Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
214,838 Commits 3,986 Branches 0 Tags
Commit Graph

61 Commits

Author SHA1 Message Date
bzrmirror%bugzilla.org
8dc631e917 Bug 906745 - In MySQL, tokens are not case-sensitive, reducing total entropy and allowing easier brute force 
r=LpSolit,a=glob


git-svn-id: svn://10.0.0.236/branches/BUGZILLA-4_0-BRANCH@265056 18797224-902f-48f8-a5cc-f745e15eee43
 2013-10-16 16:57:35 +00:00
mkanat%bugzilla.org
3584a9ab78 Bug 508823: Make it so that you don't ever have to reset template_inner (like 
Bugzilla->template_inner("")).
r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@259847 18797224-902f-48f8-a5cc-f745e15eee43
 2010-03-01 01:46:32 +00:00
mkanat%bugzilla.org
0cc827bc54 Bug 527586: Use X-Forwarded-For instead of REMOTE_ADDR for trusted proxies 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@259326 18797224-902f-48f8-a5cc-f745e15eee43
 2009-12-31 12:53:21 +00:00
lpsolit%gmail.com
068d4cbfd6 Bug 477513: md5_hex() fails if a saved search has UTF8 characters in it - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@256165 18797224-902f-48f8-a5cc-f745e15eee43
 2009-02-09 19:20:40 +00:00
lpsolit%gmail.com
a78c19e2bb Bug 26257: [SECURITY] Bugzilla should prevent malicious webpages from making bugzilla users submit changes to bugs - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@256020 18797224-902f-48f8-a5cc-f745e15eee43
 2009-02-02 18:34:40 +00:00
lpsolit%gmail.com
2df7c38aa5 Bug 452519: Fix timezones in emails - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@255775 18797224-902f-48f8-a5cc-f745e15eee43
 2009-01-08 16:10:04 +00:00
lpsolit%gmail.com
03b1e7c6dd Bug 405946: Some emails are not sent in the language chosen by the addressee - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@249006 18797224-902f-48f8-a5cc-f745e15eee43
 2008-04-02 17:46:56 +00:00
lpsolit%gmail.com
271436bfa9 Bug 399163: Bugzilla/*.pm should use transactions for database interaction - Patch by Emmanuel Seyman <eseyman@linagora.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@239610 18797224-902f-48f8-a5cc-f745e15eee43
 2007-11-18 20:20:54 +00:00
reed%reedloden.com
792703972c Bug 366466 - "flag notification mail has canceled spelled incorrectly" [p=reed r=timeless a=mkanat] 
git-svn-id: svn://10.0.0.236/trunk@221735 18797224-902f-48f8-a5cc-f745e15eee43
 2007-03-11 04:11:18 +00:00
lpsolit%gmail.com
faede0b2e9 Fix nits about bug 316797 
git-svn-id: svn://10.0.0.236/trunk@215483 18797224-902f-48f8-a5cc-f745e15eee43
 2006-11-20 19:05:49 +00:00
lpsolit%gmail.com
02c1f1227b Bug 316797: Token.pm needs POD - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=myk 
git-svn-id: svn://10.0.0.236/trunk@215482 18797224-902f-48f8-a5cc-f745e15eee43
 2006-11-20 19:03:40 +00:00
wurblzap%gmail.com
534cc8b074 Bug 340538: Insecure dependency in exec while running with -T switch at /usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16. 
Patch by Marc Schumann <wurblzap@gmail.com>,
r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@213922 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-20 18:52:24 +00:00
lpsolit%gmail.com
58b1b66792 Bug 281181: [SECURITY] It's way too easy to delete versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@213652 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-14 22:02:10 +00:00
lpsolit%gmail.com
d016173598 Bug 350120: undefined value when creating a new user account - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@208453 18797224-902f-48f8-a5cc-f745e15eee43
 2006-08-25 20:14:58 +00:00
lpsolit%gmail.com
b735434f6f Bug 87795: Creating an account should send token and wait for confirmation (prevent user account abuse) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=bkor a=myk 
git-svn-id: svn://10.0.0.236/trunk@207935 18797224-902f-48f8-a5cc-f745e15eee43
 2006-08-19 18:12:00 +00:00
mkanat%bugzilla.org
65db537715 Bug 343338: Eliminate "my" variables from the root level of modules 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@202093 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-13 21:55:43 +00:00
mkanat%bugzilla.org
520fe42625 Bug 338375: Use Bugzilla->params everywhere instead of Param(). 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@201503 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-03 21:42:47 +00:00
mkanat%bugzilla.org
8323e09c40 Bug 342869: Use Bugzilla->params everywhere except templates 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@201499 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-03 21:26:22 +00:00
lpsolit%gmail.com
a698e74659 Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@200489 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-21 00:44:48 +00:00
lpsolit%gmail.com
d9dd48a759 Bug 339862: Move Bugzilla::BugMail::MessageToMTA() in a separate module - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=justdave 
git-svn-id: svn://10.0.0.236/trunk@198863 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-02 10:50:15 +00:00
lpsolit%gmail.com
1313470148 I forgot a "fix on checkin" (useless whitespaces) 
git-svn-id: svn://10.0.0.236/trunk@192097 18797224-902f-48f8-a5cc-f745e15eee43
 2006-03-09 20:00:47 +00:00
lpsolit%gmail.com
93890633fa Bug 300551: Eliminate deprecated Bugzilla::DB routines from User.pm and Token.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave 
git-svn-id: svn://10.0.0.236/trunk@192076 18797224-902f-48f8-a5cc-f745e15eee43
 2006-03-09 18:19:54 +00:00
lpsolit%gmail.com
6248e4f445 Bug 119524: SECURITY: predictable sessionid (Use a token instead of logincookie) - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=mkanat a=justdave 
git-svn-id: svn://10.0.0.236/trunk@186852 18797224-902f-48f8-a5cc-f745e15eee43
 2006-01-03 14:45:22 +00:00
lpsolit%gmail.com
7c3f38ad5d Bug 301062: [PostgreSQL] whine.pl fails when using PostgreSQL 8.0.x - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=manu a=justdave 
git-svn-id: svn://10.0.0.236/trunk@184543 18797224-902f-48f8-a5cc-f745e15eee43
 2005-11-13 17:36:21 +00:00
lpsolit%gmail.com
e334b85a95 Bug 312157: Remove $::template and $::vars from globals.pl - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave 
git-svn-id: svn://10.0.0.236/trunk@182927 18797224-902f-48f8-a5cc-f745e15eee43
 2005-10-24 23:11:56 +00:00
lpsolit%gmail.com
0818f9fd5f Bug 304582: Move GenerateRandomPassword() out of globals.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> r=joel a=myk 
git-svn-id: svn://10.0.0.236/trunk@179507 18797224-902f-48f8-a5cc-f745e15eee43
 2005-09-01 21:39:21 +00:00
mkanat%kerio.com
0cbbdcfee7 Bug 303669: Bugzilla mis-uses perl subroutine prototypes 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@177695 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-13 12:27:04 +00:00
lpsolit%gmail.com
b4d7cca746 Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat,wicked a=justdave 
git-svn-id: svn://10.0.0.236/trunk@177475 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-10 01:30:41 +00:00
bugreport%peshkin.net
9778732be8 Backout of bug 303669 which broke AppendComment and possibly a number 
of other items.


git-svn-id: svn://10.0.0.236/trunk@177419 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-09 11:23:43 +00:00
mkanat%kerio.com
7bbde62ad3 Bug 303669: Bugzilla mis-uses perl subroutine prototypes 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@177413 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-09 05:59:02 +00:00
mkanat%kerio.com
595f9c7816 Bug 285695: [PostgreSQL] Username checks for login, etc. need to be case insensitive 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@175810 18797224-902f-48f8-a5cc-f745e15eee43
 2005-07-08 02:31:43 +00:00
bugzilla%glob.com.au
4a74d795f2 Bug 297646: Write helper functions for Bugzilla::Token.pm 
Patch by Byron Jones <bugzilla@glob.com.au> r=LpSolit,a=justdave


git-svn-id: svn://10.0.0.236/trunk@175454 18797224-902f-48f8-a5cc-f745e15eee43
 2005-07-01 01:44:19 +00:00
mkanat%kerio.com
d7c4f4e167 Bug: 284244: DATE_SUB and DATE_ADD are not ANSI SQL 
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=wicked, a=justdave


git-svn-id: svn://10.0.0.236/trunk@170128 18797224-902f-48f8-a5cc-f745e15eee43
 2005-03-03 07:19:10 +00:00
mkanat%kerio.com
4366849e89 Bug 280502: Replace "INTERVAL" with Bugzilla::DB function call 
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat, a=justdave


git-svn-id: svn://10.0.0.236/trunk@169516 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-20 08:02:07 +00:00
mkanat%kerio.com
744343cdb5 Bug 280499: Replace "TO_DAYS()" with Bugzilla::DB function call 
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat, a=justdave


git-svn-id: svn://10.0.0.236/trunk@169514 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-20 07:53:17 +00:00
mkanat%kerio.com
fe14d8a2d1 Bug 280497: Replace "LIMIT" with Bugzilla::DB function call 
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat,a=justdave


git-svn-id: svn://10.0.0.236/trunk@169390 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-18 16:14:27 +00:00
mkanat%kerio.com
a88c76e484 Bug 280503: Replace "LOCK/UNLOCK TABLES" with Bugzilla::DB function call 
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat,a=myk


git-svn-id: svn://10.0.0.236/trunk@169333 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-17 21:57:27 +00:00
gerv%gerv.net
8606b2d55d Bug 59351 - move all calls to sendmail to a central place. Patch by mkanat; r=gerv,vladd; a=justdave. 
git-svn-id: svn://10.0.0.236/trunk@167149 18797224-902f-48f8-a5cc-f745e15eee43
 2005-01-01 13:47:56 +00:00
justdave%bugzilla.org
45f8635565 Bug 250897: Enforce a 10 minute waiting period between password reset attempts to prevent the user getting mailbombed if the form is submitted multiple times. 
Patch by Joel Peshkin <bugreport@peshkin.net>
r=kiko, a=justdave


git-svn-id: svn://10.0.0.236/trunk@164334 18797224-902f-48f8-a5cc-f745e15eee43
 2004-10-25 07:12:22 +00:00
justdave%syndicomm.com
4b6207788f Bug 237864: clean up leftovers from the bug 192516 checkin (some occurances of Token got missed) 
r= gerv, a= justdave


git-svn-id: svn://10.0.0.236/trunk@154085 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-18 09:01:35 +00:00
justdave%syndicomm.com
e099454c93 Bug 192516: Moving the loose .pm files into the Bugzilla directory, where they belong. These files pre-date the Bugzilla directory, and would have gone there had it existed at the time. The four files in question were copied on the CVS server to preserve CVS history in the files. This checkin deletes them from the old location and modifies everything else to know where they are now. 
r= myk, gerv
a= justdave


git-svn-id: svn://10.0.0.236/trunk@154078 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-18 03:57:05 +00:00
bbaetz%acm.org
7d7d7e1532 Bug 208699 - Move Throw{Code,Template}Error into Error.pm 
r,a=justdave


git-svn-id: svn://10.0.0.236/trunk@146857 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-14 06:05:23 +00:00
bbaetz%acm.org
e382ca74cc Bug 205463 - Tokens aren't canceled after a successful login. 
patch by 'Randall M! Gee', r=bbaetz, a=justdave


git-svn-id: svn://10.0.0.236/trunk@143414 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-07 03:36:46 +00:00
bbaetz%acm.org
2b0b42744f Bug 180642 - Move authentication code into a module 
r=gerv, justdave
a=justdave


git-svn-id: svn://10.0.0.236/trunk@140041 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-22 04:47:35 +00:00
justdave%syndicomm.com
6485d4afc4 Bug 193989: EmailSuffix wasn't getting used for password change tokens. Also removes real name from To: header which wasn't being escaped properly for RFC2822 specs. 
Patch by Jeff Lawson <jlawson-mozilla@bovine.net>
r=justdave, a=justdave


git-svn-id: svn://10.0.0.236/trunk@139436 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-14 05:43:38 +00:00
gerv%gerv.net
1ecd0b7779 Bug 164038 - token.cgi: Cancel token messages should be moved into the templates. Patch by burnus; r=gerv. 
git-svn-id: svn://10.0.0.236/trunk@130789 18797224-902f-48f8-a5cc-f745e15eee43
 2002-09-30 07:22:44 +00:00
bbaetz%student.usyd.edu.au
46d483962b Bug 163829 - move pref code into a separate package 
r=joel, preed


git-svn-id: svn://10.0.0.236/trunk@128451 18797224-902f-48f8-a5cc-f745e15eee43
 2002-08-29 09:25:54 +00:00
bbaetz%student.usyd.edu.au
71381b40ed Bug 76923 - Don't |use diagnostics| (its really expensive at startup time) 
r=joel x2


git-svn-id: svn://10.0.0.236/trunk@128080 18797224-902f-48f8-a5cc-f745e15eee43
 2002-08-26 06:17:26 +00:00
myk%mozilla.org
537f75ea7e Fix for bug 150925: make email address changes work. 
2xr=bbaetz


git-svn-id: svn://10.0.0.236/trunk@124804 18797224-902f-48f8-a5cc-f745e15eee43
 2002-07-09 02:16:56 +00:00
gerv%gerv.net
c66a8b94a7 Bug 135836 - change requests should include expiration details. Patch by zeroJ@null.net; r=gerv, justdave. 
git-svn-id: svn://10.0.0.236/trunk@120675 18797224-902f-48f8-a5cc-f745e15eee43
 2002-05-03 06:37:47 +00:00