• last updated 12 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
- improve checking for return_urls in page_contracts

  1. … 12 more files in changeset.
- prefer sql statements between curly braces

  1. … 6 more files in changeset.
.xql-file reform of acs-admin

- remove sql statements from the code, where these are provided via .xql

- prefer empty sql statements over various forms of *SQL*

- remove obsolete Oracle queries

member_approve

member_ban

member_reject

member_deleted

member_unapprove

user_info

- remove obsolete .xql files (containing only unused query names)

www/users/modify-admin-privileges-oracle.xql

www/users/modify-admin-privileges-postgresql.xql

www/users/user-add-2.xql

    • -23
    • +0
    ./modify-admin-privileges-oracle.xql
    • -23
    • +0
    ./modify-admin-privileges-postgresql.xql
  1. … 4 more files in changeset.
- fix for bug #2805

- provide more security for granting/revoking swa permissions (use timeouts and configurable secrets)

- prefer ns_quotehtml over ad_quotehtml

  1. … 28 more files in changeset.
- allow no-selected group in user search (by fixing other bugs, db_html_select_value_options works now, but forced the user to select a group)

- use a faster sql query

- order groups by group_id to list "the public" first

- add editor hints to keep spaces/tabs in the furture more consistent

  1. … 740 more files in changeset.
- standardize argument passing to adp-includes, don't perform double i18n and double quoting

  1. … 121 more files in changeset.
- fix and standardize quoting in template properties

  1. … 382 more files in changeset.
- standardize url construction to protect against injection attacks

- modernize tcl

  1. … 9 more files in changeset.
- hardening page contracts

  1. … 20 more files in changeset.
- improve validity and saftey of HTML

  1. … 14 more files in changeset.
- quote HTML attribute values

  1. … 10 more files in changeset.
- quote HTML attributes

  1. … 4 more files in changeset.
- fix validty of HTML

- improve validity and security of HTML of admin pages

  1. … 9 more files in changeset.
- use type checking for boolean parameters in page_contracts to improve security

  1. … 25 more files in changeset.
Merging back to HEAD branch oacs-5-8 (using tag vg-merge-oacs-5-8-from-20141027).

  1. … 2533 more files in changeset.
- remove obsolete files

- fix indentation of source code

- check ids in page contracts

  1. … 25 more files in changeset.
- move ad_user_class_query and ad_user_class_query_count_only from

packages/acs-tcl/tcl/admin-procs.{tcl,xql} to acs-outdated/tcl/

since these functions are non-functional (based on non-existing

tables)

- move related code from acs-admin/www/users/one.{tcl,xql} to acs-outdated/www/

  1. … 2 more files in changeset.
- not need to check for existence of variables with defaults: email, first_names, limit_to_users_in_group_id authority_id last_name_starts_with

- fix spelling limit_users_in_group_id -> limit_to_users_in_group_id

- "email" and "limit_to_user_id" have defaults, no need to check for existence

- "email" and "last_name" have defaults, no need to check for existence

- use tcl 8.5 extended index format for "string range"

- use property "doc(title)" throughout oacs-5-8 instead of "title" to get rid of warnings in error.log of the form:

Warning: /forums/message-view has no doc(title) set.

Using doc(title) is required in blank-master.tcl but was used so far only in a few packages

  1. … 323 more files in changeset.