Context Navigation

Modify ↓

#6780 closed defect (fixed)

Unchecked input on WebAdmin

Reported by:	trac-ja@…	Owned by:	Christopher Lenz
Priority:	normal	Milestone:	0.11
Component:	admin/web	Version:	0.11b1
Severity:	minor	Keywords:
Cc:	trac-ja@…	Branch:
Release Notes:
API Changes:
Internal Changes:

Description

Bad data will be registered in database by this sequence:

Open enum fields manage page in WebAdmin.
Change order listbox's parameter value_[number] to value_XXX by DOM-Inspector.
Push Apply Changes.

When this sequence done, All users can't show New ticket, View tickets and Roadmap pages with sorting. TracWebAdmin-plugin for 0.10 has same problem, too.

This problem is happend when user is logged in and has "TICKET_ADMIN" permission.

Attachments (2)

Trac-0.11b1_inputcheckwebadmin_r382.patch (706 bytes ) - added by trac-ja@… 18 years ago.: patch againsts Trac-0.11b1
TracWebAdmin-0.1.2r5911_inputcheck_r297.patch (714 bytes ) - added by trac-ja@… 18 years ago.: patch againsts source:sandbox/webadmin@5911

Download all attachments as: .zip

Change History (4)

by trac-ja@…, 18 years ago

Attachment:	Trac-0.11b1_inputcheckwebadmin_r382.patch added

patch againsts Trac-0.11b1

by trac-ja@…, 18 years ago

Attachment:	TracWebAdmin-0.1.2r5911_inputcheck_r297.patch added

patch againsts source:sandbox/webadmin@5911

comment:1 by trac-ja@…, 18 years ago

Cc:	trac-ja@… added

comment:2 by Christian Boos, 18 years ago

Resolution:	→ fixed
Severity:	normal → minor
Status:	new → closed

Applied in r6581 for trunk.

But quite frankly, one should be able to trust TICKET_ADMINs ;-) That's maybe why doing #3163 is important…

Also, as far as I'm concerned, the WebAdmin plugin is now deprecated. Anyone interested in further fixes or improvements should rather go for 0.11 at this point.

Modify Ticket

Change Properties

Summary:
Description:	Bad data will be registered in database by this sequence: 1. Open enum fields manage page in WebAdmin. 2. Change order listbox's parameter `value_[number]` to `value_XXX` by DOM-Inspector. 3. Push `Apply Changes`. When this sequence done, All users can't show `New ticket`, `View tickets` and `Roadmap` pages with sorting. TracWebAdmin-plugin for 0.10 has same problem, too. This problem is happend when user is logged in and has "TICKET_ADMIN" permission. You may use WikiFormatting here.
Type:		Priority:
Milestone:		Component:
Version:		Severity:
Keywords:		Cc:	Set your email in Preferences
Branch:
Release Notes:
API Changes:
Internal Changes:

Action

leave as closed The owner will remain Christopher Lenz.

reopen The resolution will be deleted. Next status will be 'reopened'.

change ownership to The owner will be changed from Christopher Lenz to the specified user.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences .

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats:

Context Navigation

#6780 closed defect (fixed)

Unchecked input on WebAdmin

Description

Attachments (2)

Change History (4)

by trac-ja@…, 18 years ago

by trac-ja@…, 18 years ago

comment:1 by trac-ja@…, 18 years ago

comment:2 by Christian Boos, 18 years ago

Modify Ticket

Add Comment

by anonymous

Download in other formats: