Skip to content
Commits on Nov 23, 2008
  1. @racke

    updated Debconf translations

    racke committed
Commits on Nov 12, 2008
  1. @jonjensen

    Include Peter Eisentraut's script to re-add implicit casts to Postgre…

    jonjensen committed
    …SQL 8.3,
    
    as his Planet PostgreSQL blog is no longer available.
Commits on Nov 10, 2008
  1. @jonjensen
  2. @jonjensen
  3. @jonjensen

    Correct logic flaw that applied UTF-8 handling in some cases where it…

    jonjensen committed
    … shouldn't have.
    
    Fixed by David Christensen <david@endpoint.com>.
Commits on Nov 2, 2008
  1. @racke

    updated German translation of Debconf templates (Closes: #503394,

    racke committed
    thanks to Helge Kreutzmann <debian@helgefjell.de>)
    updated Portuguese translation of Debconf templates (Closes: #504274,
    thanks to ardoric@gmail.com)
Commits on Oct 24, 2008
  1. @racke

    updated Russian translation of Debconf templates (Closes: #502890,

    racke committed
    thanks to Yuri Kozlov <kozlov.y@gmail.com>)
  2. @pajamian

    Fix vulnerability where a string passed in the mv_order_item CGI vari…

    pajamian committed
    …able is
    
    displayed verbatim without any input sanitation if there is a valid sku in
    mv_sku.  Thanks to Mat from Bibliopolis for discovering and reporting the
    vulnerability.
Commits on Oct 16, 2008
  1. @racke

    * added Italian translation of Debconf templates (Closes: #502466,

    racke committed
      thanks to vince <vinz65@gmail.com>)
    * update missing MANIFEST entries
  2. @racke

    * updated Czech translation of Debconf templates (Closes: #502416, th…

    racke committed
    …anks
    
      to Martin Sín <martin.sin@seznam.cz>)
  3. @racke

    * updated Swedish translation of Debconf templates (Closes: #502403,

    racke committed
      thanks to Martin Ågren <martin.agren@gmail.com>)
    * updated French translation of Debconf templates (Closes: #502376,
      thanks to Christian Perrier <bubulle@debian.org>)
Commits on Oct 13, 2008
  1. @racke

    update for upcoming release

    racke committed
Commits on Oct 12, 2008
  1. @racke
Commits on Oct 3, 2008
  1. @racke

    Added Nunavut to the list of valid Canadian provinces (#231).

    racke committed
    Thanks to Mathew Jones for the report.
Commits on Sep 26, 2008
  1. @racke

    document fix for #224

    racke committed
  2. @jonjensen

    Quell bogus warnings from Encode::Alias. Resolves RT #224.

    jonjensen committed
    Thanks to Andy <ic@tvcables.co.uk> and Rene Hertell <icdevgroup@hertell.com> for reporting.
Commits on Sep 18, 2008
  1. @racke

    added XML POST fix

    racke committed
Commits on Sep 17, 2008
  1. @jonjensen

    Allow XML posts by e.g. Google Checkout, which broke in Interchange 5…

    jonjensen committed
    ….6.0 (RT #219).
    
    Thanks to Andy <ic@tvcables.co.uk> for the patch.
Commits on Aug 13, 2008
  1. @pajamian

    Provide reasonable defaults for shipping mode and country at checkout…

    pajamian committed
    … to avoid "not enough information" errors.
  2. @jonjensen
Commits on Jul 28, 2008
  1. @perusionmike
  2. @perusionmike
Commits on Jul 18, 2008
  1. @perusionmike
Commits on Jul 16, 2008
  1. @racke
  2. @perusionmike

    * If the tmp/wget directory (or more properly "$Vend::Cfg->{ScratchDi…

    perusionmike committed
    …r}/wget"
    
      directory did not exist, use_wget mode would error out.
    
      Change code to make directory if non-existent, and give better error
      if by some strange chance a file existed there.
Commits on Jul 9, 2008
  1. reverted change as it causes new pages to not be created anymore

    Gert van der Spoel committed
  2. reverted change as it causes new pages to not be created anymore

    Gert van der Spoel committed
  3. @racke
Commits on Jul 4, 2008
  1. @perusionmike

    * We are vulnerable to cross-site scripting problems any time there is a

    perusionmike committed
      <input value="[value foo]"> call. You can get around this, of course,
      with <input value="[value name=foo keep=1 filter=encode_entities"]">
      instead. That is a bit of a mess, though, so I added an alias
      for that called "evalue".
    
      You call it with [evalue address1], which is identical to
      [value keep=1 filter="encode_entities" name=address1].
    
    * Modified include/checkout forms to use this. There are undoubtedly many
      other places it should be put in. But until this is evaluated properly
      I don't want to do it all over the place. You can do so with this
      one liner, at least pretty reliably:
    
             perl -pi -e 's{value="\[(value\s+[-\w]+\])}{value="[e$1}g'
    
      I think we have gotten rid of all VALUE= uppercase kind of things,
      but if not we should now.
Commits on Jun 16, 2008
  1. @perusionmike

    * Fix deficiency in Levies, where multiple handling modes separated b…

    perusionmike committed
    …y null
    
      would not work as in the old subtotal calculation model.
Commits on Jun 5, 2008
  1. @racke

    note about forum fix

    racke committed
  2. @racke

    merged changes 1.4.2.1 vs 1.4.2.2

    racke committed
    +++ 1.4.2.2 +++
    Disabled product comment to prevent spam showing up on default installations.
Commits on Jun 4, 2008
  1. @racke
  2. @racke
  3. @racke
Something went wrong with that request. Please try again.