Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2018-12-05 | no bug - reformat all the code using the new perltidy rules | Perl Tidy | 1 | -168/+179 | |
2017-12-16 | Bug 1403777 - Migrate urlbase from params to localconfig | Dylan William Hardison | 1 | -1/+1 | |
2017-07-07 | Bug 1377933 - Remove trailing whitespace from all perl files | Dylan William Hardison | 1 | -3/+3 | |
2016-09-13 | Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵ | Dylan William Hardison | 1 | -23/+10 | |
local symlink to data/ directory | |||||
2016-09-12 | Revert "Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to ↵ | Dylan William Hardison | 1 | -10/+23 | |
bmo/master + local symlink to data/ directory" This reverts commit e6bf4cacb10f86077fe898349485f5c7ab9fb4b6. | |||||
2016-09-12 | Bug 1283930 - Add Makefile.PL & local/lib/perl5 support to bmo/master + ↵ | Dylan William Hardison | 1 | -23/+10 | |
local symlink to data/ directory | |||||
2015-11-10 | Bug 1221423 - unable to impersonate users when 2fa is enabled | David Lawrence | 1 | -25/+40 | |
2015-04-24 | Bug 1157395: CSRF in log in form | David Lawrence | 1 | -1/+17 | |
2014-11-04 | Bug 1093622: Backout bug 1090427 for causing: authenticated calls from bzapi ↵ | Byron Jones | 1 | -13/+0 | |
are failing: 'Untrusted Authentication Request' | |||||
2014-11-04 | Bug 1090427: Backport bug 713926 to bmo/4.2 to protect against csrf for ↵ | David Lawrence | 1 | -0/+13 | |
login forms | |||||
2014-10-06 | merged with upstream 4.2 | David Lawrence | 1 | -17/+14 | |
2014-10-06 | Bug 1075578: [SECURITY] Improper filtering of CGI arguments | Frédéric Buclin | 1 | -17/+14 | |
r=dkl,a=sgreen | |||||
2014-02-17 | Bug 966676: The 'sudo' cookie should not be accessible from JavaScript | Frédéric Buclin | 1 | -3/+10 | |
2011-07-25 | Bug 589128: Adds a preference allowing users to choose between text or html | Byron Jones | 1 | -1/+1 | |
for bugmail. r=LpSolit, a=LpSolit | |||||
2011-07-18 | Bug 670128: Missing explicit exit after calls to $cgi->redirect(), making ↵ | Frédéric Buclin | 1 | -0/+1 | |
the rest of the scripts to be executed r=dkl a=LpSolit | |||||
2010-09-07 | Bug 593881: Assignment to $[ has been deprecated in Perl 5.12.0 | Frédéric Buclin | 1 | -1/+1 | |
r/a=mkanat | |||||
2010-08-04 | Bug 450013: (CVE-2010-2757) [SECURITY] Can sudo a user without sending email | Frédéric Buclin | 1 | -2/+6 | |
r=glob a=LpSolit | |||||
2010-05-20 | Bug 565879: Merge ThrowCodeError("action_unrecognized"), ↵ | Frédéric Buclin | 1 | -1/+1 | |
ThrowUserError("no_valid_action") and ThrowCodeError("unknown_action") r=ghendricks a=LpSolit | |||||
2010-03-01 | Bug 508823: Make it so that you don't ever have to reset template_inner (like | Max Kanat-Alexander | 1 | -1/+0 | |
Bugzilla->template_inner("")). r=LpSolit, a=LpSolit | |||||
2009-04-15 | Bug 480862: relogin.cgi now just throws an error by default (should redirect ↵ | lpsolit%gmail.com | 1 | -2/+6 | |
to index.cgi) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit | |||||
2009-03-02 | Bug 121601: Have logout display index.cgi, not just a message on relogin.cgi. | mkanat%bugzilla.org | 1 | -15/+1 | |
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2008-04-03 | Bug 405946: Some emails are not sent in the language chosen by the addressee ↵ | lpsolit%gmail.com | 1 | -4/+4 | |
- Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=LpSolit | |||||
2007-10-19 | Bug 399954: Make Bugzilla able to hold its dependencies in a local directory | mkanat%bugzilla.org | 1 | -1/+1 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit | |||||
2006-10-15 | Bug 281181: [SECURITY] It's way too easy to delete ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk | |||||
2006-08-11 | Bug 347291: Make Bugzilla::User use Bugzilla::Object | mkanat%bugzilla.org | 1 | -1/+1 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk | |||||
2006-06-21 | Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by ↵ | lpsolit%gmail.com | 1 | -2/+0 | |
Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk | |||||
2006-06-02 | Bug 339862: Move Bugzilla::BugMail::MessageToMTA() in a separate module - ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave | |||||
2006-05-12 | Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN block | mkanat%bugzilla.org | 1 | -3/+2 | |
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk | |||||
2006-04-07 | Bug 332906: Wrong parameters passed to sudo sessions when trying to bypass ↵ | lpsolit%gmail.com | 1 | -2/+2 | |
validation checks - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=justdave | |||||
2006-02-24 | Patch for bug 328379: Fix spelling: 'visitng' -> 'visiting' in relogin.cgi; ↵ | jocuri%softhome.net | 1 | -1/+1 | |
r=LpSolit, a=myk. | |||||
2005-11-22 | Bug 315524: When an invalid action is passed to relogin.cgi, ↵ | lpsolit%gmail.com | 1 | -0/+5 | |
ThrowTemplateError() is called instead of ThrowCodeError() - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave | |||||
2005-11-20 | Bug 312441: relogin.cgi allows you to impersonate user accounts you are not ↵ | karl%kornel.name | 1 | -93/+62 | |
allowed to see when 'usevisibilitygroups' is on - Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave | |||||
2005-11-05 | Bug 312439: The user being impersonated has "moral" rights to keep informed ↵ | karl%kornel.name | 1 | -7/+24 | |
- Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave | |||||
2005-10-24 | Bug 312307: Misused Throw*Error tags in code and templates - Patch by Dennis ↵ | lpsolit%gmail.com | 1 | -1/+1 | |
Melentyev <dennis.melentyev@infopulse.com.ua> r=LpSolit a=justdave | |||||
2005-10-14 | Bug 204498 Add su (setuser) function | bugreport%peshkin.net | 1 | -12/+186 | |
Patch by A. Karl Kornel <karl@kornel.name> r=joel, a=justdave | |||||
2005-08-13 | Bug 302644: relogin.cgi may ask you to login... before logging you out - ↵ | lpsolit%gmail.com | 1 | -1/+2 | |
Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=justdave | |||||
2005-08-10 | Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> ↵ | lpsolit%gmail.com | 1 | -4/+4 | |
r=mkanat,wicked a=justdave | |||||
2004-03-27 | Fix for bug 234175: Remove deprecated ConnectToDatabase() and | kiko%async.com.br | 1 | -4/+2 | |
quietly_check_login()/confirm_login() calls. Cleans up callsites (consisting of most of our CGIs), swapping (where appropriate) for calls to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>. r=bbaetz, kiko. a=justdave. | |||||
2003-11-27 | Bug 226324: Move relogin.cgi code to Bugzilla::Auth::CGI. Provide a | kiko%async.com.br | 1 | -25/+3 | |
logout() method that is proxied through Bugzilla.pm's logout(), and fix callers to use it. r=justdave, bbaetz, a=justdave | |||||
2003-06-03 | Bug 180635 - Enhance Bugzilla::User to store additional information | bbaetz%acm.org | 1 | -1/+3 | |
r=myk,jake | |||||
2003-05-05 | Bug 201816 - use CGI.pm for header output | bbaetz%acm.org | 1 | -6/+8 | |
r=joel, a=justdave | |||||
2003-03-27 | Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang line | jake%bugzilla.org | 1 | -1/+1 | |
r=justdave a=justdave | |||||
2002-08-26 | Bug 76923 - Don't |use diagnostics| (its really expensive at startup time) | bbaetz%student.usyd.edu.au | 1 | -1/+0 | |
r=joel x2 | |||||
2002-07-27 | Bug 158658 - relogin.cgi should use a template. This also adds the ability ↵ | gerv%gerv.net | 1 | -12/+6 | |
to localise messages. Patch by gerv; r=burnus. | |||||
2002-05-08 | Bug 140437 - clean up parameters. Patch by gerv; 2xr=justdave. | gerv%gerv.net | 1 | -2/+0 | |
2002-05-08 | Bug 140435 - Templatise GetCommandMenu. Patch by gerv; r=bbaetz, justdave. | gerv%gerv.net | 1 | -0/+1 | |
2002-04-24 | Bug 138588 - change to use new template structure. Patch by gerv, r=myk, ↵ | gerv%gerv.net | 1 | -2/+1 | |
afranke. | |||||
2002-02-24 | Bug 126791 - templatise relogin.cgi | gerv%gerv.net | 1 | -11/+14 | |
2002-02-04 | Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies from | bbaetz%student.usyd.edu.au | 1 | -0/+19 | |
the db when required instead. (Also fixes bug 58242 as a side effect) r=myk, kiko | |||||
2002-01-20 | Fix for bug 108982: enable taint mode for all user-facing CGI files. | justdave%syndicomm.com | 1 | -1/+3 | |
Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave |