Changesets: MantisBT
|
master 0eb55f93 2018-02-02 14:07 Details Diff |
Santize real name in tooltips | ||
| mod - core/prepare_api.php | Diff File | ||
|
master a3c0e9e3 2018-02-02 14:02 Details Diff |
Change time tracking to print username using API | ||
| mod - billing_inc.php | Diff File | ||
| mod - bugnote_stats_inc.php | Diff File | ||
| mod - core/billing_api.php | Diff File | ||
| mod - core/bugnote_api.php | Diff File | ||
|
master 3b41e69a 2018-02-02 13:32 Details Diff |
Update user_get_name() to handle deleted users The new logic involve not only getting name for non-existent user, but usernames as well. So harden user_get_username() to handle non-existent users. |
||
| mod - core/user_api.php | Diff File | ||
|
master 4f8ed472 2018-02-02 13:27 Details Diff |
Revise sort by last name and real name access check | ||
| mod - core/print_api.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
|
master 391b14e8 2018-02-02 11:59 Details Diff |
Always use username or username + realname Using username makes sure reference to a person is not ambiguous and is unique. Real name can provide extra information when show realnames is enable and required access level is met. - Honor access level required to show realname. - When realname is to be shown, use a bubble or paranthesis (e.g. drop down list). |
||
| mod - config_defaults_inc.php | Diff File | ||
| mod - core/prepare_api.php | Diff File | ||
| mod - core/print_api.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
|
master 79c7b965 2018-02-02 11:14 Details Diff |
Don’t enforce realname to be unique | ||
| mod - account_update.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
| mod - manage_user_update.php | Diff File | ||
|
master-2.10 3e51ee66 2018-02-02 09:41 Details Diff |
Add reporter and handler to monitor user list when resolving as duplicate Fixes 0023924 |
Affected Issues 0023924 |
|
| mod - bug_update.php | Diff File | ||
|
master de686a9e 2018-02-02 01:14 Details Diff |
Fix PHP error - wrong argument type Initialize $t_filter variable as array() instead of '' in current_user_get_bug_filter(), to ensure its type is correct when calling filter_ensure_valid_filter(). Fixes 0023921 |
Affected Issues 0023921 |
|
| mod - core/current_user_api.php | Diff File | ||
|
master 41c773cd 2018-02-01 23:37 Details Diff |
Remove duplicate code for getting names to sort by | ||
| mod - api/soap/mc_project_api.php | Diff File | ||
| mod - core/print_api.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
| mod - manage_proj_edit_page.php | Diff File | ||
|
master 744bcdb6 2018-02-01 23:26 Details Diff |
Use API for getting display name in filter form API | ||
| mod - core/filter_form_api.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
|
master 3d491d70 2018-02-01 23:26 Details Diff |
Support getting sort name via user API | ||
| mod - api/soap/mc_project_api.php | Diff File | ||
| mod - config_defaults_inc.php | Diff File | ||
| mod - core/bugnote_api.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
|
master c558ecc0 2018-02-01 16:39 Details Diff |
Remove dependency on `show_realname` for bugnote stats | ||
| mod - bugnote_stats_inc.php | Diff File | ||
| mod - core/bugnote_api.php | Diff File | ||
|
master 37f1edf0 2018-02-01 16:18 Details Diff |
Remove `show_realname` usage from billing pages The underlying `user_get_name` API should handle this and higher level page shouldn’t care. |
||
| mod - billing_export_to_csv.php | Diff File | ||
| mod - billing_export_to_excel.php | Diff File | ||
| mod - billing_inc.php | Diff File | ||
| mod - core/billing_api.php | Diff File | ||
|
master 69079c43 2018-02-01 16:08 Details Diff |
Remove `show_realnames` usage from project page | ||
| mod - project_page.php | Diff File | ||
|
master 18513272 2018-02-01 16:04 Details Diff |
Remove reference to `duplicate_realname` - Remove reference to non-existent field `duplicate_realname`. - Refactor user_get_name() |
||
| mod - core/user_api.php | Diff File | ||
|
master d0d51113 2018-02-01 07:03 Committer: GitHub Details Diff |
Improvements and code cleanup for Summary page Merge pull requests - https://github.com/mantisbt/mantisbt/pull/1266 - https://github.com/mantisbt/mantisbt/pull/1274 |
||
| mod - core/summary_api.php | Diff File | ||
| mod - summary_page.php | Diff File | ||
|
master a8483aad 2018-01-31 22:58 translatewiki.net Details Diff |
Localisation updates from https://translatewiki.net. | ||
| mod - lang/strings_bulgarian.txt | Diff File | ||
| mod - lang/strings_italian.txt | Diff File | ||
| mod - lang/strings_russian.txt | Diff File | ||
| mod - lang/strings_turkish.txt | Diff File | ||
| mod - lang/strings_ukrainian.txt | Diff File | ||
|
master 233f3364 2018-01-31 01:51 Details Diff |
Merge branch 'master-2.10' | ||
| mod - adm_config_report.php | Diff File | ||
|
master-1.3.x 9e4db60a 2018-01-30 01:58 Details Diff |
Fix XSS in adm_config_report.php (CVE-2018-6403) Nguyen Tri Tuan reported this vulnerability, allowing an attacker to inject arbitrary code through a crafted 'value' parameter. Prevent the attack by sanitizing the variable before output. Fixes 0023906, 0023918 Cherry-picked from c4afcb118472fef8d3a7f468b16d874f9d6cf871. |
Affected Issues 0023906, 0023918 |
|
| mod - adm_config_report.php | Diff File | ||
|
master-2.10 c4afcb11 2018-01-30 01:58 Details Diff |
Fix XSS in adm_config_report.php (CVE-2018-6403) Nguyen Tri Tuan reported this vulnerability, allowing an attacker to inject arbitrary code through a crafted 'value' parameter. Prevent the attack by sanitizing the variable before output. Fixes 0023906 |
Affected Issues 0023906 |
|
| mod - adm_config_report.php | Diff File | ||
|
master cf5baefa 2018-01-29 20:34 Details Diff |
Fix username and realname uniqueness checks - Fix user realname uniqueness check which wasn’t working. - Remove `$g_differentiate_duplicates` config option. - Change username realname uniqueness check APIs to not take in username, since these are independent operations. Fixes 0023909, 0023900 |
Affected Issues 0023900, 0023909 |
|
| mod - account_update.php | Diff File | ||
| mod - config_defaults_inc.php | Diff File | ||
| mod - core/obsolete.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
| mod - manage_user_update.php | Diff File | ||
|
master c91d586b 2018-01-28 22:20 translatewiki.net Details Diff |
Localisation updates from https://translatewiki.net. | ||
| mod - lang/strings_catalan.txt | Diff File | ||
| mod - lang/strings_chinese_traditional.txt | Diff File | ||
| mod - lang/strings_greek.txt | Diff File | ||
| mod - lang/strings_ka.txt | Diff File | ||
| mod - lang/strings_portuguese_standard.txt | Diff File | ||
| mod - lang/strings_serbian.txt | Diff File | ||
| mod - lang/strings_spanish.txt | Diff File | ||
| mod - lang/strings_ukrainian.txt | Diff File | ||
| mod - lang/strings_urdu.txt | Diff File | ||
| mod - plugins/MantisGraph/lang/strings_serbian.txt | Diff File | ||
| mod - plugins/XmlImportExport/lang/strings_greek.txt | Diff File | ||
|
master 5a9c3785 2018-01-28 09:13 Details Diff |
Merge remote-tracking branch 'origin/master-2.10' | ||
| mod - api/soap/mc_project_api.php | Diff File | ||
|
master 09306f2f 2018-01-28 08:59 Details Diff |
Remove access and icon info for files Fixes 0022792 |
Affected Issues 0022792 |
|
| mod - api/rest/restcore/issues_rest.php | Diff File | ||
| mod - api/soap/mc_issue_api.php | Diff File | ||
|
master 386328eb 2018-01-28 07:00 Details Diff |
Doc: Remove legacy settings from publican.cfg The 'edition' and 'release' settings were required when using old versions of Publican. The new server is running 4.3.2, so these are no longer necessary. |
||
| mod - docbook/Admin_Guide/publican.cfg | Diff File | ||
| mod - docbook/Developers_Guide/publican.cfg | Diff File | ||
