit groupsdonm%bluemartini.com1-0/+3
2000-04-19backing out because this has broken bugzilla.mozilla.org. the choice is no ↵endico%mozilla.org1-3/+0
longer given in show_bug.cgi to make bugs confidential. I need to change lounge so it no longer automatically updates.
2000-04-19bug 25010 add ability to easily edit groupsdonm%bluemartini.com1-0/+3
2000-03-31Fixed perl warning which occurs if $ENV{"CONTENT_TYPE"} is not set.dmose%mozilla.org1-1/+1
2000-03-24Add a bit of helpful debugging info when we get a consistancy check problem.terry%mozilla.org1-1/+6
2000-03-11Removed warning.terry%mozilla.org1-1/+3
2000-03-08Patch by Brian Duggan <bduggan@oven.com> -- security improvements.terry%mozilla.org1-0/+3
2000-03-08Patch by Olaf Krische <krische@mbi-berlin.de> -- Fixed HTML typos.terry%mozilla.org1-2/+2
2000-02-26Make a universal routine to report errors in forms, so that we canterry%mozilla.org1-12/+9
have a universal (and more noticable) way of displaying them.
2000-02-19Cut down on the number of syncshadowdb processes we fork off.terry%mozilla.org1-1/+2
2000-02-18Added an optional ability to keep a read-only shadow database, so thatterry%mozilla.org1-2/+8
bug queries can be run against it, so that these slow queries won't be able to tie up the rest of the system.
2000-02-18Put the "users" link in the trailer for people who are able to tweakterry%mozilla.org1-4/+4
the permissions of other users.
2000-02-17Major spankage. Added a new state, UNCONFIRMED. Added new groups,terry%mozilla.org1-7/+45
"editbugs" and "canconfirm". People without these states are now much more limited in what they can do. For backwards compatability, by default all users will have the editbugs and canconfirm bits on them. Installing this changes as is should only have one major visible effect -- an UNCONFIRMED state will appear in the query page. But no bugs will become in that state, until you tweak some of the new voting-related parameters you'll find when editing products.
2000-02-16Patches by Ken Jenks <kjenks@abiblion.com> and jug@tellux.de -- make the ↵terry%mozilla.org1-2/+3
Javascript behave under IE5 and under Netscape 3.x
2000-02-08Make the "mail a new password" text be a param.terry%mozilla.org1-17/+5
2000-01-28Massive stomp on the query page and buglist page. Added the abilityterry%mozilla.org1-12/+18
to use the "boolean charts" to do very powerful queries.
2000-01-25Reworked preferences UI. Added ability to turn off "My bugs" link atterry%mozilla.org1-20/+40
bottom. Made "My bugs" show bugs you own AND bugs you submitted. Added ability to display your named queries in the footer. Many random bugfixes.
2000-01-24Very minor HTML tweaking.terry%mozilla.org1-3/+4
2000-01-24New email code wasn't sending to people who had voted for a bug.terry%mozilla.org1-0/+6
Added "My votes" link to footer. Other minor voting-related fixes.
2000-01-23AACK! checksetup.pl was stomping all over the new fielddefs table ifterry%mozilla.org1-3/+5
it got run more than once. This checkin fixes that, and also changes the DumpBugActivity() routine to give me enough information to hopefully repair the damaged mozilla.org database...
2000-01-23Remember the previous sort order in a cookie, and make that theterry%mozilla.org1-0/+1
default sort order for new queries. Add a new "show list" link to the navigation header to return you to the list of selected bugs.
2000-01-22Added a new table fielddefs that records information about theterry%mozilla.org1-5/+6
different fields we keep an activity log on. The bugs_activity table now has a pointer into that table instead of recording the name directly. Set up a new, highly experimental email-notification scheme. To turn it on, the maintainer has to turn on the "New email tech" param, and then individual users have to turn on the "New email tech" preference.