Fossil

Check-in [66f4caa3]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Improvements to the WWW interface.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:66f4caa379d2bf03ea15eee5ec96bac9044e4db2
User & Date: drh 2007-07-23 19:52:51
Context
2007-07-23
20:33
Work on network synchronization check-in: 75c476cc user: drh tags: trunk
19:52
Improvements to the WWW interface. check-in: 66f4caa3 user: drh tags: trunk
2007-07-22
12:00
Setup webpag updates. check-in: c4ec179b user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/info.c.

114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
...
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
*/
void vinfo_page(void){
  Stmt q;
  int rid;
  char cType;
  char *zType;

  style_header();
  rid = name_to_rid(g.zExtra);
  if( rid==0 ){
    @ No such object: %h(g.argv[2])
    style_footer();
    return;
  }
  db_prepare(&q,
................................................................................
  Record *p1, *p2;

  if( zV2==0 ){
    cgi_redirect("index");
  }
  vid2 = uuid_to_rid(zV2, 0);
  p2 = record_from_rid(vid2);
  style_header();
  if( zV1==0 ){
    zV1 = db_text(0, 
       "SELECT uuid FROM record WHERE rid="
       "  (SELECT a FROM link WHERE typecode='P' AND b=%d)", vid2);
  }
  if( zV1==0 ){
    @ <p>Content of







|







 







|







114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
...
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
*/
void vinfo_page(void){
  Stmt q;
  int rid;
  char cType;
  char *zType;

  style_header("Version Information");
  rid = name_to_rid(g.zExtra);
  if( rid==0 ){
    @ No such object: %h(g.argv[2])
    style_footer();
    return;
  }
  db_prepare(&q,
................................................................................
  Record *p1, *p2;

  if( zV2==0 ){
    cgi_redirect("index");
  }
  vid2 = uuid_to_rid(zV2, 0);
  p2 = record_from_rid(vid2);
  style_header("File Diff");
  if( zV1==0 ){
    zV1 = db_text(0, 
       "SELECT uuid FROM record WHERE rid="
       "  (SELECT a FROM link WHERE typecode='P' AND b=%d)", vid2);
  }
  if( zV1==0 ){
    @ <p>Content of

Changes to src/login.c.

105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
...
242
243
244
245
246
247
248


249



250
251
252
253
254

255
256
257


258
259
260
261
262
263
264
        "UPDATE user SET cookie=%Q, ipaddr=%Q, "
        "  cexpire=julianday('now')+%d/86400.0 WHERE uid=%d",
        zCookie, zIpAddr, expires, uid
      );
      cgi_redirect(zGoto);
    }
  }
  style_header();
  @ %s(zErrMsg)
  @ <form action="login" method="POST">
  if( P("g") ){
    @ <input type="hidden" name="nxp" value="%h(P("g"))">
  }
  @ <table align="left" hspace="10">
  @ <tr>
................................................................................
  for(i=0; zCap[i]; i++){
    switch( zCap[i] ){
      case 's':   g.okSetup = g.okDelete = 1;
      case 'a':   g.okAdmin = g.okRdTkt = g.okWrTkt = g.okQuery =
                              g.okRdWiki = g.okWrWiki =
                              g.okNewTkt = g.okPassword = 1;
      case 'i':   g.okRead = g.okWrite = 1;                     break;


      case 'd':   g.okDelete = 1;                               break;



      case 'j':   g.okRdWiki = 1;                               break;
      case 'k':   g.okWrWiki = g.okRdWiki = 1;                  break;
      case 'n':   g.okNewTkt = 1;                               break;
      case 'o':   g.okRead = 1;                                 break;
      case 'p':   g.okPassword = 1;                             break;

      case 'q':   g.okQuery = 1;                                break;
      case 'r':   g.okRdTkt = 1;                                break;
      case 'w':   g.okWrTkt = g.okRdTkt = g.okNewTkt = 1;       break;


    }
  }
}

/*
** Call this routine when the credential check fails.  It causes
** a redirect to the "login" page.







|







 







>
>

>
>
>

|
|
|
<
>
|
|
|
>
>







105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
...
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258

259
260
261
262
263
264
265
266
267
268
269
270
271
        "UPDATE user SET cookie=%Q, ipaddr=%Q, "
        "  cexpire=julianday('now')+%d/86400.0 WHERE uid=%d",
        zCookie, zIpAddr, expires, uid
      );
      cgi_redirect(zGoto);
    }
  }
  style_header("Login/Logout");
  @ %s(zErrMsg)
  @ <form action="login" method="POST">
  if( P("g") ){
    @ <input type="hidden" name="nxp" value="%h(P("g"))">
  }
  @ <table align="left" hspace="10">
  @ <tr>
................................................................................
  for(i=0; zCap[i]; i++){
    switch( zCap[i] ){
      case 's':   g.okSetup = g.okDelete = 1;
      case 'a':   g.okAdmin = g.okRdTkt = g.okWrTkt = g.okQuery =
                              g.okRdWiki = g.okWrWiki =
                              g.okNewTkt = g.okPassword = 1;
      case 'i':   g.okRead = g.okWrite = 1;                     break;
      case 'o':   g.okRead = 1;                                 break;

      case 'd':   g.okDelete = 1;                               break;
      case 'p':   g.okPassword = 1;                             break;
      case 'q':   g.okQuery = 1;                                break;

      case 'j':   g.okRdWiki = 1;                               break;
      case 'k':   g.okWrWiki = g.okRdWiki = g.okApndWiki =1;    break;
      case 'm':   g.okApndWiki = 1;                             break;
      case 'f':   g.okNewWiki = 1;                              break;


      case 'r':   g.okRdTkt = 1;                                break;
      case 'n':   g.okNewTkt = 1;                               break;
      case 'w':   g.okWrTkt = g.okRdTkt = g.okNewTkt =
                  g.okApndTkt = 1;                              break;
      case 'c':   g.okApndTkt = 1;                              break;
    }
  }
}

/*
** Call this routine when the credential check fails.  It causes
** a redirect to the "login" page.

Changes to src/main.c.

85
86
87
88
89
90
91


92
93
94


95
96
97
98
99
100
101
  
  /* permissions used by the server */
  int okRead;             /* xfer outbound */
  int okWrite;            /* xfer inbound */
  int okSetup;            /* use Setup screens on web interface */
  int okRdTkt;            /* view tickets via web */
  int okWrTkt;            /* make changes to tickets via web */


  int okRdWiki;           /* view wiki via web */
  int okWrWiki;           /* edit wiki via web */
  int okNewTkt;           /* create new tickets */


  int okPassword;         /* change password */
  int okAdmin;            /* administrative permission */
  int okDelete;           /* delete wiki or tickets */
  int okQuery;            /* create new reports */

  FILE *fDebug;           /* Write debug information here, if the file exists */
};







>
>


<
>
>







85
86
87
88
89
90
91
92
93
94
95

96
97
98
99
100
101
102
103
104
  
  /* permissions used by the server */
  int okRead;             /* xfer outbound */
  int okWrite;            /* xfer inbound */
  int okSetup;            /* use Setup screens on web interface */
  int okRdTkt;            /* view tickets via web */
  int okWrTkt;            /* make changes to tickets via web */
  int okNewTkt;           /* create new tickets */
  int okApndTkt;          /* append to tickets via the web */
  int okRdWiki;           /* view wiki via web */
  int okWrWiki;           /* edit wiki via web */

  int okNewWiki;          /* create new wiki via web */
  int okApndWiki;         /* append to wiki via web */
  int okPassword;         /* change password */
  int okAdmin;            /* administrative permission */
  int okDelete;           /* delete wiki or tickets */
  int okQuery;            /* create new reports */

  FILE *fDebug;           /* Write debug information here, if the file exists */
};

Changes to src/setup.c.

55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
..
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
...
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
...
204
205
206
207
208
209
210




211
212
213
214
215

216

217

218
219
220

221
222
223
224
225
226
227
...
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
...
253
254
255
256
257
258
259

260
261
262
263
264
265

266

267
268
269

270
271
272
273
274
275
276
277
278
279
280
281
282
283
284

285
286
287
288
289
290
291
292
293
...
303
304
305
306
307
308
309



310
311


312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
...
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
...
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
...
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
*/
void setup_page(void){
  login_check_credentials();
  if( !g.okSetup ){
    login_needed();
  }

  style_header();

  @ <h2>Setup</h2>
  @ <dl id="setup">
  menu_entry("Users", "setup_ulist",
    "Grant privileges to individual users.");
  menu_entry("Access", "setup_access",
    "Control access settings.");
  menu_entry("Configuration", "setup_config",
    "Configure the WWW components of the repository");
................................................................................
  login_check_credentials();
  if( !g.okWrite || g.isAnon ){
    login_needed();
    return;
  }

  style_submenu_element("Add", "Add User", "setup_uedit");
  style_header();
  @ <h2>List Of Users</h2>
  @ <hr>
  @ <table align="left" hspace="10" border="1" cellpadding="10"><tr><td>
  @ <table cellspacing=0 cellpadding=0 border=0>
  @ <tr>
  @   <th align="right">User&nbsp;ID</th>
  @   <th>&nbsp;&nbsp;&nbsp;Capabilities&nbsp;&nbsp;&nbsp;</th>
  @   <th>Contact&nbsp;Info</th>
  @ </tr>
................................................................................

/*
** WEBPAGE: /setup_uedit
*/
void user_edit(void){
  const char *zId, *zLogin, *zInfo, *zCap;
  char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap ;
  char *oak, *oad, *oaq;
  int doWrite;
  int uid;
  int higherUser = 0;  /* True if user being edited is SETUP and the */
                       /* user doing the editing is ADMIN.  Disallow editing */

  /* Must have ADMIN privleges to access this page
  */
................................................................................
    int an = P("an")!=0;
    int ao = P("ao")!=0;
    int ap = P("ap")!=0;
    int aq = P("aq")!=0;
    int ar = P("ar")!=0;
    int as = g.okSetup && P("as")!=0;
    int aw = P("aw")!=0;




    if( as ) aa = 1;
    if( aa ) ai = aw = ap = 1;
    if( aw ) an = ar = 1;
    if( ai ) ao = 1;
    if( ak ) aj = 1;

    if( aa ){ zCap[i++] = 'a'; }

    if( ad ){ zCap[i++] = 'd'; }

    if( ai ){ zCap[i++] = 'i'; }
    if( aj ){ zCap[i++] = 'j'; }
    if( ak ){ zCap[i++] = 'k'; }

    if( an ){ zCap[i++] = 'n'; }
    if( ao ){ zCap[i++] = 'o'; }
    if( ap ){ zCap[i++] = 'p'; }
    if( aq ){ zCap[i++] = 'q'; }
    if( ar ){ zCap[i++] = 'r'; }
    if( as ){ zCap[i++] = 's'; }
    if( aw ){ zCap[i++] = 'w'; }
................................................................................
    if( zPw==0 || zPw[0]==0 ){
      zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid);
    }
    zLogin = P("login");
    if( uid>0 && 
        db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d", zLogin, uid)
    ){
      style_header();
      @ <font color="red">Login "%h(zLogin)" is already used by a different
      @ user.</font>
      @
      @ <p><a href="setup_uedit?id=%d(uid))>[Bummer]</a></p>
      style_footer();
      return;
    }
................................................................................
  }

  /* Load the existing information about the user, if any
  */
  zLogin = "";
  zInfo = "";
  zCap = "";

  oaa = oad = oai = oaj = oak = oan = oao = oap = oaq = oar = oas = oaw = "";
  if( uid ){
    zLogin = db_text("", "SELECT login FROM user WHERE uid=%d", uid);
    zInfo = db_text("", "SELECT info FROM user WHERE uid=%d", uid);
    zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", uid);
    if( strchr(zCap, 'a') ) oaa = " checked";

    if( strchr(zCap, 'd') ) oad = " checked";

    if( strchr(zCap, 'i') ) oai = " checked";
    if( strchr(zCap, 'j') ) oaj = " checked";
    if( strchr(zCap, 'k') ) oak = " checked";

    if( strchr(zCap, 'n') ) oan = " checked";
    if( strchr(zCap, 'o') ) oao = " checked";
    if( strchr(zCap, 'p') ) oap = " checked";
    if( strchr(zCap, 'q') ) oaq = " checked";
    if( strchr(zCap, 'r') ) oar = " checked";
    if( strchr(zCap, 's') ) oas = " checked";
    if( strchr(zCap, 'w') ) oaw = " checked";
  }

  /* Begin generating the page
  */
  style_submenu_element("Cancel", "Cancel", "setup_ulist");
  style_header();
  if( uid ){
    @ <h2>Edit User %h(zLogin)</h2>

  }else{
    @ <h2>Add A New User</h2>
  }
  @ <table align="left" hspace="20" vspace="10"><tr><td>
  @ <form action="%s(g.zPath)" method="POST">
  @ <table>
  @ <tr>
  @   <td align="right"><nobr>User ID:</nobr></td>
  if( uid ){
................................................................................
  @ <tr>
  @   <td align="right"><nobr>Contact&nbsp;Info:</nobr></td>
  @   <td><input type="text" name="info" size=40 value="%h(zInfo)"></td>
  @ </tr>
  @ <tr>
  @   <td align="right" valign="top">Capabilities:</td>
  @   <td>



  @     <input type="checkbox" name="aa"%s(oaa)>Admin</input><br>
  @     <input type="checkbox" name="ad"%s(oad)>Delete</input><br>


  @     <input type="checkbox" name="ai"%s(oai)>Check-In</input><br>
  @     <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br>
  @     <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br>
  @     <input type="checkbox" name="an"%s(oan)>New Tkt</input><br>
  @     <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br>
  @     <input type="checkbox" name="ap"%s(oap)>Password</input><br>
  @     <input type="checkbox" name="aq"%s(oaq)>Query</input><br>
  @     <input type="checkbox" name="ar"%s(oar)>Read</input><br>
  if( g.okSetup ){
    @     <input type="checkbox" name="as"%s(oas)>Setup</input><br>
  }
  @     <input type="checkbox" name="aw"%s(oaw)>Write</input>
  @   </td>
  @ </tr>
  @ <tr>
  @   <td align="right">Password:</td>
  @   <td><input type="password" name="pw" value=""></td>
  @ </tr>
  if( !higherUser ){
................................................................................
  if( higherUser ){
    @ <li><p>
    @ User %h(zId) has Setup privileges and you only have Admin privileges
    @ so you are not permitted to make changes to %h(zId).
    @ </p></li>
    @
  }
  @ <li><p>
  @ The <b>Read</b> and <b>Write</b> privileges give the user the ability
  @ to read and write tickets.  The <b>New Tkt</b> capability means that
  @ the user is able to create new tickets.
  @ </p></li>
  @
  @ <li><p>
  @ The <b>Delete</b> privilege give the user the ability to erase
  @ wiki, tickets, and atttachments that have been added by anonymous
  @ users.  This capability is intended for deletion of spam.
  @ </p></li>
  @
................................................................................
*/
void setup_access(void){
  login_check_credentials();
  if( !g.okSetup ){
    login_needed();
  }

  style_header();
  db_begin_transaction();
  @ <h2>Access Control Settings</h2>
  @ <form action="%s(g.zBaseURL)/setup_access" method="POST">

  @ <hr>
  onoff_attribute("Require password for local access",
     "authenticate-localhost", "localauth", 1);
  @ <p>When enabled, the password sign-in is required for
  @ web access coming from 127.0.0.1.  When disabled, web access
................................................................................
*/
void setup_config(void){
  login_check_credentials();
  if( !g.okSetup ){
    login_needed();
  }

  style_header();
  db_begin_transaction();
  @ <h2>WWW Configuration</h2>
  @ <form action="%s(g.zBaseURL)/setup_config" method="POST">

  @ <hr>
  entry_attribute("Home page", 60, "homepage", "hp", "");
  @ <p>The name of a wiki file that is the homepage for the website.
  @ The home page is the page that is displayed by the "Home" link
  @ at the top of this screen.</p>







|
<
<







 







|
<
<







 







|







 







>
>
>
>





>

>

>



>







 







|







 







>
|





>

>



>












<

<
>

|







 







>
>
>


>
>

|
|
|
|
|
|
|
<
|
<
|







 







<
<
<
<
<







 







|

<







 







|

<







55
56
57
58
59
60
61
62


63
64
65
66
67
68
69
..
85
86
87
88
89
90
91
92


93
94
95
96
97
98
99
...
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
...
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
...
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
...
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289

290

291
292
293
294
295
296
297
298
299
300
...
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331

332

333
334
335
336
337
338
339
340
...
349
350
351
352
353
354
355





356
357
358
359
360
361
362
...
453
454
455
456
457
458
459
460
461

462
463
464
465
466
467
468
...
493
494
495
496
497
498
499
500
501

502
503
504
505
506
507
508
*/
void setup_page(void){
  login_check_credentials();
  if( !g.okSetup ){
    login_needed();
  }

  style_header("Setup");


  @ <dl id="setup">
  menu_entry("Users", "setup_ulist",
    "Grant privileges to individual users.");
  menu_entry("Access", "setup_access",
    "Control access settings.");
  menu_entry("Configuration", "setup_config",
    "Configure the WWW components of the repository");
................................................................................
  login_check_credentials();
  if( !g.okWrite || g.isAnon ){
    login_needed();
    return;
  }

  style_submenu_element("Add", "Add User", "setup_uedit");
  style_header("User List");


  @ <table align="left" hspace="10" border="1" cellpadding="10"><tr><td>
  @ <table cellspacing=0 cellpadding=0 border=0>
  @ <tr>
  @   <th align="right">User&nbsp;ID</th>
  @   <th>&nbsp;&nbsp;&nbsp;Capabilities&nbsp;&nbsp;&nbsp;</th>
  @   <th>Contact&nbsp;Info</th>
  @ </tr>
................................................................................

/*
** WEBPAGE: /setup_uedit
*/
void user_edit(void){
  const char *zId, *zLogin, *zInfo, *zCap;
  char *oaa, *oas, *oar, *oaw, *oan, *oai, *oaj, *oao, *oap ;
  char *oak, *oad, *oaq, *oac, *oaf, *oam;
  int doWrite;
  int uid;
  int higherUser = 0;  /* True if user being edited is SETUP and the */
                       /* user doing the editing is ADMIN.  Disallow editing */

  /* Must have ADMIN privleges to access this page
  */
................................................................................
    int an = P("an")!=0;
    int ao = P("ao")!=0;
    int ap = P("ap")!=0;
    int aq = P("aq")!=0;
    int ar = P("ar")!=0;
    int as = g.okSetup && P("as")!=0;
    int aw = P("aw")!=0;
    int ac = P("ac")!=0;
    int af = P("af")!=0;
    int am = P("am")!=0;
#if 0
    if( as ) aa = 1;
    if( aa ) ai = aw = ap = 1;
    if( aw ) an = ar = 1;
    if( ai ) ao = 1;
    if( ak ) aj = 1;
#endif
    if( aa ){ zCap[i++] = 'a'; }
    if( ac ){ zCap[i++] = 'c'; }
    if( ad ){ zCap[i++] = 'd'; }
    if( af ){ zCap[i++] = 'f'; }
    if( ai ){ zCap[i++] = 'i'; }
    if( aj ){ zCap[i++] = 'j'; }
    if( ak ){ zCap[i++] = 'k'; }
    if( am ){ zCap[i++] = 'm'; }
    if( an ){ zCap[i++] = 'n'; }
    if( ao ){ zCap[i++] = 'o'; }
    if( ap ){ zCap[i++] = 'p'; }
    if( aq ){ zCap[i++] = 'q'; }
    if( ar ){ zCap[i++] = 'r'; }
    if( as ){ zCap[i++] = 's'; }
    if( aw ){ zCap[i++] = 'w'; }
................................................................................
    if( zPw==0 || zPw[0]==0 ){
      zPw = db_text(0, "SELECT pw FROM user WHERE uid=%d", uid);
    }
    zLogin = P("login");
    if( uid>0 && 
        db_exists("SELECT 1 FROM user WHERE login=%Q AND uid!=%d", zLogin, uid)
    ){
      style_header("User Creation Error");
      @ <font color="red">Login "%h(zLogin)" is already used by a different
      @ user.</font>
      @
      @ <p><a href="setup_uedit?id=%d(uid))>[Bummer]</a></p>
      style_footer();
      return;
    }
................................................................................
  }

  /* Load the existing information about the user, if any
  */
  zLogin = "";
  zInfo = "";
  zCap = "";
  oaa = oac = oad = oaf = oai = oaj = oak = oam =
        oan = oao = oap = oaq = oar = oas = oaw = "";
  if( uid ){
    zLogin = db_text("", "SELECT login FROM user WHERE uid=%d", uid);
    zInfo = db_text("", "SELECT info FROM user WHERE uid=%d", uid);
    zCap = db_text("", "SELECT cap FROM user WHERE uid=%d", uid);
    if( strchr(zCap, 'a') ) oaa = " checked";
    if( strchr(zCap, 'c') ) oac = " checked";
    if( strchr(zCap, 'd') ) oad = " checked";
    if( strchr(zCap, 'f') ) oaf = " checked";
    if( strchr(zCap, 'i') ) oai = " checked";
    if( strchr(zCap, 'j') ) oaj = " checked";
    if( strchr(zCap, 'k') ) oak = " checked";
    if( strchr(zCap, 'm') ) oam = " checked";
    if( strchr(zCap, 'n') ) oan = " checked";
    if( strchr(zCap, 'o') ) oao = " checked";
    if( strchr(zCap, 'p') ) oap = " checked";
    if( strchr(zCap, 'q') ) oaq = " checked";
    if( strchr(zCap, 'r') ) oar = " checked";
    if( strchr(zCap, 's') ) oas = " checked";
    if( strchr(zCap, 'w') ) oaw = " checked";
  }

  /* Begin generating the page
  */
  style_submenu_element("Cancel", "Cancel", "setup_ulist");

  if( uid ){

    style_header(mprintf("Edit User %h", zLogin));
  }else{
    style_header("Add A New User");
  }
  @ <table align="left" hspace="20" vspace="10"><tr><td>
  @ <form action="%s(g.zPath)" method="POST">
  @ <table>
  @ <tr>
  @   <td align="right"><nobr>User ID:</nobr></td>
  if( uid ){
................................................................................
  @ <tr>
  @   <td align="right"><nobr>Contact&nbsp;Info:</nobr></td>
  @   <td><input type="text" name="info" size=40 value="%h(zInfo)"></td>
  @ </tr>
  @ <tr>
  @   <td align="right" valign="top">Capabilities:</td>
  @   <td>
  if( g.okSetup ){
    @     <input type="checkbox" name="as"%s(oas)>Setup</input><br>
  }
  @     <input type="checkbox" name="aa"%s(oaa)>Admin</input><br>
  @     <input type="checkbox" name="ad"%s(oad)>Delete</input><br>
  @     <input type="checkbox" name="ap"%s(oap)>Password</input><br>
  @     <input type="checkbox" name="aq"%s(oaq)>Query</input><br>
  @     <input type="checkbox" name="ai"%s(oai)>Check-In</input><br>
  @     <input type="checkbox" name="ao"%s(oao)>Check-Out</input><br>
  @     <input type="checkbox" name="aj"%s(oaj)>Read Wiki</input><br>
  @     <input type="checkbox" name="af"%s(oaf)>New Wiki</input><br>
  @     <input type="checkbox" name="am"%s(oam)>Append Wiki</input><br>
  @     <input type="checkbox" name="ak"%s(oak)>Write Wiki</input><br>
  @     <input type="checkbox" name="ar"%s(oar)>Read Tkt</input><br>
  @     <input type="checkbox" name="an"%s(oan)>New Tkt</input><br>

  @     <input type="checkbox" name="ac"%s(oac)>Append Tkt</input><br>

  @     <input type="checkbox" name="aw"%s(oaw)>Write Tkt</input>
  @   </td>
  @ </tr>
  @ <tr>
  @   <td align="right">Password:</td>
  @   <td><input type="password" name="pw" value=""></td>
  @ </tr>
  if( !higherUser ){
................................................................................
  if( higherUser ){
    @ <li><p>
    @ User %h(zId) has Setup privileges and you only have Admin privileges
    @ so you are not permitted to make changes to %h(zId).
    @ </p></li>
    @
  }





  @
  @ <li><p>
  @ The <b>Delete</b> privilege give the user the ability to erase
  @ wiki, tickets, and atttachments that have been added by anonymous
  @ users.  This capability is intended for deletion of spam.
  @ </p></li>
  @
................................................................................
*/
void setup_access(void){
  login_check_credentials();
  if( !g.okSetup ){
    login_needed();
  }

  style_header("Access Control Settings");
  db_begin_transaction();

  @ <form action="%s(g.zBaseURL)/setup_access" method="POST">

  @ <hr>
  onoff_attribute("Require password for local access",
     "authenticate-localhost", "localauth", 1);
  @ <p>When enabled, the password sign-in is required for
  @ web access coming from 127.0.0.1.  When disabled, web access
................................................................................
*/
void setup_config(void){
  login_check_credentials();
  if( !g.okSetup ){
    login_needed();
  }

  style_header("WWW Configuration");
  db_begin_transaction();

  @ <form action="%s(g.zBaseURL)/setup_config" method="POST">

  @ <hr>
  entry_attribute("Home page", 60, "homepage", "hp", "");
  @ <p>The name of a wiki file that is the homepage for the website.
  @ The home page is the page that is displayed by the "Home" link
  @ at the top of this screen.</p>

Changes to src/style.c.

65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89




90
91
92

93
94
95
96
97
98
99
...
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
  const struct Submenu *B = (const struct Submenu*)B;
  return strcmp(A->zLabel, B->zLabel);
}

/*
** Draw the header.
*/
void style_header(void){
  const char *zLogInOut = "Logout";
  login_check_credentials();
  @ <html>
  @ <body bgcolor="white">
  @ <hr size="1">
  @ <table border="0" cellpadding="0" cellspacing="0" width="100%%">
  @ <tr><td valign="top" align="left">
  @ <big><big><b>Fossil SCM</b></big></big><br>
  if( g.zLogin==0 || g.zLogin[0]==0 ){
    @ <small>not logged in</small>
    zLogInOut = "Login";
  }else{
    @ <small>logged in as %h(g.zLogin)</small>
  }
  @ </td><td valign="top" align="right">
  @ <a href="%s(g.zBaseURL)/index">Home</a>
  @ | <a href="%s(g.zBaseURL)/timeline">Timeline</a>




  @ | <font color="#888888">Search</font>
  @ | <font color="#888888">Ticket</font>
  @ | <font color="#888888">Reports</font>

  if( g.okSetup ){
    @ | <a href="%s(g.zBaseURL)/setup">Setup</a>
  }
  if( !g.noPswd ){
    @ | <a href="%s(g.zBaseURL)/login">%s(zLogInOut)</a>
  }
  if( nSubmenu>0 ){
................................................................................

/*
** WEBPAGE: index
** WEBPAGE: home
** WEBPAGE: not_found
*/
void page_index(void){
  style_header();
  @ This will become the title page
  style_footer();
}

/*
** WEBPAGE: test_env
*/
void page_test_env(void){
  style_header();
  cgi_print_all();
  style_footer();
}







|







|









>
>
>
>



>







 







|








|



65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
...
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
  const struct Submenu *B = (const struct Submenu*)B;
  return strcmp(A->zLabel, B->zLabel);
}

/*
** Draw the header.
*/
void style_header(const char *zTitle){
  const char *zLogInOut = "Logout";
  login_check_credentials();
  @ <html>
  @ <body bgcolor="white">
  @ <hr size="1">
  @ <table border="0" cellpadding="0" cellspacing="0" width="100%%">
  @ <tr><td valign="top" align="left">
  @ <big><big><b>%s(zTitle)</b></big></big><br>
  if( g.zLogin==0 || g.zLogin[0]==0 ){
    @ <small>not logged in</small>
    zLogInOut = "Login";
  }else{
    @ <small>logged in as %h(g.zLogin)</small>
  }
  @ </td><td valign="top" align="right">
  @ <a href="%s(g.zBaseURL)/index">Home</a>
  @ | <a href="%s(g.zBaseURL)/timeline">Timeline</a>
  if( g.okRdWiki ){
    @ | <a href="%s(g.zBaseURL)/wiki">Wiki</a>
  }
#if 0
  @ | <font color="#888888">Search</font>
  @ | <font color="#888888">Ticket</font>
  @ | <font color="#888888">Reports</font>
#endif
  if( g.okSetup ){
    @ | <a href="%s(g.zBaseURL)/setup">Setup</a>
  }
  if( !g.noPswd ){
    @ | <a href="%s(g.zBaseURL)/login">%s(zLogInOut)</a>
  }
  if( nSubmenu>0 ){
................................................................................

/*
** WEBPAGE: index
** WEBPAGE: home
** WEBPAGE: not_found
*/
void page_index(void){
  style_header("Main Title Page");
  @ This will become the title page
  style_footer();
}

/*
** WEBPAGE: test_env
*/
void page_test_env(void){
  style_header("Environment Test");
  cgi_print_all();
  style_footer();
}

Changes to src/timeline.c.

50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
..
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92

/*
** WEBPAGE: timeline
*/
void page_timeline(void){
  Stmt q;
  char zPrevDate[20];
  style_header();
  zPrevDate[0] = 0;
  db_prepare(&q,
    "SELECT rid, type, uuid, datetime(ctime,'unixepoch','localtime'), comment"
    "  FROM record"
    " WHERE NOT phantom AND NOT cancel"
    "   AND type IN ('v')"
    " ORDER BY ctime DESC"
    " LIMIT 100"
  );
  @ <table cellspacing=0 border=0 cellpadding=0>
  while( db_step(&q)==SQLITE_ROW ){
    const char *zDate = db_column_text(&q, 3);
    if( memcmp(zDate, zPrevDate, 10) ){
      sprintf(zPrevDate, "%.10s", zDate);
      @ <tr><td colspan=3>
      @ <table cellpadding=2 border=0>
      @ <tr><td bgcolor="#a0b5f4" class="border1">
      @ <table cellpadding=2 cellspacing=0 border=0><tr>
      @ <td bgcolor="#d0d9f4" class="bkgnd1">%s(zPrevDate)</td>
................................................................................
      @ </tr></table>
      @ </td></tr></table>
      @ </td></tr>
    }
    @ <tr><td valign="top">%s(&zDate[11])</td>
    @ <td width="20"></td>
    @ <td valign="top" align="left">
    hyperlink_to_uuid(db_column_text(&q,2));
    @ %s(db_column_text(&q,4))</td>
  }
  db_finalize(&q);
  @ </table>
  style_footer();
}
/*
** The input query q selects various records.  Print a human-readable







|


|
|
|
<
|
<



|







 







|
|







50
51
52
53
54
55
56
57
58
59
60
61
62

63

64
65
66
67
68
69
70
71
72
73
74
..
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

/*
** WEBPAGE: timeline
*/
void page_timeline(void){
  Stmt q;
  char zPrevDate[20];
  style_header("Timeline");
  zPrevDate[0] = 0;
  db_prepare(&q,
    "SELECT uuid, datetime(event.mtime,'localtime'), comment"
    "  FROM event, blob"
    " WHERE event.type='ci' AND blob.rid=event.objid"

    " ORDER BY event.mtime DESC"

  );
  @ <table cellspacing=0 border=0 cellpadding=0>
  while( db_step(&q)==SQLITE_ROW ){
    const char *zDate = db_column_text(&q, 1);
    if( memcmp(zDate, zPrevDate, 10) ){
      sprintf(zPrevDate, "%.10s", zDate);
      @ <tr><td colspan=3>
      @ <table cellpadding=2 border=0>
      @ <tr><td bgcolor="#a0b5f4" class="border1">
      @ <table cellpadding=2 cellspacing=0 border=0><tr>
      @ <td bgcolor="#d0d9f4" class="bkgnd1">%s(zPrevDate)</td>
................................................................................
      @ </tr></table>
      @ </td></tr></table>
      @ </td></tr>
    }
    @ <tr><td valign="top">%s(&zDate[11])</td>
    @ <td width="20"></td>
    @ <td valign="top" align="left">
    hyperlink_to_uuid(db_column_text(&q,0));
    @ %s(db_column_text(&q,2))</td>
  }
  db_finalize(&q);
  @ </table>
  style_footer();
}
/*
** The input query q selects various records.  Print a human-readable

Changes to src/wiki.c.

30
31
32
33
34
35
36
37
38
39
40
/*
** WEBPAGE: wiki
**
** Render the wiki page that is named after the /wiki/ part of
** the url.
*/
void wiki_page(void){
  style_header();
  @ extra=%h(g.zExtra)
  style_footer();
}







|



30
31
32
33
34
35
36
37
38
39
40
/*
** WEBPAGE: wiki
**
** Render the wiki page that is named after the /wiki/ part of
** the url.
*/
void wiki_page(void){
  style_header("Wiki");
  @ extra=%h(g.zExtra)
  style_footer();
}