Fossil SCM

Apply [938fda79d49e] to the 's' (search) parameter to the /wiki page.

stephan 2024-03-12 23:33 trunk

Commit 3d1e634d16e53cbd2ae437d705f6f18932101d68ca60b687e2b7e5928d7ab2f0

Parent 938fda79d49ede0…

2 files changed +3 -1 +1

~ src/info.c ~ src/wiki.c

M src/info.c

+3 -1

		--- src/info.c
		+++ src/info.c
		@@ -1227,11 +1227,13 @@
1227	1227	if( pFrom==0 ) return;
1228	1228	zGlob = P("glob");
1229	1229	/*
1230	1230	** Maintenace reminder: we explicitly do _not_ use P_NoBot()
1231	1231	** for "from" and "to" because those args can contain legitimate
1232		- ** strings which may trigger the looks-like SQL checks.
	1232	+ ** strings which may trigger the looks-like SQL checks, e.g.
	1233	+ ** from=merge-in:OR-clause-improvement
	1234	+ ** to=OR-clause-improvement
1233	1235	*/
1234	1236	zFrom = P("from");
1235	1237	zTo = P("to");
1236	1238	if( bInvert ){
1237	1239	Manifest *pTemp = pTo;
1238	1240

	--- src/info.c
	+++ src/info.c
	@@ -1227,11 +1227,13 @@
1227	if( pFrom==0 ) return;
1228	zGlob = P("glob");
1229	/*
1230	** Maintenace reminder: we explicitly do _not_ use P_NoBot()
1231	** for "from" and "to" because those args can contain legitimate
1232	** strings which may trigger the looks-like SQL checks.


1233	*/
1234	zFrom = P("from");
1235	zTo = P("to");
1236	if( bInvert ){
1237	Manifest *pTemp = pTo;
1238

	--- src/info.c
	+++ src/info.c
	@@ -1227,11 +1227,13 @@
1227	if( pFrom==0 ) return;
1228	zGlob = P("glob");
1229	/*
1230	** Maintenace reminder: we explicitly do _not_ use P_NoBot()
1231	** for "from" and "to" because those args can contain legitimate
1232	** strings which may trigger the looks-like SQL checks, e.g.
1233	** from=merge-in:OR-clause-improvement
1234	** to=OR-clause-improvement
1235	*/
1236	zFrom = P("from");
1237	zTo = P("to");
1238	if( bInvert ){
1239	Manifest *pTemp = pTo;
1240

M src/wiki.c

+1

		--- src/wiki.c
		+++ src/wiki.c
		@@ -552,10 +552,11 @@
552	552	int noSubmenu = P("nsm")!=0 \|\| g.isHome;
553	553
554	554	login_check_credentials();
555	555	if( !g.perm.RdWiki ){ login_needed(g.anon.RdWiki); return; }
556	556	zPageName = P("name");
	557	+ (void)P("s")/for cgi_check_for_malice(). "s" == search stringy/;
557	558	cgi_check_for_malice();
558	559	if( zPageName==0 ){
559	560	if( search_restrict(SRCH_WIKI)!=0 ){
560	561	wiki_srchpage();
561	562	}else{
562	563

	--- src/wiki.c
	+++ src/wiki.c
	@@ -552,10 +552,11 @@
552	int noSubmenu = P("nsm")!=0 \|\| g.isHome;
553
554	login_check_credentials();
555	if( !g.perm.RdWiki ){ login_needed(g.anon.RdWiki); return; }
556	zPageName = P("name");

557	cgi_check_for_malice();
558	if( zPageName==0 ){
559	if( search_restrict(SRCH_WIKI)!=0 ){
560	wiki_srchpage();
561	}else{
562

	--- src/wiki.c
	+++ src/wiki.c
	@@ -552,10 +552,11 @@
552	int noSubmenu = P("nsm")!=0 \|\| g.isHome;
553
554	login_check_credentials();
555	if( !g.perm.RdWiki ){ login_needed(g.anon.RdWiki); return; }
556	zPageName = P("name");
557	(void)P("s")/for cgi_check_for_malice(). "s" == search stringy/;
558	cgi_check_for_malice();
559	if( zPageName==0 ){
560	if( search_restrict(SRCH_WIKI)!=0 ){
561	wiki_srchpage();
562	}else{
563

Keyboard Shortcuts

Open search /

Next entry (timeline) j

Previous entry (timeline) k

Open focused entry Enter

Show this help ?

Toggle theme Top nav button