pva         08/10/15 17:07:47

  Added:                mantisbt-1.1.3-up-to-r5674.patch
  Log:
  Fixed inability to report issues in mantis, reported in bug #241940 by Marek Królikowski.
  (Portage version: 2.2_rc11/cvs/Linux 2.6.26-openvz.git-777e816 i686)

Revision  Changes    Path
1.1                  www-apps/mantisbt/files/mantisbt-1.1.3-up-to-r5674.patch

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/files/mantisbt-1.1.3-up-to-r5674.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-apps/mantisbt/files/mantisbt-1.1.3-up-to-r5674.patch?rev=1.1&content-type=text/plain

Index: mantisbt-1.1.3-up-to-r5674.patch
===================================================================
Index: bug_report_page.php
===================================================================
--- bug_report_page.php	(revision 5664)
+++ bug_report_page.php	(revision 5674)
@@ -112,6 +112,7 @@
 <br />
 <div align="center">
 <form name="report_bug_form" method="post" <?php if ( file_allow_bug_upload() ) { echo 'enctype="multipart/form-data"'; } ?> action="bug_report.php">
+<?php echo form_security_field( 'bug_report' ) ?>
 <table class="width75" cellspacing="1">
 
 
Index: bug_report_advanced_page.php
===================================================================
--- bug_report_advanced_page.php	(revision 5664)
+++ bug_report_advanced_page.php	(revision 5674)
@@ -131,6 +131,7 @@
 <br />
 <div align="center">
 <form name="report_bug_form" method="post" <?php if ( file_allow_bug_upload() ) { echo 'enctype="multipart/form-data"'; } ?> action="bug_report.php">
+<?php echo form_security_field( 'bug_report' ) ?>
 <table class="width75" cellspacing="1">
 
 
Index: config_defaults_inc.php
===================================================================
--- config_defaults_inc.php	(revision 5664)
+++ config_defaults_inc.php	(revision 5674)
@@ -85,7 +85,8 @@
 		}
 
 		if ( isset( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ) { // Support ProxyPass
-			$t_host = $_SERVER['HTTP_X_FORWARDED_HOST'];
+			$t_hosts = split( ',', $_SERVER['HTTP_X_FORWARDED_HOST'] );
+			$t_host = $t_hosts[0];
 		} else if ( isset( $_SERVER['HTTP_HOST'] ) ) {
 			$t_host = $_SERVER['HTTP_HOST'];
 		} else if ( isset( $_SERVER['SERVER_NAME'] ) ) {
Index: core/session_api.php
===================================================================
--- core/session_api.php	(revision 5664)
+++ core/session_api.php	(revision 5674)
@@ -56,9 +56,9 @@
 
 		session_cache_limiter( 'private_no_expire' );
 		if ( isset( $_SERVER['HTTPS'] ) && ( strtolower( $_SERVER['HTTPS'] ) != 'off' ) ) {
-			session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), true, true );
+			session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), true );
 		} else {
-			session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), false, true );
+			session_set_cookie_params( 0, config_get( 'cookie_path' ), config_get( 'cookie_domain' ), false );
 		}
 		session_start();
 		$this->id = session_id();