Commits · 93700ea398b078b50c4740d5f8e5d1535aee5693 · docker / osticket

Sep 04, 2014

Fix incorrect collaborator and owner email links · 93700ea3

Jared Hancock authored 10 years ago

Also, fix duplicate emails where a user as a collaborator would be sent a
confirmation for their own respective email.

93700ea3

Aug 18, 2014
- Merge pull request #1154 from greezybacon/issue/1144 · 7044ac71
  Peter Rotich authored 10 years ago
```
oops: Fix incorrectly placed header line

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  7044ac71
- Merge pull request #1162 from KyraD/patch-1 · b4ed7517
  Peter Rotich authored 10 years ago
```
Fix XSS Vulnerability In "tpl.inc.php"

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  b4ed7517
- Merge pull request #1155 from greezybacon/issue/filter-set-topic · 65b06e75
  Peter Rotich authored 10 years ago
```
oops: Allow filter to set help topic

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  65b06e75
- Merge pull request #1139 from greezybacon/issue/csv-import-line-endings · 9cc0a62d
  Peter Rotich authored 10 years ago
```
Handle Macintosh style line endings for CSV import

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  9cc0a62d
- Apply numeric sort to the ticket number column · 19970aa6
  Jared Hancock authored 10 years ago
  
  19970aa6
Aug 16, 2014

Fix XSS Vulnerability In "tpl.inc.php" · 7eb8f287

Kyra ツ authored 10 years ago

Fix applied to where the value is directly output to browser instead of where fetched in case special chars are allowed in `code_name`, which may break logic prior to output.

7eb8f287

Aug 14, 2014
- oops: Allow filter to set help topic · 1d9f4daf
  Jared Hancock authored 10 years ago
  
  1d9f4daf
- oops: Fix gross error truncating thread messages · 356ca50b
  Jared Hancock authored 10 years ago
  
  356ca50b
- oops: Fix saving company information · a14440ee
  Jared Hancock authored 10 years ago
  
  a14440ee
- oops: Fix missing warning on cgi.fix_pathinfo · 3433f2a7
  Jared Hancock authored 10 years ago
  
  3433f2a7
- oops: Fix incorrectly placed header line · d6fe00e6
  Jared Hancock authored 10 years ago
  
  d6fe00e6
Aug 06, 2014
- install: Fix priority_id column on installation · 5c491ecb
  Jared Hancock authored 10 years ago
  
  5c491ecb
Aug 04, 2014
- Handle Macintosh style line endings for CSV import · 53725d27
  Jared Hancock authored 10 years ago
  
  53725d27
Aug 01, 2014
- Decode html entities after sanitization · bba9ccce
  Peter Rotich authored 10 years ago
  
  v1.9.3
  
  bba9ccce
Jul 31, 2014
- oops: Fix initial ticket creation · 3960a973
  Jared Hancock authored 10 years ago
  
  3960a973
- oops: Allows edits to ticket custom data · 8588be67
  Jared Hancock authored 10 years ago
  
  8588be67
- Add release notes for v1.9.3 · 452eeec5
  Jared Hancock authored 10 years ago
  
  452eeec5
- Merge pull request #1135 from greezybacon/feature/redactor-links · 5fea2b68
  Peter Rotich authored 10 years ago
```
redactor: No more link shortening

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  5fea2b68
- redactor: No more link shortening · 0524e574
  Jared Hancock authored 10 years ago
```
Also add a drop-down list of common links include ticket links and login
pages for both agents and end users.
```
  0524e574
- Merge pull request #1131 from greezybacon/issue/1108 · 3242638a
  Peter Rotich authored 10 years ago
```
Fix potential XSS vulnerability on user's name

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  3242638a
Jul 30, 2014
- Fix potential XSS vulnerability on user's name · 17d5dbf5
  Jared Hancock authored 10 years ago
```
Add other locations as well a failsafe for the htmlentities() call
```
  17d5dbf5
- Merge pull request #1077 from corygibbons/spelling-fix · 275c0174
  Peter Rotich authored 10 years ago
```
Fix spelling error in Markdown document

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  275c0174
- Merge pull request #1090 from TakeMeNL/patch-1 · da173aa8
  Peter Rotich authored 10 years ago
```
Update class.ticket.php

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  da173aa8
- Merge pull request #1127 from thaeli/develop · 77ee8e1a
  Peter Rotich authored 10 years ago
```
Fix typo in suggested permissions for config file

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  77ee8e1a
- Merge pull request #1115 from greezybacon/issue/sys-alerts-no-bounce · 1f946ffc
  Peter Rotich authored 10 years ago
```
email: No bounces for system alerts

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  1f946ffc
- Merge pull request #1113 from greezybacon/issue/custom-list-retired-vals · 1fe83a43
  Peter Rotich authored 10 years ago
```
lists: Don't crash rendering a selection

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  1fe83a43
- Merge pull request #1114 from greezybacon/issue/dept-sys-defaults · 9cc6356d
  Peter Rotich authored 10 years ago
```
email: Setting default for priority and department

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  9cc6356d
- Merge pull request #1105 from greezybacon/issue/1083 · 93578336
  Peter Rotich authored 10 years ago
```
forms: Preserve data for help topic fields

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  93578336
- Merge pull request #1104 from greezybacon/issue/1097 · a116bad7
  Peter Rotich authored 10 years ago
```
Properly tag source and topic for emails

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  a116bad7
- Merge pull request #1111 from greezybacon/issue/860 · e49e8ff1
  Peter Rotich authored 10 years ago
```
session: Override PHP default for session lifetime

Reviewed-By: Peter Rotich <peter@osticket.com>
```
  e49e8ff1
Jul 29, 2014
- forms: Phone numbers with no digits = invalid · a24ec590
  Jared Hancock authored 10 years ago
```
Previously, the characters would be removed and the data would be considered
empty which would bypass validation and clear the phone number on save
rather than triggering a validation error.
```
  a24ec590
- forms: Fix save of user profile data · 3716087a
  Jared Hancock authored 10 years ago
  
  3716087a
- Fix typo in suggested permissions for config file · 7d971849
  Ian Webb authored 10 years ago
  
  7d971849
Jul 18, 2014

Merge pull request #1108 from protich/issue/xss-user · 24dbf6e5
Jared Hancock authored 10 years ago
```
Fix potential XSS vulnerability on user's name

Reviewed-By: Jared Hancock <jared@osticket.com>
```
24dbf6e5

email: No bounces for system alerts · a333026d

Jared Hancock authored 10 years ago

Send an empty return-path envelope when sending out system alerts. If they
should happen to bounce for any reason, they should not return to the system
and create tickets.

a333026d

email: Setting default for priority and department · 522fa76d

Jared Hancock authored 10 years ago

Previously, osTicket introduced the ability to cascade defaults for the
department and priority to the email mail boxes. However, the validation
checks and display fall-backs were never added.

522fa76d

lists: Don't crash rendering a list · 87488e01

Jared Hancock authored 10 years ago

This patch fixes an issue where a fatal error would be triggered if the
current value of a selection field on a custom form was a custom list item
that has since been deleted.

87488e01

session: Override PHP default for session lifetime · 709c5975

Jared Hancock authored 10 years ago

The PHP.ini default is 1440 seconds (24 minutes). This should be configured
to something significantly higher so that the settings in the admin panel
concerning session timeouts are relevant.

Ideally, the settings from the control panel would be used, but currently
there is an inter-dependency between session and config startups.

709c5975

Jul 17, 2014

Fix XSS vulnerability on user's name · 92824412

Peter Rotich authored 10 years ago

Names parsed from incoming emails are stored in the database as is. This
pull request addresses potential XSS vulnerability due to improper display
of unsanitized names. Going forward names will be scrubbed on create.

92824412