merge from HEAD

Richard Jones · Richard Jones · commit 872a08e32635 · 2004-08-07T22:19:14.000Z
diff --git a/CHANGES.txt b/CHANGES.txt
@@ -7,6 +7,7 @@ Fixed:
 - fixed history display when "ascending"
 - removed references to py2.3+ boolean values (sf bug 995682)
 - fix static file path normalisation in security check (thanks David Linke)
+- less specific messages for login failures (thanks Chris Withers)
 
 2004-07-21 0.7.6
 Fixed:
diff --git a/doc/index.txt b/doc/index.txt
@@ -130,8 +130,8 @@ Mitchell Surface,
 Mike Thompson,
 Martin Uzak,
 Darryl VanDorp,
-J Vickroy.
-
+J Vickroy,
+Chris Withers.
 
 
 License
diff --git a/doc/installation.txt b/doc/installation.txt
@@ -472,9 +472,16 @@ My group now looks like this::
 
      support:*:1002:jblaine,samh,geezer,mail,apache
 
-The tracker "db" directory should be chmod'ed g+sw so that the group can
-write to the database, and any new files created in the database will be owned
-by the group.
+After this change, you'll need to make sure you restart roundup-server,
+apache and any other long-running process associated with Roundup.  
+The tracker "db" directory permissions and owner information should be
+fixed with::
+
+   chmod g+sw db
+   chgrp support db
+   
+This allows the group to write to the database, and any new files
+created in the database will be owned by the group.
 
 If you're using the mysql or postgresql backend then you'll need to ensure
 that the tracker user has appropriate permissions to create/modify the
diff --git a/roundup/cgi/actions.py b/roundup/cgi/actions.py
@@ -1,4 +1,4 @@
-#$Id: actions.py,v 1.27.2.4 2004-07-20 02:10:43 richard Exp $
+#$Id: actions.py,v 1.27.2.5 2004-08-07 22:19:14 richard Exp $
 
 import re, cgi, StringIO, urllib, Cookie, time, random
 
@@ -801,14 +801,14 @@ def handle(self):
             self.client.userid = self.db.user.lookup(self.client.user)
         except KeyError:
             name = self.client.user
-            self.client.error_message.append(_('No such user "%(name)s"')%locals())
+            self.client.error_message.append(_('Ivalid login'))
             self.client.make_user_anonymous()
             return
 
         # verify the password
         if not self.verifyPassword(self.client.userid, password):
             self.client.make_user_anonymous()
-            self.client.error_message.append(_('Incorrect password'))
+            self.client.error_message.append(_('Invalid login'))
             return
 
         # Determine whether the user has permission to log in.
