aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Bug 399954: Make Bugzilla able to hold its dependencies in a local directorymkanat%bugzilla.org2007-10-191-1/+1
| | | | Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit
* Bug 281181: [SECURITY] It's way too easy to delete ↵lpsolit%gmail.com2006-10-151-2/+2
| | | | versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
* Bug 347291: Make Bugzilla::User use Bugzilla::Objectmkanat%bugzilla.org2006-08-111-1/+1
| | | | Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
* Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by ↵lpsolit%gmail.com2006-06-211-2/+0
| | | | Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk
* Bug 339862: Move Bugzilla::BugMail::MessageToMTA() in a separate module - ↵lpsolit%gmail.com2006-06-021-2/+2
| | | | Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave
* Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN blockmkanat%bugzilla.org2006-05-121-3/+2
| | | | Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk
* Bug 332906: Wrong parameters passed to sudo sessions when trying to bypass ↵lpsolit%gmail.com2006-04-071-2/+2
| | | | validation checks - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=justdave
* Patch for bug 328379: Fix spelling: 'visitng' -> 'visiting' in relogin.cgi; ↵jocuri%softhome.net2006-02-241-1/+1
| | | | r=LpSolit, a=myk.
* Bug 315524: When an invalid action is passed to relogin.cgi, ↵lpsolit%gmail.com2005-11-221-0/+5
| | | | ThrowTemplateError() is called instead of ThrowCodeError() - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave
* Bug 312441: relogin.cgi allows you to impersonate user accounts you are not ↵karl%kornel.name2005-11-201-93/+62
| | | | allowed to see when 'usevisibilitygroups' is on - Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave
* Bug 312439: The user being impersonated has "moral" rights to keep informed ↵karl%kornel.name2005-11-051-7/+24
| | | | - Patch by A. Karl Kornel <karl@kornel.name> r=LpSolit a=justdave
* Bug 312307: Misused Throw*Error tags in code and templates - Patch by Dennis ↵lpsolit%gmail.com2005-10-241-1/+1
| | | | Melentyev <dennis.melentyev@infopulse.com.ua> r=LpSolit a=justdave
* Bug 204498 Add su (setuser) functionbugreport%peshkin.net2005-10-141-12/+186
| | | | | Patch by A. Karl Kornel <karl@kornel.name> r=joel, a=justdave
* Bug 302644: relogin.cgi may ask you to login... before logging you out - ↵lpsolit%gmail.com2005-08-131-1/+2
| | | | Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=justdave
* Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> ↵lpsolit%gmail.com2005-08-101-4/+4
| | | | r=mkanat,wicked a=justdave
* Fix for bug 234175: Remove deprecated ConnectToDatabase() andkiko%async.com.br2004-03-271-4/+2
| | | | | | | quietly_check_login()/confirm_login() calls. Cleans up callsites (consisting of most of our CGIs), swapping (where appropriate) for calls to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>. r=bbaetz, kiko. a=justdave.
* Bug 226324: Move relogin.cgi code to Bugzilla::Auth::CGI. Provide akiko%async.com.br2003-11-271-25/+3
| | | | | logout() method that is proxied through Bugzilla.pm's logout(), and fix callers to use it. r=justdave, bbaetz, a=justdave
* Bug 180635 - Enhance Bugzilla::User to store additional informationbbaetz%acm.org2003-06-031-1/+3
| | | | r=myk,jake
* Bug 201816 - use CGI.pm for header outputbbaetz%acm.org2003-05-051-6/+8
| | | | r=joel, a=justdave
* Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang linejake%bugzilla.org2003-03-271-1/+1
| | | | | r=justdave a=justdave
* Bug 76923 - Don't |use diagnostics| (its really expensive at startup time)bbaetz%student.usyd.edu.au2002-08-261-1/+0
| | | | r=joel x2
* Bug 158658 - relogin.cgi should use a template. This also adds the ability ↵gerv%gerv.net2002-07-271-12/+6
| | | | to localise messages. Patch by gerv; r=burnus.
* Bug 140437 - clean up parameters. Patch by gerv; 2xr=justdave.gerv%gerv.net2002-05-081-2/+0
|
* Bug 140435 - Templatise GetCommandMenu. Patch by gerv; r=bbaetz, justdave.gerv%gerv.net2002-05-081-0/+1
|
* Bug 138588 - change to use new template structure. Patch by gerv, r=myk, ↵gerv%gerv.net2002-04-241-2/+1
| | | | afranke.
* Bug 126791 - templatise relogin.cgigerv%gerv.net2002-02-241-11/+14
|
* Bug 95732 - remove logincookies.cryptpassword, and invalidate cookies frombbaetz%student.usyd.edu.au2002-02-041-0/+19
| | | | | | | the db when required instead. (Also fixes bug 58242 as a side effect) r=myk, kiko
* Fix for bug 108982: enable taint mode for all user-facing CGI files.justdave%syndicomm.com2002-01-201-1/+3
| | | | | Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave
* Fix for bug 120817 - Log Out and %commandmenu% in bannerhtml, r=justdave,dkldkl%redhat.com2002-01-191-2/+5
|
* Fix for bug 19910: Bugzilla installs on the same server would interfere with ↵justdave%syndicomm.com2001-10-131-4/+3
| | | | | | | each others' cookies. Cookies now have a path value that can be set to indicate which bugzilla install they belong to. Browsers will only send the cookie to the appropriate installation. The path can be set in the 'cookiepath' parameter in editparams.cgi. Patch by Dave Lawrence <dkl@redhat.com> r= myk, justdave
* Footer wasn't displaying new state after clicking "log out".terry%mozilla.org2000-01-181-0/+4
|
* Patch by Ramon Felciano <felciano@ingenuity.com>, with many tweaks byterry%mozilla.org2000-01-151-1/+1
| | | | | | | me. Added a footer to every page. Add some options to do things like display checkboxes instead of scrolling lists, and a new formatting for email diffs, and show list items capitalized instead of all upper case.
* updated license boilerplatedmose%mozilla.org1999-11-021-14/+15
|
* Patch by holger@holger.om.org (Holger Schurig) -- put the fancy header on ↵terry%mozilla.org1999-09-241-1/+4
| | | | several pages that were missing it.
* Assorted minor UI cleanups (mostly putting navigation headers in, andbryce-mozilla%nextbus.com1999-06-151-13/+2
| | | | | rewording "return to query page" for pages where that is not always true. Also add two options to the main index.html
* Backed out Andrew's patch -- turns out it was doing quoting sublty wrong.terry%netscape.com1998-11-211-4/+2
|
* Patch by Andrew Anderson <andrew@redhat.com>. Many minor bugfixes and cleanup.terry%netscape.com1998-11-171-2/+4
|
* Everything has been ported to now run under Perl.terry%netscape.com1998-09-161-16/+16
|
* Changed the way password validation works. We now keep aterry%netscape.com1998-09-031-0/+1
| | | | | | | | | | | | | | | crypt'd version of the password in the database, and check against that. (This is silly, because we're also keeping the plaintext version there, but I have plans...) Stop passing the plaintext password around as a cookie; instead, we have a cookie that references a record in a new database table, logincookies. IMPORTANT: if updating from an older version of Bugzilla, you must run the following commands to keep things working: ./makelogincookiestable.sh echo "alter table profiles add column cryptpassword varchar(64);" | mysql bugs echo "update profiles set cryptpassword = encrypt(password,substring(rand(),3, 4));" | mysql bugs
* Bugzilla source.terry%netscape.com1998-08-261-0/+52