Fossil

  { "mv-rm-files",      0,              0, 0, 0, "off"                 },
#endif
  { "pgp-command",      0,             40, 0, 0, "gpg --clearsign -o " },
  { "proxy",            0,             32, 0, 0, "off"                 },
  { "relative-paths",   0,              0, 0, 0, "on"                  },
  { "repo-cksum",       0,              0, 0, 0, "on"                  },
  { "self-register",    0,              0, 0, 0, "off"                 },
  { "register-group",   0,              0, 0, 0, "off"                 },
  { "ssh-command",      0,             40, 0, 0, ""                    },
  { "ssl-ca-location",  0,             40, 0, 0, ""                    },
  { "ssl-identity",     0,             40, 0, 0, ""                    },
#ifdef FOSSIL_ENABLE_TCL
  { "tcl",              0,              0, 0, 0, "off"                 },
  { "tcl-setup",        0,             40, 1, 1, ""                    },
#endif

**                     Disable on large repositories for a performance
**                     improvement.
**
**    self-register    Allow users to register themselves through the HTTP UI.
**                     This is useful if you want to see other names than
**                     "Anonymous" in e.g. ticketing system. On the other hand
**                     users can not be deleted. Default: off.
**
**    register-group   Apply the self-registration also to the login group if
**                     the repository is in a login group.
**
**    ssh-command      Command used to talk to a remote machine with
**                     the "ssh://" protocol.
**
**    ssl-ca-location  The full pathname to a file containing PEM encoded
**                     CA root certificates, or a directory of certificates
**                     with filenames formed from the certificate hashes as

        /* Here lies the reason I don't use zErrMsg - it would not substitute
         * this %s(zUsername), or at least I don't know how to force it to.*/
        @ <p><span class="loginError">
        @ %s(zUsername) already exists.
        @ </span></p>
      }else{
        char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login), 0);
        char *zErr = 0;
        int uid;
        db_multi_exec(
            "INSERT INTO user(login,pw,cap,info,mtime)"
            "VALUES(%B,%Q,%B,%B,strftime('%%s','now'))",
            &login, zPw, &caps, &contact
            );
        admin_log( "Registered user [%q] with capabilities [%q].",
                   blob_str(&login), blob_str(&caps) );
        if( login_group_name() && db_get_boolean("register-group", 0) ){
          login_group_apply(0, blob_str(&login), blob_str(&passwd), 
                            blob_str(&contact), blob_str(&caps), &zErr);
          admin_log( "Registered user [%q] in all login groups "
                     "with capabilities [%q].",
                     blob_str(&login), blob_str(&caps) );
        }
        free(zPw);

        if( zErr ){
          style_header("User Register Error");
          admin_log( "Error registering user '%q': %s'.", login, zErr );
          @ <p><span class="loginError">%s(zErr)</span></p>
          style_footer();
          fossil_free(zErr);
          return;
        }
        /* The user is registered, now just log him in. */
        uid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zUsername);
        login_set_user_cookie( zUsername, uid, NULL );
        redirect_to_g();

      }
    }
  }

  /* Prepare the captcha. */
  uSeed = captcha_seed();
  zDecoded = captcha_decode(uSeed);

  fossil_free(zSql);
  db_multi_exec(
    "DELETE FROM config "
    " WHERE name GLOB 'peer-*'"
    "    OR name GLOB 'login-group-*';"
  );
}

/*
** Apply user changes to the login group
**
** This routine will apply login information to repositories that are part
** of a login group.  If there is an error, memory will be allocated and an
** error string pointed to by pzErr which can be freed with fossil_free().
**
*/
void login_group_apply(
  const char *zOldLogin,     /* Old login name when changing login */
  const char *zLogin,        /* Login name to create or change */
  const char *zPw,           /* Password as shared secret */
  const char *zInfo,         /* Contact information for login */
  const char *zCap,          /* Capabilities to assign to login */
  char **pzErr               /* Variable in which error will be returned */
) {
  Blob sql;
  blob_zero(&sql);
  if( zOldLogin==0 ){
    blob_appendf(&sql,
      "INSERT INTO user(login)"
      "  SELECT %Q WHERE NOT EXISTS(SELECT 1 FROM user WHERE login=%Q);",
      zLogin, zLogin
    );
    zOldLogin = zLogin;
  }
  blob_appendf(&sql,
    "UPDATE user SET login=%Q,"
    "  pw=coalesce(shared_secret(%Q,%Q,"
            "(SELECT value FROM config WHERE name='project-code')),pw),"
    "  info=%Q,"
    "  cap=%Q,"
    "  mtime=now()"
    " WHERE login=%Q;",
    zLogin, zPw, zLogin, zInfo, zCap,
    zOldLogin
  );
  login_group_sql(blob_str(&sql), "<li> ", " </li>\n", pzErr);
  blob_reset(&sql);
}

       "REPLACE INTO user(uid,login,info,pw,cap,mtime) "
       "VALUES(nullif(%d,0),%Q,%Q,%Q,%Q,now())",
      uid, zLogin, P("info"), zPw, zCap
    );
    admin_log( "Updated user [%q] with capabilities [%q].",
               zLogin, zCap );
    if( atoi(PD("all","0"))>0 ){

      char *zErr = 0;





      login_group_apply(zOldLogin, zLogin, P("pw"), P("info"), zCap, &zErr);
















      admin_log( "Updated user [%q] in all login groups "
                 "with capabilities [%q].",
                 zLogin, zCap );
      if( zErr ){
        style_header("User Change Error");
        admin_log( "Error updating user '%q': %s'.", zLogin, zErr );
        @ <span class="loginError">%s(zErr)</span>