RocketGit

catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)

Main RocketGit repo

Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit

List of commits:

Subject	Hash	Author	Date (UTC)
Bot prevention should not be active for edit operation	371c60a486ea989fafb66266cab71ea9f7db0269	Catalin(ux) M. BOIE	2020-08-23 15:02:13
TODO update	32591f3b1cf054bd70411592e5a82f5898d7da2f	Catalin(ux) M. BOIE	2020-08-23 15:01:51
Show also by which protocol a user is connecting	d35b5b12103f9a72a3e8788e7c48532b9c1e5b89	Catalin(ux) M. BOIE	2020-08-23 15:01:30
Fixed a small locking issue (unlock without lock)	0d1e7915545de251eea7f3bce468647fc2df1bf9	Catalin(ux) M. BOIE	2020-08-23 15:00:58
Give up the cache if we cannot connect in 150ms	dad6cf20f9f4bdbfe2026809a404e852e7cd8e53	Catalin(ux) M. BOIE	2020-08-23 15:00:20
Limit the number of repositories in the discover page	a0de6d683b59934168ef8415c9ec716aef68b195	Catalin(ux) M. BOIE	2020-08-23 14:58:37
Added support for other branch then master (main prefered)	1108f43c3639ffcc06f1314d901640564fae7483	Catalin(ux) M. BOIE	2020-08-23 14:55:51
Added possibility for admin to mail users	05068314021bbdf6f26bc92bee47177b170b2a1c	Catalin(ux) M. BOIE	2020-08-23 14:43:10
CSS: small fixes	e4a39879513e000b5d9be588201916950fa629fc	Catalin(ux) M. BOIE	2020-08-23 14:03:23
Cosmetic	cbe42130692ed9b876746e6c97f4fb32439c6190	Catalin(ux) M. BOIE	2020-08-23 13:59:00
Default statistics are now per month	c312ad532190fe566f2243881a883568b4f77c23	Catalin(ux) M. BOIE	2020-08-23 12:35:36
events: when splitting an event we need a transaction	e685c800814365661b348c0d04aa8c0b3605ed7e	Catalin(ux) M. BOIE	2020-08-21 04:35:17
Fix for a bug preventing partition table to be created in advance	51049495934efa8c7bca710c6f2538f34bc4de9a	Catalin(ux) M. BOIE	2020-08-20 04:03:49
cron fixes	910c74f83740da015d654193025cd6433324a1da	Catalin(ux) M. BOIE	2020-08-20 03:41:07
replaced 'slave' with 'part'	348a2afcaedd77c7513b5e7dd05364f5e9ae7a87	Catalin(ux) M. BOIE	2020-08-20 03:40:43
Make cron tasks more resilient in case the machine is stopped	afbe8607b4608862787bf696f71027beb345701f	Catalin(ux) M. BOIE	2020-08-19 06:08:34
Cosmetic	21956573027d83eb45913b6bf30eeb57e602aea4	Catalin(ux) M. BOIE	2020-08-19 06:07:45
Added time of upload for artifacts	fd33fe0aeef09f66d74f3ec1554312a2fa5e2642	Catalin(ux) M. BOIE	2020-08-19 06:06:54
css fixes for table scroll	77e486f3c9e3c9356985d3c21bc713d8a8d0e223	Catalin(ux) M. BOIE	2020-08-19 06:02:09
Added git repo size	9828b1fe96e2217ead8863f7a7c0ee3599d16633	Catalin(ux) M. BOIE	2020-08-19 06:01:27

Commit 371c60a486ea989fafb66266cab71ea9f7db0269 - Bot prevention should not be active for edit operation
Author: Catalin(ux) M. BOIE
Author date (UTC): 2020-08-23 15:02
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2020-08-23 15:02
Parent(s): 32591f3b1cf054bd70411592e5a82f5898d7da2f
Signing key:
Tree: 01eb75b178178e7fcaf17a80268dde2bf1e7987d

File	Lines added	Lines deleted
inc/user.inc.php	14	12
tests/http_create_account.php	4	1

File inc/user.inc.php changed (mode: 100644) (index 9f33f58..c99646c)
...	...	function rg_user_edit_high_level($db, &$rg)
1999	1999	}	}
2000	2000
2001	2001	// We try to prevent bots to create accounts	// We try to prevent bots to create accounts
2002		$gen = rg_var_str('gen');
2003		if (empty($gen)) {
2004		$diff = 0;
2005		} else {
2006		$xgen1 = substr($gen, 3);
2007		$xgen2 = substr($gen, 0, 3);
2008		$diff = ($gen1 - $xgen1) * 1000 + $gen2 - $xgen2;
2009		}
2010		if ($diff < 2000) {
2011		rg_log('Bot tried to create account in ' . $diff . 'ms');
2012		$errmsg[] = 'invalid token; try again';
2013		break;
	2002		if ($rg['target_ui']['uid'] == 0) {
	2003		$gen = rg_var_str('gen');
	2004		if (empty($gen)) {
	2005		$diff = 0;
	2006		} else {
	2007		$xgen1 = substr($gen, 3);
	2008		$xgen2 = substr($gen, 0, 3);
	2009		$diff = ($gen1 - $xgen1) * 1000 + $gen2 - $xgen2;
	2010		}
	2011		if ($diff < 2000) {
	2012		rg_log('Bot tried to create account in ' . $diff . 'ms');
	2013		$errmsg[] = 'invalid token; try again';
	2014		break;
	2015		}
2014	2016	}	}
2015	2017
2016	2018	if ($ui['tos'] != 1) {	if ($ui['tos'] != 1) {

File tests/http_create_account.php changed (mode: 100644) (index 422e31f..80e2fd1)
...	...	if ($r === FALSE) {
27	27	exit(1);	exit(1);
28	28	}	}
29	29	$good_token = $r['tokens']['user_edit_hl'];	$good_token = $r['tokens']['user_edit_hl'];
	30		$gen = $r['inputs']['gen'];
30	31
31	32	$uniq = rg_id(16);	$uniq = rg_id(16);
32	33
	34		sleep(2); // bot protection
33	35	rg_log('Adding an account without accepting tos...');	rg_log('Adding an account without accepting tos...');
34	36	$username = "http1-$uniq<xss>";	$username = "http1-$uniq<xss>";
35	37	$data = array(	$data = array(

...	...	$data = array(
42	44	"pass" => "cucurigu<xss>",	"pass" => "cucurigu<xss>",
43	45	"pass2" => "cucurigu<xss>",	"pass2" => "cucurigu<xss>",
44	46	"plan_id" => 9,	"plan_id" => 9,
45		"session_time" => 60
	47		"session_time" => 60,
	48		'gen' => $gen
46	49	);	);
47	50	$headers = array();	$headers = array();
48	51	$r = do_req($test_url . "/op/create_account?t=create_account", $data, $headers);	$r = do_req($test_url . "/op/create_account?t=create_account", $data, $headers);

Hints:
Before first commit, do not forget to setup your git environment:

git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):

git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):

git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:

git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:

... clone the repository ...
... make some changes and some commits ...
git push origin main