summaryrefslogtreecommitdiffstats
path: root/relogin.cgi
AgeCommit message (Collapse)AuthorFilesLines
2018-12-05no bug - reformat all the code using the new perltidy rulesPerl Tidy1-168/+179
2017-12-16Bug 1403777 - Migrate urlbase from params to localconfigDylan William Hardison1-1/+1
2017-07-07Bug 1377933 - Remove trailing whitespace from all perl filesDylan William Hardison1-3/+3
2016-09-13Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵Dylan William Hardison1-23/+10
local symlink to data/ directory
2016-09-12Revert "Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to ↵Dylan William Hardison1-10/+23
bmo/master + local symlink to data/ directory" This reverts commit e6bf4cacb10f86077fe898349485f5c7ab9fb4b6.
2016-09-12Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵Dylan William Hardison1-23/+10
local symlink to data/ directory
2015-11-10Bug 1221423 - unable to impersonate users when 2fa is enabledDavid Lawrence1-25/+40
2015-04-24Bug 1157395: CSRF in log in formDavid Lawrence1-1/+17
2014-11-04Bug 1093622: Backout bug 1090427 for causing: authenticated calls from bzapi ↵Byron Jones1-13/+0
are failing: 'Untrusted Authentication Request'
2014-11-04Bug 1090427: Backport bug 713926 to bmo/4.2 to protect against csrf for ↵David Lawrence1-0/+13
login forms
2014-10-06merged with upstream 4.2David Lawrence1-17/+14
2014-10-06Bug 1075578: [SECURITY] Improper filtering of CGI argumentsFrédéric Buclin1-17/+14
r=dkl,a=sgreen
2014-02-17Bug 966676: The 'sudo' cookie should not be accessible from JavaScriptFrédéric Buclin1-3/+10
2011-07-25Bug 589128: Adds a preference allowing users to choose between text or htmlByron Jones1-1/+1
for bugmail. r=LpSolit, a=LpSolit
2011-07-18Bug 670128: Missing explicit exit after calls to $cgi->redirect(), making ↵Frédéric Buclin1-0/+1
the rest of the scripts to be executed r=dkl a=LpSolit
2010-09-07Bug 593881: Assignment to $[ has been deprecated in Perl 5.12.0Frédéric Buclin1-1/+1
r/a=mkanat
2010-08-04Bug 450013: (CVE-2010-2757) [SECURITY] Can sudo a user without sending emailFrédéric Buclin1-2/+6
r=glob a=LpSolit
2010-05-20Bug 565879: Merge ThrowCodeError("action_unrecognized"), ↵Frédéric Buclin1-1/+1
ThrowUserError("no_valid_action") and ThrowCodeError("unknown_action") r=ghendricks a=LpSolit
2010-03-01Bug 508823: Make it so that you don't ever have to reset template_inner (likeMax Kanat-Alexander1-1/+0
Bugzilla->template_inner("")). r=LpSolit, a=LpSolit
2009-04-15Bug 480862: relogin.cgi now just throws an error by default (should redirect ↵lpsolit%gmail.com1-2/+6
to index.cgi) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit
2009-03-02Bug 121601: Have logout display index.cgi, not just a message on relogin.cgi.mkanat%bugzilla.org1-15/+1
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2008-04-03Bug 405946: Some emails are not sent in the language chosen by the addressee ↵lpsolit%gmail.com1-4/+4
- Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=LpSolit
2007-10-19Bug 399954: Make Bugzilla able to hold its dependencies in a local directorymkanat%bugzilla.org1-1/+1
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2006-10-15Bug 281181: [SECURITY] It's way too easy to delete ↵lpsolit%gmail.com1-2/+2
versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
2006-08-11Bug 347291: Make Bugzilla::User use Bugzilla::Objectmkanat%bugzilla.org1-1/+1
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-06-21Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by ↵lpsolit%gmail.com1-2/+0
Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
2006-06-02Bug 339862: Move Bugzilla::BugMail::MessageToMTA() in a separate module - ↵lpsolit%gmail.com1-2/+2
Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave
2006-05-12Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN blockmkanat%bugzilla.org1-3/+2
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-04-07Bug 332906: Wrong parameters passed to sudo sessions when trying to bypass ↵lpsolit%gmail.com1-2/+2
validation checks - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=justdave
2006-02-24Patch for bug 328379: Fix spelling: 'visitng' -> 'visiting' in relogin.cgi; ↵jocuri%softhome.net1-1/+1
r=LpSolit, a=myk.
2005-11-22Bug 315524: When an invalid action is passed to relogin.cgi, ↵lpsolit%gmail.com1-0/+5
ThrowTemplateError() is called instead of ThrowCodeError() - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave
2005-11-20Bug 312441: relogin.cgi allows you to impersonate user accounts you are not ↵karl%kornel.name1-93/+62
allowed to see when 'usevisibilitygroups' is on - Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave
2005-11-05Bug 312439: The user being impersonated has "moral" rights to keep informed ↵karl%kornel.name1-7/+24
- Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave
2005-10-24Bug 312307: Misused Throw*Error tags in code and templates - Patch by Dennis ↵lpsolit%gmail.com1-1/+1
Melentyev <dennis.melentyev@infopulse.com.ua> r=LpSolit a=justdave
2005-10-14Bug 204498 Add su (setuser) functionbugreport%peshkin.net1-12/+186
Patch by A. Karl Kornel <karl@kornel.name> r=joel, a=justdave
2005-08-13Bug 302644: relogin.cgi may ask you to login... before logging you out - ↵lpsolit%gmail.com1-1/+2
Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=justdave
2005-08-10Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> ↵lpsolit%gmail.com1-4/+4
r=mkanat,wicked a=justdave
2004-03-27Fix for bug 234175: Remove deprecated ConnectToDatabase() andkiko%async.com.br1-4/+2
quietly_check_login()/confirm_login() calls. Cleans up callsites (consisting of most of our CGIs), swapping (where appropriate) for calls to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>. r=bbaetz, kiko. a=justdave.
2003-11-27Bug 226324: Move relogin.cgi code to Bugzilla::Auth::CGI. Provide akiko%async.com.br1-25/+3
logout() method that is proxied through Bugzilla.pm's logout(), and fix callers to use it. r=justdave, bbaetz, a=justdave
2003-06-03Bug 180635 - Enhance Bugzilla::User to store additional informationbbaetz%acm.org1-1/+3
r=myk,jake
2003-05-05Bug 201816 - use CGI.pm for header outputbbaetz%acm.org1-6/+8
r=joel, a=justdave
2003-03-27Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang linejake%bugzilla.org1-1/+1
r=justdave a=justdave
2002-08-26Bug 76923 - Don't |use diagnostics| (its really expensive at startup time)bbaetz%student.usyd.edu.au1-1/+0
r=joel x2
2002-07-27Bug 158658 - relogin.cgi should use a template. This also adds the ability ↵gerv%gerv.net1-12/+6
to localise messages. Patch by gerv; r=burnus.
2002-05-08Bug 140437 - clean up parameters. Patch by gerv; 2xr=justdave.gerv%gerv.net1-2/+0
2002-05-08Bug 140435 - Templatise GetCommandMenu. Patch by gerv; r=bbaetz, justdave.gerv%gerv.net1-0/+1
2002-04-24Bug 138588 - change to use new template structure. Patch by gerv, r=myk, ↵gerv%gerv.net1-2/+1
afranke.
2002-02-24Bug 126791 - templatise relogin.cgigerv%gerv.net1-11/+14
2002-02-04Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies frombbaetz%student.usyd.edu.au1-0/+19
the db when required instead. (Also fixes bug 58242 as a side effect) r=myk, kiko
2002-01-20Fix for bug 108982: enable taint mode for all user-facing CGI files.justdave%syndicomm.com1-1/+3
Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave