View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0027768 | mantisbt | administration | public | 2020-12-17 01:42 | 2021-03-07 18:29 |
Reporter | bos4711 | Assigned To | dregad | ||
Priority | normal | Severity | tweak | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 2.22.1 | ||||
Target Version | 2.25.0 | Fixed in Version | 2.25.0 | ||
Summary | 0027768: When deleting a project, there should be information of how many (if any) issues are affected | ||||
Description | As above. When deleting a project, there is zero information. | ||||
Tags | No tags attached. | ||||
Attached Files | |||||
Resolved by mistake. |
|
PR https://github.com/mantisbt/mantisbt/pull/1718 New message as per screenshot below |
|
@dregad your current PR introduces XSS, see my note in the PR. While thinking more about it, I am asking myself if we should sanitize the string in function |
|
For the record - the fix for the XSS referenced in 0027768:0064811 is included in the commit that I just merged to master branch. With regards to XSS in other places in code, I confirmed the suspected behavior and opened 0027779 to track. |
|
MantisBT: master 100c3d58 2020-12-19 07:06 Details Diff |
Improve Project delete confirmation message The 'project_delete_msg' string now includes the bug count in addition to the Project's name. New Project API function project_get_bug_count() returns the number of issues associated to the given project. Fixes 0027768 |
Affected Issues 0027768 |
|
mod - core/project_api.php | Diff File | ||
mod - lang/strings_english.txt | Diff File | ||
mod - manage_proj_delete.php | Diff File |