Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Change a few %s format letters into %h. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
8e27a5a084a55f1831ec4e17b2de48b5 |
User & Date: | drh 2017-05-12 17:22:24 |
Context
2017-05-13
| ||
18:00 | Enhance the "fossil 3-way-merge" command to output a warning in the event of merge conflicts. ... (check-in: 9e17c686 user: drh tags: trunk) | |
2017-05-12
| ||
17:22 | Change a few %s format letters into %h. ... (check-in: 8e27a5a0 user: drh tags: trunk) | |
16:22 | Fix an XSS issue with the /help webpage. ... (check-in: db482f16 user: drh tags: trunk) | |
Changes
Changes to src/login.c.
︙ | ︙ | |||
1456 1457 1458 1459 1460 1461 1462 | blob_init(&caps, db_get("default-perms", "u"), -1); blob_init(&passwd, zPasswd, -1); if( db_exists("SELECT 1 FROM user WHERE login=%B", &login) ){ /* Here lies the reason I don't use zErrMsg - it would not substitute * this %s(zUsername), or at least I don't know how to force it to.*/ @ <p><span class="loginError"> | | | 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 | blob_init(&caps, db_get("default-perms", "u"), -1); blob_init(&passwd, zPasswd, -1); if( db_exists("SELECT 1 FROM user WHERE login=%B", &login) ){ /* Here lies the reason I don't use zErrMsg - it would not substitute * this %s(zUsername), or at least I don't know how to force it to.*/ @ <p><span class="loginError"> @ %h(zUsername) already exists. @ </span></p> }else{ char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login), 0); int uid; db_multi_exec( "INSERT INTO user(login,pw,cap,info,mtime)" "VALUES(%B,%Q,%B,%B,strftime('%%s','now'))", |
︙ | ︙ |
Changes to src/name.c.
︙ | ︙ | |||
465 466 467 468 469 470 471 | const char *zUuid = db_column_text(&q, 1); const char *zTitle = db_column_text(&q, 2); @ <li><p><a href="%R/%T(zSrc)/%!S(zUuid)"> @ %s(zUuid)</a> - @ <ul></ul> @ Ticket hyperlink_to_uuid(zUuid); | | | 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 | const char *zUuid = db_column_text(&q, 1); const char *zTitle = db_column_text(&q, 2); @ <li><p><a href="%R/%T(zSrc)/%!S(zUuid)"> @ %s(zUuid)</a> - @ <ul></ul> @ Ticket hyperlink_to_uuid(zUuid); @ - %h(zTitle). @ <ul><li> object_description(rid, 0, 0); @ </li></ul> @ </p></li> } db_finalize(&q); db_prepare(&q, |
︙ | ︙ |
Changes to src/setup.c.
︙ | ︙ | |||
483 484 485 486 487 488 489 | blob_reset(&sql); admin_log( "Updated user [%q] in all login groups " "with capabilities [%q].", zLogin, zCap ); if( zErr ){ style_header("User Change Error"); admin_log( "Error updating user '%q': %s'.", zLogin, zErr ); | | | 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 | blob_reset(&sql); admin_log( "Updated user [%q] in all login groups " "with capabilities [%q].", zLogin, zCap ); if( zErr ){ style_header("User Change Error"); admin_log( "Error updating user '%q': %s'.", zLogin, zErr ); @ <span class="loginError">%h(zErr)</span> @ @ <p><a href="setup_uedit?id=%d(uid)">[Bummer]</a></p> style_footer(); return; } } cgi_redirect("setup_ulist"); |
︙ | ︙ |