• last updated 12 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
ad_sign: new optional parameter "user_binding"

The parameter user_binding allows to bind a signature to a user.

When the value is "-1" only the user who created the signature can

obtain the value again. A value of 0 (default) means no user binding.

The permissible values might be extended in the future.

bump version number to 5.10.0d24

  1. … 1 more file in changeset.
Bring files on oacs-5-10 in sync with HEAD

  1. … 158 more files in changeset.
Whitespace changes + editor hints

  1. … 19 more files in changeset.
Replace/remove deprecated proc 'db_null' and update doc accordingly

  1. … 30 more files in changeset.
Deprecate 'db_nullify_empty_string', essentially just returning the same string it receives

Deprecate 'db_null'

parameter::get_from_package_key: check as well in "global" package parameter

and make clear, that lookup from non-singleton packages does not make

sense.

fix typos

improve comments, make function private to avoid confusions

improve comment

follow usual naming conventions

  1. … 1 more file in changeset.
Ease usage of util_memoize during startup. let util_memoize succeed,

even when the cache is not yet created

use separate urlspace for site-node cache to reduce lock contention

prefer inline SQL over generic xql to make apm code usable during initialization

ad_form reform:

- use actual flags instead of parsing arguments all the time

- retrieve proc flags from ad_proc definition (TODO: have some api for this?)

- follow the thread of peculiar ad_form logic to fix new csrf signing feature

- improve documentation using @param instead of manual formatting

- leave some note to travellers in the code

    • -243
    • +229
    ./form-processing-procs.tcl
Fix typo (thanks to Thomas Renner)

reflow overlong lines in comments

ad_form: Add optional parameter -csrf_protection_p (defaults to false)

white space changes

simplify code

Cleanup not more relevant comments, remove idiom meant to work in the context of a db_with_handle we are not using anymore

Reuse already existing db_list_of_ns_sets inside db_foreach and db_list_of_lists, as it uses the most native return type: the ns_set

reduce verbosity

Operate on the original list to not incur in possible memory foortprint inflation via lrange

Exploit new -with_headers flag in db_list_of_lists to reimplement db_foreach in a way that only one db handle is used

Advantages:

- api is now transaction safe (with respect to database operations executed in the code block)

- nested db_foreach statements won't risk to occupy all available handles anymore

Possible drawbacks:

- query result needs to be completely stored inside a list before looping

- calling stack is now one level deeper...

This passes automated tests

Reduce code duplication

Introduce -with_headers flag in db_list_of_lists so names of returned column values can be returned as well as the first list in the result

Reduce code duplication (passes automated tests)

improve security of ad_forms by binding request to a user

fix bracket in last commit