Fossil

Check-in [6ae99418]
Login

Check-in [6ae99418]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix self-registration bug created by the enhanced CSRF defense changes.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 6ae9941860bfade68da6b096e4d7438ef18160e95423e9742272d173efb11d62
User & Date: drh 2023-09-29 12:53:49
Context
2023-09-29
13:33
merge in filter-branch-ls-by-user ... (check-in: d6cdd955 user: preben tags: trunk)
12:53
Fix self-registration bug created by the enhanced CSRF defense changes. ... (check-in: 6ae99418 user: drh tags: trunk)
2023-09-28
14:15
Update to the change log. ... (check-in: e3e28f43 user: drh tags: trunk)
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/login.c. 

1965
1966
1967
1968
1969
1970
1971

1972
1973
1974
1975
1976
1977
1978

  if( P("pwreset")!=0 && login_self_password_reset_available() ){
    /* The "Request Password Reset" button was pressed, so render the
    ** "Request Password Reset" page instead of this one. */
    login_reqpwreset_page();
    return;
  }
  zPerms = db_get("default-perms", "u");


  /* Prompt the user for email alerts if this repository is configured for
  ** email alerts and if the default permissions include "7" */
  canDoAlerts = alert_tables_exist() && (db_int(0,
    "SELECT fullcap(%Q) GLOB '*7*'", zPerms
  ) || db_get_boolean("selfreg-verify",0));
  doAlerts = canDoAlerts && atoi(PD("alerts","1"))!=0;








>








1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979

  if( P("pwreset")!=0 && login_self_password_reset_available() ){
    /* The "Request Password Reset" button was pressed, so render the
    ** "Request Password Reset" page instead of this one. */
    login_reqpwreset_page();
    return;
  }
  zPerms = db_get("default-perms", "u");
  login_check_credentials();

  /* Prompt the user for email alerts if this repository is configured for
  ** email alerts and if the default permissions include "7" */
  canDoAlerts = alert_tables_exist() && (db_int(0,
    "SELECT fullcap(%Q) GLOB '*7*'", zPerms
  ) || db_get_boolean("selfreg-verify",0));
  doAlerts = canDoAlerts && atoi(PD("alerts","1"))!=0;