Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
212,485 Commits 3,986 Branches 0 Tags
Commit Graph

64 Commits

Author SHA1 Message Date
mkanat%bugzilla.org
d76aadaf84 Bug 508189: (CVE-2009-3166) [SECURITY] Logging in after changing your password would expose your new password in the URL 
Patch by Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@258358 18797224-902f-48f8-a5cc-f745e15eee43
 2009-09-11 16:07:38 +00:00
lpsolit%gmail.com
5a156183bb Bug 349336: Automatically log in the user when he chooses his password to create his new account - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@258057 18797224-902f-48f8-a5cc-f745e15eee43
 2009-08-11 07:25:44 +00:00
bbaetz%acm.org
2a93772679 496856 - correct patch 
(original patch r/a=mkanat)


git-svn-id: svn://10.0.0.236/trunk@257474 18797224-902f-48f8-a5cc-f745e15eee43
 2009-06-12 06:18:39 +00:00
bbaetz%acm.org
aed90f4528 Bug 496856 - Fix token.cgi transaction handling 
git-svn-id: svn://10.0.0.236/trunk@257455 18797224-902f-48f8-a5cc-f745e15eee43
 2009-06-10 06:18:16 +00:00
lpsolit%gmail.com
2df7c38aa5 Bug 452519: Fix timezones in emails - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@255775 18797224-902f-48f8-a5cc-f745e15eee43
 2009-01-08 16:10:04 +00:00
lpsolit%gmail.com
dd7f611eda Bug 455814: token.cgi should reject password change requests for disabled accounts - Patch by Frédéric Buclin <LpSolit@gmail.com> r=ghendricks a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@254329 18797224-902f-48f8-a5cc-f745e15eee43
 2008-09-19 20:00:26 +00:00
lpsolit%gmail.com
3b4f17e3bd Bug 455815: Remove global variables from token.cgi - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@254322 18797224-902f-48f8-a5cc-f745e15eee43
 2008-09-18 22:39:12 +00:00
dkl%redhat.com
f51ff717a8 Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param 
doesn't protect WebService calls at all
Patch by David Lawrence <dkl@redhat.com> - r/a=LpSolit/mkanat


git-svn-id: svn://10.0.0.236/trunk@253665 18797224-902f-48f8-a5cc-f745e15eee43
 2008-08-18 04:16:14 +00:00
dkl%redhat.com
223ced6261 Backing out these patches as they cause a regression. More information 
in the respective bug reports.

Bug 428659 – Setting SSL param to 'authenticated sessions' only
protects logins and param doesn't protect WebService calls at all
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat

Bug 445104: ssl redirects come with a 200 OK HTTP code on mod_perl
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=dkl, a=mkanat


git-svn-id: svn://10.0.0.236/trunk@253320 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-28 20:58:01 +00:00
dkl%redhat.com
fe2838832f Bug 428659 – Setting SSL param to 'authenticated sessions' only protects logins and param doesn't protect WebService calls at all 
Patch by Dave Lawrence <dkl@redhat.com> - r/a=mkanat


git-svn-id: svn://10.0.0.236/trunk@252948 18797224-902f-48f8-a5cc-f745e15eee43
 2008-07-10 04:56:22 +00:00
lpsolit%gmail.com
03b1e7c6dd Bug 405946: Some emails are not sent in the language chosen by the addressee - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=LpSolit 
git-svn-id: svn://10.0.0.236/trunk@249006 18797224-902f-48f8-a5cc-f745e15eee43
 2008-04-02 17:46:56 +00:00
lpsolit%gmail.com
64903e283d Bug 403834: Replace table locks with database transactions in tokens, votes, and sanitycheck - Patch by Emmanuel Seyman <eseyman@linagora.com> r/a=mkanat 
git-svn-id: svn://10.0.0.236/trunk@239611 18797224-902f-48f8-a5cc-f745e15eee43
 2007-11-18 20:23:54 +00:00
mkanat%bugzilla.org
d7e641858a Bug 399954: Make Bugzilla able to hold its dependencies in a local directory 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=LpSolit


git-svn-id: svn://10.0.0.236/trunk@237891 18797224-902f-48f8-a5cc-f745e15eee43
 2007-10-19 06:46:19 +00:00
timeless%mozdev.org
cb69374fce Bug 238651 (a&b) Include the login name (in <code>) for "account_inexistent" error 
r=lpsolit a=lpsolit


git-svn-id: svn://10.0.0.236/trunk@230634 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-23 09:47:13 +00:00
timeless%mozdev.org
e2473ad484 Bug 365472 rename 'token_inexistent' to 'token_does_not_exist' or something 
r=lpsolit a=lpsolit


git-svn-id: svn://10.0.0.236/trunk@229594 18797224-902f-48f8-a5cc-f745e15eee43
 2007-07-10 07:08:12 +00:00
reed%reedloden.com
792703972c Bug 366466 - "flag notification mail has canceled spelled incorrectly" [p=reed r=timeless a=mkanat] 
git-svn-id: svn://10.0.0.236/trunk@221735 18797224-902f-48f8-a5cc-f745e15eee43
 2007-03-11 04:11:18 +00:00
wurblzap%gmail.com
534cc8b074 Bug 340538: Insecure dependency in exec while running with -T switch at /usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16. 
Patch by Marc Schumann <wurblzap@gmail.com>,
r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@213922 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-20 18:52:24 +00:00
lpsolit%gmail.com
58b1b66792 Bug 281181: [SECURITY] It's way too easy to delete versions/components/milestones etc... - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@213652 18797224-902f-48f8-a5cc-f745e15eee43
 2006-10-14 22:02:10 +00:00
mkanat%bugzilla.org
8aa56fc69e Bug 349349: Use ->create from Bugzilla::Object instead of insert_new_user for Bugzilla::User 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@208468 18797224-902f-48f8-a5cc-f745e15eee43
 2006-08-25 22:10:39 +00:00
lpsolit%gmail.com
b735434f6f Bug 87795: Creating an account should send token and wait for confirmation (prevent user account abuse) - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat r=bkor a=myk 
git-svn-id: svn://10.0.0.236/trunk@207935 18797224-902f-48f8-a5cc-f745e15eee43
 2006-08-19 18:12:00 +00:00
mkanat%bugzilla.org
680d743be8 Bug 173629: Clean up "my" variable scoping issues for mod_perl 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@201662 18797224-902f-48f8-a5cc-f745e15eee43
 2006-07-06 06:12:05 +00:00
lpsolit%gmail.com
a698e74659 Bug 282121: Remove globals.pl from scripts that no longer use it - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@200489 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-21 00:44:48 +00:00
vladd%bugzilla.org
472254e3f1 Spelling in code comments patch: 'methids' -> 'methods'; patch by Vlad Dascalu <vladd@bugzilla.org>. 
git-svn-id: svn://10.0.0.236/trunk@200301 18797224-902f-48f8-a5cc-f745e15eee43
 2006-06-19 15:41:13 +00:00
mkanat%bugzilla.org
caee2e9858 Bug 300410: Bugzilla::Auth needs to be restructured to not require a BEGIN block 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=myk


git-svn-id: svn://10.0.0.236/trunk@196368 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-12 02:41:22 +00:00
lpsolit%gmail.com
c9a524756a Bug 332598: Move ValidatePassword() and DBNameToIdAndCheck() from globals.pl into User.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@196144 18797224-902f-48f8-a5cc-f745e15eee43
 2006-05-07 20:13:49 +00:00
lpsolit%gmail.com
e334b85a95 Bug 312157: Remove $::template and $::vars from globals.pl - Patch by Olav Vitters <bugzilla-mozilla@bkor.dhs.org> r=LpSolit a=justdave 
git-svn-id: svn://10.0.0.236/trunk@182927 18797224-902f-48f8-a5cc-f745e15eee43
 2005-10-24 23:11:56 +00:00
lpsolit%gmail.com
f3ffc7a65b Bug 312307: Misused Throw*Error tags in code and templates - Patch by Dennis Melentyev <dennis.melentyev@infopulse.com.ua> r=LpSolit a=justdave 
git-svn-id: svn://10.0.0.236/trunk@182850 18797224-902f-48f8-a5cc-f745e15eee43
 2005-10-23 21:50:35 +00:00
lpsolit%gmail.com
ceab94d088 Bug 303697: Eliminate deprecated Bugzilla::DB routines from token.cgi - Patch by Teemu Mannermaa <wicked@etlicon.fi> r=LpSolit a=justdave 
git-svn-id: svn://10.0.0.236/trunk@182048 18797224-902f-48f8-a5cc-f745e15eee43
 2005-10-12 01:16:54 +00:00
bugreport%peshkin.net
205c3f3402 Bug 304583: Remove all remaining need to rederive inherited groups 
Patch by Joel Peshkin <bugreport@peshkin.net>
r=mkanat, a=justdave


git-svn-id: svn://10.0.0.236/trunk@178200 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-18 20:09:37 +00:00
lpsolit%gmail.com
88c468dba1 Bug 304653: remove 'use Bugzilla::Error' from Util.pm - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@177759 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-15 17:43:38 +00:00
lpsolit%gmail.com
b4d7cca746 Bug 301508: Remove CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat,wicked a=justdave 
git-svn-id: svn://10.0.0.236/trunk@177475 18797224-902f-48f8-a5cc-f745e15eee43
 2005-08-10 01:30:41 +00:00
lpsolit%gmail.com
a68c2a62b5 Bug 301453: Move CheckEmailSyntax out of CGI.pl - Patch by Frédéric Buclin <LpSolit@gmail.com> r=mkanat a=myk 
git-svn-id: svn://10.0.0.236/trunk@176363 18797224-902f-48f8-a5cc-f745e15eee43
 2005-07-20 21:24:19 +00:00
mkanat%kerio.com
7e57a969dd Bug 300336: Bugzilla::Auth should not contain any exported subroutines 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@175984 18797224-902f-48f8-a5cc-f745e15eee43
 2005-07-13 03:57:02 +00:00
mkanat%kerio.com
595f9c7816 Bug 285695: [PostgreSQL] Username checks for login, etc. need to be case insensitive 
Patch By Max Kanat-Alexander <mkanat@bugzilla.org> r=LpSolit, a=justdave


git-svn-id: svn://10.0.0.236/trunk@175810 18797224-902f-48f8-a5cc-f745e15eee43
 2005-07-08 02:31:43 +00:00
mkanat%kerio.com
a88c76e484 Bug 280503: Replace "LOCK/UNLOCK TABLES" with Bugzilla::DB function call 
Patch By Tomas Kopal <Tomas.Kopal@altap.cz> r=mkanat,a=myk


git-svn-id: svn://10.0.0.236/trunk@169333 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-17 21:57:27 +00:00
travis%sedsystems.ca
b63354eba2 Bug 280994 : Move ValidateNewUser out of globals.pl 
Patch by Max Kanat-Alexander <mkanat@kerio.com>  r=vladd  a=justdave


git-svn-id: svn://10.0.0.236/trunk@169041 18797224-902f-48f8-a5cc-f745e15eee43
 2005-02-09 06:42:43 +00:00
travis%sedsystems.ca
6427625246 Bug 278792 : Move Crypt() to Bugzilla::Auth 
Patch by Max Kanat-Alexander <mkanat@kerio.com>   r=vladd  a=justdave


git-svn-id: svn://10.0.0.236/trunk@168559 18797224-902f-48f8-a5cc-f745e15eee43
 2005-01-31 19:26:01 +00:00
bugreport%peshkin.net
ba7b83aa6f Bug 241900: Allow Bugzilla::Auth to have multiple login and validation styles 
patch by erik
r=joel, kiko
a=myk


git-svn-id: svn://10.0.0.236/trunk@159556 18797224-902f-48f8-a5cc-f745e15eee43
 2004-07-20 22:41:22 +00:00
kiko%async.com.br
319f68a68e Fix for bug 234175: Remove deprecated ConnectToDatabase() and 
quietly_check_login()/confirm_login() calls.  Cleans up callsites
(consisting of most of our CGIs), swapping (where appropriate) for calls
to Bugzilla->login. Patch by Teemu Mannermaa <wicked@etlicon.fi>.
r=bbaetz, kiko. a=justdave.


git-svn-id: svn://10.0.0.236/trunk@154331 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-27 03:51:44 +00:00
kiko%async.com.br
36171a62bf Fix for bug 226764: Move InvalidateLogins into Bugzilla::Auth::CGI. 
Consolidates the logout code into Bugzilla::Auth::CGI, and provides
simple front-end wrappers in Bugzilla.pm for use in the CGIs we have.
r=bbaetz, joel; a=justdave.

Adds a set of constants to the logout() API which allow specifying "how
much" we should log out -- all sessions, the current session, or all
sessions but the current one.

Fixes callsites to use this new API; cleans and documents things a
bit while we're at it. Part I in the great COOKIE apocalypse.


git-svn-id: svn://10.0.0.236/trunk@154327 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-27 01:28:29 +00:00
timeless%mozdev.org
e1271e1cd7 Bug 237517 inconsistent spelling of cancelled or canceled 
r=kiko a=justdave


git-svn-id: svn://10.0.0.236/trunk@154092 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-18 16:14:55 +00:00
justdave%syndicomm.com
4b6207788f Bug 237864: clean up leftovers from the bug 192516 checkin (some occurances of Token got missed) 
r= gerv, a= justdave


git-svn-id: svn://10.0.0.236/trunk@154085 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-18 09:01:35 +00:00
justdave%syndicomm.com
e099454c93 Bug 192516: Moving the loose .pm files into the Bugzilla directory, where they belong. These files pre-date the Bugzilla directory, and would have gone there had it existed at the time. The four files in question were copied on the CVS server to preserve CVS history in the files. This checkin deletes them from the old location and modifies everything else to know where they are now. 
r= myk, gerv
a= justdave


git-svn-id: svn://10.0.0.236/trunk@154078 18797224-902f-48f8-a5cc-f745e15eee43
 2004-03-18 03:57:05 +00:00
jocuri%softhome.net
f328dad7fe Patch for bug 234876; removes %FORM from token.cgi; patch by Teemu Mannermaa <wicked@etlicon.fi>; r=kiko, a=justdave. 
git-svn-id: svn://10.0.0.236/trunk@153374 18797224-902f-48f8-a5cc-f745e15eee43
 2004-02-29 14:19:27 +00:00
justdave%syndicomm.com
edf1262381 Bug 177449: When changing email address, old email address confirmation was case sensitive 
patch by Vlad Dascalu <jocuri@softhome.net>
r= kiko, a= justdave


git-svn-id: svn://10.0.0.236/trunk@147228 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-24 07:44:22 +00:00
bbaetz%acm.org
7d7d7e1532 Bug 208699 - Move Throw{Code,Template}Error into Error.pm 
r,a=justdave


git-svn-id: svn://10.0.0.236/trunk@146857 18797224-902f-48f8-a5cc-f745e15eee43
 2003-09-14 06:05:23 +00:00
bbaetz%acm.org
726bcd99cc Bug 180635 - Enhance Bugzilla::User to store additional information 
r=myk,jake


git-svn-id: svn://10.0.0.236/trunk@143228 18797224-902f-48f8-a5cc-f745e15eee43
 2003-06-03 09:48:15 +00:00
bbaetz%acm.org
9e1d7096ea Bug 201816 - use CGI.pm for header output 
r=joel, a=justdave


git-svn-id: svn://10.0.0.236/trunk@142113 18797224-902f-48f8-a5cc-f745e15eee43
 2003-05-05 01:15:38 +00:00
bbaetz%acm.org
6ee31579fe Bug 199813 - Make all users of ThrowUserError pass $vars in explicitly. 
r=gerv
a=justdave


git-svn-id: svn://10.0.0.236/trunk@140585 18797224-902f-48f8-a5cc-f745e15eee43
 2003-04-02 12:35:07 +00:00
jake%bugzilla.org
c3994d7057 Bug 196433 - Bugzilla now uses /usr/bin/perl as the shebang line 
r=justdave
a=justdave


git-svn-id: svn://10.0.0.236/trunk@140364 18797224-902f-48f8-a5cc-f745e15eee43
 2003-03-27 00:07:02 +00:00