Mercurial > hg > fapweb

changeset 28:bf567e6402bf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Moar work.
author Matti Hamalainen <ccr@tnsp.org>
date Sat, 08 Dec 2012 14:40:13 +0200
parents b27204653615
children 4b5a176805e2
files createdb.php login.php
diffstat 2 files changed, 18 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/createdb.php	Sat Dec 08 06:49:53 2012 +0200
+++ b/createdb.php	Sat Dec 08 14:40:13 2012 +0200
@@ -122,7 +122,7 @@
   "news" => "id INTEGER PRIMARY KEY AUTOINCREMENT, utime INT, title VARCHAR(128), text VARCHAR(4096), author VARCHAR(64), persist INT DEFAULT 0",
   "attendees" => "id INTEGER PRIMARY KEY AUTOINCREMENT, regtime INT, name VARCHAR(64), groups VARCHAR(64), oneliner VARCHAR(64), email VARCHAR(80)",
   "compos" => "id INTEGER PRIMARY KEY AUTOINCREMENT, name VARCHAR(128), description VARCHAR(4096), visible INT DEFAULT 0, voting INT DEFAULT 0",
-  "entries" => "id INTEGER PRIMARY KEY AUTOINCREMENT, name VARCHAR(64), author VARCHAR(64), compo_id INT DEFAULT NULL, filename VARCHAR(128) DEFAULT NULL, screenshot VARCHAR(128) DEFAULT NULL",
+  "entries" => "id INTEGER PRIMARY KEY AUTOINCREMENT, name VARCHAR(64), author VARCHAR(64), uploader_id INT DEFAULT NULL, compo_id INT DEFAULT NULL, filename VARCHAR(128) DEFAULT NULL, screenshot VARCHAR(128) DEFAULT NULL",
   "users" => "id INTEGER PRIMARY KEY AUTOINCREMENT, key VARCHAR(64), name VARCHAR(64), email VARCHAR(64), active INT DEFAULT 0",
   "votes" => "id INTEGER PRIMARY KEY AUTOINCREMENT, entry_id INT DEFAULT NULL, voter_id INT DEFAULT NULL, value INT DEFAULT 0",
   "settings" => "key VARCHAR(32) PRIMARY KEY, vtype INT, vstr VARCHAR(128), vtext TEXT, vint INT, desc VARCHAR(128)",
@@ -246,4 +246,16 @@
     break;
 }
 
+
+//
+// Clean up permissions
+//
+foreach (array("createdb.php", "keygen.php") as $filename)
+{
+  if (chmod($filename, 0700) === FALSE)
+  {
+    echo "ERROR! Could not set permissions for '$filename'!\n";
+  }
+}
+
 ?>
\ No newline at end of file
--- a/login.php	Sat Dec 08 06:49:53 2012 +0200
+++ b/login.php	Sat Dec 08 14:40:13 2012 +0200
@@ -4,6 +4,10 @@
 
 stSetupCacheControl();
 
+$target = stGetRequestItem("goto", FALSE);
+if ($target === FALSE || $target == "" || strpos($target, "login.php") !== FALSE)
+  exit;
+
 if (stGetRequestItem("admpass", FALSE) == stGetSetting("admPassword"))
   stAdmSessionStart();
 else
@@ -11,5 +15,5 @@
   if (stGetSetting("debug")) error_log("Admin session AUTH LOGIN failed (".stGetRequestItem("admpass", FALSE).")");
 }
 
-header("Location: https://".stGetRequestItem("goto"));
+header("Location: https://".$target);
 ?>
\ No newline at end of file