Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Enhance the webpage_error() routine to show the complete calling environment to authorized users. Also, continuing work on forum. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | forum-v2 |
Files: | files | file ages | folders |
SHA3-256: |
5fcf49f104496abf290eeaf14c58be6b |
User & Date: | drh 2018-07-25 11:25:46.915 |
Context
2018-07-25
| ||
13:09 | Initial implementation of the forum reply screen. ... (check-in: c35fe945 user: drh tags: forum-v2) | |
11:25 | Enhance the webpage_error() routine to show the complete calling environment to authorized users. Also, continuing work on forum. ... (check-in: 5fcf49f1 user: drh tags: forum-v2) | |
2018-07-24
| ||
23:37 | Forum posts appear in the timeline. The /info command displays posts. ... (check-in: 449f06c2 user: drh tags: forum-v2) | |
Changes
Changes to src/forum.c.
︙ | ︙ | |||
45 46 47 48 49 50 51 | while( db_step(&q)==SQLITE_ROW ){ int fpid = db_column_int(&q, 0); int fprev = db_column_int(&q, 1); int firt = db_column_int(&q, 2); const char *zUuid = db_column_text(&q, 3); const char *zDate = db_column_text(&q, 4); Manifest *pPost = manifest_get(fpid, CFTYPE_FORUM, 0); | > | | > > > > > > > > > > > > | 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 | while( db_step(&q)==SQLITE_ROW ){ int fpid = db_column_int(&q, 0); int fprev = db_column_int(&q, 1); int firt = db_column_int(&q, 2); const char *zUuid = db_column_text(&q, 3); const char *zDate = db_column_text(&q, 4); Manifest *pPost = manifest_get(fpid, CFTYPE_FORUM, 0); if( pPost==0 ) continue; if( i>0 ){ @ <hr> } i++; @ <p>%d(fpid) %h(zUuid)<br> @ By %h(pPost->zUser) on %h(zDate) if( fprev ){ @ edit of %d(fprev) %h(pPost->azParent[0]) } if( firt ){ @ in reply to %d(firt) %h(pPost->zInReplyTo) } if( pPost->zThreadTitle ){ @ <h1>%h(pPost->zThreadTitle)</h1> } forum_render(pPost->zMimetype, pPost->zWiki); if( g.perm.WrForum ){ @ <p><form action="%R/forumedit" method="POST"> @ <input type="hidden" name="fpid" value="%s(zUuid)"> @ <input type="submit" name="reply" value="Reply"> if( g.perm.Admin || fossil_strcmp(pPost->zUser,g.zLogin)==0 ){ @ <input type="submit" name="edit" value="Edit"> } if( g.perm.ModForum && content_is_private(fpid) ){ @ <input type="submit" name="approve" value="Approve"> @ <input type="submit" name="reject" value="Reject"> } @ </form></p> } manifest_destroy(pPost); } db_finalize(&q); } /* ** WEBPAGE: forumthread |
︙ | ︙ | |||
258 259 260 261 262 263 264 | ** ** Edit an existing forum message. ** Query parameters: ** ** name=X Hash of the post to be editted. REQUIRED */ void forumedit_page(void){ | > > | > > > > > > > > > > | > > > > > > > > > > > > > > | 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 | ** ** Edit an existing forum message. ** Query parameters: ** ** name=X Hash of the post to be editted. REQUIRED */ void forumedit_page(void){ int fpid; Manifest *pPost; fpid = symbolic_name_to_rid(PD("fpid",""), "f"); login_check_credentials(); if( !g.perm.WrForum ){ login_needed(g.anon.WrForum); return; } if( fpid<=0 || (pPost = manifest_get(fpid, CFTYPE_FORUM, 0))==0 ){ webpage_error("Missing or invalid fpid query parameter"); return; } #if 0 if( g.perm.ModForum ){ if( P("approve") ){ } if( P("reject") ){ } } if( P("submit") ){ } if( P("edit") ){ } if( P("reply") ){ } style_footer(); #endif webpage_error("Not yet implemented"); } |
Changes to src/info.c.
︙ | ︙ | |||
976 977 978 979 980 981 982 | @ <div class="section">Content</div> blob_init(&wiki, pWiki->zWiki, -1); wiki_render_by_mimetype(&wiki, pWiki->zMimetype); blob_reset(&wiki); manifest_destroy(pWiki); | < < < < < < < < < < < < < < < | 976 977 978 979 980 981 982 983 984 985 986 987 988 989 | @ <div class="section">Content</div> blob_init(&wiki, pWiki->zWiki, -1); wiki_render_by_mimetype(&wiki, pWiki->zMimetype); blob_reset(&wiki); manifest_destroy(pWiki); style_footer(); } /* ** Find an check-in based on query parameter zParam and parse its ** manifest. Return the number of errors. */ |
︙ | ︙ |
Changes to src/style.c.
︙ | ︙ | |||
862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 | }else{ etag_check(0,0); } blob_init(&out, zTxt, -1); cgi_set_content(&out); } /* ** WEBPAGE: test_env ** ** Display CGI-variables and other aspects of the run-time ** environment, for debugging and trouble-shooting purposes. */ void page_test_env(void){ | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | > > > > > > > > > > > > > > > > > > > > > > > | | > > > > > > > > > > > > > > > > > | < | | | | > < < < < | < < < < | < | < < < < < < < < < < < < < < | 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 | }else{ etag_check(0,0); } blob_init(&out, zTxt, -1); cgi_set_content(&out); } /* ** All possible capabilities */ static const char allCap[] = "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKL"; /* ** Compute the current login capabilities */ static char *find_capabilities(char *zCap){ int i, j; char c; for(i=j=0; (c = allCap[j])!=0; j++){ if( login_has_capability(&c, 1, 0) ) zCap[i++] = c; } zCap[i] = 0; return zCap; } /* ** Compute the current login capabilities that were ** contributed by Anonymous */ static char *find_anon_capabilities(char *zCap){ int i, j; char c; for(i=j=0; (c = allCap[j])!=0; j++){ if( login_has_capability(&c, 1, LOGIN_ANON) && !login_has_capability(&c, 1, 0) ) zCap[i++] = c; } zCap[i] = 0; return zCap; } /* ** WEBPAGE: test_env ** ** Display CGI-variables and other aspects of the run-time ** environment, for debugging and trouble-shooting purposes. */ void page_test_env(void){ webpage_error(""); } /* ** WEBPAGE: honeypot ** This page is a honeypot for spiders and bots. */ void honeypot_page(void){ cgi_set_status(403, "Forbidden"); @ <p>Please enable javascript or log in to see this content</p> } /* ** Webpages that encounter an error due to missing or incorrect ** query parameters can jump to this routine to render an error ** message screen. ** ** For administators, or if the test_env_enable setting is true, then ** details of the request environment are displayed. Otherwise, just ** the error message is shown. ** ** If zFormat is an empty string, then this is the /test_env page. */ void webpage_error(const char *zFormat, ...){ int i; int showAll; char *zErr; int isAuth = 0; char zCap[100]; static const char *const azCgiVars[] = { "COMSPEC", "DOCUMENT_ROOT", "GATEWAY_INTERFACE", "HTTP_ACCEPT", "HTTP_ACCEPT_CHARSET", "HTTP_ACCEPT_ENCODING", "HTTP_ACCEPT_LANGUAGE", "HTTP_AUTHENICATION", "HTTP_CONNECTION", "HTTP_HOST", "HTTP_IF_NONE_MATCH", "HTTP_IF_MODIFIED_SINCE", "HTTP_USER_AGENT", "HTTP_REFERER", "PATH_INFO", "PATH_TRANSLATED", "QUERY_STRING", "REMOTE_ADDR", "REMOTE_PORT", "REMOTE_USER", "REQUEST_METHOD", "REQUEST_URI", "SCRIPT_FILENAME", "SCRIPT_NAME", "SERVER_PROTOCOL", "HOME", "FOSSIL_HOME", "USERNAME", "USER", "FOSSIL_USER", "SQLITE_TMPDIR", "TMPDIR", "TEMP", "TMP", "FOSSIL_VFS", "FOSSIL_FORCE_TICKET_MODERATION", "FOSSIL_FORCE_WIKI_MODERATION", "FOSSIL_TCL_PATH", "TH1_DELETE_INTERP", "TH1_ENABLE_DOCS", "TH1_ENABLE_HOOKS", "TH1_ENABLE_TCL", "REMOTE_HOST" }; login_check_credentials(); if( g.perm.Admin || g.perm.Setup || db_get_boolean("test_env_enable",0) ){ isAuth = 1; } for(i=0; i<count(azCgiVars); i++) (void)P(azCgiVars[i]); if( zFormat[0] ){ va_list ap; va_start(ap, zFormat); zErr = vmprintf(zFormat, ap); va_end(ap); style_header("Bad Request"); @ <h1>/%h(g.zPath): %h(zErr)</h1> fossil_free(zErr); showAll = 0; if( !isAuth ){ style_footer(); return; } }else if( !isAuth ){ login_needed(0); return; }else{ style_header("Environment Test"); showAll = PB("showall"); style_submenu_checkbox("showall", "Cookies", 0, 0); style_submenu_element("Stats", "%R/stat"); } #if !defined(_WIN32) @ uid=%d(getuid()), gid=%d(getgid())<br /> #endif @ g.zBaseURL = %h(g.zBaseURL)<br /> @ g.zHttpsURL = %h(g.zHttpsURL)<br /> @ g.zTop = %h(g.zTop)<br /> @ g.zPath = %h(g.zPath)<br /> @ g.userUid = %d(g.userUid)<br /> @ g.zLogin = %h(g.zLogin)<br /> @ g.isHuman = %d(g.isHuman)<br /> if( g.nRequest ){ @ g.nRequest = %d(g.nRequest)<br /> } if( g.nPendingRequest>1 ){ @ g.nPendingRequest = %d(g.nPendingRequest)<br /> } @ capabilities = %s(find_capabilities(zCap))<br /> if( zCap[0] ){ @ anonymous-adds = %s(find_anon_capabilities(zCap))<br /> } @ g.zRepositoryName = %h(g.zRepositoryName)<br /> @ load_average() = %f(load_average())<br /> @ cgi_csrf_safe(0) = %d(cgi_csrf_safe(0))<br /> @ <hr /> P("HTTP_USER_AGENT"); cgi_print_all(showAll, 0); if( showAll && blob_size(&g.httpHeader)>0 ){ @ <hr /> @ <pre> @ %h(blob_str(&g.httpHeader)) @ </pre> } style_footer(); } |