summaryrefslogtreecommitdiffstats
path: root/show_bug.cgi
AgeCommit message (Collapse)AuthorFilesLines
2004-10-25[SECURITY] Bug 263780: Exporting a bug to XML exposes user comments and ↵justdave%bugzilla.org1-0/+4
attachment summaries which are marked as private to users who are not members of the group allowed to see private comments and attachments. XML export is not exposed in the user interface, but is available to anyone who knows the correct URL to invoke it. This only affects sites that use the 'insidergroup' feature. Patch by Joel Peshkin <bugreport@peshkin.net> r=vladd,justdave, a=justdave
2004-09-22Bug 259452 Add bonsai style &mark support to showbug for bug commentstimeless%mozdev.org1-0/+13
r=kiko a=justdave
2004-04-11Patch for bug 87770: make attachment.cgi work with no parameters; patch by ↵jocuri%softhome.net1-1/+1
GavinS <bugzilla@chimpychompy.org>; r=kiko; a=myk.
2004-04-02Fix for bug 238868: remove %FORM and %COOKIE from show_bug.cgi. Doeskiko%async.com.br1-4/+5
that, swapping them for calls to cgi->param/cookie. r=vladd,justdave; a=justdave.
2004-03-27Fix for bug 234175: Remove deprecated ConnectToDatabase() andkiko%async.com.br1-4/+3
quietly_check_login()/confirm_login() calls. Cleans up callsites (consisting of most of our CGIs), swapping (where appropriate) for calls to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>. r=bbaetz, kiko. a=justdave.
2004-03-18Bug 192516: Moving the loose .pm files into the Bugzilla directory, where ↵justdave%syndicomm.com1-4/+4
they belong. These files pre-date the Bugzilla directory, and would have gone there had it existed at the time. The four files in question were copied on the CVS server to preserve CVS history in the files. This checkin deletes them from the old location and modifies everything else to know where they are now. r= myk, gerv a= justdave
2003-08-20Check for PatchReader as a part of the installation and disable the "Diff"jkeiser%netscape.com1-0/+6
links if it is not there (bug 215268)
2003-05-05Bug 201816 - use CGI.pm for header outputbbaetz%acm.org1-3/+8
r=joel, a=justdave
2003-03-27Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang linejake%bugzilla.org1-1/+1
r=justdave a=justdave
2003-01-15Bug 136603 - show_bug.cgi's XML retrieval needs a summary mode. Patch by ↵gerv%gerv.net1-1/+22
gerv; r=bbaetz, a=justdave.
2002-12-15Bug 158499 - Templatise XML bug outputbbaetz%student.usyd.edu.au1-20/+22
r=gerv, justdave a=justdave
2002-11-28Bug 171493 - make show_bug use Bug.pm and remove bug_form.plbbaetz%student.usyd.edu.au1-6/+32
r=justdave, joel a=justdave
2002-08-26Bug 76923 - Don't |use diagnostics| (its really expensive at startup time)bbaetz%student.usyd.edu.au1-1/+0
r=joel x2
2002-03-24Bug 110012 - show_bug templatisation. r=bbaetz, afranke.gerv%gerv.net1-26/+3
2002-01-20Fix for bug 108982: enable taint mode for all user-facing CGI files.justdave%syndicomm.com1-1/+3
Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave
2001-09-11Make Bugzilla support <link> tag for buglists. Bug 87818. r=jake, caillon.gerv%gerv.net1-1/+1
2001-06-03Landing Myk's patch for bug #71767tara%tequilarista.org1-9/+24
2001-03-13Checking in Jake's <jake@acutex.net> interim patches from bug 30694. ↵endico%mozilla.org1-3/+3
Bugzilla was showing bug summaries to everyone, even if they didn't have permission to view the bug. Jake's quick solution is to not display the bug at all if it is in a group no matter who is viewing it. The correct solution would be display the summary if the viewer had the proper permissions.
2001-03-09Patch from Jake <jake@acutex.net> for bugs 22041 and 25693 which had the ↵endico%mozilla.org1-0/+1
same problem. HTML meta characters in the summary were not being quoted before being printed to html.
2001-02-02Fix for bug 22041: Bug page title now includes bug summary. Patch by ↵dave%intrec.com1-2/+7
st.n@gmx.net (Stephan Niemz (faniz))
2000-01-15Patch by Ramon Felciano <felciano@ingenuity.com>, with many tweaks byterry%mozilla.org1-2/+1
me. Added a footer to every page. Add some options to do things like display checkboxes instead of scrolling lists, and a new formatting for email diffs, and show list items capitalized instead of all upper case.
1999-11-02updated license boilerplatedmose%mozilla.org1-14/+15
1999-09-25Patch by holger@holger.om.org (Holger Schurig) -- more fixups to put proper ↵terry%mozilla.org1-1/+1
header on pages.
1999-06-15Fix several browsers, Lynx and Opera at least. HTML syntax errors herebryce-mozilla%nextbus.com1-0/+3
and there were fixed, and serverpush was restricted only to the versions of Mozilla known to support it.
1999-05-11Do some sanity checking on the entered bug number.terry%mozilla.org1-1/+1
1999-05-11Give better error messages when we can't display a bug.terry%mozilla.org1-4/+8
1999-01-28Added three new fields (which appear in the UI only if params areterry%netscape.com1-1/+2
turned on): target_milestone, qa_contact, and status_whiteboard.
1998-11-21Backed out Andrew's patch -- turns out it was doing quoting sublty wrong.terry%netscape.com1-9/+6
1998-11-17Patch by Andrew Anderson <andrew@redhat.com>. Many minor bugfixes and cleanup.terry%netscape.com1-6/+9
1998-09-16Everything has been ported to now run under Perl.terry%netscape.com1-19/+24
1998-08-26Bugzilla source.terry%netscape.com1-0/+44