Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | The --localauth option should look at the original IP address, not the abbreviated IP address. Ticket [b99a342a31039df19]. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
e720f1115e9532a1393f6b6d0578b03e |
| User & Date: | drh 2011-04-14 11:50:02 |
Context
|
2011-04-14
| ||
| 14:23 | Factor the glob-pattern matching logic into a separate module. check-in: 289ea2a9 user: drh tags: trunk | |
| 11:50 | The --localauth option should look at the original IP address, not the abbreviated IP address. Ticket [b99a342a31039df19]. check-in: e720f111 user: drh tags: trunk | |
| 02:08 | Add a "diff" hyperlink after each file in the "Show Files" view of the timeline. check-in: 6d9bba56 user: drh tags: trunk | |
Changes
Changes to src/login.c.
544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 |
** g.userUid and g.zLogin and of the g.okRead family of permission
** booleans.
**
*/
void login_check_credentials(void){
int uid = 0; /* User id */
const char *zCookie; /* Text of the login cookie */
char *zRemoteAddr; /* IP address of the requestor */
const char *zCap = 0; /* Capability string */
/* Only run this check once. */
if( g.userUid!=0 ) return;
/* If the HTTP connection is coming over 127.0.0.1 and if
** local login is disabled and if we are using HTTP and not HTTPS,
** then there is no need to check user credentials.
**
** This feature allows the "fossil ui" command to give the user
** full access rights without having to log in.
*/
zRemoteAddr = ipPrefix(PD("REMOTE_ADDR","nil"));
if( strcmp(zRemoteAddr, "127.0.0.1")==0
&& g.useLocalauth
&& db_get_int("localauth",0)==0
&& P("HTTPS")==0
){
uid = db_int(0, "SELECT uid FROM user WHERE cap LIKE '%%s%%'");
g.zLogin = db_text("?", "SELECT login FROM user WHERE uid=%d", uid);
zCap = "sx";
|
> | | | |
544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 |
** g.userUid and g.zLogin and of the g.okRead family of permission
** booleans.
**
*/
void login_check_credentials(void){
int uid = 0; /* User id */
const char *zCookie; /* Text of the login cookie */
const char *zIpAddr; /* Raw IP address of the requestor */
char *zRemoteAddr; /* Abbreviated IP address of the requestor */
const char *zCap = 0; /* Capability string */
/* Only run this check once. */
if( g.userUid!=0 ) return;
/* If the HTTP connection is coming over 127.0.0.1 and if
** local login is disabled and if we are using HTTP and not HTTPS,
** then there is no need to check user credentials.
**
** This feature allows the "fossil ui" command to give the user
** full access rights without having to log in.
*/
zRemoteAddr = ipPrefix(zIpAddr = PD("REMOTE_ADDR","nil"));
if( strcmp(zIpAddr, "127.0.0.1")==0
&& g.useLocalauth
&& db_get_int("localauth",0)==0
&& P("HTTPS")==0
){
uid = db_int(0, "SELECT uid FROM user WHERE cap LIKE '%%s%%'");
g.zLogin = db_text("?", "SELECT login FROM user WHERE uid=%d", uid);
zCap = "sx";
|