Changesets: MantisBT
|
master-1.2.x c59ad8a6 2009-11-23 07:21 Details Diff |
Cleanup use of ampersands in internally generated URLs This should fix a number of bugs related to invalid links (created by confusion about whether to use & or & in internal URLs). We should only apply htmlspecialchars() or similar at output time, assuming we want HTML output from Mantis. Internally, it is best to just use & to separate arguments in GET HTTP URLs. There are still a few ugly bits of code that haven't been updated because to do so would require extensive rewriting in some sections. And in time, the print_ and html_ API is probably going to be deprecated by use of a templating engine so there is little point rewriting something that'll only get overhauled later. This commit is the backport to the 1.2.x branch because it fixes a few bugs here and there. Conflicts: main_page.php |
Affected Issues 0011272 |
|
| mod - login_select_proj_page.php | Diff File | ||
| mod - api/soap/mc_issue_api.php | Diff File | ||
| mod - core/string_api.php | Diff File | ||
| mod - project_page.php | Diff File | ||
| mod - news_update.php | Diff File | ||
| mod - main_page.php | Diff File | ||
| mod - account_prefs_reset.php | Diff File | ||
| mod - login.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
| mod - api/soap/mc_project_api.php | Diff File | ||
| mod - core/print_api.php | Diff File | ||
| mod - query_view_page.php | Diff File | ||
| mod - manage_proj_delete.php | Diff File | ||
| mod - core/relationship_api.php | Diff File | ||
| mod - login_page.php | Diff File | ||
| mod - login_anon.php | Diff File | ||
| mod - core/html_api.php | Diff File | ||
| mod - manage_user_delete.php | Diff File | ||
| mod - manage_user_page.php | Diff File | ||
| mod - core/file_api.php | Diff File | ||
| mod - bug_view_inc.php | Diff File | ||
| mod - roadmap_page.php | Diff File | ||
| mod - manage_proj_page.php | Diff File | ||
| mod - bug_actiongroup_ext.php | Diff File | ||
| mod - manage_user_prune.php | Diff File | ||
| mod - adm_config_report.php | Diff File | ||
| mod - core/form_api.php | Diff File | ||
| mod - print_all_bug_page_word.php | Diff File | ||
| mod - print_all_bug_page.php | Diff File | ||
| mod - bug_relationship_graph.php | Diff File | ||
| mod - core/relationship_graph_api.php | Diff File | ||
| mod - core/rss_api.php | Diff File | ||
| mod - my_view_inc.php | Diff File | ||
| mod - tag_update_page.php | Diff File | ||
| mod - core/ajax_api.php | Diff File | ||
| mod - view_filters_page.php | Diff File | ||
| mod - verify.php | Diff File | ||
| mod - bugnote_view_inc.php | Diff File | ||
| mod - manage_proj_edit_page.php | Diff File | ||
| mod - changelog_page.php | Diff File | ||
| mod - print_bug_page.php | Diff File | ||
| mod - core/columns_api.php | Diff File | ||
| mod - core/tag_api.php | Diff File | ||
| mod - core/filter_api.php | Diff File | ||
| mod - set_project.php | Diff File | ||
| mod - excel_xml_export.php | Diff File | ||
|
master 0c9b5cd5 2009-11-23 07:00 Details Diff |
Cleanup use of ampersands in internally generated URLs This should fix a number of bugs related to invalid links (created by confusion about whether to use & or & in internal URLs). We should only apply htmlspecialchars() or similar at output time, assuming we want HTML output from Mantis. Internally, it is best to just use & to separate arguments in GET HTTP URLs. There are still a few ugly bits of code that haven't been updated because to do so would require extensive rewriting in some sections. And in time, the print_ and html_ API is probably going to be deprecated by use of a templating engine so there is little point rewriting something that'll only get overhauled later. |
Affected Issues 0011272 |
|
| mod - print_all_bug_page_word.php | Diff File | ||
| mod - bug_relationship_graph.php | Diff File | ||
| mod - login_select_proj_page.php | Diff File | ||
| mod - core/string_api.php | Diff File | ||
| mod - project_page.php | Diff File | ||
| mod - news_update.php | Diff File | ||
| mod - manage_user_delete.php | Diff File | ||
| mod - account_prefs_reset.php | Diff File | ||
| mod - login.php | Diff File | ||
| mod - bugnote_view_inc.php | Diff File | ||
| mod - query_view_page.php | Diff File | ||
| mod - core/relationship_api.php | Diff File | ||
| mod - adm_config_report.php | Diff File | ||
| mod - login_anon.php | Diff File | ||
| mod - core/html_api.php | Diff File | ||
| mod - core/filter_api.php | Diff File | ||
| mod - api/soap/mc_project_api.php | Diff File | ||
| mod - bug_view_inc.php | Diff File | ||
| mod - manage_user_prune.php | Diff File | ||
| mod - view_filters_page.php | Diff File | ||
| mod - manage_proj_page.php | Diff File | ||
| mod - core/file_api.php | Diff File | ||
| mod - core/form_api.php | Diff File | ||
| mod - manage_proj_delete.php | Diff File | ||
| mod - roadmap_page.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
| mod - api/soap/mc_issue_api.php | Diff File | ||
| mod - print_all_bug_page.php | Diff File | ||
| mod - core/relationship_graph_api.php | Diff File | ||
| mod - core/rss_api.php | Diff File | ||
| mod - my_view_inc.php | Diff File | ||
| mod - tag_update_page.php | Diff File | ||
| mod - core/ajax_api.php | Diff File | ||
| mod - verify.php | Diff File | ||
| mod - core/tag_api.php | Diff File | ||
| mod - manage_proj_edit_page.php | Diff File | ||
| mod - core/print_api.php | Diff File | ||
| mod - manage_user_page.php | Diff File | ||
| mod - print_bug_page.php | Diff File | ||
| mod - changelog_page.php | Diff File | ||
| mod - core/columns_api.php | Diff File | ||
| mod - main_page.php | Diff File | ||
| mod - login_page.php | Diff File | ||
| mod - bug_actiongroup_ext.php | Diff File | ||
| mod - set_project.php | Diff File | ||
| mod - excel_xml_export.php | Diff File | ||
|
master-1.1.x 8ecb5fa4 2009-11-22 07:37 Details Diff |
Fix 0011026: Fix XSS bug in view_filters_page.php Fix a parsing/validation error whereby a target_field input of the form "status[]<script>bad_code();</script>" would be printed directly to HTML, thus leading to a XSS vulnerability. |
Affected Issues 0011206 |
|
| mod - view_filters_page.php | Diff File | ||
|
master-1.2.x 2730f010 2009-11-22 07:37 Details Diff |
Fix 0011026: Fix XSS bug in view_filters_page.php Fix a parsing/validation error whereby a target_field input of the form "status[]<script>bad_code();</script>" would be printed directly to HTML, thus leading to a XSS vulnerability. |
Affected Issues 0011206 |
|
| mod - view_filters_page.php | Diff File | ||
|
master c154fafc 2009-11-22 07:37 Details Diff |
Fix 0011026: Fix XSS bug in view_filters_page.php Fix a parsing/validation error whereby a target_field input of the form "status[]<script>bad_code();</script>" would be printed directly to HTML, thus leading to a XSS vulnerability. |
Affected Issues 0011206 |
|
| mod - view_filters_page.php | Diff File | ||
|
master 880db823 2009-11-22 06:24 Details Diff |
Localisation updates from translatewiki.net (2009-11-22) | ||
| mod - lang/strings_latvian.txt | Diff File | ||
| mod - lang/strings_polish.txt | Diff File | ||
| mod - lang/strings_bulgarian.txt | Diff File | ||
| mod - lang/strings_italian.txt | Diff File | ||
| mod - lang/strings_breton.txt | Diff File | ||
| mod - lang/strings_arabicegyptianspoken.txt | Diff File | ||
| mod - lang/strings_finnish.txt | Diff File | ||
| mod - lang/strings_icelandic.txt | Diff File | ||
| mod - lang/strings_occitan.txt | Diff File | ||
| add - plugins/MantisCoreFormatting/lang/strings_portuguese_standard.txt | Diff File | ||
| mod - lang/strings_russian.txt | Diff File | ||
| mod - lang/strings_chinese_simplified.txt | Diff File | ||
| mod - lang/strings_portuguese_brazil.txt | Diff File | ||
| mod - lang/strings_galician.txt | Diff File | ||
| mod - lang/strings_slovene.txt | Diff File | ||
| mod - plugins/MantisCoreFormatting/lang/strings_ripoarisch.txt | Diff File | ||
| mod - lang/strings_hebrew.txt | Diff File | ||
| mod - lang/strings_urdu.txt | Diff File | ||
| mod - lang/strings_german.txt | Diff File | ||
| mod - lang/strings_swissgerman.txt | Diff File | ||
| mod - lang/strings_korean.txt | Diff File | ||
| mod - lang/strings_greek.txt | Diff File | ||
| mod - lang/strings_swedish.txt | Diff File | ||
| mod - lang/strings_portuguese_standard.txt | Diff File | ||
| mod - lang/strings_hungarian.txt | Diff File | ||
| mod - lang/strings_lithuanian.txt | Diff File | ||
| mod - lang/strings_japanese.txt | Diff File | ||
| mod - lang/strings_tagalog.txt | Diff File | ||
| mod - lang/strings_ukrainian.txt | Diff File | ||
| mod - lang/strings_danish.txt | Diff File | ||
| mod - lang/strings_french.txt | Diff File | ||
| mod - lang/strings_estonian.txt | Diff File | ||
| mod - lang/strings_dutch.txt | Diff File | ||
| mod - lang/strings_romanian.txt | Diff File | ||
| mod - lang/strings_norwegian_bokmal.txt | Diff File | ||
| mod - lang/strings_slovak.txt | Diff File | ||
| mod - lang/strings_arabic.txt | Diff File | ||
| mod - lang/strings_serbian.txt | Diff File | ||
| mod - lang/strings_spanish.txt | Diff File | ||
| mod - lang/strings_ripoarisch.txt | Diff File | ||
| mod - lang/strings_czech.txt | Diff File | ||
| mod - lang/strings_chinese_traditional.txt | Diff File | ||
| add - plugins/XmlImportExport/lang/strings_portuguese_standard.txt | Diff File | ||
| mod - lang/strings_catalan.txt | Diff File | ||
|
master 83b35867 2009-11-21 15:53 Details Diff |
Add forgotten colon | ||
| mod - lang/strings_english.txt | Diff File | ||
|
master 0b0e018e 2009-11-21 15:46 Details Diff |
Fix error | ||
| mod - lang/strings_english.txt | Diff File | ||
|
master e0fcbc9d 2009-11-21 15:34 Details Diff |
Remove hard coded spaces and colons | ||
| mod - signup_page.php | Diff File | ||
| mod - proj_doc_delete.php | Diff File | ||
| mod - manage_proj_ver_delete.php | Diff File | ||
| mod - manage_user_edit_page.php | Diff File | ||
| mod - manage_proj_custom_field_remove.php | Diff File | ||
| mod - manage_proj_delete.php | Diff File | ||
| mod - manage_user_proj_delete.php | Diff File | ||
| mod - manage_user_update.php | Diff File | ||
| mod - manage_user_delete.php | Diff File | ||
| mod - print_all_bug_page_word.php | Diff File | ||
| mod - manage_proj_user_remove.php | Diff File | ||
| mod - lang/strings_english.txt | Diff File | ||
| mod - query_store_page.php | Diff File | ||
|
master 556eac53 2009-11-21 14:57 Details Diff |
Remove hard coded colons and spaces | ||
| mod - manage_plugin_page.php | Diff File | ||
| mod - main_page.php | Diff File | ||
| mod - manage_config_workflow_page.php | Diff File | ||
| mod - manage_custom_field_edit_page.php | Diff File | ||
| mod - manage_custom_field_delete.php | Diff File | ||
| mod - manage_config_revert.php | Diff File | ||
| mod - lang/strings_english.txt | Diff File | ||
| mod - manage_config_email_page.php | Diff File | ||
|
master abf8704e 2009-11-21 14:33 Details Diff |
Remove some hard coded spacing and colons | ||
| mod - core/filter_api.php | Diff File | ||
| mod - bug_sponsorship_list_view_inc.php | Diff File | ||
| mod - lang/strings_english.txt | Diff File | ||
| mod - bug_actiongroup.php | Diff File | ||
| mod - bug_file_upload_inc.php | Diff File | ||
| mod - proj_doc_edit_page.php | Diff File | ||
| mod - bug_actiongroup_ext.php | Diff File | ||
| mod - proj_doc_add_page.php | Diff File | ||
| mod - view_filters_page.php | Diff File | ||
| mod - billing_inc.php | Diff File | ||
| mod - bug_report_page.php | Diff File | ||
|
master-1.2.x 17c46c7c 2009-11-18 09:07 Committer: dhx Details Diff |
Fix 0010779: Due date set to Unix Epoch for cloned reports Regardless of whether the source of a cloned ticket had a due date set, the new cloned ticket was always given a due date equal to the Unix Epoch. This patch ensures that the due date is inherited from the source of the cloned ticket. Signed-off-by: David Hicks <hickseydr@optusnet.com.au> |
Affected Issues 0010779 |
|
| mod - bug_report_page.php | Diff File | ||
|
master 8e803c3b 2009-11-18 09:07 Committer: dhx Details Diff |
Fix 0010779: Due date set to Unix Epoch for cloned reports Regardless of whether the source of a cloned ticket had a due date set, the new cloned ticket was always given a due date equal to the Unix Epoch. This patch ensures that the due date is inherited from the source of the cloned ticket. Signed-off-by: David Hicks <hickseydr@optusnet.com.au> |
Affected Issues 0010779 |
|
| mod - bug_report_page.php | Diff File | ||
|
master-1.2.x 0eb89e06 2009-11-13 11:15 Details Diff |
Fix 0011155: Broken PCRE regex strings broke page redirects Commit 193ae8b94faa104d3d74a8e169eda99e10cbcf8c broke page redirects due to completely broken PCRE regex strings. My fault, was in a hurry. Sorry! |
Affected Issues 0011155 |
|
| mod - core/string_api.php | Diff File | ||
|
master 9e259188 2009-11-13 11:15 Details Diff |
Fix 0011155: Broken PCRE regex strings broke page redirects Commit 193ae8b94faa104d3d74a8e169eda99e10cbcf8c broke page redirects due to completely broken PCRE regex strings. My fault, was in a hurry. Sorry! |
Affected Issues 0011155 |
|
| mod - core/string_api.php | Diff File | ||
|
master 4a6f03b9 2009-11-11 14:22 Details Diff |
Remove hard coded colon | ||
| mod - print_bugnote_inc.php | Diff File | ||
| mod - print_all_bug_page_word.php | Diff File | ||
| mod - bugnote_view_inc.php | Diff File | ||
| mod - lang/strings_english.txt | Diff File | ||
|
master 3564e3f7 2009-11-11 13:59 Details Diff |
Merge branch 'master' of git://mantisbt.org/mantisbt | ||
|
master 7fabc22b 2009-11-11 03:56 Details Diff |
Localisation updates from translatewiki.net (2009-11-11) | ||
| mod - lang/strings_dutch.txt | Diff File | ||
| mod - plugins/MantisCoreFormatting/lang/strings_ripoarisch.txt | Diff File | ||
| mod - lang/strings_occitan.txt | Diff File | ||
| mod - plugins/MantisCoreFormatting/lang/strings_galician.txt | Diff File | ||
| mod - lang/strings_catalan.txt | Diff File | ||
| mod - plugins/MantisCoreFormatting/lang/strings_swissgerman.txt | Diff File | ||
| add - plugins/MantisCoreFormatting/lang/strings_hsb.txt | Diff File | ||
| mod - lang/strings_swissgerman.txt | Diff File | ||
| mod - lang/strings_french.txt | Diff File | ||
| mod - lang/strings_hungarian.txt | Diff File | ||
| mod - lang/strings_chinese_traditional.txt | Diff File | ||
| mod - plugins/MantisCoreFormatting/lang/strings_occitan.txt | Diff File | ||
| mod - plugins/MantisCoreFormatting/lang/strings_hungarian.txt | Diff File | ||
| mod - lang/strings_spanish.txt | Diff File | ||
| mod - plugins/MantisCoreFormatting/lang/strings_japanese.txt | Diff File | ||
| mod - lang/strings_japanese.txt | Diff File | ||
| mod - plugins/MantisCoreFormatting/lang/strings_french.txt | Diff File | ||
| mod - lang/strings_galician.txt | Diff File | ||
| mod - lang/strings_ukrainian.txt | Diff File | ||
|
master-1.2.x e9d7b203 2009-11-10 15:48 Details Diff |
Commit 55878bd7 escapes using the wrong delimiter | ||
| mod - core/string_api.php | Diff File | ||
|
master 9f2e24da 2009-11-10 15:48 Details Diff |
Commit 55878bd7 escapes using the wrong delimiter | ||
| mod - core/string_api.php | Diff File | ||
|
master-1.2.x 2656c2f5 2009-11-10 15:07 Details Diff |
Issue 0011138: Error when retrieving bug via SOAP Proper check for return values and avoid returning nulls to count. |
Affected Issues 0011138 |
|
| mod - api/soap/mc_issue_api.php | Diff File | ||
|
master f7435b8c 2009-11-10 15:07 Details Diff |
Issue 0011138: Error when retrieving bug via SOAP Proper check for return values and avoid returning nulls to count. |
Affected Issues 0011138 |
|
| mod - api/soap/mc_issue_api.php | Diff File | ||
|
master-1.2.x a27f6316 2009-11-09 16:58 Committer: dhx Details Diff |
Issue 0011088: Update emails show @0@ instead of the access level of each bugnote author Update email_format_bug_message to pass in the project id to access_get_project_level for the bugnote reporter instead of relying on helper_get_current_project() to guess the correct one. Signed-off-by: David Hicks <hickseydr@optusnet.com.au> |
Affected Issues 0011088 |
|
| mod - core/email_api.php | Diff File | ||
|
master e35d857f 2009-11-09 16:58 Committer: dhx Details Diff |
Issue 0011088: Update emails show @0@ instead of the access level of each bugnote author Update email_format_bug_message to pass in the project id to access_get_project_level for the bugnote reporter instead of relying on helper_get_current_project() to guess the correct one. Signed-off-by: David Hicks <hickseydr@optusnet.com.au> |
Affected Issues 0011088 |
|
| mod - core/email_api.php | Diff File | ||
|
master-1.2.x 70bbad26 2009-11-09 16:16 Details Diff |
Issue 0011138: Error when retrieving bug via SOAP Fixes a possible error in mci_issue_get_attachments when the user does not have access to viewing attachments. |
Affected Issues 0011138 |
|
| mod - api/soap/mc_issue_api.php | Diff File | ||
