• last updated 18 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Make use of new API "ad_mktmpdir" and "ad_opentmpfile" instead of "ad_tmpnam"

  1. … 2 more files in changeset.
Make use of new API "ad_mktmpdir" and "ad_opentmpfile" instead of "ad_tmpnam"

  1. … 1 more file in changeset.
prefer adp:icon over old-style .gif files

provided a helper proc to query the mapping of a generic icon name to a concrete

This function is necessary in boundary cases, where e.g. a display_template passes the generic

name of the icon via template variables which have to be

@-substituted before adp-tag resolution, which performs the

regular icon name mapping (otherwise, the tag resolver receives

e.g. ...name=@icon@...)

  1. … 2 more files in changeset.
prefer adp:icon over old-style .gif images

  1. … 2 more files in changeset.
Don't go to the cache to tell if a command is available

Don't go to the cache to tell if commands are available

Don't go to the cache to tell if the views package is installed

Make service contract implementation private and replace foreign occurrences

    • -10
    • +37
    ./tcl/file-storage-dav-procs.tcl
  1. … 1 more file in changeset.
Whitespace changes

    • -17
    • +17
    ./tcl/file-storage-dav-procs.tcl
Make service contract implementation private: they are not meant to be invoked directly

    • -14
    • +14
    ./tcl/file-storage-dav-procs.tcl
Make service contract implementations private

Whitespace cleanup

Deprecate twt::user::create and twt::user::delete, superseded by their acs::test::user:: counterparts

  1. … 11 more files in changeset.
Fix self-inflicted bug: one should indeed be able to specify the same form var multiple time, test the behavior for the future

  1. … 2 more files in changeset.
Reimplement upload automated test using a real multipart request, as newer naviserver will reject handcrafted .tmpfile parameters

Bring test closer to reality

Test the behavior of the file-storage when a malicious user would try to store a pre-existing file on the server as its own

The fix for the file-storage is a simple validation to make sure that the tmpfile exists, however, for the generic case of the file widget, we cannot trust the tmpfile value when this was not generated by the server. This will probably cause regression when one wants to show a "preview" of a form, to be continued.

    • -1
    • +121
    ./tcl/test/file-storage-procs.tcl
  1. … 1 more file in changeset.
Whitespace cleanup

acs::test::user::delete: added flag -delete_created_acs_objects and fix regression test for file-storage

  1. … 4 more files in changeset.
Prevent names made only of invalid characters to end up null after sanitization, as done in other UIs in this package

improve validation

provide missing value for inform widget

improve validation

Make use of util::file_content_check and check also in other cases

This change also covers the case, where the checkmark for uploading

zip files was added marked in "upload file". It will also report

errors which were silently swalled before.

Bumped version number to 5.10.1d1

provide value attribute

added validator for zip files

Fixes for Oracle 19c: more fixes of handling of Boolean values

Fixes for Oracle 19c: fix broken variable references (introduced in oacs-5-9)

Fixes for Oracle 19c: added missing SQL package declaration

    • -1
    • +147
    ./sql/oracle/file-storage-package-create.sql