Fossil SCM
Minor tweaks and cleanup.
Commit
085e12390526ba50a436f8c49c26e35bd65869feee78c748cf90a9c546b2d863
Parent
bca893460e29754…
3 files changed
+11
-8
+2
+2
-2
+11
-8
| --- src/attach.c | ||
| +++ src/attach.c | ||
| @@ -425,11 +425,12 @@ | ||
| 425 | 425 | int szLimit = 0; |
| 426 | 426 | |
| 427 | 427 | if( zFrom==0 ) zFrom = mprintf("%R/home"); |
| 428 | 428 | if( P("cancel") ) cgi_redirect(zFrom); |
| 429 | 429 | if( (!!zPage + !!zTkt + !!zTechNote + !!zForumPost)!=1 ){ |
| 430 | - webpage_error("Requires exactly one one: page=X, tkt=X, forumpost=X, or technote=X"); | |
| 430 | + webpage_error("Requires exactly one one: page=X, tkt=X, forumpost=X," | |
| 431 | + " or technote=X"); | |
| 431 | 432 | } |
| 432 | 433 | login_check_credentials(); |
| 433 | 434 | if( zForumPost ){ |
| 434 | 435 | int fpid; |
| 435 | 436 | if( g.perm.AttachForum==0 ){ |
| @@ -492,11 +493,11 @@ | ||
| 492 | 493 | zTkt, zTkt); |
| 493 | 494 | } |
| 494 | 495 | szLimit = db_get_int("attachment-size-limit", 0); |
| 495 | 496 | if( szContent<0 || (szLimit && szContent>szLimit) ){ |
| 496 | 497 | /* This check must be done late so that zTargetType is set up. */ |
| 497 | - @ <p class="generalError">Attachment %s(zName) is too large. | |
| 498 | + @ <p class="generalError">Attachment %h(zName) is too large. | |
| 498 | 499 | @ <a href="%R/help/attachment-size-limit">Limit</a> is |
| 499 | 500 | @ %d(szLimit ? szLimit : 0x7fffffff) bytes</p> |
| 500 | 501 | /* Fall through and render form. */ |
| 501 | 502 | }else if( P("ok") && szContent>0 && (goodCaptcha = captcha_is_correct(0)) ){ |
| 502 | 503 | int needModerator = (zForumPost!=0 && forum_need_moderation()) || |
| @@ -515,12 +516,12 @@ | ||
| 515 | 516 | form_begin("enctype='multipart/form-data'", "%R/attachadd"); |
| 516 | 517 | @ <div> |
| 517 | 518 | @ File to Attach: |
| 518 | 519 | @ <input type="file" name="f" size="60"><br> |
| 519 | 520 | @ Description:<br> |
| 520 | - @ <textarea name="comment" cols="80" rows="5" wrap="virtual" | |
| 521 | - @ >%s(zComment)</textarea><br> | |
| 521 | + @ <textarea name="comment" cols="80" rows="5" wrap="virtual"\ | |
| 522 | + @ >%h(zComment)</textarea><br> | |
| 522 | 523 | if( zForumPost ){ |
| 523 | 524 | @ <input type="hidden" name="forumpost" value="%h(zTarget)"> |
| 524 | 525 | }else if( zTkt ){ |
| 525 | 526 | @ <input type="hidden" name="tkt" value="%h(zTkt)"> |
| 526 | 527 | }else if( zTechNote ){ |
| @@ -558,11 +559,11 @@ | ||
| 558 | 559 | const char *zName; /* Name of the attached file */ |
| 559 | 560 | const char *zDesc; /* Description of the attached file */ |
| 560 | 561 | const char *zWikiName = 0; /* Wiki page name when attached to Wiki */ |
| 561 | 562 | const char *zTNUuid = 0; /* Tech Note ID when attached to tech note */ |
| 562 | 563 | const char *zTktUuid = 0; /* Ticket ID when attached to a ticket */ |
| 563 | - const char *zForumPost = 0; /* Forum post UID when attached to a forum post */ | |
| 564 | + const char *zForumPost = 0; /* Forum UID when attached to forum post */ | |
| 564 | 565 | int modPending; /* True if awaiting moderation */ |
| 565 | 566 | const char *zModAction; /* Moderation action or NULL */ |
| 566 | 567 | int isModerator; /* TRUE if user is the moderator */ |
| 567 | 568 | const char *zMime; /* MIME Type */ |
| 568 | 569 | Blob attach; /* Content of the attachment */ |
| @@ -613,12 +614,13 @@ | ||
| 613 | 614 | if( showDelMenu ){ |
| 614 | 615 | style_submenu_element("Delete", "%R/ainfo/%s?del", zUuid); |
| 615 | 616 | } |
| 616 | 617 | zDate = db_text(0, "SELECT datetime(%.12f)", pAttach->rDate); |
| 617 | 618 | |
| 618 | - if( P("confirm") && | |
| 619 | - ((zForumPost | |
| 619 | + if( P("confirm") | |
| 620 | + && cgi_csrf_safe(2) | |
| 621 | + && ((zForumPost | |
| 620 | 622 | && ((bUserIsOwner && g.perm.AttachForum) || |
| 621 | 623 | forumpost_may_close())) || |
| 622 | 624 | (zTktUuid && g.perm.WrTkt) || |
| 623 | 625 | (zWikiName && g.perm.WrWiki) || |
| 624 | 626 | (zTNUuid && g.perm.Write && g.perm.WrWiki)) |
| @@ -755,11 +757,12 @@ | ||
| 755 | 757 | } |
| 756 | 758 | |
| 757 | 759 | @ <div class="section">Content:</div> |
| 758 | 760 | blob_zero(&attach); |
| 759 | 761 | if( modPending && !moderation_user_could(rid, 1, 0) ){ |
| 760 | - @ <p><span class="modpending">Content is awaiting moderator approval.</span></p> | |
| 762 | + @ <p><span class="modpending">Content is awaiting moderator \ | |
| 763 | + @ approval.</span></p> | |
| 761 | 764 | }else{ |
| 762 | 765 | @ <blockquote> |
| 763 | 766 | if( fShowContent ){ |
| 764 | 767 | const char *z; |
| 765 | 768 | content_get(ridSrc, &attach); |
| 766 | 769 |
| --- src/attach.c | |
| +++ src/attach.c | |
| @@ -425,11 +425,12 @@ | |
| 425 | int szLimit = 0; |
| 426 | |
| 427 | if( zFrom==0 ) zFrom = mprintf("%R/home"); |
| 428 | if( P("cancel") ) cgi_redirect(zFrom); |
| 429 | if( (!!zPage + !!zTkt + !!zTechNote + !!zForumPost)!=1 ){ |
| 430 | webpage_error("Requires exactly one one: page=X, tkt=X, forumpost=X, or technote=X"); |
| 431 | } |
| 432 | login_check_credentials(); |
| 433 | if( zForumPost ){ |
| 434 | int fpid; |
| 435 | if( g.perm.AttachForum==0 ){ |
| @@ -492,11 +493,11 @@ | |
| 492 | zTkt, zTkt); |
| 493 | } |
| 494 | szLimit = db_get_int("attachment-size-limit", 0); |
| 495 | if( szContent<0 || (szLimit && szContent>szLimit) ){ |
| 496 | /* This check must be done late so that zTargetType is set up. */ |
| 497 | @ <p class="generalError">Attachment %s(zName) is too large. |
| 498 | @ <a href="%R/help/attachment-size-limit">Limit</a> is |
| 499 | @ %d(szLimit ? szLimit : 0x7fffffff) bytes</p> |
| 500 | /* Fall through and render form. */ |
| 501 | }else if( P("ok") && szContent>0 && (goodCaptcha = captcha_is_correct(0)) ){ |
| 502 | int needModerator = (zForumPost!=0 && forum_need_moderation()) || |
| @@ -515,12 +516,12 @@ | |
| 515 | form_begin("enctype='multipart/form-data'", "%R/attachadd"); |
| 516 | @ <div> |
| 517 | @ File to Attach: |
| 518 | @ <input type="file" name="f" size="60"><br> |
| 519 | @ Description:<br> |
| 520 | @ <textarea name="comment" cols="80" rows="5" wrap="virtual" |
| 521 | @ >%s(zComment)</textarea><br> |
| 522 | if( zForumPost ){ |
| 523 | @ <input type="hidden" name="forumpost" value="%h(zTarget)"> |
| 524 | }else if( zTkt ){ |
| 525 | @ <input type="hidden" name="tkt" value="%h(zTkt)"> |
| 526 | }else if( zTechNote ){ |
| @@ -558,11 +559,11 @@ | |
| 558 | const char *zName; /* Name of the attached file */ |
| 559 | const char *zDesc; /* Description of the attached file */ |
| 560 | const char *zWikiName = 0; /* Wiki page name when attached to Wiki */ |
| 561 | const char *zTNUuid = 0; /* Tech Note ID when attached to tech note */ |
| 562 | const char *zTktUuid = 0; /* Ticket ID when attached to a ticket */ |
| 563 | const char *zForumPost = 0; /* Forum post UID when attached to a forum post */ |
| 564 | int modPending; /* True if awaiting moderation */ |
| 565 | const char *zModAction; /* Moderation action or NULL */ |
| 566 | int isModerator; /* TRUE if user is the moderator */ |
| 567 | const char *zMime; /* MIME Type */ |
| 568 | Blob attach; /* Content of the attachment */ |
| @@ -613,12 +614,13 @@ | |
| 613 | if( showDelMenu ){ |
| 614 | style_submenu_element("Delete", "%R/ainfo/%s?del", zUuid); |
| 615 | } |
| 616 | zDate = db_text(0, "SELECT datetime(%.12f)", pAttach->rDate); |
| 617 | |
| 618 | if( P("confirm") && |
| 619 | ((zForumPost |
| 620 | && ((bUserIsOwner && g.perm.AttachForum) || |
| 621 | forumpost_may_close())) || |
| 622 | (zTktUuid && g.perm.WrTkt) || |
| 623 | (zWikiName && g.perm.WrWiki) || |
| 624 | (zTNUuid && g.perm.Write && g.perm.WrWiki)) |
| @@ -755,11 +757,12 @@ | |
| 755 | } |
| 756 | |
| 757 | @ <div class="section">Content:</div> |
| 758 | blob_zero(&attach); |
| 759 | if( modPending && !moderation_user_could(rid, 1, 0) ){ |
| 760 | @ <p><span class="modpending">Content is awaiting moderator approval.</span></p> |
| 761 | }else{ |
| 762 | @ <blockquote> |
| 763 | if( fShowContent ){ |
| 764 | const char *z; |
| 765 | content_get(ridSrc, &attach); |
| 766 |
| --- src/attach.c | |
| +++ src/attach.c | |
| @@ -425,11 +425,12 @@ | |
| 425 | int szLimit = 0; |
| 426 | |
| 427 | if( zFrom==0 ) zFrom = mprintf("%R/home"); |
| 428 | if( P("cancel") ) cgi_redirect(zFrom); |
| 429 | if( (!!zPage + !!zTkt + !!zTechNote + !!zForumPost)!=1 ){ |
| 430 | webpage_error("Requires exactly one one: page=X, tkt=X, forumpost=X," |
| 431 | " or technote=X"); |
| 432 | } |
| 433 | login_check_credentials(); |
| 434 | if( zForumPost ){ |
| 435 | int fpid; |
| 436 | if( g.perm.AttachForum==0 ){ |
| @@ -492,11 +493,11 @@ | |
| 493 | zTkt, zTkt); |
| 494 | } |
| 495 | szLimit = db_get_int("attachment-size-limit", 0); |
| 496 | if( szContent<0 || (szLimit && szContent>szLimit) ){ |
| 497 | /* This check must be done late so that zTargetType is set up. */ |
| 498 | @ <p class="generalError">Attachment %h(zName) is too large. |
| 499 | @ <a href="%R/help/attachment-size-limit">Limit</a> is |
| 500 | @ %d(szLimit ? szLimit : 0x7fffffff) bytes</p> |
| 501 | /* Fall through and render form. */ |
| 502 | }else if( P("ok") && szContent>0 && (goodCaptcha = captcha_is_correct(0)) ){ |
| 503 | int needModerator = (zForumPost!=0 && forum_need_moderation()) || |
| @@ -515,12 +516,12 @@ | |
| 516 | form_begin("enctype='multipart/form-data'", "%R/attachadd"); |
| 517 | @ <div> |
| 518 | @ File to Attach: |
| 519 | @ <input type="file" name="f" size="60"><br> |
| 520 | @ Description:<br> |
| 521 | @ <textarea name="comment" cols="80" rows="5" wrap="virtual"\ |
| 522 | @ >%h(zComment)</textarea><br> |
| 523 | if( zForumPost ){ |
| 524 | @ <input type="hidden" name="forumpost" value="%h(zTarget)"> |
| 525 | }else if( zTkt ){ |
| 526 | @ <input type="hidden" name="tkt" value="%h(zTkt)"> |
| 527 | }else if( zTechNote ){ |
| @@ -558,11 +559,11 @@ | |
| 559 | const char *zName; /* Name of the attached file */ |
| 560 | const char *zDesc; /* Description of the attached file */ |
| 561 | const char *zWikiName = 0; /* Wiki page name when attached to Wiki */ |
| 562 | const char *zTNUuid = 0; /* Tech Note ID when attached to tech note */ |
| 563 | const char *zTktUuid = 0; /* Ticket ID when attached to a ticket */ |
| 564 | const char *zForumPost = 0; /* Forum UID when attached to forum post */ |
| 565 | int modPending; /* True if awaiting moderation */ |
| 566 | const char *zModAction; /* Moderation action or NULL */ |
| 567 | int isModerator; /* TRUE if user is the moderator */ |
| 568 | const char *zMime; /* MIME Type */ |
| 569 | Blob attach; /* Content of the attachment */ |
| @@ -613,12 +614,13 @@ | |
| 614 | if( showDelMenu ){ |
| 615 | style_submenu_element("Delete", "%R/ainfo/%s?del", zUuid); |
| 616 | } |
| 617 | zDate = db_text(0, "SELECT datetime(%.12f)", pAttach->rDate); |
| 618 | |
| 619 | if( P("confirm") |
| 620 | && cgi_csrf_safe(2) |
| 621 | && ((zForumPost |
| 622 | && ((bUserIsOwner && g.perm.AttachForum) || |
| 623 | forumpost_may_close())) || |
| 624 | (zTktUuid && g.perm.WrTkt) || |
| 625 | (zWikiName && g.perm.WrWiki) || |
| 626 | (zTNUuid && g.perm.Write && g.perm.WrWiki)) |
| @@ -755,11 +757,12 @@ | |
| 757 | } |
| 758 | |
| 759 | @ <div class="section">Content:</div> |
| 760 | blob_zero(&attach); |
| 761 | if( modPending && !moderation_user_could(rid, 1, 0) ){ |
| 762 | @ <p><span class="modpending">Content is awaiting moderator \ |
| 763 | @ approval.</span></p> |
| 764 | }else{ |
| 765 | @ <blockquote> |
| 766 | if( fShowContent ){ |
| 767 | const char *z; |
| 768 | content_get(ridSrc, &attach); |
| 769 |
+2
| --- src/capabilities.c | ||
| +++ src/capabilities.c | ||
| @@ -304,10 +304,12 @@ | ||
| 304 | 304 | "Forum-Admin", "Grant capability '4' to other users" }, |
| 305 | 305 | { '7', CAPCLASS_ALERT, 0, |
| 306 | 306 | "Alerts", "Sign up for email alerts" }, |
| 307 | 307 | { 'A', CAPCLASS_ALERT|CAPCLASS_SUPER, 0, |
| 308 | 308 | "Announce", "Send announcements to all subscribers" }, |
| 309 | + { 'B', CAPCLASS_FORUM|CAPCLASS_SUPER, 0, | |
| 310 | + "Forum-Attach", "Add attachment to Forum posts" }, | |
| 309 | 311 | { 'C', CAPCLASS_FORUM, 0, |
| 310 | 312 | "Chat", "Read and/or writes messages in the chatroom" }, |
| 311 | 313 | { 'D', CAPCLASS_OTHER, 0, |
| 312 | 314 | "Debug", "Enable debugging features" }, |
| 313 | 315 | }; |
| 314 | 316 |
| --- src/capabilities.c | |
| +++ src/capabilities.c | |
| @@ -304,10 +304,12 @@ | |
| 304 | "Forum-Admin", "Grant capability '4' to other users" }, |
| 305 | { '7', CAPCLASS_ALERT, 0, |
| 306 | "Alerts", "Sign up for email alerts" }, |
| 307 | { 'A', CAPCLASS_ALERT|CAPCLASS_SUPER, 0, |
| 308 | "Announce", "Send announcements to all subscribers" }, |
| 309 | { 'C', CAPCLASS_FORUM, 0, |
| 310 | "Chat", "Read and/or writes messages in the chatroom" }, |
| 311 | { 'D', CAPCLASS_OTHER, 0, |
| 312 | "Debug", "Enable debugging features" }, |
| 313 | }; |
| 314 |
| --- src/capabilities.c | |
| +++ src/capabilities.c | |
| @@ -304,10 +304,12 @@ | |
| 304 | "Forum-Admin", "Grant capability '4' to other users" }, |
| 305 | { '7', CAPCLASS_ALERT, 0, |
| 306 | "Alerts", "Sign up for email alerts" }, |
| 307 | { 'A', CAPCLASS_ALERT|CAPCLASS_SUPER, 0, |
| 308 | "Announce", "Send announcements to all subscribers" }, |
| 309 | { 'B', CAPCLASS_FORUM|CAPCLASS_SUPER, 0, |
| 310 | "Forum-Attach", "Add attachment to Forum posts" }, |
| 311 | { 'C', CAPCLASS_FORUM, 0, |
| 312 | "Chat", "Read and/or writes messages in the chatroom" }, |
| 313 | { 'D', CAPCLASS_OTHER, 0, |
| 314 | "Debug", "Enable debugging features" }, |
| 315 | }; |
| 316 |
+2
-2
| --- src/setupuser.c | ||
| +++ src/setupuser.c | ||
| @@ -859,13 +859,13 @@ | ||
| 859 | 859 | @ Read Forum%s(B('2'))</label> |
| 860 | 860 | @ <li><label><input type="checkbox" name="a3"%s(oa['3'])> |
| 861 | 861 | @ Write Forum%s(B('3'))</label> |
| 862 | 862 | @ <li><label><input type="checkbox" name="a4"%s(oa['4'])> |
| 863 | 863 | @ WriteTrusted Forum%s(B('4'))</label> |
| 864 | - @ <li><label><input type="checkbox" name="a5"%s(oa['5'])> | |
| 864 | + @ <li><label><input type="checkbox" name="aB"%s(oa['B'])> | |
| 865 | 865 | @ Attach to Forum%s(B('B'))</label> |
| 866 | - @ <li><label><input type="checkbox" name="ag"%s(oa['g'])> | |
| 866 | + @ <li><label><input type="checkbox" name="a5"%s(oa['5'])> | |
| 867 | 867 | @ Moderate Forum%s(B('5'))</label> |
| 868 | 868 | @ <li><label><input type="checkbox" name="a6"%s(oa['6'])> |
| 869 | 869 | @ Supervise Forum%s(B('6'))</label> |
| 870 | 870 | @ <li><label><input type="checkbox" name="a7"%s(oa['7'])> |
| 871 | 871 | @ Email Alerts%s(B('7'))</label> |
| 872 | 872 |
| --- src/setupuser.c | |
| +++ src/setupuser.c | |
| @@ -859,13 +859,13 @@ | |
| 859 | @ Read Forum%s(B('2'))</label> |
| 860 | @ <li><label><input type="checkbox" name="a3"%s(oa['3'])> |
| 861 | @ Write Forum%s(B('3'))</label> |
| 862 | @ <li><label><input type="checkbox" name="a4"%s(oa['4'])> |
| 863 | @ WriteTrusted Forum%s(B('4'))</label> |
| 864 | @ <li><label><input type="checkbox" name="a5"%s(oa['5'])> |
| 865 | @ Attach to Forum%s(B('B'))</label> |
| 866 | @ <li><label><input type="checkbox" name="ag"%s(oa['g'])> |
| 867 | @ Moderate Forum%s(B('5'))</label> |
| 868 | @ <li><label><input type="checkbox" name="a6"%s(oa['6'])> |
| 869 | @ Supervise Forum%s(B('6'))</label> |
| 870 | @ <li><label><input type="checkbox" name="a7"%s(oa['7'])> |
| 871 | @ Email Alerts%s(B('7'))</label> |
| 872 |
| --- src/setupuser.c | |
| +++ src/setupuser.c | |
| @@ -859,13 +859,13 @@ | |
| 859 | @ Read Forum%s(B('2'))</label> |
| 860 | @ <li><label><input type="checkbox" name="a3"%s(oa['3'])> |
| 861 | @ Write Forum%s(B('3'))</label> |
| 862 | @ <li><label><input type="checkbox" name="a4"%s(oa['4'])> |
| 863 | @ WriteTrusted Forum%s(B('4'))</label> |
| 864 | @ <li><label><input type="checkbox" name="aB"%s(oa['B'])> |
| 865 | @ Attach to Forum%s(B('B'))</label> |
| 866 | @ <li><label><input type="checkbox" name="a5"%s(oa['5'])> |
| 867 | @ Moderate Forum%s(B('5'))</label> |
| 868 | @ <li><label><input type="checkbox" name="a6"%s(oa['6'])> |
| 869 | @ Supervise Forum%s(B('6'))</label> |
| 870 | @ <li><label><input type="checkbox" name="a7"%s(oa['7'])> |
| 871 | @ Email Alerts%s(B('7'))</label> |
| 872 |