49b0ff15922… — Fossil SCM

M src/allrepo.c

+10 -7

		--- src/allrepo.c
		+++ src/allrepo.c
		@@ -257,19 +257,22 @@
257	257	int j;
258	258	useCheckouts = find_option("ckout","c",0)!=0;
259	259	verify_all_options();
260	260	db_begin_transaction();
261	261	for(j=3; j<g.argc; j++){
262		- char *zSql = mprintf("DELETE FROM global_config"
263		- " WHERE name GLOB '%s:%q'",
264		- useCheckouts?"ckout":"repo", g.argv[j]);
	262	+ Blob sql;
	263	+ blob_zero(&sql);
	264	+ blob_append_sql(&sql,
	265	+ "DELETE FROM global_config WHERE name GLOB '%s:%q'",
	266	+ useCheckouts?"ckout":"repo", g.argv[j]
	267	+ );
265	268	if( dryRunFlag ){
266		- fossil_print("%s\n", zSql);
	269	+ fossil_print("%s\n", blob_sql_text(&sql));
267	270	}else{
268		- db_multi_exec("%s", zSql);
	271	+ db_multi_exec("%s", blob_sql_text(&sql));
269	272	}
270		- fossil_free(zSql);
	273	+ blob_reset(&sql);
271	274	}
272	275	db_end_transaction(0);
273	276	return;
274	277	}else if( strncmp(zCmd, "info", n)==0 ){
275	278	zCmd = "info";
		@@ -346,9 +349,9 @@
346	349	if( nToDel>0 ){
347	350	const char *zSql = "DELETE FROM global_config WHERE name IN toDel";
348	351	if( dryRunFlag ){
349	352	fossil_print("%s\n", zSql);
350	353	}else{
351		- db_multi_exec(zSql);
	354	+ db_multi_exec("%s", zSql /safe-for-%s/ );
352	355	}
353	356	}
354	357	}
355	358

	--- src/allrepo.c
	+++ src/allrepo.c
	@@ -257,19 +257,22 @@
257	int j;
258	useCheckouts = find_option("ckout","c",0)!=0;
259	verify_all_options();
260	db_begin_transaction();
261	for(j=3; j<g.argc; j++){
262	char *zSql = mprintf("DELETE FROM global_config"
263	" WHERE name GLOB '%s:%q'",
264	useCheckouts?"ckout":"repo", g.argv[j]);



265	if( dryRunFlag ){
266	fossil_print("%s\n", zSql);
267	}else{
268	db_multi_exec("%s", zSql);
269	}
270	fossil_free(zSql);
271	}
272	db_end_transaction(0);
273	return;
274	}else if( strncmp(zCmd, "info", n)==0 ){
275	zCmd = "info";
	@@ -346,9 +349,9 @@
346	if( nToDel>0 ){
347	const char *zSql = "DELETE FROM global_config WHERE name IN toDel";
348	if( dryRunFlag ){
349	fossil_print("%s\n", zSql);
350	}else{
351	db_multi_exec(zSql);
352	}
353	}
354	}
355

	--- src/allrepo.c
	+++ src/allrepo.c
	@@ -257,19 +257,22 @@
257	int j;
258	useCheckouts = find_option("ckout","c",0)!=0;
259	verify_all_options();
260	db_begin_transaction();
261	for(j=3; j<g.argc; j++){
262	Blob sql;
263	blob_zero(&sql);
264	blob_append_sql(&sql,
265	"DELETE FROM global_config WHERE name GLOB '%s:%q'",
266	useCheckouts?"ckout":"repo", g.argv[j]
267	);
268	if( dryRunFlag ){
269	fossil_print("%s\n", blob_sql_text(&sql));
270	}else{
271	db_multi_exec("%s", blob_sql_text(&sql));
272	}
273	blob_reset(&sql);
274	}
275	db_end_transaction(0);
276	return;
277	}else if( strncmp(zCmd, "info", n)==0 ){
278	zCmd = "info";
	@@ -346,9 +349,9 @@
349	if( nToDel>0 ){
350	const char *zSql = "DELETE FROM global_config WHERE name IN toDel";
351	if( dryRunFlag ){
352	fossil_print("%s\n", zSql);
353	}else{
354	db_multi_exec("%s", zSql /safe-for-%s/ );
355	}
356	}
357	}
358

M src/attach.c

+8 -8

		--- src/attach.c
		+++ src/attach.c
		@@ -40,31 +40,31 @@
40	40	Stmt q;
41	41
42	42	if( zPage && zTkt ) zTkt = 0;
43	43	login_check_credentials();
44	44	blob_zero(&sql);
45		- blob_appendf(&sql,
	45	+ blob_append_sql(&sql,
46	46	"SELECT datetime(mtime%s), src, target, filename,"
47	47	" comment, user,"
48	48	" (SELECT uuid FROM blob WHERE rid=attachid), attachid"
49	49	" FROM attachment",
50	50	timeline_utc()
51	51	);
52	52	if( zPage ){
53	53	if( g.perm.RdWiki==0 ) login_needed();
54	54	style_header("Attachments To %h", zPage);
55		- blob_appendf(&sql, " WHERE target=%Q", zPage);
	55	+ blob_append_sql(&sql, " WHERE target=%Q", zPage);
56	56	}else if( zTkt ){
57	57	if( g.perm.RdTkt==0 ) login_needed();
58	58	style_header("Attachments To Ticket %S", zTkt);
59		- blob_appendf(&sql, " WHERE target GLOB '%q*'", zTkt);
	59	+ blob_append_sql(&sql, " WHERE target GLOB '%q*'", zTkt);
60	60	}else{
61	61	if( g.perm.RdTkt==0 && g.perm.RdWiki==0 ) login_needed();
62	62	style_header("All Attachments");
63	63	}
64		- blob_appendf(&sql, " ORDER BY mtime DESC");
65		- db_prepare(&q, "%s", blob_str(&sql));
	64	+ blob_append_sql(&sql, " ORDER BY mtime DESC");
	65	+ db_prepare(&q, "%s", blob_sql_text(&sql));
66	66	@ <ol>
67	67	while( db_step(&q)==SQLITE_ROW ){
68	68	const char *zDate = db_column_text(&q, 0);
69	69	const char *zSrc = db_column_text(&q, 1);
70	70	const char *zTarget = db_column_text(&q, 2);
		@@ -377,11 +377,11 @@
377	377	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
378	378	#if 0
379	379	/* Shunning here needs to get both the attachment control artifact and
380	380	** the object that is attached. */
381	381	if( g.perm.Admin ){
382		- if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
	382	+ if( db_exists("SELECT 1 FROM shun WHERE uuid='%q'", zUuid) ){
383	383	style_submenu_element("Unshun","Unshun", "%s/shun?uuid=%s&sub=1",
384	384	g.zTop, zUuid);
385	385	}else{
386	386	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
387	387	g.zTop, zUuid);
		@@ -390,17 +390,17 @@
390	390	#endif
391	391	pAttach = manifest_get(rid, CFTYPE_ATTACHMENT, 0);
392	392	if( pAttach==0 ) fossil_redirect_home();
393	393	zTarget = pAttach->zAttachTarget;
394	394	zSrc = pAttach->zAttachSrc;
395		- ridSrc = db_int(0,"SELECT rid FROM blob WHERE uuid='%s'", zSrc);
	395	+ ridSrc = db_int(0,"SELECT rid FROM blob WHERE uuid='%q'", zSrc);
396	396	zName = pAttach->zAttachName;
397	397	zDesc = pAttach->zComment;
398	398	zMime = mimetype_from_name(zName);
399	399	fShowContent = zMime ? strncmp(zMime,"text/", 5)==0 : 0;
400	400	if( validate16(zTarget, strlen(zTarget))
401		- && db_exists("SELECT 1 FROM ticket WHERE tkt_uuid='%s'", zTarget)
	401	+ && db_exists("SELECT 1 FROM ticket WHERE tkt_uuid='%q'", zTarget)
402	402	){
403	403	zTktUuid = zTarget;
404	404	if( !g.perm.RdTkt ){ login_needed(); return; }
405	405	if( g.perm.WrTkt ){
406	406	style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
407	407

	--- src/attach.c
	+++ src/attach.c
	@@ -40,31 +40,31 @@
40	Stmt q;
41
42	if( zPage && zTkt ) zTkt = 0;
43	login_check_credentials();
44	blob_zero(&sql);
45	blob_appendf(&sql,
46	"SELECT datetime(mtime%s), src, target, filename,"
47	" comment, user,"
48	" (SELECT uuid FROM blob WHERE rid=attachid), attachid"
49	" FROM attachment",
50	timeline_utc()
51	);
52	if( zPage ){
53	if( g.perm.RdWiki==0 ) login_needed();
54	style_header("Attachments To %h", zPage);
55	blob_appendf(&sql, " WHERE target=%Q", zPage);
56	}else if( zTkt ){
57	if( g.perm.RdTkt==0 ) login_needed();
58	style_header("Attachments To Ticket %S", zTkt);
59	blob_appendf(&sql, " WHERE target GLOB '%q*'", zTkt);
60	}else{
61	if( g.perm.RdTkt==0 && g.perm.RdWiki==0 ) login_needed();
62	style_header("All Attachments");
63	}
64	blob_appendf(&sql, " ORDER BY mtime DESC");
65	db_prepare(&q, "%s", blob_str(&sql));
66	@ <ol>
67	while( db_step(&q)==SQLITE_ROW ){
68	const char *zDate = db_column_text(&q, 0);
69	const char *zSrc = db_column_text(&q, 1);
70	const char *zTarget = db_column_text(&q, 2);
	@@ -377,11 +377,11 @@
377	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
378	#if 0
379	/* Shunning here needs to get both the attachment control artifact and
380	** the object that is attached. */
381	if( g.perm.Admin ){
382	if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
383	style_submenu_element("Unshun","Unshun", "%s/shun?uuid=%s&sub=1",
384	g.zTop, zUuid);
385	}else{
386	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
387	g.zTop, zUuid);
	@@ -390,17 +390,17 @@
390	#endif
391	pAttach = manifest_get(rid, CFTYPE_ATTACHMENT, 0);
392	if( pAttach==0 ) fossil_redirect_home();
393	zTarget = pAttach->zAttachTarget;
394	zSrc = pAttach->zAttachSrc;
395	ridSrc = db_int(0,"SELECT rid FROM blob WHERE uuid='%s'", zSrc);
396	zName = pAttach->zAttachName;
397	zDesc = pAttach->zComment;
398	zMime = mimetype_from_name(zName);
399	fShowContent = zMime ? strncmp(zMime,"text/", 5)==0 : 0;
400	if( validate16(zTarget, strlen(zTarget))
401	&& db_exists("SELECT 1 FROM ticket WHERE tkt_uuid='%s'", zTarget)
402	){
403	zTktUuid = zTarget;
404	if( !g.perm.RdTkt ){ login_needed(); return; }
405	if( g.perm.WrTkt ){
406	style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
407

	--- src/attach.c
	+++ src/attach.c
	@@ -40,31 +40,31 @@
40	Stmt q;
41
42	if( zPage && zTkt ) zTkt = 0;
43	login_check_credentials();
44	blob_zero(&sql);
45	blob_append_sql(&sql,
46	"SELECT datetime(mtime%s), src, target, filename,"
47	" comment, user,"
48	" (SELECT uuid FROM blob WHERE rid=attachid), attachid"
49	" FROM attachment",
50	timeline_utc()
51	);
52	if( zPage ){
53	if( g.perm.RdWiki==0 ) login_needed();
54	style_header("Attachments To %h", zPage);
55	blob_append_sql(&sql, " WHERE target=%Q", zPage);
56	}else if( zTkt ){
57	if( g.perm.RdTkt==0 ) login_needed();
58	style_header("Attachments To Ticket %S", zTkt);
59	blob_append_sql(&sql, " WHERE target GLOB '%q*'", zTkt);
60	}else{
61	if( g.perm.RdTkt==0 && g.perm.RdWiki==0 ) login_needed();
62	style_header("All Attachments");
63	}
64	blob_append_sql(&sql, " ORDER BY mtime DESC");
65	db_prepare(&q, "%s", blob_sql_text(&sql));
66	@ <ol>
67	while( db_step(&q)==SQLITE_ROW ){
68	const char *zDate = db_column_text(&q, 0);
69	const char *zSrc = db_column_text(&q, 1);
70	const char *zTarget = db_column_text(&q, 2);
	@@ -377,11 +377,11 @@
377	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
378	#if 0
379	/* Shunning here needs to get both the attachment control artifact and
380	** the object that is attached. */
381	if( g.perm.Admin ){
382	if( db_exists("SELECT 1 FROM shun WHERE uuid='%q'", zUuid) ){
383	style_submenu_element("Unshun","Unshun", "%s/shun?uuid=%s&sub=1",
384	g.zTop, zUuid);
385	}else{
386	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
387	g.zTop, zUuid);
	@@ -390,17 +390,17 @@
390	#endif
391	pAttach = manifest_get(rid, CFTYPE_ATTACHMENT, 0);
392	if( pAttach==0 ) fossil_redirect_home();
393	zTarget = pAttach->zAttachTarget;
394	zSrc = pAttach->zAttachSrc;
395	ridSrc = db_int(0,"SELECT rid FROM blob WHERE uuid='%q'", zSrc);
396	zName = pAttach->zAttachName;
397	zDesc = pAttach->zComment;
398	zMime = mimetype_from_name(zName);
399	fShowContent = zMime ? strncmp(zMime,"text/", 5)==0 : 0;
400	if( validate16(zTarget, strlen(zTarget))
401	&& db_exists("SELECT 1 FROM ticket WHERE tkt_uuid='%q'", zTarget)
402	){
403	zTktUuid = zTarget;
404	if( !g.perm.RdTkt ){ login_needed(); return; }
405	if( g.perm.WrTkt ){
406	style_submenu_element("Delete","Delete","%R/ainfo/%s?del", zUuid);
407

M src/blob.c

+36 -1

		--- src/blob.c
		+++ src/blob.c
		@@ -34,14 +34,20 @@
34	34	*/
35	35	struct Blob {
36	36	unsigned int nUsed; /* Number of bytes used in aData[] */
37	37	unsigned int nAlloc; /* Number of bytes allocated for aData[] */
38	38	unsigned int iCursor; /* Next character of input to parse */
	39	+ unsigned int blobFlags; /* One or more BLOBFLAG_* bits */
39	40	char aData; / Where the information is stored */
40	41	void (xRealloc)(Blob, unsigned int); /* Function to reallocate the buffer */
41	42	};
42	43
	44	+/*
	45	+** Allowed values for Blob.blobFlags
	46	+*/
	47	+#define BLOBFLAG_NotSQL 0x0001 /* Non-SQL text */
	48	+
43	49	/*
44	50	** The current size of a Blob
45	51	*/
46	52	#define blob_size(X) ((X)->nUsed)
47	53
		@@ -148,10 +154,11 @@
148	154	free(pBlob->aData);
149	155	pBlob->aData = 0;
150	156	pBlob->nAlloc = 0;
151	157	pBlob->nUsed = 0;
152	158	pBlob->iCursor = 0;
	159	+ pBlob->blobFlags = 0;
153	160	}else if( newSize>pBlob->nAlloc \|\| newSize<pBlob->nAlloc-4000 ){
154	161	char *pNew = fossil_realloc(pBlob->aData, newSize);
155	162	pBlob->aData = pNew;
156	163	pBlob->nAlloc = newSize;
157	164	if( pBlob->nUsed>pBlob->nAlloc ){
		@@ -162,11 +169,11 @@
162	169
163	170	/*
164	171	** An initializer for Blobs
165	172	*/
166	173	#if INTERFACE
167		-#define BLOB_INITIALIZER {0,0,0,0,blobReallocMalloc}
	174	+#define BLOB_INITIALIZER {0,0,0,0,0,blobReallocMalloc}
168	175	#endif
169	176	const Blob empty_blob = BLOB_INITIALIZER;
170	177
171	178	/*
172	179	** A reallocation function for when the initial string is in unmanaged
		@@ -217,10 +224,11 @@
217	224	}else{
218	225	if( size<=0 ) size = strlen(zData);
219	226	pBlob->nUsed = pBlob->nAlloc = size;
220	227	pBlob->aData = (char*)zData;
221	228	pBlob->iCursor = 0;
	229	+ pBlob->blobFlags = 0;
222	230	pBlob->xRealloc = blobReallocStatic;
223	231	}
224	232	}
225	233
226	234	/*
		@@ -248,10 +256,11 @@
248	256	assert_blob_is_reset(pBlob);
249	257	pBlob->nUsed = 0;
250	258	pBlob->nAlloc = 1;
251	259	pBlob->aData = (char*)zEmpty;
252	260	pBlob->iCursor = 0;
	261	+ pBlob->blobFlags = 0;
253	262	pBlob->xRealloc = blobReallocStatic;
254	263	}
255	264
256	265	/*
257	266	** Append text or data to the end of a blob.
		@@ -292,10 +301,24 @@
292	301	if( p->aData[p->nUsed]!=0 ){
293	302	blob_materialize(p);
294	303	}
295	304	return p->aData;
296	305	}
	306	+
	307	+/*
	308	+** Return a pointer to a null-terminated string for a blob that has
	309	+** been created using blob_append_sql() and not blob_appendf(). If
	310	+** text was ever added using blob_appendf() then throw an error.
	311	+*/
	312	+char blob_sql_text(Blob p){
	313	+ blob_is_init(p);
	314	+ if( (p->blobFlags & BLOBFLAG_NotSQL) ){
	315	+ fossil_fatal("Internal error: Use of blob_appendf() to construct SQL text");
	316	+ }
	317	+ return blob_str(p);
	318	+}
	319	+
297	320
298	321	/*
299	322	** Return a pointer to a null-terminated string for a blob.
300	323	**
301	324	** WARNING: If the blob is ephemeral, it might cause a '\000'
		@@ -671,13 +694,25 @@
671	694	return i;
672	695	}
673	696
674	697	/*
675	698	** Do printf-style string rendering and append the results to a blob.
	699	+**
	700	+** The blob_appendf() version sets the BLOBFLAG_NotSQL bit in Blob.blobFlags
	701	+** whereas blob_append_sql() does not.
676	702	*/
677	703	void blob_appendf(Blob pBlob, const char zFormat, ...){
678	704	if( pBlob ){
	705	+ va_list ap;
	706	+ va_start(ap, zFormat);
	707	+ vxprintf(pBlob, zFormat, ap);
	708	+ va_end(ap);
	709	+ pBlob->blobFlags \|= BLOBFLAG_NotSQL;
	710	+ }
	711	+}
	712	+void blob_append_sql(Blob pBlob, const char zFormat, ...){
	713	+ if( pBlob ){
679	714	va_list ap;
680	715	va_start(ap, zFormat);
681	716	vxprintf(pBlob, zFormat, ap);
682	717	va_end(ap);
683	718	}
684	719

	--- src/blob.c
	+++ src/blob.c
	@@ -34,14 +34,20 @@
34	*/
35	struct Blob {
36	unsigned int nUsed; /* Number of bytes used in aData[] */
37	unsigned int nAlloc; /* Number of bytes allocated for aData[] */
38	unsigned int iCursor; /* Next character of input to parse */

39	char aData; / Where the information is stored */
40	void (xRealloc)(Blob, unsigned int); /* Function to reallocate the buffer */
41	};
42





43	/*
44	** The current size of a Blob
45	*/
46	#define blob_size(X) ((X)->nUsed)
47
	@@ -148,10 +154,11 @@
148	free(pBlob->aData);
149	pBlob->aData = 0;
150	pBlob->nAlloc = 0;
151	pBlob->nUsed = 0;
152	pBlob->iCursor = 0;

153	}else if( newSize>pBlob->nAlloc \|\| newSize<pBlob->nAlloc-4000 ){
154	char *pNew = fossil_realloc(pBlob->aData, newSize);
155	pBlob->aData = pNew;
156	pBlob->nAlloc = newSize;
157	if( pBlob->nUsed>pBlob->nAlloc ){
	@@ -162,11 +169,11 @@
162
163	/*
164	** An initializer for Blobs
165	*/
166	#if INTERFACE
167	#define BLOB_INITIALIZER {0,0,0,0,blobReallocMalloc}
168	#endif
169	const Blob empty_blob = BLOB_INITIALIZER;
170
171	/*
172	** A reallocation function for when the initial string is in unmanaged
	@@ -217,10 +224,11 @@
217	}else{
218	if( size<=0 ) size = strlen(zData);
219	pBlob->nUsed = pBlob->nAlloc = size;
220	pBlob->aData = (char*)zData;
221	pBlob->iCursor = 0;

222	pBlob->xRealloc = blobReallocStatic;
223	}
224	}
225
226	/*
	@@ -248,10 +256,11 @@
248	assert_blob_is_reset(pBlob);
249	pBlob->nUsed = 0;
250	pBlob->nAlloc = 1;
251	pBlob->aData = (char*)zEmpty;
252	pBlob->iCursor = 0;

253	pBlob->xRealloc = blobReallocStatic;
254	}
255
256	/*
257	** Append text or data to the end of a blob.
	@@ -292,10 +301,24 @@
292	if( p->aData[p->nUsed]!=0 ){
293	blob_materialize(p);
294	}
295	return p->aData;
296	}














297
298	/*
299	** Return a pointer to a null-terminated string for a blob.
300	**
301	** WARNING: If the blob is ephemeral, it might cause a '\000'
	@@ -671,13 +694,25 @@
671	return i;
672	}
673
674	/*
675	** Do printf-style string rendering and append the results to a blob.



676	*/
677	void blob_appendf(Blob pBlob, const char zFormat, ...){
678	if( pBlob ){









679	va_list ap;
680	va_start(ap, zFormat);
681	vxprintf(pBlob, zFormat, ap);
682	va_end(ap);
683	}
684

	--- src/blob.c
	+++ src/blob.c
	@@ -34,14 +34,20 @@
34	*/
35	struct Blob {
36	unsigned int nUsed; /* Number of bytes used in aData[] */
37	unsigned int nAlloc; /* Number of bytes allocated for aData[] */
38	unsigned int iCursor; /* Next character of input to parse */
39	unsigned int blobFlags; /* One or more BLOBFLAG_* bits */
40	char aData; / Where the information is stored */
41	void (xRealloc)(Blob, unsigned int); /* Function to reallocate the buffer */
42	};
43
44	/*
45	** Allowed values for Blob.blobFlags
46	*/
47	#define BLOBFLAG_NotSQL 0x0001 /* Non-SQL text */
48
49	/*
50	** The current size of a Blob
51	*/
52	#define blob_size(X) ((X)->nUsed)
53
	@@ -148,10 +154,11 @@
154	free(pBlob->aData);
155	pBlob->aData = 0;
156	pBlob->nAlloc = 0;
157	pBlob->nUsed = 0;
158	pBlob->iCursor = 0;
159	pBlob->blobFlags = 0;
160	}else if( newSize>pBlob->nAlloc \|\| newSize<pBlob->nAlloc-4000 ){
161	char *pNew = fossil_realloc(pBlob->aData, newSize);
162	pBlob->aData = pNew;
163	pBlob->nAlloc = newSize;
164	if( pBlob->nUsed>pBlob->nAlloc ){
	@@ -162,11 +169,11 @@
169
170	/*
171	** An initializer for Blobs
172	*/
173	#if INTERFACE
174	#define BLOB_INITIALIZER {0,0,0,0,0,blobReallocMalloc}
175	#endif
176	const Blob empty_blob = BLOB_INITIALIZER;
177
178	/*
179	** A reallocation function for when the initial string is in unmanaged
	@@ -217,10 +224,11 @@
224	}else{
225	if( size<=0 ) size = strlen(zData);
226	pBlob->nUsed = pBlob->nAlloc = size;
227	pBlob->aData = (char*)zData;
228	pBlob->iCursor = 0;
229	pBlob->blobFlags = 0;
230	pBlob->xRealloc = blobReallocStatic;
231	}
232	}
233
234	/*
	@@ -248,10 +256,11 @@
256	assert_blob_is_reset(pBlob);
257	pBlob->nUsed = 0;
258	pBlob->nAlloc = 1;
259	pBlob->aData = (char*)zEmpty;
260	pBlob->iCursor = 0;
261	pBlob->blobFlags = 0;
262	pBlob->xRealloc = blobReallocStatic;
263	}
264
265	/*
266	** Append text or data to the end of a blob.
	@@ -292,10 +301,24 @@
301	if( p->aData[p->nUsed]!=0 ){
302	blob_materialize(p);
303	}
304	return p->aData;
305	}
306
307	/*
308	** Return a pointer to a null-terminated string for a blob that has
309	** been created using blob_append_sql() and not blob_appendf(). If
310	** text was ever added using blob_appendf() then throw an error.
311	*/
312	char blob_sql_text(Blob p){
313	blob_is_init(p);
314	if( (p->blobFlags & BLOBFLAG_NotSQL) ){
315	fossil_fatal("Internal error: Use of blob_appendf() to construct SQL text");
316	}
317	return blob_str(p);
318	}
319
320
321	/*
322	** Return a pointer to a null-terminated string for a blob.
323	**
324	** WARNING: If the blob is ephemeral, it might cause a '\000'
	@@ -671,13 +694,25 @@
694	return i;
695	}
696
697	/*
698	** Do printf-style string rendering and append the results to a blob.
699	**
700	** The blob_appendf() version sets the BLOBFLAG_NotSQL bit in Blob.blobFlags
701	** whereas blob_append_sql() does not.
702	*/
703	void blob_appendf(Blob pBlob, const char zFormat, ...){
704	if( pBlob ){
705	va_list ap;
706	va_start(ap, zFormat);
707	vxprintf(pBlob, zFormat, ap);
708	va_end(ap);
709	pBlob->blobFlags \|= BLOBFLAG_NotSQL;
710	}
711	}
712	void blob_append_sql(Blob pBlob, const char zFormat, ...){
713	if( pBlob ){
714	va_list ap;
715	va_start(ap, zFormat);
716	vxprintf(pBlob, zFormat, ap);
717	va_end(ap);
718	}
719

M src/branch.c

+2 -2

		--- src/branch.c
		+++ src/branch.c
		@@ -300,12 +300,12 @@
300	300	if( colorTest ){
301	301	showClosed = 0;
302	302	showAll = 1;
303	303	}
304	304
305		- style_header(showClosed ? "Closed Branches" :
306		- showAll ? "All Branches" : "Open Branches");
	305	+ style_header("%s", showClosed ? "Closed Branches" :
	306	+ showAll ? "All Branches" : "Open Branches");
307	307	style_submenu_element("Timeline", "Timeline", "brtimeline");
308	308	if( showClosed ){
309	309	style_submenu_element("All", "All", "brlist?all");
310	310	style_submenu_element("Open","Open","brlist");
311	311	}else if( showAll ){
312	312

	--- src/branch.c
	+++ src/branch.c
	@@ -300,12 +300,12 @@
300	if( colorTest ){
301	showClosed = 0;
302	showAll = 1;
303	}
304
305	style_header(showClosed ? "Closed Branches" :
306	showAll ? "All Branches" : "Open Branches");
307	style_submenu_element("Timeline", "Timeline", "brtimeline");
308	if( showClosed ){
309	style_submenu_element("All", "All", "brlist?all");
310	style_submenu_element("Open","Open","brlist");
311	}else if( showAll ){
312

	--- src/branch.c
	+++ src/branch.c
	@@ -300,12 +300,12 @@
300	if( colorTest ){
301	showClosed = 0;
302	showAll = 1;
303	}
304
305	style_header("%s", showClosed ? "Closed Branches" :
306	showAll ? "All Branches" : "Open Branches");
307	style_submenu_element("Timeline", "Timeline", "brtimeline");
308	if( showClosed ){
309	style_submenu_element("All", "All", "brlist?all");
310	style_submenu_element("Open","Open","brlist");
311	}else if( showAll ){
312

M src/browse.c

+1 -1

		--- src/browse.c
		+++ src/browse.c
		@@ -828,11 +828,11 @@
828	828	rid = symbolic_name_to_rid(zName, "ci");
829	829	if( rid==0 ){
830	830	fossil_fatal("not a valid check-in: %s", zName);
831	831	}
832	832	style_submenu_element("Tree-View", "Tree-View", "%R/tree?ci=%T", zName);
833		- style_header("File Ages", zName);
	833	+ style_header("File Ages");
834	834	zGlob = P("glob");
835	835	compute_fileage(rid,zGlob);
836	836	baseTime = db_double(0.0, "SELECT mtime FROM event WHERE objid=%d", rid);
837	837	zBaseTime = db_text("","SELECT datetime(%.20g%s)", baseTime, timeline_utc());
838	838	@ <h2>File Ages For Check-in
839	839

	--- src/browse.c
	+++ src/browse.c
	@@ -828,11 +828,11 @@
828	rid = symbolic_name_to_rid(zName, "ci");
829	if( rid==0 ){
830	fossil_fatal("not a valid check-in: %s", zName);
831	}
832	style_submenu_element("Tree-View", "Tree-View", "%R/tree?ci=%T", zName);
833	style_header("File Ages", zName);
834	zGlob = P("glob");
835	compute_fileage(rid,zGlob);
836	baseTime = db_double(0.0, "SELECT mtime FROM event WHERE objid=%d", rid);
837	zBaseTime = db_text("","SELECT datetime(%.20g%s)", baseTime, timeline_utc());
838	@ <h2>File Ages For Check-in
839

	--- src/browse.c
	+++ src/browse.c
	@@ -828,11 +828,11 @@
828	rid = symbolic_name_to_rid(zName, "ci");
829	if( rid==0 ){
830	fossil_fatal("not a valid check-in: %s", zName);
831	}
832	style_submenu_element("Tree-View", "Tree-View", "%R/tree?ci=%T", zName);
833	style_header("File Ages");
834	zGlob = P("glob");
835	compute_fileage(rid,zGlob);
836	baseTime = db_double(0.0, "SELECT mtime FROM event WHERE objid=%d", rid);
837	zBaseTime = db_text("","SELECT datetime(%.20g%s)", baseTime, timeline_utc());
838	@ <h2>File Ages For Check-in
839

M src/cgi.c

+2 -1

		--- src/cgi.c
		+++ src/cgi.c
		@@ -1712,11 +1712,12 @@
1712	1712	listen(listener,10);
1713	1713	fossil_print("Listening for %s requests on TCP port %d\n",
1714	1714	(flags & HTTP_SERVER_SCGI)!=0?"SCGI":"HTTP", iPort);
1715	1715	fflush(stdout);
1716	1716	if( zBrowser ){
1717		- zBrowser = mprintf(zBrowser, iPort);
	1717	+ assert( strstr(zBrowser,"%d")!=0 );
	1718	+ zBrowser = mprintf(zBrowser /works-like:"%d"/, iPort);
1718	1719	#if defined(__CYGWIN__)
1719	1720	/* On Cygwin, we can do better than "echo" */
1720	1721	if( strncmp(zBrowser, "echo ", 5)==0 ){
1721	1722	wchar_t *wUrl = fossil_utf8_to_unicode(zBrowser+5);
1722	1723	wUrl[wcslen(wUrl)-2] = 0; /* Strip terminating " &" */
1723	1724

	--- src/cgi.c
	+++ src/cgi.c
	@@ -1712,11 +1712,12 @@
1712	listen(listener,10);
1713	fossil_print("Listening for %s requests on TCP port %d\n",
1714	(flags & HTTP_SERVER_SCGI)!=0?"SCGI":"HTTP", iPort);
1715	fflush(stdout);
1716	if( zBrowser ){
1717	zBrowser = mprintf(zBrowser, iPort);

1718	#if defined(__CYGWIN__)
1719	/* On Cygwin, we can do better than "echo" */
1720	if( strncmp(zBrowser, "echo ", 5)==0 ){
1721	wchar_t *wUrl = fossil_utf8_to_unicode(zBrowser+5);
1722	wUrl[wcslen(wUrl)-2] = 0; /* Strip terminating " &" */
1723

	--- src/cgi.c
	+++ src/cgi.c
	@@ -1712,11 +1712,12 @@
1712	listen(listener,10);
1713	fossil_print("Listening for %s requests on TCP port %d\n",
1714	(flags & HTTP_SERVER_SCGI)!=0?"SCGI":"HTTP", iPort);
1715	fflush(stdout);
1716	if( zBrowser ){
1717	assert( strstr(zBrowser,"%d")!=0 );
1718	zBrowser = mprintf(zBrowser /works-like:"%d"/, iPort);
1719	#if defined(__CYGWIN__)
1720	/* On Cygwin, we can do better than "echo" */
1721	if( strncmp(zBrowser, "echo ", 5)==0 ){
1722	wchar_t *wUrl = fossil_utf8_to_unicode(zBrowser+5);
1723	wUrl[wcslen(wUrl)-2] = 0; /* Strip terminating " &" */
1724

M src/checkin.c

+20 -17

		--- src/checkin.c
		+++ src/checkin.c
		@@ -52,23 +52,25 @@
52	52	zName = blob_str(&fname);
53	53	if( fossil_strcmp(zName, ".")==0 ) {
54	54	blob_reset(&where);
55	55	break;
56	56	}
57		- blob_appendf(&where, " %s (pathname=%Q %s) "
58		- "OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
59		- (blob_size(&where)>0) ? "OR" : "AND", zName,
60		- filename_collation(), zName, filename_collation(),
61		- zName, filename_collation());
	57	+ blob_append_sql(&where,
	58	+ " %s (pathname=%Q %s) "
	59	+ "OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
	60	+ (blob_size(&where)>0) ? "OR" : "AND", zName,
	61	+ filename_collation(), zName, filename_collation(),
	62	+ zName, filename_collation()
	63	+ );
62	64	}
63	65
64	66	db_prepare(&q,
65	67	"SELECT pathname, deleted, chnged, rid, coalesce(origname!=pathname,0)"
66	68	" FROM vfile "
67	69	" WHERE is_selected(id) %s"
68	70	" AND (chnged OR deleted OR rid=0 OR pathname!=origname) ORDER BY 1",
69		- blob_str(&where)
	71	+ blob_sql_text(&where)
70	72	);
71	73	blob_zero(&rewrittenPathname);
72	74	while( db_step(&q)==SQLITE_ROW ){
73	75	const char *zPathname = db_column_text(&q,0);
74	76	const char *zDisplayName = zPathname;
		@@ -313,29 +315,32 @@
313	315	zName = blob_str(&fname);
314	316	if( fossil_strcmp(zName, ".")==0 ) {
315	317	blob_reset(&where);
316	318	break;
317	319	}
318		- blob_appendf(&where, " %s (pathname=%Q %s) "
319		- "OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
320		- (blob_size(&where)>0) ? "OR" : "WHERE", zName,
321		- filename_collation(), zName, filename_collation(),
322		- zName, filename_collation());
	320	+ blob_append_sql(&where,
	321	+ " %s (pathname=%Q %s) "
	322	+ "OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
	323	+ (blob_size(&where)>0) ? "OR" : "WHERE", zName,
	324	+ filename_collation(), zName, filename_collation(),
	325	+ zName, filename_collation()
	326	+ );
323	327	}
324	328	vfile_check_signature(vid, 0);
325	329	if( showAge ){
326	330	db_prepare(&q,
327	331	"SELECT pathname, deleted, rid, chnged, coalesce(origname!=pathname,0),"
328	332	" datetime(checkin_mtime(%d,rid),'unixepoch'%s)"
329	333	" FROM vfile %s"
330		- " ORDER BY %s", vid, timeline_utc(), blob_str(&where), zOrderBy
	334	+ " ORDER BY %s",
	335	+ vid, timeline_utc(), blob_sql_text(&where), zOrderBy /safe-for-%s/
331	336	);
332	337	}else{
333	338	db_prepare(&q,
334	339	"SELECT pathname, deleted, rid, chnged, coalesce(origname!=pathname,0)"
335	340	" FROM vfile %s"
336		- " ORDER BY %s", blob_str(&where), zOrderBy
	341	+ " ORDER BY %s", blob_sql_text(&where), zOrderBy /safe-for-%s/
337	342	);
338	343	}
339	344	blob_reset(&where);
340	345	while( db_step(&q)==SQLITE_ROW ){
341	346	const char *zPathname = db_column_text(&q,0);
		@@ -908,14 +913,12 @@
908	913	assert( g.aCommitFile==0 );
909	914	if( g.argc>2 ){
910	915	int ii, jj=0;
911	916	Blob fname;
912	917	Stmt q;
913		- const char *zCollate;
914	918	Bag toCommit;
915	919
916		- zCollate = filename_collation();
917	920	blob_zero(&fname);
918	921	bag_init(&toCommit);
919	922	for(ii=2; ii<g.argc; ii++){
920	923	int cnt = 0;
921	924	file_tree_name(g.argv[ii], &fname, 1);
		@@ -924,12 +927,12 @@
924	927	return result;
925	928	}
926	929	db_prepare(&q,
927	930	"SELECT id FROM vfile WHERE pathname=%Q %s"
928	931	" OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
929		- blob_str(&fname), zCollate, blob_str(&fname),
930		- zCollate, blob_str(&fname), zCollate);
	932	+ blob_str(&fname), filename_collation(), blob_str(&fname),
	933	+ filename_collation(), blob_str(&fname), filename_collation());
931	934	while( db_step(&q)==SQLITE_ROW ){
932	935	cnt++;
933	936	bag_insert(&toCommit, db_column_int(&q, 0));
934	937	}
935	938	db_finalize(&q);
936	939

	--- src/checkin.c
	+++ src/checkin.c
	@@ -52,23 +52,25 @@
52	zName = blob_str(&fname);
53	if( fossil_strcmp(zName, ".")==0 ) {
54	blob_reset(&where);
55	break;
56	}
57	blob_appendf(&where, " %s (pathname=%Q %s) "
58	"OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
59	(blob_size(&where)>0) ? "OR" : "AND", zName,
60	filename_collation(), zName, filename_collation(),
61	zName, filename_collation());


62	}
63
64	db_prepare(&q,
65	"SELECT pathname, deleted, chnged, rid, coalesce(origname!=pathname,0)"
66	" FROM vfile "
67	" WHERE is_selected(id) %s"
68	" AND (chnged OR deleted OR rid=0 OR pathname!=origname) ORDER BY 1",
69	blob_str(&where)
70	);
71	blob_zero(&rewrittenPathname);
72	while( db_step(&q)==SQLITE_ROW ){
73	const char *zPathname = db_column_text(&q,0);
74	const char *zDisplayName = zPathname;
	@@ -313,29 +315,32 @@
313	zName = blob_str(&fname);
314	if( fossil_strcmp(zName, ".")==0 ) {
315	blob_reset(&where);
316	break;
317	}
318	blob_appendf(&where, " %s (pathname=%Q %s) "
319	"OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
320	(blob_size(&where)>0) ? "OR" : "WHERE", zName,
321	filename_collation(), zName, filename_collation(),
322	zName, filename_collation());


323	}
324	vfile_check_signature(vid, 0);
325	if( showAge ){
326	db_prepare(&q,
327	"SELECT pathname, deleted, rid, chnged, coalesce(origname!=pathname,0),"
328	" datetime(checkin_mtime(%d,rid),'unixepoch'%s)"
329	" FROM vfile %s"
330	" ORDER BY %s", vid, timeline_utc(), blob_str(&where), zOrderBy

331	);
332	}else{
333	db_prepare(&q,
334	"SELECT pathname, deleted, rid, chnged, coalesce(origname!=pathname,0)"
335	" FROM vfile %s"
336	" ORDER BY %s", blob_str(&where), zOrderBy
337	);
338	}
339	blob_reset(&where);
340	while( db_step(&q)==SQLITE_ROW ){
341	const char *zPathname = db_column_text(&q,0);
	@@ -908,14 +913,12 @@
908	assert( g.aCommitFile==0 );
909	if( g.argc>2 ){
910	int ii, jj=0;
911	Blob fname;
912	Stmt q;
913	const char *zCollate;
914	Bag toCommit;
915
916	zCollate = filename_collation();
917	blob_zero(&fname);
918	bag_init(&toCommit);
919	for(ii=2; ii<g.argc; ii++){
920	int cnt = 0;
921	file_tree_name(g.argv[ii], &fname, 1);
	@@ -924,12 +927,12 @@
924	return result;
925	}
926	db_prepare(&q,
927	"SELECT id FROM vfile WHERE pathname=%Q %s"
928	" OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
929	blob_str(&fname), zCollate, blob_str(&fname),
930	zCollate, blob_str(&fname), zCollate);
931	while( db_step(&q)==SQLITE_ROW ){
932	cnt++;
933	bag_insert(&toCommit, db_column_int(&q, 0));
934	}
935	db_finalize(&q);
936

	--- src/checkin.c
	+++ src/checkin.c
	@@ -52,23 +52,25 @@
52	zName = blob_str(&fname);
53	if( fossil_strcmp(zName, ".")==0 ) {
54	blob_reset(&where);
55	break;
56	}
57	blob_append_sql(&where,
58	" %s (pathname=%Q %s) "
59	"OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
60	(blob_size(&where)>0) ? "OR" : "AND", zName,
61	filename_collation(), zName, filename_collation(),
62	zName, filename_collation()
63	);
64	}
65
66	db_prepare(&q,
67	"SELECT pathname, deleted, chnged, rid, coalesce(origname!=pathname,0)"
68	" FROM vfile "
69	" WHERE is_selected(id) %s"
70	" AND (chnged OR deleted OR rid=0 OR pathname!=origname) ORDER BY 1",
71	blob_sql_text(&where)
72	);
73	blob_zero(&rewrittenPathname);
74	while( db_step(&q)==SQLITE_ROW ){
75	const char *zPathname = db_column_text(&q,0);
76	const char *zDisplayName = zPathname;
	@@ -313,29 +315,32 @@
315	zName = blob_str(&fname);
316	if( fossil_strcmp(zName, ".")==0 ) {
317	blob_reset(&where);
318	break;
319	}
320	blob_append_sql(&where,
321	" %s (pathname=%Q %s) "
322	"OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
323	(blob_size(&where)>0) ? "OR" : "WHERE", zName,
324	filename_collation(), zName, filename_collation(),
325	zName, filename_collation()
326	);
327	}
328	vfile_check_signature(vid, 0);
329	if( showAge ){
330	db_prepare(&q,
331	"SELECT pathname, deleted, rid, chnged, coalesce(origname!=pathname,0),"
332	" datetime(checkin_mtime(%d,rid),'unixepoch'%s)"
333	" FROM vfile %s"
334	" ORDER BY %s",
335	vid, timeline_utc(), blob_sql_text(&where), zOrderBy /safe-for-%s/
336	);
337	}else{
338	db_prepare(&q,
339	"SELECT pathname, deleted, rid, chnged, coalesce(origname!=pathname,0)"
340	" FROM vfile %s"
341	" ORDER BY %s", blob_sql_text(&where), zOrderBy /safe-for-%s/
342	);
343	}
344	blob_reset(&where);
345	while( db_step(&q)==SQLITE_ROW ){
346	const char *zPathname = db_column_text(&q,0);
	@@ -908,14 +913,12 @@
913	assert( g.aCommitFile==0 );
914	if( g.argc>2 ){
915	int ii, jj=0;
916	Blob fname;
917	Stmt q;

918	Bag toCommit;
919

920	blob_zero(&fname);
921	bag_init(&toCommit);
922	for(ii=2; ii<g.argc; ii++){
923	int cnt = 0;
924	file_tree_name(g.argv[ii], &fname, 1);
	@@ -924,12 +927,12 @@
927	return result;
928	}
929	db_prepare(&q,
930	"SELECT id FROM vfile WHERE pathname=%Q %s"
931	" OR (pathname>'%q/' %s AND pathname<'%q0' %s)",
932	blob_str(&fname), filename_collation(), blob_str(&fname),
933	filename_collation(), blob_str(&fname), filename_collation());
934	while( db_step(&q)==SQLITE_ROW ){
935	cnt++;
936	bag_insert(&toCommit, db_column_int(&q, 0));
937	}
938	db_finalize(&q);
939

M src/checkout.c

+1 -1

		--- src/checkout.c
		+++ src/checkout.c
		@@ -60,11 +60,11 @@
60	60	Blob uuid;
61	61	int vid;
62	62
63	63	blob_init(&uuid, zName, -1);
64	64	if( name_to_uuid(&uuid, 1, "ci") ){
65		- fossil_fatal(g.zErrMsg);
	65	+ fossil_fatal("%s", g.zErrMsg);
66	66	}
67	67	vid = db_int(0, "SELECT rid FROM blob WHERE uuid=%B", &uuid);
68	68	if( vid==0 ){
69	69	fossil_fatal("no such check-in: %s", g.argv[2]);
70	70	}
71	71
72	72	ADDED src/codecheck1.c

	--- src/checkout.c
	+++ src/checkout.c
	@@ -60,11 +60,11 @@
60	Blob uuid;
61	int vid;
62
63	blob_init(&uuid, zName, -1);
64	if( name_to_uuid(&uuid, 1, "ci") ){
65	fossil_fatal(g.zErrMsg);
66	}
67	vid = db_int(0, "SELECT rid FROM blob WHERE uuid=%B", &uuid);
68	if( vid==0 ){
69	fossil_fatal("no such check-in: %s", g.argv[2]);
70	}
71
72	DDED src/codecheck1.c

	--- src/checkout.c
	+++ src/checkout.c
	@@ -60,11 +60,11 @@
60	Blob uuid;
61	int vid;
62
63	blob_init(&uuid, zName, -1);
64	if( name_to_uuid(&uuid, 1, "ci") ){
65	fossil_fatal("%s", g.zErrMsg);
66	}
67	vid = db_int(0, "SELECT rid FROM blob WHERE uuid=%B", &uuid);
68	if( vid==0 ){
69	fossil_fatal("no such check-in: %s", g.argv[2]);
70	}
71
72	DDED src/codecheck1.c

M src/codecheck1.c

+14

		--- a/src/codecheck1.c
		+++ b/src/codecheck1.c
		@@ -0,0 +1,14 @@
	1	+/*
	2	+** Copyright (c) 2014 D. Richard Hipp
	3	+**
	4	+** This program is free software; you can redistribute it and/or
	5	+** modify it under the terms of the Simplified BSD License (also
	6	+ known as the "2-Clause Licensetimeline_utc Copyright (c) 2014 D. Richard Hipp
	7	+**
	8	+** This program is free software; you can redistribute it and/or
	9	+** modify it under the terms of the Simplified BSD License (also
	10	+** known as the "2-Clause Licensetimeline_utc(c) 2014 D. Richard Hipp
	11	+**
	12	+** This program is free software; you can redistribute it and/or
	13	+** modify it under the terms of the Simplified BSD License (also
	14	+ known as the "2-Clause Licensetimeline_utchar const az

	--- a/src/codecheck1.c
	+++ b/src/codecheck1.c
	@@ -0,0 +1,14 @@

	--- a/src/codecheck1.c
	+++ b/src/codecheck1.c
	@@ -0,0 +1,14 @@
1	/*
2	** Copyright (c) 2014 D. Richard Hipp
3	**
4	** This program is free software; you can redistribute it and/or
5	** modify it under the terms of the Simplified BSD License (also
6	known as the "2-Clause Licensetimeline_utc Copyright (c) 2014 D. Richard Hipp
7	**
8	** This program is free software; you can redistribute it and/or
9	** modify it under the terms of the Simplified BSD License (also
10	** known as the "2-Clause Licensetimeline_utc(c) 2014 D. Richard Hipp
11	**
12	** This program is free software; you can redistribute it and/or
13	** modify it under the terms of the Simplified BSD License (also
14	known as the "2-Clause Licensetimeline_utchar const az

M src/comformat.c

+2 -2

		--- src/comformat.c
		+++ src/comformat.c
		@@ -497,14 +497,14 @@
497	497	zOrigText = mprintf("%s", blob_str(&fileData));
498	498	blob_reset(&fileData);
499	499	}
500	500	}
501	501	if( decode ){
502		- zText = mprintf(fromFile ? "%z" : "%s", zText);
	502	+ zText = mprintf(fromFile?"%z":"%s" /works-like:"%s"/, zText);
503	503	defossilize(zText);
504	504	if( zOrigText ){
505		- zOrigText = mprintf(fromFile ? "%z" : "%s", zOrigText);
	505	+ zOrigText = mprintf(fromFile?"%z":"%s" /works-like:"%s"/, zOrigText);
506	506	defossilize(zOrigText);
507	507	}
508	508	}
509	509	if( indent<0 ){
510	510	indent = strlen(zPrefix);
511	511

	--- src/comformat.c
	+++ src/comformat.c
	@@ -497,14 +497,14 @@
497	zOrigText = mprintf("%s", blob_str(&fileData));
498	blob_reset(&fileData);
499	}
500	}
501	if( decode ){
502	zText = mprintf(fromFile ? "%z" : "%s", zText);
503	defossilize(zText);
504	if( zOrigText ){
505	zOrigText = mprintf(fromFile ? "%z" : "%s", zOrigText);
506	defossilize(zOrigText);
507	}
508	}
509	if( indent<0 ){
510	indent = strlen(zPrefix);
511

	--- src/comformat.c
	+++ src/comformat.c
	@@ -497,14 +497,14 @@
497	zOrigText = mprintf("%s", blob_str(&fileData));
498	blob_reset(&fileData);
499	}
500	}
501	if( decode ){
502	zText = mprintf(fromFile?"%z":"%s" /works-like:"%s"/, zText);
503	defossilize(zText);
504	if( zOrigText ){
505	zOrigText = mprintf(fromFile?"%z":"%s" /works-like:"%s"/, zOrigText);
506	defossilize(zOrigText);
507	}
508	}
509	if( indent<0 ){
510	indent = strlen(zPrefix);
511

M src/configure.c

+36 -28

		--- src/configure.c
		+++ src/configure.c
		@@ -194,19 +194,19 @@
194	194	Blob x;
195	195	int i;
196	196	const char *zSep = "";
197	197
198	198	blob_zero(&x);
199		- blob_append(&x, "(", 1);
	199	+ blob_append_sql(&x, "(");
200	200	for(i=0; i<count(aConfig); i++){
201	201	if( (aConfig[i].groupMask & iMask)==0 ) continue;
202	202	if( aConfig[i].zName[0]=='@' ) continue;
203		- blob_appendf(&x, "%s'%s'", zSep, aConfig[i].zName);
	203	+ blob_append_sql(&x, "%s'%q'", zSep/safe-for-%s/, aConfig[i].zName);
204	204	zSep = ",";
205	205	}
206		- blob_append(&x, ")", 1);
207		- return blob_str(&x);
	206	+ blob_append_sql(&x, ")");
	207	+ return blob_sql_text(&x);
208	208	}
209	209
210	210	/*
211	211	** Return the mask for the named configuration parameter if it can be
212	212	** safely exported. Return 0 if the parameter is not safe to export.
		@@ -361,11 +361,12 @@
361	361	@ INSERT INTO _xfer_reportfmt
362	362	@ SELECT rn,owner,title,cols,sqlcode FROM reportfmt;
363	363	@ INSERT INTO _xfer_user
364	364	@ SELECT uid,login,pw,cap,cookie,ipaddr,cexpire,info,photo FROM user;
365	365	;
366		- db_multi_exec(zSQL1);
	366	+ assert( strchr(zSQL1,'%')==0 );
	367	+ db_multi_exec(zSQL1 /works-like:""/);
367	368
368	369	/* When the replace flag is set, add triggers that run the first time
369	370	** that new data is seen. The triggers run only once and delete all the
370	371	** existing data.
371	372	*/
		@@ -390,11 +391,12 @@
390	391	sqlite3_create_function(g.db, "config_is_reset", 1, SQLITE_UTF8, 0,
391	392	config_is_reset_function, 0, 0);
392	393	sqlite3_create_function(g.db, "config_reset", 1, SQLITE_UTF8, 0,
393	394	config_reset_function, 0, 0);
394	395	configHasBeenReset = 0;
395		- db_multi_exec(zSQL2);
	396	+ assert( strchr(zSQL2,'%')==0 );
	397	+ db_multi_exec(zSQL2 /works-like:""/);
396	398	}
397	399	}
398	400
399	401	/*
400	402	** After receiving configuration data, call this routine to transfer
		@@ -407,11 +409,12 @@
407	409	@ DELETE FROM reportfmt;
408	410	@ INSERT INTO reportfmt SELECT * FROM _xfer_reportfmt;
409	411	@ DROP TABLE _xfer_user;
410	412	@ DROP TABLE _xfer_reportfmt;
411	413	;
412		- db_multi_exec(zSQL);
	414	+ assert( strchr(zSQL,'%')==0 );
	415	+ db_multi_exec(zSQL /works-like:""/);
413	416	}
414	417
415	418	/*
416	419	** Mask of modified configuration sets
417	420	*/
		@@ -563,35 +566,39 @@
563	566	if( (thisMask & groupMask)==0 ) return;
564	567
565	568	blob_zero(&sql);
566	569	if( groupMask & CONFIGSET_OVERWRITE ){
567	570	if( (thisMask & configHasBeenReset)==0 && aType[ii].zName[0]!='/' ){
568		- db_multi_exec("DELETE FROM %s", &aType[ii].zName[1]);
	571	+ db_multi_exec("DELETE FROM \"%w\"", &aType[ii].zName[1]);
569	572	configHasBeenReset \|= thisMask;
570	573	}
571		- blob_append(&sql, "REPLACE INTO ", -1);
572		- }else{
573		- blob_append(&sql, "INSERT OR IGNORE INTO ", -1);
574		- }
575		- blob_appendf(&sql, "%s(%s, mtime", &zName[1], aType[ii].zPrimKey);
576		- for(jj=2; jj<nToken; jj+=2){
577		- blob_appendf(&sql, ",%s", azToken[jj]);
578		- }
579		- blob_appendf(&sql,") VALUES(%s,%s", azToken[1], azToken[0]);
580		- for(jj=2; jj<nToken; jj+=2){
581		- blob_appendf(&sql, ",%s", azToken[jj+1]);
582		- }
583		- db_multi_exec("%s)", blob_str(&sql));
	574	+ blob_append_sql(&sql, "REPLACE INTO ");
	575	+ }else{
	576	+ blob_append_sql(&sql, "INSERT OR IGNORE INTO ");
	577	+ }
	578	+ blob_append_sql(&sql, "\"%w\"(\"%w\", mtime", &zName[1], aType[ii].zPrimKey);
	579	+ for(jj=2; jj<nToken; jj+=2){
	580	+ blob_append_sql(&sql, ",\"%w\"", azToken[jj]);
	581	+ }
	582	+ blob_append_sql(&sql,") VALUES(%s,%s",
	583	+ azToken[1] /safe-for-%s/, azToken[0] /safe-for-%s/);
	584	+ for(jj=2; jj<nToken; jj+=2){
	585	+ blob_append_sql(&sql, ",%s", azToken[jj+1] /safe-for-%s/);
	586	+ }
	587	+ db_multi_exec("%s)", blob_sql_text(&sql));
584	588	if( db_changes()==0 ){
585	589	blob_reset(&sql);
586		- blob_appendf(&sql, "UPDATE %s SET mtime=%s", &zName[1], azToken[0]);
	590	+ blob_append_sql(&sql, "UPDATE \"%w\" SET mtime=%s",
	591	+ &zName[1], azToken[0]/safe-for-%s/);
587	592	for(jj=2; jj<nToken; jj+=2){
588		- blob_appendf(&sql, ", %s=%s", azToken[jj], azToken[jj+1]);
	593	+ blob_append_sql(&sql, ", \"%w\"=%s",
	594	+ azToken[jj], azToken[jj+1]/safe-for-%s/);
589	595	}
590		- blob_appendf(&sql, " WHERE %s=%s AND mtime<%s",
591		- aType[ii].zPrimKey, azToken[1], azToken[0]);
592		- db_multi_exec("%s", blob_str(&sql));
	596	+ blob_append_sql(&sql, " WHERE \"%w\"=%s AND mtime<%s",
	597	+ aType[ii].zPrimKey, azToken[1]/safe-for-%s/,
	598	+ azToken[0]/safe-for-%s/);
	599	+ db_multi_exec("%s", blob_sql_text(&sql));
593	600	}
594	601	blob_reset(&sql);
595	602	rebuildMask \|= thisMask;
596	603	}else{
597	604	/* Otherwise, the old format */
		@@ -609,11 +616,11 @@
609	616	/* Notice that we are evaluating arbitrary SQL received from the
610	617	** client. But this can only happen if the client has authenticated
611	618	** as an administrator, so presumably we trust the client at this
612	619	** point.
613	620	*/
614		- db_multi_exec("%s", blob_str(pContent));
	621	+ db_multi_exec("%s", blob_str(pContent) /safe-for-%s/);
615	622	}else{
616	623	db_multi_exec(
617	624	"REPLACE INTO config(name,value,mtime) VALUES(%Q,%Q,now())",
618	625	zName, blob_str(pContent)
619	626	);
		@@ -966,11 +973,12 @@
966	973	db_multi_exec("DELETE FROM concealed");
967	974	}else if( fossil_strcmp(zName,"@shun")==0 ){
968	975	db_multi_exec("DELETE FROM shun");
969	976	}else if( fossil_strcmp(zName,"@reportfmt")==0 ){
970	977	db_multi_exec("DELETE FROM reportfmt");
971		- db_multi_exec(zRepositorySchemaDefaultReports);
	978	+ assert( strchr(zRepositorySchemaDefaultReports,'%')==0 );
	979	+ db_multi_exec(zRepositorySchemaDefaultReports /works-like:""/);
972	980	}
973	981	}
974	982	db_end_transaction(0);
975	983	fossil_print("Configuration reset to factory defaults.\n");
976	984	fossil_print("To recover, use: %s %s import %s\n",
977	985

	--- src/configure.c
	+++ src/configure.c
	@@ -194,19 +194,19 @@
194	Blob x;
195	int i;
196	const char *zSep = "";
197
198	blob_zero(&x);
199	blob_append(&x, "(", 1);
200	for(i=0; i<count(aConfig); i++){
201	if( (aConfig[i].groupMask & iMask)==0 ) continue;
202	if( aConfig[i].zName[0]=='@' ) continue;
203	blob_appendf(&x, "%s'%s'", zSep, aConfig[i].zName);
204	zSep = ",";
205	}
206	blob_append(&x, ")", 1);
207	return blob_str(&x);
208	}
209
210	/*
211	** Return the mask for the named configuration parameter if it can be
212	** safely exported. Return 0 if the parameter is not safe to export.
	@@ -361,11 +361,12 @@
361	@ INSERT INTO _xfer_reportfmt
362	@ SELECT rn,owner,title,cols,sqlcode FROM reportfmt;
363	@ INSERT INTO _xfer_user
364	@ SELECT uid,login,pw,cap,cookie,ipaddr,cexpire,info,photo FROM user;
365	;
366	db_multi_exec(zSQL1);

367
368	/* When the replace flag is set, add triggers that run the first time
369	** that new data is seen. The triggers run only once and delete all the
370	** existing data.
371	*/
	@@ -390,11 +391,12 @@
390	sqlite3_create_function(g.db, "config_is_reset", 1, SQLITE_UTF8, 0,
391	config_is_reset_function, 0, 0);
392	sqlite3_create_function(g.db, "config_reset", 1, SQLITE_UTF8, 0,
393	config_reset_function, 0, 0);
394	configHasBeenReset = 0;
395	db_multi_exec(zSQL2);

396	}
397	}
398
399	/*
400	** After receiving configuration data, call this routine to transfer
	@@ -407,11 +409,12 @@
407	@ DELETE FROM reportfmt;
408	@ INSERT INTO reportfmt SELECT * FROM _xfer_reportfmt;
409	@ DROP TABLE _xfer_user;
410	@ DROP TABLE _xfer_reportfmt;
411	;
412	db_multi_exec(zSQL);

413	}
414
415	/*
416	** Mask of modified configuration sets
417	*/
	@@ -563,35 +566,39 @@
563	if( (thisMask & groupMask)==0 ) return;
564
565	blob_zero(&sql);
566	if( groupMask & CONFIGSET_OVERWRITE ){
567	if( (thisMask & configHasBeenReset)==0 && aType[ii].zName[0]!='/' ){
568	db_multi_exec("DELETE FROM %s", &aType[ii].zName[1]);
569	configHasBeenReset \|= thisMask;
570	}
571	blob_append(&sql, "REPLACE INTO ", -1);
572	}else{
573	blob_append(&sql, "INSERT OR IGNORE INTO ", -1);
574	}
575	blob_appendf(&sql, "%s(%s, mtime", &zName[1], aType[ii].zPrimKey);
576	for(jj=2; jj<nToken; jj+=2){
577	blob_appendf(&sql, ",%s", azToken[jj]);
578	}
579	blob_appendf(&sql,") VALUES(%s,%s", azToken[1], azToken[0]);
580	for(jj=2; jj<nToken; jj+=2){
581	blob_appendf(&sql, ",%s", azToken[jj+1]);
582	}
583	db_multi_exec("%s)", blob_str(&sql));

584	if( db_changes()==0 ){
585	blob_reset(&sql);
586	blob_appendf(&sql, "UPDATE %s SET mtime=%s", &zName[1], azToken[0]);

587	for(jj=2; jj<nToken; jj+=2){
588	blob_appendf(&sql, ", %s=%s", azToken[jj], azToken[jj+1]);

589	}
590	blob_appendf(&sql, " WHERE %s=%s AND mtime<%s",
591	aType[ii].zPrimKey, azToken[1], azToken[0]);
592	db_multi_exec("%s", blob_str(&sql));

593	}
594	blob_reset(&sql);
595	rebuildMask \|= thisMask;
596	}else{
597	/* Otherwise, the old format */
	@@ -609,11 +616,11 @@
609	/* Notice that we are evaluating arbitrary SQL received from the
610	** client. But this can only happen if the client has authenticated
611	** as an administrator, so presumably we trust the client at this
612	** point.
613	*/
614	db_multi_exec("%s", blob_str(pContent));
615	}else{
616	db_multi_exec(
617	"REPLACE INTO config(name,value,mtime) VALUES(%Q,%Q,now())",
618	zName, blob_str(pContent)
619	);
	@@ -966,11 +973,12 @@
966	db_multi_exec("DELETE FROM concealed");
967	}else if( fossil_strcmp(zName,"@shun")==0 ){
968	db_multi_exec("DELETE FROM shun");
969	}else if( fossil_strcmp(zName,"@reportfmt")==0 ){
970	db_multi_exec("DELETE FROM reportfmt");
971	db_multi_exec(zRepositorySchemaDefaultReports);

972	}
973	}
974	db_end_transaction(0);
975	fossil_print("Configuration reset to factory defaults.\n");
976	fossil_print("To recover, use: %s %s import %s\n",
977

	--- src/configure.c
	+++ src/configure.c
	@@ -194,19 +194,19 @@
194	Blob x;
195	int i;
196	const char *zSep = "";
197
198	blob_zero(&x);
199	blob_append_sql(&x, "(");
200	for(i=0; i<count(aConfig); i++){
201	if( (aConfig[i].groupMask & iMask)==0 ) continue;
202	if( aConfig[i].zName[0]=='@' ) continue;
203	blob_append_sql(&x, "%s'%q'", zSep/safe-for-%s/, aConfig[i].zName);
204	zSep = ",";
205	}
206	blob_append_sql(&x, ")");
207	return blob_sql_text(&x);
208	}
209
210	/*
211	** Return the mask for the named configuration parameter if it can be
212	** safely exported. Return 0 if the parameter is not safe to export.
	@@ -361,11 +361,12 @@
361	@ INSERT INTO _xfer_reportfmt
362	@ SELECT rn,owner,title,cols,sqlcode FROM reportfmt;
363	@ INSERT INTO _xfer_user
364	@ SELECT uid,login,pw,cap,cookie,ipaddr,cexpire,info,photo FROM user;
365	;
366	assert( strchr(zSQL1,'%')==0 );
367	db_multi_exec(zSQL1 /works-like:""/);
368
369	/* When the replace flag is set, add triggers that run the first time
370	** that new data is seen. The triggers run only once and delete all the
371	** existing data.
372	*/
	@@ -390,11 +391,12 @@
391	sqlite3_create_function(g.db, "config_is_reset", 1, SQLITE_UTF8, 0,
392	config_is_reset_function, 0, 0);
393	sqlite3_create_function(g.db, "config_reset", 1, SQLITE_UTF8, 0,
394	config_reset_function, 0, 0);
395	configHasBeenReset = 0;
396	assert( strchr(zSQL2,'%')==0 );
397	db_multi_exec(zSQL2 /works-like:""/);
398	}
399	}
400
401	/*
402	** After receiving configuration data, call this routine to transfer
	@@ -407,11 +409,12 @@
409	@ DELETE FROM reportfmt;
410	@ INSERT INTO reportfmt SELECT * FROM _xfer_reportfmt;
411	@ DROP TABLE _xfer_user;
412	@ DROP TABLE _xfer_reportfmt;
413	;
414	assert( strchr(zSQL,'%')==0 );
415	db_multi_exec(zSQL /works-like:""/);
416	}
417
418	/*
419	** Mask of modified configuration sets
420	*/
	@@ -563,35 +566,39 @@
566	if( (thisMask & groupMask)==0 ) return;
567
568	blob_zero(&sql);
569	if( groupMask & CONFIGSET_OVERWRITE ){
570	if( (thisMask & configHasBeenReset)==0 && aType[ii].zName[0]!='/' ){
571	db_multi_exec("DELETE FROM \"%w\"", &aType[ii].zName[1]);
572	configHasBeenReset \|= thisMask;
573	}
574	blob_append_sql(&sql, "REPLACE INTO ");
575	}else{
576	blob_append_sql(&sql, "INSERT OR IGNORE INTO ");
577	}
578	blob_append_sql(&sql, "\"%w\"(\"%w\", mtime", &zName[1], aType[ii].zPrimKey);
579	for(jj=2; jj<nToken; jj+=2){
580	blob_append_sql(&sql, ",\"%w\"", azToken[jj]);
581	}
582	blob_append_sql(&sql,") VALUES(%s,%s",
583	azToken[1] /safe-for-%s/, azToken[0] /safe-for-%s/);
584	for(jj=2; jj<nToken; jj+=2){
585	blob_append_sql(&sql, ",%s", azToken[jj+1] /safe-for-%s/);
586	}
587	db_multi_exec("%s)", blob_sql_text(&sql));
588	if( db_changes()==0 ){
589	blob_reset(&sql);
590	blob_append_sql(&sql, "UPDATE \"%w\" SET mtime=%s",
591	&zName[1], azToken[0]/safe-for-%s/);
592	for(jj=2; jj<nToken; jj+=2){
593	blob_append_sql(&sql, ", \"%w\"=%s",
594	azToken[jj], azToken[jj+1]/safe-for-%s/);
595	}
596	blob_append_sql(&sql, " WHERE \"%w\"=%s AND mtime<%s",
597	aType[ii].zPrimKey, azToken[1]/safe-for-%s/,
598	azToken[0]/safe-for-%s/);
599	db_multi_exec("%s", blob_sql_text(&sql));
600	}
601	blob_reset(&sql);
602	rebuildMask \|= thisMask;
603	}else{
604	/* Otherwise, the old format */
	@@ -609,11 +616,11 @@
616	/* Notice that we are evaluating arbitrary SQL received from the
617	** client. But this can only happen if the client has authenticated
618	** as an administrator, so presumably we trust the client at this
619	** point.
620	*/
621	db_multi_exec("%s", blob_str(pContent) /safe-for-%s/);
622	}else{
623	db_multi_exec(
624	"REPLACE INTO config(name,value,mtime) VALUES(%Q,%Q,now())",
625	zName, blob_str(pContent)
626	);
	@@ -966,11 +973,12 @@
973	db_multi_exec("DELETE FROM concealed");
974	}else if( fossil_strcmp(zName,"@shun")==0 ){
975	db_multi_exec("DELETE FROM shun");
976	}else if( fossil_strcmp(zName,"@reportfmt")==0 ){
977	db_multi_exec("DELETE FROM reportfmt");
978	assert( strchr(zRepositorySchemaDefaultReports,'%')==0 );
979	db_multi_exec(zRepositorySchemaDefaultReports /works-like:""/);
980	}
981	}
982	db_end_transaction(0);
983	fossil_print("Configuration reset to factory defaults.\n");
984	fossil_print("To recover, use: %s %s import %s\n",
985

M src/content.c

+2 -2

		--- src/content.c
		+++ src/content.c
		@@ -558,12 +558,12 @@
558	558	}
559	559	}else{
560	560	/* We are creating a new entry */
561	561	db_prepare(&s1,
562	562	"INSERT INTO blob(rcvid,size,uuid,content)"
563		- "VALUES(%d,%d,'%b',:data)",
564		- g.rcvid, size, &hash
	563	+ "VALUES(%d,%d,'%q',:data)",
	564	+ g.rcvid, size, blob_str(&hash)
565	565	);
566	566	db_bind_blob(&s1, ":data", &cmpr);
567	567	db_exec(&s1);
568	568	rid = db_last_insert_rowid();
569	569	if( !pBlob ){
570	570

	--- src/content.c
	+++ src/content.c
	@@ -558,12 +558,12 @@
558	}
559	}else{
560	/* We are creating a new entry */
561	db_prepare(&s1,
562	"INSERT INTO blob(rcvid,size,uuid,content)"
563	"VALUES(%d,%d,'%b',:data)",
564	g.rcvid, size, &hash
565	);
566	db_bind_blob(&s1, ":data", &cmpr);
567	db_exec(&s1);
568	rid = db_last_insert_rowid();
569	if( !pBlob ){
570

	--- src/content.c
	+++ src/content.c
	@@ -558,12 +558,12 @@
558	}
559	}else{
560	/* We are creating a new entry */
561	db_prepare(&s1,
562	"INSERT INTO blob(rcvid,size,uuid,content)"
563	"VALUES(%d,%d,'%q',:data)",
564	g.rcvid, size, blob_str(&hash)
565	);
566	db_bind_blob(&s1, ":data", &cmpr);
567	db_exec(&s1);
568	rid = db_last_insert_rowid();
569	if( !pBlob ){
570

M src/db.c

+29 -30

		--- src/db.c
		+++ src/db.c
		@@ -177,11 +177,11 @@
177	177	db.doRollback \|= db.aHook[i].xHook();
178	178	}
179	179	while( db.pAllStmt ){
180	180	db_finalize(db.pAllStmt);
181	181	}
182		- db_multi_exec(db.doRollback ? "ROLLBACK" : "COMMIT");
	182	+ db_multi_exec("%s", db.doRollback ? "ROLLBACK" : "COMMIT");
183	183	db.doRollback = 0;
184	184	}
185	185	}
186	186
187	187	/*
		@@ -664,17 +664,17 @@
664	664
665	665	db = db_open(zFileName);
666	666	sqlite3_exec(db, "BEGIN EXCLUSIVE", 0, 0, 0);
667	667	rc = sqlite3_exec(db, zSchema, 0, 0, 0);
668	668	if( rc!=SQLITE_OK ){
669		- db_err(sqlite3_errmsg(db));
	669	+ db_err("%s", sqlite3_errmsg(db));
670	670	}
671	671	va_start(ap, zSchema);
672	672	while( (zSql = va_arg(ap, const char*))!=0 ){
673	673	rc = sqlite3_exec(db, zSql, 0, 0, 0);
674	674	if( rc!=SQLITE_OK ){
675		- db_err(sqlite3_errmsg(db));
	675	+ db_err("%s", sqlite3_errmsg(db));
676	676	}
677	677	}
678	678	va_end(ap);
679	679	sqlite3_exec(db, "COMMIT", 0, 0, 0);
680	680	sqlite3_close(db);
		@@ -750,19 +750,19 @@
750	750
751	751	/*
752	752	** Detaches the zLabel database.
753	753	*/
754	754	void db_detach(const char *zLabel){
755		- db_multi_exec("DETACH DATABASE %s", zLabel);
	755	+ db_multi_exec("DETACH DATABASE %Q", zLabel);
756	756	}
757	757
758	758	/*
759	759	** zDbName is the name of a database file. Attach zDbName using
760	760	** the name zLabel.
761	761	*/
762	762	void db_attach(const char zDbName, const char zLabel){
763		- db_multi_exec("ATTACH DATABASE %Q AS %s", zDbName, zLabel);
	763	+ db_multi_exec("ATTACH DATABASE %Q AS %Q", zDbName, zLabel);
764	764	}
765	765
766	766	/*
767	767	** zDbName is the name of a database file. If no other database
768	768	** file is open, then open this one. If another database file is
		@@ -887,11 +887,11 @@
887	887	static int db_local_table_exists_but_lacks_column(
888	888	const char *zTable,
889	889	const char *zColumn
890	890	){
891	891	char *zDef = db_text(0, "SELECT sql FROM %s.sqlite_master"
892		- " WHERE name=='%s' /scan/",
	892	+ " WHERE name==%Q /scan/",
893	893	db_name("localdb"), zTable);
894	894	int rc = 0;
895	895	if( zDef ){
896	896	char zPattern = mprintf(" %s *", zColumn);
897	897	rc = sqlite3_strglob(zPattern, zDef)!=0;
		@@ -1119,11 +1119,11 @@
1119	1119	** Return TRUE if the schema is out-of-date
1120	1120	*/
1121	1121	int db_schema_is_outofdate(void){
1122	1122	return db_exists("SELECT 1 FROM config"
1123	1123	" WHERE name='aux-schema'"
1124		- " AND value<>'%s'", AUX_SCHEMA);
	1124	+ " AND value<>%Q", AUX_SCHEMA);
1125	1125	}
1126	1126
1127	1127	/*
1128	1128	** Return true if the database is writeable
1129	1129	*/
		@@ -1355,17 +1355,17 @@
1355	1355	Blob x;
1356	1356	int i;
1357	1357	const char *zSep = "";
1358	1358
1359	1359	blob_zero(&x);
1360		- blob_append(&x, "(", 1);
	1360	+ blob_append_sql(&x, "(");
1361	1361	for(i=0; ctrlSettings[i].name; i++){
1362		- blob_appendf(&x, "%s'%s'", zSep, ctrlSettings[i].name);
	1362	+ blob_append_sql(&x, "%s%Q", zSep/safe-for-%s/, ctrlSettings[i].name);
1363	1363	zSep = ",";
1364	1364	}
1365		- blob_append(&x, ")", 1);
1366		- return blob_str(&x);
	1365	+ blob_append_sql(&x, ")");
	1366	+ return blob_sql_text(&x);
1367	1367	}
1368	1368
1369	1369	/*
1370	1370	** Fill an empty repository database with the basic information for a
1371	1371	** repository. This function is shared between 'create_repository_cmd'
		@@ -2003,53 +2003,52 @@
2003	2003	** ckout:%s
2004	2004	**
2005	2005	** Where %s is the checkout root. The value is the repository file.
2006	2006	*/
2007	2007	void db_record_repository_filename(const char *zName){
2008		- const char *zCollation;
2009	2008	char *zRepoSetting;
2010	2009	char *zCkoutSetting;
2011	2010	Blob full;
2012	2011	if( zName==0 ){
2013	2012	if( !g.localOpen ) return;
2014	2013	zName = db_repository_filename();
2015	2014	}
2016	2015	file_canonical_name(zName, &full, 0);
2017		- zCollation = filename_collation();
	2016	+ (void)filename_collation(); /* Initialize before connection swap */
2018	2017	db_swap_connections();
2019	2018	zRepoSetting = mprintf("repo:%q", blob_str(&full));
2020	2019	db_multi_exec(
2021		- "DELETE FROM global_config WHERE name %s = '%s';",
2022		- zCollation, zRepoSetting
	2020	+ "DELETE FROM global_config WHERE name %s = %Q;",
	2021	+ filename_collation(), zRepoSetting
2023	2022	);
2024	2023	db_multi_exec(
2025	2024	"INSERT OR IGNORE INTO global_config(name,value)"
2026		- "VALUES('%s',1);",
	2025	+ "VALUES(%Q,1);",
2027	2026	zRepoSetting
2028	2027	);
2029	2028	fossil_free(zRepoSetting);
2030	2029	if( g.localOpen && g.zLocalRoot && g.zLocalRoot[0] ){
2031	2030	Blob localRoot;
2032	2031	file_canonical_name(g.zLocalRoot, &localRoot, 1);
2033	2032	zCkoutSetting = mprintf("ckout:%q", blob_str(&localRoot));
2034	2033	db_multi_exec(
2035		- "DELETE FROM global_config WHERE name %s = '%s';",
2036		- zCollation, zCkoutSetting
	2034	+ "DELETE FROM global_config WHERE name %s = %Q;",
	2035	+ filename_collation(), zCkoutSetting
2037	2036	);
2038	2037	db_multi_exec(
2039	2038	"REPLACE INTO global_config(name, value)"
2040		- "VALUES('%s','%q');",
	2039	+ "VALUES(%Q,%Q);",
2041	2040	zCkoutSetting, blob_str(&full)
2042	2041	);
2043	2042	db_swap_connections();
2044	2043	db_optional_sql("repository",
2045		- "DELETE FROM config WHERE name %s = '%s';",
2046		- zCollation, zCkoutSetting
	2044	+ "DELETE FROM config WHERE name %s = %Q;",
	2045	+ filename_collation(), zCkoutSetting
2047	2046	);
2048	2047	db_optional_sql("repository",
2049	2048	"REPLACE INTO config(name,value,mtime)"
2050		- "VALUES('%s',1,now());",
	2049	+ "VALUES(%Q,1,now());",
2051	2050	zCkoutSetting
2052	2051	);
2053	2052	fossil_free(zCkoutSetting);
2054	2053	blob_reset(&localRoot);
2055	2054	}else{
		@@ -2654,28 +2653,28 @@
2654	2653	zOrigSql += j+6;
2655	2654	j = -1;
2656	2655	}
2657	2656	}
2658	2657	blob_append(&newSql, zOrigSql, -1);
2659		- blob_appendf(&allSql,
2660		- "ALTER TABLE %s RENAME TO x_%s;\n"
	2658	+ blob_append_sql(&allSql,
	2659	+ "ALTER TABLE \"%w\" RENAME TO \"x_%w\";\n"
2661	2660	"%s WITHOUT ROWID;\n"
2662		- "INSERT INTO %s SELECT * FROM x_%s;\n"
2663		- "DROP TABLE x_%s;\n",
2664		- zTName, zTName, blob_str(&newSql), zTName, zTName, zTName
	2661	+ "INSERT INTO \"%w\" SELECT * FROM \"x_%w\";\n"
	2662	+ "DROP TABLE \"x_%w\";\n",
	2663	+ zTName, zTName, blob_sql_text(&newSql), zTName, zTName, zTName
2665	2664	);
2666	2665	fossil_print("Converting table %s of %s to WITHOUT ROWID.\n", zTName, g.argv[i]);
2667	2666	blob_reset(&newSql);
2668	2667	}
2669		- blob_appendf(&allSql, "COMMIT;\n");
	2668	+ blob_append_sql(&allSql, "COMMIT;\n");
2670	2669	db_finalize(&q);
2671	2670	if( dryRun ){
2672	2671	fossil_print("SQL that would have been evaluated:\n");
2673	2672	fossil_print("-------------------------------------------------------------\n");
2674		- fossil_print("%s", blob_str(&allSql));
	2673	+ fossil_print("%s", blob_sql_text(&allSql));
2675	2674	}else{
2676		- db_multi_exec("%s", blob_str(&allSql));
	2675	+ db_multi_exec("%s", blob_sql_text(&allSql));
2677	2676	}
2678	2677	blob_reset(&allSql);
2679	2678	db_close(1);
2680	2679	}
2681	2680	}
2682	2681

	--- src/db.c
	+++ src/db.c
	@@ -177,11 +177,11 @@
177	db.doRollback \|= db.aHook[i].xHook();
178	}
179	while( db.pAllStmt ){
180	db_finalize(db.pAllStmt);
181	}
182	db_multi_exec(db.doRollback ? "ROLLBACK" : "COMMIT");
183	db.doRollback = 0;
184	}
185	}
186
187	/*
	@@ -664,17 +664,17 @@
664
665	db = db_open(zFileName);
666	sqlite3_exec(db, "BEGIN EXCLUSIVE", 0, 0, 0);
667	rc = sqlite3_exec(db, zSchema, 0, 0, 0);
668	if( rc!=SQLITE_OK ){
669	db_err(sqlite3_errmsg(db));
670	}
671	va_start(ap, zSchema);
672	while( (zSql = va_arg(ap, const char*))!=0 ){
673	rc = sqlite3_exec(db, zSql, 0, 0, 0);
674	if( rc!=SQLITE_OK ){
675	db_err(sqlite3_errmsg(db));
676	}
677	}
678	va_end(ap);
679	sqlite3_exec(db, "COMMIT", 0, 0, 0);
680	sqlite3_close(db);
	@@ -750,19 +750,19 @@
750
751	/*
752	** Detaches the zLabel database.
753	*/
754	void db_detach(const char *zLabel){
755	db_multi_exec("DETACH DATABASE %s", zLabel);
756	}
757
758	/*
759	** zDbName is the name of a database file. Attach zDbName using
760	** the name zLabel.
761	*/
762	void db_attach(const char zDbName, const char zLabel){
763	db_multi_exec("ATTACH DATABASE %Q AS %s", zDbName, zLabel);
764	}
765
766	/*
767	** zDbName is the name of a database file. If no other database
768	** file is open, then open this one. If another database file is
	@@ -887,11 +887,11 @@
887	static int db_local_table_exists_but_lacks_column(
888	const char *zTable,
889	const char *zColumn
890	){
891	char *zDef = db_text(0, "SELECT sql FROM %s.sqlite_master"
892	" WHERE name=='%s' /scan/",
893	db_name("localdb"), zTable);
894	int rc = 0;
895	if( zDef ){
896	char zPattern = mprintf(" %s *", zColumn);
897	rc = sqlite3_strglob(zPattern, zDef)!=0;
	@@ -1119,11 +1119,11 @@
1119	** Return TRUE if the schema is out-of-date
1120	*/
1121	int db_schema_is_outofdate(void){
1122	return db_exists("SELECT 1 FROM config"
1123	" WHERE name='aux-schema'"
1124	" AND value<>'%s'", AUX_SCHEMA);
1125	}
1126
1127	/*
1128	** Return true if the database is writeable
1129	*/
	@@ -1355,17 +1355,17 @@
1355	Blob x;
1356	int i;
1357	const char *zSep = "";
1358
1359	blob_zero(&x);
1360	blob_append(&x, "(", 1);
1361	for(i=0; ctrlSettings[i].name; i++){
1362	blob_appendf(&x, "%s'%s'", zSep, ctrlSettings[i].name);
1363	zSep = ",";
1364	}
1365	blob_append(&x, ")", 1);
1366	return blob_str(&x);
1367	}
1368
1369	/*
1370	** Fill an empty repository database with the basic information for a
1371	** repository. This function is shared between 'create_repository_cmd'
	@@ -2003,53 +2003,52 @@
2003	** ckout:%s
2004	**
2005	** Where %s is the checkout root. The value is the repository file.
2006	*/
2007	void db_record_repository_filename(const char *zName){
2008	const char *zCollation;
2009	char *zRepoSetting;
2010	char *zCkoutSetting;
2011	Blob full;
2012	if( zName==0 ){
2013	if( !g.localOpen ) return;
2014	zName = db_repository_filename();
2015	}
2016	file_canonical_name(zName, &full, 0);
2017	zCollation = filename_collation();
2018	db_swap_connections();
2019	zRepoSetting = mprintf("repo:%q", blob_str(&full));
2020	db_multi_exec(
2021	"DELETE FROM global_config WHERE name %s = '%s';",
2022	zCollation, zRepoSetting
2023	);
2024	db_multi_exec(
2025	"INSERT OR IGNORE INTO global_config(name,value)"
2026	"VALUES('%s',1);",
2027	zRepoSetting
2028	);
2029	fossil_free(zRepoSetting);
2030	if( g.localOpen && g.zLocalRoot && g.zLocalRoot[0] ){
2031	Blob localRoot;
2032	file_canonical_name(g.zLocalRoot, &localRoot, 1);
2033	zCkoutSetting = mprintf("ckout:%q", blob_str(&localRoot));
2034	db_multi_exec(
2035	"DELETE FROM global_config WHERE name %s = '%s';",
2036	zCollation, zCkoutSetting
2037	);
2038	db_multi_exec(
2039	"REPLACE INTO global_config(name, value)"
2040	"VALUES('%s','%q');",
2041	zCkoutSetting, blob_str(&full)
2042	);
2043	db_swap_connections();
2044	db_optional_sql("repository",
2045	"DELETE FROM config WHERE name %s = '%s';",
2046	zCollation, zCkoutSetting
2047	);
2048	db_optional_sql("repository",
2049	"REPLACE INTO config(name,value,mtime)"
2050	"VALUES('%s',1,now());",
2051	zCkoutSetting
2052	);
2053	fossil_free(zCkoutSetting);
2054	blob_reset(&localRoot);
2055	}else{
	@@ -2654,28 +2653,28 @@
2654	zOrigSql += j+6;
2655	j = -1;
2656	}
2657	}
2658	blob_append(&newSql, zOrigSql, -1);
2659	blob_appendf(&allSql,
2660	"ALTER TABLE %s RENAME TO x_%s;\n"
2661	"%s WITHOUT ROWID;\n"
2662	"INSERT INTO %s SELECT * FROM x_%s;\n"
2663	"DROP TABLE x_%s;\n",
2664	zTName, zTName, blob_str(&newSql), zTName, zTName, zTName
2665	);
2666	fossil_print("Converting table %s of %s to WITHOUT ROWID.\n", zTName, g.argv[i]);
2667	blob_reset(&newSql);
2668	}
2669	blob_appendf(&allSql, "COMMIT;\n");
2670	db_finalize(&q);
2671	if( dryRun ){
2672	fossil_print("SQL that would have been evaluated:\n");
2673	fossil_print("-------------------------------------------------------------\n");
2674	fossil_print("%s", blob_str(&allSql));
2675	}else{
2676	db_multi_exec("%s", blob_str(&allSql));
2677	}
2678	blob_reset(&allSql);
2679	db_close(1);
2680	}
2681	}
2682

	--- src/db.c
	+++ src/db.c
	@@ -177,11 +177,11 @@
177	db.doRollback \|= db.aHook[i].xHook();
178	}
179	while( db.pAllStmt ){
180	db_finalize(db.pAllStmt);
181	}
182	db_multi_exec("%s", db.doRollback ? "ROLLBACK" : "COMMIT");
183	db.doRollback = 0;
184	}
185	}
186
187	/*
	@@ -664,17 +664,17 @@
664
665	db = db_open(zFileName);
666	sqlite3_exec(db, "BEGIN EXCLUSIVE", 0, 0, 0);
667	rc = sqlite3_exec(db, zSchema, 0, 0, 0);
668	if( rc!=SQLITE_OK ){
669	db_err("%s", sqlite3_errmsg(db));
670	}
671	va_start(ap, zSchema);
672	while( (zSql = va_arg(ap, const char*))!=0 ){
673	rc = sqlite3_exec(db, zSql, 0, 0, 0);
674	if( rc!=SQLITE_OK ){
675	db_err("%s", sqlite3_errmsg(db));
676	}
677	}
678	va_end(ap);
679	sqlite3_exec(db, "COMMIT", 0, 0, 0);
680	sqlite3_close(db);
	@@ -750,19 +750,19 @@
750
751	/*
752	** Detaches the zLabel database.
753	*/
754	void db_detach(const char *zLabel){
755	db_multi_exec("DETACH DATABASE %Q", zLabel);
756	}
757
758	/*
759	** zDbName is the name of a database file. Attach zDbName using
760	** the name zLabel.
761	*/
762	void db_attach(const char zDbName, const char zLabel){
763	db_multi_exec("ATTACH DATABASE %Q AS %Q", zDbName, zLabel);
764	}
765
766	/*
767	** zDbName is the name of a database file. If no other database
768	** file is open, then open this one. If another database file is
	@@ -887,11 +887,11 @@
887	static int db_local_table_exists_but_lacks_column(
888	const char *zTable,
889	const char *zColumn
890	){
891	char *zDef = db_text(0, "SELECT sql FROM %s.sqlite_master"
892	" WHERE name==%Q /scan/",
893	db_name("localdb"), zTable);
894	int rc = 0;
895	if( zDef ){
896	char zPattern = mprintf(" %s *", zColumn);
897	rc = sqlite3_strglob(zPattern, zDef)!=0;
	@@ -1119,11 +1119,11 @@
1119	** Return TRUE if the schema is out-of-date
1120	*/
1121	int db_schema_is_outofdate(void){
1122	return db_exists("SELECT 1 FROM config"
1123	" WHERE name='aux-schema'"
1124	" AND value<>%Q", AUX_SCHEMA);
1125	}
1126
1127	/*
1128	** Return true if the database is writeable
1129	*/
	@@ -1355,17 +1355,17 @@
1355	Blob x;
1356	int i;
1357	const char *zSep = "";
1358
1359	blob_zero(&x);
1360	blob_append_sql(&x, "(");
1361	for(i=0; ctrlSettings[i].name; i++){
1362	blob_append_sql(&x, "%s%Q", zSep/safe-for-%s/, ctrlSettings[i].name);
1363	zSep = ",";
1364	}
1365	blob_append_sql(&x, ")");
1366	return blob_sql_text(&x);
1367	}
1368
1369	/*
1370	** Fill an empty repository database with the basic information for a
1371	** repository. This function is shared between 'create_repository_cmd'
	@@ -2003,53 +2003,52 @@
2003	** ckout:%s
2004	**
2005	** Where %s is the checkout root. The value is the repository file.
2006	*/
2007	void db_record_repository_filename(const char *zName){

2008	char *zRepoSetting;
2009	char *zCkoutSetting;
2010	Blob full;
2011	if( zName==0 ){
2012	if( !g.localOpen ) return;
2013	zName = db_repository_filename();
2014	}
2015	file_canonical_name(zName, &full, 0);
2016	(void)filename_collation(); /* Initialize before connection swap */
2017	db_swap_connections();
2018	zRepoSetting = mprintf("repo:%q", blob_str(&full));
2019	db_multi_exec(
2020	"DELETE FROM global_config WHERE name %s = %Q;",
2021	filename_collation(), zRepoSetting
2022	);
2023	db_multi_exec(
2024	"INSERT OR IGNORE INTO global_config(name,value)"
2025	"VALUES(%Q,1);",
2026	zRepoSetting
2027	);
2028	fossil_free(zRepoSetting);
2029	if( g.localOpen && g.zLocalRoot && g.zLocalRoot[0] ){
2030	Blob localRoot;
2031	file_canonical_name(g.zLocalRoot, &localRoot, 1);
2032	zCkoutSetting = mprintf("ckout:%q", blob_str(&localRoot));
2033	db_multi_exec(
2034	"DELETE FROM global_config WHERE name %s = %Q;",
2035	filename_collation(), zCkoutSetting
2036	);
2037	db_multi_exec(
2038	"REPLACE INTO global_config(name, value)"
2039	"VALUES(%Q,%Q);",
2040	zCkoutSetting, blob_str(&full)
2041	);
2042	db_swap_connections();
2043	db_optional_sql("repository",
2044	"DELETE FROM config WHERE name %s = %Q;",
2045	filename_collation(), zCkoutSetting
2046	);
2047	db_optional_sql("repository",
2048	"REPLACE INTO config(name,value,mtime)"
2049	"VALUES(%Q,1,now());",
2050	zCkoutSetting
2051	);
2052	fossil_free(zCkoutSetting);
2053	blob_reset(&localRoot);
2054	}else{
	@@ -2654,28 +2653,28 @@
2653	zOrigSql += j+6;
2654	j = -1;
2655	}
2656	}
2657	blob_append(&newSql, zOrigSql, -1);
2658	blob_append_sql(&allSql,
2659	"ALTER TABLE \"%w\" RENAME TO \"x_%w\";\n"
2660	"%s WITHOUT ROWID;\n"
2661	"INSERT INTO \"%w\" SELECT * FROM \"x_%w\";\n"
2662	"DROP TABLE \"x_%w\";\n",
2663	zTName, zTName, blob_sql_text(&newSql), zTName, zTName, zTName
2664	);
2665	fossil_print("Converting table %s of %s to WITHOUT ROWID.\n", zTName, g.argv[i]);
2666	blob_reset(&newSql);
2667	}
2668	blob_append_sql(&allSql, "COMMIT;\n");
2669	db_finalize(&q);
2670	if( dryRun ){
2671	fossil_print("SQL that would have been evaluated:\n");
2672	fossil_print("-------------------------------------------------------------\n");
2673	fossil_print("%s", blob_sql_text(&allSql));
2674	}else{
2675	db_multi_exec("%s", blob_sql_text(&allSql));
2676	}
2677	blob_reset(&allSql);
2678	db_close(1);
2679	}
2680	}
2681

M src/descendants.c

+10 -10

		--- src/descendants.c
		+++ src/descendants.c
		@@ -389,22 +389,22 @@
389	389	verify_all_options();
390	390
391	391	if( recomputeFlag ) leaf_rebuild();
392	392	blob_zero(&sql);
393	393	blob_append(&sql, timeline_query_for_tty(), -1);
394		- blob_appendf(&sql, " AND blob.rid IN leaf");
	394	+ blob_append_sql(&sql, " AND blob.rid IN leaf");
395	395	if( showClosed ){
396		- blob_appendf(&sql," AND %z", leaf_is_closed_sql("blob.rid"));
	396	+ blob_append_sql(&sql," AND %z", leaf_is_closed_sql("blob.rid"));
397	397	}else if( !showAll ){
398		- blob_appendf(&sql," AND NOT %z", leaf_is_closed_sql("blob.rid"));
	398	+ blob_append_sql(&sql," AND NOT %z", leaf_is_closed_sql("blob.rid"));
399	399	}
400	400	if( byBranch ){
401	401	db_prepare(&q, "%s ORDER BY nullif(branch,'trunk') COLLATE nocase,"
402	402	" event.mtime DESC",
403		- blob_str(&sql));
	403	+ blob_sql_text(&sql));
404	404	}else{
405		- db_prepare(&q, "%s ORDER BY event.mtime DESC", blob_str(&sql));
	405	+ db_prepare(&q, "%s ORDER BY event.mtime DESC", blob_sql_text(&sql));
406	406	}
407	407	blob_reset(&sql);
408	408	n = 0;
409	409	while( db_step(&q)==SQLITE_ROW ){
410	410	const char *zId = db_column_text(&q, 1);
		@@ -474,17 +474,17 @@
474	474	}else{
475	475	@ <h1>Open leaves:</h1>
476	476	}
477	477	blob_zero(&sql);
478	478	blob_append(&sql, timeline_query_for_www(), -1);
479		- blob_appendf(&sql, " AND blob.rid IN leaf");
	479	+ blob_append_sql(&sql, " AND blob.rid IN leaf");
480	480	if( showClosed ){
481		- blob_appendf(&sql," AND %z", leaf_is_closed_sql("blob.rid"));
	481	+ blob_append_sql(&sql," AND %z", leaf_is_closed_sql("blob.rid"));
482	482	}else if( !showAll ){
483		- blob_appendf(&sql," AND NOT %z", leaf_is_closed_sql("blob.rid"));
	483	+ blob_append_sql(&sql," AND NOT %z", leaf_is_closed_sql("blob.rid"));
484	484	}
485		- db_prepare(&q, "%s ORDER BY event.mtime DESC", blob_str(&sql));
	485	+ db_prepare(&q, "%s ORDER BY event.mtime DESC", blob_sql_text(&sql));
486	486	blob_reset(&sql);
487	487	www_print_timeline(&q, TIMELINE_LEAFONLY, 0, 0, 0);
488	488	db_finalize(&q);
489	489	@ <br />
490	490	style_footer();
		@@ -508,11 +508,11 @@
508	508	Stmt q;
509	509	int rid;
510	510
511	511	bag_init(&seen);
512	512	bag_init(&pending);
513		- db_prepare(&ins, "INSERT OR IGNORE INTO \"%s\" VALUES(:rid)", zTab);
	513	+ db_prepare(&ins, "INSERT OR IGNORE INTO \"%w\" VALUES(:rid)", zTab);
514	514	db_prepare(&q, "SELECT mid FROM mlink WHERE fid=%d", fid);
515	515	while( db_step(&q)==SQLITE_ROW ){
516	516	int mid = db_column_int(&q, 0);
517	517	bag_insert(&pending, mid);
518	518	bag_insert(&seen, mid);
519	519

	--- src/descendants.c
	+++ src/descendants.c
	@@ -389,22 +389,22 @@
389	verify_all_options();
390
391	if( recomputeFlag ) leaf_rebuild();
392	blob_zero(&sql);
393	blob_append(&sql, timeline_query_for_tty(), -1);
394	blob_appendf(&sql, " AND blob.rid IN leaf");
395	if( showClosed ){
396	blob_appendf(&sql," AND %z", leaf_is_closed_sql("blob.rid"));
397	}else if( !showAll ){
398	blob_appendf(&sql," AND NOT %z", leaf_is_closed_sql("blob.rid"));
399	}
400	if( byBranch ){
401	db_prepare(&q, "%s ORDER BY nullif(branch,'trunk') COLLATE nocase,"
402	" event.mtime DESC",
403	blob_str(&sql));
404	}else{
405	db_prepare(&q, "%s ORDER BY event.mtime DESC", blob_str(&sql));
406	}
407	blob_reset(&sql);
408	n = 0;
409	while( db_step(&q)==SQLITE_ROW ){
410	const char *zId = db_column_text(&q, 1);
	@@ -474,17 +474,17 @@
474	}else{
475	@ <h1>Open leaves:</h1>
476	}
477	blob_zero(&sql);
478	blob_append(&sql, timeline_query_for_www(), -1);
479	blob_appendf(&sql, " AND blob.rid IN leaf");
480	if( showClosed ){
481	blob_appendf(&sql," AND %z", leaf_is_closed_sql("blob.rid"));
482	}else if( !showAll ){
483	blob_appendf(&sql," AND NOT %z", leaf_is_closed_sql("blob.rid"));
484	}
485	db_prepare(&q, "%s ORDER BY event.mtime DESC", blob_str(&sql));
486	blob_reset(&sql);
487	www_print_timeline(&q, TIMELINE_LEAFONLY, 0, 0, 0);
488	db_finalize(&q);
489	@ <br />
490	style_footer();
	@@ -508,11 +508,11 @@
508	Stmt q;
509	int rid;
510
511	bag_init(&seen);
512	bag_init(&pending);
513	db_prepare(&ins, "INSERT OR IGNORE INTO \"%s\" VALUES(:rid)", zTab);
514	db_prepare(&q, "SELECT mid FROM mlink WHERE fid=%d", fid);
515	while( db_step(&q)==SQLITE_ROW ){
516	int mid = db_column_int(&q, 0);
517	bag_insert(&pending, mid);
518	bag_insert(&seen, mid);
519

	--- src/descendants.c
	+++ src/descendants.c
	@@ -389,22 +389,22 @@
389	verify_all_options();
390
391	if( recomputeFlag ) leaf_rebuild();
392	blob_zero(&sql);
393	blob_append(&sql, timeline_query_for_tty(), -1);
394	blob_append_sql(&sql, " AND blob.rid IN leaf");
395	if( showClosed ){
396	blob_append_sql(&sql," AND %z", leaf_is_closed_sql("blob.rid"));
397	}else if( !showAll ){
398	blob_append_sql(&sql," AND NOT %z", leaf_is_closed_sql("blob.rid"));
399	}
400	if( byBranch ){
401	db_prepare(&q, "%s ORDER BY nullif(branch,'trunk') COLLATE nocase,"
402	" event.mtime DESC",
403	blob_sql_text(&sql));
404	}else{
405	db_prepare(&q, "%s ORDER BY event.mtime DESC", blob_sql_text(&sql));
406	}
407	blob_reset(&sql);
408	n = 0;
409	while( db_step(&q)==SQLITE_ROW ){
410	const char *zId = db_column_text(&q, 1);
	@@ -474,17 +474,17 @@
474	}else{
475	@ <h1>Open leaves:</h1>
476	}
477	blob_zero(&sql);
478	blob_append(&sql, timeline_query_for_www(), -1);
479	blob_append_sql(&sql, " AND blob.rid IN leaf");
480	if( showClosed ){
481	blob_append_sql(&sql," AND %z", leaf_is_closed_sql("blob.rid"));
482	}else if( !showAll ){
483	blob_append_sql(&sql," AND NOT %z", leaf_is_closed_sql("blob.rid"));
484	}
485	db_prepare(&q, "%s ORDER BY event.mtime DESC", blob_sql_text(&sql));
486	blob_reset(&sql);
487	www_print_timeline(&q, TIMELINE_LEAFONLY, 0, 0, 0);
488	db_finalize(&q);
489	@ <br />
490	style_footer();
	@@ -508,11 +508,11 @@
508	Stmt q;
509	int rid;
510
511	bag_init(&seen);
512	bag_init(&pending);
513	db_prepare(&ins, "INSERT OR IGNORE INTO \"%w\" VALUES(:rid)", zTab);
514	db_prepare(&q, "SELECT mid FROM mlink WHERE fid=%d", fid);
515	while( db_step(&q)==SQLITE_ROW ){
516	int mid = db_column_int(&q, 0);
517	bag_insert(&pending, mid);
518	bag_insert(&seen, mid);
519

M src/diffcmd.c

+11 -11

		--- src/diffcmd.c
		+++ src/diffcmd.c
		@@ -142,17 +142,17 @@
142	142	Blob cmd; /* Text of command to run */
143	143
144	144	if( !fIncludeBinary ){
145	145	Blob file2;
146	146	if( isBin1 ){
147		- fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
	147	+ fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
148	148	return;
149	149	}
150	150	if( zBinGlob ){
151	151	Glob *pBinary = glob_create(zBinGlob);
152	152	if( glob_match(pBinary, zName) ){
153		- fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
	153	+ fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
154	154	glob_free(pBinary);
155	155	return;
156	156	}
157	157	glob_free(pBinary);
158	158	}
		@@ -163,11 +163,11 @@
163	163	}else{
164	164	blob_read_from_file(&file2, zFile2);
165	165	}
166	166	}
167	167	if( looks_like_binary(&file2) ){
168		- fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
	168	+ fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
169	169	blob_reset(&file2);
170	170	return;
171	171	}
172	172	blob_reset(&file2);
173	173	}
		@@ -238,17 +238,17 @@
238	238	char zTemp1[300];
239	239	char zTemp2[300];
240	240
241	241	if( !fIncludeBinary ){
242	242	if( isBin1 \|\| isBin2 ){
243		- fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
	243	+ fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
244	244	return;
245	245	}
246	246	if( zBinGlob ){
247	247	Glob *pBinary = glob_create(zBinGlob);
248	248	if( glob_match(pBinary, zName) ){
249		- fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
	249	+ fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
250	250	glob_free(pBinary);
251	251	return;
252	252	}
253	253	glob_free(pBinary);
254	254	}
		@@ -302,11 +302,11 @@
302	302	int isBin;
303	303	file_tree_name(zFileTreeName, &fname, 1);
304	304	historical_version_of_file(zFrom, blob_str(&fname), &content, &isLink, 0,
305	305	fIncludeBinary ? 0 : &isBin, 0);
306	306	if( !isLink != !file_wd_islink(zFrom) ){
307		- fossil_print(DIFF_CANNOT_COMPUTE_SYMLINK);
	307	+ fossil_print("%s",DIFF_CANNOT_COMPUTE_SYMLINK);
308	308	}else{
309	309	diff_file(&content, isBin, zFileTreeName, zFileTreeName,
310	310	zDiffCmd, zBinGlob, fIncludeBinary, diffFlags);
311	311	}
312	312	blob_reset(&content);
		@@ -346,11 +346,11 @@
346	346	int rid = name_to_typed_rid(zFrom, "ci");
347	347	if( !is_a_version(rid) ){
348	348	fossil_fatal("no such check-in: %s", zFrom);
349	349	}
350	350	load_vfile_from_rid(rid);
351		- blob_appendf(&sql,
	351	+ blob_append_sql(&sql,
352	352	"SELECT v2.pathname, v2.deleted, v2.chnged, v2.rid==0, v1.rid, v1.islink"
353	353	" FROM vfile v1, vfile v2 "
354	354	" WHERE v1.pathname=v2.pathname AND v1.vid=%d AND v2.vid=%d"
355	355	" AND (v2.deleted OR v2.chnged OR v1.mrid!=v2.rid)"
356	356	"UNION "
		@@ -367,20 +367,20 @@
367	367	" WHERE v1.vid=%d AND v1.pathname=v2.pathname)"
368	368	" ORDER BY 1",
369	369	rid, vid, rid, vid, vid, rid
370	370	);
371	371	}else{
372		- blob_appendf(&sql,
	372	+ blob_append_sql(&sql,
373	373	"SELECT pathname, deleted, chnged , rid==0, rid, islink"
374	374	" FROM vfile"
375	375	" WHERE vid=%d"
376	376	" AND (deleted OR chnged OR rid==0)"
377	377	" ORDER BY pathname",
378	378	vid
379	379	);
380	380	}
381		- db_prepare(&q, blob_str(&sql));
	381	+ db_prepare(&q, "%s", blob_sql_text(&sql));
382	382	while( db_step(&q)==SQLITE_ROW ){
383	383	const char *zPathname = db_column_text(&q,0);
384	384	int isDeleted = db_column_int(&q, 1);
385	385	int isChnged = db_column_int(&q,2);
386	386	int isNew = db_column_int(&q,3);
		@@ -408,11 +408,11 @@
408	408	Blob content;
409	409	int isBin;
410	410	if( !isLink != !file_wd_islink(zFullName) ){
411	411	diff_print_index(zPathname, diffFlags);
412	412	diff_print_filenames(zPathname, zPathname, diffFlags);
413		- fossil_print(DIFF_CANNOT_COMPUTE_SYMLINK);
	413	+ fossil_print("%s",DIFF_CANNOT_COMPUTE_SYMLINK);
414	414	continue;
415	415	}
416	416	if( srcid>0 ){
417	417	content_get(srcid, &content);
418	418	}else{
		@@ -462,11 +462,11 @@
462	462	fIncludeBinary ? 0 : &isBin1, 0);
463	463	historical_version_of_file(zTo, zName, &v2, &isLink2, 0,
464	464	fIncludeBinary ? 0 : &isBin2, 0);
465	465	if( isLink1 != isLink2 ){
466	466	diff_print_filenames(zName, zName, diffFlags);
467		- fossil_print(DIFF_CANNOT_COMPUTE_SYMLINK);
	467	+ fossil_print("%s",DIFF_CANNOT_COMPUTE_SYMLINK);
468	468	}else{
469	469	diff_file_mem(&v1, &v2, isBin1, isBin2, zName, zDiffCmd,
470	470	zBinGlob, fIncludeBinary, diffFlags);
471	471	}
472	472	blob_reset(&v1);
473	473

	--- src/diffcmd.c
	+++ src/diffcmd.c
	@@ -142,17 +142,17 @@
142	Blob cmd; /* Text of command to run */
143
144	if( !fIncludeBinary ){
145	Blob file2;
146	if( isBin1 ){
147	fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
148	return;
149	}
150	if( zBinGlob ){
151	Glob *pBinary = glob_create(zBinGlob);
152	if( glob_match(pBinary, zName) ){
153	fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
154	glob_free(pBinary);
155	return;
156	}
157	glob_free(pBinary);
158	}
	@@ -163,11 +163,11 @@
163	}else{
164	blob_read_from_file(&file2, zFile2);
165	}
166	}
167	if( looks_like_binary(&file2) ){
168	fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
169	blob_reset(&file2);
170	return;
171	}
172	blob_reset(&file2);
173	}
	@@ -238,17 +238,17 @@
238	char zTemp1[300];
239	char zTemp2[300];
240
241	if( !fIncludeBinary ){
242	if( isBin1 \|\| isBin2 ){
243	fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
244	return;
245	}
246	if( zBinGlob ){
247	Glob *pBinary = glob_create(zBinGlob);
248	if( glob_match(pBinary, zName) ){
249	fossil_print(DIFF_CANNOT_COMPUTE_BINARY);
250	glob_free(pBinary);
251	return;
252	}
253	glob_free(pBinary);
254	}
	@@ -302,11 +302,11 @@
302	int isBin;
303	file_tree_name(zFileTreeName, &fname, 1);
304	historical_version_of_file(zFrom, blob_str(&fname), &content, &isLink, 0,
305	fIncludeBinary ? 0 : &isBin, 0);
306	if( !isLink != !file_wd_islink(zFrom) ){
307	fossil_print(DIFF_CANNOT_COMPUTE_SYMLINK);
308	}else{
309	diff_file(&content, isBin, zFileTreeName, zFileTreeName,
310	zDiffCmd, zBinGlob, fIncludeBinary, diffFlags);
311	}
312	blob_reset(&content);
	@@ -346,11 +346,11 @@
346	int rid = name_to_typed_rid(zFrom, "ci");
347	if( !is_a_version(rid) ){
348	fossil_fatal("no such check-in: %s", zFrom);
349	}
350	load_vfile_from_rid(rid);
351	blob_appendf(&sql,
352	"SELECT v2.pathname, v2.deleted, v2.chnged, v2.rid==0, v1.rid, v1.islink"
353	" FROM vfile v1, vfile v2 "
354	" WHERE v1.pathname=v2.pathname AND v1.vid=%d AND v2.vid=%d"
355	" AND (v2.deleted OR v2.chnged OR v1.mrid!=v2.rid)"
356	"UNION "
	@@ -367,20 +367,20 @@
367	" WHERE v1.vid=%d AND v1.pathname=v2.pathname)"
368	" ORDER BY 1",
369	rid, vid, rid, vid, vid, rid
370	);
371	}else{
372	blob_appendf(&sql,
373	"SELECT pathname, deleted, chnged , rid==0, rid, islink"
374	" FROM vfile"
375	" WHERE vid=%d"
376	" AND (deleted OR chnged OR rid==0)"
377	" ORDER BY pathname",
378	vid
379	);
380	}
381	db_prepare(&q, blob_str(&sql));
382	while( db_step(&q)==SQLITE_ROW ){
383	const char *zPathname = db_column_text(&q,0);
384	int isDeleted = db_column_int(&q, 1);
385	int isChnged = db_column_int(&q,2);
386	int isNew = db_column_int(&q,3);
	@@ -408,11 +408,11 @@
408	Blob content;
409	int isBin;
410	if( !isLink != !file_wd_islink(zFullName) ){
411	diff_print_index(zPathname, diffFlags);
412	diff_print_filenames(zPathname, zPathname, diffFlags);
413	fossil_print(DIFF_CANNOT_COMPUTE_SYMLINK);
414	continue;
415	}
416	if( srcid>0 ){
417	content_get(srcid, &content);
418	}else{
	@@ -462,11 +462,11 @@
462	fIncludeBinary ? 0 : &isBin1, 0);
463	historical_version_of_file(zTo, zName, &v2, &isLink2, 0,
464	fIncludeBinary ? 0 : &isBin2, 0);
465	if( isLink1 != isLink2 ){
466	diff_print_filenames(zName, zName, diffFlags);
467	fossil_print(DIFF_CANNOT_COMPUTE_SYMLINK);
468	}else{
469	diff_file_mem(&v1, &v2, isBin1, isBin2, zName, zDiffCmd,
470	zBinGlob, fIncludeBinary, diffFlags);
471	}
472	blob_reset(&v1);
473

	--- src/diffcmd.c
	+++ src/diffcmd.c
	@@ -142,17 +142,17 @@
142	Blob cmd; /* Text of command to run */
143
144	if( !fIncludeBinary ){
145	Blob file2;
146	if( isBin1 ){
147	fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
148	return;
149	}
150	if( zBinGlob ){
151	Glob *pBinary = glob_create(zBinGlob);
152	if( glob_match(pBinary, zName) ){
153	fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
154	glob_free(pBinary);
155	return;
156	}
157	glob_free(pBinary);
158	}
	@@ -163,11 +163,11 @@
163	}else{
164	blob_read_from_file(&file2, zFile2);
165	}
166	}
167	if( looks_like_binary(&file2) ){
168	fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
169	blob_reset(&file2);
170	return;
171	}
172	blob_reset(&file2);
173	}
	@@ -238,17 +238,17 @@
238	char zTemp1[300];
239	char zTemp2[300];
240
241	if( !fIncludeBinary ){
242	if( isBin1 \|\| isBin2 ){
243	fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
244	return;
245	}
246	if( zBinGlob ){
247	Glob *pBinary = glob_create(zBinGlob);
248	if( glob_match(pBinary, zName) ){
249	fossil_print("%s",DIFF_CANNOT_COMPUTE_BINARY);
250	glob_free(pBinary);
251	return;
252	}
253	glob_free(pBinary);
254	}
	@@ -302,11 +302,11 @@
302	int isBin;
303	file_tree_name(zFileTreeName, &fname, 1);
304	historical_version_of_file(zFrom, blob_str(&fname), &content, &isLink, 0,
305	fIncludeBinary ? 0 : &isBin, 0);
306	if( !isLink != !file_wd_islink(zFrom) ){
307	fossil_print("%s",DIFF_CANNOT_COMPUTE_SYMLINK);
308	}else{
309	diff_file(&content, isBin, zFileTreeName, zFileTreeName,
310	zDiffCmd, zBinGlob, fIncludeBinary, diffFlags);
311	}
312	blob_reset(&content);
	@@ -346,11 +346,11 @@
346	int rid = name_to_typed_rid(zFrom, "ci");
347	if( !is_a_version(rid) ){
348	fossil_fatal("no such check-in: %s", zFrom);
349	}
350	load_vfile_from_rid(rid);
351	blob_append_sql(&sql,
352	"SELECT v2.pathname, v2.deleted, v2.chnged, v2.rid==0, v1.rid, v1.islink"
353	" FROM vfile v1, vfile v2 "
354	" WHERE v1.pathname=v2.pathname AND v1.vid=%d AND v2.vid=%d"
355	" AND (v2.deleted OR v2.chnged OR v1.mrid!=v2.rid)"
356	"UNION "
	@@ -367,20 +367,20 @@
367	" WHERE v1.vid=%d AND v1.pathname=v2.pathname)"
368	" ORDER BY 1",
369	rid, vid, rid, vid, vid, rid
370	);
371	}else{
372	blob_append_sql(&sql,
373	"SELECT pathname, deleted, chnged , rid==0, rid, islink"
374	" FROM vfile"
375	" WHERE vid=%d"
376	" AND (deleted OR chnged OR rid==0)"
377	" ORDER BY pathname",
378	vid
379	);
380	}
381	db_prepare(&q, "%s", blob_sql_text(&sql));
382	while( db_step(&q)==SQLITE_ROW ){
383	const char *zPathname = db_column_text(&q,0);
384	int isDeleted = db_column_int(&q, 1);
385	int isChnged = db_column_int(&q,2);
386	int isNew = db_column_int(&q,3);
	@@ -408,11 +408,11 @@
408	Blob content;
409	int isBin;
410	if( !isLink != !file_wd_islink(zFullName) ){
411	diff_print_index(zPathname, diffFlags);
412	diff_print_filenames(zPathname, zPathname, diffFlags);
413	fossil_print("%s",DIFF_CANNOT_COMPUTE_SYMLINK);
414	continue;
415	}
416	if( srcid>0 ){
417	content_get(srcid, &content);
418	}else{
	@@ -462,11 +462,11 @@
462	fIncludeBinary ? 0 : &isBin1, 0);
463	historical_version_of_file(zTo, zName, &v2, &isLink2, 0,
464	fIncludeBinary ? 0 : &isBin2, 0);
465	if( isLink1 != isLink2 ){
466	diff_print_filenames(zName, zName, diffFlags);
467	fossil_print("%s",DIFF_CANNOT_COMPUTE_SYMLINK);
468	}else{
469	diff_file_mem(&v1, &v2, isBin1, isBin2, zName, zDiffCmd,
470	zBinGlob, fIncludeBinary, diffFlags);
471	}
472	blob_reset(&v1);
473

M src/doc.c

+3 -4

		--- src/doc.c
		+++ src/doc.c
		@@ -501,11 +501,11 @@
501	501	Th_Store("doc_date", db_text(0, "SELECT datetime(mtime) FROM event"
502	502	" WHERE objid=%d AND type='ci'", vid));
503	503	if( fossil_strcmp(zMime, "text/x-fossil-wiki")==0 ){
504	504	Blob title, tail;
505	505	if( wiki_find_title(&filebody, &title, &tail) ){
506		- style_header(blob_str(&title));
	506	+ style_header("%s", blob_str(&title));
507	507	wiki_convert(&tail, 0, WIKI_BUTTONS);
508	508	}else{
509	509	style_header("Documentation");
510	510	wiki_convert(&filebody, 0, WIKI_BUTTONS);
511	511	}
		@@ -513,11 +513,11 @@
513	513	}else if( fossil_strcmp(zMime, "text/x-markdown")==0 ){
514	514	Blob title = BLOB_INITIALIZER;
515	515	Blob tail = BLOB_INITIALIZER;
516	516	markdown_to_html(&filebody, &title, &tail);
517	517	if( blob_size(&title)>0 ){
518		- style_header(blob_str(&title));
	518	+ style_header("%s", blob_str(&title));
519	519	}else{
520	520	style_header("Documentation");
521	521	}
522	522	blob_append(cgi_output_blob(), blob_buffer(&tail), blob_size(&tail));
523	523	style_footer();
		@@ -528,12 +528,11 @@
528	528	@ </pre></blockquote>
529	529	style_footer();
530	530	#ifdef FOSSIL_ENABLE_TH1_DOCS
531	531	}else if( db_get_boolean("th1-docs", 0) &&
532	532	fossil_strcmp(zMime, "application/x-th1")==0 ){
533		- char *zHtml = htmlize(zName, -1);
534		- style_header(zHtml);
	533	+ style_header("%h", zName);
535	534	Th_Render(blob_str(&filebody));
536	535	style_footer();
537	536	fossil_free(zHtml);
538	537	#endif
539	538	}else{
540	539

	--- src/doc.c
	+++ src/doc.c
	@@ -501,11 +501,11 @@
501	Th_Store("doc_date", db_text(0, "SELECT datetime(mtime) FROM event"
502	" WHERE objid=%d AND type='ci'", vid));
503	if( fossil_strcmp(zMime, "text/x-fossil-wiki")==0 ){
504	Blob title, tail;
505	if( wiki_find_title(&filebody, &title, &tail) ){
506	style_header(blob_str(&title));
507	wiki_convert(&tail, 0, WIKI_BUTTONS);
508	}else{
509	style_header("Documentation");
510	wiki_convert(&filebody, 0, WIKI_BUTTONS);
511	}
	@@ -513,11 +513,11 @@
513	}else if( fossil_strcmp(zMime, "text/x-markdown")==0 ){
514	Blob title = BLOB_INITIALIZER;
515	Blob tail = BLOB_INITIALIZER;
516	markdown_to_html(&filebody, &title, &tail);
517	if( blob_size(&title)>0 ){
518	style_header(blob_str(&title));
519	}else{
520	style_header("Documentation");
521	}
522	blob_append(cgi_output_blob(), blob_buffer(&tail), blob_size(&tail));
523	style_footer();
	@@ -528,12 +528,11 @@
528	@ </pre></blockquote>
529	style_footer();
530	#ifdef FOSSIL_ENABLE_TH1_DOCS
531	}else if( db_get_boolean("th1-docs", 0) &&
532	fossil_strcmp(zMime, "application/x-th1")==0 ){
533	char *zHtml = htmlize(zName, -1);
534	style_header(zHtml);
535	Th_Render(blob_str(&filebody));
536	style_footer();
537	fossil_free(zHtml);
538	#endif
539	}else{
540

	--- src/doc.c
	+++ src/doc.c
	@@ -501,11 +501,11 @@
501	Th_Store("doc_date", db_text(0, "SELECT datetime(mtime) FROM event"
502	" WHERE objid=%d AND type='ci'", vid));
503	if( fossil_strcmp(zMime, "text/x-fossil-wiki")==0 ){
504	Blob title, tail;
505	if( wiki_find_title(&filebody, &title, &tail) ){
506	style_header("%s", blob_str(&title));
507	wiki_convert(&tail, 0, WIKI_BUTTONS);
508	}else{
509	style_header("Documentation");
510	wiki_convert(&filebody, 0, WIKI_BUTTONS);
511	}
	@@ -513,11 +513,11 @@
513	}else if( fossil_strcmp(zMime, "text/x-markdown")==0 ){
514	Blob title = BLOB_INITIALIZER;
515	Blob tail = BLOB_INITIALIZER;
516	markdown_to_html(&filebody, &title, &tail);
517	if( blob_size(&title)>0 ){
518	style_header("%s", blob_str(&title));
519	}else{
520	style_header("Documentation");
521	}
522	blob_append(cgi_output_blob(), blob_buffer(&tail), blob_size(&tail));
523	style_footer();
	@@ -528,12 +528,11 @@
528	@ </pre></blockquote>
529	style_footer();
530	#ifdef FOSSIL_ENABLE_TH1_DOCS
531	}else if( db_get_boolean("th1-docs", 0) &&
532	fossil_strcmp(zMime, "application/x-th1")==0 ){
533	style_header("%h", zName);

534	Th_Render(blob_str(&filebody));
535	style_footer();
536	fossil_free(zHtml);
537	#endif
538	}else{
539

M src/event.c

+2 -4

		--- src/event.c
		+++ src/event.c
		@@ -119,11 +119,11 @@
119	119	if( pEvent==0 ){
120	120	fossil_fatal("Object #%d is not an event", rid);
121	121	}
122	122	blob_init(&fullbody, pEvent->zWiki, -1);
123	123	if( wiki_find_title(&fullbody, &title, &tail) ){
124		- style_header(blob_str(&title));
	124	+ style_header("%s", blob_str(&title));
125	125	}else{
126	126	style_header("Event %S", zEventId);
127	127	tail = fullbody;
128	128	}
129	129	if( g.perm.WrWiki && g.perm.Write && nextRid==0 ){
		@@ -203,11 +203,10 @@
203	203	void eventedit_page(void){
204	204	char *zTag;
205	205	int rid = 0;
206	206	Blob event;
207	207	const char *zEventId;
208		- char *zHtmlPageName;
209	208	int n;
210	209	const char *z;
211	210	char zBody = (char)P("w");
212	211	char zETime = (char)P("t");
213	212	const char *zComment = P("c");
		@@ -364,12 +363,11 @@
364	363	return;
365	364	}
366	365	if( zBody==0 ){
367	366	zBody = mprintf("<i>Event Text</i>");
368	367	}
369		- zHtmlPageName = mprintf("Edit Event %S", zEventId);
370		- style_header(zHtmlPageName);
	368	+ style_header("Edit Event %S", zEventId);
371	369	if( P("preview")!=0 ){
372	370	Blob title, tail, com;
373	371	@ <p><b>Timeline comment preview:</b></p>
374	372	@ <blockquote>
375	373	@ <table border="0">
376	374

	--- src/event.c
	+++ src/event.c
	@@ -119,11 +119,11 @@
119	if( pEvent==0 ){
120	fossil_fatal("Object #%d is not an event", rid);
121	}
122	blob_init(&fullbody, pEvent->zWiki, -1);
123	if( wiki_find_title(&fullbody, &title, &tail) ){
124	style_header(blob_str(&title));
125	}else{
126	style_header("Event %S", zEventId);
127	tail = fullbody;
128	}
129	if( g.perm.WrWiki && g.perm.Write && nextRid==0 ){
	@@ -203,11 +203,10 @@
203	void eventedit_page(void){
204	char *zTag;
205	int rid = 0;
206	Blob event;
207	const char *zEventId;
208	char *zHtmlPageName;
209	int n;
210	const char *z;
211	char zBody = (char)P("w");
212	char zETime = (char)P("t");
213	const char *zComment = P("c");
	@@ -364,12 +363,11 @@
364	return;
365	}
366	if( zBody==0 ){
367	zBody = mprintf("<i>Event Text</i>");
368	}
369	zHtmlPageName = mprintf("Edit Event %S", zEventId);
370	style_header(zHtmlPageName);
371	if( P("preview")!=0 ){
372	Blob title, tail, com;
373	@ <p><b>Timeline comment preview:</b></p>
374	@ <blockquote>
375	@ <table border="0">
376

	--- src/event.c
	+++ src/event.c
	@@ -119,11 +119,11 @@
119	if( pEvent==0 ){
120	fossil_fatal("Object #%d is not an event", rid);
121	}
122	blob_init(&fullbody, pEvent->zWiki, -1);
123	if( wiki_find_title(&fullbody, &title, &tail) ){
124	style_header("%s", blob_str(&title));
125	}else{
126	style_header("Event %S", zEventId);
127	tail = fullbody;
128	}
129	if( g.perm.WrWiki && g.perm.Write && nextRid==0 ){
	@@ -203,11 +203,10 @@
203	void eventedit_page(void){
204	char *zTag;
205	int rid = 0;
206	Blob event;
207	const char *zEventId;

208	int n;
209	const char *z;
210	char zBody = (char)P("w");
211	char zETime = (char)P("t");
212	const char *zComment = P("c");
	@@ -364,12 +363,11 @@
363	return;
364	}
365	if( zBody==0 ){
366	zBody = mprintf("<i>Event Text</i>");
367	}
368	style_header("Edit Event %S", zEventId);

369	if( P("preview")!=0 ){
370	Blob title, tail, com;
371	@ <p><b>Timeline comment preview:</b></p>
372	@ <blockquote>
373	@ <table border="0">
374

M src/finfo.c

+11 -11

		--- src/finfo.c
		+++ src/finfo.c
		@@ -319,11 +319,11 @@
319	319
320	320	zPrevDate[0] = 0;
321	321	zFilename = PD("name","");
322	322	url_add_parameter(&url, "name", zFilename);
323	323	blob_zero(&sql);
324		- blob_appendf(&sql,
	324	+ blob_append_sql(&sql,
325	325	"SELECT"
326	326	" datetime(event.mtime%s)," /* Date of change */
327	327	" coalesce(event.ecomment, event.comment)," /* Check-in comment */
328	328	" coalesce(event.euser, event.user)," /* User who made chng */
329	329	" mlink.pid," /* Parent file rid */
		@@ -338,44 +338,44 @@
338	338	" mlink.pfnid", /* Previous filename */
339	339	timeline_utc(), TAG_BRANCH
340	340	);
341	341	if( firstChngOnly ){
342	342	#if 0
343		- blob_appendf(&sql, ", min(event.mtime)");
	343	+ blob_append_sql(&sql, ", min(event.mtime)");
344	344	#else
345		- blob_appendf(&sql,
	345	+ blob_append_sql(&sql,
346	346	", min(CASE (SELECT value FROM tagxref"
347	347	" WHERE tagtype>0 AND tagid=%d"
348	348	" AND tagxref.rid=mlink.mid)"
349	349	" WHEN 'trunk' THEN event.mtime-10000 ELSE event.mtime END)",
350	350	TAG_BRANCH);
351	351	#endif
352	352	}
353		- blob_appendf(&sql,
	353	+ blob_append_sql(&sql,
354	354	" FROM mlink, event"
355	355	" WHERE mlink.fnid IN (SELECT fnid FROM filename WHERE name=%Q)"
356	356	" AND event.objid=mlink.mid",
357	357	zFilename
358	358	);
359	359	if( baseCheckin ){
360	360	compute_direct_ancestors(baseCheckin, 10000000);
361		- blob_appendf(&sql," AND mlink.mid IN (SELECT rid FROM ancestor)");
	361	+ blob_append_sql(&sql," AND mlink.mid IN (SELECT rid FROM ancestor)");
362	362	}
363	363	if( (zA = P("a"))!=0 ){
364		- blob_appendf(&sql, " AND event.mtime>=julianday('%q')", zA);
	364	+ blob_append_sql(&sql, " AND event.mtime>=julianday('%q')", zA);
365	365	url_add_parameter(&url, "a", zA);
366	366	}
367	367	if( (zB = P("b"))!=0 ){
368		- blob_appendf(&sql, " AND event.mtime<=julianday('%q')", zB);
	368	+ blob_append_sql(&sql, " AND event.mtime<=julianday('%q')", zB);
369	369	url_add_parameter(&url, "b", zB);
370	370	}
371	371	if( firstChngOnly ){
372		- blob_appendf(&sql, " GROUP BY mlink.fid");
	372	+ blob_append_sql(&sql, " GROUP BY mlink.fid");
373	373	}
374		- blob_appendf(&sql," ORDER BY event.mtime DESC /sort/");
	374	+ blob_append_sql(&sql," ORDER BY event.mtime DESC /sort/");
375	375	if( (n = atoi(PD("n","0")))>0 ){
376		- blob_appendf(&sql, " LIMIT %d", n);
	376	+ blob_append_sql(&sql, " LIMIT %d", n);
377	377	url_add_parameter(&url, "n", P("n"));
378	378	}
379	379	if( baseCheckin==0 ){
380	380	if( firstChngOnly ){
381	381	style_submenu_element("Full", "Show all changes","%s",
		@@ -384,11 +384,11 @@
384	384	style_submenu_element("Simplified",
385	385	"Show only first use of a change","%s",
386	386	url_render(&url, "fco", 0, 0, 0));
387	387	}
388	388	}
389		- db_prepare(&q, blob_str(&sql));
	389	+ db_prepare(&q, "%s", blob_sql_text(&sql));
390	390	if( P("showsql")!=0 ){
391	391	@ <p>SQL: %h(blob_str(&sql))</p>
392	392	}
393	393	blob_reset(&sql);
394	394	blob_zero(&title);
395	395

	--- src/finfo.c
	+++ src/finfo.c
	@@ -319,11 +319,11 @@
319
320	zPrevDate[0] = 0;
321	zFilename = PD("name","");
322	url_add_parameter(&url, "name", zFilename);
323	blob_zero(&sql);
324	blob_appendf(&sql,
325	"SELECT"
326	" datetime(event.mtime%s)," /* Date of change */
327	" coalesce(event.ecomment, event.comment)," /* Check-in comment */
328	" coalesce(event.euser, event.user)," /* User who made chng */
329	" mlink.pid," /* Parent file rid */
	@@ -338,44 +338,44 @@
338	" mlink.pfnid", /* Previous filename */
339	timeline_utc(), TAG_BRANCH
340	);
341	if( firstChngOnly ){
342	#if 0
343	blob_appendf(&sql, ", min(event.mtime)");
344	#else
345	blob_appendf(&sql,
346	", min(CASE (SELECT value FROM tagxref"
347	" WHERE tagtype>0 AND tagid=%d"
348	" AND tagxref.rid=mlink.mid)"
349	" WHEN 'trunk' THEN event.mtime-10000 ELSE event.mtime END)",
350	TAG_BRANCH);
351	#endif
352	}
353	blob_appendf(&sql,
354	" FROM mlink, event"
355	" WHERE mlink.fnid IN (SELECT fnid FROM filename WHERE name=%Q)"
356	" AND event.objid=mlink.mid",
357	zFilename
358	);
359	if( baseCheckin ){
360	compute_direct_ancestors(baseCheckin, 10000000);
361	blob_appendf(&sql," AND mlink.mid IN (SELECT rid FROM ancestor)");
362	}
363	if( (zA = P("a"))!=0 ){
364	blob_appendf(&sql, " AND event.mtime>=julianday('%q')", zA);
365	url_add_parameter(&url, "a", zA);
366	}
367	if( (zB = P("b"))!=0 ){
368	blob_appendf(&sql, " AND event.mtime<=julianday('%q')", zB);
369	url_add_parameter(&url, "b", zB);
370	}
371	if( firstChngOnly ){
372	blob_appendf(&sql, " GROUP BY mlink.fid");
373	}
374	blob_appendf(&sql," ORDER BY event.mtime DESC /sort/");
375	if( (n = atoi(PD("n","0")))>0 ){
376	blob_appendf(&sql, " LIMIT %d", n);
377	url_add_parameter(&url, "n", P("n"));
378	}
379	if( baseCheckin==0 ){
380	if( firstChngOnly ){
381	style_submenu_element("Full", "Show all changes","%s",
	@@ -384,11 +384,11 @@
384	style_submenu_element("Simplified",
385	"Show only first use of a change","%s",
386	url_render(&url, "fco", 0, 0, 0));
387	}
388	}
389	db_prepare(&q, blob_str(&sql));
390	if( P("showsql")!=0 ){
391	@ <p>SQL: %h(blob_str(&sql))</p>
392	}
393	blob_reset(&sql);
394	blob_zero(&title);
395

	--- src/finfo.c
	+++ src/finfo.c
	@@ -319,11 +319,11 @@
319
320	zPrevDate[0] = 0;
321	zFilename = PD("name","");
322	url_add_parameter(&url, "name", zFilename);
323	blob_zero(&sql);
324	blob_append_sql(&sql,
325	"SELECT"
326	" datetime(event.mtime%s)," /* Date of change */
327	" coalesce(event.ecomment, event.comment)," /* Check-in comment */
328	" coalesce(event.euser, event.user)," /* User who made chng */
329	" mlink.pid," /* Parent file rid */
	@@ -338,44 +338,44 @@
338	" mlink.pfnid", /* Previous filename */
339	timeline_utc(), TAG_BRANCH
340	);
341	if( firstChngOnly ){
342	#if 0
343	blob_append_sql(&sql, ", min(event.mtime)");
344	#else
345	blob_append_sql(&sql,
346	", min(CASE (SELECT value FROM tagxref"
347	" WHERE tagtype>0 AND tagid=%d"
348	" AND tagxref.rid=mlink.mid)"
349	" WHEN 'trunk' THEN event.mtime-10000 ELSE event.mtime END)",
350	TAG_BRANCH);
351	#endif
352	}
353	blob_append_sql(&sql,
354	" FROM mlink, event"
355	" WHERE mlink.fnid IN (SELECT fnid FROM filename WHERE name=%Q)"
356	" AND event.objid=mlink.mid",
357	zFilename
358	);
359	if( baseCheckin ){
360	compute_direct_ancestors(baseCheckin, 10000000);
361	blob_append_sql(&sql," AND mlink.mid IN (SELECT rid FROM ancestor)");
362	}
363	if( (zA = P("a"))!=0 ){
364	blob_append_sql(&sql, " AND event.mtime>=julianday('%q')", zA);
365	url_add_parameter(&url, "a", zA);
366	}
367	if( (zB = P("b"))!=0 ){
368	blob_append_sql(&sql, " AND event.mtime<=julianday('%q')", zB);
369	url_add_parameter(&url, "b", zB);
370	}
371	if( firstChngOnly ){
372	blob_append_sql(&sql, " GROUP BY mlink.fid");
373	}
374	blob_append_sql(&sql," ORDER BY event.mtime DESC /sort/");
375	if( (n = atoi(PD("n","0")))>0 ){
376	blob_append_sql(&sql, " LIMIT %d", n);
377	url_add_parameter(&url, "n", P("n"));
378	}
379	if( baseCheckin==0 ){
380	if( firstChngOnly ){
381	style_submenu_element("Full", "Show all changes","%s",
	@@ -384,11 +384,11 @@
384	style_submenu_element("Simplified",
385	"Show only first use of a change","%s",
386	url_render(&url, "fco", 0, 0, 0));
387	}
388	}
389	db_prepare(&q, "%s", blob_sql_text(&sql));
390	if( P("showsql")!=0 ){
391	@ <p>SQL: %h(blob_str(&sql))</p>
392	}
393	blob_reset(&sql);
394	blob_zero(&title);
395

M src/http.c

+2 -2

		--- src/http.c
		+++ src/http.c
		@@ -167,11 +167,11 @@
167	167	char *zPrompt;
168	168	char *zHttpAuth = 0;
169	169	if( !isatty(fileno(stdin)) ) return 0;
170	170	zPrompt = mprintf("\n%s authorization required by\n%s\n",
171	171	g.url.isHttps==1 ? "Encrypted HTTPS" : "Unencrypted HTTP", g.url.canonical);
172		- fossil_print(zPrompt);
	172	+ fossil_print("%s", zPrompt);
173	173	free(zPrompt);
174	174	if ( g.url.user && g.url.passwd && use_fossil_creds_for_httpauth_prompt() ){
175	175	zHttpAuth = mprintf("%s:%s", g.url.user, g.url.passwd);
176	176	}else{
177	177	prompt_user("Basic Authorization user: ", &x);
		@@ -214,11 +214,11 @@
214	214	int i; /* Loop counter */
215	215	int isError = 0; /* True if the reply is an error message */
216	216	int isCompressed = 1; /* True if the reply is compressed */
217	217
218	218	if( transport_open(&g.url) ){
219		- fossil_warning(transport_errmsg(&g.url));
	219	+ fossil_warning("%s", transport_errmsg(&g.url));
220	220	return 1;
221	221	}
222	222
223	223	/* Construct the login card and prepare the complete payload */
224	224	blob_zero(&login);
225	225

	--- src/http.c
	+++ src/http.c
	@@ -167,11 +167,11 @@
167	char *zPrompt;
168	char *zHttpAuth = 0;
169	if( !isatty(fileno(stdin)) ) return 0;
170	zPrompt = mprintf("\n%s authorization required by\n%s\n",
171	g.url.isHttps==1 ? "Encrypted HTTPS" : "Unencrypted HTTP", g.url.canonical);
172	fossil_print(zPrompt);
173	free(zPrompt);
174	if ( g.url.user && g.url.passwd && use_fossil_creds_for_httpauth_prompt() ){
175	zHttpAuth = mprintf("%s:%s", g.url.user, g.url.passwd);
176	}else{
177	prompt_user("Basic Authorization user: ", &x);
	@@ -214,11 +214,11 @@
214	int i; /* Loop counter */
215	int isError = 0; /* True if the reply is an error message */
216	int isCompressed = 1; /* True if the reply is compressed */
217
218	if( transport_open(&g.url) ){
219	fossil_warning(transport_errmsg(&g.url));
220	return 1;
221	}
222
223	/* Construct the login card and prepare the complete payload */
224	blob_zero(&login);
225

	--- src/http.c
	+++ src/http.c
	@@ -167,11 +167,11 @@
167	char *zPrompt;
168	char *zHttpAuth = 0;
169	if( !isatty(fileno(stdin)) ) return 0;
170	zPrompt = mprintf("\n%s authorization required by\n%s\n",
171	g.url.isHttps==1 ? "Encrypted HTTPS" : "Unencrypted HTTP", g.url.canonical);
172	fossil_print("%s", zPrompt);
173	free(zPrompt);
174	if ( g.url.user && g.url.passwd && use_fossil_creds_for_httpauth_prompt() ){
175	zHttpAuth = mprintf("%s:%s", g.url.user, g.url.passwd);
176	}else{
177	prompt_user("Basic Authorization user: ", &x);
	@@ -214,11 +214,11 @@
214	int i; /* Loop counter */
215	int isError = 0; /* True if the reply is an error message */
216	int isCompressed = 1; /* True if the reply is compressed */
217
218	if( transport_open(&g.url) ){
219	fossil_warning("%s", transport_errmsg(&g.url));
220	return 1;
221	}
222
223	/* Construct the login card and prepare the complete payload */
224	blob_zero(&login);
225

M src/info.c

+6 -8

		--- src/info.c
		+++ src/info.c
		@@ -535,20 +535,18 @@
535	535	timeline_utc(), timeline_utc(), rid, rid
536	536	);
537	537	sideBySide = !is_false(PD("sbs","1"));
538	538	if( db_step(&q1)==SQLITE_ROW ){
539	539	const char *zUuid = db_column_text(&q1, 0);
540		- char *zTitle = mprintf("Check-in [%S]", zUuid);
541	540	char zEUser, zEComment;
542	541	const char *zUser;
543	542	const char *zComment;
544	543	const char *zDate;
545	544	const char *zOrigDate;
546	545
547		- style_header(zTitle);
	546	+ style_header("Check-in [%s]", zUuid);
548	547	login_anonymous_available();
549		- free(zTitle);
550	548	zEUser = db_text(0,
551	549	"SELECT value FROM tagxref"
552	550	" WHERE tagid=%d AND rid=%d AND tagtype>0",
553	551	TAG_USER, rid);
554	552	zEComment = db_text(0,
		@@ -1582,11 +1580,11 @@
1582	1580	login_check_credentials();
1583	1581	if( !g.perm.Read ){ login_needed(); return; }
1584	1582	if( rid==0 ) fossil_redirect_home();
1585	1583	if( g.perm.Admin ){
1586	1584	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1587		- if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
	1585	+ if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
1588	1586	style_submenu_element("Unshun","Unshun", "%s/shun?accept=%s&sub=1#delshun",
1589	1587	g.zTop, zUuid);
1590	1588	}else{
1591	1589	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
1592	1590	g.zTop, zUuid);
		@@ -1768,20 +1766,20 @@
1768	1766	login_check_credentials();
1769	1767	if( !g.perm.Read ){ login_needed(); return; }
1770	1768	if( rid==0 ) fossil_redirect_home();
1771	1769	if( g.perm.Admin ){
1772	1770	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1773		- if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
	1771	+ if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
1774	1772	style_submenu_element("Unshun","Unshun", "%s/shun?accept=%s&sub=1#accshun",
1775	1773	g.zTop, zUuid);
1776	1774	}else{
1777	1775	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
1778	1776	g.zTop, zUuid);
1779	1777	}
1780	1778	}
1781	1779	if( descOnly \|\| P("verbose")!=0 ) objdescFlags \|= OBJDESC_DETAIL;
1782		- style_header(descOnly ? "Artifact Description" : "Artifact Content");
	1780	+ style_header("%s", descOnly ? "Artifact Description" : "Artifact Content");
1783	1781	zUuid = db_text("?", "SELECT uuid FROM blob WHERE rid=%d", rid);
1784	1782	if( g.perm.Setup ){
1785	1783	@ <h2>Artifact %s(zUuid) (%d(rid)):</h2>
1786	1784	}else{
1787	1785	@ <h2>Artifact %s(zUuid):</h2>
		@@ -1884,11 +1882,11 @@
1884	1882	if( !g.perm.RdTkt ){ login_needed(); return; }
1885	1883	rid = name_to_rid_www("name");
1886	1884	if( rid==0 ){ fossil_redirect_home(); }
1887	1885	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1888	1886	if( g.perm.Admin ){
1889		- if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
	1887	+ if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
1890	1888	style_submenu_element("Unshun","Unshun", "%s/shun?accept=%s&sub=1#accshun",
1891	1889	g.zTop, zUuid);
1892	1890	}else{
1893	1891	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
1894	1892	g.zTop, zUuid);
		@@ -2029,11 +2027,11 @@
2029	2027	cgi_set_parameter("src","info");
2030	2028	ambiguous_page();
2031	2029	return;
2032	2030	}
2033	2031	zName = blob_str(&uuid);
2034		- rid = db_int(0, "SELECT rid FROM blob WHERE uuid='%s'", zName);
	2032	+ rid = db_int(0, "SELECT rid FROM blob WHERE uuid=%Q", zName);
2035	2033	if( rid==0 ){
2036	2034	style_header("Broken Link");
2037	2035	@ <p>No such object: %h(zName)</p>
2038	2036	style_footer();
2039	2037	return;
2040	2038

	--- src/info.c
	+++ src/info.c
	@@ -535,20 +535,18 @@
535	timeline_utc(), timeline_utc(), rid, rid
536	);
537	sideBySide = !is_false(PD("sbs","1"));
538	if( db_step(&q1)==SQLITE_ROW ){
539	const char *zUuid = db_column_text(&q1, 0);
540	char *zTitle = mprintf("Check-in [%S]", zUuid);
541	char zEUser, zEComment;
542	const char *zUser;
543	const char *zComment;
544	const char *zDate;
545	const char *zOrigDate;
546
547	style_header(zTitle);
548	login_anonymous_available();
549	free(zTitle);
550	zEUser = db_text(0,
551	"SELECT value FROM tagxref"
552	" WHERE tagid=%d AND rid=%d AND tagtype>0",
553	TAG_USER, rid);
554	zEComment = db_text(0,
	@@ -1582,11 +1580,11 @@
1582	login_check_credentials();
1583	if( !g.perm.Read ){ login_needed(); return; }
1584	if( rid==0 ) fossil_redirect_home();
1585	if( g.perm.Admin ){
1586	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1587	if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
1588	style_submenu_element("Unshun","Unshun", "%s/shun?accept=%s&sub=1#delshun",
1589	g.zTop, zUuid);
1590	}else{
1591	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
1592	g.zTop, zUuid);
	@@ -1768,20 +1766,20 @@
1768	login_check_credentials();
1769	if( !g.perm.Read ){ login_needed(); return; }
1770	if( rid==0 ) fossil_redirect_home();
1771	if( g.perm.Admin ){
1772	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1773	if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
1774	style_submenu_element("Unshun","Unshun", "%s/shun?accept=%s&sub=1#accshun",
1775	g.zTop, zUuid);
1776	}else{
1777	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
1778	g.zTop, zUuid);
1779	}
1780	}
1781	if( descOnly \|\| P("verbose")!=0 ) objdescFlags \|= OBJDESC_DETAIL;
1782	style_header(descOnly ? "Artifact Description" : "Artifact Content");
1783	zUuid = db_text("?", "SELECT uuid FROM blob WHERE rid=%d", rid);
1784	if( g.perm.Setup ){
1785	@ <h2>Artifact %s(zUuid) (%d(rid)):</h2>
1786	}else{
1787	@ <h2>Artifact %s(zUuid):</h2>
	@@ -1884,11 +1882,11 @@
1884	if( !g.perm.RdTkt ){ login_needed(); return; }
1885	rid = name_to_rid_www("name");
1886	if( rid==0 ){ fossil_redirect_home(); }
1887	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1888	if( g.perm.Admin ){
1889	if( db_exists("SELECT 1 FROM shun WHERE uuid='%s'", zUuid) ){
1890	style_submenu_element("Unshun","Unshun", "%s/shun?accept=%s&sub=1#accshun",
1891	g.zTop, zUuid);
1892	}else{
1893	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
1894	g.zTop, zUuid);
	@@ -2029,11 +2027,11 @@
2029	cgi_set_parameter("src","info");
2030	ambiguous_page();
2031	return;
2032	}
2033	zName = blob_str(&uuid);
2034	rid = db_int(0, "SELECT rid FROM blob WHERE uuid='%s'", zName);
2035	if( rid==0 ){
2036	style_header("Broken Link");
2037	@ <p>No such object: %h(zName)</p>
2038	style_footer();
2039	return;
2040

	--- src/info.c
	+++ src/info.c
	@@ -535,20 +535,18 @@
535	timeline_utc(), timeline_utc(), rid, rid
536	);
537	sideBySide = !is_false(PD("sbs","1"));
538	if( db_step(&q1)==SQLITE_ROW ){
539	const char *zUuid = db_column_text(&q1, 0);

540	char zEUser, zEComment;
541	const char *zUser;
542	const char *zComment;
543	const char *zDate;
544	const char *zOrigDate;
545
546	style_header("Check-in [%s]", zUuid);
547	login_anonymous_available();

548	zEUser = db_text(0,
549	"SELECT value FROM tagxref"
550	" WHERE tagid=%d AND rid=%d AND tagtype>0",
551	TAG_USER, rid);
552	zEComment = db_text(0,
	@@ -1582,11 +1580,11 @@
1580	login_check_credentials();
1581	if( !g.perm.Read ){ login_needed(); return; }
1582	if( rid==0 ) fossil_redirect_home();
1583	if( g.perm.Admin ){
1584	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1585	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
1586	style_submenu_element("Unshun","Unshun", "%s/shun?accept=%s&sub=1#delshun",
1587	g.zTop, zUuid);
1588	}else{
1589	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
1590	g.zTop, zUuid);
	@@ -1768,20 +1766,20 @@
1766	login_check_credentials();
1767	if( !g.perm.Read ){ login_needed(); return; }
1768	if( rid==0 ) fossil_redirect_home();
1769	if( g.perm.Admin ){
1770	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1771	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
1772	style_submenu_element("Unshun","Unshun", "%s/shun?accept=%s&sub=1#accshun",
1773	g.zTop, zUuid);
1774	}else{
1775	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
1776	g.zTop, zUuid);
1777	}
1778	}
1779	if( descOnly \|\| P("verbose")!=0 ) objdescFlags \|= OBJDESC_DETAIL;
1780	style_header("%s", descOnly ? "Artifact Description" : "Artifact Content");
1781	zUuid = db_text("?", "SELECT uuid FROM blob WHERE rid=%d", rid);
1782	if( g.perm.Setup ){
1783	@ <h2>Artifact %s(zUuid) (%d(rid)):</h2>
1784	}else{
1785	@ <h2>Artifact %s(zUuid):</h2>
	@@ -1884,11 +1882,11 @@
1882	if( !g.perm.RdTkt ){ login_needed(); return; }
1883	rid = name_to_rid_www("name");
1884	if( rid==0 ){ fossil_redirect_home(); }
1885	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1886	if( g.perm.Admin ){
1887	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
1888	style_submenu_element("Unshun","Unshun", "%s/shun?accept=%s&sub=1#accshun",
1889	g.zTop, zUuid);
1890	}else{
1891	style_submenu_element("Shun","Shun", "%s/shun?shun=%s#addshun",
1892	g.zTop, zUuid);
	@@ -2029,11 +2027,11 @@
2027	cgi_set_parameter("src","info");
2028	ambiguous_page();
2029	return;
2030	}
2031	zName = blob_str(&uuid);
2032	rid = db_int(0, "SELECT rid FROM blob WHERE uuid=%Q", zName);
2033	if( rid==0 ){
2034	style_header("Broken Link");
2035	@ <p>No such object: %h(zName)</p>
2036	style_footer();
2037	return;
2038

M src/json.c

+7 -7

		--- src/json.c
		+++ src/json.c
		@@ -1665,11 +1665,11 @@
1665	1665	cson_value * json_sql_to_array_of_obj(Blob * pSql, cson_array * pTgt,
1666	1666	char resetBlob){
1667	1667	Stmt q = empty_Stmt;
1668	1668	cson_value * pay = NULL;
1669	1669	assert( blob_size(pSql) > 0 );
1670		- db_prepare(&q, "%s", blob_str(pSql));
	1670	+ db_prepare(&q, "%s", blob_str(pSql) /safe-for-%s/);
1671	1671	if(resetBlob){
1672	1672	blob_reset(pSql);
1673	1673	}
1674	1674	pay = json_stmt_to_array_of_obj(&q, pTgt);
1675	1675	db_finalize(&q);
		@@ -1983,16 +1983,16 @@
1983	1983	cson_object_set(jo, "sqlite", jv2);
1984	1984	sqlite3_snprintf(BufLen, zBuf, "%.19s [%.10s] (%s)",
1985	1985	sqlite3_sourceid(), &sqlite3_sourceid()[20], sqlite3_libversion());
1986	1986	SETBUF(jo2, "version");
1987	1987	zDb = db_name("repository");
1988		- cson_object_set(jo2, "pageCount", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA %s.page_count", zDb)));
1989		- cson_object_set(jo2, "pageSize", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA %s.page_size", zDb)));
1990		- cson_object_set(jo2, "freeList", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA %s.freelist_count", zDb)));
1991		- sqlite3_snprintf(BufLen, zBuf, "%s", db_text(0, "PRAGMA %s.encoding", zDb));
	1988	+ cson_object_set(jo2, "pageCount", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA \"%w\".page_count", zDb)));
	1989	+ cson_object_set(jo2, "pageSize", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA \"%w\".page_size", zDb)));
	1990	+ cson_object_set(jo2, "freeList", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA \"%w\".freelist_count", zDb)));
	1991	+ sqlite3_snprintf(BufLen, zBuf, "%s", db_text(0, "PRAGMA \"%w\".encoding", zDb));
1992	1992	SETBUF(jo2, "encoding");
1993		- sqlite3_snprintf(BufLen, zBuf, "%s", db_text(0, "PRAGMA %s.journal_mode", zDb));
	1993	+ sqlite3_snprintf(BufLen, zBuf, "%s", db_text(0, "PRAGMA \"%w\".journal_mode", zDb));
1994	1994	cson_object_set(jo2, "journalMode", *zBuf ? cson_value_new_string(zBuf, strlen(zBuf)) : cson_value_null());
1995	1995	return jv;
1996	1996	#undef SETBUF
1997	1997	}
1998	1998
		@@ -2016,11 +2016,11 @@
2016	2016	for( ; zPages->name; ++zPages, ++i ){
2017	2017	if(filterByMode){
2018	2018	if(g.isHTTP && zPages->runMode < 0) continue;
2019	2019	else if(zPages->runMode > 0) continue;
2020	2020	}
2021		- blob_appendf(pOut, zPages->name, -1);
	2021	+ blob_append(pOut, zPages->name, -1);
2022	2022	if((zPages+1)->name){
2023	2023	blob_append(pOut, ", ",2);
2024	2024	}
2025	2025	}
2026	2026	return i;
2027	2027

	--- src/json.c
	+++ src/json.c
	@@ -1665,11 +1665,11 @@
1665	cson_value * json_sql_to_array_of_obj(Blob * pSql, cson_array * pTgt,
1666	char resetBlob){
1667	Stmt q = empty_Stmt;
1668	cson_value * pay = NULL;
1669	assert( blob_size(pSql) > 0 );
1670	db_prepare(&q, "%s", blob_str(pSql));
1671	if(resetBlob){
1672	blob_reset(pSql);
1673	}
1674	pay = json_stmt_to_array_of_obj(&q, pTgt);
1675	db_finalize(&q);
	@@ -1983,16 +1983,16 @@
1983	cson_object_set(jo, "sqlite", jv2);
1984	sqlite3_snprintf(BufLen, zBuf, "%.19s [%.10s] (%s)",
1985	sqlite3_sourceid(), &sqlite3_sourceid()[20], sqlite3_libversion());
1986	SETBUF(jo2, "version");
1987	zDb = db_name("repository");
1988	cson_object_set(jo2, "pageCount", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA %s.page_count", zDb)));
1989	cson_object_set(jo2, "pageSize", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA %s.page_size", zDb)));
1990	cson_object_set(jo2, "freeList", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA %s.freelist_count", zDb)));
1991	sqlite3_snprintf(BufLen, zBuf, "%s", db_text(0, "PRAGMA %s.encoding", zDb));
1992	SETBUF(jo2, "encoding");
1993	sqlite3_snprintf(BufLen, zBuf, "%s", db_text(0, "PRAGMA %s.journal_mode", zDb));
1994	cson_object_set(jo2, "journalMode", *zBuf ? cson_value_new_string(zBuf, strlen(zBuf)) : cson_value_null());
1995	return jv;
1996	#undef SETBUF
1997	}
1998
	@@ -2016,11 +2016,11 @@
2016	for( ; zPages->name; ++zPages, ++i ){
2017	if(filterByMode){
2018	if(g.isHTTP && zPages->runMode < 0) continue;
2019	else if(zPages->runMode > 0) continue;
2020	}
2021	blob_appendf(pOut, zPages->name, -1);
2022	if((zPages+1)->name){
2023	blob_append(pOut, ", ",2);
2024	}
2025	}
2026	return i;
2027

	--- src/json.c
	+++ src/json.c
	@@ -1665,11 +1665,11 @@
1665	cson_value * json_sql_to_array_of_obj(Blob * pSql, cson_array * pTgt,
1666	char resetBlob){
1667	Stmt q = empty_Stmt;
1668	cson_value * pay = NULL;
1669	assert( blob_size(pSql) > 0 );
1670	db_prepare(&q, "%s", blob_str(pSql) /safe-for-%s/);
1671	if(resetBlob){
1672	blob_reset(pSql);
1673	}
1674	pay = json_stmt_to_array_of_obj(&q, pTgt);
1675	db_finalize(&q);
	@@ -1983,16 +1983,16 @@
1983	cson_object_set(jo, "sqlite", jv2);
1984	sqlite3_snprintf(BufLen, zBuf, "%.19s [%.10s] (%s)",
1985	sqlite3_sourceid(), &sqlite3_sourceid()[20], sqlite3_libversion());
1986	SETBUF(jo2, "version");
1987	zDb = db_name("repository");
1988	cson_object_set(jo2, "pageCount", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA \"%w\".page_count", zDb)));
1989	cson_object_set(jo2, "pageSize", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA \"%w\".page_size", zDb)));
1990	cson_object_set(jo2, "freeList", cson_value_new_integer((cson_int_t)db_int(0, "PRAGMA \"%w\".freelist_count", zDb)));
1991	sqlite3_snprintf(BufLen, zBuf, "%s", db_text(0, "PRAGMA \"%w\".encoding", zDb));
1992	SETBUF(jo2, "encoding");
1993	sqlite3_snprintf(BufLen, zBuf, "%s", db_text(0, "PRAGMA \"%w\".journal_mode", zDb));
1994	cson_object_set(jo2, "journalMode", *zBuf ? cson_value_new_string(zBuf, strlen(zBuf)) : cson_value_null());
1995	return jv;
1996	#undef SETBUF
1997	}
1998
	@@ -2016,11 +2016,11 @@
2016	for( ; zPages->name; ++zPages, ++i ){
2017	if(filterByMode){
2018	if(g.isHTTP && zPages->runMode < 0) continue;
2019	else if(zPages->runMode > 0) continue;
2020	}
2021	blob_append(pOut, zPages->name, -1);
2022	if((zPages+1)->name){
2023	blob_append(pOut, ", ",2);
2024	}
2025	}
2026	return i;
2027

M src/json_config.c

+2 -2

		--- src/json_config.c
		+++ src/json_config.c
		@@ -145,11 +145,11 @@
145	145	for( i = 0; prop->name; ++prop ){
146	146	if(prop->groupMask & confMask){
147	147	if( i++ ){
148	148	blob_append(&sql,",",1);
149	149	}
150		- blob_appendf(&sql, "%Q", prop->name);
	150	+ blob_append_sql(&sql, "%Q", prop->name);
151	151	}
152	152	}
153	153	blob_append(&sql,") ", -1);
154	154	}
155	155
		@@ -156,11 +156,11 @@
156	156
157	157	if( optSkinBackups ){
158	158	blob_append(&sql, " OR name GLOB 'skin:*'", -1);
159	159	}
160	160	blob_append(&sql," ORDER BY name", -1);
161		- db_prepare(&q, blob_str(&sql));
	161	+ db_prepare(&q, "%s", blob_sql_text(&sql));
162	162	blob_reset(&sql);
163	163	pay = cson_new_object();
164	164	while( (SQLITE_ROW==db_step(&q)) ){
165	165	cson_object_set(pay,
166	166	db_column_text(&q,0),
167	167

	--- src/json_config.c
	+++ src/json_config.c
	@@ -145,11 +145,11 @@
145	for( i = 0; prop->name; ++prop ){
146	if(prop->groupMask & confMask){
147	if( i++ ){
148	blob_append(&sql,",",1);
149	}
150	blob_appendf(&sql, "%Q", prop->name);
151	}
152	}
153	blob_append(&sql,") ", -1);
154	}
155
	@@ -156,11 +156,11 @@
156
157	if( optSkinBackups ){
158	blob_append(&sql, " OR name GLOB 'skin:*'", -1);
159	}
160	blob_append(&sql," ORDER BY name", -1);
161	db_prepare(&q, blob_str(&sql));
162	blob_reset(&sql);
163	pay = cson_new_object();
164	while( (SQLITE_ROW==db_step(&q)) ){
165	cson_object_set(pay,
166	db_column_text(&q,0),
167

	--- src/json_config.c
	+++ src/json_config.c
	@@ -145,11 +145,11 @@
145	for( i = 0; prop->name; ++prop ){
146	if(prop->groupMask & confMask){
147	if( i++ ){
148	blob_append(&sql,",",1);
149	}
150	blob_append_sql(&sql, "%Q", prop->name);
151	}
152	}
153	blob_append(&sql,") ", -1);
154	}
155
	@@ -156,11 +156,11 @@
156
157	if( optSkinBackups ){
158	blob_append(&sql, " OR name GLOB 'skin:*'", -1);
159	}
160	blob_append(&sql," ORDER BY name", -1);
161	db_prepare(&q, "%s", blob_sql_text(&sql));
162	blob_reset(&sql);
163	pay = cson_new_object();
164	while( (SQLITE_ROW==db_step(&q)) ){
165	cson_object_set(pay,
166	db_column_text(&q,0),
167

M src/json_finfo.c

+6 -7

		--- src/json_finfo.c
		+++ src/json_finfo.c
		@@ -62,11 +62,11 @@
62	62	zBefore = json_find_option_cstr("before",NULL,"b");
63	63	zAfter = json_find_option_cstr("after",NULL,"a");
64	64	limit = json_find_option_int("limit",NULL,"n", -1);
65	65	zCheckin = json_find_option_cstr("checkin",NULL,"ci");
66	66
67		- blob_appendf(&sql,
	67	+ blob_append_sql(&sql,
68	68	/0/ "SELECT b.uuid,"
69	69	/1/ " ci.uuid,"
70	70	/2/ " (SELECT uuid FROM blob WHERE rid=mlink.fid)," /* Current file uuid */
71	71	/3/ " cast(strftime('%%s',event.mtime) AS INTEGER),"
72	72	/4/ " coalesce(event.euser, event.user),"
		@@ -93,25 +93,24 @@
93	93	json_set_err((rc<0) ? FSL_JSON_E_AMBIGUOUS_UUID : FSL_JSON_E_RESOURCE_NOT_FOUND,
94	94	"Checkin UUID %s.", (rc<0) ? "is ambiguous" : "not found");
95	95	blob_reset(&sql);
96	96	return NULL;
97	97	}
98		- blob_appendf(&sql, " AND ci.uuid='%q'", zU);
	98	+ blob_append_sql(&sql, " AND ci.uuid='%q'", zU);
99	99	free(zU);
100	100	}else{
101	101	if( zAfter && *zAfter ){
102		- blob_appendf(&sql, " AND event.mtime>=julianday('%q')", zAfter);
	102	+ blob_append_sql(&sql, " AND event.mtime>=julianday('%q')", zAfter);
103	103	sort = 1;
104	104	}else if( zBefore && *zBefore ){
105		- blob_appendf(&sql, " AND event.mtime<=julianday('%q')", zBefore);
	105	+ blob_append_sql(&sql, " AND event.mtime<=julianday('%q')", zBefore);
106	106	}
107	107	}
108	108
109		- blob_appendf(&sql," ORDER BY event.mtime %s /sort/", (sort>0?"ASC":"DESC"));
	109	+ blob_append_sql(&sql," ORDER BY event.mtime %s /sort/", (sort>0?"ASC":"DESC"));
110	110	/printf("SQL=\n%s\n",blob_str(&sql));/
111		- db_prepare(&q, "%s", blob_str(&sql)/*extra %s to avoid double-expanding
112		- SQL escapes*/);
	111	+ db_prepare(&q, "%s", blob_sql_text(&sql));
113	112	blob_reset(&sql);
114	113
115	114	pay = cson_new_object();
116	115	cson_object_set(pay, "name", json_new_string(zFilename));
117	116	if( limit > 0 ){
118	117

	--- src/json_finfo.c
	+++ src/json_finfo.c
	@@ -62,11 +62,11 @@
62	zBefore = json_find_option_cstr("before",NULL,"b");
63	zAfter = json_find_option_cstr("after",NULL,"a");
64	limit = json_find_option_int("limit",NULL,"n", -1);
65	zCheckin = json_find_option_cstr("checkin",NULL,"ci");
66
67	blob_appendf(&sql,
68	/0/ "SELECT b.uuid,"
69	/1/ " ci.uuid,"
70	/2/ " (SELECT uuid FROM blob WHERE rid=mlink.fid)," /* Current file uuid */
71	/3/ " cast(strftime('%%s',event.mtime) AS INTEGER),"
72	/4/ " coalesce(event.euser, event.user),"
	@@ -93,25 +93,24 @@
93	json_set_err((rc<0) ? FSL_JSON_E_AMBIGUOUS_UUID : FSL_JSON_E_RESOURCE_NOT_FOUND,
94	"Checkin UUID %s.", (rc<0) ? "is ambiguous" : "not found");
95	blob_reset(&sql);
96	return NULL;
97	}
98	blob_appendf(&sql, " AND ci.uuid='%q'", zU);
99	free(zU);
100	}else{
101	if( zAfter && *zAfter ){
102	blob_appendf(&sql, " AND event.mtime>=julianday('%q')", zAfter);
103	sort = 1;
104	}else if( zBefore && *zBefore ){
105	blob_appendf(&sql, " AND event.mtime<=julianday('%q')", zBefore);
106	}
107	}
108
109	blob_appendf(&sql," ORDER BY event.mtime %s /sort/", (sort>0?"ASC":"DESC"));
110	/printf("SQL=\n%s\n",blob_str(&sql));/
111	db_prepare(&q, "%s", blob_str(&sql)/*extra %s to avoid double-expanding
112	SQL escapes*/);
113	blob_reset(&sql);
114
115	pay = cson_new_object();
116	cson_object_set(pay, "name", json_new_string(zFilename));
117	if( limit > 0 ){
118

	--- src/json_finfo.c
	+++ src/json_finfo.c
	@@ -62,11 +62,11 @@
62	zBefore = json_find_option_cstr("before",NULL,"b");
63	zAfter = json_find_option_cstr("after",NULL,"a");
64	limit = json_find_option_int("limit",NULL,"n", -1);
65	zCheckin = json_find_option_cstr("checkin",NULL,"ci");
66
67	blob_append_sql(&sql,
68	/0/ "SELECT b.uuid,"
69	/1/ " ci.uuid,"
70	/2/ " (SELECT uuid FROM blob WHERE rid=mlink.fid)," /* Current file uuid */
71	/3/ " cast(strftime('%%s',event.mtime) AS INTEGER),"
72	/4/ " coalesce(event.euser, event.user),"
	@@ -93,25 +93,24 @@
93	json_set_err((rc<0) ? FSL_JSON_E_AMBIGUOUS_UUID : FSL_JSON_E_RESOURCE_NOT_FOUND,
94	"Checkin UUID %s.", (rc<0) ? "is ambiguous" : "not found");
95	blob_reset(&sql);
96	return NULL;
97	}
98	blob_append_sql(&sql, " AND ci.uuid='%q'", zU);
99	free(zU);
100	}else{
101	if( zAfter && *zAfter ){
102	blob_append_sql(&sql, " AND event.mtime>=julianday('%q')", zAfter);
103	sort = 1;
104	}else if( zBefore && *zBefore ){
105	blob_append_sql(&sql, " AND event.mtime<=julianday('%q')", zBefore);
106	}
107	}
108
109	blob_append_sql(&sql," ORDER BY event.mtime %s /sort/", (sort>0?"ASC":"DESC"));
110	/printf("SQL=\n%s\n",blob_str(&sql));/
111	db_prepare(&q, "%s", blob_sql_text(&sql));

112	blob_reset(&sql);
113
114	pay = cson_new_object();
115	cson_object_set(pay, "name", json_new_string(zFilename));
116	if( limit > 0 ){
117

M src/json_query.c

+1 -1

		--- src/json_query.c
		+++ src/json_query.c
		@@ -64,11 +64,11 @@
64	64	return NULL;
65	65	}
66	66
67	67	zFmt = json_find_option_cstr2("format",NULL,"f",3);
68	68	if(!zFmt) zFmt = "o";
69		- db_prepare(&q,"%s", zSql);
	69	+ db_prepare(&q,"%s", zSql/safe-for-%s/);
70	70	if( 0 == sqlite3_column_count( q.pStmt ) ){
71	71	json_set_err(FSL_JSON_E_USAGE,
72	72	"Input query has no result columns. "
73	73	"Only SELECT-like queries are supported.");
74	74	db_finalize(&q);
75	75

	--- src/json_query.c
	+++ src/json_query.c
	@@ -64,11 +64,11 @@
64	return NULL;
65	}
66
67	zFmt = json_find_option_cstr2("format",NULL,"f",3);
68	if(!zFmt) zFmt = "o";
69	db_prepare(&q,"%s", zSql);
70	if( 0 == sqlite3_column_count( q.pStmt ) ){
71	json_set_err(FSL_JSON_E_USAGE,
72	"Input query has no result columns. "
73	"Only SELECT-like queries are supported.");
74	db_finalize(&q);
75

	--- src/json_query.c
	+++ src/json_query.c
	@@ -64,11 +64,11 @@
64	return NULL;
65	}
66
67	zFmt = json_find_option_cstr2("format",NULL,"f",3);
68	if(!zFmt) zFmt = "o";
69	db_prepare(&q,"%s", zSql/safe-for-%s/);
70	if( 0 == sqlite3_column_count( q.pStmt ) ){
71	json_set_err(FSL_JSON_E_USAGE,
72	"Input query has no result columns. "
73	"Only SELECT-like queries are supported.");
74	db_finalize(&q);
75

M src/json_report.c

+1 -1

		--- src/json_report.c
		+++ src/json_report.c
		@@ -204,11 +204,11 @@
204	204
205	205	/* Copy over report's SQL...*/
206	206	blob_append(&sql, db_column_text(&q,0), -1);
207	207	zTitle = mprintf("%s", db_column_text(&q,1));
208	208	db_finalize(&q);
209		- db_prepare(&q, "%s", blob_str(&sql));
	209	+ db_prepare(&q, "%s", blob_sql_text(&sql));
210	210
211	211	/** Build the response... */
212	212	pay = cson_new_object();
213	213
214	214	cson_object_set(pay, "report", json_new_int(nReport));
215	215

	--- src/json_report.c
	+++ src/json_report.c
	@@ -204,11 +204,11 @@
204
205	/* Copy over report's SQL...*/
206	blob_append(&sql, db_column_text(&q,0), -1);
207	zTitle = mprintf("%s", db_column_text(&q,1));
208	db_finalize(&q);
209	db_prepare(&q, "%s", blob_str(&sql));
210
211	/** Build the response... */
212	pay = cson_new_object();
213
214	cson_object_set(pay, "report", json_new_int(nReport));
215

	--- src/json_report.c
	+++ src/json_report.c
	@@ -204,11 +204,11 @@
204
205	/* Copy over report's SQL...*/
206	blob_append(&sql, db_column_text(&q,0), -1);
207	zTitle = mprintf("%s", db_column_text(&q,1));
208	db_finalize(&q);
209	db_prepare(&q, "%s", blob_sql_text(&sql));
210
211	/** Build the response... */
212	pay = cson_new_object();
213
214	cson_object_set(pay, "report", json_new_int(nReport));
215

M src/json_tag.c

+2 -2

		--- src/json_tag.c
		+++ src/json_tag.c
		@@ -301,11 +301,11 @@
301	301	" SELECT rid FROM tagxref"
302	302	" WHERE tagtype>0 AND tagid=%d"
303	303	" )"
304	304	" ORDER BY event.mtime DESC"
305	305	"%s LIMIT %d",
306		- zSqlBase, zType, tagid,
	306	+ zSqlBase /safe-for-%s/, zType, tagid,
307	307	(limit>0)?"":"--", limit
308	308	);
309	309	listV = json_stmt_to_array_of_obj(&q, NULL);
310	310	db_finalize(&q);
311	311	}
		@@ -442,11 +442,11 @@
442	442	if(!fTicket){
443	443	blob_append(&sql, " AND tagname NOT GLOB('tkt-*') ", -1);
444	444	}
445	445	blob_append(&sql,
446	446	" ORDER BY tagname", -1);
447		- db_prepare(&q, blob_buffer(&sql));
	447	+ db_prepare(&q, "%s", blob_sql_text(&sql));
448	448	blob_reset(&sql);
449	449	cson_object_set(pay, "includeTickets", cson_value_new_bool(fTicket) );
450	450	while( SQLITE_ROW == db_step(&q) ){
451	451	const char *zName = db_column_text(&q, 0);
452	452	if(NULL==arV){
453	453

	--- src/json_tag.c
	+++ src/json_tag.c
	@@ -301,11 +301,11 @@
301	" SELECT rid FROM tagxref"
302	" WHERE tagtype>0 AND tagid=%d"
303	" )"
304	" ORDER BY event.mtime DESC"
305	"%s LIMIT %d",
306	zSqlBase, zType, tagid,
307	(limit>0)?"":"--", limit
308	);
309	listV = json_stmt_to_array_of_obj(&q, NULL);
310	db_finalize(&q);
311	}
	@@ -442,11 +442,11 @@
442	if(!fTicket){
443	blob_append(&sql, " AND tagname NOT GLOB('tkt-*') ", -1);
444	}
445	blob_append(&sql,
446	" ORDER BY tagname", -1);
447	db_prepare(&q, blob_buffer(&sql));
448	blob_reset(&sql);
449	cson_object_set(pay, "includeTickets", cson_value_new_bool(fTicket) );
450	while( SQLITE_ROW == db_step(&q) ){
451	const char *zName = db_column_text(&q, 0);
452	if(NULL==arV){
453

	--- src/json_tag.c
	+++ src/json_tag.c
	@@ -301,11 +301,11 @@
301	" SELECT rid FROM tagxref"
302	" WHERE tagtype>0 AND tagid=%d"
303	" )"
304	" ORDER BY event.mtime DESC"
305	"%s LIMIT %d",
306	zSqlBase /safe-for-%s/, zType, tagid,
307	(limit>0)?"":"--", limit
308	);
309	listV = json_stmt_to_array_of_obj(&q, NULL);
310	db_finalize(&q);
311	}
	@@ -442,11 +442,11 @@
442	if(!fTicket){
443	blob_append(&sql, " AND tagname NOT GLOB('tkt-*') ", -1);
444	}
445	blob_append(&sql,
446	" ORDER BY tagname", -1);
447	db_prepare(&q, "%s", blob_sql_text(&sql));
448	blob_reset(&sql);
449	cson_object_set(pay, "includeTickets", cson_value_new_bool(fTicket) );
450	while( SQLITE_ROW == db_step(&q) ){
451	const char *zName = db_column_text(&q, 0);
452	if(NULL==arV){
453

M src/json_timeline.c

+9 -11

		--- src/json_timeline.c
		+++ src/json_timeline.c
		@@ -83,11 +83,11 @@
83	83	@ tags TEXT,
84	84	@ tagId INTEGER,
85	85	@ brief TEXT
86	86	@ )
87	87	;
88		- db_multi_exec(zSql);
	88	+ db_multi_exec("%s", zSql /safe-for-%s/);
89	89	}
90	90
91	91	/*
92	92	** Return a pointer to a constant string that forms the basis
93	93	** for a timeline query for the JSON interface.
		@@ -384,21 +384,21 @@
384	384	" bgcolor as bgColor"
385	385	" FROM event JOIN blob"
386	386	" WHERE blob.rid=event.objid",
387	387	-1);
388	388
389		- blob_appendf(&sql,
	389	+ blob_append_sql(&sql,
390	390	" AND event.type='ci'"
391	391	" AND blob.rid IN (SELECT rid FROM tagxref"
392	392	" WHERE tagtype>0 AND tagid=%d AND srcid!=0)"
393	393	" ORDER BY event.mtime DESC",
394	394	TAG_BRANCH);
395	395	limit = json_timeline_limit(20);
396	396	if(limit>0){
397		- blob_appendf(&sql," LIMIT %d ",limit);
	397	+ blob_append_sql(&sql," LIMIT %d ",limit);
398	398	}
399		- db_prepare(&q,"%s", blob_str(&sql));
	399	+ db_prepare(&q,"%s", blob_sql_text(&sql));
400	400	blob_reset(&sql);
401	401	pay = json_stmt_to_array_of_obj(&q, NULL);
402	402	db_finalize(&q);
403	403	assert(NULL != pay);
404	404	if(pay){
		@@ -482,11 +482,11 @@
482	482	#if 0
483	483	/* only for testing! */
484	484	tmp = cson_value_new_string(blob_buffer(&sql),strlen(blob_buffer(&sql)));
485	485	SET("timelineSql");
486	486	#endif
487		- db_multi_exec(blob_buffer(&sql));
	487	+ db_multi_exec("%s", blob_buffer(&sql)/safe-for-%s/);
488	488	blob_reset(&sql);
489	489	db_prepare(&q, "SELECT "
490	490	" rid AS rid"
491	491	" FROM json_timeline"
492	492	" ORDER BY rowid");
		@@ -547,11 +547,11 @@
547	547	#if 0
548	548	/* only for testing! */
549	549	tmp = cson_value_new_string(blob_buffer(&sql),strlen(blob_buffer(&sql)));
550	550	SET("timelineSql");
551	551	#endif
552		- db_multi_exec(blob_buffer(&sql));
	552	+ db_multi_exec("%s", blob_buffer(&sql) /safe-for-%s/);
553	553	blob_reset(&sql);
554	554	db_prepare(&q, "SELECT"
555	555	" uuid AS uuid,"
556	556	" mtime AS timestamp,"
557	557	#if 0
		@@ -565,12 +565,11 @@
565	565	" tags AS tags," /*FIXME: split this into
566	566	a JSON array*/
567	567	" tagId AS tagId,"
568	568	#endif
569	569	" FROM json_timeline"
570		- " ORDER BY rowid",
571		- -1);
	570	+ " ORDER BY rowid");
572	571	list = cson_new_array();
573	572	json_stmt_to_array_of_obj(&q, list);
574	573	cson_object_set(pay, "timeline", cson_array_value(list));
575	574	goto ok;
576	575	error:
		@@ -607,11 +606,11 @@
607	606	if(check){
608	607	json_set_err(check, "Query initialization failed.");
609	608	goto error;
610	609	}
611	610
612		- db_multi_exec(blob_buffer(&sql));
	611	+ db_multi_exec("%s", blob_buffer(&sql) /safe-for-%s/);
613	612	#define SET(K) if(0!=(check=cson_object_set(pay,K,tmp))){ \
614	613	json_set_err((cson_rc.AllocError==check) \
615	614	? FSL_JSON_E_ALLOC : FSL_JSON_E_UNKNOWN, \
616	615	"Object property insertion failed."); \
617	616	goto error;\
		@@ -638,12 +637,11 @@
638	637	" user AS user,"
639	638	" eventType AS eventType,"
640	639	" comment AS comment,"
641	640	" brief AS briefComment"
642	641	" FROM json_timeline"
643		- " ORDER BY rowid",
644		- -1);
	642	+ " ORDER BY rowid");
645	643	listV = cson_value_new_array();
646	644	list = cson_value_get_array(listV);
647	645	tmp = listV;
648	646	SET("timeline");
649	647	while( (SQLITE_ROW == db_step(&q) )){
650	648

	--- src/json_timeline.c
	+++ src/json_timeline.c
	@@ -83,11 +83,11 @@
83	@ tags TEXT,
84	@ tagId INTEGER,
85	@ brief TEXT
86	@ )
87	;
88	db_multi_exec(zSql);
89	}
90
91	/*
92	** Return a pointer to a constant string that forms the basis
93	** for a timeline query for the JSON interface.
	@@ -384,21 +384,21 @@
384	" bgcolor as bgColor"
385	" FROM event JOIN blob"
386	" WHERE blob.rid=event.objid",
387	-1);
388
389	blob_appendf(&sql,
390	" AND event.type='ci'"
391	" AND blob.rid IN (SELECT rid FROM tagxref"
392	" WHERE tagtype>0 AND tagid=%d AND srcid!=0)"
393	" ORDER BY event.mtime DESC",
394	TAG_BRANCH);
395	limit = json_timeline_limit(20);
396	if(limit>0){
397	blob_appendf(&sql," LIMIT %d ",limit);
398	}
399	db_prepare(&q,"%s", blob_str(&sql));
400	blob_reset(&sql);
401	pay = json_stmt_to_array_of_obj(&q, NULL);
402	db_finalize(&q);
403	assert(NULL != pay);
404	if(pay){
	@@ -482,11 +482,11 @@
482	#if 0
483	/* only for testing! */
484	tmp = cson_value_new_string(blob_buffer(&sql),strlen(blob_buffer(&sql)));
485	SET("timelineSql");
486	#endif
487	db_multi_exec(blob_buffer(&sql));
488	blob_reset(&sql);
489	db_prepare(&q, "SELECT "
490	" rid AS rid"
491	" FROM json_timeline"
492	" ORDER BY rowid");
	@@ -547,11 +547,11 @@
547	#if 0
548	/* only for testing! */
549	tmp = cson_value_new_string(blob_buffer(&sql),strlen(blob_buffer(&sql)));
550	SET("timelineSql");
551	#endif
552	db_multi_exec(blob_buffer(&sql));
553	blob_reset(&sql);
554	db_prepare(&q, "SELECT"
555	" uuid AS uuid,"
556	" mtime AS timestamp,"
557	#if 0
	@@ -565,12 +565,11 @@
565	" tags AS tags," /*FIXME: split this into
566	a JSON array*/
567	" tagId AS tagId,"
568	#endif
569	" FROM json_timeline"
570	" ORDER BY rowid",
571	-1);
572	list = cson_new_array();
573	json_stmt_to_array_of_obj(&q, list);
574	cson_object_set(pay, "timeline", cson_array_value(list));
575	goto ok;
576	error:
	@@ -607,11 +606,11 @@
607	if(check){
608	json_set_err(check, "Query initialization failed.");
609	goto error;
610	}
611
612	db_multi_exec(blob_buffer(&sql));
613	#define SET(K) if(0!=(check=cson_object_set(pay,K,tmp))){ \
614	json_set_err((cson_rc.AllocError==check) \
615	? FSL_JSON_E_ALLOC : FSL_JSON_E_UNKNOWN, \
616	"Object property insertion failed."); \
617	goto error;\
	@@ -638,12 +637,11 @@
638	" user AS user,"
639	" eventType AS eventType,"
640	" comment AS comment,"
641	" brief AS briefComment"
642	" FROM json_timeline"
643	" ORDER BY rowid",
644	-1);
645	listV = cson_value_new_array();
646	list = cson_value_get_array(listV);
647	tmp = listV;
648	SET("timeline");
649	while( (SQLITE_ROW == db_step(&q) )){
650

	--- src/json_timeline.c
	+++ src/json_timeline.c
	@@ -83,11 +83,11 @@
83	@ tags TEXT,
84	@ tagId INTEGER,
85	@ brief TEXT
86	@ )
87	;
88	db_multi_exec("%s", zSql /safe-for-%s/);
89	}
90
91	/*
92	** Return a pointer to a constant string that forms the basis
93	** for a timeline query for the JSON interface.
	@@ -384,21 +384,21 @@
384	" bgcolor as bgColor"
385	" FROM event JOIN blob"
386	" WHERE blob.rid=event.objid",
387	-1);
388
389	blob_append_sql(&sql,
390	" AND event.type='ci'"
391	" AND blob.rid IN (SELECT rid FROM tagxref"
392	" WHERE tagtype>0 AND tagid=%d AND srcid!=0)"
393	" ORDER BY event.mtime DESC",
394	TAG_BRANCH);
395	limit = json_timeline_limit(20);
396	if(limit>0){
397	blob_append_sql(&sql," LIMIT %d ",limit);
398	}
399	db_prepare(&q,"%s", blob_sql_text(&sql));
400	blob_reset(&sql);
401	pay = json_stmt_to_array_of_obj(&q, NULL);
402	db_finalize(&q);
403	assert(NULL != pay);
404	if(pay){
	@@ -482,11 +482,11 @@
482	#if 0
483	/* only for testing! */
484	tmp = cson_value_new_string(blob_buffer(&sql),strlen(blob_buffer(&sql)));
485	SET("timelineSql");
486	#endif
487	db_multi_exec("%s", blob_buffer(&sql)/safe-for-%s/);
488	blob_reset(&sql);
489	db_prepare(&q, "SELECT "
490	" rid AS rid"
491	" FROM json_timeline"
492	" ORDER BY rowid");
	@@ -547,11 +547,11 @@
547	#if 0
548	/* only for testing! */
549	tmp = cson_value_new_string(blob_buffer(&sql),strlen(blob_buffer(&sql)));
550	SET("timelineSql");
551	#endif
552	db_multi_exec("%s", blob_buffer(&sql) /safe-for-%s/);
553	blob_reset(&sql);
554	db_prepare(&q, "SELECT"
555	" uuid AS uuid,"
556	" mtime AS timestamp,"
557	#if 0
	@@ -565,12 +565,11 @@
565	" tags AS tags," /*FIXME: split this into
566	a JSON array*/
567	" tagId AS tagId,"
568	#endif
569	" FROM json_timeline"
570	" ORDER BY rowid");

571	list = cson_new_array();
572	json_stmt_to_array_of_obj(&q, list);
573	cson_object_set(pay, "timeline", cson_array_value(list));
574	goto ok;
575	error:
	@@ -607,11 +606,11 @@
606	if(check){
607	json_set_err(check, "Query initialization failed.");
608	goto error;
609	}
610
611	db_multi_exec("%s", blob_buffer(&sql) /safe-for-%s/);
612	#define SET(K) if(0!=(check=cson_object_set(pay,K,tmp))){ \
613	json_set_err((cson_rc.AllocError==check) \
614	? FSL_JSON_E_ALLOC : FSL_JSON_E_UNKNOWN, \
615	"Object property insertion failed."); \
616	goto error;\
	@@ -638,12 +637,11 @@
637	" user AS user,"
638	" eventType AS eventType,"
639	" comment AS comment,"
640	" brief AS briefComment"
641	" FROM json_timeline"
642	" ORDER BY rowid");

643	listV = cson_value_new_array();
644	list = cson_value_get_array(listV);
645	tmp = listV;
646	SET("timeline");
647	while( (SQLITE_ROW == db_step(&q) )){
648

M src/json_user.c

+9 -9

		--- src/json_user.c
		+++ src/json_user.c
		@@ -286,11 +286,11 @@
286	286	/* reminders: 1) does not allocate.
287	287	2) we do this because changing a name
288	288	invalidates any login token because the old name
289	289	is part of the token hash.
290	290	*/;
291		- blob_appendf(&sql, ", login=%Q", zNameNew);
	291	+ blob_append_sql(&sql, ", login=%Q", zNameNew);
292	292	++gotFields;
293	293	}
294	294	}
295	295
296	296	if( zCap && *zCap ){
		@@ -298,11 +298,11 @@
298	298	/* we "could" arguably silently ignore cap in this case. */
299	299	json_set_err(FSL_JSON_E_DENIED,
300	300	"Changing capabilities requires 'a' or 's' privileges.");
301	301	goto error;
302	302	}
303		- blob_appendf(&sql, ", cap=%Q", zCap);
	303	+ blob_append_sql(&sql, ", cap=%Q", zCap);
304	304	++gotFields;
305	305	}
306	306
307	307	if( zPW && *zPW ){
308	308	if(!g.perm.Admin && !g.perm.Setup && !g.perm.Password){
		@@ -314,24 +314,24 @@
314	314	#define TRY_LOGIN_GROUP 0 /* login group support is not yet implemented. */
315	315	#if !TRY_LOGIN_GROUP
316	316	char * zPWHash = NULL;
317	317	++gotFields;
318	318	zPWHash = sha1_shared_secret(zPW, zNameNew ? zNameNew : zName, NULL);
319		- blob_appendf(&sql, ", pw=%Q", zPWHash);
	319	+ blob_append_sql(&sql, ", pw=%Q", zPWHash);
320	320	free(zPWHash);
321	321	#else
322	322	++gotFields;
323		- blob_appendf(&sql, ", pw=coalesce(shared_secret(%Q,%Q,"
	323	+ blob_append_sql(&sql, ", pw=coalesce(shared_secret(%Q,%Q,"
324	324	"(SELECT value FROM config WHERE name='project-code')))",
325	325	zPW, zNameNew ? zNameNew : zName);
326	326	/* shared_secret() func is undefined? */
327	327	#endif
328	328	}
329	329	}
330	330
331	331	if( zInfo ){
332		- blob_appendf(&sql, ", info=%Q", zInfo);
	332	+ blob_append_sql(&sql, ", info=%Q", zInfo);
333	333	++gotFields;
334	334	}
335	335
336	336	if((g.perm.Admin \|\| g.perm.Setup)
337	337	&& forceLogout && cson_value_get_bool(forceLogout)){
		@@ -344,26 +344,26 @@
344	344	"Required user data are missing.");
345	345	goto error;
346	346	}
347	347	assert(uid>0);
348	348	#if !TRY_LOGIN_GROUP
349		- blob_appendf(&sql, " WHERE uid=%d", uid);
	349	+ blob_append_sql(&sql, " WHERE uid=%d", uid);
350	350	#else /* need name for login group support :/ */
351		- blob_appendf(&sql, " WHERE login=%Q", zName);
	351	+ blob_append_sql(&sql, " WHERE login=%Q", zName);
352	352	#endif
353	353	#if 0
354	354	puts(blob_str(&sql));
355	355	cson_output_FILE( cson_object_value(pUser), stdout, NULL );
356	356	#endif
357		- db_prepare(&q, "%s", blob_str(&sql));
	357	+ db_prepare(&q, "%s", blob_sql_text(&sql));
358	358	db_exec(&q);
359	359	db_finalize(&q);
360	360	#if TRY_LOGIN_GROUP
361	361	if( zPW \|\| cson_value_get_bool(forceLogout) ){
362	362	Blob groupSql = empty_blob;
363	363	char * zErr = NULL;
364		- blob_appendf(&groupSql,
	364	+ blob_append_sql(&groupSql,
365	365	"INSERT INTO user(login)"
366	366	" SELECT %Q WHERE NOT EXISTS(SELECT 1 FROM user WHERE login=%Q);",
367	367	zName, zName
368	368	);
369	369	blob_append(&groupSql, blob_str(&sql), blob_size(&sql));
370	370

	--- src/json_user.c
	+++ src/json_user.c
	@@ -286,11 +286,11 @@
286	/* reminders: 1) does not allocate.
287	2) we do this because changing a name
288	invalidates any login token because the old name
289	is part of the token hash.
290	*/;
291	blob_appendf(&sql, ", login=%Q", zNameNew);
292	++gotFields;
293	}
294	}
295
296	if( zCap && *zCap ){
	@@ -298,11 +298,11 @@
298	/* we "could" arguably silently ignore cap in this case. */
299	json_set_err(FSL_JSON_E_DENIED,
300	"Changing capabilities requires 'a' or 's' privileges.");
301	goto error;
302	}
303	blob_appendf(&sql, ", cap=%Q", zCap);
304	++gotFields;
305	}
306
307	if( zPW && *zPW ){
308	if(!g.perm.Admin && !g.perm.Setup && !g.perm.Password){
	@@ -314,24 +314,24 @@
314	#define TRY_LOGIN_GROUP 0 /* login group support is not yet implemented. */
315	#if !TRY_LOGIN_GROUP
316	char * zPWHash = NULL;
317	++gotFields;
318	zPWHash = sha1_shared_secret(zPW, zNameNew ? zNameNew : zName, NULL);
319	blob_appendf(&sql, ", pw=%Q", zPWHash);
320	free(zPWHash);
321	#else
322	++gotFields;
323	blob_appendf(&sql, ", pw=coalesce(shared_secret(%Q,%Q,"
324	"(SELECT value FROM config WHERE name='project-code')))",
325	zPW, zNameNew ? zNameNew : zName);
326	/* shared_secret() func is undefined? */
327	#endif
328	}
329	}
330
331	if( zInfo ){
332	blob_appendf(&sql, ", info=%Q", zInfo);
333	++gotFields;
334	}
335
336	if((g.perm.Admin \|\| g.perm.Setup)
337	&& forceLogout && cson_value_get_bool(forceLogout)){
	@@ -344,26 +344,26 @@
344	"Required user data are missing.");
345	goto error;
346	}
347	assert(uid>0);
348	#if !TRY_LOGIN_GROUP
349	blob_appendf(&sql, " WHERE uid=%d", uid);
350	#else /* need name for login group support :/ */
351	blob_appendf(&sql, " WHERE login=%Q", zName);
352	#endif
353	#if 0
354	puts(blob_str(&sql));
355	cson_output_FILE( cson_object_value(pUser), stdout, NULL );
356	#endif
357	db_prepare(&q, "%s", blob_str(&sql));
358	db_exec(&q);
359	db_finalize(&q);
360	#if TRY_LOGIN_GROUP
361	if( zPW \|\| cson_value_get_bool(forceLogout) ){
362	Blob groupSql = empty_blob;
363	char * zErr = NULL;
364	blob_appendf(&groupSql,
365	"INSERT INTO user(login)"
366	" SELECT %Q WHERE NOT EXISTS(SELECT 1 FROM user WHERE login=%Q);",
367	zName, zName
368	);
369	blob_append(&groupSql, blob_str(&sql), blob_size(&sql));
370

	--- src/json_user.c
	+++ src/json_user.c
	@@ -286,11 +286,11 @@
286	/* reminders: 1) does not allocate.
287	2) we do this because changing a name
288	invalidates any login token because the old name
289	is part of the token hash.
290	*/;
291	blob_append_sql(&sql, ", login=%Q", zNameNew);
292	++gotFields;
293	}
294	}
295
296	if( zCap && *zCap ){
	@@ -298,11 +298,11 @@
298	/* we "could" arguably silently ignore cap in this case. */
299	json_set_err(FSL_JSON_E_DENIED,
300	"Changing capabilities requires 'a' or 's' privileges.");
301	goto error;
302	}
303	blob_append_sql(&sql, ", cap=%Q", zCap);
304	++gotFields;
305	}
306
307	if( zPW && *zPW ){
308	if(!g.perm.Admin && !g.perm.Setup && !g.perm.Password){
	@@ -314,24 +314,24 @@
314	#define TRY_LOGIN_GROUP 0 /* login group support is not yet implemented. */
315	#if !TRY_LOGIN_GROUP
316	char * zPWHash = NULL;
317	++gotFields;
318	zPWHash = sha1_shared_secret(zPW, zNameNew ? zNameNew : zName, NULL);
319	blob_append_sql(&sql, ", pw=%Q", zPWHash);
320	free(zPWHash);
321	#else
322	++gotFields;
323	blob_append_sql(&sql, ", pw=coalesce(shared_secret(%Q,%Q,"
324	"(SELECT value FROM config WHERE name='project-code')))",
325	zPW, zNameNew ? zNameNew : zName);
326	/* shared_secret() func is undefined? */
327	#endif
328	}
329	}
330
331	if( zInfo ){
332	blob_append_sql(&sql, ", info=%Q", zInfo);
333	++gotFields;
334	}
335
336	if((g.perm.Admin \|\| g.perm.Setup)
337	&& forceLogout && cson_value_get_bool(forceLogout)){
	@@ -344,26 +344,26 @@
344	"Required user data are missing.");
345	goto error;
346	}
347	assert(uid>0);
348	#if !TRY_LOGIN_GROUP
349	blob_append_sql(&sql, " WHERE uid=%d", uid);
350	#else /* need name for login group support :/ */
351	blob_append_sql(&sql, " WHERE login=%Q", zName);
352	#endif
353	#if 0
354	puts(blob_str(&sql));
355	cson_output_FILE( cson_object_value(pUser), stdout, NULL );
356	#endif
357	db_prepare(&q, "%s", blob_sql_text(&sql));
358	db_exec(&q);
359	db_finalize(&q);
360	#if TRY_LOGIN_GROUP
361	if( zPW \|\| cson_value_get_bool(forceLogout) ){
362	Blob groupSql = empty_blob;
363	char * zErr = NULL;
364	blob_append_sql(&groupSql,
365	"INSERT INTO user(login)"
366	" SELECT %Q WHERE NOT EXISTS(SELECT 1 FROM user WHERE login=%Q);",
367	zName, zName
368	);
369	blob_append(&groupSql, blob_str(&sql), blob_size(&sql));
370

M src/json_wiki.c

+5 -6

		--- src/json_wiki.c
		+++ src/json_wiki.c
		@@ -444,22 +444,21 @@
444	444	" substr(tagname,6) as name"
445	445	" FROM tag WHERE tagname GLOB 'wiki-*'",
446	446	-1);
447	447	zGlob = json_find_option_cstr("glob",NULL,"g");
448	448	if(zGlob && *zGlob){
449		- blob_appendf(&sql," AND name %s GLOB %Q",
450		- fInvert ? "NOT" : "", zGlob);
	449	+ blob_append_sql(&sql," AND name %s GLOB %Q",
	450	+ fInvert ? "NOT" : "", zGlob);
451	451	}else{
452	452	zGlob = json_find_option_cstr("like",NULL,"l");
453	453	if(zGlob && *zGlob){
454		- blob_appendf(&sql," AND name %s LIKE %Q",
455		- fInvert ? "NOT" : "",
456		- zGlob);
	454	+ blob_append_sql(&sql," AND name %s LIKE %Q",
	455	+ fInvert ? "NOT" : "", zGlob);
457	456	}
458	457	}
459	458	blob_append(&sql," ORDER BY lower(name)", -1);
460		- db_prepare(&q,"%s", blob_str(&sql));
	459	+ db_prepare(&q,"%s", blob_sql_text(&sql));
461	460	blob_reset(&sql);
462	461	listV = cson_value_new_array();
463	462	list = cson_value_get_array(listV);
464	463	while( SQLITE_ROW == db_step(&q) ){
465	464	cson_value * v;
466	465

	--- src/json_wiki.c
	+++ src/json_wiki.c
	@@ -444,22 +444,21 @@
444	" substr(tagname,6) as name"
445	" FROM tag WHERE tagname GLOB 'wiki-*'",
446	-1);
447	zGlob = json_find_option_cstr("glob",NULL,"g");
448	if(zGlob && *zGlob){
449	blob_appendf(&sql," AND name %s GLOB %Q",
450	fInvert ? "NOT" : "", zGlob);
451	}else{
452	zGlob = json_find_option_cstr("like",NULL,"l");
453	if(zGlob && *zGlob){
454	blob_appendf(&sql," AND name %s LIKE %Q",
455	fInvert ? "NOT" : "",
456	zGlob);
457	}
458	}
459	blob_append(&sql," ORDER BY lower(name)", -1);
460	db_prepare(&q,"%s", blob_str(&sql));
461	blob_reset(&sql);
462	listV = cson_value_new_array();
463	list = cson_value_get_array(listV);
464	while( SQLITE_ROW == db_step(&q) ){
465	cson_value * v;
466

	--- src/json_wiki.c
	+++ src/json_wiki.c
	@@ -444,22 +444,21 @@
444	" substr(tagname,6) as name"
445	" FROM tag WHERE tagname GLOB 'wiki-*'",
446	-1);
447	zGlob = json_find_option_cstr("glob",NULL,"g");
448	if(zGlob && *zGlob){
449	blob_append_sql(&sql," AND name %s GLOB %Q",
450	fInvert ? "NOT" : "", zGlob);
451	}else{
452	zGlob = json_find_option_cstr("like",NULL,"l");
453	if(zGlob && *zGlob){
454	blob_append_sql(&sql," AND name %s LIKE %Q",
455	fInvert ? "NOT" : "", zGlob);

456	}
457	}
458	blob_append(&sql," ORDER BY lower(name)", -1);
459	db_prepare(&q,"%s", blob_sql_text(&sql));
460	blob_reset(&sql);
461	listV = cson_value_new_array();
462	list = cson_value_get_array(listV);
463	while( SQLITE_ROW == db_step(&q) ){
464	cson_value * v;
465

M src/leaf.c

+3 -2

		--- src/leaf.c
		+++ src/leaf.c
		@@ -39,11 +39,12 @@
39	39	@ AND coalesce((SELECT value FROM tagxref
40	40	@ WHERE tagid=%d AND rid=plink.pid), 'trunk')
41	41	@ =coalesce((SELECT value FROM tagxref
42	42	@ WHERE tagid=%d AND rid=plink.cid), 'trunk')
43	43	;
44		- rc = db_int(0, zSql, rid, TAG_BRANCH, TAG_BRANCH);
	44	+ rc = db_int(0, zSql /works-like:"%d,%d,%d"/,
	45	+ rid, TAG_BRANCH, TAG_BRANCH);
45	46	return rc==0;
46	47	}
47	48
48	49	/*
49	50	** Count the number of primary non-branch children for the given check-in.
		@@ -63,11 +64,11 @@
63	64	@ AND coalesce((SELECT value FROM tagxref
64	65	@ WHERE tagid=%d AND rid=plink.pid), 'trunk')
65	66	@ =coalesce((SELECT value FROM tagxref
66	67	@ WHERE tagid=%d AND rid=plink.cid), 'trunk')
67	68	;
68		- db_static_prepare(&q, zSql, TAG_BRANCH, TAG_BRANCH);
	69	+ db_static_prepare(&q, zSql /works-like: "%d,%d"/, TAG_BRANCH, TAG_BRANCH);
69	70	db_bind_int(&q, ":pid", pid);
70	71	if( db_step(&q)==SQLITE_ROW ){
71	72	nNonBranch = db_column_int(&q, 0);
72	73	}
73	74	db_reset(&q);
74	75

	--- src/leaf.c
	+++ src/leaf.c
	@@ -39,11 +39,12 @@
39	@ AND coalesce((SELECT value FROM tagxref
40	@ WHERE tagid=%d AND rid=plink.pid), 'trunk')
41	@ =coalesce((SELECT value FROM tagxref
42	@ WHERE tagid=%d AND rid=plink.cid), 'trunk')
43	;
44	rc = db_int(0, zSql, rid, TAG_BRANCH, TAG_BRANCH);

45	return rc==0;
46	}
47
48	/*
49	** Count the number of primary non-branch children for the given check-in.
	@@ -63,11 +64,11 @@
63	@ AND coalesce((SELECT value FROM tagxref
64	@ WHERE tagid=%d AND rid=plink.pid), 'trunk')
65	@ =coalesce((SELECT value FROM tagxref
66	@ WHERE tagid=%d AND rid=plink.cid), 'trunk')
67	;
68	db_static_prepare(&q, zSql, TAG_BRANCH, TAG_BRANCH);
69	db_bind_int(&q, ":pid", pid);
70	if( db_step(&q)==SQLITE_ROW ){
71	nNonBranch = db_column_int(&q, 0);
72	}
73	db_reset(&q);
74

	--- src/leaf.c
	+++ src/leaf.c
	@@ -39,11 +39,12 @@
39	@ AND coalesce((SELECT value FROM tagxref
40	@ WHERE tagid=%d AND rid=plink.pid), 'trunk')
41	@ =coalesce((SELECT value FROM tagxref
42	@ WHERE tagid=%d AND rid=plink.cid), 'trunk')
43	;
44	rc = db_int(0, zSql /works-like:"%d,%d,%d"/,
45	rid, TAG_BRANCH, TAG_BRANCH);
46	return rc==0;
47	}
48
49	/*
50	** Count the number of primary non-branch children for the given check-in.
	@@ -63,11 +64,11 @@
64	@ AND coalesce((SELECT value FROM tagxref
65	@ WHERE tagid=%d AND rid=plink.pid), 'trunk')
66	@ =coalesce((SELECT value FROM tagxref
67	@ WHERE tagid=%d AND rid=plink.cid), 'trunk')
68	;
69	db_static_prepare(&q, zSql /works-like: "%d,%d"/, TAG_BRANCH, TAG_BRANCH);
70	db_bind_int(&q, ":pid", pid);
71	if( db_step(&q)==SQLITE_ROW ){
72	nNonBranch = db_column_int(&q, 0);
73	}
74	db_reset(&q);
75

M src/login.c

+8 -8

		--- src/login.c
		+++ src/login.c
		@@ -1294,11 +1294,11 @@
1294	1294	}else{
1295	1295	char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login), 0);
1296	1296	int uid;
1297	1297	db_multi_exec(
1298	1298	"INSERT INTO user(login,pw,cap,info,mtime)"
1299		- "VALUES(%B,%Q,%B,%B,strftime('%s','now'))",
	1299	+ "VALUES(%B,%Q,%B,%B,strftime('%%s','now'))",
1300	1300	&login, zPw, &caps, &contact
1301	1301	);
1302	1302	free(zPw);
1303	1303
1304	1304	/* The user is registered, now just log him in. */
		@@ -1469,17 +1469,17 @@
1469	1469	pzErrMsg = 0; / Default to no errors */
1470	1470	zSelf = db_name("repository");
1471	1471
1472	1472	/* Get the full pathname of the other repository */
1473	1473	file_canonical_name(zRepo, &fullName, 0);
1474		- zRepo = mprintf(blob_str(&fullName));
	1474	+ zRepo = fossil_strdup(blob_str(&fullName));
1475	1475	blob_reset(&fullName);
1476	1476
1477	1477	/* Get the full pathname for our repository. Also the project code
1478	1478	** and project name for ourself. */
1479	1479	file_canonical_name(g.zRepositoryName, &fullName, 0);
1480		- zSelfRepo = mprintf(blob_str(&fullName));
	1480	+ zSelfRepo = fossil_strdup(blob_str(&fullName));
1481	1481	blob_reset(&fullName);
1482	1482	zSelfProjCode = db_get("project-code", "unknown");
1483	1483	zSelfLabel = db_get("project-name", 0);
1484	1484	if( zSelfLabel==0 ){
1485	1485	zSelfLabel = zSelfProjCode;
		@@ -1500,11 +1500,11 @@
1500	1500	zRepo, &pOther,
1501	1501	SQLITE_OPEN_READWRITE \| SQLITE_OPEN_CREATE,
1502	1502	g.zVfsName
1503	1503	);
1504	1504	if( rc!=SQLITE_OK ){
1505		- *pzErrMsg = mprintf(sqlite3_errmsg(pOther));
	1505	+ *pzErrMsg = fossil_strdup(sqlite3_errmsg(pOther));
1506	1506	}else{
1507	1507	rc = sqlite3_exec(pOther, "SELECT count(*) FROM user", 0, 0, pzErrMsg);
1508	1508	}
1509	1509	sqlite3_close(pOther);
1510	1510	if( rc ) return;
		@@ -1533,13 +1533,13 @@
1533	1533	*/
1534	1534	zSelfProjCode = abbreviated_project_code(zSelfProjCode);
1535	1535	zOtherProjCode = abbreviated_project_code(zOtherProjCode);
1536	1536	db_begin_transaction();
1537	1537	db_multi_exec(
1538		- "DELETE FROM %s.config WHERE name GLOB 'peer-*';"
1539		- "INSERT INTO %s.config(name,value) VALUES('peer-repo-%s',%Q);"
1540		- "INSERT INTO %s.config(name,value) "
	1538	+ "DELETE FROM \"%w\".config WHERE name GLOB 'peer-*';"
	1539	+ "INSERT INTO \"%w\".config(name,value) VALUES('peer-repo-%q',%Q);"
	1540	+ "INSERT INTO \"%w\".config(name,value) "
1541	1541	" SELECT 'peer-name-%q', value FROM other.config"
1542	1542	" WHERE name='project-name';",
1543	1543	zSelf,
1544	1544	zSelf, zOtherProjCode, zRepo,
1545	1545	zSelf, zOtherProjCode
		@@ -1550,11 +1550,11 @@
1550	1550	"INSERT OR IGNORE INTO other.config(name,value)"
1551	1551	" VALUES('login-group-code',lower(hex(randomblob(8))));",
1552	1552	zNewName
1553	1553	);
1554	1554	db_multi_exec(
1555		- "REPLACE INTO %s.config(name,value)"
	1555	+ "REPLACE INTO \"%w\".config(name,value)"
1556	1556	" SELECT name, value FROM other.config"
1557	1557	" WHERE name GLOB 'peer-' OR name GLOB 'login-group-'",
1558	1558	zSelf
1559	1559	);
1560	1560	db_end_transaction(0);
1561	1561

	--- src/login.c
	+++ src/login.c
	@@ -1294,11 +1294,11 @@
1294	}else{
1295	char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login), 0);
1296	int uid;
1297	db_multi_exec(
1298	"INSERT INTO user(login,pw,cap,info,mtime)"
1299	"VALUES(%B,%Q,%B,%B,strftime('%s','now'))",
1300	&login, zPw, &caps, &contact
1301	);
1302	free(zPw);
1303
1304	/* The user is registered, now just log him in. */
	@@ -1469,17 +1469,17 @@
1469	pzErrMsg = 0; / Default to no errors */
1470	zSelf = db_name("repository");
1471
1472	/* Get the full pathname of the other repository */
1473	file_canonical_name(zRepo, &fullName, 0);
1474	zRepo = mprintf(blob_str(&fullName));
1475	blob_reset(&fullName);
1476
1477	/* Get the full pathname for our repository. Also the project code
1478	** and project name for ourself. */
1479	file_canonical_name(g.zRepositoryName, &fullName, 0);
1480	zSelfRepo = mprintf(blob_str(&fullName));
1481	blob_reset(&fullName);
1482	zSelfProjCode = db_get("project-code", "unknown");
1483	zSelfLabel = db_get("project-name", 0);
1484	if( zSelfLabel==0 ){
1485	zSelfLabel = zSelfProjCode;
	@@ -1500,11 +1500,11 @@
1500	zRepo, &pOther,
1501	SQLITE_OPEN_READWRITE \| SQLITE_OPEN_CREATE,
1502	g.zVfsName
1503	);
1504	if( rc!=SQLITE_OK ){
1505	*pzErrMsg = mprintf(sqlite3_errmsg(pOther));
1506	}else{
1507	rc = sqlite3_exec(pOther, "SELECT count(*) FROM user", 0, 0, pzErrMsg);
1508	}
1509	sqlite3_close(pOther);
1510	if( rc ) return;
	@@ -1533,13 +1533,13 @@
1533	*/
1534	zSelfProjCode = abbreviated_project_code(zSelfProjCode);
1535	zOtherProjCode = abbreviated_project_code(zOtherProjCode);
1536	db_begin_transaction();
1537	db_multi_exec(
1538	"DELETE FROM %s.config WHERE name GLOB 'peer-*';"
1539	"INSERT INTO %s.config(name,value) VALUES('peer-repo-%s',%Q);"
1540	"INSERT INTO %s.config(name,value) "
1541	" SELECT 'peer-name-%q', value FROM other.config"
1542	" WHERE name='project-name';",
1543	zSelf,
1544	zSelf, zOtherProjCode, zRepo,
1545	zSelf, zOtherProjCode
	@@ -1550,11 +1550,11 @@
1550	"INSERT OR IGNORE INTO other.config(name,value)"
1551	" VALUES('login-group-code',lower(hex(randomblob(8))));",
1552	zNewName
1553	);
1554	db_multi_exec(
1555	"REPLACE INTO %s.config(name,value)"
1556	" SELECT name, value FROM other.config"
1557	" WHERE name GLOB 'peer-' OR name GLOB 'login-group-'",
1558	zSelf
1559	);
1560	db_end_transaction(0);
1561

	--- src/login.c
	+++ src/login.c
	@@ -1294,11 +1294,11 @@
1294	}else{
1295	char *zPw = sha1_shared_secret(blob_str(&passwd), blob_str(&login), 0);
1296	int uid;
1297	db_multi_exec(
1298	"INSERT INTO user(login,pw,cap,info,mtime)"
1299	"VALUES(%B,%Q,%B,%B,strftime('%%s','now'))",
1300	&login, zPw, &caps, &contact
1301	);
1302	free(zPw);
1303
1304	/* The user is registered, now just log him in. */
	@@ -1469,17 +1469,17 @@
1469	pzErrMsg = 0; / Default to no errors */
1470	zSelf = db_name("repository");
1471
1472	/* Get the full pathname of the other repository */
1473	file_canonical_name(zRepo, &fullName, 0);
1474	zRepo = fossil_strdup(blob_str(&fullName));
1475	blob_reset(&fullName);
1476
1477	/* Get the full pathname for our repository. Also the project code
1478	** and project name for ourself. */
1479	file_canonical_name(g.zRepositoryName, &fullName, 0);
1480	zSelfRepo = fossil_strdup(blob_str(&fullName));
1481	blob_reset(&fullName);
1482	zSelfProjCode = db_get("project-code", "unknown");
1483	zSelfLabel = db_get("project-name", 0);
1484	if( zSelfLabel==0 ){
1485	zSelfLabel = zSelfProjCode;
	@@ -1500,11 +1500,11 @@
1500	zRepo, &pOther,
1501	SQLITE_OPEN_READWRITE \| SQLITE_OPEN_CREATE,
1502	g.zVfsName
1503	);
1504	if( rc!=SQLITE_OK ){
1505	*pzErrMsg = fossil_strdup(sqlite3_errmsg(pOther));
1506	}else{
1507	rc = sqlite3_exec(pOther, "SELECT count(*) FROM user", 0, 0, pzErrMsg);
1508	}
1509	sqlite3_close(pOther);
1510	if( rc ) return;
	@@ -1533,13 +1533,13 @@
1533	*/
1534	zSelfProjCode = abbreviated_project_code(zSelfProjCode);
1535	zOtherProjCode = abbreviated_project_code(zOtherProjCode);
1536	db_begin_transaction();
1537	db_multi_exec(
1538	"DELETE FROM \"%w\".config WHERE name GLOB 'peer-*';"
1539	"INSERT INTO \"%w\".config(name,value) VALUES('peer-repo-%q',%Q);"
1540	"INSERT INTO \"%w\".config(name,value) "
1541	" SELECT 'peer-name-%q', value FROM other.config"
1542	" WHERE name='project-name';",
1543	zSelf,
1544	zSelf, zOtherProjCode, zRepo,
1545	zSelf, zOtherProjCode
	@@ -1550,11 +1550,11 @@
1550	"INSERT OR IGNORE INTO other.config(name,value)"
1551	" VALUES('login-group-code',lower(hex(randomblob(8))));",
1552	zNewName
1553	);
1554	db_multi_exec(
1555	"REPLACE INTO \"%w\".config(name,value)"
1556	" SELECT name, value FROM other.config"
1557	" WHERE name GLOB 'peer-' OR name GLOB 'login-group-'",
1558	zSelf
1559	);
1560	db_end_transaction(0);
1561

M src/main.c

+3 -3

		--- src/main.c
		+++ src/main.c
		@@ -1721,19 +1721,19 @@
1721	1721	if( fossil_strcmp(azRedirect[i2],"")==0 ){
1722	1722	zNotFound = azRedirect[i*2+1];
1723	1723	continue;
1724	1724	}
1725	1725	db_open_repository(azRedirect[i*2]);
1726		- if( db_exists("SELECT 1 FROM blob WHERE uuid GLOB '%s*'", zName) ){
1727		- cgi_redirectf(azRedirect[i*2+1], zName);
	1726	+ if( db_exists("SELECT 1 FROM blob WHERE uuid GLOB '%q*'", zName) ){
	1727	+ cgi_redirectf(azRedirect[i2+1] /works-like:"%s"*/, zName);
1728	1728	return;
1729	1729	}
1730	1730	db_close(1);
1731	1731	}
1732	1732	}
1733	1733	if( zNotFound ){
1734		- cgi_redirectf(zNotFound, zName);
	1734	+ cgi_redirectf(zNotFound /works-like:"%s"/, zName);
1735	1735	}else{
1736	1736	@ <html>
1737	1737	@ <head><title>No Such Object</title></head>
1738	1738	@ <body>
1739	1739	@ <p>No such object: <b>%h(zName)</b></p>
1740	1740

	--- src/main.c
	+++ src/main.c
	@@ -1721,19 +1721,19 @@
1721	if( fossil_strcmp(azRedirect[i2],"")==0 ){
1722	zNotFound = azRedirect[i*2+1];
1723	continue;
1724	}
1725	db_open_repository(azRedirect[i*2]);
1726	if( db_exists("SELECT 1 FROM blob WHERE uuid GLOB '%s*'", zName) ){
1727	cgi_redirectf(azRedirect[i*2+1], zName);
1728	return;
1729	}
1730	db_close(1);
1731	}
1732	}
1733	if( zNotFound ){
1734	cgi_redirectf(zNotFound, zName);
1735	}else{
1736	@ <html>
1737	@ <head><title>No Such Object</title></head>
1738	@ <body>
1739	@ <p>No such object: <b>%h(zName)</b></p>
1740

	--- src/main.c
	+++ src/main.c
	@@ -1721,19 +1721,19 @@
1721	if( fossil_strcmp(azRedirect[i2],"")==0 ){
1722	zNotFound = azRedirect[i*2+1];
1723	continue;
1724	}
1725	db_open_repository(azRedirect[i*2]);
1726	if( db_exists("SELECT 1 FROM blob WHERE uuid GLOB '%q*'", zName) ){
1727	cgi_redirectf(azRedirect[i2+1] /works-like:"%s"*/, zName);
1728	return;
1729	}
1730	db_close(1);
1731	}
1732	}
1733	if( zNotFound ){
1734	cgi_redirectf(zNotFound /works-like:"%s"/, zName);
1735	}else{
1736	@ <html>
1737	@ <head><title>No Such Object</title></head>
1738	@ <body>
1739	@ <p>No such object: <b>%h(zName)</b></p>
1740

M src/main.mk

+8 -1

		--- src/main.mk
		+++ src/main.mk
		@@ -360,10 +360,13 @@
360	360
361	361	install: $(APPNAME)
362	362	mkdir -p $(INSTALLDIR)
363	363	mv $(APPNAME) $(INSTALLDIR)
364	364
	365	+codecheck: $(TRANS_SRC) $(OBJDIR)/codecheck1
	366	+ $(OBJDIR)/codecheck1 $(TRANS_SRC)
	367	+
365	368	$(OBJDIR):
366	369	-mkdir $(OBJDIR)
367	370
368	371	$(OBJDIR)/translate: $(SRCDIR)/translate.c
369	372	$(BCC) -o $(OBJDIR)/translate $(SRCDIR)/translate.c
		@@ -375,10 +378,13 @@
375	378	$(BCC) -o $(OBJDIR)/mkindex $(SRCDIR)/mkindex.c
376	379
377	380	$(OBJDIR)/mkversion: $(SRCDIR)/mkversion.c
378	381	$(BCC) -o $(OBJDIR)/mkversion $(SRCDIR)/mkversion.c
379	382
	383	+$(OBJDIR)/codecheck1: $(SRCDIR)/codecheck1.c
	384	+ $(BCC) -o $(OBJDIR)/codecheck1 $(SRCDIR)/codecheck1.c
	385	+
380	386	# WARNING. DANGER. Running the test suite modifies the repository the
381	387	# build is done from, i.e. the checkout belongs to. Do not sync/push
382	388	# the repository after running the tests.
383	389	test: $(OBJDIR) $(APPNAME)
384	390	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
		@@ -430,11 +436,12 @@
430	436	$(OBJDIR)/th_lang.o \
431	437	$(OBJDIR)/th_tcl.o \
432	438	$(OBJDIR)/cson_amalgamation.o
433	439
434	440
435		-$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ)
	441	+$(APPNAME): $(OBJDIR)/headers $(OBJDIR)/codecheck1 $(OBJ) $(EXTRAOBJ)
	442	+ $(OBJDIR)/codecheck1 $(TRANS_SRC)
436	443	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB)
437	444
438	445	# This rule prevents make from using its default rules to try build
439	446	# an executable named "manifest" out of the file named "manifest.c"
440	447	#
441	448

	--- src/main.mk
	+++ src/main.mk
	@@ -360,10 +360,13 @@
360
361	install: $(APPNAME)
362	mkdir -p $(INSTALLDIR)
363	mv $(APPNAME) $(INSTALLDIR)
364



365	$(OBJDIR):
366	-mkdir $(OBJDIR)
367
368	$(OBJDIR)/translate: $(SRCDIR)/translate.c
369	$(BCC) -o $(OBJDIR)/translate $(SRCDIR)/translate.c
	@@ -375,10 +378,13 @@
375	$(BCC) -o $(OBJDIR)/mkindex $(SRCDIR)/mkindex.c
376
377	$(OBJDIR)/mkversion: $(SRCDIR)/mkversion.c
378	$(BCC) -o $(OBJDIR)/mkversion $(SRCDIR)/mkversion.c
379



380	# WARNING. DANGER. Running the test suite modifies the repository the
381	# build is done from, i.e. the checkout belongs to. Do not sync/push
382	# the repository after running the tests.
383	test: $(OBJDIR) $(APPNAME)
384	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -430,11 +436,12 @@
430	$(OBJDIR)/th_lang.o \
431	$(OBJDIR)/th_tcl.o \
432	$(OBJDIR)/cson_amalgamation.o
433
434
435	$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ)

436	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB)
437
438	# This rule prevents make from using its default rules to try build
439	# an executable named "manifest" out of the file named "manifest.c"
440	#
441

	--- src/main.mk
	+++ src/main.mk
	@@ -360,10 +360,13 @@
360
361	install: $(APPNAME)
362	mkdir -p $(INSTALLDIR)
363	mv $(APPNAME) $(INSTALLDIR)
364
365	codecheck: $(TRANS_SRC) $(OBJDIR)/codecheck1
366	$(OBJDIR)/codecheck1 $(TRANS_SRC)
367
368	$(OBJDIR):
369	-mkdir $(OBJDIR)
370
371	$(OBJDIR)/translate: $(SRCDIR)/translate.c
372	$(BCC) -o $(OBJDIR)/translate $(SRCDIR)/translate.c
	@@ -375,10 +378,13 @@
378	$(BCC) -o $(OBJDIR)/mkindex $(SRCDIR)/mkindex.c
379
380	$(OBJDIR)/mkversion: $(SRCDIR)/mkversion.c
381	$(BCC) -o $(OBJDIR)/mkversion $(SRCDIR)/mkversion.c
382
383	$(OBJDIR)/codecheck1: $(SRCDIR)/codecheck1.c
384	$(BCC) -o $(OBJDIR)/codecheck1 $(SRCDIR)/codecheck1.c
385
386	# WARNING. DANGER. Running the test suite modifies the repository the
387	# build is done from, i.e. the checkout belongs to. Do not sync/push
388	# the repository after running the tests.
389	test: $(OBJDIR) $(APPNAME)
390	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -430,11 +436,12 @@
436	$(OBJDIR)/th_lang.o \
437	$(OBJDIR)/th_tcl.o \
438	$(OBJDIR)/cson_amalgamation.o
439
440
441	$(APPNAME): $(OBJDIR)/headers $(OBJDIR)/codecheck1 $(OBJ) $(EXTRAOBJ)
442	$(OBJDIR)/codecheck1 $(TRANS_SRC)
443	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB)
444
445	# This rule prevents make from using its default rules to try build
446	# an executable named "manifest" out of the file named "manifest.c"
447	#
448

M src/makemake.tcl

+31 -8

		--- src/makemake.tcl
		+++ src/makemake.tcl
		@@ -241,10 +241,13 @@
241	241
242	242	install: $(APPNAME)
243	243	mkdir -p $(INSTALLDIR)
244	244	mv $(APPNAME) $(INSTALLDIR)
245	245
	246	+codecheck: $(TRANS_SRC) $(OBJDIR)/codecheck1
	247	+ $(OBJDIR)/codecheck1 $(TRANS_SRC)
	248	+
246	249	$(OBJDIR):
247	250	-mkdir $(OBJDIR)
248	251
249	252	$(OBJDIR)/translate: $(SRCDIR)/translate.c
250	253	$(BCC) -o $(OBJDIR)/translate $(SRCDIR)/translate.c
		@@ -256,10 +259,13 @@
256	259	$(BCC) -o $(OBJDIR)/mkindex $(SRCDIR)/mkindex.c
257	260
258	261	$(OBJDIR)/mkversion: $(SRCDIR)/mkversion.c
259	262	$(BCC) -o $(OBJDIR)/mkversion $(SRCDIR)/mkversion.c
260	263
	264	+$(OBJDIR)/codecheck1: $(SRCDIR)/codecheck1.c
	265	+ $(BCC) -o $(OBJDIR)/codecheck1 $(SRCDIR)/codecheck1.c
	266	+
261	267	# WARNING. DANGER. Running the test suite modifies the repository the
262	268	# build is done from, i.e. the checkout belongs to. Do not sync/push
263	269	# the repository after running the tests.
264	270	test: $(OBJDIR) $(APPNAME)
265	271	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
		@@ -304,11 +310,12 @@
304	310	$(OBJDIR)/th_tcl.o <<<NEXT_LINE>>>
305	311	$(OBJDIR)/cson_amalgamation.o
306	312	}]
307	313
308	314	writeln {
309		-$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ)
	315	+$(APPNAME): $(OBJDIR)/headers $(OBJDIR)/codecheck1 $(OBJ) $(EXTRAOBJ)
	316	+ $(OBJDIR)/codecheck1 $(TRANS_SRC)
310	317	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB)
311	318
312	319	# This rule prevents make from using its default rules to try build
313	320	# an executable named "manifest" out of the file named "manifest.c"
314	321	#
		@@ -753,10 +760,11 @@
753	760	ifdef USE_WINDOWS
754	761	TRANSLATE = $(subst /,\,$(OBJDIR)/translate.exe)
755	762	MAKEHEADERS = $(subst /,\,$(OBJDIR)/makeheaders.exe)
756	763	MKINDEX = $(subst /,\,$(OBJDIR)/mkindex.exe)
757	764	VERSION = $(subst /,\,$(OBJDIR)/version.exe)
	765	+CODECHECK1 = $(subst /,\,$(OBJDIR)/codecheck1.exe)
758	766	CAT = type
759	767	CP = copy
760	768	GREP = find
761	769	MV = copy
762	770	RM = del /Q
		@@ -765,10 +773,11 @@
765	773	else
766	774	TRANSLATE = $(OBJDIR)/translate.exe
767	775	MAKEHEADERS = $(OBJDIR)/makeheaders.exe
768	776	MKINDEX = $(OBJDIR)/mkindex.exe
769	777	VERSION = $(OBJDIR)/version.exe
	778	+CODECHECK1 = $(OBJDIR)/codecheck1.exe
770	779	CAT = cat
771	780	CP = cp
772	781	GREP = grep
773	782	MV = mv
774	783	RM = rm -f
		@@ -819,10 +828,13 @@
819	828	$(BCC) -o $(MKINDEX) $(SRCDIR)/mkindex.c
820	829
821	830	$(VERSION): $(SRCDIR)/mkversion.c
822	831	$(BCC) -o $(VERSION) $(SRCDIR)/mkversion.c
823	832
	833	+$(CODECHECK1): $(SRCDIR)/codecheck1.c
	834	+ $(BCC) -o $(CODECHECK1) $(SRCDIR)/codecheck1.c
	835	+
824	836	# WARNING. DANGER. Running the test suite modifies the repository the
825	837	# build is done from, i.e. the checkout belongs to. Do not sync/push
826	838	# the repository after running the tests.
827	839	test: $(OBJDIR) $(APPNAME)
828	840	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
		@@ -886,11 +898,12 @@
886	898
887	899	ifdef FOSSIL_BUILD_SSL
888	900	APPTARGETS += openssl
889	901	endif
890	902
891		-$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)
	903	+$(APPNAME): $(OBJDIR)/headers $(OBJ) $(CODECHECK1) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)
	904	+ $(CODECHECK1) $(TRANS_SRC)
892	905	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB) $(OBJDIR)/fossil.o
893	906
894	907	# This rule prevents make from using its default rules to try build
895	908	# an executable named "manifest" out of the file named "manifest.c"
896	909	#
		@@ -1037,12 +1050,13 @@
1037	1050
1038	1051	APPNAME = $(OBJDIR)\fossil$(E)
1039	1052
1040	1053	all: $(APPNAME)
1041	1054
1042		-$(APPNAME) : translate$E mkindex$E headers $(OBJ) $(OBJDIR)\link
	1055	+$(APPNAME) : translate$E mkindex$E codecheck1$E headers $(OBJ) $(OBJDIR)\link
1043	1056	cd $(OBJDIR)
	1057	+ codecheck1$E $(SRC)
1044	1058	$(DMDIR)\bin\link @link
1045	1059
1046	1060	$(OBJDIR)\fossil.res: $B\win\fossil.rc
1047	1061	$(RC) $(RCFLAGS) -o$@ $**
1048	1062
		@@ -1066,11 +1080,14 @@
1066	1080	$(BCC) -o$@ $**
1067	1081
1068	1082	mkindex$E: $(SRCDIR)\mkindex.c
1069	1083	$(BCC) -o$@ $**
1070	1084
1071		-version$E: $B\src\mkversion.c
	1085	+mkversion$E: $(SRCDIR)\mkversion.c
	1086	+ $(BCC) -o$@ $**
	1087	+
	1088	+codecheck1$E: $(SRCDIR)\codecheck1.c
1072	1089	$(BCC) -o$@ $**
1073	1090
1074	1091	$(OBJDIR)\shell$O : $(SRCDIR)\shell.c
1075	1092	$(TCC) -o$@ -c $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) $**
1076	1093
		@@ -1084,11 +1101,11 @@
1084	1101	$(TCC) -o$@ -c $**
1085	1102
1086	1103	$(OBJDIR)\cson_amalgamation.h : $(SRCDIR)\cson_amalgamation.h
1087	1104	cp $@ $@
1088	1105
1089		-VERSION.h : version$E $B\manifest.uuid $B\manifest $B\VERSION
	1106	+VERSION.h : mkversion$E $B\manifest.uuid $B\manifest $B\VERSION
1090	1107	+$** > $@
1091	1108
1092	1109	page_index.h: mkindex$E $(SRC)
1093	1110	+$** > $@
1094	1111
		@@ -1095,11 +1112,11 @@
1095	1112	clean:
1096	1113	-del $(OBJDIR)\*.obj
1097	1114	-del .obj _.c .h .map
1098	1115
1099	1116	realclean:
1100		- -del $(APPNAME) translate$E mkindex$E makeheaders$E mkversion$E
	1117	+ -del $(APPNAME) translate$E mkindex$E makeheaders$E mkversion$E codecheck1$E
1101	1118
1102	1119	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
1103	1120	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
1104	1121	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
1105	1122	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
		@@ -1398,12 +1415,13 @@
1398	1415	!ifdef FOSSIL_BUILD_SSL
1399	1416	APPTARGETS = $(APPTARGETS) openssl
1400	1417	!endif
1401	1418	!endif
1402	1419
1403		-$(APPNAME) : $(APPTARGETS) translate$E mkindex$E headers $(OBJ) $(OX)\linkopts
	1420	+$(APPNAME) : $(APPTARGETS) translate$E mkindex$E codecheck1$E headers $(OBJ) $(OX)\linkopts
1404	1421	cd $(OX)
	1422	+ codecheck1$E $(SRC)
1405	1423	link $(LDFLAGS) /OUT:$@ $(LIBDIR) Wsetargv.obj fossil.res @linkopts
1406	1424
1407	1425	$(OX)\linkopts: $B\win\Makefile.msc}
1408	1426	set redir {>}
1409	1427	foreach s [lsort [concat $src $AdditionalObj]] {
		@@ -1426,11 +1444,14 @@
1426	1444	$(BCC) $**
1427	1445
1428	1446	mkindex$E: $(SRCDIR)\mkindex.c
1429	1447	$(BCC) $**
1430	1448
1431		-mkversion$E: $B\src\mkversion.c
	1449	+mkversion$E: $(SRCDIR)\mkversion.c
	1450	+ $(BCC) $**
	1451	+
	1452	+codecheck1$E: $(SRCDIR)\codecheck1.c
1432	1453	$(BCC) $**
1433	1454
1434	1455	$(OX)\shell$O : $(SRCDIR)\shell.c $B\win\Makefile.msc
1435	1456	$(TCC) /Fo$@ $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) -c $(SRCDIR)\shell.c
1436	1457
		@@ -1478,10 +1499,12 @@
1478	1499	-del mkindex$P
1479	1500	-del makeheaders$E
1480	1501	-del makeheaders$P
1481	1502	-del mkversion$E
1482	1503	-del mkversion$P
	1504	+ -del codecheck1$E
	1505	+ -del codecheck1$P
1483	1506
1484	1507	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
1485	1508	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
1486	1509	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
1487	1510	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
1488	1511

	--- src/makemake.tcl
	+++ src/makemake.tcl
	@@ -241,10 +241,13 @@
241
242	install: $(APPNAME)
243	mkdir -p $(INSTALLDIR)
244	mv $(APPNAME) $(INSTALLDIR)
245



246	$(OBJDIR):
247	-mkdir $(OBJDIR)
248
249	$(OBJDIR)/translate: $(SRCDIR)/translate.c
250	$(BCC) -o $(OBJDIR)/translate $(SRCDIR)/translate.c
	@@ -256,10 +259,13 @@
256	$(BCC) -o $(OBJDIR)/mkindex $(SRCDIR)/mkindex.c
257
258	$(OBJDIR)/mkversion: $(SRCDIR)/mkversion.c
259	$(BCC) -o $(OBJDIR)/mkversion $(SRCDIR)/mkversion.c
260



261	# WARNING. DANGER. Running the test suite modifies the repository the
262	# build is done from, i.e. the checkout belongs to. Do not sync/push
263	# the repository after running the tests.
264	test: $(OBJDIR) $(APPNAME)
265	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -304,11 +310,12 @@
304	$(OBJDIR)/th_tcl.o <<<NEXT_LINE>>>
305	$(OBJDIR)/cson_amalgamation.o
306	}]
307
308	writeln {
309	$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ)

310	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB)
311
312	# This rule prevents make from using its default rules to try build
313	# an executable named "manifest" out of the file named "manifest.c"
314	#
	@@ -753,10 +760,11 @@
753	ifdef USE_WINDOWS
754	TRANSLATE = $(subst /,\,$(OBJDIR)/translate.exe)
755	MAKEHEADERS = $(subst /,\,$(OBJDIR)/makeheaders.exe)
756	MKINDEX = $(subst /,\,$(OBJDIR)/mkindex.exe)
757	VERSION = $(subst /,\,$(OBJDIR)/version.exe)

758	CAT = type
759	CP = copy
760	GREP = find
761	MV = copy
762	RM = del /Q
	@@ -765,10 +773,11 @@
765	else
766	TRANSLATE = $(OBJDIR)/translate.exe
767	MAKEHEADERS = $(OBJDIR)/makeheaders.exe
768	MKINDEX = $(OBJDIR)/mkindex.exe
769	VERSION = $(OBJDIR)/version.exe

770	CAT = cat
771	CP = cp
772	GREP = grep
773	MV = mv
774	RM = rm -f
	@@ -819,10 +828,13 @@
819	$(BCC) -o $(MKINDEX) $(SRCDIR)/mkindex.c
820
821	$(VERSION): $(SRCDIR)/mkversion.c
822	$(BCC) -o $(VERSION) $(SRCDIR)/mkversion.c
823



824	# WARNING. DANGER. Running the test suite modifies the repository the
825	# build is done from, i.e. the checkout belongs to. Do not sync/push
826	# the repository after running the tests.
827	test: $(OBJDIR) $(APPNAME)
828	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -886,11 +898,12 @@
886
887	ifdef FOSSIL_BUILD_SSL
888	APPTARGETS += openssl
889	endif
890
891	$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)

892	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB) $(OBJDIR)/fossil.o
893
894	# This rule prevents make from using its default rules to try build
895	# an executable named "manifest" out of the file named "manifest.c"
896	#
	@@ -1037,12 +1050,13 @@
1037
1038	APPNAME = $(OBJDIR)\fossil$(E)
1039
1040	all: $(APPNAME)
1041
1042	$(APPNAME) : translate$E mkindex$E headers $(OBJ) $(OBJDIR)\link
1043	cd $(OBJDIR)

1044	$(DMDIR)\bin\link @link
1045
1046	$(OBJDIR)\fossil.res: $B\win\fossil.rc
1047	$(RC) $(RCFLAGS) -o$@ $**
1048
	@@ -1066,11 +1080,14 @@
1066	$(BCC) -o$@ $**
1067
1068	mkindex$E: $(SRCDIR)\mkindex.c
1069	$(BCC) -o$@ $**
1070
1071	version$E: $B\src\mkversion.c



1072	$(BCC) -o$@ $**
1073
1074	$(OBJDIR)\shell$O : $(SRCDIR)\shell.c
1075	$(TCC) -o$@ -c $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) $**
1076
	@@ -1084,11 +1101,11 @@
1084	$(TCC) -o$@ -c $**
1085
1086	$(OBJDIR)\cson_amalgamation.h : $(SRCDIR)\cson_amalgamation.h
1087	cp $@ $@
1088
1089	VERSION.h : version$E $B\manifest.uuid $B\manifest $B\VERSION
1090	+$** > $@
1091
1092	page_index.h: mkindex$E $(SRC)
1093	+$** > $@
1094
	@@ -1095,11 +1112,11 @@
1095	clean:
1096	-del $(OBJDIR)\*.obj
1097	-del .obj _.c .h .map
1098
1099	realclean:
1100	-del $(APPNAME) translate$E mkindex$E makeheaders$E mkversion$E
1101
1102	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
1103	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
1104	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
1105	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
	@@ -1398,12 +1415,13 @@
1398	!ifdef FOSSIL_BUILD_SSL
1399	APPTARGETS = $(APPTARGETS) openssl
1400	!endif
1401	!endif
1402
1403	$(APPNAME) : $(APPTARGETS) translate$E mkindex$E headers $(OBJ) $(OX)\linkopts
1404	cd $(OX)

1405	link $(LDFLAGS) /OUT:$@ $(LIBDIR) Wsetargv.obj fossil.res @linkopts
1406
1407	$(OX)\linkopts: $B\win\Makefile.msc}
1408	set redir {>}
1409	foreach s [lsort [concat $src $AdditionalObj]] {
	@@ -1426,11 +1444,14 @@
1426	$(BCC) $**
1427
1428	mkindex$E: $(SRCDIR)\mkindex.c
1429	$(BCC) $**
1430
1431	mkversion$E: $B\src\mkversion.c



1432	$(BCC) $**
1433
1434	$(OX)\shell$O : $(SRCDIR)\shell.c $B\win\Makefile.msc
1435	$(TCC) /Fo$@ $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) -c $(SRCDIR)\shell.c
1436
	@@ -1478,10 +1499,12 @@
1478	-del mkindex$P
1479	-del makeheaders$E
1480	-del makeheaders$P
1481	-del mkversion$E
1482	-del mkversion$P


1483
1484	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
1485	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
1486	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
1487	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
1488

	--- src/makemake.tcl
	+++ src/makemake.tcl
	@@ -241,10 +241,13 @@
241
242	install: $(APPNAME)
243	mkdir -p $(INSTALLDIR)
244	mv $(APPNAME) $(INSTALLDIR)
245
246	codecheck: $(TRANS_SRC) $(OBJDIR)/codecheck1
247	$(OBJDIR)/codecheck1 $(TRANS_SRC)
248
249	$(OBJDIR):
250	-mkdir $(OBJDIR)
251
252	$(OBJDIR)/translate: $(SRCDIR)/translate.c
253	$(BCC) -o $(OBJDIR)/translate $(SRCDIR)/translate.c
	@@ -256,10 +259,13 @@
259	$(BCC) -o $(OBJDIR)/mkindex $(SRCDIR)/mkindex.c
260
261	$(OBJDIR)/mkversion: $(SRCDIR)/mkversion.c
262	$(BCC) -o $(OBJDIR)/mkversion $(SRCDIR)/mkversion.c
263
264	$(OBJDIR)/codecheck1: $(SRCDIR)/codecheck1.c
265	$(BCC) -o $(OBJDIR)/codecheck1 $(SRCDIR)/codecheck1.c
266
267	# WARNING. DANGER. Running the test suite modifies the repository the
268	# build is done from, i.e. the checkout belongs to. Do not sync/push
269	# the repository after running the tests.
270	test: $(OBJDIR) $(APPNAME)
271	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -304,11 +310,12 @@
310	$(OBJDIR)/th_tcl.o <<<NEXT_LINE>>>
311	$(OBJDIR)/cson_amalgamation.o
312	}]
313
314	writeln {
315	$(APPNAME): $(OBJDIR)/headers $(OBJDIR)/codecheck1 $(OBJ) $(EXTRAOBJ)
316	$(OBJDIR)/codecheck1 $(TRANS_SRC)
317	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB)
318
319	# This rule prevents make from using its default rules to try build
320	# an executable named "manifest" out of the file named "manifest.c"
321	#
	@@ -753,10 +760,11 @@
760	ifdef USE_WINDOWS
761	TRANSLATE = $(subst /,\,$(OBJDIR)/translate.exe)
762	MAKEHEADERS = $(subst /,\,$(OBJDIR)/makeheaders.exe)
763	MKINDEX = $(subst /,\,$(OBJDIR)/mkindex.exe)
764	VERSION = $(subst /,\,$(OBJDIR)/version.exe)
765	CODECHECK1 = $(subst /,\,$(OBJDIR)/codecheck1.exe)
766	CAT = type
767	CP = copy
768	GREP = find
769	MV = copy
770	RM = del /Q
	@@ -765,10 +773,11 @@
773	else
774	TRANSLATE = $(OBJDIR)/translate.exe
775	MAKEHEADERS = $(OBJDIR)/makeheaders.exe
776	MKINDEX = $(OBJDIR)/mkindex.exe
777	VERSION = $(OBJDIR)/version.exe
778	CODECHECK1 = $(OBJDIR)/codecheck1.exe
779	CAT = cat
780	CP = cp
781	GREP = grep
782	MV = mv
783	RM = rm -f
	@@ -819,10 +828,13 @@
828	$(BCC) -o $(MKINDEX) $(SRCDIR)/mkindex.c
829
830	$(VERSION): $(SRCDIR)/mkversion.c
831	$(BCC) -o $(VERSION) $(SRCDIR)/mkversion.c
832
833	$(CODECHECK1): $(SRCDIR)/codecheck1.c
834	$(BCC) -o $(CODECHECK1) $(SRCDIR)/codecheck1.c
835
836	# WARNING. DANGER. Running the test suite modifies the repository the
837	# build is done from, i.e. the checkout belongs to. Do not sync/push
838	# the repository after running the tests.
839	test: $(OBJDIR) $(APPNAME)
840	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -886,11 +898,12 @@
898
899	ifdef FOSSIL_BUILD_SSL
900	APPTARGETS += openssl
901	endif
902
903	$(APPNAME): $(OBJDIR)/headers $(OBJ) $(CODECHECK1) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)
904	$(CODECHECK1) $(TRANS_SRC)
905	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB) $(OBJDIR)/fossil.o
906
907	# This rule prevents make from using its default rules to try build
908	# an executable named "manifest" out of the file named "manifest.c"
909	#
	@@ -1037,12 +1050,13 @@
1050
1051	APPNAME = $(OBJDIR)\fossil$(E)
1052
1053	all: $(APPNAME)
1054
1055	$(APPNAME) : translate$E mkindex$E codecheck1$E headers $(OBJ) $(OBJDIR)\link
1056	cd $(OBJDIR)
1057	codecheck1$E $(SRC)
1058	$(DMDIR)\bin\link @link
1059
1060	$(OBJDIR)\fossil.res: $B\win\fossil.rc
1061	$(RC) $(RCFLAGS) -o$@ $**
1062
	@@ -1066,11 +1080,14 @@
1080	$(BCC) -o$@ $**
1081
1082	mkindex$E: $(SRCDIR)\mkindex.c
1083	$(BCC) -o$@ $**
1084
1085	mkversion$E: $(SRCDIR)\mkversion.c
1086	$(BCC) -o$@ $**
1087
1088	codecheck1$E: $(SRCDIR)\codecheck1.c
1089	$(BCC) -o$@ $**
1090
1091	$(OBJDIR)\shell$O : $(SRCDIR)\shell.c
1092	$(TCC) -o$@ -c $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) $**
1093
	@@ -1084,11 +1101,11 @@
1101	$(TCC) -o$@ -c $**
1102
1103	$(OBJDIR)\cson_amalgamation.h : $(SRCDIR)\cson_amalgamation.h
1104	cp $@ $@
1105
1106	VERSION.h : mkversion$E $B\manifest.uuid $B\manifest $B\VERSION
1107	+$** > $@
1108
1109	page_index.h: mkindex$E $(SRC)
1110	+$** > $@
1111
	@@ -1095,11 +1112,11 @@
1112	clean:
1113	-del $(OBJDIR)\*.obj
1114	-del .obj _.c .h .map
1115
1116	realclean:
1117	-del $(APPNAME) translate$E mkindex$E makeheaders$E mkversion$E codecheck1$E
1118
1119	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
1120	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
1121	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
1122	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
	@@ -1398,12 +1415,13 @@
1415	!ifdef FOSSIL_BUILD_SSL
1416	APPTARGETS = $(APPTARGETS) openssl
1417	!endif
1418	!endif
1419
1420	$(APPNAME) : $(APPTARGETS) translate$E mkindex$E codecheck1$E headers $(OBJ) $(OX)\linkopts
1421	cd $(OX)
1422	codecheck1$E $(SRC)
1423	link $(LDFLAGS) /OUT:$@ $(LIBDIR) Wsetargv.obj fossil.res @linkopts
1424
1425	$(OX)\linkopts: $B\win\Makefile.msc}
1426	set redir {>}
1427	foreach s [lsort [concat $src $AdditionalObj]] {
	@@ -1426,11 +1444,14 @@
1444	$(BCC) $**
1445
1446	mkindex$E: $(SRCDIR)\mkindex.c
1447	$(BCC) $**
1448
1449	mkversion$E: $(SRCDIR)\mkversion.c
1450	$(BCC) $**
1451
1452	codecheck1$E: $(SRCDIR)\codecheck1.c
1453	$(BCC) $**
1454
1455	$(OX)\shell$O : $(SRCDIR)\shell.c $B\win\Makefile.msc
1456	$(TCC) /Fo$@ $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) -c $(SRCDIR)\shell.c
1457
	@@ -1478,10 +1499,12 @@
1499	-del mkindex$P
1500	-del makeheaders$E
1501	-del makeheaders$P
1502	-del mkversion$E
1503	-del mkversion$P
1504	-del codecheck1$E
1505	-del codecheck1$P
1506
1507	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
1508	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
1509	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
1510	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
1511

M src/manifest.c

+5 -6

		--- src/manifest.c
		+++ src/manifest.c
		@@ -378,13 +378,13 @@
378	378	** if that is not the case for this artifact.
379	379	*/
380	380	if( !isRepeat ) g.parseCnt[0]++;
381	381	z = blob_materialize(pContent);
382	382	n = blob_size(pContent);
383		- if( n<=0 \|\| z[n-1]!='\n' ){
	383	+ if( pErr && (n<=0 \|\| z[n-1]!='\n') ){
384	384	blob_reset(pContent);
385		- blob_appendf(pErr, n ? "not terminated with \\n" : "zero-length");
	385	+ blob_append(pErr, n ? "not terminated with \\n" : "zero-length", -1);
386	386	return 0;
387	387	}
388	388
389	389	/* Strip off the PGP signature if there is one.
390	390	*/
		@@ -1589,11 +1589,11 @@
1589	1589	once = 0;
1590	1590	zTitleExpr = db_get("ticket-title-expr", "title");
1591	1591	zStatusColumn = db_get("ticket-status-column", "status");
1592	1592	}
1593	1593	zTitle = db_text("unknown",
1594		- "SELECT %s FROM ticket WHERE tkt_uuid='%s'",
	1594	+ "SELECT \"%w\" FROM ticket WHERE tkt_uuid=%Q",
1595	1595	zTitleExpr, pManifest->zTicketUuid
1596	1596	);
1597	1597	if( !isNew ){
1598	1598	for(i=0; i<pManifest->nField; i++){
1599	1599	if( fossil_strcmp(pManifest->aField[i].zName, zStatusColumn)==0 ){
		@@ -1610,11 +1610,11 @@
1610	1610	}
1611	1611	blob_appendf(&brief, "%h ticket [%s\|%S].",
1612	1612	zNewStatus, pManifest->zTicketUuid, pManifest->zTicketUuid);
1613	1613	}else{
1614	1614	zNewStatus = db_text("unknown",
1615		- "SELECT %s FROM ticket WHERE tkt_uuid='%s'",
	1615	+ "SELECT \"%w\" FROM ticket WHERE tkt_uuid=%Q",
1616	1616	zStatusColumn, pManifest->zTicketUuid
1617	1617	);
1618	1618	blob_appendf(&comment, "Ticket [%s\|%S] <i>%h</i> status still %h with "
1619	1619	"%d other change%s",
1620	1620	pManifest->zTicketUuid, pManifest->zTicketUuid, zTitle, zNewStatus,
		@@ -1894,11 +1894,10 @@
1894	1894	" (SELECT value FROM tagxref WHERE tagid=%d AND rid=%d AND tagtype>1),"
1895	1895	" (SELECT value FROM tagxref WHERE tagid=%d AND rid=%d),"
1896	1896	" (SELECT value FROM tagxref WHERE tagid=%d AND rid=%d));",
1897	1897	p->rDate, rid, p->zUser, zComment,
1898	1898	TAG_BGCOLOR, rid,
1899		- TAG_BGCOLOR, rid,
1900	1899	TAG_USER, rid,
1901	1900	TAG_COMMENT, rid
1902	1901	);
1903	1902	fossil_free(zComment);
1904	1903	}
		@@ -2026,11 +2025,11 @@
2026	2025	" Edit [%s\|%S]:",
2027	2026	zTagUuid, zTagUuid);
2028	2027	branchMove = 0;
2029	2028	if( permitHooks && db_exists("SELECT 1 FROM event, blob"
2030	2029	" WHERE event.type='ci' AND event.objid=blob.rid"
2031		- " AND blob.uuid='%s'", zTagUuid) ){
	2030	+ " AND blob.uuid=%Q", zTagUuid) ){
2032	2031	zScript = xfer_commit_code();
2033	2032	zUuid = zTagUuid;
2034	2033	}
2035	2034	}
2036	2035	zName = p->aTag[i].zName;
2037	2036

	--- src/manifest.c
	+++ src/manifest.c
	@@ -378,13 +378,13 @@
378	** if that is not the case for this artifact.
379	*/
380	if( !isRepeat ) g.parseCnt[0]++;
381	z = blob_materialize(pContent);
382	n = blob_size(pContent);
383	if( n<=0 \|\| z[n-1]!='\n' ){
384	blob_reset(pContent);
385	blob_appendf(pErr, n ? "not terminated with \\n" : "zero-length");
386	return 0;
387	}
388
389	/* Strip off the PGP signature if there is one.
390	*/
	@@ -1589,11 +1589,11 @@
1589	once = 0;
1590	zTitleExpr = db_get("ticket-title-expr", "title");
1591	zStatusColumn = db_get("ticket-status-column", "status");
1592	}
1593	zTitle = db_text("unknown",
1594	"SELECT %s FROM ticket WHERE tkt_uuid='%s'",
1595	zTitleExpr, pManifest->zTicketUuid
1596	);
1597	if( !isNew ){
1598	for(i=0; i<pManifest->nField; i++){
1599	if( fossil_strcmp(pManifest->aField[i].zName, zStatusColumn)==0 ){
	@@ -1610,11 +1610,11 @@
1610	}
1611	blob_appendf(&brief, "%h ticket [%s\|%S].",
1612	zNewStatus, pManifest->zTicketUuid, pManifest->zTicketUuid);
1613	}else{
1614	zNewStatus = db_text("unknown",
1615	"SELECT %s FROM ticket WHERE tkt_uuid='%s'",
1616	zStatusColumn, pManifest->zTicketUuid
1617	);
1618	blob_appendf(&comment, "Ticket [%s\|%S] <i>%h</i> status still %h with "
1619	"%d other change%s",
1620	pManifest->zTicketUuid, pManifest->zTicketUuid, zTitle, zNewStatus,
	@@ -1894,11 +1894,10 @@
1894	" (SELECT value FROM tagxref WHERE tagid=%d AND rid=%d AND tagtype>1),"
1895	" (SELECT value FROM tagxref WHERE tagid=%d AND rid=%d),"
1896	" (SELECT value FROM tagxref WHERE tagid=%d AND rid=%d));",
1897	p->rDate, rid, p->zUser, zComment,
1898	TAG_BGCOLOR, rid,
1899	TAG_BGCOLOR, rid,
1900	TAG_USER, rid,
1901	TAG_COMMENT, rid
1902	);
1903	fossil_free(zComment);
1904	}
	@@ -2026,11 +2025,11 @@
2026	" Edit [%s\|%S]:",
2027	zTagUuid, zTagUuid);
2028	branchMove = 0;
2029	if( permitHooks && db_exists("SELECT 1 FROM event, blob"
2030	" WHERE event.type='ci' AND event.objid=blob.rid"
2031	" AND blob.uuid='%s'", zTagUuid) ){
2032	zScript = xfer_commit_code();
2033	zUuid = zTagUuid;
2034	}
2035	}
2036	zName = p->aTag[i].zName;
2037

	--- src/manifest.c
	+++ src/manifest.c
	@@ -378,13 +378,13 @@
378	** if that is not the case for this artifact.
379	*/
380	if( !isRepeat ) g.parseCnt[0]++;
381	z = blob_materialize(pContent);
382	n = blob_size(pContent);
383	if( pErr && (n<=0 \|\| z[n-1]!='\n') ){
384	blob_reset(pContent);
385	blob_append(pErr, n ? "not terminated with \\n" : "zero-length", -1);
386	return 0;
387	}
388
389	/* Strip off the PGP signature if there is one.
390	*/
	@@ -1589,11 +1589,11 @@
1589	once = 0;
1590	zTitleExpr = db_get("ticket-title-expr", "title");
1591	zStatusColumn = db_get("ticket-status-column", "status");
1592	}
1593	zTitle = db_text("unknown",
1594	"SELECT \"%w\" FROM ticket WHERE tkt_uuid=%Q",
1595	zTitleExpr, pManifest->zTicketUuid
1596	);
1597	if( !isNew ){
1598	for(i=0; i<pManifest->nField; i++){
1599	if( fossil_strcmp(pManifest->aField[i].zName, zStatusColumn)==0 ){
	@@ -1610,11 +1610,11 @@
1610	}
1611	blob_appendf(&brief, "%h ticket [%s\|%S].",
1612	zNewStatus, pManifest->zTicketUuid, pManifest->zTicketUuid);
1613	}else{
1614	zNewStatus = db_text("unknown",
1615	"SELECT \"%w\" FROM ticket WHERE tkt_uuid=%Q",
1616	zStatusColumn, pManifest->zTicketUuid
1617	);
1618	blob_appendf(&comment, "Ticket [%s\|%S] <i>%h</i> status still %h with "
1619	"%d other change%s",
1620	pManifest->zTicketUuid, pManifest->zTicketUuid, zTitle, zNewStatus,
	@@ -1894,11 +1894,10 @@
1894	" (SELECT value FROM tagxref WHERE tagid=%d AND rid=%d AND tagtype>1),"
1895	" (SELECT value FROM tagxref WHERE tagid=%d AND rid=%d),"
1896	" (SELECT value FROM tagxref WHERE tagid=%d AND rid=%d));",
1897	p->rDate, rid, p->zUser, zComment,
1898	TAG_BGCOLOR, rid,

1899	TAG_USER, rid,
1900	TAG_COMMENT, rid
1901	);
1902	fossil_free(zComment);
1903	}
	@@ -2026,11 +2025,11 @@
2025	" Edit [%s\|%S]:",
2026	zTagUuid, zTagUuid);
2027	branchMove = 0;
2028	if( permitHooks && db_exists("SELECT 1 FROM event, blob"
2029	" WHERE event.type='ci' AND event.objid=blob.rid"
2030	" AND blob.uuid=%Q", zTagUuid) ){
2031	zScript = xfer_commit_code();
2032	zUuid = zTagUuid;
2033	}
2034	}
2035	zName = p->aTag[i].zName;
2036

M src/merge3.c

+4 -4

		--- src/merge3.c
		+++ src/merge3.c
		@@ -268,17 +268,17 @@
268	268	nConflict++;
269	269	while( !ends_at_CPY(&aC1[i1], sz) \|\| !ends_at_CPY(&aC2[i2], sz) ){
270	270	sz++;
271	271	}
272	272	DEBUG( printf("CONFLICT %d\n", sz); )
273		- blob_appendf(pOut, mergeMarker[0]);
	273	+ blob_append(pOut, mergeMarker[0], -1);
274	274	i1 = output_one_side(pOut, pV1, aC1, i1, sz);
275		- blob_appendf(pOut, mergeMarker[1]);
	275	+ blob_append(pOut, mergeMarker[1], -1);
276	276	blob_copy_lines(pOut, pPivot, sz);
277		- blob_appendf(pOut, mergeMarker[2]);
	277	+ blob_append(pOut, mergeMarker[2], -1);
278	278	i2 = output_one_side(pOut, pV2, aC2, i2, sz);
279		- blob_appendf(pOut, mergeMarker[3]);
	279	+ blob_append(pOut, mergeMarker[3], -1);
280	280	}
281	281
282	282	/* If we are finished with an edit triple, advance to the next
283	283	** triple.
284	284	*/
285	285

	--- src/merge3.c
	+++ src/merge3.c
	@@ -268,17 +268,17 @@
268	nConflict++;
269	while( !ends_at_CPY(&aC1[i1], sz) \|\| !ends_at_CPY(&aC2[i2], sz) ){
270	sz++;
271	}
272	DEBUG( printf("CONFLICT %d\n", sz); )
273	blob_appendf(pOut, mergeMarker[0]);
274	i1 = output_one_side(pOut, pV1, aC1, i1, sz);
275	blob_appendf(pOut, mergeMarker[1]);
276	blob_copy_lines(pOut, pPivot, sz);
277	blob_appendf(pOut, mergeMarker[2]);
278	i2 = output_one_side(pOut, pV2, aC2, i2, sz);
279	blob_appendf(pOut, mergeMarker[3]);
280	}
281
282	/* If we are finished with an edit triple, advance to the next
283	** triple.
284	*/
285

	--- src/merge3.c
	+++ src/merge3.c
	@@ -268,17 +268,17 @@
268	nConflict++;
269	while( !ends_at_CPY(&aC1[i1], sz) \|\| !ends_at_CPY(&aC2[i2], sz) ){
270	sz++;
271	}
272	DEBUG( printf("CONFLICT %d\n", sz); )
273	blob_append(pOut, mergeMarker[0], -1);
274	i1 = output_one_side(pOut, pV1, aC1, i1, sz);
275	blob_append(pOut, mergeMarker[1], -1);
276	blob_copy_lines(pOut, pPivot, sz);
277	blob_append(pOut, mergeMarker[2], -1);
278	i2 = output_one_side(pOut, pV2, aC2, i2, sz);
279	blob_append(pOut, mergeMarker[3], -1);
280	}
281
282	/* If we are finished with an edit triple, advance to the next
283	** triple.
284	*/
285

M src/moderate.c

+3 -3

		--- src/moderate.c
		+++ src/moderate.c
		@@ -73,11 +73,11 @@
73	73	"tagxref", "srcid",
74	74	"tagxref", "rid",
75	75	};
76	76	int i;
77	77	for(i=0; i<sizeof(aTabField)/sizeof(aTabField[0]); i+=2){
78		- if( db_exists("SELECT 1 FROM %s WHERE %s=%d",
	78	+ if( db_exists("SELECT 1 FROM \"%w\" WHERE \"%w\"=%d",
79	79	aTabField[i], aTabField[i+1], rid) ) return 1;
80	80	}
81	81	return 0;
82	82	}
83	83
		@@ -152,15 +152,15 @@
152	152	if( !g.perm.RdWiki && !g.perm.RdTkt ){ login_needed(); return; }
153	153	style_header("Pending Moderation Requests");
154	154	@ <h2>All Pending Moderation Requests</h2>
155	155	if( moderation_table_exists() ){
156	156	blob_init(&sql, timeline_query_for_www(), -1);
157		- blob_appendf(&sql,
	157	+ blob_append_sql(&sql,
158	158	" AND event.objid IN (SELECT objid FROM modreq)"
159	159	" ORDER BY event.mtime DESC"
160	160	);
161		- db_prepare(&q, blob_str(&sql));
	161	+ db_prepare(&q, "%s", blob_sql_text(&sql));
162	162	www_print_timeline(&q, 0, 0, 0, 0);
163	163	db_finalize(&q);
164	164	}
165	165	style_footer();
166	166	}
167	167

	--- src/moderate.c
	+++ src/moderate.c
	@@ -73,11 +73,11 @@
73	"tagxref", "srcid",
74	"tagxref", "rid",
75	};
76	int i;
77	for(i=0; i<sizeof(aTabField)/sizeof(aTabField[0]); i+=2){
78	if( db_exists("SELECT 1 FROM %s WHERE %s=%d",
79	aTabField[i], aTabField[i+1], rid) ) return 1;
80	}
81	return 0;
82	}
83
	@@ -152,15 +152,15 @@
152	if( !g.perm.RdWiki && !g.perm.RdTkt ){ login_needed(); return; }
153	style_header("Pending Moderation Requests");
154	@ <h2>All Pending Moderation Requests</h2>
155	if( moderation_table_exists() ){
156	blob_init(&sql, timeline_query_for_www(), -1);
157	blob_appendf(&sql,
158	" AND event.objid IN (SELECT objid FROM modreq)"
159	" ORDER BY event.mtime DESC"
160	);
161	db_prepare(&q, blob_str(&sql));
162	www_print_timeline(&q, 0, 0, 0, 0);
163	db_finalize(&q);
164	}
165	style_footer();
166	}
167

	--- src/moderate.c
	+++ src/moderate.c
	@@ -73,11 +73,11 @@
73	"tagxref", "srcid",
74	"tagxref", "rid",
75	};
76	int i;
77	for(i=0; i<sizeof(aTabField)/sizeof(aTabField[0]); i+=2){
78	if( db_exists("SELECT 1 FROM \"%w\" WHERE \"%w\"=%d",
79	aTabField[i], aTabField[i+1], rid) ) return 1;
80	}
81	return 0;
82	}
83
	@@ -152,15 +152,15 @@
152	if( !g.perm.RdWiki && !g.perm.RdTkt ){ login_needed(); return; }
153	style_header("Pending Moderation Requests");
154	@ <h2>All Pending Moderation Requests</h2>
155	if( moderation_table_exists() ){
156	blob_init(&sql, timeline_query_for_www(), -1);
157	blob_append_sql(&sql,
158	" AND event.objid IN (SELECT objid FROM modreq)"
159	" ORDER BY event.mtime DESC"
160	);
161	db_prepare(&q, "%s", blob_sql_text(&sql));
162	www_print_timeline(&q, 0, 0, 0, 0);
163	db_finalize(&q);
164	}
165	style_footer();
166	}
167

M src/name.c

+4 -4

		--- src/name.c
		+++ src/name.c
		@@ -216,16 +216,16 @@
216	216	char zUuid[UUID_SIZE+1];
217	217	memcpy(zUuid, zTag, nTag+1);
218	218	canonical16(zUuid, nTag);
219	219	rid = 0;
220	220	if( zType[0]=='*' ){
221		- db_prepare(&q, "SELECT rid FROM blob WHERE uuid GLOB '%s*'", zUuid);
	221	+ db_prepare(&q, "SELECT rid FROM blob WHERE uuid GLOB '%q*'", zUuid);
222	222	}else{
223	223	db_prepare(&q,
224	224	"SELECT blob.rid"
225	225	" FROM blob, event"
226		- " WHERE blob.uuid GLOB '%s*'"
	226	+ " WHERE blob.uuid GLOB '%q*'"
227	227	" AND event.objid=blob.rid"
228	228	" AND event.type GLOB '%q'",
229	229	zUuid, zType
230	230	);
231	231	}
		@@ -259,11 +259,11 @@
259	259	}else{
260	260	rid = db_int(0,
261	261	"SELECT event.objid"
262	262	" FROM event"
263	263	" WHERE event.objid=%s"
264		- " AND event.type GLOB '%q'", zTag, zType);
	264	+ " AND event.type GLOB '%q'", zTag /safe-for-%s/, zType);
265	265	}
266	266	}
267	267	}
268	268	return rid;
269	269	}
		@@ -554,11 +554,11 @@
554	554	"SELECT tagname"
555	555	" FROM tag JOIN tagxref ON tag.tagid=tagxref.tagid"
556	556	" WHERE tagxref.rid=%d"
557	557	" AND tag.tagid IN (5,6,7,9)"
558	558	" ORDER BY 1",
559		- rid, rid
	559	+ rid
560	560	);
561	561	cnt = 0;
562	562	while( db_step(&q)==SQLITE_ROW ){
563	563	const char *zPrefix = cnt++ ? ", " : "raw-tags: ";
564	564	fossil_print("%s%s", zPrefix, db_column_text(&q,0));
565	565

	--- src/name.c
	+++ src/name.c
	@@ -216,16 +216,16 @@
216	char zUuid[UUID_SIZE+1];
217	memcpy(zUuid, zTag, nTag+1);
218	canonical16(zUuid, nTag);
219	rid = 0;
220	if( zType[0]=='*' ){
221	db_prepare(&q, "SELECT rid FROM blob WHERE uuid GLOB '%s*'", zUuid);
222	}else{
223	db_prepare(&q,
224	"SELECT blob.rid"
225	" FROM blob, event"
226	" WHERE blob.uuid GLOB '%s*'"
227	" AND event.objid=blob.rid"
228	" AND event.type GLOB '%q'",
229	zUuid, zType
230	);
231	}
	@@ -259,11 +259,11 @@
259	}else{
260	rid = db_int(0,
261	"SELECT event.objid"
262	" FROM event"
263	" WHERE event.objid=%s"
264	" AND event.type GLOB '%q'", zTag, zType);
265	}
266	}
267	}
268	return rid;
269	}
	@@ -554,11 +554,11 @@
554	"SELECT tagname"
555	" FROM tag JOIN tagxref ON tag.tagid=tagxref.tagid"
556	" WHERE tagxref.rid=%d"
557	" AND tag.tagid IN (5,6,7,9)"
558	" ORDER BY 1",
559	rid, rid
560	);
561	cnt = 0;
562	while( db_step(&q)==SQLITE_ROW ){
563	const char *zPrefix = cnt++ ? ", " : "raw-tags: ";
564	fossil_print("%s%s", zPrefix, db_column_text(&q,0));
565

	--- src/name.c
	+++ src/name.c
	@@ -216,16 +216,16 @@
216	char zUuid[UUID_SIZE+1];
217	memcpy(zUuid, zTag, nTag+1);
218	canonical16(zUuid, nTag);
219	rid = 0;
220	if( zType[0]=='*' ){
221	db_prepare(&q, "SELECT rid FROM blob WHERE uuid GLOB '%q*'", zUuid);
222	}else{
223	db_prepare(&q,
224	"SELECT blob.rid"
225	" FROM blob, event"
226	" WHERE blob.uuid GLOB '%q*'"
227	" AND event.objid=blob.rid"
228	" AND event.type GLOB '%q'",
229	zUuid, zType
230	);
231	}
	@@ -259,11 +259,11 @@
259	}else{
260	rid = db_int(0,
261	"SELECT event.objid"
262	" FROM event"
263	" WHERE event.objid=%s"
264	" AND event.type GLOB '%q'", zTag /safe-for-%s/, zType);
265	}
266	}
267	}
268	return rid;
269	}
	@@ -554,11 +554,11 @@
554	"SELECT tagname"
555	" FROM tag JOIN tagxref ON tag.tagid=tagxref.tagid"
556	" WHERE tagxref.rid=%d"
557	" AND tag.tagid IN (5,6,7,9)"
558	" ORDER BY 1",
559	rid
560	);
561	cnt = 0;
562	while( db_step(&q)==SQLITE_ROW ){
563	const char *zPrefix = cnt++ ? ", " : "raw-tags: ";
564	fossil_print("%s%s", zPrefix, db_column_text(&q,0));
565

M src/path.c

+1 -1

		--- src/path.c
		+++ src/path.c
		@@ -551,11 +551,11 @@
551	551	@ <table border="1" width="100%%">
552	552	@ <tr><th>Date & Time</th>
553	553	@ <th>Old Name</th>
554	554	@ <th>New Name</th>
555	555	@ <th>Check-in</th></tr>
556		- db_prepare(&q, zRenameQuery);
	556	+ db_prepare(&q, "%s", zRenameQuery/safe-for-%s/);
557	557	while( db_step(&q)==SQLITE_ROW ){
558	558	const char *zDate = db_column_text(&q, 0);
559	559	const char *zOld = db_column_text(&q, 1);
560	560	const char *zNew = db_column_text(&q, 2);
561	561	const char *zUuid = db_column_text(&q, 3);
562	562

	--- src/path.c
	+++ src/path.c
	@@ -551,11 +551,11 @@
551	@ <table border="1" width="100%%">
552	@ <tr><th>Date & Time</th>
553	@ <th>Old Name</th>
554	@ <th>New Name</th>
555	@ <th>Check-in</th></tr>
556	db_prepare(&q, zRenameQuery);
557	while( db_step(&q)==SQLITE_ROW ){
558	const char *zDate = db_column_text(&q, 0);
559	const char *zOld = db_column_text(&q, 1);
560	const char *zNew = db_column_text(&q, 2);
561	const char *zUuid = db_column_text(&q, 3);
562

	--- src/path.c
	+++ src/path.c
	@@ -551,11 +551,11 @@
551	@ <table border="1" width="100%%">
552	@ <tr><th>Date & Time</th>
553	@ <th>Old Name</th>
554	@ <th>New Name</th>
555	@ <th>Check-in</th></tr>
556	db_prepare(&q, "%s", zRenameQuery/safe-for-%s/);
557	while( db_step(&q)==SQLITE_ROW ){
558	const char *zDate = db_column_text(&q, 0);
559	const char *zOld = db_column_text(&q, 1);
560	const char *zNew = db_column_text(&q, 2);
561	const char *zUuid = db_column_text(&q, 3);
562

M src/rebuild.c

+9 -8

		--- src/rebuild.c
		+++ src/rebuild.c
		@@ -81,12 +81,12 @@
81	81	@ );
82	82	;
83	83
84	84	static void rebuild_update_schema(void){
85	85	int rc;
86		- db_multi_exec(zSchemaUpdates1);
87		- db_multi_exec(zSchemaUpdates2);
	86	+ db_multi_exec("%s", zSchemaUpdates1 /safe-for-%s/);
	87	+ db_multi_exec("%s", zSchemaUpdates2 /safe-for-%s/);
88	88
89	89	rc = db_exists("SELECT 1 FROM sqlite_master"
90	90	" WHERE name='user' AND sql GLOB '* mtime *'");
91	91	if( rc==0 ){
92	92	db_multi_exec(
		@@ -135,11 +135,11 @@
135	135	if( rc==0 ){
136	136	db_multi_exec(
137	137	"CREATE TEMP TABLE old_fmt AS SELECT * FROM reportfmt;"
138	138	"DROP TABLE reportfmt;"
139	139	);
140		- db_multi_exec(zSchemaUpdates2);
	140	+ db_multi_exec("%s", zSchemaUpdates2/safe-for-%s/);
141	141	db_multi_exec(
142	142	"INSERT OR IGNORE INTO reportfmt(rn,owner,title,cols,sqlcode,mtime)"
143	143	" SELECT rn, owner, title, cols, sqlcode, now() FROM old_fmt;"
144	144	"INSERT OR IGNORE INTO reportfmt(rn,owner,title,cols,sqlcode,mtime)"
145	145	" SELECT rn, owner, title \|\| ' (' \|\| rn \|\| ')', cols, sqlcode, now()"
		@@ -254,11 +254,12 @@
254	254	/* We are doing "fossil rebuild" */
255	255	manifest_crosslink(rid, pUse, MC_NONE);
256	256	}else{
257	257	/* We are doing "fossil deconstruct" */
258	258	char *zUuid = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", rid);
259		- char *zFile = mprintf(zFNameFormat, zUuid, zUuid+prefixLength);
	259	+ char zFile = mprintf(zFNameFormat /works-like:"%s:%s"*/,
	260	+ zUuid, zUuid+prefixLength);
260	261	blob_write_to_file(pUse,zFile);
261	262	free(zFile);
262	263	free(zUuid);
263	264	blob_reset(pUse);
264	265	}
		@@ -355,11 +356,11 @@
355	356	);
356	357	if( zTable==0 ) break;
357	358	db_multi_exec("DROP TABLE %Q", zTable);
358	359	free(zTable);
359	360	}
360		- db_multi_exec(zRepositorySchema2);
	361	+ db_multi_exec("%s", zRepositorySchema2/safe-for-%s/);
361	362	ticket_create_table(0);
362	363	shun_artifacts();
363	364
364	365	db_multi_exec(
365	366	"INSERT INTO unclustered"
		@@ -587,13 +588,13 @@
587	588	db_begin_transaction();
588	589	ttyOutput = 1;
589	590	errCnt = rebuild_db(randomizeFlag, 1, doClustering);
590	591	reconstruct_private_table();
591	592	db_multi_exec(
592		- "REPLACE INTO config(name,value,mtime) VALUES('content-schema','%s',now());"
593		- "REPLACE INTO config(name,value,mtime) VALUES('aux-schema','%s',now());"
594		- "REPLACE INTO config(name,value,mtime) VALUES('rebuilt','%s',now());",
	593	+ "REPLACE INTO config(name,value,mtime) VALUES('content-schema',%Q,now());"
	594	+ "REPLACE INTO config(name,value,mtime) VALUES('aux-schema',%Q,now());"
	595	+ "REPLACE INTO config(name,value,mtime) VALUES('rebuilt',%Q,now());",
595	596	CONTENT_SCHEMA, AUX_SCHEMA, get_version()
596	597	);
597	598	if( errCnt && !forceFlag ){
598	599	fossil_print(
599	600	"%d errors. Rolling back changes. Use --force to force a commit.\n",
600	601

	--- src/rebuild.c
	+++ src/rebuild.c
	@@ -81,12 +81,12 @@
81	@ );
82	;
83
84	static void rebuild_update_schema(void){
85	int rc;
86	db_multi_exec(zSchemaUpdates1);
87	db_multi_exec(zSchemaUpdates2);
88
89	rc = db_exists("SELECT 1 FROM sqlite_master"
90	" WHERE name='user' AND sql GLOB '* mtime *'");
91	if( rc==0 ){
92	db_multi_exec(
	@@ -135,11 +135,11 @@
135	if( rc==0 ){
136	db_multi_exec(
137	"CREATE TEMP TABLE old_fmt AS SELECT * FROM reportfmt;"
138	"DROP TABLE reportfmt;"
139	);
140	db_multi_exec(zSchemaUpdates2);
141	db_multi_exec(
142	"INSERT OR IGNORE INTO reportfmt(rn,owner,title,cols,sqlcode,mtime)"
143	" SELECT rn, owner, title, cols, sqlcode, now() FROM old_fmt;"
144	"INSERT OR IGNORE INTO reportfmt(rn,owner,title,cols,sqlcode,mtime)"
145	" SELECT rn, owner, title \|\| ' (' \|\| rn \|\| ')', cols, sqlcode, now()"
	@@ -254,11 +254,12 @@
254	/* We are doing "fossil rebuild" */
255	manifest_crosslink(rid, pUse, MC_NONE);
256	}else{
257	/* We are doing "fossil deconstruct" */
258	char *zUuid = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", rid);
259	char *zFile = mprintf(zFNameFormat, zUuid, zUuid+prefixLength);

260	blob_write_to_file(pUse,zFile);
261	free(zFile);
262	free(zUuid);
263	blob_reset(pUse);
264	}
	@@ -355,11 +356,11 @@
355	);
356	if( zTable==0 ) break;
357	db_multi_exec("DROP TABLE %Q", zTable);
358	free(zTable);
359	}
360	db_multi_exec(zRepositorySchema2);
361	ticket_create_table(0);
362	shun_artifacts();
363
364	db_multi_exec(
365	"INSERT INTO unclustered"
	@@ -587,13 +588,13 @@
587	db_begin_transaction();
588	ttyOutput = 1;
589	errCnt = rebuild_db(randomizeFlag, 1, doClustering);
590	reconstruct_private_table();
591	db_multi_exec(
592	"REPLACE INTO config(name,value,mtime) VALUES('content-schema','%s',now());"
593	"REPLACE INTO config(name,value,mtime) VALUES('aux-schema','%s',now());"
594	"REPLACE INTO config(name,value,mtime) VALUES('rebuilt','%s',now());",
595	CONTENT_SCHEMA, AUX_SCHEMA, get_version()
596	);
597	if( errCnt && !forceFlag ){
598	fossil_print(
599	"%d errors. Rolling back changes. Use --force to force a commit.\n",
600

	--- src/rebuild.c
	+++ src/rebuild.c
	@@ -81,12 +81,12 @@
81	@ );
82	;
83
84	static void rebuild_update_schema(void){
85	int rc;
86	db_multi_exec("%s", zSchemaUpdates1 /safe-for-%s/);
87	db_multi_exec("%s", zSchemaUpdates2 /safe-for-%s/);
88
89	rc = db_exists("SELECT 1 FROM sqlite_master"
90	" WHERE name='user' AND sql GLOB '* mtime *'");
91	if( rc==0 ){
92	db_multi_exec(
	@@ -135,11 +135,11 @@
135	if( rc==0 ){
136	db_multi_exec(
137	"CREATE TEMP TABLE old_fmt AS SELECT * FROM reportfmt;"
138	"DROP TABLE reportfmt;"
139	);
140	db_multi_exec("%s", zSchemaUpdates2/safe-for-%s/);
141	db_multi_exec(
142	"INSERT OR IGNORE INTO reportfmt(rn,owner,title,cols,sqlcode,mtime)"
143	" SELECT rn, owner, title, cols, sqlcode, now() FROM old_fmt;"
144	"INSERT OR IGNORE INTO reportfmt(rn,owner,title,cols,sqlcode,mtime)"
145	" SELECT rn, owner, title \|\| ' (' \|\| rn \|\| ')', cols, sqlcode, now()"
	@@ -254,11 +254,12 @@
254	/* We are doing "fossil rebuild" */
255	manifest_crosslink(rid, pUse, MC_NONE);
256	}else{
257	/* We are doing "fossil deconstruct" */
258	char *zUuid = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", rid);
259	char zFile = mprintf(zFNameFormat /works-like:"%s:%s"*/,
260	zUuid, zUuid+prefixLength);
261	blob_write_to_file(pUse,zFile);
262	free(zFile);
263	free(zUuid);
264	blob_reset(pUse);
265	}
	@@ -355,11 +356,11 @@
356	);
357	if( zTable==0 ) break;
358	db_multi_exec("DROP TABLE %Q", zTable);
359	free(zTable);
360	}
361	db_multi_exec("%s", zRepositorySchema2/safe-for-%s/);
362	ticket_create_table(0);
363	shun_artifacts();
364
365	db_multi_exec(
366	"INSERT INTO unclustered"
	@@ -587,13 +588,13 @@
588	db_begin_transaction();
589	ttyOutput = 1;
590	errCnt = rebuild_db(randomizeFlag, 1, doClustering);
591	reconstruct_private_table();
592	db_multi_exec(
593	"REPLACE INTO config(name,value,mtime) VALUES('content-schema',%Q,now());"
594	"REPLACE INTO config(name,value,mtime) VALUES('aux-schema',%Q,now());"
595	"REPLACE INTO config(name,value,mtime) VALUES('rebuilt',%Q,now());",
596	CONTENT_SCHEMA, AUX_SCHEMA, get_version()
597	);
598	if( errCnt && !forceFlag ){
599	fossil_print(
600	"%d errors. Rolling back changes. Use --force to force a commit.\n",
601

M src/report.c

+5 -7

		--- src/report.c
		+++ src/report.c
		@@ -436,11 +436,11 @@
436	436	if( zOwner==0 ) zOwner = g.zLogin;
437	437	style_submenu_element("Cancel", "Cancel", "reportlist");
438	438	if( rn>0 ){
439	439	style_submenu_element("Delete", "Delete", "rptedit?rn=%d&del1=1", rn);
440	440	}
441		- style_header(rn>0 ? "Edit Report Format":"Create New Report Format");
	441	+ style_header("%s", rn>0 ? "Edit Report Format":"Create New Report Format");
442	442	if( zErr ){
443	443	@ <blockquote class="reportError">%h(zErr)</blockquote>
444	444	}
445	445	@ <form action="rptedit" method="post"><div>
446	446	@ <input type="hidden" name="rn" value="%d(rn)" />
		@@ -1070,11 +1070,11 @@
1070	1070	}
1071	1071	if( g.perm.NewTkt ){
1072	1072	style_submenu_element("New Ticket", "Create a new ticket",
1073	1073	"%s/tktnew", g.zTop);
1074	1074	}
1075		- style_header(zTitle);
	1075	+ style_header("%s", zTitle);
1076	1076	output_color_key(zClrKey, 1,
1077	1077	"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
1078	1078	@ <table border="1" cellpadding="2" cellspacing="0" class="report"
1079	1079	@ id="reportTable">
1080	1080	sState.rn = rn;
		@@ -1112,21 +1112,19 @@
1112	1112	** show all reports, which can be used for ticket show.
1113	1113	** Output is written to stdout as tab delimited table
1114	1114	*/
1115	1115	void rpt_list_reports(void){
1116	1116	Stmt q;
1117		- const char aRptOutFrmt[] = "%s\t%s\n";
1118		-
1119	1117	fossil_print("Available reports:\n");
1120		- fossil_print(aRptOutFrmt,"report number","report title");
1121		- fossil_print(aRptOutFrmt,zFullTicketRptRn,zFullTicketRptTitle);
	1118	+ fossil_print("%s\t%s\n","report number","report title");
	1119	+ fossil_print("%s\t%s\n",zFullTicketRptRn,zFullTicketRptTitle);
1122	1120	db_prepare(&q,"SELECT rn,title FROM reportfmt ORDER BY rn");
1123	1121	while( db_step(&q)==SQLITE_ROW ){
1124	1122	const char *zRn = db_column_text(&q, 0);
1125	1123	const char *zTitle = db_column_text(&q, 1);
1126	1124
1127		- fossil_print(aRptOutFrmt,zRn,zTitle);
	1125	+ fossil_print("%s\t%s\n",zRn,zTitle);
1128	1126	}
1129	1127	db_finalize(&q);
1130	1128	}
1131	1129
1132	1130	/*
1133	1131

	--- src/report.c
	+++ src/report.c
	@@ -436,11 +436,11 @@
436	if( zOwner==0 ) zOwner = g.zLogin;
437	style_submenu_element("Cancel", "Cancel", "reportlist");
438	if( rn>0 ){
439	style_submenu_element("Delete", "Delete", "rptedit?rn=%d&del1=1", rn);
440	}
441	style_header(rn>0 ? "Edit Report Format":"Create New Report Format");
442	if( zErr ){
443	@ <blockquote class="reportError">%h(zErr)</blockquote>
444	}
445	@ <form action="rptedit" method="post"><div>
446	@ <input type="hidden" name="rn" value="%d(rn)" />
	@@ -1070,11 +1070,11 @@
1070	}
1071	if( g.perm.NewTkt ){
1072	style_submenu_element("New Ticket", "Create a new ticket",
1073	"%s/tktnew", g.zTop);
1074	}
1075	style_header(zTitle);
1076	output_color_key(zClrKey, 1,
1077	"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
1078	@ <table border="1" cellpadding="2" cellspacing="0" class="report"
1079	@ id="reportTable">
1080	sState.rn = rn;
	@@ -1112,21 +1112,19 @@
1112	** show all reports, which can be used for ticket show.
1113	** Output is written to stdout as tab delimited table
1114	*/
1115	void rpt_list_reports(void){
1116	Stmt q;
1117	const char aRptOutFrmt[] = "%s\t%s\n";
1118
1119	fossil_print("Available reports:\n");
1120	fossil_print(aRptOutFrmt,"report number","report title");
1121	fossil_print(aRptOutFrmt,zFullTicketRptRn,zFullTicketRptTitle);
1122	db_prepare(&q,"SELECT rn,title FROM reportfmt ORDER BY rn");
1123	while( db_step(&q)==SQLITE_ROW ){
1124	const char *zRn = db_column_text(&q, 0);
1125	const char *zTitle = db_column_text(&q, 1);
1126
1127	fossil_print(aRptOutFrmt,zRn,zTitle);
1128	}
1129	db_finalize(&q);
1130	}
1131
1132	/*
1133

	--- src/report.c
	+++ src/report.c
	@@ -436,11 +436,11 @@
436	if( zOwner==0 ) zOwner = g.zLogin;
437	style_submenu_element("Cancel", "Cancel", "reportlist");
438	if( rn>0 ){
439	style_submenu_element("Delete", "Delete", "rptedit?rn=%d&del1=1", rn);
440	}
441	style_header("%s", rn>0 ? "Edit Report Format":"Create New Report Format");
442	if( zErr ){
443	@ <blockquote class="reportError">%h(zErr)</blockquote>
444	}
445	@ <form action="rptedit" method="post"><div>
446	@ <input type="hidden" name="rn" value="%d(rn)" />
	@@ -1070,11 +1070,11 @@
1070	}
1071	if( g.perm.NewTkt ){
1072	style_submenu_element("New Ticket", "Create a new ticket",
1073	"%s/tktnew", g.zTop);
1074	}
1075	style_header("%s", zTitle);
1076	output_color_key(zClrKey, 1,
1077	"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
1078	@ <table border="1" cellpadding="2" cellspacing="0" class="report"
1079	@ id="reportTable">
1080	sState.rn = rn;
	@@ -1112,21 +1112,19 @@
1112	** show all reports, which can be used for ticket show.
1113	** Output is written to stdout as tab delimited table
1114	*/
1115	void rpt_list_reports(void){
1116	Stmt q;


1117	fossil_print("Available reports:\n");
1118	fossil_print("%s\t%s\n","report number","report title");
1119	fossil_print("%s\t%s\n",zFullTicketRptRn,zFullTicketRptTitle);
1120	db_prepare(&q,"SELECT rn,title FROM reportfmt ORDER BY rn");
1121	while( db_step(&q)==SQLITE_ROW ){
1122	const char *zRn = db_column_text(&q, 0);
1123	const char *zTitle = db_column_text(&q, 1);
1124
1125	fossil_print("%s\t%s\n",zRn,zTitle);
1126	}
1127	db_finalize(&q);
1128	}
1129
1130	/*
1131

M src/rss.c

+10 -10

		--- src/rss.c
		+++ src/rss.c
		@@ -76,11 +76,11 @@
76	76
77	77	if( zType[0]!='a' ){
78	78	if( zType[0]=='c' && !g.perm.Read ) zType = "x";
79	79	if( zType[0]=='w' && !g.perm.RdWiki ) zType = "x";
80	80	if( zType[0]=='t' && !g.perm.RdTkt ) zType = "x";
81		- blob_appendf(&bSQL, " AND event.type=%Q", zType);
	81	+ blob_append_sql(&bSQL, " AND event.type=%Q", zType);
82	82	}else{
83	83	if( !g.perm.Read ){
84	84	if( g.perm.RdTkt && g.perm.RdWiki ){
85	85	blob_append(&bSQL, " AND event.type!='ci'", -1);
86	86	}else if( g.perm.RdTkt ){
		@@ -122,18 +122,18 @@
122	122	}else{
123	123	nTagId = 0;
124	124	}
125	125
126	126	if( nTagId==-1 ){
127		- blob_appendf(&bSQL, " AND 0");
	127	+ blob_append_sql(&bSQL, " AND 0");
128	128	}else if( nTagId!=0 ){
129		- blob_appendf(&bSQL, " AND (EXISTS(SELECT 1 FROM tagxref"
	129	+ blob_append_sql(&bSQL, " AND (EXISTS(SELECT 1 FROM tagxref"
130	130	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid))", nTagId);
131	131	}
132	132
133	133	if( zFilename ){
134		- blob_appendf(&bSQL,
	134	+ blob_append_sql(&bSQL,
135	135	" AND (SELECT mlink.fnid FROM mlink WHERE event.objid=mlink.mid) IN (SELECT fnid FROM filename WHERE name=%Q %s)",
136	136	zFilename, filename_collation()
137	137	);
138	138	}
139	139
		@@ -160,11 +160,11 @@
160	160	@ <link>%s(g.zBaseURL)</link>
161	161	@ <description>%h(zProjectDescr)</description>
162	162	@ <pubDate>%s(zPubDate)</pubDate>
163	163	@ <generator>Fossil version %s(MANIFEST_VERSION) %s(MANIFEST_DATE)</generator>
164	164	free(zPubDate);
165		- db_prepare(&q, blob_str(&bSQL));
	165	+ db_prepare(&q, "%s", blob_sql_text(&bSQL));
166	166	blob_reset( &bSQL );
167	167	while( db_step(&q)==SQLITE_ROW && nLine<nLimit ){
168	168	const char *zId = db_column_text(&q, 1);
169	169	const char *zCom = db_column_text(&q, 3);
170	170	const char *zAuthor = db_column_text(&q, 4);
		@@ -280,11 +280,11 @@
280	280
281	281	blob_zero(&bSQL);
282	282	blob_append( &bSQL, zSQL1, -1 );
283	283
284	284	if( zType[0]!='a' ){
285		- blob_appendf(&bSQL, " AND event.type=%Q", zType);
	285	+ blob_append_sql(&bSQL, " AND event.type=%Q", zType);
286	286	}
287	287
288	288	if( zTicketUuid ){
289	289	nTagId = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",
290	290	zTicketUuid);
		@@ -306,18 +306,18 @@
306	306	}else{
307	307	nTagId = 0;
308	308	}
309	309
310	310	if( nTagId==-1 ){
311		- blob_appendf(&bSQL, " AND 0");
	311	+ blob_append_sql(&bSQL, " AND 0");
312	312	}else if( nTagId!=0 ){
313		- blob_appendf(&bSQL, " AND (EXISTS(SELECT 1 FROM tagxref"
	313	+ blob_append_sql(&bSQL, " AND (EXISTS(SELECT 1 FROM tagxref"
314	314	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid))", nTagId);
315	315	}
316	316
317	317	if( zFilename ){
318		- blob_appendf(&bSQL,
	318	+ blob_append_sql(&bSQL,
319	319	" AND (SELECT mlink.fnid FROM mlink WHERE event.objid=mlink.mid) IN (SELECT fnid FROM filename WHERE name=%Q %s)",
320	320	zFilename, filename_collation()
321	321	);
322	322	}
323	323
		@@ -343,11 +343,11 @@
343	343	fossil_print("<description>%h</description>\n", zProjectDescr);
344	344	fossil_print("<pubDate>%s</pubDate>\n", zPubDate);
345	345	fossil_print("<generator>Fossil version %s %s</generator>\n",
346	346	MANIFEST_VERSION, MANIFEST_DATE);
347	347	free(zPubDate);
348		- db_prepare(&q, blob_str(&bSQL));
	348	+ db_prepare(&q, "%s", blob_sql_text(&bSQL));
349	349	blob_reset( &bSQL );
350	350	while( db_step(&q)==SQLITE_ROW && nLine<nLimit ){
351	351	const char *zId = db_column_text(&q, 1);
352	352	const char *zCom = db_column_text(&q, 3);
353	353	const char *zAuthor = db_column_text(&q, 4);
354	354

	--- src/rss.c
	+++ src/rss.c
	@@ -76,11 +76,11 @@
76
77	if( zType[0]!='a' ){
78	if( zType[0]=='c' && !g.perm.Read ) zType = "x";
79	if( zType[0]=='w' && !g.perm.RdWiki ) zType = "x";
80	if( zType[0]=='t' && !g.perm.RdTkt ) zType = "x";
81	blob_appendf(&bSQL, " AND event.type=%Q", zType);
82	}else{
83	if( !g.perm.Read ){
84	if( g.perm.RdTkt && g.perm.RdWiki ){
85	blob_append(&bSQL, " AND event.type!='ci'", -1);
86	}else if( g.perm.RdTkt ){
	@@ -122,18 +122,18 @@
122	}else{
123	nTagId = 0;
124	}
125
126	if( nTagId==-1 ){
127	blob_appendf(&bSQL, " AND 0");
128	}else if( nTagId!=0 ){
129	blob_appendf(&bSQL, " AND (EXISTS(SELECT 1 FROM tagxref"
130	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid))", nTagId);
131	}
132
133	if( zFilename ){
134	blob_appendf(&bSQL,
135	" AND (SELECT mlink.fnid FROM mlink WHERE event.objid=mlink.mid) IN (SELECT fnid FROM filename WHERE name=%Q %s)",
136	zFilename, filename_collation()
137	);
138	}
139
	@@ -160,11 +160,11 @@
160	@ <link>%s(g.zBaseURL)</link>
161	@ <description>%h(zProjectDescr)</description>
162	@ <pubDate>%s(zPubDate)</pubDate>
163	@ <generator>Fossil version %s(MANIFEST_VERSION) %s(MANIFEST_DATE)</generator>
164	free(zPubDate);
165	db_prepare(&q, blob_str(&bSQL));
166	blob_reset( &bSQL );
167	while( db_step(&q)==SQLITE_ROW && nLine<nLimit ){
168	const char *zId = db_column_text(&q, 1);
169	const char *zCom = db_column_text(&q, 3);
170	const char *zAuthor = db_column_text(&q, 4);
	@@ -280,11 +280,11 @@
280
281	blob_zero(&bSQL);
282	blob_append( &bSQL, zSQL1, -1 );
283
284	if( zType[0]!='a' ){
285	blob_appendf(&bSQL, " AND event.type=%Q", zType);
286	}
287
288	if( zTicketUuid ){
289	nTagId = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",
290	zTicketUuid);
	@@ -306,18 +306,18 @@
306	}else{
307	nTagId = 0;
308	}
309
310	if( nTagId==-1 ){
311	blob_appendf(&bSQL, " AND 0");
312	}else if( nTagId!=0 ){
313	blob_appendf(&bSQL, " AND (EXISTS(SELECT 1 FROM tagxref"
314	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid))", nTagId);
315	}
316
317	if( zFilename ){
318	blob_appendf(&bSQL,
319	" AND (SELECT mlink.fnid FROM mlink WHERE event.objid=mlink.mid) IN (SELECT fnid FROM filename WHERE name=%Q %s)",
320	zFilename, filename_collation()
321	);
322	}
323
	@@ -343,11 +343,11 @@
343	fossil_print("<description>%h</description>\n", zProjectDescr);
344	fossil_print("<pubDate>%s</pubDate>\n", zPubDate);
345	fossil_print("<generator>Fossil version %s %s</generator>\n",
346	MANIFEST_VERSION, MANIFEST_DATE);
347	free(zPubDate);
348	db_prepare(&q, blob_str(&bSQL));
349	blob_reset( &bSQL );
350	while( db_step(&q)==SQLITE_ROW && nLine<nLimit ){
351	const char *zId = db_column_text(&q, 1);
352	const char *zCom = db_column_text(&q, 3);
353	const char *zAuthor = db_column_text(&q, 4);
354

	--- src/rss.c
	+++ src/rss.c
	@@ -76,11 +76,11 @@
76
77	if( zType[0]!='a' ){
78	if( zType[0]=='c' && !g.perm.Read ) zType = "x";
79	if( zType[0]=='w' && !g.perm.RdWiki ) zType = "x";
80	if( zType[0]=='t' && !g.perm.RdTkt ) zType = "x";
81	blob_append_sql(&bSQL, " AND event.type=%Q", zType);
82	}else{
83	if( !g.perm.Read ){
84	if( g.perm.RdTkt && g.perm.RdWiki ){
85	blob_append(&bSQL, " AND event.type!='ci'", -1);
86	}else if( g.perm.RdTkt ){
	@@ -122,18 +122,18 @@
122	}else{
123	nTagId = 0;
124	}
125
126	if( nTagId==-1 ){
127	blob_append_sql(&bSQL, " AND 0");
128	}else if( nTagId!=0 ){
129	blob_append_sql(&bSQL, " AND (EXISTS(SELECT 1 FROM tagxref"
130	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid))", nTagId);
131	}
132
133	if( zFilename ){
134	blob_append_sql(&bSQL,
135	" AND (SELECT mlink.fnid FROM mlink WHERE event.objid=mlink.mid) IN (SELECT fnid FROM filename WHERE name=%Q %s)",
136	zFilename, filename_collation()
137	);
138	}
139
	@@ -160,11 +160,11 @@
160	@ <link>%s(g.zBaseURL)</link>
161	@ <description>%h(zProjectDescr)</description>
162	@ <pubDate>%s(zPubDate)</pubDate>
163	@ <generator>Fossil version %s(MANIFEST_VERSION) %s(MANIFEST_DATE)</generator>
164	free(zPubDate);
165	db_prepare(&q, "%s", blob_sql_text(&bSQL));
166	blob_reset( &bSQL );
167	while( db_step(&q)==SQLITE_ROW && nLine<nLimit ){
168	const char *zId = db_column_text(&q, 1);
169	const char *zCom = db_column_text(&q, 3);
170	const char *zAuthor = db_column_text(&q, 4);
	@@ -280,11 +280,11 @@
280
281	blob_zero(&bSQL);
282	blob_append( &bSQL, zSQL1, -1 );
283
284	if( zType[0]!='a' ){
285	blob_append_sql(&bSQL, " AND event.type=%Q", zType);
286	}
287
288	if( zTicketUuid ){
289	nTagId = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",
290	zTicketUuid);
	@@ -306,18 +306,18 @@
306	}else{
307	nTagId = 0;
308	}
309
310	if( nTagId==-1 ){
311	blob_append_sql(&bSQL, " AND 0");
312	}else if( nTagId!=0 ){
313	blob_append_sql(&bSQL, " AND (EXISTS(SELECT 1 FROM tagxref"
314	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid))", nTagId);
315	}
316
317	if( zFilename ){
318	blob_append_sql(&bSQL,
319	" AND (SELECT mlink.fnid FROM mlink WHERE event.objid=mlink.mid) IN (SELECT fnid FROM filename WHERE name=%Q %s)",
320	zFilename, filename_collation()
321	);
322	}
323
	@@ -343,11 +343,11 @@
343	fossil_print("<description>%h</description>\n", zProjectDescr);
344	fossil_print("<pubDate>%s</pubDate>\n", zPubDate);
345	fossil_print("<generator>Fossil version %s %s</generator>\n",
346	MANIFEST_VERSION, MANIFEST_DATE);
347	free(zPubDate);
348	db_prepare(&q, "%s", blob_sql_text(&bSQL));
349	blob_reset( &bSQL );
350	while( db_step(&q)==SQLITE_ROW && nLine<nLimit ){
351	const char *zId = db_column_text(&q, 1);
352	const char *zCom = db_column_text(&q, 3);
353	const char *zAuthor = db_column_text(&q, 4);
354

M src/search.c

+2 -2

		--- src/search.c
		+++ src/search.c
		@@ -231,13 +231,13 @@
231	231	iBest = db_int(0, "SELECT max(x) FROM srch");
232	232	blob_append(&sql,
233	233	"SELECT rid, uuid, date, comment, 0, 0 FROM srch "
234	234	"WHERE 1 ", -1);
235	235	if(!fAll){
236		- blob_appendf(&sql,"AND x>%d ", iBest/3);
	236	+ blob_append_sql(&sql,"AND x>%d ", iBest/3);
237	237	}
238	238	blob_append(&sql, "ORDER BY x DESC, date DESC ", -1);
239		- db_prepare(&q, blob_str(&sql));
	239	+ db_prepare(&q, "%s", blob_sql_text(&sql));
240	240	blob_reset(&sql);
241	241	print_timeline(&q, nLimit, width, 0);
242	242	db_finalize(&q);
243	243	}
244	244

	--- src/search.c
	+++ src/search.c
	@@ -231,13 +231,13 @@
231	iBest = db_int(0, "SELECT max(x) FROM srch");
232	blob_append(&sql,
233	"SELECT rid, uuid, date, comment, 0, 0 FROM srch "
234	"WHERE 1 ", -1);
235	if(!fAll){
236	blob_appendf(&sql,"AND x>%d ", iBest/3);
237	}
238	blob_append(&sql, "ORDER BY x DESC, date DESC ", -1);
239	db_prepare(&q, blob_str(&sql));
240	blob_reset(&sql);
241	print_timeline(&q, nLimit, width, 0);
242	db_finalize(&q);
243	}
244

	--- src/search.c
	+++ src/search.c
	@@ -231,13 +231,13 @@
231	iBest = db_int(0, "SELECT max(x) FROM srch");
232	blob_append(&sql,
233	"SELECT rid, uuid, date, comment, 0, 0 FROM srch "
234	"WHERE 1 ", -1);
235	if(!fAll){
236	blob_append_sql(&sql,"AND x>%d ", iBest/3);
237	}
238	blob_append(&sql, "ORDER BY x DESC, date DESC ", -1);
239	db_prepare(&q, "%s", blob_sql_text(&sql));
240	blob_reset(&sql);
241	print_timeline(&q, nLimit, width, 0);
242	db_finalize(&q);
243	}
244

M src/setup.c

+3 -3

		--- src/setup.c
		+++ src/setup.c
		@@ -375,11 +375,11 @@
375	375	return;
376	376	}
377	377	login_verify_csrf_secret();
378	378	db_multi_exec(
379	379	"REPLACE INTO user(uid,login,info,pw,cap,mtime) "
380		- "VALUES(nullif(%d,0),%Q,%Q,%Q,'%s',now())",
	380	+ "VALUES(nullif(%d,0),%Q,%Q,%Q,%Q,now())",
381	381	uid, P("login"), P("info"), zPw, zCap
382	382	);
383	383	if( atoi(PD("all","0"))>0 ){
384	384	Blob sql;
385	385	char *zErr = 0;
		@@ -477,11 +477,11 @@
477	477
478	478	/* Begin generating the page
479	479	*/
480	480	style_submenu_element("Cancel", "Cancel", "setup_ulist");
481	481	if( uid ){
482		- style_header(mprintf("Edit User %h", zLogin));
	482	+ style_header("Edit User %h", zLogin);
483	483	}else{
484	484	style_header("Add A New User");
485	485	}
486	486	@ <div class="ueditCapBox">
487	487	@ <form action="%s(g.zPath)" method="post"><div>
		@@ -1157,11 +1157,11 @@
1157	1157	login_check_credentials();
1158	1158	if( !g.perm.Setup ){
1159	1159	login_needed();
1160	1160	}
1161	1161	file_canonical_name(g.zRepositoryName, &fullName, 0);
1162		- zSelfRepo = mprintf(blob_str(&fullName));
	1162	+ zSelfRepo = fossil_strdup(blob_str(&fullName));
1163	1163	blob_reset(&fullName);
1164	1164	if( P("join")!=0 ){
1165	1165	login_group_join(zRepo, zLogin, zPw, zNewName, &zErrMsg);
1166	1166	}else if( P("leave") ){
1167	1167	login_group_leave(&zErrMsg);
1168	1168

	--- src/setup.c
	+++ src/setup.c
	@@ -375,11 +375,11 @@
375	return;
376	}
377	login_verify_csrf_secret();
378	db_multi_exec(
379	"REPLACE INTO user(uid,login,info,pw,cap,mtime) "
380	"VALUES(nullif(%d,0),%Q,%Q,%Q,'%s',now())",
381	uid, P("login"), P("info"), zPw, zCap
382	);
383	if( atoi(PD("all","0"))>0 ){
384	Blob sql;
385	char *zErr = 0;
	@@ -477,11 +477,11 @@
477
478	/* Begin generating the page
479	*/
480	style_submenu_element("Cancel", "Cancel", "setup_ulist");
481	if( uid ){
482	style_header(mprintf("Edit User %h", zLogin));
483	}else{
484	style_header("Add A New User");
485	}
486	@ <div class="ueditCapBox">
487	@ <form action="%s(g.zPath)" method="post"><div>
	@@ -1157,11 +1157,11 @@
1157	login_check_credentials();
1158	if( !g.perm.Setup ){
1159	login_needed();
1160	}
1161	file_canonical_name(g.zRepositoryName, &fullName, 0);
1162	zSelfRepo = mprintf(blob_str(&fullName));
1163	blob_reset(&fullName);
1164	if( P("join")!=0 ){
1165	login_group_join(zRepo, zLogin, zPw, zNewName, &zErrMsg);
1166	}else if( P("leave") ){
1167	login_group_leave(&zErrMsg);
1168

	--- src/setup.c
	+++ src/setup.c
	@@ -375,11 +375,11 @@
375	return;
376	}
377	login_verify_csrf_secret();
378	db_multi_exec(
379	"REPLACE INTO user(uid,login,info,pw,cap,mtime) "
380	"VALUES(nullif(%d,0),%Q,%Q,%Q,%Q,now())",
381	uid, P("login"), P("info"), zPw, zCap
382	);
383	if( atoi(PD("all","0"))>0 ){
384	Blob sql;
385	char *zErr = 0;
	@@ -477,11 +477,11 @@
477
478	/* Begin generating the page
479	*/
480	style_submenu_element("Cancel", "Cancel", "setup_ulist");
481	if( uid ){
482	style_header("Edit User %h", zLogin);
483	}else{
484	style_header("Add A New User");
485	}
486	@ <div class="ueditCapBox">
487	@ <form action="%s(g.zPath)" method="post"><div>
	@@ -1157,11 +1157,11 @@
1157	login_check_credentials();
1158	if( !g.perm.Setup ){
1159	login_needed();
1160	}
1161	file_canonical_name(g.zRepositoryName, &fullName, 0);
1162	zSelfRepo = fossil_strdup(blob_str(&fullName));
1163	blob_reset(&fullName);
1164	if( P("join")!=0 ){
1165	login_group_join(zRepo, zLogin, zPw, zNewName, &zErrMsg);
1166	}else if( P("leave") ){
1167	login_group_leave(&zErrMsg);
1168

M src/shun.c

+3 -3

		--- src/shun.c
		+++ src/shun.c
		@@ -98,12 +98,12 @@
98	98	if( zUuid && P("sub") ){
99	99	const char *p = zUuid;
100	100	int allExist = 1;
101	101	login_verify_csrf_secret();
102	102	while( *p ){
103		- db_multi_exec("DELETE FROM shun WHERE uuid='%s'", p);
104		- if( !db_exists("SELECT 1 FROM blob WHERE uuid='%s'", p) ){
	103	+ db_multi_exec("DELETE FROM shun WHERE uuid=%Q", p);
	104	+ if( !db_exists("SELECT 1 FROM blob WHERE uuid=%Q", p) ){
105	105	allExist = 0;
106	106	}
107	107	p += UUID_SIZE+1;
108	108	}
109	109	if( allExist ){
		@@ -128,11 +128,11 @@
128	128	int rid, tagid;
129	129	login_verify_csrf_secret();
130	130	while( *p ){
131	131	db_multi_exec(
132	132	"INSERT OR IGNORE INTO shun(uuid,mtime)"
133		- " VALUES('%s', now())", p);
	133	+ " VALUES(%Q, now())", p);
134	134	db_multi_exec("DELETE FROM attachment WHERE src=%Q", p);
135	135	rid = db_int(0, "SELECT rid FROM blob WHERE uuid=%Q", p);
136	136	if( rid ){
137	137	db_multi_exec("DELETE FROM event WHERE objid=%d", rid);
138	138	}
139	139

	--- src/shun.c
	+++ src/shun.c
	@@ -98,12 +98,12 @@
98	if( zUuid && P("sub") ){
99	const char *p = zUuid;
100	int allExist = 1;
101	login_verify_csrf_secret();
102	while( *p ){
103	db_multi_exec("DELETE FROM shun WHERE uuid='%s'", p);
104	if( !db_exists("SELECT 1 FROM blob WHERE uuid='%s'", p) ){
105	allExist = 0;
106	}
107	p += UUID_SIZE+1;
108	}
109	if( allExist ){
	@@ -128,11 +128,11 @@
128	int rid, tagid;
129	login_verify_csrf_secret();
130	while( *p ){
131	db_multi_exec(
132	"INSERT OR IGNORE INTO shun(uuid,mtime)"
133	" VALUES('%s', now())", p);
134	db_multi_exec("DELETE FROM attachment WHERE src=%Q", p);
135	rid = db_int(0, "SELECT rid FROM blob WHERE uuid=%Q", p);
136	if( rid ){
137	db_multi_exec("DELETE FROM event WHERE objid=%d", rid);
138	}
139

	--- src/shun.c
	+++ src/shun.c
	@@ -98,12 +98,12 @@
98	if( zUuid && P("sub") ){
99	const char *p = zUuid;
100	int allExist = 1;
101	login_verify_csrf_secret();
102	while( *p ){
103	db_multi_exec("DELETE FROM shun WHERE uuid=%Q", p);
104	if( !db_exists("SELECT 1 FROM blob WHERE uuid=%Q", p) ){
105	allExist = 0;
106	}
107	p += UUID_SIZE+1;
108	}
109	if( allExist ){
	@@ -128,11 +128,11 @@
128	int rid, tagid;
129	login_verify_csrf_secret();
130	while( *p ){
131	db_multi_exec(
132	"INSERT OR IGNORE INTO shun(uuid,mtime)"
133	" VALUES(%Q, now())", p);
134	db_multi_exec("DELETE FROM attachment WHERE src=%Q", p);
135	rid = db_int(0, "SELECT rid FROM blob WHERE uuid=%Q", p);
136	if( rid ){
137	db_multi_exec("DELETE FROM event WHERE objid=%d", rid);
138	}
139

M src/skins.c

+2 -2

		--- src/skins.c
		+++ src/skins.c
		@@ -1392,18 +1392,18 @@
1392	1392	seen = 0;
1393	1393	for(i=0; i<sizeof(aBuiltinSkin)/sizeof(aBuiltinSkin[0]); i++){
1394	1394	if( fossil_strcmp(aBuiltinSkin[i].zName, z)==0 ){
1395	1395	seen = 1;
1396	1396	zCurrent = aBuiltinSkin[i].zValue;
1397		- db_multi_exec("%s", zCurrent);
	1397	+ db_multi_exec("%s", zCurrent/safe-for-%s/);
1398	1398	break;
1399	1399	}
1400	1400	}
1401	1401	if( !seen ){
1402	1402	zName = skinVarName(z,0);
1403	1403	zCurrent = db_get(zName, 0);
1404		- db_multi_exec("%s", zCurrent);
	1404	+ db_multi_exec("%s", zCurrent/safe-for-%s/);
1405	1405	}
1406	1406	}
1407	1407
1408	1408	style_header("Skins");
1409	1409	if( zErr ){
1410	1410

	--- src/skins.c
	+++ src/skins.c
	@@ -1392,18 +1392,18 @@
1392	seen = 0;
1393	for(i=0; i<sizeof(aBuiltinSkin)/sizeof(aBuiltinSkin[0]); i++){
1394	if( fossil_strcmp(aBuiltinSkin[i].zName, z)==0 ){
1395	seen = 1;
1396	zCurrent = aBuiltinSkin[i].zValue;
1397	db_multi_exec("%s", zCurrent);
1398	break;
1399	}
1400	}
1401	if( !seen ){
1402	zName = skinVarName(z,0);
1403	zCurrent = db_get(zName, 0);
1404	db_multi_exec("%s", zCurrent);
1405	}
1406	}
1407
1408	style_header("Skins");
1409	if( zErr ){
1410

	--- src/skins.c
	+++ src/skins.c
	@@ -1392,18 +1392,18 @@
1392	seen = 0;
1393	for(i=0; i<sizeof(aBuiltinSkin)/sizeof(aBuiltinSkin[0]); i++){
1394	if( fossil_strcmp(aBuiltinSkin[i].zName, z)==0 ){
1395	seen = 1;
1396	zCurrent = aBuiltinSkin[i].zValue;
1397	db_multi_exec("%s", zCurrent/safe-for-%s/);
1398	break;
1399	}
1400	}
1401	if( !seen ){
1402	zName = skinVarName(z,0);
1403	zCurrent = db_get(zName, 0);
1404	db_multi_exec("%s", zCurrent/safe-for-%s/);
1405	}
1406	}
1407
1408	style_header("Skins");
1409	if( zErr ){
1410

M src/stash.c

+6 -6

		--- src/stash.c
		+++ src/stash.c
		@@ -23,17 +23,17 @@
23	23
24	24	/*
25	25	** SQL code to implement the tables needed by the stash.
26	26	*/
27	27	static const char zStashInit[] =
28		-@ CREATE TABLE IF NOT EXISTS %s.stash(
	28	+@ CREATE TABLE IF NOT EXISTS "%w".stash(
29	29	@ stashid INTEGER PRIMARY KEY, -- Unique stash identifier
30	30	@ vid INTEGER, -- The baseline check-out for this stash
31	31	@ comment TEXT, -- Comment for this stash. Or NULL
32	32	@ ctime TIMESTAMP -- When the stash was created
33	33	@ );
34		-@ CREATE TABLE IF NOT EXISTS %s.stashfile(
	34	+@ CREATE TABLE IF NOT EXISTS "%w".stashfile(
35	35	@ stashid INTEGER REFERENCES stash, -- Stash that contains this file
36	36	@ rid INTEGER, -- Baseline content in BLOB table or 0.
37	37	@ isAdded BOOLEAN, -- True if this is an added file
38	38	@ isRemoved BOOLEAN, -- True if this file is deleted
39	39	@ isExec BOOLEAN, -- True if file is executable
		@@ -61,24 +61,24 @@
61	61
62	62	zFile = mprintf("%/", zFName);
63	63	file_tree_name(zFile, &fname, 1);
64	64	zTreename = blob_str(&fname);
65	65	blob_zero(&sql);
66		- blob_appendf(&sql,
	66	+ blob_append_sql(&sql,
67	67	"SELECT deleted, isexe, islink, mrid, pathname, coalesce(origname,pathname)"
68	68	" FROM vfile"
69	69	" WHERE vid=%d AND (chnged OR deleted OR origname NOT NULL OR mrid==0)",
70	70	vid
71	71	);
72	72	if( fossil_strcmp(zTreename,".")!=0 ){
73		- blob_appendf(&sql,
	73	+ blob_append_sql(&sql,
74	74	" AND (pathname GLOB '%q/' OR origname GLOB '%q/'"
75	75	" OR pathname=%Q OR origname=%Q)",
76	76	zTreename, zTreename, zTreename, zTreename
77	77	);
78	78	}
79		- db_prepare(&q, blob_str(&sql));
	79	+ db_prepare(&q, "%s", blob_sql_text(&sql));
80	80	blob_reset(&sql);
81	81	db_prepare(&ins,
82	82	"INSERT INTO stashfile(stashid, rid, isAdded, isRemoved, isExec, isLink,"
83	83	"origname, newname, delta)"
84	84	"VALUES(%d,:rid,:isadd,:isrm,:isexe,:islink,:orig,:new,:content)",
		@@ -481,11 +481,11 @@
481	481	undo_capture_command_line();
482	482	db_must_be_within_tree();
483	483	db_open_config(0);
484	484	db_begin_transaction();
485	485	zDb = db_name("localdb");
486		- db_multi_exec(zStashInit, zDb, zDb);
	486	+ db_multi_exec(zStashInit /works-like:"%w,%w"/, zDb, zDb);
487	487	if( g.argc<=2 ){
488	488	zCmd = "save";
489	489	}else{
490	490	zCmd = g.argv[2];
491	491	}
492	492

	--- src/stash.c
	+++ src/stash.c
	@@ -23,17 +23,17 @@
23
24	/*
25	** SQL code to implement the tables needed by the stash.
26	*/
27	static const char zStashInit[] =
28	@ CREATE TABLE IF NOT EXISTS %s.stash(
29	@ stashid INTEGER PRIMARY KEY, -- Unique stash identifier
30	@ vid INTEGER, -- The baseline check-out for this stash
31	@ comment TEXT, -- Comment for this stash. Or NULL
32	@ ctime TIMESTAMP -- When the stash was created
33	@ );
34	@ CREATE TABLE IF NOT EXISTS %s.stashfile(
35	@ stashid INTEGER REFERENCES stash, -- Stash that contains this file
36	@ rid INTEGER, -- Baseline content in BLOB table or 0.
37	@ isAdded BOOLEAN, -- True if this is an added file
38	@ isRemoved BOOLEAN, -- True if this file is deleted
39	@ isExec BOOLEAN, -- True if file is executable
	@@ -61,24 +61,24 @@
61
62	zFile = mprintf("%/", zFName);
63	file_tree_name(zFile, &fname, 1);
64	zTreename = blob_str(&fname);
65	blob_zero(&sql);
66	blob_appendf(&sql,
67	"SELECT deleted, isexe, islink, mrid, pathname, coalesce(origname,pathname)"
68	" FROM vfile"
69	" WHERE vid=%d AND (chnged OR deleted OR origname NOT NULL OR mrid==0)",
70	vid
71	);
72	if( fossil_strcmp(zTreename,".")!=0 ){
73	blob_appendf(&sql,
74	" AND (pathname GLOB '%q/' OR origname GLOB '%q/'"
75	" OR pathname=%Q OR origname=%Q)",
76	zTreename, zTreename, zTreename, zTreename
77	);
78	}
79	db_prepare(&q, blob_str(&sql));
80	blob_reset(&sql);
81	db_prepare(&ins,
82	"INSERT INTO stashfile(stashid, rid, isAdded, isRemoved, isExec, isLink,"
83	"origname, newname, delta)"
84	"VALUES(%d,:rid,:isadd,:isrm,:isexe,:islink,:orig,:new,:content)",
	@@ -481,11 +481,11 @@
481	undo_capture_command_line();
482	db_must_be_within_tree();
483	db_open_config(0);
484	db_begin_transaction();
485	zDb = db_name("localdb");
486	db_multi_exec(zStashInit, zDb, zDb);
487	if( g.argc<=2 ){
488	zCmd = "save";
489	}else{
490	zCmd = g.argv[2];
491	}
492

	--- src/stash.c
	+++ src/stash.c
	@@ -23,17 +23,17 @@
23
24	/*
25	** SQL code to implement the tables needed by the stash.
26	*/
27	static const char zStashInit[] =
28	@ CREATE TABLE IF NOT EXISTS "%w".stash(
29	@ stashid INTEGER PRIMARY KEY, -- Unique stash identifier
30	@ vid INTEGER, -- The baseline check-out for this stash
31	@ comment TEXT, -- Comment for this stash. Or NULL
32	@ ctime TIMESTAMP -- When the stash was created
33	@ );
34	@ CREATE TABLE IF NOT EXISTS "%w".stashfile(
35	@ stashid INTEGER REFERENCES stash, -- Stash that contains this file
36	@ rid INTEGER, -- Baseline content in BLOB table or 0.
37	@ isAdded BOOLEAN, -- True if this is an added file
38	@ isRemoved BOOLEAN, -- True if this file is deleted
39	@ isExec BOOLEAN, -- True if file is executable
	@@ -61,24 +61,24 @@
61
62	zFile = mprintf("%/", zFName);
63	file_tree_name(zFile, &fname, 1);
64	zTreename = blob_str(&fname);
65	blob_zero(&sql);
66	blob_append_sql(&sql,
67	"SELECT deleted, isexe, islink, mrid, pathname, coalesce(origname,pathname)"
68	" FROM vfile"
69	" WHERE vid=%d AND (chnged OR deleted OR origname NOT NULL OR mrid==0)",
70	vid
71	);
72	if( fossil_strcmp(zTreename,".")!=0 ){
73	blob_append_sql(&sql,
74	" AND (pathname GLOB '%q/' OR origname GLOB '%q/'"
75	" OR pathname=%Q OR origname=%Q)",
76	zTreename, zTreename, zTreename, zTreename
77	);
78	}
79	db_prepare(&q, "%s", blob_sql_text(&sql));
80	blob_reset(&sql);
81	db_prepare(&ins,
82	"INSERT INTO stashfile(stashid, rid, isAdded, isRemoved, isExec, isLink,"
83	"origname, newname, delta)"
84	"VALUES(%d,:rid,:isadd,:isrm,:isexe,:islink,:orig,:new,:content)",
	@@ -481,11 +481,11 @@
481	undo_capture_command_line();
482	db_must_be_within_tree();
483	db_open_config(0);
484	db_begin_transaction();
485	zDb = db_name("localdb");
486	db_multi_exec(zStashInit /works-like:"%w,%w"/, zDb, zDb);
487	if( g.argc<=2 ){
488	zCmd = "save";
489	}else{
490	zCmd = g.argv[2];
491	}
492

M src/stash.c

+6 -6

		--- src/stash.c
		+++ src/stash.c
		@@ -23,17 +23,17 @@
23	23
24	24	/*
25	25	** SQL code to implement the tables needed by the stash.
26	26	*/
27	27	static const char zStashInit[] =
28		-@ CREATE TABLE IF NOT EXISTS %s.stash(
	28	+@ CREATE TABLE IF NOT EXISTS "%w".stash(
29	29	@ stashid INTEGER PRIMARY KEY, -- Unique stash identifier
30	30	@ vid INTEGER, -- The baseline check-out for this stash
31	31	@ comment TEXT, -- Comment for this stash. Or NULL
32	32	@ ctime TIMESTAMP -- When the stash was created
33	33	@ );
34		-@ CREATE TABLE IF NOT EXISTS %s.stashfile(
	34	+@ CREATE TABLE IF NOT EXISTS "%w".stashfile(
35	35	@ stashid INTEGER REFERENCES stash, -- Stash that contains this file
36	36	@ rid INTEGER, -- Baseline content in BLOB table or 0.
37	37	@ isAdded BOOLEAN, -- True if this is an added file
38	38	@ isRemoved BOOLEAN, -- True if this file is deleted
39	39	@ isExec BOOLEAN, -- True if file is executable
		@@ -61,24 +61,24 @@
61	61
62	62	zFile = mprintf("%/", zFName);
63	63	file_tree_name(zFile, &fname, 1);
64	64	zTreename = blob_str(&fname);
65	65	blob_zero(&sql);
66		- blob_appendf(&sql,
	66	+ blob_append_sql(&sql,
67	67	"SELECT deleted, isexe, islink, mrid, pathname, coalesce(origname,pathname)"
68	68	" FROM vfile"
69	69	" WHERE vid=%d AND (chnged OR deleted OR origname NOT NULL OR mrid==0)",
70	70	vid
71	71	);
72	72	if( fossil_strcmp(zTreename,".")!=0 ){
73		- blob_appendf(&sql,
	73	+ blob_append_sql(&sql,
74	74	" AND (pathname GLOB '%q/' OR origname GLOB '%q/'"
75	75	" OR pathname=%Q OR origname=%Q)",
76	76	zTreename, zTreename, zTreename, zTreename
77	77	);
78	78	}
79		- db_prepare(&q, blob_str(&sql));
	79	+ db_prepare(&q, "%s", blob_sql_text(&sql));
80	80	blob_reset(&sql);
81	81	db_prepare(&ins,
82	82	"INSERT INTO stashfile(stashid, rid, isAdded, isRemoved, isExec, isLink,"
83	83	"origname, newname, delta)"
84	84	"VALUES(%d,:rid,:isadd,:isrm,:isexe,:islink,:orig,:new,:content)",
		@@ -481,11 +481,11 @@
481	481	undo_capture_command_line();
482	482	db_must_be_within_tree();
483	483	db_open_config(0);
484	484	db_begin_transaction();
485	485	zDb = db_name("localdb");
486		- db_multi_exec(zStashInit, zDb, zDb);
	486	+ db_multi_exec(zStashInit /works-like:"%w,%w"/, zDb, zDb);
487	487	if( g.argc<=2 ){
488	488	zCmd = "save";
489	489	}else{
490	490	zCmd = g.argv[2];
491	491	}
492	492

	--- src/stash.c
	+++ src/stash.c
	@@ -23,17 +23,17 @@
23
24	/*
25	** SQL code to implement the tables needed by the stash.
26	*/
27	static const char zStashInit[] =
28	@ CREATE TABLE IF NOT EXISTS %s.stash(
29	@ stashid INTEGER PRIMARY KEY, -- Unique stash identifier
30	@ vid INTEGER, -- The baseline check-out for this stash
31	@ comment TEXT, -- Comment for this stash. Or NULL
32	@ ctime TIMESTAMP -- When the stash was created
33	@ );
34	@ CREATE TABLE IF NOT EXISTS %s.stashfile(
35	@ stashid INTEGER REFERENCES stash, -- Stash that contains this file
36	@ rid INTEGER, -- Baseline content in BLOB table or 0.
37	@ isAdded BOOLEAN, -- True if this is an added file
38	@ isRemoved BOOLEAN, -- True if this file is deleted
39	@ isExec BOOLEAN, -- True if file is executable
	@@ -61,24 +61,24 @@
61
62	zFile = mprintf("%/", zFName);
63	file_tree_name(zFile, &fname, 1);
64	zTreename = blob_str(&fname);
65	blob_zero(&sql);
66	blob_appendf(&sql,
67	"SELECT deleted, isexe, islink, mrid, pathname, coalesce(origname,pathname)"
68	" FROM vfile"
69	" WHERE vid=%d AND (chnged OR deleted OR origname NOT NULL OR mrid==0)",
70	vid
71	);
72	if( fossil_strcmp(zTreename,".")!=0 ){
73	blob_appendf(&sql,
74	" AND (pathname GLOB '%q/' OR origname GLOB '%q/'"
75	" OR pathname=%Q OR origname=%Q)",
76	zTreename, zTreename, zTreename, zTreename
77	);
78	}
79	db_prepare(&q, blob_str(&sql));
80	blob_reset(&sql);
81	db_prepare(&ins,
82	"INSERT INTO stashfile(stashid, rid, isAdded, isRemoved, isExec, isLink,"
83	"origname, newname, delta)"
84	"VALUES(%d,:rid,:isadd,:isrm,:isexe,:islink,:orig,:new,:content)",
	@@ -481,11 +481,11 @@
481	undo_capture_command_line();
482	db_must_be_within_tree();
483	db_open_config(0);
484	db_begin_transaction();
485	zDb = db_name("localdb");
486	db_multi_exec(zStashInit, zDb, zDb);
487	if( g.argc<=2 ){
488	zCmd = "save";
489	}else{
490	zCmd = g.argv[2];
491	}
492

	--- src/stash.c
	+++ src/stash.c
	@@ -23,17 +23,17 @@
23
24	/*
25	** SQL code to implement the tables needed by the stash.
26	*/
27	static const char zStashInit[] =
28	@ CREATE TABLE IF NOT EXISTS "%w".stash(
29	@ stashid INTEGER PRIMARY KEY, -- Unique stash identifier
30	@ vid INTEGER, -- The baseline check-out for this stash
31	@ comment TEXT, -- Comment for this stash. Or NULL
32	@ ctime TIMESTAMP -- When the stash was created
33	@ );
34	@ CREATE TABLE IF NOT EXISTS "%w".stashfile(
35	@ stashid INTEGER REFERENCES stash, -- Stash that contains this file
36	@ rid INTEGER, -- Baseline content in BLOB table or 0.
37	@ isAdded BOOLEAN, -- True if this is an added file
38	@ isRemoved BOOLEAN, -- True if this file is deleted
39	@ isExec BOOLEAN, -- True if file is executable
	@@ -61,24 +61,24 @@
61
62	zFile = mprintf("%/", zFName);
63	file_tree_name(zFile, &fname, 1);
64	zTreename = blob_str(&fname);
65	blob_zero(&sql);
66	blob_append_sql(&sql,
67	"SELECT deleted, isexe, islink, mrid, pathname, coalesce(origname,pathname)"
68	" FROM vfile"
69	" WHERE vid=%d AND (chnged OR deleted OR origname NOT NULL OR mrid==0)",
70	vid
71	);
72	if( fossil_strcmp(zTreename,".")!=0 ){
73	blob_append_sql(&sql,
74	" AND (pathname GLOB '%q/' OR origname GLOB '%q/'"
75	" OR pathname=%Q OR origname=%Q)",
76	zTreename, zTreename, zTreename, zTreename
77	);
78	}
79	db_prepare(&q, "%s", blob_sql_text(&sql));
80	blob_reset(&sql);
81	db_prepare(&ins,
82	"INSERT INTO stashfile(stashid, rid, isAdded, isRemoved, isExec, isLink,"
83	"origname, newname, delta)"
84	"VALUES(%d,:rid,:isadd,:isrm,:isexe,:islink,:orig,:new,:content)",
	@@ -481,11 +481,11 @@
481	undo_capture_command_line();
482	db_must_be_within_tree();
483	db_open_config(0);
484	db_begin_transaction();
485	zDb = db_name("localdb");
486	db_multi_exec(zStashInit /works-like:"%w,%w"/, zDb, zDb);
487	if( g.argc<=2 ){
488	zCmd = "save";
489	}else{
490	zCmd = g.argv[2];
491	}
492

M src/stat.c

+10 -10

		--- src/stat.c
		+++ src/stat.c
		@@ -137,15 +137,15 @@
137	137	@ <tr><th>Repository Rebuilt:</th><td>
138	138	@ %h(db_get_mtime("rebuilt","%Y-%m-%d %H:%M:%S","Never"))
139	139	@ By Fossil %h(db_get("rebuilt","Unknown"))</td></tr>
140	140	@ <tr><th>Database Stats:</th><td>
141	141	zDb = db_name("repository");
142		- @ %d(db_int(0, "PRAGMA %s.page_count", zDb)) pages,
143		- @ %d(db_int(0, "PRAGMA %s.page_size", zDb)) bytes/page,
144		- @ %d(db_int(0, "PRAGMA %s.freelist_count", zDb)) free pages,
145		- @ %s(db_text(0, "PRAGMA %s.encoding", zDb)),
146		- @ %s(db_text(0, "PRAGMA %s.journal_mode", zDb)) mode
	142	+ @ %d(db_int(0, "PRAGMA \"%w\".page_count", zDb)) pages,
	143	+ @ %d(db_int(0, "PRAGMA \"%w\".page_size", zDb)) bytes/page,
	144	+ @ %d(db_int(0, "PRAGMA \"%w\".freelist_count", zDb)) free pages,
	145	+ @ %s(db_text(0, "PRAGMA \"%w\".encoding", zDb)),
	146	+ @ %s(db_text(0, "PRAGMA \"%w\".journal_mode", zDb)) mode
147	147	@ </td></tr>
148	148
149	149	@ </table>
150	150	style_footer();
151	151	}
		@@ -267,15 +267,15 @@
267	267	}
268	268	zDb = db_name("repository");
269	269	fossil_print("%*s%d pages, %d bytes/pg, %d free pages, "
270	270	"%s, %s mode\n",
271	271	colWidth, "database-stats:",
272		- db_int(0, "PRAGMA %s.page_count", zDb),
273		- db_int(0, "PRAGMA %s.page_size", zDb),
274		- db_int(0, "PRAGMA %s.freelist_count", zDb),
275		- db_text(0, "PRAGMA %s.encoding", zDb),
276		- db_text(0, "PRAGMA %s.journal_mode", zDb));
	272	+ db_int(0, "PRAGMA \"%w\".page_count", zDb),
	273	+ db_int(0, "PRAGMA \"%w\".page_size", zDb),
	274	+ db_int(0, "PRAGMA \"%w\".freelist_count", zDb),
	275	+ db_text(0, "PRAGMA \"%w\".encoding", zDb),
	276	+ db_text(0, "PRAGMA \"%w\".journal_mode", zDb));
277	277	if( dbCheck ){
278	278	fossil_print("%*s%s\n", colWidth, "database-check:",
279	279	db_text(0, "PRAGMA quick_check(1)"));
280	280	}
281	281	}
282	282

	--- src/stat.c
	+++ src/stat.c
	@@ -137,15 +137,15 @@
137	@ <tr><th>Repository Rebuilt:</th><td>
138	@ %h(db_get_mtime("rebuilt","%Y-%m-%d %H:%M:%S","Never"))
139	@ By Fossil %h(db_get("rebuilt","Unknown"))</td></tr>
140	@ <tr><th>Database Stats:</th><td>
141	zDb = db_name("repository");
142	@ %d(db_int(0, "PRAGMA %s.page_count", zDb)) pages,
143	@ %d(db_int(0, "PRAGMA %s.page_size", zDb)) bytes/page,
144	@ %d(db_int(0, "PRAGMA %s.freelist_count", zDb)) free pages,
145	@ %s(db_text(0, "PRAGMA %s.encoding", zDb)),
146	@ %s(db_text(0, "PRAGMA %s.journal_mode", zDb)) mode
147	@ </td></tr>
148
149	@ </table>
150	style_footer();
151	}
	@@ -267,15 +267,15 @@
267	}
268	zDb = db_name("repository");
269	fossil_print("%*s%d pages, %d bytes/pg, %d free pages, "
270	"%s, %s mode\n",
271	colWidth, "database-stats:",
272	db_int(0, "PRAGMA %s.page_count", zDb),
273	db_int(0, "PRAGMA %s.page_size", zDb),
274	db_int(0, "PRAGMA %s.freelist_count", zDb),
275	db_text(0, "PRAGMA %s.encoding", zDb),
276	db_text(0, "PRAGMA %s.journal_mode", zDb));
277	if( dbCheck ){
278	fossil_print("%*s%s\n", colWidth, "database-check:",
279	db_text(0, "PRAGMA quick_check(1)"));
280	}
281	}
282

	--- src/stat.c
	+++ src/stat.c
	@@ -137,15 +137,15 @@
137	@ <tr><th>Repository Rebuilt:</th><td>
138	@ %h(db_get_mtime("rebuilt","%Y-%m-%d %H:%M:%S","Never"))
139	@ By Fossil %h(db_get("rebuilt","Unknown"))</td></tr>
140	@ <tr><th>Database Stats:</th><td>
141	zDb = db_name("repository");
142	@ %d(db_int(0, "PRAGMA \"%w\".page_count", zDb)) pages,
143	@ %d(db_int(0, "PRAGMA \"%w\".page_size", zDb)) bytes/page,
144	@ %d(db_int(0, "PRAGMA \"%w\".freelist_count", zDb)) free pages,
145	@ %s(db_text(0, "PRAGMA \"%w\".encoding", zDb)),
146	@ %s(db_text(0, "PRAGMA \"%w\".journal_mode", zDb)) mode
147	@ </td></tr>
148
149	@ </table>
150	style_footer();
151	}
	@@ -267,15 +267,15 @@
267	}
268	zDb = db_name("repository");
269	fossil_print("%*s%d pages, %d bytes/pg, %d free pages, "
270	"%s, %s mode\n",
271	colWidth, "database-stats:",
272	db_int(0, "PRAGMA \"%w\".page_count", zDb),
273	db_int(0, "PRAGMA \"%w\".page_size", zDb),
274	db_int(0, "PRAGMA \"%w\".freelist_count", zDb),
275	db_text(0, "PRAGMA \"%w\".encoding", zDb),
276	db_text(0, "PRAGMA \"%w\".journal_mode", zDb));
277	if( dbCheck ){
278	fossil_print("%*s%s\n", colWidth, "database-check:",
279	db_text(0, "PRAGMA quick_check(1)"));
280	}
281	}
282

M src/tag.c

+7 -6

		--- src/tag.c
		+++ src/tag.c
		@@ -213,11 +213,12 @@
213	213	rid
214	214	);
215	215	}
216	216	}
217	217	if( zCol ){
218		- db_multi_exec("UPDATE event SET %s=%Q WHERE objid=%d", zCol, zValue, rid);
	218	+ db_multi_exec("UPDATE event SET \"%w\"=%Q WHERE objid=%d",
	219	+ zCol, zValue, rid);
219	220	if( tagid==TAG_COMMENT ){
220	221	char *zCopy = mprintf("%s", zValue);
221	222	wiki_extract_links(zCopy, rid, 0, mtime, 1, WIKI_INLINE);
222	223	free(zCopy);
223	224	}
		@@ -437,41 +438,41 @@
437	438	if( zType==0 \|\| zType[0]==0 ) zType = "*";
438	439	if( g.argc!=4 ){
439	440	usage("find ?--raw? ?-t\|--type TYPE? ?-n\|--limit #? TAGNAME");
440	441	}
441	442	if( fRaw ){
442		- blob_appendf(&sql,
	443	+ blob_append_sql(&sql,
443	444	"SELECT blob.uuid FROM tagxref, blob"
444	445	" WHERE tagid=(SELECT tagid FROM tag WHERE tagname=%Q)"
445	446	" AND tagxref.tagtype>0"
446	447	" AND blob.rid=tagxref.rid",
447	448	g.argv[3]
448	449	);
449	450	if( nFindLimit>0 ){
450		- blob_appendf(&sql, " LIMIT %d", nFindLimit);
	451	+ blob_append_sql(&sql, " LIMIT %d", nFindLimit);
451	452	}
452		- db_prepare(&q, "%s", blob_str(&sql));
	453	+ db_prepare(&q, "%s", blob_sql_text(&sql));
453	454	blob_reset(&sql);
454	455	while( db_step(&q)==SQLITE_ROW ){
455	456	fossil_print("%s\n", db_column_text(&q, 0));
456	457	}
457	458	db_finalize(&q);
458	459	}else{
459	460	int tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname='sym-%q'",
460	461	g.argv[3]);
461	462	if( tagid>0 ){
462		- blob_appendf(&sql,
	463	+ blob_append_sql(&sql,
463	464	"%s"
464	465	" AND event.type GLOB '%q'"
465	466	" AND blob.rid IN ("
466	467	" SELECT rid FROM tagxref"
467	468	" WHERE tagtype>0 AND tagid=%d"
468	469	")"
469	470	" ORDER BY event.mtime DESC",
470	471	timeline_query_for_tty(), zType, tagid
471	472	);
472		- db_prepare(&q, "%s", blob_str(&sql));
	473	+ db_prepare(&q, "%s", blob_sql_text(&sql));
473	474	blob_reset(&sql);
474	475	print_timeline(&q, nFindLimit, 79, 0);
475	476	db_finalize(&q);
476	477	}
477	478	}
478	479

	--- src/tag.c
	+++ src/tag.c
	@@ -213,11 +213,12 @@
213	rid
214	);
215	}
216	}
217	if( zCol ){
218	db_multi_exec("UPDATE event SET %s=%Q WHERE objid=%d", zCol, zValue, rid);

219	if( tagid==TAG_COMMENT ){
220	char *zCopy = mprintf("%s", zValue);
221	wiki_extract_links(zCopy, rid, 0, mtime, 1, WIKI_INLINE);
222	free(zCopy);
223	}
	@@ -437,41 +438,41 @@
437	if( zType==0 \|\| zType[0]==0 ) zType = "*";
438	if( g.argc!=4 ){
439	usage("find ?--raw? ?-t\|--type TYPE? ?-n\|--limit #? TAGNAME");
440	}
441	if( fRaw ){
442	blob_appendf(&sql,
443	"SELECT blob.uuid FROM tagxref, blob"
444	" WHERE tagid=(SELECT tagid FROM tag WHERE tagname=%Q)"
445	" AND tagxref.tagtype>0"
446	" AND blob.rid=tagxref.rid",
447	g.argv[3]
448	);
449	if( nFindLimit>0 ){
450	blob_appendf(&sql, " LIMIT %d", nFindLimit);
451	}
452	db_prepare(&q, "%s", blob_str(&sql));
453	blob_reset(&sql);
454	while( db_step(&q)==SQLITE_ROW ){
455	fossil_print("%s\n", db_column_text(&q, 0));
456	}
457	db_finalize(&q);
458	}else{
459	int tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname='sym-%q'",
460	g.argv[3]);
461	if( tagid>0 ){
462	blob_appendf(&sql,
463	"%s"
464	" AND event.type GLOB '%q'"
465	" AND blob.rid IN ("
466	" SELECT rid FROM tagxref"
467	" WHERE tagtype>0 AND tagid=%d"
468	")"
469	" ORDER BY event.mtime DESC",
470	timeline_query_for_tty(), zType, tagid
471	);
472	db_prepare(&q, "%s", blob_str(&sql));
473	blob_reset(&sql);
474	print_timeline(&q, nFindLimit, 79, 0);
475	db_finalize(&q);
476	}
477	}
478

	--- src/tag.c
	+++ src/tag.c
	@@ -213,11 +213,12 @@
213	rid
214	);
215	}
216	}
217	if( zCol ){
218	db_multi_exec("UPDATE event SET \"%w\"=%Q WHERE objid=%d",
219	zCol, zValue, rid);
220	if( tagid==TAG_COMMENT ){
221	char *zCopy = mprintf("%s", zValue);
222	wiki_extract_links(zCopy, rid, 0, mtime, 1, WIKI_INLINE);
223	free(zCopy);
224	}
	@@ -437,41 +438,41 @@
438	if( zType==0 \|\| zType[0]==0 ) zType = "*";
439	if( g.argc!=4 ){
440	usage("find ?--raw? ?-t\|--type TYPE? ?-n\|--limit #? TAGNAME");
441	}
442	if( fRaw ){
443	blob_append_sql(&sql,
444	"SELECT blob.uuid FROM tagxref, blob"
445	" WHERE tagid=(SELECT tagid FROM tag WHERE tagname=%Q)"
446	" AND tagxref.tagtype>0"
447	" AND blob.rid=tagxref.rid",
448	g.argv[3]
449	);
450	if( nFindLimit>0 ){
451	blob_append_sql(&sql, " LIMIT %d", nFindLimit);
452	}
453	db_prepare(&q, "%s", blob_sql_text(&sql));
454	blob_reset(&sql);
455	while( db_step(&q)==SQLITE_ROW ){
456	fossil_print("%s\n", db_column_text(&q, 0));
457	}
458	db_finalize(&q);
459	}else{
460	int tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname='sym-%q'",
461	g.argv[3]);
462	if( tagid>0 ){
463	blob_append_sql(&sql,
464	"%s"
465	" AND event.type GLOB '%q'"
466	" AND blob.rid IN ("
467	" SELECT rid FROM tagxref"
468	" WHERE tagtype>0 AND tagid=%d"
469	")"
470	" ORDER BY event.mtime DESC",
471	timeline_query_for_tty(), zType, tagid
472	);
473	db_prepare(&q, "%s", blob_sql_text(&sql));
474	blob_reset(&sql);
475	print_timeline(&q, nFindLimit, 79, 0);
476	db_finalize(&q);
477	}
478	}
479

M src/timeline.c

+71 -75

		--- src/timeline.c
		+++ src/timeline.c
		@@ -860,11 +860,11 @@
860	860	@ tagid INTEGER,
861	861	@ short TEXT,
862	862	@ sortby REAL
863	863	@ )
864	864	;
865		- db_multi_exec(zSql);
	865	+ db_multi_exec("%s", zSql/safe-for-%s/);
866	866	}
867	867
868	868	/*
869	869	** Return a pointer to a constant string that forms the basis
870	870	** for a timeline query for the WWW interface.
		@@ -889,11 +889,11 @@
889	889	@ event.mtime AS mtime
890	890	@ FROM event CROSS JOIN blob
891	891	@ WHERE blob.rid=event.objid
892	892	;
893	893	if( zBase==0 ){
894		- zBase = mprintf(zBaseSql, timeline_utc());
	894	+ zBase = mprintf(zBaseSql /works-like: "%s"/, timeline_utc());
895	895	}
896	896	return zBase;
897	897	}
898	898
899	899	/*
		@@ -965,11 +965,11 @@
965	965	Stmt q;
966	966	Blob out;
967	967	const char *zSep = "";
968	968	db_prepare(&q,
969	969	"SELECT DISTINCT filename.name FROM mlink, filename"
970		- " WHERE mlink.fid=(SELECT rid FROM blob WHERE uuid='%s')"
	970	+ " WHERE mlink.fid=(SELECT rid FROM blob WHERE uuid=%Q)"
971	971	" AND filename.fnid=mlink.fnid",
972	972	zUuid
973	973	);
974	974	blob_zero(&out);
975	975	while( db_step(&q)==SQLITE_ROW ){
		@@ -1129,13 +1129,15 @@
1129	1129	if( P("fc")!=0 \|\| P("v")!=0 \|\| P("detail")!=0 ){
1130	1130	tmFlags \|= TIMELINE_FCHANGES;
1131	1131	url_add_parameter(&url, "v", 0);
1132	1132	}
1133	1133	if( (tmFlags & TIMELINE_UNHIDE)==0 ){
1134		- blob_appendf(&sql, " AND NOT EXISTS(SELECT 1 FROM tagxref"
1135		- " WHERE tagid=%d AND tagtype>0 AND rid=blob.rid)",
1136		- TAG_HIDDEN);
	1134	+ blob_append_sql(&sql,
	1135	+ " AND NOT EXISTS(SELECT 1 FROM tagxref"
	1136	+ " WHERE tagid=%d AND tagtype>0 AND rid=blob.rid)",
	1137	+ TAG_HIDDEN
	1138	+ );
1137	1139	}
1138	1140	if( !useDividers ) url_add_parameter(&url, "nd", 0);
1139	1141	if( ((from_rid && to_rid) \|\| (me_rid && you_rid)) && g.perm.Read ){
1140	1142	/* If from= and to= are present, display all nodes on a path connecting
1141	1143	** the two */
		@@ -1154,21 +1156,21 @@
1154	1156	zFrom = P("me");
1155	1157	zTo = P("you");
1156	1158	}
1157	1159	blob_append(&sql, " AND event.objid IN (0", -1);
1158	1160	while( p ){
1159		- blob_appendf(&sql, ",%d", p->rid);
	1161	+ blob_append_sql(&sql, ",%d", p->rid);
1160	1162	p = p->u.pTo;
1161	1163	}
1162	1164	blob_append(&sql, ")", -1);
1163	1165	path_reset();
1164	1166	blob_append(&desc, "All nodes on the path from ", -1);
1165	1167	blob_appendf(&desc, "%z[%h]</a>", href("%R/info/%h", zFrom), zFrom);
1166	1168	blob_append(&desc, " to ", -1);
1167	1169	blob_appendf(&desc, "%z[%h]</a>", href("%R/info/%h",zTo), zTo);
1168	1170	tmFlags \|= TIMELINE_DISJOINT;
1169		- db_multi_exec("%s", blob_str(&sql));
	1171	+ db_multi_exec("%s", blob_sql_text(&sql));
1170	1172	}else if( (p_rid \|\| d_rid) && g.perm.Read ){
1171	1173	/* If p= or d= is present, ignore all other parameters other than n= */
1172	1174	char *zUuid;
1173	1175	int np, nd;
1174	1176
		@@ -1179,16 +1181,16 @@
1179	1181	db_multi_exec(
1180	1182	"CREATE TEMP TABLE IF NOT EXISTS ok(rid INTEGER PRIMARY KEY)"
1181	1183	);
1182	1184	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d",
1183	1185	p_rid ? p_rid : d_rid);
1184		- blob_appendf(&sql, " AND event.objid IN ok");
	1186	+ blob_append_sql(&sql, " AND event.objid IN ok");
1185	1187	nd = 0;
1186	1188	if( d_rid ){
1187	1189	compute_descendants(d_rid, nEntry+1);
1188	1190	nd = db_int(0, "SELECT count(*)-1 FROM ok");
1189		- if( nd>=0 ) db_multi_exec("%s", blob_str(&sql));
	1191	+ if( nd>=0 ) db_multi_exec("%s", blob_sql_text(&sql));
1190	1192	if( nd>0 ) blob_appendf(&desc, "%d descendant%s", nd,(1==nd)?"":"s");
1191	1193	if( useDividers ) timeline_add_dividers(0, d_rid);
1192	1194	db_multi_exec("DELETE FROM ok");
1193	1195	}
1194	1196	if( p_rid ){
		@@ -1195,11 +1197,11 @@
1195	1197	compute_ancestors(p_rid, nEntry+1, 0);
1196	1198	np = db_int(0, "SELECT count(*)-1 FROM ok");
1197	1199	if( np>0 ){
1198	1200	if( nd>0 ) blob_appendf(&desc, " and ");
1199	1201	blob_appendf(&desc, "%d ancestors", np);
1200		- db_multi_exec("%s", blob_str(&sql));
	1202	+ db_multi_exec("%s", blob_sql_text(&sql));
1201	1203	}
1202	1204	if( d_rid==0 && useDividers ) timeline_add_dividers(0, p_rid);
1203	1205	}
1204	1206	blob_appendf(&desc, " of %z[%S]</a>",
1205	1207	href("%R/info/%s", zUuid), zUuid);
		@@ -1235,12 +1237,12 @@
1235	1237	"INSERT INTO ok VALUES(%d);"
1236	1238	"INSERT OR IGNORE INTO ok SELECT pid FROM plink WHERE cid=%d;"
1237	1239	"INSERT OR IGNORE INTO ok SELECT cid FROM plink WHERE pid=%d;",
1238	1240	f_rid, f_rid, f_rid
1239	1241	);
1240		- blob_appendf(&sql, " AND event.objid IN ok");
1241		- db_multi_exec("%s", blob_str(&sql));
	1242	+ blob_append_sql(&sql, " AND event.objid IN ok");
	1243	+ db_multi_exec("%s", blob_sql_text(&sql));
1242	1244	if( useDividers ) timeline_add_dividers(0, f_rid);
1243	1245	blob_appendf(&desc, "Parents and children of check-in ");
1244	1246	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", f_rid);
1245	1247	blob_appendf(&desc, "%z[%S]</a>", href("%R/info/%s", zUuid), zUuid);
1246	1248	tmFlags \|= TIMELINE_DISJOINT;
		@@ -1257,25 +1259,25 @@
1257	1259	/* Otherwise, a timeline based on a span of time */
1258	1260	int n;
1259	1261	const char *zEType = "timeline item";
1260	1262	char *zDate;
1261	1263	if( zUses ){
1262		- blob_appendf(&sql, " AND event.objid IN usesfile ");
	1264	+ blob_append_sql(&sql, " AND event.objid IN usesfile ");
1263	1265	}
1264	1266	if( renameOnly ){
1265		- blob_appendf(&sql, " AND event.objid IN rnfile ");
	1267	+ blob_append_sql(&sql, " AND event.objid IN rnfile ");
1266	1268	}
1267	1269	if( zYearMonth ){
1268		- blob_appendf(&sql, " AND %Q=strftime('%%Y-%%m',event.mtime) ",
	1270	+ blob_append_sql(&sql, " AND %Q=strftime('%%Y-%%m',event.mtime) ",
1269	1271	zYearMonth);
1270	1272	}
1271	1273	else if( zYearWeek ){
1272		- blob_appendf(&sql, " AND %Q=strftime('%%Y-%%W',event.mtime) ",
	1274	+ blob_append_sql(&sql, " AND %Q=strftime('%%Y-%%W',event.mtime) ",
1273	1275	zYearWeek);
1274	1276	}
1275	1277	if( tagid>0 ){
1276		- blob_appendf(&sql,
	1278	+ blob_append_sql(&sql,
1277	1279	"AND (EXISTS(SELECT 1 FROM tagxref"
1278	1280	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid)", tagid);
1279	1281
1280	1282	if( zBrName ){
1281	1283	url_add_parameter(&url, "r", zBrName);
		@@ -1283,40 +1285,42 @@
1283	1285	** are not part of the branch which are parents or children of the
1284	1286	** branch to be included in the report. This related check-ins are
1285	1287	** useful in helping to visualize what has happened on a quiescent
1286	1288	** branch that is infrequently merged with a much more activate branch.
1287	1289	*/
1288		- blob_appendf(&sql,
	1290	+ blob_append_sql(&sql,
1289	1291	" OR EXISTS(SELECT 1 FROM plink CROSS JOIN tagxref ON rid=cid"
1290	1292	" WHERE tagid=%d AND tagtype>0 AND pid=blob.rid)",
1291	1293	tagid
1292	1294	);
1293	1295	if( (tmFlags & TIMELINE_UNHIDE)==0 ){
1294		- blob_appendf(&sql,
	1296	+ blob_append_sql(&sql,
1295	1297	" AND NOT EXISTS(SELECT 1 FROM plink JOIN tagxref ON rid=cid"
1296	1298	" WHERE tagid=%d AND tagtype>0 AND pid=blob.rid)",
1297	1299	TAG_HIDDEN
1298	1300	);
1299	1301	}
1300	1302	if( P("mionly")==0 ){
1301		- blob_appendf(&sql,
	1303	+ blob_append_sql(&sql,
1302	1304	" OR EXISTS(SELECT 1 FROM plink CROSS JOIN tagxref ON rid=pid"
1303	1305	" WHERE tagid=%d AND tagtype>0 AND cid=blob.rid)",
1304	1306	tagid
1305	1307	);
1306	1308	if( (tmFlags & TIMELINE_UNHIDE)==0 ){
1307		- blob_appendf(&sql, " AND NOT EXISTS(SELECT 1 FROM plink JOIN tagxref ON rid=pid"
1308		- " WHERE tagid=%d AND tagtype>0 AND cid=blob.rid)",
1309		- TAG_HIDDEN);
	1309	+ blob_append_sql(&sql,
	1310	+ " AND NOT EXISTS(SELECT 1 FROM plink JOIN tagxref ON rid=pid"
	1311	+ " WHERE tagid=%d AND tagtype>0 AND cid=blob.rid)",
	1312	+ TAG_HIDDEN
	1313	+ );
1310	1314	}
1311	1315	}else{
1312	1316	url_add_parameter(&url, "mionly", "1");
1313	1317	}
1314	1318	}else{
1315	1319	url_add_parameter(&url, "t", zTagName);
1316	1320	}
1317		- blob_appendf(&sql, ")");
	1321	+ blob_append_sql(&sql, ")");
1318	1322	}
1319	1323	if( (zType[0]=='w' && !g.perm.RdWiki)
1320	1324	\|\| (zType[0]=='t' && !g.perm.RdTkt)
1321	1325	\|\| (zType[0]=='e' && !g.perm.RdWiki)
1322	1326	\|\| (zType[0]=='c' && !g.perm.Read)
		@@ -1325,27 +1329,27 @@
1325	1329	zType = "all";
1326	1330	}
1327	1331	if( zType[0]=='a' ){
1328	1332	if( !g.perm.Read \|\| !g.perm.RdWiki \|\| !g.perm.RdTkt ){
1329	1333	char cSep = '(';
1330		- blob_appendf(&sql, " AND event.type IN ");
	1334	+ blob_append_sql(&sql, " AND event.type IN ");
1331	1335	if( g.perm.Read ){
1332		- blob_appendf(&sql, "%c'ci','g'", cSep);
	1336	+ blob_append_sql(&sql, "%c'ci','g'", cSep);
1333	1337	cSep = ',';
1334	1338	}
1335	1339	if( g.perm.RdWiki ){
1336		- blob_appendf(&sql, "%c'w','e'", cSep);
	1340	+ blob_append_sql(&sql, "%c'w','e'", cSep);
1337	1341	cSep = ',';
1338	1342	}
1339	1343	if( g.perm.RdTkt ){
1340		- blob_appendf(&sql, "%c't'", cSep);
	1344	+ blob_append_sql(&sql, "%c't'", cSep);
1341	1345	cSep = ',';
1342	1346	}
1343		- blob_appendf(&sql, ")");
	1347	+ blob_append_sql(&sql, ")");
1344	1348	}
1345	1349	}else{ /* zType!="all" */
1346		- blob_appendf(&sql, " AND event.type=%Q", zType);
	1350	+ blob_append_sql(&sql, " AND event.type=%Q", zType);
1347	1351	url_add_parameter(&url, "y", zType);
1348	1352	if( zType[0]=='c' ){
1349	1353	zEType = "checkin";
1350	1354	}else if( zType[0]=='w' ){
1351	1355	zEType = "wiki edit";
		@@ -1356,64 +1360,64 @@
1356	1360	}else if( zType[0]=='g' ){
1357	1361	zEType = "tag";
1358	1362	}
1359	1363	}
1360	1364	if( zUser ){
1361		- blob_appendf(&sql, " AND (event.user=%Q OR event.euser=%Q)",
	1365	+ blob_append_sql(&sql, " AND (event.user=%Q OR event.euser=%Q)",
1362	1366	zUser, zUser);
1363	1367	url_add_parameter(&url, "u", zUser);
1364	1368	zThisUser = zUser;
1365	1369	}
1366	1370	if( zSearch ){
1367		- blob_appendf(&sql,
	1371	+ blob_append_sql(&sql,
1368	1372	" AND (event.comment LIKE '%%%q%%' OR event.brief LIKE '%%%q%%')",
1369	1373	zSearch, zSearch);
1370	1374	url_add_parameter(&url, "s", zSearch);
1371	1375	}
1372	1376	rBefore = symbolic_name_to_mtime(zBefore);
1373	1377	rAfter = symbolic_name_to_mtime(zAfter);
1374	1378	rCirca = symbolic_name_to_mtime(zCirca);
1375	1379	if( rAfter>0.0 ){
1376	1380	if( rBefore>0.0 ){
1377		- blob_appendf(&sql,
	1381	+ blob_append_sql(&sql,
1378	1382	" AND event.mtime>=%.17g AND event.mtime<=%.17g"
1379	1383	" ORDER BY event.mtime ASC", rAfter-ONE_SECOND, rBefore+ONE_SECOND);
1380	1384	url_add_parameter(&url, "a", zAfter);
1381	1385	url_add_parameter(&url, "b", zBefore);
1382	1386	nEntry = 1000000;
1383	1387	}else{
1384		- blob_appendf(&sql,
	1388	+ blob_append_sql(&sql,
1385	1389	" AND event.mtime>=%.17g ORDER BY event.mtime ASC",
1386	1390	rAfter-ONE_SECOND);
1387	1391	url_add_parameter(&url, "a", zAfter);
1388	1392	}
1389	1393	}else if( rBefore>0.0 ){
1390		- blob_appendf(&sql,
	1394	+ blob_append_sql(&sql,
1391	1395	" AND event.mtime<=%.17g ORDER BY event.mtime DESC",
1392	1396	rBefore+ONE_SECOND);
1393	1397	url_add_parameter(&url, "b", zBefore);
1394	1398	}else if( rCirca>0.0 ){
1395	1399	Blob sql2;
1396		- blob_init(&sql2, blob_str(&sql), -1);
1397		- blob_appendf(&sql2,
	1400	+ blob_init(&sql2, blob_sql_text(&sql), -1);
	1401	+ blob_append_sql(&sql2,
1398	1402	" AND event.mtime<=%f ORDER BY event.mtime DESC LIMIT %d",
1399	1403	rCirca, (nEntry+1)/2
1400	1404	);
1401		- db_multi_exec("%s", blob_str(&sql2));
	1405	+ db_multi_exec("%s", blob_sql_text(&sql2));
1402	1406	blob_reset(&sql2);
1403		- blob_appendf(&sql,
	1407	+ blob_append_sql(&sql,
1404	1408	" AND event.mtime>=%f ORDER BY event.mtime ASC",
1405	1409	rCirca
1406	1410	);
1407	1411	nEntry -= (nEntry+1)/2;
1408	1412	if( useDividers ) timeline_add_dividers(rCirca, 0);
1409	1413	url_add_parameter(&url, "c", zCirca);
1410	1414	}else{
1411		- blob_appendf(&sql, " ORDER BY event.mtime DESC");
	1415	+ blob_append_sql(&sql, " ORDER BY event.mtime DESC");
1412	1416	}
1413		- blob_appendf(&sql, " LIMIT %d", nEntry);
1414		- db_multi_exec("%s", blob_str(&sql));
	1417	+ blob_append_sql(&sql, " LIMIT %d", nEntry);
	1418	+ db_multi_exec("%s", blob_sql_text(&sql));
1415	1419
1416	1420	n = db_int(0, "SELECT count() FROM timeline WHERE etype!='div' /scan*/");
1417	1421	if( zYearMonth ){
1418	1422	blob_appendf(&desc, "%s events for %h", zEType, zYearMonth);
1419	1423	}else if( zYearWeek ){
		@@ -1506,11 +1510,11 @@
1506	1510	}
1507	1511	}
1508	1512	}
1509	1513	}
1510	1514	if( P("showsql") ){
1511		- @ <blockquote>%h(blob_str(&sql))</blockquote>
	1515	+ @ <blockquote>%h(blob_sql_text(&sql))</blockquote>
1512	1516	}
1513	1517	blob_zero(&sql);
1514	1518	db_prepare(&q, "SELECT * FROM timeline ORDER BY sortby DESC /scan/");
1515	1519	@ <h2>%b(&desc)</h2>
1516	1520	blob_reset(&desc);
		@@ -1680,11 +1684,11 @@
1680	1684	@ AND tagxref.tagtype>0
1681	1685	@ AND tagxref.rid=blob.rid
1682	1686	@ WHERE blob.rid=event.objid
1683	1687	@ AND tag.tagname='branch'
1684	1688	;
1685		- return mprintf(zBaseSql, timeline_utc());
	1689	+ return mprintf(zBaseSql /works-like: "%s"/, timeline_utc());
1686	1690	}
1687	1691
1688	1692	/*
1689	1693	** Return true if the input string is a date in the ISO 8601 format:
1690	1694	** YYYY-MM-DD.
		@@ -1856,54 +1860,54 @@
1856	1860	}
1857	1861
1858	1862	if( mode==0 ) mode = 1;
1859	1863	blob_zero(&sql);
1860	1864	blob_append(&sql, timeline_query_for_tty(), -1);
1861		- blob_appendf(&sql, " AND event.mtime %s %s",
	1865	+ blob_append_sql(&sql, " AND event.mtime %s %s",
1862	1866	(mode==1 \|\| mode==4) ? "<=" : ">=",
1863		- zDate
	1867	+ zDate /safe-for-%s/
1864	1868	);
1865	1869
1866	1870	if( mode==3 \|\| mode==4 ){
1867	1871	db_multi_exec("CREATE TEMP TABLE ok(rid INTEGER PRIMARY KEY)");
1868	1872	if( mode==3 ){
1869	1873	compute_descendants(objid, n);
1870	1874	}else{
1871	1875	compute_ancestors(objid, n, 0);
1872	1876	}
1873		- blob_appendf(&sql, "\n AND blob.rid IN ok");
	1877	+ blob_append_sql(&sql, "\n AND blob.rid IN ok");
1874	1878	}
1875	1879	if( zType && (zType[0]!='a') ){
1876		- blob_appendf(&sql, "\n AND event.type=%Q ", zType);
	1880	+ blob_append_sql(&sql, "\n AND event.type=%Q ", zType);
1877	1881	}
1878	1882	if( zFilePattern ){
1879	1883	blob_append(&sql,
1880	1884	"\n AND EXISTS(SELECT 1 FROM mlink\n"
1881	1885	" WHERE mlink.mid=event.objid\n"
1882	1886	" AND mlink.fnid IN ", -1);
1883	1887	if( filenames_are_case_sensitive() ){
1884		- blob_appendf(&sql,
	1888	+ blob_append_sql(&sql,
1885	1889	"(SELECT fnid FROM filename"
1886	1890	" WHERE name=%Q"
1887	1891	" OR name GLOB '%q/*')",
1888	1892	blob_str(&treeName), blob_str(&treeName));
1889	1893	}else{
1890		- blob_appendf(&sql,
	1894	+ blob_append_sql(&sql,
1891	1895	"(SELECT fnid FROM filename"
1892	1896	" WHERE name=%Q COLLATE nocase"
1893	1897	" OR lower(name) GLOB lower('%q/*'))",
1894	1898	blob_str(&treeName), blob_str(&treeName));
1895	1899	}
1896	1900	blob_append(&sql, ")", -1);
1897	1901	}
1898		- blob_appendf(&sql, "\nORDER BY event.mtime DESC");
	1902	+ blob_append_sql(&sql, "\nORDER BY event.mtime DESC");
1899	1903	if( iOffset>0 ){
1900	1904	/* Don't handle LIMIT here, otherwise print_timeline()
1901	1905	* will not determine the end-marker correctly! */
1902		- blob_appendf(&sql, "\n LIMIT -1 OFFSET %d", iOffset);
	1906	+ blob_append_sql(&sql, "\n LIMIT -1 OFFSET %d", iOffset);
1903	1907	}
1904		- db_prepare(&q, "%s", blob_str(&sql));
	1908	+ db_prepare(&q, "%s", blob_sql_text(&sql));
1905	1909	blob_reset(&sql);
1906	1910	print_timeline(&q, n, width, verboseFlag);
1907	1911	db_finalize(&q);
1908	1912	}
1909	1913
		@@ -2213,24 +2217,24 @@
2213	2217	stats_report_init_view();
2214	2218	stats_report_event_types_menu( includeMonth ? "bymonth" : "byyear", NULL );
2215	2219	blob_appendf(&header, "Timeline Events (%s) by year%s",
2216	2220	stats_report_label_for_type(),
2217	2221	(includeMonth ? "/month" : ""));
2218		- blob_appendf(&sql,
	2222	+ blob_append_sql(&sql,
2219	2223	"SELECT substr(date(mtime),1,%d) AS timeframe, "
2220	2224	"count(*) AS eventCount "
2221	2225	"FROM v_reports ",
2222	2226	includeMonth ? 7 : 4);
2223	2227	if(zUserName&&*zUserName){
2224		- blob_appendf(&sql, " WHERE user=%Q ", zUserName);
	2228	+ blob_append_sql(&sql, " WHERE user=%Q ", zUserName);
2225	2229	blob_appendf(&header," for user %q", zUserName);
2226	2230	}
2227	2231	blob_append(&sql,
2228	2232	" GROUP BY timeframe"
2229	2233	" ORDER BY timeframe DESC",
2230	2234	-1);
2231		- db_prepare(&query, blob_str(&sql));
	2235	+ db_prepare(&query, "%s", blob_sql_text(&sql));
2232	2236	blob_reset(&sql);
2233	2237	@ <h1>%b(&header)</h1>
2234	2238	@ <table class='statistics-report-table-events' border='0' cellpadding='2'
2235	2239	@ cellspacing='0' id='statsTable'>
2236	2240	@ <thead>
		@@ -2356,23 +2360,19 @@
2356	2360	Stmt query = empty_Stmt;
2357	2361	int nRowNumber = 0; /* current TR number */
2358	2362	int nEventTotal = 0; /* Total event count */
2359	2363	int rowClass = 0; /* counter for alternating
2360	2364	row colors */
2361		- Blob sql = empty_blob; /* SQL */
2362	2365	int nMaxEvents = 1; /* max number of events for
2363	2366	all rows. */
2364	2367	stats_report_init_view();
2365	2368	stats_report_event_types_menu("byuser", NULL);
2366		- blob_append(&sql,
	2369	+ db_prepare(&query,
2367	2370	"SELECT user, "
2368	2371	"COUNT(*) AS eventCount "
2369	2372	"FROM v_reports "
2370		- "GROUP BY user ORDER BY eventCount DESC",
2371		- -1);
2372		- db_prepare(&query, blob_str(&sql));
2373		- blob_reset(&sql);
	2373	+ "GROUP BY user ORDER BY eventCount DESC");
2374	2374	@ <h1>Timeline Events
2375	2375	@ (%s(stats_report_label_for_type())) by User</h1>
2376	2376	@ <table class='statistics-report-table-events' border='0'
2377	2377	@ cellpadding='2' cellspacing='0' id='statsTable'>
2378	2378	@ <thead><tr>
		@@ -2423,28 +2423,24 @@
2423	2423	Stmt query = empty_Stmt;
2424	2424	int nRowNumber = 0; /* current TR number */
2425	2425	int nEventTotal = 0; /* Total event count */
2426	2426	int rowClass = 0; /* counter for alternating
2427	2427	row colors */
2428		- Blob sql = empty_blob; /* SQL */
2429	2428	int nMaxEvents = 1; /* max number of events for
2430	2429	all rows. */
2431	2430	static const char *const daysOfWeek[] = {
2432	2431	"Monday", "Tuesday", "Wednesday", "Thursday",
2433	2432	"Friday", "Saturday", "Sunday"
2434	2433	};
2435	2434
2436	2435	stats_report_init_view();
2437	2436	stats_report_event_types_menu("byweekday", NULL);
2438		- blob_append(&sql,
	2437	+ db_prepare(&query,
2439	2438	"SELECT cast(mtime %% 7 AS INTEGER) dow, "
2440	2439	"COUNT(*) AS eventCount "
2441	2440	"FROM v_reports "
2442		- "GROUP BY dow ORDER BY dow",
2443		- -1);
2444		- db_prepare(&query, blob_str(&sql));
2445		- blob_reset(&sql);
	2441	+ "GROUP BY dow ORDER BY dow");
2446	2442	@ <h1>Timeline Events
2447	2443	@ (%s(stats_report_label_for_type())) by Day of the Week</h1>
2448	2444	@ <table class='statistics-report-table-events' border='0'
2449	2445	@ cellpadding='2' cellspacing='0' id='statsTable'>
2450	2446	@ <thead><tr>
		@@ -2512,14 +2508,14 @@
2512	2508	}
2513	2509	blob_append(&sql,
2514	2510	"SELECT DISTINCT substr(date(mtime),1,4) AS y "
2515	2511	"FROM v_reports WHERE 1 ", -1);
2516	2512	if(zUserName&&*zUserName){
2517		- blob_appendf(&sql,"AND user=%Q ", zUserName);
	2513	+ blob_append_sql(&sql,"AND user=%Q ", zUserName);
2518	2514	}
2519	2515	blob_append(&sql,"GROUP BY y ORDER BY y", -1);
2520		- db_prepare(&qYears, blob_str(&sql));
	2516	+ db_prepare(&qYears, "%s", blob_sql_text(&sql));
2521	2517	blob_reset(&sql);
2522	2518	cgi_printf("Select year: ");
2523	2519	while( SQLITE_ROW == db_step(&qYears) ){
2524	2520	const char *zT = db_column_text(&qYears, 0);
2525	2521	if( i++ ){
		@@ -2545,22 +2541,22 @@
2545	2541	int total = 0;
2546	2542	Blob header = empty_blob;
2547	2543	blob_appendf(&header, "Timeline events (%s) for the calendar weeks "
2548	2544	"of %h", stats_report_label_for_type(),
2549	2545	zYear);
2550		- blob_appendf(&sql,
	2546	+ blob_append_sql(&sql,
2551	2547	"SELECT DISTINCT strftime('%%%%W',mtime) AS wk, "
2552	2548	"count(*) AS n "
2553	2549	"FROM v_reports "
2554	2550	"WHERE %Q=substr(date(mtime),1,4) "
2555	2551	"AND mtime < current_timestamp ",
2556	2552	zYear);
2557	2553	if(zUserName&&*zUserName){
2558		- blob_appendf(&sql, " AND user=%Q ", zUserName);
	2554	+ blob_append_sql(&sql, " AND user=%Q ", zUserName);
2559	2555	blob_appendf(&header," for user %h", zUserName);
2560	2556	}
2561		- blob_appendf(&sql, "GROUP BY wk ORDER BY wk DESC");
	2557	+ blob_append_sql(&sql, "GROUP BY wk ORDER BY wk DESC");
2562	2558	cgi_printf("<h1>%h</h1>", blob_str(&header));
2563	2559	blob_reset(&header);
2564	2560	cgi_printf("<table class='statistics-report-table-events' "
2565	2561	"border='0' cellpadding='2' width='100%%' "
2566	2562	"cellspacing='0' id='statsTable'>");
		@@ -2568,11 +2564,11 @@
2568	2564	"<th>Week</th>"
2569	2565	"<th>Events</th>"
2570	2566	"<th width='90%%'><!-- relative commits graph --></th>"
2571	2567	"</tr></thead>"
2572	2568	"<tbody>");
2573		- db_prepare(&stWeek, blob_str(&sql));
	2569	+ db_prepare(&stWeek, "%s", blob_sql_text(&sql));
2574	2570	blob_reset(&sql);
2575	2571	while( SQLITE_ROW == db_step(&stWeek) ){
2576	2572	const int nCount = db_column_int(&stWeek, 1);
2577	2573	if(nCount>nMaxEvents){
2578	2574	nMaxEvents = nCount;
2579	2575

	--- src/timeline.c
	+++ src/timeline.c
	@@ -860,11 +860,11 @@
860	@ tagid INTEGER,
861	@ short TEXT,
862	@ sortby REAL
863	@ )
864	;
865	db_multi_exec(zSql);
866	}
867
868	/*
869	** Return a pointer to a constant string that forms the basis
870	** for a timeline query for the WWW interface.
	@@ -889,11 +889,11 @@
889	@ event.mtime AS mtime
890	@ FROM event CROSS JOIN blob
891	@ WHERE blob.rid=event.objid
892	;
893	if( zBase==0 ){
894	zBase = mprintf(zBaseSql, timeline_utc());
895	}
896	return zBase;
897	}
898
899	/*
	@@ -965,11 +965,11 @@
965	Stmt q;
966	Blob out;
967	const char *zSep = "";
968	db_prepare(&q,
969	"SELECT DISTINCT filename.name FROM mlink, filename"
970	" WHERE mlink.fid=(SELECT rid FROM blob WHERE uuid='%s')"
971	" AND filename.fnid=mlink.fnid",
972	zUuid
973	);
974	blob_zero(&out);
975	while( db_step(&q)==SQLITE_ROW ){
	@@ -1129,13 +1129,15 @@
1129	if( P("fc")!=0 \|\| P("v")!=0 \|\| P("detail")!=0 ){
1130	tmFlags \|= TIMELINE_FCHANGES;
1131	url_add_parameter(&url, "v", 0);
1132	}
1133	if( (tmFlags & TIMELINE_UNHIDE)==0 ){
1134	blob_appendf(&sql, " AND NOT EXISTS(SELECT 1 FROM tagxref"
1135	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid)",
1136	TAG_HIDDEN);


1137	}
1138	if( !useDividers ) url_add_parameter(&url, "nd", 0);
1139	if( ((from_rid && to_rid) \|\| (me_rid && you_rid)) && g.perm.Read ){
1140	/* If from= and to= are present, display all nodes on a path connecting
1141	** the two */
	@@ -1154,21 +1156,21 @@
1154	zFrom = P("me");
1155	zTo = P("you");
1156	}
1157	blob_append(&sql, " AND event.objid IN (0", -1);
1158	while( p ){
1159	blob_appendf(&sql, ",%d", p->rid);
1160	p = p->u.pTo;
1161	}
1162	blob_append(&sql, ")", -1);
1163	path_reset();
1164	blob_append(&desc, "All nodes on the path from ", -1);
1165	blob_appendf(&desc, "%z[%h]</a>", href("%R/info/%h", zFrom), zFrom);
1166	blob_append(&desc, " to ", -1);
1167	blob_appendf(&desc, "%z[%h]</a>", href("%R/info/%h",zTo), zTo);
1168	tmFlags \|= TIMELINE_DISJOINT;
1169	db_multi_exec("%s", blob_str(&sql));
1170	}else if( (p_rid \|\| d_rid) && g.perm.Read ){
1171	/* If p= or d= is present, ignore all other parameters other than n= */
1172	char *zUuid;
1173	int np, nd;
1174
	@@ -1179,16 +1181,16 @@
1179	db_multi_exec(
1180	"CREATE TEMP TABLE IF NOT EXISTS ok(rid INTEGER PRIMARY KEY)"
1181	);
1182	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d",
1183	p_rid ? p_rid : d_rid);
1184	blob_appendf(&sql, " AND event.objid IN ok");
1185	nd = 0;
1186	if( d_rid ){
1187	compute_descendants(d_rid, nEntry+1);
1188	nd = db_int(0, "SELECT count(*)-1 FROM ok");
1189	if( nd>=0 ) db_multi_exec("%s", blob_str(&sql));
1190	if( nd>0 ) blob_appendf(&desc, "%d descendant%s", nd,(1==nd)?"":"s");
1191	if( useDividers ) timeline_add_dividers(0, d_rid);
1192	db_multi_exec("DELETE FROM ok");
1193	}
1194	if( p_rid ){
	@@ -1195,11 +1197,11 @@
1195	compute_ancestors(p_rid, nEntry+1, 0);
1196	np = db_int(0, "SELECT count(*)-1 FROM ok");
1197	if( np>0 ){
1198	if( nd>0 ) blob_appendf(&desc, " and ");
1199	blob_appendf(&desc, "%d ancestors", np);
1200	db_multi_exec("%s", blob_str(&sql));
1201	}
1202	if( d_rid==0 && useDividers ) timeline_add_dividers(0, p_rid);
1203	}
1204	blob_appendf(&desc, " of %z[%S]</a>",
1205	href("%R/info/%s", zUuid), zUuid);
	@@ -1235,12 +1237,12 @@
1235	"INSERT INTO ok VALUES(%d);"
1236	"INSERT OR IGNORE INTO ok SELECT pid FROM plink WHERE cid=%d;"
1237	"INSERT OR IGNORE INTO ok SELECT cid FROM plink WHERE pid=%d;",
1238	f_rid, f_rid, f_rid
1239	);
1240	blob_appendf(&sql, " AND event.objid IN ok");
1241	db_multi_exec("%s", blob_str(&sql));
1242	if( useDividers ) timeline_add_dividers(0, f_rid);
1243	blob_appendf(&desc, "Parents and children of check-in ");
1244	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", f_rid);
1245	blob_appendf(&desc, "%z[%S]</a>", href("%R/info/%s", zUuid), zUuid);
1246	tmFlags \|= TIMELINE_DISJOINT;
	@@ -1257,25 +1259,25 @@
1257	/* Otherwise, a timeline based on a span of time */
1258	int n;
1259	const char *zEType = "timeline item";
1260	char *zDate;
1261	if( zUses ){
1262	blob_appendf(&sql, " AND event.objid IN usesfile ");
1263	}
1264	if( renameOnly ){
1265	blob_appendf(&sql, " AND event.objid IN rnfile ");
1266	}
1267	if( zYearMonth ){
1268	blob_appendf(&sql, " AND %Q=strftime('%%Y-%%m',event.mtime) ",
1269	zYearMonth);
1270	}
1271	else if( zYearWeek ){
1272	blob_appendf(&sql, " AND %Q=strftime('%%Y-%%W',event.mtime) ",
1273	zYearWeek);
1274	}
1275	if( tagid>0 ){
1276	blob_appendf(&sql,
1277	"AND (EXISTS(SELECT 1 FROM tagxref"
1278	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid)", tagid);
1279
1280	if( zBrName ){
1281	url_add_parameter(&url, "r", zBrName);
	@@ -1283,40 +1285,42 @@
1283	** are not part of the branch which are parents or children of the
1284	** branch to be included in the report. This related check-ins are
1285	** useful in helping to visualize what has happened on a quiescent
1286	** branch that is infrequently merged with a much more activate branch.
1287	*/
1288	blob_appendf(&sql,
1289	" OR EXISTS(SELECT 1 FROM plink CROSS JOIN tagxref ON rid=cid"
1290	" WHERE tagid=%d AND tagtype>0 AND pid=blob.rid)",
1291	tagid
1292	);
1293	if( (tmFlags & TIMELINE_UNHIDE)==0 ){
1294	blob_appendf(&sql,
1295	" AND NOT EXISTS(SELECT 1 FROM plink JOIN tagxref ON rid=cid"
1296	" WHERE tagid=%d AND tagtype>0 AND pid=blob.rid)",
1297	TAG_HIDDEN
1298	);
1299	}
1300	if( P("mionly")==0 ){
1301	blob_appendf(&sql,
1302	" OR EXISTS(SELECT 1 FROM plink CROSS JOIN tagxref ON rid=pid"
1303	" WHERE tagid=%d AND tagtype>0 AND cid=blob.rid)",
1304	tagid
1305	);
1306	if( (tmFlags & TIMELINE_UNHIDE)==0 ){
1307	blob_appendf(&sql, " AND NOT EXISTS(SELECT 1 FROM plink JOIN tagxref ON rid=pid"
1308	" WHERE tagid=%d AND tagtype>0 AND cid=blob.rid)",
1309	TAG_HIDDEN);


1310	}
1311	}else{
1312	url_add_parameter(&url, "mionly", "1");
1313	}
1314	}else{
1315	url_add_parameter(&url, "t", zTagName);
1316	}
1317	blob_appendf(&sql, ")");
1318	}
1319	if( (zType[0]=='w' && !g.perm.RdWiki)
1320	\|\| (zType[0]=='t' && !g.perm.RdTkt)
1321	\|\| (zType[0]=='e' && !g.perm.RdWiki)
1322	\|\| (zType[0]=='c' && !g.perm.Read)
	@@ -1325,27 +1329,27 @@
1325	zType = "all";
1326	}
1327	if( zType[0]=='a' ){
1328	if( !g.perm.Read \|\| !g.perm.RdWiki \|\| !g.perm.RdTkt ){
1329	char cSep = '(';
1330	blob_appendf(&sql, " AND event.type IN ");
1331	if( g.perm.Read ){
1332	blob_appendf(&sql, "%c'ci','g'", cSep);
1333	cSep = ',';
1334	}
1335	if( g.perm.RdWiki ){
1336	blob_appendf(&sql, "%c'w','e'", cSep);
1337	cSep = ',';
1338	}
1339	if( g.perm.RdTkt ){
1340	blob_appendf(&sql, "%c't'", cSep);
1341	cSep = ',';
1342	}
1343	blob_appendf(&sql, ")");
1344	}
1345	}else{ /* zType!="all" */
1346	blob_appendf(&sql, " AND event.type=%Q", zType);
1347	url_add_parameter(&url, "y", zType);
1348	if( zType[0]=='c' ){
1349	zEType = "checkin";
1350	}else if( zType[0]=='w' ){
1351	zEType = "wiki edit";
	@@ -1356,64 +1360,64 @@
1356	}else if( zType[0]=='g' ){
1357	zEType = "tag";
1358	}
1359	}
1360	if( zUser ){
1361	blob_appendf(&sql, " AND (event.user=%Q OR event.euser=%Q)",
1362	zUser, zUser);
1363	url_add_parameter(&url, "u", zUser);
1364	zThisUser = zUser;
1365	}
1366	if( zSearch ){
1367	blob_appendf(&sql,
1368	" AND (event.comment LIKE '%%%q%%' OR event.brief LIKE '%%%q%%')",
1369	zSearch, zSearch);
1370	url_add_parameter(&url, "s", zSearch);
1371	}
1372	rBefore = symbolic_name_to_mtime(zBefore);
1373	rAfter = symbolic_name_to_mtime(zAfter);
1374	rCirca = symbolic_name_to_mtime(zCirca);
1375	if( rAfter>0.0 ){
1376	if( rBefore>0.0 ){
1377	blob_appendf(&sql,
1378	" AND event.mtime>=%.17g AND event.mtime<=%.17g"
1379	" ORDER BY event.mtime ASC", rAfter-ONE_SECOND, rBefore+ONE_SECOND);
1380	url_add_parameter(&url, "a", zAfter);
1381	url_add_parameter(&url, "b", zBefore);
1382	nEntry = 1000000;
1383	}else{
1384	blob_appendf(&sql,
1385	" AND event.mtime>=%.17g ORDER BY event.mtime ASC",
1386	rAfter-ONE_SECOND);
1387	url_add_parameter(&url, "a", zAfter);
1388	}
1389	}else if( rBefore>0.0 ){
1390	blob_appendf(&sql,
1391	" AND event.mtime<=%.17g ORDER BY event.mtime DESC",
1392	rBefore+ONE_SECOND);
1393	url_add_parameter(&url, "b", zBefore);
1394	}else if( rCirca>0.0 ){
1395	Blob sql2;
1396	blob_init(&sql2, blob_str(&sql), -1);
1397	blob_appendf(&sql2,
1398	" AND event.mtime<=%f ORDER BY event.mtime DESC LIMIT %d",
1399	rCirca, (nEntry+1)/2
1400	);
1401	db_multi_exec("%s", blob_str(&sql2));
1402	blob_reset(&sql2);
1403	blob_appendf(&sql,
1404	" AND event.mtime>=%f ORDER BY event.mtime ASC",
1405	rCirca
1406	);
1407	nEntry -= (nEntry+1)/2;
1408	if( useDividers ) timeline_add_dividers(rCirca, 0);
1409	url_add_parameter(&url, "c", zCirca);
1410	}else{
1411	blob_appendf(&sql, " ORDER BY event.mtime DESC");
1412	}
1413	blob_appendf(&sql, " LIMIT %d", nEntry);
1414	db_multi_exec("%s", blob_str(&sql));
1415
1416	n = db_int(0, "SELECT count() FROM timeline WHERE etype!='div' /scan*/");
1417	if( zYearMonth ){
1418	blob_appendf(&desc, "%s events for %h", zEType, zYearMonth);
1419	}else if( zYearWeek ){
	@@ -1506,11 +1510,11 @@
1506	}
1507	}
1508	}
1509	}
1510	if( P("showsql") ){
1511	@ <blockquote>%h(blob_str(&sql))</blockquote>
1512	}
1513	blob_zero(&sql);
1514	db_prepare(&q, "SELECT * FROM timeline ORDER BY sortby DESC /scan/");
1515	@ <h2>%b(&desc)</h2>
1516	blob_reset(&desc);
	@@ -1680,11 +1684,11 @@
1680	@ AND tagxref.tagtype>0
1681	@ AND tagxref.rid=blob.rid
1682	@ WHERE blob.rid=event.objid
1683	@ AND tag.tagname='branch'
1684	;
1685	return mprintf(zBaseSql, timeline_utc());
1686	}
1687
1688	/*
1689	** Return true if the input string is a date in the ISO 8601 format:
1690	** YYYY-MM-DD.
	@@ -1856,54 +1860,54 @@
1856	}
1857
1858	if( mode==0 ) mode = 1;
1859	blob_zero(&sql);
1860	blob_append(&sql, timeline_query_for_tty(), -1);
1861	blob_appendf(&sql, " AND event.mtime %s %s",
1862	(mode==1 \|\| mode==4) ? "<=" : ">=",
1863	zDate
1864	);
1865
1866	if( mode==3 \|\| mode==4 ){
1867	db_multi_exec("CREATE TEMP TABLE ok(rid INTEGER PRIMARY KEY)");
1868	if( mode==3 ){
1869	compute_descendants(objid, n);
1870	}else{
1871	compute_ancestors(objid, n, 0);
1872	}
1873	blob_appendf(&sql, "\n AND blob.rid IN ok");
1874	}
1875	if( zType && (zType[0]!='a') ){
1876	blob_appendf(&sql, "\n AND event.type=%Q ", zType);
1877	}
1878	if( zFilePattern ){
1879	blob_append(&sql,
1880	"\n AND EXISTS(SELECT 1 FROM mlink\n"
1881	" WHERE mlink.mid=event.objid\n"
1882	" AND mlink.fnid IN ", -1);
1883	if( filenames_are_case_sensitive() ){
1884	blob_appendf(&sql,
1885	"(SELECT fnid FROM filename"
1886	" WHERE name=%Q"
1887	" OR name GLOB '%q/*')",
1888	blob_str(&treeName), blob_str(&treeName));
1889	}else{
1890	blob_appendf(&sql,
1891	"(SELECT fnid FROM filename"
1892	" WHERE name=%Q COLLATE nocase"
1893	" OR lower(name) GLOB lower('%q/*'))",
1894	blob_str(&treeName), blob_str(&treeName));
1895	}
1896	blob_append(&sql, ")", -1);
1897	}
1898	blob_appendf(&sql, "\nORDER BY event.mtime DESC");
1899	if( iOffset>0 ){
1900	/* Don't handle LIMIT here, otherwise print_timeline()
1901	* will not determine the end-marker correctly! */
1902	blob_appendf(&sql, "\n LIMIT -1 OFFSET %d", iOffset);
1903	}
1904	db_prepare(&q, "%s", blob_str(&sql));
1905	blob_reset(&sql);
1906	print_timeline(&q, n, width, verboseFlag);
1907	db_finalize(&q);
1908	}
1909
	@@ -2213,24 +2217,24 @@
2213	stats_report_init_view();
2214	stats_report_event_types_menu( includeMonth ? "bymonth" : "byyear", NULL );
2215	blob_appendf(&header, "Timeline Events (%s) by year%s",
2216	stats_report_label_for_type(),
2217	(includeMonth ? "/month" : ""));
2218	blob_appendf(&sql,
2219	"SELECT substr(date(mtime),1,%d) AS timeframe, "
2220	"count(*) AS eventCount "
2221	"FROM v_reports ",
2222	includeMonth ? 7 : 4);
2223	if(zUserName&&*zUserName){
2224	blob_appendf(&sql, " WHERE user=%Q ", zUserName);
2225	blob_appendf(&header," for user %q", zUserName);
2226	}
2227	blob_append(&sql,
2228	" GROUP BY timeframe"
2229	" ORDER BY timeframe DESC",
2230	-1);
2231	db_prepare(&query, blob_str(&sql));
2232	blob_reset(&sql);
2233	@ <h1>%b(&header)</h1>
2234	@ <table class='statistics-report-table-events' border='0' cellpadding='2'
2235	@ cellspacing='0' id='statsTable'>
2236	@ <thead>
	@@ -2356,23 +2360,19 @@
2356	Stmt query = empty_Stmt;
2357	int nRowNumber = 0; /* current TR number */
2358	int nEventTotal = 0; /* Total event count */
2359	int rowClass = 0; /* counter for alternating
2360	row colors */
2361	Blob sql = empty_blob; /* SQL */
2362	int nMaxEvents = 1; /* max number of events for
2363	all rows. */
2364	stats_report_init_view();
2365	stats_report_event_types_menu("byuser", NULL);
2366	blob_append(&sql,
2367	"SELECT user, "
2368	"COUNT(*) AS eventCount "
2369	"FROM v_reports "
2370	"GROUP BY user ORDER BY eventCount DESC",
2371	-1);
2372	db_prepare(&query, blob_str(&sql));
2373	blob_reset(&sql);
2374	@ <h1>Timeline Events
2375	@ (%s(stats_report_label_for_type())) by User</h1>
2376	@ <table class='statistics-report-table-events' border='0'
2377	@ cellpadding='2' cellspacing='0' id='statsTable'>
2378	@ <thead><tr>
	@@ -2423,28 +2423,24 @@
2423	Stmt query = empty_Stmt;
2424	int nRowNumber = 0; /* current TR number */
2425	int nEventTotal = 0; /* Total event count */
2426	int rowClass = 0; /* counter for alternating
2427	row colors */
2428	Blob sql = empty_blob; /* SQL */
2429	int nMaxEvents = 1; /* max number of events for
2430	all rows. */
2431	static const char *const daysOfWeek[] = {
2432	"Monday", "Tuesday", "Wednesday", "Thursday",
2433	"Friday", "Saturday", "Sunday"
2434	};
2435
2436	stats_report_init_view();
2437	stats_report_event_types_menu("byweekday", NULL);
2438	blob_append(&sql,
2439	"SELECT cast(mtime %% 7 AS INTEGER) dow, "
2440	"COUNT(*) AS eventCount "
2441	"FROM v_reports "
2442	"GROUP BY dow ORDER BY dow",
2443	-1);
2444	db_prepare(&query, blob_str(&sql));
2445	blob_reset(&sql);
2446	@ <h1>Timeline Events
2447	@ (%s(stats_report_label_for_type())) by Day of the Week</h1>
2448	@ <table class='statistics-report-table-events' border='0'
2449	@ cellpadding='2' cellspacing='0' id='statsTable'>
2450	@ <thead><tr>
	@@ -2512,14 +2508,14 @@
2512	}
2513	blob_append(&sql,
2514	"SELECT DISTINCT substr(date(mtime),1,4) AS y "
2515	"FROM v_reports WHERE 1 ", -1);
2516	if(zUserName&&*zUserName){
2517	blob_appendf(&sql,"AND user=%Q ", zUserName);
2518	}
2519	blob_append(&sql,"GROUP BY y ORDER BY y", -1);
2520	db_prepare(&qYears, blob_str(&sql));
2521	blob_reset(&sql);
2522	cgi_printf("Select year: ");
2523	while( SQLITE_ROW == db_step(&qYears) ){
2524	const char *zT = db_column_text(&qYears, 0);
2525	if( i++ ){
	@@ -2545,22 +2541,22 @@
2545	int total = 0;
2546	Blob header = empty_blob;
2547	blob_appendf(&header, "Timeline events (%s) for the calendar weeks "
2548	"of %h", stats_report_label_for_type(),
2549	zYear);
2550	blob_appendf(&sql,
2551	"SELECT DISTINCT strftime('%%%%W',mtime) AS wk, "
2552	"count(*) AS n "
2553	"FROM v_reports "
2554	"WHERE %Q=substr(date(mtime),1,4) "
2555	"AND mtime < current_timestamp ",
2556	zYear);
2557	if(zUserName&&*zUserName){
2558	blob_appendf(&sql, " AND user=%Q ", zUserName);
2559	blob_appendf(&header," for user %h", zUserName);
2560	}
2561	blob_appendf(&sql, "GROUP BY wk ORDER BY wk DESC");
2562	cgi_printf("<h1>%h</h1>", blob_str(&header));
2563	blob_reset(&header);
2564	cgi_printf("<table class='statistics-report-table-events' "
2565	"border='0' cellpadding='2' width='100%%' "
2566	"cellspacing='0' id='statsTable'>");
	@@ -2568,11 +2564,11 @@
2568	"<th>Week</th>"
2569	"<th>Events</th>"
2570	"<th width='90%%'><!-- relative commits graph --></th>"
2571	"</tr></thead>"
2572	"<tbody>");
2573	db_prepare(&stWeek, blob_str(&sql));
2574	blob_reset(&sql);
2575	while( SQLITE_ROW == db_step(&stWeek) ){
2576	const int nCount = db_column_int(&stWeek, 1);
2577	if(nCount>nMaxEvents){
2578	nMaxEvents = nCount;
2579

	--- src/timeline.c
	+++ src/timeline.c
	@@ -860,11 +860,11 @@
860	@ tagid INTEGER,
861	@ short TEXT,
862	@ sortby REAL
863	@ )
864	;
865	db_multi_exec("%s", zSql/safe-for-%s/);
866	}
867
868	/*
869	** Return a pointer to a constant string that forms the basis
870	** for a timeline query for the WWW interface.
	@@ -889,11 +889,11 @@
889	@ event.mtime AS mtime
890	@ FROM event CROSS JOIN blob
891	@ WHERE blob.rid=event.objid
892	;
893	if( zBase==0 ){
894	zBase = mprintf(zBaseSql /works-like: "%s"/, timeline_utc());
895	}
896	return zBase;
897	}
898
899	/*
	@@ -965,11 +965,11 @@
965	Stmt q;
966	Blob out;
967	const char *zSep = "";
968	db_prepare(&q,
969	"SELECT DISTINCT filename.name FROM mlink, filename"
970	" WHERE mlink.fid=(SELECT rid FROM blob WHERE uuid=%Q)"
971	" AND filename.fnid=mlink.fnid",
972	zUuid
973	);
974	blob_zero(&out);
975	while( db_step(&q)==SQLITE_ROW ){
	@@ -1129,13 +1129,15 @@
1129	if( P("fc")!=0 \|\| P("v")!=0 \|\| P("detail")!=0 ){
1130	tmFlags \|= TIMELINE_FCHANGES;
1131	url_add_parameter(&url, "v", 0);
1132	}
1133	if( (tmFlags & TIMELINE_UNHIDE)==0 ){
1134	blob_append_sql(&sql,
1135	" AND NOT EXISTS(SELECT 1 FROM tagxref"
1136	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid)",
1137	TAG_HIDDEN
1138	);
1139	}
1140	if( !useDividers ) url_add_parameter(&url, "nd", 0);
1141	if( ((from_rid && to_rid) \|\| (me_rid && you_rid)) && g.perm.Read ){
1142	/* If from= and to= are present, display all nodes on a path connecting
1143	** the two */
	@@ -1154,21 +1156,21 @@
1156	zFrom = P("me");
1157	zTo = P("you");
1158	}
1159	blob_append(&sql, " AND event.objid IN (0", -1);
1160	while( p ){
1161	blob_append_sql(&sql, ",%d", p->rid);
1162	p = p->u.pTo;
1163	}
1164	blob_append(&sql, ")", -1);
1165	path_reset();
1166	blob_append(&desc, "All nodes on the path from ", -1);
1167	blob_appendf(&desc, "%z[%h]</a>", href("%R/info/%h", zFrom), zFrom);
1168	blob_append(&desc, " to ", -1);
1169	blob_appendf(&desc, "%z[%h]</a>", href("%R/info/%h",zTo), zTo);
1170	tmFlags \|= TIMELINE_DISJOINT;
1171	db_multi_exec("%s", blob_sql_text(&sql));
1172	}else if( (p_rid \|\| d_rid) && g.perm.Read ){
1173	/* If p= or d= is present, ignore all other parameters other than n= */
1174	char *zUuid;
1175	int np, nd;
1176
	@@ -1179,16 +1181,16 @@
1181	db_multi_exec(
1182	"CREATE TEMP TABLE IF NOT EXISTS ok(rid INTEGER PRIMARY KEY)"
1183	);
1184	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d",
1185	p_rid ? p_rid : d_rid);
1186	blob_append_sql(&sql, " AND event.objid IN ok");
1187	nd = 0;
1188	if( d_rid ){
1189	compute_descendants(d_rid, nEntry+1);
1190	nd = db_int(0, "SELECT count(*)-1 FROM ok");
1191	if( nd>=0 ) db_multi_exec("%s", blob_sql_text(&sql));
1192	if( nd>0 ) blob_appendf(&desc, "%d descendant%s", nd,(1==nd)?"":"s");
1193	if( useDividers ) timeline_add_dividers(0, d_rid);
1194	db_multi_exec("DELETE FROM ok");
1195	}
1196	if( p_rid ){
	@@ -1195,11 +1197,11 @@
1197	compute_ancestors(p_rid, nEntry+1, 0);
1198	np = db_int(0, "SELECT count(*)-1 FROM ok");
1199	if( np>0 ){
1200	if( nd>0 ) blob_appendf(&desc, " and ");
1201	blob_appendf(&desc, "%d ancestors", np);
1202	db_multi_exec("%s", blob_sql_text(&sql));
1203	}
1204	if( d_rid==0 && useDividers ) timeline_add_dividers(0, p_rid);
1205	}
1206	blob_appendf(&desc, " of %z[%S]</a>",
1207	href("%R/info/%s", zUuid), zUuid);
	@@ -1235,12 +1237,12 @@
1237	"INSERT INTO ok VALUES(%d);"
1238	"INSERT OR IGNORE INTO ok SELECT pid FROM plink WHERE cid=%d;"
1239	"INSERT OR IGNORE INTO ok SELECT cid FROM plink WHERE pid=%d;",
1240	f_rid, f_rid, f_rid
1241	);
1242	blob_append_sql(&sql, " AND event.objid IN ok");
1243	db_multi_exec("%s", blob_sql_text(&sql));
1244	if( useDividers ) timeline_add_dividers(0, f_rid);
1245	blob_appendf(&desc, "Parents and children of check-in ");
1246	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", f_rid);
1247	blob_appendf(&desc, "%z[%S]</a>", href("%R/info/%s", zUuid), zUuid);
1248	tmFlags \|= TIMELINE_DISJOINT;
	@@ -1257,25 +1259,25 @@
1259	/* Otherwise, a timeline based on a span of time */
1260	int n;
1261	const char *zEType = "timeline item";
1262	char *zDate;
1263	if( zUses ){
1264	blob_append_sql(&sql, " AND event.objid IN usesfile ");
1265	}
1266	if( renameOnly ){
1267	blob_append_sql(&sql, " AND event.objid IN rnfile ");
1268	}
1269	if( zYearMonth ){
1270	blob_append_sql(&sql, " AND %Q=strftime('%%Y-%%m',event.mtime) ",
1271	zYearMonth);
1272	}
1273	else if( zYearWeek ){
1274	blob_append_sql(&sql, " AND %Q=strftime('%%Y-%%W',event.mtime) ",
1275	zYearWeek);
1276	}
1277	if( tagid>0 ){
1278	blob_append_sql(&sql,
1279	"AND (EXISTS(SELECT 1 FROM tagxref"
1280	" WHERE tagid=%d AND tagtype>0 AND rid=blob.rid)", tagid);
1281
1282	if( zBrName ){
1283	url_add_parameter(&url, "r", zBrName);
	@@ -1283,40 +1285,42 @@
1285	** are not part of the branch which are parents or children of the
1286	** branch to be included in the report. This related check-ins are
1287	** useful in helping to visualize what has happened on a quiescent
1288	** branch that is infrequently merged with a much more activate branch.
1289	*/
1290	blob_append_sql(&sql,
1291	" OR EXISTS(SELECT 1 FROM plink CROSS JOIN tagxref ON rid=cid"
1292	" WHERE tagid=%d AND tagtype>0 AND pid=blob.rid)",
1293	tagid
1294	);
1295	if( (tmFlags & TIMELINE_UNHIDE)==0 ){
1296	blob_append_sql(&sql,
1297	" AND NOT EXISTS(SELECT 1 FROM plink JOIN tagxref ON rid=cid"
1298	" WHERE tagid=%d AND tagtype>0 AND pid=blob.rid)",
1299	TAG_HIDDEN
1300	);
1301	}
1302	if( P("mionly")==0 ){
1303	blob_append_sql(&sql,
1304	" OR EXISTS(SELECT 1 FROM plink CROSS JOIN tagxref ON rid=pid"
1305	" WHERE tagid=%d AND tagtype>0 AND cid=blob.rid)",
1306	tagid
1307	);
1308	if( (tmFlags & TIMELINE_UNHIDE)==0 ){
1309	blob_append_sql(&sql,
1310	" AND NOT EXISTS(SELECT 1 FROM plink JOIN tagxref ON rid=pid"
1311	" WHERE tagid=%d AND tagtype>0 AND cid=blob.rid)",
1312	TAG_HIDDEN
1313	);
1314	}
1315	}else{
1316	url_add_parameter(&url, "mionly", "1");
1317	}
1318	}else{
1319	url_add_parameter(&url, "t", zTagName);
1320	}
1321	blob_append_sql(&sql, ")");
1322	}
1323	if( (zType[0]=='w' && !g.perm.RdWiki)
1324	\|\| (zType[0]=='t' && !g.perm.RdTkt)
1325	\|\| (zType[0]=='e' && !g.perm.RdWiki)
1326	\|\| (zType[0]=='c' && !g.perm.Read)
	@@ -1325,27 +1329,27 @@
1329	zType = "all";
1330	}
1331	if( zType[0]=='a' ){
1332	if( !g.perm.Read \|\| !g.perm.RdWiki \|\| !g.perm.RdTkt ){
1333	char cSep = '(';
1334	blob_append_sql(&sql, " AND event.type IN ");
1335	if( g.perm.Read ){
1336	blob_append_sql(&sql, "%c'ci','g'", cSep);
1337	cSep = ',';
1338	}
1339	if( g.perm.RdWiki ){
1340	blob_append_sql(&sql, "%c'w','e'", cSep);
1341	cSep = ',';
1342	}
1343	if( g.perm.RdTkt ){
1344	blob_append_sql(&sql, "%c't'", cSep);
1345	cSep = ',';
1346	}
1347	blob_append_sql(&sql, ")");
1348	}
1349	}else{ /* zType!="all" */
1350	blob_append_sql(&sql, " AND event.type=%Q", zType);
1351	url_add_parameter(&url, "y", zType);
1352	if( zType[0]=='c' ){
1353	zEType = "checkin";
1354	}else if( zType[0]=='w' ){
1355	zEType = "wiki edit";
	@@ -1356,64 +1360,64 @@
1360	}else if( zType[0]=='g' ){
1361	zEType = "tag";
1362	}
1363	}
1364	if( zUser ){
1365	blob_append_sql(&sql, " AND (event.user=%Q OR event.euser=%Q)",
1366	zUser, zUser);
1367	url_add_parameter(&url, "u", zUser);
1368	zThisUser = zUser;
1369	}
1370	if( zSearch ){
1371	blob_append_sql(&sql,
1372	" AND (event.comment LIKE '%%%q%%' OR event.brief LIKE '%%%q%%')",
1373	zSearch, zSearch);
1374	url_add_parameter(&url, "s", zSearch);
1375	}
1376	rBefore = symbolic_name_to_mtime(zBefore);
1377	rAfter = symbolic_name_to_mtime(zAfter);
1378	rCirca = symbolic_name_to_mtime(zCirca);
1379	if( rAfter>0.0 ){
1380	if( rBefore>0.0 ){
1381	blob_append_sql(&sql,
1382	" AND event.mtime>=%.17g AND event.mtime<=%.17g"
1383	" ORDER BY event.mtime ASC", rAfter-ONE_SECOND, rBefore+ONE_SECOND);
1384	url_add_parameter(&url, "a", zAfter);
1385	url_add_parameter(&url, "b", zBefore);
1386	nEntry = 1000000;
1387	}else{
1388	blob_append_sql(&sql,
1389	" AND event.mtime>=%.17g ORDER BY event.mtime ASC",
1390	rAfter-ONE_SECOND);
1391	url_add_parameter(&url, "a", zAfter);
1392	}
1393	}else if( rBefore>0.0 ){
1394	blob_append_sql(&sql,
1395	" AND event.mtime<=%.17g ORDER BY event.mtime DESC",
1396	rBefore+ONE_SECOND);
1397	url_add_parameter(&url, "b", zBefore);
1398	}else if( rCirca>0.0 ){
1399	Blob sql2;
1400	blob_init(&sql2, blob_sql_text(&sql), -1);
1401	blob_append_sql(&sql2,
1402	" AND event.mtime<=%f ORDER BY event.mtime DESC LIMIT %d",
1403	rCirca, (nEntry+1)/2
1404	);
1405	db_multi_exec("%s", blob_sql_text(&sql2));
1406	blob_reset(&sql2);
1407	blob_append_sql(&sql,
1408	" AND event.mtime>=%f ORDER BY event.mtime ASC",
1409	rCirca
1410	);
1411	nEntry -= (nEntry+1)/2;
1412	if( useDividers ) timeline_add_dividers(rCirca, 0);
1413	url_add_parameter(&url, "c", zCirca);
1414	}else{
1415	blob_append_sql(&sql, " ORDER BY event.mtime DESC");
1416	}
1417	blob_append_sql(&sql, " LIMIT %d", nEntry);
1418	db_multi_exec("%s", blob_sql_text(&sql));
1419
1420	n = db_int(0, "SELECT count() FROM timeline WHERE etype!='div' /scan*/");
1421	if( zYearMonth ){
1422	blob_appendf(&desc, "%s events for %h", zEType, zYearMonth);
1423	}else if( zYearWeek ){
	@@ -1506,11 +1510,11 @@
1510	}
1511	}
1512	}
1513	}
1514	if( P("showsql") ){
1515	@ <blockquote>%h(blob_sql_text(&sql))</blockquote>
1516	}
1517	blob_zero(&sql);
1518	db_prepare(&q, "SELECT * FROM timeline ORDER BY sortby DESC /scan/");
1519	@ <h2>%b(&desc)</h2>
1520	blob_reset(&desc);
	@@ -1680,11 +1684,11 @@
1684	@ AND tagxref.tagtype>0
1685	@ AND tagxref.rid=blob.rid
1686	@ WHERE blob.rid=event.objid
1687	@ AND tag.tagname='branch'
1688	;
1689	return mprintf(zBaseSql /works-like: "%s"/, timeline_utc());
1690	}
1691
1692	/*
1693	** Return true if the input string is a date in the ISO 8601 format:
1694	** YYYY-MM-DD.
	@@ -1856,54 +1860,54 @@
1860	}
1861
1862	if( mode==0 ) mode = 1;
1863	blob_zero(&sql);
1864	blob_append(&sql, timeline_query_for_tty(), -1);
1865	blob_append_sql(&sql, " AND event.mtime %s %s",
1866	(mode==1 \|\| mode==4) ? "<=" : ">=",
1867	zDate /safe-for-%s/
1868	);
1869
1870	if( mode==3 \|\| mode==4 ){
1871	db_multi_exec("CREATE TEMP TABLE ok(rid INTEGER PRIMARY KEY)");
1872	if( mode==3 ){
1873	compute_descendants(objid, n);
1874	}else{
1875	compute_ancestors(objid, n, 0);
1876	}
1877	blob_append_sql(&sql, "\n AND blob.rid IN ok");
1878	}
1879	if( zType && (zType[0]!='a') ){
1880	blob_append_sql(&sql, "\n AND event.type=%Q ", zType);
1881	}
1882	if( zFilePattern ){
1883	blob_append(&sql,
1884	"\n AND EXISTS(SELECT 1 FROM mlink\n"
1885	" WHERE mlink.mid=event.objid\n"
1886	" AND mlink.fnid IN ", -1);
1887	if( filenames_are_case_sensitive() ){
1888	blob_append_sql(&sql,
1889	"(SELECT fnid FROM filename"
1890	" WHERE name=%Q"
1891	" OR name GLOB '%q/*')",
1892	blob_str(&treeName), blob_str(&treeName));
1893	}else{
1894	blob_append_sql(&sql,
1895	"(SELECT fnid FROM filename"
1896	" WHERE name=%Q COLLATE nocase"
1897	" OR lower(name) GLOB lower('%q/*'))",
1898	blob_str(&treeName), blob_str(&treeName));
1899	}
1900	blob_append(&sql, ")", -1);
1901	}
1902	blob_append_sql(&sql, "\nORDER BY event.mtime DESC");
1903	if( iOffset>0 ){
1904	/* Don't handle LIMIT here, otherwise print_timeline()
1905	* will not determine the end-marker correctly! */
1906	blob_append_sql(&sql, "\n LIMIT -1 OFFSET %d", iOffset);
1907	}
1908	db_prepare(&q, "%s", blob_sql_text(&sql));
1909	blob_reset(&sql);
1910	print_timeline(&q, n, width, verboseFlag);
1911	db_finalize(&q);
1912	}
1913
	@@ -2213,24 +2217,24 @@
2217	stats_report_init_view();
2218	stats_report_event_types_menu( includeMonth ? "bymonth" : "byyear", NULL );
2219	blob_appendf(&header, "Timeline Events (%s) by year%s",
2220	stats_report_label_for_type(),
2221	(includeMonth ? "/month" : ""));
2222	blob_append_sql(&sql,
2223	"SELECT substr(date(mtime),1,%d) AS timeframe, "
2224	"count(*) AS eventCount "
2225	"FROM v_reports ",
2226	includeMonth ? 7 : 4);
2227	if(zUserName&&*zUserName){
2228	blob_append_sql(&sql, " WHERE user=%Q ", zUserName);
2229	blob_appendf(&header," for user %q", zUserName);
2230	}
2231	blob_append(&sql,
2232	" GROUP BY timeframe"
2233	" ORDER BY timeframe DESC",
2234	-1);
2235	db_prepare(&query, "%s", blob_sql_text(&sql));
2236	blob_reset(&sql);
2237	@ <h1>%b(&header)</h1>
2238	@ <table class='statistics-report-table-events' border='0' cellpadding='2'
2239	@ cellspacing='0' id='statsTable'>
2240	@ <thead>
	@@ -2356,23 +2360,19 @@
2360	Stmt query = empty_Stmt;
2361	int nRowNumber = 0; /* current TR number */
2362	int nEventTotal = 0; /* Total event count */
2363	int rowClass = 0; /* counter for alternating
2364	row colors */

2365	int nMaxEvents = 1; /* max number of events for
2366	all rows. */
2367	stats_report_init_view();
2368	stats_report_event_types_menu("byuser", NULL);
2369	db_prepare(&query,
2370	"SELECT user, "
2371	"COUNT(*) AS eventCount "
2372	"FROM v_reports "
2373	"GROUP BY user ORDER BY eventCount DESC");



2374	@ <h1>Timeline Events
2375	@ (%s(stats_report_label_for_type())) by User</h1>
2376	@ <table class='statistics-report-table-events' border='0'
2377	@ cellpadding='2' cellspacing='0' id='statsTable'>
2378	@ <thead><tr>
	@@ -2423,28 +2423,24 @@
2423	Stmt query = empty_Stmt;
2424	int nRowNumber = 0; /* current TR number */
2425	int nEventTotal = 0; /* Total event count */
2426	int rowClass = 0; /* counter for alternating
2427	row colors */

2428	int nMaxEvents = 1; /* max number of events for
2429	all rows. */
2430	static const char *const daysOfWeek[] = {
2431	"Monday", "Tuesday", "Wednesday", "Thursday",
2432	"Friday", "Saturday", "Sunday"
2433	};
2434
2435	stats_report_init_view();
2436	stats_report_event_types_menu("byweekday", NULL);
2437	db_prepare(&query,
2438	"SELECT cast(mtime %% 7 AS INTEGER) dow, "
2439	"COUNT(*) AS eventCount "
2440	"FROM v_reports "
2441	"GROUP BY dow ORDER BY dow");



2442	@ <h1>Timeline Events
2443	@ (%s(stats_report_label_for_type())) by Day of the Week</h1>
2444	@ <table class='statistics-report-table-events' border='0'
2445	@ cellpadding='2' cellspacing='0' id='statsTable'>
2446	@ <thead><tr>
	@@ -2512,14 +2508,14 @@
2508	}
2509	blob_append(&sql,
2510	"SELECT DISTINCT substr(date(mtime),1,4) AS y "
2511	"FROM v_reports WHERE 1 ", -1);
2512	if(zUserName&&*zUserName){
2513	blob_append_sql(&sql,"AND user=%Q ", zUserName);
2514	}
2515	blob_append(&sql,"GROUP BY y ORDER BY y", -1);
2516	db_prepare(&qYears, "%s", blob_sql_text(&sql));
2517	blob_reset(&sql);
2518	cgi_printf("Select year: ");
2519	while( SQLITE_ROW == db_step(&qYears) ){
2520	const char *zT = db_column_text(&qYears, 0);
2521	if( i++ ){
	@@ -2545,22 +2541,22 @@
2541	int total = 0;
2542	Blob header = empty_blob;
2543	blob_appendf(&header, "Timeline events (%s) for the calendar weeks "
2544	"of %h", stats_report_label_for_type(),
2545	zYear);
2546	blob_append_sql(&sql,
2547	"SELECT DISTINCT strftime('%%%%W',mtime) AS wk, "
2548	"count(*) AS n "
2549	"FROM v_reports "
2550	"WHERE %Q=substr(date(mtime),1,4) "
2551	"AND mtime < current_timestamp ",
2552	zYear);
2553	if(zUserName&&*zUserName){
2554	blob_append_sql(&sql, " AND user=%Q ", zUserName);
2555	blob_appendf(&header," for user %h", zUserName);
2556	}
2557	blob_append_sql(&sql, "GROUP BY wk ORDER BY wk DESC");
2558	cgi_printf("<h1>%h</h1>", blob_str(&header));
2559	blob_reset(&header);
2560	cgi_printf("<table class='statistics-report-table-events' "
2561	"border='0' cellpadding='2' width='100%%' "
2562	"cellspacing='0' id='statsTable'>");
	@@ -2568,11 +2564,11 @@
2564	"<th>Week</th>"
2565	"<th>Events</th>"
2566	"<th width='90%%'><!-- relative commits graph --></th>"
2567	"</tr></thead>"
2568	"<tbody>");
2569	db_prepare(&stWeek, "%s", blob_sql_text(&sql));
2570	blob_reset(&sql);
2571	while( SQLITE_ROW == db_step(&stWeek) ){
2572	const int nCount = db_column_int(&stWeek, 1);
2573	if(nCount>nMaxEvents){
2574	nMaxEvents = nCount;
2575

M src/tkt.c

+21 -23

		--- src/tkt.c
		+++ src/tkt.c
		@@ -203,13 +203,13 @@
203	203	tktid = db_last_insert_rowid();
204	204	}
205	205	blob_zero(&sql1);
206	206	blob_zero(&sql2);
207	207	blob_zero(&sql3);
208		- blob_appendf(&sql1, "UPDATE OR REPLACE ticket SET tkt_mtime=:mtime");
	208	+ blob_append_sql(&sql1, "UPDATE OR REPLACE ticket SET tkt_mtime=:mtime");
209	209	if( haveTicketCTime ){
210		- blob_appendf(&sql1, ", tkt_ctime=coalesce(tkt_ctime,:mtime)");
	210	+ blob_append_sql(&sql1, ", tkt_ctime=coalesce(tkt_ctime,:mtime)");
211	211	}
212	212	aUsed = fossil_malloc( nField );
213	213	memset(aUsed, 0, nField);
214	214	for(i=0; i<p->nField; i++){
215	215	const char *zName = p->aField[i].zName;
		@@ -218,55 +218,56 @@
218	218	if( j<0 ) continue;
219	219	aUsed[j] = 1;
220	220	if( aField[j].mUsed & USEDBY_TICKET ){
221	221	if( zName[0]=='+' ){
222	222	zName++;
223		- blob_appendf(&sql1,", %s=coalesce(%s,'') \|\| %Q",
	223	+ blob_append_sql(&sql1,", \"%w\"=coalesce(\"%w\",'') \|\| %Q",
224	224	zName, zName, p->aField[i].zValue);
225	225	}else{
226		- blob_appendf(&sql1,", %s=%Q", zName, p->aField[i].zValue);
	226	+ blob_append_sql(&sql1,", \"%w\"=%Q", zName, p->aField[i].zValue);
227	227	}
228	228	}
229	229	if( aField[j].mUsed & USEDBY_TICKETCHNG ){
230		- blob_appendf(&sql2, ",%s", zName);
231		- blob_appendf(&sql3, ",%Q", p->aField[i].zValue);
	230	+ blob_append_sql(&sql2, ",\"%w\"", zName);
	231	+ blob_append_sql(&sql3, ",%Q", p->aField[i].zValue);
232	232	}
233	233	if( rid>0 ){
234	234	wiki_extract_links(p->aField[i].zValue, rid, 1, p->rDate, i==0, 0);
235	235	}
236	236	}
237		- blob_appendf(&sql1, " WHERE tkt_id=%d", tktid);
238		- db_prepare(&q, "%s", blob_str(&sql1));
	237	+ blob_append_sql(&sql1, " WHERE tkt_id=%d", tktid);
	238	+ db_prepare(&q, "%s", blob_sql_text(&sql1));
239	239	db_bind_double(&q, ":mtime", p->rDate);
240	240	db_step(&q);
241	241	db_finalize(&q);
242	242	blob_reset(&sql1);
243	243	if( blob_size(&sql2)>0 \|\| haveTicketChngRid ){
244	244	int fromTkt = 0;
245	245	if( haveTicketChngRid ){
246	246	blob_append(&sql2, ",tkt_rid", -1);
247		- blob_appendf(&sql3, ",%d", rid);
	247	+ blob_append_sql(&sql3, ",%d", rid);
248	248	}
249	249	for(i=0; i<nField; i++){
250	250	if( aUsed[i]==0
251	251	&& (aField[i].mUsed & USEDBY_BOTH)==USEDBY_BOTH
252	252	){
253	253	const char *z = aField[i].zName;
254	254	if( z[0]=='+' ) z++;
255	255	fromTkt = 1;
256		- blob_appendf(&sql2, ",%s", z);
257		- blob_appendf(&sql3, ",%s", z);
	256	+ blob_append_sql(&sql2, ",\"%w\"", z);
	257	+ blob_append_sql(&sql3, ",\"%w\"", z);
258	258	}
259	259	}
260	260	if( fromTkt ){
261	261	db_prepare(&q, "INSERT INTO ticketchng(tkt_id,tkt_mtime%s)"
262	262	"SELECT %d,:mtime%s FROM ticket WHERE tkt_id=%d",
263		- blob_str(&sql2), tktid, blob_str(&sql3), tktid);
	263	+ blob_sql_text(&sql2), tktid,
	264	+ blob_sql_text(&sql3), tktid);
264	265	}else{
265	266	db_prepare(&q, "INSERT INTO ticketchng(tkt_id,tkt_mtime%s)"
266	267	"VALUES(%d,:mtime%s)",
267		- blob_str(&sql2), tktid, blob_str(&sql3));
	268	+ blob_sql_text(&sql2), tktid, blob_sql_text(&sql3));
268	269	}
269	270	db_bind_double(&q, ":mtime", p->rDate);
270	271	db_step(&q);
271	272	db_finalize(&q);
272	273	}
		@@ -368,11 +369,11 @@
368	369	zSql = ticket_table_schema();
369	370	if( separateConnection ){
370	371	db_end_transaction(0);
371	372	db_init_database(g.zRepositoryName, zSql, 0);
372	373	}else{
373		- db_multi_exec("%s", zSql);
	374	+ db_multi_exec("%s", zSql/safe-for-%s/);
374	375	}
375	376	}
376	377
377	378	/*
378	379	** Repopulate the TICKET and TICKETCHNG tables from scratch using all
		@@ -551,11 +552,11 @@
551	552	fossil_fatal("trouble committing ticket: %s", g.zErrMsg);
552	553	}
553	554	if( needMod ){
554	555	moderation_table_create();
555	556	db_multi_exec(
556		- "INSERT INTO modreq(objid, tktid) VALUES(%d,'%s')",
	557	+ "INSERT INTO modreq(objid, tktid) VALUES(%d,%Q)",
557	558	rid, zTktId
558	559	);
559	560	}else{
560	561	db_multi_exec("INSERT OR IGNORE INTO unsent VALUES(%d);", rid);
561	562	db_multi_exec("INSERT OR IGNORE INTO unclustered VALUES(%d);", rid);
		@@ -855,12 +856,11 @@
855	856	if( zType[0]=='c' ){
856	857	zTitle = mprintf("Check-Ins Associated With Ticket %h", zUuid);
857	858	}else{
858	859	zTitle = mprintf("Timeline Of Ticket %h", zUuid);
859	860	}
860		- style_header(zTitle);
861		- free(zTitle);
	861	+ style_header("%z", zTitle);
862	862
863	863	sqlite3_snprintf(6, zGlobPattern, "%s", zUuid);
864	864	canonical16(zGlobPattern, strlen(zGlobPattern));
865	865	tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",zUuid);
866	866	if( tagid==0 ){
		@@ -889,12 +889,11 @@
889	889	" WHERE target=%Q) "
890	890	"ORDER BY mtime DESC",
891	891	timeline_query_for_www(), tagid, zFullUuid, zFullUuid, zFullUuid
892	892	);
893	893	}
894		- db_prepare(&q, zSQL);
895		- free(zSQL);
	894	+ db_prepare(&q, "%z", zSQL/safe-for-%s/);
896	895	www_print_timeline(&q, TIMELINE_ARTID\|TIMELINE_DISJOINT\|TIMELINE_GRAPH,
897	896	0, 0, 0);
898	897	db_finalize(&q);
899	898	style_footer();
900	899	}
		@@ -927,12 +926,11 @@
927	926	"%R/tkthistory/%s", zUuid);
928	927	}else{
929	928	style_submenu_element("Plaintext", "Plaintext",
930	929	"%R/tkthistory/%s?plaintext", zUuid);
931	930	}
932		- style_header(zTitle);
933		- free(zTitle);
	931	+ style_header("%z", zTitle);
934	932
935	933	tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",zUuid);
936	934	if( tagid==0 ){
937	935	@ No such ticket: %h(zUuid)
938	936	style_footer();
		@@ -1213,11 +1211,11 @@
1213	1211	}
1214	1212	if( g.argc==3 ){
1215	1213	usage("set\|change\|history TICKETUUID");
1216	1214	}
1217	1215	zTktUuid = db_text(0,
1218		- "SELECT tkt_uuid FROM ticket WHERE tkt_uuid GLOB '%s*'", g.argv[3]
	1216	+ "SELECT tkt_uuid FROM ticket WHERE tkt_uuid GLOB '%q*'", g.argv[3]
1219	1217	);
1220	1218	if( !zTktUuid ){
1221	1219	fossil_fatal("unknown ticket: '%s'!",g.argv[3]);
1222	1220	}
1223	1221	i=4;
		@@ -1292,11 +1290,11 @@
1292	1290	}else{
1293	1291	fossil_print(" Change ");
1294	1292	}
1295	1293	fossil_print("%h: ",z);
1296	1294	if( blob_size(&val)>50 \|\| contains_newline(&val)) {
1297		- fossil_print("\n ",blob_str(&val));
	1295	+ fossil_print("\n ");
1298	1296	comment_print(blob_str(&val),0,4,-1,g.comFmtFlags);
1299	1297	}else{
1300	1298	fossil_print("%s\n",blob_str(&val));
1301	1299	}
1302	1300	blob_reset(&val);
1303	1301

	--- src/tkt.c
	+++ src/tkt.c
	@@ -203,13 +203,13 @@
203	tktid = db_last_insert_rowid();
204	}
205	blob_zero(&sql1);
206	blob_zero(&sql2);
207	blob_zero(&sql3);
208	blob_appendf(&sql1, "UPDATE OR REPLACE ticket SET tkt_mtime=:mtime");
209	if( haveTicketCTime ){
210	blob_appendf(&sql1, ", tkt_ctime=coalesce(tkt_ctime,:mtime)");
211	}
212	aUsed = fossil_malloc( nField );
213	memset(aUsed, 0, nField);
214	for(i=0; i<p->nField; i++){
215	const char *zName = p->aField[i].zName;
	@@ -218,55 +218,56 @@
218	if( j<0 ) continue;
219	aUsed[j] = 1;
220	if( aField[j].mUsed & USEDBY_TICKET ){
221	if( zName[0]=='+' ){
222	zName++;
223	blob_appendf(&sql1,", %s=coalesce(%s,'') \|\| %Q",
224	zName, zName, p->aField[i].zValue);
225	}else{
226	blob_appendf(&sql1,", %s=%Q", zName, p->aField[i].zValue);
227	}
228	}
229	if( aField[j].mUsed & USEDBY_TICKETCHNG ){
230	blob_appendf(&sql2, ",%s", zName);
231	blob_appendf(&sql3, ",%Q", p->aField[i].zValue);
232	}
233	if( rid>0 ){
234	wiki_extract_links(p->aField[i].zValue, rid, 1, p->rDate, i==0, 0);
235	}
236	}
237	blob_appendf(&sql1, " WHERE tkt_id=%d", tktid);
238	db_prepare(&q, "%s", blob_str(&sql1));
239	db_bind_double(&q, ":mtime", p->rDate);
240	db_step(&q);
241	db_finalize(&q);
242	blob_reset(&sql1);
243	if( blob_size(&sql2)>0 \|\| haveTicketChngRid ){
244	int fromTkt = 0;
245	if( haveTicketChngRid ){
246	blob_append(&sql2, ",tkt_rid", -1);
247	blob_appendf(&sql3, ",%d", rid);
248	}
249	for(i=0; i<nField; i++){
250	if( aUsed[i]==0
251	&& (aField[i].mUsed & USEDBY_BOTH)==USEDBY_BOTH
252	){
253	const char *z = aField[i].zName;
254	if( z[0]=='+' ) z++;
255	fromTkt = 1;
256	blob_appendf(&sql2, ",%s", z);
257	blob_appendf(&sql3, ",%s", z);
258	}
259	}
260	if( fromTkt ){
261	db_prepare(&q, "INSERT INTO ticketchng(tkt_id,tkt_mtime%s)"
262	"SELECT %d,:mtime%s FROM ticket WHERE tkt_id=%d",
263	blob_str(&sql2), tktid, blob_str(&sql3), tktid);

264	}else{
265	db_prepare(&q, "INSERT INTO ticketchng(tkt_id,tkt_mtime%s)"
266	"VALUES(%d,:mtime%s)",
267	blob_str(&sql2), tktid, blob_str(&sql3));
268	}
269	db_bind_double(&q, ":mtime", p->rDate);
270	db_step(&q);
271	db_finalize(&q);
272	}
	@@ -368,11 +369,11 @@
368	zSql = ticket_table_schema();
369	if( separateConnection ){
370	db_end_transaction(0);
371	db_init_database(g.zRepositoryName, zSql, 0);
372	}else{
373	db_multi_exec("%s", zSql);
374	}
375	}
376
377	/*
378	** Repopulate the TICKET and TICKETCHNG tables from scratch using all
	@@ -551,11 +552,11 @@
551	fossil_fatal("trouble committing ticket: %s", g.zErrMsg);
552	}
553	if( needMod ){
554	moderation_table_create();
555	db_multi_exec(
556	"INSERT INTO modreq(objid, tktid) VALUES(%d,'%s')",
557	rid, zTktId
558	);
559	}else{
560	db_multi_exec("INSERT OR IGNORE INTO unsent VALUES(%d);", rid);
561	db_multi_exec("INSERT OR IGNORE INTO unclustered VALUES(%d);", rid);
	@@ -855,12 +856,11 @@
855	if( zType[0]=='c' ){
856	zTitle = mprintf("Check-Ins Associated With Ticket %h", zUuid);
857	}else{
858	zTitle = mprintf("Timeline Of Ticket %h", zUuid);
859	}
860	style_header(zTitle);
861	free(zTitle);
862
863	sqlite3_snprintf(6, zGlobPattern, "%s", zUuid);
864	canonical16(zGlobPattern, strlen(zGlobPattern));
865	tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",zUuid);
866	if( tagid==0 ){
	@@ -889,12 +889,11 @@
889	" WHERE target=%Q) "
890	"ORDER BY mtime DESC",
891	timeline_query_for_www(), tagid, zFullUuid, zFullUuid, zFullUuid
892	);
893	}
894	db_prepare(&q, zSQL);
895	free(zSQL);
896	www_print_timeline(&q, TIMELINE_ARTID\|TIMELINE_DISJOINT\|TIMELINE_GRAPH,
897	0, 0, 0);
898	db_finalize(&q);
899	style_footer();
900	}
	@@ -927,12 +926,11 @@
927	"%R/tkthistory/%s", zUuid);
928	}else{
929	style_submenu_element("Plaintext", "Plaintext",
930	"%R/tkthistory/%s?plaintext", zUuid);
931	}
932	style_header(zTitle);
933	free(zTitle);
934
935	tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",zUuid);
936	if( tagid==0 ){
937	@ No such ticket: %h(zUuid)
938	style_footer();
	@@ -1213,11 +1211,11 @@
1213	}
1214	if( g.argc==3 ){
1215	usage("set\|change\|history TICKETUUID");
1216	}
1217	zTktUuid = db_text(0,
1218	"SELECT tkt_uuid FROM ticket WHERE tkt_uuid GLOB '%s*'", g.argv[3]
1219	);
1220	if( !zTktUuid ){
1221	fossil_fatal("unknown ticket: '%s'!",g.argv[3]);
1222	}
1223	i=4;
	@@ -1292,11 +1290,11 @@
1292	}else{
1293	fossil_print(" Change ");
1294	}
1295	fossil_print("%h: ",z);
1296	if( blob_size(&val)>50 \|\| contains_newline(&val)) {
1297	fossil_print("\n ",blob_str(&val));
1298	comment_print(blob_str(&val),0,4,-1,g.comFmtFlags);
1299	}else{
1300	fossil_print("%s\n",blob_str(&val));
1301	}
1302	blob_reset(&val);
1303

	--- src/tkt.c
	+++ src/tkt.c
	@@ -203,13 +203,13 @@
203	tktid = db_last_insert_rowid();
204	}
205	blob_zero(&sql1);
206	blob_zero(&sql2);
207	blob_zero(&sql3);
208	blob_append_sql(&sql1, "UPDATE OR REPLACE ticket SET tkt_mtime=:mtime");
209	if( haveTicketCTime ){
210	blob_append_sql(&sql1, ", tkt_ctime=coalesce(tkt_ctime,:mtime)");
211	}
212	aUsed = fossil_malloc( nField );
213	memset(aUsed, 0, nField);
214	for(i=0; i<p->nField; i++){
215	const char *zName = p->aField[i].zName;
	@@ -218,55 +218,56 @@
218	if( j<0 ) continue;
219	aUsed[j] = 1;
220	if( aField[j].mUsed & USEDBY_TICKET ){
221	if( zName[0]=='+' ){
222	zName++;
223	blob_append_sql(&sql1,", \"%w\"=coalesce(\"%w\",'') \|\| %Q",
224	zName, zName, p->aField[i].zValue);
225	}else{
226	blob_append_sql(&sql1,", \"%w\"=%Q", zName, p->aField[i].zValue);
227	}
228	}
229	if( aField[j].mUsed & USEDBY_TICKETCHNG ){
230	blob_append_sql(&sql2, ",\"%w\"", zName);
231	blob_append_sql(&sql3, ",%Q", p->aField[i].zValue);
232	}
233	if( rid>0 ){
234	wiki_extract_links(p->aField[i].zValue, rid, 1, p->rDate, i==0, 0);
235	}
236	}
237	blob_append_sql(&sql1, " WHERE tkt_id=%d", tktid);
238	db_prepare(&q, "%s", blob_sql_text(&sql1));
239	db_bind_double(&q, ":mtime", p->rDate);
240	db_step(&q);
241	db_finalize(&q);
242	blob_reset(&sql1);
243	if( blob_size(&sql2)>0 \|\| haveTicketChngRid ){
244	int fromTkt = 0;
245	if( haveTicketChngRid ){
246	blob_append(&sql2, ",tkt_rid", -1);
247	blob_append_sql(&sql3, ",%d", rid);
248	}
249	for(i=0; i<nField; i++){
250	if( aUsed[i]==0
251	&& (aField[i].mUsed & USEDBY_BOTH)==USEDBY_BOTH
252	){
253	const char *z = aField[i].zName;
254	if( z[0]=='+' ) z++;
255	fromTkt = 1;
256	blob_append_sql(&sql2, ",\"%w\"", z);
257	blob_append_sql(&sql3, ",\"%w\"", z);
258	}
259	}
260	if( fromTkt ){
261	db_prepare(&q, "INSERT INTO ticketchng(tkt_id,tkt_mtime%s)"
262	"SELECT %d,:mtime%s FROM ticket WHERE tkt_id=%d",
263	blob_sql_text(&sql2), tktid,
264	blob_sql_text(&sql3), tktid);
265	}else{
266	db_prepare(&q, "INSERT INTO ticketchng(tkt_id,tkt_mtime%s)"
267	"VALUES(%d,:mtime%s)",
268	blob_sql_text(&sql2), tktid, blob_sql_text(&sql3));
269	}
270	db_bind_double(&q, ":mtime", p->rDate);
271	db_step(&q);
272	db_finalize(&q);
273	}
	@@ -368,11 +369,11 @@
369	zSql = ticket_table_schema();
370	if( separateConnection ){
371	db_end_transaction(0);
372	db_init_database(g.zRepositoryName, zSql, 0);
373	}else{
374	db_multi_exec("%s", zSql/safe-for-%s/);
375	}
376	}
377
378	/*
379	** Repopulate the TICKET and TICKETCHNG tables from scratch using all
	@@ -551,11 +552,11 @@
552	fossil_fatal("trouble committing ticket: %s", g.zErrMsg);
553	}
554	if( needMod ){
555	moderation_table_create();
556	db_multi_exec(
557	"INSERT INTO modreq(objid, tktid) VALUES(%d,%Q)",
558	rid, zTktId
559	);
560	}else{
561	db_multi_exec("INSERT OR IGNORE INTO unsent VALUES(%d);", rid);
562	db_multi_exec("INSERT OR IGNORE INTO unclustered VALUES(%d);", rid);
	@@ -855,12 +856,11 @@
856	if( zType[0]=='c' ){
857	zTitle = mprintf("Check-Ins Associated With Ticket %h", zUuid);
858	}else{
859	zTitle = mprintf("Timeline Of Ticket %h", zUuid);
860	}
861	style_header("%z", zTitle);

862
863	sqlite3_snprintf(6, zGlobPattern, "%s", zUuid);
864	canonical16(zGlobPattern, strlen(zGlobPattern));
865	tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",zUuid);
866	if( tagid==0 ){
	@@ -889,12 +889,11 @@
889	" WHERE target=%Q) "
890	"ORDER BY mtime DESC",
891	timeline_query_for_www(), tagid, zFullUuid, zFullUuid, zFullUuid
892	);
893	}
894	db_prepare(&q, "%z", zSQL/safe-for-%s/);

895	www_print_timeline(&q, TIMELINE_ARTID\|TIMELINE_DISJOINT\|TIMELINE_GRAPH,
896	0, 0, 0);
897	db_finalize(&q);
898	style_footer();
899	}
	@@ -927,12 +926,11 @@
926	"%R/tkthistory/%s", zUuid);
927	}else{
928	style_submenu_element("Plaintext", "Plaintext",
929	"%R/tkthistory/%s?plaintext", zUuid);
930	}
931	style_header("%z", zTitle);

932
933	tagid = db_int(0, "SELECT tagid FROM tag WHERE tagname GLOB 'tkt-%q*'",zUuid);
934	if( tagid==0 ){
935	@ No such ticket: %h(zUuid)
936	style_footer();
	@@ -1213,11 +1211,11 @@
1211	}
1212	if( g.argc==3 ){
1213	usage("set\|change\|history TICKETUUID");
1214	}
1215	zTktUuid = db_text(0,
1216	"SELECT tkt_uuid FROM ticket WHERE tkt_uuid GLOB '%q*'", g.argv[3]
1217	);
1218	if( !zTktUuid ){
1219	fossil_fatal("unknown ticket: '%s'!",g.argv[3]);
1220	}
1221	i=4;
	@@ -1292,11 +1290,11 @@
1290	}else{
1291	fossil_print(" Change ");
1292	}
1293	fossil_print("%h: ",z);
1294	if( blob_size(&val)>50 \|\| contains_newline(&val)) {
1295	fossil_print("\n ");
1296	comment_print(blob_str(&val),0,4,-1,g.comFmtFlags);
1297	}else{
1298	fossil_print("%s\n",blob_str(&val));
1299	}
1300	blob_reset(&val);
1301

M src/undo.c

+9 -8

		--- src/undo.c
		+++ src/undo.c
		@@ -143,11 +143,12 @@
143	143	"INSERT INTO vmerge SELECT * FROM undo_vmerge;"
144	144	"DELETE FROM undo_vmerge;"
145	145	"INSERT INTO undo_vmerge SELECT * FROM undo_vmerge_2;"
146	146	"DROP TABLE undo_vmerge_2;"
147	147	);
148		- if(db_exists("SELECT 1 FROM %s.sqlite_master WHERE name='undo_stash'", zDb) ){
	148	+ if(db_exists("SELECT 1 FROM \"%w\".sqlite_master"
	149	+ " WHERE name='undo_stash'", zDb) ){
149	150	if( redoFlag ){
150	151	db_multi_exec(
151	152	"DELETE FROM stash WHERE stashid IN (SELECT stashid FROM undo_stash);"
152	153	"DELETE FROM stashfile"
153	154	" WHERE stashid NOT IN (SELECT stashid FROM stash);"
		@@ -174,11 +175,11 @@
174	175	@ DROP TABLE IF EXISTS undo_vfile;
175	176	@ DROP TABLE IF EXISTS undo_vmerge;
176	177	@ DROP TABLE IF EXISTS undo_stash;
177	178	@ DROP TABLE IF EXISTS undo_stashfile;
178	179	;
179		- db_multi_exec(zSql);
	180	+ db_multi_exec(zSql /works-like:""/);
180	181	db_lset_int("undo_available", 0);
181	182	db_lset_int("undo_checkout", 0);
182	183	}
183	184
184	185	/*
		@@ -219,24 +220,24 @@
219	220	*/
220	221	void undo_begin(void){
221	222	int cid;
222	223	const char *zDb = db_name("localdb");
223	224	static const char zSql[] =
224		- @ CREATE TABLE %s.undo(
	225	+ @ CREATE TABLE "%w".undo(
225	226	@ pathname TEXT UNIQUE, -- Name of the file
226	227	@ redoflag BOOLEAN, -- 0 for undoable. 1 for redoable
227	228	@ existsflag BOOLEAN, -- True if the file exists
228	229	@ isExe BOOLEAN, -- True if the file is executable
229	230	@ isLink BOOLEAN, -- True if the file is symlink
230	231	@ content BLOB -- Saved content
231	232	@ );
232		- @ CREATE TABLE %s.undo_vfile AS SELECT * FROM vfile;
233		- @ CREATE TABLE %s.undo_vmerge AS SELECT * FROM vmerge;
	233	+ @ CREATE TABLE "%w".undo_vfile AS SELECT * FROM vfile;
	234	+ @ CREATE TABLE "%w".undo_vmerge AS SELECT * FROM vmerge;
234	235	;
235	236	if( undoDisable ) return;
236	237	undo_reset();
237		- db_multi_exec(zSql, zDb, zDb, zDb);
	238	+ db_multi_exec(zSql/works-like:"%w,%w,%w"/, zDb, zDb, zDb);
238	239	cid = db_lget_int("checkout", 0);
239	240	db_lset_int("undo_checkout", cid);
240	241	db_lset_int("undo_available", 1);
241	242	db_lset("undo_cmdline", undoCmd);
242	243	undoActive = 1;
		@@ -301,18 +302,18 @@
301	302	** Make the current state of stashid undoable.
302	303	*/
303	304	void undo_save_stash(int stashid){
304	305	const char *zDb = db_name("localdb");
305	306	db_multi_exec(
306		- "CREATE TABLE IF NOT EXISTS %s.undo_stash"
	307	+ "CREATE TABLE IF NOT EXISTS \"%w\".undo_stash"
307	308	" AS SELECT * FROM stash WHERE 0;"
308	309	"INSERT INTO undo_stash"
309	310	" SELECT * FROM stash WHERE stashid=%d;",
310	311	zDb, stashid
311	312	);
312	313	db_multi_exec(
313		- "CREATE TABLE IF NOT EXISTS %s.undo_stashfile"
	314	+ "CREATE TABLE IF NOT EXISTS \"%w\".undo_stashfile"
314	315	" AS SELECT * FROM stashfile WHERE 0;"
315	316	"INSERT INTO undo_stashfile"
316	317	" SELECT * FROM stashfile WHERE stashid=%d;",
317	318	zDb, stashid
318	319	);
319	320

	--- src/undo.c
	+++ src/undo.c
	@@ -143,11 +143,12 @@
143	"INSERT INTO vmerge SELECT * FROM undo_vmerge;"
144	"DELETE FROM undo_vmerge;"
145	"INSERT INTO undo_vmerge SELECT * FROM undo_vmerge_2;"
146	"DROP TABLE undo_vmerge_2;"
147	);
148	if(db_exists("SELECT 1 FROM %s.sqlite_master WHERE name='undo_stash'", zDb) ){

149	if( redoFlag ){
150	db_multi_exec(
151	"DELETE FROM stash WHERE stashid IN (SELECT stashid FROM undo_stash);"
152	"DELETE FROM stashfile"
153	" WHERE stashid NOT IN (SELECT stashid FROM stash);"
	@@ -174,11 +175,11 @@
174	@ DROP TABLE IF EXISTS undo_vfile;
175	@ DROP TABLE IF EXISTS undo_vmerge;
176	@ DROP TABLE IF EXISTS undo_stash;
177	@ DROP TABLE IF EXISTS undo_stashfile;
178	;
179	db_multi_exec(zSql);
180	db_lset_int("undo_available", 0);
181	db_lset_int("undo_checkout", 0);
182	}
183
184	/*
	@@ -219,24 +220,24 @@
219	*/
220	void undo_begin(void){
221	int cid;
222	const char *zDb = db_name("localdb");
223	static const char zSql[] =
224	@ CREATE TABLE %s.undo(
225	@ pathname TEXT UNIQUE, -- Name of the file
226	@ redoflag BOOLEAN, -- 0 for undoable. 1 for redoable
227	@ existsflag BOOLEAN, -- True if the file exists
228	@ isExe BOOLEAN, -- True if the file is executable
229	@ isLink BOOLEAN, -- True if the file is symlink
230	@ content BLOB -- Saved content
231	@ );
232	@ CREATE TABLE %s.undo_vfile AS SELECT * FROM vfile;
233	@ CREATE TABLE %s.undo_vmerge AS SELECT * FROM vmerge;
234	;
235	if( undoDisable ) return;
236	undo_reset();
237	db_multi_exec(zSql, zDb, zDb, zDb);
238	cid = db_lget_int("checkout", 0);
239	db_lset_int("undo_checkout", cid);
240	db_lset_int("undo_available", 1);
241	db_lset("undo_cmdline", undoCmd);
242	undoActive = 1;
	@@ -301,18 +302,18 @@
301	** Make the current state of stashid undoable.
302	*/
303	void undo_save_stash(int stashid){
304	const char *zDb = db_name("localdb");
305	db_multi_exec(
306	"CREATE TABLE IF NOT EXISTS %s.undo_stash"
307	" AS SELECT * FROM stash WHERE 0;"
308	"INSERT INTO undo_stash"
309	" SELECT * FROM stash WHERE stashid=%d;",
310	zDb, stashid
311	);
312	db_multi_exec(
313	"CREATE TABLE IF NOT EXISTS %s.undo_stashfile"
314	" AS SELECT * FROM stashfile WHERE 0;"
315	"INSERT INTO undo_stashfile"
316	" SELECT * FROM stashfile WHERE stashid=%d;",
317	zDb, stashid
318	);
319

	--- src/undo.c
	+++ src/undo.c
	@@ -143,11 +143,12 @@
143	"INSERT INTO vmerge SELECT * FROM undo_vmerge;"
144	"DELETE FROM undo_vmerge;"
145	"INSERT INTO undo_vmerge SELECT * FROM undo_vmerge_2;"
146	"DROP TABLE undo_vmerge_2;"
147	);
148	if(db_exists("SELECT 1 FROM \"%w\".sqlite_master"
149	" WHERE name='undo_stash'", zDb) ){
150	if( redoFlag ){
151	db_multi_exec(
152	"DELETE FROM stash WHERE stashid IN (SELECT stashid FROM undo_stash);"
153	"DELETE FROM stashfile"
154	" WHERE stashid NOT IN (SELECT stashid FROM stash);"
	@@ -174,11 +175,11 @@
175	@ DROP TABLE IF EXISTS undo_vfile;
176	@ DROP TABLE IF EXISTS undo_vmerge;
177	@ DROP TABLE IF EXISTS undo_stash;
178	@ DROP TABLE IF EXISTS undo_stashfile;
179	;
180	db_multi_exec(zSql /works-like:""/);
181	db_lset_int("undo_available", 0);
182	db_lset_int("undo_checkout", 0);
183	}
184
185	/*
	@@ -219,24 +220,24 @@
220	*/
221	void undo_begin(void){
222	int cid;
223	const char *zDb = db_name("localdb");
224	static const char zSql[] =
225	@ CREATE TABLE "%w".undo(
226	@ pathname TEXT UNIQUE, -- Name of the file
227	@ redoflag BOOLEAN, -- 0 for undoable. 1 for redoable
228	@ existsflag BOOLEAN, -- True if the file exists
229	@ isExe BOOLEAN, -- True if the file is executable
230	@ isLink BOOLEAN, -- True if the file is symlink
231	@ content BLOB -- Saved content
232	@ );
233	@ CREATE TABLE "%w".undo_vfile AS SELECT * FROM vfile;
234	@ CREATE TABLE "%w".undo_vmerge AS SELECT * FROM vmerge;
235	;
236	if( undoDisable ) return;
237	undo_reset();
238	db_multi_exec(zSql/works-like:"%w,%w,%w"/, zDb, zDb, zDb);
239	cid = db_lget_int("checkout", 0);
240	db_lset_int("undo_checkout", cid);
241	db_lset_int("undo_available", 1);
242	db_lset("undo_cmdline", undoCmd);
243	undoActive = 1;
	@@ -301,18 +302,18 @@
302	** Make the current state of stashid undoable.
303	*/
304	void undo_save_stash(int stashid){
305	const char *zDb = db_name("localdb");
306	db_multi_exec(
307	"CREATE TABLE IF NOT EXISTS \"%w\".undo_stash"
308	" AS SELECT * FROM stash WHERE 0;"
309	"INSERT INTO undo_stash"
310	" SELECT * FROM stash WHERE stashid=%d;",
311	zDb, stashid
312	);
313	db_multi_exec(
314	"CREATE TABLE IF NOT EXISTS \"%w\".undo_stashfile"
315	" AS SELECT * FROM stashfile WHERE 0;"
316	"INSERT INTO undo_stashfile"
317	" SELECT * FROM stashfile WHERE stashid=%d;",
318	zDb, stashid
319	);
320

M src/update.c

+5 -3

		--- src/update.c
		+++ src/update.c
		@@ -357,22 +357,24 @@
357	357	zSep = "";
358	358	for(i=3; i<g.argc; i++){
359	359	file_tree_name(g.argv[i], &treename, 1);
360	360	if( file_wd_isdir(g.argv[i])==1 ){
361	361	if( blob_size(&treename) != 1 \|\| blob_str(&treename)[0] != '.' ){
362		- blob_appendf(&sql, "%sfn NOT GLOB '%b/*' ", zSep, &treename);
	362	+ blob_append_sql(&sql, "%sfn NOT GLOB '%q/*' ",
	363	+ zSep /safe-for-%s/, blob_str(&treename));
363	364	}else{
364	365	blob_reset(&sql);
365	366	break;
366	367	}
367	368	}else{
368		- blob_appendf(&sql, "%sfn<>%B ", zSep, &treename);
	369	+ blob_append_sql(&sql, "%sfn<>%Q ",
	370	+ zSep /safe-for-%s/, blob_str(&treename));
369	371	}
370	372	zSep = "AND ";
371	373	blob_reset(&treename);
372	374	}
373		- db_multi_exec(blob_str(&sql));
	375	+ db_multi_exec("%s", blob_sql_text(&sql));
374	376	blob_reset(&sql);
375	377	}
376	378
377	379	/*
378	380	** Alter the content of the checkout so that it conforms with the
379	381

	--- src/update.c
	+++ src/update.c
	@@ -357,22 +357,24 @@
357	zSep = "";
358	for(i=3; i<g.argc; i++){
359	file_tree_name(g.argv[i], &treename, 1);
360	if( file_wd_isdir(g.argv[i])==1 ){
361	if( blob_size(&treename) != 1 \|\| blob_str(&treename)[0] != '.' ){
362	blob_appendf(&sql, "%sfn NOT GLOB '%b/*' ", zSep, &treename);

363	}else{
364	blob_reset(&sql);
365	break;
366	}
367	}else{
368	blob_appendf(&sql, "%sfn<>%B ", zSep, &treename);

369	}
370	zSep = "AND ";
371	blob_reset(&treename);
372	}
373	db_multi_exec(blob_str(&sql));
374	blob_reset(&sql);
375	}
376
377	/*
378	** Alter the content of the checkout so that it conforms with the
379

	--- src/update.c
	+++ src/update.c
	@@ -357,22 +357,24 @@
357	zSep = "";
358	for(i=3; i<g.argc; i++){
359	file_tree_name(g.argv[i], &treename, 1);
360	if( file_wd_isdir(g.argv[i])==1 ){
361	if( blob_size(&treename) != 1 \|\| blob_str(&treename)[0] != '.' ){
362	blob_append_sql(&sql, "%sfn NOT GLOB '%q/*' ",
363	zSep /safe-for-%s/, blob_str(&treename));
364	}else{
365	blob_reset(&sql);
366	break;
367	}
368	}else{
369	blob_append_sql(&sql, "%sfn<>%Q ",
370	zSep /safe-for-%s/, blob_str(&treename));
371	}
372	zSep = "AND ";
373	blob_reset(&treename);
374	}
375	db_multi_exec("%s", blob_sql_text(&sql));
376	blob_reset(&sql);
377	}
378
379	/*
380	** Alter the content of the checkout so that it conforms with the
381

M src/user.c

+3 -3

		--- src/user.c
		+++ src/user.c
		@@ -451,26 +451,26 @@
451	451	cgi_redirectf("%s/access_log?y=%d&n=%d", g.zTop, y, n);
452	452	return;
453	453	}
454	454	style_header("Access Log");
455	455	blob_zero(&sql);
456		- blob_appendf(&sql,
	456	+ blob_append_sql(&sql,
457	457	"SELECT uname, ipaddr, datetime(mtime%s), success"
458	458	" FROM accesslog", timeline_utc()
459	459	);
460	460	if( y==1 ){
461	461	blob_append(&sql, " WHERE success", -1);
462	462	}else if( y==2 ){
463	463	blob_append(&sql, " WHERE NOT success", -1);
464	464	}
465		- blob_appendf(&sql," ORDER BY rowid DESC LIMIT %d OFFSET %d", n+1, skip);
	465	+ blob_append_sql(&sql," ORDER BY rowid DESC LIMIT %d OFFSET %d", n+1, skip);
466	466	if( skip ){
467	467	style_submenu_element("Newer", "Newer entries",
468	468	"%s/access_log?o=%d&n=%d&y=%d", g.zTop, skip>=n ? skip-n : 0,
469	469	n, y);
470	470	}
471		- rc = db_prepare_ignore_error(&q, blob_str(&sql));
	471	+ rc = db_prepare_ignore_error(&q, "%s", blob_sql_text(&sql));
472	472	@ <center><table border="1" cellpadding="5">
473	473	@ <tr><th width="33%%">Date</th><th width="34%%">User</th>
474	474	@ <th width="33%%">IP Address</th></tr>
475	475	while( rc==SQLITE_OK && db_step(&q)==SQLITE_ROW ){
476	476	const char *zName = db_column_text(&q, 0);
477	477

	--- src/user.c
	+++ src/user.c
	@@ -451,26 +451,26 @@
451	cgi_redirectf("%s/access_log?y=%d&n=%d", g.zTop, y, n);
452	return;
453	}
454	style_header("Access Log");
455	blob_zero(&sql);
456	blob_appendf(&sql,
457	"SELECT uname, ipaddr, datetime(mtime%s), success"
458	" FROM accesslog", timeline_utc()
459	);
460	if( y==1 ){
461	blob_append(&sql, " WHERE success", -1);
462	}else if( y==2 ){
463	blob_append(&sql, " WHERE NOT success", -1);
464	}
465	blob_appendf(&sql," ORDER BY rowid DESC LIMIT %d OFFSET %d", n+1, skip);
466	if( skip ){
467	style_submenu_element("Newer", "Newer entries",
468	"%s/access_log?o=%d&n=%d&y=%d", g.zTop, skip>=n ? skip-n : 0,
469	n, y);
470	}
471	rc = db_prepare_ignore_error(&q, blob_str(&sql));
472	@ <center><table border="1" cellpadding="5">
473	@ <tr><th width="33%%">Date</th><th width="34%%">User</th>
474	@ <th width="33%%">IP Address</th></tr>
475	while( rc==SQLITE_OK && db_step(&q)==SQLITE_ROW ){
476	const char *zName = db_column_text(&q, 0);
477

	--- src/user.c
	+++ src/user.c
	@@ -451,26 +451,26 @@
451	cgi_redirectf("%s/access_log?y=%d&n=%d", g.zTop, y, n);
452	return;
453	}
454	style_header("Access Log");
455	blob_zero(&sql);
456	blob_append_sql(&sql,
457	"SELECT uname, ipaddr, datetime(mtime%s), success"
458	" FROM accesslog", timeline_utc()
459	);
460	if( y==1 ){
461	blob_append(&sql, " WHERE success", -1);
462	}else if( y==2 ){
463	blob_append(&sql, " WHERE NOT success", -1);
464	}
465	blob_append_sql(&sql," ORDER BY rowid DESC LIMIT %d OFFSET %d", n+1, skip);
466	if( skip ){
467	style_submenu_element("Newer", "Newer entries",
468	"%s/access_log?o=%d&n=%d&y=%d", g.zTop, skip>=n ? skip-n : 0,
469	n, y);
470	}
471	rc = db_prepare_ignore_error(&q, "%s", blob_sql_text(&sql));
472	@ <center><table border="1" cellpadding="5">
473	@ <tr><th width="33%%">Date</th><th width="34%%">User</th>
474	@ <th width="33%%">IP Address</th></tr>
475	while( rc==SQLITE_OK && db_step(&q)==SQLITE_ROW ){
476	const char *zName = db_column_text(&q, 0);
477

M src/wiki.c

+5 -14

		--- src/wiki.c
		+++ src/wiki.c
		@@ -292,11 +292,11 @@
292	292	style_submenu_element("History", "History", "%s/whistory?name=%T",
293	293	g.zTop, zPageName);
294	294	}
295	295	}
296	296	style_set_current_page("%T?name=%T", g.zPath, zPageName);
297		- style_header(zPageName);
	297	+ style_header("%s", zPageName);
298	298	blob_init(&wiki, zBody, -1);
299	299	wiki_render_by_mimetype(&wiki, zMimetype);
300	300	blob_reset(&wiki);
301	301	attachment_list(zPageName, "<hr /><h2>Attachments:</h2><ul>");
302	302	manifest_destroy(pWiki);
		@@ -649,11 +649,11 @@
649	649	Blob wiki;
650	650	Manifest *pWiki = 0;
651	651
652	652	blob_zero(&body);
653	653	if( isSandbox ){
654		- blob_appendf(&body, db_get("sandbox",""));
	654	+ blob_append(&body, db_get("sandbox",""), -1);
655	655	appendRemark(&body, zMimetype);
656	656	db_set("sandbox", blob_str(&body), 0);
657	657	}else{
658	658	login_verify_csrf_secret();
659	659	pWiki = manifest_get(rid, CFTYPE_WIKI, 0);
		@@ -746,29 +746,23 @@
746	746	**
747	747	** Show the complete change history for a single wiki page.
748	748	*/
749	749	void whistory_page(void){
750	750	Stmt q;
751		- char *zTitle;
752		- char *zSQL;
753	751	const char *zPageName;
754	752	login_check_credentials();
755	753	if( !g.perm.Hyperlink ){ login_needed(); return; }
756	754	zPageName = PD("name","");
757		- zTitle = mprintf("History Of %s", zPageName);
758		- style_header(zTitle);
759		- free(zTitle);
	755	+ style_header("History Of %s", zPageName);
760	756
761		- zSQL = mprintf("%s AND event.objid IN "
	757	+ db_prepare(&q, "%s AND event.objid IN "
762	758	" (SELECT rid FROM tagxref WHERE tagid="
763	759	"(SELECT tagid FROM tag WHERE tagname='wiki-%q')"
764	760	" UNION SELECT attachid FROM attachment"
765	761	" WHERE target=%Q)"
766	762	"ORDER BY mtime DESC",
767	763	timeline_query_for_www(), zPageName, zPageName);
768		- db_prepare(&q, zSQL);
769		- free(zSQL);
770	764	zWikiPageName = zPageName;
771	765	www_print_timeline(&q, TIMELINE_ARTID, 0, 0, wiki_history_extra);
772	766	db_finalize(&q);
773	767	style_footer();
774	768	}
		@@ -778,11 +772,10 @@
778	772	** URL: /whistory?name=PAGENAME&a=RID1&b=RID2
779	773	**
780	774	** Show the difference between two wiki pages.
781	775	*/
782	776	void wdiff_page(void){
783		- char *zTitle;
784	777	int rid1, rid2;
785	778	const char *zPageName;
786	779	Manifest pW1, pW2 = 0;
787	780	Blob w1, w2, d;
788	781	u64 diffFlags;
		@@ -791,13 +784,11 @@
791	784	rid1 = atoi(PD("a","0"));
792	785	if( !g.perm.Hyperlink ){ login_needed(); return; }
793	786	if( rid1==0 ) fossil_redirect_home();
794	787	rid2 = atoi(PD("b","0"));
795	788	zPageName = PD("name","");
796		- zTitle = mprintf("Changes To %s", zPageName);
797		- style_header(zTitle);
798		- free(zTitle);
	789	+ style_header("Changes To %s", zPageName);
799	790
800	791	if( rid2==0 ){
801	792	rid2 = db_int(0,
802	793	"SELECT objid FROM event JOIN tagxref ON objid=rid AND tagxref.tagid="
803	794	"(SELECT tagid FROM tag WHERE tagname='wiki-%q')"
804	795

	--- src/wiki.c
	+++ src/wiki.c
	@@ -292,11 +292,11 @@
292	style_submenu_element("History", "History", "%s/whistory?name=%T",
293	g.zTop, zPageName);
294	}
295	}
296	style_set_current_page("%T?name=%T", g.zPath, zPageName);
297	style_header(zPageName);
298	blob_init(&wiki, zBody, -1);
299	wiki_render_by_mimetype(&wiki, zMimetype);
300	blob_reset(&wiki);
301	attachment_list(zPageName, "<hr /><h2>Attachments:</h2><ul>");
302	manifest_destroy(pWiki);
	@@ -649,11 +649,11 @@
649	Blob wiki;
650	Manifest *pWiki = 0;
651
652	blob_zero(&body);
653	if( isSandbox ){
654	blob_appendf(&body, db_get("sandbox",""));
655	appendRemark(&body, zMimetype);
656	db_set("sandbox", blob_str(&body), 0);
657	}else{
658	login_verify_csrf_secret();
659	pWiki = manifest_get(rid, CFTYPE_WIKI, 0);
	@@ -746,29 +746,23 @@
746	**
747	** Show the complete change history for a single wiki page.
748	*/
749	void whistory_page(void){
750	Stmt q;
751	char *zTitle;
752	char *zSQL;
753	const char *zPageName;
754	login_check_credentials();
755	if( !g.perm.Hyperlink ){ login_needed(); return; }
756	zPageName = PD("name","");
757	zTitle = mprintf("History Of %s", zPageName);
758	style_header(zTitle);
759	free(zTitle);
760
761	zSQL = mprintf("%s AND event.objid IN "
762	" (SELECT rid FROM tagxref WHERE tagid="
763	"(SELECT tagid FROM tag WHERE tagname='wiki-%q')"
764	" UNION SELECT attachid FROM attachment"
765	" WHERE target=%Q)"
766	"ORDER BY mtime DESC",
767	timeline_query_for_www(), zPageName, zPageName);
768	db_prepare(&q, zSQL);
769	free(zSQL);
770	zWikiPageName = zPageName;
771	www_print_timeline(&q, TIMELINE_ARTID, 0, 0, wiki_history_extra);
772	db_finalize(&q);
773	style_footer();
774	}
	@@ -778,11 +772,10 @@
778	** URL: /whistory?name=PAGENAME&a=RID1&b=RID2
779	**
780	** Show the difference between two wiki pages.
781	*/
782	void wdiff_page(void){
783	char *zTitle;
784	int rid1, rid2;
785	const char *zPageName;
786	Manifest pW1, pW2 = 0;
787	Blob w1, w2, d;
788	u64 diffFlags;
	@@ -791,13 +784,11 @@
791	rid1 = atoi(PD("a","0"));
792	if( !g.perm.Hyperlink ){ login_needed(); return; }
793	if( rid1==0 ) fossil_redirect_home();
794	rid2 = atoi(PD("b","0"));
795	zPageName = PD("name","");
796	zTitle = mprintf("Changes To %s", zPageName);
797	style_header(zTitle);
798	free(zTitle);
799
800	if( rid2==0 ){
801	rid2 = db_int(0,
802	"SELECT objid FROM event JOIN tagxref ON objid=rid AND tagxref.tagid="
803	"(SELECT tagid FROM tag WHERE tagname='wiki-%q')"
804

	--- src/wiki.c
	+++ src/wiki.c
	@@ -292,11 +292,11 @@
292	style_submenu_element("History", "History", "%s/whistory?name=%T",
293	g.zTop, zPageName);
294	}
295	}
296	style_set_current_page("%T?name=%T", g.zPath, zPageName);
297	style_header("%s", zPageName);
298	blob_init(&wiki, zBody, -1);
299	wiki_render_by_mimetype(&wiki, zMimetype);
300	blob_reset(&wiki);
301	attachment_list(zPageName, "<hr /><h2>Attachments:</h2><ul>");
302	manifest_destroy(pWiki);
	@@ -649,11 +649,11 @@
649	Blob wiki;
650	Manifest *pWiki = 0;
651
652	blob_zero(&body);
653	if( isSandbox ){
654	blob_append(&body, db_get("sandbox",""), -1);
655	appendRemark(&body, zMimetype);
656	db_set("sandbox", blob_str(&body), 0);
657	}else{
658	login_verify_csrf_secret();
659	pWiki = manifest_get(rid, CFTYPE_WIKI, 0);
	@@ -746,29 +746,23 @@
746	**
747	** Show the complete change history for a single wiki page.
748	*/
749	void whistory_page(void){
750	Stmt q;


751	const char *zPageName;
752	login_check_credentials();
753	if( !g.perm.Hyperlink ){ login_needed(); return; }
754	zPageName = PD("name","");
755	style_header("History Of %s", zPageName);


756
757	db_prepare(&q, "%s AND event.objid IN "
758	" (SELECT rid FROM tagxref WHERE tagid="
759	"(SELECT tagid FROM tag WHERE tagname='wiki-%q')"
760	" UNION SELECT attachid FROM attachment"
761	" WHERE target=%Q)"
762	"ORDER BY mtime DESC",
763	timeline_query_for_www(), zPageName, zPageName);


764	zWikiPageName = zPageName;
765	www_print_timeline(&q, TIMELINE_ARTID, 0, 0, wiki_history_extra);
766	db_finalize(&q);
767	style_footer();
768	}
	@@ -778,11 +772,10 @@
772	** URL: /whistory?name=PAGENAME&a=RID1&b=RID2
773	**
774	** Show the difference between two wiki pages.
775	*/
776	void wdiff_page(void){

777	int rid1, rid2;
778	const char *zPageName;
779	Manifest pW1, pW2 = 0;
780	Blob w1, w2, d;
781	u64 diffFlags;
	@@ -791,13 +784,11 @@
784	rid1 = atoi(PD("a","0"));
785	if( !g.perm.Hyperlink ){ login_needed(); return; }
786	if( rid1==0 ) fossil_redirect_home();
787	rid2 = atoi(PD("b","0"));
788	zPageName = PD("name","");
789	style_header("Changes To %s", zPageName);


790
791	if( rid2==0 ){
792	rid2 = db_int(0,
793	"SELECT objid FROM event JOIN tagxref ON objid=rid AND tagxref.tagid="
794	"(SELECT tagid FROM tag WHERE tagname='wiki-%q')"
795

M src/wikiformat.c

+4 -4

		--- src/wikiformat.c
		+++ src/wikiformat.c
		@@ -1046,11 +1046,11 @@
1046	1046	*/
1047	1047	static void startAutoParagraph(Renderer *p){
1048	1048	if( p->wantAutoParagraph==0 ) return;
1049	1049	if( p->state & WIKI_LINKSONLY ) return;
1050	1050	if( p->wikiList==MARKUP_OL \|\| p->wikiList==MARKUP_UL ) return;
1051		- blob_appendf(p->pOut, "<p>", -1);
	1051	+ blob_append(p->pOut, "<p>", -1);
1052	1052	p->wantAutoParagraph = 0;
1053	1053	p->inAutoParagraph = 1;
1054	1054	}
1055	1055
1056	1056	/*
		@@ -1121,11 +1121,11 @@
1121	1121	if( once ){
1122	1122	const char *zClosedExpr = db_get("ticket-closed-expr", "status='Closed'");
1123	1123	db_static_prepare(&q,
1124	1124	"SELECT %s FROM ticket "
1125	1125	" WHERE tkt_uuid>=:lwr AND tkt_uuid<:upr",
1126		- zClosedExpr
	1126	+ zClosedExpr /safe-for-%s/
1127	1127	);
1128	1128	once = 0;
1129	1129	}
1130	1130	db_bind_text(&q, ":lwr", zLower);
1131	1131	db_bind_text(&q, ":upr", zUpper);
		@@ -1243,11 +1243,11 @@
1243	1243	}
1244	1244	}else if( !in_this_repo(zTarget) ){
1245	1245	if( (p->state & (WIKI_LINKSONLY\|WIKI_NOBADLINKS))!=0 ){
1246	1246	zTerm = "";
1247	1247	}else{
1248		- blob_appendf(p->pOut, "<span class=\"brokenlink\">[", zTarget);
	1248	+ blob_appendf(p->pOut, "<span class=\"brokenlink\">[");
1249	1249	zTerm = "]</span>";
1250	1250	}
1251	1251	}else if( g.perm.Hyperlink ){
1252	1252	blob_appendf(p->pOut, "%z[",href("%R/info/%s", zTarget));
1253	1253	zTerm = "]</a>";
		@@ -1328,11 +1328,11 @@
1328	1328	if( p->wikiList ){
1329	1329	popStackToTag(p, p->wikiList);
1330	1330	p->wikiList = 0;
1331	1331	}
1332	1332	endAutoParagraph(p);
1333		- blob_appendf(p->pOut, "\n\n", 1);
	1333	+ blob_append(p->pOut, "\n\n", 1);
1334	1334	p->wantAutoParagraph = 1;
1335	1335	}
1336	1336	p->state \|= AT_PARAGRAPH\|AT_NEWLINE;
1337	1337	break;
1338	1338	}
1339	1339

	--- src/wikiformat.c
	+++ src/wikiformat.c
	@@ -1046,11 +1046,11 @@
1046	*/
1047	static void startAutoParagraph(Renderer *p){
1048	if( p->wantAutoParagraph==0 ) return;
1049	if( p->state & WIKI_LINKSONLY ) return;
1050	if( p->wikiList==MARKUP_OL \|\| p->wikiList==MARKUP_UL ) return;
1051	blob_appendf(p->pOut, "<p>", -1);
1052	p->wantAutoParagraph = 0;
1053	p->inAutoParagraph = 1;
1054	}
1055
1056	/*
	@@ -1121,11 +1121,11 @@
1121	if( once ){
1122	const char *zClosedExpr = db_get("ticket-closed-expr", "status='Closed'");
1123	db_static_prepare(&q,
1124	"SELECT %s FROM ticket "
1125	" WHERE tkt_uuid>=:lwr AND tkt_uuid<:upr",
1126	zClosedExpr
1127	);
1128	once = 0;
1129	}
1130	db_bind_text(&q, ":lwr", zLower);
1131	db_bind_text(&q, ":upr", zUpper);
	@@ -1243,11 +1243,11 @@
1243	}
1244	}else if( !in_this_repo(zTarget) ){
1245	if( (p->state & (WIKI_LINKSONLY\|WIKI_NOBADLINKS))!=0 ){
1246	zTerm = "";
1247	}else{
1248	blob_appendf(p->pOut, "<span class=\"brokenlink\">[", zTarget);
1249	zTerm = "]</span>";
1250	}
1251	}else if( g.perm.Hyperlink ){
1252	blob_appendf(p->pOut, "%z[",href("%R/info/%s", zTarget));
1253	zTerm = "]</a>";
	@@ -1328,11 +1328,11 @@
1328	if( p->wikiList ){
1329	popStackToTag(p, p->wikiList);
1330	p->wikiList = 0;
1331	}
1332	endAutoParagraph(p);
1333	blob_appendf(p->pOut, "\n\n", 1);
1334	p->wantAutoParagraph = 1;
1335	}
1336	p->state \|= AT_PARAGRAPH\|AT_NEWLINE;
1337	break;
1338	}
1339

	--- src/wikiformat.c
	+++ src/wikiformat.c
	@@ -1046,11 +1046,11 @@
1046	*/
1047	static void startAutoParagraph(Renderer *p){
1048	if( p->wantAutoParagraph==0 ) return;
1049	if( p->state & WIKI_LINKSONLY ) return;
1050	if( p->wikiList==MARKUP_OL \|\| p->wikiList==MARKUP_UL ) return;
1051	blob_append(p->pOut, "<p>", -1);
1052	p->wantAutoParagraph = 0;
1053	p->inAutoParagraph = 1;
1054	}
1055
1056	/*
	@@ -1121,11 +1121,11 @@
1121	if( once ){
1122	const char *zClosedExpr = db_get("ticket-closed-expr", "status='Closed'");
1123	db_static_prepare(&q,
1124	"SELECT %s FROM ticket "
1125	" WHERE tkt_uuid>=:lwr AND tkt_uuid<:upr",
1126	zClosedExpr /safe-for-%s/
1127	);
1128	once = 0;
1129	}
1130	db_bind_text(&q, ":lwr", zLower);
1131	db_bind_text(&q, ":upr", zUpper);
	@@ -1243,11 +1243,11 @@
1243	}
1244	}else if( !in_this_repo(zTarget) ){
1245	if( (p->state & (WIKI_LINKSONLY\|WIKI_NOBADLINKS))!=0 ){
1246	zTerm = "";
1247	}else{
1248	blob_appendf(p->pOut, "<span class=\"brokenlink\">[");
1249	zTerm = "]</span>";
1250	}
1251	}else if( g.perm.Hyperlink ){
1252	blob_appendf(p->pOut, "%z[",href("%R/info/%s", zTarget));
1253	zTerm = "]</a>";
	@@ -1328,11 +1328,11 @@
1328	if( p->wikiList ){
1329	popStackToTag(p, p->wikiList);
1330	p->wikiList = 0;
1331	}
1332	endAutoParagraph(p);
1333	blob_append(p->pOut, "\n\n", 1);
1334	p->wantAutoParagraph = 1;
1335	}
1336	p->state \|= AT_PARAGRAPH\|AT_NEWLINE;
1337	break;
1338	}
1339

M src/winhttp.c

+33 -27

		--- src/winhttp.c
		+++ src/winhttp.c
		@@ -58,10 +58,21 @@
58	58	}
59	59	zHdr++;
60	60	}
61	61	return 0;
62	62	}
	63	+
	64	+/*
	65	+** Issue a fatal error.
	66	+*/
	67	+static NORETURN void winhttp_fatal(
	68	+ const char *zOp,
	69	+ const char *zService,
	70	+ const char *zErr
	71	+){
	72	+ fossil_fatal("unable to %s service '%s': %s", zOp, zService, zErr);
	73	+}
63	74
64	75	/*
65	76	** Process a single incoming HTTP request.
66	77	*/
67	78	static void win32_http_request(void *pAppData){
		@@ -297,11 +308,11 @@
297	308	zTempPrefix = mprintf("%sfossil_server_P%d_",
298	309	fossil_unicode_to_utf8(zTmpPath), iPort);
299	310	fossil_print("Listening for %s requests on TCP port %d\n",
300	311	(flags&HTTP_SERVER_SCGI)!=0?"SCGI":"HTTP", iPort);
301	312	if( zBrowser ){
302		- zBrowser = mprintf(zBrowser, iPort);
	313	+ zBrowser = mprintf(zBrowser /works-like:"%d"/, iPort);
303	314	fossil_print("Launch webbrowser: %s\n", zBrowser);
304	315	fossil_system(zBrowser);
305	316	}
306	317	fossil_print("Type Ctrl-C to stop the HTTP server\n");
307	318	/* Set the service status to running and pass the listener socket to the
		@@ -679,11 +690,10 @@
679	690	if( strncmp(zMethod, "create", n)==0 ){
680	691	SC_HANDLE hScm;
681	692	SC_HANDLE hSvc;
682	693	SERVICE_DESCRIPTIONW
683	694	svcDescr = {L"Fossil - Distributed Software Configuration Management"};
684		- char *zErrFmt = "unable to create service '%s': %s";
685	695	DWORD dwStartType = SERVICE_DEMAND_START;
686	696	const char *zDisplay = find_option("display", "D", 1);
687	697	const char *zStart = find_option("start", "S", 1);
688	698	const char *zUsername = find_option("username", "U", 1);
689	699	const char *zPassword = find_option("password", "W", 1);
		@@ -714,17 +724,17 @@
714	724	if( strncmp(zStart, "auto", strlen(zStart))==0 ){
715	725	dwStartType = SERVICE_AUTO_START;
716	726	}else if( strncmp(zStart, "manual", strlen(zStart))==0 ){
717	727	dwStartType = SERVICE_DEMAND_START;
718	728	}else{
719		- fossil_fatal(zErrFmt, zSvcName,
	729	+ winhttp_fatal("create", zSvcName,
720	730	"specify 'auto' or 'manual' for the '-S\|--start' option");
721	731	}
722	732	}
723	733	/* Process options for Fossil running as server. */
724	734	if( zPort && (atoi(zPort)<=0) ){
725		- fossil_fatal(zErrFmt, zSvcName,
	735	+ winhttp_fatal("create", zSvcName,
726	736	"port number must be in the range 1 - 65535.");
727	737	}
728	738	if( !zRepository ){
729	739	db_must_be_within_tree();
730	740	}else if( file_isdir(zRepository)==1 ){
		@@ -743,11 +753,11 @@
743	753	if( zFileGlob ) blob_appendf(&binPath, " --files-urlenc %T", zFileGlob);
744	754	if( zLocalAuth ) blob_append(&binPath, " --localauth", -1);
745	755	blob_appendf(&binPath, " \"%s\"", g.zRepositoryName);
746	756	/* Create the service. */
747	757	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
748		- if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	758	+ if( !hScm ) winhttp_fatal("create", zSvcName, win32_get_last_errmsg());
749	759	hSvc = CreateServiceW(
750	760	hScm, /* Handle to the SCM */
751	761	fossil_utf8_to_unicode(zSvcName), /* Name of the service */
752	762	fossil_utf8_to_unicode(zDisplay), /* Display name */
753	763	SERVICE_ALL_ACCESS, /* Desired access */
		@@ -759,11 +769,11 @@
759	769	NULL, /* Tag value */
760	770	NULL, /* Service dependencies */
761	771	zUsername ? fossil_utf8_to_unicode(zUsername) : 0, /* Account */
762	772	fossil_utf8_to_unicode(zPassword) /* Account password */
763	773	);
764		- if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	774	+ if( !hSvc ) winhttp_fatal("create", zSvcName, win32_get_last_errmsg());
765	775	/* Set the service description. */
766	776	ChangeServiceConfig2W(hSvc, SERVICE_CONFIG_DESCRIPTION, &svcDescr);
767	777	fossil_print("Service '%s' successfully created.\n", zSvcName);
768	778	CloseServiceHandle(hSvc);
769	779	CloseServiceHandle(hScm);
		@@ -770,29 +780,28 @@
770	780	}else
771	781	if( strncmp(zMethod, "delete", n)==0 ){
772	782	SC_HANDLE hScm;
773	783	SC_HANDLE hSvc;
774	784	SERVICE_STATUS sstat;
775		- char *zErrFmt = "unable to delete service '%s': %s";
776	785
777	786	verify_all_options();
778	787	if( g.argc==4 ){
779	788	zSvcName = g.argv[3];
780	789	}else if( g.argc>4 ){
781	790	fossil_fatal("too many arguments for delete method.");
782	791	}
783	792	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
784		- if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	793	+ if( !hScm ) winhttp_fatal("delete", zSvcName, win32_get_last_errmsg());
785	794	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName),
786	795	SERVICE_ALL_ACCESS);
787		- if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	796	+ if( !hSvc ) winhttp_fatal("delete", zSvcName, win32_get_last_errmsg());
788	797	QueryServiceStatus(hSvc, &sstat);
789	798	if( sstat.dwCurrentState!=SERVICE_STOPPED ){
790	799	fossil_print("Stopping service '%s'", zSvcName);
791	800	if( sstat.dwCurrentState!=SERVICE_STOP_PENDING ){
792	801	if( !ControlService(hSvc, SERVICE_CONTROL_STOP, &sstat) ){
793		- fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	802	+ winhttp_fatal("delete", zSvcName, win32_get_last_errmsg());
794	803	}
795	804	}
796	805	while( sstat.dwCurrentState!=SERVICE_STOPPED ){
797	806	Sleep(100);
798	807	fossil_print(".");
		@@ -802,11 +811,11 @@
802	811	}
803	812	if( !DeleteService(hSvc) ){
804	813	if( GetLastError()==ERROR_SERVICE_MARKED_FOR_DELETE ){
805	814	fossil_warning("Service '%s' already marked for delete.\n", zSvcName);
806	815	}else{
807		- fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	816	+ winhttp_fatal("delete", zSvcName, win32_get_last_errmsg());
808	817	}
809	818	}else{
810	819	fossil_print("Service '%s' successfully deleted.\n", zSvcName);
811	820	}
812	821	CloseServiceHandle(hSvc);
		@@ -818,11 +827,10 @@
818	827	SERVICE_STATUS sstat;
819	828	LPQUERY_SERVICE_CONFIGW pSvcConfig;
820	829	LPSERVICE_DESCRIPTIONW pSvcDescr;
821	830	BOOL bStatus;
822	831	DWORD nRequired;
823		- const char *zErrFmt = "unable to show service '%s': %s";
824	832	static const char *const zSvcTypes[] = {
825	833	"Driver service",
826	834	"File system driver service",
827	835	"Service runs in its own process",
828	836	"Service shares a process with other services",
		@@ -848,21 +856,21 @@
848	856	zSvcName = g.argv[3];
849	857	}else if( g.argc>4 ){
850	858	fossil_fatal("too many arguments for show method.");
851	859	}
852	860	hScm = OpenSCManagerW(NULL, NULL, GENERIC_READ);
853		- if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	861	+ if( !hScm ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
854	862	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName), GENERIC_READ);
855		- if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	863	+ if( !hSvc ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
856	864	/* Get the service configuration */
857	865	bStatus = QueryServiceConfigW(hSvc, NULL, 0, &nRequired);
858	866	if( !bStatus && GetLastError()!=ERROR_INSUFFICIENT_BUFFER ){
859		- fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	867	+ winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
860	868	}
861	869	pSvcConfig = fossil_malloc(nRequired);
862	870	bStatus = QueryServiceConfigW(hSvc, pSvcConfig, nRequired, &nRequired);
863		- if( !bStatus ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	871	+ if( !bStatus ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
864	872	/* Translate the service type */
865	873	switch( pSvcConfig->dwServiceType ){
866	874	case SERVICE_KERNEL_DRIVER: zSvcType = zSvcTypes[0]; break;
867	875	case SERVICE_FILE_SYSTEM_DRIVER: zSvcType = zSvcTypes[1]; break;
868	876	case SERVICE_WIN32_OWN_PROCESS: zSvcType = zSvcTypes[2]; break;
		@@ -879,19 +887,19 @@
879	887	}
880	888	/* Get the service description. */
881	889	bStatus = QueryServiceConfig2W(hSvc, SERVICE_CONFIG_DESCRIPTION,
882	890	NULL, 0, &nRequired);
883	891	if( !bStatus && GetLastError()!=ERROR_INSUFFICIENT_BUFFER ){
884		- fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	892	+ winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
885	893	}
886	894	pSvcDescr = fossil_malloc(nRequired);
887	895	bStatus = QueryServiceConfig2W(hSvc, SERVICE_CONFIG_DESCRIPTION,
888	896	(LPBYTE)pSvcDescr, nRequired, &nRequired);
889		- if( !bStatus ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	897	+ if( !bStatus ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
890	898	/* Retrieves the current status of the specified service. */
891	899	bStatus = QueryServiceStatus(hSvc, &sstat);
892		- if( !bStatus ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	900	+ if( !bStatus ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
893	901	/* Translate the current state. */
894	902	switch( sstat.dwCurrentState ){
895	903	case SERVICE_STOPPED: zSvcState = zSvcStates[0]; break;
896	904	case SERVICE_START_PENDING: zSvcState = zSvcStates[1]; break;
897	905	case SERVICE_STOP_PENDING: zSvcState = zSvcStates[2]; break;
		@@ -921,29 +929,28 @@
921	929	}else
922	930	if( strncmp(zMethod, "start", n)==0 ){
923	931	SC_HANDLE hScm;
924	932	SC_HANDLE hSvc;
925	933	SERVICE_STATUS sstat;
926		- char *zErrFmt = "unable to start service '%s': %s";
927	934
928	935	verify_all_options();
929	936	if( g.argc==4 ){
930	937	zSvcName = g.argv[3];
931	938	}else if( g.argc>4 ){
932	939	fossil_fatal("too many arguments for start method.");
933	940	}
934	941	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
935		- if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	942	+ if( !hScm ) winhttp_fatal("start", zSvcName, win32_get_last_errmsg());
936	943	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName),
937	944	SERVICE_ALL_ACCESS);
938		- if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	945	+ if( !hSvc ) winhttp_fatal("start", zSvcName, win32_get_last_errmsg());
939	946	QueryServiceStatus(hSvc, &sstat);
940	947	if( sstat.dwCurrentState!=SERVICE_RUNNING ){
941	948	fossil_print("Starting service '%s'", zSvcName);
942	949	if( sstat.dwCurrentState!=SERVICE_START_PENDING ){
943	950	if( !StartServiceW(hSvc, 0, NULL) ){
944		- fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	951	+ winhttp_fatal("start", zSvcName, win32_get_last_errmsg());
945	952	}
946	953	}
947	954	while( sstat.dwCurrentState!=SERVICE_RUNNING ){
948	955	Sleep(100);
949	956	fossil_print(".");
		@@ -958,29 +965,28 @@
958	965	}else
959	966	if( strncmp(zMethod, "stop", n)==0 ){
960	967	SC_HANDLE hScm;
961	968	SC_HANDLE hSvc;
962	969	SERVICE_STATUS sstat;
963		- char *zErrFmt = "unable to stop service '%s': %s";
964	970
965	971	verify_all_options();
966	972	if( g.argc==4 ){
967	973	zSvcName = g.argv[3];
968	974	}else if( g.argc>4 ){
969	975	fossil_fatal("too many arguments for stop method.");
970	976	}
971	977	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
972		- if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	978	+ if( !hScm ) winhttp_fatal("stop", zSvcName, win32_get_last_errmsg());
973	979	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName),
974	980	SERVICE_ALL_ACCESS);
975		- if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	981	+ if( !hSvc ) winhttp_fatal("stop", zSvcName, win32_get_last_errmsg());
976	982	QueryServiceStatus(hSvc, &sstat);
977	983	if( sstat.dwCurrentState!=SERVICE_STOPPED ){
978	984	fossil_print("Stopping service '%s'", zSvcName);
979	985	if( sstat.dwCurrentState!=SERVICE_STOP_PENDING ){
980	986	if( !ControlService(hSvc, SERVICE_CONTROL_STOP, &sstat) ){
981		- fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
	987	+ winhttp_fatal("stop", zSvcName, win32_get_last_errmsg());
982	988	}
983	989	}
984	990	while( sstat.dwCurrentState!=SERVICE_STOPPED ){
985	991	Sleep(100);
986	992	fossil_print(".");
987	993

	--- src/winhttp.c
	+++ src/winhttp.c
	@@ -58,10 +58,21 @@
58	}
59	zHdr++;
60	}
61	return 0;
62	}











63
64	/*
65	** Process a single incoming HTTP request.
66	*/
67	static void win32_http_request(void *pAppData){
	@@ -297,11 +308,11 @@
297	zTempPrefix = mprintf("%sfossil_server_P%d_",
298	fossil_unicode_to_utf8(zTmpPath), iPort);
299	fossil_print("Listening for %s requests on TCP port %d\n",
300	(flags&HTTP_SERVER_SCGI)!=0?"SCGI":"HTTP", iPort);
301	if( zBrowser ){
302	zBrowser = mprintf(zBrowser, iPort);
303	fossil_print("Launch webbrowser: %s\n", zBrowser);
304	fossil_system(zBrowser);
305	}
306	fossil_print("Type Ctrl-C to stop the HTTP server\n");
307	/* Set the service status to running and pass the listener socket to the
	@@ -679,11 +690,10 @@
679	if( strncmp(zMethod, "create", n)==0 ){
680	SC_HANDLE hScm;
681	SC_HANDLE hSvc;
682	SERVICE_DESCRIPTIONW
683	svcDescr = {L"Fossil - Distributed Software Configuration Management"};
684	char *zErrFmt = "unable to create service '%s': %s";
685	DWORD dwStartType = SERVICE_DEMAND_START;
686	const char *zDisplay = find_option("display", "D", 1);
687	const char *zStart = find_option("start", "S", 1);
688	const char *zUsername = find_option("username", "U", 1);
689	const char *zPassword = find_option("password", "W", 1);
	@@ -714,17 +724,17 @@
714	if( strncmp(zStart, "auto", strlen(zStart))==0 ){
715	dwStartType = SERVICE_AUTO_START;
716	}else if( strncmp(zStart, "manual", strlen(zStart))==0 ){
717	dwStartType = SERVICE_DEMAND_START;
718	}else{
719	fossil_fatal(zErrFmt, zSvcName,
720	"specify 'auto' or 'manual' for the '-S\|--start' option");
721	}
722	}
723	/* Process options for Fossil running as server. */
724	if( zPort && (atoi(zPort)<=0) ){
725	fossil_fatal(zErrFmt, zSvcName,
726	"port number must be in the range 1 - 65535.");
727	}
728	if( !zRepository ){
729	db_must_be_within_tree();
730	}else if( file_isdir(zRepository)==1 ){
	@@ -743,11 +753,11 @@
743	if( zFileGlob ) blob_appendf(&binPath, " --files-urlenc %T", zFileGlob);
744	if( zLocalAuth ) blob_append(&binPath, " --localauth", -1);
745	blob_appendf(&binPath, " \"%s\"", g.zRepositoryName);
746	/* Create the service. */
747	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
748	if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
749	hSvc = CreateServiceW(
750	hScm, /* Handle to the SCM */
751	fossil_utf8_to_unicode(zSvcName), /* Name of the service */
752	fossil_utf8_to_unicode(zDisplay), /* Display name */
753	SERVICE_ALL_ACCESS, /* Desired access */
	@@ -759,11 +769,11 @@
759	NULL, /* Tag value */
760	NULL, /* Service dependencies */
761	zUsername ? fossil_utf8_to_unicode(zUsername) : 0, /* Account */
762	fossil_utf8_to_unicode(zPassword) /* Account password */
763	);
764	if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
765	/* Set the service description. */
766	ChangeServiceConfig2W(hSvc, SERVICE_CONFIG_DESCRIPTION, &svcDescr);
767	fossil_print("Service '%s' successfully created.\n", zSvcName);
768	CloseServiceHandle(hSvc);
769	CloseServiceHandle(hScm);
	@@ -770,29 +780,28 @@
770	}else
771	if( strncmp(zMethod, "delete", n)==0 ){
772	SC_HANDLE hScm;
773	SC_HANDLE hSvc;
774	SERVICE_STATUS sstat;
775	char *zErrFmt = "unable to delete service '%s': %s";
776
777	verify_all_options();
778	if( g.argc==4 ){
779	zSvcName = g.argv[3];
780	}else if( g.argc>4 ){
781	fossil_fatal("too many arguments for delete method.");
782	}
783	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
784	if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
785	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName),
786	SERVICE_ALL_ACCESS);
787	if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
788	QueryServiceStatus(hSvc, &sstat);
789	if( sstat.dwCurrentState!=SERVICE_STOPPED ){
790	fossil_print("Stopping service '%s'", zSvcName);
791	if( sstat.dwCurrentState!=SERVICE_STOP_PENDING ){
792	if( !ControlService(hSvc, SERVICE_CONTROL_STOP, &sstat) ){
793	fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
794	}
795	}
796	while( sstat.dwCurrentState!=SERVICE_STOPPED ){
797	Sleep(100);
798	fossil_print(".");
	@@ -802,11 +811,11 @@
802	}
803	if( !DeleteService(hSvc) ){
804	if( GetLastError()==ERROR_SERVICE_MARKED_FOR_DELETE ){
805	fossil_warning("Service '%s' already marked for delete.\n", zSvcName);
806	}else{
807	fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
808	}
809	}else{
810	fossil_print("Service '%s' successfully deleted.\n", zSvcName);
811	}
812	CloseServiceHandle(hSvc);
	@@ -818,11 +827,10 @@
818	SERVICE_STATUS sstat;
819	LPQUERY_SERVICE_CONFIGW pSvcConfig;
820	LPSERVICE_DESCRIPTIONW pSvcDescr;
821	BOOL bStatus;
822	DWORD nRequired;
823	const char *zErrFmt = "unable to show service '%s': %s";
824	static const char *const zSvcTypes[] = {
825	"Driver service",
826	"File system driver service",
827	"Service runs in its own process",
828	"Service shares a process with other services",
	@@ -848,21 +856,21 @@
848	zSvcName = g.argv[3];
849	}else if( g.argc>4 ){
850	fossil_fatal("too many arguments for show method.");
851	}
852	hScm = OpenSCManagerW(NULL, NULL, GENERIC_READ);
853	if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
854	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName), GENERIC_READ);
855	if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
856	/* Get the service configuration */
857	bStatus = QueryServiceConfigW(hSvc, NULL, 0, &nRequired);
858	if( !bStatus && GetLastError()!=ERROR_INSUFFICIENT_BUFFER ){
859	fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
860	}
861	pSvcConfig = fossil_malloc(nRequired);
862	bStatus = QueryServiceConfigW(hSvc, pSvcConfig, nRequired, &nRequired);
863	if( !bStatus ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
864	/* Translate the service type */
865	switch( pSvcConfig->dwServiceType ){
866	case SERVICE_KERNEL_DRIVER: zSvcType = zSvcTypes[0]; break;
867	case SERVICE_FILE_SYSTEM_DRIVER: zSvcType = zSvcTypes[1]; break;
868	case SERVICE_WIN32_OWN_PROCESS: zSvcType = zSvcTypes[2]; break;
	@@ -879,19 +887,19 @@
879	}
880	/* Get the service description. */
881	bStatus = QueryServiceConfig2W(hSvc, SERVICE_CONFIG_DESCRIPTION,
882	NULL, 0, &nRequired);
883	if( !bStatus && GetLastError()!=ERROR_INSUFFICIENT_BUFFER ){
884	fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
885	}
886	pSvcDescr = fossil_malloc(nRequired);
887	bStatus = QueryServiceConfig2W(hSvc, SERVICE_CONFIG_DESCRIPTION,
888	(LPBYTE)pSvcDescr, nRequired, &nRequired);
889	if( !bStatus ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
890	/* Retrieves the current status of the specified service. */
891	bStatus = QueryServiceStatus(hSvc, &sstat);
892	if( !bStatus ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
893	/* Translate the current state. */
894	switch( sstat.dwCurrentState ){
895	case SERVICE_STOPPED: zSvcState = zSvcStates[0]; break;
896	case SERVICE_START_PENDING: zSvcState = zSvcStates[1]; break;
897	case SERVICE_STOP_PENDING: zSvcState = zSvcStates[2]; break;
	@@ -921,29 +929,28 @@
921	}else
922	if( strncmp(zMethod, "start", n)==0 ){
923	SC_HANDLE hScm;
924	SC_HANDLE hSvc;
925	SERVICE_STATUS sstat;
926	char *zErrFmt = "unable to start service '%s': %s";
927
928	verify_all_options();
929	if( g.argc==4 ){
930	zSvcName = g.argv[3];
931	}else if( g.argc>4 ){
932	fossil_fatal("too many arguments for start method.");
933	}
934	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
935	if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
936	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName),
937	SERVICE_ALL_ACCESS);
938	if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
939	QueryServiceStatus(hSvc, &sstat);
940	if( sstat.dwCurrentState!=SERVICE_RUNNING ){
941	fossil_print("Starting service '%s'", zSvcName);
942	if( sstat.dwCurrentState!=SERVICE_START_PENDING ){
943	if( !StartServiceW(hSvc, 0, NULL) ){
944	fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
945	}
946	}
947	while( sstat.dwCurrentState!=SERVICE_RUNNING ){
948	Sleep(100);
949	fossil_print(".");
	@@ -958,29 +965,28 @@
958	}else
959	if( strncmp(zMethod, "stop", n)==0 ){
960	SC_HANDLE hScm;
961	SC_HANDLE hSvc;
962	SERVICE_STATUS sstat;
963	char *zErrFmt = "unable to stop service '%s': %s";
964
965	verify_all_options();
966	if( g.argc==4 ){
967	zSvcName = g.argv[3];
968	}else if( g.argc>4 ){
969	fossil_fatal("too many arguments for stop method.");
970	}
971	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
972	if( !hScm ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
973	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName),
974	SERVICE_ALL_ACCESS);
975	if( !hSvc ) fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
976	QueryServiceStatus(hSvc, &sstat);
977	if( sstat.dwCurrentState!=SERVICE_STOPPED ){
978	fossil_print("Stopping service '%s'", zSvcName);
979	if( sstat.dwCurrentState!=SERVICE_STOP_PENDING ){
980	if( !ControlService(hSvc, SERVICE_CONTROL_STOP, &sstat) ){
981	fossil_fatal(zErrFmt, zSvcName, win32_get_last_errmsg());
982	}
983	}
984	while( sstat.dwCurrentState!=SERVICE_STOPPED ){
985	Sleep(100);
986	fossil_print(".");
987

	--- src/winhttp.c
	+++ src/winhttp.c
	@@ -58,10 +58,21 @@
58	}
59	zHdr++;
60	}
61	return 0;
62	}
63
64	/*
65	** Issue a fatal error.
66	*/
67	static NORETURN void winhttp_fatal(
68	const char *zOp,
69	const char *zService,
70	const char *zErr
71	){
72	fossil_fatal("unable to %s service '%s': %s", zOp, zService, zErr);
73	}
74
75	/*
76	** Process a single incoming HTTP request.
77	*/
78	static void win32_http_request(void *pAppData){
	@@ -297,11 +308,11 @@
308	zTempPrefix = mprintf("%sfossil_server_P%d_",
309	fossil_unicode_to_utf8(zTmpPath), iPort);
310	fossil_print("Listening for %s requests on TCP port %d\n",
311	(flags&HTTP_SERVER_SCGI)!=0?"SCGI":"HTTP", iPort);
312	if( zBrowser ){
313	zBrowser = mprintf(zBrowser /works-like:"%d"/, iPort);
314	fossil_print("Launch webbrowser: %s\n", zBrowser);
315	fossil_system(zBrowser);
316	}
317	fossil_print("Type Ctrl-C to stop the HTTP server\n");
318	/* Set the service status to running and pass the listener socket to the
	@@ -679,11 +690,10 @@
690	if( strncmp(zMethod, "create", n)==0 ){
691	SC_HANDLE hScm;
692	SC_HANDLE hSvc;
693	SERVICE_DESCRIPTIONW
694	svcDescr = {L"Fossil - Distributed Software Configuration Management"};

695	DWORD dwStartType = SERVICE_DEMAND_START;
696	const char *zDisplay = find_option("display", "D", 1);
697	const char *zStart = find_option("start", "S", 1);
698	const char *zUsername = find_option("username", "U", 1);
699	const char *zPassword = find_option("password", "W", 1);
	@@ -714,17 +724,17 @@
724	if( strncmp(zStart, "auto", strlen(zStart))==0 ){
725	dwStartType = SERVICE_AUTO_START;
726	}else if( strncmp(zStart, "manual", strlen(zStart))==0 ){
727	dwStartType = SERVICE_DEMAND_START;
728	}else{
729	winhttp_fatal("create", zSvcName,
730	"specify 'auto' or 'manual' for the '-S\|--start' option");
731	}
732	}
733	/* Process options for Fossil running as server. */
734	if( zPort && (atoi(zPort)<=0) ){
735	winhttp_fatal("create", zSvcName,
736	"port number must be in the range 1 - 65535.");
737	}
738	if( !zRepository ){
739	db_must_be_within_tree();
740	}else if( file_isdir(zRepository)==1 ){
	@@ -743,11 +753,11 @@
753	if( zFileGlob ) blob_appendf(&binPath, " --files-urlenc %T", zFileGlob);
754	if( zLocalAuth ) blob_append(&binPath, " --localauth", -1);
755	blob_appendf(&binPath, " \"%s\"", g.zRepositoryName);
756	/* Create the service. */
757	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
758	if( !hScm ) winhttp_fatal("create", zSvcName, win32_get_last_errmsg());
759	hSvc = CreateServiceW(
760	hScm, /* Handle to the SCM */
761	fossil_utf8_to_unicode(zSvcName), /* Name of the service */
762	fossil_utf8_to_unicode(zDisplay), /* Display name */
763	SERVICE_ALL_ACCESS, /* Desired access */
	@@ -759,11 +769,11 @@
769	NULL, /* Tag value */
770	NULL, /* Service dependencies */
771	zUsername ? fossil_utf8_to_unicode(zUsername) : 0, /* Account */
772	fossil_utf8_to_unicode(zPassword) /* Account password */
773	);
774	if( !hSvc ) winhttp_fatal("create", zSvcName, win32_get_last_errmsg());
775	/* Set the service description. */
776	ChangeServiceConfig2W(hSvc, SERVICE_CONFIG_DESCRIPTION, &svcDescr);
777	fossil_print("Service '%s' successfully created.\n", zSvcName);
778	CloseServiceHandle(hSvc);
779	CloseServiceHandle(hScm);
	@@ -770,29 +780,28 @@
780	}else
781	if( strncmp(zMethod, "delete", n)==0 ){
782	SC_HANDLE hScm;
783	SC_HANDLE hSvc;
784	SERVICE_STATUS sstat;

785
786	verify_all_options();
787	if( g.argc==4 ){
788	zSvcName = g.argv[3];
789	}else if( g.argc>4 ){
790	fossil_fatal("too many arguments for delete method.");
791	}
792	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
793	if( !hScm ) winhttp_fatal("delete", zSvcName, win32_get_last_errmsg());
794	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName),
795	SERVICE_ALL_ACCESS);
796	if( !hSvc ) winhttp_fatal("delete", zSvcName, win32_get_last_errmsg());
797	QueryServiceStatus(hSvc, &sstat);
798	if( sstat.dwCurrentState!=SERVICE_STOPPED ){
799	fossil_print("Stopping service '%s'", zSvcName);
800	if( sstat.dwCurrentState!=SERVICE_STOP_PENDING ){
801	if( !ControlService(hSvc, SERVICE_CONTROL_STOP, &sstat) ){
802	winhttp_fatal("delete", zSvcName, win32_get_last_errmsg());
803	}
804	}
805	while( sstat.dwCurrentState!=SERVICE_STOPPED ){
806	Sleep(100);
807	fossil_print(".");
	@@ -802,11 +811,11 @@
811	}
812	if( !DeleteService(hSvc) ){
813	if( GetLastError()==ERROR_SERVICE_MARKED_FOR_DELETE ){
814	fossil_warning("Service '%s' already marked for delete.\n", zSvcName);
815	}else{
816	winhttp_fatal("delete", zSvcName, win32_get_last_errmsg());
817	}
818	}else{
819	fossil_print("Service '%s' successfully deleted.\n", zSvcName);
820	}
821	CloseServiceHandle(hSvc);
	@@ -818,11 +827,10 @@
827	SERVICE_STATUS sstat;
828	LPQUERY_SERVICE_CONFIGW pSvcConfig;
829	LPSERVICE_DESCRIPTIONW pSvcDescr;
830	BOOL bStatus;
831	DWORD nRequired;

832	static const char *const zSvcTypes[] = {
833	"Driver service",
834	"File system driver service",
835	"Service runs in its own process",
836	"Service shares a process with other services",
	@@ -848,21 +856,21 @@
856	zSvcName = g.argv[3];
857	}else if( g.argc>4 ){
858	fossil_fatal("too many arguments for show method.");
859	}
860	hScm = OpenSCManagerW(NULL, NULL, GENERIC_READ);
861	if( !hScm ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
862	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName), GENERIC_READ);
863	if( !hSvc ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
864	/* Get the service configuration */
865	bStatus = QueryServiceConfigW(hSvc, NULL, 0, &nRequired);
866	if( !bStatus && GetLastError()!=ERROR_INSUFFICIENT_BUFFER ){
867	winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
868	}
869	pSvcConfig = fossil_malloc(nRequired);
870	bStatus = QueryServiceConfigW(hSvc, pSvcConfig, nRequired, &nRequired);
871	if( !bStatus ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
872	/* Translate the service type */
873	switch( pSvcConfig->dwServiceType ){
874	case SERVICE_KERNEL_DRIVER: zSvcType = zSvcTypes[0]; break;
875	case SERVICE_FILE_SYSTEM_DRIVER: zSvcType = zSvcTypes[1]; break;
876	case SERVICE_WIN32_OWN_PROCESS: zSvcType = zSvcTypes[2]; break;
	@@ -879,19 +887,19 @@
887	}
888	/* Get the service description. */
889	bStatus = QueryServiceConfig2W(hSvc, SERVICE_CONFIG_DESCRIPTION,
890	NULL, 0, &nRequired);
891	if( !bStatus && GetLastError()!=ERROR_INSUFFICIENT_BUFFER ){
892	winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
893	}
894	pSvcDescr = fossil_malloc(nRequired);
895	bStatus = QueryServiceConfig2W(hSvc, SERVICE_CONFIG_DESCRIPTION,
896	(LPBYTE)pSvcDescr, nRequired, &nRequired);
897	if( !bStatus ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
898	/* Retrieves the current status of the specified service. */
899	bStatus = QueryServiceStatus(hSvc, &sstat);
900	if( !bStatus ) winhttp_fatal("show", zSvcName, win32_get_last_errmsg());
901	/* Translate the current state. */
902	switch( sstat.dwCurrentState ){
903	case SERVICE_STOPPED: zSvcState = zSvcStates[0]; break;
904	case SERVICE_START_PENDING: zSvcState = zSvcStates[1]; break;
905	case SERVICE_STOP_PENDING: zSvcState = zSvcStates[2]; break;
	@@ -921,29 +929,28 @@
929	}else
930	if( strncmp(zMethod, "start", n)==0 ){
931	SC_HANDLE hScm;
932	SC_HANDLE hSvc;
933	SERVICE_STATUS sstat;

934
935	verify_all_options();
936	if( g.argc==4 ){
937	zSvcName = g.argv[3];
938	}else if( g.argc>4 ){
939	fossil_fatal("too many arguments for start method.");
940	}
941	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
942	if( !hScm ) winhttp_fatal("start", zSvcName, win32_get_last_errmsg());
943	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName),
944	SERVICE_ALL_ACCESS);
945	if( !hSvc ) winhttp_fatal("start", zSvcName, win32_get_last_errmsg());
946	QueryServiceStatus(hSvc, &sstat);
947	if( sstat.dwCurrentState!=SERVICE_RUNNING ){
948	fossil_print("Starting service '%s'", zSvcName);
949	if( sstat.dwCurrentState!=SERVICE_START_PENDING ){
950	if( !StartServiceW(hSvc, 0, NULL) ){
951	winhttp_fatal("start", zSvcName, win32_get_last_errmsg());
952	}
953	}
954	while( sstat.dwCurrentState!=SERVICE_RUNNING ){
955	Sleep(100);
956	fossil_print(".");
	@@ -958,29 +965,28 @@
965	}else
966	if( strncmp(zMethod, "stop", n)==0 ){
967	SC_HANDLE hScm;
968	SC_HANDLE hSvc;
969	SERVICE_STATUS sstat;

970
971	verify_all_options();
972	if( g.argc==4 ){
973	zSvcName = g.argv[3];
974	}else if( g.argc>4 ){
975	fossil_fatal("too many arguments for stop method.");
976	}
977	hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS);
978	if( !hScm ) winhttp_fatal("stop", zSvcName, win32_get_last_errmsg());
979	hSvc = OpenServiceW(hScm, fossil_utf8_to_unicode(zSvcName),
980	SERVICE_ALL_ACCESS);
981	if( !hSvc ) winhttp_fatal("stop", zSvcName, win32_get_last_errmsg());
982	QueryServiceStatus(hSvc, &sstat);
983	if( sstat.dwCurrentState!=SERVICE_STOPPED ){
984	fossil_print("Stopping service '%s'", zSvcName);
985	if( sstat.dwCurrentState!=SERVICE_STOP_PENDING ){
986	if( !ControlService(hSvc, SERVICE_CONTROL_STOP, &sstat) ){
987	winhttp_fatal("stop", zSvcName, win32_get_last_errmsg());
988	}
989	}
990	while( sstat.dwCurrentState!=SERVICE_STOPPED ){
991	Sleep(100);
992	fossil_print(".");
993

M src/xfer.c

+14 -11

		--- src/xfer.c
		+++ src/xfer.c
		@@ -311,11 +311,11 @@
311	311	Blob src, delta;
312	312	int size = 0;
313	313	int srcId = 0;
314	314
315	315	for(i=0; srcId==0 && i<count(azQuery); i++){
316		- srcId = db_int(0, azQuery[i], rid);
	316	+ srcId = db_int(0, azQuery[i] /works-like:"%d"/, rid);
317	317	}
318	318	if( srcId>0
319	319	&& (pXfer->syncPrivate \|\| !content_is_private(srcId))
320	320	&& content_get(srcId, &src)
321	321	){
		@@ -422,11 +422,11 @@
422	422	return;
423	423	}
424	424	if( (pXfer->maxTime != -1 && time(NULL) >= pXfer->maxTime) \|\|
425	425	pXfer->mxSend<=blob_size(pXfer->pOut) ){
426	426	const char *zFormat = isPriv ? "igot %b 1\n" : "igot %b\n";
427		- blob_appendf(pXfer->pOut, zFormat, pUuid);
	427	+ blob_appendf(pXfer->pOut, zFormat /works-like:"%b"/, pUuid);
428	428	pXfer->nIGotSent++;
429	429	blob_reset(&uuid);
430	430	return;
431	431	}
432	432	if( nativeDelta ){
		@@ -454,11 +454,11 @@
454	454	}
455	455	remote_has(rid);
456	456	blob_reset(&uuid);
457	457	#if 0
458	458	if( blob_buffer(pXfer->pOut)[blob_size(pXfer->pOut)-1]!='\n' ){
459		- blob_appendf(pXfer->pOut, "\n", 1);
	459	+ blob_append(pXfer->pOut, "\n", 1);
460	460	}
461	461	#endif
462	462	}
463	463
464	464	/*
		@@ -514,11 +514,11 @@
514	514	pXfer->nFileSent++;
515	515	}
516	516	blob_appendf(pXfer->pOut, "%d %d\n", szU, szC);
517	517	blob_append(pXfer->pOut, zContent, szC);
518	518	if( blob_buffer(pXfer->pOut)[blob_size(pXfer->pOut)-1]!='\n' ){
519		- blob_appendf(pXfer->pOut, "\n", 1);
	519	+ blob_append(pXfer->pOut, "\n", 1);
520	520	}
521	521	if( !isPrivate && srcIsPrivate ){
522	522	blob_reset(&fullContent);
523	523	}
524	524	}
		@@ -711,18 +711,18 @@
711	711	blob_reset(&cksum);
712	712	rid = content_put(&cluster);
713	713	blob_reset(&cluster);
714	714	nUncl -= nRow;
715	715	nRow = 0;
716		- blob_appendf(&deleteWhere, ",%d", rid);
	716	+ blob_append_sql(&deleteWhere, ",%d", rid);
717	717	}
718	718	}
719	719	db_finalize(&q);
720	720	db_multi_exec(
721	721	"DELETE FROM unclustered WHERE rid NOT IN (0 %s)"
722	722	" AND NOT EXISTS(SELECT 1 FROM phantom WHERE rid=unclustered.rid)",
723		- blob_str(&deleteWhere)
	723	+ blob_sql_text(&deleteWhere)
724	724	);
725	725	blob_reset(&deleteWhere);
726	726	if( nRow>0 ){
727	727	md5sum_blob(&cluster, &cksum);
728	728	blob_appendf(&cluster, "Z %b\n", &cksum);
		@@ -1496,11 +1496,12 @@
1496	1496	nCardSent++;
1497	1497	if( (syncFlags & SYNC_PULL)==0 ) zOpType = "Push";
1498	1498	if( (syncFlags & SYNC_RESYNC)!=0 ) xfer.resync = 0x7fffffff;
1499	1499	}
1500	1500	if( syncFlags & SYNC_VERBOSE ){
1501		- fossil_print(zLabelFormat, "", "Bytes", "Cards", "Artifacts", "Deltas");
	1501	+ fossil_print(zLabelFormat /works-like:"%s%s%s%s%d"/,
	1502	+ "", "Bytes", "Cards", "Artifacts", "Deltas");
1502	1503	}
1503	1504
1504	1505	while( go ){
1505	1506	int newPhantom = 0;
1506	1507	char *zRandomness;
		@@ -1593,17 +1594,18 @@
1593	1594	break;
1594	1595	}
1595	1596
1596	1597	/* Output current stats */
1597	1598	if( syncFlags & SYNC_VERBOSE ){
1598		- fossil_print(zValueFormat, "Sent:",
	1599	+ fossil_print(zValueFormat /works-like:"%s%d%d%d%d"/, "Sent:",
1599	1600	blob_size(&send), nCardSent+xfer.nGimmeSent+xfer.nIGotSent,
1600	1601	xfer.nFileSent, xfer.nDeltaSent);
1601	1602	}else{
1602	1603	nRoundtrip++;
1603	1604	nArtifactSent += xfer.nFileSent + xfer.nDeltaSent;
1604		- fossil_print(zBriefFormat, nRoundtrip, nArtifactSent, nArtifactRcvd);
	1605	+ fossil_print(zBriefFormat /works-like:"%d%d%d"/,
	1606	+ nRoundtrip, nArtifactSent, nArtifactRcvd);
1605	1607	}
1606	1608	nCardSent = 0;
1607	1609	nCardRcvd = 0;
1608	1610	xfer.nFileSent = 0;
1609	1611	xfer.nDeltaSent = 0;
		@@ -1900,15 +1902,16 @@
1900	1902	){
1901	1903	configure_finalize_receive();
1902	1904	}
1903	1905	origConfigRcvMask = 0;
1904	1906	if( nCardRcvd>0 && (syncFlags & SYNC_VERBOSE) ){
1905		- fossil_print(zValueFormat, "Received:",
	1907	+ fossil_print(zValueFormat /works-like:"%s%d%d%d%d"/, "Received:",
1906	1908	blob_size(&recv), nCardRcvd,
1907	1909	xfer.nFileRcvd, xfer.nDeltaRcvd + xfer.nDanglingFile);
1908	1910	}else{
1909		- fossil_print(zBriefFormat, nRoundtrip, nArtifactSent, nArtifactRcvd);
	1911	+ fossil_print(zBriefFormat /works-like:"%d%d%d"/,
	1912	+ nRoundtrip, nArtifactSent, nArtifactRcvd);
1910	1913	}
1911	1914	blob_reset(&recv);
1912	1915	nCycle++;
1913	1916
1914	1917	/* If we received one or more files on the previous exchange but
1915	1918

	--- src/xfer.c
	+++ src/xfer.c
	@@ -311,11 +311,11 @@
311	Blob src, delta;
312	int size = 0;
313	int srcId = 0;
314
315	for(i=0; srcId==0 && i<count(azQuery); i++){
316	srcId = db_int(0, azQuery[i], rid);
317	}
318	if( srcId>0
319	&& (pXfer->syncPrivate \|\| !content_is_private(srcId))
320	&& content_get(srcId, &src)
321	){
	@@ -422,11 +422,11 @@
422	return;
423	}
424	if( (pXfer->maxTime != -1 && time(NULL) >= pXfer->maxTime) \|\|
425	pXfer->mxSend<=blob_size(pXfer->pOut) ){
426	const char *zFormat = isPriv ? "igot %b 1\n" : "igot %b\n";
427	blob_appendf(pXfer->pOut, zFormat, pUuid);
428	pXfer->nIGotSent++;
429	blob_reset(&uuid);
430	return;
431	}
432	if( nativeDelta ){
	@@ -454,11 +454,11 @@
454	}
455	remote_has(rid);
456	blob_reset(&uuid);
457	#if 0
458	if( blob_buffer(pXfer->pOut)[blob_size(pXfer->pOut)-1]!='\n' ){
459	blob_appendf(pXfer->pOut, "\n", 1);
460	}
461	#endif
462	}
463
464	/*
	@@ -514,11 +514,11 @@
514	pXfer->nFileSent++;
515	}
516	blob_appendf(pXfer->pOut, "%d %d\n", szU, szC);
517	blob_append(pXfer->pOut, zContent, szC);
518	if( blob_buffer(pXfer->pOut)[blob_size(pXfer->pOut)-1]!='\n' ){
519	blob_appendf(pXfer->pOut, "\n", 1);
520	}
521	if( !isPrivate && srcIsPrivate ){
522	blob_reset(&fullContent);
523	}
524	}
	@@ -711,18 +711,18 @@
711	blob_reset(&cksum);
712	rid = content_put(&cluster);
713	blob_reset(&cluster);
714	nUncl -= nRow;
715	nRow = 0;
716	blob_appendf(&deleteWhere, ",%d", rid);
717	}
718	}
719	db_finalize(&q);
720	db_multi_exec(
721	"DELETE FROM unclustered WHERE rid NOT IN (0 %s)"
722	" AND NOT EXISTS(SELECT 1 FROM phantom WHERE rid=unclustered.rid)",
723	blob_str(&deleteWhere)
724	);
725	blob_reset(&deleteWhere);
726	if( nRow>0 ){
727	md5sum_blob(&cluster, &cksum);
728	blob_appendf(&cluster, "Z %b\n", &cksum);
	@@ -1496,11 +1496,12 @@
1496	nCardSent++;
1497	if( (syncFlags & SYNC_PULL)==0 ) zOpType = "Push";
1498	if( (syncFlags & SYNC_RESYNC)!=0 ) xfer.resync = 0x7fffffff;
1499	}
1500	if( syncFlags & SYNC_VERBOSE ){
1501	fossil_print(zLabelFormat, "", "Bytes", "Cards", "Artifacts", "Deltas");

1502	}
1503
1504	while( go ){
1505	int newPhantom = 0;
1506	char *zRandomness;
	@@ -1593,17 +1594,18 @@
1593	break;
1594	}
1595
1596	/* Output current stats */
1597	if( syncFlags & SYNC_VERBOSE ){
1598	fossil_print(zValueFormat, "Sent:",
1599	blob_size(&send), nCardSent+xfer.nGimmeSent+xfer.nIGotSent,
1600	xfer.nFileSent, xfer.nDeltaSent);
1601	}else{
1602	nRoundtrip++;
1603	nArtifactSent += xfer.nFileSent + xfer.nDeltaSent;
1604	fossil_print(zBriefFormat, nRoundtrip, nArtifactSent, nArtifactRcvd);

1605	}
1606	nCardSent = 0;
1607	nCardRcvd = 0;
1608	xfer.nFileSent = 0;
1609	xfer.nDeltaSent = 0;
	@@ -1900,15 +1902,16 @@
1900	){
1901	configure_finalize_receive();
1902	}
1903	origConfigRcvMask = 0;
1904	if( nCardRcvd>0 && (syncFlags & SYNC_VERBOSE) ){
1905	fossil_print(zValueFormat, "Received:",
1906	blob_size(&recv), nCardRcvd,
1907	xfer.nFileRcvd, xfer.nDeltaRcvd + xfer.nDanglingFile);
1908	}else{
1909	fossil_print(zBriefFormat, nRoundtrip, nArtifactSent, nArtifactRcvd);

1910	}
1911	blob_reset(&recv);
1912	nCycle++;
1913
1914	/* If we received one or more files on the previous exchange but
1915

	--- src/xfer.c
	+++ src/xfer.c
	@@ -311,11 +311,11 @@
311	Blob src, delta;
312	int size = 0;
313	int srcId = 0;
314
315	for(i=0; srcId==0 && i<count(azQuery); i++){
316	srcId = db_int(0, azQuery[i] /works-like:"%d"/, rid);
317	}
318	if( srcId>0
319	&& (pXfer->syncPrivate \|\| !content_is_private(srcId))
320	&& content_get(srcId, &src)
321	){
	@@ -422,11 +422,11 @@
422	return;
423	}
424	if( (pXfer->maxTime != -1 && time(NULL) >= pXfer->maxTime) \|\|
425	pXfer->mxSend<=blob_size(pXfer->pOut) ){
426	const char *zFormat = isPriv ? "igot %b 1\n" : "igot %b\n";
427	blob_appendf(pXfer->pOut, zFormat /works-like:"%b"/, pUuid);
428	pXfer->nIGotSent++;
429	blob_reset(&uuid);
430	return;
431	}
432	if( nativeDelta ){
	@@ -454,11 +454,11 @@
454	}
455	remote_has(rid);
456	blob_reset(&uuid);
457	#if 0
458	if( blob_buffer(pXfer->pOut)[blob_size(pXfer->pOut)-1]!='\n' ){
459	blob_append(pXfer->pOut, "\n", 1);
460	}
461	#endif
462	}
463
464	/*
	@@ -514,11 +514,11 @@
514	pXfer->nFileSent++;
515	}
516	blob_appendf(pXfer->pOut, "%d %d\n", szU, szC);
517	blob_append(pXfer->pOut, zContent, szC);
518	if( blob_buffer(pXfer->pOut)[blob_size(pXfer->pOut)-1]!='\n' ){
519	blob_append(pXfer->pOut, "\n", 1);
520	}
521	if( !isPrivate && srcIsPrivate ){
522	blob_reset(&fullContent);
523	}
524	}
	@@ -711,18 +711,18 @@
711	blob_reset(&cksum);
712	rid = content_put(&cluster);
713	blob_reset(&cluster);
714	nUncl -= nRow;
715	nRow = 0;
716	blob_append_sql(&deleteWhere, ",%d", rid);
717	}
718	}
719	db_finalize(&q);
720	db_multi_exec(
721	"DELETE FROM unclustered WHERE rid NOT IN (0 %s)"
722	" AND NOT EXISTS(SELECT 1 FROM phantom WHERE rid=unclustered.rid)",
723	blob_sql_text(&deleteWhere)
724	);
725	blob_reset(&deleteWhere);
726	if( nRow>0 ){
727	md5sum_blob(&cluster, &cksum);
728	blob_appendf(&cluster, "Z %b\n", &cksum);
	@@ -1496,11 +1496,12 @@
1496	nCardSent++;
1497	if( (syncFlags & SYNC_PULL)==0 ) zOpType = "Push";
1498	if( (syncFlags & SYNC_RESYNC)!=0 ) xfer.resync = 0x7fffffff;
1499	}
1500	if( syncFlags & SYNC_VERBOSE ){
1501	fossil_print(zLabelFormat /works-like:"%s%s%s%s%d"/,
1502	"", "Bytes", "Cards", "Artifacts", "Deltas");
1503	}
1504
1505	while( go ){
1506	int newPhantom = 0;
1507	char *zRandomness;
	@@ -1593,17 +1594,18 @@
1594	break;
1595	}
1596
1597	/* Output current stats */
1598	if( syncFlags & SYNC_VERBOSE ){
1599	fossil_print(zValueFormat /works-like:"%s%d%d%d%d"/, "Sent:",
1600	blob_size(&send), nCardSent+xfer.nGimmeSent+xfer.nIGotSent,
1601	xfer.nFileSent, xfer.nDeltaSent);
1602	}else{
1603	nRoundtrip++;
1604	nArtifactSent += xfer.nFileSent + xfer.nDeltaSent;
1605	fossil_print(zBriefFormat /works-like:"%d%d%d"/,
1606	nRoundtrip, nArtifactSent, nArtifactRcvd);
1607	}
1608	nCardSent = 0;
1609	nCardRcvd = 0;
1610	xfer.nFileSent = 0;
1611	xfer.nDeltaSent = 0;
	@@ -1900,15 +1902,16 @@
1902	){
1903	configure_finalize_receive();
1904	}
1905	origConfigRcvMask = 0;
1906	if( nCardRcvd>0 && (syncFlags & SYNC_VERBOSE) ){
1907	fossil_print(zValueFormat /works-like:"%s%d%d%d%d"/, "Received:",
1908	blob_size(&recv), nCardRcvd,
1909	xfer.nFileRcvd, xfer.nDeltaRcvd + xfer.nDanglingFile);
1910	}else{
1911	fossil_print(zBriefFormat /works-like:"%d%d%d"/,
1912	nRoundtrip, nArtifactSent, nArtifactRcvd);
1913	}
1914	blob_reset(&recv);
1915	nCycle++;
1916
1917	/* If we received one or more files on the previous exchange but
1918

M win/Makefile.dmc

+8 -4

		--- win/Makefile.dmc
		+++ win/Makefile.dmc
		@@ -40,12 +40,13 @@
40	40
41	41	APPNAME = $(OBJDIR)\fossil$(E)
42	42
43	43	all: $(APPNAME)
44	44
45		-$(APPNAME) : translate$E mkindex$E headers $(OBJ) $(OBJDIR)\link
	45	+$(APPNAME) : translate$E mkindex$E codecheck1$E headers $(OBJ) $(OBJDIR)\link
46	46	cd $(OBJDIR)
	47	+ codecheck1$E $(SRC)
47	48	$(DMDIR)\bin\link @link
48	49
49	50	$(OBJDIR)\fossil.res: $B\win\fossil.rc
50	51	$(RC) $(RCFLAGS) -o$@ $**
51	52
		@@ -64,11 +65,14 @@
64	65	$(BCC) -o$@ $**
65	66
66	67	mkindex$E: $(SRCDIR)\mkindex.c
67	68	$(BCC) -o$@ $**
68	69
69		-version$E: $B\src\mkversion.c
	70	+mkversion$E: $(SRCDIR)\mkversion.c
	71	+ $(BCC) -o$@ $**
	72	+
	73	+codecheck1$E: $(SRCDIR)\codecheck1.c
70	74	$(BCC) -o$@ $**
71	75
72	76	$(OBJDIR)\shell$O : $(SRCDIR)\shell.c
73	77	$(TCC) -o$@ -c $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) $**
74	78
		@@ -82,11 +86,11 @@
82	86	$(TCC) -o$@ -c $**
83	87
84	88	$(OBJDIR)\cson_amalgamation.h : $(SRCDIR)\cson_amalgamation.h
85	89	cp $@ $@
86	90
87		-VERSION.h : version$E $B\manifest.uuid $B\manifest $B\VERSION
	91	+VERSION.h : mkversion$E $B\manifest.uuid $B\manifest $B\VERSION
88	92	+$** > $@
89	93
90	94	page_index.h: mkindex$E $(SRC)
91	95	+$** > $@
92	96
		@@ -93,11 +97,11 @@
93	97	clean:
94	98	-del $(OBJDIR)\*.obj
95	99	-del .obj _.c .h .map
96	100
97	101	realclean:
98		- -del $(APPNAME) translate$E mkindex$E makeheaders$E mkversion$E
	102	+ -del $(APPNAME) translate$E mkindex$E makeheaders$E mkversion$E codecheck1$E
99	103
100	104	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
101	105	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
102	106	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
103	107	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
104	108

	--- win/Makefile.dmc
	+++ win/Makefile.dmc
	@@ -40,12 +40,13 @@
40
41	APPNAME = $(OBJDIR)\fossil$(E)
42
43	all: $(APPNAME)
44
45	$(APPNAME) : translate$E mkindex$E headers $(OBJ) $(OBJDIR)\link
46	cd $(OBJDIR)

47	$(DMDIR)\bin\link @link
48
49	$(OBJDIR)\fossil.res: $B\win\fossil.rc
50	$(RC) $(RCFLAGS) -o$@ $**
51
	@@ -64,11 +65,14 @@
64	$(BCC) -o$@ $**
65
66	mkindex$E: $(SRCDIR)\mkindex.c
67	$(BCC) -o$@ $**
68
69	version$E: $B\src\mkversion.c



70	$(BCC) -o$@ $**
71
72	$(OBJDIR)\shell$O : $(SRCDIR)\shell.c
73	$(TCC) -o$@ -c $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) $**
74
	@@ -82,11 +86,11 @@
82	$(TCC) -o$@ -c $**
83
84	$(OBJDIR)\cson_amalgamation.h : $(SRCDIR)\cson_amalgamation.h
85	cp $@ $@
86
87	VERSION.h : version$E $B\manifest.uuid $B\manifest $B\VERSION
88	+$** > $@
89
90	page_index.h: mkindex$E $(SRC)
91	+$** > $@
92
	@@ -93,11 +97,11 @@
93	clean:
94	-del $(OBJDIR)\*.obj
95	-del .obj _.c .h .map
96
97	realclean:
98	-del $(APPNAME) translate$E mkindex$E makeheaders$E mkversion$E
99
100	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
101	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
102	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
103	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
104

	--- win/Makefile.dmc
	+++ win/Makefile.dmc
	@@ -40,12 +40,13 @@
40
41	APPNAME = $(OBJDIR)\fossil$(E)
42
43	all: $(APPNAME)
44
45	$(APPNAME) : translate$E mkindex$E codecheck1$E headers $(OBJ) $(OBJDIR)\link
46	cd $(OBJDIR)
47	codecheck1$E $(SRC)
48	$(DMDIR)\bin\link @link
49
50	$(OBJDIR)\fossil.res: $B\win\fossil.rc
51	$(RC) $(RCFLAGS) -o$@ $**
52
	@@ -64,11 +65,14 @@
65	$(BCC) -o$@ $**
66
67	mkindex$E: $(SRCDIR)\mkindex.c
68	$(BCC) -o$@ $**
69
70	mkversion$E: $(SRCDIR)\mkversion.c
71	$(BCC) -o$@ $**
72
73	codecheck1$E: $(SRCDIR)\codecheck1.c
74	$(BCC) -o$@ $**
75
76	$(OBJDIR)\shell$O : $(SRCDIR)\shell.c
77	$(TCC) -o$@ -c $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) $**
78
	@@ -82,11 +86,11 @@
86	$(TCC) -o$@ -c $**
87
88	$(OBJDIR)\cson_amalgamation.h : $(SRCDIR)\cson_amalgamation.h
89	cp $@ $@
90
91	VERSION.h : mkversion$E $B\manifest.uuid $B\manifest $B\VERSION
92	+$** > $@
93
94	page_index.h: mkindex$E $(SRC)
95	+$** > $@
96
	@@ -93,11 +97,11 @@
97	clean:
98	-del $(OBJDIR)\*.obj
99	-del .obj _.c .h .map
100
101	realclean:
102	-del $(APPNAME) translate$E mkindex$E makeheaders$E mkversion$E codecheck1$E
103
104	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
105	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
106	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
107	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
108

M win/Makefile.mingw

+7 -1

		--- win/Makefile.mingw
		+++ win/Makefile.mingw
		@@ -685,10 +685,11 @@
685	685	ifdef USE_WINDOWS
686	686	TRANSLATE = $(subst /,\,$(OBJDIR)/translate.exe)
687	687	MAKEHEADERS = $(subst /,\,$(OBJDIR)/makeheaders.exe)
688	688	MKINDEX = $(subst /,\,$(OBJDIR)/mkindex.exe)
689	689	VERSION = $(subst /,\,$(OBJDIR)/version.exe)
	690	+CODECHECK1 = $(subst /,\,$(OBJDIR)/codecheck1.exe)
690	691	CAT = type
691	692	CP = copy
692	693	GREP = find
693	694	MV = copy
694	695	RM = del /Q
		@@ -697,10 +698,11 @@
697	698	else
698	699	TRANSLATE = $(OBJDIR)/translate.exe
699	700	MAKEHEADERS = $(OBJDIR)/makeheaders.exe
700	701	MKINDEX = $(OBJDIR)/mkindex.exe
701	702	VERSION = $(OBJDIR)/version.exe
	703	+CODECHECK1 = $(OBJDIR)/codecheck1.exe
702	704	CAT = cat
703	705	CP = cp
704	706	GREP = grep
705	707	MV = mv
706	708	RM = rm -f
		@@ -750,10 +752,13 @@
750	752	$(BCC) -o $(MKINDEX) $(SRCDIR)/mkindex.c
751	753
752	754	$(VERSION): $(SRCDIR)/mkversion.c
753	755	$(BCC) -o $(VERSION) $(SRCDIR)/mkversion.c
754	756
	757	+$(CODECHECK1): $(SRCDIR)/codecheck1.c
	758	+ $(BCC) -o $(CODECHECK1) $(SRCDIR)/codecheck1.c
	759	+
755	760	# WARNING. DANGER. Running the test suite modifies the repository the
756	761	# build is done from, i.e. the checkout belongs to. Do not sync/push
757	762	# the repository after running the tests.
758	763	test: $(OBJDIR) $(APPNAME)
759	764	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
		@@ -815,11 +820,12 @@
815	820
816	821	ifdef FOSSIL_BUILD_SSL
817	822	APPTARGETS += openssl
818	823	endif
819	824
820		-$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)
	825	+$(APPNAME): $(OBJDIR)/headers $(CODECHECK1) $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)
	826	+ $(CODECHECK1) $(TRANS_SRC)
821	827	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB) $(OBJDIR)/fossil.o
822	828
823	829	# This rule prevents make from using its default rules to try build
824	830	# an executable named "manifest" out of the file named "manifest.c"
825	831	#
826	832

	--- win/Makefile.mingw
	+++ win/Makefile.mingw
	@@ -685,10 +685,11 @@
685	ifdef USE_WINDOWS
686	TRANSLATE = $(subst /,\,$(OBJDIR)/translate.exe)
687	MAKEHEADERS = $(subst /,\,$(OBJDIR)/makeheaders.exe)
688	MKINDEX = $(subst /,\,$(OBJDIR)/mkindex.exe)
689	VERSION = $(subst /,\,$(OBJDIR)/version.exe)

690	CAT = type
691	CP = copy
692	GREP = find
693	MV = copy
694	RM = del /Q
	@@ -697,10 +698,11 @@
697	else
698	TRANSLATE = $(OBJDIR)/translate.exe
699	MAKEHEADERS = $(OBJDIR)/makeheaders.exe
700	MKINDEX = $(OBJDIR)/mkindex.exe
701	VERSION = $(OBJDIR)/version.exe

702	CAT = cat
703	CP = cp
704	GREP = grep
705	MV = mv
706	RM = rm -f
	@@ -750,10 +752,13 @@
750	$(BCC) -o $(MKINDEX) $(SRCDIR)/mkindex.c
751
752	$(VERSION): $(SRCDIR)/mkversion.c
753	$(BCC) -o $(VERSION) $(SRCDIR)/mkversion.c
754



755	# WARNING. DANGER. Running the test suite modifies the repository the
756	# build is done from, i.e. the checkout belongs to. Do not sync/push
757	# the repository after running the tests.
758	test: $(OBJDIR) $(APPNAME)
759	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -815,11 +820,12 @@
815
816	ifdef FOSSIL_BUILD_SSL
817	APPTARGETS += openssl
818	endif
819
820	$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)

821	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB) $(OBJDIR)/fossil.o
822
823	# This rule prevents make from using its default rules to try build
824	# an executable named "manifest" out of the file named "manifest.c"
825	#
826

	--- win/Makefile.mingw
	+++ win/Makefile.mingw
	@@ -685,10 +685,11 @@
685	ifdef USE_WINDOWS
686	TRANSLATE = $(subst /,\,$(OBJDIR)/translate.exe)
687	MAKEHEADERS = $(subst /,\,$(OBJDIR)/makeheaders.exe)
688	MKINDEX = $(subst /,\,$(OBJDIR)/mkindex.exe)
689	VERSION = $(subst /,\,$(OBJDIR)/version.exe)
690	CODECHECK1 = $(subst /,\,$(OBJDIR)/codecheck1.exe)
691	CAT = type
692	CP = copy
693	GREP = find
694	MV = copy
695	RM = del /Q
	@@ -697,10 +698,11 @@
698	else
699	TRANSLATE = $(OBJDIR)/translate.exe
700	MAKEHEADERS = $(OBJDIR)/makeheaders.exe
701	MKINDEX = $(OBJDIR)/mkindex.exe
702	VERSION = $(OBJDIR)/version.exe
703	CODECHECK1 = $(OBJDIR)/codecheck1.exe
704	CAT = cat
705	CP = cp
706	GREP = grep
707	MV = mv
708	RM = rm -f
	@@ -750,10 +752,13 @@
752	$(BCC) -o $(MKINDEX) $(SRCDIR)/mkindex.c
753
754	$(VERSION): $(SRCDIR)/mkversion.c
755	$(BCC) -o $(VERSION) $(SRCDIR)/mkversion.c
756
757	$(CODECHECK1): $(SRCDIR)/codecheck1.c
758	$(BCC) -o $(CODECHECK1) $(SRCDIR)/codecheck1.c
759
760	# WARNING. DANGER. Running the test suite modifies the repository the
761	# build is done from, i.e. the checkout belongs to. Do not sync/push
762	# the repository after running the tests.
763	test: $(OBJDIR) $(APPNAME)
764	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -815,11 +820,12 @@
820
821	ifdef FOSSIL_BUILD_SSL
822	APPTARGETS += openssl
823	endif
824
825	$(APPNAME): $(OBJDIR)/headers $(CODECHECK1) $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)
826	$(CODECHECK1) $(TRANS_SRC)
827	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB) $(OBJDIR)/fossil.o
828
829	# This rule prevents make from using its default rules to try build
830	# an executable named "manifest" out of the file named "manifest.c"
831	#
832

M win/Makefile.mingw.mistachkin

+7 -1

		--- win/Makefile.mingw.mistachkin
		+++ win/Makefile.mingw.mistachkin
		@@ -685,10 +685,11 @@
685	685	ifdef USE_WINDOWS
686	686	TRANSLATE = $(subst /,\,$(OBJDIR)/translate.exe)
687	687	MAKEHEADERS = $(subst /,\,$(OBJDIR)/makeheaders.exe)
688	688	MKINDEX = $(subst /,\,$(OBJDIR)/mkindex.exe)
689	689	VERSION = $(subst /,\,$(OBJDIR)/version.exe)
	690	+CODECHECK1 = $(subst /,\,$(OBJDIR)/codecheck1.exe)
690	691	CAT = type
691	692	CP = copy
692	693	GREP = find
693	694	MV = copy
694	695	RM = del /Q
		@@ -697,10 +698,11 @@
697	698	else
698	699	TRANSLATE = $(OBJDIR)/translate.exe
699	700	MAKEHEADERS = $(OBJDIR)/makeheaders.exe
700	701	MKINDEX = $(OBJDIR)/mkindex.exe
701	702	VERSION = $(OBJDIR)/version.exe
	703	+CODECHECK1 = $(OBJDIR)/codecheck1.exe
702	704	CAT = cat
703	705	CP = cp
704	706	GREP = grep
705	707	MV = mv
706	708	RM = rm -f
		@@ -750,10 +752,13 @@
750	752	$(BCC) -o $(MKINDEX) $(SRCDIR)/mkindex.c
751	753
752	754	$(VERSION): $(SRCDIR)/mkversion.c
753	755	$(BCC) -o $(VERSION) $(SRCDIR)/mkversion.c
754	756
	757	+$(CODECHECK1): $(SRCDIR)/codecheck1.c
	758	+ $(BCC) -o $(CODECHECK1) $(SRCDIR)/codecheck1.c
	759	+
755	760	# WARNING. DANGER. Running the test suite modifies the repository the
756	761	# build is done from, i.e. the checkout belongs to. Do not sync/push
757	762	# the repository after running the tests.
758	763	test: $(OBJDIR) $(APPNAME)
759	764	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
		@@ -815,11 +820,12 @@
815	820
816	821	ifdef FOSSIL_BUILD_SSL
817	822	APPTARGETS += openssl
818	823	endif
819	824
820		-$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)
	825	+$(APPNAME): $(OBJDIR)/headers $(CODECHECK1) $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)
	826	+ $(CODECHECK1) $(TRANS_SRC)
821	827	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB) $(OBJDIR)/fossil.o
822	828
823	829	# This rule prevents make from using its default rules to try build
824	830	# an executable named "manifest" out of the file named "manifest.c"
825	831	#
826	832

	--- win/Makefile.mingw.mistachkin
	+++ win/Makefile.mingw.mistachkin
	@@ -685,10 +685,11 @@
685	ifdef USE_WINDOWS
686	TRANSLATE = $(subst /,\,$(OBJDIR)/translate.exe)
687	MAKEHEADERS = $(subst /,\,$(OBJDIR)/makeheaders.exe)
688	MKINDEX = $(subst /,\,$(OBJDIR)/mkindex.exe)
689	VERSION = $(subst /,\,$(OBJDIR)/version.exe)

690	CAT = type
691	CP = copy
692	GREP = find
693	MV = copy
694	RM = del /Q
	@@ -697,10 +698,11 @@
697	else
698	TRANSLATE = $(OBJDIR)/translate.exe
699	MAKEHEADERS = $(OBJDIR)/makeheaders.exe
700	MKINDEX = $(OBJDIR)/mkindex.exe
701	VERSION = $(OBJDIR)/version.exe

702	CAT = cat
703	CP = cp
704	GREP = grep
705	MV = mv
706	RM = rm -f
	@@ -750,10 +752,13 @@
750	$(BCC) -o $(MKINDEX) $(SRCDIR)/mkindex.c
751
752	$(VERSION): $(SRCDIR)/mkversion.c
753	$(BCC) -o $(VERSION) $(SRCDIR)/mkversion.c
754



755	# WARNING. DANGER. Running the test suite modifies the repository the
756	# build is done from, i.e. the checkout belongs to. Do not sync/push
757	# the repository after running the tests.
758	test: $(OBJDIR) $(APPNAME)
759	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -815,11 +820,12 @@
815
816	ifdef FOSSIL_BUILD_SSL
817	APPTARGETS += openssl
818	endif
819
820	$(APPNAME): $(OBJDIR)/headers $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)

821	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB) $(OBJDIR)/fossil.o
822
823	# This rule prevents make from using its default rules to try build
824	# an executable named "manifest" out of the file named "manifest.c"
825	#
826

	--- win/Makefile.mingw.mistachkin
	+++ win/Makefile.mingw.mistachkin
	@@ -685,10 +685,11 @@
685	ifdef USE_WINDOWS
686	TRANSLATE = $(subst /,\,$(OBJDIR)/translate.exe)
687	MAKEHEADERS = $(subst /,\,$(OBJDIR)/makeheaders.exe)
688	MKINDEX = $(subst /,\,$(OBJDIR)/mkindex.exe)
689	VERSION = $(subst /,\,$(OBJDIR)/version.exe)
690	CODECHECK1 = $(subst /,\,$(OBJDIR)/codecheck1.exe)
691	CAT = type
692	CP = copy
693	GREP = find
694	MV = copy
695	RM = del /Q
	@@ -697,10 +698,11 @@
698	else
699	TRANSLATE = $(OBJDIR)/translate.exe
700	MAKEHEADERS = $(OBJDIR)/makeheaders.exe
701	MKINDEX = $(OBJDIR)/mkindex.exe
702	VERSION = $(OBJDIR)/version.exe
703	CODECHECK1 = $(OBJDIR)/codecheck1.exe
704	CAT = cat
705	CP = cp
706	GREP = grep
707	MV = mv
708	RM = rm -f
	@@ -750,10 +752,13 @@
752	$(BCC) -o $(MKINDEX) $(SRCDIR)/mkindex.c
753
754	$(VERSION): $(SRCDIR)/mkversion.c
755	$(BCC) -o $(VERSION) $(SRCDIR)/mkversion.c
756
757	$(CODECHECK1): $(SRCDIR)/codecheck1.c
758	$(BCC) -o $(CODECHECK1) $(SRCDIR)/codecheck1.c
759
760	# WARNING. DANGER. Running the test suite modifies the repository the
761	# build is done from, i.e. the checkout belongs to. Do not sync/push
762	# the repository after running the tests.
763	test: $(OBJDIR) $(APPNAME)
764	$(TCLSH) $(SRCDIR)/../test/tester.tcl $(APPNAME)
	@@ -815,11 +820,12 @@
820
821	ifdef FOSSIL_BUILD_SSL
822	APPTARGETS += openssl
823	endif
824
825	$(APPNAME): $(OBJDIR)/headers $(CODECHECK1) $(OBJ) $(EXTRAOBJ) $(OBJDIR)/fossil.o $(APPTARGETS)
826	$(CODECHECK1) $(TRANS_SRC)
827	$(TCC) -o $(APPNAME) $(OBJ) $(EXTRAOBJ) $(LIB) $(OBJDIR)/fossil.o
828
829	# This rule prevents make from using its default rules to try build
830	# an executable named "manifest" out of the file named "manifest.c"
831	#
832

M win/Makefile.msc

+8 -2

		--- win/Makefile.msc
		+++ win/Makefile.msc
		@@ -469,12 +469,13 @@
469	469	!ifdef FOSSIL_BUILD_SSL
470	470	APPTARGETS = $(APPTARGETS) openssl
471	471	!endif
472	472	!endif
473	473
474		-$(APPNAME) : $(APPTARGETS) translate$E mkindex$E headers $(OBJ) $(OX)\linkopts
	474	+$(APPNAME) : $(APPTARGETS) translate$E mkindex$E codecheck1$E headers $(OBJ) $(OX)\linkopts
475	475	cd $(OX)
	476	+ codecheck1$E $(SRC)
476	477	link $(LDFLAGS) /OUT:$@ $(LIBDIR) Wsetargv.obj fossil.res @linkopts
477	478
478	479	$(OX)\linkopts: $B\win\Makefile.msc
479	480	echo $(OX)\add.obj > $@
480	481	echo $(OX)\allrepo.obj >> $@
		@@ -608,11 +609,14 @@
608	609	$(BCC) $**
609	610
610	611	mkindex$E: $(SRCDIR)\mkindex.c
611	612	$(BCC) $**
612	613
613		-mkversion$E: $B\src\mkversion.c
	614	+mkversion$E: $(SRCDIR)\mkversion.c
	615	+ $(BCC) $**
	616	+
	617	+codecheck1$E: $(SRCDIR)\codecheck1.c
614	618	$(BCC) $**
615	619
616	620	$(OX)\shell$O : $(SRCDIR)\shell.c $B\win\Makefile.msc
617	621	$(TCC) /Fo$@ $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) -c $(SRCDIR)\shell.c
618	622
		@@ -660,10 +664,12 @@
660	664	-del mkindex$P
661	665	-del makeheaders$E
662	666	-del makeheaders$P
663	667	-del mkversion$E
664	668	-del mkversion$P
	669	+ -del codecheck1$E
	670	+ -del codecheck1$P
665	671
666	672	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
667	673	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
668	674	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
669	675	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
670	676

	--- win/Makefile.msc
	+++ win/Makefile.msc
	@@ -469,12 +469,13 @@
469	!ifdef FOSSIL_BUILD_SSL
470	APPTARGETS = $(APPTARGETS) openssl
471	!endif
472	!endif
473
474	$(APPNAME) : $(APPTARGETS) translate$E mkindex$E headers $(OBJ) $(OX)\linkopts
475	cd $(OX)

476	link $(LDFLAGS) /OUT:$@ $(LIBDIR) Wsetargv.obj fossil.res @linkopts
477
478	$(OX)\linkopts: $B\win\Makefile.msc
479	echo $(OX)\add.obj > $@
480	echo $(OX)\allrepo.obj >> $@
	@@ -608,11 +609,14 @@
608	$(BCC) $**
609
610	mkindex$E: $(SRCDIR)\mkindex.c
611	$(BCC) $**
612
613	mkversion$E: $B\src\mkversion.c



614	$(BCC) $**
615
616	$(OX)\shell$O : $(SRCDIR)\shell.c $B\win\Makefile.msc
617	$(TCC) /Fo$@ $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) -c $(SRCDIR)\shell.c
618
	@@ -660,10 +664,12 @@
660	-del mkindex$P
661	-del makeheaders$E
662	-del makeheaders$P
663	-del mkversion$E
664	-del mkversion$P


665
666	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
667	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
668	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
669	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
670

	--- win/Makefile.msc
	+++ win/Makefile.msc
	@@ -469,12 +469,13 @@
469	!ifdef FOSSIL_BUILD_SSL
470	APPTARGETS = $(APPTARGETS) openssl
471	!endif
472	!endif
473
474	$(APPNAME) : $(APPTARGETS) translate$E mkindex$E codecheck1$E headers $(OBJ) $(OX)\linkopts
475	cd $(OX)
476	codecheck1$E $(SRC)
477	link $(LDFLAGS) /OUT:$@ $(LIBDIR) Wsetargv.obj fossil.res @linkopts
478
479	$(OX)\linkopts: $B\win\Makefile.msc
480	echo $(OX)\add.obj > $@
481	echo $(OX)\allrepo.obj >> $@
	@@ -608,11 +609,14 @@
609	$(BCC) $**
610
611	mkindex$E: $(SRCDIR)\mkindex.c
612	$(BCC) $**
613
614	mkversion$E: $(SRCDIR)\mkversion.c
615	$(BCC) $**
616
617	codecheck1$E: $(SRCDIR)\codecheck1.c
618	$(BCC) $**
619
620	$(OX)\shell$O : $(SRCDIR)\shell.c $B\win\Makefile.msc
621	$(TCC) /Fo$@ $(SHELL_OPTIONS) $(SQLITE_OPTIONS) $(SHELL_CFLAGS) -c $(SRCDIR)\shell.c
622
	@@ -660,10 +664,12 @@
664	-del mkindex$P
665	-del makeheaders$E
666	-del makeheaders$P
667	-del mkversion$E
668	-del mkversion$P
669	-del codecheck1$E
670	-del codecheck1$P
671
672	$(OBJDIR)\json$O : $(SRCDIR)\json_detail.h
673	$(OBJDIR)\json_artifact$O : $(SRCDIR)\json_detail.h
674	$(OBJDIR)\json_branch$O : $(SRCDIR)\json_detail.h
675	$(OBJDIR)\json_config$O : $(SRCDIR)\json_detail.h
676

Fossil SCM

Keyboard Shortcuts