catalinux / rocketgit (public) (License: Affero GPLv3) (since 2015-03-19) (hash sha1)
Main RocketGit repo
Clone URLs: https://rocketgit.com/user/catalinux/rocketgit ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit git://git.rocketgit.com/user/catalinux/rocketgit
v0.0 v0.1 v0.10 v0.11 v0.12 v0.13 v0.14 v0.15 v0.17 v0.18 v0.19 v0.2 v0.20 v0.21 v0.22 v0.23 v0.24 v0.25 v0.27 v0.28 v0.29 v0.31 v0.32 v0.33 v0.34 v0.35 v0.36 v0.38 v0.39 v0.40 v0.41 v0.42 v0.43 v0.44 v0.45 v0.46 v0.47 v0.48 v0.49 v0.50 v0.51 v0.52 v0.53 v0.54 v0.55 v0.56 v0.57 v0.58 v0.60 v0.61 v0.62 v0.63 v0.64 v0.65 v0.66 v0.67 v0.68 v0.69 v0.70 v0.71 v0.72 v0.73 v0.77 v0.78 group1/branch1 group2/subgroup1/branch2 main master release
List of commits:
Subject Hash Author Date (UTC)
Test CSRF token for the rights for a repo. e2d32e100f724e80ee623f191784ce429156ac39 Catalin(ux) M. BOIE 2012-03-22 03:54:37
Fixed anon push without create branch rights 3d474b7a569b16d87a426d4c3b971a50b3299894 Catalin(ux) M. BOIE 2012-03-22 03:43:06
Use rg_repos for repositories e5bda9469fddee7f201c22dfd89292830f4c342b Catalin(ux) M. BOIE 2012-03-22 03:42:06
Corrected <label> tags 7e8621e79480b8964e04de8c54f10f1a702ea1fd Catalin(ux) M. BOIE 2012-03-20 04:25:38
Fixed unit testing 31bfe5672e7d3b620d0e7b3c07ff72d84c149001 Catalin(ux) M. BOIE 2012-03-17 17:21:21
Fixed hook_update.sh unit testing 86c4079e81efc5a4a7878e91d8f4318e443961f7 Catalin(ux) M. BOIE 2012-03-16 22:32:35
Bulk updates f696473a7faee50782d3cc01e96cc85e7900b3de Catalin(ux) M. BOIE 2012-03-14 04:38:23
Style changes. 87e30b1df29b7c6efa438be1cf369192a8068655 Catalin(ux) M. BOIE 2012-02-19 22:50:22
Bulk 0923407bff68a58a0b7b034f8a6b4489ece5b237 Catalin(ux) M. BOIE 2012-02-12 22:21:44
Bulk update 30310488bca37cefeba96b52b71c9c3e72c32907 Catalin(ux) M. BOIE 2011-12-15 23:34:03
Profiling tests. afd1df2940fe440cde9b8ede988ff24c051a10d6 Catalin(ux) M. BOIE 2011-11-03 22:10:13
More bulk updates. a2a2e2545eaad61d0c675ea2afb801f207534515 Catalin(ux) M. BOIE 2011-11-03 22:09:34
Another round of bulk updates. 45bb00a88c420d439b4dd19971808722e4a70895 Catalin(ux) M. BOIE 2011-10-24 22:31:14
Bulk update. Mostly css. 04734cd7cfc4fd4ec55dad70a3490f3065027639 Catalin(ux) M. BOIE 2011-10-03 23:18:26
Added rg_exec function and converted all calls from exec to rg_exec. 097157e5886dace2b9f67ca238a1063a3baff4a0 Catalin(ux) M. BOIE 2011-09-28 03:28:49
Another round of bulk updates cb9dbb75518ab3c214167646197ca7eb0de8e4e6 Catalin(ux) M. BOIE 2011-09-26 19:22:12
Bulk updates cad0c710542dc3fb072268eba40b0abe11217fa9 Catalin(ux) M. BOIE 2011-09-21 20:25:23
Bulk changes. d5274ef5f261086a2af6bd19ac04061bb3d55584 Catalin(ux) M. BOIE 2011-09-15 20:16:46
Store the fist instalation date in 'state' table. e4ba8a9239e72e8de5eed0b3bb1f2a5f2d429105 Catalin(ux) M. BOIE 2011-08-31 16:14:44
Bulk changes. 645d3deb19e399c05a8b14dd88c5151520482b6a Catalin(ux) M. BOIE 2011-08-25 20:39:25
Commit e2d32e100f724e80ee623f191784ce429156ac39 - Test CSRF token for the rights for a repo.
Author: Catalin(ux) M. BOIE
Author date (UTC): 2012-03-22 03:54
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2012-03-22 03:54
Parent(s): 3d474b7a569b16d87a426d4c3b971a50b3299894
Signing key:
Tree: f6bd49d211230350bfb1792af3f7b743c9280a27
File Lines added Lines deleted
TODO 1 3
inc/admin/users/edit.php 0 1
inc/user/repo/edit/edit.php 0 1
inc/user/repo/rights/rights.php 5 0
File TODO changed (mode: 100644) (index 02bb8c1..1812b68)
1 1 == BEFORE FIRST RELEASE! == == BEFORE FIRST RELEASE! ==
2 2 [ ] $rg_pass_key should be done in init.php [ ] $rg_pass_key should be done in init.php
3 3 [ ] Test and fix update.php script. [ ] Test and fix update.php script.
4 [ ] Check if rewinds are working as expected.
5 4 [ ] Fix the "edit repo" page! [ ] Fix the "edit repo" page!
6 [ ] 'cop' variable is not good - I do not remember what it means!
7 [ ] CSRF token is not used in admin page for an ordinary user!
8 5 [ ] Update db structure at any function call (after an upgrade). (Deny any operation till schema update is done.) [ ] Update db structure at any function call (after an upgrade). (Deny any operation till schema update is done.)
9 6 [ ] Check if repo_path is valid from security pov. [ ] Check if repo_path is valid from security pov.
10 7 [ ] Make available the push requests. [ ] Make available the push requests.
 
12 9
13 10 == Normal priority == == Normal priority ==
14 11 [ ] [ ]
12 [ ] 'cop' variable is not good - I do not remember what it means!
15 13 [ ] $blocks = explode("@@left@@-=ROCKETGIT=-@@left@@", $a) - seems that \0 is replaced! [ ] $blocks = explode("@@left@@-=ROCKETGIT=-@@left@@", $a) - seems that \0 is replaced!
16 14 [ ] Changing repo name probably is not working right. [ ] Changing repo name probably is not working right.
17 15 [ ] Check XSRF attacks and other types. [ ] Check XSRF attacks and other types.
File inc/admin/users/edit.php changed (mode: 100644) (index 5bb01e3..8e48fa6)
... ... $show_form = 1;
9 9 $errmsg = array(); $errmsg = array();
10 10
11 11 if ($doit == 1) { if ($doit == 1) {
12 // TODO: Check if user has the right to edit this info!
13 12 if (!rg_token_valid($db, $sid, $token)) { if (!rg_token_valid($db, $sid, $token)) {
14 13 $_user_edit .= "Invalid token. Try again."; $_user_edit .= "Invalid token. Try again.";
15 14 return; return;
File inc/user/repo/edit/edit.php changed (mode: 100644) (index 583d962..78170ee)
... ... if ($doit == 1) {
10 10 if (!rg_token_valid($db, $sid, $token)) { if (!rg_token_valid($db, $sid, $token)) {
11 11 $_edit .= "Invalid token. Try again."; $_edit .= "Invalid token. Try again.";
12 12 return; return;
13 // TODO: call rg_security_violation everywhere!
14 13 } }
15 14
16 15 $repo_id = rg_var_uint("repo_id"); $repo_id = rg_var_uint("repo_id");
File inc/user/repo/rights/rights.php changed (mode: 100644) (index fcedf44..4c3987b)
... ... while ($edit_uid > 0) {
46 46 } }
47 47
48 48 while ($doit == 1) { while ($doit == 1) {
49 if (!rg_token_valid($db, $sid, $token)) {
50 $errmsg[] = "Invalid token. Try again.";
51 return;
52 }
53
49 54 // lookup user // lookup user
50 55 $_ui = rg_user_info($db, 0, $target_user, ""); $_ui = rg_user_info($db, 0, $target_user, "");
51 56 if ($_ui['exists'] != 1) { if ($_ui['exists'] != 1) {
Hints:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit

Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main