e6a1910fa8a… — Fossil SCM

M src/attach.c

+16 -8

		--- src/attach.c
		+++ src/attach.c
		@@ -71,10 +71,11 @@
71	71	const char *zFilename = db_column_text(&q, 3);
72	72	const char *zComment = db_column_text(&q, 4);
73	73	const char *zUser = db_column_text(&q, 5);
74	74	const char *zUuid = db_column_text(&q, 6);
75	75	int attachid = db_column_int(&q, 7);
	76	+ const char *zDispUser = zUser && zUser[0] ? zUser : "anonymous";
76	77	int i;
77	78	char *zUrlTail;
78	79	for(i=0; zFilename[i]; i++){
79	80	if( zFilename[i]=='/' && zFilename[i+1]!=0 ){
80	81	zFilename = &zFilename[i+1];
		@@ -115,11 +116,11 @@
115	116	@ Deleted
116	117	}else {
117	118	@ Added
118	119	}
119	120	}
120		- @ by %h(zUser) on
	121	+ @ by %h(zDispUser) on
121	122	hyperlink_to_date(zDate, ".");
122	123	free(zUrlTail);
123	124	}
124	125	db_finalize(&q);
125	126	@ </ol>
		@@ -235,10 +236,11 @@
235	236	const char *aContent = P("f");
236	237	const char *zName = PD("f:filename","unknown");
237	238	const char *zTarget;
238	239	const char *zTargetType;
239	240	int szContent = atoi(PD("f:bytes","0"));
	241	+ int goodCaptcha = 1;
240	242
241	243	if( P("cancel") ) cgi_redirect(zFrom);
242	244	if( zPage && zTkt ) fossil_redirect_home();
243	245	if( zPage==0 && zTkt==0 ) fossil_redirect_home();
244	246	login_check_credentials();
		@@ -263,11 +265,11 @@
263	265	}
264	266	if( zFrom==0 ) zFrom = mprintf("%s/home", g.zTop);
265	267	if( P("cancel") ){
266	268	cgi_redirect(zFrom);
267	269	}
268		- if( P("ok") && szContent>0 ){
	270	+ if( P("ok") && szContent>0 && (goodCaptcha = captcha_is_correct()) ){
269	271	Blob content;
270	272	Blob manifest;
271	273	Blob cksum;
272	274	char *zUUID;
273	275	const char *zComment;
		@@ -316,13 +318,16 @@
316	318	assert( blob_is_reset(&manifest) );
317	319	db_end_transaction(0);
318	320	cgi_redirect(zFrom);
319	321	}
320	322	style_header("Add Attachment");
	323	+ if( !goodCaptcha ){
	324	+ @ <p class="generalError">Error: Incorrect security code.</p>
	325	+ }
321	326	@ <h2>Add Attachment To %s(zTargetType)</h2>
322		- @ <form action="%s(g.zTop)/attachadd" method="post"
323		- @ enctype="multipart/form-data"><div>
	327	+ form_begin("enctype='multipart/form-data'", "%R/attachadd");
	328	+ @ <div>
324	329	@ File to Attach:
325	330	@ <input type="file" name="f" size="60" /><br />
326	331	@ Description:<br />
327	332	@ <textarea name="comment" cols="80" rows="5" wrap="virtual"></textarea><br />
328	333	if( zTkt ){
		@@ -331,11 +336,13 @@
331	336	@ <input type="hidden" name="page" value="%h(zPage)" />
332	337	}
333	338	@ <input type="hidden" name="from" value="%h(zFrom)" />
334	339	@ <input type="submit" name="ok" value="Add Attachment" />
335	340	@ <input type="submit" name="cancel" value="Cancel" />
336		- @ </div></form>
	341	+ @ </div>
	342	+ captcha_generate();
	343	+ @ </form>
337	344	style_footer();
338	345	}
339	346
340	347	/*
341	348	** WEBPAGE: ainfo
		@@ -432,11 +439,11 @@
432	439	}
433	440
434	441	if( P("del")
435	442	&& ((zTktUuid && g.perm.WrTkt) \|\| (zWikiName && g.perm.WrWiki))
436	443	){
437		- @ <form method="post" action="%R/ainfo/%s(zUuid)">
	444	+ form_begin(0, "%R/ainfo/%s", zUuid);
438	445	@ <p>Confirm you want to delete the attachment shown below.
439	446	@ <input type="submit" name="confirm" value="Confirm">
440	447	@ </form>
441	448	}
442	449
		@@ -496,11 +503,11 @@
496	503	@ </table>
497	504
498	505	if( isModerator && modPending ){
499	506	@ <div class="section">Moderation</div>
500	507	@ <blockquote>
501		- @ <form method="POST" action="%R/ainfo/%s(zUuid)">
	508	+ form_begin(0, "%R/ainfo/%s", zUuid);
502	509	@ <label><input type="radio" name="modaction" value="delete">
503	510	@ Delete this change</label><br />
504	511	@ <label><input type="radio" name="modaction" value="approve">
505	512	@ Approve this change</label><br />
506	513	@ <input type="submit" value="Submit">
		@@ -557,17 +564,18 @@
557	564	const char *zDate = db_column_text(&q, 0);
558	565	const char *zFile = db_column_text(&q, 1);
559	566	const char *zUser = db_column_text(&q, 2);
560	567	const char *zUuid = db_column_text(&q, 3);
561	568	const char *zSrc = db_column_text(&q, 4);
	569	+ const char *zDispUser = zUser && zUser[0] ? zUser : "anonymous";
562	570	if( cnt==0 ){
563	571	@ %s(zHeader)
564	572	}
565	573	cnt++;
566	574	@ <li>
567	575	@ %z(href("%R/artifact/%s",zSrc))%h(zFile)</a>
568		- @ added by %h(zUser) on
	576	+ @ added by %h(zDispUser) on
569	577	hyperlink_to_date(zDate, ".");
570	578	@ [%z(href("%R/ainfo/%s",zUuid))details</a>]
571	579	@ </li>
572	580	}
573	581	if( cnt ){
574	582

	--- src/attach.c
	+++ src/attach.c
	@@ -71,10 +71,11 @@
71	const char *zFilename = db_column_text(&q, 3);
72	const char *zComment = db_column_text(&q, 4);
73	const char *zUser = db_column_text(&q, 5);
74	const char *zUuid = db_column_text(&q, 6);
75	int attachid = db_column_int(&q, 7);

76	int i;
77	char *zUrlTail;
78	for(i=0; zFilename[i]; i++){
79	if( zFilename[i]=='/' && zFilename[i+1]!=0 ){
80	zFilename = &zFilename[i+1];
	@@ -115,11 +116,11 @@
115	@ Deleted
116	}else {
117	@ Added
118	}
119	}
120	@ by %h(zUser) on
121	hyperlink_to_date(zDate, ".");
122	free(zUrlTail);
123	}
124	db_finalize(&q);
125	@ </ol>
	@@ -235,10 +236,11 @@
235	const char *aContent = P("f");
236	const char *zName = PD("f:filename","unknown");
237	const char *zTarget;
238	const char *zTargetType;
239	int szContent = atoi(PD("f:bytes","0"));

240
241	if( P("cancel") ) cgi_redirect(zFrom);
242	if( zPage && zTkt ) fossil_redirect_home();
243	if( zPage==0 && zTkt==0 ) fossil_redirect_home();
244	login_check_credentials();
	@@ -263,11 +265,11 @@
263	}
264	if( zFrom==0 ) zFrom = mprintf("%s/home", g.zTop);
265	if( P("cancel") ){
266	cgi_redirect(zFrom);
267	}
268	if( P("ok") && szContent>0 ){
269	Blob content;
270	Blob manifest;
271	Blob cksum;
272	char *zUUID;
273	const char *zComment;
	@@ -316,13 +318,16 @@
316	assert( blob_is_reset(&manifest) );
317	db_end_transaction(0);
318	cgi_redirect(zFrom);
319	}
320	style_header("Add Attachment");



321	@ <h2>Add Attachment To %s(zTargetType)</h2>
322	@ <form action="%s(g.zTop)/attachadd" method="post"
323	@ enctype="multipart/form-data"><div>
324	@ File to Attach:
325	@ <input type="file" name="f" size="60" /><br />
326	@ Description:<br />
327	@ <textarea name="comment" cols="80" rows="5" wrap="virtual"></textarea><br />
328	if( zTkt ){
	@@ -331,11 +336,13 @@
331	@ <input type="hidden" name="page" value="%h(zPage)" />
332	}
333	@ <input type="hidden" name="from" value="%h(zFrom)" />
334	@ <input type="submit" name="ok" value="Add Attachment" />
335	@ <input type="submit" name="cancel" value="Cancel" />
336	@ </div></form>


337	style_footer();
338	}
339
340	/*
341	** WEBPAGE: ainfo
	@@ -432,11 +439,11 @@
432	}
433
434	if( P("del")
435	&& ((zTktUuid && g.perm.WrTkt) \|\| (zWikiName && g.perm.WrWiki))
436	){
437	@ <form method="post" action="%R/ainfo/%s(zUuid)">
438	@ <p>Confirm you want to delete the attachment shown below.
439	@ <input type="submit" name="confirm" value="Confirm">
440	@ </form>
441	}
442
	@@ -496,11 +503,11 @@
496	@ </table>
497
498	if( isModerator && modPending ){
499	@ <div class="section">Moderation</div>
500	@ <blockquote>
501	@ <form method="POST" action="%R/ainfo/%s(zUuid)">
502	@ <label><input type="radio" name="modaction" value="delete">
503	@ Delete this change</label><br />
504	@ <label><input type="radio" name="modaction" value="approve">
505	@ Approve this change</label><br />
506	@ <input type="submit" value="Submit">
	@@ -557,17 +564,18 @@
557	const char *zDate = db_column_text(&q, 0);
558	const char *zFile = db_column_text(&q, 1);
559	const char *zUser = db_column_text(&q, 2);
560	const char *zUuid = db_column_text(&q, 3);
561	const char *zSrc = db_column_text(&q, 4);

562	if( cnt==0 ){
563	@ %s(zHeader)
564	}
565	cnt++;
566	@ <li>
567	@ %z(href("%R/artifact/%s",zSrc))%h(zFile)</a>
568	@ added by %h(zUser) on
569	hyperlink_to_date(zDate, ".");
570	@ [%z(href("%R/ainfo/%s",zUuid))details</a>]
571	@ </li>
572	}
573	if( cnt ){
574

	--- src/attach.c
	+++ src/attach.c
	@@ -71,10 +71,11 @@
71	const char *zFilename = db_column_text(&q, 3);
72	const char *zComment = db_column_text(&q, 4);
73	const char *zUser = db_column_text(&q, 5);
74	const char *zUuid = db_column_text(&q, 6);
75	int attachid = db_column_int(&q, 7);
76	const char *zDispUser = zUser && zUser[0] ? zUser : "anonymous";
77	int i;
78	char *zUrlTail;
79	for(i=0; zFilename[i]; i++){
80	if( zFilename[i]=='/' && zFilename[i+1]!=0 ){
81	zFilename = &zFilename[i+1];
	@@ -115,11 +116,11 @@
116	@ Deleted
117	}else {
118	@ Added
119	}
120	}
121	@ by %h(zDispUser) on
122	hyperlink_to_date(zDate, ".");
123	free(zUrlTail);
124	}
125	db_finalize(&q);
126	@ </ol>
	@@ -235,10 +236,11 @@
236	const char *aContent = P("f");
237	const char *zName = PD("f:filename","unknown");
238	const char *zTarget;
239	const char *zTargetType;
240	int szContent = atoi(PD("f:bytes","0"));
241	int goodCaptcha = 1;
242
243	if( P("cancel") ) cgi_redirect(zFrom);
244	if( zPage && zTkt ) fossil_redirect_home();
245	if( zPage==0 && zTkt==0 ) fossil_redirect_home();
246	login_check_credentials();
	@@ -263,11 +265,11 @@
265	}
266	if( zFrom==0 ) zFrom = mprintf("%s/home", g.zTop);
267	if( P("cancel") ){
268	cgi_redirect(zFrom);
269	}
270	if( P("ok") && szContent>0 && (goodCaptcha = captcha_is_correct()) ){
271	Blob content;
272	Blob manifest;
273	Blob cksum;
274	char *zUUID;
275	const char *zComment;
	@@ -316,13 +318,16 @@
318	assert( blob_is_reset(&manifest) );
319	db_end_transaction(0);
320	cgi_redirect(zFrom);
321	}
322	style_header("Add Attachment");
323	if( !goodCaptcha ){
324	@ <p class="generalError">Error: Incorrect security code.</p>
325	}
326	@ <h2>Add Attachment To %s(zTargetType)</h2>
327	form_begin("enctype='multipart/form-data'", "%R/attachadd");
328	@ <div>
329	@ File to Attach:
330	@ <input type="file" name="f" size="60" /><br />
331	@ Description:<br />
332	@ <textarea name="comment" cols="80" rows="5" wrap="virtual"></textarea><br />
333	if( zTkt ){
	@@ -331,11 +336,13 @@
336	@ <input type="hidden" name="page" value="%h(zPage)" />
337	}
338	@ <input type="hidden" name="from" value="%h(zFrom)" />
339	@ <input type="submit" name="ok" value="Add Attachment" />
340	@ <input type="submit" name="cancel" value="Cancel" />
341	@ </div>
342	captcha_generate();
343	@ </form>
344	style_footer();
345	}
346
347	/*
348	** WEBPAGE: ainfo
	@@ -432,11 +439,11 @@
439	}
440
441	if( P("del")
442	&& ((zTktUuid && g.perm.WrTkt) \|\| (zWikiName && g.perm.WrWiki))
443	){
444	form_begin(0, "%R/ainfo/%s", zUuid);
445	@ <p>Confirm you want to delete the attachment shown below.
446	@ <input type="submit" name="confirm" value="Confirm">
447	@ </form>
448	}
449
	@@ -496,11 +503,11 @@
503	@ </table>
504
505	if( isModerator && modPending ){
506	@ <div class="section">Moderation</div>
507	@ <blockquote>
508	form_begin(0, "%R/ainfo/%s", zUuid);
509	@ <label><input type="radio" name="modaction" value="delete">
510	@ Delete this change</label><br />
511	@ <label><input type="radio" name="modaction" value="approve">
512	@ Approve this change</label><br />
513	@ <input type="submit" value="Submit">
	@@ -557,17 +564,18 @@
564	const char *zDate = db_column_text(&q, 0);
565	const char *zFile = db_column_text(&q, 1);
566	const char *zUser = db_column_text(&q, 2);
567	const char *zUuid = db_column_text(&q, 3);
568	const char *zSrc = db_column_text(&q, 4);
569	const char *zDispUser = zUser && zUser[0] ? zUser : "anonymous";
570	if( cnt==0 ){
571	@ %s(zHeader)
572	}
573	cnt++;
574	@ <li>
575	@ %z(href("%R/artifact/%s",zSrc))%h(zFile)</a>
576	@ added by %h(zDispUser) on
577	hyperlink_to_date(zDate, ".");
578	@ [%z(href("%R/ainfo/%s",zUuid))details</a>]
579	@ </li>
580	}
581	if( cnt ){
582

M src/branch.c

+1 -1

		--- src/branch.c
		+++ src/branch.c
		@@ -176,11 +176,11 @@
176	176
177	177	/* Commit */
178	178	db_end_transaction(0);
179	179
180	180	/* Do an autosync push, if requested */
181		- if( !isPrivate ) autosync(AUTOSYNC_PUSH);
	181	+ if( !isPrivate ) autosync(SYNC_PUSH);
182	182	}
183	183
184	184	/*
185	185	** Prepare a query that will list branches.
186	186	**
187	187

	--- src/branch.c
	+++ src/branch.c
	@@ -176,11 +176,11 @@
176
177	/* Commit */
178	db_end_transaction(0);
179
180	/* Do an autosync push, if requested */
181	if( !isPrivate ) autosync(AUTOSYNC_PUSH);
182	}
183
184	/*
185	** Prepare a query that will list branches.
186	**
187

	--- src/branch.c
	+++ src/branch.c
	@@ -176,11 +176,11 @@
176
177	/* Commit */
178	db_end_transaction(0);
179
180	/* Do an autosync push, if requested */
181	if( !isPrivate ) autosync(SYNC_PUSH);
182	}
183
184	/*
185	** Prepare a query that will list branches.
186	**
187

M src/captcha.c

+65

		--- src/captcha.c
		+++ src/captcha.c
		@@ -438,5 +438,70 @@
438	438	z = blob_buffer(&b);
439	439	memcpy(zRes, z, 8);
440	440	zRes[8] = 0;
441	441	return zRes;
442	442	}
	443	+
	444	+/*
	445	+** Return true if a CAPTCHA is required for editing wiki or tickets or for
	446	+** adding attachments.
	447	+**
	448	+** A CAPTCHA is required in those cases if the user is not logged in (if they
	449	+** are user "nobody") and if the "require-captcha" setting is true. The
	450	+** "require-captcha" setting is controlled on the Admin/Access page. It
	451	+** defaults to true.
	452	+*/
	453	+int captcha_needed(void){
	454	+ if( g.zLogin!=0 ) return 0;
	455	+ return db_get_boolean("require-captcha", 1);
	456	+}
	457	+
	458	+/*
	459	+** If a captcha is required but the correct captcha code is not supplied
	460	+** in the query parameters, then return false (0).
	461	+**
	462	+** If no captcha is required or if the correct captcha is supplied, return
	463	+** true (non-zero).
	464	+**
	465	+** The query parameters examined are "captchaseed" for the seed value and
	466	+** "captcha" for text that the user types in response to the captcha prompt.
	467	+*/
	468	+int captcha_is_correct(void){
	469	+ const char *zSeed;
	470	+ const char *zEntered;
	471	+ const char *zDecode;
	472	+ if( !captcha_needed() ){
	473	+ return 1; /* No captcha needed */
	474	+ }
	475	+ zSeed = P("captchaseed");
	476	+ if( zSeed==0 ) return 0;
	477	+ zEntered = P("captcha");
	478	+ if( zEntered==0 \|\| strlen(zEntered)!=8 ) return 0;
	479	+ zDecode = captcha_decode((unsigned int)atoi(zSeed));
	480	+ if( strcmp(zDecode,zEntered)!=0 ) return 0;
	481	+ return 1;
	482	+}
	483	+
	484	+/*
	485	+** Generate a captcha display together with the necessary hidden parameter
	486	+** for the seed and the entry box into which the user will type the text of
	487	+** the captcha. This is typically done at the very bottom of a form.
	488	+**
	489	+** This routine is a no-op if no captcha is required.
	490	+*/
	491	+void captcha_generate(void){
	492	+ unsigned int uSeed;
	493	+ const char *zDecoded;
	494	+ char *zCaptcha;
	495	+
	496	+ if( !captcha_needed() ) return;
	497	+ uSeed = captcha_seed();
	498	+ zDecoded = captcha_decode(uSeed);
	499	+ zCaptcha = captcha_render(zDecoded);
	500	+ @ <div class="captcha"><table class="captcha"><tr><td><pre>
	501	+ @ %h(zCaptcha)
	502	+ @ </pre>
	503	+ @ Enter security code shown above:
	504	+ @ <input type="hidden" name="captchaseed" value="%u(uSeed)" />
	505	+ @ <input type="text" name="captcha" size=8 />
	506	+ @ </td></tr></table></div>
	507	+}
443	508

	--- src/captcha.c
	+++ src/captcha.c
	@@ -438,5 +438,70 @@
438	z = blob_buffer(&b);
439	memcpy(zRes, z, 8);
440	zRes[8] = 0;
441	return zRes;
442	}

































































443

	--- src/captcha.c
	+++ src/captcha.c
	@@ -438,5 +438,70 @@
438	z = blob_buffer(&b);
439	memcpy(zRes, z, 8);
440	zRes[8] = 0;
441	return zRes;
442	}
443
444	/*
445	** Return true if a CAPTCHA is required for editing wiki or tickets or for
446	** adding attachments.
447	**
448	** A CAPTCHA is required in those cases if the user is not logged in (if they
449	** are user "nobody") and if the "require-captcha" setting is true. The
450	** "require-captcha" setting is controlled on the Admin/Access page. It
451	** defaults to true.
452	*/
453	int captcha_needed(void){
454	if( g.zLogin!=0 ) return 0;
455	return db_get_boolean("require-captcha", 1);
456	}
457
458	/*
459	** If a captcha is required but the correct captcha code is not supplied
460	** in the query parameters, then return false (0).
461	**
462	** If no captcha is required or if the correct captcha is supplied, return
463	** true (non-zero).
464	**
465	** The query parameters examined are "captchaseed" for the seed value and
466	** "captcha" for text that the user types in response to the captcha prompt.
467	*/
468	int captcha_is_correct(void){
469	const char *zSeed;
470	const char *zEntered;
471	const char *zDecode;
472	if( !captcha_needed() ){
473	return 1; /* No captcha needed */
474	}
475	zSeed = P("captchaseed");
476	if( zSeed==0 ) return 0;
477	zEntered = P("captcha");
478	if( zEntered==0 \|\| strlen(zEntered)!=8 ) return 0;
479	zDecode = captcha_decode((unsigned int)atoi(zSeed));
480	if( strcmp(zDecode,zEntered)!=0 ) return 0;
481	return 1;
482	}
483
484	/*
485	** Generate a captcha display together with the necessary hidden parameter
486	** for the seed and the entry box into which the user will type the text of
487	** the captcha. This is typically done at the very bottom of a form.
488	**
489	** This routine is a no-op if no captcha is required.
490	*/
491	void captcha_generate(void){
492	unsigned int uSeed;
493	const char *zDecoded;
494	char *zCaptcha;
495
496	if( !captcha_needed() ) return;
497	uSeed = captcha_seed();
498	zDecoded = captcha_decode(uSeed);
499	zCaptcha = captcha_render(zDecoded);
500	@ <div class="captcha"><table class="captcha"><tr><td><pre>
501	@ %h(zCaptcha)
502	@ </pre>
503	@ Enter security code shown above:
504	@ <input type="hidden" name="captchaseed" value="%u(uSeed)" />
505	@ <input type="text" name="captcha" size=8 />
506	@ </td></tr></table></div>
507	}
508

M src/checkin.c

+2 -2

		--- src/checkin.c
		+++ src/checkin.c
		@@ -1108,11 +1108,11 @@
1108	1108
1109	1109	/*
1110	1110	** Autosync if autosync is enabled and this is not a private check-in.
1111	1111	*/
1112	1112	if( !g.markPrivate ){
1113		- if( autosync(AUTOSYNC_PULL) ){
	1113	+ if( autosync(SYNC_PULL) ){
1114	1114	blob_zero(&ans);
1115	1115	prompt_user("continue in spite of sync failure (y/N)? ", &ans);
1116	1116	cReply = blob_str(&ans)[0];
1117	1117	if( cReply!='y' && cReply!='Y' ){
1118	1118	fossil_exit(1);
		@@ -1459,11 +1459,11 @@
1459	1459	exit(1);
1460	1460	}
1461	1461	db_end_transaction(0);
1462	1462
1463	1463	if( !g.markPrivate ){
1464		- autosync(AUTOSYNC_PUSH);
	1464	+ autosync(SYNC_PUSH);
1465	1465	}
1466	1466	if( count_nonbranch_children(vid)>1 ){
1467	1467	fossil_print("** warning: a fork has occurred ***\n");
1468	1468	}
1469	1469	}
1470	1470

	--- src/checkin.c
	+++ src/checkin.c
	@@ -1108,11 +1108,11 @@
1108
1109	/*
1110	** Autosync if autosync is enabled and this is not a private check-in.
1111	*/
1112	if( !g.markPrivate ){
1113	if( autosync(AUTOSYNC_PULL) ){
1114	blob_zero(&ans);
1115	prompt_user("continue in spite of sync failure (y/N)? ", &ans);
1116	cReply = blob_str(&ans)[0];
1117	if( cReply!='y' && cReply!='Y' ){
1118	fossil_exit(1);
	@@ -1459,11 +1459,11 @@
1459	exit(1);
1460	}
1461	db_end_transaction(0);
1462
1463	if( !g.markPrivate ){
1464	autosync(AUTOSYNC_PUSH);
1465	}
1466	if( count_nonbranch_children(vid)>1 ){
1467	fossil_print("** warning: a fork has occurred ***\n");
1468	}
1469	}
1470

	--- src/checkin.c
	+++ src/checkin.c
	@@ -1108,11 +1108,11 @@
1108
1109	/*
1110	** Autosync if autosync is enabled and this is not a private check-in.
1111	*/
1112	if( !g.markPrivate ){
1113	if( autosync(SYNC_PULL) ){
1114	blob_zero(&ans);
1115	prompt_user("continue in spite of sync failure (y/N)? ", &ans);
1116	cReply = blob_str(&ans)[0];
1117	if( cReply!='y' && cReply!='Y' ){
1118	fossil_exit(1);
	@@ -1459,11 +1459,11 @@
1459	exit(1);
1460	}
1461	db_end_transaction(0);
1462
1463	if( !g.markPrivate ){
1464	autosync(SYNC_PUSH);
1465	}
1466	if( count_nonbranch_children(vid)>1 ){
1467	fossil_print("** warning: a fork has occurred ***\n");
1468	}
1469	}
1470

M src/clone.c

+4 -4

		--- src/clone.c
		+++ src/clone.c
		@@ -99,15 +99,15 @@
99	99	** See also: init
100	100	*/
101	101	void clone_cmd(void){
102	102	char *zPassword;
103	103	const char zDefaultUser; / Optional name of the default user */
104		- const char zPw; / The user clone password */
	104	+ const char zPw; / The user clone password */
105	105	int nErr = 0;
106		- int bPrivate; /* Also clone private branches */
	106	+ int bPrivate = 0; /* Also clone private branches */
107	107
108		- bPrivate = find_option("private",0,0)!=0;
	108	+ if( find_option("private",0,0)!=0 ) bPrivate = SYNC_PRIVATE;
109	109	url_proxy_options();
110	110	if( g.argc < 4 ){
111	111	usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY");
112	112	}
113	113	db_open_config(0);
		@@ -162,11 +162,11 @@
162	162	" VALUES('server-code', lower(hex(randomblob(20))), now());"
163	163	);
164	164	url_enable_proxy(0);
165	165	url_get_password_if_needed();
166	166	g.xlinkClusterOnly = 1;
167		- nErr = client_sync(0,0,1,bPrivate,CONFIGSET_ALL,0);
	167	+ nErr = client_sync(SYNC_CLONE \| bPrivate,CONFIGSET_ALL,0);
168	168	g.xlinkClusterOnly = 0;
169	169	verify_cancel();
170	170	db_end_transaction(0);
171	171	db_close(1);
172	172	if( nErr ){
173	173

	--- src/clone.c
	+++ src/clone.c
	@@ -99,15 +99,15 @@
99	** See also: init
100	*/
101	void clone_cmd(void){
102	char *zPassword;
103	const char zDefaultUser; / Optional name of the default user */
104	const char zPw; / The user clone password */
105	int nErr = 0;
106	int bPrivate; /* Also clone private branches */
107
108	bPrivate = find_option("private",0,0)!=0;
109	url_proxy_options();
110	if( g.argc < 4 ){
111	usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY");
112	}
113	db_open_config(0);
	@@ -162,11 +162,11 @@
162	" VALUES('server-code', lower(hex(randomblob(20))), now());"
163	);
164	url_enable_proxy(0);
165	url_get_password_if_needed();
166	g.xlinkClusterOnly = 1;
167	nErr = client_sync(0,0,1,bPrivate,CONFIGSET_ALL,0);
168	g.xlinkClusterOnly = 0;
169	verify_cancel();
170	db_end_transaction(0);
171	db_close(1);
172	if( nErr ){
173

	--- src/clone.c
	+++ src/clone.c
	@@ -99,15 +99,15 @@
99	** See also: init
100	*/
101	void clone_cmd(void){
102	char *zPassword;
103	const char zDefaultUser; / Optional name of the default user */
104	const char zPw; / The user clone password */
105	int nErr = 0;
106	int bPrivate = 0; /* Also clone private branches */
107
108	if( find_option("private",0,0)!=0 ) bPrivate = SYNC_PRIVATE;
109	url_proxy_options();
110	if( g.argc < 4 ){
111	usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY");
112	}
113	db_open_config(0);
	@@ -162,11 +162,11 @@
162	" VALUES('server-code', lower(hex(randomblob(20))), now());"
163	);
164	url_enable_proxy(0);
165	url_get_password_if_needed();
166	g.xlinkClusterOnly = 1;
167	nErr = client_sync(SYNC_CLONE \| bPrivate,CONFIGSET_ALL,0);
168	g.xlinkClusterOnly = 0;
169	verify_cancel();
170	db_end_transaction(0);
171	db_close(1);
172	if( nErr ){
173

M src/configure.c

+3 -3

		--- src/configure.c
		+++ src/configure.c
		@@ -907,15 +907,15 @@
907	907	user_select();
908	908	url_enable_proxy("via proxy: ");
909	909	if( legacyFlag ) mask \|= CONFIGSET_OLDFORMAT;
910	910	if( overwriteFlag ) mask \|= CONFIGSET_OVERWRITE;
911	911	if( strncmp(zMethod, "push", n)==0 ){
912		- client_sync(0,0,0,0,0,mask);
	912	+ client_sync(0,0,(unsigned)mask);
913	913	}else if( strncmp(zMethod, "pull", n)==0 ){
914		- client_sync(0,0,0,0,mask,0);
	914	+ client_sync(0,(unsigned)mask,0);
915	915	}else{
916		- client_sync(0,0,0,0,mask,mask);
	916	+ client_sync(0,(unsigned)mask,(unsigned)mask);
917	917	}
918	918	}else
919	919	if( strncmp(zMethod, "reset", n)==0 ){
920	920	int mask, i;
921	921	char *zBackup;
922	922

	--- src/configure.c
	+++ src/configure.c
	@@ -907,15 +907,15 @@
907	user_select();
908	url_enable_proxy("via proxy: ");
909	if( legacyFlag ) mask \|= CONFIGSET_OLDFORMAT;
910	if( overwriteFlag ) mask \|= CONFIGSET_OVERWRITE;
911	if( strncmp(zMethod, "push", n)==0 ){
912	client_sync(0,0,0,0,0,mask);
913	}else if( strncmp(zMethod, "pull", n)==0 ){
914	client_sync(0,0,0,0,mask,0);
915	}else{
916	client_sync(0,0,0,0,mask,mask);
917	}
918	}else
919	if( strncmp(zMethod, "reset", n)==0 ){
920	int mask, i;
921	char *zBackup;
922

	--- src/configure.c
	+++ src/configure.c
	@@ -907,15 +907,15 @@
907	user_select();
908	url_enable_proxy("via proxy: ");
909	if( legacyFlag ) mask \|= CONFIGSET_OLDFORMAT;
910	if( overwriteFlag ) mask \|= CONFIGSET_OVERWRITE;
911	if( strncmp(zMethod, "push", n)==0 ){
912	client_sync(0,0,(unsigned)mask);
913	}else if( strncmp(zMethod, "pull", n)==0 ){
914	client_sync(0,(unsigned)mask,0);
915	}else{
916	client_sync(0,(unsigned)mask,(unsigned)mask);
917	}
918	}else
919	if( strncmp(zMethod, "reset", n)==0 ){
920	int mask, i;
921	char *zBackup;
922

M src/descendants.c

-1

		--- src/descendants.c
		+++ src/descendants.c
		@@ -506,6 +506,5 @@
506	506	db_finalize(&q);
507	507	db_finalize(&ins);
508	508	bag_clear(&seen);
509	509	bag_clear(&pending);
510	510	}
511		-
512	511

	--- src/descendants.c
	+++ src/descendants.c
	@@ -506,6 +506,5 @@
506	db_finalize(&q);
507	db_finalize(&ins);
508	bag_clear(&seen);
509	bag_clear(&pending);
510	}
511
512

	--- src/descendants.c
	+++ src/descendants.c
	@@ -506,6 +506,5 @@
506	db_finalize(&q);
507	db_finalize(&ins);
508	bag_clear(&seen);
509	bag_clear(&pending);
510	}

511

M src/encode.c

+34

		--- src/encode.c
		+++ src/encode.c
		@@ -83,10 +83,44 @@
83	83	zIn++;
84	84	}
85	85	zOut[i] = 0;
86	86	return zOut;
87	87	}
	88	+
	89	+/*
	90	+** Append HTML-escaped text to a Blob.
	91	+*/
	92	+void htmlize_to_blob(Blob p, const char zIn, int n){
	93	+ int c, i, j;
	94	+ if( n<0 ) n = strlen(zIn);
	95	+ for(i=j=0; i<n; i++){
	96	+ c = zIn[i];
	97	+ switch( c ){
	98	+ case '<':
	99	+ if( j<i ) blob_append(p, zIn+j, i-j);
	100	+ blob_append(p, "<", 4);
	101	+ j = i+1;
	102	+ break;
	103	+ case '>':
	104	+ if( j<i ) blob_append(p, zIn+j, i-j);
	105	+ blob_append(p, ">", 4);
	106	+ j = i+1;
	107	+ break;
	108	+ case '&':
	109	+ if( j<i ) blob_append(p, zIn+j, i-j);
	110	+ blob_append(p, "&", 5);
	111	+ j = i+1;
	112	+ break;
	113	+ case '"':
	114	+ if( j<i ) blob_append(p, zIn+j, i-j);
	115	+ blob_append(p, """, 6);
	116	+ j = i+1;
	117	+ break;
	118	+ }
	119	+ }
	120	+ if( j<i ) blob_append(p, zIn+j, i-j);
	121	+}
88	122
89	123
90	124	/*
91	125	** Encode a string for HTTP. This means converting lots of
92	126	** characters into the "%HH" where H is a hex digit. It also
93	127

	--- src/encode.c
	+++ src/encode.c
	@@ -83,10 +83,44 @@
83	zIn++;
84	}
85	zOut[i] = 0;
86	return zOut;
87	}


































88
89
90	/*
91	** Encode a string for HTTP. This means converting lots of
92	** characters into the "%HH" where H is a hex digit. It also
93

	--- src/encode.c
	+++ src/encode.c
	@@ -83,10 +83,44 @@
83	zIn++;
84	}
85	zOut[i] = 0;
86	return zOut;
87	}
88
89	/*
90	** Append HTML-escaped text to a Blob.
91	*/
92	void htmlize_to_blob(Blob p, const char zIn, int n){
93	int c, i, j;
94	if( n<0 ) n = strlen(zIn);
95	for(i=j=0; i<n; i++){
96	c = zIn[i];
97	switch( c ){
98	case '<':
99	if( j<i ) blob_append(p, zIn+j, i-j);
100	blob_append(p, "<", 4);
101	j = i+1;
102	break;
103	case '>':
104	if( j<i ) blob_append(p, zIn+j, i-j);
105	blob_append(p, ">", 4);
106	j = i+1;
107	break;
108	case '&':
109	if( j<i ) blob_append(p, zIn+j, i-j);
110	blob_append(p, "&", 5);
111	j = i+1;
112	break;
113	case '"':
114	if( j<i ) blob_append(p, zIn+j, i-j);
115	blob_append(p, """, 6);
116	j = i+1;
117	break;
118	}
119	}
120	if( j<i ) blob_append(p, zIn+j, i-j);
121	}
122
123
124	/*
125	** Encode a string for HTTP. This means converting lots of
126	** characters into the "%HH" where H is a hex digit. It also
127

M src/event.c

+1 -1

		--- src/event.c
		+++ src/event.c
		@@ -365,11 +365,11 @@
365	365	}else{
366	366	@ <tr><td>
367	367	}
368	368	blob_zero(&com);
369	369	blob_append(&com, zComment, -1);
370		- wiki_convert(&com, 0, WIKI_INLINE);
	370	+ wiki_convert(&com, 0, WIKI_INLINE\|WIKI_NOBADLINKS);
371	371	@ </td></tr></table>
372	372	@ </blockquote>
373	373	@ <p><b>Page content preview:</b><p>
374	374	@ <blockquote>
375	375	blob_zero(&event);
376	376

	--- src/event.c
	+++ src/event.c
	@@ -365,11 +365,11 @@
365	}else{
366	@ <tr><td>
367	}
368	blob_zero(&com);
369	blob_append(&com, zComment, -1);
370	wiki_convert(&com, 0, WIKI_INLINE);
371	@ </td></tr></table>
372	@ </blockquote>
373	@ <p><b>Page content preview:</b><p>
374	@ <blockquote>
375	blob_zero(&event);
376

	--- src/event.c
	+++ src/event.c
	@@ -365,11 +365,11 @@
365	}else{
366	@ <tr><td>
367	}
368	blob_zero(&com);
369	blob_append(&com, zComment, -1);
370	wiki_convert(&com, 0, WIKI_INLINE\|WIKI_NOBADLINKS);
371	@ </td></tr></table>
372	@ </blockquote>
373	@ <p><b>Page content preview:</b><p>
374	@ <blockquote>
375	blob_zero(&event);
376

M src/info.c

+4 -4

		--- src/info.c
		+++ src/info.c
		@@ -865,11 +865,11 @@
865	865	const char *zDate = db_column_text(&q, 0);
866	866	const char *zUser = db_column_text(&q, 1);
867	867	const char *zUuid = db_column_text(&q, 3);
868	868	const char *zTagList = db_column_text(&q, 4);
869	869	Blob comment;
870		- int wikiFlags = WIKI_INLINE;
	870	+ int wikiFlags = WIKI_INLINE\|WIKI_NOBADLINKS;
871	871	if( db_get_boolean("timeline-block-markup", 0)==0 ){
872	872	wikiFlags \|= WIKI_NOBLOCK;
873	873	}
874	874	hyperlink_to_uuid(zUuid);
875	875	blob_zero(&comment);
		@@ -2153,11 +2153,11 @@
2153	2153	if( zNewColor && zNewColor[0] ){
2154	2154	@ <tr><td style="background-color: %h(zNewColor);">
2155	2155	}else{
2156	2156	@ <tr><td>
2157	2157	}
2158		- wiki_convert(&comment, 0, WIKI_INLINE);
	2158	+ wiki_convert(&comment, 0, WIKI_INLINE\|WIKI_NOBADLINKS);
2159	2159	blob_zero(&suffix);
2160	2160	blob_appendf(&suffix, "(user: %h", zNewUser);
2161	2161	db_prepare(&q, "SELECT substr(tagname,5) FROM tagxref, tag"
2162	2162	" WHERE tagname GLOB 'sym-*' AND tagxref.rid=%d"
2163	2163	" AND tagtype>1 AND tag.tagid=tagxref.tagid",
		@@ -2183,13 +2183,13 @@
2183	2183	@ <hr />
2184	2184	blob_reset(&suffix);
2185	2185	}
2186	2186	@ <p>Make changes to attributes of check-in
2187	2187	@ [%z(href("%R/ci/%s",zUuid))%s(zUuid)</a>]:</p>
2188		- @ <form action="%s(g.zTop)/ci_edit" method="post"><div>
	2188	+ form_begin(0, "%R/ci_edit");
2189	2189	login_insert_csrf_secret();
2190		- @ <input type="hidden" name="r" value="%S(zUuid)" />
	2190	+ @ <div><input type="hidden" name="r" value="%S(zUuid)" />
2191	2191	@ <table border="0" cellspacing="10">
2192	2192
2193	2193	@ <tr><td align="right" valign="top"><b>User:</b></td>
2194	2194	@ <td valign="top">
2195	2195	@ <input type="text" name="u" size="20" value="%h(zNewUser)" />
2196	2196

	--- src/info.c
	+++ src/info.c
	@@ -865,11 +865,11 @@
865	const char *zDate = db_column_text(&q, 0);
866	const char *zUser = db_column_text(&q, 1);
867	const char *zUuid = db_column_text(&q, 3);
868	const char *zTagList = db_column_text(&q, 4);
869	Blob comment;
870	int wikiFlags = WIKI_INLINE;
871	if( db_get_boolean("timeline-block-markup", 0)==0 ){
872	wikiFlags \|= WIKI_NOBLOCK;
873	}
874	hyperlink_to_uuid(zUuid);
875	blob_zero(&comment);
	@@ -2153,11 +2153,11 @@
2153	if( zNewColor && zNewColor[0] ){
2154	@ <tr><td style="background-color: %h(zNewColor);">
2155	}else{
2156	@ <tr><td>
2157	}
2158	wiki_convert(&comment, 0, WIKI_INLINE);
2159	blob_zero(&suffix);
2160	blob_appendf(&suffix, "(user: %h", zNewUser);
2161	db_prepare(&q, "SELECT substr(tagname,5) FROM tagxref, tag"
2162	" WHERE tagname GLOB 'sym-*' AND tagxref.rid=%d"
2163	" AND tagtype>1 AND tag.tagid=tagxref.tagid",
	@@ -2183,13 +2183,13 @@
2183	@ <hr />
2184	blob_reset(&suffix);
2185	}
2186	@ <p>Make changes to attributes of check-in
2187	@ [%z(href("%R/ci/%s",zUuid))%s(zUuid)</a>]:</p>
2188	@ <form action="%s(g.zTop)/ci_edit" method="post"><div>
2189	login_insert_csrf_secret();
2190	@ <input type="hidden" name="r" value="%S(zUuid)" />
2191	@ <table border="0" cellspacing="10">
2192
2193	@ <tr><td align="right" valign="top"><b>User:</b></td>
2194	@ <td valign="top">
2195	@ <input type="text" name="u" size="20" value="%h(zNewUser)" />
2196

	--- src/info.c
	+++ src/info.c
	@@ -865,11 +865,11 @@
865	const char *zDate = db_column_text(&q, 0);
866	const char *zUser = db_column_text(&q, 1);
867	const char *zUuid = db_column_text(&q, 3);
868	const char *zTagList = db_column_text(&q, 4);
869	Blob comment;
870	int wikiFlags = WIKI_INLINE\|WIKI_NOBADLINKS;
871	if( db_get_boolean("timeline-block-markup", 0)==0 ){
872	wikiFlags \|= WIKI_NOBLOCK;
873	}
874	hyperlink_to_uuid(zUuid);
875	blob_zero(&comment);
	@@ -2153,11 +2153,11 @@
2153	if( zNewColor && zNewColor[0] ){
2154	@ <tr><td style="background-color: %h(zNewColor);">
2155	}else{
2156	@ <tr><td>
2157	}
2158	wiki_convert(&comment, 0, WIKI_INLINE\|WIKI_NOBADLINKS);
2159	blob_zero(&suffix);
2160	blob_appendf(&suffix, "(user: %h", zNewUser);
2161	db_prepare(&q, "SELECT substr(tagname,5) FROM tagxref, tag"
2162	" WHERE tagname GLOB 'sym-*' AND tagxref.rid=%d"
2163	" AND tagtype>1 AND tag.tagid=tagxref.tagid",
	@@ -2183,13 +2183,13 @@
2183	@ <hr />
2184	blob_reset(&suffix);
2185	}
2186	@ <p>Make changes to attributes of check-in
2187	@ [%z(href("%R/ci/%s",zUuid))%s(zUuid)</a>]:</p>
2188	form_begin(0, "%R/ci_edit");
2189	login_insert_csrf_secret();
2190	@ <div><input type="hidden" name="r" value="%S(zUuid)" />
2191	@ <table border="0" cellspacing="10">
2192
2193	@ <tr><td align="right" valign="top"><b>User:</b></td>
2194	@ <td valign="top">
2195	@ <input type="text" name="u" size="20" value="%h(zNewUser)" />
2196

M src/json_branch.c

+1 -1

		--- src/json_branch.c
		+++ src/json_branch.c
		@@ -305,11 +305,11 @@
305	305	/* Commit */
306	306	db_end_transaction(0);
307	307
308	308	#if 0 /* Do an autosync push, if requested */
309	309	/* arugable for JSON mode? */
310		- if( !g.isHTTP && !isPrivate ) autosync(AUTOSYNC_PUSH);
	310	+ if( !g.isHTTP && !isPrivate ) autosync(SYNC_PUSH);
311	311	#endif
312	312	return 0;
313	313	}
314	314
315	315
316	316

	--- src/json_branch.c
	+++ src/json_branch.c
	@@ -305,11 +305,11 @@
305	/* Commit */
306	db_end_transaction(0);
307
308	#if 0 /* Do an autosync push, if requested */
309	/* arugable for JSON mode? */
310	if( !g.isHTTP && !isPrivate ) autosync(AUTOSYNC_PUSH);
311	#endif
312	return 0;
313	}
314
315
316

	--- src/json_branch.c
	+++ src/json_branch.c
	@@ -305,11 +305,11 @@
305	/* Commit */
306	db_end_transaction(0);
307
308	#if 0 /* Do an autosync push, if requested */
309	/* arugable for JSON mode? */
310	if( !g.isHTTP && !isPrivate ) autosync(SYNC_PUSH);
311	#endif
312	return 0;
313	}
314
315
316

M src/login.c

+5 -5

		--- src/login.c
		+++ src/login.c
		@@ -565,11 +565,11 @@
565	565	style_header("Login/Logout");
566	566	@ %s(zErrMsg)
567	567	if( zGoto && P("anon")==0 ){
568	568	@ <p>A login is required for <a href="%h(zGoto)">%h(zGoto)</a>.</p>
569	569	}
570		- @ <form action="login" method="post">
	570	+ form_begin(0, "%R/login");
571	571	if( zGoto ){
572	572	@ <input type="hidden" name="g" value="%h(zGoto)" />
573	573	}
574	574	@ <table class="login_out">
575	575	@ <tr>
		@@ -631,11 +631,11 @@
631	631
632	632	@ <p><input type="hidden" name="cs" value="%u(uSeed)" />
633	633	@ Visitors may enter <b>anonymous</b> as the user-ID with
634	634	@ the 8-character hexadecimal password shown below:</p>
635	635	@ <div class="captcha"><table class="captcha"><tr><td><pre>
636		- @ %s(zCaptcha)
	636	+ @ %h(zCaptcha)
637	637	@ </pre></td></tr></table>
638	638	if( bAutoCaptcha ) {
639	639	@ <input type="button" value="Fill out captcha"
640	640	@ onclick="gebi('u').value='anonymous'; gebi('p').value='%s(zDecoded)';" />
641	641	}
		@@ -652,11 +652,11 @@
652	652	if( g.perm.Password ){
653	653	@ <hr />
654	654	@ <p>To change your password, enter your old password and your
655	655	@ new password twice below then press the "Change Password"
656	656	@ button.</p>
657		- @ <form action="login" method="post">
	657	+ form_begin(0, "%R/login");
658	658	@ <table>
659	659	@ <tr><td class="login_out_label">Old Password:</td>
660	660	@ <td><input type="password" name="p" size="30" /></td></tr>
661	661	@ <tr><td class="login_out_label">New Password:</td>
662	662	@ <td><input type="password" name="n1" size="30" /></td></tr>
		@@ -1260,11 +1260,11 @@
1260	1260	uSeed = captcha_seed();
1261	1261	zDecoded = captcha_decode(uSeed);
1262	1262	zCaptcha = captcha_render(zDecoded);
1263	1263
1264	1264	/* Print out the registration form. */
1265		- @ <form action="register" method="post">
	1265	+ form_begin(0, "%R/register");
1266	1266	if( P("g") ){
1267	1267	@ <input type="hidden" name="g" value="%h(P("g"))" />
1268	1268	}
1269	1269	@ <p><input type="hidden" name="cs" value="%u(uSeed)" />
1270	1270	@ <table class="login_out">
		@@ -1290,11 +1290,11 @@
1290	1290	@ </tr>
1291	1291	@ <tr><td></td>
1292	1292	@ <td><input type="submit" name="new" value="Register" /></td></tr>
1293	1293	@ </table>
1294	1294	@ <div class="captcha"><table class="captcha"><tr><td><pre>
1295		- @ %s(zCaptcha)
	1295	+ @ %h(zCaptcha)
1296	1296	@ </pre></td></tr></table>
1297	1297	@ </form>
1298	1298	style_footer();
1299	1299
1300	1300	free(zCaptcha);
1301	1301

	--- src/login.c
	+++ src/login.c
	@@ -565,11 +565,11 @@
565	style_header("Login/Logout");
566	@ %s(zErrMsg)
567	if( zGoto && P("anon")==0 ){
568	@ <p>A login is required for <a href="%h(zGoto)">%h(zGoto)</a>.</p>
569	}
570	@ <form action="login" method="post">
571	if( zGoto ){
572	@ <input type="hidden" name="g" value="%h(zGoto)" />
573	}
574	@ <table class="login_out">
575	@ <tr>
	@@ -631,11 +631,11 @@
631
632	@ <p><input type="hidden" name="cs" value="%u(uSeed)" />
633	@ Visitors may enter <b>anonymous</b> as the user-ID with
634	@ the 8-character hexadecimal password shown below:</p>
635	@ <div class="captcha"><table class="captcha"><tr><td><pre>
636	@ %s(zCaptcha)
637	@ </pre></td></tr></table>
638	if( bAutoCaptcha ) {
639	@ <input type="button" value="Fill out captcha"
640	@ onclick="gebi('u').value='anonymous'; gebi('p').value='%s(zDecoded)';" />
641	}
	@@ -652,11 +652,11 @@
652	if( g.perm.Password ){
653	@ <hr />
654	@ <p>To change your password, enter your old password and your
655	@ new password twice below then press the "Change Password"
656	@ button.</p>
657	@ <form action="login" method="post">
658	@ <table>
659	@ <tr><td class="login_out_label">Old Password:</td>
660	@ <td><input type="password" name="p" size="30" /></td></tr>
661	@ <tr><td class="login_out_label">New Password:</td>
662	@ <td><input type="password" name="n1" size="30" /></td></tr>
	@@ -1260,11 +1260,11 @@
1260	uSeed = captcha_seed();
1261	zDecoded = captcha_decode(uSeed);
1262	zCaptcha = captcha_render(zDecoded);
1263
1264	/* Print out the registration form. */
1265	@ <form action="register" method="post">
1266	if( P("g") ){
1267	@ <input type="hidden" name="g" value="%h(P("g"))" />
1268	}
1269	@ <p><input type="hidden" name="cs" value="%u(uSeed)" />
1270	@ <table class="login_out">
	@@ -1290,11 +1290,11 @@
1290	@ </tr>
1291	@ <tr><td></td>
1292	@ <td><input type="submit" name="new" value="Register" /></td></tr>
1293	@ </table>
1294	@ <div class="captcha"><table class="captcha"><tr><td><pre>
1295	@ %s(zCaptcha)
1296	@ </pre></td></tr></table>
1297	@ </form>
1298	style_footer();
1299
1300	free(zCaptcha);
1301

	--- src/login.c
	+++ src/login.c
	@@ -565,11 +565,11 @@
565	style_header("Login/Logout");
566	@ %s(zErrMsg)
567	if( zGoto && P("anon")==0 ){
568	@ <p>A login is required for <a href="%h(zGoto)">%h(zGoto)</a>.</p>
569	}
570	form_begin(0, "%R/login");
571	if( zGoto ){
572	@ <input type="hidden" name="g" value="%h(zGoto)" />
573	}
574	@ <table class="login_out">
575	@ <tr>
	@@ -631,11 +631,11 @@
631
632	@ <p><input type="hidden" name="cs" value="%u(uSeed)" />
633	@ Visitors may enter <b>anonymous</b> as the user-ID with
634	@ the 8-character hexadecimal password shown below:</p>
635	@ <div class="captcha"><table class="captcha"><tr><td><pre>
636	@ %h(zCaptcha)
637	@ </pre></td></tr></table>
638	if( bAutoCaptcha ) {
639	@ <input type="button" value="Fill out captcha"
640	@ onclick="gebi('u').value='anonymous'; gebi('p').value='%s(zDecoded)';" />
641	}
	@@ -652,11 +652,11 @@
652	if( g.perm.Password ){
653	@ <hr />
654	@ <p>To change your password, enter your old password and your
655	@ new password twice below then press the "Change Password"
656	@ button.</p>
657	form_begin(0, "%R/login");
658	@ <table>
659	@ <tr><td class="login_out_label">Old Password:</td>
660	@ <td><input type="password" name="p" size="30" /></td></tr>
661	@ <tr><td class="login_out_label">New Password:</td>
662	@ <td><input type="password" name="n1" size="30" /></td></tr>
	@@ -1260,11 +1260,11 @@
1260	uSeed = captcha_seed();
1261	zDecoded = captcha_decode(uSeed);
1262	zCaptcha = captcha_render(zDecoded);
1263
1264	/* Print out the registration form. */
1265	form_begin(0, "%R/register");
1266	if( P("g") ){
1267	@ <input type="hidden" name="g" value="%h(P("g"))" />
1268	}
1269	@ <p><input type="hidden" name="cs" value="%u(uSeed)" />
1270	@ <table class="login_out">
	@@ -1290,11 +1290,11 @@
1290	@ </tr>
1291	@ <tr><td></td>
1292	@ <td><input type="submit" name="new" value="Register" /></td></tr>
1293	@ </table>
1294	@ <div class="captcha"><table class="captcha"><tr><td><pre>
1295	@ %h(zCaptcha)
1296	@ </pre></td></tr></table>
1297	@ </form>
1298	style_footer();
1299
1300	free(zCaptcha);
1301

M src/main.c

+4 -4

		--- src/main.c
		+++ src/main.c
		@@ -343,11 +343,11 @@
343	343	if(g.db){
344	344	db_close(0);
345	345	}
346	346	}
347	347
348		-#if defined(_WIN32) && !defined(__MINGW32__)
	348	+#if defined(_WIN32)
349	349	/*
350	350	** Parse the command-line arguments passed to windows. We do this
351	351	** ourselves to work around bugs in the command-line parsing of MinGW.
352	352	** It is possible (in theory) to only use this routine when compiling
353	353	** with MinGW and to use built-in command-line parsing for MSVC and
		@@ -456,11 +456,11 @@
456	456	}
457	457	argv[argc] = NULL;
458	458	*argcPtr = argc;
459	459	((WCHAR **)argvPtr) = argv;
460	460	}
461		-#endif /* defined(_WIN32) && !defined(__MINGW32__) */
	461	+#endif /* defined(_WIN32) */
462	462
463	463
464	464	/*
465	465	** Convert all arguments from mbcs (or unicode) to UTF-8. Then
466	466	** search g.argv for arguments "--args FILENAME". If found, then
		@@ -480,17 +480,17 @@
480	480	int n; /* Number of bytes in one line */
481	481	char z; / General use string pointer */
482	482	char *newArgv; / New expanded g.argv under construction */
483	483	char const * zFileName; /* input file name */
484	484	FILE * zInFile; /* input FILE */
485		-#if defined(_WIN32) && !defined(__MINGW32__)
	485	+#if defined(_WIN32)
486	486	WCHAR buf[MAX_PATH];
487	487	#endif
488	488
489	489	g.argc = argc;
490	490	g.argv = argv;
491		-#if defined(_WIN32) && !defined(__MINGW32__)
	491	+#if defined(_WIN32)
492	492	parse_windows_command_line(&g.argc, &g.argv);
493	493	GetModuleFileNameW(NULL, buf, MAX_PATH);
494	494	g.nameOfExe = fossil_unicode_to_utf8(buf);
495	495	for(i=0; i<g.argc; i++) g.argv[i] = fossil_unicode_to_utf8(g.argv[i]);
496	496	#else
497	497

	--- src/main.c
	+++ src/main.c
	@@ -343,11 +343,11 @@
343	if(g.db){
344	db_close(0);
345	}
346	}
347
348	#if defined(_WIN32) && !defined(__MINGW32__)
349	/*
350	** Parse the command-line arguments passed to windows. We do this
351	** ourselves to work around bugs in the command-line parsing of MinGW.
352	** It is possible (in theory) to only use this routine when compiling
353	** with MinGW and to use built-in command-line parsing for MSVC and
	@@ -456,11 +456,11 @@
456	}
457	argv[argc] = NULL;
458	*argcPtr = argc;
459	((WCHAR **)argvPtr) = argv;
460	}
461	#endif /* defined(_WIN32) && !defined(__MINGW32__) */
462
463
464	/*
465	** Convert all arguments from mbcs (or unicode) to UTF-8. Then
466	** search g.argv for arguments "--args FILENAME". If found, then
	@@ -480,17 +480,17 @@
480	int n; /* Number of bytes in one line */
481	char z; / General use string pointer */
482	char *newArgv; / New expanded g.argv under construction */
483	char const * zFileName; /* input file name */
484	FILE * zInFile; /* input FILE */
485	#if defined(_WIN32) && !defined(__MINGW32__)
486	WCHAR buf[MAX_PATH];
487	#endif
488
489	g.argc = argc;
490	g.argv = argv;
491	#if defined(_WIN32) && !defined(__MINGW32__)
492	parse_windows_command_line(&g.argc, &g.argv);
493	GetModuleFileNameW(NULL, buf, MAX_PATH);
494	g.nameOfExe = fossil_unicode_to_utf8(buf);
495	for(i=0; i<g.argc; i++) g.argv[i] = fossil_unicode_to_utf8(g.argv[i]);
496	#else
497

	--- src/main.c
	+++ src/main.c
	@@ -343,11 +343,11 @@
343	if(g.db){
344	db_close(0);
345	}
346	}
347
348	#if defined(_WIN32)
349	/*
350	** Parse the command-line arguments passed to windows. We do this
351	** ourselves to work around bugs in the command-line parsing of MinGW.
352	** It is possible (in theory) to only use this routine when compiling
353	** with MinGW and to use built-in command-line parsing for MSVC and
	@@ -456,11 +456,11 @@
456	}
457	argv[argc] = NULL;
458	*argcPtr = argc;
459	((WCHAR **)argvPtr) = argv;
460	}
461	#endif /* defined(_WIN32) */
462
463
464	/*
465	** Convert all arguments from mbcs (or unicode) to UTF-8. Then
466	** search g.argv for arguments "--args FILENAME". If found, then
	@@ -480,17 +480,17 @@
480	int n; /* Number of bytes in one line */
481	char z; / General use string pointer */
482	char *newArgv; / New expanded g.argv under construction */
483	char const * zFileName; /* input file name */
484	FILE * zInFile; /* input FILE */
485	#if defined(_WIN32)
486	WCHAR buf[MAX_PATH];
487	#endif
488
489	g.argc = argc;
490	g.argv = argv;
491	#if defined(_WIN32)
492	parse_windows_command_line(&g.argc, &g.argv);
493	GetModuleFileNameW(NULL, buf, MAX_PATH);
494	g.nameOfExe = fossil_unicode_to_utf8(buf);
495	for(i=0; i<g.argc; i++) g.argv[i] = fossil_unicode_to_utf8(g.argv[i]);
496	#else
497

M src/main.c

+4 -4

		--- src/main.c
		+++ src/main.c
		@@ -343,11 +343,11 @@
343	343	if(g.db){
344	344	db_close(0);
345	345	}
346	346	}
347	347
348		-#if defined(_WIN32) && !defined(__MINGW32__)
	348	+#if defined(_WIN32)
349	349	/*
350	350	** Parse the command-line arguments passed to windows. We do this
351	351	** ourselves to work around bugs in the command-line parsing of MinGW.
352	352	** It is possible (in theory) to only use this routine when compiling
353	353	** with MinGW and to use built-in command-line parsing for MSVC and
		@@ -456,11 +456,11 @@
456	456	}
457	457	argv[argc] = NULL;
458	458	*argcPtr = argc;
459	459	((WCHAR **)argvPtr) = argv;
460	460	}
461		-#endif /* defined(_WIN32) && !defined(__MINGW32__) */
	461	+#endif /* defined(_WIN32) */
462	462
463	463
464	464	/*
465	465	** Convert all arguments from mbcs (or unicode) to UTF-8. Then
466	466	** search g.argv for arguments "--args FILENAME". If found, then
		@@ -480,17 +480,17 @@
480	480	int n; /* Number of bytes in one line */
481	481	char z; / General use string pointer */
482	482	char *newArgv; / New expanded g.argv under construction */
483	483	char const * zFileName; /* input file name */
484	484	FILE * zInFile; /* input FILE */
485		-#if defined(_WIN32) && !defined(__MINGW32__)
	485	+#if defined(_WIN32)
486	486	WCHAR buf[MAX_PATH];
487	487	#endif
488	488
489	489	g.argc = argc;
490	490	g.argv = argv;
491		-#if defined(_WIN32) && !defined(__MINGW32__)
	491	+#if defined(_WIN32)
492	492	parse_windows_command_line(&g.argc, &g.argv);
493	493	GetModuleFileNameW(NULL, buf, MAX_PATH);
494	494	g.nameOfExe = fossil_unicode_to_utf8(buf);
495	495	for(i=0; i<g.argc; i++) g.argv[i] = fossil_unicode_to_utf8(g.argv[i]);
496	496	#else
497	497

	--- src/main.c
	+++ src/main.c
	@@ -343,11 +343,11 @@
343	if(g.db){
344	db_close(0);
345	}
346	}
347
348	#if defined(_WIN32) && !defined(__MINGW32__)
349	/*
350	** Parse the command-line arguments passed to windows. We do this
351	** ourselves to work around bugs in the command-line parsing of MinGW.
352	** It is possible (in theory) to only use this routine when compiling
353	** with MinGW and to use built-in command-line parsing for MSVC and
	@@ -456,11 +456,11 @@
456	}
457	argv[argc] = NULL;
458	*argcPtr = argc;
459	((WCHAR **)argvPtr) = argv;
460	}
461	#endif /* defined(_WIN32) && !defined(__MINGW32__) */
462
463
464	/*
465	** Convert all arguments from mbcs (or unicode) to UTF-8. Then
466	** search g.argv for arguments "--args FILENAME". If found, then
	@@ -480,17 +480,17 @@
480	int n; /* Number of bytes in one line */
481	char z; / General use string pointer */
482	char *newArgv; / New expanded g.argv under construction */
483	char const * zFileName; /* input file name */
484	FILE * zInFile; /* input FILE */
485	#if defined(_WIN32) && !defined(__MINGW32__)
486	WCHAR buf[MAX_PATH];
487	#endif
488
489	g.argc = argc;
490	g.argv = argv;
491	#if defined(_WIN32) && !defined(__MINGW32__)
492	parse_windows_command_line(&g.argc, &g.argv);
493	GetModuleFileNameW(NULL, buf, MAX_PATH);
494	g.nameOfExe = fossil_unicode_to_utf8(buf);
495	for(i=0; i<g.argc; i++) g.argv[i] = fossil_unicode_to_utf8(g.argv[i]);
496	#else
497

	--- src/main.c
	+++ src/main.c
	@@ -343,11 +343,11 @@
343	if(g.db){
344	db_close(0);
345	}
346	}
347
348	#if defined(_WIN32)
349	/*
350	** Parse the command-line arguments passed to windows. We do this
351	** ourselves to work around bugs in the command-line parsing of MinGW.
352	** It is possible (in theory) to only use this routine when compiling
353	** with MinGW and to use built-in command-line parsing for MSVC and
	@@ -456,11 +456,11 @@
456	}
457	argv[argc] = NULL;
458	*argcPtr = argc;
459	((WCHAR **)argvPtr) = argv;
460	}
461	#endif /* defined(_WIN32) */
462
463
464	/*
465	** Convert all arguments from mbcs (or unicode) to UTF-8. Then
466	** search g.argv for arguments "--args FILENAME". If found, then
	@@ -480,17 +480,17 @@
480	int n; /* Number of bytes in one line */
481	char z; / General use string pointer */
482	char *newArgv; / New expanded g.argv under construction */
483	char const * zFileName; /* input file name */
484	FILE * zInFile; /* input FILE */
485	#if defined(_WIN32)
486	WCHAR buf[MAX_PATH];
487	#endif
488
489	g.argc = argc;
490	g.argv = argv;
491	#if defined(_WIN32)
492	parse_windows_command_line(&g.argc, &g.argv);
493	GetModuleFileNameW(NULL, buf, MAX_PATH);
494	g.nameOfExe = fossil_unicode_to_utf8(buf);
495	for(i=0; i<g.argc; i++) g.argv[i] = fossil_unicode_to_utf8(g.argv[i]);
496	#else
497

M src/report.c

+1 -1

		--- src/report.c
		+++ src/report.c
		@@ -730,11 +730,11 @@
730	730	}
731	731	if( zData[0] ){
732	732	Blob content;
733	733	@ </tr><tr style="background-color:%h(zBg)"><td colspan=%d(pState->nCol)>
734	734	blob_init(&content, zData, -1);
735		- wiki_convert(&content, 0, 0);
	735	+ wiki_convert(&content, 0, WIKI_NOBADLINKS);
736	736	blob_reset(&content);
737	737	}
738	738	}else if( azName[i][0]=='#' ){
739	739	zTid = zData;
740	740	@ <td valign="top">%z(href("%R/tktview?name=%h",zData))%h(zData)</a></td>
741	741

	--- src/report.c
	+++ src/report.c
	@@ -730,11 +730,11 @@
730	}
731	if( zData[0] ){
732	Blob content;
733	@ </tr><tr style="background-color:%h(zBg)"><td colspan=%d(pState->nCol)>
734	blob_init(&content, zData, -1);
735	wiki_convert(&content, 0, 0);
736	blob_reset(&content);
737	}
738	}else if( azName[i][0]=='#' ){
739	zTid = zData;
740	@ <td valign="top">%z(href("%R/tktview?name=%h",zData))%h(zData)</a></td>
741

	--- src/report.c
	+++ src/report.c
	@@ -730,11 +730,11 @@
730	}
731	if( zData[0] ){
732	Blob content;
733	@ </tr><tr style="background-color:%h(zBg)"><td colspan=%d(pState->nCol)>
734	blob_init(&content, zData, -1);
735	wiki_convert(&content, 0, WIKI_NOBADLINKS);
736	blob_reset(&content);
737	}
738	}else if( azName[i][0]=='#' ){
739	zTid = zData;
740	@ <td valign="top">%z(href("%R/tktview?name=%h",zData))%h(zData)</a></td>
741

M src/setup.c

+7 -1

		--- src/setup.c
		+++ src/setup.c
		@@ -934,10 +934,17 @@
934	934	@ if it does, your server will end up computing diffs and annotations for
935	935	@ every historical version of every file and creating ZIPs and tarballs of
936	936	@ every historical check-in, which can use a lot of CPU and bandwidth
937	937	@ even for relatively small projects.</p>
938	938
	939	+ @ <hr />
	940	+ onoff_attribute("Require a CAPTCHA if not logged in",
	941	+ "require-captcha", "reqcapt", 1);
	942	+ @ <p>Require a CAPTCHA for edit operations (appending, creating, or
	943	+ @ editing wiki or tickets or adding attachments to wiki or tickets)
	944	+ @ for users who are not logged in.</p>
	945	+
939	946	@ <hr />
940	947	entry_attribute("Public pages", 30, "public-pages",
941	948	"pubpage", "");
942	949	@ <p>A comma-separated list of glob patterns for pages that are accessible
943	950	@ without needing a login and using the privileges given by the
		@@ -944,11 +951,10 @@
944	951	@ "Default privileges" setting below. Example use case: Set this field
945	952	@ to "/doc/trunk/www/*" to give anonymous users read-only permission to the
946	953	@ latest version of the embedded documentation in the www/ folder without
947	954	@ allowing them to see the rest of the source code.
948	955	@ </p>
949		-
950	956
951	957	@ <hr />
952	958	onoff_attribute("Allow users to register themselves",
953	959	"self-register", "selfregister", 0);
954	960	@ <p>Allow users to register themselves through the HTTP UI.
955	961

	--- src/setup.c
	+++ src/setup.c
	@@ -934,10 +934,17 @@
934	@ if it does, your server will end up computing diffs and annotations for
935	@ every historical version of every file and creating ZIPs and tarballs of
936	@ every historical check-in, which can use a lot of CPU and bandwidth
937	@ even for relatively small projects.</p>
938







939	@ <hr />
940	entry_attribute("Public pages", 30, "public-pages",
941	"pubpage", "");
942	@ <p>A comma-separated list of glob patterns for pages that are accessible
943	@ without needing a login and using the privileges given by the
	@@ -944,11 +951,10 @@
944	@ "Default privileges" setting below. Example use case: Set this field
945	@ to "/doc/trunk/www/*" to give anonymous users read-only permission to the
946	@ latest version of the embedded documentation in the www/ folder without
947	@ allowing them to see the rest of the source code.
948	@ </p>
949
950
951	@ <hr />
952	onoff_attribute("Allow users to register themselves",
953	"self-register", "selfregister", 0);
954	@ <p>Allow users to register themselves through the HTTP UI.
955

	--- src/setup.c
	+++ src/setup.c
	@@ -934,10 +934,17 @@
934	@ if it does, your server will end up computing diffs and annotations for
935	@ every historical version of every file and creating ZIPs and tarballs of
936	@ every historical check-in, which can use a lot of CPU and bandwidth
937	@ even for relatively small projects.</p>
938
939	@ <hr />
940	onoff_attribute("Require a CAPTCHA if not logged in",
941	"require-captcha", "reqcapt", 1);
942	@ <p>Require a CAPTCHA for edit operations (appending, creating, or
943	@ editing wiki or tickets or adding attachments to wiki or tickets)
944	@ for users who are not logged in.</p>
945
946	@ <hr />
947	entry_attribute("Public pages", 30, "public-pages",
948	"pubpage", "");
949	@ <p>A comma-separated list of glob patterns for pages that are accessible
950	@ without needing a login and using the privileges given by the
	@@ -944,11 +951,10 @@
951	@ "Default privileges" setting below. Example use case: Set this field
952	@ to "/doc/trunk/www/*" to give anonymous users read-only permission to the
953	@ latest version of the embedded documentation in the www/ folder without
954	@ allowing them to see the rest of the source code.
955	@ </p>

956
957	@ <hr />
958	onoff_attribute("Allow users to register themselves",
959	"self-register", "selfregister", 0);
960	@ <p>Allow users to register themselves through the HTTP UI.
961

M src/style.c

+31 -2

		--- src/style.c
		+++ src/style.c
		@@ -47,16 +47,18 @@
47	47	*/
48	48	static int sideboxUsed = 0;
49	49
50	50
51	51	/*
52		-** List of hyperlinks that need to be resolved by javascript in
	52	+** List of hyperlinks and forms that need to be resolved by javascript in
53	53	** the footer.
54	54	*/
55	55	char **aHref = 0;
56	56	int nHref = 0;
57	57	int nHrefAlloc = 0;
	58	+char **aFormAction = 0;
	59	+int nFormAction = 0;
58	60
59	61	/*
60	62	** Generate and return a anchor tag like this:
61	63	**
62	64	** <a href="URL">
		@@ -119,23 +121,49 @@
119	121	aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0]));
120	122	}
121	123	aHref[nHref++] = zUrl;
122	124	return mprintf("<a id=%d>", nHref);
123	125	}
	126	+
	127	+/*
	128	+** Generate <form method="post" action=ARG>. The ARG value is inserted
	129	+** by javascript.
	130	+*/
	131	+void form_begin(const char zOtherArgs, const char zAction, ...){
	132	+ char *zLink;
	133	+ va_list ap;
	134	+ if( zOtherArgs==0 ) zOtherArgs = "";
	135	+ va_start(ap, zAction);
	136	+ zLink = vmprintf(zAction, ap);
	137	+ va_end(ap);
	138	+ if( g.perm.Hyperlink && !g.javascriptHyperlink ){
	139	+ @ <form method="POST" action="%z(zLink)" %s(zOtherArgs)>
	140	+ }else{
	141	+ int n;
	142	+ aFormAction = fossil_realloc(aFormAction, (nFormAction+1)sizeof(char));
	143	+ aFormAction[nFormAction++] = zLink;
	144	+ n = nFormAction;
	145	+ @ <form id="form%d(n)" method="POST" action='%R/login' %s(zOtherArgs)>
	146	+ }
	147	+}
124	148
125	149	/*
126	150	** Generate javascript that will set the href= attribute on all anchors.
127	151	*/
128	152	void style_resolve_href(void){
129	153	int i;
130		- if( !g.perm.Hyperlink \|\| !g.javascriptHyperlink \|\| nHref==0 ) return;
	154	+ if( !g.perm.Hyperlink \|\| !g.javascriptHyperlink ) return;
	155	+ if( nHref==0 && nFormAction==0 ) return;
131	156	@ <script type="text/JavaScript">
132	157	@ /* <![CDATA[ */
133	158	@ function u(i,h){gebi(i).href=h;}
134	159	for(i=0; i<nHref; i++){
135	160	@ u(%d(i+1),"%s(aHref[i])");
136	161	}
	162	+ for(i=0; i<nFormAction; i++){
	163	+ @ gebi("form%d(i+1)").action="%s(aFormAction[i])";
	164	+ }
137	165	@ /* ]]> */
138	166	@ </script>
139	167	}
140	168
141	169	/*
		@@ -684,10 +712,11 @@
684	712	@ margin-top: 10px;
685	713	},
686	714	{ "div.captcha",
687	715	"captcha display options",
688	716	@ text-align: center;
	717	+ @ padding: 1ex;
689	718	},
690	719	{ "table.captcha",
691	720	"format for the layout table, used for the captcha display",
692	721	@ margin: auto;
693	722	@ padding: 10px;
694	723

	--- src/style.c
	+++ src/style.c
	@@ -47,16 +47,18 @@
47	*/
48	static int sideboxUsed = 0;
49
50
51	/*
52	** List of hyperlinks that need to be resolved by javascript in
53	** the footer.
54	*/
55	char **aHref = 0;
56	int nHref = 0;
57	int nHrefAlloc = 0;


58
59	/*
60	** Generate and return a anchor tag like this:
61	**
62	** <a href="URL">
	@@ -119,23 +121,49 @@
119	aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0]));
120	}
121	aHref[nHref++] = zUrl;
122	return mprintf("<a id=%d>", nHref);
123	}






















124
125	/*
126	** Generate javascript that will set the href= attribute on all anchors.
127	*/
128	void style_resolve_href(void){
129	int i;
130	if( !g.perm.Hyperlink \|\| !g.javascriptHyperlink \|\| nHref==0 ) return;

131	@ <script type="text/JavaScript">
132	@ /* <![CDATA[ */
133	@ function u(i,h){gebi(i).href=h;}
134	for(i=0; i<nHref; i++){
135	@ u(%d(i+1),"%s(aHref[i])");
136	}



137	@ /* ]]> */
138	@ </script>
139	}
140
141	/*
	@@ -684,10 +712,11 @@
684	@ margin-top: 10px;
685	},
686	{ "div.captcha",
687	"captcha display options",
688	@ text-align: center;

689	},
690	{ "table.captcha",
691	"format for the layout table, used for the captcha display",
692	@ margin: auto;
693	@ padding: 10px;
694

	--- src/style.c
	+++ src/style.c
	@@ -47,16 +47,18 @@
47	*/
48	static int sideboxUsed = 0;
49
50
51	/*
52	** List of hyperlinks and forms that need to be resolved by javascript in
53	** the footer.
54	*/
55	char **aHref = 0;
56	int nHref = 0;
57	int nHrefAlloc = 0;
58	char **aFormAction = 0;
59	int nFormAction = 0;
60
61	/*
62	** Generate and return a anchor tag like this:
63	**
64	** <a href="URL">
	@@ -119,23 +121,49 @@
121	aHref = fossil_realloc(aHref, nHrefAlloc*sizeof(aHref[0]));
122	}
123	aHref[nHref++] = zUrl;
124	return mprintf("<a id=%d>", nHref);
125	}
126
127	/*
128	** Generate <form method="post" action=ARG>. The ARG value is inserted
129	** by javascript.
130	*/
131	void form_begin(const char zOtherArgs, const char zAction, ...){
132	char *zLink;
133	va_list ap;
134	if( zOtherArgs==0 ) zOtherArgs = "";
135	va_start(ap, zAction);
136	zLink = vmprintf(zAction, ap);
137	va_end(ap);
138	if( g.perm.Hyperlink && !g.javascriptHyperlink ){
139	@ <form method="POST" action="%z(zLink)" %s(zOtherArgs)>
140	}else{
141	int n;
142	aFormAction = fossil_realloc(aFormAction, (nFormAction+1)sizeof(char));
143	aFormAction[nFormAction++] = zLink;
144	n = nFormAction;
145	@ <form id="form%d(n)" method="POST" action='%R/login' %s(zOtherArgs)>
146	}
147	}
148
149	/*
150	** Generate javascript that will set the href= attribute on all anchors.
151	*/
152	void style_resolve_href(void){
153	int i;
154	if( !g.perm.Hyperlink \|\| !g.javascriptHyperlink ) return;
155	if( nHref==0 && nFormAction==0 ) return;
156	@ <script type="text/JavaScript">
157	@ /* <![CDATA[ */
158	@ function u(i,h){gebi(i).href=h;}
159	for(i=0; i<nHref; i++){
160	@ u(%d(i+1),"%s(aHref[i])");
161	}
162	for(i=0; i<nFormAction; i++){
163	@ gebi("form%d(i+1)").action="%s(aFormAction[i])";
164	}
165	@ /* ]]> */
166	@ </script>
167	}
168
169	/*
	@@ -684,10 +712,11 @@
712	@ margin-top: 10px;
713	},
714	{ "div.captcha",
715	"captcha display options",
716	@ text-align: center;
717	@ padding: 1ex;
718	},
719	{ "table.captcha",
720	"format for the layout table, used for the captcha display",
721	@ margin: auto;
722	@ padding: 10px;
723

M src/sync.c

+34 -32

		--- src/sync.c
		+++ src/sync.c
		@@ -19,19 +19,10 @@
19	19	*/
20	20	#include "config.h"
21	21	#include "sync.h"
22	22	#include <assert.h>
23	23
24		-#if INTERFACE
25		-/*
26		-** Flags used to determine which direction(s) an autosync goes in.
27		-*/
28		-#define AUTOSYNC_PUSH 1
29		-#define AUTOSYNC_PULL 2
30		-
31		-#endif /* INTERFACE */
32		-
33	24	/*
34	25	** If the repository is configured for autosyncing, then do an
35	26	** autosync. This will be a pull if the argument is true or a push
36	27	** if the argument is false.
37	28	**
		@@ -44,16 +35,16 @@
44	35	int rc;
45	36	int configSync = 0; /* configuration changes transferred */
46	37	if( g.fNoSync ){
47	38	return 0;
48	39	}
49		- if( flags==AUTOSYNC_PUSH && db_get_boolean("dont-push",0) ){
	40	+ if( flags==SYNC_PUSH && db_get_boolean("dont-push",0) ){
50	41	return 0;
51	42	}
52	43	zAutosync = db_get("autosync", 0);
53	44	if( zAutosync ){
54		- if( (flags & AUTOSYNC_PUSH)!=0 && memcmp(zAutosync,"pull",4)==0 ){
	45	+ if( (flags & SYNC_PUSH)!=0 && memcmp(zAutosync,"pull",4)==0 ){
55	46	return 0; /* Do not auto-push when autosync=pullonly */
56	47	}
57	48	if( is_false(zAutosync) ){
58	49	return 0; /* Autosync is completely off */
59	50	}
		@@ -79,13 +70,14 @@
79	70	** autosync, or something?
80	71	*/
81	72	configSync = CONFIGSET_SHUN;
82	73	}
83	74	#endif
	75	+ if( find_option("verbose","v",0)!=0 ) flags \|= SYNC_VERBOSE;
84	76	fossil_print("Autosync: %s\n", g.urlCanonical);
85	77	url_enable_proxy("via proxy: ");
86		- rc = client_sync((flags & AUTOSYNC_PUSH)!=0, 1, 0, 0, configSync, 0);
	78	+ rc = client_sync(flags, configSync, 0);
87	79	if( rc ) fossil_warning("Autosync failed");
88	80	return rc;
89	81	}
90	82
91	83	/*
		@@ -92,17 +84,22 @@
92	84	** This routine processes the command-line argument for push, pull,
93	85	** and sync. If a command-line argument is given, that is the URL
94	86	** of a server to sync against. If no argument is given, use the
95	87	** most recently synced URL. Remember the current URL for next time.
96	88	*/
97		-static void process_sync_args(int pConfigSync, int pPrivate){
	89	+static void process_sync_args(unsigned pConfigFlags, unsigned pSyncFlags){
98	90	const char *zUrl = 0;
99	91	const char *zPw = 0;
100		- int configSync = 0;
	92	+ unsigned configSync = 0;
101	93	int urlOptional = find_option("autourl",0,0)!=0;
102	94	g.dontKeepUrl = find_option("once",0,0)!=0;
103		- *pPrivate = find_option("private",0,0)!=0;
	95	+ if( find_option("private",0,0)!=0 ){
	96	+ *pSyncFlags \|= SYNC_PRIVATE;
	97	+ }
	98	+ if( find_option("verbose","v",0)!=0 ){
	99	+ *pSyncFlags \|= SYNC_VERBOSE;
	100	+ }
104	101	url_proxy_options();
105	102	db_find_and_open_repository(0, 0);
106	103	db_open_config(0);
107	104	if( g.argc==2 ){
108	105	zUrl = db_get("last-sync-url", 0);
		@@ -127,14 +124,20 @@
127	124	db_set("last-sync-url", g.urlCanonical, 0);
128	125	if( g.urlPasswd ) db_set("last-sync-pw", obscure(g.urlPasswd), 0);
129	126	}
130	127	user_select();
131	128	if( g.argc==2 ){
132		- fossil_print("Server: %s\n", g.urlCanonical);
	129	+ if( ((*pSyncFlags) & (SYNC_PUSH\|SYNC_PULL))==(SYNC_PUSH\|SYNC_PULL) ){
	130	+ fossil_print("Sync with %s\n", g.urlCanonical);
	131	+ }else if( (*pSyncFlags) & SYNC_PUSH ){
	132	+ fossil_print("Push to %s\n", g.urlCanonical);
	133	+ }else if( (*pSyncFlags) & SYNC_PULL ){
	134	+ fossil_print("Pull from %s\n", g.urlCanonical);
	135	+ }
133	136	}
134	137	url_enable_proxy("via proxy: ");
135		- *pConfigSync = configSync;
	138	+ *pConfigFlags \|= configSync;
136	139	}
137	140
138	141	/*
139	142	** COMMAND: pull
140	143	**
		@@ -156,14 +159,14 @@
156	159	** remote repository.
157	160	**
158	161	** See also: clone, push, sync, remote-url
159	162	*/
160	163	void pull_cmd(void){
161		- int syncFlags;
162		- int bPrivate;
163		- process_sync_args(&syncFlags, &bPrivate);
164		- client_sync(0,1,0,bPrivate,syncFlags,0);
	164	+ unsigned configFlags = 0;
	165	+ unsigned syncFlags = SYNC_PULL;
	166	+ process_sync_args(&configFlags, &syncFlags);
	167	+ client_sync(syncFlags, configFlags, 0);
165	168	}
166	169
167	170	/*
168	171	** COMMAND: push
169	172	**
		@@ -185,17 +188,17 @@
185	188	** remote repository.
186	189	**
187	190	** See also: clone, pull, sync, remote-url
188	191	*/
189	192	void push_cmd(void){
190		- int syncFlags;
191		- int bPrivate;
192		- process_sync_args(&syncFlags, &bPrivate);
	193	+ unsigned configFlags = 0;
	194	+ unsigned syncFlags = SYNC_PUSH;
	195	+ process_sync_args(&configFlags, &syncFlags);
193	196	if( db_get_boolean("dont-push",0) ){
194	197	fossil_fatal("pushing is prohibited: the 'dont-push' option is set");
195	198	}
196		- client_sync(1,0,0,bPrivate,0,0);
	199	+ client_sync(syncFlags, 0, 0);
197	200	}
198	201
199	202
200	203	/*
201	204	** COMMAND: sync
		@@ -223,17 +226,16 @@
223	226	** remote repository.
224	227	**
225	228	** See also: clone, push, pull, remote-url
226	229	*/
227	230	void sync_cmd(void){
228		- int syncFlags;
229		- int bPrivate;
230		- int pushFlag = 1;
231		- process_sync_args(&syncFlags, &bPrivate);
232		- if( db_get_boolean("dont-push",0) ) pushFlag = 0;
233		- client_sync(pushFlag,1,0,bPrivate,syncFlags,0);
234		- if( pushFlag==0 ){
	231	+ unsigned configFlags = 0;
	232	+ unsigned syncFlags = SYNC_PUSH\|SYNC_PULL;
	233	+ process_sync_args(&configFlags, &syncFlags);
	234	+ if( db_get_boolean("dont-push",0) ) syncFlags &= ~SYNC_PUSH;
	235	+ client_sync(syncFlags, configFlags, 0);
	236	+ if( (syncFlags & SYNC_PUSH)==0 ){
235	237	fossil_warning("pull only: the 'dont-push' option is set");
236	238	}
237	239	}
238	240
239	241	/*
240	242

	--- src/sync.c
	+++ src/sync.c
	@@ -19,19 +19,10 @@
19	*/
20	#include "config.h"
21	#include "sync.h"
22	#include <assert.h>
23
24	#if INTERFACE
25	/*
26	** Flags used to determine which direction(s) an autosync goes in.
27	*/
28	#define AUTOSYNC_PUSH 1
29	#define AUTOSYNC_PULL 2
30
31	#endif /* INTERFACE */
32
33	/*
34	** If the repository is configured for autosyncing, then do an
35	** autosync. This will be a pull if the argument is true or a push
36	** if the argument is false.
37	**
	@@ -44,16 +35,16 @@
44	int rc;
45	int configSync = 0; /* configuration changes transferred */
46	if( g.fNoSync ){
47	return 0;
48	}
49	if( flags==AUTOSYNC_PUSH && db_get_boolean("dont-push",0) ){
50	return 0;
51	}
52	zAutosync = db_get("autosync", 0);
53	if( zAutosync ){
54	if( (flags & AUTOSYNC_PUSH)!=0 && memcmp(zAutosync,"pull",4)==0 ){
55	return 0; /* Do not auto-push when autosync=pullonly */
56	}
57	if( is_false(zAutosync) ){
58	return 0; /* Autosync is completely off */
59	}
	@@ -79,13 +70,14 @@
79	** autosync, or something?
80	*/
81	configSync = CONFIGSET_SHUN;
82	}
83	#endif

84	fossil_print("Autosync: %s\n", g.urlCanonical);
85	url_enable_proxy("via proxy: ");
86	rc = client_sync((flags & AUTOSYNC_PUSH)!=0, 1, 0, 0, configSync, 0);
87	if( rc ) fossil_warning("Autosync failed");
88	return rc;
89	}
90
91	/*
	@@ -92,17 +84,22 @@
92	** This routine processes the command-line argument for push, pull,
93	** and sync. If a command-line argument is given, that is the URL
94	** of a server to sync against. If no argument is given, use the
95	** most recently synced URL. Remember the current URL for next time.
96	*/
97	static void process_sync_args(int pConfigSync, int pPrivate){
98	const char *zUrl = 0;
99	const char *zPw = 0;
100	int configSync = 0;
101	int urlOptional = find_option("autourl",0,0)!=0;
102	g.dontKeepUrl = find_option("once",0,0)!=0;
103	*pPrivate = find_option("private",0,0)!=0;





104	url_proxy_options();
105	db_find_and_open_repository(0, 0);
106	db_open_config(0);
107	if( g.argc==2 ){
108	zUrl = db_get("last-sync-url", 0);
	@@ -127,14 +124,20 @@
127	db_set("last-sync-url", g.urlCanonical, 0);
128	if( g.urlPasswd ) db_set("last-sync-pw", obscure(g.urlPasswd), 0);
129	}
130	user_select();
131	if( g.argc==2 ){
132	fossil_print("Server: %s\n", g.urlCanonical);






133	}
134	url_enable_proxy("via proxy: ");
135	*pConfigSync = configSync;
136	}
137
138	/*
139	** COMMAND: pull
140	**
	@@ -156,14 +159,14 @@
156	** remote repository.
157	**
158	** See also: clone, push, sync, remote-url
159	*/
160	void pull_cmd(void){
161	int syncFlags;
162	int bPrivate;
163	process_sync_args(&syncFlags, &bPrivate);
164	client_sync(0,1,0,bPrivate,syncFlags,0);
165	}
166
167	/*
168	** COMMAND: push
169	**
	@@ -185,17 +188,17 @@
185	** remote repository.
186	**
187	** See also: clone, pull, sync, remote-url
188	*/
189	void push_cmd(void){
190	int syncFlags;
191	int bPrivate;
192	process_sync_args(&syncFlags, &bPrivate);
193	if( db_get_boolean("dont-push",0) ){
194	fossil_fatal("pushing is prohibited: the 'dont-push' option is set");
195	}
196	client_sync(1,0,0,bPrivate,0,0);
197	}
198
199
200	/*
201	** COMMAND: sync
	@@ -223,17 +226,16 @@
223	** remote repository.
224	**
225	** See also: clone, push, pull, remote-url
226	*/
227	void sync_cmd(void){
228	int syncFlags;
229	int bPrivate;
230	int pushFlag = 1;
231	process_sync_args(&syncFlags, &bPrivate);
232	if( db_get_boolean("dont-push",0) ) pushFlag = 0;
233	client_sync(pushFlag,1,0,bPrivate,syncFlags,0);
234	if( pushFlag==0 ){
235	fossil_warning("pull only: the 'dont-push' option is set");
236	}
237	}
238
239	/*
240

	--- src/sync.c
	+++ src/sync.c
	@@ -19,19 +19,10 @@
19	*/
20	#include "config.h"
21	#include "sync.h"
22	#include <assert.h>
23









24	/*
25	** If the repository is configured for autosyncing, then do an
26	** autosync. This will be a pull if the argument is true or a push
27	** if the argument is false.
28	**
	@@ -44,16 +35,16 @@
35	int rc;
36	int configSync = 0; /* configuration changes transferred */
37	if( g.fNoSync ){
38	return 0;
39	}
40	if( flags==SYNC_PUSH && db_get_boolean("dont-push",0) ){
41	return 0;
42	}
43	zAutosync = db_get("autosync", 0);
44	if( zAutosync ){
45	if( (flags & SYNC_PUSH)!=0 && memcmp(zAutosync,"pull",4)==0 ){
46	return 0; /* Do not auto-push when autosync=pullonly */
47	}
48	if( is_false(zAutosync) ){
49	return 0; /* Autosync is completely off */
50	}
	@@ -79,13 +70,14 @@
70	** autosync, or something?
71	*/
72	configSync = CONFIGSET_SHUN;
73	}
74	#endif
75	if( find_option("verbose","v",0)!=0 ) flags \|= SYNC_VERBOSE;
76	fossil_print("Autosync: %s\n", g.urlCanonical);
77	url_enable_proxy("via proxy: ");
78	rc = client_sync(flags, configSync, 0);
79	if( rc ) fossil_warning("Autosync failed");
80	return rc;
81	}
82
83	/*
	@@ -92,17 +84,22 @@
84	** This routine processes the command-line argument for push, pull,
85	** and sync. If a command-line argument is given, that is the URL
86	** of a server to sync against. If no argument is given, use the
87	** most recently synced URL. Remember the current URL for next time.
88	*/
89	static void process_sync_args(unsigned pConfigFlags, unsigned pSyncFlags){
90	const char *zUrl = 0;
91	const char *zPw = 0;
92	unsigned configSync = 0;
93	int urlOptional = find_option("autourl",0,0)!=0;
94	g.dontKeepUrl = find_option("once",0,0)!=0;
95	if( find_option("private",0,0)!=0 ){
96	*pSyncFlags \|= SYNC_PRIVATE;
97	}
98	if( find_option("verbose","v",0)!=0 ){
99	*pSyncFlags \|= SYNC_VERBOSE;
100	}
101	url_proxy_options();
102	db_find_and_open_repository(0, 0);
103	db_open_config(0);
104	if( g.argc==2 ){
105	zUrl = db_get("last-sync-url", 0);
	@@ -127,14 +124,20 @@
124	db_set("last-sync-url", g.urlCanonical, 0);
125	if( g.urlPasswd ) db_set("last-sync-pw", obscure(g.urlPasswd), 0);
126	}
127	user_select();
128	if( g.argc==2 ){
129	if( ((*pSyncFlags) & (SYNC_PUSH\|SYNC_PULL))==(SYNC_PUSH\|SYNC_PULL) ){
130	fossil_print("Sync with %s\n", g.urlCanonical);
131	}else if( (*pSyncFlags) & SYNC_PUSH ){
132	fossil_print("Push to %s\n", g.urlCanonical);
133	}else if( (*pSyncFlags) & SYNC_PULL ){
134	fossil_print("Pull from %s\n", g.urlCanonical);
135	}
136	}
137	url_enable_proxy("via proxy: ");
138	*pConfigFlags \|= configSync;
139	}
140
141	/*
142	** COMMAND: pull
143	**
	@@ -156,14 +159,14 @@
159	** remote repository.
160	**
161	** See also: clone, push, sync, remote-url
162	*/
163	void pull_cmd(void){
164	unsigned configFlags = 0;
165	unsigned syncFlags = SYNC_PULL;
166	process_sync_args(&configFlags, &syncFlags);
167	client_sync(syncFlags, configFlags, 0);
168	}
169
170	/*
171	** COMMAND: push
172	**
	@@ -185,17 +188,17 @@
188	** remote repository.
189	**
190	** See also: clone, pull, sync, remote-url
191	*/
192	void push_cmd(void){
193	unsigned configFlags = 0;
194	unsigned syncFlags = SYNC_PUSH;
195	process_sync_args(&configFlags, &syncFlags);
196	if( db_get_boolean("dont-push",0) ){
197	fossil_fatal("pushing is prohibited: the 'dont-push' option is set");
198	}
199	client_sync(syncFlags, 0, 0);
200	}
201
202
203	/*
204	** COMMAND: sync
	@@ -223,17 +226,16 @@
226	** remote repository.
227	**
228	** See also: clone, push, pull, remote-url
229	*/
230	void sync_cmd(void){
231	unsigned configFlags = 0;
232	unsigned syncFlags = SYNC_PUSH\|SYNC_PULL;
233	process_sync_args(&configFlags, &syncFlags);
234	if( db_get_boolean("dont-push",0) ) syncFlags &= ~SYNC_PUSH;
235	client_sync(syncFlags, configFlags, 0);
236	if( (syncFlags & SYNC_PUSH)==0 ){

237	fossil_warning("pull only: the 'dont-push' option is set");
238	}
239	}
240
241	/*
242

M src/th_main.c

+50 -10

		--- src/th_main.c
		+++ src/th_main.c
		@@ -98,11 +98,12 @@
98	98	return zRc;
99	99	}
100	100
101	101	/*
102	102	** Send text to the appropriate output: Either to the console
103		-** or to the CGI reply buffer.
	103	+** or to the CGI reply buffer. Escape all characters with special
	104	+** meaning to HTML if the encode parameter is true.
104	105	*/
105	106	static void sendText(const char *z, int n, int encode){
106	107	if( enableOutput && n ){
107	108	if( n<0 ) n = strlen(z);
108	109	if( encode ){
		@@ -130,11 +131,11 @@
130	131
131	132	/*
132	133	** TH command: puts STRING
133	134	** TH command: html STRING
134	135	**
135		-** Output STRING as HTML (html) or unchanged (puts).
	136	+** Output STRING escaped for HTML (html) or unchanged (puts).
136	137	*/
137	138	static int putsCmd(
138	139	Th_Interp *interp,
139	140	void *pConvert,
140	141	int argc,
		@@ -142,11 +143,11 @@
142	143	int *argl
143	144	){
144	145	if( argc!=2 ){
145	146	return Th_WrongNumArgs(interp, "puts STRING");
146	147	}
147		- sendText((char*)argv[1], argl[1], pConvert!=0);
	148	+ sendText((char)argv[1], argl[1], (unsigned int*)pConvert);
148	149	return TH_OK;
149	150	}
150	151
151	152	/*
152	153	** TH command: wiki STRING
		@@ -158,17 +159,18 @@
158	159	void *p,
159	160	int argc,
160	161	const char **argv,
161	162	int *argl
162	163	){
	164	+ int flags = WIKI_INLINE \| WIKI_NOBADLINKS \| (unsigned int)p;
163	165	if( argc!=2 ){
164	166	return Th_WrongNumArgs(interp, "wiki STRING");
165	167	}
166	168	if( enableOutput ){
167	169	Blob src;
168	170	blob_init(&src, (char*)argv[1], argl[1]);
169		- wiki_convert(&src, 0, WIKI_INLINE);
	171	+ wiki_convert(&src, 0, flags);
170	172	blob_reset(&src);
171	173	}
172	174	return TH_OK;
173	175	}
174	176
		@@ -530,38 +532,76 @@
530	532	sqlite3_snprintf(sizeof(zUTime), zUTime, "%llu", x);
531	533	Th_SetResult(interp, zUTime, -1);
532	534	return TH_OK;
533	535	}
534	536
	537	+
	538	+/*
	539	+** TH1 command: randhex N
	540	+**
	541	+** Return N*2 random hexadecimal digits with N<50. If N is omitted,
	542	+** use a value of 10.
	543	+*/
	544	+static int randhexCmd(
	545	+ Th_Interp *interp,
	546	+ void *p,
	547	+ int argc,
	548	+ const char **argv,
	549	+ int *argl
	550	+){
	551	+ int n;
	552	+ unsigned char aRand[50];
	553	+ unsigned char zOut[100];
	554	+ if( argc!=1 && argc!=2 ){
	555	+ return Th_WrongNumArgs(interp, "repository ?BOOLEAN?");
	556	+ }
	557	+ if( argc==2 ){
	558	+ if( Th_ToInt(interp, argv[1], argl[1], &n) ){
	559	+ return TH_ERROR;
	560	+ }
	561	+ if( n<1 ) n = 1;
	562	+ if( n>sizeof(aRand) ) n = sizeof(aRand);
	563	+ }else{
	564	+ n = 10;
	565	+ }
	566	+ sqlite3_randomness(n, aRand);
	567	+ encode16(aRand, zOut, n);
	568	+ Th_SetResult(interp, (const char *)zOut, -1);
	569	+ return TH_OK;
	570	+}
	571	+
535	572
536	573	/*
537	574	** Make sure the interpreter has been initialized. Initialize it if
538	575	** it has not been already.
539	576	**
540	577	** The interpreter is stored in the g.interp global variable.
541	578	*/
542	579	void Th_FossilInit(int needConfig, int forceSetup){
543	580	int wasInit = 0;
	581	+ static unsigned int aFlags[] = { 0, 1, WIKI_LINKSONLY };
544	582	static struct _Command {
545	583	const char *zName;
546	584	Th_CommandProc xProc;
547	585	void *pContext;
548	586	} aCommand[] = {
549	587	{"anycap", anycapCmd, 0},
550	588	{"combobox", comboboxCmd, 0},
	589	+ {"date", dateCmd, 0},
	590	+ {"decorate", wikiCmd, (void*)&aFlags[2]},
551	591	{"enable_output", enableOutputCmd, 0},
552		- {"linecount", linecntCmd, 0},
553	592	{"hascap", hascapCmd, 0},
554	593	{"hasfeature", hasfeatureCmd, 0},
	594	+ {"html", putsCmd, (void*)&aFlags[0]},
555	595	{"htmlize", htmlizeCmd, 0},
556		- {"date", dateCmd, 0},
557		- {"html", putsCmd, 0},
558		- {"puts", putsCmd, (void*)1},
559		- {"wiki", wikiCmd, 0},
	596	+ {"linecount", linecntCmd, 0},
	597	+ {"puts", putsCmd, (void*)&aFlags[1]},
	598	+ {"randhex", randhexCmd, 0},
560	599	{"repository", repositoryCmd, 0},
561		- {"utime", utimeCmd, 0},
562	600	{"stime", stimeCmd, 0},
	601	+ {"utime", utimeCmd, 0},
	602	+ {"wiki", wikiCmd, (void*)&aFlags[0]},
563	603	{0, 0, 0}
564	604	};
565	605	if( needConfig ){
566	606	/*
567	607	** This function uses several settings which may be defined in the
568	608

	--- src/th_main.c
	+++ src/th_main.c
	@@ -98,11 +98,12 @@
98	return zRc;
99	}
100
101	/*
102	** Send text to the appropriate output: Either to the console
103	** or to the CGI reply buffer.

104	*/
105	static void sendText(const char *z, int n, int encode){
106	if( enableOutput && n ){
107	if( n<0 ) n = strlen(z);
108	if( encode ){
	@@ -130,11 +131,11 @@
130
131	/*
132	** TH command: puts STRING
133	** TH command: html STRING
134	**
135	** Output STRING as HTML (html) or unchanged (puts).
136	*/
137	static int putsCmd(
138	Th_Interp *interp,
139	void *pConvert,
140	int argc,
	@@ -142,11 +143,11 @@
142	int *argl
143	){
144	if( argc!=2 ){
145	return Th_WrongNumArgs(interp, "puts STRING");
146	}
147	sendText((char*)argv[1], argl[1], pConvert!=0);
148	return TH_OK;
149	}
150
151	/*
152	** TH command: wiki STRING
	@@ -158,17 +159,18 @@
158	void *p,
159	int argc,
160	const char **argv,
161	int *argl
162	){

163	if( argc!=2 ){
164	return Th_WrongNumArgs(interp, "wiki STRING");
165	}
166	if( enableOutput ){
167	Blob src;
168	blob_init(&src, (char*)argv[1], argl[1]);
169	wiki_convert(&src, 0, WIKI_INLINE);
170	blob_reset(&src);
171	}
172	return TH_OK;
173	}
174
	@@ -530,38 +532,76 @@
530	sqlite3_snprintf(sizeof(zUTime), zUTime, "%llu", x);
531	Th_SetResult(interp, zUTime, -1);
532	return TH_OK;
533	}
534



































535
536	/*
537	** Make sure the interpreter has been initialized. Initialize it if
538	** it has not been already.
539	**
540	** The interpreter is stored in the g.interp global variable.
541	*/
542	void Th_FossilInit(int needConfig, int forceSetup){
543	int wasInit = 0;

544	static struct _Command {
545	const char *zName;
546	Th_CommandProc xProc;
547	void *pContext;
548	} aCommand[] = {
549	{"anycap", anycapCmd, 0},
550	{"combobox", comboboxCmd, 0},


551	{"enable_output", enableOutputCmd, 0},
552	{"linecount", linecntCmd, 0},
553	{"hascap", hascapCmd, 0},
554	{"hasfeature", hasfeatureCmd, 0},

555	{"htmlize", htmlizeCmd, 0},
556	{"date", dateCmd, 0},
557	{"html", putsCmd, 0},
558	{"puts", putsCmd, (void*)1},
559	{"wiki", wikiCmd, 0},
560	{"repository", repositoryCmd, 0},
561	{"utime", utimeCmd, 0},
562	{"stime", stimeCmd, 0},


563	{0, 0, 0}
564	};
565	if( needConfig ){
566	/*
567	** This function uses several settings which may be defined in the
568

	--- src/th_main.c
	+++ src/th_main.c
	@@ -98,11 +98,12 @@
98	return zRc;
99	}
100
101	/*
102	** Send text to the appropriate output: Either to the console
103	** or to the CGI reply buffer. Escape all characters with special
104	** meaning to HTML if the encode parameter is true.
105	*/
106	static void sendText(const char *z, int n, int encode){
107	if( enableOutput && n ){
108	if( n<0 ) n = strlen(z);
109	if( encode ){
	@@ -130,11 +131,11 @@
131
132	/*
133	** TH command: puts STRING
134	** TH command: html STRING
135	**
136	** Output STRING escaped for HTML (html) or unchanged (puts).
137	*/
138	static int putsCmd(
139	Th_Interp *interp,
140	void *pConvert,
141	int argc,
	@@ -142,11 +143,11 @@
143	int *argl
144	){
145	if( argc!=2 ){
146	return Th_WrongNumArgs(interp, "puts STRING");
147	}
148	sendText((char)argv[1], argl[1], (unsigned int*)pConvert);
149	return TH_OK;
150	}
151
152	/*
153	** TH command: wiki STRING
	@@ -158,17 +159,18 @@
159	void *p,
160	int argc,
161	const char **argv,
162	int *argl
163	){
164	int flags = WIKI_INLINE \| WIKI_NOBADLINKS \| (unsigned int)p;
165	if( argc!=2 ){
166	return Th_WrongNumArgs(interp, "wiki STRING");
167	}
168	if( enableOutput ){
169	Blob src;
170	blob_init(&src, (char*)argv[1], argl[1]);
171	wiki_convert(&src, 0, flags);
172	blob_reset(&src);
173	}
174	return TH_OK;
175	}
176
	@@ -530,38 +532,76 @@
532	sqlite3_snprintf(sizeof(zUTime), zUTime, "%llu", x);
533	Th_SetResult(interp, zUTime, -1);
534	return TH_OK;
535	}
536
537
538	/*
539	** TH1 command: randhex N
540	**
541	** Return N*2 random hexadecimal digits with N<50. If N is omitted,
542	** use a value of 10.
543	*/
544	static int randhexCmd(
545	Th_Interp *interp,
546	void *p,
547	int argc,
548	const char **argv,
549	int *argl
550	){
551	int n;
552	unsigned char aRand[50];
553	unsigned char zOut[100];
554	if( argc!=1 && argc!=2 ){
555	return Th_WrongNumArgs(interp, "repository ?BOOLEAN?");
556	}
557	if( argc==2 ){
558	if( Th_ToInt(interp, argv[1], argl[1], &n) ){
559	return TH_ERROR;
560	}
561	if( n<1 ) n = 1;
562	if( n>sizeof(aRand) ) n = sizeof(aRand);
563	}else{
564	n = 10;
565	}
566	sqlite3_randomness(n, aRand);
567	encode16(aRand, zOut, n);
568	Th_SetResult(interp, (const char *)zOut, -1);
569	return TH_OK;
570	}
571
572
573	/*
574	** Make sure the interpreter has been initialized. Initialize it if
575	** it has not been already.
576	**
577	** The interpreter is stored in the g.interp global variable.
578	*/
579	void Th_FossilInit(int needConfig, int forceSetup){
580	int wasInit = 0;
581	static unsigned int aFlags[] = { 0, 1, WIKI_LINKSONLY };
582	static struct _Command {
583	const char *zName;
584	Th_CommandProc xProc;
585	void *pContext;
586	} aCommand[] = {
587	{"anycap", anycapCmd, 0},
588	{"combobox", comboboxCmd, 0},
589	{"date", dateCmd, 0},
590	{"decorate", wikiCmd, (void*)&aFlags[2]},
591	{"enable_output", enableOutputCmd, 0},

592	{"hascap", hascapCmd, 0},
593	{"hasfeature", hasfeatureCmd, 0},
594	{"html", putsCmd, (void*)&aFlags[0]},
595	{"htmlize", htmlizeCmd, 0},
596	{"linecount", linecntCmd, 0},
597	{"puts", putsCmd, (void*)&aFlags[1]},
598	{"randhex", randhexCmd, 0},

599	{"repository", repositoryCmd, 0},

600	{"stime", stimeCmd, 0},
601	{"utime", utimeCmd, 0},
602	{"wiki", wikiCmd, (void*)&aFlags[0]},
603	{0, 0, 0}
604	};
605	if( needConfig ){
606	/*
607	** This function uses several settings which may be defined in the
608

M src/timeline.c

+8 -6

		--- src/timeline.c
		+++ src/timeline.c
		@@ -85,10 +85,11 @@
85	85	** Generate a hyperlink to a user. This will link to a timeline showing
86	86	** events by that user. If the date+time is specified, then the timeline
87	87	** is centered on that date+time.
88	88	*/
89	89	void hyperlink_to_user(const char zU, const char zD, const char *zSuf){
	90	+ if( zU==0 \|\| zU[0]==0 ) zU = "anonymous";
90	91	if( zSuf==0 ) zSuf = "";
91	92	if( g.perm.Hyperlink ){
92	93	if( zD && zD[0] ){
93	94	@ %z(href("%R/timeline?c=%T&u=%T",zD,zU))%h(zU)</a>%s(zSuf)
94	95	}else{
		@@ -209,13 +210,13 @@
209	210
210	211	zPrevDate[0] = 0;
211	212	plainText = db_get_int("timeline-plaintext", 0);
212	213	mxWikiLen = db_get_int("timeline-max-comment", 0);
213	214	if( db_get_boolean("timeline-block-markup", 0) ){
214		- wikiFlags = WIKI_INLINE;
	215	+ wikiFlags = WIKI_INLINE \| WIKI_NOBADLINKS;
215	216	}else{
216		- wikiFlags = WIKI_INLINE \| WIKI_NOBLOCK;
	217	+ wikiFlags = WIKI_INLINE \| WIKI_NOBLOCK \| WIKI_NOBADLINKS;
217	218	}
218	219	if( tmFlags & TIMELINE_GRAPH ){
219	220	pGraph = graph_init();
220	221	/* style is not moved to css, because this is
221	222	** a technical div for the timeline graph
		@@ -237,10 +238,11 @@
237	238	const char *zDate = db_column_text(pQuery, 2);
238	239	const char *zType = db_column_text(pQuery, 7);
239	240	const char *zUser = db_column_text(pQuery, 4);
240	241	const char *zTagList = db_column_text(pQuery, 8);
241	242	int tagid = db_column_int(pQuery, 9);
	243	+ const char *zDispUser = zUser && zUser[0] ? zUser : "anonymous";
242	244	const char zBr = 0; / Branch */
243	245	int commentColumn = 3; /* Column containing comment text */
244	246	int modPending; /* Pending moderation */
245	247	char zTime[8];
246	248
		@@ -372,15 +374,15 @@
372	374
373	375	/* Generate the "user: USERNAME" at the end of the comment, together
374	376	** with a hyperlink to another timeline for that user.
375	377	*/
376	378	if( zTagList && zTagList[0]==0 ) zTagList = 0;
377		- if( g.perm.Hyperlink && fossil_strcmp(zUser, zThisUser)!=0 ){
378		- char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zUser, zDate);
379		- @ (user: %z(href("%z",zLink))%h(zUser)</a>%s(zTagList?",":"\051")
	379	+ if( g.perm.Hyperlink && fossil_strcmp(zDispUser, zThisUser)!=0 ){
	380	+ char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zDispUser, zDate);
	381	+ @ (user: %z(href("%z",zLink))%h(zDispUser)</a>%s(zTagList?",":"\051")
380	382	}else{
381		- @ (user: %h(zUser)%s(zTagList?",":"\051")
	383	+ @ (user: %h(zDispUser)%s(zTagList?",":"\051")
382	384	}
383	385
384	386	/* Generate a "detail" link for tags. */
385	387	if( (zType[0]=='g' \|\| zType[0]=='w' \|\| zType[0]=='t') && g.perm.Hyperlink ){
386	388	@ [%z(href("%R/info/%S",zUuid))details</a>]
387	389

	--- src/timeline.c
	+++ src/timeline.c
	@@ -85,10 +85,11 @@
85	** Generate a hyperlink to a user. This will link to a timeline showing
86	** events by that user. If the date+time is specified, then the timeline
87	** is centered on that date+time.
88	*/
89	void hyperlink_to_user(const char zU, const char zD, const char *zSuf){

90	if( zSuf==0 ) zSuf = "";
91	if( g.perm.Hyperlink ){
92	if( zD && zD[0] ){
93	@ %z(href("%R/timeline?c=%T&u=%T",zD,zU))%h(zU)</a>%s(zSuf)
94	}else{
	@@ -209,13 +210,13 @@
209
210	zPrevDate[0] = 0;
211	plainText = db_get_int("timeline-plaintext", 0);
212	mxWikiLen = db_get_int("timeline-max-comment", 0);
213	if( db_get_boolean("timeline-block-markup", 0) ){
214	wikiFlags = WIKI_INLINE;
215	}else{
216	wikiFlags = WIKI_INLINE \| WIKI_NOBLOCK;
217	}
218	if( tmFlags & TIMELINE_GRAPH ){
219	pGraph = graph_init();
220	/* style is not moved to css, because this is
221	** a technical div for the timeline graph
	@@ -237,10 +238,11 @@
237	const char *zDate = db_column_text(pQuery, 2);
238	const char *zType = db_column_text(pQuery, 7);
239	const char *zUser = db_column_text(pQuery, 4);
240	const char *zTagList = db_column_text(pQuery, 8);
241	int tagid = db_column_int(pQuery, 9);

242	const char zBr = 0; / Branch */
243	int commentColumn = 3; /* Column containing comment text */
244	int modPending; /* Pending moderation */
245	char zTime[8];
246
	@@ -372,15 +374,15 @@
372
373	/* Generate the "user: USERNAME" at the end of the comment, together
374	** with a hyperlink to another timeline for that user.
375	*/
376	if( zTagList && zTagList[0]==0 ) zTagList = 0;
377	if( g.perm.Hyperlink && fossil_strcmp(zUser, zThisUser)!=0 ){
378	char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zUser, zDate);
379	@ (user: %z(href("%z",zLink))%h(zUser)</a>%s(zTagList?",":"\051")
380	}else{
381	@ (user: %h(zUser)%s(zTagList?",":"\051")
382	}
383
384	/* Generate a "detail" link for tags. */
385	if( (zType[0]=='g' \|\| zType[0]=='w' \|\| zType[0]=='t') && g.perm.Hyperlink ){
386	@ [%z(href("%R/info/%S",zUuid))details</a>]
387

	--- src/timeline.c
	+++ src/timeline.c
	@@ -85,10 +85,11 @@
85	** Generate a hyperlink to a user. This will link to a timeline showing
86	** events by that user. If the date+time is specified, then the timeline
87	** is centered on that date+time.
88	*/
89	void hyperlink_to_user(const char zU, const char zD, const char *zSuf){
90	if( zU==0 \|\| zU[0]==0 ) zU = "anonymous";
91	if( zSuf==0 ) zSuf = "";
92	if( g.perm.Hyperlink ){
93	if( zD && zD[0] ){
94	@ %z(href("%R/timeline?c=%T&u=%T",zD,zU))%h(zU)</a>%s(zSuf)
95	}else{
	@@ -209,13 +210,13 @@
210
211	zPrevDate[0] = 0;
212	plainText = db_get_int("timeline-plaintext", 0);
213	mxWikiLen = db_get_int("timeline-max-comment", 0);
214	if( db_get_boolean("timeline-block-markup", 0) ){
215	wikiFlags = WIKI_INLINE \| WIKI_NOBADLINKS;
216	}else{
217	wikiFlags = WIKI_INLINE \| WIKI_NOBLOCK \| WIKI_NOBADLINKS;
218	}
219	if( tmFlags & TIMELINE_GRAPH ){
220	pGraph = graph_init();
221	/* style is not moved to css, because this is
222	** a technical div for the timeline graph
	@@ -237,10 +238,11 @@
238	const char *zDate = db_column_text(pQuery, 2);
239	const char *zType = db_column_text(pQuery, 7);
240	const char *zUser = db_column_text(pQuery, 4);
241	const char *zTagList = db_column_text(pQuery, 8);
242	int tagid = db_column_int(pQuery, 9);
243	const char *zDispUser = zUser && zUser[0] ? zUser : "anonymous";
244	const char zBr = 0; / Branch */
245	int commentColumn = 3; /* Column containing comment text */
246	int modPending; /* Pending moderation */
247	char zTime[8];
248
	@@ -372,15 +374,15 @@
374
375	/* Generate the "user: USERNAME" at the end of the comment, together
376	** with a hyperlink to another timeline for that user.
377	*/
378	if( zTagList && zTagList[0]==0 ) zTagList = 0;
379	if( g.perm.Hyperlink && fossil_strcmp(zDispUser, zThisUser)!=0 ){
380	char *zLink = mprintf("%R/timeline?u=%h&c=%t&nd", zDispUser, zDate);
381	@ (user: %z(href("%z",zLink))%h(zDispUser)</a>%s(zTagList?",":"\051")
382	}else{
383	@ (user: %h(zDispUser)%s(zTagList?",":"\051")
384	}
385
386	/* Generate a "detail" link for tags. */
387	if( (zType[0]=='g' \|\| zType[0]=='w' \|\| zType[0]=='t') && g.perm.Hyperlink ){
388	@ [%z(href("%R/info/%S",zUuid))details</a>]
389

M src/tkt.c

+13 -7

		--- src/tkt.c
		+++ src/tkt.c
		@@ -430,10 +430,14 @@
430	430	int i;
431	431	int nJ = 0;
432	432	Blob tktchng, cksum;
433	433
434	434	login_verify_csrf_secret();
	435	+ if( !captcha_is_correct() ){
	436	+ @ <p class="generalError">Error: Incorrect security code.</p>
	437	+ return TH_OK;
	438	+ }
435	439	zUuid = (const char *)pUuid;
436	440	blob_zero(&tktchng);
437	441	zDate = date_in_standard_format("now");
438	442	blob_appendf(&tktchng, "D %s\n", zDate);
439	443	free(zDate);
		@@ -522,26 +526,27 @@
522	526	if( g.thTrace ) Th_Trace("BEGIN_TKTNEW<br />\n", -1);
523	527	ticket_init();
524	528	getAllTicketFields();
525	529	initializeVariablesFromDb();
526	530	initializeVariablesFromCGI();
527		- @ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><p>
	531	+ form_begin(0, "%R/%s", g.zPath);
528	532	login_insert_csrf_secret();
529	533	if( P("date_override") && g.perm.Setup ){
530	534	@ <input type="hidden" name="date_override" value="%h(P("date_override"))">
531	535	}
532	536	@ </p>
533	537	zScript = ticket_newpage_code();
534		- Th_Store("login", g.zLogin);
	538	+ Th_Store("login", g.zLogin ? g.zLogin : "nobody");
535	539	Th_Store("date", db_text(0, "SELECT datetime('now')"));
536	540	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd,
537	541	(void*)&zNewUuid, 0);
538	542	if( g.thTrace ) Th_Trace("BEGIN_TKTNEW_SCRIPT<br />\n", -1);
539	543	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zNewUuid ){
540	544	cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zNewUuid));
541	545	return;
542	546	}
	547	+ captcha_generate();
543	548	@ </form>
544	549	if( g.thTrace ) Th_Trace("END_TKTVIEW<br />\n", -1);
545	550	style_footer();
546	551	}
547	552
		@@ -591,24 +596,25 @@
591	596	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1);
592	597	ticket_init();
593	598	getAllTicketFields();
594	599	initializeVariablesFromCGI();
595	600	initializeVariablesFromDb();
596		- @ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><p>
	601	+ form_begin(0, "%R/%s", g.zPath);
597	602	@ <input type="hidden" name="name" value="%s(zName)" />
598	603	login_insert_csrf_secret();
599	604	@ </p>
600	605	zScript = ticket_editpage_code();
601		- Th_Store("login", g.zLogin);
	606	+ Th_Store("login", g.zLogin ? g.zLogin : "nobody");
602	607	Th_Store("date", db_text(0, "SELECT datetime('now')"));
603	608	Th_CreateCommand(g.interp, "append_field", appendRemarkCmd, 0, 0);
604	609	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd, (void*)&zName,0);
605	610	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT_SCRIPT<br />\n", -1);
606	611	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zName ){
607	612	cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zName));
608	613	return;
609	614	}
	615	+ captcha_generate();
610	616	@ </form>
611	617	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1);
612	618	style_footer();
613	619	}
614	620
		@@ -829,15 +835,15 @@
829	835	const char *z;
830	836	z = pTkt->aField[i].zName;
831	837	blob_set(&val, pTkt->aField[i].zValue);
832	838	if( z[0]=='+' ){
833	839	@ <li>Appended to %h(&z[1]):<blockquote>
834		- wiki_convert(&val, 0, 0);
	840	+ wiki_convert(&val, 0, WIKI_NOBADLINKS);
835	841	@ </blockquote></li>
836	842	}else if( blob_size(&val)<=50 && contains_newline(&val) ){
837	843	@ <li>Change %h(z) to:<blockquote>
838		- wiki_convert(&val, 0, 0);
	844	+ wiki_convert(&val, 0, WIKI_NOBADLINKS);
839	845	@ </blockquote></li>
840	846	}else{
841	847	@ <li>Change %h(z) to "%h(blob_str(&val))"</li>
842	848	}
843	849	blob_reset(&val);
		@@ -1006,11 +1012,11 @@
1006	1012	eCmd = history;
1007	1013	}else{
1008	1014	eCmd = set;
1009	1015	}
1010	1016	if( g.argc==3 ){
1011		- usage("set TICKETUUID");
	1017	+ usage("set\|change\|history TICKETUUID");
1012	1018	}
1013	1019	zTktUuid = db_text(0,
1014	1020	"SELECT tkt_uuid FROM ticket WHERE tkt_uuid GLOB '%s*'", g.argv[3]
1015	1021	);
1016	1022	if( !zTktUuid ){
1017	1023

	--- src/tkt.c
	+++ src/tkt.c
	@@ -430,10 +430,14 @@
430	int i;
431	int nJ = 0;
432	Blob tktchng, cksum;
433
434	login_verify_csrf_secret();




435	zUuid = (const char *)pUuid;
436	blob_zero(&tktchng);
437	zDate = date_in_standard_format("now");
438	blob_appendf(&tktchng, "D %s\n", zDate);
439	free(zDate);
	@@ -522,26 +526,27 @@
522	if( g.thTrace ) Th_Trace("BEGIN_TKTNEW<br />\n", -1);
523	ticket_init();
524	getAllTicketFields();
525	initializeVariablesFromDb();
526	initializeVariablesFromCGI();
527	@ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><p>
528	login_insert_csrf_secret();
529	if( P("date_override") && g.perm.Setup ){
530	@ <input type="hidden" name="date_override" value="%h(P("date_override"))">
531	}
532	@ </p>
533	zScript = ticket_newpage_code();
534	Th_Store("login", g.zLogin);
535	Th_Store("date", db_text(0, "SELECT datetime('now')"));
536	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd,
537	(void*)&zNewUuid, 0);
538	if( g.thTrace ) Th_Trace("BEGIN_TKTNEW_SCRIPT<br />\n", -1);
539	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zNewUuid ){
540	cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zNewUuid));
541	return;
542	}

543	@ </form>
544	if( g.thTrace ) Th_Trace("END_TKTVIEW<br />\n", -1);
545	style_footer();
546	}
547
	@@ -591,24 +596,25 @@
591	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1);
592	ticket_init();
593	getAllTicketFields();
594	initializeVariablesFromCGI();
595	initializeVariablesFromDb();
596	@ <form method="post" action="%s(g.zTop)/%s(g.zPath)"><p>
597	@ <input type="hidden" name="name" value="%s(zName)" />
598	login_insert_csrf_secret();
599	@ </p>
600	zScript = ticket_editpage_code();
601	Th_Store("login", g.zLogin);
602	Th_Store("date", db_text(0, "SELECT datetime('now')"));
603	Th_CreateCommand(g.interp, "append_field", appendRemarkCmd, 0, 0);
604	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd, (void*)&zName,0);
605	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT_SCRIPT<br />\n", -1);
606	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zName ){
607	cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zName));
608	return;
609	}

610	@ </form>
611	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1);
612	style_footer();
613	}
614
	@@ -829,15 +835,15 @@
829	const char *z;
830	z = pTkt->aField[i].zName;
831	blob_set(&val, pTkt->aField[i].zValue);
832	if( z[0]=='+' ){
833	@ <li>Appended to %h(&z[1]):<blockquote>
834	wiki_convert(&val, 0, 0);
835	@ </blockquote></li>
836	}else if( blob_size(&val)<=50 && contains_newline(&val) ){
837	@ <li>Change %h(z) to:<blockquote>
838	wiki_convert(&val, 0, 0);
839	@ </blockquote></li>
840	}else{
841	@ <li>Change %h(z) to "%h(blob_str(&val))"</li>
842	}
843	blob_reset(&val);
	@@ -1006,11 +1012,11 @@
1006	eCmd = history;
1007	}else{
1008	eCmd = set;
1009	}
1010	if( g.argc==3 ){
1011	usage("set TICKETUUID");
1012	}
1013	zTktUuid = db_text(0,
1014	"SELECT tkt_uuid FROM ticket WHERE tkt_uuid GLOB '%s*'", g.argv[3]
1015	);
1016	if( !zTktUuid ){
1017

	--- src/tkt.c
	+++ src/tkt.c
	@@ -430,10 +430,14 @@
430	int i;
431	int nJ = 0;
432	Blob tktchng, cksum;
433
434	login_verify_csrf_secret();
435	if( !captcha_is_correct() ){
436	@ <p class="generalError">Error: Incorrect security code.</p>
437	return TH_OK;
438	}
439	zUuid = (const char *)pUuid;
440	blob_zero(&tktchng);
441	zDate = date_in_standard_format("now");
442	blob_appendf(&tktchng, "D %s\n", zDate);
443	free(zDate);
	@@ -522,26 +526,27 @@
526	if( g.thTrace ) Th_Trace("BEGIN_TKTNEW<br />\n", -1);
527	ticket_init();
528	getAllTicketFields();
529	initializeVariablesFromDb();
530	initializeVariablesFromCGI();
531	form_begin(0, "%R/%s", g.zPath);
532	login_insert_csrf_secret();
533	if( P("date_override") && g.perm.Setup ){
534	@ <input type="hidden" name="date_override" value="%h(P("date_override"))">
535	}
536	@ </p>
537	zScript = ticket_newpage_code();
538	Th_Store("login", g.zLogin ? g.zLogin : "nobody");
539	Th_Store("date", db_text(0, "SELECT datetime('now')"));
540	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd,
541	(void*)&zNewUuid, 0);
542	if( g.thTrace ) Th_Trace("BEGIN_TKTNEW_SCRIPT<br />\n", -1);
543	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zNewUuid ){
544	cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zNewUuid));
545	return;
546	}
547	captcha_generate();
548	@ </form>
549	if( g.thTrace ) Th_Trace("END_TKTVIEW<br />\n", -1);
550	style_footer();
551	}
552
	@@ -591,24 +596,25 @@
596	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1);
597	ticket_init();
598	getAllTicketFields();
599	initializeVariablesFromCGI();
600	initializeVariablesFromDb();
601	form_begin(0, "%R/%s", g.zPath);
602	@ <input type="hidden" name="name" value="%s(zName)" />
603	login_insert_csrf_secret();
604	@ </p>
605	zScript = ticket_editpage_code();
606	Th_Store("login", g.zLogin ? g.zLogin : "nobody");
607	Th_Store("date", db_text(0, "SELECT datetime('now')"));
608	Th_CreateCommand(g.interp, "append_field", appendRemarkCmd, 0, 0);
609	Th_CreateCommand(g.interp, "submit_ticket", submitTicketCmd, (void*)&zName,0);
610	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT_SCRIPT<br />\n", -1);
611	if( Th_Render(zScript)==TH_RETURN && !g.thTrace && zName ){
612	cgi_redirect(mprintf("%s/tktview/%s", g.zTop, zName));
613	return;
614	}
615	captcha_generate();
616	@ </form>
617	if( g.thTrace ) Th_Trace("BEGIN_TKTEDIT<br />\n", -1);
618	style_footer();
619	}
620
	@@ -829,15 +835,15 @@
835	const char *z;
836	z = pTkt->aField[i].zName;
837	blob_set(&val, pTkt->aField[i].zValue);
838	if( z[0]=='+' ){
839	@ <li>Appended to %h(&z[1]):<blockquote>
840	wiki_convert(&val, 0, WIKI_NOBADLINKS);
841	@ </blockquote></li>
842	}else if( blob_size(&val)<=50 && contains_newline(&val) ){
843	@ <li>Change %h(z) to:<blockquote>
844	wiki_convert(&val, 0, WIKI_NOBADLINKS);
845	@ </blockquote></li>
846	}else{
847	@ <li>Change %h(z) to "%h(blob_str(&val))"</li>
848	}
849	blob_reset(&val);
	@@ -1006,11 +1012,11 @@
1012	eCmd = history;
1013	}else{
1014	eCmd = set;
1015	}
1016	if( g.argc==3 ){
1017	usage("set\|change\|history TICKETUUID");
1018	}
1019	zTktUuid = db_text(0,
1020	"SELECT tkt_uuid FROM ticket WHERE tkt_uuid GLOB '%s*'", g.argv[3]
1021	);
1022	if( !zTktUuid ){
1023

M src/update.c

+3 -1

		--- src/update.c
		+++ src/update.c
		@@ -123,11 +123,13 @@
123	123	db_must_be_within_tree();
124	124	vid = db_lget_int("checkout", 0);
125	125	if( vid==0 ){
126	126	fossil_fatal("cannot find current version");
127	127	}
128		- if( !nochangeFlag && !internalUpdate ) autosync(AUTOSYNC_PULL);
	128	+ if( !nochangeFlag && !internalUpdate ){
	129	+ autosync(SYNC_PULL + SYNC_VERBOSE*verboseFlag);
	130	+ }
129	131
130	132	/* Create any empty directories now, as well as after the update,
131	133	** so changes in settings are reflected now */
132	134	if( !nochangeFlag ) ensure_empty_dirs_created();
133	135
134	136

	--- src/update.c
	+++ src/update.c
	@@ -123,11 +123,13 @@
123	db_must_be_within_tree();
124	vid = db_lget_int("checkout", 0);
125	if( vid==0 ){
126	fossil_fatal("cannot find current version");
127	}
128	if( !nochangeFlag && !internalUpdate ) autosync(AUTOSYNC_PULL);


129
130	/* Create any empty directories now, as well as after the update,
131	** so changes in settings are reflected now */
132	if( !nochangeFlag ) ensure_empty_dirs_created();
133
134

	--- src/update.c
	+++ src/update.c
	@@ -123,11 +123,13 @@
123	db_must_be_within_tree();
124	vid = db_lget_int("checkout", 0);
125	if( vid==0 ){
126	fossil_fatal("cannot find current version");
127	}
128	if( !nochangeFlag && !internalUpdate ){
129	autosync(SYNC_PULL + SYNC_VERBOSE*verboseFlag);
130	}
131
132	/* Create any empty directories now, as well as after the update,
133	** so changes in settings are reflected now */
134	if( !nochangeFlag ) ensure_empty_dirs_created();
135
136

M src/wiki.c

+37 -11

		--- src/wiki.c
		+++ src/wiki.c
		@@ -127,10 +127,11 @@
127	127	*/
128	128	void wiki_page(void){
129	129	char *zTag;
130	130	int rid = 0;
131	131	int isSandbox;
	132	+ char *zUuid;
132	133	Blob wiki;
133	134	Manifest *pWiki = 0;
134	135	const char *zPageName;
135	136	char *zBody = mprintf("%s","<i>Empty Page</i>");
136	137
		@@ -159,12 +160,13 @@
159	160	@ <li> %z(href("%R/wcontent"))List of All Wiki Pages</a>
160	161	@ available on this server.</li>
161	162	if( g.perm.ModWiki ){
162	163	@ <li> %z(href("%R/modreq"))Tend to pending moderation requests</a></li>
163	164	}
164		- @ <li> <form method="get" action="%s(g.zTop)/wfind"><div>
165		- @ Search wiki titles: <input type="text" name="title"/>
	165	+ @ <li>
	166	+ form_begin(0, "%R/wfind");
	167	+ @ <div>Search wiki titles: <input type="text" name="title"/>
166	168	@   <input type="submit" /></div></form>
167	169	@ </li>
168	170	@ </ul>
169	171	style_footer();
170	172	return;
		@@ -171,10 +173,11 @@
171	173	}
172	174	if( check_name(zPageName) ) return;
173	175	isSandbox = is_sandbox(zPageName);
174	176	if( isSandbox ){
175	177	zBody = db_get("sandbox",zBody);
	178	+ rid = 0;
176	179	}else{
177	180	zTag = mprintf("wiki-%s", zPageName);
178	181	rid = db_int(0,
179	182	"SELECT rid FROM tagxref"
180	183	" WHERE tagid=(SELECT tagid FROM tag WHERE tagname=%Q)"
		@@ -185,10 +188,17 @@
185	188	if( pWiki ){
186	189	zBody = pWiki->zWiki;
187	190	}
188	191	}
189	192	if( !g.isHome ){
	193	+ if( rid ){
	194	+ style_submenu_element("Diff", "Last change",
	195	+ "%R/wdiff?name=%T&a=%d", zPageName, rid);
	196	+ zUuid = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", rid);
	197	+ style_submenu_element("Details", "Details",
	198	+ "%R/info/%S", zUuid);
	199	+ }
190	200	if( (rid && g.perm.WrWiki) \|\| (!rid && g.perm.NewWiki) ){
191	201	if( db_get_boolean("wysiwyg-wiki", 0) ){
192	202	style_submenu_element("Edit", "Edit Wiki Page",
193	203	"%s/wikiedit?name=%T&wysiwyg=1",
194	204	g.zTop, zPageName);
		@@ -253,10 +263,11 @@
253	263	const char *zPageName;
254	264	int n;
255	265	const char *z;
256	266	char zBody = (char)P("w");
257	267	int isWysiwyg = P("wysiwyg")!=0;
	268	+ int goodCaptcha = 1;
258	269
259	270	if( P("edit-wysiwyg")!=0 ){ isWysiwyg = 1; zBody = 0; }
260	271	if( P("edit-markup")!=0 ){ isWysiwyg = 0; zBody = 0; }
261	272	if( zBody ){
262	273	if( isWysiwyg ){
		@@ -294,11 +305,13 @@
294	305	}
295	306	if( zBody==0 && (pWiki = manifest_get(rid, CFTYPE_WIKI))!=0 ){
296	307	zBody = pWiki->zWiki;
297	308	}
298	309	}
299		- if( P("submit")!=0 && zBody!=0 ){
	310	+ if( P("submit")!=0 && zBody!=0
	311	+ && (goodCaptcha = captcha_is_correct())
	312	+ ){
300	313	char *zDate;
301	314	Blob cksum;
302	315	blob_zero(&wiki);
303	316	db_begin_transaction();
304	317	if( isSandbox ){
		@@ -333,10 +346,13 @@
333	346	if( zBody==0 ){
334	347	zBody = mprintf("<i>Empty Page</i>");
335	348	}
336	349	style_set_current_page("%s?name=%T", g.zPath, zPageName);
337	350	style_header("Edit: %s", zPageName);
	351	+ if( !goodCaptcha ){
	352	+ @ <p class="generalError">Error: Incorrect security code.</p>
	353	+ }
338	354	blob_zero(&wiki);
339	355	blob_append(&wiki, zBody, -1);
340	356	if( P("preview")!=0 ){
341	357	@ Preview:<hr />
342	358	wiki_convert(&wiki, 0, 0);
		@@ -348,11 +364,12 @@
348	364	}
349	365	if( n<20 ) n = 20;
350	366	if( n>30 ) n = 30;
351	367	if( !isWysiwyg ){
352	368	/* Traditional markup-only editing */
353		- @ <form method="post" action="%s(g.zTop)/wikiedit"><div>
	369	+ form_begin(0, "%R/wikiedit");
	370	+ @ <div>
354	371	@ <textarea name="w" class="wikiedit" cols="80"
355	372	@ rows="%d(n)" wrap="virtual">%h(zBody)</textarea>
356	373	@ <br />
357	374	if( db_get_boolean("wysiwyg-wiki", 0) ){
358	375	@ <input type="submit" name="edit-wysiwyg" value="Wysiwyg Editor"
		@@ -360,12 +377,12 @@
360	377	}
361	378	@ <input type="submit" name="preview" value="Preview Your Changes" />
362	379	}else{
363	380	/* Wysiwyg editing */
364	381	Blob html, temp;
365		- @ <form method="post" action="%s(g.zTop)/wikiedit"
366		- @ onsubmit="wysiwygSubmit()"><div>
	382	+ form_begin("onsubmit='wysiwygSubmit()'", "%R/wikiedit");
	383	+ @ <div>
367	384	@ <input type="hidden" name="wysiwyg" value="1" />
368	385	blob_zero(&temp);
369	386	wiki_convert(&wiki, &temp, 0);
370	387	blob_zero(&html);
371	388	htmlTidy(blob_str(&temp), &html);
		@@ -374,16 +391,18 @@
374	391	blob_reset(&html);
375	392	@ <br />
376	393	@ <input type="submit" name="edit-markup" value="Markup Editor"
377	394	@ onclick='return confirm("Switching to markup-mode\nwill erase your WYSIWYG\nedits. Continue?")' />
378	395	}
379		- @ <input type="submit" name="submit" value="Apply These Changes" />
380	396	login_insert_csrf_secret();
	397	+ @ <input type="submit" name="submit" value="Apply These Changes" />
381	398	@ <input type="hidden" name="name" value="%h(zPageName)" />
382	399	@ <input type="submit" name="cancel" value="Cancel"
383	400	@ onclick='confirm("Abandon your changes?")' />
384		- @ </div></form>
	401	+ @ </div>
	402	+ captcha_generate();
	403	+ @ </form>
385	404	manifest_destroy(pWiki);
386	405	blob_reset(&wiki);
387	406	style_footer();
388	407	}
389	408
		@@ -410,11 +429,11 @@
410	429	}
411	430	}
412	431	style_header("Create A New Wiki Page");
413	432	@ <p>Rules for wiki page names:</p>
414	433	well_formed_wiki_name_rules();
415		- @ <form method="post" action="%s(g.zTop)/wikinew">
	434	+ form_begin(0, "%R/wikinew");
416	435	@ <p>Name of new wiki page:
417	436	@ <input style="width: 35;" type="text" name="name" value="%h(zName)" />
418	437	@ <input type="submit" value="Create" />
419	438	@ </p></form>
420	439	if( zName[0] ){
		@@ -455,10 +474,11 @@
455	474	char *zTag;
456	475	int rid = 0;
457	476	int isSandbox;
458	477	const char *zPageName;
459	478	const char *zUser;
	479	+ int goodCaptcha = 1;
460	480
461	481	login_check_credentials();
462	482	zPageName = PD("name","");
463	483	if( check_name(zPageName) ) return;
464	484	isSandbox = is_sandbox(zPageName);
		@@ -477,11 +497,13 @@
477	497	}
478	498	if( !g.perm.ApndWiki ){
479	499	login_needed();
480	500	return;
481	501	}
482		- if( P("submit")!=0 && P("r")!=0 && P("u")!=0 ){
	502	+ if( P("submit")!=0 && P("r")!=0 && P("u")!=0
	503	+ && (goodCaptcha = captcha_is_correct())
	504	+ ){
483	505	char *zDate;
484	506	Blob cksum;
485	507	Blob body;
486	508	Blob wiki;
487	509	Manifest *pWiki = 0;
		@@ -525,10 +547,13 @@
525	547	cgi_redirectf("wiki?name=%T", zPageName);
526	548	return;
527	549	}
528	550	style_set_current_page("%s?name=%T", g.zPath, zPageName);
529	551	style_header("Append Comment To: %s", zPageName);
	552	+ if( !goodCaptcha ){
	553	+ @ <p class="generalError">Error: Incorrect security code.</p>
	554	+ }
530	555	if( P("preview")!=0 ){
531	556	Blob preview;
532	557	blob_zero(&preview);
533	558	appendRemark(&preview);
534	559	@ Preview:<hr>
		@@ -535,11 +560,11 @@
535	560	wiki_convert(&preview, 0, 0);
536	561	@ <hr>
537	562	blob_reset(&preview);
538	563	}
539	564	zUser = PD("u", g.zLogin);
540		- @ <form method="post" action="%s(g.zTop)/wikiappend">
	565	+ form_begin(0, "%R/wikiappend");
541	566	login_insert_csrf_secret();
542	567	@ <input type="hidden" name="name" value="%h(zPageName)" />
543	568	@ Your Name:
544	569	@ <input type="text" name="u" size="20" value="%h(zUser)" /><br />
545	570	@ Comment to append:<br />
		@@ -547,10 +572,11 @@
547	572	@ rows="10" wrap="virtual">%h(PD("r",""))</textarea>
548	573	@ <br />
549	574	@ <input type="submit" name="preview" value="Preview Your Comment" />
550	575	@ <input type="submit" name="submit" value="Append Your Changes" />
551	576	@ <input type="submit" name="cancel" value="Cancel" />
	577	+ captcha_generate();
552	578	@ </form>
553	579	style_footer();
554	580	}
555	581
556	582	/*
557	583

	--- src/wiki.c
	+++ src/wiki.c
	@@ -127,10 +127,11 @@
127	*/
128	void wiki_page(void){
129	char *zTag;
130	int rid = 0;
131	int isSandbox;

132	Blob wiki;
133	Manifest *pWiki = 0;
134	const char *zPageName;
135	char *zBody = mprintf("%s","<i>Empty Page</i>");
136
	@@ -159,12 +160,13 @@
159	@ <li> %z(href("%R/wcontent"))List of All Wiki Pages</a>
160	@ available on this server.</li>
161	if( g.perm.ModWiki ){
162	@ <li> %z(href("%R/modreq"))Tend to pending moderation requests</a></li>
163	}
164	@ <li> <form method="get" action="%s(g.zTop)/wfind"><div>
165	@ Search wiki titles: <input type="text" name="title"/>

166	@   <input type="submit" /></div></form>
167	@ </li>
168	@ </ul>
169	style_footer();
170	return;
	@@ -171,10 +173,11 @@
171	}
172	if( check_name(zPageName) ) return;
173	isSandbox = is_sandbox(zPageName);
174	if( isSandbox ){
175	zBody = db_get("sandbox",zBody);

176	}else{
177	zTag = mprintf("wiki-%s", zPageName);
178	rid = db_int(0,
179	"SELECT rid FROM tagxref"
180	" WHERE tagid=(SELECT tagid FROM tag WHERE tagname=%Q)"
	@@ -185,10 +188,17 @@
185	if( pWiki ){
186	zBody = pWiki->zWiki;
187	}
188	}
189	if( !g.isHome ){







190	if( (rid && g.perm.WrWiki) \|\| (!rid && g.perm.NewWiki) ){
191	if( db_get_boolean("wysiwyg-wiki", 0) ){
192	style_submenu_element("Edit", "Edit Wiki Page",
193	"%s/wikiedit?name=%T&wysiwyg=1",
194	g.zTop, zPageName);
	@@ -253,10 +263,11 @@
253	const char *zPageName;
254	int n;
255	const char *z;
256	char zBody = (char)P("w");
257	int isWysiwyg = P("wysiwyg")!=0;

258
259	if( P("edit-wysiwyg")!=0 ){ isWysiwyg = 1; zBody = 0; }
260	if( P("edit-markup")!=0 ){ isWysiwyg = 0; zBody = 0; }
261	if( zBody ){
262	if( isWysiwyg ){
	@@ -294,11 +305,13 @@
294	}
295	if( zBody==0 && (pWiki = manifest_get(rid, CFTYPE_WIKI))!=0 ){
296	zBody = pWiki->zWiki;
297	}
298	}
299	if( P("submit")!=0 && zBody!=0 ){


300	char *zDate;
301	Blob cksum;
302	blob_zero(&wiki);
303	db_begin_transaction();
304	if( isSandbox ){
	@@ -333,10 +346,13 @@
333	if( zBody==0 ){
334	zBody = mprintf("<i>Empty Page</i>");
335	}
336	style_set_current_page("%s?name=%T", g.zPath, zPageName);
337	style_header("Edit: %s", zPageName);



338	blob_zero(&wiki);
339	blob_append(&wiki, zBody, -1);
340	if( P("preview")!=0 ){
341	@ Preview:<hr />
342	wiki_convert(&wiki, 0, 0);
	@@ -348,11 +364,12 @@
348	}
349	if( n<20 ) n = 20;
350	if( n>30 ) n = 30;
351	if( !isWysiwyg ){
352	/* Traditional markup-only editing */
353	@ <form method="post" action="%s(g.zTop)/wikiedit"><div>

354	@ <textarea name="w" class="wikiedit" cols="80"
355	@ rows="%d(n)" wrap="virtual">%h(zBody)</textarea>
356	@ <br />
357	if( db_get_boolean("wysiwyg-wiki", 0) ){
358	@ <input type="submit" name="edit-wysiwyg" value="Wysiwyg Editor"
	@@ -360,12 +377,12 @@
360	}
361	@ <input type="submit" name="preview" value="Preview Your Changes" />
362	}else{
363	/* Wysiwyg editing */
364	Blob html, temp;
365	@ <form method="post" action="%s(g.zTop)/wikiedit"
366	@ onsubmit="wysiwygSubmit()"><div>
367	@ <input type="hidden" name="wysiwyg" value="1" />
368	blob_zero(&temp);
369	wiki_convert(&wiki, &temp, 0);
370	blob_zero(&html);
371	htmlTidy(blob_str(&temp), &html);
	@@ -374,16 +391,18 @@
374	blob_reset(&html);
375	@ <br />
376	@ <input type="submit" name="edit-markup" value="Markup Editor"
377	@ onclick='return confirm("Switching to markup-mode\nwill erase your WYSIWYG\nedits. Continue?")' />
378	}
379	@ <input type="submit" name="submit" value="Apply These Changes" />
380	login_insert_csrf_secret();

381	@ <input type="hidden" name="name" value="%h(zPageName)" />
382	@ <input type="submit" name="cancel" value="Cancel"
383	@ onclick='confirm("Abandon your changes?")' />
384	@ </div></form>


385	manifest_destroy(pWiki);
386	blob_reset(&wiki);
387	style_footer();
388	}
389
	@@ -410,11 +429,11 @@
410	}
411	}
412	style_header("Create A New Wiki Page");
413	@ <p>Rules for wiki page names:</p>
414	well_formed_wiki_name_rules();
415	@ <form method="post" action="%s(g.zTop)/wikinew">
416	@ <p>Name of new wiki page:
417	@ <input style="width: 35;" type="text" name="name" value="%h(zName)" />
418	@ <input type="submit" value="Create" />
419	@ </p></form>
420	if( zName[0] ){
	@@ -455,10 +474,11 @@
455	char *zTag;
456	int rid = 0;
457	int isSandbox;
458	const char *zPageName;
459	const char *zUser;

460
461	login_check_credentials();
462	zPageName = PD("name","");
463	if( check_name(zPageName) ) return;
464	isSandbox = is_sandbox(zPageName);
	@@ -477,11 +497,13 @@
477	}
478	if( !g.perm.ApndWiki ){
479	login_needed();
480	return;
481	}
482	if( P("submit")!=0 && P("r")!=0 && P("u")!=0 ){


483	char *zDate;
484	Blob cksum;
485	Blob body;
486	Blob wiki;
487	Manifest *pWiki = 0;
	@@ -525,10 +547,13 @@
525	cgi_redirectf("wiki?name=%T", zPageName);
526	return;
527	}
528	style_set_current_page("%s?name=%T", g.zPath, zPageName);
529	style_header("Append Comment To: %s", zPageName);



530	if( P("preview")!=0 ){
531	Blob preview;
532	blob_zero(&preview);
533	appendRemark(&preview);
534	@ Preview:<hr>
	@@ -535,11 +560,11 @@
535	wiki_convert(&preview, 0, 0);
536	@ <hr>
537	blob_reset(&preview);
538	}
539	zUser = PD("u", g.zLogin);
540	@ <form method="post" action="%s(g.zTop)/wikiappend">
541	login_insert_csrf_secret();
542	@ <input type="hidden" name="name" value="%h(zPageName)" />
543	@ Your Name:
544	@ <input type="text" name="u" size="20" value="%h(zUser)" /><br />
545	@ Comment to append:<br />
	@@ -547,10 +572,11 @@
547	@ rows="10" wrap="virtual">%h(PD("r",""))</textarea>
548	@ <br />
549	@ <input type="submit" name="preview" value="Preview Your Comment" />
550	@ <input type="submit" name="submit" value="Append Your Changes" />
551	@ <input type="submit" name="cancel" value="Cancel" />

552	@ </form>
553	style_footer();
554	}
555
556	/*
557

	--- src/wiki.c
	+++ src/wiki.c
	@@ -127,10 +127,11 @@
127	*/
128	void wiki_page(void){
129	char *zTag;
130	int rid = 0;
131	int isSandbox;
132	char *zUuid;
133	Blob wiki;
134	Manifest *pWiki = 0;
135	const char *zPageName;
136	char *zBody = mprintf("%s","<i>Empty Page</i>");
137
	@@ -159,12 +160,13 @@
160	@ <li> %z(href("%R/wcontent"))List of All Wiki Pages</a>
161	@ available on this server.</li>
162	if( g.perm.ModWiki ){
163	@ <li> %z(href("%R/modreq"))Tend to pending moderation requests</a></li>
164	}
165	@ <li>
166	form_begin(0, "%R/wfind");
167	@ <div>Search wiki titles: <input type="text" name="title"/>
168	@   <input type="submit" /></div></form>
169	@ </li>
170	@ </ul>
171	style_footer();
172	return;
	@@ -171,10 +173,11 @@
173	}
174	if( check_name(zPageName) ) return;
175	isSandbox = is_sandbox(zPageName);
176	if( isSandbox ){
177	zBody = db_get("sandbox",zBody);
178	rid = 0;
179	}else{
180	zTag = mprintf("wiki-%s", zPageName);
181	rid = db_int(0,
182	"SELECT rid FROM tagxref"
183	" WHERE tagid=(SELECT tagid FROM tag WHERE tagname=%Q)"
	@@ -185,10 +188,17 @@
188	if( pWiki ){
189	zBody = pWiki->zWiki;
190	}
191	}
192	if( !g.isHome ){
193	if( rid ){
194	style_submenu_element("Diff", "Last change",
195	"%R/wdiff?name=%T&a=%d", zPageName, rid);
196	zUuid = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", rid);
197	style_submenu_element("Details", "Details",
198	"%R/info/%S", zUuid);
199	}
200	if( (rid && g.perm.WrWiki) \|\| (!rid && g.perm.NewWiki) ){
201	if( db_get_boolean("wysiwyg-wiki", 0) ){
202	style_submenu_element("Edit", "Edit Wiki Page",
203	"%s/wikiedit?name=%T&wysiwyg=1",
204	g.zTop, zPageName);
	@@ -253,10 +263,11 @@
263	const char *zPageName;
264	int n;
265	const char *z;
266	char zBody = (char)P("w");
267	int isWysiwyg = P("wysiwyg")!=0;
268	int goodCaptcha = 1;
269
270	if( P("edit-wysiwyg")!=0 ){ isWysiwyg = 1; zBody = 0; }
271	if( P("edit-markup")!=0 ){ isWysiwyg = 0; zBody = 0; }
272	if( zBody ){
273	if( isWysiwyg ){
	@@ -294,11 +305,13 @@
305	}
306	if( zBody==0 && (pWiki = manifest_get(rid, CFTYPE_WIKI))!=0 ){
307	zBody = pWiki->zWiki;
308	}
309	}
310	if( P("submit")!=0 && zBody!=0
311	&& (goodCaptcha = captcha_is_correct())
312	){
313	char *zDate;
314	Blob cksum;
315	blob_zero(&wiki);
316	db_begin_transaction();
317	if( isSandbox ){
	@@ -333,10 +346,13 @@
346	if( zBody==0 ){
347	zBody = mprintf("<i>Empty Page</i>");
348	}
349	style_set_current_page("%s?name=%T", g.zPath, zPageName);
350	style_header("Edit: %s", zPageName);
351	if( !goodCaptcha ){
352	@ <p class="generalError">Error: Incorrect security code.</p>
353	}
354	blob_zero(&wiki);
355	blob_append(&wiki, zBody, -1);
356	if( P("preview")!=0 ){
357	@ Preview:<hr />
358	wiki_convert(&wiki, 0, 0);
	@@ -348,11 +364,12 @@
364	}
365	if( n<20 ) n = 20;
366	if( n>30 ) n = 30;
367	if( !isWysiwyg ){
368	/* Traditional markup-only editing */
369	form_begin(0, "%R/wikiedit");
370	@ <div>
371	@ <textarea name="w" class="wikiedit" cols="80"
372	@ rows="%d(n)" wrap="virtual">%h(zBody)</textarea>
373	@ <br />
374	if( db_get_boolean("wysiwyg-wiki", 0) ){
375	@ <input type="submit" name="edit-wysiwyg" value="Wysiwyg Editor"
	@@ -360,12 +377,12 @@
377	}
378	@ <input type="submit" name="preview" value="Preview Your Changes" />
379	}else{
380	/* Wysiwyg editing */
381	Blob html, temp;
382	form_begin("onsubmit='wysiwygSubmit()'", "%R/wikiedit");
383	@ <div>
384	@ <input type="hidden" name="wysiwyg" value="1" />
385	blob_zero(&temp);
386	wiki_convert(&wiki, &temp, 0);
387	blob_zero(&html);
388	htmlTidy(blob_str(&temp), &html);
	@@ -374,16 +391,18 @@
391	blob_reset(&html);
392	@ <br />
393	@ <input type="submit" name="edit-markup" value="Markup Editor"
394	@ onclick='return confirm("Switching to markup-mode\nwill erase your WYSIWYG\nedits. Continue?")' />
395	}

396	login_insert_csrf_secret();
397	@ <input type="submit" name="submit" value="Apply These Changes" />
398	@ <input type="hidden" name="name" value="%h(zPageName)" />
399	@ <input type="submit" name="cancel" value="Cancel"
400	@ onclick='confirm("Abandon your changes?")' />
401	@ </div>
402	captcha_generate();
403	@ </form>
404	manifest_destroy(pWiki);
405	blob_reset(&wiki);
406	style_footer();
407	}
408
	@@ -410,11 +429,11 @@
429	}
430	}
431	style_header("Create A New Wiki Page");
432	@ <p>Rules for wiki page names:</p>
433	well_formed_wiki_name_rules();
434	form_begin(0, "%R/wikinew");
435	@ <p>Name of new wiki page:
436	@ <input style="width: 35;" type="text" name="name" value="%h(zName)" />
437	@ <input type="submit" value="Create" />
438	@ </p></form>
439	if( zName[0] ){
	@@ -455,10 +474,11 @@
474	char *zTag;
475	int rid = 0;
476	int isSandbox;
477	const char *zPageName;
478	const char *zUser;
479	int goodCaptcha = 1;
480
481	login_check_credentials();
482	zPageName = PD("name","");
483	if( check_name(zPageName) ) return;
484	isSandbox = is_sandbox(zPageName);
	@@ -477,11 +497,13 @@
497	}
498	if( !g.perm.ApndWiki ){
499	login_needed();
500	return;
501	}
502	if( P("submit")!=0 && P("r")!=0 && P("u")!=0
503	&& (goodCaptcha = captcha_is_correct())
504	){
505	char *zDate;
506	Blob cksum;
507	Blob body;
508	Blob wiki;
509	Manifest *pWiki = 0;
	@@ -525,10 +547,13 @@
547	cgi_redirectf("wiki?name=%T", zPageName);
548	return;
549	}
550	style_set_current_page("%s?name=%T", g.zPath, zPageName);
551	style_header("Append Comment To: %s", zPageName);
552	if( !goodCaptcha ){
553	@ <p class="generalError">Error: Incorrect security code.</p>
554	}
555	if( P("preview")!=0 ){
556	Blob preview;
557	blob_zero(&preview);
558	appendRemark(&preview);
559	@ Preview:<hr>
	@@ -535,11 +560,11 @@
560	wiki_convert(&preview, 0, 0);
561	@ <hr>
562	blob_reset(&preview);
563	}
564	zUser = PD("u", g.zLogin);
565	form_begin(0, "%R/wikiappend");
566	login_insert_csrf_secret();
567	@ <input type="hidden" name="name" value="%h(zPageName)" />
568	@ Your Name:
569	@ <input type="text" name="u" size="20" value="%h(zUser)" /><br />
570	@ Comment to append:<br />
	@@ -547,10 +572,11 @@
572	@ rows="10" wrap="virtual">%h(PD("r",""))</textarea>
573	@ <br />
574	@ <input type="submit" name="preview" value="Preview Your Comment" />
575	@ <input type="submit" name="submit" value="Append Your Changes" />
576	@ <input type="submit" name="cancel" value="Cancel" />
577	captcha_generate();
578	@ </form>
579	style_footer();
580	}
581
582	/*
583

M src/wikiformat.c

+88 -56

		--- src/wikiformat.c
		+++ src/wikiformat.c
		@@ -23,17 +23,16 @@
23	23
24	24	#if INTERFACE
25	25	/*
26	26	** Allowed wiki transformation operations
27	27	*/
28		-#define WIKI_NOFOLLOW 0x001
29		-#define WIKI_HTML 0x002
30		-#define WIKI_INLINE 0x004 /* Do not surround with <p>..</p> */
31		-#define WIKI_NOBLOCK 0x008 /* No block markup of any kind */
32		-#define WIKI_BUTTONS 0x010 /* Allow sub-menu buttons */
33		-#define WIKI_NOBADLINKS 0x020 /* Ignore broken hyperlinks */
34		-#define WIKI_DECORATEONLY 0x040 /* No markup. Only decorate links */
	28	+#define WIKI_HTMLONLY 0x001 /* HTML markup only. No wiki */
	29	+#define WIKI_INLINE 0x002 /* Do not surround with <p>..</p> */
	30	+#define WIKI_NOBLOCK 0x004 /* No block markup of any kind */
	31	+#define WIKI_BUTTONS 0x008 /* Allow sub-menu buttons */
	32	+#define WIKI_NOBADLINKS 0x010 /* Ignore broken hyperlinks */
	33	+#define WIKI_LINKSONLY 0x020 /* No markup. Only decorate links */
35	34	#endif
36	35
37	36
38	37	/*
39	38	** These are the only markup attributes allowed.
		@@ -386,14 +385,14 @@
386	385	** State flags. Save the lower 16 bits for the WIKI_* flags.
387	386	*/
388	387	#define AT_NEWLINE 0x0010000 /* At start of a line */
389	388	#define AT_PARAGRAPH 0x0020000 /* At start of a paragraph */
390	389	#define ALLOW_WIKI 0x0040000 /* Allow wiki markup */
391		-#define FONT_MARKUP_ONLY 0x0080000 /* Only allow MUTYPE_FONT markup */
392		-#define INLINE_MARKUP_ONLY 0x0100000 /* Allow only "inline" markup */
393		-#define IN_LIST 0x0200000 /* Within wiki <ul> or <ol> */
394		-#define WIKI_USE_HTML 0x0400000 /* wiki-use-html option = on */
	390	+#define ALLOW_LINKS 0x0080000 /* Allow [...] hyperlinks */
	391	+#define FONT_MARKUP_ONLY 0x0100000 /* Only allow MUTYPE_FONT markup */
	392	+#define INLINE_MARKUP_ONLY 0x0200000 /* Allow only "inline" markup */
	393	+#define IN_LIST 0x0400000 /* Within wiki <ul> or <ol> */
395	394
396	395	/*
397	396	** Current state of the rendering engine
398	397	*/
399	398	typedef struct Renderer Renderer;
		@@ -487,18 +486,27 @@
487	486	** <
488	487	** &
489	488	** \n
490	489	** [
491	490	**
492		-** The "[" and "\n" are only considered interesting if the "useWiki"
493		-** flag is set.
	491	+** The "[" is only considered if flags contain ALLOW_LINKS or ALLOW_WIKI.
	492	+** The "\n" is only considered interesting if the flags constains ALLOW_WIKI.
494	493	*/
495		-static int textLength(const char *z, int useWiki){
	494	+static int textLength(const char *z, int flags){
496	495	int n = 0;
497		- int c;
498		- while( (c = z[0])!=0 && c!='<' && c!='&' &&
499		- (useWiki==0 \|\| (c!='[' && c!='\n')) ){
	496	+ int c, x1, x2;
	497	+
	498	+ if( flags & ALLOW_WIKI ){
	499	+ x1 = '[';
	500	+ x2 = '\n';
	501	+ }else if( flags & ALLOW_LINKS ){
	502	+ x1 = '[';
	503	+ x2 = 0;
	504	+ }else{
	505	+ x1 = x2 = 0;
	506	+ }
	507	+ while( (c = z[0])!=0 && c!='<' && c!='&' && c!=x1 && c!=x2 ){
500	508	n++;
501	509	z++;
502	510	}
503	511	return n;
504	512	}
		@@ -671,13 +679,16 @@
671	679	}
672	680	if( z[0]=='[' && (n = linkLength(z))>0 ){
673	681	*pTokenType = TOKEN_LINK;
674	682	return n;
675	683	}
	684	+ }else if( (p->state & ALLOW_LINKS)!=0 && z[0]=='[' && (n = linkLength(z))>0 ){
	685	+ *pTokenType = TOKEN_LINK;
	686	+ return n;
676	687	}
677	688	*pTokenType = TOKEN_TEXT;
678		- return 1 + textLength(z+1, p->state & ALLOW_WIKI);
	689	+ return 1 + textLength(z+1, p->state);
679	690	}
680	691
681	692	/*
682	693	** Parse only Wiki links, return everything else as TOKEN_RAW.
683	694	**
		@@ -985,10 +996,11 @@
985	996	/*
986	997	** Begin a new paragraph if that something that is needed.
987	998	*/
988	999	static void startAutoParagraph(Renderer *p){
989	1000	if( p->wantAutoParagraph==0 ) return;
	1001	+ if( p->state & WIKI_LINKSONLY ) return;
990	1002	if( p->wikiList==MARKUP_OL \|\| p->wikiList==MARKUP_UL ) return;
991	1003	blob_appendf(p->pOut, "<p>", -1);
992	1004	pushStack(p, MARKUP_P);
993	1005	p->wantAutoParagraph = 0;
994	1006	p->inAutoParagraph = 1;
		@@ -1084,18 +1096,20 @@
1084	1096	/*
1085	1097	** Return a pointer to the name part of zTarget (skipping the "wiki:" prefix
1086	1098	** if there is one) if zTarget is a valid wiki page name. Return NULL if
1087	1099	** zTarget names a page that does not exist.
1088	1100	*/
1089		-static const char validWikiPageName(const char zTarget){
	1101	+static const char validWikiPageName(Renderer p, const char *zTarget){
1090	1102	if( strncmp(zTarget, "wiki:", 5)==0
1091	1103	&& wiki_name_is_wellformed((const unsigned char*)zTarget) ){
1092	1104	return zTarget+5;
1093	1105	}
1094	1106	if( strcmp(zTarget, "Sandbox")==0 ) return zTarget;
1095	1107	if( wiki_name_is_wellformed((const unsigned char *)zTarget)
1096		- && db_exists("SELECT 1 FROM tag WHERE tagname GLOB 'wiki-%q'", zTarget) ){
	1108	+ && ((p->state & WIKI_NOBADLINKS)==0 \|\|
	1109	+ db_exists("SELECT 1 FROM tag WHERE tagname GLOB 'wiki-%q'", zTarget))
	1110	+ ){
1097	1111	return zTarget;
1098	1112	}
1099	1113	return 0;
1100	1114	}
1101	1115
		@@ -1145,19 +1159,14 @@
1145	1159	\|\| strncmp(zTarget, "https:", 6)==0
1146	1160	\|\| strncmp(zTarget, "ftp:", 4)==0
1147	1161	\|\| strncmp(zTarget, "mailto:", 7)==0
1148	1162	){
1149	1163	blob_appendf(p->pOut, "<a href=\"%s\">", zTarget);
1150		- /* zTerm = "⟾</a>"; // doesn't work on windows */
1151	1164	}else if( zTarget[0]=='/' ){
1152	1165	blob_appendf(p->pOut, "<a href=\"%s%h\">", g.zTop, zTarget);
1153	1166	}else if( zTarget[0]=='.' \|\| zTarget[0]=='#' ){
1154		- if( 1 ){
1155		- blob_appendf(p->pOut, "<a href=\"%h\">", zTarget);
1156		- }else{
1157		- zTerm = "";
1158		- }
	1167	+ blob_appendf(p->pOut, "<a href=\"%h\">", zTarget);
1159	1168	}else if( is_valid_uuid(zTarget) ){
1160	1169	int isClosed = 0;
1161	1170	if( is_ticket(zTarget, &isClosed) ){
1162	1171	/* Special display processing for tickets. Display the hyperlink
1163	1172	** as crossed out if the ticket is closed.
		@@ -1181,11 +1190,11 @@
1181	1190	blob_appendf(p->pOut, "[");
1182	1191	zTerm = "]";
1183	1192	}
1184	1193	}
1185	1194	}else if( !in_this_repo(zTarget) ){
1186		- if( (p->state & (WIKI_DECORATEONLY\|WIKI_NOBADLINKS))!=0 ){
	1195	+ if( (p->state & (WIKI_LINKSONLY\|WIKI_NOBADLINKS))!=0 ){
1187	1196	zTerm = "";
1188	1197	}else{
1189	1198	blob_appendf(p->pOut, "<span class=\"brokenlink\">[", zTarget);
1190	1199	zTerm = "]</span>";
1191	1200	}
		@@ -1194,16 +1203,16 @@
1194	1203	zTerm = "]</a>";
1195	1204	}
1196	1205	}else if( strlen(zTarget)>=10 && fossil_isdigit(zTarget[0]) && zTarget[4]=='-'
1197	1206	&& db_int(0, "SELECT datetime(%Q) NOT NULL", zTarget) ){
1198	1207	blob_appendf(p->pOut, "<a href=\"%R/timeline?c=%T\">", zTarget);
1199		- }else if( (z = validWikiPageName(zTarget))!=0 ){
	1208	+ }else if( (z = validWikiPageName(p, zTarget))!=0 ){
1200	1209	blob_appendf(p->pOut, "<a href=\"%R/wiki?name=%T\">", z);
1201	1210	}else if( zTarget>=&zOrig[2] && !fossil_isspace(zTarget[-2]) ){
1202	1211	/* Probably an array subscript in code */
1203	1212	zTerm = "";
1204		- }else if( (p->state & (WIKI_NOBADLINKS\|WIKI_DECORATEONLY))!=0 ){
	1213	+ }else if( (p->state & (WIKI_NOBADLINKS\|WIKI_LINKSONLY))!=0 ){
1205	1214	zTerm = "";
1206	1215	}else{
1207	1216	blob_appendf(p->pOut, "<span class=\"brokenlink\">[%h]", zTarget);
1208	1217	zTerm = "</span>";
1209	1218	}
		@@ -1243,19 +1252,20 @@
1243	1252	static void wiki_render(Renderer p, char z){
1244	1253	int tokenType;
1245	1254	ParsedMarkup markup;
1246	1255	int n;
1247	1256	int inlineOnly = (p->state & INLINE_MARKUP_ONLY)!=0;
1248		- int wikiUseHtml = (p->state & WIKI_USE_HTML)!=0;
	1257	+ int wikiHtmlOnly = (p->state & (WIKI_HTMLONLY \| WIKI_LINKSONLY))!=0;
	1258	+ int linksOnly = (p->state & WIKI_LINKSONLY)!=0;
1249	1259	char *zOrig = z;
1250	1260
1251	1261	/* Make sure the attribute constants and names still align
1252	1262	** following changes in the attribute list. */
1253	1263	assert( fossil_strcmp(aAttribute[ATTR_WIDTH].zName, "width")==0 );
1254	1264
1255	1265	while( z[0] ){
1256		- if( wikiUseHtml ){
	1266	+ if( wikiHtmlOnly ){
1257	1267	n = nextRawToken(z, p, &tokenType);
1258	1268	}else{
1259	1269	n = nextWikiToken(z, p, &tokenType);
1260	1270	}
1261	1271	p->state &= ~(AT_NEWLINE\|AT_PARAGRAPH);
		@@ -1372,33 +1382,37 @@
1372	1382	startAutoParagraph(p);
1373	1383	zTarget = &z[1];
1374	1384	for(i=1; z[i] && z[i]!=']'; i++){
1375	1385	if( z[i]=='\|' && zDisplay==0 ){
1376	1386	zDisplay = &z[i+1];
1377		- iS1 = i;
1378		- cS1 = z[i];
1379		- z[i] = 0;
1380		- for(j=i-1; j>0 && fossil_isspace(z[j]); j--){ z[j] = 0; }
	1387	+ for(j=i; j>0 && fossil_isspace(z[j-1]); j--){}
	1388	+ iS1 = j;
	1389	+ cS1 = z[j];
	1390	+ z[j] = 0;
1381	1391	}
1382	1392	}
1383	1393	z[i] = 0;
1384	1394	if( zDisplay==0 ){
1385	1395	zDisplay = zTarget;
1386	1396	}else{
1387	1397	while( fossil_isspace(*zDisplay) ) zDisplay++;
1388	1398	}
1389	1399	openHyperlink(p, zTarget, zClose, sizeof(zClose), zOrig);
1390		- if( zClose[0] ){
	1400	+ if( linksOnly \|\| zClose[0]==0 \|\| p->inVerbatim ){
	1401	+ if( cS1 ) z[iS1] = cS1;
	1402	+ if( zClose[0]!=']' ){
	1403	+ blob_appendf(p->pOut, "[%h]%s", zTarget, zClose);
	1404	+ }else{
	1405	+ blob_appendf(p->pOut, "%h%s", zTarget, zClose);
	1406	+ }
	1407	+ }else{
1391	1408	savedState = p->state;
1392	1409	p->state &= ~ALLOW_WIKI;
1393	1410	p->state \|= FONT_MARKUP_ONLY;
1394	1411	wiki_render(p, zDisplay);
1395	1412	p->state = savedState;
1396	1413	blob_append(p->pOut, zClose, -1);
1397		- }else{
1398		- if( cS1 ) z[iS1] = cS1;
1399		- blob_appendf(p->pOut, "[%h]", zTarget);
1400	1414	}
1401	1415	break;
1402	1416	}
1403	1417	case TOKEN_TEXT: {
1404	1418	int i;
		@@ -1406,11 +1420,15 @@
1406	1420	if( i<n ) startAutoParagraph(p);
1407	1421	blob_append(p->pOut, z, n);
1408	1422	break;
1409	1423	}
1410	1424	case TOKEN_RAW: {
1411		- blob_append(p->pOut, z, n);
	1425	+ if( linksOnly ){
	1426	+ htmlize_to_blob(p->pOut, z, n);
	1427	+ }else{
	1428	+ blob_append(p->pOut, z, n);
	1429	+ }
1412	1430	break;
1413	1431	}
1414	1432	case TOKEN_MARKUP: {
1415	1433	const char *zId;
1416	1434	int iDiv;
		@@ -1501,22 +1519,26 @@
1501	1519	/* Enter <verbatim> processing. With verbatim enabled, all other
1502	1520	** markup other than the corresponding end-tag with the same ID is
1503	1521	** ignored.
1504	1522	*/
1505	1523	if( markup.iCode==MARKUP_VERBATIM ){
1506		- int vAttrIdx, vAttrDidAppend=0;
	1524	+ int ii, vAttrDidAppend=0;
1507	1525	p->zVerbatimId = 0;
1508	1526	p->inVerbatim = 1;
1509	1527	p->preVerbState = p->state;
1510	1528	p->state &= ~ALLOW_WIKI;
1511		- for (vAttrIdx = 0; vAttrIdx < markup.nAttr; vAttrIdx++){
1512		- if( markup.aAttr[vAttrIdx].iACode == ATTR_ID ){
1513		- p->zVerbatimId = markup.aAttr[0].zValue;
1514		- }else if( markup.aAttr[vAttrIdx].iACode == ATTR_TYPE ){
1515		- blob_appendf(p->pOut, "<pre name='code' class='%s'>",
1516		- markup.aAttr[vAttrIdx].zValue);
1517		- vAttrDidAppend=1;
	1529	+ for(ii=0; ii<markup.nAttr; ii++){
	1530	+ if( markup.aAttr[ii].iACode == ATTR_ID ){
	1531	+ p->zVerbatimId = markup.aAttr[ii].zValue;
	1532	+ }else if( markup.aAttr[ii].iACode == ATTR_TYPE ){
	1533	+ if( fossil_stricmp(markup.aAttr[ii].zValue, "allow-links")==0 ){
	1534	+ p->state \|= ALLOW_LINKS;
	1535	+ }else{
	1536	+ blob_appendf(p->pOut, "<pre name='code' class='%s'>",
	1537	+ markup.aAttr[ii].zValue);
	1538	+ vAttrDidAppend=1;
	1539	+ }
1518	1540	}
1519	1541	}
1520	1542	if( !vAttrDidAppend ) {
1521	1543	endAutoParagraph(p);
1522	1544	blob_append(p->pOut, "<pre class='verbatim'>",-1);
		@@ -1592,13 +1614,10 @@
1592	1614	** reply.
1593	1615	*/
1594	1616	void wiki_convert(Blob pIn, Blob pOut, int flags){
1595	1617	Renderer renderer;
1596	1618
1597		- /* Never show bad hyperlinks */
1598		- flags \|= WIKI_NOBADLINKS;
1599		-
1600	1619	memset(&renderer, 0, sizeof(renderer));
1601	1620	renderer.renderFlags = flags;
1602	1621	renderer.state = ALLOW_WIKI\|AT_NEWLINE\|AT_PARAGRAPH\|flags;
1603	1622	if( flags & WIKI_NOBLOCK ){
1604	1623	renderer.state \|= INLINE_MARKUP_ONLY;
		@@ -1607,24 +1626,26 @@
1607	1626	renderer.wantAutoParagraph = 0;
1608	1627	}else{
1609	1628	renderer.wantAutoParagraph = 1;
1610	1629	}
1611	1630	if( wikiUsesHtml() ){
1612		- renderer.state \|= WIKI_USE_HTML;
	1631	+ renderer.state \|= WIKI_HTMLONLY;
1613	1632	}
1614	1633	if( pOut ){
1615	1634	renderer.pOut = pOut;
1616	1635	}else{
1617	1636	renderer.pOut = cgi_output_blob();
1618	1637	}
1619	1638
1620	1639	blob_strip_bom(pIn, 0);
	1640	+ if( flags & WIKI_LINKSONLY ) blob_append(renderer.pOut, "<pre>", 5);
1621	1641	wiki_render(&renderer, blob_str(pIn));
1622	1642	endAutoParagraph(&renderer);
1623	1643	while( renderer.nStack ){
1624	1644	popStack(&renderer);
1625	1645	}
	1646	+ if( flags & WIKI_LINKSONLY ) blob_append(renderer.pOut, "</pre>", 5);
1626	1647	blob_append(renderer.pOut, "\n", 1);
1627	1648	free(renderer.aStack);
1628	1649	}
1629	1650
1630	1651	/*
		@@ -1632,15 +1653,26 @@
1632	1653	**
1633	1654	** %fossil test-wiki-render FILE [OPTIONS]
1634	1655	**
1635	1656	** Options:
1636	1657	** --buttons Set the WIKI_BUTTONS flag
	1658	+** --htmlonly Set the WIKI_HTMLONLY flag
	1659	+** --linksonly Set the WIKI_LINKSONLY flag
	1660	+** --nobadlinks Set the WIKI_NOBADLINKS flag
	1661	+** --inline Set the WIKI_INLINE flag
	1662	+** --noblock Set the WIKI_NOBLOCK flag
1637	1663	*/
1638	1664	void test_wiki_render(void){
1639	1665	Blob in, out;
1640	1666	int flags = 0;
1641	1667	if( find_option("buttons",0,0)!=0 ) flags \|= WIKI_BUTTONS;
	1668	+ if( find_option("htmlonly",0,0)!=0 ) flags \|= WIKI_HTMLONLY;
	1669	+ if( find_option("linksonly",0,0)!=0 ) flags \|= WIKI_LINKSONLY;
	1670	+ if( find_option("nobadlinks",0,0)!=0 ) flags \|= WIKI_NOBADLINKS;
	1671	+ if( find_option("inline",0,0)!=0 ) flags \|= WIKI_INLINE;
	1672	+ if( find_option("noblock",0,0)!=0 ) flags \|= WIKI_NOBLOCK;
	1673	+ db_find_and_open_repository(0,0);
1642	1674	verify_all_options();
1643	1675	if( g.argc!=3 ) usage("FILE");
1644	1676	blob_zero(&out);
1645	1677	blob_read_from_file(&in, g.argv[2]);
1646	1678	wiki_convert(&in, &out, flags);
		@@ -1695,29 +1727,29 @@
1695	1727	Renderer renderer;
1696	1728	int tokenType;
1697	1729	ParsedMarkup markup;
1698	1730	int n;
1699	1731	int inlineOnly;
1700		- int wikiUseHtml = 0;
	1732	+ int wikiHtmlOnly = 0;
1701	1733
1702	1734	memset(&renderer, 0, sizeof(renderer));
1703	1735	renderer.state = ALLOW_WIKI\|AT_NEWLINE\|AT_PARAGRAPH;
1704	1736	if( flags & WIKI_NOBLOCK ){
1705	1737	renderer.state \|= INLINE_MARKUP_ONLY;
1706	1738	}
1707	1739	if( wikiUsesHtml() ){
1708		- renderer.state \|= WIKI_USE_HTML;
1709		- wikiUseHtml = 1;
	1740	+ renderer.state \|= WIKI_HTMLONLY;
	1741	+ wikiHtmlOnly = 1;
1710	1742	}
1711	1743	inlineOnly = (renderer.state & INLINE_MARKUP_ONLY)!=0;
1712	1744	if( replaceFlag ){
1713	1745	db_multi_exec("DELETE FROM backlink WHERE srctype=%d AND srcid=%d",
1714	1746	srctype, srcid);
1715	1747	}
1716	1748
1717	1749	while( z[0] ){
1718		- if( wikiUseHtml ){
	1750	+ if( wikiHtmlOnly ){
1719	1751	n = nextRawToken(z, &renderer, &tokenType);
1720	1752	}else{
1721	1753	n = nextWikiToken(z, &renderer, &tokenType);
1722	1754	}
1723	1755	switch( tokenType ){
1724	1756

	--- src/wikiformat.c
	+++ src/wikiformat.c
	@@ -23,17 +23,16 @@
23
24	#if INTERFACE
25	/*
26	** Allowed wiki transformation operations
27	*/
28	#define WIKI_NOFOLLOW 0x001
29	#define WIKI_HTML 0x002
30	#define WIKI_INLINE 0x004 /* Do not surround with <p>..</p> */
31	#define WIKI_NOBLOCK 0x008 /* No block markup of any kind */
32	#define WIKI_BUTTONS 0x010 /* Allow sub-menu buttons */
33	#define WIKI_NOBADLINKS 0x020 /* Ignore broken hyperlinks */
34	#define WIKI_DECORATEONLY 0x040 /* No markup. Only decorate links */
35	#endif
36
37
38	/*
39	** These are the only markup attributes allowed.
	@@ -386,14 +385,14 @@
386	** State flags. Save the lower 16 bits for the WIKI_* flags.
387	*/
388	#define AT_NEWLINE 0x0010000 /* At start of a line */
389	#define AT_PARAGRAPH 0x0020000 /* At start of a paragraph */
390	#define ALLOW_WIKI 0x0040000 /* Allow wiki markup */
391	#define FONT_MARKUP_ONLY 0x0080000 /* Only allow MUTYPE_FONT markup */
392	#define INLINE_MARKUP_ONLY 0x0100000 /* Allow only "inline" markup */
393	#define IN_LIST 0x0200000 /* Within wiki <ul> or <ol> */
394	#define WIKI_USE_HTML 0x0400000 /* wiki-use-html option = on */
395
396	/*
397	** Current state of the rendering engine
398	*/
399	typedef struct Renderer Renderer;
	@@ -487,18 +486,27 @@
487	** <
488	** &
489	** \n
490	** [
491	**
492	** The "[" and "\n" are only considered interesting if the "useWiki"
493	** flag is set.
494	*/
495	static int textLength(const char *z, int useWiki){
496	int n = 0;
497	int c;
498	while( (c = z[0])!=0 && c!='<' && c!='&' &&
499	(useWiki==0 \|\| (c!='[' && c!='\n')) ){









500	n++;
501	z++;
502	}
503	return n;
504	}
	@@ -671,13 +679,16 @@
671	}
672	if( z[0]=='[' && (n = linkLength(z))>0 ){
673	*pTokenType = TOKEN_LINK;
674	return n;
675	}



676	}
677	*pTokenType = TOKEN_TEXT;
678	return 1 + textLength(z+1, p->state & ALLOW_WIKI);
679	}
680
681	/*
682	** Parse only Wiki links, return everything else as TOKEN_RAW.
683	**
	@@ -985,10 +996,11 @@
985	/*
986	** Begin a new paragraph if that something that is needed.
987	*/
988	static void startAutoParagraph(Renderer *p){
989	if( p->wantAutoParagraph==0 ) return;

990	if( p->wikiList==MARKUP_OL \|\| p->wikiList==MARKUP_UL ) return;
991	blob_appendf(p->pOut, "<p>", -1);
992	pushStack(p, MARKUP_P);
993	p->wantAutoParagraph = 0;
994	p->inAutoParagraph = 1;
	@@ -1084,18 +1096,20 @@
1084	/*
1085	** Return a pointer to the name part of zTarget (skipping the "wiki:" prefix
1086	** if there is one) if zTarget is a valid wiki page name. Return NULL if
1087	** zTarget names a page that does not exist.
1088	*/
1089	static const char validWikiPageName(const char zTarget){
1090	if( strncmp(zTarget, "wiki:", 5)==0
1091	&& wiki_name_is_wellformed((const unsigned char*)zTarget) ){
1092	return zTarget+5;
1093	}
1094	if( strcmp(zTarget, "Sandbox")==0 ) return zTarget;
1095	if( wiki_name_is_wellformed((const unsigned char *)zTarget)
1096	&& db_exists("SELECT 1 FROM tag WHERE tagname GLOB 'wiki-%q'", zTarget) ){


1097	return zTarget;
1098	}
1099	return 0;
1100	}
1101
	@@ -1145,19 +1159,14 @@
1145	\|\| strncmp(zTarget, "https:", 6)==0
1146	\|\| strncmp(zTarget, "ftp:", 4)==0
1147	\|\| strncmp(zTarget, "mailto:", 7)==0
1148	){
1149	blob_appendf(p->pOut, "<a href=\"%s\">", zTarget);
1150	/* zTerm = "⟾</a>"; // doesn't work on windows */
1151	}else if( zTarget[0]=='/' ){
1152	blob_appendf(p->pOut, "<a href=\"%s%h\">", g.zTop, zTarget);
1153	}else if( zTarget[0]=='.' \|\| zTarget[0]=='#' ){
1154	if( 1 ){
1155	blob_appendf(p->pOut, "<a href=\"%h\">", zTarget);
1156	}else{
1157	zTerm = "";
1158	}
1159	}else if( is_valid_uuid(zTarget) ){
1160	int isClosed = 0;
1161	if( is_ticket(zTarget, &isClosed) ){
1162	/* Special display processing for tickets. Display the hyperlink
1163	** as crossed out if the ticket is closed.
	@@ -1181,11 +1190,11 @@
1181	blob_appendf(p->pOut, "[");
1182	zTerm = "]";
1183	}
1184	}
1185	}else if( !in_this_repo(zTarget) ){
1186	if( (p->state & (WIKI_DECORATEONLY\|WIKI_NOBADLINKS))!=0 ){
1187	zTerm = "";
1188	}else{
1189	blob_appendf(p->pOut, "<span class=\"brokenlink\">[", zTarget);
1190	zTerm = "]</span>";
1191	}
	@@ -1194,16 +1203,16 @@
1194	zTerm = "]</a>";
1195	}
1196	}else if( strlen(zTarget)>=10 && fossil_isdigit(zTarget[0]) && zTarget[4]=='-'
1197	&& db_int(0, "SELECT datetime(%Q) NOT NULL", zTarget) ){
1198	blob_appendf(p->pOut, "<a href=\"%R/timeline?c=%T\">", zTarget);
1199	}else if( (z = validWikiPageName(zTarget))!=0 ){
1200	blob_appendf(p->pOut, "<a href=\"%R/wiki?name=%T\">", z);
1201	}else if( zTarget>=&zOrig[2] && !fossil_isspace(zTarget[-2]) ){
1202	/* Probably an array subscript in code */
1203	zTerm = "";
1204	}else if( (p->state & (WIKI_NOBADLINKS\|WIKI_DECORATEONLY))!=0 ){
1205	zTerm = "";
1206	}else{
1207	blob_appendf(p->pOut, "<span class=\"brokenlink\">[%h]", zTarget);
1208	zTerm = "</span>";
1209	}
	@@ -1243,19 +1252,20 @@
1243	static void wiki_render(Renderer p, char z){
1244	int tokenType;
1245	ParsedMarkup markup;
1246	int n;
1247	int inlineOnly = (p->state & INLINE_MARKUP_ONLY)!=0;
1248	int wikiUseHtml = (p->state & WIKI_USE_HTML)!=0;

1249	char *zOrig = z;
1250
1251	/* Make sure the attribute constants and names still align
1252	** following changes in the attribute list. */
1253	assert( fossil_strcmp(aAttribute[ATTR_WIDTH].zName, "width")==0 );
1254
1255	while( z[0] ){
1256	if( wikiUseHtml ){
1257	n = nextRawToken(z, p, &tokenType);
1258	}else{
1259	n = nextWikiToken(z, p, &tokenType);
1260	}
1261	p->state &= ~(AT_NEWLINE\|AT_PARAGRAPH);
	@@ -1372,33 +1382,37 @@
1372	startAutoParagraph(p);
1373	zTarget = &z[1];
1374	for(i=1; z[i] && z[i]!=']'; i++){
1375	if( z[i]=='\|' && zDisplay==0 ){
1376	zDisplay = &z[i+1];
1377	iS1 = i;
1378	cS1 = z[i];
1379	z[i] = 0;
1380	for(j=i-1; j>0 && fossil_isspace(z[j]); j--){ z[j] = 0; }
1381	}
1382	}
1383	z[i] = 0;
1384	if( zDisplay==0 ){
1385	zDisplay = zTarget;
1386	}else{
1387	while( fossil_isspace(*zDisplay) ) zDisplay++;
1388	}
1389	openHyperlink(p, zTarget, zClose, sizeof(zClose), zOrig);
1390	if( zClose[0] ){







1391	savedState = p->state;
1392	p->state &= ~ALLOW_WIKI;
1393	p->state \|= FONT_MARKUP_ONLY;
1394	wiki_render(p, zDisplay);
1395	p->state = savedState;
1396	blob_append(p->pOut, zClose, -1);
1397	}else{
1398	if( cS1 ) z[iS1] = cS1;
1399	blob_appendf(p->pOut, "[%h]", zTarget);
1400	}
1401	break;
1402	}
1403	case TOKEN_TEXT: {
1404	int i;
	@@ -1406,11 +1420,15 @@
1406	if( i<n ) startAutoParagraph(p);
1407	blob_append(p->pOut, z, n);
1408	break;
1409	}
1410	case TOKEN_RAW: {
1411	blob_append(p->pOut, z, n);




1412	break;
1413	}
1414	case TOKEN_MARKUP: {
1415	const char *zId;
1416	int iDiv;
	@@ -1501,22 +1519,26 @@
1501	/* Enter <verbatim> processing. With verbatim enabled, all other
1502	** markup other than the corresponding end-tag with the same ID is
1503	** ignored.
1504	*/
1505	if( markup.iCode==MARKUP_VERBATIM ){
1506	int vAttrIdx, vAttrDidAppend=0;
1507	p->zVerbatimId = 0;
1508	p->inVerbatim = 1;
1509	p->preVerbState = p->state;
1510	p->state &= ~ALLOW_WIKI;
1511	for (vAttrIdx = 0; vAttrIdx < markup.nAttr; vAttrIdx++){
1512	if( markup.aAttr[vAttrIdx].iACode == ATTR_ID ){
1513	p->zVerbatimId = markup.aAttr[0].zValue;
1514	}else if( markup.aAttr[vAttrIdx].iACode == ATTR_TYPE ){
1515	blob_appendf(p->pOut, "<pre name='code' class='%s'>",
1516	markup.aAttr[vAttrIdx].zValue);
1517	vAttrDidAppend=1;




1518	}
1519	}
1520	if( !vAttrDidAppend ) {
1521	endAutoParagraph(p);
1522	blob_append(p->pOut, "<pre class='verbatim'>",-1);
	@@ -1592,13 +1614,10 @@
1592	** reply.
1593	*/
1594	void wiki_convert(Blob pIn, Blob pOut, int flags){
1595	Renderer renderer;
1596
1597	/* Never show bad hyperlinks */
1598	flags \|= WIKI_NOBADLINKS;
1599
1600	memset(&renderer, 0, sizeof(renderer));
1601	renderer.renderFlags = flags;
1602	renderer.state = ALLOW_WIKI\|AT_NEWLINE\|AT_PARAGRAPH\|flags;
1603	if( flags & WIKI_NOBLOCK ){
1604	renderer.state \|= INLINE_MARKUP_ONLY;
	@@ -1607,24 +1626,26 @@
1607	renderer.wantAutoParagraph = 0;
1608	}else{
1609	renderer.wantAutoParagraph = 1;
1610	}
1611	if( wikiUsesHtml() ){
1612	renderer.state \|= WIKI_USE_HTML;
1613	}
1614	if( pOut ){
1615	renderer.pOut = pOut;
1616	}else{
1617	renderer.pOut = cgi_output_blob();
1618	}
1619
1620	blob_strip_bom(pIn, 0);

1621	wiki_render(&renderer, blob_str(pIn));
1622	endAutoParagraph(&renderer);
1623	while( renderer.nStack ){
1624	popStack(&renderer);
1625	}

1626	blob_append(renderer.pOut, "\n", 1);
1627	free(renderer.aStack);
1628	}
1629
1630	/*
	@@ -1632,15 +1653,26 @@
1632	**
1633	** %fossil test-wiki-render FILE [OPTIONS]
1634	**
1635	** Options:
1636	** --buttons Set the WIKI_BUTTONS flag





1637	*/
1638	void test_wiki_render(void){
1639	Blob in, out;
1640	int flags = 0;
1641	if( find_option("buttons",0,0)!=0 ) flags \|= WIKI_BUTTONS;






1642	verify_all_options();
1643	if( g.argc!=3 ) usage("FILE");
1644	blob_zero(&out);
1645	blob_read_from_file(&in, g.argv[2]);
1646	wiki_convert(&in, &out, flags);
	@@ -1695,29 +1727,29 @@
1695	Renderer renderer;
1696	int tokenType;
1697	ParsedMarkup markup;
1698	int n;
1699	int inlineOnly;
1700	int wikiUseHtml = 0;
1701
1702	memset(&renderer, 0, sizeof(renderer));
1703	renderer.state = ALLOW_WIKI\|AT_NEWLINE\|AT_PARAGRAPH;
1704	if( flags & WIKI_NOBLOCK ){
1705	renderer.state \|= INLINE_MARKUP_ONLY;
1706	}
1707	if( wikiUsesHtml() ){
1708	renderer.state \|= WIKI_USE_HTML;
1709	wikiUseHtml = 1;
1710	}
1711	inlineOnly = (renderer.state & INLINE_MARKUP_ONLY)!=0;
1712	if( replaceFlag ){
1713	db_multi_exec("DELETE FROM backlink WHERE srctype=%d AND srcid=%d",
1714	srctype, srcid);
1715	}
1716
1717	while( z[0] ){
1718	if( wikiUseHtml ){
1719	n = nextRawToken(z, &renderer, &tokenType);
1720	}else{
1721	n = nextWikiToken(z, &renderer, &tokenType);
1722	}
1723	switch( tokenType ){
1724

	--- src/wikiformat.c
	+++ src/wikiformat.c
	@@ -23,17 +23,16 @@
23
24	#if INTERFACE
25	/*
26	** Allowed wiki transformation operations
27	*/
28	#define WIKI_HTMLONLY 0x001 /* HTML markup only. No wiki */
29	#define WIKI_INLINE 0x002 /* Do not surround with <p>..</p> */
30	#define WIKI_NOBLOCK 0x004 /* No block markup of any kind */
31	#define WIKI_BUTTONS 0x008 /* Allow sub-menu buttons */
32	#define WIKI_NOBADLINKS 0x010 /* Ignore broken hyperlinks */
33	#define WIKI_LINKSONLY 0x020 /* No markup. Only decorate links */

34	#endif
35
36
37	/*
38	** These are the only markup attributes allowed.
	@@ -386,14 +385,14 @@
385	** State flags. Save the lower 16 bits for the WIKI_* flags.
386	*/
387	#define AT_NEWLINE 0x0010000 /* At start of a line */
388	#define AT_PARAGRAPH 0x0020000 /* At start of a paragraph */
389	#define ALLOW_WIKI 0x0040000 /* Allow wiki markup */
390	#define ALLOW_LINKS 0x0080000 /* Allow [...] hyperlinks */
391	#define FONT_MARKUP_ONLY 0x0100000 /* Only allow MUTYPE_FONT markup */
392	#define INLINE_MARKUP_ONLY 0x0200000 /* Allow only "inline" markup */
393	#define IN_LIST 0x0400000 /* Within wiki <ul> or <ol> */
394
395	/*
396	** Current state of the rendering engine
397	*/
398	typedef struct Renderer Renderer;
	@@ -487,18 +486,27 @@
486	** <
487	** &
488	** \n
489	** [
490	**
491	** The "[" is only considered if flags contain ALLOW_LINKS or ALLOW_WIKI.
492	** The "\n" is only considered interesting if the flags constains ALLOW_WIKI.
493	*/
494	static int textLength(const char *z, int flags){
495	int n = 0;
496	int c, x1, x2;
497
498	if( flags & ALLOW_WIKI ){
499	x1 = '[';
500	x2 = '\n';
501	}else if( flags & ALLOW_LINKS ){
502	x1 = '[';
503	x2 = 0;
504	}else{
505	x1 = x2 = 0;
506	}
507	while( (c = z[0])!=0 && c!='<' && c!='&' && c!=x1 && c!=x2 ){
508	n++;
509	z++;
510	}
511	return n;
512	}
	@@ -671,13 +679,16 @@
679	}
680	if( z[0]=='[' && (n = linkLength(z))>0 ){
681	*pTokenType = TOKEN_LINK;
682	return n;
683	}
684	}else if( (p->state & ALLOW_LINKS)!=0 && z[0]=='[' && (n = linkLength(z))>0 ){
685	*pTokenType = TOKEN_LINK;
686	return n;
687	}
688	*pTokenType = TOKEN_TEXT;
689	return 1 + textLength(z+1, p->state);
690	}
691
692	/*
693	** Parse only Wiki links, return everything else as TOKEN_RAW.
694	**
	@@ -985,10 +996,11 @@
996	/*
997	** Begin a new paragraph if that something that is needed.
998	*/
999	static void startAutoParagraph(Renderer *p){
1000	if( p->wantAutoParagraph==0 ) return;
1001	if( p->state & WIKI_LINKSONLY ) return;
1002	if( p->wikiList==MARKUP_OL \|\| p->wikiList==MARKUP_UL ) return;
1003	blob_appendf(p->pOut, "<p>", -1);
1004	pushStack(p, MARKUP_P);
1005	p->wantAutoParagraph = 0;
1006	p->inAutoParagraph = 1;
	@@ -1084,18 +1096,20 @@
1096	/*
1097	** Return a pointer to the name part of zTarget (skipping the "wiki:" prefix
1098	** if there is one) if zTarget is a valid wiki page name. Return NULL if
1099	** zTarget names a page that does not exist.
1100	*/
1101	static const char validWikiPageName(Renderer p, const char *zTarget){
1102	if( strncmp(zTarget, "wiki:", 5)==0
1103	&& wiki_name_is_wellformed((const unsigned char*)zTarget) ){
1104	return zTarget+5;
1105	}
1106	if( strcmp(zTarget, "Sandbox")==0 ) return zTarget;
1107	if( wiki_name_is_wellformed((const unsigned char *)zTarget)
1108	&& ((p->state & WIKI_NOBADLINKS)==0 \|\|
1109	db_exists("SELECT 1 FROM tag WHERE tagname GLOB 'wiki-%q'", zTarget))
1110	){
1111	return zTarget;
1112	}
1113	return 0;
1114	}
1115
	@@ -1145,19 +1159,14 @@
1159	\|\| strncmp(zTarget, "https:", 6)==0
1160	\|\| strncmp(zTarget, "ftp:", 4)==0
1161	\|\| strncmp(zTarget, "mailto:", 7)==0
1162	){
1163	blob_appendf(p->pOut, "<a href=\"%s\">", zTarget);

1164	}else if( zTarget[0]=='/' ){
1165	blob_appendf(p->pOut, "<a href=\"%s%h\">", g.zTop, zTarget);
1166	}else if( zTarget[0]=='.' \|\| zTarget[0]=='#' ){
1167	blob_appendf(p->pOut, "<a href=\"%h\">", zTarget);




1168	}else if( is_valid_uuid(zTarget) ){
1169	int isClosed = 0;
1170	if( is_ticket(zTarget, &isClosed) ){
1171	/* Special display processing for tickets. Display the hyperlink
1172	** as crossed out if the ticket is closed.
	@@ -1181,11 +1190,11 @@
1190	blob_appendf(p->pOut, "[");
1191	zTerm = "]";
1192	}
1193	}
1194	}else if( !in_this_repo(zTarget) ){
1195	if( (p->state & (WIKI_LINKSONLY\|WIKI_NOBADLINKS))!=0 ){
1196	zTerm = "";
1197	}else{
1198	blob_appendf(p->pOut, "<span class=\"brokenlink\">[", zTarget);
1199	zTerm = "]</span>";
1200	}
	@@ -1194,16 +1203,16 @@
1203	zTerm = "]</a>";
1204	}
1205	}else if( strlen(zTarget)>=10 && fossil_isdigit(zTarget[0]) && zTarget[4]=='-'
1206	&& db_int(0, "SELECT datetime(%Q) NOT NULL", zTarget) ){
1207	blob_appendf(p->pOut, "<a href=\"%R/timeline?c=%T\">", zTarget);
1208	}else if( (z = validWikiPageName(p, zTarget))!=0 ){
1209	blob_appendf(p->pOut, "<a href=\"%R/wiki?name=%T\">", z);
1210	}else if( zTarget>=&zOrig[2] && !fossil_isspace(zTarget[-2]) ){
1211	/* Probably an array subscript in code */
1212	zTerm = "";
1213	}else if( (p->state & (WIKI_NOBADLINKS\|WIKI_LINKSONLY))!=0 ){
1214	zTerm = "";
1215	}else{
1216	blob_appendf(p->pOut, "<span class=\"brokenlink\">[%h]", zTarget);
1217	zTerm = "</span>";
1218	}
	@@ -1243,19 +1252,20 @@
1252	static void wiki_render(Renderer p, char z){
1253	int tokenType;
1254	ParsedMarkup markup;
1255	int n;
1256	int inlineOnly = (p->state & INLINE_MARKUP_ONLY)!=0;
1257	int wikiHtmlOnly = (p->state & (WIKI_HTMLONLY \| WIKI_LINKSONLY))!=0;
1258	int linksOnly = (p->state & WIKI_LINKSONLY)!=0;
1259	char *zOrig = z;
1260
1261	/* Make sure the attribute constants and names still align
1262	** following changes in the attribute list. */
1263	assert( fossil_strcmp(aAttribute[ATTR_WIDTH].zName, "width")==0 );
1264
1265	while( z[0] ){
1266	if( wikiHtmlOnly ){
1267	n = nextRawToken(z, p, &tokenType);
1268	}else{
1269	n = nextWikiToken(z, p, &tokenType);
1270	}
1271	p->state &= ~(AT_NEWLINE\|AT_PARAGRAPH);
	@@ -1372,33 +1382,37 @@
1382	startAutoParagraph(p);
1383	zTarget = &z[1];
1384	for(i=1; z[i] && z[i]!=']'; i++){
1385	if( z[i]=='\|' && zDisplay==0 ){
1386	zDisplay = &z[i+1];
1387	for(j=i; j>0 && fossil_isspace(z[j-1]); j--){}
1388	iS1 = j;
1389	cS1 = z[j];
1390	z[j] = 0;
1391	}
1392	}
1393	z[i] = 0;
1394	if( zDisplay==0 ){
1395	zDisplay = zTarget;
1396	}else{
1397	while( fossil_isspace(*zDisplay) ) zDisplay++;
1398	}
1399	openHyperlink(p, zTarget, zClose, sizeof(zClose), zOrig);
1400	if( linksOnly \|\| zClose[0]==0 \|\| p->inVerbatim ){
1401	if( cS1 ) z[iS1] = cS1;
1402	if( zClose[0]!=']' ){
1403	blob_appendf(p->pOut, "[%h]%s", zTarget, zClose);
1404	}else{
1405	blob_appendf(p->pOut, "%h%s", zTarget, zClose);
1406	}
1407	}else{
1408	savedState = p->state;
1409	p->state &= ~ALLOW_WIKI;
1410	p->state \|= FONT_MARKUP_ONLY;
1411	wiki_render(p, zDisplay);
1412	p->state = savedState;
1413	blob_append(p->pOut, zClose, -1);



1414	}
1415	break;
1416	}
1417	case TOKEN_TEXT: {
1418	int i;
	@@ -1406,11 +1420,15 @@
1420	if( i<n ) startAutoParagraph(p);
1421	blob_append(p->pOut, z, n);
1422	break;
1423	}
1424	case TOKEN_RAW: {
1425	if( linksOnly ){
1426	htmlize_to_blob(p->pOut, z, n);
1427	}else{
1428	blob_append(p->pOut, z, n);
1429	}
1430	break;
1431	}
1432	case TOKEN_MARKUP: {
1433	const char *zId;
1434	int iDiv;
	@@ -1501,22 +1519,26 @@
1519	/* Enter <verbatim> processing. With verbatim enabled, all other
1520	** markup other than the corresponding end-tag with the same ID is
1521	** ignored.
1522	*/
1523	if( markup.iCode==MARKUP_VERBATIM ){
1524	int ii, vAttrDidAppend=0;
1525	p->zVerbatimId = 0;
1526	p->inVerbatim = 1;
1527	p->preVerbState = p->state;
1528	p->state &= ~ALLOW_WIKI;
1529	for(ii=0; ii<markup.nAttr; ii++){
1530	if( markup.aAttr[ii].iACode == ATTR_ID ){
1531	p->zVerbatimId = markup.aAttr[ii].zValue;
1532	}else if( markup.aAttr[ii].iACode == ATTR_TYPE ){
1533	if( fossil_stricmp(markup.aAttr[ii].zValue, "allow-links")==0 ){
1534	p->state \|= ALLOW_LINKS;
1535	}else{
1536	blob_appendf(p->pOut, "<pre name='code' class='%s'>",
1537	markup.aAttr[ii].zValue);
1538	vAttrDidAppend=1;
1539	}
1540	}
1541	}
1542	if( !vAttrDidAppend ) {
1543	endAutoParagraph(p);
1544	blob_append(p->pOut, "<pre class='verbatim'>",-1);
	@@ -1592,13 +1614,10 @@
1614	** reply.
1615	*/
1616	void wiki_convert(Blob pIn, Blob pOut, int flags){
1617	Renderer renderer;
1618



1619	memset(&renderer, 0, sizeof(renderer));
1620	renderer.renderFlags = flags;
1621	renderer.state = ALLOW_WIKI\|AT_NEWLINE\|AT_PARAGRAPH\|flags;
1622	if( flags & WIKI_NOBLOCK ){
1623	renderer.state \|= INLINE_MARKUP_ONLY;
	@@ -1607,24 +1626,26 @@
1626	renderer.wantAutoParagraph = 0;
1627	}else{
1628	renderer.wantAutoParagraph = 1;
1629	}
1630	if( wikiUsesHtml() ){
1631	renderer.state \|= WIKI_HTMLONLY;
1632	}
1633	if( pOut ){
1634	renderer.pOut = pOut;
1635	}else{
1636	renderer.pOut = cgi_output_blob();
1637	}
1638
1639	blob_strip_bom(pIn, 0);
1640	if( flags & WIKI_LINKSONLY ) blob_append(renderer.pOut, "<pre>", 5);
1641	wiki_render(&renderer, blob_str(pIn));
1642	endAutoParagraph(&renderer);
1643	while( renderer.nStack ){
1644	popStack(&renderer);
1645	}
1646	if( flags & WIKI_LINKSONLY ) blob_append(renderer.pOut, "</pre>", 5);
1647	blob_append(renderer.pOut, "\n", 1);
1648	free(renderer.aStack);
1649	}
1650
1651	/*
	@@ -1632,15 +1653,26 @@
1653	**
1654	** %fossil test-wiki-render FILE [OPTIONS]
1655	**
1656	** Options:
1657	** --buttons Set the WIKI_BUTTONS flag
1658	** --htmlonly Set the WIKI_HTMLONLY flag
1659	** --linksonly Set the WIKI_LINKSONLY flag
1660	** --nobadlinks Set the WIKI_NOBADLINKS flag
1661	** --inline Set the WIKI_INLINE flag
1662	** --noblock Set the WIKI_NOBLOCK flag
1663	*/
1664	void test_wiki_render(void){
1665	Blob in, out;
1666	int flags = 0;
1667	if( find_option("buttons",0,0)!=0 ) flags \|= WIKI_BUTTONS;
1668	if( find_option("htmlonly",0,0)!=0 ) flags \|= WIKI_HTMLONLY;
1669	if( find_option("linksonly",0,0)!=0 ) flags \|= WIKI_LINKSONLY;
1670	if( find_option("nobadlinks",0,0)!=0 ) flags \|= WIKI_NOBADLINKS;
1671	if( find_option("inline",0,0)!=0 ) flags \|= WIKI_INLINE;
1672	if( find_option("noblock",0,0)!=0 ) flags \|= WIKI_NOBLOCK;
1673	db_find_and_open_repository(0,0);
1674	verify_all_options();
1675	if( g.argc!=3 ) usage("FILE");
1676	blob_zero(&out);
1677	blob_read_from_file(&in, g.argv[2]);
1678	wiki_convert(&in, &out, flags);
	@@ -1695,29 +1727,29 @@
1727	Renderer renderer;
1728	int tokenType;
1729	ParsedMarkup markup;
1730	int n;
1731	int inlineOnly;
1732	int wikiHtmlOnly = 0;
1733
1734	memset(&renderer, 0, sizeof(renderer));
1735	renderer.state = ALLOW_WIKI\|AT_NEWLINE\|AT_PARAGRAPH;
1736	if( flags & WIKI_NOBLOCK ){
1737	renderer.state \|= INLINE_MARKUP_ONLY;
1738	}
1739	if( wikiUsesHtml() ){
1740	renderer.state \|= WIKI_HTMLONLY;
1741	wikiHtmlOnly = 1;
1742	}
1743	inlineOnly = (renderer.state & INLINE_MARKUP_ONLY)!=0;
1744	if( replaceFlag ){
1745	db_multi_exec("DELETE FROM backlink WHERE srctype=%d AND srcid=%d",
1746	srctype, srcid);
1747	}
1748
1749	while( z[0] ){
1750	if( wikiHtmlOnly ){
1751	n = nextRawToken(z, &renderer, &tokenType);
1752	}else{
1753	n = nextWikiToken(z, &renderer, &tokenType);
1754	}
1755	switch( tokenType ){
1756

M src/xfer.c

+80 -43

		--- src/xfer.c
		+++ src/xfer.c
		@@ -1266,11 +1266,23 @@
1266	1266	/*
1267	1267	** Format strings for progress reporting.
1268	1268	*/
1269	1269	static const char zLabelFormat[] = "%-10s %10s %10s %10s %10s\n";
1270	1270	static const char zValueFormat[] = "\r%-10s %10d %10d %10d %10d\n";
	1271	+static const char zBriefFormat[] =
	1272	+ "Round-trips: %d Artifacts sent: %d received: %d\r";
1271	1273
	1274	+#if INTERFACE
	1275	+/*
	1276	+** Flag options for controlling client_sync()
	1277	+*/
	1278	+#define SYNC_PUSH 0x0001
	1279	+#define SYNC_PULL 0x0002
	1280	+#define SYNC_CLONE 0x0004
	1281	+#define SYNC_PRIVATE 0x0008
	1282	+#define SYNC_VERBOSE 0x0010
	1283	+#endif
1272	1284
1273	1285	/*
1274	1286	** Sync to the host identified in g.urlName and g.urlPath. This
1275	1287	** routine is called by the client.
1276	1288	**
		@@ -1277,16 +1289,13 @@
1277	1289	** Records are pushed to the server if pushFlag is true. Records
1278	1290	** are pulled if pullFlag is true. A full sync occurs if both are
1279	1291	** true.
1280	1292	*/
1281	1293	int client_sync(
1282		- int pushFlag, /* True to do a push (or a sync) */
1283		- int pullFlag, /* True to do a pull (or a sync) */
1284		- int cloneFlag, /* True if this is a clone */
1285		- int privateFlag, /* True to exchange private branches */
1286		- int configRcvMask, /* Receive these configuration items */
1287		- int configSendMask /* Send these configuration items */
	1294	+ unsigned syncFlags, /* Mask of SYNC_* flags */
	1295	+ unsigned configRcvMask, /* Receive these configuration items */
	1296	+ unsigned configSendMask /* Send these configuration items */
1288	1297	){
1289	1298	int go = 1; /* Loop until zero */
1290	1299	int nCardSent = 0; /* Number of cards sent */
1291	1300	int nCardRcvd = 0; /* Number of cards received */
1292	1301	int nCycle = 0; /* Number of round trips to the server */
		@@ -1304,27 +1313,30 @@
1304	1313	int lastPctDone = -1; /* Last displayed pctDone */
1305	1314	double rArrivalTime; /* Time at which a message arrived */
1306	1315	const char *zSCode = db_get("server-code", "x");
1307	1316	const char *zPCode = db_get("project-code", 0);
1308	1317	int nErr = 0; /* Number of errors */
	1318	+ int nRoundtrip= 0; /* Number of HTTP requests */
	1319	+ int nArtifactSent = 0; /* Total artifacts sent */
	1320	+ int nArtifactRcvd = 0; /* Total artifacts received */
	1321	+ const char zOpType = 0;/ Push, Pull, Sync, Clone */
1309	1322
1310		- if( db_get_boolean("dont-push", 0) ) pushFlag = 0;
1311		- if( pushFlag + pullFlag + cloneFlag == 0
	1323	+ if( db_get_boolean("dont-push", 0) ) syncFlags &= ~SYNC_PUSH;
	1324	+ if( (syncFlags & (SYNC_PUSH\|SYNC_PULL\|SYNC_CLONE))==0
1312	1325	&& configRcvMask==0 && configSendMask==0 ) return 0;
1313	1326
1314	1327	transport_stats(0, 0, 1);
1315	1328	socket_global_init();
1316	1329	memset(&xfer, 0, sizeof(xfer));
1317	1330	xfer.pIn = &recv;
1318	1331	xfer.pOut = &send;
1319	1332	xfer.mxSend = db_get_int("max-upload", 250000);
1320		- if( privateFlag ){
	1333	+ if( syncFlags & SYNC_PRIVATE ){
1321	1334	g.perm.Private = 1;
1322	1335	xfer.syncPrivate = 1;
1323	1336	}
1324	1337
1325		- assert( pushFlag \| pullFlag \| cloneFlag \| configRcvMask \| configSendMask );
1326	1338	db_begin_transaction();
1327	1339	db_record_repository_filename(0);
1328	1340	db_multi_exec(
1329	1341	"CREATE TEMP TABLE onremote(rid INTEGER PRIMARY KEY);"
1330	1342	);
		@@ -1335,33 +1347,39 @@
1335	1347	blob_zero(&xfer.line);
1336	1348	origConfigRcvMask = 0;
1337	1349
1338	1350
1339	1351	/* Send the send-private pragma if we are trying to sync private data */
1340		- if( privateFlag ) blob_append(&send, "pragma send-private\n", -1);
	1352	+ if( syncFlags & SYNC_PRIVATE ){
	1353	+ blob_append(&send, "pragma send-private\n", -1);
	1354	+ }
1341	1355
1342	1356	/*
1343	1357	** Always begin with a clone, pull, or push message
1344	1358	*/
1345		- if( cloneFlag ){
	1359	+ if( syncFlags & SYNC_CLONE ){
1346	1360	blob_appendf(&send, "clone 3 %d\n", cloneSeqno);
1347		- pushFlag = 0;
1348		- pullFlag = 0;
	1361	+ syncFlags &= ~(SYNC_PUSH\|SYNC_PULL);
1349	1362	nCardSent++;
1350	1363	/* TBD: Request all transferable configuration values */
1351	1364	content_enable_dephantomize(0);
1352		- }else if( pullFlag ){
	1365	+ zOpType = "Clone";
	1366	+ }else if( syncFlags & SYNC_PULL ){
1353	1367	blob_appendf(&send, "pull %s %s\n", zSCode, zPCode);
1354	1368	nCardSent++;
	1369	+ zOpType = "Pull";
1355	1370	}
1356		- if( pushFlag ){
	1371	+ if( syncFlags & SYNC_PUSH ){
1357	1372	blob_appendf(&send, "push %s %s\n", zSCode, zPCode);
1358	1373	nCardSent++;
	1374	+ if( (syncFlags & SYNC_PULL)==0 ) zOpType = "Push";
1359	1375	}
1360	1376	manifest_crosslink_begin();
1361	1377	transport_global_startup();
1362		- fossil_print(zLabelFormat, "", "Bytes", "Cards", "Artifacts", "Deltas");
	1378	+ if( syncFlags & SYNC_VERBOSE ){
	1379	+ fossil_print(zLabelFormat, "", "Bytes", "Cards", "Artifacts", "Deltas");
	1380	+ }
1363	1381
1364	1382	while( go ){
1365	1383	int newPhantom = 0;
1366	1384	char *zRandomness;
1367	1385
		@@ -1374,25 +1392,28 @@
1374	1392	}
1375	1393
1376	1394	/* Generate gimme cards for phantoms and leaf cards
1377	1395	** for all leaves.
1378	1396	*/
1379		- if( pullFlag \|\| (cloneFlag && cloneSeqno==1) ){
	1397	+ if( (syncFlags & SYNC_PULL)!=0
	1398	+ \|\| ((syncFlags & SYNC_CLONE)!=0 && cloneSeqno==1)
	1399	+ ){
1380	1400	request_phantoms(&xfer, mxPhantomReq);
1381	1401	}
1382		- if( pushFlag ){
	1402	+ if( syncFlags & SYNC_PUSH ){
1383	1403	send_unsent(&xfer);
1384	1404	nCardSent += send_unclustered(&xfer);
1385		- if( privateFlag ) send_private(&xfer);
	1405	+ if( syncFlags & SYNC_PRIVATE ) send_private(&xfer);
1386	1406	}
1387	1407
1388	1408	/* Send configuration parameter requests. On a clone, delay sending
1389	1409	** this until the second cycle since the login card might fail on
1390	1410	** the first cycle.
1391	1411	*/
1392		- if( configRcvMask && (cloneFlag==0 \|\| nCycle>0) ){
	1412	+ if( configRcvMask && ((syncFlags & SYNC_CLONE)==0 \|\| nCycle>0) ){
1393	1413	const char *zName;
	1414	+ if( zOpType==0 ) zOpType = "Pull";
1394	1415	zName = configure_first_name(configRcvMask);
1395	1416	while( zName ){
1396	1417	blob_appendf(&send, "reqconfig %s\n", zName);
1397	1418	zName = configure_next_name(configRcvMask);
1398	1419	nCardSent++;
		@@ -1407,10 +1428,11 @@
1407	1428	configRcvMask = 0;
1408	1429	}
1409	1430
1410	1431	/* Send configuration parameters being pushed */
1411	1432	if( configSendMask ){
	1433	+ if( zOpType==0 ) zOpType = "Push";
1412	1434	if( configSendMask & CONFIGSET_OLDFORMAT ){
1413	1435	const char *zName;
1414	1436	zName = configure_first_name(configSendMask);
1415	1437	while( zName ){
1416	1438	send_legacy_config_card(&xfer, zName);
		@@ -1430,42 +1452,50 @@
1430	1452	zRandomness = db_text(0, "SELECT hex(randomblob(20))");
1431	1453	blob_appendf(&send, "# %s\n", zRandomness);
1432	1454	free(zRandomness);
1433	1455
1434	1456	/* Exchange messages with the server */
1435		- fossil_print(zValueFormat, "Sent:",
1436		- blob_size(&send), nCardSent+xfer.nGimmeSent+xfer.nIGotSent,
1437		- xfer.nFileSent, xfer.nDeltaSent);
	1457	+ if( syncFlags & SYNC_VERBOSE ){
	1458	+ fossil_print(zValueFormat, "Sent:",
	1459	+ blob_size(&send), nCardSent+xfer.nGimmeSent+xfer.nIGotSent,
	1460	+ xfer.nFileSent, xfer.nDeltaSent);
	1461	+ }else{
	1462	+ nRoundtrip++;
	1463	+ nArtifactSent += xfer.nFileSent + xfer.nDeltaSent;
	1464	+ fossil_print(zBriefFormat, nRoundtrip, nArtifactSent, nArtifactRcvd);
	1465	+ }
1438	1466	nCardSent = 0;
1439	1467	nCardRcvd = 0;
1440	1468	xfer.nFileSent = 0;
1441	1469	xfer.nDeltaSent = 0;
1442	1470	xfer.nGimmeSent = 0;
1443	1471	xfer.nIGotSent = 0;
1444		- if( !g.cgiOutput && !g.fQuiet ){
	1472	+ if( syncFlags & SYNC_VERBOSE ){
1445	1473	fossil_print("waiting for server...");
1446	1474	}
1447	1475	fflush(stdout);
1448		- if( http_exchange(&send, &recv, cloneFlag==0 \|\| nCycle>0) ){
	1476	+ if( http_exchange(&send, &recv, (syncFlags & SYNC_CLONE)==0 \|\| nCycle>0) ){
1449	1477	nErr++;
1450	1478	break;
1451	1479	}
1452	1480	lastPctDone = -1;
1453	1481	blob_reset(&send);
1454	1482	rArrivalTime = db_double(0.0, "SELECT julianday('now')");
1455	1483
1456	1484	/* Send the send-private pragma if we are trying to sync private data */
1457		- if( privateFlag ) blob_append(&send, "pragma send-private\n", -1);
	1485	+ if( syncFlags & SYNC_PRIVATE ){
	1486	+ blob_append(&send, "pragma send-private\n", -1);
	1487	+ }
1458	1488
1459	1489	/* Begin constructing the next message (which might never be
1460	1490	** sent) by beginning with the pull or push cards
1461	1491	*/
1462		- if( pullFlag ){
	1492	+ if( syncFlags & SYNC_PULL ){
1463	1493	blob_appendf(&send, "pull %s %s\n", zSCode, zPCode);
1464	1494	nCardSent++;
1465	1495	}
1466		- if( pushFlag ){
	1496	+ if( syncFlags & SYNC_PUSH ){
1467	1497	blob_appendf(&send, "push %s %s\n", zSCode, zPCode);
1468	1498	nCardSent++;
1469	1499	}
1470	1500	go = 0;
1471	1501
		@@ -1493,11 +1523,11 @@
1493	1523	nCardRcvd++;
1494	1524	continue;
1495	1525	}
1496	1526	xfer.nToken = blob_tokenize(&xfer.line, xfer.aToken, count(xfer.aToken));
1497	1527	nCardRcvd++;
1498		- if( !g.cgiOutput && !g.fQuiet && recv.nUsed>0 ){
	1528	+ if( (syncFlags & SYNC_VERBOSE)!=0 && recv.nUsed>0 ){
1499	1529	pctDone = (recv.iCursor*100)/recv.nUsed;
1500	1530	if( pctDone!=lastPctDone ){
1501	1531	fossil_print("\rprocessed: %d%% ", pctDone);
1502	1532	lastPctDone = pctDone;
1503	1533	fflush(stdout);
		@@ -1508,20 +1538,22 @@
1508	1538	** file UUID DELTASRC SIZE \n CONTENT
1509	1539	**
1510	1540	** Receive a file transmitted from the server.
1511	1541	*/
1512	1542	if( blob_eq(&xfer.aToken[0],"file") ){
1513		- xfer_accept_file(&xfer, cloneFlag);
	1543	+ xfer_accept_file(&xfer, (syncFlags & SYNC_CLONE)!=0);
	1544	+ nArtifactRcvd++;
1514	1545	}else
1515	1546
1516	1547	/* cfile UUID USIZE CSIZE \n CONTENT
1517	1548	** cfile UUID DELTASRC USIZE CSIZE \n CONTENT
1518	1549	**
1519	1550	** Receive a compressed file transmitted from the server.
1520	1551	*/
1521	1552	if( blob_eq(&xfer.aToken[0],"cfile") ){
1522	1553	xfer_accept_compressed_file(&xfer);
	1554	+ nArtifactRcvd++;
1523	1555	}else
1524	1556
1525	1557	/* gimme UUID
1526	1558	**
1527	1559	** Server is requesting a file. If the file is a manifest, assume
		@@ -1530,11 +1562,11 @@
1530	1562	*/
1531	1563	if( blob_eq(&xfer.aToken[0], "gimme")
1532	1564	&& xfer.nToken==2
1533	1565	&& blob_is_uuid(&xfer.aToken[1])
1534	1566	){
1535		- if( pushFlag ){
	1567	+ if( syncFlags & SYNC_PUSH ){
1536	1568	int rid = rid_from_uuid(&xfer.aToken[1], 0, 0);
1537	1569	if( rid ) send_file(&xfer, rid, &xfer.aToken[1], 0);
1538	1570	}
1539	1571	}else
1540	1572
		@@ -1559,11 +1591,11 @@
1559	1591	rid = rid_from_uuid(&xfer.aToken[1], 0, 0);
1560	1592	if( rid>0 ){
1561	1593	if( !isPriv ) content_make_public(rid);
1562	1594	}else if( isPriv && !g.perm.Private ){
1563	1595	/* ignore private files */
1564		- }else if( pullFlag \|\| cloneFlag ){
	1596	+ }else if( (syncFlags & (SYNC_PULL\|SYNC_CLONE))!=0 ){
1565	1597	rid = content_new(blob_str(&xfer.aToken[1]), isPriv);
1566	1598	if( rid ) newPhantom = 1;
1567	1599	}
1568	1600	remote_has(rid);
1569	1601	}else
		@@ -1574,11 +1606,11 @@
1574	1606	** Should only happen in response to a clone. This message tells
1575	1607	** the client what product to use for the new database.
1576	1608	*/
1577	1609	if( blob_eq(&xfer.aToken[0],"push")
1578	1610	&& xfer.nToken==3
1579		- && cloneFlag
	1611	+ && (syncFlags & SYNC_CLONE)!=0
1580	1612	&& blob_is_uuid(&xfer.aToken[1])
1581	1613	&& blob_is_uuid(&xfer.aToken[2])
1582	1614	){
1583	1615	if( blob_eq_str(&xfer.aToken[1], zSCode, -1) ){
1584	1616	fossil_fatal("server loop");
		@@ -1604,11 +1636,12 @@
1604	1636	Blob content;
1605	1637	blob_zero(&content);
1606	1638	blob_extract(xfer.pIn, size, &content);
1607	1639	g.perm.Admin = g.perm.RdAddr = 1;
1608	1640	configure_receive(zName, &content, origConfigRcvMask);
1609		- nCardSent++;
	1641	+ nCardRcvd++;
	1642	+ nArtifactRcvd++;
1610	1643	blob_reset(&content);
1611	1644	blob_seek(xfer.pIn, 1, BLOB_SEEK_CUR);
1612	1645	}else
1613	1646
1614	1647
		@@ -1655,12 +1688,12 @@
1655	1688	** to the next cycle.
1656	1689	*/
1657	1690	if( blob_eq(&xfer.aToken[0],"message") && xfer.nToken==2 ){
1658	1691	char *zMsg = blob_terminate(&xfer.aToken[1]);
1659	1692	defossilize(zMsg);
1660		- if( pushFlag && zMsg && strglob("pull only *", zMsg) ){
1661		- pushFlag = 0;
	1693	+ if( (syncFlags & SYNC_PUSH) && zMsg && strglob("pull only *", zMsg) ){
	1694	+ syncFlags &= ~SYNC_PUSH;
1662	1695	zMsg = 0;
1663	1696	}
1664	1697	fossil_print("\rServer says: %s\n", zMsg);
1665	1698	}else
1666	1699
		@@ -1683,11 +1716,11 @@
1683	1716	** is returned in the reply before the error card, so second and
1684	1717	** subsequent messages should be OK. Nevertheless, we need to ignore
1685	1718	** the error card on the first message of a clone.
1686	1719	*/
1687	1720	if( blob_eq(&xfer.aToken[0],"error") && xfer.nToken==2 ){
1688		- if( !cloneFlag \|\| nCycle>0 ){
	1721	+ if( (syncFlags & SYNC_CLONE)==0 \|\| nCycle>0 ){
1689	1722	char *zMsg = blob_terminate(&xfer.aToken[1]);
1690	1723	defossilize(zMsg);
1691	1724	if( fossil_strcmp(zMsg, "login failed")==0 ){
1692	1725	if( nCycle<2 ){
1693	1726	if( !g.dontKeepUrl ) db_unset("last-sync-pw", 0);
		@@ -1727,14 +1760,16 @@
1727	1760	&& (configRcvMask & CONFIGSET_OLDFORMAT)!=0
1728	1761	){
1729	1762	configure_finalize_receive();
1730	1763	}
1731	1764	origConfigRcvMask = 0;
1732		- if( nCardRcvd>0 ){
	1765	+ if( nCardRcvd>0 && (syncFlags & SYNC_VERBOSE) ){
1733	1766	fossil_print(zValueFormat, "Received:",
1734	1767	blob_size(&recv), nCardRcvd,
1735	1768	xfer.nFileRcvd, xfer.nDeltaRcvd + xfer.nDanglingFile);
	1769	+ }else{
	1770	+ fossil_print(zBriefFormat, nRoundtrip, nArtifactSent, nArtifactRcvd);
1736	1771	}
1737	1772	blob_reset(&recv);
1738	1773	nCycle++;
1739	1774
1740	1775	/* If we received one or more files on the previous exchange but
		@@ -1743,11 +1778,11 @@
1743	1778	nFileRecv = xfer.nFileRcvd + xfer.nDeltaRcvd + xfer.nDanglingFile;
1744	1779	if( (nFileRecv>0 \|\| newPhantom) && db_exists("SELECT 1 FROM phantom") ){
1745	1780	go = 1;
1746	1781	mxPhantomReq = nFileRecv*2;
1747	1782	if( mxPhantomReq<200 ) mxPhantomReq = 200;
1748		- }else if( cloneFlag && nFileRecv>0 ){
	1783	+ }else if( (syncFlags & SYNC_CLONE)!=0 && nFileRecv>0 ){
1749	1784	go = 1;
1750	1785	}
1751	1786	nCardRcvd = 0;
1752	1787	xfer.nFileRcvd = 0;
1753	1788	xfer.nDeltaRcvd = 0;
		@@ -1759,25 +1794,27 @@
1759	1794	if( xfer.nFileSent+xfer.nDeltaSent>0 ){
1760	1795	go = 1;
1761	1796	}
1762	1797
1763	1798	/* If this is a clone, the go at least two rounds */
1764		- if( cloneFlag && nCycle==1 ) go = 1;
	1799	+ if( (syncFlags & SYNC_CLONE)!=0 && nCycle==1 ) go = 1;
1765	1800
1766	1801	/* Stop the cycle if the server sends a "clone_seqno 0" card and
1767	1802	** we have gone at least two rounds. Always go at least two rounds
1768	1803	** on a clone in order to be sure to retrieve the configuration
1769	1804	** information which is only sent on the second round.
1770	1805	*/
1771	1806	if( cloneSeqno<=0 && nCycle>1 ) go = 0;
1772	1807	};
1773	1808	transport_stats(&nSent, &nRcvd, 1);
1774		- fossil_print("Total network traffic: %lld bytes sent, %lld bytes received\n",
1775		- nSent, nRcvd);
	1809	+ if( (syncFlags & SYNC_VERBOSE)==0 ) fossil_print("\n");
	1810	+ fossil_print(
	1811	+ "%s finished with %lld bytes sent, %lld bytes received\n",
	1812	+ zOpType, nSent, nRcvd);
1776	1813	transport_close();
1777	1814	transport_global_shutdown();
1778	1815	db_multi_exec("DROP TABLE onremote");
1779	1816	manifest_crosslink_end();
1780	1817	content_enable_dephantomize(1);
1781	1818	db_end_transaction(0);
1782	1819	return nErr;
1783	1820	}
1784	1821

	--- src/xfer.c
	+++ src/xfer.c
	@@ -1266,11 +1266,23 @@
1266	/*
1267	** Format strings for progress reporting.
1268	*/
1269	static const char zLabelFormat[] = "%-10s %10s %10s %10s %10s\n";
1270	static const char zValueFormat[] = "\r%-10s %10d %10d %10d %10d\n";


1271










1272
1273	/*
1274	** Sync to the host identified in g.urlName and g.urlPath. This
1275	** routine is called by the client.
1276	**
	@@ -1277,16 +1289,13 @@
1277	** Records are pushed to the server if pushFlag is true. Records
1278	** are pulled if pullFlag is true. A full sync occurs if both are
1279	** true.
1280	*/
1281	int client_sync(
1282	int pushFlag, /* True to do a push (or a sync) */
1283	int pullFlag, /* True to do a pull (or a sync) */
1284	int cloneFlag, /* True if this is a clone */
1285	int privateFlag, /* True to exchange private branches */
1286	int configRcvMask, /* Receive these configuration items */
1287	int configSendMask /* Send these configuration items */
1288	){
1289	int go = 1; /* Loop until zero */
1290	int nCardSent = 0; /* Number of cards sent */
1291	int nCardRcvd = 0; /* Number of cards received */
1292	int nCycle = 0; /* Number of round trips to the server */
	@@ -1304,27 +1313,30 @@
1304	int lastPctDone = -1; /* Last displayed pctDone */
1305	double rArrivalTime; /* Time at which a message arrived */
1306	const char *zSCode = db_get("server-code", "x");
1307	const char *zPCode = db_get("project-code", 0);
1308	int nErr = 0; /* Number of errors */




1309
1310	if( db_get_boolean("dont-push", 0) ) pushFlag = 0;
1311	if( pushFlag + pullFlag + cloneFlag == 0
1312	&& configRcvMask==0 && configSendMask==0 ) return 0;
1313
1314	transport_stats(0, 0, 1);
1315	socket_global_init();
1316	memset(&xfer, 0, sizeof(xfer));
1317	xfer.pIn = &recv;
1318	xfer.pOut = &send;
1319	xfer.mxSend = db_get_int("max-upload", 250000);
1320	if( privateFlag ){
1321	g.perm.Private = 1;
1322	xfer.syncPrivate = 1;
1323	}
1324
1325	assert( pushFlag \| pullFlag \| cloneFlag \| configRcvMask \| configSendMask );
1326	db_begin_transaction();
1327	db_record_repository_filename(0);
1328	db_multi_exec(
1329	"CREATE TEMP TABLE onremote(rid INTEGER PRIMARY KEY);"
1330	);
	@@ -1335,33 +1347,39 @@
1335	blob_zero(&xfer.line);
1336	origConfigRcvMask = 0;
1337
1338
1339	/* Send the send-private pragma if we are trying to sync private data */
1340	if( privateFlag ) blob_append(&send, "pragma send-private\n", -1);


1341
1342	/*
1343	** Always begin with a clone, pull, or push message
1344	*/
1345	if( cloneFlag ){
1346	blob_appendf(&send, "clone 3 %d\n", cloneSeqno);
1347	pushFlag = 0;
1348	pullFlag = 0;
1349	nCardSent++;
1350	/* TBD: Request all transferable configuration values */
1351	content_enable_dephantomize(0);
1352	}else if( pullFlag ){

1353	blob_appendf(&send, "pull %s %s\n", zSCode, zPCode);
1354	nCardSent++;

1355	}
1356	if( pushFlag ){
1357	blob_appendf(&send, "push %s %s\n", zSCode, zPCode);
1358	nCardSent++;

1359	}
1360	manifest_crosslink_begin();
1361	transport_global_startup();
1362	fossil_print(zLabelFormat, "", "Bytes", "Cards", "Artifacts", "Deltas");


1363
1364	while( go ){
1365	int newPhantom = 0;
1366	char *zRandomness;
1367
	@@ -1374,25 +1392,28 @@
1374	}
1375
1376	/* Generate gimme cards for phantoms and leaf cards
1377	** for all leaves.
1378	*/
1379	if( pullFlag \|\| (cloneFlag && cloneSeqno==1) ){


1380	request_phantoms(&xfer, mxPhantomReq);
1381	}
1382	if( pushFlag ){
1383	send_unsent(&xfer);
1384	nCardSent += send_unclustered(&xfer);
1385	if( privateFlag ) send_private(&xfer);
1386	}
1387
1388	/* Send configuration parameter requests. On a clone, delay sending
1389	** this until the second cycle since the login card might fail on
1390	** the first cycle.
1391	*/
1392	if( configRcvMask && (cloneFlag==0 \|\| nCycle>0) ){
1393	const char *zName;

1394	zName = configure_first_name(configRcvMask);
1395	while( zName ){
1396	blob_appendf(&send, "reqconfig %s\n", zName);
1397	zName = configure_next_name(configRcvMask);
1398	nCardSent++;
	@@ -1407,10 +1428,11 @@
1407	configRcvMask = 0;
1408	}
1409
1410	/* Send configuration parameters being pushed */
1411	if( configSendMask ){

1412	if( configSendMask & CONFIGSET_OLDFORMAT ){
1413	const char *zName;
1414	zName = configure_first_name(configSendMask);
1415	while( zName ){
1416	send_legacy_config_card(&xfer, zName);
	@@ -1430,42 +1452,50 @@
1430	zRandomness = db_text(0, "SELECT hex(randomblob(20))");
1431	blob_appendf(&send, "# %s\n", zRandomness);
1432	free(zRandomness);
1433
1434	/* Exchange messages with the server */
1435	fossil_print(zValueFormat, "Sent:",
1436	blob_size(&send), nCardSent+xfer.nGimmeSent+xfer.nIGotSent,
1437	xfer.nFileSent, xfer.nDeltaSent);






1438	nCardSent = 0;
1439	nCardRcvd = 0;
1440	xfer.nFileSent = 0;
1441	xfer.nDeltaSent = 0;
1442	xfer.nGimmeSent = 0;
1443	xfer.nIGotSent = 0;
1444	if( !g.cgiOutput && !g.fQuiet ){
1445	fossil_print("waiting for server...");
1446	}
1447	fflush(stdout);
1448	if( http_exchange(&send, &recv, cloneFlag==0 \|\| nCycle>0) ){
1449	nErr++;
1450	break;
1451	}
1452	lastPctDone = -1;
1453	blob_reset(&send);
1454	rArrivalTime = db_double(0.0, "SELECT julianday('now')");
1455
1456	/* Send the send-private pragma if we are trying to sync private data */
1457	if( privateFlag ) blob_append(&send, "pragma send-private\n", -1);


1458
1459	/* Begin constructing the next message (which might never be
1460	** sent) by beginning with the pull or push cards
1461	*/
1462	if( pullFlag ){
1463	blob_appendf(&send, "pull %s %s\n", zSCode, zPCode);
1464	nCardSent++;
1465	}
1466	if( pushFlag ){
1467	blob_appendf(&send, "push %s %s\n", zSCode, zPCode);
1468	nCardSent++;
1469	}
1470	go = 0;
1471
	@@ -1493,11 +1523,11 @@
1493	nCardRcvd++;
1494	continue;
1495	}
1496	xfer.nToken = blob_tokenize(&xfer.line, xfer.aToken, count(xfer.aToken));
1497	nCardRcvd++;
1498	if( !g.cgiOutput && !g.fQuiet && recv.nUsed>0 ){
1499	pctDone = (recv.iCursor*100)/recv.nUsed;
1500	if( pctDone!=lastPctDone ){
1501	fossil_print("\rprocessed: %d%% ", pctDone);
1502	lastPctDone = pctDone;
1503	fflush(stdout);
	@@ -1508,20 +1538,22 @@
1508	** file UUID DELTASRC SIZE \n CONTENT
1509	**
1510	** Receive a file transmitted from the server.
1511	*/
1512	if( blob_eq(&xfer.aToken[0],"file") ){
1513	xfer_accept_file(&xfer, cloneFlag);

1514	}else
1515
1516	/* cfile UUID USIZE CSIZE \n CONTENT
1517	** cfile UUID DELTASRC USIZE CSIZE \n CONTENT
1518	**
1519	** Receive a compressed file transmitted from the server.
1520	*/
1521	if( blob_eq(&xfer.aToken[0],"cfile") ){
1522	xfer_accept_compressed_file(&xfer);

1523	}else
1524
1525	/* gimme UUID
1526	**
1527	** Server is requesting a file. If the file is a manifest, assume
	@@ -1530,11 +1562,11 @@
1530	*/
1531	if( blob_eq(&xfer.aToken[0], "gimme")
1532	&& xfer.nToken==2
1533	&& blob_is_uuid(&xfer.aToken[1])
1534	){
1535	if( pushFlag ){
1536	int rid = rid_from_uuid(&xfer.aToken[1], 0, 0);
1537	if( rid ) send_file(&xfer, rid, &xfer.aToken[1], 0);
1538	}
1539	}else
1540
	@@ -1559,11 +1591,11 @@
1559	rid = rid_from_uuid(&xfer.aToken[1], 0, 0);
1560	if( rid>0 ){
1561	if( !isPriv ) content_make_public(rid);
1562	}else if( isPriv && !g.perm.Private ){
1563	/* ignore private files */
1564	}else if( pullFlag \|\| cloneFlag ){
1565	rid = content_new(blob_str(&xfer.aToken[1]), isPriv);
1566	if( rid ) newPhantom = 1;
1567	}
1568	remote_has(rid);
1569	}else
	@@ -1574,11 +1606,11 @@
1574	** Should only happen in response to a clone. This message tells
1575	** the client what product to use for the new database.
1576	*/
1577	if( blob_eq(&xfer.aToken[0],"push")
1578	&& xfer.nToken==3
1579	&& cloneFlag
1580	&& blob_is_uuid(&xfer.aToken[1])
1581	&& blob_is_uuid(&xfer.aToken[2])
1582	){
1583	if( blob_eq_str(&xfer.aToken[1], zSCode, -1) ){
1584	fossil_fatal("server loop");
	@@ -1604,11 +1636,12 @@
1604	Blob content;
1605	blob_zero(&content);
1606	blob_extract(xfer.pIn, size, &content);
1607	g.perm.Admin = g.perm.RdAddr = 1;
1608	configure_receive(zName, &content, origConfigRcvMask);
1609	nCardSent++;

1610	blob_reset(&content);
1611	blob_seek(xfer.pIn, 1, BLOB_SEEK_CUR);
1612	}else
1613
1614
	@@ -1655,12 +1688,12 @@
1655	** to the next cycle.
1656	*/
1657	if( blob_eq(&xfer.aToken[0],"message") && xfer.nToken==2 ){
1658	char *zMsg = blob_terminate(&xfer.aToken[1]);
1659	defossilize(zMsg);
1660	if( pushFlag && zMsg && strglob("pull only *", zMsg) ){
1661	pushFlag = 0;
1662	zMsg = 0;
1663	}
1664	fossil_print("\rServer says: %s\n", zMsg);
1665	}else
1666
	@@ -1683,11 +1716,11 @@
1683	** is returned in the reply before the error card, so second and
1684	** subsequent messages should be OK. Nevertheless, we need to ignore
1685	** the error card on the first message of a clone.
1686	*/
1687	if( blob_eq(&xfer.aToken[0],"error") && xfer.nToken==2 ){
1688	if( !cloneFlag \|\| nCycle>0 ){
1689	char *zMsg = blob_terminate(&xfer.aToken[1]);
1690	defossilize(zMsg);
1691	if( fossil_strcmp(zMsg, "login failed")==0 ){
1692	if( nCycle<2 ){
1693	if( !g.dontKeepUrl ) db_unset("last-sync-pw", 0);
	@@ -1727,14 +1760,16 @@
1727	&& (configRcvMask & CONFIGSET_OLDFORMAT)!=0
1728	){
1729	configure_finalize_receive();
1730	}
1731	origConfigRcvMask = 0;
1732	if( nCardRcvd>0 ){
1733	fossil_print(zValueFormat, "Received:",
1734	blob_size(&recv), nCardRcvd,
1735	xfer.nFileRcvd, xfer.nDeltaRcvd + xfer.nDanglingFile);


1736	}
1737	blob_reset(&recv);
1738	nCycle++;
1739
1740	/* If we received one or more files on the previous exchange but
	@@ -1743,11 +1778,11 @@
1743	nFileRecv = xfer.nFileRcvd + xfer.nDeltaRcvd + xfer.nDanglingFile;
1744	if( (nFileRecv>0 \|\| newPhantom) && db_exists("SELECT 1 FROM phantom") ){
1745	go = 1;
1746	mxPhantomReq = nFileRecv*2;
1747	if( mxPhantomReq<200 ) mxPhantomReq = 200;
1748	}else if( cloneFlag && nFileRecv>0 ){
1749	go = 1;
1750	}
1751	nCardRcvd = 0;
1752	xfer.nFileRcvd = 0;
1753	xfer.nDeltaRcvd = 0;
	@@ -1759,25 +1794,27 @@
1759	if( xfer.nFileSent+xfer.nDeltaSent>0 ){
1760	go = 1;
1761	}
1762
1763	/* If this is a clone, the go at least two rounds */
1764	if( cloneFlag && nCycle==1 ) go = 1;
1765
1766	/* Stop the cycle if the server sends a "clone_seqno 0" card and
1767	** we have gone at least two rounds. Always go at least two rounds
1768	** on a clone in order to be sure to retrieve the configuration
1769	** information which is only sent on the second round.
1770	*/
1771	if( cloneSeqno<=0 && nCycle>1 ) go = 0;
1772	};
1773	transport_stats(&nSent, &nRcvd, 1);
1774	fossil_print("Total network traffic: %lld bytes sent, %lld bytes received\n",
1775	nSent, nRcvd);


1776	transport_close();
1777	transport_global_shutdown();
1778	db_multi_exec("DROP TABLE onremote");
1779	manifest_crosslink_end();
1780	content_enable_dephantomize(1);
1781	db_end_transaction(0);
1782	return nErr;
1783	}
1784

	--- src/xfer.c
	+++ src/xfer.c
	@@ -1266,11 +1266,23 @@
1266	/*
1267	** Format strings for progress reporting.
1268	*/
1269	static const char zLabelFormat[] = "%-10s %10s %10s %10s %10s\n";
1270	static const char zValueFormat[] = "\r%-10s %10d %10d %10d %10d\n";
1271	static const char zBriefFormat[] =
1272	"Round-trips: %d Artifacts sent: %d received: %d\r";
1273
1274	#if INTERFACE
1275	/*
1276	** Flag options for controlling client_sync()
1277	*/
1278	#define SYNC_PUSH 0x0001
1279	#define SYNC_PULL 0x0002
1280	#define SYNC_CLONE 0x0004
1281	#define SYNC_PRIVATE 0x0008
1282	#define SYNC_VERBOSE 0x0010
1283	#endif
1284
1285	/*
1286	** Sync to the host identified in g.urlName and g.urlPath. This
1287	** routine is called by the client.
1288	**
	@@ -1277,16 +1289,13 @@
1289	** Records are pushed to the server if pushFlag is true. Records
1290	** are pulled if pullFlag is true. A full sync occurs if both are
1291	** true.
1292	*/
1293	int client_sync(
1294	unsigned syncFlags, /* Mask of SYNC_* flags */
1295	unsigned configRcvMask, /* Receive these configuration items */
1296	unsigned configSendMask /* Send these configuration items */



1297	){
1298	int go = 1; /* Loop until zero */
1299	int nCardSent = 0; /* Number of cards sent */
1300	int nCardRcvd = 0; /* Number of cards received */
1301	int nCycle = 0; /* Number of round trips to the server */
	@@ -1304,27 +1313,30 @@
1313	int lastPctDone = -1; /* Last displayed pctDone */
1314	double rArrivalTime; /* Time at which a message arrived */
1315	const char *zSCode = db_get("server-code", "x");
1316	const char *zPCode = db_get("project-code", 0);
1317	int nErr = 0; /* Number of errors */
1318	int nRoundtrip= 0; /* Number of HTTP requests */
1319	int nArtifactSent = 0; /* Total artifacts sent */
1320	int nArtifactRcvd = 0; /* Total artifacts received */
1321	const char zOpType = 0;/ Push, Pull, Sync, Clone */
1322
1323	if( db_get_boolean("dont-push", 0) ) syncFlags &= ~SYNC_PUSH;
1324	if( (syncFlags & (SYNC_PUSH\|SYNC_PULL\|SYNC_CLONE))==0
1325	&& configRcvMask==0 && configSendMask==0 ) return 0;
1326
1327	transport_stats(0, 0, 1);
1328	socket_global_init();
1329	memset(&xfer, 0, sizeof(xfer));
1330	xfer.pIn = &recv;
1331	xfer.pOut = &send;
1332	xfer.mxSend = db_get_int("max-upload", 250000);
1333	if( syncFlags & SYNC_PRIVATE ){
1334	g.perm.Private = 1;
1335	xfer.syncPrivate = 1;
1336	}
1337

1338	db_begin_transaction();
1339	db_record_repository_filename(0);
1340	db_multi_exec(
1341	"CREATE TEMP TABLE onremote(rid INTEGER PRIMARY KEY);"
1342	);
	@@ -1335,33 +1347,39 @@
1347	blob_zero(&xfer.line);
1348	origConfigRcvMask = 0;
1349
1350
1351	/* Send the send-private pragma if we are trying to sync private data */
1352	if( syncFlags & SYNC_PRIVATE ){
1353	blob_append(&send, "pragma send-private\n", -1);
1354	}
1355
1356	/*
1357	** Always begin with a clone, pull, or push message
1358	*/
1359	if( syncFlags & SYNC_CLONE ){
1360	blob_appendf(&send, "clone 3 %d\n", cloneSeqno);
1361	syncFlags &= ~(SYNC_PUSH\|SYNC_PULL);

1362	nCardSent++;
1363	/* TBD: Request all transferable configuration values */
1364	content_enable_dephantomize(0);
1365	zOpType = "Clone";
1366	}else if( syncFlags & SYNC_PULL ){
1367	blob_appendf(&send, "pull %s %s\n", zSCode, zPCode);
1368	nCardSent++;
1369	zOpType = "Pull";
1370	}
1371	if( syncFlags & SYNC_PUSH ){
1372	blob_appendf(&send, "push %s %s\n", zSCode, zPCode);
1373	nCardSent++;
1374	if( (syncFlags & SYNC_PULL)==0 ) zOpType = "Push";
1375	}
1376	manifest_crosslink_begin();
1377	transport_global_startup();
1378	if( syncFlags & SYNC_VERBOSE ){
1379	fossil_print(zLabelFormat, "", "Bytes", "Cards", "Artifacts", "Deltas");
1380	}
1381
1382	while( go ){
1383	int newPhantom = 0;
1384	char *zRandomness;
1385
	@@ -1374,25 +1392,28 @@
1392	}
1393
1394	/* Generate gimme cards for phantoms and leaf cards
1395	** for all leaves.
1396	*/
1397	if( (syncFlags & SYNC_PULL)!=0
1398	\|\| ((syncFlags & SYNC_CLONE)!=0 && cloneSeqno==1)
1399	){
1400	request_phantoms(&xfer, mxPhantomReq);
1401	}
1402	if( syncFlags & SYNC_PUSH ){
1403	send_unsent(&xfer);
1404	nCardSent += send_unclustered(&xfer);
1405	if( syncFlags & SYNC_PRIVATE ) send_private(&xfer);
1406	}
1407
1408	/* Send configuration parameter requests. On a clone, delay sending
1409	** this until the second cycle since the login card might fail on
1410	** the first cycle.
1411	*/
1412	if( configRcvMask && ((syncFlags & SYNC_CLONE)==0 \|\| nCycle>0) ){
1413	const char *zName;
1414	if( zOpType==0 ) zOpType = "Pull";
1415	zName = configure_first_name(configRcvMask);
1416	while( zName ){
1417	blob_appendf(&send, "reqconfig %s\n", zName);
1418	zName = configure_next_name(configRcvMask);
1419	nCardSent++;
	@@ -1407,10 +1428,11 @@
1428	configRcvMask = 0;
1429	}
1430
1431	/* Send configuration parameters being pushed */
1432	if( configSendMask ){
1433	if( zOpType==0 ) zOpType = "Push";
1434	if( configSendMask & CONFIGSET_OLDFORMAT ){
1435	const char *zName;
1436	zName = configure_first_name(configSendMask);
1437	while( zName ){
1438	send_legacy_config_card(&xfer, zName);
	@@ -1430,42 +1452,50 @@
1452	zRandomness = db_text(0, "SELECT hex(randomblob(20))");
1453	blob_appendf(&send, "# %s\n", zRandomness);
1454	free(zRandomness);
1455
1456	/* Exchange messages with the server */
1457	if( syncFlags & SYNC_VERBOSE ){
1458	fossil_print(zValueFormat, "Sent:",
1459	blob_size(&send), nCardSent+xfer.nGimmeSent+xfer.nIGotSent,
1460	xfer.nFileSent, xfer.nDeltaSent);
1461	}else{
1462	nRoundtrip++;
1463	nArtifactSent += xfer.nFileSent + xfer.nDeltaSent;
1464	fossil_print(zBriefFormat, nRoundtrip, nArtifactSent, nArtifactRcvd);
1465	}
1466	nCardSent = 0;
1467	nCardRcvd = 0;
1468	xfer.nFileSent = 0;
1469	xfer.nDeltaSent = 0;
1470	xfer.nGimmeSent = 0;
1471	xfer.nIGotSent = 0;
1472	if( syncFlags & SYNC_VERBOSE ){
1473	fossil_print("waiting for server...");
1474	}
1475	fflush(stdout);
1476	if( http_exchange(&send, &recv, (syncFlags & SYNC_CLONE)==0 \|\| nCycle>0) ){
1477	nErr++;
1478	break;
1479	}
1480	lastPctDone = -1;
1481	blob_reset(&send);
1482	rArrivalTime = db_double(0.0, "SELECT julianday('now')");
1483
1484	/* Send the send-private pragma if we are trying to sync private data */
1485	if( syncFlags & SYNC_PRIVATE ){
1486	blob_append(&send, "pragma send-private\n", -1);
1487	}
1488
1489	/* Begin constructing the next message (which might never be
1490	** sent) by beginning with the pull or push cards
1491	*/
1492	if( syncFlags & SYNC_PULL ){
1493	blob_appendf(&send, "pull %s %s\n", zSCode, zPCode);
1494	nCardSent++;
1495	}
1496	if( syncFlags & SYNC_PUSH ){
1497	blob_appendf(&send, "push %s %s\n", zSCode, zPCode);
1498	nCardSent++;
1499	}
1500	go = 0;
1501
	@@ -1493,11 +1523,11 @@
1523	nCardRcvd++;
1524	continue;
1525	}
1526	xfer.nToken = blob_tokenize(&xfer.line, xfer.aToken, count(xfer.aToken));
1527	nCardRcvd++;
1528	if( (syncFlags & SYNC_VERBOSE)!=0 && recv.nUsed>0 ){
1529	pctDone = (recv.iCursor*100)/recv.nUsed;
1530	if( pctDone!=lastPctDone ){
1531	fossil_print("\rprocessed: %d%% ", pctDone);
1532	lastPctDone = pctDone;
1533	fflush(stdout);
	@@ -1508,20 +1538,22 @@
1538	** file UUID DELTASRC SIZE \n CONTENT
1539	**
1540	** Receive a file transmitted from the server.
1541	*/
1542	if( blob_eq(&xfer.aToken[0],"file") ){
1543	xfer_accept_file(&xfer, (syncFlags & SYNC_CLONE)!=0);
1544	nArtifactRcvd++;
1545	}else
1546
1547	/* cfile UUID USIZE CSIZE \n CONTENT
1548	** cfile UUID DELTASRC USIZE CSIZE \n CONTENT
1549	**
1550	** Receive a compressed file transmitted from the server.
1551	*/
1552	if( blob_eq(&xfer.aToken[0],"cfile") ){
1553	xfer_accept_compressed_file(&xfer);
1554	nArtifactRcvd++;
1555	}else
1556
1557	/* gimme UUID
1558	**
1559	** Server is requesting a file. If the file is a manifest, assume
	@@ -1530,11 +1562,11 @@
1562	*/
1563	if( blob_eq(&xfer.aToken[0], "gimme")
1564	&& xfer.nToken==2
1565	&& blob_is_uuid(&xfer.aToken[1])
1566	){
1567	if( syncFlags & SYNC_PUSH ){
1568	int rid = rid_from_uuid(&xfer.aToken[1], 0, 0);
1569	if( rid ) send_file(&xfer, rid, &xfer.aToken[1], 0);
1570	}
1571	}else
1572
	@@ -1559,11 +1591,11 @@
1591	rid = rid_from_uuid(&xfer.aToken[1], 0, 0);
1592	if( rid>0 ){
1593	if( !isPriv ) content_make_public(rid);
1594	}else if( isPriv && !g.perm.Private ){
1595	/* ignore private files */
1596	}else if( (syncFlags & (SYNC_PULL\|SYNC_CLONE))!=0 ){
1597	rid = content_new(blob_str(&xfer.aToken[1]), isPriv);
1598	if( rid ) newPhantom = 1;
1599	}
1600	remote_has(rid);
1601	}else
	@@ -1574,11 +1606,11 @@
1606	** Should only happen in response to a clone. This message tells
1607	** the client what product to use for the new database.
1608	*/
1609	if( blob_eq(&xfer.aToken[0],"push")
1610	&& xfer.nToken==3
1611	&& (syncFlags & SYNC_CLONE)!=0
1612	&& blob_is_uuid(&xfer.aToken[1])
1613	&& blob_is_uuid(&xfer.aToken[2])
1614	){
1615	if( blob_eq_str(&xfer.aToken[1], zSCode, -1) ){
1616	fossil_fatal("server loop");
	@@ -1604,11 +1636,12 @@
1636	Blob content;
1637	blob_zero(&content);
1638	blob_extract(xfer.pIn, size, &content);
1639	g.perm.Admin = g.perm.RdAddr = 1;
1640	configure_receive(zName, &content, origConfigRcvMask);
1641	nCardRcvd++;
1642	nArtifactRcvd++;
1643	blob_reset(&content);
1644	blob_seek(xfer.pIn, 1, BLOB_SEEK_CUR);
1645	}else
1646
1647
	@@ -1655,12 +1688,12 @@
1688	** to the next cycle.
1689	*/
1690	if( blob_eq(&xfer.aToken[0],"message") && xfer.nToken==2 ){
1691	char *zMsg = blob_terminate(&xfer.aToken[1]);
1692	defossilize(zMsg);
1693	if( (syncFlags & SYNC_PUSH) && zMsg && strglob("pull only *", zMsg) ){
1694	syncFlags &= ~SYNC_PUSH;
1695	zMsg = 0;
1696	}
1697	fossil_print("\rServer says: %s\n", zMsg);
1698	}else
1699
	@@ -1683,11 +1716,11 @@
1716	** is returned in the reply before the error card, so second and
1717	** subsequent messages should be OK. Nevertheless, we need to ignore
1718	** the error card on the first message of a clone.
1719	*/
1720	if( blob_eq(&xfer.aToken[0],"error") && xfer.nToken==2 ){
1721	if( (syncFlags & SYNC_CLONE)==0 \|\| nCycle>0 ){
1722	char *zMsg = blob_terminate(&xfer.aToken[1]);
1723	defossilize(zMsg);
1724	if( fossil_strcmp(zMsg, "login failed")==0 ){
1725	if( nCycle<2 ){
1726	if( !g.dontKeepUrl ) db_unset("last-sync-pw", 0);
	@@ -1727,14 +1760,16 @@
1760	&& (configRcvMask & CONFIGSET_OLDFORMAT)!=0
1761	){
1762	configure_finalize_receive();
1763	}
1764	origConfigRcvMask = 0;
1765	if( nCardRcvd>0 && (syncFlags & SYNC_VERBOSE) ){
1766	fossil_print(zValueFormat, "Received:",
1767	blob_size(&recv), nCardRcvd,
1768	xfer.nFileRcvd, xfer.nDeltaRcvd + xfer.nDanglingFile);
1769	}else{
1770	fossil_print(zBriefFormat, nRoundtrip, nArtifactSent, nArtifactRcvd);
1771	}
1772	blob_reset(&recv);
1773	nCycle++;
1774
1775	/* If we received one or more files on the previous exchange but
	@@ -1743,11 +1778,11 @@
1778	nFileRecv = xfer.nFileRcvd + xfer.nDeltaRcvd + xfer.nDanglingFile;
1779	if( (nFileRecv>0 \|\| newPhantom) && db_exists("SELECT 1 FROM phantom") ){
1780	go = 1;
1781	mxPhantomReq = nFileRecv*2;
1782	if( mxPhantomReq<200 ) mxPhantomReq = 200;
1783	}else if( (syncFlags & SYNC_CLONE)!=0 && nFileRecv>0 ){
1784	go = 1;
1785	}
1786	nCardRcvd = 0;
1787	xfer.nFileRcvd = 0;
1788	xfer.nDeltaRcvd = 0;
	@@ -1759,25 +1794,27 @@
1794	if( xfer.nFileSent+xfer.nDeltaSent>0 ){
1795	go = 1;
1796	}
1797
1798	/* If this is a clone, the go at least two rounds */
1799	if( (syncFlags & SYNC_CLONE)!=0 && nCycle==1 ) go = 1;
1800
1801	/* Stop the cycle if the server sends a "clone_seqno 0" card and
1802	** we have gone at least two rounds. Always go at least two rounds
1803	** on a clone in order to be sure to retrieve the configuration
1804	** information which is only sent on the second round.
1805	*/
1806	if( cloneSeqno<=0 && nCycle>1 ) go = 0;
1807	};
1808	transport_stats(&nSent, &nRcvd, 1);
1809	if( (syncFlags & SYNC_VERBOSE)==0 ) fossil_print("\n");
1810	fossil_print(
1811	"%s finished with %lld bytes sent, %lld bytes received\n",
1812	zOpType, nSent, nRcvd);
1813	transport_close();
1814	transport_global_shutdown();
1815	db_multi_exec("DROP TABLE onremote");
1816	manifest_crosslink_end();
1817	content_enable_dephantomize(1);
1818	db_end_transaction(0);
1819	return nErr;
1820	}
1821

M win/Makefile.mingw

+2 -2

		--- win/Makefile.mingw
		+++ win/Makefile.mingw
		@@ -13,15 +13,15 @@
13	13	#
14	14
15	15	#### Select one of MinGW, MinGW-64 (32-bit) or MinGW-w64 (64-bit) compilers.
16	16	# By default, this is an empty string (i.e. use the native compiler).
17	17	#
18		-PREFIX =
	18	+# PREFIX =
19	19	# PREFIX = mingw32-
20	20	# PREFIX = i686-pc-mingw32-
21	21	# PREFIX = i686-w64-mingw32-
22		-# PREFIX = x86_64-w64-mingw32-
	22	+PREFIX = x86_64-w64-mingw32-
23	23
24	24	#### The toplevel directory of the source tree. Fossil can be built
25	25	# in a directory that is separate from the source tree. Just change
26	26	# the following to point from the build directory to the src/ folder.
27	27	#
28	28

	--- win/Makefile.mingw
	+++ win/Makefile.mingw
	@@ -13,15 +13,15 @@
13	#
14
15	#### Select one of MinGW, MinGW-64 (32-bit) or MinGW-w64 (64-bit) compilers.
16	# By default, this is an empty string (i.e. use the native compiler).
17	#
18	PREFIX =
19	# PREFIX = mingw32-
20	# PREFIX = i686-pc-mingw32-
21	# PREFIX = i686-w64-mingw32-
22	# PREFIX = x86_64-w64-mingw32-
23
24	#### The toplevel directory of the source tree. Fossil can be built
25	# in a directory that is separate from the source tree. Just change
26	# the following to point from the build directory to the src/ folder.
27	#
28

	--- win/Makefile.mingw
	+++ win/Makefile.mingw
	@@ -13,15 +13,15 @@
13	#
14
15	#### Select one of MinGW, MinGW-64 (32-bit) or MinGW-w64 (64-bit) compilers.
16	# By default, this is an empty string (i.e. use the native compiler).
17	#
18	# PREFIX =
19	# PREFIX = mingw32-
20	# PREFIX = i686-pc-mingw32-
21	# PREFIX = i686-w64-mingw32-
22	PREFIX = x86_64-w64-mingw32-
23
24	#### The toplevel directory of the source tree. Fossil can be built
25	# in a directory that is separate from the source tree. Just change
26	# the following to point from the build directory to the src/ folder.
27	#
28

M win/Makefile.mingw

+2 -2

		--- win/Makefile.mingw
		+++ win/Makefile.mingw
		@@ -13,15 +13,15 @@
13	13	#
14	14
15	15	#### Select one of MinGW, MinGW-64 (32-bit) or MinGW-w64 (64-bit) compilers.
16	16	# By default, this is an empty string (i.e. use the native compiler).
17	17	#
18		-PREFIX =
	18	+# PREFIX =
19	19	# PREFIX = mingw32-
20	20	# PREFIX = i686-pc-mingw32-
21	21	# PREFIX = i686-w64-mingw32-
22		-# PREFIX = x86_64-w64-mingw32-
	22	+PREFIX = x86_64-w64-mingw32-
23	23
24	24	#### The toplevel directory of the source tree. Fossil can be built
25	25	# in a directory that is separate from the source tree. Just change
26	26	# the following to point from the build directory to the src/ folder.
27	27	#
28	28

	--- win/Makefile.mingw
	+++ win/Makefile.mingw
	@@ -13,15 +13,15 @@
13	#
14
15	#### Select one of MinGW, MinGW-64 (32-bit) or MinGW-w64 (64-bit) compilers.
16	# By default, this is an empty string (i.e. use the native compiler).
17	#
18	PREFIX =
19	# PREFIX = mingw32-
20	# PREFIX = i686-pc-mingw32-
21	# PREFIX = i686-w64-mingw32-
22	# PREFIX = x86_64-w64-mingw32-
23
24	#### The toplevel directory of the source tree. Fossil can be built
25	# in a directory that is separate from the source tree. Just change
26	# the following to point from the build directory to the src/ folder.
27	#
28

	--- win/Makefile.mingw
	+++ win/Makefile.mingw
	@@ -13,15 +13,15 @@
13	#
14
15	#### Select one of MinGW, MinGW-64 (32-bit) or MinGW-w64 (64-bit) compilers.
16	# By default, this is an empty string (i.e. use the native compiler).
17	#
18	# PREFIX =
19	# PREFIX = mingw32-
20	# PREFIX = i686-pc-mingw32-
21	# PREFIX = i686-w64-mingw32-
22	PREFIX = x86_64-w64-mingw32-
23
24	#### The toplevel directory of the source tree. Fossil can be built
25	# in a directory that is separate from the source tree. Just change
26	# the following to point from the build directory to the src/ folder.
27	#
28

Fossil SCM

Keyboard Shortcuts