gernst in OpenACS

Added switch "-ulevel" to proc "util::var_subst_quotehtml";

ad_form: quote form field values in validation error messages to prevent XSS attacks

Quote form field values in validation error messages to prevent XSS attacks

Improve proc documentation

Quote the value of the "inform"-widget value before rendering it

Quote the value of the "inform"-widget value before rendering it

Fix incorrect default value

dotlrn cache reform: added missing cache flush; added caching of "community_key"

Make sure variable is an array

fixed embedded variable name in message-key

Use the existing API when doing changes to the properties of an authority, otherwise the cache is not updated accordingly.

made value retrival for parameters "DefaultDimensionalStyle" and "DefaultListFilterStyle" theme aware

Remove stupid upvar tricks

make portal::show_proc_helper theme aware

Proc "util_get_subset_missing": make sure to return the found elements.

Added test case for this proc.

fix the value which is used for the partition_key during flush_cache operation

dotlrn cache reform: move caching from util_memoize into three seperate caches to reduce stress on util_memoize.

These caches are:

- ::dotlrn::dotlrn_cache

Default general purpose cache for dotlrn-wide value (e.g. available applets, etc)

- ::dotlrn::dotlrn_user_cache

Partitioned cache for values specific to a user (e.g. personal_portal_id, theme_id, etc)

- ::dotlrn::dotlrn_community_cache

Partitioned cache for values specific to a community (e.g name, roles, portal_id, etc)

    • -2
    • +2
    /openacs-4/packages/dotlrn/dotlrn.info
    • -2
    • +6
    /openacs-4/packages/dotlrn/tcl/applets-procs.tcl
    • -63
    • +100
    /openacs-4/packages/dotlrn/tcl/community-procs.tcl
    • -3
    • +32
    /openacs-4/packages/dotlrn/tcl/dotlrn-init.tcl
    • -7
    • +22
    /openacs-4/packages/dotlrn/tcl/dotlrn-procs.tcl
    • -0
    • +8
    /openacs-4/packages/dotlrn/tcl/dotlrn-procs.xql
    • -3
    • +1
    /openacs-4/packages/dotlrn/www/member-add-3.tcl
prefer acs_object__new/9 over acs_object__new/7

Fix syntax error

Do not try to flush autonamed cache entries

Added missing call to global ::parameter::get ...

Removed redundant cache creation

Fix else syntax

Avoid double encoding when content is in the same encoding as that of tcl interpreter

Use the actual tag name when retrieving its parameter, otherwise it would cause a missleading error message

added print-answers to the externally callable methods

    • -1
    • +5
    /openacs-4/packages/xowf/lib/online-exam.wf
prefer dict over tcl arrays: cleanup of leftovers

Removed duplicate registration of template tag "tabstrip"

Add files missed by last commit

    • -0
    • +11
    /openacs-4/packages/acs-admin/www/auth/login-attempts.adp
    • -0
    • +67
    /openacs-4/packages/acs-admin/www/auth/login-attempts.tcl
- Add new feature to prevent/slowdown brute force attacks on login by counting the number of

failed consecutive login attempts based on ip-address and subsite.

- Add new package dependency: package "acs-admin" now requires "acs-authentication"

Use ad_script_abort after ns_return

    • -2
    • +2
    /openacs-4/packages/xml-rpc/www/index.tcl