Permalink
Switch branches/tags
Commits on Nov 23, 2008
  1. updated Debconf translations

    racke committed Nov 23, 2008
Commits on Nov 12, 2008
  1. Include Peter Eisentraut's script to re-add implicit casts to Postgre…

    jonjensen committed Nov 12, 2008
    …SQL 8.3,
    
    as his Planet PostgreSQL blog is no longer available.
Commits on Nov 10, 2008
  1. Correct logic flaw that applied UTF-8 handling in some cases where it…

    jonjensen committed Nov 10, 2008
    … shouldn't have.
    
    Fixed by David Christensen <david@endpoint.com>.
Commits on Nov 2, 2008
  1. updated German translation of Debconf templates (Closes: #503394,

    racke committed Nov 2, 2008
    thanks to Helge Kreutzmann <debian@helgefjell.de>)
    updated Portuguese translation of Debconf templates (Closes: #504274,
    thanks to ardoric@gmail.com)
Commits on Oct 24, 2008
  1. updated Russian translation of Debconf templates (Closes: #502890,

    racke committed Oct 24, 2008
    thanks to Yuri Kozlov <kozlov.y@gmail.com>)
  2. Fix vulnerability where a string passed in the mv_order_item CGI vari…

    pajamian committed Oct 24, 2008
    …able is
    
    displayed verbatim without any input sanitation if there is a valid sku in
    mv_sku.  Thanks to Mat from Bibliopolis for discovering and reporting the
    vulnerability.
Commits on Oct 16, 2008
  1. * added Italian translation of Debconf templates (Closes: #502466,

    racke committed Oct 16, 2008
      thanks to vince <vinz65@gmail.com>)
    * update missing MANIFEST entries
  2. * updated Czech translation of Debconf templates (Closes: #502416, th…

    racke committed Oct 16, 2008
    …anks
    
      to Martin Sín <martin.sin@seznam.cz>)
  3. * updated Swedish translation of Debconf templates (Closes: #502403,

    racke committed Oct 16, 2008
      thanks to Martin Ågren <martin.agren@gmail.com>)
    * updated French translation of Debconf templates (Closes: #502376,
      thanks to Christian Perrier <bubulle@debian.org>)
Commits on Oct 13, 2008
  1. update for upcoming release

    racke committed Oct 13, 2008
Commits on Oct 12, 2008
Commits on Oct 3, 2008
  1. Added Nunavut to the list of valid Canadian provinces (#231).

    racke committed Oct 3, 2008
    Thanks to Mathew Jones for the report.
Commits on Sep 26, 2008
  1. document fix for #224

    racke committed Sep 26, 2008
  2. Quell bogus warnings from Encode::Alias. Resolves RT #224.

    jonjensen committed Sep 26, 2008
    Thanks to Andy <ic@tvcables.co.uk> and Rene Hertell <icdevgroup@hertell.com> for reporting.
Commits on Sep 18, 2008
  1. added XML POST fix

    racke committed Sep 18, 2008
Commits on Sep 17, 2008
  1. Allow XML posts by e.g. Google Checkout, which broke in Interchange 5…

    jonjensen committed Sep 17, 2008
    ….6.0 (RT #219).
    
    Thanks to Andy <ic@tvcables.co.uk> for the patch.
Commits on Aug 13, 2008
  1. Provide reasonable defaults for shipping mode and country at checkout…

    pajamian committed Aug 13, 2008
    … to avoid "not enough information" errors.
Commits on Jul 28, 2008
Commits on Jul 18, 2008
Commits on Jul 16, 2008
  1. * If the tmp/wget directory (or more properly "$Vend::Cfg->{ScratchDi…

    perusionmike committed Jul 16, 2008
    …r}/wget"
    
      directory did not exist, use_wget mode would error out.
    
      Change code to make directory if non-existent, and give better error
      if by some strange chance a file existed there.
Commits on Jul 9, 2008
  1. reverted change as it causes new pages to not be created anymore

    Gert van der Spoel
    Gert van der Spoel committed Jul 9, 2008
  2. reverted change as it causes new pages to not be created anymore

    Gert van der Spoel
    Gert van der Spoel committed Jul 9, 2008
Commits on Jul 4, 2008
  1. * We are vulnerable to cross-site scripting problems any time there is a

    perusionmike committed Jul 4, 2008
      <input value="[value foo]"> call. You can get around this, of course,
      with <input value="[value name=foo keep=1 filter=encode_entities"]">
      instead. That is a bit of a mess, though, so I added an alias
      for that called "evalue".
    
      You call it with [evalue address1], which is identical to
      [value keep=1 filter="encode_entities" name=address1].
    
    * Modified include/checkout forms to use this. There are undoubtedly many
      other places it should be put in. But until this is evaluated properly
      I don't want to do it all over the place. You can do so with this
      one liner, at least pretty reliably:
    
             perl -pi -e 's{value="\[(value\s+[-\w]+\])}{value="[e$1}g'
    
      I think we have gotten rid of all VALUE= uppercase kind of things,
      but if not we should now.
Commits on Jun 16, 2008
  1. * Fix deficiency in Levies, where multiple handling modes separated b…

    perusionmike committed Jun 16, 2008
    …y null
    
      would not work as in the old subtotal calculation model.
Commits on Jun 5, 2008
  1. note about forum fix

    racke committed Jun 5, 2008
  2. merged changes 1.4.2.1 vs 1.4.2.2

    racke committed Jun 5, 2008
    +++ 1.4.2.2 +++
    Disabled product comment to prevent spam showing up on default installations.
Commits on Jun 4, 2008