Menu
▾
▴
Re: [mantisbt-dev] Possible fix for MantisBT issue #11166
|
From: Nitin R. <nit...@da...> - 2010-03-02 12:55:56
|
Hi Gianluca! Thank you for your reply. I've only had to use the Manage Configuration interface recently. I've been using Mantis for over a year during which I edited the code to customize the interface... mostly moving fields between the simple and advanced views, but have only started development on Mantis last month. As I'm new to the scene, I'm unaware of the reasoning for the decisions that were made in the past. I've been looking at common functionality that needs an interface for configuration but currently can only be performed through the Manage Configuration page. I've created a plugin for configuring the fields on the Report Issue page at: https://mantisadmin.svn.sourceforge.net/svnroot/mantisadmin/trunk If somebody could post a list of functionality that cannot, currently, be performed without the Manage Configuration page, I could build the needed interfaces as plugins that can eventually be made a part of Mantis Core. Regards, Nitin ________________________________________ From: Gianluca Sforna [gi...@gm...] Sent: Tuesday, March 02, 2010 1:58 PM To: developer discussions Subject: Re: [mantisbt-dev] Possible fix for MantisBT issue #11166 On Tue, Mar 2, 2010 at 8:15 AM, Nitin Reddy <nit...@da...> wrote: > Would it, perhaps, be simpler if we would use "eval" in this case since > access to this page is restricted to admin users? PHP developers would be > able to enter the array by copying in what they require and eval supports > the existing formats that we use, including the use of unquoted strings. eval was specifically removed because it allows arbitrary PHP code to be executed on server => security issue. The current (limited) system is there to cover basic usage avoiding the security implications, but we should really aim to replace the whole options handling so you don't really need to enter complex arrays to configure your stuff. -- Gianluca Sforna http://morefedora.blogspot.com http://www.linkedin.com/in/gianlucasforna ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ mantisbt-dev mailing list man...@li... https://lists.sourceforge.net/lists/listinfo/mantisbt-dev |