Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Disallow creating users with empty login. Ticket [66ce1088]. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | dmitry-fixes |
| Files: | files | file ages | folders |
| SHA1: | e1ea6c26d05317f2fbd50e873512f8574544b6b2 |
| User & Date: | dmitry 2011-09-11 12:27:38 |
References
|
2011-09-12
| ||
| 19:44 | • Fixed ticket [66ce1088]: It is possible for the empty string to be a user id plus 2 other changes artifact: 026637e9 user: dmitry | |
Context
|
2011-09-11
| ||
| 13:57 | Fix three remaining instances of printing rebuild progress in CGI mode. Ticket [19be0265ff]. Closed-Leaf check-in: 2cd21f8d user: dmitry tags: dmitry-fixes | |
| 12:27 | Disallow creating users with empty login. Ticket [66ce1088]. check-in: e1ea6c26 user: dmitry tags: dmitry-fixes | |
| 12:26 | Fix typos in documentation. Tickets [09310d1a] and [806c4358]. check-in: 9150a8a2 user: dmitry tags: dmitry-fixes | |
Changes
Changes to src/setup.c.
333 334 335 336 337 338 339 340 341 342 343 344 345 346 |
if( aw ){ zCap[i++] = 'w'; }
if( ax ){ zCap[i++] = 'x'; }
if( az ){ zCap[i++] = 'z'; }
zCap[i] = 0;
zPw = P("pw");
zLogin = P("login");
if( isValidPwString(zPw) ){
zPw = sha1_shared_secret(zPw, zLogin, 0);
}else{
zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid);
}
zOldLogin = db_text(0, "SELECT login FROM user WHERE uid=%d", uid);
if( uid>0 &&
|
> > > > > > > > |
333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 |
if( aw ){ zCap[i++] = 'w'; }
if( ax ){ zCap[i++] = 'x'; }
if( az ){ zCap[i++] = 'z'; }
zCap[i] = 0;
zPw = P("pw");
zLogin = P("login");
if( strlen(zLogin)==0 ){
style_header("User Creation Error");
@ <span class="loginError">Empty login not allowed.</span>
@
@ <p><a href="setup_uedit?id=%d(uid)">[Bummer]</a></p>
style_footer();
return;
}
if( isValidPwString(zPw) ){
zPw = sha1_shared_secret(zPw, zLogin, 0);
}else{
zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid);
}
zOldLogin = db_text(0, "SELECT login FROM user WHERE uid=%d", uid);
if( uid>0 &&
|