Commit Graph

32 Commits

Author SHA1 Message Date
Holger Just 16e266e7e5 Fix SQL injection via nested hashes in conditions. CVE-2012-2695 #1037 2012-06-13 10:12:10 +02:00
Holger Just d629209364 Fix SQL injection via nested hashes in conditions (CVE-2012-2694) #1036 2012-06-13 10:10:03 +02:00
Holger Just 8ab42473d9 [#1025] Fix Rails vulnerability (CVE-2012-2660) 2012-06-01 20:56:09 +02:00
Holger Just 4577e54f04 Fix trailing whitespace 2012-01-03 20:43:08 +01:00
Holger Just e95b4992e4 Update copyright for 2012
We programmers have a nice new years tradition: We revisit all of our
projects and add 1 to a small number near a "(c)".

-- Volker Dusch
https://twitter.com/__edorian/status/153801913442373633
2012-01-03 20:36:40 +01:00
Jean-Philippe Lang 0d69fa6bb1 Patch for ruby1.9.3 compatibility.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@8234 e93f8b46-1217-0410-a6f0-8f06a7374b81
2011-12-16 14:34:22 +01:00
Holger Just 91070236db Set source encoding to UTF-8 2011-10-29 14:48:03 +02:00
Holger Just 07185fb169 [#436] Remove trailing whitespace 2011-05-30 20:52:25 +02:00
Eric Davis 99507a0391 [#197] Upgrade the copyright in the code files 2011-05-29 13:11:52 -07:00
Eric Davis 9e1b6c14c8 [#345] Remove BigDecimal patch since Rails 2.3.11 includes a mitigation 2011-05-27 14:37:10 -07:00
Eric Davis f273b7b18c Create the ChiliProject namespace 2011-05-11 15:48:36 -07:00
Eric Davis d29315341d [#196 #216 #216] Complete the upgrade to Rails 2.3.11 2011-05-06 15:44:38 -07:00
Jean-Philippe Lang 0e789c5272 Updgraded Rails to 2.3.11 (#6887).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4904 e93f8b46-1217-0410-a6f0-8f06a7374b81
2011-04-16 14:52:52 -07:00
Eric Davis f16c5bcb5f [#283] Fix tpyo 2011-03-19 13:33:02 -07:00
Eric Davis 85d52978c3 [#283] Update the i18n deprecation message
* Use Rails' Deprecation logger instead of the standard logger
* Update the url to a message in the forum about the change
2011-03-19 13:23:20 -07:00
Jean-Philippe Lang 9a13b39e26 Adds an application configuration file: config/configuration.yml (#7408).
Email delivery settings that were stored in config/email.yml should be moved to this new configuration file.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4752 e93f8b46-1217-0410-a6f0-8f06a7374b81
2011-02-09 16:46:45 -08:00
Jean-Philippe Lang 88727bf070 Adds fallback to 'en' locale for untranslated strings (#5518).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4679 e93f8b46-1217-0410-a6f0-8f06a7374b81
2011-01-10 18:25:12 +00:00
Jean-Philippe Lang 3c1576e364 Manually require i18n 0.4.2 before Rails tries to load the most recent gem (#7013).
This workaround makes Redmine work even if i18n 0.5.0 gem is installed.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4516 e93f8b46-1217-0410-a6f0-8f06a7374b81
2010-12-17 08:34:29 +00:00
Jean-Philippe Lang ea59d93dc8 Dry Users API responders.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4454 e93f8b46-1217-0410-a6f0-8f06a7374b81
2010-12-03 11:45:55 +00:00
Jean-Philippe Lang 7482d2f5f4 Fixed: Trunk not working with i18n gem 0.4.2 (#6784).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4389 e93f8b46-1217-0410-a6f0-8f06a7374b81
2010-11-09 19:44:37 +00:00
Eric Davis 768d67f27b Workaround for i18n 0.4.x with the old style syntax. #6428 #5608
This will also silance the whole trace with the deprecation warning.

Contributed by Felix Schäfer

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4183 e93f8b46-1217-0410-a6f0-8f06a7374b81
2010-09-26 17:13:52 +00:00
Jean-Philippe Lang 2a19efaf05 Rails 2.3.5 deprecation.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3235 e93f8b46-1217-0410-a6f0-8f06a7374b81
2009-12-23 20:55:42 +00:00
Jean-Philippe Lang 86a9d90f07 Fixes distance of date in words calculation.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3016 e93f8b46-1217-0410-a6f0-8f06a7374b81
2009-11-07 09:50:16 +00:00
Eric Davis 7b0cb6aba8 Upgraded to Rails 2.3.4 (#3597)
* Ran the Rails upgrade
* Upgraded to Rails Engines 2.3.2
* Added a plugin to let Engines override application views.
* Converted tests to use the new classes:
** ActionController::TestCase for functional
** ActiveSupport::TestCase for units
* Converted ActiveRecord::Error message to a string.
* ActiveRecord grouping returns an ordered hash which doesn't have #sort!
* Updated the I18n storage_units format.
* Added some default initializers from a fresh rails app
* Changed the order of check_box_tags and hidden_field_tags.  The hidden tag
  needs to appear first in Rails 2.3, otherwise it will override any value in
  the check_box_tag.
* Removed the custom handler for when the cookie store is tampered with.
  Rails 2.3 removed the TamperedWithCookie exception and instead Rails will not
  load the data from it when it's been tampered with (e.g. no user login).
* Fixed mail layouts, 2.3 has problems with implicit multipart emails that
  use layouts.  Also removed some custom Redmine mailer code.
* Fixed a bug that occurred in tests where the "required" span tag would be
  added to the :field_status translation.  This resulted in an email string of:

    <li>Status<span class="required"> *</span><span class="required"> *</span>

  Instead of:

    <li>Status: New</li>

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2887 e93f8b46-1217-0410-a6f0-8f06a7374b81
2009-09-13 17:14:35 +00:00
Eric Davis 2221d68c4d Added workaround for a Ruby BigDecimal bug, CVE-2009-1904. (#3475)
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2790 e93f8b46-1217-0410-a6f0-8f06a7374b81
2009-06-14 16:22:23 +00:00
Jean-Philippe Lang a64b8695c8 Patch ActiveRecord::Errors#full_messages so that it contains custom values error messages.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2518 e93f8b46-1217-0410-a6f0-8f06a7374b81
2009-02-22 14:46:32 +00:00
Jean-Philippe Lang fe28193e4e Merged Rails 2.2 branch. Redmine now requires Rails 2.2.2.
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2493 e93f8b46-1217-0410-a6f0-8f06a7374b81
2009-02-21 11:04:50 +00:00
Jean-Philippe Lang ef903ba70e Adds :async_smtp and :async_sendmail delivery methods to perform email deliveries asynchronously.
Code from http://www.datanoise.com/articles/2006/7/14/asynchronous-email-delivery.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2339 e93f8b46-1217-0410-a6f0-8f06a7374b81
2009-01-31 11:43:54 +00:00
Jean-Philippe Lang 2644141a36 Makes the app boot with Rails 2.2.2
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2227 e93f8b46-1217-0410-a6f0-8f06a7374b81
2009-01-04 12:14:05 +00:00
Jean-Philippe Lang 2986afc05e Adds support for free ticket filtering and custom queries on Gantt chart.
ProjectsController#gantt moved to IssuesController.

git-svn-id: http://redmine.rubyforge.org/svn/trunk@1797 e93f8b46-1217-0410-a6f0-8f06a7374b81
2008-09-10 18:26:13 +00:00
Jean-Philippe Lang fc42dd2cef Email delivery configuration moved to an unversioned YAML file (config/email.yml, see the sample file) (#1412).
Email delivery is disabled. It's automatically turned on when configuration is found.

git-svn-id: http://redmine.rubyforge.org/svn/trunk@1625 e93f8b46-1217-0410-a6f0-8f06a7374b81
2008-07-04 18:55:45 +00:00
Jean-Philippe Lang 7cdd88a6ce Merged Rails 2.1 compatibility branch.
git-svn-id: http://redmine.rubyforge.org/svn/trunk@1623 e93f8b46-1217-0410-a6f0-8f06a7374b81
2008-07-04 17:58:14 +00:00