Changesets: MantisBT
|
master 0dae416a 2015-04-18 14:37 Details Diff |
Fixing link to disposable library in README.libs | ||
| mod - library/README.libs | Diff File | ||
|
master ba6b8422 2015-04-18 08:22 Details Diff |
Anti-spam check when uploading files Fixes 0019261 |
Affected Issues 0019261 |
|
| mod - core/file_api.php | Diff File | ||
|
master 6a90613f 2015-04-18 08:19 Details Diff |
Update phpdoc for uses antispam_api |
Affected Issues 0019261 |
|
| mod - core/bug_api.php | Diff File | ||
| mod - core/bugnote_api.php | Diff File | ||
| mod - core/tag_api.php | Diff File | ||
|
master 56859c9e 2015-04-18 08:18 Details Diff |
Rename spam_check() to antispam_check() This matches our naming convention for APIs. |
Affected Issues 0019261 |
|
| mod - core/antispam_api.php | Diff File | ||
| mod - core/bug_api.php | Diff File | ||
| mod - core/bugnote_api.php | Diff File | ||
| mod - core/tag_api.php | Diff File | ||
|
master 0ed1d2d9 2015-04-17 23:23 Details Diff |
Fix required custom field not set on update Users without write access to a required custom field can't update issue at all. If there is a custom field that is marked as required-on-update with write access set to MANAGER. Then developers who can update the issue, can no longer update it, otherwise, they get error about required custom field not set. Fixes 0019634 |
Affected Issues 0019634 |
|
| mod - bug_update.php | Diff File | ||
|
master 292db255 2015-04-17 22:42 Details Diff |
Protect against malicious REPORTERs This is a proposal against enabling spammers to signup and spam the bug tracker. The changes limits the number of possible changes by signed up users to 10 per hour. Although the feature and limits are configurable. This check doesn't apply when signup feature is not enabled or when users have access level above the default was assigned on signup. Issue 0019261 |
Affected Issues 0019261 |
|
| mod - config_defaults_inc.php | Diff File | ||
| add - core/antispam_api.php | Diff File | ||
| mod - core/bug_api.php | Diff File | ||
| mod - core/bugnote_api.php | Diff File | ||
| mod - core/constant_inc.php | Diff File | ||
| mod - core/history_api.php | Diff File | ||
| mod - core/tag_api.php | Diff File | ||
| mod - docbook/Admin_Guide/en-US/Configuration.xml | Diff File | ||
| add - docbook/Admin_Guide/en-US/config/antispam.xml | Diff File | ||
| mod - lang/strings_english.txt | Diff File | ||
|
master 7cd2fa56 2015-04-16 14:34 Details Diff |
Don't sanitize user email prior to validation Before this, email_is_valid() validated a sanitized string (using filter_var() with FILTER_SANITIZE_EMAIL). We now validate the email exactly as it was entered by the user to ensure we don't accept an address that was actually made valid by the sanitization itself. Fixes 0017280 |
Affected Issues 0017280 |
|
| mod - core/email_api.php | Diff File | ||
|
master bc195dd5 2015-04-16 13:53 Details Diff |
Simplify email validation to only use HTML5 regex This commit follows the discussion in pull request https://github.com/mantisbt/mantisbt/pull/172 It basically removes the possibility for the admin to choose between several e-mail validation methods, and goes back to a simple ON/OFF setting for $g_validate_email. Fixes 0017279 |
Affected Issues 0017279 |
|
| mod - config_defaults_inc.php | Diff File | ||
| mod - core/constant_inc.php | Diff File | ||
| mod - core/email_api.php | Diff File | ||
| mod - docbook/Admin_Guide/en-US/config/email.xml | Diff File | ||
|
master 6d4378b9 2015-04-13 07:35 Details Diff |
Time tracking: project-specific access to billing page The access check against $g_time_tracking_reporting_threshold is now made with access_ensure_project_level() instead of access_ensure_global_level() Fixes 0019588 |
Affected Issues 0019588 |
|
| mod - billing_page.php | Diff File | ||
| mod - core/html_api.php | Diff File | ||
|
master-1.2.x 1eb1f88d 2015-04-13 07:35 Details Diff |
Time tracking: project-specific access to billing page The access check against $g_time_tracking_reporting_threshold is now made with access_ensure_project_level() instead of access_ensure_global_level() Fixes 0019588 |
Affected Issues 0019588 |
|
| mod - billing_page.php | Diff File | ||
| mod - core/html_api.php | Diff File | ||
|
master-1.2.x ea6184a7 2015-04-13 01:13 Details Diff |
Only use timezone_identifiers_list if it exists The function was called during admin checks before its existence was verified. Fixes 0019609 |
Affected Issues 0019609 |
|
| mod - admin/check.php | Diff File | ||
|
master 605ef054 2015-04-10 21:48 Rafik Robeal Details Diff |
Fix font-awesome icons to show on IE9 & IE10 | ||
| add - fonts/.htaccess | Diff File | ||
|
master 119aca13 2015-04-10 20:25 Details Diff |
Support multi-line default values for memo fields - When type is text area enable setting multi-line default. - When type is text area, don't enable possible values field. Fixes 0019542 |
Affected Issues 0019542 |
|
| mod - core/custom_field_api.php | Diff File | ||
| add - javascript/manage_custom_field_edit_page.js | Diff File | ||
| mod - manage_custom_field_edit_page.php | Diff File | ||
|
mantishub-1.3.x-20150418_1638 18ff2337 2015-04-10 18:21 Victor Boctor Details Diff |
Enable resetting impersonated user password | ||
| mod - manage_user_edit_page.php | Diff File | ||
|
mantishub-1.3.x-20150418_1638 c6dad5a6 2015-04-10 18:16 Victor Boctor Details Diff |
Disable re-auth when user is impersonated | ||
| mod - core/authentication_api.php | Diff File | ||
|
mantishub-1.3.x-20150418_1638 edcd4101 2015-04-10 17:56 Victor Boctor Details Diff |
Re-enable email on impersonation | ||
| mod - mantishub_config_defaults_inc.php | Diff File | ||
|
mantishub-1.3.x-20150418_1638 ccc99583 2015-04-10 17:43 Victor Boctor Details Diff |
Add hint to footer for reply to comment | ||
| mod - core/mantishub_api.php | Diff File | ||
|
master 394a777f 2015-04-10 06:54 Details Diff |
Don't call bug_exists if we already know it doesn't | ||
| mod - core/string_api.php | Diff File | ||
|
master 1e1a0ef3 2015-04-10 06:52 Details Diff |
Remove irrelevant comment | ||
| mod - core/string_api.php | Diff File | ||
|
master c4bf4a09 2015-04-10 06:45 Details Diff |
multi_sort: use closure instead of custom_function() | ||
| mod - core/utility_api.php | Diff File | ||
|
master f66d8981 2015-04-10 05:57 Details Diff |
Don't create FQDN link when the bug doesn't exist Fixes 0019606 |
Affected Issues 0019606 |
|
| mod - core/string_api.php | Diff File | ||
|
master-1.2.x baaebb0d 2015-04-10 05:57 Details Diff |
Don't create FQDN link when the bug doesn't exist Backport from master a929e983cd2b8781f7c37613f6c7e6fa5c6ed0dc. Fixes 0019606 |
Affected Issues 0019606 |
|
| mod - core/string_api.php | Diff File | ||
|
master 07f97b77 2015-04-10 05:52 Details Diff |
Link callback arrays become static variables Since they are used only in the context of the string_process_bug_link() and string_process_bugnote_link() functions, we do not actually need to use global variables; local, static ones make more sense. - $g_string_process_bug_link_callback -> $s_bug_link_callback - $g_string_process_bugnote_link_callback -> $s_bugnote_link_callback |
||
| mod - core/string_api.php | Diff File | ||
|
master e0980a2d 2015-04-10 04:59 Details Diff |
Wrap long line | ||
| mod - core/string_api.php | Diff File | ||
|
master d65f36dc 2015-04-10 04:58 Details Diff |
Use closure instead of custom_function() | ||
| mod - core/string_api.php | Diff File | ||
