Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-01-11 22:41:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
86,200 Commits 616 Branches 98 Tags
Commit Graph

2320 Commits

Author SHA1 Message Date
kestes%walrus.com
8daf11530a Major bug in the untainting code. It seems that $1 is not cleared if 
a pattern match fails.  I need to go and explicity add lots of if then else
clauses to ensure that variables are properly clean.  This unleashes a torrent of bugs.  Also split the check for valid filenames into two.  One checks
that each character is a valid character the other checks that
the directories which are pointed to are subdirectories of well known
 directories.
 2001-08-02 20:11:03 +00:00
kestes%walrus.com
028b162763 fix bug in the untainting code by splitting the checks into two parts 
one checks for valid characters in a filename the other checks
for both valid characters and valid directories as well.
 2001-08-02 20:06:02 +00:00
kestes%walrus.com
9ac543bc59 fix bug in untainting code by splitting up the file checks into two pieces 
one checks for legal characters and the other checks for legal characters AND
legal directories.
 2001-08-02 20:04:25 +00:00
kestes%walrus.com
1c8abda2a8 version number had a space when the day of the month was less then 10, 
now it has a zero.
 2001-08-02 20:02:17 +00:00
endico%mozilla.org
920ad4ed81 change zcat to cat. don't assume that the file is compressed 2001-08-01 04:03:18 +00:00
endico%mozilla.org
c9b38c329e weed out cruft. two years of data contained 5 million urls most of which were various bonsai and htdig queries. This is insane. Crop off everything in the url after a question mark. Crop off "index.html". Crop off trailing slashes except the root of the web site which is a lone slash. Added a shell script to preprocess the log data since that code was reused from another web analizer script. 2001-08-01 03:52:22 +00:00
jake%acutex.net
8fe9063d4d Fix for bug 92713, show_activity.pl displays zeros as non-breaking spaces. 
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net
 2001-07-30 12:52:21 +00:00
ian%hixie.ch
961c90812c Added support for string escaping, and shrinking (flattening) and expanding of hashes of arrays (such as the data.input.arguments hash), to COSES. These features are necessary for making the UI layer of an application. 2001-07-30 06:29:25 +00:00
ian%hixie.ch
fa1ccb0738 * Abstracted out the string expander logic so that now strings have to say what string expanded they expect to be processed with (e.g., 'COSES', 'XSLT', 'Template' or whatever). This required one field 'type' to be added to every default string and a new field 'type' to be added to the string data source. 
* Changed the COSES editor to support the abstracted logic mentioned above (note: maybe "COSES editor" is no longer an apt name...).
* Made the parseNS method of the XML service actually do something.
* Made the COSES processor namespace aware.
* Changed <coses:embed string=""> to <coses:include href="">. I was going to change it to an XInclude, but it turns out the processing model is wrong for that (XInclude, for instance, bans recursive nesting). Added support for a 'parse' attribute just like for XInclude (support three values: 'xml', 'text' and 'x-auto').
* Added columnExists() to the DBI database helper.
* Added string caching to the strings data source. Should be particularly helpful for Apache mod_perl installations.
 2001-07-29 22:38:30 +00:00
kestes%walrus.com
44bbff513d added explanations so that others may avoid installation problems I had. 2001-07-27 20:46:10 +00:00
kestes%walrus.com
603a95f068 fixes because the default bonsai directory conventions were wrong and 
I was not getting good treestates.
 2001-07-27 20:44:45 +00:00
kestes%walrus.com
8760231679 show an example of how to use the new bonsai default parameter. 2001-07-27 20:42:56 +00:00
kestes%walrus.com
20bebb0b1d change the 'show next' links to 'show previous' links, too many 
users ask me dumb questions about the future (really!)
 2001-07-27 20:41:31 +00:00
kestes%walrus.com
6dee214d83 a useful example to show how to write buildcf files. 2001-07-27 20:39:18 +00:00
kestes%walrus.com
a5653ebd9a errors in the system3 and the chdir are now caught and sent to the server. 
give and example of the command line arguments.
 2001-07-27 20:38:50 +00:00
ian%hixie.ch
7c0dbe2fe3 Added a hash of the user's rights to the user hash to make it easier to enable or disable UI elements 2001-07-26 03:40:56 +00:00
ian%hixie.ch
18956f9796 Added better handling for error conditions in the Database code, and fixed the 'addRight' method to use it. 
Pasted in excerpts from the DBI man pages with sections highlighted in order to keep track of what will need fixing.
 2001-07-26 00:54:37 +00:00
ian%hixie.ch
ef634e93bd * Added a section on common errors to Documentation.txt 
* Added more comments to a few modules
* Changed the semantics of adding and removing user fields ("user data types")
* Implemented a factory service to perform those semantics ('registerField', 'removeField' and the convenience 'registerSetting')
* Added a missing return in the MySQL implementation of the user data source
* Added an assert in the MySQL version of 'addRight' to catch an easy error
* Added XXX comment in the MySQL version of 'addRight' (will fix this in the next patch)
* Fixed a case where sending an undefined value to the DBI database implementation would fail during the untainting
* Fixed MySQLID to actually work (in the DBI ResultsFrame)
* Fixed two typos in the user service ('settings' to 'setting')
* Added the requirement that a user must have certain rights to use the COSES editor
* Added a setupInstall implementation to the COSES editor
 2001-07-25 23:54:32 +00:00
justdave%syndicomm.com
9d61fad196 fix for bug 91903: insecure dependency in require in importxml.pl under taint mode only in Perl 5.005. 
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
 2001-07-25 20:12:00 +00:00
justdave%syndicomm.com
452d0fb5ff Fix for bug 90933: inconsistant field types for profiles.disabledtext 
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
 2001-07-25 17:55:29 +00:00
ian%hixie.ch
9c45d94bfc Mainly changes to make it compile and easier to debug: 
* Made the start of an execution start clearer in the error log. This depends on the debug level; just makes it easier to determine what is a single execution block in a 70MB error log.
* Changed a stray semicolon into a comma, and fixed other misspellings or typos.
* Added the default strings to the CosesEditor component.
 2001-07-25 09:32:28 +00:00
justdave%syndicomm.com
8ab662d553 re-fix bug 76154: permissions weren't being set correctly on the .htaccess files when checksetup.pl was run again. Also adding .htaccess to .cvsignore so it won't show up as ? in cvs diffs and updates. 
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
 2001-07-25 07:26:42 +00:00
jake%acutex.net
9b7adb0f66 Remove the code for rejecting the version of MySQL with broken encryption (as bugzilla no longer uses MySQL's encrypt routine). Also, point to mysql.com for downloading newer versions. 
Patch by Myk Melez <myk@mozilla.org>
r= jake@acutex.net
 2001-07-23 14:33:04 +00:00
justdave%syndicomm.com
d1e3b806fc re-fix for bug 55161: buglist works again if you search for change history on a bug 
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
 2001-07-23 02:34:08 +00:00
justdave%syndicomm.com
16e9e5348c Fix for bug 76154: Bugzilla can now optionally provide .htaccess files for Apache to help restrict viewing of private data 
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
 2001-07-22 05:23:33 +00:00
justdave%syndicomm.com
e2f5106142 fix "used only once" error reported by tinderbox 2001-07-22 00:43:34 +00:00
justdave%syndicomm.com
99dccbf9c5 Fix for bug 84714 and bug 88797: You can now change bug groups from the "change several bugs" form even if the bugs aren't all in the same groups. Also, the groups are no longer cleared when you make a change from the "change several bugs" form (unless you tell it to) 
Patch by Joe Robins <jmrobins@tgix.com> and Dave Miller <justdave@syndicomm.com>
r= zach@zachlipton.com
a= justdave@syndicomm.com
 2001-07-22 00:29:45 +00:00
justdave%syndicomm.com
a96210885a Fix for bug 84714 and bug 88797: You can now change bug groups from the "change several bugs" form even if the bugs aren't all in the same groups. Also, the groups are no longer cleared when you make a change from the "change several bugs" form (unless you tell it to) 
Patch by Joe Robins <jmrobins@tgix.com> and Dave Miller <justdave@syndicomm.com>
r= zach@zachlipton.com
a= justdave@syndicomm.com
 2001-07-22 00:22:36 +00:00
kestes%walrus.com
8d1643241e Change work email address to new company. 2001-07-20 19:05:22 +00:00
kestes%walrus.com
9de5c2383e Fix handling of trees other then default. This is still a bit broken 
for the default tree, but all others work now.
 2001-07-20 18:59:35 +00:00
kestes%walrus.com
53b626fb3b Must pass the treename through to BonsaiData. 2001-07-20 18:56:39 +00:00
kestes%walrus.com
0dfffdf63b Show the users that there is a treeheader_bonsai module: 2001-07-20 18:55:44 +00:00
kestes%walrus.com
4310221c9e Update the specfiles to work with the RedHat conventions for RH 7.1. 2001-07-20 18:43:11 +00:00
kestes%walrus.com
ebaf8ad014 add RedHat Package Managment (RPM) spec files. So that users of 
this package managment system can easily deploy prepacked version of
bonsai.
 2001-07-20 18:16:30 +00:00
kestes%walrus.com
60322cfe56 clarify details about the installation which gave me trouble.:wq 2001-07-20 18:14:53 +00:00
jake%acutex.net
ed69b4acf1 Fix for bugs 55161 and 12819. The activity log now stores only what's changed in multi-value fields. 
r= justdave@syndicomm.com
 2001-07-20 15:18:30 +00:00
justdave%syndicomm.com
16f7d90c34 Re-fix for bug 77699: the undefined error affected other browsers than just IE5, so work around it for all browsers. 
Patch by Stephen Lee <slee@uk.bnsmc.com>
r= afranke@ags.uni-sb.de
 2001-07-20 08:25:30 +00:00
timeless%mac.com
f4c8cd4d0b Bugzilla Bug 90704 there is a correct spelling for gobbeldygook and this is not it 
r=terry [C=WP, A=OED]
 2001-07-16 20:15:03 +00:00
jake%acutex.net
98a3075c9b Correcting the URL for MySQL's web page. Bug 90553. 
Patch by Myk Melez <myk@mozilla.org>
 2001-07-16 19:50:17 +00:00
justdave%syndicomm.com
eae6e119bd Fixing minor problem caused by the original bug 77473 checkin where an SQL error was being produced if you tried to log in 
with an invalid username.
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com
 2001-07-16 19:38:34 +00:00
timeless%mac.com
8d0478157a Bugzilla Bug 90598 spelling and minor syntactic correctness [doeHs] 
r=mpt a=terry. [C=WP, A=OED]
 2001-07-13 17:45:52 +00:00
justdave%syndicomm.com
6b3b75de75 Fix for bug 77473, bug 74032, and bug 85472: Passwords are no longer stored in plaintext in the database. Passwords are no longer encrypted with MySQL's ENCRYPT() function (because it doesn't work on some installs), but with Perl's crypt() function. The crypt-related routines now properly deal with salts so that they work on systems that use methods other than UNIX crypt to crypt the passwords (such as MD5). Checksetup.pl will walk through your database and re-crypt everyone's passwords based on the plaintext password entry, then drop the plaintext password column. As a consequence of no longer having a plaintext password, it is no longer possible to email someone their password, so the login screen has been changed to request a password reset instead. The user is emailed a temporary identifying token, with a link back to Bugzilla. They click on the link or paste it into their browser and Bugzilla allows them to change their password. 
Patch by Myk Melez <myk@mozilla.org>
r= justdave@syndicomm.com, jake@acutex.net
 2001-07-11 05:29:21 +00:00
justdave%syndicomm.com
babcf8d29e Fix for bug 87701: Invalid username in bug changes echoed back without escaping HTML data 
Patch by Gervase Markham <gervase.markham@univ.ox.ac.uk>
r= justdave@syndicomm.com
 2001-07-04 07:06:00 +00:00
justdave%syndicomm.com
eefbb08052 Killing the "used only once" error that suddenly popped up out of nowhere on tinderbox. 2001-07-04 05:33:37 +00:00
justdave%syndicomm.com
a8d4f31ac9 removing "Use Carp" and "sub die_with_dignity" that I was supposed to remove from the previous patch before checking it in. 2001-07-04 05:28:39 +00:00
justdave%syndicomm.com
a713e052fd Fix for bug 59349: Processmail now runs in taint (perl -T and $db->{Taint}=1) mode. Hooks also added to globals.pl to make converting other files in Bugzilla to run in Taint mode easier. 
Patch by Jake Steenhagen <jake@acutex.net>
r= justdave@syndicomm.com
 2001-07-04 04:41:27 +00:00
gerv%gerv.net
703d842ab9 Add strikethrough to resolved bug numbers. Bug 79816. r=jake. 2001-07-01 20:17:28 +00:00
gerv%gerv.net
44a89994a3 Make bug chart filenames other-OS friendly by removing colons. Bug 88179. r=jake. 2001-07-01 19:09:29 +00:00
justdave%syndicomm.com
1597e271bd Fix for bug 87596: improper definition of $::components in globals.pl 
Patch by Dave Miller <justdave@syndicomm.com>
r= jake@acutex.net
 2001-07-01 02:00:56 +00:00
justdave%syndicomm.com
9d2900700d Fix for bug 76183 and bug 71555: consolidates chmod activity in one place in checksetup.pl and also provides permission setting for bugzilla installations installed in a personal user directory as opposed to the server's main web space. (makes the files world-readable so the webserver can see them, since you can't set the group) 
Patch by Christian Reis <kiko@async.com.br>
r= justdave@syndicomm.com
 2001-06-29 03:47:56 +00:00