Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Change a few %s format letters into %h. |
|---|---|
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
8e27a5a084a55f1831ec4e17b2de48b5 |
| User & Date: | drh 2017-05-12 17:22:24.451 |
Context
|
2017-05-13
| ||
| 18:00 | Enhance the "fossil 3-way-merge" command to output a warning in the event of merge conflicts. check-in: 9e17c686f5 user: drh tags: trunk | |
|
2017-05-12
| ||
| 17:22 | Change a few %s format letters into %h. check-in: 8e27a5a084 user: drh tags: trunk | |
| 16:22 | Fix an XSS issue with the /help webpage. check-in: db482f1675 user: drh tags: trunk | |
Changes
Changes to src/login.c.
| ︙ | ︙ | |||
1456 1457 1458 1459 1460 1461 1462 |
blob_init(&caps, db_get("default-perms", "u"), -1);
blob_init(&passwd, zPasswd, -1);
if( db_exists("SELECT 1 FROM user WHERE login=%B", &login) ){
/* Here lies the reason I don't use zErrMsg - it would not substitute
* this %s(zUsername), or at least I don't know how to force it to.*/
@ <p><span class="loginError">
| | | 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 |
blob_init(&caps, db_get("default-perms", "u"), -1);
blob_init(&passwd, zPasswd, -1);
if( db_exists("SELECT 1 FROM user WHERE login=%B", &login) ){
/* Here lies the reason I don't use zErrMsg - it would not substitute
* this %s(zUsername), or at least I don't know how to force it to.*/
@ <p><span class="loginError">
@ %h(zUsername) already exists.
@ </span></p>
}else{
char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login), 0);
int uid;
db_multi_exec(
"INSERT INTO user(login,pw,cap,info,mtime)"
"VALUES(%B,%Q,%B,%B,strftime('%%s','now'))",
|
| ︙ | ︙ |
Changes to src/name.c.
| ︙ | ︙ | |||
465 466 467 468 469 470 471 |
const char *zUuid = db_column_text(&q, 1);
const char *zTitle = db_column_text(&q, 2);
@ <li><p><a href="%R/%T(zSrc)/%!S(zUuid)">
@ %s(zUuid)</a> -
@ <ul></ul>
@ Ticket
hyperlink_to_uuid(zUuid);
| | | 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 |
const char *zUuid = db_column_text(&q, 1);
const char *zTitle = db_column_text(&q, 2);
@ <li><p><a href="%R/%T(zSrc)/%!S(zUuid)">
@ %s(zUuid)</a> -
@ <ul></ul>
@ Ticket
hyperlink_to_uuid(zUuid);
@ - %h(zTitle).
@ <ul><li>
object_description(rid, 0, 0);
@ </li></ul>
@ </p></li>
}
db_finalize(&q);
db_prepare(&q,
|
| ︙ | ︙ |
Changes to src/setup.c.
| ︙ | ︙ | |||
483 484 485 486 487 488 489 |
blob_reset(&sql);
admin_log( "Updated user [%q] in all login groups "
"with capabilities [%q].",
zLogin, zCap );
if( zErr ){
style_header("User Change Error");
admin_log( "Error updating user '%q': %s'.", zLogin, zErr );
| | | 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 |
blob_reset(&sql);
admin_log( "Updated user [%q] in all login groups "
"with capabilities [%q].",
zLogin, zCap );
if( zErr ){
style_header("User Change Error");
admin_log( "Error updating user '%q': %s'.", zLogin, zErr );
@ <span class="loginError">%h(zErr)</span>
@
@ <p><a href="setup_uedit?id=%d(uid)">[Bummer]</a></p>
style_footer();
return;
}
}
cgi_redirect("setup_ulist");
|
| ︙ | ︙ |