Dave West [Thu, 17 Jul 2008 12:57:23 +0000 (12:57 +0000)]
System users (SYS_*) now have proper user numbers.
CtdlFillPrivateContext has been replaced by CtdlFillSystemContext.
CtdlFillSystemContext will create the system user if needed, upgrade the
system user from a user 0 if needed and also load the system user if
needed.
The auto purger now makes a log entry if it encounters a user 0 (not an
Aide message).
The Auto purger will post an Aide message if it encounters a user with
no name and a valid user number. This should NEVER happen.
Test thoroughly before release and needs to be tested thoroughly with
host auth systems too.
Dave West [Thu, 17 Jul 2008 10:54:00 +0000 (10:54 +0000)]
The user with number 1 is no longer automatically an Aide.
Plugs that little security hole that an attacker would need to be very
quick to exploit.
NB. If the system Aide is not correct in the config the Aide may loose
priviledges and will need to run setup to get them back.
Dave West [Mon, 14 Jul 2008 10:04:46 +0000 (10:04 +0000)]
Slight modification to dothebarts disabling of the timeout for artv
import.
Now the dont_term flag is set after we are sure we can do artv (in case
the mallocs fail).
* copy daves great handler script and modify it to fit the simpler needs of webcit.
* add init functions to all handler containing .c files; Register these calls in the init function
* replace strcmp URL to handler dispatcher by hashlist
* wrap calls that had more than one call in simple functions
* added GCC Format String checkers to the remaining printf alikes
* fix formatstring errors
* fix multiline preference saving
* fix signature en/decoding
We now have UNLIMITED signatures, so finaly one can put its $Company foo at the end of his mail autemagicaly.
* avoid to run over the buffer while parsing the url
* Migrated message listview to be enum controlled after handling the settings, as its simpler to handle in memory handling
Art Cancro [Mon, 7 Jul 2008 13:20:07 +0000 (13:20 +0000)]
Renamed database_sleepycat.c to database.c
because it reflects the fact that we only have one backend store available;
and because Sleepycat Software no longer exists.
Matt [Mon, 7 Jul 2008 05:30:08 +0000 (05:30 +0000)]
Rename is_wap to is_mobile
Detect iPhone Safari,S60 WebKit and WinCE browsers (opera, pocket ie) by
user-agent
Different and experimental message view - code is messy at the moment so
cleanup will come soon
Art Cancro [Mon, 23 Jun 2008 03:45:49 +0000 (03:45 +0000)]
Minor formatting and comments cleanup.
Also determined where in the code the hacking for recurring events must take
place, and inserted a comment there outlining the basic strategy.
Art Cancro [Sun, 22 Jun 2008 04:36:04 +0000 (04:36 +0000)]
The 'edit room' tab panel now uses the same CSS that is used
in the tabs.c API. This eliminates the problem with tabs breaking out into two
floating rows on narrow screens.
Dave West [Mon, 16 Jun 2008 17:25:53 +0000 (17:25 +0000)]
Speed up for the indexer.
This will NOT cause a re-build of the index but it does significantly
improve performance when indexing a new message or if the index needs to
be re-built.
Basically the list of noise words is processed much faster.
Art Cancro [Mon, 16 Jun 2008 03:22:25 +0000 (03:22 +0000)]
When grabbing addresses for the address book popup, return
to the original room using gotoroom(saved_roomname) rather than calling
BSTR. Fixes this bug in three different places.
Art Cancro [Sat, 14 Jun 2008 14:47:32 +0000 (14:47 +0000)]
Changes to serv_network.c:
* The log message which indicates that network processing for a room has
begun, now only prints if there is a netconfig for that room. This
will hopefully make the logs much smaller.
* Any buffer which holds a filename is now of size PATH_MAX, rather than
SIZ or 256 or whatever.
Art Cancro [Tue, 10 Jun 2008 19:58:46 +0000 (19:58 +0000)]
The before-save hook which is called when saving a calendar
event now populates message headers from the calendar object without
the use of an intermediate data structure.
Art Cancro [Fri, 6 Jun 2008 03:50:43 +0000 (03:50 +0000)]
* When not using native auth mode, do not enable the OpenID server command set.
* When self-service new user account creation is disabled, do not allow account creation via OpenID.
Art Cancro [Thu, 5 Jun 2008 02:32:46 +0000 (02:32 +0000)]
* Completed the code for creating a new account, manually specifying
the account name, when an OpenID was verified but the desired nickname
either was not supplied or conflicts with an existing user.
* The SETP command can now be passed a special string that tells it the
client wants the server to auto-generate a random password.
Art Cancro [Tue, 3 Jun 2008 03:41:51 +0000 (03:41 +0000)]
* Removed some cruft from the login code. Combined the
do_login() and session_startup() functions. Moved more duplicated
code into a single code path.
* Completed the OpenID signin process for existing users, and for new
users who have made their preferred nickname available via Simple
Registration Extension (assuming this nickname is available on the
Citadel system). Other sign in flows are forthcoming...
Art Cancro [Mon, 2 Jun 2008 16:09:00 +0000 (16:09 +0000)]
Export format has changed due to the addition of a new
table, so the version number has changed. Also added a serv_info field to
advise the client (e.g. WebCit) whether the server supports OpenID. The
main reason is because we can only do OpenID in native auth mode -- but we
can also use this to temporarily shut off all OpenID features if we need
to complete a new software release before OpenID is finished.
Art Cancro [Mon, 2 Jun 2008 15:03:45 +0000 (15:03 +0000)]
* Began implenmenting OpenID table import/export
* Disabled the code to automatically learn the highest message/user/room numbers
in the event that citadel.control is missing, because if you run it on a virgin
server, it CRASHES.
Art Cancro [Mon, 2 Jun 2008 03:04:23 +0000 (03:04 +0000)]
Completed the delete-user hook to remove any associated
OpenID records. Also completed an auto-purger function to delete any
stale OpenID associations. Still need to add dump/load code. Now I
remember why I tend to avoid adding top-level database tables.