a40e8a09349… — Fossil SCM

M src/attach.c

+1 -14

		--- src/attach.c
		+++ src/attach.c
		@@ -375,11 +375,11 @@
375	375	}
376	376	zTarget = zTkt;
377	377	zTargetType = mprintf("Ticket <a href=\"%R/tktview/%s\">%S</a>",
378	378	zTkt, zTkt);
379	379	}
380		- if( zFrom==0 ) zFrom = mprintf("%s/home", g.zTop);
	380	+ if( zFrom==0 ) zFrom = mprintf("%R/home");
381	381	if( P("cancel") ){
382	382	cgi_redirect(zFrom);
383	383	}
384	384	if( P("ok") && szContent>0 && (goodCaptcha = captcha_is_correct(0)) ){
385	385	int needModerator = (zTkt!=0 && ticket_need_moderation(0)) \|\|
		@@ -449,23 +449,10 @@
449	449	return;
450	450	}
451	451	rid = name_to_rid_www("name");
452	452	if( rid==0 ){ fossil_redirect_home(); }
453	453	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
454		-#if 0
455		- /* Shunning here needs to get both the attachment control artifact and
456		- ** the object that is attached. */
457		- if( g.perm.Admin ){
458		- if( db_exists("SELECT 1 FROM shun WHERE uuid='%q'", zUuid) ){
459		- style_submenu_element("Unshun", "%s/shun?uuid=%s&sub=1",
460		- g.zTop, zUuid);
461		- }else{
462		- style_submenu_element("Shun", "%s/shun?shun=%s#addshun",
463		- g.zTop, zUuid);
464		- }
465		- }
466		-#endif
467	454	pAttach = manifest_get(rid, CFTYPE_ATTACHMENT, 0);
468	455	if( pAttach==0 ) fossil_redirect_home();
469	456	zTarget = pAttach->zAttachTarget;
470	457	zSrc = pAttach->zAttachSrc;
471	458	ridSrc = db_int(0,"SELECT rid FROM blob WHERE uuid='%q'", zSrc);
472	459

	--- src/attach.c
	+++ src/attach.c
	@@ -375,11 +375,11 @@
375	}
376	zTarget = zTkt;
377	zTargetType = mprintf("Ticket <a href=\"%R/tktview/%s\">%S</a>",
378	zTkt, zTkt);
379	}
380	if( zFrom==0 ) zFrom = mprintf("%s/home", g.zTop);
381	if( P("cancel") ){
382	cgi_redirect(zFrom);
383	}
384	if( P("ok") && szContent>0 && (goodCaptcha = captcha_is_correct(0)) ){
385	int needModerator = (zTkt!=0 && ticket_need_moderation(0)) \|\|
	@@ -449,23 +449,10 @@
449	return;
450	}
451	rid = name_to_rid_www("name");
452	if( rid==0 ){ fossil_redirect_home(); }
453	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
454	#if 0
455	/* Shunning here needs to get both the attachment control artifact and
456	** the object that is attached. */
457	if( g.perm.Admin ){
458	if( db_exists("SELECT 1 FROM shun WHERE uuid='%q'", zUuid) ){
459	style_submenu_element("Unshun", "%s/shun?uuid=%s&sub=1",
460	g.zTop, zUuid);
461	}else{
462	style_submenu_element("Shun", "%s/shun?shun=%s#addshun",
463	g.zTop, zUuid);
464	}
465	}
466	#endif
467	pAttach = manifest_get(rid, CFTYPE_ATTACHMENT, 0);
468	if( pAttach==0 ) fossil_redirect_home();
469	zTarget = pAttach->zAttachTarget;
470	zSrc = pAttach->zAttachSrc;
471	ridSrc = db_int(0,"SELECT rid FROM blob WHERE uuid='%q'", zSrc);
472

	--- src/attach.c
	+++ src/attach.c
	@@ -375,11 +375,11 @@
375	}
376	zTarget = zTkt;
377	zTargetType = mprintf("Ticket <a href=\"%R/tktview/%s\">%S</a>",
378	zTkt, zTkt);
379	}
380	if( zFrom==0 ) zFrom = mprintf("%R/home");
381	if( P("cancel") ){
382	cgi_redirect(zFrom);
383	}
384	if( P("ok") && szContent>0 && (goodCaptcha = captcha_is_correct(0)) ){
385	int needModerator = (zTkt!=0 && ticket_need_moderation(0)) \|\|
	@@ -449,23 +449,10 @@
449	return;
450	}
451	rid = name_to_rid_www("name");
452	if( rid==0 ){ fossil_redirect_home(); }
453	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);













454	pAttach = manifest_get(rid, CFTYPE_ATTACHMENT, 0);
455	if( pAttach==0 ) fossil_redirect_home();
456	zTarget = pAttach->zAttachTarget;
457	zSrc = pAttach->zAttachSrc;
458	ridSrc = db_int(0,"SELECT rid FROM blob WHERE uuid='%q'", zSrc);
459

M src/dispatch.c

+1 -1

		--- src/dispatch.c
		+++ src/dispatch.c
		@@ -749,11 +749,11 @@
749	749	int rc;
750	750	const CmdOrPage *pCmd = 0;
751	751
752	752	style_header("Help: %s", zCmd);
753	753
754		- style_submenu_element("Command-List", "%s/help", g.zTop);
	754	+ style_submenu_element("Command-List", "%R/help");
755	755	rc = dispatch_name_search(zCmd, CMDFLAG_ANY\|CMDFLAG_PREFIX, &pCmd);
756	756	if( *zCmd=='/' ){
757	757	/* Some of the webpages require query parameters in order to work.
758	758	** @ <h1>The "<a href='%R%s(zCmd)'>%s(zCmd)</a>" page:</h1> */
759	759	@ <h1>The "%h(zCmd)" page:</h1>
760	760

	--- src/dispatch.c
	+++ src/dispatch.c
	@@ -749,11 +749,11 @@
749	int rc;
750	const CmdOrPage *pCmd = 0;
751
752	style_header("Help: %s", zCmd);
753
754	style_submenu_element("Command-List", "%s/help", g.zTop);
755	rc = dispatch_name_search(zCmd, CMDFLAG_ANY\|CMDFLAG_PREFIX, &pCmd);
756	if( *zCmd=='/' ){
757	/* Some of the webpages require query parameters in order to work.
758	** @ <h1>The "<a href='%R%s(zCmd)'>%s(zCmd)</a>" page:</h1> */
759	@ <h1>The "%h(zCmd)" page:</h1>
760

	--- src/dispatch.c
	+++ src/dispatch.c
	@@ -749,11 +749,11 @@
749	int rc;
750	const CmdOrPage *pCmd = 0;
751
752	style_header("Help: %s", zCmd);
753
754	style_submenu_element("Command-List", "%R/help");
755	rc = dispatch_name_search(zCmd, CMDFLAG_ANY\|CMDFLAG_PREFIX, &pCmd);
756	if( *zCmd=='/' ){
757	/* Some of the webpages require query parameters in order to work.
758	** @ <h1>The "<a href='%R%s(zCmd)'>%s(zCmd)</a>" page:</h1> */
759	@ <h1>The "%h(zCmd)" page:</h1>
760

M src/info.c

+7 -10

		--- src/info.c
		+++ src/info.c
		@@ -1933,14 +1933,13 @@
1933	1933	if( !g.perm.Read ){ login_needed(g.anon.Read); return; }
1934	1934	if( rid==0 ) fossil_redirect_home();
1935	1935	if( g.perm.Admin ){
1936	1936	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1937	1937	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
1938		- style_submenu_element("Unshun", "%s/shun?accept=%s&sub=1#delshun",
1939		- g.zTop, zUuid);
	1938	+ style_submenu_element("Unshun", "%R/shun?accept=%s&sub=1#delshun", zUuid);
1940	1939	}else{
1941		- style_submenu_element("Shun", "%s/shun?shun=%s#addshun", g.zTop, zUuid);
	1940	+ style_submenu_element("Shun", "%R/shun?shun=%s#addshun", zUuid);
1942	1941	}
1943	1942	}
1944	1943	style_header("Hex Artifact Content");
1945	1944	zUuid = db_text("?","SELECT uuid FROM blob WHERE rid=%d", rid);
1946	1945	etag_check(ETAG_HASH, zUuid);
		@@ -2361,14 +2360,13 @@
2361	2360	/NOTREACHED/
2362	2361	}
2363	2362	if( g.perm.Admin ){
2364	2363	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
2365	2364	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
2366		- style_submenu_element("Unshun", "%s/shun?accept=%s&sub=1#accshun",
2367		- g.zTop, zUuid);
	2365	+ style_submenu_element("Unshun", "%R/shun?accept=%s&sub=1#accshun", zUuid);
2368	2366	}else{
2369		- style_submenu_element("Shun", "%s/shun?shun=%s#addshun", g.zTop, zUuid);
	2367	+ style_submenu_element("Shun", "%R/shun?shun=%s#addshun",zUuid);
2370	2368	}
2371	2369	}
2372	2370
2373	2371	if( isFile ){
2374	2372	if( isSymbolicCI ){
		@@ -2462,11 +2460,11 @@
2462	2460	@ );
2463	2461	@ </script>
2464	2462	}else if( renderAsSvg ){
2465	2463	@ <object type="image/svg+xml" data="%R/raw/%s(zUuid)"></object>
2466	2464	}else{
2467		- style_submenu_element("Hex", "%s/hexdump?name=%s", g.zTop, zUuid);
	2465	+ style_submenu_element("Hex", "%R/hexdump?name=%s", zUuid);
2468	2466	if( zLn==0 \|\| atoi(zLn)==0 ){
2469	2467	style_submenu_checkbox("ln", "Line Numbers", 0, 0);
2470	2468	}
2471	2469	blob_to_utf8_no_bom(&content, 0);
2472	2470	zMime = mimetype_from_content(&content);
		@@ -2525,14 +2523,13 @@
2525	2523	rid = name_to_rid_www("name");
2526	2524	if( rid==0 ){ fossil_redirect_home(); }
2527	2525	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
2528	2526	if( g.perm.Admin ){
2529	2527	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
2530		- style_submenu_element("Unshun", "%s/shun?accept=%s&sub=1#accshun",
2531		- g.zTop, zUuid);
	2528	+ style_submenu_element("Unshun", "%R/shun?accept=%s&sub=1#accshun", zUuid);
2532	2529	}else{
2533		- style_submenu_element("Shun", "%s/shun?shun=%s#addshun", g.zTop, zUuid);
	2530	+ style_submenu_element("Shun", "%R/shun?shun=%s#addshun", zUuid);
2534	2531	}
2535	2532	}
2536	2533	pTktChng = manifest_get(rid, CFTYPE_TICKET, 0);
2537	2534	if( pTktChng==0 ) fossil_redirect_home();
2538	2535	zDate = db_text(0, "SELECT datetime(%.12f)", pTktChng->rDate);
2539	2536

	--- src/info.c
	+++ src/info.c
	@@ -1933,14 +1933,13 @@
1933	if( !g.perm.Read ){ login_needed(g.anon.Read); return; }
1934	if( rid==0 ) fossil_redirect_home();
1935	if( g.perm.Admin ){
1936	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1937	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
1938	style_submenu_element("Unshun", "%s/shun?accept=%s&sub=1#delshun",
1939	g.zTop, zUuid);
1940	}else{
1941	style_submenu_element("Shun", "%s/shun?shun=%s#addshun", g.zTop, zUuid);
1942	}
1943	}
1944	style_header("Hex Artifact Content");
1945	zUuid = db_text("?","SELECT uuid FROM blob WHERE rid=%d", rid);
1946	etag_check(ETAG_HASH, zUuid);
	@@ -2361,14 +2360,13 @@
2361	/NOTREACHED/
2362	}
2363	if( g.perm.Admin ){
2364	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
2365	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
2366	style_submenu_element("Unshun", "%s/shun?accept=%s&sub=1#accshun",
2367	g.zTop, zUuid);
2368	}else{
2369	style_submenu_element("Shun", "%s/shun?shun=%s#addshun", g.zTop, zUuid);
2370	}
2371	}
2372
2373	if( isFile ){
2374	if( isSymbolicCI ){
	@@ -2462,11 +2460,11 @@
2462	@ );
2463	@ </script>
2464	}else if( renderAsSvg ){
2465	@ <object type="image/svg+xml" data="%R/raw/%s(zUuid)"></object>
2466	}else{
2467	style_submenu_element("Hex", "%s/hexdump?name=%s", g.zTop, zUuid);
2468	if( zLn==0 \|\| atoi(zLn)==0 ){
2469	style_submenu_checkbox("ln", "Line Numbers", 0, 0);
2470	}
2471	blob_to_utf8_no_bom(&content, 0);
2472	zMime = mimetype_from_content(&content);
	@@ -2525,14 +2523,13 @@
2525	rid = name_to_rid_www("name");
2526	if( rid==0 ){ fossil_redirect_home(); }
2527	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
2528	if( g.perm.Admin ){
2529	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
2530	style_submenu_element("Unshun", "%s/shun?accept=%s&sub=1#accshun",
2531	g.zTop, zUuid);
2532	}else{
2533	style_submenu_element("Shun", "%s/shun?shun=%s#addshun", g.zTop, zUuid);
2534	}
2535	}
2536	pTktChng = manifest_get(rid, CFTYPE_TICKET, 0);
2537	if( pTktChng==0 ) fossil_redirect_home();
2538	zDate = db_text(0, "SELECT datetime(%.12f)", pTktChng->rDate);
2539

	--- src/info.c
	+++ src/info.c
	@@ -1933,14 +1933,13 @@
1933	if( !g.perm.Read ){ login_needed(g.anon.Read); return; }
1934	if( rid==0 ) fossil_redirect_home();
1935	if( g.perm.Admin ){
1936	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
1937	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
1938	style_submenu_element("Unshun", "%R/shun?accept=%s&sub=1#delshun", zUuid);

1939	}else{
1940	style_submenu_element("Shun", "%R/shun?shun=%s#addshun", zUuid);
1941	}
1942	}
1943	style_header("Hex Artifact Content");
1944	zUuid = db_text("?","SELECT uuid FROM blob WHERE rid=%d", rid);
1945	etag_check(ETAG_HASH, zUuid);
	@@ -2361,14 +2360,13 @@
2360	/NOTREACHED/
2361	}
2362	if( g.perm.Admin ){
2363	const char *zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
2364	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
2365	style_submenu_element("Unshun", "%R/shun?accept=%s&sub=1#accshun", zUuid);

2366	}else{
2367	style_submenu_element("Shun", "%R/shun?shun=%s#addshun",zUuid);
2368	}
2369	}
2370
2371	if( isFile ){
2372	if( isSymbolicCI ){
	@@ -2462,11 +2460,11 @@
2460	@ );
2461	@ </script>
2462	}else if( renderAsSvg ){
2463	@ <object type="image/svg+xml" data="%R/raw/%s(zUuid)"></object>
2464	}else{
2465	style_submenu_element("Hex", "%R/hexdump?name=%s", zUuid);
2466	if( zLn==0 \|\| atoi(zLn)==0 ){
2467	style_submenu_checkbox("ln", "Line Numbers", 0, 0);
2468	}
2469	blob_to_utf8_no_bom(&content, 0);
2470	zMime = mimetype_from_content(&content);
	@@ -2525,14 +2523,13 @@
2523	rid = name_to_rid_www("name");
2524	if( rid==0 ){ fossil_redirect_home(); }
2525	zUuid = db_text("", "SELECT uuid FROM blob WHERE rid=%d", rid);
2526	if( g.perm.Admin ){
2527	if( db_exists("SELECT 1 FROM shun WHERE uuid=%Q", zUuid) ){
2528	style_submenu_element("Unshun", "%R/shun?accept=%s&sub=1#accshun", zUuid);

2529	}else{
2530	style_submenu_element("Shun", "%R/shun?shun=%s#addshun", zUuid);
2531	}
2532	}
2533	pTktChng = manifest_get(rid, CFTYPE_TICKET, 0);
2534	if( pTktChng==0 ) fossil_redirect_home();
2535	zDate = db_text(0, "SELECT datetime(%.12f)", pTktChng->rDate);
2536

M src/main.c

+3 -3

		--- src/main.c
		+++ src/main.c
		@@ -1390,11 +1390,11 @@
1390	1390
1391	1391	/*
1392	1392	** Send an HTTP redirect back to the designated Index Page.
1393	1393	*/
1394	1394	NORETURN void fossil_redirect_home(void){
1395		- cgi_redirectf("%s%s", g.zTop, db_get("index-page", "/index"));
	1395	+ cgi_redirectf("%R%s", db_get("index-page", "/index"));
1396	1396	}
1397	1397
1398	1398	/*
1399	1399	** If running as root, chroot to the directory containing the
1400	1400	** repository zRepo and then drop root privileges. Return the
		@@ -1754,11 +1754,11 @@
1754	1754	/* Add the repository name (without the ".fossil" suffix) to the end
1755	1755	** of SCRIPT_NAME and g.zTop and g.zBaseURL and remove the repository
1756	1756	** name from the beginning of PATH_INFO.
1757	1757	*/
1758	1758	zNewScript = mprintf("%s%.*s", zOldScript, i, zPathInfo);
1759		- if( g.zTop ) g.zTop = mprintf("%s%.*s", g.zTop, i, zPathInfo);
	1759	+ if( g.zTop ) g.zTop = mprintf("%R%.*s", i, zPathInfo);
1760	1760	if( g.zBaseURL ) g.zBaseURL = mprintf("%s%.*s", g.zBaseURL, i, zPathInfo);
1761	1761	cgi_replace_parameter("PATH_INFO", &zPathInfo[i+1]);
1762	1762	zPathInfo += i;
1763	1763	cgi_replace_parameter("SCRIPT_NAME", zNewScript);
1764	1764	db_open_repository(file_cleanup_fullpath(zRepo));
		@@ -1794,11 +1794,11 @@
1794	1794	){
1795	1795	int iSkin = zPathInfo[6] - '0';
1796	1796	char *zNewScript;
1797	1797	skin_use_draft(iSkin);
1798	1798	zNewScript = mprintf("%T/draft%d", P("SCRIPT_NAME"), iSkin);
1799		- if( g.zTop ) g.zTop = mprintf("%s/draft%d", g.zTop, iSkin);
	1799	+ if( g.zTop ) g.zTop = mprintf("%R/draft%d", iSkin);
1800	1800	if( g.zBaseURL ) g.zBaseURL = mprintf("%s/draft%d", g.zBaseURL, iSkin);
1801	1801	zPathInfo += 7;
1802	1802	cgi_replace_parameter("PATH_INFO", zPathInfo);
1803	1803	cgi_replace_parameter("SCRIPT_NAME", zNewScript);
1804	1804	etag_cancel();
1805	1805

	--- src/main.c
	+++ src/main.c
	@@ -1390,11 +1390,11 @@
1390
1391	/*
1392	** Send an HTTP redirect back to the designated Index Page.
1393	*/
1394	NORETURN void fossil_redirect_home(void){
1395	cgi_redirectf("%s%s", g.zTop, db_get("index-page", "/index"));
1396	}
1397
1398	/*
1399	** If running as root, chroot to the directory containing the
1400	** repository zRepo and then drop root privileges. Return the
	@@ -1754,11 +1754,11 @@
1754	/* Add the repository name (without the ".fossil" suffix) to the end
1755	** of SCRIPT_NAME and g.zTop and g.zBaseURL and remove the repository
1756	** name from the beginning of PATH_INFO.
1757	*/
1758	zNewScript = mprintf("%s%.*s", zOldScript, i, zPathInfo);
1759	if( g.zTop ) g.zTop = mprintf("%s%.*s", g.zTop, i, zPathInfo);
1760	if( g.zBaseURL ) g.zBaseURL = mprintf("%s%.*s", g.zBaseURL, i, zPathInfo);
1761	cgi_replace_parameter("PATH_INFO", &zPathInfo[i+1]);
1762	zPathInfo += i;
1763	cgi_replace_parameter("SCRIPT_NAME", zNewScript);
1764	db_open_repository(file_cleanup_fullpath(zRepo));
	@@ -1794,11 +1794,11 @@
1794	){
1795	int iSkin = zPathInfo[6] - '0';
1796	char *zNewScript;
1797	skin_use_draft(iSkin);
1798	zNewScript = mprintf("%T/draft%d", P("SCRIPT_NAME"), iSkin);
1799	if( g.zTop ) g.zTop = mprintf("%s/draft%d", g.zTop, iSkin);
1800	if( g.zBaseURL ) g.zBaseURL = mprintf("%s/draft%d", g.zBaseURL, iSkin);
1801	zPathInfo += 7;
1802	cgi_replace_parameter("PATH_INFO", zPathInfo);
1803	cgi_replace_parameter("SCRIPT_NAME", zNewScript);
1804	etag_cancel();
1805

	--- src/main.c
	+++ src/main.c
	@@ -1390,11 +1390,11 @@
1390
1391	/*
1392	** Send an HTTP redirect back to the designated Index Page.
1393	*/
1394	NORETURN void fossil_redirect_home(void){
1395	cgi_redirectf("%R%s", db_get("index-page", "/index"));
1396	}
1397
1398	/*
1399	** If running as root, chroot to the directory containing the
1400	** repository zRepo and then drop root privileges. Return the
	@@ -1754,11 +1754,11 @@
1754	/* Add the repository name (without the ".fossil" suffix) to the end
1755	** of SCRIPT_NAME and g.zTop and g.zBaseURL and remove the repository
1756	** name from the beginning of PATH_INFO.
1757	*/
1758	zNewScript = mprintf("%s%.*s", zOldScript, i, zPathInfo);
1759	if( g.zTop ) g.zTop = mprintf("%R%.*s", i, zPathInfo);
1760	if( g.zBaseURL ) g.zBaseURL = mprintf("%s%.*s", g.zBaseURL, i, zPathInfo);
1761	cgi_replace_parameter("PATH_INFO", &zPathInfo[i+1]);
1762	zPathInfo += i;
1763	cgi_replace_parameter("SCRIPT_NAME", zNewScript);
1764	db_open_repository(file_cleanup_fullpath(zRepo));
	@@ -1794,11 +1794,11 @@
1794	){
1795	int iSkin = zPathInfo[6] - '0';
1796	char *zNewScript;
1797	skin_use_draft(iSkin);
1798	zNewScript = mprintf("%T/draft%d", P("SCRIPT_NAME"), iSkin);
1799	if( g.zTop ) g.zTop = mprintf("%R/draft%d", iSkin);
1800	if( g.zBaseURL ) g.zBaseURL = mprintf("%s/draft%d", g.zBaseURL, iSkin);
1801	zPathInfo += 7;
1802	cgi_replace_parameter("PATH_INFO", zPathInfo);
1803	cgi_replace_parameter("SCRIPT_NAME", zNewScript);
1804	etag_cancel();
1805

M src/name.c

+1 -1

		--- src/name.c
		+++ src/name.c
		@@ -688,11 +688,11 @@
688	688	}
689	689	#endif
690	690	if( zName==0 \|\| zName[0]==0 ) return 0;
691	691	rid = symbolic_name_to_rid(zName, "*");
692	692	if( rid<0 ){
693		- cgi_redirectf("%s/ambiguous/%T?src=%t", g.zTop, zName, g.zPath);
	693	+ cgi_redirectf("%R/ambiguous/%T?src=%t", zName, g.zPath);
694	694	rid = 0;
695	695	}
696	696	return rid;
697	697	}
698	698
699	699

	--- src/name.c
	+++ src/name.c
	@@ -688,11 +688,11 @@
688	}
689	#endif
690	if( zName==0 \|\| zName[0]==0 ) return 0;
691	rid = symbolic_name_to_rid(zName, "*");
692	if( rid<0 ){
693	cgi_redirectf("%s/ambiguous/%T?src=%t", g.zTop, zName, g.zPath);
694	rid = 0;
695	}
696	return rid;
697	}
698
699

	--- src/name.c
	+++ src/name.c
	@@ -688,11 +688,11 @@
688	}
689	#endif
690	if( zName==0 \|\| zName[0]==0 ) return 0;
691	rid = symbolic_name_to_rid(zName, "*");
692	if( rid<0 ){
693	cgi_redirectf("%R/ambiguous/%T?src=%t", zName, g.zPath);
694	rid = 0;
695	}
696	return rid;
697	}
698
699

M src/pikchrshow.c

+1 -1

		--- src/pikchrshow.c
		+++ src/pikchrshow.c
		@@ -246,11 +246,11 @@
246	246	\| PIKCHR_PROCESS_SRC
247	247	\| PIKCHR_PROCESS_ERR_PRE;
248	248
249	249	login_check_credentials();
250	250	if( !g.perm.RdWiki && !g.perm.Read && !g.perm.RdForum ){
251		- cgi_redirectf("%s/login?g=%s/pikchrshow", g.zTop, g.zTop);
	251	+ cgi_redirectf("%R/login?g=%R/pikchrshow");
252	252	}
253	253	zContent = PD("content",P("p"));
254	254	if(P("ajax")!=0){
255	255	/* Called from the JS-side preview updater. */
256	256	cgi_set_content_type("text/html");
257	257

	--- src/pikchrshow.c
	+++ src/pikchrshow.c
	@@ -246,11 +246,11 @@
246	\| PIKCHR_PROCESS_SRC
247	\| PIKCHR_PROCESS_ERR_PRE;
248
249	login_check_credentials();
250	if( !g.perm.RdWiki && !g.perm.Read && !g.perm.RdForum ){
251	cgi_redirectf("%s/login?g=%s/pikchrshow", g.zTop, g.zTop);
252	}
253	zContent = PD("content",P("p"));
254	if(P("ajax")!=0){
255	/* Called from the JS-side preview updater. */
256	cgi_set_content_type("text/html");
257

	--- src/pikchrshow.c
	+++ src/pikchrshow.c
	@@ -246,11 +246,11 @@
246	\| PIKCHR_PROCESS_SRC
247	\| PIKCHR_PROCESS_ERR_PRE;
248
249	login_check_credentials();
250	if( !g.perm.RdWiki && !g.perm.Read && !g.perm.RdForum ){
251	cgi_redirectf("%R/login?g=%R/pikchrshow");
252	}
253	zContent = PD("content",P("p"));
254	if(P("ajax")!=0){
255	/* Called from the JS-side preview updater. */
256	cgi_set_content_type("text/html");
257

M src/report.c

+1 -1

		--- src/report.c
		+++ src/report.c
		@@ -1029,11 +1029,11 @@
1029	1029	}
1030	1030	if( g.perm.TktFmt ){
1031	1031	style_submenu_element("SQL", "rptsql?rn=%d",rn);
1032	1032	}
1033	1033	if( g.perm.NewTkt ){
1034		- style_submenu_element("New Ticket", "%s/tktnew", g.zTop);
	1034	+ style_submenu_element("New Ticket", "%R/tktnew");
1035	1035	}
1036	1036	style_header("%s", zTitle);
1037	1037	output_color_key(zClrKey, 1,
1038	1038	"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
1039	1039	@ <table border="1" cellpadding="2" cellspacing="0" class="report sortable"
1040	1040

	--- src/report.c
	+++ src/report.c
	@@ -1029,11 +1029,11 @@
1029	}
1030	if( g.perm.TktFmt ){
1031	style_submenu_element("SQL", "rptsql?rn=%d",rn);
1032	}
1033	if( g.perm.NewTkt ){
1034	style_submenu_element("New Ticket", "%s/tktnew", g.zTop);
1035	}
1036	style_header("%s", zTitle);
1037	output_color_key(zClrKey, 1,
1038	"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
1039	@ <table border="1" cellpadding="2" cellspacing="0" class="report sortable"
1040

	--- src/report.c
	+++ src/report.c
	@@ -1029,11 +1029,11 @@
1029	}
1030	if( g.perm.TktFmt ){
1031	style_submenu_element("SQL", "rptsql?rn=%d",rn);
1032	}
1033	if( g.perm.NewTkt ){
1034	style_submenu_element("New Ticket", "%R/tktnew");
1035	}
1036	style_header("%s", zTitle);
1037	output_color_key(zClrKey, 1,
1038	"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
1039	@ <table border="1" cellpadding="2" cellspacing="0" class="report sortable"
1040

M src/setup.c

+18 -18

		--- src/setup.c
		+++ src/setup.c
		@@ -341,11 +341,11 @@
341	341	return;
342	342	}
343	343
344	344	style_header("Access Control Settings");
345	345	db_begin_transaction();
346		- @ <form action="%s(g.zTop)/setup_access" method="post"><div>
	346	+ @ <form action="%R/setup_access" method="post"><div>
347	347	login_insert_csrf_secret();
348	348	@ <input type="submit" name="submit" value="Apply Changes" /></p>
349	349	@ <hr />
350	350	multiple_choice_attribute("Redirect to HTTPS",
351	351	"redirect-to-https", "redirhttps", "0",
		@@ -618,11 +618,11 @@
618	618	if( zGroup==0 ){
619	619	@ <p>This repository (in the file named "%h(zSelfRepo)")
620	620	@ is not currently part of any login-group.
621	621	@ To join a login group, fill out the form below.</p>
622	622	@
623		- @ <form action="%s(g.zTop)/setup_login_group" method="post"><div>
	623	+ @ <form action="%R/setup_login_group" method="post"><div>
624	624	login_insert_csrf_secret();
625	625	@ <blockquote><table border="0">
626	626	@
627	627	@ <tr><th align="right" id="rfigtj">Repository filename \
628	628	@ in group to join:</th>
		@@ -674,11 +674,11 @@
674	674	@ <td>%h(zTitle)<td width="10"><td>%h(zRepo)</tr>
675	675	}
676	676	db_finalize(&q);
677	677	@ </table>
678	678	@
679		- @ <p><form action="%s(g.zTop)/setup_login_group" method="post"><div>
	679	+ @ <p><form action="%R/setup_login_group" method="post"><div>
680	680	login_insert_csrf_secret();
681	681	@ To leave this login group press
682	682	@ <input type="submit" value="Leave Login Group" name="leave">
683	683	@ </form></p>
684	684	@ <br />For best results, use the same number of <a href="setup_access#ipt">
		@@ -731,11 +731,11 @@
731	731	return;
732	732	}
733	733
734	734	style_header("Timeline Display Preferences");
735	735	db_begin_transaction();
736		- @ <form action="%s(g.zTop)/setup_timeline" method="post"><div>
	736	+ @ <form action="%R/setup_timeline" method="post"><div>
737	737	login_insert_csrf_secret();
738	738	@ <p><input type="submit" name="submit" value="Apply Changes" /></p>
739	739
740	740	@ <hr />
741	741	onoff_attribute("Allow block-markup in timeline",
		@@ -877,11 +877,11 @@
877	877	@ by the contents of managed files named
878	878	@ "<tt>.fossil-settings/</tt><i>SETTING-NAME</i>".
879	879	@ If the file for a versionable setting exists, the value cannot be
880	880	@ changed on this screen.</p><hr /><p>
881	881	@
882		- @ <form action="%s(g.zTop)/setup_settings" method="post"><div>
	882	+ @ <form action="%R/setup_settings" method="post"><div>
883	883	@ <table border="0"><tr><td valign="top">
884	884	login_insert_csrf_secret();
885	885	for(i=0, pSet=aSetting; i<nSetting; i++, pSet++){
886	886	if( pSet->width==0 ){
887	887	int hasVersionableValue = pSet->versionable &&
		@@ -953,11 +953,11 @@
953	953	return;
954	954	}
955	955
956	956	style_header("WWW Configuration");
957	957	db_begin_transaction();
958		- @ <form action="%s(g.zTop)/setup_config" method="post"><div>
	958	+ @ <form action="%R/setup_config" method="post"><div>
959	959	login_insert_csrf_secret();
960	960	@ <input type="submit" name="submit" value="Apply Changes" /></p>
961	961	@ <hr />
962	962	entry_attribute("Project Name", 60, "project-name", "pn", "", 0);
963	963	@ <p>A brief project name so visitors know what this site is about.
		@@ -1049,11 +1049,11 @@
1049	1049	return;
1050	1050	}
1051	1051
1052	1052	style_header("Wiki Configuration");
1053	1053	db_begin_transaction();
1054		- @ <form action="%s(g.zTop)/setup_wiki" method="post"><div>
	1054	+ @ <form action="%R/setup_wiki" method="post"><div>
1055	1055	login_insert_csrf_secret();
1056	1056	@ <input type="submit" name="submit" value="Apply Changes" /></p>
1057	1057	@ <hr />
1058	1058	onoff_attribute("Associate Wiki Pages With Branches, Tags, or Checkins",
1059	1059	"wiki-about", "wiki-about", 1, 0);
		@@ -1181,11 +1181,11 @@
1181	1181	cgi_replace_parameter("adright","");
1182	1182	setup_incr_cfgcnt();
1183	1183	}
1184	1184
1185	1185	style_header("Edit Ad Unit");
1186		- @ <form action="%s(g.zTop)/setup_adunit" method="post"><div>
	1186	+ @ <form action="%R/setup_adunit" method="post"><div>
1187	1187	login_insert_csrf_secret();
1188	1188	@ <b>Banner Ad-Unit:</b><br />
1189	1189	textarea_attribute("", 6, 80, "adunit", "adunit", "", 0);
1190	1190	@ <br />
1191	1191	@ <b>Right-Column Ad-Unit:</b><br />
		@@ -1364,15 +1364,15 @@
1364	1364	cgi_redirect("setup_logo");
1365	1365	}
1366	1366	style_header("Edit Project Logo And Background");
1367	1367	@ <p>The current project logo has a MIME-Type of <b>%h(zLogoMime)</b>
1368	1368	@ and looks like this:</p>
1369		- @ <blockquote><p><img src="%s(g.zTop)/logo/%z(zLogoMtime)" \
	1369	+ @ <blockquote><p><img src="%R/logo/%z(zLogoMtime)" \
1370	1370	@ alt="logo" border="1" />
1371	1371	@ </p></blockquote>
1372	1372	@
1373		- @ <form action="%s(g.zTop)/setup_logo" method="post"
	1373	+ @ <form action="%R/setup_logo" method="post"
1374	1374	@ enctype="multipart/form-data"><div>
1375	1375	@ <p>The logo is accessible to all users at this URL:
1376	1376	@ <a href="%s(g.zBaseURL)/logo">%s(g.zBaseURL)/logo</a>.
1377	1377	@ The logo may or may not appear on each
1378	1378	@ page depending on the <a href="setup_skinedit?w=0">CSS</a> and
		@@ -1388,15 +1388,15 @@
1388	1388	@ </div></form>
1389	1389	@ <hr />
1390	1390	@
1391	1391	@ <p>The current background image has a MIME-Type of <b>%h(zBgMime)</b>
1392	1392	@ and looks like this:</p>
1393		- @ <blockquote><p><img src="%s(g.zTop)/background/%z(zBgMtime)" \
	1393	+ @ <blockquote><p><img src="%R/background/%z(zBgMtime)" \
1394	1394	@ alt="background" border=1 />
1395	1395	@ </p></blockquote>
1396	1396	@
1397		- @ <form action="%s(g.zTop)/setup_logo" method="post"
	1397	+ @ <form action="%R/setup_logo" method="post"
1398	1398	@ enctype="multipart/form-data"><div>
1399	1399	@ <p>The background image is accessible to all users at this URL:
1400	1400	@ <a href="%s(g.zBaseURL)/background">%s(g.zBaseURL)/background</a>.
1401	1401	@ The background image may or may not appear on each
1402	1402	@ page depending on the <a href="setup_skinedit?w=0">CSS</a> and
		@@ -1412,15 +1412,15 @@
1412	1412	@ <p>(Properties: "background-image" and "background-mimetype")
1413	1413	@ <hr />
1414	1414	@
1415	1415	@ <p>The current icon image has a MIME-Type of <b>%h(zIconMime)</b>
1416	1416	@ and looks like this:</p>
1417		- @ <blockquote><p><img src="%s(g.zTop)/favicon.ico/%z(zIconMtime)" \
	1417	+ @ <blockquote><p><img src="%R/favicon.ico/%z(zIconMtime)" \
1418	1418	@ alt="icon" border=1 />
1419	1419	@ </p></blockquote>
1420	1420	@
1421		- @ <form action="%s(g.zTop)/setup_logo" method="post"
	1421	+ @ <form action="%R/setup_logo" method="post"
1422	1422	@ enctype="multipart/form-data"><div>
1423	1423	@ <p>The icon image is accessible to all users at this URL:
1424	1424	@ <a href="%s(g.zBaseURL)/favicon.ico">%s(g.zBaseURL)/favicon.ico</a>.
1425	1425	@ The icon image may or may not appear on each
1426	1426	@ page depending on the web browser in use and the MIME-Types that it
		@@ -1514,11 +1514,11 @@
1514	1514	"FROM config\n"
1515	1515	"-- ORDER BY mtime DESC; -- optional";
1516	1516	go = 1;
1517	1517	}
1518	1518	@
1519		- @ <form method="post" action="%s(g.zTop)/admin_sql">
	1519	+ @ <form method="post" action="%R/admin_sql">
1520	1520	login_insert_csrf_secret();
1521	1521	@ SQL:<br />
1522	1522	@ <textarea name="q" rows="8" cols="80">%h(zQ)</textarea><br />
1523	1523	@ <input type="submit" name="go" value="Run SQL">
1524	1524	@ <input type="submit" name="schema" value="Show Schema">
		@@ -1623,11 +1623,11 @@
1623	1623	style_header("Raw TH1 Commands");
1624	1624	@ <p><b>Caution:</b> There are no restrictions on the TH1 that can be
1625	1625	@ run by this page. If Tcl integration was enabled at compile-time and
1626	1626	@ the "tcl" setting is enabled, Tcl commands may be run as well.</p>
1627	1627	@
1628		- @ <form method="post" action="%s(g.zTop)/admin_th1">
	1628	+ @ <form method="post" action="%R/admin_th1">
1629	1629	login_insert_csrf_secret();
1630	1630	@ TH1:<br />
1631	1631	@ <textarea name="q" rows="5" cols="80">%h(zQ)</textarea><br />
1632	1632	@ <input type="submit" name="go" value="Run TH1">
1633	1633	@ </form>
		@@ -1725,11 +1725,11 @@
1725	1725	if( !g.perm.Admin ){
1726	1726	login_needed(0);
1727	1727	return;
1728	1728	}
1729	1729	style_header("Search Configuration");
1730		- @ <form action="%s(g.zTop)/srchsetup" method="post"><div>
	1730	+ @ <form action="%R/srchsetup" method="post"><div>
1731	1731	login_insert_csrf_secret();
1732	1732	@ <div style="text-align:center;font-weight:bold;">
1733	1733	@ Server-specific settings that affect the
1734	1734	@ <a href="%R/search">/search</a> webpage.
1735	1735	@ </div>
		@@ -1885,11 +1885,11 @@
1885	1885	}
1886	1886	db_prepare(&q,
1887	1887	"SELECT substr(name,8), value FROM config WHERE name GLOB 'walias:/*'"
1888	1888	" UNION ALL SELECT '', ''"
1889	1889	);
1890		- @ <form action="%s(g.zTop)/waliassetup" method="post"><div>
	1890	+ @ <form action="%R/waliassetup" method="post"><div>
1891	1891	login_insert_csrf_secret();
1892	1892	@ <table border=0 cellpadding=5>
1893	1893	@ <tr><th>Alias<th>URI That The Alias Maps Into
1894	1894	blob_init(&namelist, 0, 0);
1895	1895	while( db_step(&q)==SQLITE_ROW ){
1896	1896

	--- src/setup.c
	+++ src/setup.c
	@@ -341,11 +341,11 @@
341	return;
342	}
343
344	style_header("Access Control Settings");
345	db_begin_transaction();
346	@ <form action="%s(g.zTop)/setup_access" method="post"><div>
347	login_insert_csrf_secret();
348	@ <input type="submit" name="submit" value="Apply Changes" /></p>
349	@ <hr />
350	multiple_choice_attribute("Redirect to HTTPS",
351	"redirect-to-https", "redirhttps", "0",
	@@ -618,11 +618,11 @@
618	if( zGroup==0 ){
619	@ <p>This repository (in the file named "%h(zSelfRepo)")
620	@ is not currently part of any login-group.
621	@ To join a login group, fill out the form below.</p>
622	@
623	@ <form action="%s(g.zTop)/setup_login_group" method="post"><div>
624	login_insert_csrf_secret();
625	@ <blockquote><table border="0">
626	@
627	@ <tr><th align="right" id="rfigtj">Repository filename \
628	@ in group to join:</th>
	@@ -674,11 +674,11 @@
674	@ <td>%h(zTitle)<td width="10"><td>%h(zRepo)</tr>
675	}
676	db_finalize(&q);
677	@ </table>
678	@
679	@ <p><form action="%s(g.zTop)/setup_login_group" method="post"><div>
680	login_insert_csrf_secret();
681	@ To leave this login group press
682	@ <input type="submit" value="Leave Login Group" name="leave">
683	@ </form></p>
684	@ <br />For best results, use the same number of <a href="setup_access#ipt">
	@@ -731,11 +731,11 @@
731	return;
732	}
733
734	style_header("Timeline Display Preferences");
735	db_begin_transaction();
736	@ <form action="%s(g.zTop)/setup_timeline" method="post"><div>
737	login_insert_csrf_secret();
738	@ <p><input type="submit" name="submit" value="Apply Changes" /></p>
739
740	@ <hr />
741	onoff_attribute("Allow block-markup in timeline",
	@@ -877,11 +877,11 @@
877	@ by the contents of managed files named
878	@ "<tt>.fossil-settings/</tt><i>SETTING-NAME</i>".
879	@ If the file for a versionable setting exists, the value cannot be
880	@ changed on this screen.</p><hr /><p>
881	@
882	@ <form action="%s(g.zTop)/setup_settings" method="post"><div>
883	@ <table border="0"><tr><td valign="top">
884	login_insert_csrf_secret();
885	for(i=0, pSet=aSetting; i<nSetting; i++, pSet++){
886	if( pSet->width==0 ){
887	int hasVersionableValue = pSet->versionable &&
	@@ -953,11 +953,11 @@
953	return;
954	}
955
956	style_header("WWW Configuration");
957	db_begin_transaction();
958	@ <form action="%s(g.zTop)/setup_config" method="post"><div>
959	login_insert_csrf_secret();
960	@ <input type="submit" name="submit" value="Apply Changes" /></p>
961	@ <hr />
962	entry_attribute("Project Name", 60, "project-name", "pn", "", 0);
963	@ <p>A brief project name so visitors know what this site is about.
	@@ -1049,11 +1049,11 @@
1049	return;
1050	}
1051
1052	style_header("Wiki Configuration");
1053	db_begin_transaction();
1054	@ <form action="%s(g.zTop)/setup_wiki" method="post"><div>
1055	login_insert_csrf_secret();
1056	@ <input type="submit" name="submit" value="Apply Changes" /></p>
1057	@ <hr />
1058	onoff_attribute("Associate Wiki Pages With Branches, Tags, or Checkins",
1059	"wiki-about", "wiki-about", 1, 0);
	@@ -1181,11 +1181,11 @@
1181	cgi_replace_parameter("adright","");
1182	setup_incr_cfgcnt();
1183	}
1184
1185	style_header("Edit Ad Unit");
1186	@ <form action="%s(g.zTop)/setup_adunit" method="post"><div>
1187	login_insert_csrf_secret();
1188	@ <b>Banner Ad-Unit:</b><br />
1189	textarea_attribute("", 6, 80, "adunit", "adunit", "", 0);
1190	@ <br />
1191	@ <b>Right-Column Ad-Unit:</b><br />
	@@ -1364,15 +1364,15 @@
1364	cgi_redirect("setup_logo");
1365	}
1366	style_header("Edit Project Logo And Background");
1367	@ <p>The current project logo has a MIME-Type of <b>%h(zLogoMime)</b>
1368	@ and looks like this:</p>
1369	@ <blockquote><p><img src="%s(g.zTop)/logo/%z(zLogoMtime)" \
1370	@ alt="logo" border="1" />
1371	@ </p></blockquote>
1372	@
1373	@ <form action="%s(g.zTop)/setup_logo" method="post"
1374	@ enctype="multipart/form-data"><div>
1375	@ <p>The logo is accessible to all users at this URL:
1376	@ <a href="%s(g.zBaseURL)/logo">%s(g.zBaseURL)/logo</a>.
1377	@ The logo may or may not appear on each
1378	@ page depending on the <a href="setup_skinedit?w=0">CSS</a> and
	@@ -1388,15 +1388,15 @@
1388	@ </div></form>
1389	@ <hr />
1390	@
1391	@ <p>The current background image has a MIME-Type of <b>%h(zBgMime)</b>
1392	@ and looks like this:</p>
1393	@ <blockquote><p><img src="%s(g.zTop)/background/%z(zBgMtime)" \
1394	@ alt="background" border=1 />
1395	@ </p></blockquote>
1396	@
1397	@ <form action="%s(g.zTop)/setup_logo" method="post"
1398	@ enctype="multipart/form-data"><div>
1399	@ <p>The background image is accessible to all users at this URL:
1400	@ <a href="%s(g.zBaseURL)/background">%s(g.zBaseURL)/background</a>.
1401	@ The background image may or may not appear on each
1402	@ page depending on the <a href="setup_skinedit?w=0">CSS</a> and
	@@ -1412,15 +1412,15 @@
1412	@ <p>(Properties: "background-image" and "background-mimetype")
1413	@ <hr />
1414	@
1415	@ <p>The current icon image has a MIME-Type of <b>%h(zIconMime)</b>
1416	@ and looks like this:</p>
1417	@ <blockquote><p><img src="%s(g.zTop)/favicon.ico/%z(zIconMtime)" \
1418	@ alt="icon" border=1 />
1419	@ </p></blockquote>
1420	@
1421	@ <form action="%s(g.zTop)/setup_logo" method="post"
1422	@ enctype="multipart/form-data"><div>
1423	@ <p>The icon image is accessible to all users at this URL:
1424	@ <a href="%s(g.zBaseURL)/favicon.ico">%s(g.zBaseURL)/favicon.ico</a>.
1425	@ The icon image may or may not appear on each
1426	@ page depending on the web browser in use and the MIME-Types that it
	@@ -1514,11 +1514,11 @@
1514	"FROM config\n"
1515	"-- ORDER BY mtime DESC; -- optional";
1516	go = 1;
1517	}
1518	@
1519	@ <form method="post" action="%s(g.zTop)/admin_sql">
1520	login_insert_csrf_secret();
1521	@ SQL:<br />
1522	@ <textarea name="q" rows="8" cols="80">%h(zQ)</textarea><br />
1523	@ <input type="submit" name="go" value="Run SQL">
1524	@ <input type="submit" name="schema" value="Show Schema">
	@@ -1623,11 +1623,11 @@
1623	style_header("Raw TH1 Commands");
1624	@ <p><b>Caution:</b> There are no restrictions on the TH1 that can be
1625	@ run by this page. If Tcl integration was enabled at compile-time and
1626	@ the "tcl" setting is enabled, Tcl commands may be run as well.</p>
1627	@
1628	@ <form method="post" action="%s(g.zTop)/admin_th1">
1629	login_insert_csrf_secret();
1630	@ TH1:<br />
1631	@ <textarea name="q" rows="5" cols="80">%h(zQ)</textarea><br />
1632	@ <input type="submit" name="go" value="Run TH1">
1633	@ </form>
	@@ -1725,11 +1725,11 @@
1725	if( !g.perm.Admin ){
1726	login_needed(0);
1727	return;
1728	}
1729	style_header("Search Configuration");
1730	@ <form action="%s(g.zTop)/srchsetup" method="post"><div>
1731	login_insert_csrf_secret();
1732	@ <div style="text-align:center;font-weight:bold;">
1733	@ Server-specific settings that affect the
1734	@ <a href="%R/search">/search</a> webpage.
1735	@ </div>
	@@ -1885,11 +1885,11 @@
1885	}
1886	db_prepare(&q,
1887	"SELECT substr(name,8), value FROM config WHERE name GLOB 'walias:/*'"
1888	" UNION ALL SELECT '', ''"
1889	);
1890	@ <form action="%s(g.zTop)/waliassetup" method="post"><div>
1891	login_insert_csrf_secret();
1892	@ <table border=0 cellpadding=5>
1893	@ <tr><th>Alias<th>URI That The Alias Maps Into
1894	blob_init(&namelist, 0, 0);
1895	while( db_step(&q)==SQLITE_ROW ){
1896

	--- src/setup.c
	+++ src/setup.c
	@@ -341,11 +341,11 @@
341	return;
342	}
343
344	style_header("Access Control Settings");
345	db_begin_transaction();
346	@ <form action="%R/setup_access" method="post"><div>
347	login_insert_csrf_secret();
348	@ <input type="submit" name="submit" value="Apply Changes" /></p>
349	@ <hr />
350	multiple_choice_attribute("Redirect to HTTPS",
351	"redirect-to-https", "redirhttps", "0",
	@@ -618,11 +618,11 @@
618	if( zGroup==0 ){
619	@ <p>This repository (in the file named "%h(zSelfRepo)")
620	@ is not currently part of any login-group.
621	@ To join a login group, fill out the form below.</p>
622	@
623	@ <form action="%R/setup_login_group" method="post"><div>
624	login_insert_csrf_secret();
625	@ <blockquote><table border="0">
626	@
627	@ <tr><th align="right" id="rfigtj">Repository filename \
628	@ in group to join:</th>
	@@ -674,11 +674,11 @@
674	@ <td>%h(zTitle)<td width="10"><td>%h(zRepo)</tr>
675	}
676	db_finalize(&q);
677	@ </table>
678	@
679	@ <p><form action="%R/setup_login_group" method="post"><div>
680	login_insert_csrf_secret();
681	@ To leave this login group press
682	@ <input type="submit" value="Leave Login Group" name="leave">
683	@ </form></p>
684	@ <br />For best results, use the same number of <a href="setup_access#ipt">
	@@ -731,11 +731,11 @@
731	return;
732	}
733
734	style_header("Timeline Display Preferences");
735	db_begin_transaction();
736	@ <form action="%R/setup_timeline" method="post"><div>
737	login_insert_csrf_secret();
738	@ <p><input type="submit" name="submit" value="Apply Changes" /></p>
739
740	@ <hr />
741	onoff_attribute("Allow block-markup in timeline",
	@@ -877,11 +877,11 @@
877	@ by the contents of managed files named
878	@ "<tt>.fossil-settings/</tt><i>SETTING-NAME</i>".
879	@ If the file for a versionable setting exists, the value cannot be
880	@ changed on this screen.</p><hr /><p>
881	@
882	@ <form action="%R/setup_settings" method="post"><div>
883	@ <table border="0"><tr><td valign="top">
884	login_insert_csrf_secret();
885	for(i=0, pSet=aSetting; i<nSetting; i++, pSet++){
886	if( pSet->width==0 ){
887	int hasVersionableValue = pSet->versionable &&
	@@ -953,11 +953,11 @@
953	return;
954	}
955
956	style_header("WWW Configuration");
957	db_begin_transaction();
958	@ <form action="%R/setup_config" method="post"><div>
959	login_insert_csrf_secret();
960	@ <input type="submit" name="submit" value="Apply Changes" /></p>
961	@ <hr />
962	entry_attribute("Project Name", 60, "project-name", "pn", "", 0);
963	@ <p>A brief project name so visitors know what this site is about.
	@@ -1049,11 +1049,11 @@
1049	return;
1050	}
1051
1052	style_header("Wiki Configuration");
1053	db_begin_transaction();
1054	@ <form action="%R/setup_wiki" method="post"><div>
1055	login_insert_csrf_secret();
1056	@ <input type="submit" name="submit" value="Apply Changes" /></p>
1057	@ <hr />
1058	onoff_attribute("Associate Wiki Pages With Branches, Tags, or Checkins",
1059	"wiki-about", "wiki-about", 1, 0);
	@@ -1181,11 +1181,11 @@
1181	cgi_replace_parameter("adright","");
1182	setup_incr_cfgcnt();
1183	}
1184
1185	style_header("Edit Ad Unit");
1186	@ <form action="%R/setup_adunit" method="post"><div>
1187	login_insert_csrf_secret();
1188	@ <b>Banner Ad-Unit:</b><br />
1189	textarea_attribute("", 6, 80, "adunit", "adunit", "", 0);
1190	@ <br />
1191	@ <b>Right-Column Ad-Unit:</b><br />
	@@ -1364,15 +1364,15 @@
1364	cgi_redirect("setup_logo");
1365	}
1366	style_header("Edit Project Logo And Background");
1367	@ <p>The current project logo has a MIME-Type of <b>%h(zLogoMime)</b>
1368	@ and looks like this:</p>
1369	@ <blockquote><p><img src="%R/logo/%z(zLogoMtime)" \
1370	@ alt="logo" border="1" />
1371	@ </p></blockquote>
1372	@
1373	@ <form action="%R/setup_logo" method="post"
1374	@ enctype="multipart/form-data"><div>
1375	@ <p>The logo is accessible to all users at this URL:
1376	@ <a href="%s(g.zBaseURL)/logo">%s(g.zBaseURL)/logo</a>.
1377	@ The logo may or may not appear on each
1378	@ page depending on the <a href="setup_skinedit?w=0">CSS</a> and
	@@ -1388,15 +1388,15 @@
1388	@ </div></form>
1389	@ <hr />
1390	@
1391	@ <p>The current background image has a MIME-Type of <b>%h(zBgMime)</b>
1392	@ and looks like this:</p>
1393	@ <blockquote><p><img src="%R/background/%z(zBgMtime)" \
1394	@ alt="background" border=1 />
1395	@ </p></blockquote>
1396	@
1397	@ <form action="%R/setup_logo" method="post"
1398	@ enctype="multipart/form-data"><div>
1399	@ <p>The background image is accessible to all users at this URL:
1400	@ <a href="%s(g.zBaseURL)/background">%s(g.zBaseURL)/background</a>.
1401	@ The background image may or may not appear on each
1402	@ page depending on the <a href="setup_skinedit?w=0">CSS</a> and
	@@ -1412,15 +1412,15 @@
1412	@ <p>(Properties: "background-image" and "background-mimetype")
1413	@ <hr />
1414	@
1415	@ <p>The current icon image has a MIME-Type of <b>%h(zIconMime)</b>
1416	@ and looks like this:</p>
1417	@ <blockquote><p><img src="%R/favicon.ico/%z(zIconMtime)" \
1418	@ alt="icon" border=1 />
1419	@ </p></blockquote>
1420	@
1421	@ <form action="%R/setup_logo" method="post"
1422	@ enctype="multipart/form-data"><div>
1423	@ <p>The icon image is accessible to all users at this URL:
1424	@ <a href="%s(g.zBaseURL)/favicon.ico">%s(g.zBaseURL)/favicon.ico</a>.
1425	@ The icon image may or may not appear on each
1426	@ page depending on the web browser in use and the MIME-Types that it
	@@ -1514,11 +1514,11 @@
1514	"FROM config\n"
1515	"-- ORDER BY mtime DESC; -- optional";
1516	go = 1;
1517	}
1518	@
1519	@ <form method="post" action="%R/admin_sql">
1520	login_insert_csrf_secret();
1521	@ SQL:<br />
1522	@ <textarea name="q" rows="8" cols="80">%h(zQ)</textarea><br />
1523	@ <input type="submit" name="go" value="Run SQL">
1524	@ <input type="submit" name="schema" value="Show Schema">
	@@ -1623,11 +1623,11 @@
1623	style_header("Raw TH1 Commands");
1624	@ <p><b>Caution:</b> There are no restrictions on the TH1 that can be
1625	@ run by this page. If Tcl integration was enabled at compile-time and
1626	@ the "tcl" setting is enabled, Tcl commands may be run as well.</p>
1627	@
1628	@ <form method="post" action="%R/admin_th1">
1629	login_insert_csrf_secret();
1630	@ TH1:<br />
1631	@ <textarea name="q" rows="5" cols="80">%h(zQ)</textarea><br />
1632	@ <input type="submit" name="go" value="Run TH1">
1633	@ </form>
	@@ -1725,11 +1725,11 @@
1725	if( !g.perm.Admin ){
1726	login_needed(0);
1727	return;
1728	}
1729	style_header("Search Configuration");
1730	@ <form action="%R/srchsetup" method="post"><div>
1731	login_insert_csrf_secret();
1732	@ <div style="text-align:center;font-weight:bold;">
1733	@ Server-specific settings that affect the
1734	@ <a href="%R/search">/search</a> webpage.
1735	@ </div>
	@@ -1885,11 +1885,11 @@
1885	}
1886	db_prepare(&q,
1887	"SELECT substr(name,8), value FROM config WHERE name GLOB 'walias:/*'"
1888	" UNION ALL SELECT '', ''"
1889	);
1890	@ <form action="%R/waliassetup" method="post"><div>
1891	login_insert_csrf_secret();
1892	@ <table border=0 cellpadding=5>
1893	@ <tr><th>Alias<th>URI That The Alias Maps Into
1894	blob_init(&namelist, 0, 0);
1895	while( db_step(&q)==SQLITE_ROW ){
1896

M src/shun.c

+3 -3

		--- src/shun.c
		+++ src/shun.c
		@@ -185,11 +185,11 @@
185	185	@ or artifacts that by design or accident interfere with the processing
186	186	@ of the repository. Do not shun artifacts merely to remove them from
187	187	@ sight - set the "hidden" tag on such artifacts instead.</p>
188	188	@
189	189	@ <blockquote>
190		- @ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><div>
	190	+ @ <form method="post" action="%R/%s(g.zPath)"><div>
191	191	login_insert_csrf_secret();
192	192	@ <textarea class="fullsize-text" cols="70" rows="%d(numRows)" name="uuid">
193	193	if( zShun ){
194	194	if( strlen(zShun) ){
195	195	@ %h(zShun)
		@@ -212,11 +212,11 @@
212	212	@ restored because the content is unknown. The only change is that
213	213	@ the formerly shunned artifacts will be accepted on subsequent sync
214	214	@ operations.</p>
215	215	@
216	216	@ <blockquote>
217		- @ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><div>
	217	+ @ <form method="post" action="%R/%s(g.zPath)"><div>
218	218	login_insert_csrf_secret();
219	219	@ <textarea class="fullsize-text" cols="70" rows="%d(numRows)" name="uuid">
220	220	if( zAccept ){
221	221	if( strlen(zAccept) ){
222	222	@ %h(zAccept)
		@@ -237,11 +237,11 @@
237	237	@ content of newly shunned artifacts is not purged until the repository
238	238	@ is rebuilt. On larger repositories, the rebuild may take minute or
239	239	@ two, so be patient after pressing the button.</p>
240	240	@
241	241	@ <blockquote>
242		- @ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><div>
	242	+ @ <form method="post" action="%R/%s(g.zPath)"><div>
243	243	login_insert_csrf_secret();
244	244	@ <input type="submit" name="rebuild" value="Rebuild" />
245	245	@ </div></form>
246	246	@ </blockquote>
247	247	@
248	248

	--- src/shun.c
	+++ src/shun.c
	@@ -185,11 +185,11 @@
185	@ or artifacts that by design or accident interfere with the processing
186	@ of the repository. Do not shun artifacts merely to remove them from
187	@ sight - set the "hidden" tag on such artifacts instead.</p>
188	@
189	@ <blockquote>
190	@ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><div>
191	login_insert_csrf_secret();
192	@ <textarea class="fullsize-text" cols="70" rows="%d(numRows)" name="uuid">
193	if( zShun ){
194	if( strlen(zShun) ){
195	@ %h(zShun)
	@@ -212,11 +212,11 @@
212	@ restored because the content is unknown. The only change is that
213	@ the formerly shunned artifacts will be accepted on subsequent sync
214	@ operations.</p>
215	@
216	@ <blockquote>
217	@ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><div>
218	login_insert_csrf_secret();
219	@ <textarea class="fullsize-text" cols="70" rows="%d(numRows)" name="uuid">
220	if( zAccept ){
221	if( strlen(zAccept) ){
222	@ %h(zAccept)
	@@ -237,11 +237,11 @@
237	@ content of newly shunned artifacts is not purged until the repository
238	@ is rebuilt. On larger repositories, the rebuild may take minute or
239	@ two, so be patient after pressing the button.</p>
240	@
241	@ <blockquote>
242	@ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><div>
243	login_insert_csrf_secret();
244	@ <input type="submit" name="rebuild" value="Rebuild" />
245	@ </div></form>
246	@ </blockquote>
247	@
248

	--- src/shun.c
	+++ src/shun.c
	@@ -185,11 +185,11 @@
185	@ or artifacts that by design or accident interfere with the processing
186	@ of the repository. Do not shun artifacts merely to remove them from
187	@ sight - set the "hidden" tag on such artifacts instead.</p>
188	@
189	@ <blockquote>
190	@ <form method="post" action="%R/%s(g.zPath)"><div>
191	login_insert_csrf_secret();
192	@ <textarea class="fullsize-text" cols="70" rows="%d(numRows)" name="uuid">
193	if( zShun ){
194	if( strlen(zShun) ){
195	@ %h(zShun)
	@@ -212,11 +212,11 @@
212	@ restored because the content is unknown. The only change is that
213	@ the formerly shunned artifacts will be accepted on subsequent sync
214	@ operations.</p>
215	@
216	@ <blockquote>
217	@ <form method="post" action="%R/%s(g.zPath)"><div>
218	login_insert_csrf_secret();
219	@ <textarea class="fullsize-text" cols="70" rows="%d(numRows)" name="uuid">
220	if( zAccept ){
221	if( strlen(zAccept) ){
222	@ %h(zAccept)
	@@ -237,11 +237,11 @@
237	@ content of newly shunned artifacts is not purged until the repository
238	@ is rebuilt. On larger repositories, the rebuild may take minute or
239	@ two, so be patient after pressing the button.</p>
240	@
241	@ <blockquote>
242	@ <form method="post" action="%R/%s(g.zPath)"><div>
243	login_insert_csrf_secret();
244	@ <input type="submit" name="rebuild" value="Rebuild" />
245	@ </div></form>
246	@ </blockquote>
247	@
248

M src/skins.c

+8 -8

		--- src/skins.c
		+++ src/skins.c
		@@ -389,11 +389,11 @@
389	389	style_header("Rename A Skin");
390	390	if( ex ){
391	391	@ <p><span class="generalError">There is already another skin
392	392	@ named "%h(zNewName)". Choose a different name.</span></p>
393	393	}
394		- @ <form action="%s(g.zTop)/setup_skin_admin" method="post"><div>
	394	+ @ <form action="%R/setup_skin_admin" method="post"><div>
395	395	@ <table border="0"><tr>
396	396	@ <tr><td align="right">Current name:<td align="left"><b>%h(zOldName)</b>
397	397	@ <tr><td align="right">New name:<td align="left">
398	398	@ <input type="text" size="35" name="newname" value="%h(zNewName)">
399	399	@ <tr><td><td>
		@@ -431,11 +431,11 @@
431	431	style_header("Save Current Skin");
432	432	if( ex ){
433	433	@ <p><span class="generalError">There is already another skin
434	434	@ named "%h(zNewName)". Choose a different name.</span></p>
435	435	}
436		- @ <form action="%s(g.zTop)/setup_skin_admin" method="post"><div>
	436	+ @ <form action="%R/setup_skin_admin" method="post"><div>
437	437	@ <table border="0"><tr>
438	438	@ <tr><td align="right">Name for this skin:<td align="left">
439	439	@ <input type="text" size="35" name="svname" value="%h(zNewName)">
440	440	@ <tr><td><td>
441	441	@ <input type="submit" name="save" value="Save">
		@@ -484,11 +484,11 @@
484	484
485	485	if( cgi_csrf_safe(1) ){
486	486	/* Process requests to delete a user-defined skin */
487	487	if( P("del1") && (zName = skinVarName(P("sn"), 1))!=0 ){
488	488	style_header("Confirm Custom Skin Delete");
489		- @ <form action="%s(g.zTop)/setup_skin_admin" method="post"><div>
	489	+ @ <form action="%R/setup_skin_admin" method="post"><div>
490	490	@ <p>Deletion of a custom skin is a permanent action that cannot
491	491	@ be undone. Please confirm that this is what you want to do:</p>
492	492	@ <input type="hidden" name="sn" value="%h(P("sn"))" />
493	493	@ <input type="submit" name="del2" value="Confirm - Delete The Skin" />
494	494	@ <input type="submit" name="cancel" value="Cancel - Do Not Delete" />
		@@ -574,11 +574,11 @@
574	574	@ <tr><td>%d(i+1).<td>%h(z)<td>  <td>
575	575	if( fossil_strcmp(aBuiltinSkin[i].zSQL, zCurrent)==0 ){
576	576	@ (Currently In Use)
577	577	seenCurrent = 1;
578	578	}else{
579		- @ <form action="%s(g.zTop)/setup_skin_admin" method="post">
	579	+ @ <form action="%R/setup_skin_admin" method="post">
580	580	@ <input type="hidden" name="sn" value="%h(z)" />
581	581	@ <input type="submit" name="load" value="Install" />
582	582	if( pAltSkin==&aBuiltinSkin[i] ){
583	583	@ (Current override)
584	584	}
		@@ -600,11 +600,11 @@
600	600	once = 0;
601	601	@ <tr><td colspan=4><h2>Skins saved as "skin:*' entries \
602	602	@ in the CONFIG table:</h2></td></tr>
603	603	}
604	604	@ <tr><td>%d(i).<td>%h(zN)<td>  <td>
605		- @ <form action="%s(g.zTop)/setup_skin_admin" method="post">
	605	+ @ <form action="%R/setup_skin_admin" method="post">
606	606	if( fossil_strcmp(zV, zCurrent)==0 ){
607	607	@ (Currently In Use)
608	608	seenCurrent = 1;
609	609	}else{
610	610	@ <input type="submit" name="load" value="Install">
		@@ -618,11 +618,11 @@
618	618	if( !seenCurrent ){
619	619	i++;
620	620	@ <tr><td colspan=4><h2>Current skin in css/header/footer/details entries \
621	621	@ in the CONFIG table:</h2></td></tr>
622	622	@ <tr><td>%d(i).<td><i>Current</i><td>  <td>
623		- @ <form action="%s(g.zTop)/setup_skin_admin" method="post">
	623	+ @ <form action="%R/setup_skin_admin" method="post">
624	624	@ <input type="submit" name="save" value="Backup">
625	625	@ </form>
626	626	}
627	627	db_prepare(&q,
628	628	"SELECT DISTINCT substr(name, 1, 6) FROM config"
		@@ -637,11 +637,11 @@
637	637	once = 0;
638	638	@ <tr><td colspan=4><h2>Draft skins stored as "draft[1-9]-*' entries \
639	639	@ in the CONFIG table:</h2></td></tr>
640	640	}
641	641	@ <tr><td>%d(i).<td>%h(zN)<td>  <td>
642		- @ <form action="%s(g.zTop)/setup_skin_admin" method="post">
	642	+ @ <form action="%R/setup_skin_admin" method="post">
643	643	@ <input type="submit" name="draftdel" value="Delete">
644	644	@ <input type="hidden" name="name" value="%h(zN)">
645	645	@ </form></tr>
646	646	}
647	647	db_finalize(&q);
		@@ -798,11 +798,11 @@
798	798	style_header("%s", zTitle);
799	799	for(j=0; j<count(aSkinAttr); j++){
800	800	style_submenu_element(aSkinAttr[j].zSubmenu,
801	801	"%R/setup_skinedit?w=%d&basis=%h&sk=%d",j,zBasis,iSkin);
802	802	}
803		- @ <form action="%s(g.zTop)/setup_skinedit" method="post"><div>
	803	+ @ <form action="%R/setup_skinedit" method="post"><div>
804	804	login_insert_csrf_secret();
805	805	@ <input type='hidden' name='w' value='%d(ii)'>
806	806	@ <input type='hidden' name='sk' value='%d(iSkin)'>
807	807	@ <h2>Edit %s(zTitle):</h2>
808	808	if( P("submit") && cgi_csrf_safe(0) && strcmp(zOrig,zContent)!=0 ){
809	809

	--- src/skins.c
	+++ src/skins.c
	@@ -389,11 +389,11 @@
389	style_header("Rename A Skin");
390	if( ex ){
391	@ <p><span class="generalError">There is already another skin
392	@ named "%h(zNewName)". Choose a different name.</span></p>
393	}
394	@ <form action="%s(g.zTop)/setup_skin_admin" method="post"><div>
395	@ <table border="0"><tr>
396	@ <tr><td align="right">Current name:<td align="left"><b>%h(zOldName)</b>
397	@ <tr><td align="right">New name:<td align="left">
398	@ <input type="text" size="35" name="newname" value="%h(zNewName)">
399	@ <tr><td><td>
	@@ -431,11 +431,11 @@
431	style_header("Save Current Skin");
432	if( ex ){
433	@ <p><span class="generalError">There is already another skin
434	@ named "%h(zNewName)". Choose a different name.</span></p>
435	}
436	@ <form action="%s(g.zTop)/setup_skin_admin" method="post"><div>
437	@ <table border="0"><tr>
438	@ <tr><td align="right">Name for this skin:<td align="left">
439	@ <input type="text" size="35" name="svname" value="%h(zNewName)">
440	@ <tr><td><td>
441	@ <input type="submit" name="save" value="Save">
	@@ -484,11 +484,11 @@
484
485	if( cgi_csrf_safe(1) ){
486	/* Process requests to delete a user-defined skin */
487	if( P("del1") && (zName = skinVarName(P("sn"), 1))!=0 ){
488	style_header("Confirm Custom Skin Delete");
489	@ <form action="%s(g.zTop)/setup_skin_admin" method="post"><div>
490	@ <p>Deletion of a custom skin is a permanent action that cannot
491	@ be undone. Please confirm that this is what you want to do:</p>
492	@ <input type="hidden" name="sn" value="%h(P("sn"))" />
493	@ <input type="submit" name="del2" value="Confirm - Delete The Skin" />
494	@ <input type="submit" name="cancel" value="Cancel - Do Not Delete" />
	@@ -574,11 +574,11 @@
574	@ <tr><td>%d(i+1).<td>%h(z)<td>  <td>
575	if( fossil_strcmp(aBuiltinSkin[i].zSQL, zCurrent)==0 ){
576	@ (Currently In Use)
577	seenCurrent = 1;
578	}else{
579	@ <form action="%s(g.zTop)/setup_skin_admin" method="post">
580	@ <input type="hidden" name="sn" value="%h(z)" />
581	@ <input type="submit" name="load" value="Install" />
582	if( pAltSkin==&aBuiltinSkin[i] ){
583	@ (Current override)
584	}
	@@ -600,11 +600,11 @@
600	once = 0;
601	@ <tr><td colspan=4><h2>Skins saved as "skin:*' entries \
602	@ in the CONFIG table:</h2></td></tr>
603	}
604	@ <tr><td>%d(i).<td>%h(zN)<td>  <td>
605	@ <form action="%s(g.zTop)/setup_skin_admin" method="post">
606	if( fossil_strcmp(zV, zCurrent)==0 ){
607	@ (Currently In Use)
608	seenCurrent = 1;
609	}else{
610	@ <input type="submit" name="load" value="Install">
	@@ -618,11 +618,11 @@
618	if( !seenCurrent ){
619	i++;
620	@ <tr><td colspan=4><h2>Current skin in css/header/footer/details entries \
621	@ in the CONFIG table:</h2></td></tr>
622	@ <tr><td>%d(i).<td><i>Current</i><td>  <td>
623	@ <form action="%s(g.zTop)/setup_skin_admin" method="post">
624	@ <input type="submit" name="save" value="Backup">
625	@ </form>
626	}
627	db_prepare(&q,
628	"SELECT DISTINCT substr(name, 1, 6) FROM config"
	@@ -637,11 +637,11 @@
637	once = 0;
638	@ <tr><td colspan=4><h2>Draft skins stored as "draft[1-9]-*' entries \
639	@ in the CONFIG table:</h2></td></tr>
640	}
641	@ <tr><td>%d(i).<td>%h(zN)<td>  <td>
642	@ <form action="%s(g.zTop)/setup_skin_admin" method="post">
643	@ <input type="submit" name="draftdel" value="Delete">
644	@ <input type="hidden" name="name" value="%h(zN)">
645	@ </form></tr>
646	}
647	db_finalize(&q);
	@@ -798,11 +798,11 @@
798	style_header("%s", zTitle);
799	for(j=0; j<count(aSkinAttr); j++){
800	style_submenu_element(aSkinAttr[j].zSubmenu,
801	"%R/setup_skinedit?w=%d&basis=%h&sk=%d",j,zBasis,iSkin);
802	}
803	@ <form action="%s(g.zTop)/setup_skinedit" method="post"><div>
804	login_insert_csrf_secret();
805	@ <input type='hidden' name='w' value='%d(ii)'>
806	@ <input type='hidden' name='sk' value='%d(iSkin)'>
807	@ <h2>Edit %s(zTitle):</h2>
808	if( P("submit") && cgi_csrf_safe(0) && strcmp(zOrig,zContent)!=0 ){
809

	--- src/skins.c
	+++ src/skins.c
	@@ -389,11 +389,11 @@
389	style_header("Rename A Skin");
390	if( ex ){
391	@ <p><span class="generalError">There is already another skin
392	@ named "%h(zNewName)". Choose a different name.</span></p>
393	}
394	@ <form action="%R/setup_skin_admin" method="post"><div>
395	@ <table border="0"><tr>
396	@ <tr><td align="right">Current name:<td align="left"><b>%h(zOldName)</b>
397	@ <tr><td align="right">New name:<td align="left">
398	@ <input type="text" size="35" name="newname" value="%h(zNewName)">
399	@ <tr><td><td>
	@@ -431,11 +431,11 @@
431	style_header("Save Current Skin");
432	if( ex ){
433	@ <p><span class="generalError">There is already another skin
434	@ named "%h(zNewName)". Choose a different name.</span></p>
435	}
436	@ <form action="%R/setup_skin_admin" method="post"><div>
437	@ <table border="0"><tr>
438	@ <tr><td align="right">Name for this skin:<td align="left">
439	@ <input type="text" size="35" name="svname" value="%h(zNewName)">
440	@ <tr><td><td>
441	@ <input type="submit" name="save" value="Save">
	@@ -484,11 +484,11 @@
484
485	if( cgi_csrf_safe(1) ){
486	/* Process requests to delete a user-defined skin */
487	if( P("del1") && (zName = skinVarName(P("sn"), 1))!=0 ){
488	style_header("Confirm Custom Skin Delete");
489	@ <form action="%R/setup_skin_admin" method="post"><div>
490	@ <p>Deletion of a custom skin is a permanent action that cannot
491	@ be undone. Please confirm that this is what you want to do:</p>
492	@ <input type="hidden" name="sn" value="%h(P("sn"))" />
493	@ <input type="submit" name="del2" value="Confirm - Delete The Skin" />
494	@ <input type="submit" name="cancel" value="Cancel - Do Not Delete" />
	@@ -574,11 +574,11 @@
574	@ <tr><td>%d(i+1).<td>%h(z)<td>  <td>
575	if( fossil_strcmp(aBuiltinSkin[i].zSQL, zCurrent)==0 ){
576	@ (Currently In Use)
577	seenCurrent = 1;
578	}else{
579	@ <form action="%R/setup_skin_admin" method="post">
580	@ <input type="hidden" name="sn" value="%h(z)" />
581	@ <input type="submit" name="load" value="Install" />
582	if( pAltSkin==&aBuiltinSkin[i] ){
583	@ (Current override)
584	}
	@@ -600,11 +600,11 @@
600	once = 0;
601	@ <tr><td colspan=4><h2>Skins saved as "skin:*' entries \
602	@ in the CONFIG table:</h2></td></tr>
603	}
604	@ <tr><td>%d(i).<td>%h(zN)<td>  <td>
605	@ <form action="%R/setup_skin_admin" method="post">
606	if( fossil_strcmp(zV, zCurrent)==0 ){
607	@ (Currently In Use)
608	seenCurrent = 1;
609	}else{
610	@ <input type="submit" name="load" value="Install">
	@@ -618,11 +618,11 @@
618	if( !seenCurrent ){
619	i++;
620	@ <tr><td colspan=4><h2>Current skin in css/header/footer/details entries \
621	@ in the CONFIG table:</h2></td></tr>
622	@ <tr><td>%d(i).<td><i>Current</i><td>  <td>
623	@ <form action="%R/setup_skin_admin" method="post">
624	@ <input type="submit" name="save" value="Backup">
625	@ </form>
626	}
627	db_prepare(&q,
628	"SELECT DISTINCT substr(name, 1, 6) FROM config"
	@@ -637,11 +637,11 @@
637	once = 0;
638	@ <tr><td colspan=4><h2>Draft skins stored as "draft[1-9]-*' entries \
639	@ in the CONFIG table:</h2></td></tr>
640	}
641	@ <tr><td>%d(i).<td>%h(zN)<td>  <td>
642	@ <form action="%R/setup_skin_admin" method="post">
643	@ <input type="submit" name="draftdel" value="Delete">
644	@ <input type="hidden" name="name" value="%h(zN)">
645	@ </form></tr>
646	}
647	db_finalize(&q);
	@@ -798,11 +798,11 @@
798	style_header("%s", zTitle);
799	for(j=0; j<count(aSkinAttr); j++){
800	style_submenu_element(aSkinAttr[j].zSubmenu,
801	"%R/setup_skinedit?w=%d&basis=%h&sk=%d",j,zBasis,iSkin);
802	}
803	@ <form action="%R/setup_skinedit" method="post"><div>
804	login_insert_csrf_secret();
805	@ <input type='hidden' name='w' value='%d(ii)'>
806	@ <input type='hidden' name='sk' value='%d(iSkin)'>
807	@ <h2>Edit %s(zTitle):</h2>
808	if( P("submit") && cgi_csrf_safe(0) && strcmp(zOrig,zContent)!=0 ){
809

M src/timeline.c

+1 -1

		--- src/timeline.c
		+++ src/timeline.c
		@@ -204,11 +204,11 @@
204	204	}
205	205	}
206	206	if( cnt ){
207	207	@ <hr />
208	208	}
209		- @ <form method="post" action="%s(g.zTop)/hash-color-test">
	209	+ @ <form method="post" action="%R/hash-color-test">
210	210	@ <p>Enter candidate branch names below and see them displayed in their
211	211	@ default background colors above.</p>
212	212	for(i=0; i<10; i++){
213	213	sqlite3_snprintf(sizeof(zNm),zNm,"b%d",i);
214	214	zBr = P(zNm);
215	215

	--- src/timeline.c
	+++ src/timeline.c
	@@ -204,11 +204,11 @@
204	}
205	}
206	if( cnt ){
207	@ <hr />
208	}
209	@ <form method="post" action="%s(g.zTop)/hash-color-test">
210	@ <p>Enter candidate branch names below and see them displayed in their
211	@ default background colors above.</p>
212	for(i=0; i<10; i++){
213	sqlite3_snprintf(sizeof(zNm),zNm,"b%d",i);
214	zBr = P(zNm);
215

	--- src/timeline.c
	+++ src/timeline.c
	@@ -204,11 +204,11 @@
204	}
205	}
206	if( cnt ){
207	@ <hr />
208	}
209	@ <form method="post" action="%R/hash-color-test">
210	@ <p>Enter candidate branch names below and see them displayed in their
211	@ default background colors above.</p>
212	for(i=0; i<10; i++){
213	sqlite3_snprintf(sizeof(zNm),zNm,"b%d",i);
214	zBr = P(zNm);
215

M src/tkt.c

+16 -18

		--- src/tkt.c
		+++ src/tkt.c
		@@ -543,22 +543,22 @@
543	543	int showTimeline = P("tl")!=0;
544	544
545	545	login_check_credentials();
546	546	if( !g.perm.RdTkt ){ login_needed(g.anon.RdTkt); return; }
547	547	if( g.anon.WrTkt \|\| g.anon.ApndTkt ){
548		- style_submenu_element("Edit", "%s/tktedit?name=%T", g.zTop, PD("name",""));
	548	+ style_submenu_element("Edit", "%R/tktedit?name=%T", PD("name",""));
549	549	}
550	550	if( g.perm.Hyperlink ){
551		- style_submenu_element("History", "%s/tkthistory/%T", g.zTop, zUuid);
552		- style_submenu_element("Check-ins", "%s/tkttimeline/%T?y=ci", g.zTop, zUuid);
	551	+ style_submenu_element("History", "%R/tkthistory/%T", zUuid);
	552	+ style_submenu_element("Check-ins", "%R/tkttimeline/%T?y=ci", zUuid);
553	553	}
554	554	if( g.anon.NewTkt ){
555		- style_submenu_element("New Ticket", "%s/tktnew", g.zTop);
	555	+ style_submenu_element("New Ticket", "%R/tktnew");
556	556	}
557	557	if( g.anon.ApndTkt && g.anon.Attach ){
558		- style_submenu_element("Attach", "%s/attachadd?tkt=%T&from=%s/tktview/%t",
559		- g.zTop, zUuid, g.zTop, zUuid);
	558	+ style_submenu_element("Attach", "%R/attachadd?tkt=%T&from=%R/tktview/%t",
	559	+ zUuid, zUuid);
560	560	}
561	561	if( P("plaintext") ){
562	562	style_submenu_element("Formatted", "%R/tktview/%s", zUuid);
563	563	}else{
564	564	style_submenu_element("Plaintext", "%R/tktview/%s?plaintext", zUuid);
		@@ -573,11 +573,11 @@
573	573	}else{
574	574	showTimeline = 0;
575	575	}
576	576	}
577	577	if( !showTimeline && g.perm.Hyperlink ){
578		- style_submenu_element("Timeline", "%s/info/%T", g.zTop, zUuid);
	578	+ style_submenu_element("Timeline", "%R/info/%T", zUuid);
579	579	}
580	580	if( g.thTrace ) Th_Trace("BEGIN_TKTVIEW<br />\n", -1);
581	581	ticket_init();
582	582	initializeVariablesFromCGI();
583	583	getAllTicketFields();
		@@ -811,11 +811,11 @@
811	811	Th_Store("date", db_text(0, "SELECT datetime('now')"));
812	812	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd,
813	813	(void*)&zNewUuid, 0);
814	814	if( g.thTrace ) Th_Trace("BEGIN_TKTNEW_SCRIPT<br />\n", -1);
815	815	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zNewUuid ){
816		- cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zNewUuid));
	816	+ cgi_redirect(mprintf("%R/tktview/%s", zNewUuid));
817	817	return;
818	818	}
819	819	captcha_generate(0);
820	820	@ </form>
821	821	if( g.thTrace ) Th_Trace("END_TKTVIEW<br />\n", -1);
		@@ -882,11 +882,11 @@
882	882	Th_Store("date", db_text(0, "SELECT datetime('now')"));
883	883	Th_CreateCommand(g.interp, "append_field", appendRemarkCmd, 0, 0);
884	884	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd, (void*)&zName,0);
885	885	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT_SCRIPT<br />\n", -1);
886	886	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zName ){
887		- cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zName));
	887	+ cgi_redirect(mprintf("%R/tktview/%s", zName));
888	888	return;
889	889	}
890	890	captcha_generate(0);
891	891	@ </form>
892	892	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1);
		@@ -1000,17 +1000,16 @@
1000	1000	return;
1001	1001	}
1002	1002	zUuid = PD("name","");
1003	1003	zType = PD("y","a");
1004	1004	if( zType[0]!='c' ){
1005		- style_submenu_element("Check-ins", "%s/tkttimeline?name=%T&y=ci",
1006		- g.zTop, zUuid);
	1005	+ style_submenu_element("Check-ins", "%R/tkttimeline?name=%T&y=ci", zUuid);
1007	1006	}else{
1008		- style_submenu_element("Timeline", "%s/tkttimeline?name=%T", g.zTop, zUuid);
	1007	+ style_submenu_element("Timeline", "%R/tkttimeline?name=%T", zUuid);
1009	1008	}
1010		- style_submenu_element("History", "%s/tkthistory/%s", g.zTop, zUuid);
1011		- style_submenu_element("Status", "%s/info/%s", g.zTop, zUuid);
	1009	+ style_submenu_element("History", "%R/tkthistory/%s", zUuid);
	1010	+ style_submenu_element("Status", "%R/info/%s", zUuid);
1012	1011	if( zType[0]=='c' ){
1013	1012	zTitle = mprintf("Check-ins Associated With Ticket %h", zUuid);
1014	1013	}else{
1015	1014	zTitle = mprintf("Timeline Of Ticket %h", zUuid);
1016	1015	}
		@@ -1053,14 +1052,13 @@
1053	1052	login_needed(g.anon.Hyperlink && g.anon.RdTkt);
1054	1053	return;
1055	1054	}
1056	1055	zUuid = PD("name","");
1057	1056	zTitle = mprintf("History Of Ticket %h", zUuid);
1058		- style_submenu_element("Status", "%s/info/%s", g.zTop, zUuid);
1059		- style_submenu_element("Check-ins", "%s/tkttimeline?name=%s&y=ci",
1060		- g.zTop, zUuid);
1061		- style_submenu_element("Timeline", "%s/tkttimeline?name=%s", g.zTop, zUuid);
	1057	+ style_submenu_element("Status", "%R/info/%s", zUuid);
	1058	+ style_submenu_element("Check-ins", "%R/tkttimeline?name=%s&y=ci", zUuid);
	1059	+ style_submenu_element("Timeline", "%R/tkttimeline?name=%s", zUuid);
1062	1060	if( P("raw")!=0 ){
1063	1061	style_submenu_element("Decoded", "%R/tkthistory/%s", zUuid);
1064	1062	}else if( g.perm.Admin ){
1065	1063	style_submenu_element("Raw", "%R/tkthistory/%s?raw", zUuid);
1066	1064	}
1067	1065

	--- src/tkt.c
	+++ src/tkt.c
	@@ -543,22 +543,22 @@
543	int showTimeline = P("tl")!=0;
544
545	login_check_credentials();
546	if( !g.perm.RdTkt ){ login_needed(g.anon.RdTkt); return; }
547	if( g.anon.WrTkt \|\| g.anon.ApndTkt ){
548	style_submenu_element("Edit", "%s/tktedit?name=%T", g.zTop, PD("name",""));
549	}
550	if( g.perm.Hyperlink ){
551	style_submenu_element("History", "%s/tkthistory/%T", g.zTop, zUuid);
552	style_submenu_element("Check-ins", "%s/tkttimeline/%T?y=ci", g.zTop, zUuid);
553	}
554	if( g.anon.NewTkt ){
555	style_submenu_element("New Ticket", "%s/tktnew", g.zTop);
556	}
557	if( g.anon.ApndTkt && g.anon.Attach ){
558	style_submenu_element("Attach", "%s/attachadd?tkt=%T&from=%s/tktview/%t",
559	g.zTop, zUuid, g.zTop, zUuid);
560	}
561	if( P("plaintext") ){
562	style_submenu_element("Formatted", "%R/tktview/%s", zUuid);
563	}else{
564	style_submenu_element("Plaintext", "%R/tktview/%s?plaintext", zUuid);
	@@ -573,11 +573,11 @@
573	}else{
574	showTimeline = 0;
575	}
576	}
577	if( !showTimeline && g.perm.Hyperlink ){
578	style_submenu_element("Timeline", "%s/info/%T", g.zTop, zUuid);
579	}
580	if( g.thTrace ) Th_Trace("BEGIN_TKTVIEW<br />\n", -1);
581	ticket_init();
582	initializeVariablesFromCGI();
583	getAllTicketFields();
	@@ -811,11 +811,11 @@
811	Th_Store("date", db_text(0, "SELECT datetime('now')"));
812	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd,
813	(void*)&zNewUuid, 0);
814	if( g.thTrace ) Th_Trace("BEGIN_TKTNEW_SCRIPT<br />\n", -1);
815	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zNewUuid ){
816	cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zNewUuid));
817	return;
818	}
819	captcha_generate(0);
820	@ </form>
821	if( g.thTrace ) Th_Trace("END_TKTVIEW<br />\n", -1);
	@@ -882,11 +882,11 @@
882	Th_Store("date", db_text(0, "SELECT datetime('now')"));
883	Th_CreateCommand(g.interp, "append_field", appendRemarkCmd, 0, 0);
884	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd, (void*)&zName,0);
885	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT_SCRIPT<br />\n", -1);
886	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zName ){
887	cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zName));
888	return;
889	}
890	captcha_generate(0);
891	@ </form>
892	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1);
	@@ -1000,17 +1000,16 @@
1000	return;
1001	}
1002	zUuid = PD("name","");
1003	zType = PD("y","a");
1004	if( zType[0]!='c' ){
1005	style_submenu_element("Check-ins", "%s/tkttimeline?name=%T&y=ci",
1006	g.zTop, zUuid);
1007	}else{
1008	style_submenu_element("Timeline", "%s/tkttimeline?name=%T", g.zTop, zUuid);
1009	}
1010	style_submenu_element("History", "%s/tkthistory/%s", g.zTop, zUuid);
1011	style_submenu_element("Status", "%s/info/%s", g.zTop, zUuid);
1012	if( zType[0]=='c' ){
1013	zTitle = mprintf("Check-ins Associated With Ticket %h", zUuid);
1014	}else{
1015	zTitle = mprintf("Timeline Of Ticket %h", zUuid);
1016	}
	@@ -1053,14 +1052,13 @@
1053	login_needed(g.anon.Hyperlink && g.anon.RdTkt);
1054	return;
1055	}
1056	zUuid = PD("name","");
1057	zTitle = mprintf("History Of Ticket %h", zUuid);
1058	style_submenu_element("Status", "%s/info/%s", g.zTop, zUuid);
1059	style_submenu_element("Check-ins", "%s/tkttimeline?name=%s&y=ci",
1060	g.zTop, zUuid);
1061	style_submenu_element("Timeline", "%s/tkttimeline?name=%s", g.zTop, zUuid);
1062	if( P("raw")!=0 ){
1063	style_submenu_element("Decoded", "%R/tkthistory/%s", zUuid);
1064	}else if( g.perm.Admin ){
1065	style_submenu_element("Raw", "%R/tkthistory/%s?raw", zUuid);
1066	}
1067

	--- src/tkt.c
	+++ src/tkt.c
	@@ -543,22 +543,22 @@
543	int showTimeline = P("tl")!=0;
544
545	login_check_credentials();
546	if( !g.perm.RdTkt ){ login_needed(g.anon.RdTkt); return; }
547	if( g.anon.WrTkt \|\| g.anon.ApndTkt ){
548	style_submenu_element("Edit", "%R/tktedit?name=%T", PD("name",""));
549	}
550	if( g.perm.Hyperlink ){
551	style_submenu_element("History", "%R/tkthistory/%T", zUuid);
552	style_submenu_element("Check-ins", "%R/tkttimeline/%T?y=ci", zUuid);
553	}
554	if( g.anon.NewTkt ){
555	style_submenu_element("New Ticket", "%R/tktnew");
556	}
557	if( g.anon.ApndTkt && g.anon.Attach ){
558	style_submenu_element("Attach", "%R/attachadd?tkt=%T&from=%R/tktview/%t",
559	zUuid, zUuid);
560	}
561	if( P("plaintext") ){
562	style_submenu_element("Formatted", "%R/tktview/%s", zUuid);
563	}else{
564	style_submenu_element("Plaintext", "%R/tktview/%s?plaintext", zUuid);
	@@ -573,11 +573,11 @@
573	}else{
574	showTimeline = 0;
575	}
576	}
577	if( !showTimeline && g.perm.Hyperlink ){
578	style_submenu_element("Timeline", "%R/info/%T", zUuid);
579	}
580	if( g.thTrace ) Th_Trace("BEGIN_TKTVIEW<br />\n", -1);
581	ticket_init();
582	initializeVariablesFromCGI();
583	getAllTicketFields();
	@@ -811,11 +811,11 @@
811	Th_Store("date", db_text(0, "SELECT datetime('now')"));
812	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd,
813	(void*)&zNewUuid, 0);
814	if( g.thTrace ) Th_Trace("BEGIN_TKTNEW_SCRIPT<br />\n", -1);
815	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zNewUuid ){
816	cgi_redirect(mprintf("%R/tktview/%s", zNewUuid));
817	return;
818	}
819	captcha_generate(0);
820	@ </form>
821	if( g.thTrace ) Th_Trace("END_TKTVIEW<br />\n", -1);
	@@ -882,11 +882,11 @@
882	Th_Store("date", db_text(0, "SELECT datetime('now')"));
883	Th_CreateCommand(g.interp, "append_field", appendRemarkCmd, 0, 0);
884	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd, (void*)&zName,0);
885	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT_SCRIPT<br />\n", -1);
886	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zName ){
887	cgi_redirect(mprintf("%R/tktview/%s", zName));
888	return;
889	}
890	captcha_generate(0);
891	@ </form>
892	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1);
	@@ -1000,17 +1000,16 @@
1000	return;
1001	}
1002	zUuid = PD("name","");
1003	zType = PD("y","a");
1004	if( zType[0]!='c' ){
1005	style_submenu_element("Check-ins", "%R/tkttimeline?name=%T&y=ci", zUuid);

1006	}else{
1007	style_submenu_element("Timeline", "%R/tkttimeline?name=%T", zUuid);
1008	}
1009	style_submenu_element("History", "%R/tkthistory/%s", zUuid);
1010	style_submenu_element("Status", "%R/info/%s", zUuid);
1011	if( zType[0]=='c' ){
1012	zTitle = mprintf("Check-ins Associated With Ticket %h", zUuid);
1013	}else{
1014	zTitle = mprintf("Timeline Of Ticket %h", zUuid);
1015	}
	@@ -1053,14 +1052,13 @@
1052	login_needed(g.anon.Hyperlink && g.anon.RdTkt);
1053	return;
1054	}
1055	zUuid = PD("name","");
1056	zTitle = mprintf("History Of Ticket %h", zUuid);
1057	style_submenu_element("Status", "%R/info/%s", zUuid);
1058	style_submenu_element("Check-ins", "%R/tkttimeline?name=%s&y=ci", zUuid);
1059	style_submenu_element("Timeline", "%R/tkttimeline?name=%s", zUuid);

1060	if( P("raw")!=0 ){
1061	style_submenu_element("Decoded", "%R/tkthistory/%s", zUuid);
1062	}else if( g.perm.Admin ){
1063	style_submenu_element("Raw", "%R/tkthistory/%s?raw", zUuid);
1064	}
1065

M src/tktsetup.c

+2 -2

		--- src/tktsetup.c
		+++ src/tktsetup.c
		@@ -148,11 +148,11 @@
148	148	db_set(zDbField, z, 0);
149	149	if( xRebuild ) xRebuild();
150	150	cgi_redirect("tktsetup");
151	151	}
152	152	}
153		- @ <form action="%s(g.zTop)/%s(g.zPath)" method="post"><div>
	153	+ @ <form action="%R/%s(g.zPath)" method="post"><div>
154	154	login_insert_csrf_secret();
155	155	@ <p>%s(zDesc)</p>
156	156	@ <textarea name="x" rows="%d(height)" cols="80">%h(z)</textarea>
157	157	@ <blockquote><p>
158	158	@ <input type="submit" name="submit" value="Apply Changes" />
		@@ -903,11 +903,11 @@
903	903	if( P("setup") ){
904	904	cgi_redirect("tktsetup");
905	905	}
906	906	style_header("Ticket Display On Timelines");
907	907	db_begin_transaction();
908		- @ <form action="%s(g.zTop)/tktsetup_timeline" method="post"><div>
	908	+ @ <form action="%R/tktsetup_timeline" method="post"><div>
909	909	login_insert_csrf_secret();
910	910
911	911	@ <hr />
912	912	entry_attribute("Ticket Title", 40, "ticket-title-expr", "t",
913	913	"title", 0);
914	914

	--- src/tktsetup.c
	+++ src/tktsetup.c
	@@ -148,11 +148,11 @@
148	db_set(zDbField, z, 0);
149	if( xRebuild ) xRebuild();
150	cgi_redirect("tktsetup");
151	}
152	}
153	@ <form action="%s(g.zTop)/%s(g.zPath)" method="post"><div>
154	login_insert_csrf_secret();
155	@ <p>%s(zDesc)</p>
156	@ <textarea name="x" rows="%d(height)" cols="80">%h(z)</textarea>
157	@ <blockquote><p>
158	@ <input type="submit" name="submit" value="Apply Changes" />
	@@ -903,11 +903,11 @@
903	if( P("setup") ){
904	cgi_redirect("tktsetup");
905	}
906	style_header("Ticket Display On Timelines");
907	db_begin_transaction();
908	@ <form action="%s(g.zTop)/tktsetup_timeline" method="post"><div>
909	login_insert_csrf_secret();
910
911	@ <hr />
912	entry_attribute("Ticket Title", 40, "ticket-title-expr", "t",
913	"title", 0);
914

	--- src/tktsetup.c
	+++ src/tktsetup.c
	@@ -148,11 +148,11 @@
148	db_set(zDbField, z, 0);
149	if( xRebuild ) xRebuild();
150	cgi_redirect("tktsetup");
151	}
152	}
153	@ <form action="%R/%s(g.zPath)" method="post"><div>
154	login_insert_csrf_secret();
155	@ <p>%s(zDesc)</p>
156	@ <textarea name="x" rows="%d(height)" cols="80">%h(z)</textarea>
157	@ <blockquote><p>
158	@ <input type="submit" name="submit" value="Apply Changes" />
	@@ -903,11 +903,11 @@
903	if( P("setup") ){
904	cgi_redirect("tktsetup");
905	}
906	style_header("Ticket Display On Timelines");
907	db_begin_transaction();
908	@ <form action="%R/tktsetup_timeline" method="post"><div>
909	login_insert_csrf_secret();
910
911	@ <hr />
912	entry_attribute("Ticket Title", 40, "ticket-title-expr", "t",
913	"title", 0);
914

M src/url.c

+1 -1

		--- src/url.c
		+++ src/url.c
		@@ -540,11 +540,11 @@
540	540	){
541	541	const char *zSep = "?";
542	542	int i;
543	543
544	544	blob_reset(&p->url);
545		- blob_appendf(&p->url, "%s/%s", g.zTop, p->zBase);
	545	+ blob_appendf(&p->url, "%R/%s", p->zBase);
546	546	for(i=0; i<p->nParam; i++){
547	547	const char *z = p->azValue[i];
548	548	if( zName1 && fossil_strcmp(zName1,p->azName[i])==0 ){
549	549	zName1 = 0;
550	550	z = zValue1;
551	551

	--- src/url.c
	+++ src/url.c
	@@ -540,11 +540,11 @@
540	){
541	const char *zSep = "?";
542	int i;
543
544	blob_reset(&p->url);
545	blob_appendf(&p->url, "%s/%s", g.zTop, p->zBase);
546	for(i=0; i<p->nParam; i++){
547	const char *z = p->azValue[i];
548	if( zName1 && fossil_strcmp(zName1,p->azName[i])==0 ){
549	zName1 = 0;
550	z = zValue1;
551

	--- src/url.c
	+++ src/url.c
	@@ -540,11 +540,11 @@
540	){
541	const char *zSep = "?";
542	int i;
543
544	blob_reset(&p->url);
545	blob_appendf(&p->url, "%R/%s", p->zBase);
546	for(i=0; i<p->nParam; i++){
547	const char *z = p->azValue[i];
548	if( zName1 && fossil_strcmp(zName1,p->azName[i])==0 ){
549	zName1 = 0;
550	z = zValue1;
551

M src/user.c

+13 -13

		--- src/user.c
		+++ src/user.c
		@@ -657,28 +657,28 @@
657	657	create_accesslog_table();
658	658
659	659
660	660	if( P("delall") && P("delallbtn") ){
661	661	db_multi_exec("DELETE FROM accesslog");
662		- cgi_redirectf("%s/access_log?y=%d&n=%d&o=%o", g.zTop, y, n, skip);
	662	+ cgi_redirectf("%R/access_log?y=%d&n=%d&o=%o", y, n, skip);
663	663	return;
664	664	}
665	665	if( P("delanon") && P("delanonbtn") ){
666	666	db_multi_exec("DELETE FROM accesslog WHERE uname='anonymous'");
667		- cgi_redirectf("%s/access_log?y=%d&n=%d&o=%o", g.zTop, y, n, skip);
	667	+ cgi_redirectf("%R/access_log?y=%d&n=%d&o=%o", y, n, skip);
668	668	return;
669	669	}
670	670	if( P("delfail") && P("delfailbtn") ){
671	671	db_multi_exec("DELETE FROM accesslog WHERE NOT success");
672		- cgi_redirectf("%s/access_log?y=%d&n=%d&o=%o", g.zTop, y, n, skip);
	672	+ cgi_redirectf("%R/access_log?y=%d&n=%d&o=%o", y, n, skip);
673	673	return;
674	674	}
675	675	if( P("delold") && P("deloldbtn") ){
676	676	db_multi_exec("DELETE FROM accesslog WHERE rowid in"
677	677	"(SELECT rowid FROM accesslog ORDER BY rowid DESC"
678	678	" LIMIT -1 OFFSET 200)");
679		- cgi_redirectf("%s/access_log?y=%d&n=%d", g.zTop, y, n);
	679	+ cgi_redirectf("%R/access_log?y=%d&n=%d", y, n);
680	680	return;
681	681	}
682	682	style_header("Access Log");
683	683	blob_zero(&sql);
684	684	blob_append_sql(&sql,
		@@ -694,12 +694,12 @@
694	694	}else if( y==2 ){
695	695	blob_append(&sql, " WHERE NOT success", -1);
696	696	}
697	697	blob_append_sql(&sql," ORDER BY rowid DESC LIMIT %d OFFSET %d", n+1, skip);
698	698	if( skip ){
699		- style_submenu_element("Newer", "%s/access_log?o=%d&n=%d&y=%d",
700		- g.zTop, skip>=n ? skip-n : 0, n, y);
	699	+ style_submenu_element("Newer", "%R/access_log?o=%d&n=%d&y=%d",
	700	+ skip>=n ? skip-n : 0, n, y);
701	701	}
702	702	rc = db_prepare_ignore_error(&q, "%s", blob_sql_text(&sql));
703	703	fLogEnabled = db_get_boolean("access-log", 0);
704	704	@ <div align="center">Access logging is %s(fLogEnabled?"on":"off").
705	705	@ (Change this on the <a href="setup_settings">settings</a> page.)</div>
		@@ -712,12 +712,12 @@
712	712	const char *zIP = db_column_text(&q, 1);
713	713	const char *zDate = db_column_text(&q, 2);
714	714	int bSuccess = db_column_int(&q, 3);
715	715	cnt++;
716	716	if( cnt>n ){
717		- style_submenu_element("Older", "%s/access_log?o=%d&n=%d&y=%d",
718		- g.zTop, skip+n, n, y);
	717	+ style_submenu_element("Older", "%R/access_log?o=%d&n=%d&y=%d",
	718	+ skip+n, n, y);
719	719	break;
720	720	}
721	721	if( bSuccess ){
722	722	@ <tr>
723	723	}else{
		@@ -724,33 +724,33 @@
724	724	@ <tr bgcolor="#ffacc0">
725	725	}
726	726	@ <td>%s(zDate)</td><td>%h(zName)</td><td>%h(zIP)</td></tr>
727	727	}
728	728	if( skip>0 \|\| cnt>n ){
729		- style_submenu_element("All", "%s/access_log?n=10000000", g.zTop);
	729	+ style_submenu_element("All", "%R/access_log?n=10000000");
730	730	}
731	731	@ </tbody></table>
732	732	db_finalize(&q);
733	733	@ <hr />
734		- @ <form method="post" action="%s(g.zTop)/access_log">
	734	+ @ <form method="post" action="%R/access_log">
735	735	@ <label><input type="checkbox" name="delold">
736	736	@ Delete all but the most recent 200 entries</input></label>
737	737	@ <input type="submit" name="deloldbtn" value="Delete"></input>
738	738	@ </form>
739		- @ <form method="post" action="%s(g.zTop)/access_log">
	739	+ @ <form method="post" action="%R/access_log">
740	740	@ <label><input type="checkbox" name="delanon">
741	741	@ Delete all entries for user "anonymous"</input></label>
742	742	@ <input type="submit" name="delanonbtn" value="Delete"></input>
743	743	@ </form>
744		- @ <form method="post" action="%s(g.zTop)/access_log">
	744	+ @ <form method="post" action="%R/access_log">
745	745	@ <label><input type="checkbox" name="delfail">
746	746	@ Delete all failed login attempts</input></label>
747	747	@ <input type="submit" name="delfailbtn" value="Delete"></input>
748	748	@ </form>
749		- @ <form method="post" action="%s(g.zTop)/access_log">
	749	+ @ <form method="post" action="%R/access_log">
750	750	@ <label><input type="checkbox" name="delall">
751	751	@ Delete all entries</input></label>
752	752	@ <input type="submit" name="delallbtn" value="Delete"></input>
753	753	@ </form>
754	754	style_table_sorter();
755	755	style_footer();
756	756	}
757	757

	--- src/user.c
	+++ src/user.c
	@@ -657,28 +657,28 @@
657	create_accesslog_table();
658
659
660	if( P("delall") && P("delallbtn") ){
661	db_multi_exec("DELETE FROM accesslog");
662	cgi_redirectf("%s/access_log?y=%d&n=%d&o=%o", g.zTop, y, n, skip);
663	return;
664	}
665	if( P("delanon") && P("delanonbtn") ){
666	db_multi_exec("DELETE FROM accesslog WHERE uname='anonymous'");
667	cgi_redirectf("%s/access_log?y=%d&n=%d&o=%o", g.zTop, y, n, skip);
668	return;
669	}
670	if( P("delfail") && P("delfailbtn") ){
671	db_multi_exec("DELETE FROM accesslog WHERE NOT success");
672	cgi_redirectf("%s/access_log?y=%d&n=%d&o=%o", g.zTop, y, n, skip);
673	return;
674	}
675	if( P("delold") && P("deloldbtn") ){
676	db_multi_exec("DELETE FROM accesslog WHERE rowid in"
677	"(SELECT rowid FROM accesslog ORDER BY rowid DESC"
678	" LIMIT -1 OFFSET 200)");
679	cgi_redirectf("%s/access_log?y=%d&n=%d", g.zTop, y, n);
680	return;
681	}
682	style_header("Access Log");
683	blob_zero(&sql);
684	blob_append_sql(&sql,
	@@ -694,12 +694,12 @@
694	}else if( y==2 ){
695	blob_append(&sql, " WHERE NOT success", -1);
696	}
697	blob_append_sql(&sql," ORDER BY rowid DESC LIMIT %d OFFSET %d", n+1, skip);
698	if( skip ){
699	style_submenu_element("Newer", "%s/access_log?o=%d&n=%d&y=%d",
700	g.zTop, skip>=n ? skip-n : 0, n, y);
701	}
702	rc = db_prepare_ignore_error(&q, "%s", blob_sql_text(&sql));
703	fLogEnabled = db_get_boolean("access-log", 0);
704	@ <div align="center">Access logging is %s(fLogEnabled?"on":"off").
705	@ (Change this on the <a href="setup_settings">settings</a> page.)</div>
	@@ -712,12 +712,12 @@
712	const char *zIP = db_column_text(&q, 1);
713	const char *zDate = db_column_text(&q, 2);
714	int bSuccess = db_column_int(&q, 3);
715	cnt++;
716	if( cnt>n ){
717	style_submenu_element("Older", "%s/access_log?o=%d&n=%d&y=%d",
718	g.zTop, skip+n, n, y);
719	break;
720	}
721	if( bSuccess ){
722	@ <tr>
723	}else{
	@@ -724,33 +724,33 @@
724	@ <tr bgcolor="#ffacc0">
725	}
726	@ <td>%s(zDate)</td><td>%h(zName)</td><td>%h(zIP)</td></tr>
727	}
728	if( skip>0 \|\| cnt>n ){
729	style_submenu_element("All", "%s/access_log?n=10000000", g.zTop);
730	}
731	@ </tbody></table>
732	db_finalize(&q);
733	@ <hr />
734	@ <form method="post" action="%s(g.zTop)/access_log">
735	@ <label><input type="checkbox" name="delold">
736	@ Delete all but the most recent 200 entries</input></label>
737	@ <input type="submit" name="deloldbtn" value="Delete"></input>
738	@ </form>
739	@ <form method="post" action="%s(g.zTop)/access_log">
740	@ <label><input type="checkbox" name="delanon">
741	@ Delete all entries for user "anonymous"</input></label>
742	@ <input type="submit" name="delanonbtn" value="Delete"></input>
743	@ </form>
744	@ <form method="post" action="%s(g.zTop)/access_log">
745	@ <label><input type="checkbox" name="delfail">
746	@ Delete all failed login attempts</input></label>
747	@ <input type="submit" name="delfailbtn" value="Delete"></input>
748	@ </form>
749	@ <form method="post" action="%s(g.zTop)/access_log">
750	@ <label><input type="checkbox" name="delall">
751	@ Delete all entries</input></label>
752	@ <input type="submit" name="delallbtn" value="Delete"></input>
753	@ </form>
754	style_table_sorter();
755	style_footer();
756	}
757

	--- src/user.c
	+++ src/user.c
	@@ -657,28 +657,28 @@
657	create_accesslog_table();
658
659
660	if( P("delall") && P("delallbtn") ){
661	db_multi_exec("DELETE FROM accesslog");
662	cgi_redirectf("%R/access_log?y=%d&n=%d&o=%o", y, n, skip);
663	return;
664	}
665	if( P("delanon") && P("delanonbtn") ){
666	db_multi_exec("DELETE FROM accesslog WHERE uname='anonymous'");
667	cgi_redirectf("%R/access_log?y=%d&n=%d&o=%o", y, n, skip);
668	return;
669	}
670	if( P("delfail") && P("delfailbtn") ){
671	db_multi_exec("DELETE FROM accesslog WHERE NOT success");
672	cgi_redirectf("%R/access_log?y=%d&n=%d&o=%o", y, n, skip);
673	return;
674	}
675	if( P("delold") && P("deloldbtn") ){
676	db_multi_exec("DELETE FROM accesslog WHERE rowid in"
677	"(SELECT rowid FROM accesslog ORDER BY rowid DESC"
678	" LIMIT -1 OFFSET 200)");
679	cgi_redirectf("%R/access_log?y=%d&n=%d", y, n);
680	return;
681	}
682	style_header("Access Log");
683	blob_zero(&sql);
684	blob_append_sql(&sql,
	@@ -694,12 +694,12 @@
694	}else if( y==2 ){
695	blob_append(&sql, " WHERE NOT success", -1);
696	}
697	blob_append_sql(&sql," ORDER BY rowid DESC LIMIT %d OFFSET %d", n+1, skip);
698	if( skip ){
699	style_submenu_element("Newer", "%R/access_log?o=%d&n=%d&y=%d",
700	skip>=n ? skip-n : 0, n, y);
701	}
702	rc = db_prepare_ignore_error(&q, "%s", blob_sql_text(&sql));
703	fLogEnabled = db_get_boolean("access-log", 0);
704	@ <div align="center">Access logging is %s(fLogEnabled?"on":"off").
705	@ (Change this on the <a href="setup_settings">settings</a> page.)</div>
	@@ -712,12 +712,12 @@
712	const char *zIP = db_column_text(&q, 1);
713	const char *zDate = db_column_text(&q, 2);
714	int bSuccess = db_column_int(&q, 3);
715	cnt++;
716	if( cnt>n ){
717	style_submenu_element("Older", "%R/access_log?o=%d&n=%d&y=%d",
718	skip+n, n, y);
719	break;
720	}
721	if( bSuccess ){
722	@ <tr>
723	}else{
	@@ -724,33 +724,33 @@
724	@ <tr bgcolor="#ffacc0">
725	}
726	@ <td>%s(zDate)</td><td>%h(zName)</td><td>%h(zIP)</td></tr>
727	}
728	if( skip>0 \|\| cnt>n ){
729	style_submenu_element("All", "%R/access_log?n=10000000");
730	}
731	@ </tbody></table>
732	db_finalize(&q);
733	@ <hr />
734	@ <form method="post" action="%R/access_log">
735	@ <label><input type="checkbox" name="delold">
736	@ Delete all but the most recent 200 entries</input></label>
737	@ <input type="submit" name="deloldbtn" value="Delete"></input>
738	@ </form>
739	@ <form method="post" action="%R/access_log">
740	@ <label><input type="checkbox" name="delanon">
741	@ Delete all entries for user "anonymous"</input></label>
742	@ <input type="submit" name="delanonbtn" value="Delete"></input>
743	@ </form>
744	@ <form method="post" action="%R/access_log">
745	@ <label><input type="checkbox" name="delfail">
746	@ Delete all failed login attempts</input></label>
747	@ <input type="submit" name="delfailbtn" value="Delete"></input>
748	@ </form>
749	@ <form method="post" action="%R/access_log">
750	@ <label><input type="checkbox" name="delall">
751	@ Delete all entries</input></label>
752	@ <input type="submit" name="delallbtn" value="Delete"></input>
753	@ </form>
754	style_table_sorter();
755	style_footer();
756	}
757

M src/wiki.c

+4 -4

		--- src/wiki.c
		+++ src/wiki.c
		@@ -121,14 +121,14 @@
121	121	while( zIndexPage[0]=='/' ) zIndexPage++;
122	122	while( zPathInfo[0]=='/' ) zPathInfo++;
123	123	if( fossil_strcmp(zIndexPage, zPathInfo)==0 ) zIndexPage = 0;
124	124	}
125	125	if( zIndexPage ){
126		- cgi_redirectf("%s/%s", g.zTop, zIndexPage);
	126	+ cgi_redirectf("%R/%s", zIndexPage);
127	127	}
128	128	if( !g.perm.RdWiki ){
129		- cgi_redirectf("%s/login?g=%s/home", g.zTop, g.zTop);
	129	+ cgi_redirectf("%R/login?g=%R/home");
130	130	}
131	131	if( zPageName ){
132	132	login_check_credentials();
133	133	g.zExtra = zPageName;
134	134	cgi_set_parameter_nocopy("name", g.zExtra, 1);
		@@ -1688,13 +1688,13 @@
1688	1688
1689	1689	login_check_credentials();
1690	1690	if( !g.perm.RdWiki ){ login_needed(g.anon.RdWiki); return; }
1691	1691	style_header("Available Wiki Pages");
1692	1692	if( showAll ){
1693		- style_submenu_element("Active", "%s/wcontent", g.zTop);
	1693	+ style_submenu_element("Active", "%R/wcontent");
1694	1694	}else{
1695		- style_submenu_element("All", "%s/wcontent?all=1", g.zTop);
	1695	+ style_submenu_element("All", "%R/wcontent?all=1");
1696	1696	}
1697	1697	wiki_standard_submenu(W_ALL_BUT(W_LIST));
1698	1698	db_prepare(&q, listAllWikiPages/works-like:""/);
1699	1699	@ <div class="brlist">
1700	1700	@ <table class='sortable' data-column-types='tKN' data-init-sort='1'>
1701	1701

	--- src/wiki.c
	+++ src/wiki.c
	@@ -121,14 +121,14 @@
121	while( zIndexPage[0]=='/' ) zIndexPage++;
122	while( zPathInfo[0]=='/' ) zPathInfo++;
123	if( fossil_strcmp(zIndexPage, zPathInfo)==0 ) zIndexPage = 0;
124	}
125	if( zIndexPage ){
126	cgi_redirectf("%s/%s", g.zTop, zIndexPage);
127	}
128	if( !g.perm.RdWiki ){
129	cgi_redirectf("%s/login?g=%s/home", g.zTop, g.zTop);
130	}
131	if( zPageName ){
132	login_check_credentials();
133	g.zExtra = zPageName;
134	cgi_set_parameter_nocopy("name", g.zExtra, 1);
	@@ -1688,13 +1688,13 @@
1688
1689	login_check_credentials();
1690	if( !g.perm.RdWiki ){ login_needed(g.anon.RdWiki); return; }
1691	style_header("Available Wiki Pages");
1692	if( showAll ){
1693	style_submenu_element("Active", "%s/wcontent", g.zTop);
1694	}else{
1695	style_submenu_element("All", "%s/wcontent?all=1", g.zTop);
1696	}
1697	wiki_standard_submenu(W_ALL_BUT(W_LIST));
1698	db_prepare(&q, listAllWikiPages/works-like:""/);
1699	@ <div class="brlist">
1700	@ <table class='sortable' data-column-types='tKN' data-init-sort='1'>
1701

	--- src/wiki.c
	+++ src/wiki.c
	@@ -121,14 +121,14 @@
121	while( zIndexPage[0]=='/' ) zIndexPage++;
122	while( zPathInfo[0]=='/' ) zPathInfo++;
123	if( fossil_strcmp(zIndexPage, zPathInfo)==0 ) zIndexPage = 0;
124	}
125	if( zIndexPage ){
126	cgi_redirectf("%R/%s", zIndexPage);
127	}
128	if( !g.perm.RdWiki ){
129	cgi_redirectf("%R/login?g=%R/home");
130	}
131	if( zPageName ){
132	login_check_credentials();
133	g.zExtra = zPageName;
134	cgi_set_parameter_nocopy("name", g.zExtra, 1);
	@@ -1688,13 +1688,13 @@
1688
1689	login_check_credentials();
1690	if( !g.perm.RdWiki ){ login_needed(g.anon.RdWiki); return; }
1691	style_header("Available Wiki Pages");
1692	if( showAll ){
1693	style_submenu_element("Active", "%R/wcontent");
1694	}else{
1695	style_submenu_element("All", "%R/wcontent?all=1");
1696	}
1697	wiki_standard_submenu(W_ALL_BUT(W_LIST));
1698	db_prepare(&q, listAllWikiPages/works-like:""/);
1699	@ <div class="brlist">
1700	@ <table class='sortable' data-column-types='tKN' data-init-sort='1'>
1701

M src/wikiformat.c

+1 -1

		--- src/wikiformat.c
		+++ src/wikiformat.c
		@@ -867,11 +867,11 @@
867	867	for(i=0; i<p->nAttr; i++){
868	868	blob_appendf(pOut, " %s", aAttribute[p->aAttr[i].iACode].zName);
869	869	if( p->aAttr[i].zValue ){
870	870	const char *zVal = p->aAttr[i].zValue;
871	871	if( p->aAttr[i].iACode==ATTR_SRC && zVal[0]=='/' ){
872		- blob_appendf(pOut, "=\"%s%s\"", g.zTop, zVal);
	872	+ blob_appendf(pOut, "=\"%R%s\"", zVal);
873	873	}else{
874	874	blob_appendf(pOut, "=\"%s\"", zVal);
875	875	}
876	876	}
877	877	}
878	878

	--- src/wikiformat.c
	+++ src/wikiformat.c
	@@ -867,11 +867,11 @@
867	for(i=0; i<p->nAttr; i++){
868	blob_appendf(pOut, " %s", aAttribute[p->aAttr[i].iACode].zName);
869	if( p->aAttr[i].zValue ){
870	const char *zVal = p->aAttr[i].zValue;
871	if( p->aAttr[i].iACode==ATTR_SRC && zVal[0]=='/' ){
872	blob_appendf(pOut, "=\"%s%s\"", g.zTop, zVal);
873	}else{
874	blob_appendf(pOut, "=\"%s\"", zVal);
875	}
876	}
877	}
878

	--- src/wikiformat.c
	+++ src/wikiformat.c
	@@ -867,11 +867,11 @@
867	for(i=0; i<p->nAttr; i++){
868	blob_appendf(pOut, " %s", aAttribute[p->aAttr[i].iACode].zName);
869	if( p->aAttr[i].zValue ){
870	const char *zVal = p->aAttr[i].zValue;
871	if( p->aAttr[i].iACode==ATTR_SRC && zVal[0]=='/' ){
872	blob_appendf(pOut, "=\"%R%s\"", zVal);
873	}else{
874	blob_appendf(pOut, "=\"%s\"", zVal);
875	}
876	}
877	}
878

M src/xfersetup.c

+2 -2

		--- src/xfersetup.c
		+++ src/xfersetup.c
		@@ -71,11 +71,11 @@
71	71	@
72	72	@ <big><b>%h(zWarning)</b></big>
73	73	free(zWarning);
74	74	}
75	75	@
76		- @ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><div>
	76	+ @ <form method="post" action="%R/%s(g.zPath)"><div>
77	77	login_insert_csrf_secret();
78	78	@ <input type="submit" name="sync" value="%h(zButton)" />
79	79	@ </div></form>
80	80	@
81	81	if( P("sync") ){
		@@ -133,11 +133,11 @@
133	133	db_set(zDbField, z, 0);
134	134	if( xRebuild ) xRebuild();
135	135	cgi_redirect("xfersetup");
136	136	}
137	137	}
138		- @ <form action="%s(g.zTop)/%s(g.zPath)" method="post"><div>
	138	+ @ <form action="%R/%s(g.zPath)" method="post"><div>
139	139	login_insert_csrf_secret();
140	140	@ <p>%s(zDesc)</p>
141	141	@ <textarea name="x" rows="%d(height)" cols="80">%h(z)</textarea>
142	142	@ <p>
143	143	@ <input type="submit" name="submit" value="Apply Changes" />
144	144

	--- src/xfersetup.c
	+++ src/xfersetup.c
	@@ -71,11 +71,11 @@
71	@
72	@ <big><b>%h(zWarning)</b></big>
73	free(zWarning);
74	}
75	@
76	@ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><div>
77	login_insert_csrf_secret();
78	@ <input type="submit" name="sync" value="%h(zButton)" />
79	@ </div></form>
80	@
81	if( P("sync") ){
	@@ -133,11 +133,11 @@
133	db_set(zDbField, z, 0);
134	if( xRebuild ) xRebuild();
135	cgi_redirect("xfersetup");
136	}
137	}
138	@ <form action="%s(g.zTop)/%s(g.zPath)" method="post"><div>
139	login_insert_csrf_secret();
140	@ <p>%s(zDesc)</p>
141	@ <textarea name="x" rows="%d(height)" cols="80">%h(z)</textarea>
142	@ <p>
143	@ <input type="submit" name="submit" value="Apply Changes" />
144

	--- src/xfersetup.c
	+++ src/xfersetup.c
	@@ -71,11 +71,11 @@
71	@
72	@ <big><b>%h(zWarning)</b></big>
73	free(zWarning);
74	}
75	@
76	@ <form method="post" action="%R/%s(g.zPath)"><div>
77	login_insert_csrf_secret();
78	@ <input type="submit" name="sync" value="%h(zButton)" />
79	@ </div></form>
80	@
81	if( P("sync") ){
	@@ -133,11 +133,11 @@
133	db_set(zDbField, z, 0);
134	if( xRebuild ) xRebuild();
135	cgi_redirect("xfersetup");
136	}
137	}
138	@ <form action="%R/%s(g.zPath)" method="post"><div>
139	login_insert_csrf_secret();
140	@ <p>%s(zDesc)</p>
141	@ <textarea name="x" rows="%d(height)" cols="80">%h(z)</textarea>
142	@ <p>
143	@ <input type="submit" name="submit" value="Apply Changes" />
144

Fossil SCM

Keyboard Shortcuts