headers
Glenn Henshaw | 6 Apr 2006 02:24
Picon

mantisbt view_all_set.php,1.60,1.61

Update of /cvsroot/mantisbt/mantisbt
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7920

Modified Files:
	view_all_set.php 
Log Message:
fix for #0006902: XSS in mantis bug track system ....

Index: view_all_set.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/view_all_set.php,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -d -r1.60 -r1.61
--- view_all_set.php	18 Dec 2005 14:27:01 -0000	1.60
+++ view_all_set.php	6 Apr 2006 00:24:45 -0000	1.61
 <at>  <at>  -160,12 +160,12  <at>  <at> 
 	$f_dir_1				= gpc_get_string( 'dir_1', '' );

 	# date values
-	$f_start_month			= gpc_get_string( 'start_month', date( 'm' ) );
-	$f_end_month			= gpc_get_string( 'end_month', date( 'm' ) );
-	$f_start_day			= gpc_get_string( 'start_day', 1 );
-	$f_end_day				= gpc_get_string( 'end_day', date( 'd' ) );
-	$f_start_year			= gpc_get_string( 'start_year', date( 'Y' ) );
-	$f_end_year				= gpc_get_string( 'end_year', date( 'Y' ) );
+	$f_start_month			= gpc_get_int( 'start_month', date( 'm' ) );
+	$f_end_month			= gpc_get_int( 'end_month', date( 'm' ) );
+	$f_start_day			= gpc_get_int( 'start_day', 1 );
+	$f_end_day				= gpc_get_int( 'end_day', date( 'd' ) );
(Continue reading)

Permalink | Reply | 0 comments |
headers
Glenn Henshaw | 6 Apr 2006 02:28
Picon

mantisbt view_all_set.php,1.57.4.1.2.1,1.57.4.1.2.1.4.1

Update of /cvsroot/mantisbt/mantisbt
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv11107

Modified Files:
      Tag: BRANCH_1_0_0
	view_all_set.php 
Log Message:
fix for #0006902: XSS in mantis bug track system ....

Index: view_all_set.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/view_all_set.php,v
retrieving revision 1.57.4.1.2.1
retrieving revision 1.57.4.1.2.1.4.1
diff -u -d -r1.57.4.1.2.1 -r1.57.4.1.2.1.4.1
--- view_all_set.php	18 Dec 2005 14:22:02 -0000	1.57.4.1.2.1
+++ view_all_set.php	6 Apr 2006 00:28:52 -0000	1.57.4.1.2.1.4.1
 <at>  <at>  -152,12 +152,12  <at>  <at> 
 	$f_dir_1				= gpc_get_string( 'dir_1', '' );

 	# date values
-	$f_start_month			= gpc_get_string( 'start_month', date( 'm' ) );
-	$f_end_month			= gpc_get_string( 'end_month', date( 'm' ) );
-	$f_start_day			= gpc_get_string( 'start_day', 1 );
-	$f_end_day				= gpc_get_string( 'end_day', date( 'd' ) );
-	$f_start_year			= gpc_get_string( 'start_year', date( 'Y' ) );
-	$f_end_year				= gpc_get_string( 'end_year', date( 'Y' ) );
+	$f_start_month			= gpc_get_int( 'start_month', date( 'm' ) );
+	$f_end_month			= gpc_get_int( 'end_month', date( 'm' ) );
+	$f_start_day			= gpc_get_int( 'start_day', 1 );
(Continue reading)

Permalink | Reply | 0 comments |
headers
Victor Boctor | 10 Apr 2006 13:47
Picon

mantisbt bug_relationship_add.php,1.6,1.7

Update of /cvsroot/mantisbt/mantisbt
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9825

Modified Files:
	bug_relationship_add.php 
Log Message:
6512: Specify multiple relationships at one time

Index: bug_relationship_add.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/bug_relationship_add.php,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- bug_relationship_add.php	25 Jul 2005 16:34:10 -0000	1.6
+++ bug_relationship_add.php	10 Apr 2006 11:47:38 -0000	1.7
 <at>  <at>  -19,71 +19,79  <at>  <at> 

 	$f_rel_type = gpc_get_int( 'rel_type' );
 	$f_src_bug_id = gpc_get_int( 'src_bug_id' );
-	$f_dest_bug_id = gpc_get_int( 'dest_bug_id' );
+	$f_dest_bug_id_string = gpc_get_string( 'dest_bug_id' );

 	# user has access to update the bug...
 	access_ensure_bug_level( config_get( 'update_bug_threshold' ), $f_src_bug_id );

-	# source and destination bugs are the same bug...
-	if ( $f_src_bug_id == $f_dest_bug_id ) {
-		trigger_error( ERROR_RELATIONSHIP_SAME_BUG, ERROR );
-	}
(Continue reading)

Permalink | Reply | 0 comments |
headers
Victor Boctor | 10 Apr 2006 13:48
Picon

mantisbt/core relationship_api.php,1.36,1.37

Update of /cvsroot/mantisbt/mantisbt/core
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10294/core

Modified Files:
	relationship_api.php 
Log Message:
6512: Specify multiple relationships at one time

Index: relationship_api.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/core/relationship_api.php,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -d -r1.36 -r1.37
--- relationship_api.php	28 Jun 2005 11:04:06 -0000	1.36
+++ relationship_api.php	10 Apr 2006 11:48:05 -0000	1.37
 <at>  <at>  -747,7 +747,7  <at>  <at> 
 		<form method="POST" action="bug_relationship_add.php">
 		<input type="hidden" name="src_bug_id" value="<?php echo $p_bug_id ?>" size="4" />
 		<?php relationship_list_box( -1 ) ?>
-		<input type="text" name="dest_bug_id" value="" maxlength="7" />
+		<input type="text" name="dest_bug_id" value="" />
 		<input type="submit" name="add_relationship" class="button" value="<?php echo lang_get(
'add_new_relationship_button' ) ?>" />
 		</form>
 	</td></tr>

-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
(Continue reading)

Permalink | Reply | 0 comments |
headers
Victor Boctor | 13 Apr 2006 13:01
Picon

web bot.php,1.13,1.14 sponsors.php,1.12,1.13

Update of /cvsroot/mantisbt/web
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23328

Modified Files:
	bot.php sponsors.php 
Log Message:
Added Solid State Network to Mantis sponsors.

Index: bot.php
===================================================================
RCS file: /cvsroot/mantisbt/web/bot.php,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- bot.php	9 Mar 2006 10:47:55 -0000	1.13
+++ bot.php	13 Apr 2006 11:01:03 -0000	1.14
 <at>  <at>  -18,6 +18,7  <at>  <at> 
 				</td>
 				<td width="50%">
 <p align="right">Sponsors:
+<a href="http://www.solidstatenetworks.com" title="Content Delivery Network"
target="_blank">Content Delivery Network</a>, 
 <a href="http://www.webservertalk.com/" title="Forum for IT admins" target="_blank">Web Server Talk</a>,
 <a href="http://www.ezloandocs.com/" title="Mortgage Web Design" target="_blank">EZ Loandocs</a>,
 <a href="http://www.merchantzoo.com/" title="Merchant Zoo" target="_blank">MerchantZoo</a>,

Index: sponsors.php
===================================================================
RCS file: /cvsroot/mantisbt/web/sponsors.php,v
retrieving revision 1.12
(Continue reading)

Permalink | Reply | 0 comments |
headers
Victor Boctor | 13 Apr 2006 13:01
Picon

web/images/sponsors ssnlogo.gif,NONE,1.1

Update of /cvsroot/mantisbt/web/images/sponsors
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23328/images/sponsors

Added Files:
	ssnlogo.gif 
Log Message:
Added Solid State Network to Mantis sponsors.

--- NEW FILE: ssnlogo.gif ---
(This appears to be a binary file; contents omitted.)

-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Permalink | Reply | 0 comments |
headers
Victor Boctor | 13 Apr 2006 13:12
Picon

web links.php,1.10,1.11

Update of /cvsroot/mantisbt/web
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv988

Modified Files:
	links.php 
Log Message:
Added link to GNATs to Mantis (Perl) by Colin Pitrat to website.

Index: links.php
===================================================================
RCS file: /cvsroot/mantisbt/web/links.php,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- links.php	19 Sep 2005 01:18:38 -0000	1.10
+++ links.php	13 Apr 2006 11:12:55 -0000	1.11
 <at>  <at>  -29,6 +29,7  <at>  <at> 
 <p><b>Migration Tools</b></p>
 <ul>
 <li><a href="http://www.cadencetools.org/projects/bugzilla2mantis/" target="_blank">Bugzilla
to Mantis</a> (Perl) by <a href="http://crisdaniluk.com/" target="_blank">Cris Daniluk</a></li>
+<li><a href="http://bugs.mantisbt.org/view.php?id=6934" target="_blank">GNATs to Mantis</a>
(Perl) by Colin Pitrat</li>
 </ul>

 <p><b>Articles and Reviews</b></p>

-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
(Continue reading)

Permalink | Reply | 0 comments |
headers
Victor Boctor | 13 Apr 2006 13:16
Picon

web links.php,1.11,1.12

Update of /cvsroot/mantisbt/web
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3680

Modified Files:
	links.php 
Log Message:
Updated information relating to MantisConnect on the website.

Index: links.php
===================================================================
RCS file: /cvsroot/mantisbt/web/links.php,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- links.php	13 Apr 2006 11:12:55 -0000	1.11
+++ links.php	13 Apr 2006 11:16:00 -0000	1.12
 <at>  <at>  -7,9 +7,13  <at>  <at> 
 <p>This tool allows the following applications to integrate with Mantis:</p>
 <ul>
 	<li>.NET Applications</li>
+	<li>Java Applications</li>
+	<li>Cocoa Applications</li>
+	<li>Eclipse IDE</li>
 	<li>NAnt Build Scripts</li>
 	<li>Applications that can access webservices</li>
 </ul>
+
 <p>For more information go to <a href="http://www.futureware.biz/mantisconnect/">MantisConnect website</a>.</p>

 <p><b>Integration with Source Control</b></p>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Victor Boctor | 16 Apr 2006 10:11
Picon

web/images/sponsors dalogo.gif,NONE,1.1

Update of /cvsroot/mantisbt/web/images/sponsors
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv592/images/sponsors

Added Files:
	dalogo.gif 
Log Message:
Added Dubai Appartments to sponsors list.

--- NEW FILE: dalogo.gif ---
(This appears to be a binary file; contents omitted.)

-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Permalink | Reply | 0 comments |
headers
Victor Boctor | 16 Apr 2006 10:11
Picon

web bot.php,1.14,1.15 sponsors.php,1.13,1.14

Update of /cvsroot/mantisbt/web
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv592

Modified Files:
	bot.php sponsors.php 
Log Message:
Added Dubai Appartments to sponsors list.

Index: bot.php
===================================================================
RCS file: /cvsroot/mantisbt/web/bot.php,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- bot.php	13 Apr 2006 11:01:03 -0000	1.14
+++ bot.php	16 Apr 2006 08:11:38 -0000	1.15
 <at>  <at>  -18,7 +18,8  <at>  <at> 
 				</td>
 				<td width="50%">
 <p align="right">Sponsors:
-<a href="http://www.solidstatenetworks.com" title="Content Delivery Network"
target="_blank">Content Delivery Network</a>, 
+<a href="http://www.dubaiapartments.biz/" title="Dubai Apartments" target="_blank">Dubai
Apartments</a>, 
+<a href="http://www.solidstatenetworks.com/" title="Content Delivery Network"
target="_blank">Content Delivery Network</a>, 
 <a href="http://www.webservertalk.com/" title="Forum for IT admins" target="_blank">Web Server Talk</a>,
 <a href="http://www.ezloandocs.com/" title="Mortgage Web Design" target="_blank">EZ Loandocs</a>,
 <a href="http://www.merchantzoo.com/" title="Merchant Zoo" target="_blank">MerchantZoo</a>,
(Continue reading)

Permalink | Reply | 0 comments |

Gmane