claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
729 Commits 1 Branch 0 Tags
445fbdfdd3325524332918f47f073106ee528f4a
Commit Graph

378 Commits

Author SHA1 Message Date
Chris Morgan
445fbdfdd3 Switch a few more variables over to the new naming scheme, fix deleting comments and replying to comments 2006-07-06 23:49:51 +00:00
Chris Morgan
3d6da668a1 Remove require_once("mail.php") that was causing mail.php to be duplicately included. A cleaner fix is necessary 2006-07-06 22:35:01 +00:00
Chris Morgan
ea02b57c25 Move getAppsFromUserId() to user::getAppsMaintained(). Also implement a unit test for 
user::getAppsMaintained()
 2006-07-06 22:08:37 +00:00
Jonathan Ernst
3096e63828 Rename util_show_error_page() to util_show_error_page_and_exit() and redirect() to util_redirect_and_exit() 
so it is explicit that we exit in those functions that so we know it isn't necessary to put an exit after
we call them
 2006-07-06 18:44:56 +00:00
Jonathan Ernst
54c484de8c Remove unnecessary exit calls after redirect() and util_show_error_page() calls 2006-07-06 17:59:52 +00:00
Jonathan Ernst
735a2bc65f Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00
Chris Morgan
adeb1adbdc session::destroy() should call session_destroy() only if a session exists 2006-07-06 05:00:38 +00:00
Chris Morgan
4706e36595 Fix variable naming of preferences/account related form variables to match our coding standards 2006-07-06 04:46:13 +00:00
Chris Morgan
81057d13ab Use $GLOBALS['session']->destroy() instead of setting $_SESSION['current'] = "". Using "" means that $_SESSION['current'] 
could be set but be a string. Don't call addmsg() after logging out otherwise the session message will be lost and can
show up for other users or be stuck in the database
 2006-07-06 04:21:04 +00:00
Chris Morgan
2b0d5716bb Move $_SESSION['current'] manipulation into user class. Add user::logout() to keep user::login() and logout() symmetrical 2006-07-06 03:37:49 +00:00
Chris Morgan
1366e5fba1 query_parameters() usage example and the rule that all variables should be passed as parameters 2006-07-04 06:19:06 +00:00
Chris Morgan
fad9278013 Stop using compile_update_string(). compile_update_string() can be passed a value that includes a character considered 
special by query_parameters().  We then use the output from compile_update_string() as a part of the first
parameter to query_parameters(), the format string.  Having extra special characters causes a token mismatch
and query_parameters() will reject the queries entirely.  Remove now unused compile_update_string().
 2006-07-04 03:43:06 +00:00
Tony Lambregts
611cc12aeb Pass a version object to hasAppVersionModifyPermission(), not a version id integer 2006-07-04 02:52:39 +00:00
Chris Morgan
a044596c31 Add in missing & between url parameters 2006-07-04 02:24:56 +00:00
Tony Lambregts
55e06eee0c Remove now unnecessary stripslashes() 2006-07-04 02:12:43 +00:00
Tony Lambregts
ff97ddef7d Fix screenshot display by using the image class member functions instead of class internal private variables 2006-07-04 02:11:09 +00:00
Chris Morgan
91b44a3733 Cleanup note editing. Improve previewing of notes during addition and editing. Rename note related 
variables to have the proper prefix.
 2006-06-30 19:48:33 +00:00
Chris Morgan
c4caf6c85f Rename image class variables to match our current naming convention. Implement a unit test for 
the image class
 2006-06-30 19:42:39 +00:00
Tony Lambregts
1fd44ae416 Make the back link in the test results email useful to everyone, not just appdb admins and app maintainers 2006-06-30 16:38:05 +00:00
Chris Morgan
a72f31e11a Rename some variables to match our current naming scheme 2006-06-30 16:33:02 +00:00
Jonathan Ernst
da53f65cde Remove redirectref(), this function isn't used 2006-06-30 16:10:16 +00:00
Chris Morgan
5e1cb3f8a9 Cleanup note class, move display of notes into the class. External code creates and calls Note::show() to display the note. 2006-06-29 19:22:26 +00:00
Chris Morgan
9059c658da No need to create Version object, use the monitor classes iAppId and iVersionId instead 2006-06-29 18:05:44 +00:00
Jonathan Ernst
6d019b918a Rename errorpage() to util_show_error_page() and move util_show_error_page() into include/util.php 2006-06-29 16:13:35 +00:00
Jonathan Ernst
6b89df82a5 Check for arrays when filtering. MAX_FILE_SIZE should not be filtered 2006-06-29 16:09:29 +00:00
Chris Morgan
034ea689bc Clean up application and version classes. Move class related functions into the class as static member functions 2006-06-29 16:07:19 +00:00
Chris Morgan
245a6b993e Cleanup User class. Move user related functions into class as static member functions 2006-06-29 15:54:29 +00:00
Jonathan Ernst
df8baf54fe Automatic filtering of $_REQUEST variables 2006-06-28 17:30:44 +00:00
Chris Morgan
e3f9e5371a Use query_parameters() in SQL select, update and delete statements to protect against 
sql injection attacks
 2006-06-27 19:16:27 +00:00
Chris Morgan
f3c64ff48f Unit test for query_parameters(), fix bugs in query_parameters() found by the unit test 2006-06-27 16:39:40 +00:00
Tony Lambregts
1932248293 Don't allow empty "what works", "what was tested" and "what was not" fields 2006-06-27 05:44:24 +00:00
Chris Morgan
98ba61db03 Clean up user class. Implement start of unit testing framework for appdb. 
Implement start of user class unit test.
 2006-06-27 03:59:16 +00:00
Chris Morgan
ac5b4b0a95 Warn if magic quotes is enabled and explain a bit about why we require that magic quotes 
be disabled.  Also remove all of the conditional code that was working around cases where
we had magic quotes enabled.  We were only working around a small portion of cases where magic
quotes was affecting the appdb.
 2006-06-26 00:44:44 +00:00
Chris Morgan
63d90984a1 Fix a warning due to missing first parameter when testData::OutputEditor() is called from adminTestResults.php. 
At this point we never expect to have a $sDistribution so we can just default the parameter to a null string
 2006-06-24 05:02:56 +00:00
Chris Morgan
fb0f3b5dd3 Protect against sql injection attacks in sql INSERT statements 2006-06-24 04:20:32 +00:00
Chris Morgan
6f35da69d7 Fix voting. Another case, ha ha, where different capitalization messed us up 2006-06-24 03:09:07 +00:00
Chris Morgan
3537fcbd88 Fix entering a new distribution when submitting a new application or version 2006-06-24 02:38:44 +00:00
Chris Morgan
1a6cde7f1e Fix the application name column in the top 'X' lists to be 150px wide so each top 'X' list 
looks uniform
 2006-06-23 04:11:50 +00:00
Chris Morgan
58b267506f Fix indenting and formatting 2006-06-22 22:34:56 +00:00
Chris Morgan
eea66ec98c $_SESSION['current']->userId should be ->iUserId, there is no userId member of 
class user.
 2006-06-22 22:34:23 +00:00
Chris Morgan
b55c2776a5 Compact the top 'X' lists on the main page by adding a flag to get_screenshot_img() that disables the output of 
html that was putting the image inside of another table
 2006-06-22 21:41:41 +00:00
Chris Morgan
67550405c3 Make code more consistent by making it follow the appdb coding standards. Fix some spaces vs. tabs odd indenting. 2006-06-21 01:04:12 +00:00
Chris Morgan
ce71a0d8ed Fix case of $aClean['appId']. Fixes the bug of orphaning newly submitted versions 2006-06-20 22:58:58 +00:00
Chris Morgan
6ceb14ef92 Disable addslashes() in makeSafe() until more finely grained filtering can be implemented 2006-06-19 15:40:53 +00:00
Tony Lambregts
fdc0760ce6 Open ratings definitions page in a new window so we don't erase any data a user has entered into input boxes 2006-06-17 06:12:28 +00:00
EA Durbin
f982c8459e Filter all user input to reduce the security impact of manipulated data 2006-06-17 06:10:10 +00:00
Tony Lambregts
7fec72b632 Don't expose users email addresses to robots 2006-06-16 03:18:45 +00:00
EA Durbin
62de655d75 Fix typo 2006-06-06 18:53:00 +00:00
Tony Lambregts
5fe6ad37c1 Fix wiki link 2006-06-05 01:11:07 +00:00
Tony Lambregts
5d8293bdb1 Update appdb to have a menu with links to all wine related sites 2006-06-03 23:53:41 +00:00