Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Refinements to the new hyperlink logic and spider defense. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | spider-defense |
| Files: | files | file ages | folders |
| SHA1: |
d9c8a7dd73a7718527a8b95eb6971b05 |
| User & Date: | drh 2012-04-28 08:03:56.868 |
Context
|
2012-04-28
| ||
| 08:05 | Move the enhanced spider-defense mechanism into the trunk. ... (check-in: 433cde1ce8 user: drh tags: trunk) | |
| 08:03 | Refinements to the new hyperlink logic and spider defense. ... (Closed-Leaf check-in: d9c8a7dd73 user: drh tags: spider-defense) | |
| 07:15 | Changes anchor tags (<a>) so that the href= attribute can be set by javascript rather than by HTML. This is to make it harder for spiders to follow the hyperlinks to every diff and annotation in the project history. It all seems to work, but it needs further testing and review before going live. ... (check-in: 8ae52fc418 user: drh tags: spider-defense) | |
Changes
Changes to src/attach.c.
| ︙ | ︙ | |||
73 74 75 76 77 78 79 |
for(i=0; zFilename[i]; i++){
if( zFilename[i]=='/' && zFilename[i+1]!=0 ){
zFilename = &zFilename[i+1];
i = -1;
}
}
if( strlen(zTarget)==UUID_SIZE && validate16(zTarget,UUID_SIZE) ){
| | | | 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
for(i=0; zFilename[i]; i++){
if( zFilename[i]=='/' && zFilename[i+1]!=0 ){
zFilename = &zFilename[i+1];
i = -1;
}
}
if( strlen(zTarget)==UUID_SIZE && validate16(zTarget,UUID_SIZE) ){
zUrlTail = mprintf("tkt=%s&file=%t", zTarget, zFilename);
}else{
zUrlTail = mprintf("page=%t&file=%t", zTarget, zFilename);
}
@
@ <p><a href="/attachview?%s(zUrlTail)">%h(zFilename)</a>
@ [<a href="/attachdownload/%t(zFilename)?%s(zUrlTail)">download</a>]<br />
if( zComment ) while( fossil_isspace(zComment[0]) ) zComment++;
if( zComment && zComment[0] ){
@ %w(zComment)<br />
|
| ︙ | ︙ |
Changes to src/browse.c.
| ︙ | ︙ | |||
75 76 77 78 79 80 81 |
*/
void hyperlinked_path(const char *zPath, Blob *pOut, const char *zCI){
int i, j;
char *zSep = "";
for(i=0; zPath[i]; i=j){
for(j=i; zPath[j] && zPath[j]!='/'; j++){}
| | | | 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 |
*/
void hyperlinked_path(const char *zPath, Blob *pOut, const char *zCI){
int i, j;
char *zSep = "";
for(i=0; zPath[i]; i=j){
for(j=i; zPath[j] && zPath[j]!='/'; j++){}
if( zPath[j] && g.perm.Hyperlink ){
if( zCI ){
char *zLink = href("%R/dir?ci=%S&name=%#T", zCI, j, zPath);
blob_appendf(pOut, "%s%z%#h</a>",
zSep, zLink, j-i, &zPath[i]);
}else{
char *zLink = href("%R/dir?name=%#T", j, zPath);
blob_appendf(pOut, "%s%z%#h</a>",
zSep, zLink, j-i, &zPath[i]);
}
|
| ︙ | ︙ | |||
118 119 120 121 122 123 124 | int rid = 0; char *zUuid = 0; Blob dirname; Manifest *pM = 0; const char *zSubdirLink; login_check_credentials(); | | | 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 |
int rid = 0;
char *zUuid = 0;
Blob dirname;
Manifest *pM = 0;
const char *zSubdirLink;
login_check_credentials();
if( !g.perm.Hyperlink ){ login_needed(); return; }
while( nD>1 && zD[nD-2]=='/' ){ zD[(--nD)-1] = 0; }
style_header("File List");
sqlite3_create_function(g.db, "pathelement", 2, SQLITE_UTF8, 0,
pathelementFunc, 0, 0);
/* If the name= parameter is an empty string, make it a NULL pointer */
if( zD && strlen(zD)==0 ){ zD = 0; }
|
| ︙ | ︙ | |||
157 158 159 160 161 162 163 |
}
if( zCI ){
char zShort[20];
memcpy(zShort, zUuid, 10);
zShort[10] = 0;
@ <h2>Files of check-in [%z(href("vinfo?name=%T",zUuid))%s(zShort)</a>]
@ %s(blob_str(&dirname))</h2>
| | | | | 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 |
}
if( zCI ){
char zShort[20];
memcpy(zShort, zUuid, 10);
zShort[10] = 0;
@ <h2>Files of check-in [%z(href("vinfo?name=%T",zUuid))%s(zShort)</a>]
@ %s(blob_str(&dirname))</h2>
zSubdirLink = mprintf("%R/dir?ci=%S&name=%T", zUuid, zPrefix);
if( zD ){
style_submenu_element("Top", "Top", "%R/dir?ci=%S", zUuid);
style_submenu_element("All", "All", "%R/dir?name=%t", zD);
}else{
style_submenu_element("All", "All", "%R/dir");
}
}else{
int hasTrunk;
@ <h2>The union of all files from all check-ins
@ %s(blob_str(&dirname))</h2>
hasTrunk = db_exists(
"SELECT 1 FROM tagxref WHERE tagid=%d AND value='trunk'",
TAG_BRANCH);
zSubdirLink = mprintf("%R/dir?name=%T", zPrefix);
if( zD ){
style_submenu_element("Top", "Top", "%R/dir");
style_submenu_element("Tip", "Tip", "%R/dir?name=%t&ci=tip", zD);
if( hasTrunk ){
style_submenu_element("Trunk", "Trunk", "%R/dir?name=%t&ci=trunk",
zD);
}
}else{
style_submenu_element("Tip", "Tip", "%R/dir?ci=tip");
if( hasTrunk ){
style_submenu_element("Trunk", "Trunk", "%R/dir?ci=trunk");
}
|
| ︙ | ︙ |
Changes to src/diffcmd.c.
| ︙ | ︙ | |||
539 540 541 542 543 544 545 |
diff_all_two_versions(zFrom, zTo, zDiffCmd, diffFlags);
}
}
}
/*
** WEBPAGE: vpatch
| | | 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 |
diff_all_two_versions(zFrom, zTo, zDiffCmd, diffFlags);
}
}
}
/*
** WEBPAGE: vpatch
** URL vpatch?from=UUID&to=UUID
*/
void vpatch_page(void){
const char *zFrom = P("from");
const char *zTo = P("to");
login_check_credentials();
if( !g.perm.Read ){ login_needed(); return; }
if( zFrom==0 || zTo==0 ) fossil_redirect_home();
|
| ︙ | ︙ |
Changes to src/event.c.
| ︙ | ︙ | |||
123 124 125 126 127 128 129 |
g.zTop, zEventId);
}
zETime = db_text(0, "SELECT datetime(%.17g)", pEvent->rEventDate);
style_submenu_element("Context", "Context", "%s/timeline?c=%T",
g.zTop, zETime);
if( g.perm.Hyperlink ){
if( showDetail ){
| | | | | | 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 |
g.zTop, zEventId);
}
zETime = db_text(0, "SELECT datetime(%.17g)", pEvent->rEventDate);
style_submenu_element("Context", "Context", "%s/timeline?c=%T",
g.zTop, zETime);
if( g.perm.Hyperlink ){
if( showDetail ){
style_submenu_element("Plain", "Plain", "%s/event?name=%s&aid=%s",
g.zTop, zEventId, zUuid);
if( nextRid ){
char *zNext;
zNext = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", nextRid);
style_submenu_element("Next", "Next",
"%s/event?name=%s&aid=%s&detail=1",
g.zTop, zEventId, zNext);
free(zNext);
}
if( prevRid ){
char *zPrev;
zPrev = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", prevRid);
style_submenu_element("Prev", "Prev",
"%s/event?name=%s&aid=%s&detail=1",
g.zTop, zEventId, zPrev);
free(zPrev);
}
}else{
style_submenu_element("Detail", "Detail",
"%s/event?name=%s&aid=%s&detail=1",
g.zTop, zEventId, zUuid);
}
}
if( showDetail && g.perm.Hyperlink ){
int i;
const char *zClr = 0;
|
| ︙ | ︙ |
Changes to src/finfo.c.
| ︙ | ︙ | |||
321 322 323 324 325 326 327 |
}else{
@ <b>Deleted</b> by check-in
}
hyperlink_to_uuid(zShortCkin);
@ %h(zCom) (user:
hyperlink_to_user(zUser, zDate, "");
@ branch: %h(zBr))
| | | | | 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 |
}else{
@ <b>Deleted</b> by check-in
}
hyperlink_to_uuid(zShortCkin);
@ %h(zCom) (user:
hyperlink_to_user(zUser, zDate, "");
@ branch: %h(zBr))
if( g.perm.Hyperlink && zUuid ){
const char *z = zFilename;
if( fpid ){
@ %z(href("%R/fdiff?v1=%s&v2=%s",zPUuid,zUuid))[diff]</a>
}
@ %z(href("%R/annotate?checkin=%S&filename=%h",zCkin,z))
@ [annotate]</a>
}
@ </td></tr>
}
db_finalize(&q);
if( pGraph ){
graph_finish(pGraph, 0);
|
| ︙ | ︙ |
Changes to src/info.c.
| ︙ | ︙ | |||
376 377 378 379 380 381 382 |
}
if( diffFlags ){
@ <pre style="white-space:pre;">
append_diff(zOld, zNew, diffFlags);
@ </pre>
}else if( zOld && zNew && fossil_strcmp(zOld,zNew)!=0 ){
@
| | | 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 |
}
if( diffFlags ){
@ <pre style="white-space:pre;">
append_diff(zOld, zNew, diffFlags);
@ </pre>
}else if( zOld && zNew && fossil_strcmp(zOld,zNew)!=0 ){
@
@ %z(href("%R/fdiff?v1=%S&v2=%S",zOld,zNew))[diff]</a>
}
@ </p>
}
}
/*
** Construct an appropriate diffFlag for text_diff() based on query
|
| ︙ | ︙ | |||
620 621 622 623 624 625 626 |
}else{
@ %z(xhref("class='button'","%R/vinfo/%T?sbs=0",zName))
@ show unified diffs</a>
@ %z(xhref("class='button'","%R/vinfo/%T?sbs=1",zName))
@ show side-by-side diffs</a>
}
}
| | | 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 |
}else{
@ %z(xhref("class='button'","%R/vinfo/%T?sbs=0",zName))
@ show unified diffs</a>
@ %z(xhref("class='button'","%R/vinfo/%T?sbs=1",zName))
@ show side-by-side diffs</a>
}
}
@ %z(xhref("class='button'","%R/vpatch?from=%S&to=%S",zParent,zUuid))
@ patch</a></div>
db_prepare(&q,
"SELECT name,"
" mperm,"
" (SELECT uuid FROM blob WHERE rid=mlink.pid),"
" (SELECT uuid FROM blob WHERE rid=mlink.fid),"
" (SELECT name FROM filename WHERE filename.fnid=mlink.pfnid)"
|
| ︙ | ︙ | |||
790 791 792 793 794 795 796 | } db_finalize(&q); } /* ** WEBPAGE: vdiff | | | 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 |
}
db_finalize(&q);
}
/*
** WEBPAGE: vdiff
** URL: /vdiff?from=UUID&to=UUID&detail=BOOLEAN;sbs=BOOLEAN
**
** Show all differences between two checkins.
*/
void vdiff_page(void){
int ridFrom, ridTo;
int showDetail = 0;
int sideBySide = 0;
|
| ︙ | ︙ | |||
1256 1257 1258 1259 1260 1261 1262 |
rid = name_to_rid_www("name");
login_check_credentials();
if( !g.perm.Read ){ login_needed(); return; }
if( rid==0 ) fossil_redirect_home();
if( g.perm.Admin ){
const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
| | | 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 |
rid = name_to_rid_www("name");
login_check_credentials();
if( !g.perm.Read ){ login_needed(); return; }
if( rid==0 ) fossil_redirect_home();
if( g.perm.Admin ){
const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
style_submenu_element("Unshun","Unshun", "%s/shun?uuid=%s&sub=1",
g.zTop, zUuid);
}else{
style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
g.zTop, zUuid);
}
}
style_header("Hex Artifact Content");
|
| ︙ | ︙ | |||
1403 1404 1405 1406 1407 1408 1409 |
login_check_credentials();
if( !g.perm.Read ){ login_needed(); return; }
if( rid==0 ) fossil_redirect_home();
if( g.perm.Admin ){
const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
| | | 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 |
login_check_credentials();
if( !g.perm.Read ){ login_needed(); return; }
if( rid==0 ) fossil_redirect_home();
if( g.perm.Admin ){
const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
style_submenu_element("Unshun","Unshun", "%s/shun?uuid=%s&sub=1",
g.zTop, zUuid);
}else{
style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
g.zTop, zUuid);
}
}
style_header("Artifact Content");
|
| ︙ | ︙ | |||
1462 1463 1464 1465 1466 1467 1468 |
output_text_with_line_numbers(z, zLn);
}else{
@ <pre>
@ %h(z)
@ </pre>
}
}else if( strncmp(zMime, "image/", 6)==0 ){
| | | 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 |
output_text_with_line_numbers(z, zLn);
}else{
@ <pre>
@ %h(z)
@ </pre>
}
}else if( strncmp(zMime, "image/", 6)==0 ){
@ <img src="%s(g.zTop)/raw?name=%s(zUuid)&m=%s(zMime)"></img>
}else{
@ <i>(file is %d(blob_size(&content)) bytes of binary data)</i>
}
@ </blockquote>
}
style_footer();
}
|
| ︙ | ︙ | |||
1491 1492 1493 1494 1495 1496 1497 |
login_check_credentials();
if( !g.perm.RdTkt ){ login_needed(); return; }
rid = name_to_rid_www("name");
if( rid==0 ){ fossil_redirect_home(); }
zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
if( g.perm.Admin ){
if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
| | | 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 |
login_check_credentials();
if( !g.perm.RdTkt ){ login_needed(); return; }
rid = name_to_rid_www("name");
if( rid==0 ){ fossil_redirect_home(); }
zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
if( g.perm.Admin ){
if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
style_submenu_element("Unshun","Unshun", "%s/shun?uuid=%s&sub=1",
g.zTop, zUuid);
}else{
style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
g.zTop, zUuid);
}
}
pTktChng = manifest_get(rid, CFTYPE_TICKET);
|
| ︙ | ︙ |
Changes to src/json_dir.c.
| ︙ | ︙ | |||
64 65 66 67 68 69 70 | char const * zDX = NULL; int nD; char * zUuid = NULL; char const * zCI = NULL; Manifest * pM = NULL; Stmt q = empty_Stmt; int rid = 0; | | | 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 |
char const * zDX = NULL;
int nD;
char * zUuid = NULL;
char const * zCI = NULL;
Manifest * pM = NULL;
Stmt q = empty_Stmt;
int rid = 0;
if( !g.perm.Hyperlink ){
json_set_err(FSL_JSON_E_DENIED, "Requires 'h' permissions.");
return NULL;
}
zCI = json_find_option_cstr("checkin",NULL,"ci" );
/* If a specific check-in is requested, fetch and parse it. If the
** specific check-in does not exist, clear zCI. zCI==0 will cause all
|
| ︙ | ︙ |
Changes to src/json_timeline.c.
| ︙ | ︙ | |||
51 52 53 54 55 56 57 |
*/
cson_value * json_page_timeline(){
#if 0
/* The original timeline code does not require 'h' access,
but it arguably should. For JSON mode i think one could argue
that History permissions are required.
*/
| | | 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 |
*/
cson_value * json_page_timeline(){
#if 0
/* The original timeline code does not require 'h' access,
but it arguably should. For JSON mode i think one could argue
that History permissions are required.
*/
if(! g.perm.Hyperlink && !g.perm.Read ){
json_set_err(FSL_JSON_E_DENIED, "Timeline requires 'h' or 'o' access.");
return NULL;
}
#endif
return json_page_dispatch_helper(&JsonPageDefs_Timeline[0]);
}
|
| ︙ | ︙ | |||
424 425 426 427 428 429 430 | cson_value * listV = NULL; cson_array * list = NULL; int check = 0; char showFiles = -1/*magic number*/; Stmt q = empty_Stmt; char warnRowToJsonFailed = 0; Blob sql = empty_blob; | | | 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 |
cson_value * listV = NULL;
cson_array * list = NULL;
int check = 0;
char showFiles = -1/*magic number*/;
Stmt q = empty_Stmt;
char warnRowToJsonFailed = 0;
Blob sql = empty_blob;
if( !g.perm.Hyperlink ){
/* Reminder to self: HTML impl requires 'o' (Read)
rights.
*/
json_set_err( FSL_JSON_E_DENIED, "Checkin timeline requires 'h' access." );
return NULL;
}
showFiles = json_find_option_bool("files",NULL,"f",0);
|
| ︙ | ︙ |
Changes to src/json_wiki.c.
| ︙ | ︙ | |||
490 491 492 493 494 495 496 | int argPos = g.json.dispatchDepth; int r1 = 0, r2 = 0; Manifest * pW1 = NULL, *pW2 = NULL; Blob w1 = empty_blob, w2 = empty_blob, d = empty_blob; char const * zErrTag = NULL; int diffFlags; char * zUuid = NULL; | | | 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 |
int argPos = g.json.dispatchDepth;
int r1 = 0, r2 = 0;
Manifest * pW1 = NULL, *pW2 = NULL;
Blob w1 = empty_blob, w2 = empty_blob, d = empty_blob;
char const * zErrTag = NULL;
int diffFlags;
char * zUuid = NULL;
if( !g.perm.Hyperlink ){
json_set_err(FSL_JSON_E_DENIED,
"Requires 'h' permissions.");
return NULL;
}
zV1 = json_find_option_cstr2( "v1",NULL, NULL, ++argPos );
|
| ︙ | ︙ |
Changes to src/login.c.
| ︙ | ︙ | |||
560 561 562 563 564 565 566 |
*/
login_set_user_cookie(zUsername, uid, NULL);
redirect_to_g();
}
}
style_header("Login/Logout");
@ %s(zErrMsg)
| | | 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 |
*/
login_set_user_cookie(zUsername, uid, NULL);
redirect_to_g();
}
}
style_header("Login/Logout");
@ %s(zErrMsg)
if( zGoto && P("anon")==0 ){
@ <p>A login is required for <a href="%h(zGoto)">%h(zGoto)</a>.</p>
}
@ <form action="login" method="post">
if( zGoto ){
@ <input type="hidden" name="g" value="%h(zGoto)" />
}
@ <table class="login_out">
|
| ︙ | ︙ | |||
909 910 911 912 913 914 915 |
if( fossil_strcmp(g.zLogin,"nobody")==0 ){
g.zLogin = 0;
}
/* Set the capabilities */
login_replace_capabilities(zCap, 0);
login_set_anon_nobody_capabilities();
| | | > | 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 |
if( fossil_strcmp(g.zLogin,"nobody")==0 ){
g.zLogin = 0;
}
/* Set the capabilities */
login_replace_capabilities(zCap, 0);
login_set_anon_nobody_capabilities();
if( zCap[0] && !g.perm.Hyperlink
&& db_get_boolean("auto-enable-hyperlinks",1)
&& isHuman(P("HTTP_USER_AGENT")) ){
g.perm.Hyperlink = 1;
g.javascriptHyperlink = 1;
}
/* If the public-pages glob pattern is defined and REQUEST_URI matches
** one of the globs in public-pages, then also add in all default-perms
** permissions.
*/
zPublicPages = db_get("public-pages",0);
|
| ︙ | ︙ | |||
972 973 974 975 976 977 978 |
if(NULL==zCap){
return;
}
for(i=0; zCap[i]; i++){
switch( zCap[i] ){
case 's': g.perm.Setup = 1; /* Fall thru into Admin */
case 'a': g.perm.Admin = g.perm.RdTkt = g.perm.WrTkt = g.perm.Zip =
| | | | | | < | | 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 |
if(NULL==zCap){
return;
}
for(i=0; zCap[i]; i++){
switch( zCap[i] ){
case 's': g.perm.Setup = 1; /* Fall thru into Admin */
case 'a': g.perm.Admin = g.perm.RdTkt = g.perm.WrTkt = g.perm.Zip =
g.perm.RdWiki = g.perm.WrWiki = g.perm.NewWiki =
g.perm.ApndWiki = g.perm.Hyperlink = g.perm.Clone =
g.perm.NewTkt = g.perm.Password = g.perm.RdAddr =
g.perm.TktFmt = g.perm.Attach = g.perm.ApndTkt = 1;
/* Fall thru into Read/Write */
case 'i': g.perm.Read = g.perm.Write = 1; break;
case 'o': g.perm.Read = 1; break;
case 'z': g.perm.Zip = 1; break;
case 'd': g.perm.Delete = 1; break;
case 'h': g.perm.Hyperlink = 1; break;
case 'g': g.perm.Clone = 1; break;
case 'p': g.perm.Password = 1; break;
case 'j': g.perm.RdWiki = 1; break;
case 'k': g.perm.WrWiki = g.perm.RdWiki = g.perm.ApndWiki =1; break;
case 'm': g.perm.ApndWiki = 1; break;
case 'f': g.perm.NewWiki = 1; break;
|
| ︙ | ︙ | |||
1053 1054 1055 1056 1057 1058 1059 |
case 'a': rc = g.perm.Admin; break;
case 'b': rc = g.perm.Attach; break;
case 'c': rc = g.perm.ApndTkt; break;
case 'd': rc = g.perm.Delete; break;
case 'e': rc = g.perm.RdAddr; break;
case 'f': rc = g.perm.NewWiki; break;
case 'g': rc = g.perm.Clone; break;
| | < | 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 |
case 'a': rc = g.perm.Admin; break;
case 'b': rc = g.perm.Attach; break;
case 'c': rc = g.perm.ApndTkt; break;
case 'd': rc = g.perm.Delete; break;
case 'e': rc = g.perm.RdAddr; break;
case 'f': rc = g.perm.NewWiki; break;
case 'g': rc = g.perm.Clone; break;
case 'h': rc = g.perm.Hyperlink; break;
case 'i': rc = g.perm.Write; break;
case 'j': rc = g.perm.RdWiki; break;
case 'k': rc = g.perm.WrWiki; break;
case 'm': rc = g.perm.ApndWiki; break;
case 'n': rc = g.perm.NewTkt; break;
case 'o': rc = g.perm.Read; break;
case 'p': rc = g.perm.Password; break;
/* case 'q': */
case 'r': rc = g.perm.RdTkt; break;
case 's': rc = g.perm.Setup; break;
|
| ︙ | ︙ | |||
1129 1130 1131 1132 1133 1134 1135 |
cgi_redirect(mprintf("login?g=%T", zUrl));
/* NOTREACHED */
assert(0);
}
}
/*
| | | | | | 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 |
cgi_redirect(mprintf("login?g=%T", zUrl));
/* NOTREACHED */
assert(0);
}
}
/*
** Call this routine if the user lacks g.perm.Hyperlink permission. If
** the anonymous user has Hyperlink permission, then paint a mesage
** to inform the user that much more information is available by
** logging in as anonymous.
*/
void login_anonymous_available(void){
if( !g.perm.Hyperlink &&
db_exists("SELECT 1 FROM user"
" WHERE login='anonymous'"
" AND cap LIKE '%%h%%'") ){
const char *zUrl = PD("REQUEST_URI", "index");
@ <p>Many <span class="disabled">hyperlinks are disabled.</span><br />
@ Use <a href="%s(g.zTop)/login?anon=1&g=%T(zUrl)">anonymous login</a>
@ to enable hyperlinks.</p>
}
}
/*
** While rendering a form, call this routine to add the Anti-CSRF token
** as a hidden element of the form.
|
| ︙ | ︙ |
Changes to src/main.c.
| ︙ | ︙ | |||
49 50 51 52 53 54 55 | /* ** Maximum number of auxiliary parameters on reports */ #define MX_AUX 5 /* ** Holds flags for fossil user permissions. | < < < < < < < < | < | 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
/*
** Maximum number of auxiliary parameters on reports
*/
#define MX_AUX 5
/*
** Holds flags for fossil user permissions.
*/
struct FossilUserPerms {
char Setup; /* s: use Setup screens on web interface */
char Admin; /* a: administrative permission */
char Delete; /* d: delete wiki or tickets */
char Password; /* p: change password */
char Query; /* q: create new reports */
char Write; /* i: xfer inbound. checkin */
char Read; /* o: xfer outbound. checkout */
char Hyperlink; /* h: enable the display of hyperlinks */
char Clone; /* g: clone */
char RdWiki; /* j: view wiki via web */
char NewWiki; /* f: create new wiki via web */
char ApndWiki; /* m: append to wiki via web */
char WrWiki; /* k: edit wiki via web */
char RdTkt; /* r: view tickets via web */
char NewTkt; /* n: create new tickets */
char ApndTkt; /* c: append to tickets via the web */
char WrTkt; /* w: make changes to tickets via web */
char Attach; /* b: add attachments */
char TktFmt; /* t: create new ticket report formats */
char RdAddr; /* e: read email addresses or other private data */
char Zip; /* z: download zipped artifact via /zip URL */
char Private; /* x: can send and receive private content */
};
#ifdef FOSSIL_ENABLE_TCL
/*
** All Tcl related context information is in this structure. This structure
** definition has been copied from and should be kept in sync with the one in
** "th_tcl.c".
|
| ︙ | ︙ | |||
142 143 144 145 146 147 148 | FILE *httpIn; /* Accept HTTP input from here */ FILE *httpOut; /* Send HTTP output here */ int xlinkClusterOnly; /* Set when cloning. Only process clusters */ int fTimeFormat; /* 1 for UTC. 2 for localtime. 0 not yet selected */ int *aCommitFile; /* Array of files to be committed */ int markPrivate; /* All new artifacts are private if true */ int clockSkewSeen; /* True if clocks on client and server out of sync */ | | > | 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 | FILE *httpIn; /* Accept HTTP input from here */ FILE *httpOut; /* Send HTTP output here */ int xlinkClusterOnly; /* Set when cloning. Only process clusters */ int fTimeFormat; /* 1 for UTC. 2 for localtime. 0 not yet selected */ int *aCommitFile; /* Array of files to be committed */ int markPrivate; /* All new artifacts are private if true */ int clockSkewSeen; /* True if clocks on client and server out of sync */ char isHTTP; /* True if erver/CGI modes, else assume CLI. */ char javascriptHyperlink; /* If true, set href= using script, not HTML */ int urlIsFile; /* True if a "file:" url */ int urlIsHttps; /* True if a "https:" url */ int urlIsSsh; /* True if an "ssh:" url */ char *urlName; /* Hostname for http: or filename for file: */ char *urlHostname; /* The HOST: parameter on http headers */ char *urlProtocol; /* "http" or "https" */ |
| ︙ | ︙ |
Changes to src/report.c.
| ︙ | ︙ | |||
62 63 64 65 66 67 68 |
}
blob_appendf(&ril, " ");
if( g.perm.Write && zOwner && zOwner[0] ){
blob_appendf(&ril, "(by <i>%h</i></i>) ", zOwner);
}
if( g.perm.TktFmt ){
blob_appendf(&ril, "[%zcopy</a>] ",
| | | 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
}
blob_appendf(&ril, " ");
if( g.perm.Write && zOwner && zOwner[0] ){
blob_appendf(&ril, "(by <i>%h</i></i>) ", zOwner);
}
if( g.perm.TktFmt ){
blob_appendf(&ril, "[%zcopy</a>] ",
href("%R/rptedit?rn=%d©=1", rn));
}
if( g.perm.Admin
|| (g.perm.WrTkt && zOwner && fossil_strcmp(g.zLogin,zOwner)==0)
){
blob_appendf(&ril, "[%zedit</a>]",
href("%R/rptedit?rn=%d", rn));
}
|
| ︙ | ︙ | |||
417 418 419 420 421 422 423 |
zTitle = mprintf("Copy Of %s", zTitle);
zOwner = g.zLogin;
}
}
if( zOwner==0 ) zOwner = g.zLogin;
style_submenu_element("Cancel", "Cancel", "reportlist");
if( rn>0 ){
| | | 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 |
zTitle = mprintf("Copy Of %s", zTitle);
zOwner = g.zLogin;
}
}
if( zOwner==0 ) zOwner = g.zLogin;
style_submenu_element("Cancel", "Cancel", "reportlist");
if( rn>0 ){
style_submenu_element("Delete", "Delete", "rptedit?rn=%d&del1=1", rn);
}
style_header(rn>0 ? "Edit Report Format":"Create New Report Format");
if( zErr ){
@ <blockquote class="reportError">%h(zErr)</blockquote>
}
@ <form action="rptedit" method="post"><div>
@ <input type="hidden" name="rn" value="%d(rn)" />
|
| ︙ | ︙ | |||
946 947 948 949 950 951 952 |
count = 0;
if( !tabs ){
struct GenerateHTML sState;
db_multi_exec("PRAGMA empty_result_callbacks=ON");
style_submenu_element("Raw", "Raw",
| | | 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 |
count = 0;
if( !tabs ){
struct GenerateHTML sState;
db_multi_exec("PRAGMA empty_result_callbacks=ON");
style_submenu_element("Raw", "Raw",
"rptview?tablist=1&%h", PD("QUERY_STRING",""));
if( g.perm.Admin
|| (g.perm.TktFmt && g.zLogin && fossil_strcmp(g.zLogin,zOwner)==0) ){
style_submenu_element("Edit", "Edit", "rptedit?rn=%d", rn);
}
if( g.perm.TktFmt ){
style_submenu_element("SQL", "SQL", "rptsql?rn=%d",rn);
}
|
| ︙ | ︙ |
Changes to src/setup.c.
| ︙ | ︙ | |||
168 169 170 171 172 173 174 |
@ repository history</td></tr>
@ <tr><td valign="top"><b>i</b></td>
@ <td><i>Check-In:</i> Commit new versions in the repository</td></tr>
@ <tr><td valign="top"><b>j</b></td>
@ <td><i>Read-Wiki:</i> View wiki pages</td></tr>
@ <tr><td valign="top"><b>k</b></td>
@ <td><i>Write-Wiki:</i> Edit wiki pages</td></tr>
| < < < | 168 169 170 171 172 173 174 175 176 177 178 179 180 181 |
@ repository history</td></tr>
@ <tr><td valign="top"><b>i</b></td>
@ <td><i>Check-In:</i> Commit new versions in the repository</td></tr>
@ <tr><td valign="top"><b>j</b></td>
@ <td><i>Read-Wiki:</i> View wiki pages</td></tr>
@ <tr><td valign="top"><b>k</b></td>
@ <td><i>Write-Wiki:</i> Edit wiki pages</td></tr>
@ <tr><td valign="top"><b>m</b></td>
@ <td><i>Append-Wiki:</i> Append to wiki pages</td></tr>
@ <tr><td valign="top"><b>n</b></td>
@ <td><i>New-Tkt:</i> Create new tickets</td></tr>
@ <tr><td valign="top"><b>o</b></td>
@ <td><i>Check-Out:</i> Check out versions</td></tr>
@ <tr><td valign="top"><b>p</b></td>
|
| ︙ | ︙ | |||
249 250 251 252 253 254 255 |
/*
** WEBPAGE: /setup_uedit
*/
void user_edit(void){
const char *zId, *zLogin, *zInfo, *zCap, *zPw;
char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap;
| | | 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 |
/*
** WEBPAGE: /setup_uedit
*/
void user_edit(void){
const char *zId, *zLogin, *zInfo, *zCap, *zPw;
char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap;
char *oak, *oad, *oac, *oaf, *oam, *oah, *oag, *oae;
char *oat, *oau, *oav, *oab, *oax, *oaz;
const char *zGroup;
const char *zOldLogin;
char *inherit[128];
int doWrite;
int uid;
int higherUser = 0; /* True if user being edited is SETUP and the */
|
| ︙ | ︙ | |||
305 306 307 308 309 310 311 |
int ar = P("ar")!=0;
int as = g.perm.Setup && P("as")!=0;
int aw = P("aw")!=0;
int ac = P("ac")!=0;
int af = P("af")!=0;
int am = P("am")!=0;
int ah = P("ah")!=0;
| < < | 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 |
int ar = P("ar")!=0;
int as = g.perm.Setup && P("as")!=0;
int aw = P("aw")!=0;
int ac = P("ac")!=0;
int af = P("af")!=0;
int am = P("am")!=0;
int ah = P("ah")!=0;
int ag = P("ag")!=0;
int at = P("at")!=0;
int au = P("au")!=0;
int av = P("av")!=0;
int ax = P("ax")!=0;
int az = P("az")!=0;
if( aa ){ zCap[i++] = 'a'; }
if( ab ){ zCap[i++] = 'b'; }
if( ac ){ zCap[i++] = 'c'; }
if( ad ){ zCap[i++] = 'd'; }
if( ae ){ zCap[i++] = 'e'; }
if( af ){ zCap[i++] = 'f'; }
if( ah ){ zCap[i++] = 'h'; }
if( ag ){ zCap[i++] = 'g'; }
if( ai ){ zCap[i++] = 'i'; }
if( aj ){ zCap[i++] = 'j'; }
if( ak ){ zCap[i++] = 'k'; }
if( am ){ zCap[i++] = 'm'; }
if( an ){ zCap[i++] = 'n'; }
if( ao ){ zCap[i++] = 'o'; }
if( ap ){ zCap[i++] = 'p'; }
if( ar ){ zCap[i++] = 'r'; }
if( as ){ zCap[i++] = 's'; }
if( at ){ zCap[i++] = 't'; }
|
| ︙ | ︙ | |||
415 416 417 418 419 420 421 | /* Load the existing information about the user, if any */ zLogin = ""; zInfo = ""; zCap = ""; zPw = ""; | | < | 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 |
/* Load the existing information about the user, if any
*/
zLogin = "";
zInfo = "";
zCap = "";
zPw = "";
oaa = oab = oac = oad = oae = oaf = oag = oah = oai = oaj = oak = oam =
oan = oao = oap = oar = oas = oat = oau = oav = oaw = oax = oaz = "";
if( uid ){
zLogin = db_text("", "SELECT login FROM user WHERE uid=%d", uid);
zInfo = db_text("", "SELECT info FROM user WHERE uid=%d", uid);
zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", uid);
zPw = db_text("", "SELECT pw FROM user WHERE uid=%d", uid);
if( strchr(zCap, 'a') ) oaa = " checked=\"checked\"";
if( strchr(zCap, 'b') ) oab = " checked=\"checked\"";
if( strchr(zCap, 'c') ) oac = " checked=\"checked\"";
if( strchr(zCap, 'd') ) oad = " checked=\"checked\"";
if( strchr(zCap, 'e') ) oae = " checked=\"checked\"";
if( strchr(zCap, 'f') ) oaf = " checked=\"checked\"";
if( strchr(zCap, 'g') ) oag = " checked=\"checked\"";
if( strchr(zCap, 'h') ) oah = " checked=\"checked\"";
if( strchr(zCap, 'i') ) oai = " checked=\"checked\"";
if( strchr(zCap, 'j') ) oaj = " checked=\"checked\"";
if( strchr(zCap, 'k') ) oak = " checked=\"checked\"";
if( strchr(zCap, 'm') ) oam = " checked=\"checked\"";
if( strchr(zCap, 'n') ) oan = " checked=\"checked\"";
if( strchr(zCap, 'o') ) oao = " checked=\"checked\"";
if( strchr(zCap, 'p') ) oap = " checked=\"checked\"";
if( strchr(zCap, 'r') ) oar = " checked=\"checked\"";
if( strchr(zCap, 's') ) oas = " checked=\"checked\"";
if( strchr(zCap, 't') ) oat = " checked=\"checked\"";
|
| ︙ | ︙ | |||
529 530 531 532 533 534 535 |
@ <input type="checkbox" name="aa"%s(oaa) />%s(B('a'))Admin<br />
@ <input type="checkbox" name="ad"%s(oad) />%s(B('d'))Delete<br />
@ <input type="checkbox" name="ae"%s(oae) />%s(B('e'))Email<br />
@ <input type="checkbox" name="ap"%s(oap) />%s(B('p'))Password<br />
@ <input type="checkbox" name="ai"%s(oai) />%s(B('i'))Check-In<br />
@ <input type="checkbox" name="ao"%s(oao) />%s(B('o'))Check-Out<br />
@ <input type="checkbox" name="ah"%s(oah) />%s(B('h'))Hyperlinks<br />
| < | 523 524 525 526 527 528 529 530 531 532 533 534 535 536 |
@ <input type="checkbox" name="aa"%s(oaa) />%s(B('a'))Admin<br />
@ <input type="checkbox" name="ad"%s(oad) />%s(B('d'))Delete<br />
@ <input type="checkbox" name="ae"%s(oae) />%s(B('e'))Email<br />
@ <input type="checkbox" name="ap"%s(oap) />%s(B('p'))Password<br />
@ <input type="checkbox" name="ai"%s(oai) />%s(B('i'))Check-In<br />
@ <input type="checkbox" name="ao"%s(oao) />%s(B('o'))Check-Out<br />
@ <input type="checkbox" name="ah"%s(oah) />%s(B('h'))Hyperlinks<br />
@ <input type="checkbox" name="au"%s(oau) />%s(B('u'))Reader<br />
@ <input type="checkbox" name="av"%s(oav) />%s(B('v'))Developer<br />
@ <input type="checkbox" name="ag"%s(oag) />%s(B('g'))Clone<br />
@ <input type="checkbox" name="aj"%s(oaj) />%s(B('j'))Read Wiki<br />
@ <input type="checkbox" name="af"%s(oaf) />%s(B('f'))New Wiki<br />
@ <input type="checkbox" name="am"%s(oam) />%s(B('m'))Append Wiki<br />
@ <input type="checkbox" name="ak"%s(oak) />%s(B('k'))Write Wiki<br />
|
| ︙ | ︙ | |||
633 634 635 636 637 638 639 | @ delete anything at any time. @ </p></li> @ @ <li><p> @ The <span class="capability">Hyperlinks</span> privilege allows a user @ to see most hyperlinks. This is recommended ON for most logged-in users @ but OFF for user "nobody" to avoid problems with spiders trying to walk | | < < | 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 | @ delete anything at any time. @ </p></li> @ @ <li><p> @ The <span class="capability">Hyperlinks</span> privilege allows a user @ to see most hyperlinks. This is recommended ON for most logged-in users @ but OFF for user "nobody" to avoid problems with spiders trying to walk @ every diff and annotation of every historical check-in and file. @ </p></li> @ @ <li><p> @ The <span class="capability">Zip</span> privilege allows a user to @ see the "download as ZIP" @ hyperlink and permits access to the <tt>/zip</tt> page. This allows @ users to download ZIP archives without granting other rights like |
| ︙ | ︙ | |||
898 899 900 901 902 903 904 | @ <p>Fossil tries to limit out-bound sync, clone, and pull packets @ to this many bytes, uncompressed. If the client requires more data @ than this, then the client will issue multiple HTTP requests. @ Values below 1 million are not recommended. 5 million is a @ reasonable number.</p> @ <hr /> | > | | | | > > | > | < > > > > > | | 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 |
@ <p>Fossil tries to limit out-bound sync, clone, and pull packets
@ to this many bytes, uncompressed. If the client requires more data
@ than this, then the client will issue multiple HTTP requests.
@ Values below 1 million are not recommended. 5 million is a
@ reasonable number.</p>
@ <hr />
onoff_attribute(
"Enable hyperlinks for \"nobody\" based on User-Agent and Javascript",
"auto-enable-hyperlinks", "autohyperlink", 1);
@ <p>Enable hyperlinks (the equivalent of the "h" permission) for all users
@ including user "nobody", as long as (1) the User-Agent string in the
@ HTTP header indicates that the request is coming from an actual human
@ being and not a a robot or spider and (2) the user agent is able to
@ run Javascript in order to set the href= attribute of hyperlinks. Bots
@ and spiders can specify whatever User-Agent string they that want and
@ they can run javascript just like browsers. But most bots don't go to
@ that much trouble so this is normally an effective defense.</p>
@
@ <p>You do not normally want a bot to walk your entire repository because
@ if it does, your server will end up computing diffs and annotations for
@ every historical version of every file and creating ZIPs and tarballs of
@ every historical check-in, which can use a lot of CPU and bandwidth
@ even for relatively small projects.</p>
@ <hr />
entry_attribute("Public pages", 30, "public-pages",
"pubpage", "");
@ <p>A comma-separated list of glob patterns for pages that are accessible
@ without needing a login and using the privileges given by the
@ "Default privileges" setting below. Example use case: Set this field
|
| ︙ | ︙ |
Changes to src/style.c.
| ︙ | ︙ | |||
58 59 60 61 62 63 64 | /* ** Generate and return a anchor tag like this: ** ** <a href="URL"> ** or <a id="ID"> ** | | | | | | | | | > | | | | | 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 |
/*
** Generate and return a anchor tag like this:
**
** <a href="URL">
** or <a id="ID">
**
** The form of the anchor tag is determined by the g.javascriptHyperlink
** variable. The href="URL" form is used if g.javascriptHyperlink is false.
** If g.javascriptHyperlink is true then the
** id="ID" form is used and javascript is generated in the footer to cause
** href values to be inserted after the page has loaded. If
** g.perm.History is false, then the <a id="ID"> form is still
** generated but the javascript is not generated so the links never
** activate.
**
** Filling in the href="URL" using javascript is a defense against bots.
**
** The name of this routine is deliberately kept short so that can be
** easily used within @-lines. Example:
**
** @ %z(href("%R/artifact/%s",zUuid))%h(zFN)</a>
**
** Note %z format. The string returned by this function is always
** obtained from fossil_malloc() so rendering it with %z will reclaim
** that memory space.
**
** There are two versions of this routine: href() does a plain hyperlink
** and xhref() adds extra attribute text.
*/
char *xhref(const char *zExtra, const char *zFormat, ...){
char *zUrl;
va_list ap;
va_start(ap, zFormat);
zUrl = vmprintf(zFormat, ap);
va_end(ap);
if( g.perm.Hyperlink && !g.javascriptHyperlink ){
return mprintf("<a %s href=\"%z\">", zExtra, zUrl);
}
if( nHref>=nHrefAlloc ){
nHrefAlloc = nHrefAlloc*2 + 10;
aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0]));
}
aHref[nHref++] = zUrl;
return mprintf("<a %s id=%d>", zExtra, nHref);
}
char *href(const char *zFormat, ...){
char *zUrl;
va_list ap;
va_start(ap, zFormat);
zUrl = vmprintf(zFormat, ap);
va_end(ap);
if( g.perm.Hyperlink && !g.javascriptHyperlink ){
return mprintf("<a href=\"%z\">", zUrl);
}
if( nHref>=nHrefAlloc ){
nHrefAlloc = nHrefAlloc*2 + 10;
aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0]));
}
aHref[nHref++] = zUrl;
return mprintf("<a id=%d>", nHref);
}
/*
** Generate javascript that will set the href= attribute on all anchors.
*/
void style_resolve_href(void){
int i;
if( !g.perm.Hyperlink || !g.javascriptHyperlink || nHref==0 ) return;
@ <script>
for(i=0; i<nHref; i++){
@ document.getElementById(%d(i+1)).href="%s(aHref[i])";
}
@ </script>
}
|
| ︙ | ︙ |
Changes to src/timeline.c.
| ︙ | ︙ | |||
60 61 62 63 64 65 66 |
** Generate a hyperlink to a diff between two versions.
*/
void hyperlink_to_diff(const char *zV1, const char *zV2){
if( g.perm.Hyperlink ){
if( zV2==0 ){
@ %z(href("%R/diff?v2=%s",zV1))[diff]</a>
}else{
| | | 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 |
** Generate a hyperlink to a diff between two versions.
*/
void hyperlink_to_diff(const char *zV1, const char *zV2){
if( g.perm.Hyperlink ){
if( zV2==0 ){
@ %z(href("%R/diff?v2=%s",zV1))[diff]</a>
}else{
@ %z(href("%R/diff?v1=%s&v2=%s",zV1,zV2))[diff]</a>
}
}
}
/*
** Generate a hyperlink to a date & time.
*/
|
| ︙ | ︙ | |||
86 87 88 89 90 91 92 |
** events by that user. If the date+time is specified, then the timeline
** is centered on that date+time.
*/
void hyperlink_to_user(const char *zU, const char *zD, const char *zSuf){
if( zSuf==0 ) zSuf = "";
if( g.perm.Hyperlink ){
if( zD && zD[0] ){
| | | 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 |
** events by that user. If the date+time is specified, then the timeline
** is centered on that date+time.
*/
void hyperlink_to_user(const char *zU, const char *zD, const char *zSuf){
if( zSuf==0 ) zSuf = "";
if( g.perm.Hyperlink ){
if( zD && zD[0] ){
@ %z(href("%R/timeline?c=%T&u=%T",zD,zU))%h(zU)</a>%s(zSuf)
}else{
@ %z(href("%R/timeline?u=%T",zU))%h(zU)</a>%s(zSuf)
}
}else{
@ %s(zU)
}
}
|
| ︙ | ︙ | |||
1614 1615 1616 1617 1618 1619 1620 |
" FROM plink p, plink c, blob"
" WHERE p.cid=c.pid AND p.mtime>c.mtime"
" AND blob.rid=c.cid"
);
while( db_step(&q)==SQLITE_ROW ){
const char *zUuid = db_column_text(&q, 0);
@ <li>
| | | 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 |
" FROM plink p, plink c, blob"
" WHERE p.cid=c.pid AND p.mtime>c.mtime"
" AND blob.rid=c.cid"
);
while( db_step(&q)==SQLITE_ROW ){
const char *zUuid = db_column_text(&q, 0);
@ <li>
@ <a href="%s(g.zTop)/timeline?p=%S(zUuid)&d=%S(zUuid)">%S(zUuid)</a>
}
db_finalize(&q);
style_footer();
}
|
Changes to src/tkt.c.
| ︙ | ︙ | |||
317 318 319 320 321 322 323 |
}
if( g.perm.NewTkt ){
style_submenu_element("New Ticket", "Create a new ticket",
"%s/tktnew", g.zTop);
}
if( g.perm.ApndTkt && g.perm.Attach ){
style_submenu_element("Attach", "Add An Attachment",
| | | 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 |
}
if( g.perm.NewTkt ){
style_submenu_element("New Ticket", "Create a new ticket",
"%s/tktnew", g.zTop);
}
if( g.perm.ApndTkt && g.perm.Attach ){
style_submenu_element("Attach", "Add An Attachment",
"%s/attachadd?tkt=%T&from=%s/tktview/%t",
g.zTop, zUuid, g.zTop, zUuid);
}
style_header("View Ticket");
if( g.thTrace ) Th_Trace("BEGIN_TKTVIEW<br />\n", -1);
ticket_init();
initializeVariablesFromDb();
zScript = ticket_viewpage_code();
|
| ︙ | ︙ | |||
352 353 354 355 356 357 358 |
if( cnt==0 ){
@ <hr /><h2>Attachments:</h2>
@ <ul>
}
cnt++;
@ <li>
if( g.perm.Read && g.perm.Hyperlink ){
| | | | 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 |
if( cnt==0 ){
@ <hr /><h2>Attachments:</h2>
@ <ul>
}
cnt++;
@ <li>
if( g.perm.Read && g.perm.Hyperlink ){
@ %z(href("%R/attachview?tkt=%s&file=%t",zFullName,zFile))
@ %h(zFile)</a>
}else{
@ %h(zFile)
}
@ added by %h(zUser) on
hyperlink_to_date(zDate, ".");
if( g.perm.WrTkt && g.perm.Attach ){
@ [%z(href("%R/attachdelete?tkt=%s&file=%t&from=%R/tktview%%3fname=%s",zFullName,zFile,zFullName))delete</a>]
}
@ </li>
}
if( cnt ){
@ </ul>
}
db_finalize(&q);
|
| ︙ | ︙ | |||
645 646 647 648 649 650 651 |
}
}
return 0;
}
/*
** WEBPAGE: tkttimeline
| | | | 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 |
}
}
return 0;
}
/*
** WEBPAGE: tkttimeline
** URL: /tkttimeline?name=TICKETUUID&y=TYPE
**
** Show the change history for a single ticket in timeline format.
*/
void tkttimeline_page(void){
Stmt q;
char *zTitle;
char *zSQL;
const char *zUuid;
char *zFullUuid;
int tagid;
char zGlobPattern[50];
const char *zType;
login_check_credentials();
if( !g.perm.Hyperlink || !g.perm.RdTkt ){ login_needed(); return; }
zUuid = PD("name","");
zType = PD("y","a");
if( zType[0]!='c' ){
style_submenu_element("Check-ins", "Check-ins",
"%s/tkttimeline?name=%T&y=ci", g.zTop, zUuid);
}else{
style_submenu_element("Timeline", "Timeline",
"%s/tkttimeline?name=%T", g.zTop, zUuid);
}
style_submenu_element("History", "History",
"%s/tkthistory/%s", g.zTop, zUuid);
style_submenu_element("Status", "Status",
|
| ︙ | ︙ | |||
740 741 742 743 744 745 746 |
login_check_credentials();
if( !g.perm.Hyperlink || !g.perm.RdTkt ){ login_needed(); return; }
zUuid = PD("name","");
zTitle = mprintf("History Of Ticket %h", zUuid);
style_submenu_element("Status", "Status",
"%s/info/%s", g.zTop, zUuid);
style_submenu_element("Check-ins", "Check-ins",
| | | 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 |
login_check_credentials();
if( !g.perm.Hyperlink || !g.perm.RdTkt ){ login_needed(); return; }
zUuid = PD("name","");
zTitle = mprintf("History Of Ticket %h", zUuid);
style_submenu_element("Status", "Status",
"%s/info/%s", g.zTop, zUuid);
style_submenu_element("Check-ins", "Check-ins",
"%s/tkttimeline?name=%s&y=ci", g.zTop, zUuid);
style_submenu_element("Timeline", "Timeline",
"%s/tkttimeline?name=%s", g.zTop, zUuid);
style_header(zTitle);
free(zTitle);
tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",zUuid);
if( tagid==0 ){
|
| ︙ | ︙ |
Changes to src/wiki.c.
| ︙ | ︙ | |||
188 189 190 191 192 193 194 |
if( !g.isHome ){
if( (rid && g.perm.WrWiki) || (!rid && g.perm.NewWiki) ){
style_submenu_element("Edit", "Edit Wiki Page", "%s/wikiedit?name=%T",
g.zTop, zPageName);
}
if( rid && g.perm.ApndWiki && g.perm.Attach ){
style_submenu_element("Attach", "Add An Attachment",
| | | 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 |
if( !g.isHome ){
if( (rid && g.perm.WrWiki) || (!rid && g.perm.NewWiki) ){
style_submenu_element("Edit", "Edit Wiki Page", "%s/wikiedit?name=%T",
g.zTop, zPageName);
}
if( rid && g.perm.ApndWiki && g.perm.Attach ){
style_submenu_element("Attach", "Add An Attachment",
"%s/attachadd?page=%T&from=%s/wiki%%3fname=%T",
g.zTop, zPageName, g.zTop, zPageName);
}
if( rid && g.perm.ApndWiki ){
style_submenu_element("Append", "Add A Comment", "%s/wikiappend?name=%T",
g.zTop, zPageName);
}
if( g.perm.Hyperlink ){
|
| ︙ | ︙ | |||
222 223 224 225 226 227 228 |
if( cnt==0 ){
@ <hr /><h2>Attachments:</h2>
@ <ul>
}
cnt++;
@ <li>
if( g.perm.Hyperlink && g.perm.Read ){
| | | | 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 |
if( cnt==0 ){
@ <hr /><h2>Attachments:</h2>
@ <ul>
}
cnt++;
@ <li>
if( g.perm.Hyperlink && g.perm.Read ){
@ %z(href("%R/attachview?page=%T&file=%t",zPageName,zFile))
@ %h(zFile)</a>
}else{
@ %h(zFile)
}
@ added by %h(zUser) on
hyperlink_to_date(zDate, ".");
if( g.perm.WrWiki && g.perm.Attach ){
@ [%z(href("%R/attachdelete?page=%t&file=%t&from=%R/wiki%%3fname=%f",zPageName,zFile,zPageName))delete</a>]
}
@ </li>
}
if( cnt ){
@ </ul>
}
db_finalize(&q);
|
| ︙ | ︙ | |||
540 541 542 543 544 545 546 |
/*
** Function called to output extra text at the end of each line in
** a wiki history listing.
*/
static void wiki_history_extra(int rid){
if( db_exists("SELECT 1 FROM tagxref WHERE rid=%d", rid) ){
| | | 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 |
/*
** Function called to output extra text at the end of each line in
** a wiki history listing.
*/
static void wiki_history_extra(int rid){
if( db_exists("SELECT 1 FROM tagxref WHERE rid=%d", rid) ){
@ %z(href("%R/wdiff?name=%t&a=%d",zWikiPageName,rid))[diff]</a>
}
}
/*
** WEBPAGE: whistory
** URL: /whistory?name=PAGENAME
**
|
| ︙ | ︙ |
Changes to src/wikiformat.c.
| ︙ | ︙ | |||
1041 1042 1043 1044 1045 1046 1047 |
|| strncmp(zTarget, "https:", 6)==0
|| strncmp(zTarget, "ftp:", 4)==0
|| strncmp(zTarget, "mailto:", 7)==0
){
blob_appendf(p->pOut, "<a href=\"%s\">", zTarget);
/* zTerm = "⟾</a>"; // doesn't work on windows */
}else if( zTarget[0]=='/' ){
| < | < < < | 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 |
|| strncmp(zTarget, "https:", 6)==0
|| strncmp(zTarget, "ftp:", 4)==0
|| strncmp(zTarget, "mailto:", 7)==0
){
blob_appendf(p->pOut, "<a href=\"%s\">", zTarget);
/* zTerm = "⟾</a>"; // doesn't work on windows */
}else if( zTarget[0]=='/' ){
blob_appendf(p->pOut, "<a href=\"%s%h\">", g.zTop, zTarget);
}else if( zTarget[0]=='.' || zTarget[0]=='#' ){
if( 1 ){
blob_appendf(p->pOut, "<a href=\"%h\">", zTarget);
}else{
zTerm = "";
}
}else if( is_valid_uuid(zTarget) ){
|
| ︙ | ︙ |