Index: cgi.c --- cgi.c.orig 2006-12-14 01:45:51.000000000 +0100 +++ cgi.c 2015-01-12 12:25:55.196337822 +0100 @@ -60,8 +60,7 @@ ** Provide a reliable implementation of a caseless string comparison ** function. */ -#define stricmp sqlite3StrICmp -extern int sqlite3StrICmp(const char*, const char*); +#define stricmp strcasecmp /* ** The body of the HTTP reply text is stored here. Index: common.c --- common.c.orig 2006-12-14 01:29:24.000000000 +0100 +++ common.c 2015-01-12 12:25:55.196337822 +0100 @@ -397,7 +397,7 @@ /* We don't want to be redirected back to captcha page, but ratehr to ** one from which we were redirected to captcha in the first place. */ - const char *zUri = (P("cnxp")!=0) ? P("cnxp") : getenv("REQUEST_URI"); + const char *zUri = (P("nxp")!=0) ? P("nxp") : getenv("REQUEST_URI"); @ @ Not logged in } Index: config.h --- config.h.orig 2007-01-28 00:29:40.000000000 +0100 +++ config.h 2015-01-12 12:25:55.196337822 +0100 @@ -93,3 +93,4 @@ # undef CVSTRAC_I18N # define CVSTRAC_I18N 0 #endif + Index: db.c --- db.c.orig 2007-01-28 19:40:07.000000000 +0100 +++ db.c 2015-01-12 12:25:55.196337822 +0100 @@ -125,7 +125,6 @@ ** routine NULLs-out fields of the database we do not want arbitrary ** users to see, such as the USER.PASSWD field. */ -extern int sqlite3StrICmp(const char*, const char*); static int access_authorizer( void *NotUsed, int type, @@ -141,34 +140,34 @@ return SQLITE_OK; #endif }else if( type==SQLITE_READ ){ - if( sqlite3StrICmp(zArg1,"user")==0 ){ - if( sqlite3StrICmp(zArg2,"passwd")==0 || sqlite3StrICmp(zArg2,"email")==0 ){ + if( strcasecmp(zArg1,"user")==0 ){ + if( strcasecmp(zArg2,"passwd")==0 || strcasecmp(zArg2,"email")==0 ){ return SQLITE_IGNORE; } - }else if( sqlite3StrICmp(zArg1, "cookie")==0 ){ + }else if( strcasecmp(zArg1, "cookie")==0 ){ return SQLITE_IGNORE; - }else if( sqlite3StrICmp(zArg1, "config")==0 ){ + }else if( strcasecmp(zArg1, "config")==0 ){ return SQLITE_IGNORE; - }else if( !g.okSetup && sqlite3StrICmp(zArg1, "access_load")==0 ){ + }else if( !g.okSetup && strcasecmp(zArg1, "access_load")==0 ){ return SQLITE_IGNORE; - }else if( (!g.okWrite || g.isAnon) && sqlite3StrICmp(zArg1,"ticket")==0 - && sqlite3StrICmp(zArg2,"contact")==0){ + }else if( (!g.okWrite || g.isAnon) && strcasecmp(zArg1,"ticket")==0 + && strcasecmp(zArg2,"contact")==0){ return SQLITE_IGNORE; - }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"chng")==0 ){ + }else if( !g.okRead && strcasecmp(zArg1,"chng")==0 ){ return SQLITE_IGNORE; - }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"filechng")==0 ){ + }else if( !g.okCheckout && strcasecmp(zArg1,"filechng")==0 ){ return SQLITE_IGNORE; - }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"file")==0 ){ + }else if( !g.okCheckout && strcasecmp(zArg1,"file")==0 ){ return SQLITE_IGNORE; - }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"inspect")==0 ){ + }else if( !g.okRead && strcasecmp(zArg1,"inspect")==0 ){ return SQLITE_IGNORE; - }else if( !g.okRead && sqlite3StrICmp(zArg1,"ticket")==0 ){ + }else if( !g.okRead && strcasecmp(zArg1,"ticket")==0 ){ return SQLITE_IGNORE; - }else if( !g.okRead && sqlite3StrICmp(zArg1,"tktchng")==0 ){ + }else if( !g.okRead && strcasecmp(zArg1,"tktchng")==0 ){ return SQLITE_IGNORE; - }else if( !g.okRdWiki && sqlite3StrICmp(zArg1,"attachment")==0 ){ + }else if( !g.okRdWiki && strcasecmp(zArg1,"attachment")==0 ){ return SQLITE_IGNORE; - }else if( !g.okRdWiki && sqlite3StrICmp(zArg1,"wiki")==0 ){ + }else if( !g.okRdWiki && strcasecmp(zArg1,"wiki")==0 ){ return SQLITE_IGNORE; } return SQLITE_OK; @@ -672,7 +671,6 @@ ** name as an argument and returns the value that the user enters in the ** resulting HTML form. A second optional parameter provides a default value. */ -extern int sqlite3StrICmp(const char*, const char*); static void f_aux(sqlite3_context *context, int argc, sqlite3_value **argv){ int i; const char *zParm; @@ -682,7 +680,7 @@ if( zParm==0 ) return; for(i=0; i0 ){ char *zOut = calloc(nBytes,1); Index: format.c --- format.c.orig 2007-01-28 23:50:24.000000000 +0100 +++ format.c 2015-01-12 12:25:55.196337822 +0100 @@ -701,11 +701,10 @@ ** Return TRUE if the HTML element given in the argument is a form of ** external reference (i.e. A, IMG, etc). */ -extern int sqlite3StrNICmp(const char *, const char*, int); static int isLinkTag(const char *zElem, int nElem){ - return (nElem==1 && 0==sqlite3StrNICmp(zElem,"A",nElem)) - || (nElem==3 && 0==sqlite3StrNICmp(zElem,"IMG",nElem)) - || (nElem==4 && 0==sqlite3StrNICmp(zElem,"CITE",nElem)); + return (nElem==1 && 0==strncasecmp(zElem,"A",nElem)) + || (nElem==3 && 0==strncasecmp(zElem,"IMG",nElem)) + || (nElem==4 && 0==strncasecmp(zElem,"CITE",nElem)); } /* @@ -713,12 +712,11 @@ ** before it ends, then return the number of characters through the end of ** the . If the or the is missing, return 0. */ -extern int sqlite3StrNICmp(const char *, const char*, int); static int is_html(const char *z){ int i; - if( sqlite3StrNICmp(z, "", 6) ) return 0; + if( strncasecmp(z, "", 6) ) return 0; for(i=6; z[i]; i++){ - if( z[i]=='<' && sqlite3StrNICmp(&z[i],"",7)==0 ) return i+7; + if( z[i]=='<' && strncasecmp(&z[i],"",7)==0 ) return i+7; } return 0; } @@ -778,7 +776,7 @@ if( az && az[0] && az[1] ){ cgi_printf("",zLink,az[0]); /* FIXME: should use a with the ticket status as a class */ - if( az[1][0] == 'n' || az[1][0] == 'a' ){ + if( az[1][0] != 'c' ){ cgi_printf("#%d",tn); }else{ cgi_printf("#%d",tn); Index: makeheaders.c --- makeheaders.c.orig 2006-12-14 01:35:46.000000000 +0100 +++ makeheaders.c 2015-01-12 12:25:55.196337822 +0100 @@ -2136,7 +2136,7 @@ zArg++; } if( *zArg==0 || *zArg=='\n' ){ return 0; } - nArg = pToken->nText + (int)pToken->zText - (int)zArg; + nArg = pToken->nText + pToken->zText - zArg; if( nArg==9 && strncmp(zArg,"INTERFACE",9)==0 ){ PushIfMacro(0,0,0,pToken->nLine,PS_Interface); }else if( nArg==16 && strncmp(zArg,"EXPORT_INTERFACE",16)==0 ){ @@ -2155,7 +2155,7 @@ zArg++; } if( *zArg==0 || *zArg=='\n' ){ return 0; } - nArg = pToken->nText + (int)pToken->zText - (int)zArg; + nArg = pToken->nText + pToken->zText - zArg; PushIfMacro("defined",zArg,nArg,pToken->nLine,0); }else if( nCmd==6 && strncmp(zCmd,"ifndef",6)==0 ){ /* @@ -2166,7 +2166,7 @@ zArg++; } if( *zArg==0 || *zArg=='\n' ){ return 0; } - nArg = pToken->nText + (int)pToken->zText - (int)zArg; + nArg = pToken->nText + pToken->zText - zArg; PushIfMacro("!defined",zArg,nArg,pToken->nLine,0); }else if( nCmd==4 && strncmp(zCmd,"else",4)==0 ){ /* @@ -2792,7 +2792,7 @@ fprintf(stderr, "%s: Can't overwrite this file because it wasn't previously\n" "%*s generated by 'makeheaders'.\n", - pFile->zHdr, strlen(pFile->zHdr), ""); + pFile->zHdr, (int)strlen(pFile->zHdr), ""); nErr++; }else if( strcmp(zOldVersion,zNewVersion)!=0 ){ if( report ) fprintf(report,"updated\n"); @@ -2951,10 +2951,10 @@ pDecl->zName, zLabel, pDecl->zFile, - pDecl->pComment ? (int)pDecl->pComment/sizeof(Token) : 0, + pDecl->pComment ? /* TOTALLY BOGUS: (int)pDecl->pComment/sizeof(Token) */ 0 : 0, pDecl->pComment ? pDecl->pComment->nText+1 : 0, - pDecl->zIf ? strlen(pDecl->zIf)+1 : 0, - zDecl ? strlen(zDecl) : 0, + pDecl->zIf ? (int)strlen(pDecl->zIf)+1 : 0, + zDecl ? (int)strlen(zDecl) : 0, pDecl->pComment ? pDecl->pComment->nLine : 0, pDecl->tokenCode.nText ? pDecl->tokenCode.nText+1 : 0 ); Index: search.c --- search.c.orig 2006-12-14 01:27:25.000000000 +0100 +++ search.c 2015-01-12 12:26:14.276338772 +0100 @@ -31,7 +31,6 @@ /* ** We'll use this routine in several places. */ -extern int sqlite3StrNICmp(const char*,const char*,int); /* ** Search for a keyword in text. Return a matching score: @@ -54,7 +53,7 @@ } if( n<=0 ) n = strlen(zWord); for(i=0; zText[i]; i++){ - if( (zText[i]==c1 || zText[i]==c2) && sqlite3StrNICmp(zWord,&zText[i],n)==0){ + if( (zText[i]==c1 || zText[i]==c2) && strncasecmp(zWord,&zText[i],n)==0){ int score = 6; if( (i==0 || !isalnum(zText[i-1])) && (zText[i+n]==0 || !isalnum(zText[i+n])) ){ @@ -282,7 +281,7 @@ int n; if( tolower(c)!=tolower(azKey[k][0]) ) continue; n = keySize[k]; - if( sqlite3StrNICmp(&zAll[j],azKey[k],n)==0 ){ + if( strncasecmp(&zAll[j],azKey[k],n)==0 ){ strcpy(z,""); z += 3; while( n ){ Index: svn.c --- svn.c.orig 2006-12-14 01:27:25.000000000 +0100 +++ svn.c 2015-01-12 12:25:55.196337822 +0100 @@ -205,7 +205,10 @@ * If there's no repository defined, bail and wait until the admin sets one. */ zRoot = db_config("cvsroot",""); - if( zRoot[0]==0 ) return 1; + if( zRoot[0]==0 ) { + db_execute("COMMIT"); + return 1; + } nBaseRevision = atoi(db_config("historysize","0")); if( nBaseRevision Index: throttle.c --- throttle.c.orig 2006-05-25 10:20:24.000000000 +0200 +++ throttle.c 2015-01-12 12:25:55.206345099 +0100 @@ -165,7 +165,7 @@ } if( zUrl==0 ) zUrl = "index"; - cgi_redirect(mprintf("captcha?cnxp=%T", zUrl)); + cgi_redirect(mprintf("captcha?nxp=%T", zUrl)); }else if( overload && exitOnOverload ){ /* Just block the client */ lockout(); Index: ticket.c --- ticket.c.orig 2006-12-14 01:33:31.000000000 +0100 +++ ticket.c 2015-01-12 12:25:55.206345099 +0100 @@ -392,7 +392,7 @@ @ @ @ Assigned To: - az = db_query("SELECT id FROM user UNION SELECT '' ORDER BY id"); + az = db_query("SELECT id FROM user WHERE capabilities LIKE '%%w%%' UNION SELECT '' ORDER BY id"); cgi_v_optionmenu(0, "w", zWho, (const char **)az); db_query_free(az); @ @@ -1335,7 +1335,7 @@ @ @ Assigned To: azUsers = (const char**)db_query( - "SELECT id FROM user UNION SELECT '' ORDER BY id"); + "SELECT id FROM user WHERE capabilities LIKE '%%w%%' UNION SELECT '' ORDER BY id"); cgi_v_optionmenu(0, "a", aParm[4].zNew, azUsers); @ @     @@ -1463,14 +1463,16 @@ const char *zTn; char *zErrMsg = 0; char *zTktTitle; + const char *zOwner; login_check_credentials(); - if( !g.okWrite ){ login_needed(); return; } throttle(1,1); tn = rn = 0; zTn = PD("tn",""); sscanf(zTn, "%d,%d", &tn, &rn); if( tn<=0 ){ cgi_redirect("index"); return; } + zOwner = db_short_query("SELECT owner FROM ticket WHERE tn=%d", tn); + if( !g.okWrite && !(zOwner != NULL && strcmp(zOwner, g.zUser) == 0) ){ login_needed(); return; } bprintf(zPage,sizeof(zPage),"%d",tn); doPreview = P("pre")!=0; doSubmit = P("submit")!=0; Index: view.c --- view.c.orig 2007-01-28 00:29:39.000000000 +0100 +++ view.c 2015-01-12 12:25:55.206345099 +0100 @@ -219,8 +219,6 @@ ** pointer to an error message string (obtained from malloc) if ** there is a problem. */ -extern int sqlite3StrNICmp(const char*,const char*,int); -extern int sqlite3StrICmp(const char*,const char*); char *verify_sql_statement(char *zSql){ int i; @@ -228,7 +226,7 @@ ** the first token is "SELECT" and that there are no unquoted semicolons. */ for(i=0; isspace(zSql[i]); i++){} - if( sqlite3StrNICmp(&zSql[i],"select",6)!=0 ){ + if( strncasecmp(&zSql[i],"select",6)!=0 ){ return mprintf("The SQL must be a SELECT statement"); } for(i=0; zSql[i]; i++){