92 Commits

Author SHA1 Message Date
67eb8b6428 sandbox: adjust to latest qssb.h 2021-09-23 17:13:08 +02:00
f26fd19fb4 submodules: sync with latest upstream 2021-09-23 17:13:08 +02:00
204a72da1f setup: Fix broken FTS DELETE op
Thie previous DELETE statement lead to strange
behaviours. It was pure luck this did not blow up
before all these years. It appears it may leave the index
in an undefined state, and the database recently started
to display strange behaviour in connection with newer sqlite
version.

Now, just remove the previous revision from the FTS index,
as for now, search only cares about the most recent revisions.

Also, remove redundant UPDATE trigger on revision table
We never update revisions, thus such trigger is simply
redundant.

Relevant: https://gitlab.gnome.org/GNOME/tracker/-/merge_requests/353
2021-09-23 17:13:08 +02:00
88816a4015 utils: html_xss(): Add ' and &
They REALLY should have been there from the beginning...
2021-06-15 18:37:52 +02:00
a930b7aea6 submodules: sync with latest upstream 2021-04-18 13:35:43 +02:00
250e4a94a6 Authenticator: pbkd5(): Mark as const 2021-04-18 13:35:43 +02:00
ac56b2f61d Random: Mark getRandom* const 2021-04-18 13:35:43 +02:00
4dc688f9eb utils: split: Rename all splitBy*() variants to split() 2021-04-18 13:35:02 +02:00
b995362d1f HandlerLogin: Remove dead code 2021-04-16 16:37:34 +02:00
9f9fd2920b template: Remove user_changepw, it's usersettings now 2021-04-16 16:37:34 +02:00
70c4bfaffa Introduce HandlerUserSettings to change user settings, e. g. pw changes 2021-04-16 16:37:34 +02:00
ac99894157 HandlerLogin: Use Authenticator, drop own logic 2021-03-26 23:02:03 +01:00
5693911e01 Introduce Authenticator: Centralizes Authentication/password check logic 2021-03-26 22:48:26 +01:00
e322587d07 Add usersettings template and config values 2021-03-26 22:45:09 +01:00
9840dbbeff Random: add getRandom(), returning std::vector<char> 2021-03-26 22:44:08 +01:00
d507c507e4 handlersearch: Allow all characters by escaping FTS
Escape FTS queries by simply treating everything as string.
Though this way a user cannot use operators, it's an improvement
over how it was done before.

Closes: #7
2021-03-25 21:44:02 +01:00
2aa11fc2b2 HandlerPageView: Add misisng check whether passed revision is most recent 2021-03-16 21:05:59 +01:00
e4562809a0 handlerpageedit: Retain comment when clicking preview 2021-03-08 11:37:45 +01:00
00392e2469 Parser: Add category to tagfinder to replace it with an empty str 2021-03-02 23:36:19 +01:00
dac07d23a9 HandlerPageView: Use revision from db, not query param, as template value.
Not a vulnerability, but more correct this way.
2021-01-29 16:46:13 +01:00
0c66fdf70d Handler: queryOption: Take default sort order param. History: default descending 2020-12-31 16:15:36 +01:00
b9ff4068bd Handler: QueryOptions: Change default to more natural ascending sort 2020-12-29 23:36:07 +01:00
821d799e3e submodules: sync each with latest repo HEAD 2020-11-20 15:53:16 +01:00
a6c08a3447 Parser: reformat and remove dead code 2020-11-15 20:27:48 +01:00
cd7e99bf30 template/quitesimple: insert missing space 2020-10-12 22:13:32 +02:00
bc24035f4d submodule/cpp-httplib: update to current release 2020-09-26 17:28:57 +02:00
75f76f58eb sandbox: First version using qssb.h 2020-09-26 17:13:29 +02:00
5abaaf67d0 HandlerPageView: Prevent viewing older revisions if not allowed 2020-09-21 21:44:26 +02:00
d974d4bfb6 Update git submodules 2020-09-06 12:19:12 +02:00
721348268a template/quitesimple: footer: Don't show login and edit time in portrait mode 2020-08-23 22:03:21 +02:00
de240786c7 Update README.md: Document build with git submodules 2020-08-23 17:38:06 +02:00
192c533f1f handlerlogin: Fix typo in error message 2020-08-23 17:29:33 +02:00
84b55f6e96 gitmodules: update qssb.h repo location 2020-08-23 17:20:25 +02:00
09ac87736d utils: localtime is not threadsafe, use localtime_r 2020-04-20 16:29:34 +02:00
3b2578b7f9 utils: simplify/optimize escaping 2020-04-19 22:45:51 +02:00
e435e84bfa random: cleanup, assume getrandom libc wrapper exists 2020-04-19 17:03:06 +02:00
f73dd3b295 Makefile: remove redundancies 2020-04-19 17:03:06 +02:00
c507c200a6 add qssb.h submodule 2020-04-19 17:03:06 +02:00
b53aeadb8e don't link with boost anymore as regex is handled by std now 2020-04-19 17:02:21 +02:00
8595978560 get header-only library dependencies using git submodules 2020-03-18 22:21:03 +01:00
5df89f0491 replace boost regex with std 2020-03-18 22:00:15 +01:00
71bfa56e3b template: remove some unnecessary newlines 2019-10-31 21:43:57 +01:00
0a2a943e5b Permissions: Fix missing initialization with 0 in some cases 2019-10-02 23:36:35 +02:00
0f6d1abbd5 remove spaces etc. at end of line (no functional change) 2019-10-02 22:06:19 +02:00
559baf65da remove straying tabs on line end (no functional change) 2019-10-02 21:53:32 +02:00
1c646fa165 make html <title></title> configurable 2019-10-02 21:40:58 +02:00
7fc9c090ed sync dependencies with upstream 2019-09-30 20:20:41 +02:00
d9de46354e Handlers: set page title 2019-09-29 21:34:53 +02:00
ec10c764d5 RequestWorker: take unique ptr (fixes regression) 2019-09-29 21:34:21 +02:00
8364ace683 Introduce proper HandlerFactory and reduce dependencies of RequestWorker 2019-09-29 20:57:46 +02:00