summaryrefslogtreecommitdiffstats
path: root/show_bug.cgi
AgeCommit message (Collapse)AuthorFilesLines
2008-05-05Bug 425665: [SECURITY] XSS in show_bug.cgi: id isn't filtered for ↵lpsolit%gmail.com1-1/+1
format=multiple - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=wurblzap a=LpSolit
2007-10-19Bug 399954: Make Bugzilla able to hold its dependencies in a local directorymkanat%bugzilla.org1-1/+1
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2007-05-15Bug 80169: JavaScript-enhanced keyword editing - Patch by Teemu Mannermaa ↵lpsolit%gmail.com1-0/+1
<wicked@etlicon.fi> r=justdave a=LpSolit
2006-12-27Bug 364835 - "current bug number should be filled in in "to bugs" input box ↵reed%reedloden.com1-0/+3
to simplify tagging" [p=reed r=bkor a=justdave]
2006-10-15Bug 346564: [SECURITY] timetracking deadline leaks in XML - Patch by Olav ↵lpsolit%gmail.com1-1/+1
Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
2006-09-05Bug 283582: Remove UserInGroup in favor of Bugzilla->user->in_groupmkanat%bugzilla.org1-1/+1
Patch By victory(_RSZ_) <bmo2007@rsz.jp> r=mkanat, a=myk
2006-08-12Bug 348057: Move the checks for bug visibility out of Bugzilla::Bug->newmkanat%bugzilla.org1-3/+9
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-07-04Bug 338375: Use Bugzilla->params everywhere instead of Param().mkanat%bugzilla.org1-1/+0
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2006-07-04Bug 342869: Use Bugzilla->params everywhere except templatesmkanat%bugzilla.org1-1/+1
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2006-06-21Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by ↵lpsolit%gmail.com1-3/+2
Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
2006-06-20Bug 304601: Bugzilla::Config's :locations exports need to be in their own ↵lpsolit%gmail.com1-2/+0
module - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat for the main patch, r=myk for the patch about CGI.pm a=justdave Bug 328637: Remove all legal_* versioncache arrays - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave Bug 110503 - Eliminate versioncache
2006-06-19Bug 341924: When viewing several bugs at once using ↵lpsolit%gmail.com1-2/+6
show_bug.cgi?format=multiple, invalid bugs should generate an error message - Patch by Frédéric Buclin <LpSolit@gmail.com> r=timeless a=myk
2006-05-12Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN blockmkanat%bugzilla.org1-5/+1
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-03-09Bug 328638: Remove @::legal_keywords and %::keywordsbynamemkanat%kerio.com1-1/+2
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2006-02-21Bug 287325: Ability to add custom plain-text fields to a Bug - Patch by Myk ↵lpsolit%gmail.com1-1/+1
Melez <myk@mozilla.org> r=mkanat a=justdave
2005-10-31Bug 304075: Eliminate use of $::userid from Bugzilla - Patch by Frédéric ↵lpsolit%gmail.com1-4/+2
Buclin <LpSolit@gmail.com> r=wicked a=justdave
2005-10-25Bug 312157: Remove $::template and $::vars from globals.pl - Patch by Olav ↵lpsolit%gmail.com1-1/+3
Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
2005-09-07Bug 302669 (2nd part): show_bug.cgi?ctype=xml should allow the option of ↵lpsolit%gmail.com1-1/+2
exporting attachment data - Patch by Greg Hendricks <ghendricks@novell.com> r/a=myk
2005-08-25Bug 208761: Move GetFormat() from globals.pl into Bugzilla::Template - Patch ↵lpsolit%gmail.com1-2/+2
by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave
2005-08-22Bug 304725: keywords aren't displayed in show_bug.cgi when format=multiple - ↵lpsolit%gmail.com1-0/+1
Patch by Rob Siklos <robzilla@siklos.ca> r=LpSolit a=myk
2005-08-10Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> ↵lpsolit%gmail.com1-1/+1
r=mkanat,wicked a=justdave
2005-03-16Bug 283581 : Move UserInGroup out of globals.pltravis%sedsystems.ca1-0/+1
Patch by Colin Ogilvie <colin.ogilvie@gmail.com> r=mkanat a=justdave
2004-10-25[SECURITY] Bug 263780: Exporting a bug to XML exposes user comments and ↵justdave%bugzilla.org1-0/+4
attachment summaries which are marked as private to users who are not members of the group allowed to see private comments and attachments. XML export is not exposed in the user interface, but is available to anyone who knows the correct URL to invoke it. This only affects sites that use the 'insidergroup' feature. Patch by Joel Peshkin <bugreport@peshkin.net> r=vladd,justdave, a=justdave
2004-09-22Bug 259452 Add bonsai style &mark support to showbug for bug commentstimeless%mozdev.org1-0/+13
r=kiko a=justdave
2004-04-11Patch for bug 87770: make attachment.cgi work with no parameters; patch by ↵jocuri%softhome.net1-1/+1
GavinS <bugzilla@chimpychompy.org>; r=kiko; a=myk.
2004-04-02Fix for bug 238868: remove %FORM and %COOKIE from show_bug.cgi. Doeskiko%async.com.br1-4/+5
that, swapping them for calls to cgi->param/cookie. r=vladd,justdave; a=justdave.
2004-03-27Fix for bug 234175: Remove deprecated ConnectToDatabase() andkiko%async.com.br1-4/+3
quietly_check_login()/confirm_login() calls. Cleans up callsites (consisting of most of our CGIs), swapping (where appropriate) for calls to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>. r=bbaetz, kiko. a=justdave.
2004-03-18Bug 192516: Moving the loose .pm files into the Bugzilla directory, where ↵justdave%syndicomm.com1-4/+4
they belong. These files pre-date the Bugzilla directory, and would have gone there had it existed at the time. The four files in question were copied on the CVS server to preserve CVS history in the files. This checkin deletes them from the old location and modifies everything else to know where they are now. r= myk, gerv a= justdave
2003-08-20Check for PatchReader as a part of the installation and disable the "Diff"jkeiser%netscape.com1-0/+6
links if it is not there (bug 215268)
2003-05-05Bug 201816 - use CGI.pm for header outputbbaetz%acm.org1-3/+8
r=joel, a=justdave
2003-03-27Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang linejake%bugzilla.org1-1/+1
r=justdave a=justdave
2003-01-15Bug 136603 - show_bug.cgi's XML retrieval needs a summary mode. Patch by ↵gerv%gerv.net1-1/+22
gerv; r=bbaetz, a=justdave.
2002-12-15Bug 158499 - Templatise XML bug outputbbaetz%student.usyd.edu.au1-20/+22
r=gerv, justdave a=justdave
2002-11-28Bug 171493 - make show_bug use Bug.pm and remove bug_form.plbbaetz%student.usyd.edu.au1-6/+32
r=justdave, joel a=justdave
2002-08-26Bug 76923 - Don't |use diagnostics| (its really expensive at startup time)bbaetz%student.usyd.edu.au1-1/+0
r=joel x2
2002-03-24Bug 110012 - show_bug templatisation. r=bbaetz, afranke.gerv%gerv.net1-26/+3
2002-01-20Fix for bug 108982: enable taint mode for all user-facing CGI files.justdave%syndicomm.com1-1/+3
Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave
2001-09-11Make Bugzilla support <link> tag for buglists. Bug 87818. r=jake, caillon.gerv%gerv.net1-1/+1
2001-06-03Landing Myk's patch for bug #71767tara%tequilarista.org1-9/+24
2001-03-13Checking in Jake's <jake@acutex.net> interim patches from bug 30694. ↵endico%mozilla.org1-3/+3
Bugzilla was showing bug summaries to everyone, even if they didn't have permission to view the bug. Jake's quick solution is to not display the bug at all if it is in a group no matter who is viewing it. The correct solution would be display the summary if the viewer had the proper permissions.
2001-03-09Patch from Jake <jake@acutex.net> for bugs 22041 and 25693 which had the ↵endico%mozilla.org1-0/+1
same problem. HTML meta characters in the summary were not being quoted before being printed to html.
2001-02-02Fix for bug 22041: Bug page title now includes bug summary. Patch by ↵dave%intrec.com1-2/+7
st.n@gmx.net (Stephan Niemz (faniz))
2000-01-15Patch by Ramon Felciano <felciano@ingenuity.com>, with many tweaks byterry%mozilla.org1-2/+1
me. Added a footer to every page. Add some options to do things like display checkboxes instead of scrolling lists, and a new formatting for email diffs, and show list items capitalized instead of all upper case.
1999-11-02updated license boilerplatedmose%mozilla.org1-14/+15
1999-09-25Patch by holger@holger.om.org (Holger Schurig) -- more fixups to put proper ↵terry%mozilla.org1-1/+1
header on pages.
1999-06-15Fix several browsers, Lynx and Opera at least. HTML syntax errors herebryce-mozilla%nextbus.com1-0/+3
and there were fixed, and serverpush was restricted only to the versions of Mozilla known to support it.
1999-05-11Do some sanity checking on the entered bug number.terry%mozilla.org1-1/+1
1999-05-11Give better error messages when we can't display a bug.terry%mozilla.org1-4/+8
1999-01-28Added three new fields (which appear in the UI only if params areterry%netscape.com1-1/+2
turned on): target_milestone, qa_contact, and status_whiteboard.
1998-11-21Backed out Andrew's patch -- turns out it was doing quoting sublty wrong.terry%netscape.com1-9/+6