summaryrefslogtreecommitdiffstats
path: root/token.cgi
AgeCommit message (Expand)AuthorFilesLines
2015-08-23Bug 670669 - Changing the e-mail address under account prefs does not require...Simon Green1-4/+1
2014-10-06Bug 1075578: [SECURITY] Improper filtering of CGI argumentsFrédéric Buclin1-1/+1
2014-10-01Fix bustage due to bug 1061247Frédéric Buclin1-0/+1
2014-10-01Bug 1061247 - Successfully using a password change token should invalidate al...Reed Loden1-0/+2
2014-08-13Bug 996893: Perl 5.18 and newer throw tons of warnings about deprecated modulesFrédéric Buclin1-1/+3
2014-08-06Bug 1046145: It is no longer possible to cancel an email address change when ...Frédéric Buclin1-1/+1
2014-02-27Bug 947823: Replace gender-specific pronouns with gender-neutral pronounsCharlie Somerville1-2/+2
2013-06-06Bug 878035: Do not disclose whether a user account exists or not when a user ...Frédéric Buclin1-3/+4
2012-09-01Bug 787529: Use |use 5.10.1| everywhereFrédéric Buclin1-0/+1
2012-08-06Bug 706271: CSRF vulnerability in token.cgi allows possible unauthorized pass...Frédéric Buclin1-0/+5
2012-05-28Bug 355596: Your password should be requested to confirm your email address c...Koosha Khajeh Moogahi1-5/+11
2012-05-18Bug 752303: It is no longer possible to cancel an email address change when t...Koosha Khajeh Moogahi1-14/+5
2012-01-23Bug 319953: Missing real email syntax checkFrédéric Buclin1-3/+1
2012-01-11Bug 680131: Replace the MPL 1.1 license by the MPL 2.0 one in all files, and ...Frédéric Buclin1-20/+5
2011-12-28Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email WebSer...Frédéric Buclin1-0/+4
2011-08-16Fix complains from 012throwables.t due to bug 677901Frédéric Buclin1-8/+9
2011-08-16Bug 677901: Bugzilla crashes when no token is passed to token.cgi but the scr...Frédéric Buclin1-161/+101
2011-07-05Bug 658929 - User autocomplete is very slow when there are lots of users in t...David Lawrence1-1/+1
2010-05-20Bug 565879: Merge ThrowCodeError("action_unrecognized"), ThrowUserError("no_v...Frédéric Buclin1-5/+2
2009-10-09Bug 514913: Eliminate ssl="authenticated sessions"mkanat%bugzilla.org1-8/+0
2009-09-11Bug 508189: (CVE-2009-3166) [SECURITY] Logging in after changing your passwor...mkanat%bugzilla.org1-0/+4
2009-08-11Bug 349336: Automatically log in the user when he chooses his password to cre...lpsolit%gmail.com1-2/+6
2009-06-12496856 - correct patchbbaetz%acm.org1-1/+1
2009-06-10Bug 496856 - Fix token.cgi transaction handlingbbaetz%acm.org1-5/+9
2009-01-08Bug 452519: Fix timezones in emails - Patch by Frédéric Buclin <LpSolit...lpsolit%gmail.com1-1/+2
2008-09-20Bug 455814: token.cgi should reject password change requests for disabled acc...lpsolit%gmail.com1-0/+6
2008-09-19Bug 455815: Remove global variables from token.cgi - Patch by Frédéric ...lpsolit%gmail.com1-65/+70
2008-08-18Bug 428659 – Setting SSL param to 'authenticated sessions' only protects...dkl%redhat.com1-2/+3
2008-07-29Backing out these patches as they cause a regression. More informationdkl%redhat.com1-3/+5
2008-07-10Bug 428659 – Setting SSL param to 'authenticated sessions' only protects...dkl%redhat.com1-5/+3
2008-04-03Bug 405946: Some emails are not sent in the language chosen by the addressee ...lpsolit%gmail.com1-11/+7
2007-11-19Bug 403834: Replace table locks with database transactions in tokens, votes, ...lpsolit%gmail.com1-8/+4
2007-10-19Bug 399954: Make Bugzilla able to hold its dependencies in a local directorymkanat%bugzilla.org1-1/+1
2007-07-23Bug 238651 (a&b) Include the login name (in <code>) for "account_inexistent" ...timeless%mozdev.org1-1/+1
2007-07-10Bug 365472 rename 'token_inexistent' to 'token_does_not_exist' or somethingtimeless%mozdev.org1-1/+1
2007-03-11Bug 366466 - "flag notification mail has canceled spelled incorrectly" [p=ree...reed%reedloden.com1-5/+5
2006-10-21Bug 340538: Insecure dependency in exec while running with -T switch at /usr/...wurblzap%gmail.com1-20/+20
2006-10-15Bug 281181: [SECURITY] It's way too easy to delete versions/components/milest...lpsolit%gmail.com1-1/+1
2006-08-26Bug 349349: Use ->create from Bugzilla::Object instead of insert_new_user for...mkanat%bugzilla.org1-25/+7
2006-08-20Bug 87795: Creating an account should send token and wait for confirmation (p...lpsolit%gmail.com1-0/+87
2006-07-06Bug 173629: Clean up "my" variable scoping issues for mod_perlmkanat%bugzilla.org1-3/+3
2006-06-21Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by F...lpsolit%gmail.com1-9/+3
2006-06-20Spelling in code comments patch: 'methids' -> 'methods'; patch by Vlad Dascal...vladd%bugzilla.org1-1/+1
2006-05-12Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN blockmkanat%bugzilla.org1-1/+1
2006-05-08Bug 332598: Move ValidatePassword() and DBNameToIdAndCheck() from globals.pl ...lpsolit%gmail.com1-2/+2
2005-10-25Bug 312157: Remove $::template and $::vars from globals.pl - Patch by Olav Vi...lpsolit%gmail.com1-4/+4
2005-10-24Bug 312307: Misused Throw*Error tags in code and templates - Patch by Dennis ...lpsolit%gmail.com1-4/+2
2005-10-12Bug 303697: Eliminate deprecated Bugzilla::DB routines from token.cgi - Patch...lpsolit%gmail.com1-40/+42
2005-08-19Bug 304583: Remove all remaining need to rederive inherited groupsbugreport%peshkin.net1-2/+2
2005-08-16Bug 304653: remove 'use Bugzilla::Error' from Util.pm - Patch by Frédéric B...lpsolit%gmail.com1-3/+4