aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Cgi/options.py (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Changed the member options login page unsubscribe request to include theMark Sapiro2010-07-271-1/+2
| | | | requesters IP address in the confirmation request. Bug #610527.
* Added roster to the CGIs that return HTTP 401 status for an authenticationMark Sapiro2010-03-291-0/+2
| | | | failure, and return HTTP 404 status from all CGIs for an invalid list name.
* We now give an HTTP 401 status for authentication failures from admin,Mark Sapiro2010-02-041-1/+3
| | | | admindb, private and options logins.
* options.py - Made the ability for a list admin to change a members passwordMark Sapiro2008-04-141-0/+8
| | | | | | | conditional on mm_cfg.OWNERS_CAN_CHANGE_MEMBER_PASSWORDS. Defaults.py.in - Added OWNERS_CAN_CHANGE_MEMBER_PASSWORDS = No.
* CookHeaders.py - Changed the first URL in the RFC 2369 List-Unsubscribe:Mark Sapiro2008-03-061-4/+7
| | | | | | | | | | | | | header to go to the options login page instead of the listinfo page. options.py - Changed to only issue the "No address given" error if coming from the page itself so we don't get the error when linking from another page or the List-Unsubscribe: header. - Changed to remember the user's language selection when redisplaying the page after an error.
* - Cgi/options.py - fixed to not present the "empty" topic to user.Mark Sapiro2007-11-041-1/+3
| | | | | - Handlers/CalcRecips.py - Changed to not process topics if topics are disabled for the list.
* CVE-2006-3636. Fixes for various cross-site scripting issues. Discovery bybwarsaw2006-08-301-2/+2
| | | | | Moritz Naumann and most of the repair work done by Mark Sapiro (with some additional work by Barry).
* Improving banned subscription logic to cover all invites, subscribes, ↵msapiro2005-12-031-0/+5
| | | | address changes and confirmations of same.
* As of 2.1.6, List admins can change user's option/subscription globally.tkikuchi2005-11-301-11/+56
| | | | | | | This is not good if list admin cannot be fully trusted. This patch disables the list admin's ability of changing the user option/subscription globally; changes are effective only within the list. Site admin can change globally if mm_cfg.ALLOW_SITE_ADMIN_COOKIES is set Yes.
* FSF office has moved to 51 Franklin Street.tkikuchi2005-08-271-1/+1
|
* main(): The list lock must be held in order to pend unsubscription requests.bwarsaw2004-02-291-12/+13
|
* main(): It's possible that if you're logged in as the list admin, you can getbwarsaw2004-02-171-3/+5
| | | | | | | to the end of the function trying to present the options page for a non-existant user, causing a traceback. At the last second, do one more isMember() check and return the loginpage if the address isn't a member of the list.
* main(): Fix for bug #832748, where unsubscribe_policy was beingbwarsaw2003-11-031-4/+24
| | | | | | | ignored for the unsub button on the member login page. Report and original patch by Pasi Sjoholm, modify by Barry. Forward port candidate.
* Backporting from the trunk.bwarsaw2003-02-081-15/+26
|
* main(): In the change-of-address section, we only want to show thebwarsaw2003-01-021-3/+5
| | | | | | | | | | | | "you are already using that email address" message if the newaddress matches the case-preserved (subscribed) address. Also, in the set_address section, if cpuser is None, set it to the the user address, since that's what we'll use now as the old address in the ChangeMemberAddress() call. This and related changes should fix problems when the address we're changing to differs for the current address by case only.
* This commit was manufactured by cvs2svn to create branch2003-01-021-0/+950
'Release_2_1-maint'.