Backport fixes from upstream svn, see bug #242722 comment 4 for details.

(Portage version: 2.2_rc12/cvs/Linux 2.6.26-openvz.git-777e816 i686)

1 files changed, 161 insertions, 0 deletions

diff --git a/www-apps/mantisbt/files/mantis-1.1.4-r5702.patch b/www-apps/mantisbt/files/mantis-1.1.4-r5702.patch
new file mode 100644
index 000000000000..8dd544a57cc6
--- /dev/null
+++ b/www-apps/mantisbt/files/mantis-1.1.4-r5702.patch
@@ -0,0 +1,161 @@
+Index: lang/strings_english.txt
+===================================================================
+--- lang/strings_english.txt	(revision 5688)
++++ lang/strings_english.txt	(working copy)
+@@ -301,6 +301,7 @@
+ $MANTIS_ERROR[ERROR_SESSION_VAR_NOT_FOUND] = 'Session variable \'%s\' not found.';
+ $MANTIS_ERROR[ERROR_FORM_TOKEN_INVALID] = 'Invalid form security token.  Did you submit the form twice by accident?';
+ $MANTIS_ERROR[ERROR_INVALID_REQUEST_METHOD] = 'This page cannot be accessed using this method.';
++$MANTIS_ERROR[ERROR_INVALID_SORT_FIELD] = 'Invalid sort field.';
+ 
+ $s_login_error = 'Your account may be disabled or blocked or the username/password you entered is incorrect.';
+ $s_login_cookies_disabled = 'Your browser either doesn\'t know how to handle cookies, or refuses to handle them.';
+Index: account_page.php
+===================================================================
+--- account_page.php	(revision 5688)
++++ account_page.php	(working copy)
+@@ -94,6 +94,9 @@
+ <div align="center">
+ <form method="post" action="account_update.php">
+ <?php  echo form_security_field( 'account_update' )?>
++<?php if ( isset( $g_session_pass_id ) ) { ?>
++<input type="hidden" name="session_id" value="<?php echo session_id() ?>"/>
++<?php } ?>
+ <table class="width75" cellspacing="1">
+ 
+ 	<!-- Headings -->
+Index: core/utility_api.php
+===================================================================
+--- core/utility_api.php	(revision 5688)
++++ core/utility_api.php	(working copy)
+@@ -192,10 +192,20 @@
+ 			$t_factor = 1;
+ 		}
+ 
++		if( empty( $p_array ) ) {
++			return $p_array;
++		}
++		if( !is_array( current($p_array ) ) ) {
++			error_parameters( 'tried to multisort an invalid multi-dimensional array' );
++			trigger_error(ERROR_GENERIC, ERROR);
++		}
++
+ 		// Security measure: see http://www.mantisbt.org/bugs/view.php?id=9704 for details
+-		if ( array_key_exists( $p_key, $p_array ) ) {
+-			$t_function = create_function( '$a, $b', "return $t_factor * strnatcasecmp( \$a['$p_key'], \$b['$p_key'] );" );
++		if( array_key_exists( $p_key, current($p_array) ) ) {
++			$t_function = create_function( '$a, $b', "return $t_factor * strnatcasecmp( \$a['" . $p_key . "'], \$b['" . $p_key . "'] );" );
+ 			uasort( $p_array, $t_function );
++		} else {
++			trigger_error(ERROR_INVALID_SORT_FIELD, ERROR);
+ 		}
+ 		return $p_array;
+ 	}
+Index: core/session_api.php
+===================================================================
+--- core/session_api.php	(revision 5688)
++++ core/session_api.php	(working copy)
+@@ -48,7 +48,7 @@
+  * to PHP's session.* settings in 'php.ini'.
+  */
+ class MantisPHPSession extends MantisSession {
+-	function __construct() {
++	function __construct( $p_session_id=null ) {
+ 		$t_session_save_path = config_get_global( 'session_save_path' );
+ 		if ( $t_session_save_path ) {
+ 			session_save_path( $t_session_save_path );
+@@ -60,6 +60,11 @@
+ 		} else {
+ 			session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), false );
+ 		}
++
++		if ( !is_null( $p_session_id ) ) {
++			session_id( $p_session_id );
++		}
++
+ 		session_start();
+ 		$this->id = session_id();
+ 	}
+@@ -103,12 +108,12 @@
+ /**
+  * Initialize the appropriate session handler.
+  */
+-function session_init() {
++function session_init( $p_session_id=null ) {
+ 	global $g_session, $g_session_handler;
+ 
+ 	switch( strtolower( $g_session_handler ) ) {
+ 		case 'php':
+-			$g_session = new MantisPHPSession();
++			$g_session = new MantisPHPSession( $p_session_id );
+ 			break;
+ 
+ 		case 'adodb':
+@@ -190,4 +195,11 @@
+ 
+ 
+ ##### Initialize the session
+-session_init();
++$t_session_id = gpc_get_string( 'session_id', '' );
++
++if ( empty( $t_session_id ) ) {
++	session_init();
++} else {
++	session_init( $t_session_id );
++}
++
+Index: core/constant_inc.php
+===================================================================
+--- core/constant_inc.php	(revision 5688)
++++ core/constant_inc.php	(working copy)
+@@ -195,6 +195,7 @@
+ 	define( 'ERROR_HANDLER_ACCESS_TOO_LOW',				17 );
+ 	define( 'ERROR_PAGE_REDIRECTION',				18 );
+ 	define( 'ERROR_INVALID_REQUEST_METHOD',		    19 );
++	define( 'ERROR_INVALID_SORT_FIELD',				20 );
+ 
+ 	# ERROR_CONFIG_*
+ 	define( 'ERROR_CONFIG_OPT_NOT_FOUND',			100 );
+Index: verify.php
+===================================================================
+--- verify.php	(revision 5688)
++++ verify.php	(working copy)
+@@ -42,6 +42,11 @@
+ 		auth_logout();
+ 	}
+ 
++	# (Re)initialize session
++	session_regenerate_id()
++	session_init( session_id() );
++	$g_session_pass_id = ON;
++
+ 	$t_calculated_confirm_hash = auth_generate_confirm_hash( $f_user_id );
+ 
+ 	if ( $f_confirm_hash != $t_calculated_confirm_hash ) {
+@@ -49,7 +54,6 @@
+ 	}
+ 
+ 	# set a temporary cookie so the login information is passed between pages.
+-	auth_logout();
+ 	auth_set_cookies( $f_user_id, false );
+ 
+ 	user_reset_failed_login_count_to_zero( $f_user_id );
+@@ -61,4 +65,4 @@
+ 	user_increment_failed_login_count( $f_user_id );
+ 
+ 	include ( dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'account_page.php' );
+-?>
++
+Index: core.php
+===================================================================
+--- core.php	(revision 5688)
++++ core.php	(working copy)
+@@ -145,7 +145,7 @@
+ 	require_once( $t_core_path.'database_api.php' );
+ 
+ 	# Basic browser detection
+-	$t_user_agent = $_SERVER['HTTP_USER_AGENT'];
++	$t_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'none';
+ 
+ 	$t_browser_name = 'Normal';
+ 	if ( strpos( $t_user_agent, 'MSIE' ) ) {