Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
104,620 Commits 3,986 Branches 0 Tags
040dd35d2b23cd1973566014a566bbfef7fcdb45
Commit Graph

137 Commits

Author SHA1 Message Date
jocuri%softhome.net
040dd35d2b Patch for bug 267560: CheckCanChangeField in process_bug.cgi shouldn't request the bug owner, QA contact and reporter too many times; patch by Frédéric Buclin <LpSolit@netscape.net>, r=justdave, a=justdave. 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@165543 18797224-902f-48f8-a5cc-f745e15eee43
 2004-11-20 12:31:04 +00:00
justdave%bugzilla.org
6a36df260c [SECURITY] Bug 252638: It is possible to send a carefully crafted HTTP POST message to process_bug.cgi which will remove keywords from a bug even if you don't have permissions to edit all bug fields (the "editbugs" permission). Such changes are reported in "bug changed" email notifications, so they are easily detected and reversed if someone abuses it. 
Patch by Myk Melez <myk@mozilla.org>
r=gerv, a=justdave


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@164336 18797224-902f-48f8-a5cc-f745e15eee43
 2004-10-25 07:20:59 +00:00
jocuri%softhome.net
7de4d467e0 Replacing 'existance' with 'existence' on the 2.16 branch to fix spelling mistakes; a=justdave. 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@154928 18797224-902f-48f8-a5cc-f745e15eee43
 2004-04-15 17:48:52 +00:00
justdave%syndicomm.com
335ae93759 Bug 95430: Reopening bugs from the "change several bugs at once" page did not work. 
r= myk, a= justdave


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@149056 18797224-902f-48f8-a5cc-f745e15eee43
 2003-11-09 03:56:32 +00:00
jocuri%softhome.net
9bde973a0a Bug 220332: Insecure dependency in exec while running with -T switch at process_bug.cgi line 1267; r=justdave,gerv; a=justdave. 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@148124 18797224-902f-48f8-a5cc-f745e15eee43
 2003-10-19 08:32:46 +00:00
justdave%syndicomm.com
b4e4294a72 Bug 194394: Someone listed as QA contact on a bug could still access a bug with QA contact privileges if "useqacontact" was later disabled via the parameters. 
Patch by Brad Baetz <bbaetz@acm.org>
r= justdave
a= justdave


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@141756 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-24 21:01:52 +00:00
bbaetz%student.usyd.edu.au
33b6b64a1d Bug 161203 - Bug changes with intermediate pages munges fields with 
multiple values (e.g., CC)
original patch by randall_gee_51227124@yahoo.com (Randall M! Gee),
r=bbaetz, myk

Ported to 2.16 by me, r=preed x2


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@128695 18797224-902f-48f8-a5cc-f745e15eee43
 2002-09-03 07:25:01 +00:00
bbaetz%student.usyd.edu.au
ce09976787 Bug 157074 - verify-new-product doubles comment linefeeds on Win32 
r=myk, jouni


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@125497 18797224-902f-48f8-a5cc-f745e15eee43
 2002-07-19 14:04:15 +00:00
bbaetz%student.usyd.edu.au
63ede38251 Bug 157085 - verify-new-product doesn't set defaults 
r=jouni, gerv


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@124000 18797224-902f-48f8-a5cc-f745e15eee43
 2002-06-25 10:08:57 +00:00
bbaetz%student.usyd.edu.au
41c1acb283 Bug 151053, ConnectToDatabase/quietly_check_login sometimes not called 
early enough
r=mattyt, jouni


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@123428 18797224-902f-48f8-a5cc-f745e15eee43
 2002-06-17 09:39:48 +00:00
bbaetz%student.usyd.edu.au
3b627bbb71 Bug 151369 - need to trim the entered assignee's email address 
r=mattyt x2


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@123411 18797224-902f-48f8-a5cc-f745e15eee43
 2002-06-16 05:28:17 +00:00
gerv%gerv.net
eda75afcf4 Bug 144728 - Midair collision doubles line feeds. Patch by jouni@heikniemi.net; 2xr=justdave. 
git-svn-id: svn://10.0.0.236/branches/BUGZILLA-2_16-BRANCH@122255 18797224-902f-48f8-a5cc-f745e15eee43
 2002-05-29 07:21:44 +00:00
gerv%gerv.net
ad4fba12a7 Bug 125066 - remove the need to set a milestone on accept for products with just one milestone. Patch by zeroj; r=justdave, gerv. 
git-svn-id: svn://10.0.0.236/trunk@119732 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-24 20:07:57 +00:00
gerv%gerv.net
c8a771fb68 Bug 138588 - change to use new template structure. Patch by gerv, r=myk, afranke. 
git-svn-id: svn://10.0.0.236/trunk@119695 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-24 07:24:50 +00:00
gerv%gerv.net
c805b29f24 Bug 137954 - Empty "move-button-text" field blocks changing bugs. Patch by gerv, 2xr=justdave. 
git-svn-id: svn://10.0.0.236/trunk@119254 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-17 22:59:07 +00:00
bbaetz%student.usyd.edu.au
a5d4b479a4 bug 117718 - Mass Change removes a bugs groupset if the bug was in the 
wrong product group
r=justdave x2


git-svn-id: svn://10.0.0.236/trunk@119094 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-16 08:29:01 +00:00
myk%mozilla.org
7f1cab808b Fix for bug 125660: Templatizes process_bug.cgi. 
Patch by Myk Melez <myk@mozilla.org>
r=gerv,bbaetz


git-svn-id: svn://10.0.0.236/trunk@118874 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-12 21:02:00 +00:00
gerv%gerv.net
334afd0307 Bug 124937 - templatise show_activity.cgi. Patch by me, r=myk, bbaetz. 
git-svn-id: svn://10.0.0.236/trunk@118017 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-03 18:54:18 +00:00
justdave%syndicomm.com
3a4161fb84 Fix for bug 82143 and bug 95594: Attempting to reverse dependencies falsely reported a circular dependency loop, and setting 
both the blocks and depends at the same time allowed a real dependency loop to be created.
Patch by Stephen Lee <slee@wilcoxassoc.com>
r= myk, justdave


git-svn-id: svn://10.0.0.236/trunk@117971 18797224-902f-48f8-a5cc-f745e15eee43
 2002-04-03 00:55:56 +00:00
gerv%gerv.net
6c6b37abf0 Bug 110012 - show_bug templatisation. r=bbaetz, afranke. 
git-svn-id: svn://10.0.0.236/trunk@117328 18797224-902f-48f8-a5cc-f745e15eee43
 2002-03-23 17:58:41 +00:00
myk%mozilla.org
b4d3313c3d Fix for bug 72184: prevents users from entering too-large comments/descriptions that get rejected by MySQL's MAX_PACKET_SIZE restrictions. 
Patch by Myk Melez <myk@mozilla.org>.
r=bbaetz,gerv


git-svn-id: svn://10.0.0.236/trunk@116320 18797224-902f-48f8-a5cc-f745e15eee43
 2002-03-11 07:33:03 +00:00
bbaetz%student.usyd.edu.au
5bd31d7e20 Bug 97471 - The assignee and qa contact should always be able to see their 
bugs
r=justdave, afranke


git-svn-id: svn://10.0.0.236/trunk@114371 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-13 03:05:15 +00:00
bbaetz%student.usyd.edu.au
8ec543447a Bug 119715 - strictvaluechecks should always be enabled 
r=justdave, gerv


git-svn-id: svn://10.0.0.236/trunk@113648 18797224-902f-48f8-a5cc-f745e15eee43
 2002-02-05 00:20:09 +00:00
bbaetz%student.usyd.edu.au
7f8c1e8eec Bug 121074 - taint error after changing bug 
r=daa@distributed.net,jake


git-svn-id: svn://10.0.0.236/trunk@112518 18797224-902f-48f8-a5cc-f745e15eee43
 2002-01-22 15:12:11 +00:00
justdave%syndicomm.com
c148fadef8 Fix for bug 108982: enable taint mode for all user-facing CGI files. 
Patch by Brad Baetz <bbaetz@student.usyd.edu.au>
r= jake, justdave


git-svn-id: svn://10.0.0.236/trunk@112490 18797224-902f-48f8-a5cc-f745e15eee43
 2002-01-20 01:44:52 +00:00
jake%acutex.net
df47257748 Bug 113975 - Changing only cc on mass change page incorrectly gives an error that you didn't select anything to change. 
r= myk x2


git-svn-id: svn://10.0.0.236/trunk@111447 18797224-902f-48f8-a5cc-f745e15eee43
 2002-01-06 14:36:00 +00:00
justdave%syndicomm.com
f7d2ddd8f0 Fix for bug 102487: If you had "comment on product change required" turned on in your installation, Bugzilla would warn you of 
a forgotten comment AFTER allowing you to choose new components, versions, and milestones, forcing you to hit your back button
TWICE to correct your mistake.  This checkin corrects that.
Patch by David Kilzer <ddkilzer@theracingworld.com>
r= caillon, gerv


git-svn-id: svn://10.0.0.236/trunk@110556 18797224-902f-48f8-a5cc-f745e15eee43
 2001-12-16 00:05:54 +00:00
justdave%syndicomm.com
59a509ab6f Fix for bug 73502: midair collision wasn't catching other bugs changing dependencies 
Patch by Dave Miller
r= bbaetz, jake


git-svn-id: svn://10.0.0.236/trunk@110194 18797224-902f-48f8-a5cc-f745e15eee43
 2001-12-11 02:38:18 +00:00
jake%acutex.net
acaebc81a5 Bug 108312 - The mid-air collision page was only showing the most recent changes if two people comitted changes to a bug while you were viewing it. 
r=louie, myk


git-svn-id: svn://10.0.0.236/trunk@109001 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-27 15:04:52 +00:00
justdave%syndicomm.com
ab0ed93ca8 Backing out previous checkin, it broke the tree. :( 
git-svn-id: svn://10.0.0.236/trunk@108396 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-17 21:28:24 +00:00
justdave%syndicomm.com
2f07aa0c10 Fix for bug 102487: If admin has set preferences to require a comment on a product/component change, prompt the user that they 
forgot to comment first, before prompting for component, milestone, and version for new product.
Patch by Garvase Markham <gerv@mozilla.org>
r= kiko, ddk


git-svn-id: svn://10.0.0.236/trunk@108394 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-17 21:12:53 +00:00
bbaetz%cs.mcgill.ca
9ca8a3c375 Bug 107718 pt 2 - use subtraction instead of the ~ operator, which older 
mysql versions don't support. Remove the checksetup.pl restriction, too.

r=jake x2


git-svn-id: svn://10.0.0.236/trunk@108061 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-14 15:12:23 +00:00
justdave%syndicomm.com
e78b6416c2 Fix for bug 99519: timestamps were not being set correctly in the activity table in some situations, and the delta_ts on the 
bug itself was not always being updated if dependencies or CCs changed.
Patch by Dave Miller <justdave@syndicomm.com>
r= bbaetz, jake


git-svn-id: svn://10.0.0.236/trunk@107644 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-08 03:38:12 +00:00
justdave%syndicomm.com
2d28f97361 SECURITY FIX see bug 108385: Due to trusting of passed form fields that shouldn't have been trusted, it was possible to add a comment to a bug pretending to be someone else if you edited the HTML by hand before submitting. The bug form did not include the field in question, but due to legacy processing code, the field was still trusted if it was present. 
Patch by Dave Miller <justdave@syndicomm.com>
r= jake x2


git-svn-id: svn://10.0.0.236/trunk@107350 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-05 20:47:17 +00:00
bbaetz%cs.mcgill.ca
b2918e050d Bug 107718 - mass changes give all changed bugs the groupset of the first 
bug in the list.

Do bit fiddling instead of adding groupsets from the first bug.

r=justdave, jake


git-svn-id: svn://10.0.0.236/trunk@107224 18797224-902f-48f8-a5cc-f745e15eee43
 2001-11-03 05:49:23 +00:00
jake%acutex.net
e6f2627084 Bug 104065 - Stop uninitilized string warnings from getting into the error log when the login cookie doesn't exist. 
Patch by Dave Miller <justdave@syndicomm.com>
r= gerv@mozilla.org, jake@acutex.net


git-svn-id: svn://10.0.0.236/trunk@106273 18797224-902f-48f8-a5cc-f745e15eee43
 2001-10-25 14:46:58 +00:00
bbaetz%cs.mcgill.ca
cced8d8047 Bug 97469 - Assignee/QA/Reporter/CC don't get email on restricted bugs. 
Also fixes seeing bugs in the buglist (bug 95024), dependancy lists,
tooltips, duplicates, and everywhere else I could see which checked group
bugs.groupset == 0.

Also fxed bug 101560, by clearing BASH_ENV

r=myk,justdave


git-svn-id: svn://10.0.0.236/trunk@106051 18797224-902f-48f8-a5cc-f745e15eee43
 2001-10-23 15:44:53 +00:00
justdave%syndicomm.com
d27f46ad1e Fix for bug 104516: No code changes in this patch, all this checkin does is remove all tabs from the bugzilla source and replace it with the appropriate number of spaces (in most cases 8) to line up with existing code. This is part of the effort to bring the existing codebase up to par with our style guidelines. 
Patch by Jake Steehagen <jake@acutex.net>
r= justdave x2


git-svn-id: svn://10.0.0.236/trunk@105335 18797224-902f-48f8-a5cc-f745e15eee43
 2001-10-13 01:36:17 +00:00
myk%mozilla.org
d66bb72fd8 Fix for bug 98744: No more software error when the user clicks "remove cc" without specifying users to remove. 
Fix by Jake <jake@acutex.net>.
r=myk@mozilla.org, no second review needed.


git-svn-id: svn://10.0.0.236/trunk@104118 18797224-902f-48f8-a5cc-f745e15eee43
 2001-09-28 19:49:53 +00:00
myk%mozilla.org
ded048fcee Fix for bug 90333: Bugzilla now displays an appropriate error message if a user hits process_bug.cgi without specifying any bugs to change. 
Patch by Myk Melez <myk@mozilla.org>
r=jake@acutex.net


git-svn-id: svn://10.0.0.236/trunk@102994 18797224-902f-48f8-a5cc-f745e15eee43
 2001-09-17 18:55:31 +00:00
jake%acutex.net
b176facdc0 Fix for bug 30731 - Reassigning closed bugs from the mass change page caused their status to be set to new. 
r= myk@mozilla.org, zach@zachlipton.com


git-svn-id: svn://10.0.0.236/trunk@102955 18797224-902f-48f8-a5cc-f745e15eee43
 2001-09-14 21:50:08 +00:00
justdave%syndicomm.com
d595b24c15 Fix for bug 92266: Prevent dataloss in the bugs_activity table by wrapping 
entries into additional entries if they're too long to fit.
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net


git-svn-id: svn://10.0.0.236/trunk@101815 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-26 22:58:34 +00:00
jake%acutex.net
ca886b1282 Bug 96085 - bypassing group security checks using duplicate bugs 
Patch by Christopher Aillon <christopher@aillon.com>
r= jake@acutex.net


git-svn-id: svn://10.0.0.236/trunk@101811 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-26 18:51:45 +00:00
justdave%syndicomm.com
21573c54a7 Fix for bug 95235: variables with untrusted content were being echoed back to the user in error messages. Those variables are now run through html_quote() first. 
Patch by Gavin Shelley <gavins@iplbath.com>
r= justdave@syndicomm.com


git-svn-id: svn://10.0.0.236/trunk@101751 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-24 17:32:25 +00:00
jake%acutex.net
4d649ab63c Refixing bug 95875 - The code that breakes the typed in CC list into individual lists is now slightly more robust and allows perl to handle the splitting more efficiently (by using a space as the delimiter). 
r= myk@mozilla.org


git-svn-id: svn://10.0.0.236/trunk@101398 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-18 03:35:36 +00:00
justdave%syndicomm.com
1136151446 Fix for bug 95857: process_bugs.cgi sees blank address in cc: line (would show up as __UNKNOWN__) 
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com


git-svn-id: svn://10.0.0.236/trunk@101390 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-18 01:49:02 +00:00
jake%acutex.net
e7597bc03e Fix for bug 95747 - CC List validation (for additions) wasn't happening until after the bug's changes were in the process of being commited. This caused problems if a typo was made in the e-mail address. 
r= myk@mozilla.org


git-svn-id: svn://10.0.0.236/trunk@101338 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-17 20:18:33 +00:00
justdave%syndicomm.com
b2c6ce4e69 Fix for bug 95743: the role-accessible checkboxes were getting cleared if a user with group access had to log in to make changes to a public bug. 
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com


git-svn-id: svn://10.0.0.236/trunk@101296 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-17 11:15:04 +00:00
justdave%syndicomm.com
929927863c Fix for bug 39816: Anyone in CC, Reporter, QA Contact, or Asigned To fields can now be given access to view a bug even if the permissions on that bug are set to a group that would normally exclude those people. 
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com


git-svn-id: svn://10.0.0.236/trunk@100906 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-13 00:46:20 +00:00
zach%zachlipton.com
c8d61a878f fix for bug 66235: process_bug.cgi: multiple product change misses the groupset bit. Patch by Myk <myk@mozilla.org> r=Jake, oh, and it's my first checkin, yahoo! 
git-svn-id: svn://10.0.0.236/trunk@100858 18797224-902f-48f8-a5cc-f745e15eee43
 2001-08-11 01:18:24 +00:00