Commit 5fd9cd2f authored by Per Cederqvist's avatar Per Cederqvist

Imported Bugzilla 4.2.7.

parent cfd62f22
This is a Bazaar control directory.
Do not change any files in this directory.
See http://bazaar-vcs.org/ for more information about Bazaar.
See http://bazaar.canonical.com/ for more information about Bazaar.
No preview for this file type
......@@ -60,8 +60,8 @@ sub get_login_info {
trick_taint($login_cookie);
detaint_natural($user_id);
my $is_valid =
$dbh->selectrow_array('SELECT 1
my $db_cookie =
$dbh->selectrow_array('SELECT cookie
FROM logincookies
WHERE cookie = ?
AND userid = ?
......@@ -69,7 +69,7 @@ sub get_login_info {
undef, ($login_cookie, $user_id, $ip_addr));
# If the cookie is valid, return a valid username.
if ($is_valid) {
if (defined $db_cookie && $login_cookie eq $db_cookie) {
# If we logged in successfully, then update the lastused
# time on the login cookie
$dbh->do("UPDATE logincookies SET lastused = NOW()
......
......@@ -202,7 +202,7 @@ use Memoize;
# CONSTANTS
#
# Bugzilla version
use constant BUGZILLA_VERSION => "4.2.6";
use constant BUGZILLA_VERSION => "4.2.7";
# Location of the remote and local XML files to track new releases.
use constant REMOTE_FILE => 'http://updates.bugzilla.org/bugzilla-update.xml';
......
......@@ -219,6 +219,10 @@ sub get_add_column_ddl {
}
else {
@sql = $self->SUPER::get_add_column_ddl(@_);
# Create triggers to deal with empty string.
if ($definition->{TYPE} =~ /varchar|TEXT/i && $definition->{NOTNULL}) {
push(@sql, _get_notnull_trigger_ddl($table, $column));
}
}
return @sql;
......
......@@ -275,13 +275,18 @@ sub Cancel {
# Get information about the token being canceled.
trick_taint($token);
my ($issuedate, $tokentype, $eventdata, $userid) =
$dbh->selectrow_array('SELECT ' . $dbh->sql_date_format('issuedate') . ',
my ($db_token, $issuedate, $tokentype, $eventdata, $userid) =
$dbh->selectrow_array('SELECT token, ' . $dbh->sql_date_format('issuedate') . ',
tokentype, eventdata, userid
FROM tokens
WHERE token = ?',
undef, $token);
# Some DBs such as MySQL are case-insensitive by default so we do
# a quick comparison to make sure the tokens are indeed the same.
(defined $db_token && $db_token eq $token)
|| ThrowCodeError("cancel_token_does_not_exist");
# If we are canceling the creation of a new user account, then there
# is no entry in the 'profiles' table.
my $user = new Bugzilla::User($userid);
......@@ -346,10 +351,17 @@ sub GetTokenData {
$token = clean_text($token);
trick_taint($token);
return $dbh->selectrow_array(
"SELECT userid, " . $dbh->sql_date_format('issuedate') . ", eventdata
FROM tokens
my @token_data = $dbh->selectrow_array(
"SELECT token, userid, " . $dbh->sql_date_format('issuedate') . ", eventdata
FROM tokens
WHERE token = ?", undef, $token);
# Some DBs such as MySQL are case-insensitive by default so we do
# a quick comparison to make sure the tokens are indeed the same.
my $db_token = shift @token_data;
return undef if (!defined $db_token || $db_token ne $token);
return @token_data;
}
# Deletes specified token
......
......@@ -2070,7 +2070,7 @@ sub validate_password {
my $complexity_level = Bugzilla->params->{password_complexity};
if ($complexity_level eq 'letters_numbers_specialchars') {
ThrowUserError('password_not_complex')
if ($password !~ /\w/ || $password !~ /\d/ || $password !~ /[[:punct:]]/);
if ($password !~ /[[:alpha:]]/ || $password !~ /\d/ || $password !~ /[[:punct:]]/);
} elsif ($complexity_level eq 'letters_numbers') {
ThrowUserError('password_not_complex')
if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/ || $password !~ /\d/);
......
......@@ -2018,6 +2018,59 @@ The same as L</get>.
=back
=head2 possible_duplicates
B<UNSTABLE>
=over
=item B<Description>
Allows a user to find possible duplicate bugs based on a set of keywords
such as a user may use as a bug summary. Optionally the search can be
narrowed down to specific products.
=item B<Params>
=over
=item C<summary> (string) B<Required> - A string of keywords defining
the type of bug you are trying to report.
=item C<products> (array) - One or more product names to narrow the
duplicate search to. If omitted, all bugs are searched.
=back
=item B<Returns>
The same as L</get>.
Note that you will only be returned information about bugs that you
can see. Bugs that you can't see will be entirely excluded from the
results. So, if you want to see private bugs, you will have to first
log in and I<then> call this method.
=item B<Errors>
=over
=item 50 (Param Required)
You must specify a value for C<summary> containing a string of keywords to
search for duplicates.
=back
=item B<History>
=over
=item Added in Bugzilla B<4.0>.
=back
=back
=head2 search
......
......@@ -61,8 +61,16 @@ sub make_response {
# XMLRPC::Transport::HTTP::CGI doesn't know about Bugzilla carrying around
# its cookies in Bugzilla::CGI, so we need to copy them over.
foreach (@{Bugzilla->cgi->{'Bugzilla_cookie_list'}}) {
$self->response->headers->push_header('Set-Cookie', $_);
foreach my $cookie (@{Bugzilla->cgi->{'Bugzilla_cookie_list'}}) {
$self->response->headers->push_header('Set-Cookie', $cookie);
}
# Copy across security related headers from Bugzilla::CGI
foreach my $header (split(/[\r\n]+/, Bugzilla->cgi->header)) {
my ($name, $value) = $header =~ /^([^:]+): (.*)/;
if (!$self->response->headers->header($name)) {
$self->response->headers->header($name => $value);
}
}
}
......
......@@ -661,20 +661,23 @@ sub update {
$attachment->set_filename(scalar $cgi->param('filename'));
# Now make sure the attachment has not been edited since we loaded the page.
if (defined $cgi->param('delta_ts')
&& $cgi->param('delta_ts') ne $attachment->modification_time)
{
($vars->{'operations'}) =
Bugzilla::Bug::GetBugActivity($bug->id, $attachment->id, $cgi->param('delta_ts'));
my $delta_ts = $cgi->param('delta_ts');
my $modification_time = $attachment->modification_time;
# The token contains the old modification_time. We need a new one.
$cgi->param('token', issue_hash_token([$attachment->id, $attachment->modification_time]));
if ($delta_ts && $delta_ts ne $modification_time) {
datetime_from($delta_ts)
or ThrowCodeError('invalid_timestamp', { timestamp => $delta_ts });
($vars->{'operations'}) =
Bugzilla::Bug::GetBugActivity($bug->id, $attachment->id, $delta_ts);
# If the modification date changed but there is no entry in
# the activity table, this means someone commented only.
# In this case, there is no reason to midair.
if (scalar(@{$vars->{'operations'}})) {
$cgi->param('delta_ts', $attachment->modification_time);
$cgi->param('delta_ts', $modification_time);
# The token contains the old modification_time. We need a new one.
$cgi->param('token', issue_hash_token([$attachment->id, $modification_time]));
$vars->{'attachment'} = $attachment;
print $cgi->header();
......
......@@ -140,7 +140,7 @@ my $serverpush =
&& exists $ENV{'HTTP_USER_AGENT'}
&& $ENV{'HTTP_USER_AGENT'} =~ /Mozilla.[3-9]/
&& (($ENV{'HTTP_USER_AGENT'} !~ /[Cc]ompatible/) || ($ENV{'HTTP_USER_AGENT'} =~ /MSIE 5.*Mac_PowerPC/))
&& $ENV{'HTTP_USER_AGENT'} !~ /WebKit/
&& $ENV{'HTTP_USER_AGENT'} !~ /(?:WebKit|Trident|KHTML)/
&& !$agent
&& !defined($cgi->param('serverpush'))
|| $cgi->param('serverpush');
......
......@@ -6,7 +6,7 @@
<!ENTITY min-date-format-ver "2.21">
<!ENTITY min-datetime-ver "0.28">
<!ENTITY min-datetime-timezone-ver "0.71">
<!ENTITY min-dbi-ver "1.41">
<!ENTITY min-dbi-ver "1.614">
<!ENTITY min-template-ver "2.22">
<!ENTITY min-email-send-ver "2.00">
<!ENTITY min-email-mime-ver "1.904">
......@@ -29,7 +29,7 @@
<!ENTITY min-json-rpc-ver "any">
<!ENTITY min-json-xs-ver "2.0">
<!ENTITY min-test-taint-ver "any">
<!ENTITY min-html-parser-ver "3.40">
<!ENTITY min-html-parser-ver "3.67">
<!ENTITY min-html-scrubber-ver "any">
<!ENTITY min-encode-ver "2.21">
<!ENTITY min-encode-detect-ver "any">
......
......@@ -2,7 +2,7 @@
<HTML
><HEAD
><TITLE
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TITLE
><META
NAME="GENERATOR"
......@@ -43,7 +43,7 @@ CLASS="TITLEPAGE"
CLASS="title"
><A
NAME="AEN2"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</A
></H1
><H3
......@@ -51,7 +51,7 @@ CLASS="corpauthor"
>The Bugzilla Team</H3
><P
CLASS="pubdate"
>2013-05-22<BR></P
>2013-10-16<BR></P
><DIV
><DIV
CLASS="abstract"
......@@ -683,7 +683,7 @@ NAME="newversions"
>1.3. New Versions</A
></H2
><P
>&#13; This is the 4.2.6 version of The Bugzilla Guide. It is so named
>&#13; This is the 4.2.7 version of The Bugzilla Guide. It is so named
to match the current version of Bugzilla.
This version of the guide, like its associated Bugzilla version, is a
development version.
......@@ -1847,7 +1847,7 @@ TYPE="1"
></LI
><LI
><P
>&#13; DBI (1.41)
>&#13; DBI (1.614)
</P
></LI
><LI
......@@ -1983,7 +1983,7 @@ TYPE="1"
><LI
><P
>&#13; HTML::Parser
(3.40) for More HTML in Product/Group Descriptions
(3.67) for More HTML in Product/Group Descriptions
</P
></LI
><LI
......@@ -7926,7 +7926,7 @@ NAME="modifyusers"
>Login Name</EM
>:
This is generally the user's full email address. However, if you
have are using the <SPAN
are using the <SPAN
CLASS="QUOTE"
>"emailsuffix"</SPAN
> parameter, this may
......
......@@ -7,11 +7,11 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="PREVIOUS"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="NEXT"
......@@ -36,7 +36,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......@@ -154,7 +154,7 @@ ACCESSKEY="N"
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TD
><TD
WIDTH="34%"
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="PREVIOUS"
......@@ -35,7 +35,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -26,6 +26,7 @@ Bugzilla::Webservice::Bug</title>
<li class='indexItem indexItem2'><a href='#comments'>comments</a>
<li class='indexItem indexItem2'><a href='#get'>get</a>
<li class='indexItem indexItem2'><a href='#history'>history</a>
<li class='indexItem indexItem2'><a href='#possible_duplicates'>possible_duplicates</a>
<li class='indexItem indexItem2'><a href='#search'>search</a>
</ul>
<li class='indexItem indexItem1'><a href='#Bug_Creation_and_Modification'>Bug Creation and Modification</a>
......@@ -1311,6 +1312,65 @@ name="history"
</dd>
</dl>
<h2><a class='u' href='#___top' title='click to go to top of document'
name="possible_duplicates"
>possible_duplicates</a></h2>
<p><b>UNSTABLE</b></p>
<dl>
<dt><a name="Description"
><b>Description</b></a></dt>
<dd>
<p>Allows a user to find possible duplicate bugs based on a set of keywords such as a user may use as a bug summary. Optionally the search can be narrowed down to specific products.</p>
<dt><a name="Params"
><b>Params</b></a></dt>
<dd>
<dl>
<dt><a name="summary_(string)_Required_-_A_string_of_keywords_defining_the_type_of_bug_you_are_trying_to_report."
><code class="code">summary</code> (string) <b>Required</b> - A string of keywords defining the type of bug you are trying to report.</a></dt>
<dd>
<dt><a name="products_(array)_-_One_or_more_product_names_to_narrow_the_duplicate_search_to._If_omitted,_all_bugs_are_searched."
><code class="code">products</code> (array) - One or more product names to narrow the duplicate search to. If omitted, all bugs are searched.</a></dt>
</dl>
<dt><a name="Returns"
><b>Returns</b></a></dt>
<dd>
<p>The same as <a href="#get" class="podlinkpod"
>&#34;get&#34;</a>.</p>
<p>Note that you will only be returned information about bugs that you can see. Bugs that you can&#39;t see will be entirely excluded from the results. So, if you want to see private bugs, you will have to first log in and <i>then</i> call this method.</p>
<dt><a name="Errors"
><b>Errors</b></a></dt>
<dd>
<dl>
<dt><a name="50_(Param_Required)"
>50 (Param Required)</a></dt>
<dd>
<p>You must specify a value for <code class="code">summary</code> containing a string of keywords to search for duplicates.</p>
</dd>
</dl>
<dt><a name="History"
><b>History</b></a></dt>
<dd>
<dl>
<dt><a name="Added_in_Bugzilla_4.0."
>Added in Bugzilla <b>4.0</b>.</a></dt>
</dl>
</dd>
</dl>
<h2><a class='u' href='#___top' title='click to go to top of document'
name="search"
>search</a></h2>
......
......@@ -2,13 +2,13 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Bugzilla 4.2.6 API Documentation</title>
<title>Bugzilla 4.2.7 API Documentation</title>
<link rel="stylesheet" title="style" type="text/css" href="./../../../style.css" media="all" >
</head>
<body class="contentspage">
<h1>Bugzilla 4.2.6 API Documentation</h1>
<h1>Bugzilla 4.2.7 API Documentation</h1>
<dl class='superindex'>
<dt><a name="Extensions">Extensions</a></dt>
<dd>
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="UP"
......@@ -38,7 +38,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="UP"
......@@ -38,7 +38,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="UP"
......@@ -38,7 +38,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="UP"
......@@ -38,7 +38,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="UP"
......@@ -38,7 +38,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="UP"
......@@ -38,7 +38,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="UP"
......@@ -38,7 +38,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="UP"
......@@ -38,7 +38,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The Bugzilla Guide - 4.2.6
TITLE="The Bugzilla Guide - 4.2.7
Release"
HREF="index.html"><LINK
REL="UP"
......@@ -38,7 +38,7 @@ CELLSPACING="0"
><TH
COLSPAN="3"
ALIGN="center"
>The Bugzilla Guide - 4.2.6
>The Bugzilla Guide - 4.2.7
Release</TH
></TR
><TR
......
......@@ -7,7 +7,7 @@
NAME="GENERATOR"