bugzilla - Bugzilla

Age	Commit message (Collapse)	Author	Files	Lines
2011-08-16	Fix complains from 012throwables.t due to bug 677901	Frédéric Buclin	1	-8/+9

2011-08-16	Bug 677901: Bugzilla crashes when no token is passed to token.cgi but the ↵	Frédéric Buclin	1	-161/+101
	script expects one, because tokens are incorrectly validated r/a=mkanat
2011-07-05	Bug 658929 - User autocomplete is very slow when there are lots of users in ↵	David Lawrence	1	-1/+1
	the profiles table r/a=mkanat
2010-05-20	Bug 565879: Merge ThrowCodeError("action_unrecognized"), ↵	Frédéric Buclin	1	-5/+2
	ThrowUserError("no_valid_action") and ThrowCodeError("unknown_action") r=ghendricks a=LpSolit
2009-10-09	Bug 514913: Eliminate ssl="authenticated sessions"	mkanat%bugzilla.org	1	-8/+0
	Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2009-09-11	Bug 508189: (CVE-2009-3166) [SECURITY] Logging in after changing your ↵	mkanat%bugzilla.org	1	-0/+4
	password would expose your new password in the URL Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat
2009-08-11	Bug 349336: Automatically log in the user when he chooses his password to ↵	lpsolit%gmail.com	1	-2/+6
	create his new account - Patch by FrÃ©dÃ©ric Buclin <LpSolit@gmail.com> r/a=mkanat
2009-06-12	496856 - correct patch	bbaetz%acm.org	1	-1/+1
	(original patch r/a=mkanat)
2009-06-10	Bug 496856 - Fix token.cgi transaction handling	bbaetz%acm.org	1	-5/+9

2009-01-08	Bug 452519: Fix timezones in emails - Patch by FrÃ©dÃ©ric Buclin ↵	lpsolit%gmail.com	1	-1/+2
	<LpSolit@gmail.com> r=wicked a=LpSolit
2008-09-20	Bug 455814: token.cgi should reject password change requests for disabled ↵	lpsolit%gmail.com	1	-0/+6
	accounts - Patch by FrÃ©dÃ©ric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit
2008-09-19	Bug 455815: Remove global variables from token.cgi - Patch by FrÃ©dÃ©ric ↵	lpsolit%gmail.com	1	-65/+70
	Buclin <LpSolit@gmail.com> r/a=mkanat
2008-08-18	Bug 428659 â Setting SSL param to 'authenticated sessions' only ↵	dkl%redhat.com	1	-2/+3
	protects logins and param doesn't protect WebService calls at all Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit/mkanat
2008-07-29	Backing out these patches as they cause a regression. More information	dkl%redhat.com	1	-3/+5
	in the respective bug reports. Bug 428659 â Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat
2008-07-10	Bug 428659 â Setting SSL param to 'authenticated sessions' only ↵	dkl%redhat.com	1	-5/+3
	protects logins and param doesn't protect WebService calls at all Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat
2008-04-03	Bug 405946: Some emails are not sent in the language chosen by the addressee ↵	lpsolit%gmail.com	1	-11/+7
	- Patch by FrÃ©dÃ©ric Buclin <LpSolit@gmail.com> r=wurblzap a=LpSolit
2007-11-19	Bug 403834: Replace table locks with database transactions in tokens, votes, ↵	lpsolit%gmail.com	1	-8/+4
	and sanitycheck - Patch by Emmanuel Seyman <eseyman@linagora.com> r/a=mkanat
2007-10-19	Bug 399954: Make Bugzilla able to hold its dependencies in a local directory	mkanat%bugzilla.org	1	-1/+1
	Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
2007-07-23	Bug 238651 (a&b) Include the login name (in <code>) for "account_inexistent" ↵	timeless%mozdev.org	1	-1/+1
	error r=lpsolit a=lpsolit
2007-07-10	Bug 365472 rename 'token_inexistent' to 'token_does_not_exist' or something	timeless%mozdev.org	1	-1/+1
	r=lpsolit a=lpsolit
2007-03-11	Bug 366466 - "flag notification mail has canceled spelled incorrectly" ↵	reed%reedloden.com	1	-5/+5
	[p=reed r=timeless a=mkanat]
2006-10-21	Bug 340538: Insecure dependency in exec while running with -T switch at ↵	wurblzap%gmail.com	1	-20/+20
	/usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16. Patch by Marc Schumann <wurblzap@gmail.com>, r=LpSolit, a=myk
2006-10-15	Bug 281181: [SECURITY] It's way too easy to delete ↵	lpsolit%gmail.com	1	-1/+1
	versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
2006-08-26	Bug 349349: Use ->create from Bugzilla::Object instead of insert_new_user ↵	mkanat%bugzilla.org	1	-25/+7
	for Bugzilla::User Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-08-20	Bug 87795: Creating an account should send token and wait for confirmation ↵	lpsolit%gmail.com	1	-0/+87
	(prevent user account abuse) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=bkor a=myk
2006-07-06	Bug 173629: Clean up "my" variable scoping issues for mod_perl	mkanat%bugzilla.org	1	-3/+3
	Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-06-21	Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by ↵	lpsolit%gmail.com	1	-9/+3
	Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
2006-06-20	Spelling in code comments patch: 'methids' -> 'methods'; patch by Vlad ↵	vladd%bugzilla.org	1	-1/+1
	Dascalu <vladd@bugzilla.org>.
2006-05-12	Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN block	mkanat%bugzilla.org	1	-1/+1
	Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
2006-05-08	Bug 332598: Move ValidatePassword() and DBNameToIdAndCheck() from globals.pl ↵	lpsolit%gmail.com	1	-2/+2
	into User.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
2005-10-25	Bug 312157: Remove $::template and $::vars from globals.pl - Patch by Olav ↵	lpsolit%gmail.com	1	-4/+4
	Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave
2005-10-24	Bug 312307: Misused Throw*Error tags in code and templates - Patch by Dennis ↵	lpsolit%gmail.com	1	-4/+2
	Melentyev <dennis.melentyev@infopulse.com.ua> r=LpSolit a=justdave
2005-10-12	Bug 303697: Eliminate deprecated Bugzilla::DB routines from token.cgi - ↵	lpsolit%gmail.com	1	-40/+42
	Patch by Teemu Mannermaa <wicked@etlicon.fi> r=LpSolit a=justdave
2005-08-19	Bug 304583: Remove all remaining need to rederive inherited groups	bugreport%peshkin.net	1	-2/+2
	Patch by Joel Peshkin <bugreport@peshkin.net> r=mkanat, a=justdave
2005-08-16	Bug 304653: remove 'use Bugzilla::Error' from Util.pm - Patch by Frédéric ↵	lpsolit%gmail.com	1	-3/+4
	Buclin <LpSolit@gmail.com> r=mkanat a=myk
2005-08-10	Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> ↵	lpsolit%gmail.com	1	-1/+1
	r=mkanat,wicked a=justdave
2005-07-21	Bug 301453: Move CheckEmailSyntax out of CGI.pl - Patch by Frédéric Buclin ↵	lpsolit%gmail.com	1	-1/+1
	<LpSolit@gmail.com> r=mkanat a=myk
2005-07-13	Bug 300336: Bugzilla::Auth should not contain any exported subroutines	mkanat%kerio.com	1	-1/+1
	Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2005-07-08	Bug 285695: [PostgreSQL] Username checks for login, etc. need to be case ↵	mkanat%kerio.com	1	-1/+3
	insensitive Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave
2005-02-18	Bug 280503: Replace "LOCK/UNLOCK TABLES" with Bugzilla::DB function call	mkanat%kerio.com	1	-8/+13
	Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat,a=myk
2005-02-09	Bug 280994 : Move ValidateNewUser out of globals.pl	travis%sedsystems.ca	1	-1/+1
	Patch by Max Kanat-Alexander <mkanat@kerio.com> r=vladd a=justdave
2005-02-01	Bug 278792 : Move Crypt() to Bugzilla::Auth	travis%sedsystems.ca	1	-1/+2
	Patch by Max Kanat-Alexander <mkanat@kerio.com> r=vladd a=justdave
2004-07-21	Bug 241900: Allow Bugzilla::Auth to have multiple login and validation styles	bugreport%peshkin.net	1	-1/+8
	patch by erik r=joel, kiko a=myk
2004-03-27	Fix for bug 234175: Remove deprecated ConnectToDatabase() and	kiko%async.com.br	1	-3/+3
	quietly_check_login()/confirm_login() calls. Cleans up callsites (consisting of most of our CGIs), swapping (where appropriate) for calls to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>. r=bbaetz, kiko. a=justdave.
2004-03-27	Fix for bug 226764: Move InvalidateLogins into Bugzilla::Auth::CGI.	kiko%async.com.br	1	-1/+1
	Consolidates the logout code into Bugzilla::Auth::CGI, and provides simple front-end wrappers in Bugzilla.pm for use in the CGIs we have. r=bbaetz, joel; a=justdave. Adds a set of constants to the logout() API which allow specifying "how much" we should log out -- all sessions, the current session, or all sessions but the current one. Fixes callsites to use this new API; cleans and documents things a bit while we're at it. Part I in the great COOKIE apocalypse.
2004-03-19	Bug 237517 inconsistent spelling of cancelled or canceled	timeless%mozdev.org	1	-1/+1
	r=kiko a=justdave
2004-03-18	Bug 237864: clean up leftovers from the bug 192516 checkin (some occurances ↵	justdave%syndicomm.com	1	-3/+3
	of Token got missed) r= gerv, a= justdave
2004-03-18	Bug 192516: Moving the loose .pm files into the Bugzilla directory, where ↵	justdave%syndicomm.com	1	-8/+8
	they belong. These files pre-date the Bugzilla directory, and would have gone there had it existed at the time. The four files in question were copied on the CVS server to preserve CVS history in the files. This checkin deletes them from the old location and modifies everything else to know where they are now. r= myk, gerv a= justdave
2004-02-29	Patch for bug 234876; removes %FORM from token.cgi; patch by Teemu Mannermaa ↵	jocuri%softhome.net	1	-20/+21
	<wicked@etlicon.fi>; r=kiko, a=justdave.
2003-09-24	Bug 177449: When changing email address, old email address confirmation was ↵	justdave%syndicomm.com	1	-1/+1
	case sensitive patch by Vlad Dascalu <jocuri@softhome.net> r= kiko, a= justdave