Search Changesets

MantisBT: master 13a7de43

2017-05-22 06:09:38

dregad

Details Diff
Merge remote-tracking branch 'origin/master-2.4'

Conflicts:
core/constant_inc.php
Attach Issues:
mod - core/cfdefs/cfdef_standard.php Diff File
mod - core/classes/MantisColumn.class.php Diff File
mod - core/csv_api.php Diff File
mod - core/custom_field_api.php Diff File
mod - core/excel_api.php Diff File
mod - csv_export.php Diff File
mod - docbook/Admin_Guide/en-US/Revision_History.xml Diff File
mod - docbook/Developers_Guide/en-US/Revision_History.xml Diff File
mod - excel_xml_export.php Diff File

MantisBT: master 767a9475

2017-05-21 22:25:46

vboctor

Details Diff
Use disposable-email-checker v3 via Composer

Fixes 0022913
Affected Issues
0022913
mod - .gitmodules Diff File
mod - composer.json Diff File
mod - composer.lock Diff File
mod - core.php Diff File
mod - core/email_api.php Diff File
mod - library/README.md Diff File
rm - library/disposable Diff File
mod - scripts/travis_before_script.sh Diff File

MantisBT: master 6f7ea152

2017-05-21 03:54:51

translatewiki.net

Details Diff
Localisation updates from https://translatewiki.net.
Attach Issues:
mod - lang/strings_dutch.txt Diff File
mod - lang/strings_hungarian.txt Diff File
mod - plugins/MantisCoreFormatting/lang/strings_hungarian.txt Diff File
mod - plugins/MantisGraph/lang/strings_hungarian.txt Diff File

MantisBT: master 0602b9f3

2017-05-20 17:03:50

vboctor

Details Diff
Update Slim framework from 3.7.0 to 3.8.1

Fixes 0022809
Affected Issues
0022809
mod - composer.lock Diff File

MantisBT: master-2.3 990c773b

2017-05-20 15:18:22

vboctor

Details Diff
Bump version to 2.3.3
Attach Issues:
mod - core/constant_inc.php Diff File
mod - docbook/Admin_Guide/en-US/Revision_History.xml Diff File
mod - docbook/Developers_Guide/en-US/Revision_History.xml Diff File

MantisBT: master-2.4 609e2522

2017-05-20 14:45:53

vboctor

Details Diff
Bump version to 2.4.1
Attach Issues:
mod - core/constant_inc.php Diff File
mod - docbook/Admin_Guide/en-US/Revision_History.xml Diff File
mod - docbook/Developers_Guide/en-US/Revision_History.xml Diff File

MantisBT: master-1.3.x b78fd043

2017-05-20 14:43:14

vboctor

Details Diff
Bump version to 1.3.11
Attach Issues:
mod - core/constant_inc.php Diff File
mod - docbook/Admin_Guide/en-US/Revision_History.xml Diff File
mod - docbook/Developers_Guide/en-US/Revision_History.xml Diff File

MantisBT: master 11ab5edc

2017-05-20 09:36:27

dregad

Details Diff
Merge remote-tracking branch 'origin/master-2.4'
Attach Issues:
mod - core/bugnote_api.php Diff File

MantisBT: master 33e1230b

2017-05-20 08:16:56

MS-Astra

Details Diff
Fix moving issues with attachments

Issues with attachments cannot be moved between projects with different
upload directories when files are stored in file system.

Add missing parameters to db_query() call in file_move_bug_attachments().

Fixes 0021994
Affected Issues
0021994
mod - core/file_api.php Diff File

MantisBT: master 486e1a7e

2017-05-20 05:57:34

dregad

Details Diff
Only append query string to return URL when not blank

The target URL for the 'Login' button in the breadcrumbs div had a
trailing '?' due to appending QUERY_STRING even when no query params
are defined.

Adding a check to only add it when QUERY_STRING is not blank fixes the
problem.

Fixes 0022905
Affected Issues
0022905
mod - core/layout_api.php Diff File

MantisBT: master 0562a516

2017-05-20 05:34:34

dregad

Details Diff
Merge branch 'i22702-csrf'
Attach Issues:
mod - core/filter_api.php Diff File
mod - core/string_api.php Diff File
mod - permalink_page.php Diff File
mod - tests/Mantis/StringTest.php Diff File

MantisBT: master d3d5ddcf

2017-05-20 05:31:40

dregad

Details Diff
Make sure db_insert_id() always returns an int

db_result() returns a string in some cases. Typecasting the return
value to int ensures we comply with the PHPDoc.

Fixes 0022904
Affected Issues
0022904
mod - core/database_api.php Diff File

MantisBT: master b7f337de

2017-05-20 05:28:22

dregad

Details Diff
Refactor db_insert_id() to use $g_db_functional_type

Avoid multiple calls to db_is_xxx.
Attach Issues:
mod - core/database_api.php Diff File

MantisBT: master 2d541e98

2017-05-20 04:59:17

translatewiki.net

Details Diff
Localisation updates from https://translatewiki.net. Affected Issues
0022852
mod - lang/strings_bulgarian.txt Diff File
mod - lang/strings_chinese_simplified.txt Diff File
mod - lang/strings_german.txt Diff File
mod - lang/strings_russian.txt Diff File

MantisBT: master-1.3.x c4f50e5d

2017-05-19 11:48:57

dregad

Details Diff
Fix CSRF vulnerability in permalink_page.php

John Page aka hyp3rlinx / ApparitionSec http://hyp3rlinx.altervista.org
reported a CSRF vulnerability in permalink_page.php, allowing an
attacker to inject arbitrary links (CVE-2017-7620).

Backporting from master branch:
- Add form security token to prevent such injection (code changed from
original commit) 0d11077d40c5dfdb76efdad9ba2b455af5be25a0
- Encode '\' in string_sanitize_url()
7b23377c573817c5fe8b522e8c33de8b1caff179

Fixes 0022702, 0022816
Affected Issues
0022702, 0022816
mod - core/filter_api.php Diff File
mod - core/string_api.php Diff File
mod - permalink_page.php Diff File
mod - tests/Mantis/StringTest.php Diff File

MantisBT: master-2.3 8b6787c8

2017-05-19 11:48:57

dregad

Details Diff
Fix CSRF vulnerability in permalink_page.php

John Page aka hyp3rlinx / ApparitionSec http://hyp3rlinx.altervista.org
reported a CSRF vulnerability in permalink_page.php, allowing an
attacker to inject arbitrary links (CVE-2017-7620).

Backporting from master branch:
- Add form security token to prevent such injection
0d11077d40c5dfdb76efdad9ba2b455af5be25a0
- Encode '\' in string_sanitize_url()
7b23377c573817c5fe8b522e8c33de8b1caff179

Fixes 0022702, 0022816
Affected Issues
0022702, 0022816
mod - core/filter_api.php Diff File
mod - core/string_api.php Diff File
mod - permalink_page.php Diff File
mod - tests/Mantis/StringTest.php Diff File

MantisBT: master-2.4 2d2309a3

2017-05-19 11:48:57

dregad

Details Diff
Fix CSRF vulnerability in permalink_page.php

John Page aka hyp3rlinx / ApparitionSec http://hyp3rlinx.altervista.org
reported a CSRF vulnerability in permalink_page.php, allowing an
attacker to inject arbitrary links (CVE-2017-7620).

Backporting from master branch:
- Add form security token to prevent such injection
0d11077d40c5dfdb76efdad9ba2b455af5be25a0
- Encode '\' in string_sanitize_url()
7b23377c573817c5fe8b522e8c33de8b1caff179

Fixes 0022702, 0022816
Affected Issues
0022702, 0022816
mod - core/filter_api.php Diff File
mod - core/string_api.php Diff File
mod - permalink_page.php Diff File
mod - tests/Mantis/StringTest.php Diff File

MantisBT: master b0c652f3

2017-05-15 19:32:52

Carlos Proensa

Details Diff
Make buttons visible only on hover over container

Make some buttons visible only when hovering over it's container.

Applied to: adm_config_report.php, view.php (bugnotes)

Fixes: 0022872
Affected Issues
0022872
mod - adm_config_report.php Diff File
mod - bugnote_view_inc.php Diff File
mod - js/common.js Diff File

MantisBT: master aee0080d

2017-05-15 18:40:05

Carlos Proensa

Details Diff
Add margin css to single button forms

Add margin between buttons generated by print_form_button(), to be
consistent with the general styling of inline buttons in a general form.

Fixes: 0022870
Affected Issues
0022870
mod - core/print_api.php Diff File
mod - css/ace-mantis.css Diff File

MantisBT: master a0aa8078

2017-05-15 18:22:55

cproensa

Details Diff
Make single button forms flow inlined

Add inline class to single button forms.
Now it should not be needed to "pull-left" to place several buttons in
line.

Fixes: 0022871
Affected Issues
0022871
mod - core/print_api.php Diff File

MantisBT: master cf972ca1

2017-05-15 18:01:32

cproensa

Details Diff
Use button tag for print_form_button()

Use 'button' tag instead of 'input', to offer better customization for
labels and icons.
Attach Issues:
mod - core/print_api.php Diff File

MantisBT: master c0903f25

2017-05-15 07:55:00

dregad

Details Diff
Fix 0022868: typo in variable name Affected Issues
0022868
mod - core/html_api.php Diff File

MantisBT: master 06e76774

2017-05-15 04:33:39

dregad

Details Diff
Improve db_fetch_array performance

Improve db_fetch_array performance by caching the result from:
- db_is_pgsql()
- db_is_oracle()

Based on profiling, the repeated calls were using up to 20% of total
time for the db_fetch_array execution.

Fixes 0021871, PR https://github.com/mantisbt/mantisbt/pull/1105
Affected Issues
0021871
mod - core/constant_inc.php Diff File
mod - core/database_api.php Diff File

MantisBT: master-2.4 a64a0d22

2017-05-15 00:32:02

vboctor

Details Diff
Fixes markdown formating for notes column

The 3 dashes marked the notes above it as a markdown header. Fix is to use `=-=` instead.

Fixes 0022867
Affected Issues
0022867
mod - core/bugnote_api.php Diff File

MantisBT: master-2.4 8dad4e18

2017-05-14 23:43:55

vboctor

Details Diff
Fix CSV and Excel export when markdown is enabled

The output for CSV and Excel included paragraph html tags which polluted
the output and corrupted Excel output when there are numeric custom fields.

This was caused by calling html processing when getting the value of custom fields.

The fix is to have the retrieval of custom field values not process it for any output
and have the calling code do the appropriate processing. The code also now does
processing based on the custom field type rather than treating types all as string.

Fixes 0022428
Affected Issues
0022428
mod - core/cfdefs/cfdef_standard.php Diff File
mod - core/classes/MantisColumn.class.php Diff File
mod - core/csv_api.php Diff File
mod - core/custom_field_api.php Diff File
mod - core/excel_api.php Diff File
mod - csv_export.php Diff File
mod - excel_xml_export.php Diff File
 First  Prev  1 2 3 ... 54 55 56 57 58 59 60 ... 70 ... 140 ... 210 ... 280 ... 350 ... 420 ... 490 ... 560 ... 630 ... 651 652 653  Next  Last