**                      are applied if this setting is undefined or is
**                      an empty string.
*/
void login_restrict_robot_access(void){
  const char *zReferer;
  const char *zGlob;
  int isMatch = 1;
  int nQP;  /* Number of query parameters other than name= */
  if( g.zLogin!=0 ) return;
  zGlob = db_get("robot-restrict",0);
  if( zGlob==0 || zGlob[0]==0 ) return;
  if( g.isHuman ){
    zReferer = P("HTTP_REFERER");
    if( zReferer && zReferer[0]!=0 ) return;
  }
  nQP = cgi_qp_count();
  if( nQP<1 ) return;
  isMatch = glob_multi_match(zGlob, g.zPath);
  if( !isMatch ) return;

  /* Check for exceptions to the restriction on the number of query
  ** parameters. */
  zGlob = db_get("robot-restrict-qp",0);
  if( zGlob && zGlob[0] ){
    char *zPath = mprintf("%s/%d", g.zPath, nQP);
    isMatch = glob_multi_match(zGlob, zPath);
    fossil_free(zPath);
    if( isMatch ) return;
  }

  /* If we reach this point, it means we have a situation where we
  ** want to restrict the activity of a robot.
  */
  g.isHuman = 0;
  (void)exclude_spiders(0);
  cgi_reply();

  @ parameters. Some robots will spend hours juggling around query parameters
  @ or even forging fake query parameters in an effort to discover new
  @ behavior or to find an SQL injection opportunity or similar.  This can
  @ waste hours of CPU time and gigabytes of bandwidth on the server.  A
  @ suggested value for this setting is:
  @ "<tt>timeline,*diff,vpatch,annotate,blame,praise,dir,tree</tt>".
  @ (Property: robot-restrict)
  @ <br>
  textarea_attribute("", 2, 80,
      "robot-restrict", "rbrestrict", "", 0);
  @ <br> The following comma-separated GLOB pattern allows for exceptions
  @ in the maximum number of query parameters before a request is considered
  @ complex.  If this GLOB pattern exists and is non-empty and if it
  @ matches against the pagename followed by "/" and the number of query
  @ parameters, then the request is allowed through.  For example, the
  @ suggested pattern of "timeline/[012]" allows the /timeline page to
  @ pass with up to 2 query parameters besides "name".
  @ (Property: robot-restrict-qp)
  @ <br>
  textarea_attribute("", 2, 80,
      "robot-restrict-qp", "rbrestrictqp", "", 0);

  @ <hr>
  @ <p><input type="submit"  name="submit" value="Apply Changes"></p>
  @ </div></form>
  db_end_transaction(0);
  style_finish_page();
}

  int disableY = 0;                   /* Disable type selector on submenu */
  int advancedMenu = 0;               /* Use the advanced menu design */
  char *zPlural;                      /* Ending for plural forms */
  int showCherrypicks = 1;            /* True to show cherrypick merges */
  int haveParameterN;                 /* True if n= query parameter present */
  int from_to_mode = 0;               /* 0: from,to. 1: from,ft 2: from,bt */

  login_check_credentials();
  url_initialize(&url, "timeline");
  cgi_query_parameters_to_url(&url);

  (void)P_NoBot("ss")
    /* "ss" is processed via the udc but at least one spider likes to
    ** try to SQL inject via this argument, so let's catch that. */;

  /* To view the timeline, must have permission to read project data.
  */
  pd_rid = name_choice("dp","dp2",&zDPName);
  if( pd_rid ){
    p_rid = d_rid = pd_rid;
  }

  if( (!g.perm.Read && !g.perm.RdTkt && !g.perm.RdWiki && !g.perm.RdForum)
   || (bisectLocal && !g.perm.Setup)
  ){
    login_needed(g.anon.Read && g.anon.RdTkt && g.anon.RdWiki);
    return;
  }
  if( !bisectLocal ){