summaryrefslogtreecommitdiffstats
path: root/CGI.pl
AgeCommit message (Collapse)AuthorFilesLines
2002-02-06Fix for bug 117055: Emails were being truncated if they contained a line ↵justdave%syndicomm.com1-1/+1
with nothing but a period on them. We now pass -i to sendmail and its clones to tell it to ignore periods (since we close the pipe when we're done, rather than signalling it with a period). Has been tested with sendmail and postfix. Patch by Dave Miller <justdave@syndicomm.com> r= afranke, bugzilla@bkor.dhs.org, jake
2002-02-05Bug 119715 - strictvaluechecks should always be enabledbbaetz%student.usyd.edu.au1-1/+1
r=justdave, gerv
2002-02-04Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies frombbaetz%student.usyd.edu.au1-3/+2
the db when required instead. (Also fixes bug 58242 as a side effect) r=myk, kiko
2002-02-03Fix for bug 121747: Stops every script before it does anything else if ↵myk%mozilla.org1-10/+19
Bugzilla is currently shut down. Also adds global template instantiation code to globals.pl. Patch by Myk Melez <myk@mozilla.org>. r=gerv,kiko
2002-01-30Fix for bug 104521: Removes old attachment interface in favor of new ↵myk%mozilla.org1-2/+2
attachment tracker. Patch by Myk Melez <myk@mozilla.org>. r=bbaetz,kiko
2002-01-30Bug 117509 - createaccount.cgi templatisation.gerv%gerv.net1-5/+8
2002-01-23Bug 120543 - Software error when entering a bug when not logged in & onlybbaetz%student.usyd.edu.au1-1/+1
one product. r=caillon,jake
2002-01-20Fix for bug 108982: enable taint mode for all user-facing CGI files.justdave%syndicomm.com1-6/+13
Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave
2001-12-10SECURITY FIX bug 54901: If you were using LDAP authentication it would let ↵justdave%syndicomm.com1-0/+15
you log in as anyone if you left the password blank. Patch by David Crowe <crow@waveset.com> r= jmrobins, justdave
2001-11-28Bug 108312 - The mid-air collision page was only showing the most recent ↵jake%acutex.net1-1/+1
changes if two people comitted changes to a bug while you were viewing it. r=louie, myk
2001-11-19Bug 98707. Query.cgi rewrite. Patch by me, layout by mpt and others, ↵gerv%gerv.net1-0/+2
r=justdave, mattyt. Wahey!
2001-11-18Moving a comment to the right place, in order to be able to make a comment ↵matty%chariot.net.au1-2/+2
about my previous check in that accidentally got checked in without a comment, and hence didn't show up on Tinderbox I think. It was a change to CGI.pl, a fix for bug 105812: Rename "Components" link in sub GetCommandMenu() to "Products". The patch was by James A Laska <jlaska@us.ibm.com>.
2001-11-18*** empty log message ***matty%chariot.net.au1-1/+1
2001-10-31Fix test bustage by removing tabs.myk%mozilla.org1-1/+1
2001-10-31Fix for bug 98602: re-implementation of "create attachment" page.myk%mozilla.org1-30/+46
Patch by Myk Melez <myk@mozilla.org>. r=gerv@mozilla.org,jake@acutex.net
2001-10-27Bug 105879 - Footer links have an extra | by Sanity Checkjake%acutex.net1-1/+1
Patch by Matthew Tuck <matty@chariot.net.au> r= dkl@redhat.com, jake@acutex.net
2001-10-24Bug 97469 - Assignee/QA/Reporter/CC don't get email on restricted bugs.bbaetz%cs.mcgill.ca1-76/+8
Also fixes seeing bugs in the buglist (bug 95024), dependancy lists, tooltips, duplicates, and everywhere else I could see which checked group bugs.groupset == 0. Also fxed bug 101560, by clearing BASH_ENV r=myk,justdave
2001-10-20Bug 105480 - Use the friendly name from the fielddefs table when reporting ↵jake%acutex.net1-2/+9
strictvalue errors if it's available. Patch by James A. Laska <jlaska@us.ibm.com> r= justdave@syndicomm.com, jake@acutex.net
2001-10-15Bug 104105 - cosmetic change to make it obvious that you can create an account.gerv%gerv.net1-2/+3
2001-10-13Fix for bug 104516: No code changes in this patch, all this checkin does is ↵justdave%syndicomm.com1-70/+70
remove all tabs from the bugzilla source and replace it with the appropriate number of spaces (in most cases 8) to line up with existing code. This is part of the effort to bring the existing codebase up to par with our style guidelines. Patch by Jake Steehagen <jake@acutex.net> r= justdave x2
2001-10-13Fix for bug 19910: Bugzilla installs on the same server would interfere with ↵justdave%syndicomm.com1-11/+6
each others' cookies. Cookies now have a path value that can be set to indicate which bugzilla install they belong to. Browsers will only send the cookie to the appropriate installation. The path can be set in the 'cookiepath' parameter in editparams.cgi. Patch by Dave Lawrence <dkl@redhat.com> r= myk, justdave
2001-10-13Fix for bug 101056: multiple form values of the same name were not getting ↵justdave%syndicomm.com1-0/+8
correctly stashed if the user had to log in as part of a form submit. Patch by Myk Melez <myk@mozilla.org> r= gerv, justdave
2001-10-13Bug 100490 - better error message with no JavaScript for QuickSearch. Patch ↵gerv%gerv.net1-1/+4
by afranke, r=kiko, gerv.
2001-10-12Fix for bug 104180 - &nbsp; should only be used in the display for a saved ↵jake%acutex.net1-2/+3
query w/a space, not in the URL. Patch by Christian Reis <kiko@async.com.br> r= jake@acutex.net
2001-10-12Fix for bug 104117 - The editkeywords.cgi link was broken as a result of the ↵jake%acutex.net1-2/+2
fix for bug 103554. Patch by Christian Reis <kiko@async.com.br> r= jake@acutex.net
2001-10-11Fix for bug 103554: HTML generated by the PutHeader and GetCommandMenu ↵justdave%syndicomm.com1-52/+68
subroutines now validates as HTML 4.01 at W3C. Patch by Christian Reis <kiko@async.com.br> r= caillon, gerv, justdave
2001-10-10Fix for bug 65164 - Bugzilla wasn't sending </html> at the end of its pages.jake%acutex.net1-0/+11
Patch by Christian Reis <kiko@async.com.br> r= gerv@mozilla.org, jake@acutex.net
2001-10-10Bugzilla Bug 97185 make_select should add a newline after each optiontimeless%mac.com1-5/+5
patch by kiko. r=zach, gerv
2001-10-06Fix for bug 76714: correctly nests the FORM and TABLE elements.myk%mozilla.org1-3/+3
Patch by Gerv Markham <gerv@mozilla.org>. r=myk@mozilla.org, no second review needed.
2001-09-29Fix for bug 73959: Make buglist.cgi display the "Show Votes" link at the ↵myk%mozilla.org1-3/+3
bottom of the screen. Patch by Jake <jake@acutex.net>. r=myk@mozilla.org, no second review needed.
2001-09-11Make Bugzilla support <link> tag for buglists. Bug 87818. r=jake, caillon.gerv%gerv.net1-0/+43
2001-09-06Fix for bug 69616: If you have tweakparams privs, the "Sanity check" link ↵justdave%syndicomm.com1-1/+4
was listed with a group of items that said "Edit" so it appeared as if you were going to edit the sanity checks if you clicked on it, when in fact you were going to run them. This patch rewords the links so Sanity check is in a group by itself in the block of links on the right. Patch by Matthew Tuck <matty@chariot.net.au> r= justdave x2
2001-08-31Fix for bug 84338: initial implementation of attachment tracker, which lets ↵myk%mozilla.org1-2/+7
users flag attachments with statuses. Patch by Myk Melez <myk@mozilla.org> r=justdave@syndicomm.com
2001-08-27Bug 96085 - bypassing group security checks using duplicate bugsjake%acutex.net1-2/+5
Patch by Christopher Aillon <christopher@aillon.com> r= jake@acutex.net
2001-08-21Fix for bug 96085: don't allow unauthorized users to access restricted bugs ↵myk%mozilla.org1-7/+10
that do not have a QA contact. Patch by Myk Melez <myk@mozilla.org> r=Jake <jake@acutex.net>
2001-08-16Fix for bug 87779: thanks to the new password reset code, there was no clear ↵justdave%syndicomm.com1-1/+3
way to create a new Bugzilla account from the login screen. There is now a link to createaccount.cgi from the login screen, and the text around the password reset button has been edited so it doesn't sound like you can get a new account by using it (because you can't) Patch by Dave Miller <justdave@syndicomm.com> r= myk@mozilla.org
2001-08-14Fix for bug 95082 - Param('shutdownhtml') doesn't completely shut down bugzilla.jake%acutex.net1-3/+16
r= justdave@syndicomm.com
2001-08-13Fix for bug 39816: Anyone in CC, Reporter, QA Contact, or Asigned To fields ↵justdave%syndicomm.com1-16/+55
can now be given access to view a bug even if the permissions on that bug are set to a group that would normally exclude those people. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com
2001-08-09Re-fix for bug 55161 - if data is partial in activity table, prepend a ? to ↵justdave%syndicomm.com1-12/+29
indicate that we don't know for sure what got dropped. Patch by Jake Steenhagen <jake@acutex.net> r= justdave@syndicomm.com
2001-07-30Fix for bug 92713, show_activity.pl displays zeros as non-breaking spaces.jake%acutex.net1-2/+2
Patch by Myk Melez <myk@mozilla.org> r= jake@acutex.net
2001-07-21Fix for bugs 55161 and 12819. The activity log now stores only what's ↵jake%acutex.net1-15/+11
changed in multi-value fields. r= justdave@syndicomm.com
2001-07-17Fixing minor problem caused by the original bug 77473 checkin where an SQL ↵justdave%syndicomm.com1-0/+6
error was being produced if you tried to log in with an invalid username. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com
2001-07-11Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored ↵justdave%syndicomm.com1-51/+71
in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password. Patch by Myk Melez <myk@mozilla.org> r= justdave@syndicomm.com, jake@acutex.net
2001-07-04Fix for bug 87701: Invalid username in bug changes echoed back without ↵justdave%syndicomm.com1-3/+6
escaping HTML data Patch by Gervase Markham <gervase.markham@univ.ox.ac.uk> r= justdave@syndicomm.com
2001-06-20Fix for bug 85833: show_bug.cgi (and probably others) now allow leading or ↵justdave%syndicomm.com1-1/+2
trailing spaces in the bug id, to allow for user input error. This used to work, and recent bug validation changes broke it. Patch by Jake Steenhagen <jake@acutex.net> r= justdave@syndicomm.com
2001-06-19Allow '\' as a path delimiter (bug 29064)jake%acutex.net1-2/+2
Patch Concept by <timeless@mac.com> r= jake@acutex.net
2001-06-08Fix for bug 15980: Password is no longer shown in the location bar on the ↵justdave%syndicomm.com1-3/+9
first page you load after logging in. Patch by Dave Miller <justdave@syndicomm.com> r= jake@acutex.net
2001-06-07fix typojustdave%syndicomm.com1-1/+1
2001-06-03Landing Myk's patch for bug #71767tara%tequilarista.org1-46/+64
2001-06-01Bugzilla was leaking information about bugs marked secure (using bug ↵jake%acutex.net1-0/+49
groups). This checkin fixes bugs 39524, 39527, 39531, and 39533. Patches by Myk Melez <myk@mozilla.org>. r= jake@acutex.net