catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)
Main RocketGit repo
Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit
v0.0 v0.1 v0.10 v0.11 v0.12 v0.13 v0.14 v0.15 v0.17 v0.18 v0.19 v0.2 v0.20 v0.21 v0.22 v0.23 v0.24 v0.25 v0.27 v0.28 v0.29 v0.31 v0.32 v0.33 v0.34 v0.35 v0.36 v0.38 v0.39 v0.40 v0.41 v0.42 v0.43 v0.44 v0.45 v0.46 v0.47 v0.48 v0.49 v0.50 v0.51 v0.52 v0.53 v0.54 v0.55 v0.56 v0.57 v0.58 v0.60 v0.61 v0.62 v0.63 v0.64 v0.65 v0.66 v0.67 v0.68 v0.69 v0.70 v0.71 v0.72 v0.73 v0.77 v0.78 group1/branch1 group2/subgroup1/branch2 main master release
List of commits:
Subject Hash Author Date (UTC)
Lots of fixes, mostly on templating stuff. eb7e8f94fa4a2f5d82f913bcd7113287172cd450 Catalin(ux) M. BOIE 2015-05-25 18:51:36
Lots of changes all over the place. 9b39ce5e62255ff390926ef11c37b98d1d8751d2 Catalin(ux) M. BOIE 2015-05-22 03:25:46
Invites now accepts a file as the body of the e-mail and php_errormsg fixes. 31ccba6e43e02c34fa2139fe352c3799feecd249 Catalin(ux) M. BOIE 2015-05-09 04:17:40
Allow compression inside TLS 00828bd5eaf5ad08ff7736a6c5627c21179a8e20 Catalin(ux) M. BOIE 2015-05-06 17:09:07
Bump version to 0.32 8a9194a00721f0f6c55ab4bc986e23962357f250 Catalin(ux) M. BOIE 2015-05-05 21:20:30
Small fixes all over the place baaa5336810128456e63d5e5a8cb111c81fe162d Catalin(ux) M. BOIE 2015-05-05 21:20:12
Forgot to initialize a variable. beca8b9e01c37c6101f9a61f8ecf8cb744f1bd41 Catalin(ux) M. BOIE 2015-05-04 22:23:37
Bump version to 0.31 a03215399419416798da2fbaf51a71959f112bc6 Catalin(ux) M. BOIE 2015-05-04 21:52:29
Small fixes, mainy CSS. f0a08c03ae739e59d1a608234cbb0988cca6a351 Catalin(ux) M. BOIE 2015-05-04 21:51:58
Mostly text changes. d70ca5530fe3ef23f02f8a2563e957529fe0ea5c Catalin(ux) M. BOIE 2015-05-04 20:17:59
Fixed an AVC related to apache logging. 21f0a49a7c51687e38046437eca2bfe7a2c86d78 Catalin(ux) M. BOIE 2015-04-24 15:35:11
Lots of fixes, mostly CSS 7f079cf057ae0545827ba0090b816ac181bd2139 Catalin(ux) M. BOIE 2015-04-22 18:39:21
Lots of fixes all over the place. 12b0f0dc0503557effe906b6f7bf519768fdf766 Catalin(ux) M. BOIE 2015-04-21 22:23:25
Added template for libvirt 3c3d00aa66f86c25cb35f273f017d6f0ea4552b7 Catalin(ux) M. BOIE 2015-04-20 16:06:51
Deal with git log when binary files are involved cda372cdb187782a1a1f8b0986c30fecbd0d0eb6 Catalin(ux) M. BOIE 2015-04-20 03:49:49
Bump version to 0.28 5be3f9aeab3dbb0e1d1a0afc72302ec0a35104d3 Catalin(ux) M. BOIE 2015-04-19 21:49:31
Fixed pushes and error reporting by git transport f9c8b9726d9ba962e1530f1bc6166b4a40f38df0 Catalin(ux) M. BOIE 2015-04-19 21:49:05
Lots of things. Fixes err- generation when I know I will test error code 481d2e0c17ee8ce3b255b6f672e1d5f6a75484b5 Catalin(ux) M. BOIE 2015-04-18 08:03:48
Checkpoint 02e554c59c837b94e1a7c8bdfcf2256d68201ff5 Catalin(ux) M. BOIE 2015-04-17 06:58:24
Checkpoint 96355ec971acd16480c9c22469a2a659c8ade994 Catalin(ux) M. BOIE 2015-04-16 22:17:25
Commit eb7e8f94fa4a2f5d82f913bcd7113287172cd450 - Lots of fixes, mostly on templating stuff.
Author: Catalin(ux) M. BOIE
Author date (UTC): 2015-05-25 18:51
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2015-05-25 18:51
Parent(s): 9b39ce5e62255ff390926ef11c37b98d1d8751d2
Signing key:
Tree: f371d62232c4a3afa5038e57bf3f901b4ad27917
File Lines added Lines deleted
Compare.txt 1 1
TODO 21 7
duilder.conf 1 1
hooks/update 2 2
inc/admin.inc.php 11 10
inc/admin/admin.php 2 2
inc/admin/plans/plans.php 1 1
inc/admin/repos/repos.php 1 1
inc/admin/users/users.php 6 6
inc/bug.inc.php 41 34
inc/dispatch/dispatch.php 9 9
inc/events.inc.php 1 1
inc/feedback/suggestion.php 2 2
inc/git.inc.php 44 42
inc/keys.inc.php 109 12
inc/login/login.php 1 1
inc/plan.inc.php 4 4
inc/prof.inc.php 11 3
inc/repo.inc.php 65 52
inc/repo/repo.php 1 1
inc/rights.inc.php 2 2
inc/sql.inc.php 3 3
inc/user.inc.php 25 20
inc/user/confirm.php 1 1
inc/user/forgot.php 2 2
inc/user/forgot_send.php 1 1
inc/user/home-page.php 1 1
inc/user/keys/keys.php 11 8
inc/user/pass/pass.php 2 2
inc/user/repo-page.php 32 27
inc/user/repo/bug/main.php 2 2
inc/user/repo/bug/search/search.php 1 1
inc/user/repo/bug/show/add_note.php 1 1
inc/user/repo/bug/show/show.php 10 10
inc/user/settings.php 1 1
inc/util.inc.php 371 331
root/index.php 5 2
root/themes/default/admin/plans/list/header.html 1 1
root/themes/default/download-vm.html 5 5
root/themes/default/features.html 2 2
root/themes/default/hints/list/footer.html 0 1
root/themes/default/hints/list/header.html 0 1
root/themes/default/hints/list/line.html 1 1
root/themes/default/index.html 7 13
root/themes/default/internal_err.html 3 0
root/themes/default/mail/user/repo/bug/new.body.txt 1 1
root/themes/default/mail/user/repo/bug/new_note.body.txt 2 2
root/themes/default/mail/user/repo/new.body.txt 1 1
root/themes/default/mail/user/repo/update.body.txt 4 3
root/themes/default/mail/user/repo/update.subj.txt 1 1
root/themes/default/mail/user/welcome.body.txt 5 4
root/themes/default/main.css 15 1
root/themes/default/main.html 10 0
root/themes/default/repo/add_edit.html 1 1
root/themes/default/repo/diff.html 2 2
root/themes/default/repo/discover.html 2 2
root/themes/default/repo/fstat/header.html 1 1
root/themes/default/repo/fstat/line.html 1 1
root/themes/default/repo/history/header.html 1 1
root/themes/default/repo/log/header.html 1 1
root/themes/default/repo/main.html 0 1
root/themes/default/repo/mr/list/header.html 1 1
root/themes/default/repo/search.html 1 1
root/themes/default/repo/tree/header.html 1 1
root/themes/default/repo/urls/line.html 1 1
root/themes/default/suggestion.html 1 1
root/themes/default/user/keys/list/line.html 0 1
root/themes/default/user/repo/rights/list_repo/header.html 1 1
root/themes/default/user/repo/rights/list_repo_path/header.html 1 1
root/themes/default/user/repo/rights/list_repo_refs/header.html 1 1
scripts/remote.php 2 0
tests/.gitignore 6 0
tests/Makefile 7 2
tests/event.php 1 1
tests/git2.php 121 4
tests/git2.sh 1 1
tests/git_log1.expected 30 30
tests/git_log1.final 30 30
tests/git_log1.tmpl 1 1
tests/helpers.inc.php 1 1
tests/http.inc.php 10 2
tests/http_login.php 1 1
tests/http_settings.php 11 4
tests/keys.php 84 20
tests/repo.php 3 2
tests/themes/util/func.txt 1 1
tests/user.php 1 1
tests/util.php 231 69
File Compare.txt changed (mode: 100644) (index c61d848..3da7297)
1 1 RocketGit Gitlab GitHub Gitorious unfuddle.com gitolite RocketGit Gitlab GitHub Gitorious unfuddle.com gitolite
2 2
3 License GPLv3 ? Proprietary ?open ? ?
3 License GPLv3 OpenCore? Proprietary ?open ? ?
4 4
5 5 [Features] [Features]
6 6 Easy installation Yes No Yes? No! ? Yes Easy installation Yes No Yes? No! ? Yes
File TODO changed (mode: 100644) (index 32c9903..cba2e18)
1 1 == Where I stopped last time == == Where I stopped last time ==
2 [ ] Add sha1sum of the images
3 [ ] Creating git folder is not always working?
4 [ ] What if a user passed </textarea> or <xss> into a field for edit?!
5 We may have a xss attack! Bad! Bad!
2 6 [ ] [ ]
3 7
4 8 == BEFORE NEXT RELEASE == == BEFORE NEXT RELEASE ==
9 [ ] Leave alone the ssh key comment!
10 [ ] Pass only uid to events, we already have it in cache!
11 [ ] 'confirmed' should be built in the event handlers not in callers.
12 It is already checked in rg_mail_template!
13 [ ] When we push by ssh, we have the user, so we can give more info about
14 why the push failed. Carefull, not too much info. For example:
15 "You have no key uploaded, go to ..."
16 [ ] For 'log' and 'tree' we have decorations for links!
17 [ ] When we have UTF-8 chars, the ssh 'repos' command does not show correctly
18 the date (translated to left).
19 [ ] In "Tree" section, seems the path is doubled.
20 [ ] Hint: where in fs you can find the repo.
21 [ ] Hints should not call rg_template, let next rg_template_table to do it.
22 (to avoid double replace).
23 Anyway, we already do double replace for hints)
24 [ ] Generate the VM SSL cert at boot time to avoid that famous Firefox bug.
5 25 [ ] Saving fields in forms when session exired to be reused next time. [ ] Saving fields in forms when session exired to be reused next time.
6 26 [ ] Compression off for ssh because objects are already compressed? [ ] Compression off for ssh because objects are already compressed?
7 27 [ ] Add a random token in header to prevent watermarking (this is the name?). [ ] Add a random token in header to prevent watermarking (this is the name?).
8 [ ] User home page link is missing from top bar!
28 [ ] User home page link is missing from top bar! use login_ui::homepage.
9 29 [ ] Add "Spread the word!" on website. [ ] Add "Spread the word!" on website.
10 30 [ ] Give up on submenu1/2 and integrate them when needed? [ ] Give up on submenu1/2 and integrate them when needed?
11 [ ] Is login_ui::homepage used anywhere?
12 31 [ ] I have a common part in download-vm.html, deal with it. [ ] I have a common part in download-vm.html, deal with it.
13 32 [ ] https://www.kernel.org/pub/software/scm/git/docs/gitworkflows.html [ ] https://www.kernel.org/pub/software/scm/git/docs/gitworkflows.html
14 33 [ ] git-name-rev is nice. [ ] git-name-rev is nice.
 
16 35 [ ] git-relink for really cloned repos? [ ] git-relink for really cloned repos?
17 36 [ ] Allow creating tags/branches on web interface. [ ] Allow creating tags/branches on web interface.
18 37 [ ] For mails, we should not escape vars! [ ] For mails, we should not escape vars!
19 [ ] SPF? mail-ul ajunge in spam!
20 L-am redirectionat prin mail.embedromix.ro, si am pus si SPF-uri.
21 Trebuie sa reverific cu google-ul.
22 Astept confirmare si de la Ionut.
23 38 [ ] Users should be able to check the plans. [ ] Users should be able to check the plans.
24 39 [ ] Use a separate template for main rocketgit.com site. The other users [ ] Use a separate template for main rocketgit.com site. The other users
25 40 should not see the same pages. should not see the same pages.
 
... ... Cred ca asta face browser-ul. As putea sa schimb numele cookie-ului, si sa-l
167 182 semnez cumva: ma duc pe attack.com si acolo imi pune un cookie pe .com a=b. semnez cumva: ma duc pe attack.com si acolo imi pune un cookie pe .com a=b.
168 183 Apoi, viziteaza good.com, si catre acesta trimite cookie-ul a=b. Apoi, viziteaza good.com, si catre acesta trimite cookie-ul a=b.
169 184 Daca as lega good.com de a/b, as putea elimina cookie-urile rele. Daca as lega good.com de a/b, as putea elimina cookie-urile rele.
170 [ ] "repo_submenu" seems to not be used, remove references.
171 185 [ ] http://nedbatchelder.com/blog/201405/github_monoculture.html [ ] http://nedbatchelder.com/blog/201405/github_monoculture.html
172 186 [ ] mchapman (subscriber, #66589) (http://lwn.net/Articles/623905/) [ ] mchapman (subscriber, #66589) (http://lwn.net/Articles/623905/)
173 187 With a GitHub pull-request-based work-flow I need a GitHub account With a GitHub pull-request-based work-flow I need a GitHub account
File duilder.conf changed (mode: 100644) (index bcb18bf..359cb4a)
1 1 PRJ="rocketgit" PRJ="rocketgit"
2 VER="0.32"
2 VER="0.33"
3 3 REV="1" REV="1"
4 4 EXCLUDE=".exclude" EXCLUDE=".exclude"
5 5 EXPORT_PATH="/data/www/umbrella/kernel/us/rocketgit" EXPORT_PATH="/data/www/umbrella/kernel/us/rocketgit"
File hooks/update changed (mode: 100755) (index 0bf5fb8..8377624)
... ... $a['repo_id'] = sprintf("%u", getenv("ROCKETGIT_REPO_ID"));
42 42 $a['ip'] = getenv("ROCKETGIT_IP"); $a['ip'] = getenv("ROCKETGIT_IP");
43 43 $a['namespace'] = getenv("GIT_NAMESPACE"); $a['namespace'] = getenv("GIT_NAMESPACE");
44 44 $a['repo_path'] = getenv("ROCKETGIT_REPO_PATH"); $a['repo_path'] = getenv("ROCKETGIT_REPO_PATH");
45 $a['repo::uid'] = sprintf("%u", getenv("ROCKETGIT_REPO_UID"));
45 $a['repo_uid'] = sprintf("%u", getenv("ROCKETGIT_REPO_UID"));
46 46
47 rg_log("Start " . rg_array2string($a));
47 rg_log("Start a=" . rg_array2string($a));
48 48 rg_log("_SERVER: " . rg_array2string($_SERVER)); rg_log("_SERVER: " . rg_array2string($_SERVER));
49 49
50 50 umask(0022); umask(0022);
File inc/admin.inc.php changed (mode: 100644) (index 7cdd4f1..8aa3f0b)
... ... function rg_admin_invite_one($db, $event)
50 50 . base64_encode($rg_admin_name) . "?="; . base64_encode($rg_admin_name) . "?=";
51 51
52 52 $rg = array(); $rg = array();
53 $subject = preg_replace('/{NAME}/', $event['name'], $event['subject']);
53 $subject = str_replace('{NAME}', $event['name'], $event['subject']);
54 54 $subject = "=?UTF-8?B?" . base64_encode(trim($subject)) . "?="; $subject = "=?UTF-8?B?" . base64_encode(trim($subject)) . "?=";
55 $header = rg_template("mail/common.head.txt", $rg);
55 $header = rg_template("mail/common.head.txt", $rg, FALSE /* xss */);
56 56 $header = trim($header); $header = trim($header);
57 57 $header .= "\nFrom: $admin_name <" . $rg_admin_email . ">"; $header .= "\nFrom: $admin_name <" . $rg_admin_email . ">";
58 58 rg_log_ml("DEBUG: header=$header"); rg_log_ml("DEBUG: header=$header");
59 $body = preg_replace('/{NAME}/', $event['name'], $event['body']);
59 $body = str_replace('{NAME}', $event['name'], $event['body']);
60 60
61 61 $r = mail($event['email'], $subject, $body, $header, $r = mail($event['email'], $subject, $body, $header,
62 62 "-f $rg_admin_email"); "-f $rg_admin_email");
 
... ... function rg_admin_invites_high_level($db, $rg)
170 170
171 171 rg_event_signal_daemon("", 0); rg_event_signal_daemon("", 0);
172 172
173 $ret .= rg_template("admin/invites/sent.html", $rg);
173 $ret .= rg_template("admin/invites/sent.html", $rg, TRUE /* xss */);
174 174 $show_form = FALSE; $show_form = FALSE;
175 175 break; break;
176 176 } }
 
... ... function rg_admin_invites_high_level($db, $rg)
179 179 $rg['inv'] = $inv; $rg['inv'] = $inv;
180 180 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
181 181 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
182 $ret .= rg_template("admin/invites/invites.html", $rg);
182 $ret .= rg_template("admin/invites/invites.html", $rg, TRUE /* xss */);
183 183 } }
184 184
185 185 rg_log_exit(); rg_log_exit();
 
... ... function rg_init($db, $rg)
244 244
245 245 rg_state_set($db, 'first_install', time()); rg_state_set($db, 'first_install', time());
246 246
247 $ret .= rg_template('user/create_ok.html', $rg);
247 $ret .= rg_template('user/create_ok.html', $rg, TRUE /* xss */);
248 248 $load_form = FALSE; $load_form = FALSE;
249 249 break; break;
250 250 } }
 
... ... function rg_init($db, $rg)
252 252 if ($load_form) { if ($load_form) {
253 253 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
254 254 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
255 $ret .= rg_template("admin/init.html", $rg);
255 $ret .= rg_template("admin/init.html", $rg, TRUE /* xss */);
256 256 } }
257 257
258 258 rg_log_exit(); rg_log_exit();
 
... ... function rg_admin_report1($db, $rg)
385 385 $body .= "\n\nTotal suggestions: " . $sug['total'] . "\n"; $body .= "\n\nTotal suggestions: " . $sug['total'] . "\n";
386 386 $body .= $sug['yesterday'] . "\n"; $body .= $sug['yesterday'] . "\n";
387 387
388 $rg['ui::email'] = $rg_admin_email;
389 $rg['mail::subject'] = 'RocketGit daily report'
388 $rg['ui']['email'] = $rg_admin_email;
389 $rg['mail'] = array();
390 $rg['mail']['subject'] = 'RocketGit daily report'
390 391 . ' [' . $users . '/' . $total_users . ']' . ' [' . $users . '/' . $total_users . ']'
391 392 . ' [' . $repos . '/' . $total_repos . ']'; . ' [' . $repos . '/' . $total_repos . ']';
392 $rg['mail::body'] = $body;
393 $rg['mail']['body'] = $body;
393 394 rg_mail_template("mail/admin/report1", $rg); rg_mail_template("mail/admin/report1", $rg);
394 395 } }
395 396
File inc/admin/admin.php changed (mode: 100644) (index da00594..b47d4d2)
... ... rg_log("FILE: /inc/admin/admin");
4 4 $_admin = ""; $_admin = "";
5 5
6 6 if ($rg['login_ui']['is_admin'] != 1) { if ($rg['login_ui']['is_admin'] != 1) {
7 $_admin .= rg_template("access_denied.html", $rg);
7 $_admin .= rg_template("access_denied.html", $rg, TRUE /* xss */);
8 8 return; return;
9 9 } }
10 10
 
... ... case 'invites': // invites
32 32 } }
33 33
34 34 $rg['menu']['sub1'][$_subop] = 1; $rg['menu']['sub1'][$_subop] = 1;
35 $rg['HTML:submenu1'] = rg_template("admin/menu.html", $rg);
35 $rg['HTML:submenu1'] = rg_template("admin/menu.html", $rg, TRUE /* xss */);
36 36
37 37 ?> ?>
File inc/admin/plans/plans.php changed (mode: 100644) (index c770f25..318fed5)
... ... case 'add': // add
21 21 } }
22 22
23 23 $rg['menu']['sub2'][$_op] = 1; $rg['menu']['sub2'][$_op] = 1;
24 $rg['HTML:submenu2'] = rg_template("admin/plans/menu.html", $rg);
24 $rg['HTML:submenu2'] = rg_template("admin/plans/menu.html", $rg, TRUE /* xss */);
25 25
26 26 ?> ?>
File inc/admin/repos/repos.php changed (mode: 100644) (index e1bce41..901bfb6)
... ... default: // list
17 17 } }
18 18
19 19 $rg['menu']['sub2'][$_op] = 1; $rg['menu']['sub2'][$_op] = 1;
20 $rg['HTML:submenu2'] = rg_template("admin/repos/menu.html", $rg);
20 $rg['HTML:submenu2'] = rg_template("admin/repos/menu.html", $rg, TRUE /* xss */);
21 21
22 22 ?> ?>
File inc/admin/users/users.php changed (mode: 100644) (index e5db139..8a473d6)
... ... case 'edit': // edit
19 19
20 20 case 'suspend': case 'suspend':
21 21 if (!rg_user_suspend($db, $rg, $target_ui, 1)) if (!rg_user_suspend($db, $rg, $target_ui, 1))
22 $_admin_users .= rg_template("admin/users/bad_suspend.html", $rg);
22 $_admin_users .= rg_template("admin/users/bad_suspend.html", $rg, TRUE /* xss */);
23 23 break; break;
24 24
25 25 case 'unsuspend': case 'unsuspend':
26 26 if (!rg_user_suspend($db, $rg, $target_ui, 0)) if (!rg_user_suspend($db, $rg, $target_ui, 0))
27 $_admin_users .= rg_template("admin/users/bad_unsuspend.html", $rg);
27 $_admin_users .= rg_template("admin/users/bad_unsuspend.html", $rg, TRUE /* xss */);
28 28 break; break;
29 29
30 30 case 'make_admin': case 'make_admin':
31 31 if (!rg_user_make_admin($db, $rg, $target_ui, 1)) if (!rg_user_make_admin($db, $rg, $target_ui, 1))
32 $_admin_users .= rg_template("admin/users/bad_admin.html", $rg);
32 $_admin_users .= rg_template("admin/users/bad_admin.html", $rg, TRUE /* xss */);
33 33 break; break;
34 34
35 35 case 'remove_admin': case 'remove_admin':
36 36 if (!rg_user_make_admin($db, $rg, $target_ui, 0)) if (!rg_user_make_admin($db, $rg, $target_ui, 0))
37 $_admin_users .= rg_template("admin/users/bad_unadmin.html", $rg);
37 $_admin_users .= rg_template("admin/users/bad_unadmin.html", $rg, TRUE /* xss */);
38 38 break; break;
39 39
40 40 case 'remove': case 'remove':
41 41 if (!rg_user_remove($db, $rg, $target_ui)) if (!rg_user_remove($db, $rg, $target_ui))
42 $_admin_users .= rg_template("admin/users/bad_remove.html", $rg);
42 $_admin_users .= rg_template("admin/users/bad_remove.html", $rg, TRUE /* xss */);
43 43 break; break;
44 44 } }
45 45
46 46 $rg['menu']['sub2'][$_op] = 1; $rg['menu']['sub2'][$_op] = 1;
47 $rg['HTML:submenu2'] = rg_template("admin/users/menu.html", $rg);
47 $rg['HTML:submenu2'] = rg_template("admin/users/menu.html", $rg, TRUE /* xss */);
48 48
49 49 if ($_show_list == 1) if ($_show_list == 1)
50 50 $_admin_users .= rg_user_list($db); $_admin_users .= rg_user_list($db);
File inc/bug.inc.php changed (mode: 100644) (index 2ce9a07..002e383)
... ... function rg_bug_event_add_one($db, $event)
51 51 $ret = FALSE; $ret = FALSE;
52 52 while (1) { while (1) {
53 53 // lookup user email // lookup user email
54 $ui = rg_user_info($db, $event['ui::uid'], "", "");
54 $ui = rg_user_info($db, $event['ui']['uid'], '', '');
55 55 if ($ui['exists'] != 1) { if ($ui['exists'] != 1) {
56 56 rg_internal_error("User does not exists!"); rg_internal_error("User does not exists!");
57 57 break; break;
 
... ... function rg_bug_event_add_one($db, $event)
64 64 } }
65 65
66 66 // send e-mail // send e-mail
67 $event['ui::email'] = $ui['email'];
67 $event['ui']['email'] = $ui['email'];
68 68 $r = rg_mail_template("mail/user/repo/bug/new", $event); $r = rg_mail_template("mail/user/repo/bug/new", $event);
69 69 if ($r === FALSE) if ($r === FALSE)
70 70 break; break;
 
... ... function rg_bug_event_add_all($db, $event)
89 89 $x = $event; $x = $event;
90 90 $x['category'] = 4101; $x['category'] = 4101;
91 91 $x['prio'] = 100; $x['prio'] = 100;
92 $x['ui'] = array();
92 93
93 94 // We will sent notifications to all watchers of a repo // We will sent notifications to all watchers of a repo
94 $r = rg_watch_load_by_obj_id($db, "repo", $event['repo::repo_id'], 0);
95 $r = rg_watch_load_by_obj_id($db, "repo", $event['ri']['repo_id'], 0);
95 96 if ($r === FALSE) if ($r === FALSE)
96 97 return FALSE; return FALSE;
97 98 if (!empty($r)) { if (!empty($r)) {
98 99 foreach ($r as $index => $uid) { foreach ($r as $index => $uid) {
99 $x['ui::uid'] = $uid;
100 $x['ui']['uid'] = $uid;
100 101 $ret[$uid] = $x; $ret[$uid] = $x;
101 102 } }
102 103 } }
103 104
104 105 // We will sent notifications to all watchers of a bug // We will sent notifications to all watchers of a bug
105 $r = rg_watch_load_by_obj_id($db, "bug", $event['repo::repo_id'],
106 $event['bug::bug_id']);
106 $r = rg_watch_load_by_obj_id($db, 'bug', $event['ri']['repo_id'],
107 $event['bug']['bug_id']);
107 108 if ($r === FALSE) if ($r === FALSE)
108 109 return FALSE; return FALSE;
109 110 if (!empty($r)) { if (!empty($r)) {
110 111 foreach ($r as $index => $uid) { foreach ($r as $index => $uid) {
111 $x['ui::uid'] = $uid;
112 $x['ui']['uid'] = $uid;
112 113 $ret[$uid] = $x; $ret[$uid] = $x;
113 114 } }
114 115 } }
 
... ... function rg_bug_event_note_add_one($db, $event)
127 128 $ret = FALSE; $ret = FALSE;
128 129 while (1) { while (1) {
129 130 // lookup user email // lookup user email
130 $ui = rg_user_info($db, $event['ui::uid'], "", "");
131 $ui = rg_user_info($db, $event['ui']['uid'], '', '');
131 132 if ($ui['exists'] != 1) { if ($ui['exists'] != 1) {
132 133 rg_internal_error("User does not exists!"); rg_internal_error("User does not exists!");
133 134 break; break;
 
... ... function rg_bug_event_note_add_one($db, $event)
139 140 } }
140 141
141 142 // send e-mail // send e-mail
142 $event['ui::email'] = $ui['email'];
143 $event['ui']['email'] = $ui['email'];
143 144 $r = rg_mail_template("mail/user/repo/bug/new_note", $event); $r = rg_mail_template("mail/user/repo/bug/new_note", $event);
144 145 if ($r === FALSE) if ($r === FALSE)
145 146 break; break;
 
... ... function rg_bug_event_note_add_all($db, $event)
163 164 $x = $event; $x = $event;
164 165 $x['category'] = 4001; $x['category'] = 4001;
165 166 $x['prio'] = 100; $x['prio'] = 100;
167 $x['ui'] = array();
166 168
167 169 // Now, build the list of users that will receive notification // Now, build the list of users that will receive notification
168 $r = rg_watch_load_by_obj_id($db, "bug", $event['repo::repo_id'],
169 $event['bug::bug_id']);
170 $r = rg_watch_load_by_obj_id($db, 'bug', $event['ri']['repo_id'],
171 $event['bug']['bug_id']);
170 172 if ($r === FALSE) if ($r === FALSE)
171 173 return FALSE; return FALSE;
172 174 if (!empty($r)) { if (!empty($r)) {
173 175 foreach ($r as $index => $uid) { foreach ($r as $index => $uid) {
174 $x['ui::uid'] = $uid;
176 $x['ui']['uid'] = $uid;
175 177 $ret[] = $x; $ret[] = $x;
176 178 } }
177 179 } }
 
... ... function rg_bug_edit($db, $login_ui, $ri, $data)
502 504
503 505 // TODO: seems I do not distinguish between 'add' and 'edit' // TODO: seems I do not distinguish between 'add' and 'edit'
504 506 $event = array("category" => 4100, "prio" => 200, $event = array("category" => 4100, "prio" => 200,
505 "repo::repo_id" => $ri['repo_id'],
506 "repo::name" => $ri['name'],
507 "bug::who_added" => $login_ui['uid'],
508 "bug::who_added_text" => $login_ui['username'],
509 "bug::url" => rg_base_url() . rg_re_bugpage($login_ui, $ri['name'], $data['bug_id']),
510 "bug::assigned_to_text" => $assigned_to_text,
511 "bug::state_text" => rg_bug_state($data['state']));
512 $event = rg_array_merge($event, "bug", $data);
507 'ri' => array(
508 'repo_id' => $ri['repo_id'],
509 'name' => $ri['name']),
510 'bug' => array(
511 'who_added' => $login_ui['uid'],
512 'who_added_text' => $login_ui['username'],
513 'url' => rg_base_url() . rg_re_bugpage($login_ui, $ri['name'], $data['bug_id']),
514 'assigned_to_text' => $assigned_to_text,
515 'state_text' => rg_bug_state($data['state'])));
516 $event = rg_array_merge($event, 'bug', $data);
513 517 $r = rg_event_add($db, $event); $r = rg_event_add($db, $event);
514 518 if ($r !== TRUE) { if ($r !== TRUE) {
515 519 rg_bug_set_error("cannot add event" rg_bug_set_error("cannot add event"
 
... ... function rg_bug_edit($db, $login_ui, $ri, $data)
527 531 // update cache // update cache
528 532 $data['ok'] = 1; $data['ok'] = 1;
529 533 $data['exists'] = 1; $data['exists'] = 1;
530 $key = $ri['repo_id'] . "::bugs::" . $data['bug_id'];
531 534 rg_bug_cosmetic($db, $data); rg_bug_cosmetic($db, $data);
535 $key = $ri['repo_id'] . "::bugs::" . $data['bug_id'];
532 536 rg_cache_set($key, $data); rg_cache_set($key, $data);
533 537
534 538 rg_event_signal_daemon("", 0); rg_event_signal_daemon("", 0);
 
... ... function rg_bug_delete_undelete($db, $who, $repo_id, $bug_id, $op)
581 585 rg_sql_free_result($res); rg_sql_free_result($res);
582 586
583 587 // update cache // update cache
584 $key = $repo_id . "::bugs::" . $bug_id;
585 588 $new = array(); $new = array();
586 589 $new['deleted'] = $deleted; $new['deleted'] = $deleted;
587 590 $new['utime'] = $now; $new['utime'] = $now;
588 591 $new['deleted_who'] = $who; $new['deleted_who'] = $who;
589 592 rg_bug_cosmetic($db, $new); rg_bug_cosmetic($db, $new);
593 $key = $repo_id . "::bugs::" . $bug_id;
590 594 rg_cache_merge($key, $new); rg_cache_merge($key, $new);
591 595
592 596 $ret = TRUE; $ret = TRUE;
 
... ... function rg_bug_note_add($db, $repo_id, $bug_id, $login_uid, $data)
1020 1024 } }
1021 1025
1022 1026 $event = array("category" => 4000, "prio" => 200, $event = array("category" => 4000, "prio" => 200,
1023 "bug::bug_id" => $bug_id,
1024 "repo::repo_id" => $repo_id,
1025 "repo::name" => $_ri['name'],
1026 "bug::title" => $_bi['title'],
1027 "bug::url" => rg_base_url() . rg_re_bugpage($_ui, $_ri['name'], $bug_id),
1028 "note" => $data['note'],
1029 "note::who_added" => $login_uid,
1030 "note::who_added_text" => $_ui['username']);
1027 'bug' => array(
1028 'bug_id' => $bug_id,
1029 'title' => $_bi['title'],
1030 'url' => rg_base_url() . rg_re_bugpage($_ui, $_ri['name'], $bug_id)),
1031 'ri' => array(
1032 'repo_id' => $repo_id,
1033 'name' => $_ri['name']),
1034 'note' => array(
1035 'body' => $data['note'],
1036 'who_added' => $login_uid,
1037 'who_added_text' => $_ui['username']));
1031 1038 $r = rg_event_add($db, $event); $r = rg_event_add($db, $event);
1032 1039 if ($r !== TRUE) { if ($r !== TRUE) {
1033 1040 rg_bug_set_error("cannot add event" rg_bug_set_error("cannot add event"
 
... ... function rg_bug_edit_high_level($db, &$rg)
1276 1283 $x['ip'] = $rg['ip']; $x['ip'] = $rg['ip'];
1277 1284 $x['misc'] = ''; $x['misc'] = '';
1278 1285 if (rg_rights_allow($db, $x) !== TRUE) { if (rg_rights_allow($db, $x) !== TRUE) {
1279 $ret .= rg_template("repo/bug/deny_edit.html", $rg);
1286 $ret .= rg_template("repo/bug/deny_edit.html", $rg, TRUE /* xss */);
1280 1287 break; break;
1281 1288 } }
1282 1289
 
... ... function rg_bug_edit_high_level($db, &$rg)
1288 1295 break; break;
1289 1296 } }
1290 1297
1291 $rg['bug'] = rg_array_merge($rg['bug'], "", rg_bug_vars());
1298 $rg['bug'] = rg_array_merge($rg['bug'], '', rg_bug_vars());
1292 1299
1293 1300 if (!rg_valid_referer()) { if (!rg_valid_referer()) {
1294 1301 $errmsg[] = "invalid referer; try again"; $errmsg[] = "invalid referer; try again";
 
... ... function rg_bug_edit_high_level($db, &$rg)
1325 1332 rg_bug_state_select($rg['bug']['state'], $exclude); rg_bug_state_select($rg['bug']['state'], $exclude);
1326 1333
1327 1334 $hints = array(); $hints = array();
1328 $hints[]['HTML:hint'] = rg_template("hints/repo/bug/add.html", $rg);
1335 $hints[]['HTML:hint'] = rg_template("hints/repo/bug/add.html", $rg, TRUE /* xss */);
1329 1336 $rg['HTML:bug_edit_hints'] = rg_template_table("hints/list", $hints, $rg); $rg['HTML:bug_edit_hints'] = rg_template_table("hints/list", $hints, $rg);
1330 1337
1331 $ret .= rg_template("repo/bug/bug_add_edit.html", $rg);
1338 $ret .= rg_template("repo/bug/bug_add_edit.html", $rg, TRUE /* xss */);
1332 1339 } }
1333 1340
1334 1341 rg_log_exit(); rg_log_exit();
File inc/dispatch/dispatch.php changed (mode: 100644) (index f3a1dbc..98cea07)
... ... case 'logout':
19 19 rg_user_set_last_seen($db, $rg['login_ui']['uid']); rg_user_set_last_seen($db, $rg['login_ui']['uid']);
20 20
21 21 if (rg_sess_destroy($db, $rg['sid'], $rg['login_ui'])) { if (rg_sess_destroy($db, $rg['sid'], $rg['login_ui'])) {
22 $body .= rg_template("user/logout.html", $rg);
22 $body .= rg_template("user/logout.html", $rg, TRUE /* xss */);
23 23 } else { } else {
24 $body .= rg_template("user/logout_err.html", $rg);
24 $body .= rg_template("user/logout_err.html", $rg, TRUE /* xss */);
25 25 } }
26 26 break; break;
27 27
 
... ... case 'settings':
71 71 break; break;
72 72
73 73 case 'tos': case 'tos':
74 $body .= rg_template('tos.html', $rg);
74 $body .= rg_template('tos.html', $rg, TRUE /* xss */);
75 75 break; break;
76 76
77 77 case 'download': case 'download':
78 78 $_sub = empty($paras) ? "" : array_shift($paras); $_sub = empty($paras) ? "" : array_shift($paras);
79 79 if (strcmp($_sub, 'vm') == 0) if (strcmp($_sub, 'vm') == 0)
80 $body .= rg_template('download-vm.html', $rg);
80 $body .= rg_template('download-vm.html', $rg, TRUE /* xss */);
81 81 else else
82 $body .= rg_template('download.html', $rg);
82 $body .= rg_template('download.html', $rg, TRUE /* xss */);
83 83 break; break;
84 84
85 85 case 'features': case 'features':
86 $body .= rg_template('features.html', $rg);
86 $body .= rg_template('features.html', $rg, TRUE /* xss */);
87 87 break; break;
88 88
89 89 case 'pricing': case 'pricing':
90 $body .= rg_template('pricing.html', $rg);
90 $body .= rg_template('pricing.html', $rg, TRUE /* xss */);
91 91 break; break;
92 92
93 93 case 'donate': case 'donate':
94 $body .= rg_template('donate.html', $rg);
94 $body .= rg_template('donate.html', $rg, TRUE /* xss */);
95 95 break; break;
96 96
97 97 case 'discover': case 'discover':
 
... ... default: // can be the main page or user page or repo page
109 109 $user = empty($paras) ? "" : array_shift($paras); $user = empty($paras) ? "" : array_shift($paras);
110 110 $repo = empty($paras) ? "" : array_shift($paras); $repo = empty($paras) ? "" : array_shift($paras);
111 111 } else if (empty($type)) { } else if (empty($type)) {
112 $body .= rg_template("main.html", $rg);
112 $body .= rg_template("main.html", $rg, TRUE /* xss */);
113 113 } else { } else {
114 114 // organization // organization
115 115 $organization = 1; $organization = 1;
File inc/events.inc.php changed (mode: 100644) (index 620329b..30d7be0)
... ... function rg_event_process_queue($db, &$notify_list)
251 251
252 252 $no_of_events = rg_sql_num_rows($res); $no_of_events = rg_sql_num_rows($res);
253 253 while (($row = rg_sql_fetch_array($res))) { while (($row = rg_sql_fetch_array($res))) {
254 $params = array("id" => $row['id']);
254 $params = array('id' => $row['id']);
255 255
256 256 while (1) { while (1) {
257 257 $ev = unserialize($row['data']); $ev = unserialize($row['data']);
File inc/feedback/suggestion.php changed (mode: 100644) (index a401489..783d16c)
... ... while (1) {
37 37 } }
38 38
39 39 $suggestion = ''; $suggestion = '';
40 $_suggestion .= rg_template("suggestion_sent.html", $rg);
40 $_suggestion .= rg_template("suggestion_sent.html", $rg, TRUE /* xss */);
41 41 break; break;
42 42 } }
43 43
44 44 $rg['suggestion'] = $suggestion; $rg['suggestion'] = $suggestion;
45 45 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
46 46 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
47 $_suggestion .= rg_template("suggestion.html", $rg);
47 $_suggestion .= rg_template("suggestion.html", $rg, TRUE /* xss */);
48 48
49 49 ?> ?>
File inc/git.inc.php changed (mode: 100644) (index cc54913..a76f6d6)
... ... function rg_git_ls_tree($tree, $path)
480 480
481 481 // We are forced to use print_r instead of array2string because // We are forced to use print_r instead of array2string because
482 482 // it may be a multilevel array. // it may be a multilevel array.
483 rg_log_ml("DEBUG: ls-tree: " . print_r($ret, TRUE));
483 //rg_log_ml("DEBUG: ls-tree: " . print_r($ret, TRUE));
484 484
485 485 rg_log_exit(); rg_log_exit();
486 486 rg_prof_end("git_ls_tree"); rg_prof_end("git_ls_tree");
 
... ... function rg_git_diff($a, $template_file)
921 921 $ret = "<div class=\"diff\">\n"; $ret = "<div class=\"diff\">\n";
922 922
923 923 $x = array(); $x = array();
924 $template = rg_template($template_file, $x);
924 $template = rg_template($template_file, $x, TRUE /* xss */);
925 925
926 926 // for each file changed // for each file changed
927 927 foreach ($a as $fileindex => $finfo) { foreach ($a as $fileindex => $finfo) {
 
... ... function rg_git_diff($a, $template_file)
930 930 $ret .= "<br />\n"; $ret .= "<br />\n";
931 931
932 932 $f = rg_xss_safe($finfo['file']); $f = rg_xss_safe($finfo['file']);
933 $ret .= "<a name=\"$f\"></a>\n";
933 $ret .= "<a name=\"file-$f\"></a>\n";
934 934
935 $ret .= "<table class=\"chunk\">\n";
935 $ret .= "<table class=\"chunk\" summary=\"chunk\">\n";
936 936 $ret .= "<tr style=\"border: 1px; background: #dddddd\"><td colspan=\"4\">"; $ret .= "<tr style=\"border: 1px; background: #dddddd\"><td colspan=\"4\">";
937 937 if (strstr($finfo['flags'], "N")) if (strstr($finfo['flags'], "N"))
938 938 $ret .= "File <b>$f</b> added"; $ret .= "File <b>$f</b> added";
 
... ... function rg_git_diff($a, $template_file)
985 985 $line_no_left = $ci['from']; $line_no_left = $ci['from'];
986 986 $line_no_right = $ci['to']; $line_no_right = $ci['to'];
987 987 foreach ($ci['lines'] as $line) { foreach ($ci['lines'] as $line) {
988 $v = $template;
989
990 $left_color = "#eeeeee";
991 $right_color = "#eeeeee";
988 $left_class = 'cl-e';
989 $right_class = 'cl-e';
992 990
993 991 $c = substr($line, 0, 1); $c = substr($line, 0, 1);
994 $line = substr($line, 1);
992 $line = rg_xss_safe(substr($line, 1));
995 993 if (strcmp($c, "+") == 0) { if (strcmp($c, "+") == 0) {
996 $left = "";
994 $left = '';
997 995 $right = $line; $right = $line;
998 $right_color = "#00ff00";
999 $line_left = "&nbsp;";
996 $right_class = "cl-g";
997 $line_left = '';
1000 998 $line_right = $line_no_right; $line_right = $line_no_right;
1001 999 $line_no_right++; $line_no_right++;
1002 1000 } else if (strcmp($c, "-") == 0) { } else if (strcmp($c, "-") == 0) {
1003 1001 $left = $line; $left = $line;
1004 $left_color = "#ff0000";
1005 $right = "";
1002 $left_class = "cl-r";
1003 $right = '';
1006 1004 $line_left = $line_no_left; $line_left = $line_no_left;
1007 $line_right = "&nbsp;";
1005 $line_right = '';
1008 1006 $line_no_left++; $line_no_left++;
1009 1007 } else { // ' ' or any other character } else { // ' ' or any other character
1010 1008 $left = $line; $left = $line;
 
... ... function rg_git_diff($a, $template_file)
1015 1013 $line_no_right++; $line_no_right++;
1016 1014 } }
1017 1015
1018 $v = preg_replace("/@@line_left@@/", $line_left, $v);
1019 $v = preg_replace("/@@line_right@@/", $line_right, $v);
1020 $v = preg_replace("/@@left@@/", rg_xss_safe($left), $v);
1021 $v = preg_replace("/@@right@@/", rg_xss_safe($right), $v);
1022
1023 $v = preg_replace("/@@left_color@@/", $left_color, $v);
1024 $v = preg_replace("/@@right_color@@/", $right_color, $v);
1025 $ret .= $v;
1016 $a = array(
1017 'line_left' => $line_left,
1018 'line_right' => $line_right,
1019 'left' => $left,
1020 'right' => $right,
1021 'left_class' => $left_class,
1022 'right_class' => $right_class
1023 );
1024
1025 $ret .= rg_template_string($template, 0 /*off*/,
1026 $a, FALSE /*xss_protection*/);
1026 1027 } }
1027 1028 } }
1028 1029 $ret .= "</table>\n"; $ret .= "</table>\n";
 
... ... function rg_git_update_tag($db, $a)
1065 1066 $x = array(); $x = array();
1066 1067 $x['obj_id'] = $a['repo_id']; $x['obj_id'] = $a['repo_id'];
1067 1068 $x['type'] = 'repo_refs'; $x['type'] = 'repo_refs';
1068 $x['owner'] = $a['repo::uid'];
1069 $x['owner'] = $a['repo_uid'];
1069 1070 $x['uid'] = $a['login_uid']; $x['uid'] = $a['login_uid'];
1070 1071 $x['username'] = $a['login_username']; $x['username'] = $a['login_username'];
1071 1072 $x['needed_rights'] = ''; $x['needed_rights'] = '';
1072 1073 $x['ip'] = $a['ip']; $x['ip'] = $a['ip'];
1073 1074 $x['misc'] = $a['refname']; $x['misc'] = $a['refname'];
1074 1075
1075 $history = array();
1076 $history['ri::repo_id'] = $a['repo_id'];
1077 $history['ui::uid'] = $a['login_uid'];
1076 $history = array('ri' => array(), 'ui' => array());
1077 $history['ri']['repo_id'] = $a['repo_id'];
1078 $history['ui']['uid'] = $a['login_uid'];
1078 1079
1079 1080 if (strcmp($a['new_rev_type'], "tag") == 0) { // Annotated if (strcmp($a['new_rev_type'], "tag") == 0) { // Annotated
1080 1081 if (strcmp($a['old_rev'], $rg_git_zero) == 0) { // create if (strcmp($a['old_rev'], $rg_git_zero) == 0) { // create
 
... ... function rg_git_update_branch($db, $a)
1171 1172 $_x = array(); $_x = array();
1172 1173 $_x['obj_id'] = $a['repo_id']; $_x['obj_id'] = $a['repo_id'];
1173 1174 $_x['type'] = 'repo_refs'; $_x['type'] = 'repo_refs';
1174 $_x['owner'] = $a['repo::uid'];
1175 $_x['owner'] = $a['repo_uid'];
1175 1176 $_x['uid'] = $a['login_uid']; $_x['uid'] = $a['login_uid'];
1176 1177 $_x['username'] = $a['login_username']; $_x['username'] = $a['login_username'];
1177 1178 $_x['needed_rights'] = ''; $_x['needed_rights'] = '';
1178 1179 $_x['ip'] = $a['ip']; $_x['ip'] = $a['ip'];
1179 1180 $_x['misc'] = $a['refname']; $_x['misc'] = $a['refname'];
1180 1181
1181 $history = array();
1182 $history['ri::repo_id'] = $a['repo_id'];
1183 $history['ui::uid'] = $a['login_uid'];
1182 $history = array('ri' => array(), 'ui' => array());
1183 $history['ri']['repo_id'] = $a['repo_id'];
1184 $history['ui']['uid'] = $a['login_uid'];
1184 1185
1185 1186 if (strcmp($a['new_rev'], $rg_git_zero) == 0) { // delete if (strcmp($a['new_rev'], $rg_git_zero) == 0) { // delete
1186 1187 $x = $_x; $x = $_x;
 
... ... function rg_git_update_branch($db, $a)
1278 1279 $x['needed_rights'] = 'H'; $x['needed_rights'] = 'H';
1279 1280 if (rg_rights_allow($db, $x) !== TRUE) { if (rg_rights_allow($db, $x) !== TRUE) {
1280 1281 $_z = array(); $_z = array();
1281 $msg = rg_template("msg/push_not_allowed.txt", $_z);
1282 $msg = rg_template("msg/push_not_allowed.txt", $_z, FALSE /* xss */);
1282 1283 rg_git_fatal($a['refname']. "\n" . $msg); rg_git_fatal($a['refname']. "\n" . $msg);
1283 1284 } }
1284 1285
 
... ... function rg_git_update_branch($db, $a)
1286 1287 // TODO: git may fail to update the reference after this hook; // TODO: git may fail to update the reference after this hook;
1287 1288 // the mr code should check if the update was done. // the mr code should check if the update was done.
1288 1289 $mr = "refs/mr/" $mr = "refs/mr/"
1289 . preg_replace('/refs\/heads\//', '', $a['refname'])
1290 . "_" . preg_replace('/rg_/', '', $a['namespace']);
1290 . str_replace('refs/heads/', '', $a['refname'])
1291 . "_" . str_replace('rg_', '', $a['namespace']);
1291 1292 $reason = $a['login_username'] . ' pushed a merge request' $reason = $a['login_username'] . ' pushed a merge request'
1292 1293 . ' for ref ' . $a['refname'] . ' for ref ' . $a['refname']
1293 1294 . ' into namespace ' . $a['namespace']; . ' into namespace ' . $a['namespace'];
 
... ... function rg_git_update_branch($db, $a)
1304 1305 if ($r !== TRUE) if ($r !== TRUE)
1305 1306 rg_git_fatal($a['refname'] . ": " . rg_mr_error()); rg_git_fatal($a['refname'] . ": " . rg_mr_error());
1306 1307 $_x = array(); $_x = array();
1307 $msg = rg_template("msg/push_merge_request.txt", $_x);
1308 $msg = rg_template("msg/push_merge_request.txt", $_x, FALSE /* xss */);
1308 1309 rg_git_info($a['refname'] . "\n" . $msg); rg_git_info($a['refname'] . "\n" . $msg);
1309 1310
1310 1311 $history['history_category'] = REPO_CAT_GIT_BRANCH_ANON_PUSH; $history['history_category'] = REPO_CAT_GIT_BRANCH_ANON_PUSH;
 
... ... function rg_git_branches_and_tags($repo_dir, $base_url, $current_ref)
1375 1376 $current = ltrim($current_ref, "/"); $current = ltrim($current_ref, "/");
1376 1377 if (empty($current)) if (empty($current))
1377 1378 $current = "branch/master"; $current = "branch/master";
1378 rg_log("DEBUG: current=[$current]");
1379 //rg_log("DEBUG: current=[$current]");
1379 1380
1380 1381 $refs = rg_git_refs($repo_dir); $refs = rg_git_refs($repo_dir);
1381 1382 $_l = array(); $_l = array();
 
... ... function rg_git_branches_and_tags($repo_dir, $base_url, $current_ref)
1385 1386
1386 1387 foreach ($list as $name) { foreach ($list as $name) {
1387 1388 $name = rg_xss_safe($name); $name = rg_xss_safe($name);
1388 $ename = preg_replace('/\//', ',', $name);
1389 $ename = str_replace('/', ',', $name);
1389 1390 //rg_log("DEBUG: compare with [" . $o . "/" . $ename . "]"); //rg_log("DEBUG: compare with [" . $o . "/" . $ename . "]");
1390 1391 if (strcmp($current, $o . "/" . $ename) == 0) { if (strcmp($current, $o . "/" . $ename) == 0) {
1391 1392 $add_s = "<b>"; $add_s = "<b>";
 
... ... function rg_git_parse_ref(&$paras)
1444 1445 $val = array_shift($paras); $val = array_shift($paras);
1445 1446 $ret['ref_url'] = "/" . $ret['ref_type'] . "/" . $val; $ret['ref_url'] = "/" . $ret['ref_type'] . "/" . $val;
1446 1447
1447 $val = preg_replace('/,/', '/', $val);
1448 $val = str_replace(',', '/', $val);
1448 1449 $ret['ref_val'] = $val; $ret['ref_val'] = $val;
1449 1450 $ret['ref_path'] .= $val; $ret['ref_path'] .= $val;
1450 1451
 
... ... function rg_git_diff_tree($tree1, $tree2)
1488 1489 break; break;
1489 1490 } }
1490 1491
1491 rg_log("DEBUG: diff-tree: " . rg_array2string($ret));
1492 //rg_log("DEBUG: diff-tree: " . rg_array2string($ret));
1492 1493
1493 1494 rg_log_exit(); rg_log_exit();
1494 1495 rg_prof_end("git_diff_tree"); rg_prof_end("git_diff_tree");
 
... ... function rg_git_content_by_file($treeish, $file)
1530 1531 function rg_git_log2listing($log, $rg, $commit_table) function rg_git_log2listing($log, $rg, $commit_table)
1531 1532 { {
1532 1533 if ($log === FALSE) if ($log === FALSE)
1533 return rg_template('repo/not_init.html', $rg);
1534 return rg_template('repo/not_init.html', $rg, TRUE /* xss */);
1534 1535
1535 1536 $ret = ''; $ret = '';
1536 1537
 
... ... function rg_git_log2listing($log, $rg, $commit_table)
1540 1541 foreach ($log as $index => $i) foreach ($log as $index => $i)
1541 1542 $log[$index]['vars']['commit_url'] = $log[$index]['vars']['commit_url'] =
1542 1543 rg_xss_safe($rg['mr']) rg_xss_safe($rg['mr'])
1543 . "#" . rg_xss_safe($i['vars']['sha1_short']);
1544 . "#sha1-" . rg_xss_safe($i['vars']['sha1_short']);
1544 1545 $ret .= rg_git_log_template($log, 'repo/log', $rg); $ret .= rg_git_log_template($log, 'repo/log', $rg);
1545 1546 } }
1546 1547
 
... ... function rg_git_log2listing($log, $rg, $commit_table)
1548 1549 foreach ($log as $junk => $i) { foreach ($log as $junk => $i) {
1549 1550 // Some info about commit // Some info about commit
1550 1551 $ret .= "<br /><b>" $ret .= "<br /><b>"
1551 . "<a name=\"" . rg_xss_safe($i['vars']['sha1_short']) . "\">"
1552 . "<a name=\"sha1-" . rg_xss_safe($i['vars']['sha1_short']) . "\">"
1552 1553 . "Commit " . rg_xss_safe($i['vars']['sha1_short']) . "Commit " . rg_xss_safe($i['vars']['sha1_short'])
1553 1554 . "</a></b> - " . rg_xss_safe($i['vars']['subject']) . "\n"; . "</a></b> - " . rg_xss_safe($i['vars']['subject']) . "\n";
1554 1555
 
... ... function rg_git_log2listing($log, $rg, $commit_table)
1574 1575 $ret .= $r; $ret .= $r;
1575 1576
1576 1577 // diff // diff
1578 //rg_log_ml("DEBUG: i[files]=" . print_r($i['files'], TRUE));
1577 1579 $r = rg_git_diff($i['files'], 'repo/diff.html'); $r = rg_git_diff($i['files'], 'repo/diff.html');
1578 1580 if ($r === FALSE) if ($r === FALSE)
1579 1581 return "Internal error"; return "Internal error";
File inc/keys.inc.php changed (mode: 100644) (index 13d3dfe..0b05323)
... ... function rg_keys_info($key)
122 122 $ret['ok'] = 0; $ret['ok'] = 0;
123 123 while(1) { while(1) {
124 124 if (strpos($key, "PRIVATE KEY") !== FALSE) { if (strpos($key, "PRIVATE KEY") !== FALSE) {
125 rg_keys_set_error("private instead of pulic key");
125 rg_keys_set_error("private instead of public key");
126 126 break; break;
127 127 } }
128 128
129 $t = explode(" ", $key, 3);
129 // We must have at least key type and the key
130 $t = explode(' ', $key, 2);
130 131 if (!isset($t[1])) { if (!isset($t[1])) {
131 132 rg_keys_set_error("malformed ssh key (missing fields)"); rg_keys_set_error("malformed ssh key (missing fields)");
132 133 break; break;
133 134 } }
134
135 135 $ret['type'] = $t[0]; $ret['type'] = $t[0];
136 $ret['key'] = $t[1];
137 $ret['comment'] = isset($t[2]) ? $t[2] : "";
138 136
139 $d = base64_decode($ret['key']);
140 if ($d === FALSE) {
141 rg_keys_set_error("malformed input (base64 failed)");
137 if ((strncmp($ret['type'], 'ssh-', 4) != 0)
138 && (strncmp($ret['type'], 'ecdsa-', 6) != 0)) {
139 rg_keys_set_error("key does not start with ssh- or ecdsa-");
142 140 break; break;
143 141 } }
144 $digest = md5($d);
145 142
143 // We try to detect the key because spaces may mess up things
144 $ret['comment'] = '';
145 $error = TRUE;
146 $off = 0;
147 while (1) {
148 rg_log("DEBUG: off=$off");
149
150 // -1 signals that we used the whole string
151 if ($off == -1)
152 break;
153
154 $pos = strpos($t[1], ' ', $off);
155 if ($pos === FALSE) {
156 $ret['key'] = $t[1];
157 $off = -1;
158 } else {
159 $ret['key'] = substr($t[1], 0, $pos);
160 $off = $pos + 1;
161 }
162 rg_log("DEBUG: pos=$pos off=$off key=" . $ret['key']);
163
164 $d = base64_decode($ret['key']);
165 if ($d === FALSE) {
166 rg_keys_set_error("malformed ssh key (base64 failed)");
167 continue;
168 }
169 $d_len = strlen($d);
170 rg_log("d=" . bin2hex($d));
171 rg_log("d_len=$d_len");
172
173 if (strlen($d) < 4) {
174 rg_keys_set_error("key is too short (< 4)");
175 continue;
176 }
177
178 // First, we have the length of the string 'ssh-*'
179 $_t = unpack('N', $d);
180 $len = $_t[1];
181 rg_log_ml("len=$len");
182 if ($d_len < 4 + $len) {
183 rg_keys_set_error("key is too short");
184 continue;
185 }
186 $type2 = substr($d, 4, $len);
187 rg_log("DEBUG: type2=$type2");
188 if (strcasecmp($ret['type'], $type2) != 0) {
189 rg_keys_set_error('key type mismatch: ' . $ret['type'] . ' != ' . $type2);
190 break;
191 }
192
193 if (strcasecmp($ret['type'], 'ssh-rsa') == 0) {
194 $count = 2;
195 } else if (strcasecmp($ret['type'], 'ssh-dss') == 0) {
196 $count = 4;
197 } else if (strncasecmp($ret['type'], 'ecdsa-', 6) == 0) {
198 $count = 2;
199 } else if (strcasecmp($ret['type'], 'ssh-ed25519') == 0) {
200 $count = 1;
201 } else {
202 rg_log('Strange key type: ' . $ret['type']);
203 // Probably this is a new key type, just consider it valid
204 $_t = explode(' ', $key, 3);
205 $ret['key'] = $_t[1];
206 if (isset($_t[2]))
207 $ret['comment'] = $_t[2];
208 $error = FALSE;
209 break;
210 }
211
212 $have_all_chunks = TRUE;
213 $used = 4 + $len;
214 for ($i = 0; $i < $count; $i++) {
215 if ($d_len < $used + 4) {
216 rg_keys_set_error('key is too short (chunk length)');
217 $have_all_chunks = FALSE;
218 break;
219 }
220 $_t = unpack('N', substr($d, $used, 4));
221 $xlen = $_t[1];
222 rg_log_ml("xlen=$xlen");
223 if ($d_len < $used + 4 + $xlen) {
224 rg_keys_set_error("key is too short (chunk body)");
225 $have_all_chunks = FALSE;
226 break;
227 }
228
229 $used += 4 + $xlen;
230 }
231 if ($have_all_chunks === FALSE)
232 continue;
233
234 $ret['comment'] = substr($t[1], $off);
235
236 $error = FALSE;
237 break;
238 }
239 if ($error)
240 break;
241
242 $digest = md5($d);
146 243 $a = array(); $a = array();
147 244 for ($i = 0; $i < 16; $i++) for ($i = 0; $i < 16; $i++)
148 245 $a[] = substr($digest, $i * 2, 2); $a[] = substr($digest, $i * 2, 2);
 
... ... function rg_keys_remove($db, $ui, $list)
184 281 rg_sql_free_result($res); rg_sql_free_result($res);
185 282
186 283 $event = array("category" => 1001, "prio" => 50, $event = array("category" => 1001, "prio" => 50,
187 "ui::email" => $ui['confirmed'] > 0 ? $ui['email'] : "",
284 'ui' => array('email' => $ui['confirmed'] > 0 ? $ui['email'] : ""),
188 285 "keys" => implode(",", $my_list)); "keys" => implode(",", $my_list));
189 286 $r = rg_event_add($db, $event); $r = rg_event_add($db, $event);
190 287 if ($r !== TRUE) { if ($r !== TRUE) {
 
... ... function rg_keys_add($db, $ui, $key)
240 337 global $rg_max_ssh_keys; global $rg_max_ssh_keys;
241 338
242 339 rg_prof_start("keys_add"); rg_prof_start("keys_add");
243 rg_log_enter("keys_add: $key=$key");
340 rg_log_enter("keys_add: key=$key");
244 341
245 342 $ret = FALSE; $ret = FALSE;
246 343 $do_rollback = 0; $do_rollback = 0;
 
... ... function rg_keys_add($db, $ui, $key)
290 387 rg_sql_free_result($res); rg_sql_free_result($res);
291 388
292 389 $event = array("category" => 1000, "prio" => 50, $event = array("category" => 1000, "prio" => 50,
293 "ui::email" => $ui['confirmed'] > 0 ? $ui['email'] : "",
390 'ui' => array('email' => $ui['confirmed'] > 0 ? $ui['email'] : ""),
294 391 "key_id" => $key_id); "key_id" => $key_id);
295 392 $r = rg_event_add($db, $event); $r = rg_event_add($db, $event);
296 393 if ($r !== TRUE) { if ($r !== TRUE) {
File inc/login/login.php changed (mode: 100644) (index 6ecd059..efe460b)
... ... $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
38 38 $rg['forgot_send'] = rg_re_url("/op/forgot_send"); $rg['forgot_send'] = rg_re_url("/op/forgot_send");
39 39 $rg['create_account'] = rg_re_url("/op/create_account"); $rg['create_account'] = rg_re_url("/op/create_account");
40 40 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
41 $_login .= rg_template("user/login.html", $rg);
41 $_login .= rg_template("user/login.html", $rg, TRUE /* xss */);
42 42 ?> ?>
File inc/plan.inc.php changed (mode: 100644) (index dd9b1e9..c7bcece)
... ... function rg_plan_list_high_level($db, $rg)
260 260 $r = rg_plan_remove($db, $list); $r = rg_plan_remove($db, $list);
261 261 if ($r !== TRUE) { if ($r !== TRUE) {
262 262 $rg['errmsg'] = rg_plan_error(); $rg['errmsg'] = rg_plan_error();
263 $del_errmsg[] = rg_template("admin/plans/delete_err.html", $rg);
263 $del_errmsg[] = rg_template("admin/plans/delete_err.html", $rg, TRUE /* xss */);
264 264 break; break;
265 265 } }
266 266 break; break;
 
... ... function rg_plan_list_high_level($db, $rg)
270 270 if ($list === FALSE) { if ($list === FALSE) {
271 271 $rg['errmsg'] = rg_plan_error(); $rg['errmsg'] = rg_plan_error();
272 272 // TODO: really? no array append?! // TODO: really? no array append?!
273 return rg_template("admin/plans/list_err.html", $rg);
273 return rg_template("admin/plans/list_err.html", $rg, TRUE /* xss */);
274 274 } }
275 275
276 276 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
 
... ... function rg_plan_edit_high_level($db, &$rg)
353 353 break; break;
354 354 } }
355 355
356 $ret .= rg_template("admin/plans/add_ok.html", $rg);
356 $ret .= rg_template("admin/plans/add_ok.html", $rg, TRUE /* xss */);
357 357 $load_form = FALSE; $load_form = FALSE;
358 358 break; break;
359 359 } }
 
... ... function rg_plan_edit_high_level($db, &$rg)
362 362 $rg['pi'] = $pi; $rg['pi'] = $pi;
363 363 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
364 364 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
365 $ret .= rg_template("admin/plans/add_edit.html", $rg);
365 $ret .= rg_template("admin/plans/add_edit.html", $rg, TRUE /* xss */);
366 366 } }
367 367
368 368 return $ret; return $ret;
File inc/prof.inc.php changed (mode: 100644) (index bb3fb31..fe5bd78)
... ... function rg_prof_set($data)
22 22
23 23 function rg_prof_start($label) function rg_prof_start($label)
24 24 { {
25 global $peak0;
25 26 global $rg_prof_tmp; global $rg_prof_tmp;
26 27 global $rg_prof_state; global $rg_prof_state;
27 28
 
... ... function rg_prof_start($label)
30 31 $rg_prof_tmp[$label]['level']++; $rg_prof_tmp[$label]['level']++;
31 32 $rg_prof_tmp[$label]['runs']++; $rg_prof_tmp[$label]['runs']++;
32 33 } else { } else {
34 $mem = memory_get_peak_usage() - $peak0;
35
33 36 $rg_prof_tmp[$label] = $rg_prof_state; $rg_prof_tmp[$label] = $rg_prof_state;
34 37 $rg_prof_tmp[$label]['time_ms'] = sprintf("%u", microtime(TRUE) * 1000); $rg_prof_tmp[$label]['time_ms'] = sprintf("%u", microtime(TRUE) * 1000);
35 $rg_prof_tmp[$label]['mem'] = intval(memory_get_usage() / 1024);
38 $rg_prof_tmp[$label]['mem'] = intval($mem / 1024);
36 39 $rg_prof_tmp[$label]['level'] = 1; $rg_prof_tmp[$label]['level'] = 1;
37 40 $rg_prof_tmp[$label]['runs'] = 1; $rg_prof_tmp[$label]['runs'] = 1;
38 41 } }
 
... ... function rg_prof_start($label)
40 43
41 44 function rg_prof_end($label) function rg_prof_end($label)
42 45 { {
46 global $peak0;
43 47 global $rg_prof_tmp; global $rg_prof_tmp;
44 48 global $rg_prof_state; global $rg_prof_state;
45 49 global $rg_prof_main; global $rg_prof_main;
 
... ... function rg_prof_end($label)
56 60
57 61 $start = $rg_prof_tmp[$label]; $start = $rg_prof_tmp[$label];
58 62
63 $mem = memory_get_peak_usage() - $peak0;
64
59 65 $c = $rg_prof_state; $c = $rg_prof_state;
60 66 $c['time_ms'] = sprintf("%u", microtime(TRUE) * 1000); $c['time_ms'] = sprintf("%u", microtime(TRUE) * 1000);
61 67 $c['runs'] = $start['runs']; $start['runs'] = 0; $c['runs'] = $start['runs']; $start['runs'] = 0;
62 $c['mem'] = intval(memory_get_usage() / 1024);
68 $c['mem'] = intval($mem / 1024);
63 69 $c['level'] = 0; // just to not complain that is not defined $c['level'] = 0; // just to not complain that is not defined
64 70
65 71 // we substract what was before start // we substract what was before start
 
... ... function rg_prof_html()
100 106 foreach ($per_label as $k => $v) foreach ($per_label as $k => $v)
101 107 $vars[$k] = 1; $vars[$k] = 1;
102 108
103 $ret = "<table>";
109 $ret = "<table summary=\"profiling\">";
104 110 $ret .= "<tr>"; $ret .= "<tr>";
105 111 $ret .= "<td>Label</td>"; $ret .= "<td>Label</td>";
106 112 foreach ($vars as $var => $junk) foreach ($vars as $var => $junk)
 
... ... function rg_prof_log()
182 188 { {
183 189 $p = rg_prof_text(); $p = rg_prof_text();
184 190 rg_log_ml($p); rg_log_ml($p);
191
192 rg_log("peak: " . sprintf("%.2f MiB", memory_get_peak_usage(TRUE) / 1024 / 1024));
185 193 } }
186 194
187 195 ?> ?>
File inc/repo.inc.php changed (mode: 100644) (index 45a9d33..3706700)
... ... function rg_repo_event_symlink_by_name($db, $e)
305 305
306 306 rg_prof_start("repo_event_symlink_by_name"); rg_prof_start("repo_event_symlink_by_name");
307 307
308 $id_path = rg_repo_path_by_id($e['ui::uid'], $e['ri::repo_id']);
309 $id_path_rel = rg_repo_path_by_id_rel($e['ui::uid'], $e['ri::repo_id']);
310 $new_path = rg_repo_path_by_name($e['ui::uid'], $e['ri::name']);
308 $id_path = rg_repo_path_by_id($e['ui']['uid'], $e['ri']['repo_id']);
309 $id_path_rel = rg_repo_path_by_id_rel($e['ui']['uid'], $e['ri']['repo_id']);
310 $new_path = rg_repo_path_by_name($e['ui']['uid'], $e['ri']['name']);
311 311
312 312 $ret = FALSE; $ret = FALSE;
313 313 while (1) { while (1) {
 
... ... function rg_repo_event_storage_create($db, $e)
374 374
375 375 $ret = FALSE; $ret = FALSE;
376 376 while (1) { while (1) {
377 $by_id_path = rg_repo_path_by_id($e['ui::uid'], $e['ri::repo_id']);
377 $by_id_path = rg_repo_path_by_id($e['ui']['uid'], $e['ri']['repo_id']);
378 378 if (!is_dir($by_id_path)) { if (!is_dir($by_id_path)) {
379 379 if (mkdir($by_id_path, 0755, TRUE) === FALSE) { if (mkdir($by_id_path, 0755, TRUE) === FALSE) {
380 380 rg_repo_set_error("could not create folder $dst"); rg_repo_set_error("could not create folder $dst");
 
... ... function rg_repo_event_storage_create($db, $e)
382 382 } }
383 383 } }
384 384
385 if ($e['ri::master'] == 0) {
385 if ($e['ri']['master'] == 0) {
386 386 $r = rg_git_init($by_id_path); $r = rg_git_init($by_id_path);
387 387 if ($r === FALSE) { if ($r === FALSE) {
388 388 rg_repo_set_error("cannot init master" rg_repo_set_error("cannot init master"
 
... ... function rg_repo_event_storage_create($db, $e)
390 390 break; break;
391 391 } }
392 392 } else { } else {
393 $mi = rg_repo_info($db, $e['ri::master'], 0, "");
393 $mi = rg_repo_info($db, $e['ri']['master'], 0, "");
394 394 if ($mi['exists'] != 1) { if ($mi['exists'] != 1) {
395 rg_repo_set_error("cannot find master (" . rg_repo_error() . ")");
395 rg_repo_set_error("cannot find master"
396 . " (" . rg_repo_error() . ")");
396 397 break; break;
397 398 } }
398 399
399 $master_by_id_path = rg_repo_path_by_id($mi['uid'], $mi['repo_id']);
400 $master_by_id_path = rg_repo_path_by_id($mi['uid'],
401 $mi['repo_id']);
400 402 $r = rg_git_clone($master_by_id_path, $by_id_path); $r = rg_git_clone($master_by_id_path, $by_id_path);
401 403 if ($r === FALSE) { if ($r === FALSE) {
402 rg_repo_set_error("could not create repo (" . rg_git_error() . ")");
404 rg_repo_set_error("could not create repo"
405 . " (" . rg_git_error() . ")");
403 406 break; break;
404 407 } }
405 408
 
... ... function rg_repo_event_storage_create($db, $e)
409 412 if ($r === FALSE) if ($r === FALSE)
410 413 break; break;
411 414
412 $r = rg_repo_git_done($db, $e['ri::repo_id']);
415 $r = rg_repo_git_done($db, $e['ri']['repo_id']);
413 416 if ($r !== TRUE) if ($r !== TRUE)
414 417 break; break;
415 418
 
... ... function rg_repo_history_insert($db, $event)
465 468 rg_prof_start("repo_history_insert"); rg_prof_start("repo_history_insert");
466 469 rg_log_enter("repo_history_insert: event=" . rg_array2string($event)); rg_log_enter("repo_history_insert: event=" . rg_array2string($event));
467 470
468 if (!isset($event['ui::uid']))
469 $event['ui::uid'] = 0;
471 if (!isset($event['ui']['uid']))
472 $event['ui']['uid'] = 0;
470 473
471 474 $ret = FALSE; $ret = FALSE;
472 475 while (1) { while (1) {
473 476 $now = time(); $now = time();
474 477 $params = array("now" => $now, $params = array("now" => $now,
475 "repo_id" => $event['ri::repo_id'],
476 "uid" => $event['ui::uid'],
478 "repo_id" => $event['ri']['repo_id'],
479 "uid" => $event['ui']['uid'],
477 480 "cat" => $event['history_category'], "cat" => $event['history_category'],
478 481 "mess" => $event['history_message']); "mess" => $event['history_message']);
479 482 $sql = "INSERT INTO repo_history_" . gmdate("Y_m", $now) $sql = "INSERT INTO repo_history_" . gmdate("Y_m", $now)
 
... ... function rg_repo_path_by_name($uid, $repo_name)
628 631 */ */
629 632 function rg_repo_cosmetic(&$row) function rg_repo_cosmetic(&$row)
630 633 { {
631 $_a = rg_xss_safe($row['description']);
632 $row['HTML:description_nlbr'] = nl2br($_a);
634 if (strlen(substr($row['description'], 0, 1)) == 1) {
635 $_a = rg_xss_safe($row['description']);
636 $row['HTML:description_nlbr'] = nl2br($_a);
637 } else {
638 $row['HTML:description_nlbr'] = '-';
639 }
633 640 } }
634 641
635 642 /* /*
 
... ... function rg_repo_delete($db, $repo_id, $ui)
747 754 rg_sql_free_result($res); rg_sql_free_result($res);
748 755
749 756 $event = array("category" => 3001, "prio" => 50, $event = array("category" => 3001, "prio" => 50,
750 "ui::email" => $ui['confirmed'] > 0 ? $ui['email'] : "",
751 "ri::name" => $ri['name'],
752 "ri::repo_id" => $repo_id);
757 'ui' => array(
758 'email' => $ui['confirmed'] > 0 ? $ui['email'] : ""),
759 'ri' => array(
760 'name' => $ri['name'],
761 'repo_id' => $repo_id
762 )
763 );
753 764 $r = rg_event_add($db, $event); $r = rg_event_add($db, $event);
754 765 if ($r !== TRUE) { if ($r !== TRUE) {
755 766 rg_repo_set_error("cannot add event" rg_repo_set_error("cannot add event"
 
... ... function rg_repo_edit($db, $login_ui, &$new)
975 986 $old_description = $ri['description']; $old_description = $ri['description'];
976 987 } }
977 988
978 $event = array("category" => $cat, "prio" => 50,
979 "notification" => $notification,
980 "ui::uid" => $login_ui['uid'],
981 "ui::email" => $login_ui['confirmed'] > 0 ? $login_ui['email'] : "",
982 "ri::url" => rg_base_url() . rg_re_repopage($login_ui, $new['name']),
983 "history_category" => $hcat,
984 "history_message" => $hmess);
985 $event = rg_array_merge($event, "ri::old", $ri);
986 $event = rg_array_merge($event, "ri", $new);
987 $event['ri::old::description_md5'] = md5($old_description);
988 $event['ri::description_md5'] = md5($new['description']);
989 $event = array('category' => $cat, 'prio' => 50,
990 'notification' => $notification,
991 'ui' => array(
992 'uid' => $login_ui['uid'],
993 'email' => $login_ui['confirmed'] > 0 ? $login_ui['email'] : ""
994 ),
995 'history_category' => $hcat,
996 'history_message' => $hmess);
997 $event = rg_array_merge($event, 'ri_old', $ri);
998 $new['url'] = rg_base_url() . rg_re_repopage($login_ui, $new['name']);
999 $event = rg_array_merge($event, 'ri', $new);
1000 $event['ri_old']['description_md5'] = md5($old_description);
1001 $event['ri']['description_md5'] = md5($new['description']);
989 1002 $r = rg_event_add($db, $event); $r = rg_event_add($db, $event);
990 1003 if ($r !== TRUE) { if ($r !== TRUE) {
991 1004 rg_repo_set_error("cannot add event" rg_repo_set_error("cannot add event"
 
... ... function rg_repo_admin_rights($db, $rg, $type)
1229 1242 $x['ip'] = $rg['ip']; $x['ip'] = $rg['ip'];
1230 1243 $x['misc'] = ""; $x['misc'] = "";
1231 1244 if (rg_rights_allow($db, $x) !== TRUE) if (rg_rights_allow($db, $x) !== TRUE)
1232 return rg_template("user/repo/rights/deny.html", $rg);
1245 return rg_template("user/repo/rights/deny.html", $rg, TRUE /* xss */);
1233 1246
1234 1247 $ret = ""; $ret = "";
1235 1248
 
... ... function rg_repo_admin_rights($db, $rg, $type)
1268 1281 break; break;
1269 1282 } }
1270 1283
1271 $ret .= rg_template("user/repo/rights/delete_ok.html", $rg);
1284 $ret .= rg_template("user/repo/rights/delete_ok.html", $rg, TRUE /* xss */);
1272 1285 break; break;
1273 1286 } }
1274 1287
 
... ... function rg_repo_admin_rights($db, $rg, $type)
1328 1341 break; break;
1329 1342 } }
1330 1343
1331 $ret .= rg_template("user/repo/rights/grant_ok.html", $rg);
1344 $ret .= rg_template("user/repo/rights/grant_ok.html", $rg, TRUE /* xss */);
1332 1345
1333 1346 $load_defaults = 1; $load_defaults = 1;
1334 1347 break; break;
 
... ... function rg_repo_admin_rights($db, $rg, $type)
1343 1356 $rg['ip'] = ""; $rg['ip'] = "";
1344 1357 $rg['prio'] = 100; $rg['prio'] = 100;
1345 1358 } else { } else {
1346 $rg = rg_array_merge($rg, "", $a);
1359 $rg = rg_array_merge($rg, '', $a);
1347 1360 } }
1348 1361
1349 1362 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
 
... ... function rg_repo_admin_rights($db, $rg, $type)
1361 1374 $ret .= rg_template_table("user/repo/rights/list_" . $type, $ret .= rg_template_table("user/repo/rights/list_" . $type,
1362 1375 $r['list'], $rg); $r['list'], $rg);
1363 1376
1364 $ret .= rg_template("user/repo/rights/form_" . $type . ".html", $rg);
1377 $ret .= rg_template("user/repo/rights/form_" . $type . ".html", $rg, TRUE /* xss */);
1365 1378
1366 1379 // hints // hints
1367 1380 $hints = array(); $hints = array();
1368 $hints[]['HTML:hint'] = rg_template("hints/repo/edit_rights.html", $rg);
1369 $hints[]['HTML:hint'] = rg_template("hints/repo/edit_" . $type . "_rights.html", $rg);
1381 $hints[]['HTML:hint'] = rg_template("hints/repo/edit_rights.html", $rg, TRUE /* xss */);
1382 $hints[]['HTML:hint'] = rg_template("hints/repo/edit_" . $type . "_rights.html", $rg, TRUE /* xss */);
1370 1383 $ret .= rg_template_table("hints/list", $hints, $rg); $ret .= rg_template_table("hints/list", $hints, $rg);
1371 1384
1372 1385 return $ret; return $ret;
 
... ... function rg_repo_admin_delete($db, $rg)
1389 1402 $x['ip'] = $rg['ip']; $x['ip'] = $rg['ip'];
1390 1403 $x['misc'] = ""; $x['misc'] = "";
1391 1404 if (rg_rights_allow($db, $x) !== TRUE) if (rg_rights_allow($db, $x) !== TRUE)
1392 return rg_template("user/repo/delete/deny.html", $rg);
1405 return rg_template("user/repo/delete/deny.html", $rg, TRUE /* xss */);
1393 1406
1394 1407 $are_you_sure = rg_var_uint("are_you_sure"); $are_you_sure = rg_var_uint("are_you_sure");
1395 1408
 
... ... function rg_repo_admin_delete($db, $rg)
1402 1415 break; break;
1403 1416
1404 1417 if ($are_you_sure == 0) { if ($are_you_sure == 0) {
1405 $ret .= rg_template("user/repo/delete/no.html", $rg);
1418 $ret .= rg_template("user/repo/delete/no.html", $rg, TRUE /* xss */);
1406 1419 $show_form = 0; $show_form = 0;
1407 1420 break; break;
1408 1421 } }
 
... ... function rg_repo_admin_delete($db, $rg)
1424 1437 break; break;
1425 1438 } }
1426 1439
1427 $ret .= rg_template("user/repo/delete/done.html", $rg);
1440 $ret .= rg_template("user/repo/delete/done.html", $rg, TRUE /* xss */);
1428 1441 $show_form = 0; $show_form = 0;
1429 1442
1430 1443 // TODO: shouldn't we invalidate the cache? // TODO: shouldn't we invalidate the cache?
 
... ... function rg_repo_admin_delete($db, $rg)
1434 1447 if ($show_form == 1) { if ($show_form == 1) {
1435 1448 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
1436 1449 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
1437 $ret .= rg_template("user/repo/delete/sure.html", $rg);
1450 $ret .= rg_template("user/repo/delete/sure.html", $rg, TRUE /* xss */);
1438 1451 } }
1439 1452
1440 1453 return $ret; return $ret;
 
... ... function rg_repo_edit_high_level($db, &$rg)
1459 1472
1460 1473 // User is not logged in? // User is not logged in?
1461 1474 if (!$edit && ($rg['login_ui']['uid'] == 0)) { if (!$edit && ($rg['login_ui']['uid'] == 0)) {
1462 $ret .= rg_template("user/repo/deny_create.html", $rg);
1475 $ret .= rg_template("user/repo/deny_create.html", $rg, TRUE /* xss */);
1463 1476 $load_form = FALSE; $load_form = FALSE;
1464 1477 break; break;
1465 1478 } }
 
... ... function rg_repo_edit_high_level($db, &$rg)
1475 1488 $x['ip'] = $rg['ip']; $x['ip'] = $rg['ip'];
1476 1489 $x['misc'] = ""; $x['misc'] = "";
1477 1490 if (rg_rights_allow($db, $x) !== TRUE) { if (rg_rights_allow($db, $x) !== TRUE) {
1478 $ret .= rg_template("user/repo/deny_edit.html", $rg);
1491 $ret .= rg_template("user/repo/deny_edit.html", $rg, TRUE /* xss */);
1479 1492 $load_form = FALSE; $load_form = FALSE;
1480 1493 break; break;
1481 1494 } }
 
... ... function rg_repo_edit_high_level($db, &$rg)
1526 1539 $rg['ri']['home'] = rg_re_repopage($rg['login_ui'], $rg['ri']['home'] = rg_re_repopage($rg['login_ui'],
1527 1540 $rg['ri']['name']); $rg['ri']['name']);
1528 1541 if ($edit) { if ($edit) {
1529 $ret .= rg_template("repo/edit_ok.html", $rg);
1542 $ret .= rg_template("repo/edit_ok.html", $rg, TRUE /* xss */);
1530 1543 } else { } else {
1531 $ret .= rg_template("repo/create_ok.html", $rg);
1544 $ret .= rg_template("repo/create_ok.html", $rg, TRUE /* xss */);
1532 1545 } }
1533 1546
1534 1547 $load_form = FALSE; $load_form = FALSE;
 
... ... function rg_repo_edit_high_level($db, &$rg)
1548 1561 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
1549 1562 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
1550 1563 $hints = array(); $hints = array();
1551 $hints[]['HTML:hint'] = rg_template("hints/repo/create_repo.html", $rg);
1564 $hints[]['HTML:hint'] = rg_template("hints/repo/create_repo.html", $rg, TRUE /* xss */);
1552 1565 $rg['HTML:repo_edit_hints'] = rg_template_table("hints/list", $hints, $rg); $rg['HTML:repo_edit_hints'] = rg_template_table("hints/list", $hints, $rg);
1553 $ret .= rg_template("repo/add_edit.html", $rg);
1566 $ret .= rg_template("repo/add_edit.html", $rg, TRUE /* xss */);
1554 1567 } }
1555 1568
1556 1569 rg_log_exit(); rg_log_exit();
 
... ... function rg_repo_admin($db, &$rg, $paras)
1569 1582 $_op = empty($paras) ? "edit" : array_shift($paras); $_op = empty($paras) ? "edit" : array_shift($paras);
1570 1583
1571 1584 $rg['menu']['repo'][$_op] = 1; $rg['menu']['repo'][$_op] = 1;
1572 $ret .= rg_template("user/repo/menu.html", $rg);
1585 $ret .= rg_template("user/repo/menu.html", $rg, TRUE /* xss */);
1573 1586
1574 1587 switch ($_op) { switch ($_op) {
1575 1588 case 'repo_rights': case 'repo_rights':
 
... ... function rg_repo_search_high_level($db, $rg, $ui, $url)
1621 1634
1622 1635 $rg['q'] = $q; $rg['q'] = $q;
1623 1636 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
1624 $rg['search::url'] = $url;
1625 $ret .= rg_template("repo/search.html", $rg);
1637 $rg['search_url'] = $url;
1638 $ret .= rg_template("repo/search.html", $rg, TRUE /* xss */);
1626 1639
1627 1640 return $ret; return $ret;
1628 1641 } }
 
... ... function rg_repo_discover($db, $op, $rg, $ui)
1649 1662 break; break;
1650 1663 } }
1651 1664
1652 $rg['discover::menu::' . $op] = 1;
1653 $ret .= rg_template('repo/discover.html', $rg);
1665 $rg['discover_menu_' . $op] = 1;
1666 $ret .= rg_template('repo/discover.html', $rg, TRUE /* xss */);
1654 1667 $ret .= $x; $ret .= $x;
1655 1668
1656 1669 return $ret; return $ret;
File inc/repo/repo.php changed (mode: 100644) (index 30f8ca0..3158ce0)
... ... case 'list':
23 23 } }
24 24
25 25 $rg['menu']['sub1'][$_subop] = 1; $rg['menu']['sub1'][$_subop] = 1;
26 $rg['HTML:submenu1'] = rg_template("repo/menu.html", $rg);
26 $rg['HTML:submenu1'] = rg_template("repo/menu.html", $rg, TRUE /* xss */);
27 27
28 28 ?> ?>
File inc/rights.inc.php changed (mode: 100644) (index 4103979..ebab54f)
... ... function rg_rights_allow($db, $a)
723 723 continue; continue;
724 724
725 725 $_old = $e['misc']; $_old = $e['misc'];
726 $e['misc'] = preg_replace('/@USER@/', $username, $e['misc']);
726 $e['misc'] = str_replace('@USER@', $username, $e['misc']);
727 727 rg_log("DEBUG [" . $_old . "] -> [" . $e['misc'] . "]"); rg_log("DEBUG [" . $_old . "] -> [" . $e['misc'] . "]");
728 728 } }
729 rg_log_ml("DEBUG: r[list]=" . print_r($r['list'], TRUE));
729 //rg_log_ml("DEBUG: r[list]=" . print_r($r['list'], TRUE));
730 730 } }
731 731
732 732 return rg_rights_test($r['list'], $needed_rights, $ip, $misc); return rg_rights_test($r['list'], $needed_rights, $ip, $misc);
File inc/sql.inc.php changed (mode: 100644) (index a472e99..a66f437)
... ... function rg_sql_query_params($h, $sql, $params)
214 214 $params2 = array(); $params2 = array();
215 215 $i = 1; $i = 1;
216 216 foreach ($params as $k => $v) { foreach ($params as $k => $v) {
217 $what = "/@@" . $k . "@@/";
218 $value = "\\$" . $i;
219 $sql = preg_replace($what, $value, $sql, -1, $count);
217 $what = '@@' . $k . '@@';
218 $value = '$' . $i;
219 $sql = str_replace($what, $value, $sql, $count);
220 220
221 221 //rg_log("rg_sql_query_params: k=[$k] value=$value count=$count"); //rg_log("rg_sql_query_params: k=[$k] value=$value count=$count");
222 222 if ($count > 0) { if ($count > 0) {
File inc/user.inc.php changed (mode: 100644) (index 84aff7d..7e935da)
... ... function rg_user_link_by_name($db, $event)
105 105
106 106 rg_log("user_link_by_name: event=" . rg_array2string($event)); rg_log("user_link_by_name: event=" . rg_array2string($event));
107 107
108 $by_id = rg_user_path_by_id($event['ui::uid']);
108 $by_id = rg_user_path_by_id($event['ui']['uid']);
109 109 if (!is_dir($by_id) && (mkdir($by_id, 0755, TRUE) === FALSE)) { if (!is_dir($by_id) && (mkdir($by_id, 0755, TRUE) === FALSE)) {
110 110 rg_user_set_error("cannot mkdir by_id=$by_id ($php_errormsg)"); rg_user_set_error("cannot mkdir by_id=$by_id ($php_errormsg)");
111 111 return FALSE; return FALSE;
112 112 } }
113 113
114 $by_name = rg_user_path_by_name($event['ui::username']);
114 $by_name = rg_user_path_by_name($event['ui']['username']);
115 115 $by_name_parent = dirname($by_name); $by_name_parent = dirname($by_name);
116 116 if (!is_dir($by_name_parent) && (mkdir($by_name_parent, 0755, TRUE) === FALSE)) { if (!is_dir($by_name_parent) && (mkdir($by_name_parent, 0755, TRUE) === FALSE)) {
117 117 rg_user_set_error("cannot mkdir by_name_parent=$by_name_parent ($php_errmsg)"); rg_user_set_error("cannot mkdir by_name_parent=$by_name_parent ($php_errmsg)");
118 118 return FALSE; return FALSE;
119 119 } }
120 120
121 $by_id_rel = rg_user_path_by_id_rel($event['ui::uid']);
121 $by_id_rel = rg_user_path_by_id_rel($event['ui']['uid']);
122 122 if (is_link($by_name)) if (is_link($by_name))
123 123 unlink($by_name); unlink($by_name);
124 124 if (symlink($by_id_rel, $by_name) === FALSE) { if (symlink($by_id_rel, $by_name) === FALSE) {
 
... ... function rg_user_rename($db, $ui, $new_name)
386 386
387 387 // TODO: Check if all parameters are used. // TODO: Check if all parameters are used.
388 388 $event = array("category" => 2005, "prio" => 50, $event = array("category" => 2005, "prio" => 50,
389 "ui::rename_from" => $ui['username'],
390 "ui::rename_to" => $new_name,
391 "ui::uid" => $ui['uid']);
389 'ui' => array(
390 'rename_from' => $ui['username'],
391 'rename_to' => $new_name,
392 'uid' => $ui['uid']
393 )
394 );
392 395 $r = rg_event_add($db, $event); $r = rg_event_add($db, $event);
393 396 if ($r !== TRUE) { if ($r !== TRUE) {
394 397 rg_repo_set_error("cannot add event" rg_repo_set_error("cannot add event"
 
... ... function rg_user_edit($db, $d)
506 509 rg_cache_unset("user::" . $d['uid']); rg_cache_unset("user::" . $d['uid']);
507 510
508 511 if ($d['uid'] == 0) { // add if ($d['uid'] == 0) { // add
509 $event = array("category" => 2000, "prio" => 50,
510 "ui::uid" => $row['uid'],
511 "ui::username" => $d['username'],
512 "ui::email" => $confirmed > 0 ? $d['email'] : "",
513 "ui::confirm_token" => $d['confirm_token'],
514 "rg_account_email_confirm" => $rg_account_email_confirm,
515 "url" => rg_base_url()
512 $event = array('category' => 2000, 'prio' => 50,
513 'ui' => array(
514 'uid' => $row['uid'],
515 'username' => $d['username'],
516 'email' => $confirmed > 0 ? $d['email'] : "",
517 'confirm_token' => $d['confirm_token']
518 ),
519 'rg_account_email_confirm' => $rg_account_email_confirm,
520 'url' => rg_base_url()
516 521 ); );
517 522 $r = rg_event_add($db, $event); $r = rg_event_add($db, $event);
518 523 if ($r === FALSE) { if ($r === FALSE) {
 
... ... function rg_user_list($db)
1002 1007 } }
1003 1008
1004 1009 $ret = ""; $ret = "";
1005 $ret .= "<table>\n";
1010 $ret .= "<table summary=\"users and operations\">\n";
1006 1011 $ret .= "<tr>\n"; $ret .= "<tr>\n";
1007 1012 $ret .= " <th>User name</th>\n"; $ret .= " <th>User name</th>\n";
1008 1013 $ret .= " <th>Name</th>\n"; $ret .= " <th>Name</th>\n";
 
... ... function rg_user_confirm($db, $token)
1295 1300 rg_log_enter("user_confirm: token=$token"); rg_log_enter("user_confirm: token=$token");
1296 1301
1297 1302 $now = time(); $now = time();
1298 $token = preg_replace("/[^A-Za-z0-9]/", "", $token);
1303 $token = preg_replace("/[^A-Za-z0-9]/", '', $token);
1299 1304
1300 1305 $ret = FALSE; $ret = FALSE;
1301 1306 while (1) { while (1) {
 
... ... function rg_user_edit_high_level($db, &$rg)
1415 1420
1416 1421 if (($rg['target_ui']['uid'] == 0) if (($rg['target_ui']['uid'] == 0)
1417 1422 && ($rg['rg_account_allow_creation'] != 1)) { && ($rg['rg_account_allow_creation'] != 1)) {
1418 $ret .= rg_template("user/create_na.html", $rg);
1423 $ret .= rg_template("user/create_na.html", $rg, TRUE /* xss */);
1419 1424 return $ret; return $ret;
1420 1425 } }
1421 1426
 
... ... function rg_user_edit_high_level($db, &$rg)
1431 1436 $x['ip'] = $rg['ip']; $x['ip'] = $rg['ip'];
1432 1437 $x['misc'] = ""; $x['misc'] = "";
1433 1438 if (rg_rights_allow($db, $x) !== TRUE) { if (rg_rights_allow($db, $x) !== TRUE) {
1434 $ret .= rg_template("access_denied.html", $rg);
1439 $ret .= rg_template("access_denied.html", $rg, TRUE /* xss */);
1435 1440 return $ret; return $ret;
1436 1441 } }
1437 1442 } }
 
... ... function rg_user_edit_high_level($db, &$rg)
1525 1530 // TODO: should we just redirect to login page? // TODO: should we just redirect to login page?
1526 1531 // TODO: or to user page if there is no need to confirm the account? // TODO: or to user page if there is no need to confirm the account?
1527 1532 if ($ui['uid'] == 0) if ($ui['uid'] == 0)
1528 $ret = rg_template("user/create_ok.html", $rg);
1533 $ret = rg_template("user/create_ok.html", $rg, TRUE /* xss */);
1529 1534 else else
1530 $ret = rg_template("user/edit_ok.html", $rg);
1535 $ret = rg_template("user/edit_ok.html", $rg, TRUE /* xss */);
1531 1536 $load_form = FALSE; $load_form = FALSE;
1532 1537 break; break;
1533 1538 } }
 
... ... function rg_user_edit_high_level($db, &$rg)
1539 1544 "rights", $ui['rights']); "rights", $ui['rights']);
1540 1545 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
1541 1546 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
1542 $ret .= rg_template("user/add_edit.html", $rg);
1547 $ret .= rg_template("user/add_edit.html", $rg, TRUE /* xss */);
1543 1548 } }
1544 1549
1545 1550 return $ret; return $ret;
File inc/user/confirm.php changed (mode: 100644) (index 2f4343b..e851c16)
... ... if ($uid !== FALSE) {
16 16 } }
17 17
18 18 // error // error
19 $_confirm = rg_template("user/bad_token.html", $rg);
19 $_confirm = rg_template("user/bad_token.html", $rg, TRUE /* xss */);
20 20
21 21 ?> ?>
File inc/user/forgot.php changed (mode: 100644) (index e51321d..f0b68aa)
... ... if ($rg['doit'] == 1) {
39 39 rg_user_forgot_pass_destroy($db, $r['uid']); rg_user_forgot_pass_destroy($db, $r['uid']);
40 40 // auto-login // auto-login
41 41 if (!rg_user_auto_login($db, $r['uid'], $lock_ip, $rg['login_ui'])) { if (!rg_user_auto_login($db, $r['uid'], $lock_ip, $rg['login_ui'])) {
42 $_forgot = rg_template("msg/internal.txt");
42 $_forgot = rg_template("msg/internal_err.html", TRUE /* xss */);
43 43 return; return;
44 44 } }
45 45
 
... ... $rg['forgot_token'] = $forgot_token;
53 53 $rg['pass1'] = $pass1; $rg['pass1'] = $pass1;
54 54 $rg['pass2'] = $pass2; $rg['pass2'] = $pass2;
55 55 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
56 $_forgot .= rg_template("user/forgot.html", $rg);
56 $_forgot .= rg_template("user/forgot.html", $rg, TRUE /* xss */);
57 57 ?> ?>
File inc/user/forgot_send.php changed (mode: 100644) (index 2526202..cc33275)
... ... if ($rg['doit'] == 1) {
26 26 if ($_show_form == 1) { if ($_show_form == 1) {
27 27 $rg['email'] = $email; $rg['email'] = $email;
28 28 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
29 $_forgot .= rg_template("user/forgot_send.html", $rg);
29 $_forgot .= rg_template("user/forgot_send.html", $rg, TRUE /* xss */);
30 30 } }
31 31
32 32 ?> ?>
File inc/user/home-page.php changed (mode: 100644) (index 4384af4..d41adc9)
... ... $_home = "";
5 5
6 6 $page_ui = rg_user_info($db, 0, $user, ""); $page_ui = rg_user_info($db, 0, $user, "");
7 7 if ($page_ui['exists'] == 0) { if ($page_ui['exists'] == 0) {
8 $_home .= rg_template("user/invalid.html", $rg);
8 $_home .= rg_template("user/invalid.html", $rg, TRUE /* xss */);
9 9 return; return;
10 10 } }
11 11
File inc/user/keys/keys.php changed (mode: 100644) (index 473ab98..51f5c31)
... ... if (rg_var_uint("add") == 1) {
27 27 } }
28 28
29 29 $_r = rg_keys_add($db, $rg['login_ui'], $key); $_r = rg_keys_add($db, $rg['login_ui'], $key);
30 if ($_r === FALSE)
30 if ($_r === FALSE) {
31 31 $add_errmsg[] = rg_keys_error(); $add_errmsg[] = rg_keys_error();
32 break;
33 }
34
35 $key = '';
32 36 break; break;
33 37 } }
34 38 } else if (rg_var_uint("delete") == 1) { } else if (rg_var_uint("delete") == 1) {
 
... ... if (rg_var_uint("add") == 1) {
53 57 break; break;
54 58 } }
55 59
56 $rg['HTML:status'] = rg_template("user/keys/remove_ok.html", $rg);
60 $rg['HTML:status'] = rg_template("user/keys/remove_ok.html", $rg, TRUE /* xss */);
57 61 break; break;
58 62 } }
59 63 } }
 
... ... if (rg_var_uint("add") == 1) {
61 65 $rg['HTML:add_errmsg'] = rg_template_errmsg($add_errmsg); $rg['HTML:add_errmsg'] = rg_template_errmsg($add_errmsg);
62 66 $rg['HTML:del_errmsg'] = rg_template_errmsg($del_errmsg); $rg['HTML:del_errmsg'] = rg_template_errmsg($del_errmsg);
63 67
64 $rg['HTML:add_form'] = rg_template("user/keys/add.html", $rg);
68 $rg['key'] = $key;
69 $rg['rg_form_token'] = rg_token_get($db, $rg);
70 $rg['HTML:add_form'] = rg_template("user/keys/add.html", $rg, TRUE /* xss */);
65 71
66 72 $keys_list = rg_keys_list($db, $rg['login_ui']); $keys_list = rg_keys_list($db, $rg['login_ui']);
67 73 if ($keys_list === FALSE) if ($keys_list === FALSE)
 
... ... else
71 77
72 78 $hints = array(); $hints = array();
73 79 if ($rg_ssh_port != 0) if ($rg_ssh_port != 0)
74 $hints[]['HTML:hint'] = rg_template("hints/ssh/key.html", $rg);
80 $hints[]['HTML:hint'] = rg_template("hints/ssh/key.html", $rg, TRUE /* xss */);
75 81 $rg['HTML:hints'] = rg_template_table("hints/list", $hints, $rg); $rg['HTML:hints'] = rg_template_table("hints/list", $hints, $rg);
76 82
77 $rg['rg_form_token'] = rg_token_get($db, $rg);
78 $rg['key'] = $key;
79
80 $_keys = rg_template("user/keys/main.html", $rg);
83 $_keys = rg_template("user/keys/main.html", $rg, TRUE /* xss */);
81 84 ?> ?>
File inc/user/pass/pass.php changed (mode: 100644) (index aa6eced..53fa336)
... ... while (1) {
39 39 break; break;
40 40 } }
41 41
42 $_pass .= rg_template("user/pass_changed.html", $rg);
42 $_pass .= rg_template("user/pass_changed.html", $rg, TRUE /*xss*/);
43 43 $show_form = 0; $show_form = 0;
44 44 break; break;
45 45 } }
 
... ... if ($show_form == 1) {
51 51 $rg['pass1'] = $pass1; $rg['pass1'] = $pass1;
52 52 $rg['pass2'] = $pass2; $rg['pass2'] = $pass2;
53 53
54 $_pass .= rg_template("user/pass.html", $rg);
54 $_pass .= rg_template("user/pass.html", $rg, TRUE /*xss*/);
55 55 } }
56 56
57 57 ?> ?>
File inc/user/repo-page.php changed (mode: 100644) (index 7989e48..d97eee9)
... ... if ($rg['page_ui']['ok'] != 1) {
13 13 return; return;
14 14 } }
15 15 if ($rg['page_ui']['exists'] != 1) { if ($rg['page_ui']['exists'] != 1) {
16 $_repo_page .= rg_template("user/invalid.html", $rg);
16 $_repo_page .= rg_template("user/invalid.html", $rg, TRUE /* xss */);
17 17 return; return;
18 18 } }
19 19
20 20 if (rg_repo_ok($repo) !== TRUE) { if (rg_repo_ok($repo) !== TRUE) {
21 $_repo_page .= rg_template("repo/invalid.html", $rg);
21 $_repo_page .= rg_template("repo/invalid.html", $rg, TRUE /* xss */);
22 22 return; return;
23 23 } }
24 24 $rg['ri'] = rg_repo_info($db, 0, $rg['page_ui']['uid'], $repo); $rg['ri'] = rg_repo_info($db, 0, $rg['page_ui']['uid'], $repo);
 
... ... while (1) {
48 48 break; break;
49 49 } }
50 50 if ($allow !== TRUE) { if ($allow !== TRUE) {
51 $_repo_page .= rg_template("user/repo/deny.html", $rg);
51 $_repo_page .= rg_template("user/repo/deny.html", $rg, TRUE /* xss */);
52 52 return; return;
53 53 } }
54 54
 
... ... $rg['url_repo'] = rg_re_repopage($rg['page_ui'], $repo);
63 63 $rg['ssh'] = rg_re_repo_ssh($organization, $user, $repo); $rg['ssh'] = rg_re_repo_ssh($organization, $user, $repo);
64 64 $rg['git'] = rg_re_repo_git($organization, $user, $repo); $rg['git'] = rg_re_repo_git($organization, $user, $repo);
65 65 $rg['can_admin'] = $can_admin; $rg['can_admin'] = $can_admin;
66 $rg['hints'] = "";
66 $rg['HTML:hints'] = '';
67 67
68 68 $repo_path = rg_repo_path_by_id($rg['ri']['uid'], $rg['ri']['repo_id']); $repo_path = rg_repo_path_by_id($rg['ri']['uid'], $rg['ri']['repo_id']);
69 69 rg_log("repo_path=$repo_path"); rg_log("repo_path=$repo_path");
70 70 putenv("GIT_DIR=$repo_path"); // TODO: this will be removed after all functios will got a path para putenv("GIT_DIR=$repo_path"); // TODO: this will be removed after all functios will got a path para
71 71
72 $rg['repo_body'] = "";
73 $rg['branches_and_tags'] = "";
74 $rg['repo_submenu'] = "";
72 $rg['HTML:branches_and_tags'] = '';
75 73 $_repo_body = ""; $_repo_body = "";
76 74
77 75 // build urls list // build urls list
78 76 $urls = array(); $urls = array();
79 77 if ($rg_ssh_port != 0) if ($rg_ssh_port != 0)
80 $urls[]['HTML:url'] = '<a href="' . $rg['ssh'] . '">' . $rg['ssh'] . '</a>';
78 $urls[]['HTML:clone_url'] = '<a href="' . $rg['ssh'] . '">' . $rg['ssh'] . '</a>';
81 79 if ($rg_git_port != 0) if ($rg_git_port != 0)
82 $urls[]['HTML:url'] = '<a href="' . $rg['git'] . '">' . $rg['git'] . '</a>';
80 $urls[]['HTML:clone_url'] = '<a href="' . $rg['git'] . '">' . $rg['git'] . '</a>';
83 81 $rg['HTML:urls'] = rg_template_table("repo/urls", $urls, $rg); $rg['HTML:urls'] = rg_template_table("repo/urls", $urls, $rg);
84 82
85 83 function rg_add_clone_hints($db, &$rg, $ref) function rg_add_clone_hints($db, &$rg, $ref)
 
... ... function rg_add_clone_hints($db, &$rg, $ref)
89 87
90 88 $hints = array(); $hints = array();
91 89
92 $hints[]['HTML:hint'] = rg_template("hints/repo/git_setup.html", $rg);
90 $hints[]['HTML:hint'] = rg_template("hints/repo/git_setup.html",
91 $rg, TRUE /* xss */);
93 92
94 93 if ($rg['ri']['uid'] == $rg['login_ui']['uid']) { if ($rg['ri']['uid'] == $rg['login_ui']['uid']) {
95 $hints[]['HTML:hint'] = rg_template("hints/repo/clone_owner.html", $rg);
94 $hints[]['HTML:hint'] = rg_template("hints/repo/clone_owner.html",
95 $rg, TRUE /* xss */);
96 96 } else { } else {
97 97 if ($rg_ssh_port != 0) if ($rg_ssh_port != 0)
98 $hints[]['HTML:hint'] = rg_template("hints/repo/clone_ssh.html", $rg);
98 $hints[]['HTML:hint'] = rg_template("hints/repo/clone_ssh.html",
99 $rg, TRUE /* xss */);
99 100
100 101 if ($rg_git_port != 0) if ($rg_git_port != 0)
101 $hints[]['HTML:hint'] = rg_template("hints/repo/clone_git.html", $rg);
102 $hints[]['HTML:hint'] = rg_template("hints/repo/clone_git.html",
103 $rg, TRUE /* xss */);
102 104
103 105 $x = array(); $x = array();
104 106 $x['obj_id'] = $rg['ri']['repo_id']; $x['obj_id'] = $rg['ri']['repo_id'];
 
... ... function rg_add_clone_hints($db, &$rg, $ref)
110 112 $x['ip'] = $rg['ip']; $x['ip'] = $rg['ip'];
111 113 $x['misc'] = $ref; $x['misc'] = $ref;
112 114 if (rg_rights_allow($db, $x) === TRUE) if (rg_rights_allow($db, $x) === TRUE)
113 $hints[]['HTML:hint'] = rg_template("hints/repo/anon_push.html", $rg);
115 $hints[]['HTML:hint'] = rg_template("hints/repo/anon_push.html",
116 $rg, TRUE /* xss */);
114 117 } }
115 118
116 119 $rg['HTML:hints'] = rg_template_table("hints/list", $hints, $rg); $rg['HTML:hints'] = rg_template_table("hints/list", $hints, $rg);
 
... ... if (strcmp($_subop, "history") == 0) {
142 145
143 146 rg_add_clone_hints($db, $rg, $ref); rg_add_clone_hints($db, $rg, $ref);
144 147
145 $_repo_body .= rg_template("repo/source.html", $rg);
148 $_repo_body .= rg_template("repo/source.html", $rg, TRUE /* xss */);
146 149
147 150 rg_log("DEBUG: _subsubop=[$_subsubop]"); rg_log("DEBUG: _subsubop=[$_subsubop]");
148 151 if ($rg['ri']['git_dir_done'] == 0) { if ($rg['ri']['git_dir_done'] == 0) {
149 $_repo_body .= rg_template("repo/no_git_dir.html", $rg);
152 $_repo_body .= rg_template("repo/no_git_dir.html", $rg, TRUE /* xss */);
150 153 } else if (strcmp($_subsubop, "tree") == 0) { } else if (strcmp($_subsubop, "tree") == 0) {
151 154 $type = array_shift($paras); $type = array_shift($paras);
152 155 rg_log("DEBUG: tree: type=$type"); rg_log("DEBUG: tree: type=$type");
 
... ... if (strcmp($_subop, "history") == 0) {
168 171 ); );
169 172 $blob = array_merge($blob, $_content); $blob = array_merge($blob, $_content);
170 173 $blob = array_merge($blob, $rg); $blob = array_merge($blob, $rg);
171 $_repo_body .= rg_template("repo/blob.html", $blob);
174 $_repo_body .= rg_template("repo/blob.html", $blob, TRUE /* xss */);
172 175 } }
173 176 } else if (strcmp($type, "tree") == 0) { } else if (strcmp($type, "tree") == 0) {
174 177 // find treeish of dir // find treeish of dir
 
... ... if (strcmp($_subop, "history") == 0) {
189 192 $_repo_body .= rg_template_table("repo/tree", $_tree, $_repo_body .= rg_template_table("repo/tree", $_tree,
190 193 $rg); $rg);
191 194 } }
192 } else {
193 // show the log
195 } else { // show the log
194 196 $log = rg_git_log($repo_path, 10, "", $ref, FALSE); $log = rg_git_log($repo_path, 10, "", $ref, FALSE);
195 197 if ($log === FALSE) { if ($log === FALSE) {
196 $_repo_body .= rg_template("repo/not_init.html", $rg);
198 $_repo_body .= rg_template("repo/not_init.html", $rg, TRUE /* xss */);
197 199 } else { } else {
198 200 //rg_log_ml("DEBUG: log: " . print_r($log, TRUE)); //rg_log_ml("DEBUG: log: " . print_r($log, TRUE));
199 201 $_repo_body .= rg_git_log_template($log, "repo/log", $rg); $_repo_body .= rg_git_log_template($log, "repo/log", $rg);
 
... ... if (strcmp($_subop, "history") == 0) {
202 204 $type = array_shift($paras); $type = array_shift($paras);
203 205 //rg_log("DEBUG: log: type=$type"); //rg_log("DEBUG: log: type=$type");
204 206 if (strcmp($type, "commit") == 0) { if (strcmp($type, "commit") == 0) {
205 $commit = rg_git_reference($paras[0]);
207 if (empty($paras))
208 $commit = FALSE;
209 else
210 $commit = rg_git_reference($paras[0]);
206 211 if ($commit === FALSE) { if ($commit === FALSE) {
207 212 rg_internal_error("Invalid commit" rg_internal_error("Invalid commit"
208 213 . " [" . $paras[0] . "]." . " [" . $paras[0] . "]."
 
... ... if (strcmp($_subop, "history") == 0) {
230 235 $_repo_body .= $bug_body; $_repo_body .= $bug_body;
231 236 } else if (strcmp($_subop, "stats") == 0) { } else if (strcmp($_subop, "stats") == 0) {
232 237 if ($rg['ri']['git_dir_done'] == 0) if ($rg['ri']['git_dir_done'] == 0)
233 $_repo_body .= rg_template("repo/no_git_dir.html", $rg);
238 $_repo_body .= rg_template("repo/no_git_dir.html", $rg, TRUE /* xss */);
234 239 else else
235 $_repo_body .= rg_template("repo/stats.html", $rg);
240 $_repo_body .= rg_template("repo/stats.html", $rg, TRUE /* xss */);
236 241 } else if (strcmp($_subop, "mr") == 0) { } else if (strcmp($_subop, "mr") == 0) {
237 242 if ($rg['ri']['git_dir_done'] == 0) { if ($rg['ri']['git_dir_done'] == 0) {
238 $_repo_body .= rg_template("repo/no_git_dir.html", $rg);
243 $_repo_body .= rg_template("repo/no_git_dir.html", $rg, TRUE /* xss */);
239 244 } else { } else {
240 $_repo_body .= rg_template("repo/mrs.html", $rg);
245 $_repo_body .= rg_template("repo/mrs.html", $rg, TRUE /* xss */);
241 246
242 247 $r = rg_mr_load($db, $rg['ri']['repo_id'], 20); $r = rg_mr_load($db, $rg['ri']['repo_id'], 20);
243 248 if ($r === FALSE) { if ($r === FALSE) {
 
... ... if (strcmp($_subop, "history") == 0) {
267 272 } }
268 273
269 274 $mri['HTML:diff'] = rg_git_log2listing($_log, $rg, TRUE); $mri['HTML:diff'] = rg_git_log2listing($_log, $rg, TRUE);
270 $_repo_body .= rg_template("repo/mr/page.html", $mri);
275 $_repo_body .= rg_template("repo/mr/page.html", $mri, TRUE /* xss */);
271 276
272 277 break; break;
273 278 } }
 
... ... if (strcmp($_subop, "history") == 0) {
276 281
277 282 $rg['per_repo_menu'][$_subop] = 1; $rg['per_repo_menu'][$_subop] = 1;
278 283 $rg['HTML:repo_body'] = $_repo_body; $rg['HTML:repo_body'] = $_repo_body;
279 $_repo_page = rg_template("repo/main.html", $rg);
284 $_repo_page = rg_template("repo/main.html", $rg, TRUE /* xss */);
280 285 ?> ?>
File inc/user/repo/bug/main.php changed (mode: 100644) (index 2092590..4ab4e63)
... ... case 'list':
71 71 if (isset($filter['standard']) && ($filter['standard'] == 0)) { if (isset($filter['standard']) && ($filter['standard'] == 0)) {
72 72 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
73 73 $rg['search_remove_errmsg'] = ""; $rg['search_remove_errmsg'] = "";
74 $_bug_body .= rg_template("repo/bug/search/remove.html", $rg);
74 $_bug_body .= rg_template("repo/bug/search/remove.html", $rg, TRUE /* xss */);
75 75 } }
76 76 break; break;
77 77
 
... ... default: // show - go directly to a bug
89 89 } }
90 90
91 91 $rg['HTML:bug_body'] = $_bug_body; $rg['HTML:bug_body'] = $_bug_body;
92 $bug_body = rg_template("repo/bug/main.html", $rg);
92 $bug_body = rg_template("repo/bug/main.html", $rg, TRUE /* xss */);
93 93 ?> ?>
File inc/user/repo/bug/search/search.php changed (mode: 100644) (index 5acce9e..22c08b9)
... ... $rg = array_merge($rg, $_x);
56 56 $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); $rg['HTML:errmsg'] = rg_template_errmsg($errmsg);
57 57 $_exclude = array(); $_exclude = array();
58 58 $rg['HTML:state_select'] = rg_bug_state_select($_x['state'], $_exclude); $rg['HTML:state_select'] = rg_bug_state_select($_x['state'], $_exclude);
59 $_bug_search .= rg_template("repo/bug/search/search.html", $rg);
59 $_bug_search .= rg_template("repo/bug/search/search.html", $rg, TRUE /* xss */);
60 60 ?> ?>
File inc/user/repo/bug/show/add_note.php changed (mode: 100644) (index 9165487..370366a)
... ... while (1) {
47 47 $rg['HTML:note_errmsg'] = rg_template_errmsg($note_errmsg); $rg['HTML:note_errmsg'] = rg_template_errmsg($note_errmsg);
48 48 $rg['rg_form_token'] = rg_token_get($db, $rg); $rg['rg_form_token'] = rg_token_get($db, $rg);
49 49 $rg['note'] = $note; $rg['note'] = $note;
50 $rg['HTML:note_add'] = rg_template("repo/bug/note_add.html", $rg);
50 $rg['HTML:note_add'] = rg_template("repo/bug/note_add.html", $rg, TRUE /* xss */);
51 51 ?> ?>
File inc/user/repo/bug/show/show.php changed (mode: 100644) (index 5898cb7..9ad0863)
... ... rg_log("FILE: /inc/user/repo/bug/show/show");
5 5
6 6 $_bug_show = ""; $_bug_show = "";
7 7
8 $rg['rg_form_token'] = rg_token_get($db, $rg);
8 9 $rg['HTML:bug_edit'] = ""; $rg['HTML:bug_edit'] = "";
9 10
10 11 $ibug = rg_bug_info($db, $rg['ri']['repo_id'], $rg['bug']['bug_id']); $ibug = rg_bug_info($db, $rg['ri']['repo_id'], $rg['bug']['bug_id']);
 
... ... if ($ibug === FALSE)
14 15 $rg['bug'] = array_merge($rg['bug'], $ibug); $rg['bug'] = array_merge($rg['bug'], $ibug);
15 16
16 17 if ($ibug['exists'] != 1) { if ($ibug['exists'] != 1) {
17 $_bug_body .= rg_template("repo/bug/not_found.html", $rg);
18 $_bug_body .= rg_template("repo/bug/not_found.html", $rg, TRUE /* xss */);
18 19 return; return;
19 20 } }
20 21
 
... ... $x['misc'] = '';
31 32 if ($ibug['deleted'] > 0) { if ($ibug['deleted'] > 0) {
32 33 $x['needed_rights'] = 'd'; $x['needed_rights'] = 'd';
33 34 if (rg_rights_allow($db, $x) !== TRUE) { if (rg_rights_allow($db, $x) !== TRUE) {
34 $_bug_body .= rg_template("repo/bug/deleted.html", $rg);
35 $_bug_body .= rg_template("repo/bug/deleted.html", $rg, TRUE /* xss */);
35 36 return; return;
36 37 } }
37 38 } }
 
... ... else
45 46 $rg['bug']['labels'] = implode(" ", $labels); $rg['bug']['labels'] = implode(" ", $labels);
46 47
47 48 // edit // edit
48 $rg['HTML:edit_form'] = rg_template("repo/bug/b_edit.html", $rg);
49 $rg['HTML:edit_form'] = rg_template("repo/bug/b_edit.html", $rg, TRUE /* xss */);
49 50 if (rg_var_uint("edit") == 1) if (rg_var_uint("edit") == 1)
50 51 $rg['HTML:bug_edit'] = rg_bug_edit_high_level($db, $rg); $rg['HTML:bug_edit'] = rg_bug_edit_high_level($db, $rg);
51 52
 
... ... while (1) {
61 62 if ($ibug['state'] == 1) { // reopen if ($ibug['state'] == 1) { // reopen
62 63 $x['needed_rights'] = 'r'; $x['needed_rights'] = 'r';
63 64 if (rg_rights_allow($db, $x) !== TRUE) { if (rg_rights_allow($db, $x) !== TRUE) {
64 rg_template("repo/bug/deny_reopen.html", $rg);
65 rg_template("repo/bug/deny_reopen.html", $rg, TRUE /* xss */);
65 66 break; break;
66 67 } }
67 68 } else { // close } else { // close
68 69 $x['needed_rights'] = 'C'; $x['needed_rights'] = 'C';
69 70 if (rg_rights_allow($db, $x) !== TRUE) { if (rg_rights_allow($db, $x) !== TRUE) {
70 rg_template("repo/bug/deny_close.html", $rg);
71 rg_template("repo/bug/deny_close.html", $rg, TRUE /* xss */);
71 72 break; break;
72 73 } }
73 74 } }
 
... ... if ($ibug['state'] == 1)
95 96 $t = "repo/bug/b_close.html"; $t = "repo/bug/b_close.html";
96 97 else else
97 98 $t = "repo/bug/b_reopen.html"; $t = "repo/bug/b_reopen.html";
98 $rg['HTML:close_form'] = rg_template($t, $rg);
99 $rg['HTML:close_form'] = rg_template($t, $rg, TRUE /* xss */);
99 100 $rg['HTML:button_error'] = rg_warning($close_reopen_error, $rg); $rg['HTML:button_error'] = rg_warning($close_reopen_error, $rg);
100 101
101 102 // 'add_note' must be unconditionally included because we must insert the form // 'add_note' must be unconditionally included because we must insert the form
 
... ... if ($watch === FALSE) {
142 143 $t = "repo/bug/b_watch.html"; $t = "repo/bug/b_watch.html";
143 144 else else
144 145 $t = "repo/bug/b_unwatch.html"; $t = "repo/bug/b_unwatch.html";
145 $r = rg_template($t, $rg);
146 $r = rg_template($t, $rg, TRUE /* xss */);
146 147 if ($r !== FALSE) if ($r !== FALSE)
147 148 $watch_body .= $r; $watch_body .= $r;
148 149 } }
 
... ... while (1) {
157 158
158 159 $x['needed_rights'] = 'd'; $x['needed_rights'] = 'd';
159 160 if (rg_rights_allow($db, $x) !== TRUE) { if (rg_rights_allow($db, $x) !== TRUE) {
160 $delete_error = rg_template("repo/bug/deny_delete.html", $rg);
161 $delete_error = rg_template("repo/bug/deny_delete.html", $rg, TRUE /* xss */);
161 162 break; break;
162 163 } }
163 164
 
... ... if ($ibug === FALSE)
188 189 rg_fatal("Cannot lookup bug!"); rg_fatal("Cannot lookup bug!");
189 190 $rg = rg_array_merge($rg, "bug", $ibug); $rg = rg_array_merge($rg, "bug", $ibug);
190 191
191 $rg['rg_form_token'] = rg_token_get($db, $rg);
192 $_bug_show .= rg_template("repo/bug/show.html", $rg);
192 $_bug_show .= rg_template("repo/bug/show.html", $rg, TRUE /* xss */);
193 193 ?> ?>
File inc/user/settings.php changed (mode: 100644) (index 0543651..a376fe8)
... ... case 'keys':
31 31 } }
32 32
33 33 $rg['menu']['sub1'][$_subop] = 1; $rg['menu']['sub1'][$_subop] = 1;
34 $rg['HTML:submenu1'] = rg_template("user/settings/menu.html", $rg);
34 $rg['HTML:submenu1'] = rg_template("user/settings/menu.html", $rg, TRUE /* xss */);
35 35
36 36 ?> ?>
File inc/util.inc.php changed (mode: 100644) (index 2ca3c11..7df267a)
... ... function rg_rmdir($dir)
377 377 } }
378 378
379 379 /* /*
380 * Provides a link to an image, taking in consideration the theme
381 * Used by rg_prepare_image.
380 * Lookup a path in the current theme with fallback to default
381 * Returns the correct path
382 382 */ */
383 function rg_image_callback($matches)
383 function rg_theme_resolve_path($path)
384 384 { {
385 global $rg_theme_dir;
386 global $rg_theme;
385 global $rg_theme, $rg_theme_dir;
387 386
388 $n = $matches[1];
389 $url = "/themes/" . $rg_theme . "/" . $n;
390 $xfile = $rg_theme_dir . "/" . $rg_theme . "/" . $n;
391 if (!is_file($xfile))
392 $url = "/themes/default/" . $n;
393
394 return $url;
395 }
387 $url = "/themes/" . $rg_theme . "/" . $path;
388 $xfile = $rg_theme_dir . "/" . $rg_theme . "/" . $path;
389 if (!is_file($xfile))
390 $url = "/themes/default/" . $path;
396 391
397 /*
398 * Prepares the images to point to a correct image.
399 */
400 function rg_prepare_image($s)
401 {
402 return preg_replace_callback('/@@IMG:(.*)@@/uU', "rg_image_callback", $s);
392 return $url;
403 393 } }
404 394
405 395 /* /*
406 * Resolve variables like '@@func:func_name:paras@@'
396 * Loads a file if exists, else return ""
407 397 */ */
408 function rg_prepare_func($s, &$what, &$values)
398 function rg_file_get_contents($f)
409 399 { {
410 global $rg_template_functions;
411
412 $seen = array();
413
414 $r = preg_match_all('/@@func:(.*):(.*)@@/uU', $s, $matches, PREG_SET_ORDER);
415 foreach ($matches as $i) {
416 $k = '/' . $i[0] . '/';
417 $func = $i[1];
418 $var = $i[2];
419
420 /* Function already called? */
421 if (isset($seen[$k]))
422 continue;
423
424 if (!isset($rg_template_functions[$func]))
425 continue;
426
427 $v = preg_replace($what, $values, "@@" . $var . "@@");
428 $final = $rg_template_functions[$func]($v);
400 global $php_errormsg;
429 401
430 $what[] = $k;
431 $values[] = $final;
402 if (!file_exists($f))
403 return "";
432 404
433 $seen[$k] = 1;
405 $c = @file_get_contents($f);
406 if ($c === FALSE) {
407 rg_internal_error("Could not load file [$f] ($php_errormsg).");
408 return "";
434 409 } }
410
411 return $c;
435 412 } }
436 413
437 414 /* /*
438 * Helper for rg_prepare_replace
415 * Merges an array (a) into another (src), using a namespace
416 * Protects modifiers (HTML: etc.).
439 417 */ */
440 function rg_prepare_replace_helper($a, $prefix, &$what, &$values)
418 function rg_array_merge($src, $namespace, $a)
441 419 { {
442 foreach ($a as $k => $v) {
443 if (empty($prefix))
444 $add = "";
445 else
446 $add = "::";
447
448 $new_prefix = $prefix . $add . $k;
449
450 if (is_array($v)) {
451 rg_prepare_replace_helper($v, $new_prefix,
452 $what, $values);
453 continue;
454 }
420 $ret = $src;
455 421
456 if (strncmp($k, "HTML:", 5) == 0) {
457 $k = substr($k, 5);
458 $new_prefix = $prefix . $add . $k;
459 } else {
460 $v = rg_xss_safe($v);
461 }
422 if (!empty($namespace))
423 if (!isset($ret[$namespace]))
424 $ret[$namespace] = array();
462 425
463 $what[$new_prefix] = "/@@" . preg_quote($new_prefix, '/') . "@@/uU";
464 $values[$new_prefix] = $v;
426 foreach ($a as $k => $v) {
427 if (empty($namespace))
428 $ret[$k] = $v;
429 else
430 $ret[$namespace][$k] = $v;
465 431 } }
432
433 return $ret;
466 434 } }
467 435
468 function rg_prepare_replace(&$data, &$what, &$values)
436 /*
437 * Performs a lookup of a var of type 'a::b::c' into an array and
438 * returns FALSE or the value
439 */
440 function rg_template_tree_lookup($var, &$data, $xss_protection)
469 441 { {
470 if (!empty($data)) {
471 if (!is_array($data))
472 rg_internal_error("prepare_replace: invalid type passed");
442 $tree = &$data;
443 $t = explode('::', $var);
444 $v = array_pop($t);
445 foreach ($t as $token) {
446 if (!isset($tree[$token]))
447 return FALSE;
473 448
474 rg_prepare_replace_helper($data, "", $what, $values);
449 $tree = &$tree[$token];
475 450 } }
476 451
477 // we replace @@unknown@@ with empty
478 //$what['FINAL'] = "/@@.*@@/U";
479 //$values['FINAL'] = "";
480
481 //rg_log_ml("DEBUG: what: " . print_r($what, TRUE));
482 //rg_log_ml("DEBUG: values: " . print_r($values, TRUE));
483 }
452 // We prefer the HTML version
453 $hv = 'HTML:' . $v;
454 if (isset($tree[$hv]))
455 return $tree[$hv];
484 456
485 /*
486 * Lookup a var into data array, if needed.
487 * It is used for conditionals.
488 */
489 function rg_replace_lookup(&$data, $var)
490 {
491 rg_prepare_replace($data, $what, $values);
492 if (empty($what))
493 return $var;
457 if (isset($tree[$v])) {
458 if ($xss_protection)
459 return rg_xss_safe($tree[$v]);
460 else
461 return $tree[$v];
462 }
494 463
495 return preg_replace($what, $values, $var);
464 return FALSE;
496 465 } }
497 466
498 467 /* /*
499 * Helper for rg_replace_conditionals.
500 * It works at line level.
501 * @master_block (TRUE / FALSE) is the condition for parent block.
468 * Evaluates a condition
502 469 */ */
503 function rg_replace_conditionals_block($block, &$data, &$stack)
470 function rg_template_eval_cond($cond, &$data)
504 471 { {
505 //rg_log("DEBUG: rg_replace_conditionals_block: block=[$block]"
506 // . " stack=" . rg_array2string($stack));
507
508 if (!is_string($block)) {
509 rg_internal_error("Block is not a string!");
510 return FALSE;
511 }
512
513 // Nesting error
514 if (empty($stack)) {
515 rg_internal_error("Nesting error!");
516 return FALSE;
472 $t = explode('!=', $cond);
473 if (count($t) == 2) {
474 $negate = TRUE;
475 } else {
476 $t = explode('==', $cond);
477 if (count($t) != 2) {
478 rg_log("invalid condition [$cond]!");
479 return FALSE;
480 }
481 $negate = FALSE;
517 482 } }
518 483
519 $cond = array_pop($stack);
520 $stack[] = $cond;
521 //rg_log("cond is " . ($cond ? "TRUE" : "FALSE"));
522
523 // First, try to match a start of 'if'
524 $match1 = "@@if\s*\((.*?)\)\s*?{{";
525 $match2 = "{{";
526 $match3 = "}}";
527 $search = $match1 . '|' . $match2 . '|' . $match3;
528 $r = preg_match('/^(.*?)(' . $search . ')(.*)/su',
529 $block, $matches);
530 if ($r === FALSE)
531 return FALSE;
532 if ($r === 1) {
533 //rg_log("DEBUG: matches: " . rg_array2string($matches));
534
535 $ret = "";
536 if ($cond === TRUE)
537 $ret = $matches[1];
538
539 $rest = $matches[4];
540 if (strcmp($matches[2], "}}") == 0) {
541 // We pop from stack only at }} and not at {{
542 //rg_log("}}: Pop the stack!");
543 array_pop($stack);
544 } else if (strcmp($matches[2], "{{") == 0) {
545 //rg_log("{{");
546 } else {
547 //rg_log("DEBUG: cond=" . $matches[3]);
548 if (empty($matches[3])) {
549 $new_cond = FALSE;
550 } else {
551 $r = preg_match('/^\s*(.*?)\s*(==|!=)\s*(.*?)\s*$/Dsu',
552 $matches[3], $matches2);
553 if ($r === FALSE) {
554 rg_internal_error("Invalid condition!");
555 return FALSE;
556 }
557 if (count($matches2) < 3) {
558 rg_log("matches[3]: " . $matches[3]);
559 rg_log("matches2: " . rg_array2string($matches2));
560 rg_internal_error("Cannot match condition.");
561 return FALSE;
562 }
563 $left = rg_replace_lookup($data, trim($matches2[1]));
564 $op = trim($matches2[2]);
565 $right = rg_replace_lookup($data, trim($matches2[3]));
566 //rg_log("DEBUG: if left=[$left] op=[$op] right=[$right]");
567 if (empty($op)) {
568 $new_cond = empty($left) ? FALSE : TRUE;
569 } else if (strcmp($op, "==") == 0) {
570 $new_cond = strcmp($left, $right) == 0 ? TRUE : FALSE;
571 } else if (strcmp($op, "!=") == 0) {
572 $new_cond = strcmp($left, $right) == 0 ? FALSE : TRUE;
573 } else {
574 rg_internal_error("Invalid operation!");
575 return FALSE;
576 }
577 }
578 $not_new_cond = $new_cond ? FALSE : TRUE;
484 $left = trim($t[0]);
485 $left = rg_template_string($left, 0, $data, FALSE);
579 486
580 // We have to respect the outer block condition
581 // We have to push in reverse order. Remeber, first in, last out
582 $stack[] = $not_new_cond && $cond;
583 $stack[] = $new_cond && $cond;
584 }
487 $right = trim($t[1]);
488 $right = rg_template_string($right, 0, $data, FALSE);
585 489
586 $tmp = rg_replace_conditionals_block($rest, $data, $stack);
587 if ($tmp === FALSE)
490 $ret = strcmp($left, $right);
491 if ($ret === 0) {
492 if ($negate === TRUE)
493 return FALSE;
494 } else {
495 if (!$negate)
588 496 return FALSE; return FALSE;
589
590 //rg_log("DEBUG: returning [" . $ret . $tmp . "]");
591 return $ret . $tmp;
592 497 } }
593 498
594 if ($cond === FALSE)
595 $block = "";
596
597 //rg_log("DEBUG: returning [$block]");
598 return $block;
499 return TRUE;
599 500 } }
600 501
601 502 /* /*
602 * Replace conditionals
603 * @@if(X == Y){{A}}{{B}} - if X == Y it will return A, else B.
604 * Do note that there is no ending @@.
605 * Because of complexity, I choosed to have a restriction: the 'if' is on
606 * a single line or '@@if(...){{', '}}{{' and '}}' are on separate lines.
607 * TODO: Also, we must have both branches (both true and false), for now.
608 * We support nested ifs.
503 * Finds matching }} for an {{
504 * We assume @off points to the byte after '{{'
505 * Returns the offset of the byte before '}}'
609 506 */ */
610 function rg_replace_conditionals($block, &$data)
507 function rg_template_find_closing(&$s, $off)
611 508 { {
612 rg_prof_start("replace_conditionals");
613 $ret = array();
614
509 $nesting_level = 0;
615 510 while (1) { while (1) {
616 $stack = array();
617 $stack[] = TRUE;
618 $ret = rg_replace_conditionals_block($block, $data, $stack);
619 if ($ret === FALSE)
620 break;
511 $end = strpos($s, '}}', $off);
512 if ($end === FALSE)
513 return -1;
621 514
622 if (empty($stack) || ($stack[0] !== TRUE)) {
623 rg_internal_error("Template nesting error!");
624 $ret = FALSE;
625 break;
626 }
515 $start = strpos($s, '{{', $off);
516 if (($start === FALSE) || ($start >= $end)) {
517 if ($nesting_level == 0)
518 return $end - 1;
627 519
628 break;
520 $nesting_level--;
521 $off = $end + 2;
522 } else {
523 $nesting_level++;
524 $off = $start + 2;
525 }
629 526 } }
630
631 rg_prof_end("replace_conditionals");
632 return $ret;
633 527 } }
634 528
635 529 /* /*
636 * Loads a file if exists, else return ""
530 * "Decodes" an 'if', returning 'true_start/end' and false_start/end'
531 * s + off must point after ')'
532 * Returns -1 on error, 0 on success
637 533 */ */
638 function rg_file_get_contents($f)
534 function rg_template_find_true_and_false(&$s, $off, &$true_start, &$true_end,
535 &$false_start, &$false_end)
639 536 { {
640 global $php_errormsg;
537 //rg_log_enter("DEBUG: template_find_true_and_false s+off=[" . substr($s, $off) . "]");
641 538
642 if (!file_exists($f))
643 return "";
539 $true_start = strpos($s, '{{', $off);
540 if ($true_start === FALSE) {
541 //rg_log("DEBUG: no '{{'!");
542 //rg_log_exit();
543 return -1;
544 }
545 $true_start += 2;
644 546
645 $c = @file_get_contents($f);
646 if ($c === FALSE) {
647 rg_internal_error("Could not load file [$f] ($php_errormsg).");
648 return "";
547 if (strncmp(substr($s, $true_start, 1), "\n", 1) == 0) {
548 //rg_log("DEBUG: true starts with CR, remove it");
549 $true_start++;
649 550 } }
650 551
651 return $c;
552 $true_end = rg_template_find_closing($s, $true_start);
553 if ($true_end == -1) {
554 //rg_log("DEBUG: no true_end!");
555 //rg_log_exit();
556 return -1;
557 }
558 //rg_log("DEBUG: true_start=$true_start true_end=$true_end [" . substr($s, $true_end, 3) . "...]"
559 // . " true=[" . substr($s, $true_start, $true_end - $true_start + 1) . "]");
560
561 // We try to detect if we have an else
562 $false_start = -1; $false_end = -1;
563 $x = strpos($s, '{{', $true_end);
564 if ($x !== FALSE) {
565 $gap = substr($s, $true_end + 3, $x - $true_end - 3);
566 $gap = trim($gap);
567 //rg_log("DEBUG: gap = [$gap]");
568 if (empty($gap)) {
569 $false_start = $x + 2;
570 if (strncmp(substr($s, $false_start, 1), "\n", 1) == 0) {
571 //rg_log("DEBUG: false starts with CR, remove it");
572 $false_start++;
573 }
574 $false_end = rg_template_find_closing($s, $x + 2);
575 //rg_log("DEBUG: false=[" . substr($s, $false_start, $false_end - $false_start + 1) . "]");
576 } else {
577 //rg_log("DEBUG: gap prevents parsing stuff as false, we have only true part");
578 }
579 } else {
580 //rg_log("DEBUG: cannot find '{{'");
581 }
582
583 rg_log_exit();
584 return 0;
652 585 } }
653 586
654 587 /* /*
655 * Merges an array (a) into another (src), using a namespace
656 * Protects modifiers (HTML: etc.).
588 * Helper for rg_tempalte_string to deal with 'if's
589 * Returns how many bytes used from string @s in @next
657 590 */ */
658 function rg_array_merge($src, $namespace, $a)
591 function rg_template_string_if(&$s, $off, &$data, &$next, $xss_protection)
659 592 { {
660 $ret = $src;
593 rg_prof_start("template_string_if");
594 //rg_log_enter("DEBUG: template_string_if s+off=[" . substr($s, $off) . "]");
595
596 $ret = '';
597 $next = $off;
598
599 $off += 5; /* skip '@@if(' */
600 $pos = strpos($s, ')', $off);
601 if ($pos === FALSE) {
602 rg_log("no closing ')' in [" . substr($s, $off) . "]!");
603 rg_log_exit();
604 rg_prof_end("template_string_if");
605 return '';
606 }
661 607
662 if (empty($a))
663 return $ret;
608 $cond = substr($s, $off, $pos - $off); $off = $pos + 1;
609 $eval_cond = rg_template_eval_cond($cond, $data);
610 //rg_log("DEBUG: cond=[$cond] eval_cond=" . ($eval_cond ? "true" : "false"));
664 611
665 if (!empty($namespace))
666 $namespace .= "::";
612 // TODO: Between ')' and '{{' must be only space, else ignore anything??
667 613
668 foreach ($a as $k => $v) {
669 $t = explode(":", $k, 2);
670 if (count($t) == 1)
671 $ret[$namespace . $k] = $v;
672 else
673 $ret[$t[0] . ":" . $namespace . $t[1]] = $v;
614 $r = rg_template_find_true_and_false($s, $off, $true_start, $true_end,
615 $false_start, $false_end);
616 if ($r == -1) {
617 rg_log("no if skeleton found [" . substr($s, $off) . "]!");
618 //rg_log_exit();
619 rg_prof_end("template_string_if");
620 return -1;
621 }
622
623 $x = '';
624 if ($eval_cond === TRUE) {
625 $x = substr($s, $true_start, $true_end - $true_start + 1);
626 } else {
627 if ($false_start != -1)
628 $x = substr($s, $false_start, $false_end - $false_start + 1);
674 629 } }
630 //rg_log("DEBUG: x=[$x]");
675 631
632 $ret .= rg_template_string($x, 0, $data, $xss_protection);
633
634 if ($false_start != -1)
635 $next = $false_end + 3;
636 else
637 $next = $true_end + 3;
638
639 if (strncmp(substr($s, $next, 1), "\n", 1) == 0)
640 $next++;
641
642 //rg_log("DEBUG: next: [" . substr($s, $next) . "]");
643 //rg_log_exit();
644 rg_prof_end("template_string_if");
676 645 return $ret; return $ret;
677 646 } }
678 647
679 648 /* /*
680 * Builds a html output based on a template with header, footer and line
681 * @data - in array of data for every out line: index 0 is line 1, index 1 is line 2...
649 * Replace all known variables in string @s
650 * Example @data: a->a2->a3, b->b2; @s='@@a::a2@@ @@b@@' => 'a3 b2'
651 * @xss_protection - TRUE if you want to apply rg_xss_safe on the value of vars
682 652 */ */
683 function rg_template_table($dir, &$data, $more)
653 function rg_template_string(&$s, $off, &$data, $xss_protection)
684 654 { {
685 global $rg_theme_dir;
686 global $rg_theme;
687
688 rg_log("rg_template_table: $dir");
689
690 $xdir = $rg_theme_dir . "/" . $rg_theme . "/" . $dir;
691 if (!is_dir($xdir)) {
692 rg_log("$xdir not found.");
693 $xdir = $rg_theme_dir . "/default/" . $dir;
694 rg_log("Using [$xdir]");
695 }
696
697 $m_what = array(); $m_values = array();
698 rg_prepare_replace($more, $m_what, $m_values);
699
700 if (!is_array($data) || empty($data)) {
701 $no_data = rg_file_get_contents($xdir . "/nodata.html");
702 $r = rg_replace_conditionals($no_data, $more);
703 return preg_replace($m_what, $m_values, $r);
704 }
705
706 $head = rg_file_get_contents($xdir . "/header.html");
707 $line = rg_file_get_contents($xdir . "/line.html");
708 $foot = rg_file_get_contents($xdir . "/footer.html");
709 $between = rg_file_get_contents($xdir . "/between.html");
655 global $rg_template_functions;
710 656
711 $head = rg_replace_conditionals($head, $more);
712 $foot = rg_replace_conditionals($foot, $more);
713 $between = rg_replace_conditionals($between, $more);
657 rg_prof_start("rg_template_string");
658 //rg_log_enter("DEBUG: template_string: s+off=[" . substr($s, $off) . "]");
714 659
715 $head = preg_replace($m_what, $m_values, $head);
716 $foot = preg_replace($m_what, $m_values, $foot);
717 $between = preg_replace($m_what, $m_values, $between);
660 $ret = '';
661 while (strlen(substr($s, $off, 1)) == 1) {
662 //rg_log("DEBUG: template_string: s+off=[" . substr($s, $off) . "]");
663 $pos = strpos($s, '@@', $off);
664 if ($pos === FALSE) {
665 $ret .= substr($s, $off);
666 break;
667 }
668 $var_start = $pos + 2;
669
670 // copy everything before '@@'
671 $ret .= substr($s, $off, $pos - $off);
672 //rg_log("DEBUG: after copy all before @@, ret=[$ret]");
673 $off = $pos;
674
675 $s2 = substr($s, $off, 5);
676 if (strcmp($s2, '@@if(') == 0) {
677 $ret .= rg_template_string_if($s, $off, $data, $next,
678 $xss_protection);
679 $off = $next;
680 continue;
681 }
718 682
719 $body = "";
720 $first = 1;
721 foreach ($data as $index => $info) {
722 $what = $m_what; $values = $m_values;
683 $off += 2; /* skip start '@@' */
684 $pos2 = strpos($s, '@@', $off);
685 if ($pos2 === FALSE) {
686 // We have only start '@@'
687 $ret .= substr($s, $off);
688 break;
689 }
690 $var_end = $pos2 - 1;
691 $off = $pos2 + 2;
692
693 $var = substr($s, $var_start, $var_end - $var_start + 1);
694 //rg_log("DEBUG: var=[$var]");
695
696 $value = rg_template_tree_lookup($var, $data, $xss_protection);
697 if ($value === FALSE) {
698 $value = '@@' . $var . '@@';
699 if (strncmp($var, 'IMG:', 4) == 0) {
700 $path = substr($var, 4);
701 $path = rg_template_string($path, 0, $data, $xss_protection);
702 //rg_log("DEBUG: found an img tag path=[$path]!");
703 $value = rg_theme_resolve_path($path);
704 } else if (strncmp($var, 'FUNC:', 5) == 0) {
705 $rest = substr($var, 5);
706 //rg_log("DEBUG: found a function call rest=[$rest]!");
707 $fpos = strpos($rest, ':');
708 if ($fpos === FALSE) {
709 // no params
710 $_param = '';
711 } else {
712 $_param = '@@' . substr($rest, $fpos + 1) . '@@';
713 }
723 714
724 rg_prepare_replace($info, $what, $values);
725 rg_prepare_func($line, $what, $values);
715 $func = substr($rest, 0, $fpos);
716 //rg_log("DEBUG: func=$func _param=$_param");
726 717
727 $line = rg_prepare_image($line);
718 // out var may be with '@@'
719 $param = rg_template_string($_param, 0, $data, $xss_protection);
728 720
729 if ($first == 1) {
730 $first = 0;
731 } else {
732 $body .= $between;
721 if (isset($rg_template_functions[$func]))
722 $value = $rg_template_functions[$func]($param);
723 } else {
724 rg_log("DEBUG: VAR [$var] NOT FOUND!");
725 }
733 726 } }
734
735 $more2 = array_merge($more, $info);
736 $r = rg_replace_conditionals($line, $more2);
737 $body .= preg_replace($what, $values, $r);
727 //rg_log("DEBUG: value=[$value]");
728 $ret .= $value;
738 729 } }
739 730
740 return $head . $body . $foot;
731 //rg_log("DEBUG: ret=[$ret]");
732 //rg_log_exit();
733 rg_prof_end("rg_template_string");
734 return $ret;
741 735 } }
742 736
743 737 /* /*
744 * Loads a template.
745 * TODO: why we pass variable by reference?!
738 * Loads a template from disk and replase all known variables
739 * @xss_protection - TRUE if you want to apply rg_xss_safe on the value of vars
746 740 */ */
747 function rg_template($file, &$data)
741 function rg_template($file, &$data, $xss_protection)
748 742 { {
749 743 global $rg_theme_dir; global $rg_theme_dir;
750 744 global $rg_theme; global $rg_theme;
 
... ... function rg_template($file, &$data)
752 746 rg_prof_start("rg_template"); rg_prof_start("rg_template");
753 747 rg_log_enter("rg_template: $file"); rg_log_enter("rg_template: $file");
754 748
755 $ret = "";
749 $ret = '';
756 750 while (1) { while (1) {
757 751 $xfile = $rg_theme_dir . "/" . $rg_theme . "/" . $file; $xfile = $rg_theme_dir . "/" . $rg_theme . "/" . $file;
758 752 if (!is_file($xfile)) { if (!is_file($xfile)) {
 
... ... function rg_template($file, &$data)
771 765 break; break;
772 766 } }
773 767
774 $what = array();
775 $values = array();
768 $ret = rg_template_string($body, 0, $data, $xss_protection);
769 break;
770 }
771
772 //rg_log("DEBUG: rg_template returns [$ret]");
773 rg_log_exit();
774 rg_prof_end("rg_template");
775 return $ret;
776 }
777
778 /*
779 * Builds a html output based on a template with header, footer and line
780 * @data - in array of data for every out line: index 0 is line 1, index 1 is line 2...
781 */
782 function rg_template_table($dir, &$data, $more)
783 {
784 global $rg_theme_dir;
785 global $rg_theme;
776 786
777 rg_prepare_replace($data, $what, $values);
778 rg_prepare_func($body, $what, $values);
787 rg_log("rg_template_table: $dir");
779 788
780 $body = rg_prepare_image($body);
789 $xdir = $rg_theme_dir . "/" . $rg_theme . "/" . $dir;
790 if (!is_dir($xdir)) {
791 rg_log("$xdir not found.");
792 $xdir = $rg_theme_dir . "/default/" . $dir;
793 rg_log("Using [$xdir]");
794 }
781 795
782 $r = rg_replace_conditionals($body, $data);
783 // TODO: check error code!
796 if (!is_array($data) || empty($data))
797 return rg_template($xdir . "/nodata.html", $more, TRUE /* xss */);
784 798
785 $ret = preg_replace($what, $values, $r);
786 // TODO: check error code!
799 $head = rg_template($xdir . "/header.html", $more, TRUE /* xss */);
800 $foot = rg_template($xdir . "/footer.html", $more, TRUE /* xss */);
801 $between = rg_template($xdir . "/between.html", $more, TRUE /* xss */);
787 802
788 break;
803 $line = rg_file_get_contents($xdir . "/line.html");
804
805 $body = '';
806 $first = 1;
807 foreach ($data as $index => $info) {
808 if ($first == 1)
809 $first = 0;
810 else
811 $body .= $between;
812
813 $more2 = array_merge($more, $info);
814 $body .= rg_template_string($line, 0, $more2, TRUE /* xss */);
789 815 } }
790 816
791 rg_log_exit();
792 rg_prof_end("rg_template");
793 return $ret;
817 return $head . $body . $foot;
794 818 } }
795 819
796 820 /* /*
 
... ... function rg_warning($msg)
839 863 rg_log("Warning: $msg"); rg_log("Warning: $msg");
840 864
841 865 $x = array("msg" => $msg); $x = array("msg" => $msg);
842 return rg_template("warning.html", $x);
866 return rg_template("warning.html", $x, TRUE /* xss */);
843 867 } }
844 868
845 869 /* /*
 
... ... function rg_ok($msg)
852 876 return ""; return "";
853 877
854 878 $x = array("msg" => $msg); $x = array("msg" => $msg);
855 return rg_template("ok.html", $x);
879 return rg_template("ok.html", $x, TRUE /* xss */);
856 880 } }
857 881
858 882 /* /*
 
... ... function rg_copy_tree($src, $dst, $mask)
1080 1104 { {
1081 1105 global $php_errormsg; global $php_errormsg;
1082 1106
1083 rg_log("rg_copy_tree($src, $dst, $mask)");
1107 rg_prof_start("copy_tree");
1108 rg_log_enter("rg_copy_tree($src, $dst, $mask)");
1084 1109
1085 if (!is_dir($dst)) {
1086 $r = @mkdir($dst, $mask);
1087 if ($r !== TRUE) {
1088 rg_log("ERROR: Cannot mkdir [$dst] ($php_errormsg).");
1089 return FALSE;
1110 $ret = FALSE;
1111 while (1) {
1112 if (!is_dir($dst)) {
1113 $r = @mkdir($dst, $mask);
1114 if ($r !== TRUE) {
1115 rg_log("ERROR: Cannot mkdir [$dst] ($php_errormsg).");
1116 break;
1117 }
1090 1118 } }
1091 }
1092 1119
1093 $d = rg_dir_load($src);
1094 foreach ($d as $obj) {
1095 if (is_dir($src . "/" . $obj)) {
1096 if (!is_dir($dst . "/" . $obj)) {
1097 $r = @mkdir($dst . "/" . $obj, $mask);
1098 if ($r !== TRUE) {
1099 rg_log("ERROR: Cannot mkdir [$dst/$obj]"
1100 . " ($php_errormsg).");
1101 return FALSE;
1120 $d = rg_dir_load($src);
1121 $err = FALSE;
1122 foreach ($d as $obj) {
1123 if (is_dir($src . "/" . $obj)) {
1124 if (!is_dir($dst . "/" . $obj)) {
1125 $r = @mkdir($dst . "/" . $obj, $mask);
1126 if ($r !== TRUE) {
1127 rg_log("ERROR: Cannot mkdir [$dst/$obj]"
1128 . " ($php_errormsg).");
1129 $err = TRUE;
1130 break;
1131 }
1102 1132 } }
1103 }
1104 1133
1105 $r = rg_copy_tree($src . "/" . $obj, $dst . "/" . $obj, $mask);
1106 if ($r !== TRUE)
1107 return FALSE;
1108 } else {
1109 $r = @copy($src . "/" . $obj, $dst . "/" . $obj);
1110 if ($r !== TRUE) {
1111 rg_log("ERROR: Cannot copy file ($php_errormsg).");
1112 return FALSE;
1134 $r = rg_copy_tree($src . "/" . $obj, $dst . "/" . $obj, $mask);
1135 if ($r !== TRUE) {
1136 $err = TRUE;
1137 break;
1138 }
1139 } else {
1140 $r = @copy($src . "/" . $obj, $dst . "/" . $obj);
1141 if ($r !== TRUE) {
1142 rg_log("ERROR: Cannot copy file ($php_errormsg).");
1143 $err = TRUE;
1144 break;
1145 }
1113 1146 } }
1114 1147 } }
1148
1149 if (!$err)
1150 $ret = TRUE;
1151 break;
1115 1152 } }
1116 1153
1117 return TRUE;
1154 rg_log_exit();
1155 rg_prof_end("copy_tree");
1156 return $ret;
1118 1157 } }
1119 1158
1120 1159 /* /*
 
... ... function rg_mail_template($template, $more)
1201 1240 rg_log("mail_template: $template, more=" . rg_array2string($more)); rg_log("mail_template: $template, more=" . rg_array2string($more));
1202 1241
1203 1242 // Account was not confirmed, so do not send mail // Account was not confirmed, so do not send mail
1204 if (empty($more['ui::email']))
1243 if (empty($more['ui']['email']))
1205 1244 return TRUE; return TRUE;
1206 1245
1207 1246 $more['HTML:rg_admin_email'] = $rg_admin_email; $more['HTML:rg_admin_email'] = $rg_admin_email;
1208 1247 $more['HTML:utf8_rg_admin_name'] = "=?UTF-8?B?" $more['HTML:utf8_rg_admin_name'] = "=?UTF-8?B?"
1209 1248 . base64_encode($rg_admin_name) . "?="; . base64_encode($rg_admin_name) . "?=";
1210 1249
1211 $subject = rg_template($template . ".subj.txt", $more);
1250 $subject = rg_template($template . ".subj.txt", $more, FALSE /* xss */);
1212 1251 $subject = "=?UTF-8?B?" . base64_encode(trim($subject)) . "?="; $subject = "=?UTF-8?B?" . base64_encode(trim($subject)) . "?=";
1213 $header = rg_template("mail/common.head.txt", $more);
1214 $header .= rg_template($template . ".head.txt", $more);
1252 $header = rg_template("mail/common.head.txt", $more, FALSE /* xss */);
1253 $header .= rg_template($template . ".head.txt", $more, FALSE /* xss */);
1215 1254 $header = trim($header); $header = trim($header);
1216 $body = rg_template($template . ".body.txt", $more);
1255 $body = rg_template($template . ".body.txt", $more, FALSE /* xss */);
1217 1256
1218 rg_log("CHECK: mail_template(" . $more['ui::email'] . ",
1257 rg_log("CHECK: mail_template(" . $more['ui']['email'] . ",
1219 1258 $subject, $body, $header, -f $rg_admin_email"); $subject, $body, $header, -f $rg_admin_email");
1220 $ret = mail($more['ui::email'], $subject, $body, $header,
1259 $ret = mail($more['ui']['email'], $subject, $body, $header,
1221 1260 "-f $rg_admin_email"); "-f $rg_admin_email");
1222 1261 if ($ret === FALSE) if ($ret === FALSE)
1223 rg_log("Sending mail failed to=" . $more['ui::email'] . " subject=$subject!");
1262 rg_log("Sending mail failed to=" . $more['ui']['email']
1263 . " subject=$subject!");
1224 1264
1225 1265 rg_prof_end("mail_template"); rg_prof_end("mail_template");
1226 1266 return $ret; return $ret;
File root/index.php changed (mode: 100644) (index 90dadfc..65596f0)
... ... error_reporting(E_ALL);
3 3 ini_set("track_errors", "On"); ini_set("track_errors", "On");
4 4 set_time_limit(30); set_time_limit(30);
5 5
6 $peak0 = memory_get_peak_usage();
7
6 8 $rg = array(); $rg = array();
7 9
8 10 require_once("/etc/rocketgit/config.php"); require_once("/etc/rocketgit/config.php");
 
... ... $rg['first_install_text'] = "?";
132 134 $r = rg_state_get($db, "first_install"); $r = rg_state_get($db, "first_install");
133 135 if ($r === FALSE) { if ($r === FALSE) {
134 136 // Probably we cannot connect to database/cache // Probably we cannot connect to database/cache
135 $body .= rg_template('admin/db_error.html');
137 $body .= rg_template('admin/db_error.html', TRUE /* xss */);
136 138 } else if ($r === '') { } else if ($r === '') {
137 139 $body .= rg_init($db, $rg); $body .= rg_init($db, $rg);
138 140 } else { } else {
 
... ... if ($rg['login_ui']['uid'] > 0) {
153 155
154 156
155 157 $rg['HTML:rg_body'] = $body; $rg['HTML:rg_body'] = $body;
156 echo rg_template("index.html", $rg);
158 // DEBUG: aici deja e busit content-ul! Merg inapoi pe fir.
159 echo rg_template("index.html", $rg, TRUE /* xss */);
157 160
158 161 rg_prof_end("MAIN"); rg_prof_end("MAIN");
159 162 rg_prof_log(); rg_prof_log();
File root/themes/default/admin/plans/list/header.html changed (mode: 100644) (index 4ec2fcf..0418109)
6 6 <input type="hidden" name="delete" value="1" /> <input type="hidden" name="delete" value="1" />
7 7 <input type="hidden" name="token" value="@@rg_form_token@@" /> <input type="hidden" name="token" value="@@rg_form_token@@" />
8 8
9 <table>
9 <table summary="plans">
10 10 <tr> <tr>
11 11 <th>Select</th> <th>Select</th>
12 12 <th>Position</th> <th>Position</th>
File root/themes/default/download-vm.html changed (mode: 100644) (index 998369f..834f9b9)
16 16 </div> </div>
17 17 </div> </div>
18 18
19 <a id="qemu"></a>
19 <a name="qemu"></a>
20 20 <div class="island_row"> <div class="island_row">
21 21 <div class="island_cell"> <div class="island_cell">
22 22 <div class="island"> <div class="island">
 
118 118 </div> </div>
119 119 </div> </div>
120 120
121 <a id="vmware_esxi"></a>
121 <a name="vmware_esxi"></a>
122 122 <div class="island_row"> <div class="island_row">
123 123 <div class="island_cell"> <div class="island_cell">
124 124 <div class="island"> <div class="island">
 
163 163 </div> </div>
164 164 </div> </div>
165 165
166 <a id="vmware_player"></a>
166 <a name="vmware_player"></a>
167 167 <div class="island_row"> <div class="island_row">
168 168 <div class="island_cell"> <div class="island_cell">
169 169 <div class="island"> <div class="island">
 
217 217 </div> </div>
218 218 </div> </div>
219 219
220 <a id="virtualbox"></a>
220 <a name="virtualbox"></a>
221 221 <div class="island_row"> <div class="island_row">
222 222 <div class="island_cell"> <div class="island_cell">
223 223 <div class="island"> <div class="island">
 
267 267 </div> </div>
268 268 </div> </div>
269 269
270 <a id="common"></a>
270 <a name="common"></a>
271 271 <div class="island_row"> <div class="island_row">
272 272 <div class="island_cell"> <div class="island_cell">
273 273 <div class="island"> <div class="island">
File root/themes/default/features.html changed (mode: 100644) (index 223beaa..cdf14eb)
120 120 <div class="island"> <div class="island">
121 121 <div class="island_title">The features you need are not here?</div> <div class="island_title">The features you need are not here?</div>
122 122 Do not worry! Let us know by leaving us a Do not worry! Let us know by leaving us a
123 <a href="/op/suggestion">suggestion</a> or by writing us an e-mail at
124 in@rocketgit.com.
123 <a href="/op/suggestion">suggestion</a> (you must be logged in)
124 or by writing us an e-mail at in@rocketgit.com.
125 125 </div> </div>
126 126 </div> </div>
127 127 </div> </div>
File root/themes/default/hints/list/footer.html changed (mode: 100644) (index 54352b2..541fad3)
1 </ul>
2 1 </div> <!-- hints --> </div> <!-- hints -->
File root/themes/default/hints/list/header.html changed (mode: 100644) (index eabc64b..7f3462e)
1 1 <div class="hints"> <div class="hints">
2 2 <b>Hints:</b><br /> <b>Hints:</b><br />
3 <ul>
File root/themes/default/hints/list/line.html changed (mode: 100644) (index c759173..64daeed)
1 <li>@@hint@@</li>
1 @@hint@@
File root/themes/default/index.html changed (mode: 100644) (index bff8953..24e13ff)
23 23 <a href="/op/tos">ToS</a> <a href="/op/tos">ToS</a>
24 24 <a href="/op/donate">Donate</a> <a href="/op/donate">Donate</a>
25 25 @@if(@@login_ui::uid@@ != 0){{ @@if(@@login_ui::uid@@ != 0){{
26 <a href="/op/suggestion">Suggestion</a>
27 <a href="/op/repo">My repositories</a>
28 <a href="/op/settings">Settings</a>
29 @@if(@@login_ui::is_admin@@ == 1){{<a href="/op/admin">Admin</a>}}{{}}
30 <a href="/op/logout?token=@@logout_token@@">Logout</a>
26 <a href="/op/suggestion">Suggestion</a>
27 <a href="/op/repo">My repositories</a>
28 <a href="/op/settings">Settings</a>
29 @@if(@@login_ui::is_admin@@ == 1){{<a href="/op/admin">Admin</a>}}
30 <a href="/op/logout?token=@@logout_token@@">Logout</a>
31 31 }}{{ }}{{
32 <a href="/op/login">Sign in</a>
32 <a href="/op/login">Sign in</a>
33 33 }} }}
34 34 </div> </div>
35 35 </div> <!-- header --> </div> <!-- header -->
36 36
37 <div class="slogan">
38 FLOS (free, libre and open-source) software for managing Git projects,
39 both public and private.
40 <font color="red">Beta.</font>
41 </div>
42
43 37 <div id="main_container"> <div id="main_container">
44 38 <div class="menus"> <div class="menus">
45 39 @@submenu1@@ @@submenu1@@
 
72 66 </div> <!-- container --> </div> <!-- container -->
73 67
74 68 </body> </body>
75 </html>
69 </html>
File root/themes/default/internal_err.html changed (mode: 100644) (index e69de29..826082f)
1 <div class="warning">
2 An internal error occurred. Please try again later.
3 </div>
File root/themes/default/mail/user/repo/bug/new.body.txt changed (mode: 100644) (index a5d32d0..b0d851d)
1 1 Hello! Hello!
2 2
3 A new bug was added to repo '@@repo::name@@':
3 A new bug was added to repo '@@ri::name@@':
4 4 '@@bug::title@@'. '@@bug::title@@'.
5 5
6 6 Description: Description:
File root/themes/default/mail/user/repo/bug/new_note.body.txt changed (mode: 100644) (index bc2fda9..ac74db2)
... ... Hello!
2 2
3 3 A new note was added to bug A new note was added to bug
4 4 '@@bug::title@@', '@@bug::title@@',
5 repo '@@repo::name@@'.
5 repo '@@ri::name@@'.
6 6 The note was added by '@@note::who_added_text@@'. The note was added by '@@note::who_added_text@@'.
7 7
8 @@note@@
8 @@note::body@@
9 9
10 10 Link to bug: @@bug::url@@ Link to bug: @@bug::url@@
11 11
File root/themes/default/mail/user/repo/new.body.txt changed (mode: 100644) (index c35600b..06ec600)
1 1 Hello! Hello!
2 2
3 @@if(@@ri::public == 1){{Public}}{{Private}} repository '@@ri::name@@' was created.
3 @@if(@@ri::public@@ == 1){{Public}}{{Private}} repository '@@ri::name@@' was created.
4 4
5 5 Description: Description:
6 6 @@ri::description@@ @@ri::description@@
File root/themes/default/mail/user/repo/update.body.txt changed (mode: 100644) (index 3d07e32..f2d5c18)
1 1 Hello! Hello!
2 2
3 @@if(@@ri::renamed@@ == 1){{Repository '@@ri::old::name@@' was renamed to '@@ri::name@@.}}{{}}
4 @@if(@@ri::old::description_md5@@ != @@ri::description_md5@@){{
3 @@if(@@ri::renamed@@ == 1){{Repository '@@ri_old::name@@' was renamed to '@@ri::name@@.}}
4 @@if(@@ri_old::description_md5@@ != @@ri::description_md5@@){{
5 5 Description changed to: Description changed to:
6 @@ri::description@@}}{{}}
6 @@ri::description@@
7 }}
7 8 Repository is @@if(@@ri::public@@ == 1){{public}}{{private}}. Repository is @@if(@@ri::public@@ == 1){{public}}{{private}}.
8 9 Link to repository: @@ri::url@@ Link to repository: @@ri::url@@
9 10
File root/themes/default/mail/user/repo/update.subj.txt changed (mode: 100644) (index 4db950f..feacbc4)
1 '@@ri::old::name@@' repo was changed
1 '@@ri_old::name@@' repo was changed
File root/themes/default/mail/user/welcome.body.txt changed (mode: 100644) (index 7a29e9e..782e34f)
... ... Welcome to RocketGit!
4 4
5 5 We will gladly host your projects. We will gladly host your projects.
6 6 Enjoy your stay! Enjoy your stay!
7 @@if(@@rg_account_email_confirm@@ == 1)
8 {{
7 @@if(@@rg_account_email_confirm@@ == 1){{
9 8 You must confirm your e-mail address before you can use your account, You must confirm your e-mail address before you can use your account,
10 by clicking on the link below:}}
11 {{You may want to confirm your e-mail address by clicking on the link below:}}
9 by clicking on the link below:
10 }}{{
11 You may want to confirm your e-mail address by clicking on the link below:
12 }}
12 13 @@url@@/op/confirm/@@ui::confirm_token@@ @@url@@/op/confirm/@@ui::confirm_token@@
13 14
14 15 Thank you! Thank you!
File root/themes/default/main.css changed (mode: 100644) (index 31e4fe5..6c5e54c)
... ... form input[type="submit"] {
162 162 overflow: hidden; overflow: hidden;
163 163 box-shadow: 0px 4px 6px #666666; box-shadow: 0px 4px 6px #666666;
164 164 background-color: #888888; background-color: #888888;
165 background-color: #aaa;
165 166 width: 100%; width: 100%;
166 167 margin-bottom: 6px; margin-bottom: 6px;
167 168 line-height: 120%; line-height: 120%;
 
... ... form input[type="submit"] {
295 296 width: 10px; width: 10px;
296 297 } }
297 298
298 .codeline {
299 .cl-r {
299 300 font-family: monospace; font-family: monospace;
300 301 font-size: 9pt; font-size: 9pt;
302 background-color: #f00;
303 }
304
305 .cl-g {
306 font-family: monospace;
307 font-size: 9pt;
308 background-color: #0f0;
309 }
310
311 .cl-e {
312 font-family: monospace;
313 font-size: 9pt;
314 background-color: #eee;
301 315 } }
302 316
303 317 .submenu { .submenu {
File root/themes/default/main.html changed (mode: 100644) (index 7a5befe..f537f53)
1 1 <div class="islands"> <div class="islands">
2 2 <div class="main_title">Welcome to RocketGit!</div> <div class="main_title">Welcome to RocketGit!</div>
3 3
4 <div class="island_row">
5 <div class="island_cell">
6 <div class="island">
7 FLOS (free, libre and open-source) software for managing Git projects,
8 both public and private.
9 <font color="red">Beta.</font>
10 </div>
11 </div>
12 </div>
13
4 14 <div class="island_row"> <div class="island_row">
5 15 <div class="island_cell"> <div class="island_cell">
6 16 <div class="island"> <div class="island">
File root/themes/default/repo/add_edit.html changed (mode: 100644) (index 6ffa2a8..253e309)
10 10 <input type="hidden" name="doit" value="1" /> <input type="hidden" name="doit" value="1" />
11 11 <input type="hidden" name="token" value="@@rg_form_token@@" /> <input type="hidden" name="token" value="@@rg_form_token@@" />
12 12
13 @@if("@@ri::master_name@@" != ""){{Master repo: @@ri::master_name@@<br />}}{{}}
13 @@if("@@ri::master_name@@" != ""){{Master repo: @@ri::master_name@@<br />}}
14 14
15 15 <label for="name" class="form_item_title">Name</label><br /> <label for="name" class="form_item_title">Name</label><br />
16 16 <input type="text" name="name" value="@@ri::name@@" /> <input type="text" name="name" value="@@ri::name@@" />
File root/themes/default/repo/diff.html changed (mode: 100644) (index 14137f4..fa9fc77)
1 1 <tr> <tr>
2 2 <td class="numbers">@@line_left@@</td> <td class="numbers">@@line_left@@</td>
3 3 <td class="numbers">@@line_right@@</td> <td class="numbers">@@line_right@@</td>
4 <td class="codeline" bgcolor="@@left_color@@">@@left@@</td>
5 <td class="codeline" bgcolor="@@right_color@@">@@right@@</td>
4 <td class="@@left_class@@">@@left@@</td>
5 <td class="@@right_class@@">@@right@@</td>
6 6 </tr> </tr>
File root/themes/default/repo/discover.html changed (mode: 100644) (index de33d41..f794798)
3 3 <div class="menus"> <div class="menus">
4 4 <div class="menu menu2"> <div class="menu menu2">
5 5 <ul> <ul>
6 <li@@if(@@discover::menu::list@@ == 1){{ class="selected"}}{{}}>
6 <li@@if(@@discover_menu_list@@ == 1){{ class="selected"}}>
7 7 <a href="/op/discover/list">List</a> <a href="/op/discover/list">List</a>
8 8 </li> </li>
9 9
10 <li@@if(@@discover::menu::search@@ == 1){{ class="selected"}}{{}}>
10 <li@@if(@@discover_menu_search@@ == 1){{ class="selected"}}>
11 11 <a href="/op/discover/search">Search</a> <a href="/op/discover/search">Search</a>
12 12 </li> </li>
13 13 </ul> </ul>
File root/themes/default/repo/fstat/header.html changed (mode: 100644) (index 73eefdd..cabe134)
1 <table>
1 <table summary="file stats">
2 2 <tr> <tr>
3 3 <th>File</th> <th>File</th>
4 4 <th>Lines added</th> <th>Lines added</th>
File root/themes/default/repo/fstat/line.html changed (mode: 100644) (index 4f3b893..794bf3a)
1 1 <tr> <tr>
2 <td>@@file@@</td>
2 <td><a href="#file-@@file@@">@@file@@</a></td>
3 3 <td>@@add@@</td> <td>@@add@@</td>
4 4 <td>@@del@@</td> <td>@@del@@</td>
5 5 </tr> </tr>
File root/themes/default/repo/history/header.html changed (mode: 100644) (index c0f66ae..a052738)
1 <table>
1 <table summary="repo history">
2 2 <tr> <tr>
3 3 <th>Date (UTC)</th> <th>Date (UTC)</th>
4 4 <th>User</th> <th>User</th>
File root/themes/default/repo/log/header.html changed (mode: 100644) (index f7679f2..df4d8e6)
1 1 <br /> <br />
2 <table>
2 <table summary="log">
3 3 <tr> <tr>
4 4 <th>Subject</th> <th>Subject</th>
5 5 <th>SHA-1</th> <th>SHA-1</th>
File root/themes/default/repo/main.html changed (mode: 100644) (index 5e43435..7174563)
22 22 @@if(@@can_admin@@ == 1){{<li@@if(@@per_repo_menu::admin@@ == 1){{ class="selected"}}{{}}><a href="@@url_repo@@/admin">Admin</a></li>}}{{}} @@if(@@can_admin@@ == 1){{<li@@if(@@per_repo_menu::admin@@ == 1){{ class="selected"}}{{}}><a href="@@url_repo@@/admin">Admin</a></li>}}{{}}
23 23 </ul> </ul>
24 24 </div> </div>
25 @@repo_submenu@@
26 25 </div> <!-- repo_header --> </div> <!-- repo_header -->
27 26
28 27 <div class="repo_body"> <div class="repo_body">
File root/themes/default/repo/mr/list/header.html changed (mode: 100644) (index 0b689e6..13ad6b1)
1 <table>
1 <table summary="pull requests">
2 2 <tr> <tr>
3 3 <th>ID</th> <th>ID</th>
4 4 <th>Date / time</th> <th>Date / time</th>
File root/themes/default/repo/search.html changed (mode: 100644) (index af7478e..da957c3)
4 4
5 5 @@errmsg@@ @@errmsg@@
6 6
7 <form method="post" action="@@search::url@@/search">
7 <form method="post" action="@@search_url@@/search">
8 8 <input type="hidden" name="doit" value="1" /> <input type="hidden" name="doit" value="1" />
9 9
10 10 <label for="q" class="form_item_title">Keyword</label><br /> <label for="q" class="form_item_title">Keyword</label><br />
File root/themes/default/repo/tree/header.html changed (mode: 100644) (index c97773a..ada94b6)
1 1 <br /> <br />
2 <table>
2 <table summary="tree">
3 3 <tr> <tr>
4 4 <th>Mode</th> <th>Mode</th>
5 5 <th>Type</th> <th>Type</th>
File root/themes/default/repo/urls/line.html changed (mode: 100644) (index 39971f7..5e6becd)
1 <li>@@url@@</li>
1 <li>@@clone_url@@</li>
File root/themes/default/suggestion.html changed (mode: 100644) (index dde9b37..001f0c6)
8 8 <input type="hidden" name="doit" value="1" /> <input type="hidden" name="doit" value="1" />
9 9 <input type="hidden" name="token" value="@@rg_form_token@@" /> <input type="hidden" name="token" value="@@rg_form_token@@" />
10 10
11 @@if(login_ui::uid == 0){{
11 @@if(@@login_ui::uid@@ == 0){{
12 12 <label for="suggestion" class="form_item_title">Suggestion</label><br /> <label for="suggestion" class="form_item_title">Suggestion</label><br />
13 13 <input type="text" name="email">@@email@@ /> <input type="text" name="email">@@email@@ />
14 14 <br /> <br />
File root/themes/default/user/keys/list/line.html changed (mode: 100644) (index 7011df5..5009f69)
1 <!-- @@DUMP-DISABLED@@ -->
2 1 <tr> <tr>
3 2 <td><input type="checkbox" name="key_delete_ids[@@key_id@@]" /></td> <td><input type="checkbox" name="key_delete_ids[@@key_id@@]" /></td>
4 3 <td>@@itime@@</td> <td>@@itime@@</td>
File root/themes/default/user/repo/rights/list_repo/header.html changed (mode: 100644) (index a91bf64..78d7840)
6 6 <input type="hidden" name="delete" value="1" /> <input type="hidden" name="delete" value="1" />
7 7 <input type="hidden" name="token" value="@@rg_form_token@@" /> <input type="hidden" name="token" value="@@rg_form_token@@" />
8 8
9 <table>
9 <table summary="repo rights">
10 10 <tr> <tr>
11 11 <th>Select</th> <th>Select</th>
12 12 <th>Priority</th> <th>Priority</th>
File root/themes/default/user/repo/rights/list_repo_path/header.html changed (mode: 100644) (index 440f7d1..344f7cf)
6 6 <input type="hidden" name="delete" value="1" /> <input type="hidden" name="delete" value="1" />
7 7 <input type="hidden" name="token" value="@@rg_form_token@@" /> <input type="hidden" name="token" value="@@rg_form_token@@" />
8 8
9 <table>
9 <table summary="path rights">
10 10 <tr> <tr>
11 11 <th>Select</th> <th>Select</th>
12 12 <th>Priority</th> <th>Priority</th>
File root/themes/default/user/repo/rights/list_repo_refs/header.html changed (mode: 100644) (index 7fd17e0..9c1115e)
6 6 <input type="hidden" name="delete" value="1" /> <input type="hidden" name="delete" value="1" />
7 7 <input type="hidden" name="token" value="@@rg_form_token@@" /> <input type="hidden" name="token" value="@@rg_form_token@@" />
8 8
9 <table>
9 <table summary="refs rights">
10 10 <tr> <tr>
11 11 <th>Select</th> <th>Select</th>
12 12 <th>Priority</th> <th>Priority</th>
File scripts/remote.php changed (mode: 100644) (index 6ed30f1..0174c0b)
... ... if ($push == 1) {
250 250
251 251 $run = "git-shell -c \"" . $cmd . " " . escapeshellarg($repo_path) . "\""; $run = "git-shell -c \"" . $cmd . " " . escapeshellarg($repo_path) . "\"";
252 252 rg_log("Running [$run]..."); rg_log("Running [$run]...");
253 rg_prof_start("git-shell");
253 254 passthru($run, $ret); passthru($run, $ret);
255 rg_prof_end("git-shell");
254 256 rg_log("[$run] returned $ret."); rg_log("[$run] returned $ret.");
255 257
256 258 rg_prof_end("remote.php"); rg_prof_end("remote.php");
File tests/.gitignore changed (mode: 100644) (index 96b7a28..30261ee)
... ... err-*
9 9 *.diff *.diff
10 10 http.tidy.in http.tidy.in
11 11 http.tidy.out http.tidy.out
12 git2
13 git2key
14 git2key.pub
15 git_log1
16 q_merge_requests
17 qstats
File tests/Makefile changed (mode: 100644) (index d97b245..81979eb)
... ... tests := git_log1.sh \
2 2 http_admin http_bug \ http_admin http_bug \
3 3 token util log state cache prof db event rights keys user repo git bug \ token util log state cache prof db event rights keys user repo git bug \
4 4 hook_update http_create_account http_login http_settings http_csrf \ hook_update http_create_account http_login http_settings http_csrf \
5 http_top
5 http_top git2
6 6 .PHONY: $(tests) .PHONY: $(tests)
7 7
8 8 all: $(tests) all: $(tests)
 
... ... http_admin:
78 78 http_top: http_top:
79 79 php http_top.php php http_top.php
80 80
81 git2:
82 php git2.php
83
81 84 .PHONY: clean .PHONY: clean
82 85 clean: clean:
83 @rm -rf git_log1 *.log *.strace *.strace.* *.out *.lock err-* *.diff
86 @rm -rf git_log1 *.log *.strace *.strace.* *.out *.lock err-* *.diff \
87 http.arond *.pub git2key git2 *.in
88
File tests/event.php changed (mode: 100644) (index 3be3774..d7fefcf)
... ... if ($r !== TRUE) {
63 63 $event = array( $event = array(
64 64 "prio" => 1, "prio" => 1,
65 65 "category" => 1, "category" => 1,
66 "ri::repo_id" => 200
66 'ri' => array('repo_id' => 200)
67 67 ); );
68 68
69 69 $r = rg_event_add($db, $event); $r = rg_event_add($db, $event);
File tests/git2.php changed (mode: 100644) (index 66752f2..ef2234a)
... ... $INC = dirname(__FILE__) . "/../inc";
6 6 require_once(dirname(__FILE__) . "/config.php"); require_once(dirname(__FILE__) . "/config.php");
7 7 require_once($INC . "/init.inc.php"); require_once($INC . "/init.inc.php");
8 8 require_once($INC . "/git.inc.php"); require_once($INC . "/git.inc.php");
9 require_once("helpers.inc.php");
10 require_once("http.inc.php");
9 11
10 12 rg_log_set_file("git2.log"); rg_log_set_file("git2.log");
11 13
14 $rg_sql = "host=localhost user=rocketgit dbname=rocketgit connect_timeout=10";
12 15 $rg_no_db = TRUE; $rg_no_db = TRUE;
13 16 require_once("common.php"); require_once("common.php");
14 17
15 system("./git2.sh");
18 $_testns = 'git2';
19 $rg_cache_enable = TRUE;
20
21 system("./git2.sh &>git2.log");
22 if (!file_exists("git2/.git/refs/heads/group1/branch1")) {
23 rg_log("Something wrong generating the git2 tree: "
24 . file_get_contents("git2.log"));
25 exit(1);
26 }
16 27
17 28 // test rg_git_refs // test rg_git_refs
18 29 $refs = rg_git_refs("git2/.git"); $refs = rg_git_refs("git2/.git");
19 print_r($refs);
30 if (strcmp($refs['tag'][0], "unannot1") != 0) {
31 rg_log("Could not create an un-annotated tag: " . print_r($refs, TRUE));
32 exit(1);
33 }
34 if (strcmp($refs['tag'][1], "v1.0") != 0) {
35 rg_log("Could not create an annotated tag: " . print_r($refs, TRUE));
36 exit(1);
37 }
38 if (strcmp($refs['branch'][0], "group1/branch1") != 0) {
39 rg_log("Could not create branch group1/branch1: " . print_r($refs, TRUE));
40 exit(1);
41 }
42
43 // This test makes sense only on my devel machine
44 if (php_uname("n") != "r1.embedromix.ro") {
45 rg_log("OK!");
46 exit(0);
47 }
48
49
50 rg_log("Generate a SSH key");
51 @unlink("git2key"); @unlink("git2key.pub");
52 system("ssh-keygen -t rsa -N '' -C \"Key for RocketGit\" -f git2key </dev/null &>git2.log");
53 if (!file_exists("git2key.pub")) {
54 rg_log("Could not generate ssh key: " . file_get_contents("git2.log"));
55 exit(1);
56 }
57 chmod("git2key.pub", 0700);
58
59 rg_log("Creating a user...");
60 rg_test_create_user($db, $rg_ui);
61 rg_test_create_repo($db, $rg_ui, $repo);
62 $r = test_login($test_url, $rg_ui, $good_sid);
63 if ($r === FALSE) {
64 rg_log("Cannot login!");
65 exit(1);
66 }
67
68 rg_log("Loading ssh key form...");
69 $data = array();
70 $headers = array("Cookie: sid=" . $good_sid);
71 $r = do_req($test_url . "/op/settings/keys?t=ssh2", $data, $headers);
72 if ($r === FALSE) {
73 rg_log("Cannot load form!");
74 exit(1);
75 }
76 if (empty($r['token'])) {
77 rg_log_ml("token not found! r:" . print_r($r, TRUE));
78 exit(1);
79 }
80
81 rg_log("Uploading the key...");
82 $key = file_get_contents("git2key.pub");
83 $data = array('add' => 1, 'token' => $r['token'], 'key' => $key);
84 $headers = array('Cookie: sid=' . $good_sid);
85 $r = do_req($test_url . '/op/settings/keys?t=git2', $data, $headers);
86 if ($r === FALSE) {
87 rg_log_ml("Cannot upload key: " . print_r($r, TRUE));
88 exit(1);
89 }
90
91 rg_log("Waiting for key to be added to the authorized_keys file");
92 while (1) {
93 $c = file_get_contents("/home/rocketgit/.ssh/authorized_keys");
94 if (strstr($c, $key))
95 break;
96
97 sleep(1);
98 }
99
100 $remote = 'ssh://rocketgit@rgtest/user/' . escapeshellarg($rg_ui['username'])
101 . '/' . escapeshellarg($repo['name']);
102 system("cd git2; git remote add origin $remote");
103 $ll = system("cd git2; git push origin master", $err);
104 if ($err != 0) {
105 rg_log("Seems I cannot push master! Last line=[$ll] err=$err");
106 exit(1);
107 }
108 $ll = system("cd git2; git push --tags origin", $err);
109 if ($err != 0) {
110 rg_log("Seems I cannot push tags! Last line=[$ll] err=$err");
111 exit(1);
112 }
113
114
115 $commit = trim(file_get_contents('git2/.git/refs/heads/master'));
116 rg_log("Load master from .git: $commit");
117
118 rg_log("Checking on web that everything is OK...");
119 $data = array();
120 $headers = array("Cookie: sid=" . $good_sid);
121 $r = do_req($test_url . '/user/' . rawurlencode($rg_ui['username'])
122 . '/' . rawurlencode($repo['name']) . '/source/log/commit/'
123 . $commit, $data, $headers);
124 if ($r === FALSE) {
125 rg_log("Cannot load master commit!");
126 exit(1);
127 }
20 128
21 system("rm -rf git2");
129 rg_log("Checking on web that tag is OK...");
130 $data = array();
131 $headers = array("Cookie: sid=" . $good_sid);
132 $r = do_req($test_url . '/user/' . rawurlencode($rg_ui['username'])
133 . '/' . rawurlencode($repo['name'])
134 . '/source/tree/tag/unannot1/blob/a', $data, $headers);
135 if (strstr($r['body'], 'a signature') === FALSE) {
136 rg_log_ml("Cannot see the tag: " . print_r($r, TRUE));
137 exit(1);
138 }
22 139
23 140
24 rg_log("OK");
141 rg_log("OK!");
25 142 ?> ?>
File tests/git2.sh changed (mode: 100755) (index 8df50bd..2ccaa3d)
3 3 mkdir git2 mkdir git2
4 4 cd git2 cd git2
5 5 git init git init
6 echo "a" > a
6 echo "a signature" > a
7 7 git add a git add a
8 8 git commit -a -m "aa" git commit -a -m "aa"
9 9 git checkout -b group1/branch1 git checkout -b group1/branch1
File tests/git_log1.expected changed (mode: 100644) (index 821a524..40a55f2)
1 1 <div class="diff"> <div class="diff">
2 2 <br /> <br />
3 <a name="dis1"></a>
4 <table class="chunk">
3 <a name="file-dis1"></a>
4 <table class="chunk" summary="chunk">
5 5 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>dis1</b> changed (mode: 100644) (index 2c4179b..2bf9115):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>dis1</b> changed (mode: 100644) (index 2c4179b..2bf9115):</td></tr>
6 1 &nbsp; #ff0000 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa #eeeeee
7 2 1 #eeeeee baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa #eeeeee baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
8 &nbsp; 2 #eeeeee #00ff00 caaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
6 1 cl-r aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa cl-e
7 2 1 cl-e baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa cl-e baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
8 2 cl-e cl-g caaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
9 9 </table> </table>
10 10 </div> </div>
11 11 <div class="diff"> <div class="diff">
12 12 <br /> <br />
13 <a name="dis1"></a>
14 <table class="chunk">
13 <a name="file-dis1"></a>
14 <table class="chunk" summary="chunk">
15 15 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>dis1</b> added (mode: 100644) (index 0000000..2c4179b):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>dis1</b> added (mode: 100644) (index 0000000..2c4179b):</td></tr>
16 &nbsp; 1 #eeeeee #00ff00 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
17 &nbsp; 2 #eeeeee #00ff00 baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
16 1 cl-e cl-g aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
17 2 cl-e cl-g baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
18 18 </table> </table>
19 19 </div> </div>
20 20 <div class="diff"> <div class="diff">
21 21 <br /> <br />
22 <a name="a b c"></a>
23 <table class="chunk">
22 <a name="file-a b c"></a>
23 <table class="chunk" summary="chunk">
24 24 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a b c</b> added (mode: 100644) (index 0000000..72943a1):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a b c</b> added (mode: 100644) (index 0000000..72943a1):</td></tr>
25 &nbsp; 1 #eeeeee #00ff00 aaa
25 1 cl-e cl-g aaa
26 26 </table> </table>
27 27 </div> </div>
28 28 <div class="diff"> <div class="diff">
29 29 <br /> <br />
30 <a name="a3"></a>
31 <table class="chunk">
30 <a name="file-a3"></a>
31 <table class="chunk" summary="chunk">
32 32 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a3</b> deleted (index 193814c..0000000):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a3</b> deleted (index 193814c..0000000):</td></tr>
33 1 &nbsp; #ff0000 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa #eeeeee
33 1 cl-r aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa cl-e
34 34 </table> </table>
35 35 </div> </div>
36 36 <div class="diff"> <div class="diff">
37 37 <br /> <br />
38 <a name="a3"></a>
39 <table class="chunk">
38 <a name="file-a3"></a>
39 <table class="chunk" summary="chunk">
40 40 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a3</b> renamed from a2 (similarity 100%):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a3</b> renamed from a2 (similarity 100%):</td></tr>
41 41 </table> </table>
42 42 <br /> <br />
43 <a name="c"></a>
44 <table class="chunk">
43 <a name="file-c"></a>
44 <table class="chunk" summary="chunk">
45 45 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>c</b> added (mode: 100644) (index 0000000..8ded189):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>c</b> added (mode: 100644) (index 0000000..8ded189):</td></tr>
46 &nbsp; 1 #eeeeee #00ff00 aaaaaaaaaaaaaaaaaaaa
46 1 cl-e cl-g aaaaaaaaaaaaaaaaaaaa
47 47 </table> </table>
48 48 </div> </div>
49 49 <div class="diff"> <div class="diff">
50 50 <br /> <br />
51 <a name="a2"></a>
52 <table class="chunk">
51 <a name="file-a2"></a>
52 <table class="chunk" summary="chunk">
53 53 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a2</b> added (mode: 100644) (index 0000000..193814c):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a2</b> added (mode: 100644) (index 0000000..193814c):</td></tr>
54 &nbsp; 1 #eeeeee #00ff00 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
54 1 cl-e cl-g aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
55 55 </table> </table>
56 56 </div> </div>
57 57 <div class="diff"> <div class="diff">
58 58 <br /> <br />
59 <a name="empty.txt"></a>
60 <table class="chunk">
59 <a name="file-empty.txt"></a>
60 <table class="chunk" summary="chunk">
61 61 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>empty.txt</b> added (mode: 100644) (index 0000000..e69de29):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>empty.txt</b> added (mode: 100644) (index 0000000..e69de29):</td></tr>
62 62 </table> </table>
63 63 </div> </div>
64 64 <div class="diff"> <div class="diff">
65 65 <br /> <br />
66 <a name="xx&quot;yy"></a>
67 <table class="chunk">
66 <a name="file-xx&quot;yy"></a>
67 <table class="chunk" summary="chunk">
68 68 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>xx&quot;yy</b> added (mode: 100644) (index 0000000..e69de29):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>xx&quot;yy</b> added (mode: 100644) (index 0000000..e69de29):</td></tr>
69 69 </table> </table>
70 70 </div> </div>
71 71 <div class="diff"> <div class="diff">
72 72 <br /> <br />
73 <a name="a"></a>
74 <table class="chunk">
73 <a name="file-a"></a>
74 <table class="chunk" summary="chunk">
75 75 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a</b> added (mode: 100644) (index 0000000..193814c):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a</b> added (mode: 100644) (index 0000000..193814c):</td></tr>
76 &nbsp; 1 #eeeeee #00ff00 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
76 1 cl-e cl-g aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
77 77 </table> </table>
78 78 </div> </div>
File tests/git_log1.final changed (mode: 100644) (index 821a524..40a55f2)
1 1 <div class="diff"> <div class="diff">
2 2 <br /> <br />
3 <a name="dis1"></a>
4 <table class="chunk">
3 <a name="file-dis1"></a>
4 <table class="chunk" summary="chunk">
5 5 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>dis1</b> changed (mode: 100644) (index 2c4179b..2bf9115):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>dis1</b> changed (mode: 100644) (index 2c4179b..2bf9115):</td></tr>
6 1 &nbsp; #ff0000 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa #eeeeee
7 2 1 #eeeeee baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa #eeeeee baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
8 &nbsp; 2 #eeeeee #00ff00 caaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
6 1 cl-r aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa cl-e
7 2 1 cl-e baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa cl-e baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
8 2 cl-e cl-g caaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
9 9 </table> </table>
10 10 </div> </div>
11 11 <div class="diff"> <div class="diff">
12 12 <br /> <br />
13 <a name="dis1"></a>
14 <table class="chunk">
13 <a name="file-dis1"></a>
14 <table class="chunk" summary="chunk">
15 15 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>dis1</b> added (mode: 100644) (index 0000000..2c4179b):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>dis1</b> added (mode: 100644) (index 0000000..2c4179b):</td></tr>
16 &nbsp; 1 #eeeeee #00ff00 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
17 &nbsp; 2 #eeeeee #00ff00 baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
16 1 cl-e cl-g aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
17 2 cl-e cl-g baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
18 18 </table> </table>
19 19 </div> </div>
20 20 <div class="diff"> <div class="diff">
21 21 <br /> <br />
22 <a name="a b c"></a>
23 <table class="chunk">
22 <a name="file-a b c"></a>
23 <table class="chunk" summary="chunk">
24 24 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a b c</b> added (mode: 100644) (index 0000000..72943a1):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a b c</b> added (mode: 100644) (index 0000000..72943a1):</td></tr>
25 &nbsp; 1 #eeeeee #00ff00 aaa
25 1 cl-e cl-g aaa
26 26 </table> </table>
27 27 </div> </div>
28 28 <div class="diff"> <div class="diff">
29 29 <br /> <br />
30 <a name="a3"></a>
31 <table class="chunk">
30 <a name="file-a3"></a>
31 <table class="chunk" summary="chunk">
32 32 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a3</b> deleted (index 193814c..0000000):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a3</b> deleted (index 193814c..0000000):</td></tr>
33 1 &nbsp; #ff0000 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa #eeeeee
33 1 cl-r aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa cl-e
34 34 </table> </table>
35 35 </div> </div>
36 36 <div class="diff"> <div class="diff">
37 37 <br /> <br />
38 <a name="a3"></a>
39 <table class="chunk">
38 <a name="file-a3"></a>
39 <table class="chunk" summary="chunk">
40 40 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a3</b> renamed from a2 (similarity 100%):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a3</b> renamed from a2 (similarity 100%):</td></tr>
41 41 </table> </table>
42 42 <br /> <br />
43 <a name="c"></a>
44 <table class="chunk">
43 <a name="file-c"></a>
44 <table class="chunk" summary="chunk">
45 45 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>c</b> added (mode: 100644) (index 0000000..8ded189):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>c</b> added (mode: 100644) (index 0000000..8ded189):</td></tr>
46 &nbsp; 1 #eeeeee #00ff00 aaaaaaaaaaaaaaaaaaaa
46 1 cl-e cl-g aaaaaaaaaaaaaaaaaaaa
47 47 </table> </table>
48 48 </div> </div>
49 49 <div class="diff"> <div class="diff">
50 50 <br /> <br />
51 <a name="a2"></a>
52 <table class="chunk">
51 <a name="file-a2"></a>
52 <table class="chunk" summary="chunk">
53 53 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a2</b> added (mode: 100644) (index 0000000..193814c):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a2</b> added (mode: 100644) (index 0000000..193814c):</td></tr>
54 &nbsp; 1 #eeeeee #00ff00 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
54 1 cl-e cl-g aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
55 55 </table> </table>
56 56 </div> </div>
57 57 <div class="diff"> <div class="diff">
58 58 <br /> <br />
59 <a name="empty.txt"></a>
60 <table class="chunk">
59 <a name="file-empty.txt"></a>
60 <table class="chunk" summary="chunk">
61 61 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>empty.txt</b> added (mode: 100644) (index 0000000..e69de29):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>empty.txt</b> added (mode: 100644) (index 0000000..e69de29):</td></tr>
62 62 </table> </table>
63 63 </div> </div>
64 64 <div class="diff"> <div class="diff">
65 65 <br /> <br />
66 <a name="xx&quot;yy"></a>
67 <table class="chunk">
66 <a name="file-xx&quot;yy"></a>
67 <table class="chunk" summary="chunk">
68 68 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>xx&quot;yy</b> added (mode: 100644) (index 0000000..e69de29):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>xx&quot;yy</b> added (mode: 100644) (index 0000000..e69de29):</td></tr>
69 69 </table> </table>
70 70 </div> </div>
71 71 <div class="diff"> <div class="diff">
72 72 <br /> <br />
73 <a name="a"></a>
74 <table class="chunk">
73 <a name="file-a"></a>
74 <table class="chunk" summary="chunk">
75 75 <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a</b> added (mode: 100644) (index 0000000..193814c):</td></tr> <tr style="border: 1px; background: #dddddd"><td colspan="4">File <b>a</b> added (mode: 100644) (index 0000000..193814c):</td></tr>
76 &nbsp; 1 #eeeeee #00ff00 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
76 1 cl-e cl-g aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
77 77 </table> </table>
78 78 </div> </div>
File tests/git_log1.tmpl changed (mode: 100644) (index ac310b4..f776084)
1 @@line_left@@ @@line_right@@ @@left_color@@ @@left@@ @@right_color@@ @@right@@
1 @@line_left@@ @@line_right@@ @@left_class@@ @@left@@ @@right_class@@ @@right@@
File tests/helpers.inc.php changed (mode: 100644) (index fc0f776..d61fc17)
... ... function rg_test_create_user($db, &$rg_ui)
21 21 $new['organization'] = 0; $new['organization'] = 0;
22 22 $new['username'] = $username; $new['username'] = $username;
23 23 $new['realname'] = 'realname-' . $_user_id . '<xss>'; $new['realname'] = 'realname-' . $_user_id . '<xss>';
24 $new['email'] = 'email-' . $_user_id . '<xss>@embedromix.ro';
24 $new['email'] = 'email-' . $_user_id . '@embedromix.ro';
25 25 $new['is_admin'] = 0; $new['is_admin'] = 0;
26 26 $new['rights'] = ''; $new['rights'] = '';
27 27 $new['session_time'] = 3600; $new['session_time'] = 3600;
File tests/http.inc.php changed (mode: 100644) (index 44344d8..5db8725)
... ... function do_req($url, &$data, &$headers)
36 36 curl_setopt($c, CURLOPT_REFERER, $test_referer); curl_setopt($c, CURLOPT_REFERER, $test_referer);
37 37 $r = curl_exec($c); $r = curl_exec($c);
38 38 if ($r === FALSE) { if ($r === FALSE) {
39 rg_log("Cannot exec (url=$url), data: " . print_r($data, TRUE));
39 rg_log_ml("Cannot load (url=$url), data: "
40 . print_r($data, TRUE));
41 rg_log("curl error: " . curl_error($c));
40 42 return FALSE; return FALSE;
41 43 } }
42 44
 
... ... function do_req($url, &$data, &$headers)
58 60 } }
59 61 } }
60 62
63 // Check if a '@@' is present
64 if (strstr($ret['body'], '@@')) {
65 rg_log_ml("Bad @@! body=" . print_r($ret['body'], TRUE));
66 exit(1);
67 }
68
61 69 // find sid // find sid
62 70 $x = preg_match('/Set-Cookie: sid=([a-zA-Z0-9]*)/', $ret['header'], $matches); $x = preg_match('/Set-Cookie: sid=([a-zA-Z0-9]*)/', $ret['header'], $matches);
63 71 if (($x === FALSE) || (!isset($matches[1]))) { if (($x === FALSE) || (!isset($matches[1]))) {
 
... ... function test_login($url, $rg_ui, &$good_sid)
131 139 $good_token = $r['token']; $good_token = $r['token'];
132 140 rg_log("good: sid=$good_sid token=$good_token"); rg_log("good: sid=$good_sid token=$good_token");
133 141 if (strncmp($good_sid, "X", 1) != 0) { if (strncmp($good_sid, "X", 1) != 0) {
134 rg_log("Seems we did not generated a pre-login session!");
142 rg_log("Seems we did not get a pre-login session!");
135 143 return FALSE; return FALSE;
136 144 } }
137 145
File tests/http_login.php changed (mode: 100644) (index f90d0dc..651b2ef)
... ... $good_sid = $r['sid'];
34 34 $good_token = $r['token']; $good_token = $r['token'];
35 35 rg_log("good: sid=$good_sid token=$good_token"); rg_log("good: sid=$good_sid token=$good_token");
36 36 if (strncmp($good_sid, "X", 1) != 0) { if (strncmp($good_sid, "X", 1) != 0) {
37 rg_log("Seems we did not generated a pre-login session!");
37 rg_log("Seems we did not get a pre-login session!");
38 38 exit(1); exit(1);
39 39 } }
40 40
File tests/http_settings.php changed (mode: 100644) (index 1238817..88b3854)
... ... $data = array();
165 165 $headers = array("Cookie: sid=" . $good_sid); $headers = array("Cookie: sid=" . $good_sid);
166 166 $r = do_req($test_url . "/op/settings/keys?t=load_key_form_add", $data, $headers); $r = do_req($test_url . "/op/settings/keys?t=load_key_form_add", $data, $headers);
167 167 if ($r === FALSE) { if ($r === FALSE) {
168 rg_log_ml("Cannot load form!");
168 rg_log("Cannot load form!");
169 exit(1);
170 }
171 if (empty($r['token'])) {
172 rg_log_ml("token not found! r:" . print_r($r, TRUE));
169 173 exit(1); exit(1);
170 174 } }
171 175 rg_log("Posting keys form"); rg_log("Posting keys form");
172 $key = "ssh-dss YWFh comment<xss>" . $rg_ui['uid'];
173 $data = array("add" => 1, "token" => $r['token'], "key" => $key);
176 $comment = "<xss>" . $rg_ui['uid'];
177 $key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+2OHaQiZzdwV4HQF9pCBbSQFaoM5Q0YmmRYDL8BUCjwClDgOLp9lQVN5XksoBx2t9INj6XrobjNc/GUF60c1Ald0FtjRl7nIZdYvKDutlxHcGUy6MHsVnCDviXQJD9Hm9fyuBLdy3/oadSCAaQYE/Tcf9rWt1NmhQ7560bCGmh4pw8N+XXAz2nQBCqvIK8VDoBbOOgFa/HOwBrKCgaGmcTGs5wRWHbw3+h6CO1vqEYcSCSqBPMG1JOMfMTuJ0aTXXEkSNPF+TVva85L4qrQslyHbn2JU1t7/HQsFnGtgF1o2AglIR2RbyMmr6axI51Srf20EB9/c9T3auYQipbw85";
178 $data = array("add" => 1, "token" => $r['token'], "key" => $key . ' ' . $comment);
174 179 $headers = array("Cookie: sid=" . $good_sid); $headers = array("Cookie: sid=" . $good_sid);
175 180 $r = do_req($test_url . "/op/settings/keys?t=post_key_form_add", $data, $headers); $r = do_req($test_url . "/op/settings/keys?t=post_key_form_add", $data, $headers);
176 181 if ($r === FALSE) { if ($r === FALSE) {
 
... ... if ($r === FALSE) {
178 183 rg_log_ml("Cannot upload key: " . print_r($r, TRUE)); rg_log_ml("Cannot upload key: " . print_r($r, TRUE));
179 184 exit(1); exit(1);
180 185 } }
181 $sql = "SELECT * FROM keys WHERE key = 'ssh-dss YWFh commentxss" . $rg_ui['uid'] . "'";
186 // the key upload stuff will change < and > to empty.
187 $sql = "SELECT * FROM keys WHERE key = '" . $key . " xss" . $rg_ui['uid'] . "'";
182 188 $res = rg_sql_query($db, $sql); $res = rg_sql_query($db, $sql);
183 189 $rows = rg_sql_num_rows($res); $rows = rg_sql_num_rows($res);
184 190 if ($rows > 0) if ($rows > 0)
185 191 $row = rg_sql_fetch_array($res); $row = rg_sql_fetch_array($res);
186 192 rg_sql_free_result($res); rg_sql_free_result($res);
187 193 if ($rows == 0) { if ($rows == 0) {
194 rg_log_ml("r=" . print_r($r, TRUE));
188 195 rg_log("Key was not uploaded!"); rg_log("Key was not uploaded!");
189 196 exit(1); exit(1);
190 197 } }
File tests/keys.php changed (mode: 100644) (index 5f236c1..4576db7)
... ... $res = rg_sql_query($db, $sql);
28 28 rg_sql_free_result($res); rg_sql_free_result($res);
29 29
30 30 // insert a key 1 // insert a key 1
31 $key = "aaa 'bbb' first_key";
32 $key_id1 = rg_keys_add($db, $rg_ui, $key);
31 $key1 = "ssh-dss AAAAB3NzaC1kc3MAAACBAJLkWtcoCUbWCRXecE907nO1gSh6IrfkD5bsyobrFOp6xYuJvfteKKpE79HUcbEpzIVFNk3mlQf/+k9cFP2Wy8F34UXFk8cXU4FU7z/TM1iHHOHnqFqvzv59LRaaMw4MaHm/4WKdfJy16KOLgosSBzWif3a1nKMdIZuYeIGso7qFAAAAFQC4JU7YoGu2nZQ0fEXFKaRhq+d9UQAAAIEAhgslkwwID6oBBdWx+mUuaXKt/bZcdCfNyjnejxlsZHPfDnayuqCKIgxlhYpiPS6LwiSK5feL55meF33HanCzX53z7ieoW6Je9z2H8/93sCvzk4LMj7XkeEy3G5UnRuL+uc6qrazF7Pu448cQH0pkh6N0zNueQlPpGL4/lHbIiVgAAACAQJup/h36aD9DprosVCQe40nalp7t4o/M75Y70sV7FNrL0azUQcn1ZL+J8F9l/dDRPG3rST2DABgba9pHGWa96vaNfTLnopy3po/296SYQl7/1nek0YtioEikoB+HQxk7eSwRI6bTpKEFNyUnp2/bcNjJYORKCeYwJJ2KDW6GJro= first_key";
32 $key_id1 = rg_keys_add($db, $rg_ui, $key1);
33 33 if ($key_id1 === FALSE) { if ($key_id1 === FALSE) {
34 34 rg_log("Cannot add key 1 (" . rg_keys_error() . ")!"); rg_log("Cannot add key 1 (" . rg_keys_error() . ")!");
35 35 exit(1); exit(1);
 
... ... if ($key_id1 === FALSE) {
37 37
38 38 // insert a key 2 // insert a key 2
39 39 $rg_ui['uid'] = 2; $rg_ui['uid'] = 2;
40 $key = "aaa 'bbb' second_key";
41 $key_id2 = rg_keys_add($db, $rg_ui, $key);
40 $key2 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+2OHaQiZzdwV4HQF9pCBbSQFaoM5Q0YmmRYDL8BUCjwClDgOLp9lQVN5XksoBx2t9INj6XrobjNc/GUF60c1Ald0FtjRl7nIZdYvKDutlxHcGUy6MHsVnCDviXQJD9Hm9fyuBLdy3/oadSCAaQYE/Tcf9rWt1NmhQ7560bCGmh4pw8N+XXAz2nQBCqvIK8VDoBbOOgFa/HOwBrKCgaGmcTGs5wRWHbw3+h6CO1vqEYcSCSqBPMG1JOMfMTuJ0aTXXEkSNPF+TVva85L4qrQslyHbn2JU1t7/HQsFnGtgF1o2AglIR2RbyMmr6axI51Srf20EB9/c9T3auYQipbw85 second_key";
41 $key_id2 = rg_keys_add($db, $rg_ui, $key2);
42 42 if ($key_id2 === FALSE) { if ($key_id2 === FALSE) {
43 43 rg_log("Cannot add key 2 (" . rg_keys_error() . ")!"); rg_log("Cannot add key 2 (" . rg_keys_error() . ")!");
44 44 exit(1); exit(1);
 
... ... if ($c === FALSE) {
60 60 } }
61 61 $e = "command=\"" $e = "command=\""
62 62 . $rg_scripts . "/scripts/remote.sh 1 $key_id1\"," . $rg_scripts . "/scripts/remote.sh 1 $key_id1\","
63 . $rg_ssh_paras . " aaa 'bbb' first_key\n"
63 . $rg_ssh_paras . ' ' . $key1 . "\n"
64 64 . "command=\"" . "command=\""
65 65 . $rg_scripts . "/scripts/remote.sh 2 $key_id2\"," . $rg_scripts . "/scripts/remote.sh 2 $key_id2\","
66 . $rg_ssh_paras . " aaa 'bbb' second_key\n";
66 . $rg_ssh_paras . ' ' . $key2 . "\n";
67 67 if (strcmp($c, $e) != 0) { if (strcmp($c, $e) != 0) {
68 68 rg_log("Generated file does not seems OK!"); rg_log("Generated file does not seems OK!");
69 69 rg_log("e: $e"); rg_log("e: $e");
 
... ... if (strcmp($c, $e) != 0) {
74 74 @unlink("afile.txt"); @unlink("afile.txt");
75 75
76 76
77 // test rg_max_ssh_keys - must fail because overlimit
78 $rg_max_ssh_keys = 1;
79 $key3 = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUiVHDS3rhn79+9YbXXN+npU9tDTzXZHkXZF9BNqI0GrnASuaBU2oJ/UK2OCgGQ45JOlzUCXcP09hHcyPqd4pZdHQhMAImCnm0iRivQ9VhJRRbl/s8kokoStZGAdcW+ETlhUtRXSQOu8U1PXqwUwZCkeE9asmS4Wg9/OO3eDuTMvE3yiNpHKt6TcVYlU6PlsiTFVJrAuIEbXRs5b5luuM+nM17caos0mn6w+kZ3QD9AnX+9pN4VgXKxEHGfWpOCtRDOQb9mTk2bX6MBJrcKtkAPnyYDiaRs1ANG7L4AP6to/gy3A9w6flTAD94gFAm833earIZJnCiavx3/dUWWt3L third_key';
80 $key_id3 = rg_keys_add($db, $rg_ui, $key3);
81 if ($key_id3 !== FALSE) {
82 rg_log("Seems we can add more keys than allowed! Not good!");
83 exit(1);
84 }
85
77 86 // delete a key // delete a key
78 87 $rg_ui['uid'] = 1; $rg_ui['uid'] = 1;
79 $list = array($key_id1 => "junk");
88 $list = array($key_id1 => 'junk');
80 89 $r = rg_keys_remove($db, $rg_ui, $list); $r = rg_keys_remove($db, $rg_ui, $list);
81 90 if ($r === FALSE) { if ($r === FALSE) {
82 91 rg_log("Cannot remove key (" . rg_keys_error() . ")!"); rg_log("Cannot remove key (" . rg_keys_error() . ")!");
 
... ... if ($r === FALSE) {
84 93 } }
85 94
86 95
87 // test rg_max_ssh_keys
88 $rg_max_ssh_keys = 1;
89 // insert a key - should succeed
90 $rg_ui['uid'] = 10;
91 $key = "aaa 'bbb' first_key";
92 $key_id1 = rg_keys_add($db, $rg_ui, $key);
93 if ($key_id1 === FALSE) {
94 rg_log("Cannot add key 1 (" . rg_keys_error() . ")!");
96 rg_log_ml("\n\nTesting a good key");
97 $type = 'ssh-dss';
98 $body = 'AAAAB3NzaC1kc3MAAACBAJLkWtcoCUbWCRXecE907nO1gSh6IrfkD5bsyobrFOp6xYuJvfteKKpE79HUcbEpzIVFNk3mlQf/+k9cFP2Wy8F34UXFk8cXU4FU7z/TM1iHHOHnqFqvzv59LRaaMw4MaHm/4WKdfJy16KOLgosSBzWif3a1nKMdIZuYeIGso7qFAAAAFQC4JU7YoGu2nZQ0fEXFKaRhq+d9UQAAAIEAhgslkwwID6oBBdWx+mUuaXKt/bZcdCfNyjnejxlsZHPfDnayuqCKIgxlhYpiPS6LwiSK5feL55meF33HanCzX53z7ieoW6Je9z2H8/93sCvzk4LMj7XkeEy3G5UnRuL+uc6qrazF7Pu448cQH0pkh6N0zNueQlPpGL4/lHbIiVgAAACAQJup/h36aD9DprosVCQe40nalp7t4o/M75Y70sV7FNrL0azUQcn1ZL+J8F9l/dDRPG3rST2DABgba9pHGWa96vaNfTLnopy3po/296SYQl7/1nek0YtioEikoB+HQxk7eSwRI6bTpKEFNyUnp2/bcNjJYORKCeYwJJ2KDW6GJro=';
99 $comment = 'comment';
100 $key = $type . ' ' . $body . ' ' . $comment;
101 $r = rg_keys_info($key);
102 if ($r['ok'] != 1) {
103 rg_log("Error for a valid key: " . rg_keys_error() . "!");
104 exit(1);
105 }
106
107 rg_log_ml("\n\nTesting the recover when the key is full of spaces because of the paste");
108 $type = 'ssh-dss';
109 $body = 'AAAAB3Nza' . "\n" . 'C1kc3MAAACB' . ' ' . 'AJLkWtcoCUbWCR' . ' '
110 . 'XecE907nO1gSh6IrfkD5bsyobrFOp6xYuJvft' . ' ' . 'eKKpE79HUcbEpzIVFN'
111 . 'k3mlQf/+k9cFP2Wy8F34UXFk8cXU4FU7z/TM1iHHOHnqFqvzv59LRaaMw4MaHm/4WK'
112 . 'dfJy16KOLgosSBzWif3a1nKMdIZuYeIGso7qFAAAAFQC4JU7YoGu2nZQ0fEXFKaRhq'
113 . '+d9UQAAAIEAhgslkwwID6oBBdWx+mUuaXKt/bZcdCfNyjnejxlsZHPfDnayuqCKIgx'
114 . 'lhYpiPS6LwiSK5feL55meF33HanCzX53z7ieoW6Je9z2H8/93sCvzk4LMj7XkeEy3G'
115 . '5UnRuL+uc6qrazF7Pu448cQH0pkh6N0zNueQlPpGL4/lHbIiVgAAACAQJup/h36aD9'
116 . 'DprosVCQe40nalp7t4o/M75Y70sV7FNrL0azUQcn1ZL+J8F9l/dDRPG3rST2DABgba'
117 . '9pHGWa96vaNfTLnopy3po/296SYQl7/1nek0YtioEikoB+HQxk7eSwRI6bTpKEFNyU'
118 . 'np2/bcNjJYORKCeYwJJ2KDW6' . ' ' . 'GJro=';
119 $comment = 'comment1 comment2 comment3';
120 $key = $type . ' ' . $body . ' ' . $comment;
121 $r = rg_keys_info($key);
122 if ($r['ok'] != 1) {
123 rg_log("Error for a valid key (with spaces): " . rg_keys_error() . "!");
124 exit(1);
125 }
126
127 rg_log_ml("\n\nTesting mismatch between types");
128 $type = 'ssh-rsa';
129 $comment = 'comment1 comment2 comment3';
130 $key = $type . ' ' . $body . ' ' . $comment;
131 $r = rg_keys_info($key);
132 if ($r['ok'] != 0) {
133 rg_log("No error for an invalid key (type mismatch)!");
134 exit(1);
135 }
136
137
138 rg_log_ml("\n\nTesing ecdsa key type");
139 $type = 'ecdsa-sha2-nistp256';
140 $body = 'AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDCLAxnMiMaSm+YI+f'
141 . '7RNLafBzv1JUWD/4/MeVf4JdMPN4QaNwXlCe9mR9Lmy1eDd/tW2AsEBfobhFbSI8eHtP4=';
142 $comment = 'comment';
143 $key = $type . ' ' . $body . ' ' . $comment;
144 $r = rg_keys_info($key);
145 if ($r['ok'] != 1) {
146 rg_log("Error for a valid key (ecdsa): " . rg_keys_error() . "!");
95 147 exit(1); exit(1);
96 148 } }
97 // insert a key - must fail because overlimit
98 $key = "aaa 'bbb' second_key";
99 $key_id2 = rg_keys_add($db, $rg_ui, $key);
100 if ($key_id2 !== FALSE) {
101 rg_log("Seems we can add more keys than allowed!");
149 if (strcasecmp($r['fingerprint'], '85:8f:2f:84:c2:db:88:e5:95:f6:22:b9:8d:91:59:cc') != 0) {
150 rg_log("Invalid fingerprint!");
102 151 exit(1); exit(1);
103 152 } }
104 153
105 154
155 rg_log_ml("\n\nTesing ed25519 key type");
156 $type = 'ssh-ed25519';
157 $body = 'AAAAC3NzaC1lZDI1NTE5AAAAIGYlG3R7u0oMzvy9iAzKB29U26U9o3+mXCXODAQYKEEu';
158 $comment = 'comment';
159 $key = $type . ' ' . $body . ' ' . $comment;
160 $r = rg_keys_info($key);
161 if ($r['ok'] != 1) {
162 rg_log("Error for a valid key (ed25519): " . rg_keys_error() . "!");
163 exit(1);
164 }
165 if (strcasecmp($r['fingerprint'], '28:f7:1b:cb:ba:43:0a:41:b8:30:a3:8e:8f:bc:d5:4a') != 0) {
166 rg_log("Invalid fingerprint!");
167 exit(1);
168 }
169
106 170
107 171 rg_sql_close($db); rg_sql_close($db);
108 172
File tests/repo.php changed (mode: 100644) (index 284338f..b14d253)
... ... if ($r['ok'] != 1) {
145 145
146 146 rg_log("Creating git folder."); rg_log("Creating git folder.");
147 147 $e = array(); $e = array();
148 $e = rg_array_merge($e, "ri", $ri);
149 $e['ui::uid'] = $rg_ui['uid'];
148 $e['ui'] = array();
149 $e['ui']['uid'] = $rg_ui['uid'];
150 $e = rg_array_merge($e, 'ri', $ri);
150 151 $r = rg_repo_event_storage_create($db, $e); $r = rg_repo_event_storage_create($db, $e);
151 152 if ($r === FALSE) { if ($r === FALSE) {
152 153 rg_log("Cannot create storage dir (" . rg_repo_error() . ")!"); rg_log("Cannot create storage dir (" . rg_repo_error() . ")!");
File tests/themes/util/func.txt changed (mode: 100644) (index df89500..c275278)
1 @@uid@@ + 1 = @@func:inc:uid@@ | @@uid@@ - 1 = @@func:dec:uid@@ | @@func:dec:uid@@
1 @@uid@@ + 1 = @@FUNC:inc:uid@@ | @@uid@@ - 1 = @@FUNC:dec:uid@@ | @@FUNC:dec:uid@@
File tests/user.php changed (mode: 100644) (index fb88144..645d1bc)
... ... if ($uid === FALSE) {
64 64 } }
65 65
66 66 // Simulate event: link_by_name // Simulate event: link_by_name
67 $ev = array("ui::uid" => $uid, "ui::username" => $_u['username']);
67 $ev = array('ui' => array('uid' => $uid, 'username' => $_u['username']));
68 68 $r = rg_user_link_by_name($db, $ev); $r = rg_user_link_by_name($db, $ev);
69 69 if ($r === FALSE) { if ($r === FALSE) {
70 70 rg_log("Cannot link by name (" . rg_user_error() . ")!"); rg_log("Cannot link by name (" . rg_user_error() . ")!");
File tests/util.php changed (mode: 100644) (index d4e63bd..1679820)
... ... $rg_no_db = TRUE;
14 14 require_once("common.php"); require_once("common.php");
15 15
16 16
17 // Test rg_prepare_replace_helper
18 $a = array('a' => 'A', 'arr' => array('bb' => 'BB', 'HTML:cc' => 'È™'));
19 $what = array();
20 $value = array();
21 $r = rg_prepare_replace($a, $what, $values);
22 $r2 = preg_replace($what, $values, '@@a@@-@@arr::bb@@-@@arr::cc@@-@@alien@@');
23 $e = 'A-BB-È™-@@alien@@';
24 if (strcmp($r2, $e) != 0) {
25 rg_log("prepare_replace_helper is not working as expeceted!");
26 rg_log_ml("e: $e");
27 rg_log_ml("r2: $r2");
17 rg_log("Testing template_tree_lookup1");
18 $var = 'a::b';
19 $e = '<';
20 $data = array('a' => array('HTML:b' => '<'));
21 $r = rg_template_tree_lookup($var, $data, TRUE /*xss_protection*/);
22 if (strcmp($r, $e) != 0) {
23 rg_log("rg_template_string [template_tree_lookup1] is not working as expected [$r] != [$e]!");
24 exit(1);
25 }
26
27 // Test: rg_template_tree_lookup
28 $data = array('a' => array('a2' => array('a3' => 'X')));
29 $e = 'X';
30 $r = rg_template_tree_lookup('a::a2::a3', $data, FALSE /*xss*/);
31 if (strcmp($r, $e) != 0) {
32 rg_log("tree_lookup is not working as expected!");
33 exit(1);
34 }
35
36
37 rg_log("Testing ::+nesting");
38 $s = '@@a::b@@';
39 $e = '&lt;';
40 $data = array('a' => array('b' => '<'));
41 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
42 if (strcmp($r, $e) != 0) {
43 rg_log("rg_template_string [::+nesting] is not working as expected [$r] != [$e]!");
44 exit(1);
45 }
46
47 rg_log("Testing ::+nesting-html0");
48 $s = '@@a@@';
49 $e = 'Y';
50 $data = array('HTML:a' => 'Y');
51 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
52 if (strcmp($r, $e) != 0) {
53 rg_log("rg_template_string [::+nesting-html0] is not working as expected [$r] != [$e]!");
54 exit(1);
55 }
56
57 rg_log("Testing ::+nesting-html");
58 $s = '@@a::b@@';
59 $e = '<';
60 $data = array('a' => array('HTML:b' => '<'));
61 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
62 if (strcmp($r, $e) != 0) {
63 rg_log("rg_template_string [::+nesting-html] is not working as expected [$r] != [$e]!");
64 exit(1);
65 }
66
67 rg_log("Testing nesting");
68 $s = '@@if(@@x@@ == 0){{@@if(@@x@@ == 0){{@@if(@@x@@ == 0){{3}}{{!3}}}}{{!2}}}}{{!1}}';
69 $e = '3';
70 $data = array('x' => 0);
71 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
72 if (strcmp($r, $e) != 0) {
73 rg_log("rg_template_string [3 nested] is not working as expected [$r] != [$e]!");
74 exit(1);
75 }
76
77 rg_log("Testing nesting with false");
78 $s = '@@if(@@x@@ == 0){{@@if(@@x@@ != 0){{}}{{@@if(@@x@@ == 0){{3}}{{!3}}}}}}{{!1}}';
79 $e = '3';
80 $data = array('x' => 0);
81 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
82 if (strcmp($r, $e) != 0) {
83 rg_log("rg_template_string [3 nested false] is not working as expected [$r] != [$e]!");
28 84 exit(1); exit(1);
29 85 } }
30 86
87 rg_log("Testing string compared with int");
88 $s = '@@if(@@x@@ == 0){{A}}';
89 $e = 'A';
90 $data = array('x' => 0);
91 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
92 if (strcmp($r, $e) != 0) {
93 rg_log("rg_template_string [string int] is not working as expected [$r] != [$e]!");
94 exit(1);
95 }
96
97 rg_log("Testing !=");
98 $s = '@@if(x != 0)123456789{{A}}';
99 rg_log("s=$s");
100 $e = 'A';
101 $data = array();
102 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
103 if (strcmp($r, $e) != 0) {
104 rg_log("rg_template_string [!=] is not working as expected [$r] != [$e]!");
105 exit(1);
106 }
107
108 // Test: empty if
109 $s = '@@if(x == x)123456789{{}}';
110 rg_log("s=$s");
111 $e = '';
112 $data = array();
113 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
114 if (strcmp($r, $e) != 0) {
115 rg_log("rg_template_string [empty if] is not working as expected [$r] != [$e]!");
116 exit(1);
117 }
118
119 // Test: empty if
120 $s = '@@if(x == x)123456789{{}}{{}}';
121 rg_log("s=$s");
122 $e = '';
123 $data = array();
124 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
125 if (strcmp($r, $e) != 0) {
126 rg_log("rg_template_string [empty if with false] is not working as expected [$r] != [$e]!");
127 exit(1);
128 }
129
130 // Test: rg_template_string with if (negate)
131 $s = 'Start@@if(@@v@@ != x)123456789{{@@a@@}} x {{alien}}End';
132 rg_log("s=$s");
133 $data = array('a' => '<>', 'v' => 'x2');
134 $e = 'Start&lt;&gt; x {{alien}}End';
135 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
136 if (strcmp($r, $e) != 0) {
137 rg_log("rg_template_string [simple if true xss neg] is not working as expected [$r] != [$e]!");
138 exit(1);
139 }
140
141 // Test: rg_template_string with if
142 $s = 'Start@@if(@@v@@ == x)123456789{{@@a@@}} x {{alien}}End';
143 rg_log("s=$s");
144 $data = array('a' => '<>', 'v' => 'x');
145 $e = 'Start&lt;&gt; x {{alien}}End';
146 $r = rg_template_string($s, 0, $data, TRUE /*xss*/);
147 if (strcmp($r, $e) != 0) {
148 rg_log("rg_template_string [simple if true xss] is not working as expected [$r] != [$e]!");
149 exit(1);
150 }
151
152 // Test: rg_template_string with if
153 $s = '@@if("" == "")123456789{{A}}';
154 rg_log("s=$s");
155 $data = array();
156 $e = 'A';
157 $r = rg_template_string($s, 0, $data, FALSE /*xss*/);
158 if (strcmp($r, $e) != 0) {
159 rg_log("rg_template_string [simple if true] is not working as expected [$r] != [$e]!");
160 exit(1);
161 }
162
163 // Test: rg_template_string with if
164 $s = '@@if("a" != "")123456789{{A}}';
165 rg_log("s=$s");
166 $data = array();
167 $e = 'A';
168 $r = rg_template_string($s, 0, $data, FALSE /*xss*/);
169 if (strcmp($r, $e) != 0) {
170 rg_log("rg_template_string [simple if false] is not working as expected [$r] != [$e]!");
171 exit(1);
172 }
173
174 // Test: rg_template_string with if
175 $s = '@@if("" != "")123456789{{A}}{{B}}';
176 rg_log("s=$s");
177 $data = array();
178 $e = 'B';
179 $r = rg_template_string($s, 0, $data, FALSE /*xss*/);
180 if (strcmp($r, $e) != 0) {
181 rg_log("rg_template_string [if without gap] is not working as expected [$r] != [$e]!");
182 exit(1);
183 }
184
185 // Test: rg_template_string with if (with gap)
186 $s = "@@if(\"\" != \"\")123456789{{A}} \n\t {{B}}";
187 rg_log("s=$s");
188 $data = array();
189 $e = 'B';
190 $r = rg_template_string($s, 0, $data, FALSE /*xss*/);
191 if (strcmp($r, $e) != 0) {
192 rg_log("rg_template_string [if with gap] is not working as expected [$r] != [$e]!");
193 exit(1);
194 }
195
196 // Test: rg_template_string
197 $data = array();
198 $s = '@@a::a2@@ @@b@@ @@b@@';
199 $e = $s;
200 $r = rg_template_string($s, 0, $data, FALSE /*xss*/);
201 if (strcmp($r, $e) != 0) {
202 rg_log("rg_template_string [empty data] is not working as expected [$r] != [$e]!");
203 exit(1);
204 }
205
206 $s = '@@a::a2@@ @@b@@ @@b@@ @@c@@';
207 $data = array(
208 'a' => array('a2' => 'a3'),
209 'b' => 'X'
210 );
211 $e = 'a3 X X @@c@@';
212 $r = rg_template_string($s, 0, $data, FALSE /*xss*/);
213 if (strcmp($r, $e) != 0) {
214 rg_log("rg_template_string [second level] is not working as expected [$r] != [$e]!");
215 exit(1);
216 }
217
218
31 219 // Test template functions // Test template functions
32 function inc($v) { return $v + 1; }
33 function dec($v) { return $v - 1; }
220 function inc($v) { rg_log("DEBUG: inc called with v=$v"); return $v + 1; }
221 function dec($v) { rg_log("DEBUG: dec called with v=$v"); return $v - 1; }
34 222 rg_template_func("inc", "inc"); rg_template_func("inc", "inc");
35 223 rg_template_func("dec", "dec"); rg_template_func("dec", "dec");
36 224 $_rg = array("uid" => 5); $_rg = array("uid" => 5);
37 $r = trim(rg_template("func.txt", $_rg));
225 $r = trim(rg_template("func.txt", $_rg, TRUE /*xss*/));
38 226 $e = "5 + 1 = 6 | 5 - 1 = 4 | 4"; $e = "5 + 1 = 6 | 5 - 1 = 4 | 4";
39 227 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
40 228 rg_log("template func1 test failed [$r] != [$e]"); rg_log("template func1 test failed [$r] != [$e]");
 
... ... if ($r !== TRUE) {
76 264 } }
77 265
78 266
79 rg_log("util.php: testing function rg_prepare_replace_helper...");
80 $what = array(); $values = array();
81 $a = array("a" => "b");
82 rg_prepare_replace_helper($a, "", $what, $values);
83 $w = rg_array2string($what);
84 $v = rg_array2string($values);
85 $ew = "a=[/@@a@@/uU]";
86 $ev = "a=[b]";
87 if ((strcmp($w, $ew) != 0) || (strcmp($v, $ev) != 0)) {
88 rg_log("Wrong prepare_replace: [$w] != [$ew] OR [$v] != [$ev]!");
89 exit(1);
90 }
91
92 $what = array(); $values = array();
93 $a = array("ri" => array("repo_id" => "1", "name" => "repo1"));
94 rg_prepare_replace_helper($a, "", $what, $values);
95 $w = rg_array2string($what);
96 $v = rg_array2string($values);
97 $ew = "ri::repo_id=[/@@ri\:\:repo_id@@/uU] ri::name=[/@@ri\:\:name@@/uU]";
98 $ev = "ri::repo_id=[1] ri::name=[repo1]";
99 if ((strcmp($w, $ew) != 0) || (strcmp($v, $ev) != 0)) {
100 rg_log("Wrong prepare_replace: [$w] != [$ew] OR [$v] != [$ev]!");
101 exit(1);
102 }
103
104
105 267 $r = rg_exec("/xxxx"); $r = rg_exec("/xxxx");
106 268 if ($r['ok'] == 1) { if ($r['ok'] == 1) {
107 269 rg_log("util.php: running non existing command does not return 0!"); rg_log("util.php: running non existing command does not return 0!");
 
... ... if (strcmp($r, $e) != 0) {
146 308 $t = "test rg_template with conditional formating (false)"; $t = "test rg_template with conditional formating (false)";
147 309 rg_log($t); rg_log($t);
148 310 $data = array("X" => "0", "A" => "Avalue", "B" => "Bvalue"); $data = array("X" => "0", "A" => "Avalue", "B" => "Bvalue");
149 $r = rg_template("t3/c1", $data);
311 $r = rg_template("t3/c1", $data, TRUE /*xss*/);
150 312 $e = "XXBvalueYY"; $e = "XXBvalueYY";
151 313 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
152 314 rg_log("util.php: $t: not working (r=$r e=$e)!"); rg_log("util.php: $t: not working (r=$r e=$e)!");
 
... ... if (strcmp($r, $e) != 0) {
156 318 $t = "test rg_template with conditional formating (true)"; $t = "test rg_template with conditional formating (true)";
157 319 rg_log($t); rg_log($t);
158 320 $data = array("X" => "1", "A" => "Avalue", "B" => "Bvalue"); $data = array("X" => "1", "A" => "Avalue", "B" => "Bvalue");
159 $r = rg_template("t3/c1", $data);
321 $r = rg_template("t3/c1", $data, TRUE /*xss*/);
160 322 $e = "XXAvalueYY"; $e = "XXAvalueYY";
161 323 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
162 324 rg_log("util.php: $t: not working (r=$r e=$e)!"); rg_log("util.php: $t: not working (r=$r e=$e)!");
 
... ... if (strcmp($r, $e) != 0) {
166 328 $t = "test rg_template with conditional formating (multiline)"; $t = "test rg_template with conditional formating (multiline)";
167 329 rg_log($t); rg_log($t);
168 330 $data = array("X" => "1", "A" => "Avalue", "B" => "Bvalue"); $data = array("X" => "1", "A" => "Avalue", "B" => "Bvalue");
169 $r = rg_template("t3/c1", $data);
331 $r = rg_template("t3/c1", $data, TRUE /*xss*/);
170 332 $e = "XXAvalueYY"; $e = "XXAvalueYY";
171 333 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
172 334 rg_log("util.php: $t: not working (r=$r e=$e)!"); rg_log("util.php: $t: not working (r=$r e=$e)!");
 
... ... $t = "test rg_template with conditional formating (nested 1)";
177 339 rg_log($t); rg_log($t);
178 340 $data = array("X" => "1", "Y" => "1", "A" => "Avalue", "B" => "Bvalue", $data = array("X" => "1", "Y" => "1", "A" => "Avalue", "B" => "Bvalue",
179 341 "R" => "Rvalue", "T" => "Tvalue"); "R" => "Rvalue", "T" => "Tvalue");
180 $r = rg_template("t3/c3", $data);
342 $r = rg_template("t3/c3", $data, TRUE /*xss*/);
181 343 $e = "XXRvalueZZYY"; $e = "XXRvalueZZYY";
182 344 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
183 345 rg_log("util.php: $t: not working (r=$r e=$e)!"); rg_log("util.php: $t: not working (r=$r e=$e)!");
 
... ... $t = "test rg_template with conditional formating (nested 2)";
188 350 rg_log($t); rg_log($t);
189 351 $data = array("X" => "1", "Y" => "0", "A" => "Avalue", "B" => "Bvalue", $data = array("X" => "1", "Y" => "0", "A" => "Avalue", "B" => "Bvalue",
190 352 "R" => "Rvalue", "T" => "Tvalue"); "R" => "Rvalue", "T" => "Tvalue");
191 $r = rg_template("t3/c3", $data);
353 $r = rg_template("t3/c3", $data, TRUE /*xss*/);
192 354 $e = "XXTvalueZZYY"; $e = "XXTvalueZZYY";
193 355 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
194 356 rg_log("util.php: $t: not working (r=$r e=$e)!"); rg_log("util.php: $t: not working (r=$r e=$e)!");
 
... ... $t = "test rg_template with conditional formating (nested 3)";
199 361 rg_log($t); rg_log($t);
200 362 $data = array("X" => "0", "Y" => "1", "A" => "Avalue", "B" => "Bvalue", $data = array("X" => "0", "Y" => "1", "A" => "Avalue", "B" => "Bvalue",
201 363 "R" => "Rvalue", "T" => "Tvalue"); "R" => "Rvalue", "T" => "Tvalue");
202 $r = rg_template("t3/c3", $data);
364 $r = rg_template("t3/c3", $data, TRUE /*xss*/);
203 365 $e = "XXBvalueYY"; $e = "XXBvalueYY";
204 366 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
205 367 rg_log("util.php: $t: not working (r=$r e=$e)!"); rg_log("util.php: $t: not working (r=$r e=$e)!");
 
... ... if (strcmp($r, $e) != 0) {
209 371 $t = "test rg_template with conditional formating (nested nested 1)"; $t = "test rg_template with conditional formating (nested nested 1)";
210 372 rg_log($t); rg_log($t);
211 373 $data = array("X" => "1", "Y" => "1", "Z" => "1"); $data = array("X" => "1", "Y" => "1", "Z" => "1");
212 $r = rg_template("t3/c4", $data);
374 $r = rg_template("t3/c4", $data, TRUE /*xss*/);
213 375 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
214 376 $e = "XXTRUE_LEVEL_2YY"; $e = "XXTRUE_LEVEL_2YY";
215 377 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
220 382 $t = "test rg_template with conditional formating (nested nested 2)"; $t = "test rg_template with conditional formating (nested nested 2)";
221 383 rg_log($t); rg_log($t);
222 384 $data = array("X" => "1", "Y" => "0", "Z" => "1"); $data = array("X" => "1", "Y" => "0", "Z" => "1");
223 $r = rg_template("t3/c4", $data);
385 $r = rg_template("t3/c4", $data, TRUE /*xss*/);
224 386 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
225 387 $e = "XXFALSE_LEVEL_1YY"; $e = "XXFALSE_LEVEL_1YY";
226 388 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
231 393 $t = "test rg_template with conditional formating (nested nested 2)"; $t = "test rg_template with conditional formating (nested nested 2)";
232 394 rg_log($t); rg_log($t);
233 395 $data = array("X" => "0", "Y" => "1", "Z" => "1"); $data = array("X" => "0", "Y" => "1", "Z" => "1");
234 $r = rg_template("t3/c4", $data);
396 $r = rg_template("t3/c4", $data, TRUE /*xss*/);
235 397 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
236 398 $e = "XXFALSE_LEVEL_0YY"; $e = "XXFALSE_LEVEL_0YY";
237 399 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
242 404 $t = "test rg_template with conditional formating (nested nested 3)"; $t = "test rg_template with conditional formating (nested nested 3)";
243 405 rg_log($t); rg_log($t);
244 406 $data = array("X" => "0", "Y" => "0", "Z" => "0"); $data = array("X" => "0", "Y" => "0", "Z" => "0");
245 $r = rg_template("t3/c5", $data);
407 $r = rg_template("t3/c5", $data, TRUE /*xss*/);
246 408 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
247 409 $e = "XX-X0Y0Z0-YY"; $e = "XX-X0Y0Z0-YY";
248 410 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
253 415 $t = "test rg_template with conditional formating (nested nested 4)"; $t = "test rg_template with conditional formating (nested nested 4)";
254 416 rg_log($t); rg_log($t);
255 417 $data = array("X" => "0", "Y" => "1", "Z" => "0"); $data = array("X" => "0", "Y" => "1", "Z" => "0");
256 $r = rg_template("t3/c5", $data);
418 $r = rg_template("t3/c5", $data, TRUE /*xss*/);
257 419 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
258 420 $e = "XX-X0Y1Z0-YY"; $e = "XX-X0Y1Z0-YY";
259 421 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
264 426 $t = "test rg_template with conditional formating (empty)"; $t = "test rg_template with conditional formating (empty)";
265 427 rg_log($t); rg_log($t);
266 428 $data = array(); $data = array();
267 $r = rg_template("t3/c6", $data);
429 $r = rg_template("t3/c6", $data, TRUE /*xss*/);
268 430 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
269 431 $e = "A"; $e = "A";
270 432 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
275 437 $t = "test rg_template with conditional formating (quotes)"; $t = "test rg_template with conditional formating (quotes)";
276 438 rg_log($t); rg_log($t);
277 439 $data = array("a" => "abc"); $data = array("a" => "abc");
278 $r = rg_template("t3/c6b", $data);
440 $r = rg_template("t3/c6b", $data, TRUE /*xss*/);
279 441 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
280 442 $e = "AY"; $e = "AY";
281 443 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
286 448 $t = "test rg_template with conditional formating (!empty)"; $t = "test rg_template with conditional formating (!empty)";
287 449 rg_log($t); rg_log($t);
288 450 $data = array("AAA" => ""); $data = array("AAA" => "");
289 $r = rg_template("t3/c7", $data);
451 $r = rg_template("t3/c7", $data, TRUE /*xss*/);
290 452 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
291 453 $e = "B"; $e = "B";
292 454 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
294 456 exit(1); exit(1);
295 457 } }
296 458
297 $t = "test rg_replace_lookup";
298 rg_log($t);
299 $data = array("AAA" => "1", "BBB" => "2", "CCC" => "1");
300 $r = rg_replace_lookup($data, "@@AAA@@@@BBB@@@@CCC@@");
301 $e = "121";
302 if (strcmp($r, $e) != 0) {
303 rg_log("util.php: $t: not working (r=[$r] e=[$e])!");
304 exit(1);
305 }
306
307 459 $t = "test rg_template with conditional formating (a variable contains '{{')"; $t = "test rg_template with conditional formating (a variable contains '{{')";
308 460 rg_log($t); rg_log($t);
309 461 $data = array("AAA" => "1", "BBB" => "}}", "CCC" => "{{"); $data = array("AAA" => "1", "BBB" => "}}", "CCC" => "{{");
310 $r = rg_template("t3/c8", $data);
462 $r = rg_template("t3/c8", $data, TRUE /*xss*/);
311 463 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
312 464 $e = "}}"; $e = "}}";
313 465 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
318 470 $t = "test rg_template with conditional formating: false branch is empty)"; $t = "test rg_template with conditional formating: false branch is empty)";
319 471 rg_log($t); rg_log($t);
320 472 $data = array("X" => "abc"); $data = array("X" => "abc");
321 $r = rg_template("t3/c9", $data);
473 $r = rg_template("t3/c9", $data, TRUE /*xss*/);
322 474 $r = preg_replace('/\s/', '', $r); $r = preg_replace('/\s/', '', $r);
323 475 $e = "XXBLABLABLAabcYYabc"; $e = "XXBLABLABLAabcYYabc";
324 476 if (strcmp($r, $e) != 0) { if (strcmp($r, $e) != 0) {
 
... ... if (strcmp($r, $e) != 0) {
326 478 exit(1); exit(1);
327 479 } }
328 480
481 $t = "test rg_template with conditional formating: false branch is empty, no space stripping)";
482 rg_log($t);
483 $data = array("X" => "abc");
484 $r = rg_template("t3/c9", $data, TRUE /*xss protection*/);
485 $e = "XX\n\tBLA\n\tBLA\n\tBLA\n\tabc\nYY\nabc\n";
486 if (strcmp($r, $e) != 0) {
487 rg_log("util.php: $t: not working (r=[$r] e=[$e])!");
488 exit(1);
489 }
490
329 491 $t = "test rg_copy_tree"; $t = "test rg_copy_tree";
330 492 rg_log($t); rg_log($t);
331 493 $r = rg_copy_tree("tree1", "tree1.copy", 0755); $r = rg_copy_tree("tree1", "tree1.copy", 0755);
 
... ... if (strcmp($x2, $e) != 0) {
358 520
359 521 $src = array(); $src = array();
360 522 $a = array("u" => "uval", "HTML:A" => "Aval"); $a = array("u" => "uval", "HTML:A" => "Aval");
361 $x = rg_array_merge($src, "X", $a);
362 if (strcmp($x['X::u'], "uval") != 0) {
523 $x = rg_array_merge($src, 'X', $a);
524 if (strcmp($x['X']['u'], "uval") != 0) {
363 525 rg_log("array_merge is not working correctly (2)!"); rg_log("array_merge is not working correctly (2)!");
364 526 print_r($x); print_r($x);
365 527 exit(1); exit(1);
366 528 } }
367 if (strcmp($x['HTML:X::A'], "Aval") != 0) {
529 if (strcmp($x['X']['HTML:A'], "Aval") != 0) {
368 530 rg_log("array_merge is not working correctly (1)!"); rg_log("array_merge is not working correctly (1)!");
369 531 print_r($x); print_r($x);
370 532 exit(1); exit(1);
Hints:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main