You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
348 lines
13 KiB
348 lines
13 KiB
Index: cgi.c |
|
--- cgi.c.orig 2006-12-14 01:45:51.000000000 +0100 |
|
+++ cgi.c 2015-01-12 12:25:55.196337822 +0100 |
|
@@ -60,8 +60,7 @@ |
|
** Provide a reliable implementation of a caseless string comparison |
|
** function. |
|
*/ |
|
-#define stricmp sqlite3StrICmp |
|
-extern int sqlite3StrICmp(const char*, const char*); |
|
+#define stricmp strcasecmp |
|
|
|
/* |
|
** The body of the HTTP reply text is stored here. |
|
Index: common.c |
|
--- common.c.orig 2006-12-14 01:29:24.000000000 +0100 |
|
+++ common.c 2015-01-12 12:25:55.196337822 +0100 |
|
@@ -397,7 +397,7 @@ |
|
/* We don't want to be redirected back to captcha page, but ratehr to |
|
** one from which we were redirected to captcha in the first place. |
|
*/ |
|
- const char *zUri = (P("cnxp")!=0) ? P("cnxp") : getenv("REQUEST_URI"); |
|
+ const char *zUri = (P("nxp")!=0) ? P("nxp") : getenv("REQUEST_URI"); |
|
@ <a href="honeypot"><small><notatag arg="meaningless"></small></a> |
|
@ <small><a href="login?nxp=%T(zUri)" title="Log in">Not logged in</a></small> |
|
} |
|
Index: config.h |
|
--- config.h.orig 2007-01-28 00:29:40.000000000 +0100 |
|
+++ config.h 2015-01-12 12:25:55.196337822 +0100 |
|
@@ -93,3 +93,4 @@ |
|
# undef CVSTRAC_I18N |
|
# define CVSTRAC_I18N 0 |
|
#endif |
|
+ |
|
Index: db.c |
|
--- db.c.orig 2007-01-28 19:40:07.000000000 +0100 |
|
+++ db.c 2015-01-12 12:25:55.196337822 +0100 |
|
@@ -125,7 +125,6 @@ |
|
** routine NULLs-out fields of the database we do not want arbitrary |
|
** users to see, such as the USER.PASSWD field. |
|
*/ |
|
-extern int sqlite3StrICmp(const char*, const char*); |
|
static int access_authorizer( |
|
void *NotUsed, |
|
int type, |
|
@@ -141,34 +140,34 @@ |
|
return SQLITE_OK; |
|
#endif |
|
}else if( type==SQLITE_READ ){ |
|
- if( sqlite3StrICmp(zArg1,"user")==0 ){ |
|
- if( sqlite3StrICmp(zArg2,"passwd")==0 || sqlite3StrICmp(zArg2,"email")==0 ){ |
|
+ if( strcasecmp(zArg1,"user")==0 ){ |
|
+ if( strcasecmp(zArg2,"passwd")==0 || strcasecmp(zArg2,"email")==0 ){ |
|
return SQLITE_IGNORE; |
|
} |
|
- }else if( sqlite3StrICmp(zArg1, "cookie")==0 ){ |
|
+ }else if( strcasecmp(zArg1, "cookie")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( sqlite3StrICmp(zArg1, "config")==0 ){ |
|
+ }else if( strcasecmp(zArg1, "config")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( !g.okSetup && sqlite3StrICmp(zArg1, "access_load")==0 ){ |
|
+ }else if( !g.okSetup && strcasecmp(zArg1, "access_load")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( (!g.okWrite || g.isAnon) && sqlite3StrICmp(zArg1,"ticket")==0 |
|
- && sqlite3StrICmp(zArg2,"contact")==0){ |
|
+ }else if( (!g.okWrite || g.isAnon) && strcasecmp(zArg1,"ticket")==0 |
|
+ && strcasecmp(zArg2,"contact")==0){ |
|
return SQLITE_IGNORE; |
|
- }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"chng")==0 ){ |
|
+ }else if( !g.okRead && strcasecmp(zArg1,"chng")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"filechng")==0 ){ |
|
+ }else if( !g.okCheckout && strcasecmp(zArg1,"filechng")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"file")==0 ){ |
|
+ }else if( !g.okCheckout && strcasecmp(zArg1,"file")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"inspect")==0 ){ |
|
+ }else if( !g.okRead && strcasecmp(zArg1,"inspect")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( !g.okRead && sqlite3StrICmp(zArg1,"ticket")==0 ){ |
|
+ }else if( !g.okRead && strcasecmp(zArg1,"ticket")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( !g.okRead && sqlite3StrICmp(zArg1,"tktchng")==0 ){ |
|
+ }else if( !g.okRead && strcasecmp(zArg1,"tktchng")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( !g.okRdWiki && sqlite3StrICmp(zArg1,"attachment")==0 ){ |
|
+ }else if( !g.okRdWiki && strcasecmp(zArg1,"attachment")==0 ){ |
|
return SQLITE_IGNORE; |
|
- }else if( !g.okRdWiki && sqlite3StrICmp(zArg1,"wiki")==0 ){ |
|
+ }else if( !g.okRdWiki && strcasecmp(zArg1,"wiki")==0 ){ |
|
return SQLITE_IGNORE; |
|
} |
|
return SQLITE_OK; |
|
@@ -672,7 +671,6 @@ |
|
** name as an argument and returns the value that the user enters in the |
|
** resulting HTML form. A second optional parameter provides a default value. |
|
*/ |
|
-extern int sqlite3StrICmp(const char*, const char*); |
|
static void f_aux(sqlite3_context *context, int argc, sqlite3_value **argv){ |
|
int i; |
|
const char *zParm; |
|
@@ -682,7 +680,7 @@ |
|
if( zParm==0 ) return; |
|
|
|
for(i=0; i<g.nAux && g.azAuxName[i]; i++){ |
|
- if( sqlite3StrICmp(zParm,g.azAuxName[i])==0 ){ |
|
+ if( strcasecmp(zParm,g.azAuxName[i])==0 ){ |
|
if( g.azAuxVal[i] ){ |
|
sqlite3_result_text(context, g.azAuxVal[i], -1, SQLITE_STATIC); |
|
} |
|
@@ -712,7 +710,6 @@ |
|
** currently selected value. Results may be a single value column or |
|
** two value,description columns. The first result row is the default. |
|
*/ |
|
-extern int sqlite3StrICmp(const char*, const char*); |
|
static void f_option(sqlite3_context *context, int argc, sqlite3_value **argv){ |
|
const char *zParm; |
|
int i; |
|
@@ -722,7 +719,7 @@ |
|
if( zParm==0 ) return; |
|
|
|
for(i=0; i<g.nAux && g.azAuxName[i]; i++){ |
|
- if( sqlite3StrICmp(zParm,g.azAuxName[i])==0 ){ |
|
+ if( strcasecmp(zParm,g.azAuxName[i])==0 ){ |
|
if( g.azAuxVal[i] ){ |
|
sqlite3_result_text(context, g.azAuxVal[i], -1, SQLITE_STATIC); |
|
} |
|
@@ -2020,7 +2017,7 @@ |
|
*/ |
|
static void f_decode(sqlite3_context *context, int argc, sqlite3_value **argv){ |
|
if( argc==2 ) { |
|
- const char *zIn = (const char*)sqlite3_value_text(argv[0]); |
|
+ const char *zIn = (const char*)sqlite3_value_blob(argv[0]); |
|
int nBytes = sqlite3_value_int(argv[1]); |
|
if( zIn && zIn[0] && nBytes>0 ){ |
|
char *zOut = calloc(nBytes,1); |
|
Index: format.c |
|
--- format.c.orig 2007-01-28 23:50:24.000000000 +0100 |
|
+++ format.c 2015-01-12 12:25:55.196337822 +0100 |
|
@@ -701,11 +701,10 @@ |
|
** Return TRUE if the HTML element given in the argument is a form of |
|
** external reference (i.e. A, IMG, etc). |
|
*/ |
|
-extern int sqlite3StrNICmp(const char *, const char*, int); |
|
static int isLinkTag(const char *zElem, int nElem){ |
|
- return (nElem==1 && 0==sqlite3StrNICmp(zElem,"A",nElem)) |
|
- || (nElem==3 && 0==sqlite3StrNICmp(zElem,"IMG",nElem)) |
|
- || (nElem==4 && 0==sqlite3StrNICmp(zElem,"CITE",nElem)); |
|
+ return (nElem==1 && 0==strncasecmp(zElem,"A",nElem)) |
|
+ || (nElem==3 && 0==strncasecmp(zElem,"IMG",nElem)) |
|
+ || (nElem==4 && 0==strncasecmp(zElem,"CITE",nElem)); |
|
} |
|
|
|
/* |
|
@@ -713,12 +712,11 @@ |
|
** before it ends, then return the number of characters through the end of |
|
** the </html>. If the <html> or the </html> is missing, return 0. |
|
*/ |
|
-extern int sqlite3StrNICmp(const char *, const char*, int); |
|
static int is_html(const char *z){ |
|
int i; |
|
- if( sqlite3StrNICmp(z, "<html>", 6) ) return 0; |
|
+ if( strncasecmp(z, "<html>", 6) ) return 0; |
|
for(i=6; z[i]; i++){ |
|
- if( z[i]=='<' && sqlite3StrNICmp(&z[i],"</html>",7)==0 ) return i+7; |
|
+ if( z[i]=='<' && strncasecmp(&z[i],"</html>",7)==0 ) return i+7; |
|
} |
|
return 0; |
|
} |
|
@@ -778,7 +776,7 @@ |
|
if( az && az[0] && az[1] ){ |
|
cgi_printf("<a href=\"%z\" title=\"%h\">",zLink,az[0]); |
|
/* FIXME: should use a <span> with the ticket status as a class */ |
|
- if( az[1][0] == 'n' || az[1][0] == 'a' ){ |
|
+ if( az[1][0] != 'c' ){ |
|
cgi_printf("#%d",tn); |
|
}else{ |
|
cgi_printf("<strike>#%d</strike>",tn); |
|
Index: makeheaders.c |
|
--- makeheaders.c.orig 2006-12-14 01:35:46.000000000 +0100 |
|
+++ makeheaders.c 2015-01-12 12:25:55.196337822 +0100 |
|
@@ -2136,7 +2136,7 @@ |
|
zArg++; |
|
} |
|
if( *zArg==0 || *zArg=='\n' ){ return 0; } |
|
- nArg = pToken->nText + (int)pToken->zText - (int)zArg; |
|
+ nArg = pToken->nText + pToken->zText - zArg; |
|
if( nArg==9 && strncmp(zArg,"INTERFACE",9)==0 ){ |
|
PushIfMacro(0,0,0,pToken->nLine,PS_Interface); |
|
}else if( nArg==16 && strncmp(zArg,"EXPORT_INTERFACE",16)==0 ){ |
|
@@ -2155,7 +2155,7 @@ |
|
zArg++; |
|
} |
|
if( *zArg==0 || *zArg=='\n' ){ return 0; } |
|
- nArg = pToken->nText + (int)pToken->zText - (int)zArg; |
|
+ nArg = pToken->nText + pToken->zText - zArg; |
|
PushIfMacro("defined",zArg,nArg,pToken->nLine,0); |
|
}else if( nCmd==6 && strncmp(zCmd,"ifndef",6)==0 ){ |
|
/* |
|
@@ -2166,7 +2166,7 @@ |
|
zArg++; |
|
} |
|
if( *zArg==0 || *zArg=='\n' ){ return 0; } |
|
- nArg = pToken->nText + (int)pToken->zText - (int)zArg; |
|
+ nArg = pToken->nText + pToken->zText - zArg; |
|
PushIfMacro("!defined",zArg,nArg,pToken->nLine,0); |
|
}else if( nCmd==4 && strncmp(zCmd,"else",4)==0 ){ |
|
/* |
|
@@ -2792,7 +2792,7 @@ |
|
fprintf(stderr, |
|
"%s: Can't overwrite this file because it wasn't previously\n" |
|
"%*s generated by 'makeheaders'.\n", |
|
- pFile->zHdr, strlen(pFile->zHdr), ""); |
|
+ pFile->zHdr, (int)strlen(pFile->zHdr), ""); |
|
nErr++; |
|
}else if( strcmp(zOldVersion,zNewVersion)!=0 ){ |
|
if( report ) fprintf(report,"updated\n"); |
|
@@ -2951,10 +2951,10 @@ |
|
pDecl->zName, |
|
zLabel, |
|
pDecl->zFile, |
|
- pDecl->pComment ? (int)pDecl->pComment/sizeof(Token) : 0, |
|
+ pDecl->pComment ? /* TOTALLY BOGUS: (int)pDecl->pComment/sizeof(Token) */ 0 : 0, |
|
pDecl->pComment ? pDecl->pComment->nText+1 : 0, |
|
- pDecl->zIf ? strlen(pDecl->zIf)+1 : 0, |
|
- zDecl ? strlen(zDecl) : 0, |
|
+ pDecl->zIf ? (int)strlen(pDecl->zIf)+1 : 0, |
|
+ zDecl ? (int)strlen(zDecl) : 0, |
|
pDecl->pComment ? pDecl->pComment->nLine : 0, |
|
pDecl->tokenCode.nText ? pDecl->tokenCode.nText+1 : 0 |
|
); |
|
Index: search.c |
|
--- search.c.orig 2006-12-14 01:27:25.000000000 +0100 |
|
+++ search.c 2015-01-12 12:26:14.276338772 +0100 |
|
@@ -31,7 +31,6 @@ |
|
/* |
|
** We'll use this routine in several places. |
|
*/ |
|
-extern int sqlite3StrNICmp(const char*,const char*,int); |
|
|
|
/* |
|
** Search for a keyword in text. Return a matching score: |
|
@@ -54,7 +53,7 @@ |
|
} |
|
if( n<=0 ) n = strlen(zWord); |
|
for(i=0; zText[i]; i++){ |
|
- if( (zText[i]==c1 || zText[i]==c2) && sqlite3StrNICmp(zWord,&zText[i],n)==0){ |
|
+ if( (zText[i]==c1 || zText[i]==c2) && strncasecmp(zWord,&zText[i],n)==0){ |
|
int score = 6; |
|
if( (i==0 || !isalnum(zText[i-1])) |
|
&& (zText[i+n]==0 || !isalnum(zText[i+n])) ){ |
|
@@ -282,7 +281,7 @@ |
|
int n; |
|
if( tolower(c)!=tolower(azKey[k][0]) ) continue; |
|
n = keySize[k]; |
|
- if( sqlite3StrNICmp(&zAll[j],azKey[k],n)==0 ){ |
|
+ if( strncasecmp(&zAll[j],azKey[k],n)==0 ){ |
|
strcpy(z,"<b>"); |
|
z += 3; |
|
while( n ){ |
|
Index: svn.c |
|
--- svn.c.orig 2006-12-14 01:27:25.000000000 +0100 |
|
+++ svn.c 2015-01-12 12:25:55.196337822 +0100 |
|
@@ -205,7 +205,10 @@ |
|
* If there's no repository defined, bail and wait until the admin sets one. |
|
*/ |
|
zRoot = db_config("cvsroot",""); |
|
- if( zRoot[0]==0 ) return 1; |
|
+ if( zRoot[0]==0 ) { |
|
+ db_execute("COMMIT"); |
|
+ return 1; |
|
+ } |
|
nBaseRevision = atoi(db_config("historysize","0")); |
|
|
|
if( nBaseRevision |
|
Index: throttle.c |
|
--- throttle.c.orig 2006-05-25 10:20:24.000000000 +0200 |
|
+++ throttle.c 2015-01-12 12:25:55.206345099 +0100 |
|
@@ -165,7 +165,7 @@ |
|
} |
|
|
|
if( zUrl==0 ) zUrl = "index"; |
|
- cgi_redirect(mprintf("captcha?cnxp=%T", zUrl)); |
|
+ cgi_redirect(mprintf("captcha?nxp=%T", zUrl)); |
|
}else if( overload && exitOnOverload ){ |
|
/* Just block the client */ |
|
lockout(); |
|
Index: ticket.c |
|
--- ticket.c.orig 2006-12-14 01:33:31.000000000 +0100 |
|
+++ ticket.c 2015-01-12 12:25:55.206345099 +0100 |
|
@@ -392,7 +392,7 @@ |
|
@ <tr> |
|
@ <td align="right"><nobr> |
|
@ Assigned To: |
|
- az = db_query("SELECT id FROM user UNION SELECT '' ORDER BY id"); |
|
+ az = db_query("SELECT id FROM user WHERE capabilities LIKE '%%w%%' UNION SELECT '' ORDER BY id"); |
|
cgi_v_optionmenu(0, "w", zWho, (const char **)az); |
|
db_query_free(az); |
|
@ </nobr></td> |
|
@@ -1335,7 +1335,7 @@ |
|
@ <nobr> |
|
@ Assigned To: |
|
azUsers = (const char**)db_query( |
|
- "SELECT id FROM user UNION SELECT '' ORDER BY id"); |
|
+ "SELECT id FROM user WHERE capabilities LIKE '%%w%%' UNION SELECT '' ORDER BY id"); |
|
cgi_v_optionmenu(0, "a", aParm[4].zNew, azUsers); |
|
@ </nobr> |
|
@ |
|
@@ -1463,14 +1463,16 @@ |
|
const char *zTn; |
|
char *zErrMsg = 0; |
|
char *zTktTitle; |
|
+ const char *zOwner; |
|
|
|
login_check_credentials(); |
|
- if( !g.okWrite ){ login_needed(); return; } |
|
throttle(1,1); |
|
tn = rn = 0; |
|
zTn = PD("tn",""); |
|
sscanf(zTn, "%d,%d", &tn, &rn); |
|
if( tn<=0 ){ cgi_redirect("index"); return; } |
|
+ zOwner = db_short_query("SELECT owner FROM ticket WHERE tn=%d", tn); |
|
+ if( !g.okWrite && !(zOwner != NULL && strcmp(zOwner, g.zUser) == 0) ){ login_needed(); return; } |
|
bprintf(zPage,sizeof(zPage),"%d",tn); |
|
doPreview = P("pre")!=0; |
|
doSubmit = P("submit")!=0; |
|
Index: view.c |
|
--- view.c.orig 2007-01-28 00:29:39.000000000 +0100 |
|
+++ view.c 2015-01-12 12:25:55.206345099 +0100 |
|
@@ -219,8 +219,6 @@ |
|
** pointer to an error message string (obtained from malloc) if |
|
** there is a problem. |
|
*/ |
|
-extern int sqlite3StrNICmp(const char*,const char*,int); |
|
-extern int sqlite3StrICmp(const char*,const char*); |
|
char *verify_sql_statement(char *zSql){ |
|
int i; |
|
|
|
@@ -228,7 +226,7 @@ |
|
** the first token is "SELECT" and that there are no unquoted semicolons. |
|
*/ |
|
for(i=0; isspace(zSql[i]); i++){} |
|
- if( sqlite3StrNICmp(&zSql[i],"select",6)!=0 ){ |
|
+ if( strncasecmp(&zSql[i],"select",6)!=0 ){ |
|
return mprintf("The SQL must be a SELECT statement"); |
|
} |
|
for(i=0; zSql[i]; i++){
|
|
|