• last updated 13 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
file upgrade--5.9.1d15-5.9.1d16.sql was initially added on branch oacs-5-9.

file upgrade-5.9.1d15-5.9.1d16.sql was initially added on branch oacs-5-9.

- fix incorrect links

- distinguish in apm_package_selection_widget between operations (updates/installs/or both)

- remove unneeded quoting

- use dollar quoting for SQL comments

- add verbosity setting

- make it easy to log SQL statements as these are executed

- remove initial-install-p flag

- updated package info

- bump version number to 0.149 to allow other packages to rely on the initialize parameter of "get_instance_from_db"

- add optional parameter "-initialize true|false" to "get_instance_from_db"

- improve debug messages for broken installations

- make return explicit

Avoid using deprecated content_item__new/17

- added kernel parameter MaxUrlLength (default 2000) to remove

hard-coded length in request-processor-procs.

- lifted data model restriction of 100 characters for url-segments

(changing types of "site_nodes.name" from "varchar(100)" to "text")

(PostgreSQL only)

- site_node__node_id

* use built-in string functions instead of characterwise loop

* use default for last argument

* Improve source-code documentation

- bumped version number of kernel to 5.9.1d15

file upgrade-5.9.1d14-5.9.1d15.sql was initially added on branch oacs-5-9.

Fixed table alias

security-procs:

- fix broken comparisons when "UseHostnameDomainforReg" is set

(see also issue #3293).

- don't use string match/regesub when manipulating URLs

(causes troubles with IP-literal notation). Instead, us

"eq" or "util::split_location"/"util::join_location"

- added means to ease debugging of login_urls and login_cookie:

variables "::security::log(login_url)" and

"::security::log(login_cookie)" contain the log severity.

by setting these to e.g. "notice", this does not require

to activate full debugging (setting severity to debug) in order

to obtain log output.

- added new function "util::join_location" as counterpart of

"util::split_location" to use IP-literal notation when necessary

(IPv6). The function can be used in connection with

"util::split_location" to substitute hostnames/ports etc. in full

urls instead of insecure regsub operations.

- function "util::external_url_p":

* don't use "string match" for comparing locations, since this

will fail with IP-literal notation

* no need to compare with encoded name (if needed, on should provide

an option).

- update dependcies, otherwise the update order in large updates is not correct

- get rid of the pesky "MISSING FORMWIDGET: ...formbutton:ok" message

- address bug #3293: actual code in oacs-5-9 used full host header

(from request header fields) which might contain port.

db-query is now performed without the optional port

- improve Tcl coding (use defaults, break long lines)

Prefer ns_quotehtml over ad_quotehtml, and quote fixing.

Value of within ad_quotehtml to avoid possible XSS attacks.

Added subst fixing acs_ListCheckAll variable substitutions not working.

hidden_p is a boolean noe, therefore rewriting the case clause of portal::configure_dispatch.toggle_tab_visibility

file upgrade-2.9.1d2-2.9.1d3.sql was initially added on branch oacs-5-9.

Deleting old definition of portal_page__new/11

- security::validated_host_header: Handle aliases for locations, which cannot be determined from config files, but which are supposed to be ok

- fix for openacs.org site bug #101