2015-01-26 07:20 EST

Changesets: MantisBT

Search ] Browse ] Back to Index ]
master-1.2.x b99755ca
Timestamp: 2015-01-25 17:44:47
Author: dregad
Details ] Diff ]
Bump version and update release notes for 1.2.19
mod - core/constant_inc.php Diff ] File ]
mod - doc/RELEASE Diff ] File ]
master-1.2.x 7a0521a2
Timestamp: 2015-01-25 17:38:17
Author: dregad
Details ] Diff ]
Update CREDITS
mod - doc/CREDITS Diff ] File ]
master 93e0d039
Timestamp: 2015-01-23 06:30:27
Author: foXen
Committer: dregad
Details ] Diff ]
Fixed incorrect quote escape

Signed-off-by: Damien Regad <dregad@mantisbt.org>
mod - admin/check/check_api.php Diff ] File ]
master 93d31593
Timestamp: 2015-01-22 12:06:19
Author: dregad
Details ] Diff ]
Sort bugnotes by date_submitted

Previously they were sorted by id.

The date_submitted column is currently not indexed. I tested the new
code both with and without adding an index; the explain plan was
identical, and I did not measure any meaningful difference in query
execution time, even for bugs having a large number of bugnotes (tested
with 0004286 which has 648 bugnotes).

Fixes 0011742
mod - core/bugnote_api.php Diff ] File ]
master-1.2.x c951d69b
Timestamp: 2015-01-22 12:06:19
Author: dregad
Details ] Diff ]
Sort bugnotes by date_submitted

Previously they were sorted by id.

The date_submitted column is currently not indexed. I tested the new
code both with and without adding an index; the explain plan was
identical, and I did not measure any meaningful difference in query
execution time, even for bugs having a large number of bugnotes (tested
with 0004286 which has 648 bugnotes).

Fixes 0011742
mod - core/bugnote_api.php Diff ] File ]
master e77fcd46
Timestamp: 2015-01-22 08:38:36
Author: dregad
Details ] Diff ]
Timeline fixes
mod - core/classes/IssueStatusChangeTimelineEvent.class.php Diff ] File ]
mod - core/classes/TimelineEvent.class.php Diff ] File ]
mod - core/timeline_api.php Diff ] File ]
mod - core/timeline_inc.php Diff ] File ]
master d698fd77
Timestamp: 2015-01-22 07:24:58
Author: dregad
Details ] Diff ]
Change $g_db_type to 'mysqli' in sample config_inc.php

Reflecting the new default value in config_defaults_inc.php introduced
in Jan 2014.

Fixes 0018051
mod - config/config_inc.php.sample Diff ] File ]
master 8645822e
Timestamp: 2015-01-22 00:44:08
Author: vboctor
Details ] Diff ]
Remove "Print Issues" from summary page

Fixes 0017965
mod - core/html_api.php Diff ] File ]
master 065521c1
Timestamp: 2015-01-19 19:07:49
Author: dregad
Details ] Diff ]
Missing space before version suffix in footer

Regression introduced by 004e69274d5f115b3a8977988a8df6b20de0e062
mod - core/html_api.php Diff ] File ]
master 8139fa85
Timestamp: 2015-01-19 13:54:24
Author: dregad
Details ] Diff ]
Only display "More events" link when needed

If the timeline is showing all available events, the presence of the
link is unnecessary and confusing to users.

Fixes 0018035
mod - core/timeline_api.php Diff ] File ]
mod - core/timeline_inc.php Diff ] File ]
master 523bf91d
Timestamp: 2015-01-19 13:37:48
Author: dregad
Details ] Diff ]
Fix number of displayed events lower than 50

Depending on the types of events displayed, in some cases the timeline
displayed fewer than 50 entries even though more are available.

This is because the 'Status Change' timeline events are only printed for
some status types (RESOLVED, CLOSED, REOPENED); prior to this, other
types were printed as an empty string.

This adds a new private method in IssueStatusChangeTimelineEvent class
to determine the type of status change in the constructor and store it
as a property, which is then used to reimplement the skip() method as
well as to drive html generation. This allows the timeline_events()
function to exclude unwanted entries with skip().

In addition, the logic for limiting the number of items to display is
now implemented in timeline_print_events() instead of timeline_inc.php.

Fixes 0018034
mod - core/classes/IssueStatusChangeTimelineEvent.class.php Diff ] File ]
mod - core/classes/TimelineEvent.class.php Diff ] File ]
mod - core/timeline_api.php Diff ] File ]
mod - core/timeline_inc.php Diff ] File ]
master c6048457
Timestamp: 2015-01-19 03:33:25
Author: siebrand
Details ] Diff ]
Localisation updates from https://translatewiki.net. [^]
mod - lang/strings_belarusian_tarask.txt Diff ] File ]
mod - lang/strings_bulgarian.txt Diff ] File ]
mod - lang/strings_catalan.txt Diff ] File ]
mod - lang/strings_chinese_simplified.txt Diff ] File ]
mod - lang/strings_chinese_traditional.txt Diff ] File ]
mod - lang/strings_korean.txt Diff ] File ]
mod - lang/strings_macedonian.txt Diff ] File ]
mod - lang/strings_portuguese_standard.txt Diff ] File ]
mod - lang/strings_spanish.txt Diff ] File ]
mod - lang/strings_swedish.txt Diff ] File ]
mod - lang/strings_urdu.txt Diff ] File ]
mod - plugins/MantisCoreFormatting/lang/strings_korean.txt Diff ] File ]
mod - plugins/MantisCoreFormatting/lang/strings_portuguese_brazil.txt Diff ] File ]
mod - plugins/MantisGraph/lang/strings_bulgarian.txt Diff ] File ]
mod - plugins/MantisGraph/lang/strings_korean.txt Diff ] File ]
mod - plugins/MantisGraph/lang/strings_macedonian.txt Diff ] File ]
mod - plugins/XmlImportExport/lang/strings_swedish.txt Diff ] File ]
master-1.2.x afa6c903
Timestamp: 2015-01-16 19:18:30
Author: dregad
Details ] Diff ]
install.php tweaks

- code cleanup
- UI improvements
- correct behavior in case of invalid install step

Fixes 0018025
mod - admin/install.php Diff ] File ]
master d92b11a5
Timestamp: 2015-01-16 19:11:04
Author: dregad
Details ] Diff ]
install.php tweaks

- code cleanup
- UI improvements
- correct behavior in case of invalid install step
mod - admin/install.php Diff ] File ]
master b6103c49
Timestamp: 2015-01-15 12:03:11
Author: dregad
Details ] Diff ]
Timeline CSS/HTML tweaks

- avatar image now wrapped in a div
- timestamp and action div with overflow hidden
- simplification of CSS and generated HTML
- tweaks and adjustments to padding and margins
mod - core/classes/TimelineEvent.class.php Diff ] File ]
mod - css/default.css Diff ] File ]
master bbe1fdc1
Timestamp: 2015-01-15 10:11:56
Author: dregad
Details ] Diff ]
Use defined constants instead of magic numbers
mod - core/timeline_inc.php Diff ] File ]
master 9b5fbe57
Timestamp: 2015-01-15 03:39:00
Author: syncguru
Committer: dregad
Details ] Diff ]
Timeline: fix [ More events... ] link

Better layout for timeline entries

Fixes 0017918

Signed-off-by: Damien Regad <dregad@mantisbt.org>
mod - css/default.css Diff ] File ]
master afacf2ec
Timestamp: 2015-01-14 02:36:43
Author: vboctor
Details ] Diff ]
Don't process history entries outside date range

Don't process history entries outside date range

The following queries cut the number of queries in half:

- Remove skip() method from events class since history api does the filtering.
- When processing history events for an issue, only process ones within desired time range.

Before:
- Total queries executed: 1232
- Unique queries executed: 1231
- Total query execution time: 0.7097 seconds

After:
- Total queries executed: 574
- Unique queries executed: 573
- Total query execution time: 0.2581 seconds

Issue 0017966
mod - core/classes/IssueAssignedTimelineEvent.class.php Diff ] File ]
mod - core/classes/IssueNoteCreatedTimelineEvent.class.php Diff ] File ]
mod - core/classes/TimelineEvent.class.php Diff ] File ]
mod - core/history_api.php Diff ] File ]
mod - core/timeline_api.php Diff ] File ]
mod - core/timeline_inc.php Diff ] File ]
master e7e2b550
Timestamp: 2015-01-10 17:25:54
Author: dregad
Details ] Diff ]
Fix URL redirection issue in login_page.php

The fix for issue 0017648 failed to correct all cases of redirection.

Alejo Popovici discovered that the regex checking for URLs pointing to
other domains considered an URL with a single '/' as local, allowing
redirection e.g. to http:/google.com on certain browsers.

Fixes 0017997 (CVE-2015-1042)
mod - core/string_api.php Diff ] File ]
master-1.2.x d95f070d
Timestamp: 2015-01-10 17:25:54
Author: dregad
Details ] Diff ]
Fix URL redirection issue in login_page.php

The fix for issue 0017648 failed to correct all cases of redirection.

Alejo Popovici discovered that the regex checking for URLs pointing to
other domains considered an URL with a single '/' as local, allowing
redirection e.g. to http:/google.com on certain browsers.

Fixes 0017997 (CVE-2014-6316)
mod - core/string_api.php Diff ] File ]
master 75c87e67
Timestamp: 2015-01-02 05:02:13
Author: siebrand
Details ] Diff ]
Localisation updates from https://translatewiki.net. [^]
mod - lang/strings_chinese_simplified.txt Diff ] File ]
mod - lang/strings_chinese_traditional.txt Diff ] File ]
mod - lang/strings_dutch.txt Diff ] File ]
mod - lang/strings_french.txt Diff ] File ]
mod - lang/strings_macedonian.txt Diff ] File ]
mod - lang/strings_russian.txt Diff ] File ]
mod - lang/strings_spanish.txt Diff ] File ]
master-1.2.x 1eab7aca
Timestamp: 2015-01-01 19:32:41
Author: dregad
Details ] Diff ]
Fix captcha validation

Following 7bb78e4581ff1092c811ea96582fe602624cdcdd, it was no longer
possible to validate the captcha, because the PHP session is destroyed
as part of the logout performed in signup.php.

We now retrieve the captcha key from the session before logging out.

Fixes 0017993
mod - core/session_api.php Diff ] File ]
mod - signup.php Diff ] File ]
master 38325e28
Timestamp: 2014-12-29 19:12:19
Author: dregad
Details ] Diff ]
Install: escape strings inserted in config_inc.php

This ensures it is not possible to inject arbitrary PHP code into the
generated config file.

Fixes 0012908, 0017012
mod - admin/install.php Diff ] File ]
master b5eb9305
Timestamp: 2014-12-29 19:10:45
Author: dregad
Details ] Diff ]
Install: Use foreach to check for obsolete config files
mod - admin/install.php Diff ] File ]
master-1.2.x 6ff56cdc
Timestamp: 2014-12-29 17:20:24
Author: dregad
Details ] Diff ]
CAPTCHA: use mt_rand() instead of rand()
mod - make_captcha_img.php Diff ] File ]
1 2 3 4 ... 50 ... 100 ... 150 ... 200 ... 250 ... 300 ... 350 ... 400 ... 450 ... 466 467 468  Next  Last