claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
721 Commits 1 Branch 0 Tags
bd19dc7a0b67d03392bf26e026885b8f2671b73c
Commit Graph

721 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris Morgan
bd19dc7a0b Make sure the .htaccess file in cron/ disables magic quotes like the one in the lowest level appdb directory 2006-07-06 15:54:58 +00:00
Chris Morgan
adeb1adbdc session::destroy() should call session_destroy() only if a session exists 2006-07-06 05:00:38 +00:00
Chris Morgan
4706e36595 Fix variable naming of preferences/account related form variables to match our coding standards 2006-07-06 04:46:13 +00:00
Chris Morgan
6aca4e34f9 Purge orphaned messages from sessionMessages that are older than 1 day after notifying admins 
of the number of orphaned messages. We currently have
over 150k messages stuck in this table with the earliest dating back to 2004.
We need to ensure that this doesn't occur again and that we can detect leaked
messages as these represent bugs in the appdb code.
 2006-07-06 04:39:02 +00:00
Chris Morgan
81057d13ab Use $GLOBALS['session']->destroy() instead of setting $_SESSION['current'] = "". Using "" means that $_SESSION['current'] 
could be set but be a string. Don't call addmsg() after logging out otherwise the session message will be lost and can
show up for other users or be stuck in the database
 2006-07-06 04:21:04 +00:00
Chris Morgan
82b95b8f6d Cleanup variable naming in account.php 2006-07-06 03:45:17 +00:00
Chris Morgan
2b0d5716bb Move $_SESSION['current'] manipulation into user class. Add user::logout() to keep user::login() and logout() symmetrical 2006-07-06 03:37:49 +00:00
Chris Morgan
1366e5fba1 query_parameters() usage example and the rule that all variables should be passed as parameters 2006-07-04 06:19:06 +00:00
Chris Morgan
fad9278013 Stop using compile_update_string(). compile_update_string() can be passed a value that includes a character considered 
special by query_parameters().  We then use the output from compile_update_string() as a part of the first
parameter to query_parameters(), the format string.  Having extra special characters causes a token mismatch
and query_parameters() will reject the queries entirely.  Remove now unused compile_update_string().
 2006-07-04 03:43:06 +00:00
Tony Lambregts
611cc12aeb Pass a version object to hasAppVersionModifyPermission(), not a version id integer 2006-07-04 02:52:39 +00:00
Chris Morgan
a044596c31 Add in missing & between url parameters 2006-07-04 02:24:56 +00:00
Tony Lambregts
55e06eee0c Remove now unnecessary stripslashes() 2006-07-04 02:12:43 +00:00
Tony Lambregts
ff97ddef7d Fix screenshot display by using the image class member functions instead of class internal private variables 2006-07-04 02:11:09 +00:00
Chris Morgan
91b44a3733 Cleanup note editing. Improve previewing of notes during addition and editing. Rename note related 
variables to have the proper prefix.
 2006-06-30 19:48:33 +00:00
Chris Morgan
c4caf6c85f Rename image class variables to match our current naming convention. Implement a unit test for 
the image class
 2006-06-30 19:42:39 +00:00
Tony Lambregts
1fd44ae416 Make the back link in the test results email useful to everyone, not just appdb admins and app maintainers 2006-06-30 16:38:05 +00:00
Chris Morgan
a72f31e11a Rename some variables to match our current naming scheme 2006-06-30 16:33:02 +00:00
Jonathan Ernst
da53f65cde Remove redirectref(), this function isn't used 2006-06-30 16:10:16 +00:00
Chris Morgan
5e1cb3f8a9 Cleanup note class, move display of notes into the class. External code creates and calls Note::show() to display the note. 2006-06-29 19:22:26 +00:00
Chris Morgan
6c2ae4a6fe Fix missed lookup_version_name() -> Version::lookup_name() in version cleanup patch 2006-06-29 19:00:41 +00:00
Chris Morgan
9059c658da No need to create Version object, use the monitor classes iAppId and iVersionId instead 2006-06-29 18:05:44 +00:00
Jonathan Ernst
e41dd3b733 Fix typo in appsubmit 2006-06-29 16:39:14 +00:00
Chris Morgan
75d1722236 Fix requesting a new password. Missed a user::update() -> user::update_password() call. Add a more explicit 
message in the case where the user doesn't enter any email address.
 2006-06-29 16:34:18 +00:00
Jonathan Ernst
6d019b918a Rename errorpage() to util_show_error_page() and move util_show_error_page() into include/util.php 2006-06-29 16:13:35 +00:00
Jonathan Ernst
6b89df82a5 Check for arrays when filtering. MAX_FILE_SIZE should not be filtered 2006-06-29 16:09:29 +00:00
Chris Morgan
034ea689bc Clean up application and version classes. Move class related functions into the class as static member functions 2006-06-29 16:07:19 +00:00
Chris Morgan
245a6b993e Cleanup User class. Move user related functions into class as static member functions 2006-06-29 15:54:29 +00:00
Jonathan Ernst
df8baf54fe Automatic filtering of $_REQUEST variables 2006-06-28 17:30:44 +00:00
Jonathan Ernst
684307a834 Update coding standards to specify function prefix that should match the module name and 'sh' a new 
variable prefix that means 'string html'
 2006-06-28 17:21:58 +00:00
Chris Morgan
e3f9e5371a Use query_parameters() in SQL select, update and delete statements to protect against 
sql injection attacks
 2006-06-27 19:16:27 +00:00
Chris Morgan
e6458694f4 Unit tests for user::update_password() and user::getMaintainerCount() 2006-06-27 19:07:52 +00:00
Jonathan Ernst
c138da9766 Html attributes and values are lowercase to be forward compatible with xhtml 2006-06-27 16:54:22 +00:00
Chris Morgan
f3c64ff48f Unit test for query_parameters(), fix bugs in query_parameters() found by the unit test 2006-06-27 16:39:40 +00:00
Tony Lambregts
1932248293 Don't allow empty "what works", "what was tested" and "what was not" fields 2006-06-27 05:44:24 +00:00
Chris Morgan
98ba61db03 Clean up user class. Implement start of unit testing framework for appdb. 
Implement start of user class unit test.
 2006-06-27 03:59:16 +00:00
Jonathan Ernst
c8e07f8ae7 Update coding standard document 2006-06-26 17:25:19 +00:00
Tony Lambregts
a79d4a654c Fix applying to become a super maintainer 2006-06-26 01:43:00 +00:00
Chris Morgan
ac5b4b0a95 Warn if magic quotes is enabled and explain a bit about why we require that magic quotes 
be disabled.  Also remove all of the conditional code that was working around cases where
we had magic quotes enabled.  We were only working around a small portion of cases where magic
quotes was affecting the appdb.
 2006-06-26 00:44:44 +00:00
Chris Morgan
63d90984a1 Fix a warning due to missing first parameter when testData::OutputEditor() is called from adminTestResults.php. 
At this point we never expect to have a $sDistribution so we can just default the parameter to a null string
 2006-06-24 05:02:56 +00:00
Chris Morgan
fb0f3b5dd3 Protect against sql injection attacks in sql INSERT statements 2006-06-24 04:20:32 +00:00
Chris Morgan
c31173ef9e Disable hackish looking "we've got errors message" since we'll display human readable errors later on. 2006-06-24 04:07:42 +00:00
Chris Morgan
6f35da69d7 Fix voting. Another case, ha ha, where different capitalization messed us up 2006-06-24 03:09:07 +00:00
Chris Morgan
baa92fba38 Retrieve iCatId from $_REQUEST(), we can't use $aClean[] because it isn't in scope. 
Fixes editing categories
 2006-06-24 03:05:16 +00:00
Chris Morgan
3537fcbd88 Fix entering a new distribution when submitting a new application or version 2006-06-24 02:38:44 +00:00
Chris Morgan
3a3ff401cc Fix case of 'Submit' to fix creating a new distribution 2006-06-23 05:03:03 +00:00
Chris Morgan
1a6cde7f1e Fix the application name column in the top 'X' lists to be 150px wide so each top 'X' list 
looks uniform
 2006-06-23 04:11:50 +00:00
Chris Morgan
540a29cb5e Fix editing bundles, they've been broken since appdb was imported into cvs and we haven't noticed, ha 2006-06-23 03:42:08 +00:00
Chris Morgan
58b267506f Fix indenting and formatting 2006-06-22 22:34:56 +00:00
Chris Morgan
eea66ec98c $_SESSION['current']->userId should be ->iUserId, there is no userId member of 
class user.
 2006-06-22 22:34:23 +00:00
Chris Morgan
b55c2776a5 Compact the top 'X' lists on the main page by adding a flag to get_screenshot_img() that disables the output of 
html that was putting the image inside of another table
 2006-06-22 21:41:41 +00:00