Remove the code for rejecting the version of MySQL with broken encryption (as bugzilla no longer uses MySQL's encrypt routine). Also, point to mysql.com for downloading newer versions.
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net
re-fix for bug 55161: buglist works again if you search for change history on a bug
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
Fix for bug 76154: Bugzilla can now optionally provide .htaccess files for Apache to help restrict viewing of private data
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
Fix for bug 84714 and bug 88797: You can now change bug groups from the "change several bugs" form even if the bugs aren't all in the same groups. Also, the groups are no longer cleared when you make a change from the "change several bugs" form (unless you tell it to)
Patch by Joe Robins <jmrobins@tgix.com> and Dave Miller <justdave@syndicomm.com>
r= zach@zachlipton.com
a= justdave@syndicomm.com
Fix for bug 84714 and bug 88797: You can now change bug groups from the "change several bugs" form even if the bugs aren't all in the same groups. Also, the groups are no longer cleared when you make a change from the "change several bugs" form (unless you tell it to)
Patch by Joe Robins <jmrobins@tgix.com> and Dave Miller <justdave@syndicomm.com>
r= zach@zachlipton.com
a= justdave@syndicomm.com
Re-fix for bug 77699: the undefined error affected other browsers than just IE5, so work around it for all browsers.
Patch by Stephen Lee <slee@uk.bnsmc.com>
r= afranke@ags.uni-sb.de
Fixing minor problem caused by the original bug 77473 checkin where an SQL error was being produced if you tried to log in
with an invalid username.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com
Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com, jake@acutex.net
Fix for bug 87701: Invalid username in bug changes echoed back without escaping HTML data
Patch by Gervase Markham <gervase.markham@univ.ox.ac.uk>
r= justdave@syndicomm.com
Fix for bug 59349: Processmail now runs in taint (perl -T and $db->{Taint}=1) mode. Hooks also added to globals.pl to make converting other files in Bugzilla to run in Taint mode easier.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
Fix for bug 76183 and bug 71555: consolidates chmod activity in one place in checksetup.pl and also provides permission setting for bugzilla installations installed in a personal user directory as opposed to the server's main web space. (makes the files world-readable so the webserver can see them, since you can't set the group)
Patch by Christian Reis <kiko@async.com.br>
r= justdave@syndicomm.com
jake%acutex.net [Thu, 28 Jun 2001 22:42:29 +0000 (22:42 +0000)]
Refix bug 80289. Don't print header for groups if there aren't any groups to display (was printing a header without groups in rare instances).
Patch by Joe Robins <jmrobins@tgix.com>
r= jake@acutex.net
Fix for bug 80289: Group restrictions are now identified with checkboxes instead of select widgets. Also, product groups are now only offered if they are either already set, or match the current product (i.e. the option to set a product bit for a product other than the one the bug is in is no longer available) This results in much less clutter for the admin folks on sites with lots of products.
Patch by Joe Robbins <jmrobins@tgix.com>
r= justdave@syndicomm.com
Re-fix for bug 28458: AddFDef always replaces the fielddefs every time you run checksetup.pl, so the change to them during doeditparams was nullified if you updated. Other recent changes have nullified the reason for changing it in editparams anyway, so just backing that part out.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
Fix for bug 47914: buglist.cgi always had a not-logged-in footer if you were unlucky enough to have a login cookie that got corrupted in the shadow database. This patch makes buglist.cgi switch back to the primary database before looking up your login cookie for the footer.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com
Fix for bug 85833: show_bug.cgi (and probably others) now allow leading or trailing spaces in the bug id, to allow for user input error. This used to work, and recent bug validation changes broke it.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
Fix for bug 45918: the old password field on the userprefs page is now used to log you back in if you try to change your password with cookies turned off, which avoids the confusing login screen after entering your new password in which you used to have to enter your old password one more time in order to let it set your new password (yes, it used to be as confusing as that just sounded :)
r= tara@tequilarista.org
jake%acutex.net [Tue, 19 Jun 2001 09:05:08 +0000 (09:05 +0000)]
Running a query using the Added Comment option was very slow (bug 57350).
Patch by Myk Melez <myk@mozilla.org> and Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
jake%acutex.net [Fri, 15 Jun 2001 03:02:31 +0000 (03:02 +0000)]
Checking in the cleaner version of the fix for "No Available Products". This was attached to bug 65311.
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
Fix for bug 84596: Syncshadowdb wasn't using the db_user and db_pass from localconfig, which meant that it previously wouldn't run unless it was running under a user that had access to the bugs and shadowbugs dbs and didn't have a password. It now looks for db_user and db_pass and specifies them on the command line to mysqldump and mysql if they're in use.
r= tara
Re-fix for bug 21253: fix calling conventions for syncshadowdb so that a phony parameter to get past the multi-param system() test in tinderbox actually works.
r= tara
jake%acutex.net [Fri, 8 Jun 2001 20:12:13 +0000 (20:12 +0000)]
Give a logical error message if no products are available to a user for bug entry (bug 84285).
Patch by Paul Thomas <paul.thomas@sse.ie>
r= jake@acutex.net
Hopefully the fix for bug 77778: component lists, etc stuttering due to corruption in data/versioncache.
Patch design by Terry Weissman <terry@mozilla.org>
Patch implemented by Dave Miller <justdave@syndicomm.com>
r= tara@tequilarista.org
Fix for bug 15980: Password is no longer shown in the location bar on the first page you load after logging in.
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
Fix for bug 83872: Bugzilla no longer requires the Mysql Perl module, but the DBD::mysql Perl module, and has been this way for a while. Fixing the version checks in checksetup.pl to check the correct module. Also eliminates a DBD::mysql-specific database function call that is depricated in the current version of DBD_mysql.
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net, tara@tequilarista.org
Fix for bug 39557: doeditvotes.cgi will no longer create a vote record for a nonexistant bug if the HTML is tampered with or other bugs cause bad bug numbers in the submitted form.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com
Fix for bug 82781: describecomponents.cgi now checks viewing permissions to make sure you can see a product
Patch by Myk Melez <myk@mozilla.org>
r= tara@tequilarista.org
Fix for bug 28458: "NEW" bugs were not getting CC or QA Contact information displayed.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
Fix for bug 75482: adding the capability to deactivate a group without deleting it (prevent new bugs from being placed into that group, but don't remove the group restriction from bugs already in it).
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com
jake%acutex.net [Sat, 2 Jun 2001 21:24:45 +0000 (21:24 +0000)]
sanitycheck.cgi was able to be run by anybody - even people without Bugzilla accounts. It is now restricted to only people with the editbugs permission (bug 54556).
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net
Fix for bug 65190: add comparison type "all words as substrings" and "any words as substrings" to the text fields in query.cgi
Patch by Andreas Franke <afranke@ags.uni-sb.de>
r= justdave@syndicomm.com
Fix for bug 78407: extra safeguard against overpopping the email list when pruning people who aren't supposed to get mail.
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
jake%acutex.net [Thu, 31 May 2001 22:52:23 +0000 (22:52 +0000)]
Bugzilla was leaking information about bugs marked secure (using bug groups). This checkin fixes bugs 39524, 39527, 39531, and 39533.
Patches by Myk Melez <myk@mozilla.org>.
r= jake@acutex.net
jake%acutex.net [Wed, 30 May 2001 22:47:30 +0000 (22:47 +0000)]
Fix for bug 45164 - New users created by the admin were not subject to the userregexp for groupsets.
Patch by Joe Robins <jmrobins@tgix.com>
r= jake@acutex.net
Dummy commit so I can put the attributions I forgot in the previous one.
Patch from bug 65290 was by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
Fix for bug 65399: Can't use string ("") as an ARRAY ref while "strict refs" in use at query.cgi due to no components defined in a product.
Patch by Matthias Radestock <matthias@sorted.org>
r= justdave@syndicomm.com
Fix for bug 78045: change references to README in error messages to point to the Bugzilla Guide instead.
Patch by Matthew Tuck <matty@chariot.net.au>
r= justdave@syndicomm.com
Landing quips.cgi (bug 73191) by Owen Taylor <otaylor@redhat.com>
Submitted by Martin Baulig <baulig@suse.de> from bugzilla.gnome.org
r= justdave@syndicomm.com
Fix for bug 77699 and bug 71503: fix javascript errors in quicksearch and improve IE5 compatibility
Patch by Stephan Lee <slee@uk.bnsmc.com> and Andreas Franke <afranke@ags.uni-sb.de>
jake%acutex.net [Fri, 25 May 2001 19:48:47 +0000 (19:48 +0000)]
Bug 79739 - Initial Owner and QA Contact were not being handled correctly by the email interface after they were changed to userid's in bug 66876.
r= justdave@syndicomm.com
Fix for bug 38859: escape invalid email addresses for HTML before displaying to the user.
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net, justdave@syndicomm.com
Fix for bug 80045: 500 Server Error in IE (but not Netscape or Mozilla) on errors looking up email addresses.
Patch by <jake@acutex.net>
r= justdave@syndicomm.com
Added .htaccess files for shadow/, data/, and /.
I added related information to the Bugzilla Guide, and
tacked in a couple of last-minute additions. Also fixed the
annoying "Tip: HINT:" thing.
Updated Bugzilla Guide and README to fix bug 76156, bug 76841, and bug 26242.
The README is now gutted, pointers to Guide. Also some new sections added,
old ones fixed, and notes appended to deprecated sections I've not yet had
the heart to remove.
projects / thirdparty / bugzilla.git / log
