Advanced Diff  Max:

50 check-ins related to "trunk" plus check-in "2016-05-14 19:44:40" occurring around 2016-05-14 19:44:40.

More ↑
2017-10-21
00:26
Added force-ssl check-in: 35d44094de user: kiatoaco tags: trunk
2017-10-20
23:45
Honor HTTPS_SERVER cgi varible check-in: 5a8df0870a user: matt tags: trunk
2017-09-16
04:29
Added session:generate-random-string. check-in: 9fe02f8d12 user: matt tags: trunk
2017-03-31
02:47
Replaced use of regex with substring-index for form parsing. Former use was quite broken treating incoming data as the regex. check-in: 0d4c0dc2fe user: matt tags: trunk, 2017-ww40
2017-03-13
06:30
Added obfuscated set/get check-in: 544afe46f9 user: matt tags: trunk
2017-03-11
12:03
Added s:get-inp which does s:get-input falling back to s:get-param if no input var exists check-in: 962faddbed user: matt tags: trunk
2017-03-07
20:36
Minor cleanup of example in howto.txt and changed s:local-set to s:lset check-in: fd0492638e user: matt tags: trunk
2017-03-03
13:37
Merged in some forgotten changes check-in: 88e690f242 user: matt tags: trunk
2017-02-28
23:07
Added script override check-in: d55d5a7926 user: mrwellan tags: trunk
2016-11-08
06:44
Added missing use dbi in misc-stml.scm check-in: 17ef0caa4a user: matt tags: trunk
06:20
Merged crypt branch check-in: 0e2bee049a user: matt tags: trunk
06:18
Added escape of \n \r as option to session:apply-type-preference Leaf check-in: 7592869969 user: matt tags: crypt
2016-10-20
17:53
Replace external openssl call with "crypt" egg.

The OpenSSL call was using the old UNIX crypt DES password hashing, which is very weak. Crypt will default to a more sensible mechanism (Blowfish, but in the future could transparently switch).

Old passwords will continue to work, because the crypt egg detects DES salts and happily hashes them. When creating new passwords, they will be hashed using the modern algorithm.

The OpenSSL call passed the password to the shell, so an onlooker on the server could see it in plaintext. It also neglected to escape the password for the shell, resulting in a command injection vulnerability. check-in: 1b5a5d3a6e user: sjamaan tags: crypt

17:50
Create new branch named "crypt" Closed-Leaf check-in: 1241e8996c user: sjamaan tags: crypt
2016-09-25
17:10
Added conversion to s:session-var-get. WARNING: Need to use 'raw in many cases check-in: 445ea184ae user: matt tags: trunk
2016-09-24
07:07
Added recovery from bad form. but it is broken and I don't know why. Still seems rare ... check-in: 44c407806c user: matt tags: trunk
2016-09-22
06:28
Added safe handling for params check-in: 4bccacb50f user: matt tags: trunk
2016-09-21
04:34
Oops. Use the string result. check-in: 8c0e13bea5 user: matt tags: trunk
04:31
Trim \n sillyness from escaped strings check-in: 8b94f6cb84 user: matt tags: trunk
2016-09-19
06:05
Oops. missed setup.scm check-in: 4b5ced8c71 user: matt tags: trunk
05:55
Add filtering to s:get-input. Switch to dbi. check-in: e78a65d865 user: matt tags: trunk
2016-07-28
06:46
emit limited debug info to the user if not in debug mode. Give name of log file check-in: bd6f7bf73b user: matt tags: trunk
06:36
emit limited debug info to the user if not in debug mode. Give name of log file check-in: e9e91f635f user: matt tags: trunk
2016-07-10
04:53
Fixed fork again check-in: 77503f3f5c user: kiatoaco tags: trunk
2016-05-14
19:44
Merged fork check-in: f3b21cf7d2 user: matt tags: trunk
19:42
Added comment on fPIC and added clean target check-in: 3b621651c1 user: matt tags: trunk
16:40
Added hint regarding fPIC to INSTALL file check-in: 5f818de536 user: matt tags: trunk
2015-12-28
03:34
Added snip of stml code from Kiatoa project check-in: 7c85b0da59 user: matt tags: trunk
2015-12-22
06:12
Return empty string if stuff to output isn't recognised check-in: 4c0940a61f user: matt tags: trunk
03:27
Merged selfcontained back to trunk check-in: f276a48081 user: matt tags: trunk
2015-11-15
02:20
deal somewhat gracefully with improper %num escaped char in URL Leaf check-in: 332033f93f user: matt tags: selfcontained
2015-04-14
04:45
Merged selfcontained back to trunk check-in: d3fdfad50d user: matt tags: trunk
2015-01-27
05:02
Tweaked config file locating. Added thead and tbody. check-in: f4a40c5778 user: matt tags: selfcontained
2013-05-17
07:08
refactor for selfcontained executables (incomplete) check-in: 55a8152be6 user: matt tags: selfcontained
2013-02-03
05:25
Added additional verbage for debug and setup easing check-in: 18e7e965e2 user: matt tags: trunk
2013-01-09
06:20
Fixed output of error in error page check-in: 60f784c4db user: matt tags: trunk
2013-01-05
20:42
Added debug-mode helper function check-in: 8a162a1405 user: matt tags: trunk
2012-12-13
05:41
Install used instead of cp for install, cleaned up stmlrun.scm a bit check-in: a53376324f user: kiatoaco tags: trunk
04:57
Added initial implementation of catching errors and presenting data to user check-in: 75298ea6c2 user: matt tags: trunk
2012-12-11
02:59
docs-tweak check-in: bec5075b24 user: matt tags: trunk
2012-08-08
15:06
Added direct access to pg conn check-in: 57f91bc5c8 user: matt tags: trunk
2012-08-04
20:55
Basic twiki now working but still buggy check-in: 1a58be0746 user: matt tags: trunk
18:56
Improved message for broken stml check-in: 8f51206e58 user: matt tags: trunk
03:48
Moved back to built in date calc instead of unix calls, test fix (doesn't work) check-in: b0c8348626 user: matt tags: trunk
2012-08-02
21:26
Initial cleared out version of the manual. check-in: e1712c7156 user: matt tags: trunk
18:41
Cleaned up and got working on orion check-in: ceb2c8c436 user: matt tags: trunk
15:48
Added manual, tweaked session.scm to use dbi check-in: 19d7e34d29 user: matt tags: trunk
2012-07-27
21:20
removed unnecessary logging output check-in: 3e61eb47cb user: matt tags: trunk
18:41
Fixed stupid cookie bug check-in: f1f4d8b2de user: matt tags: trunk
2012-07-26
23:16
Got cookie to compile by switching to posix calls for time string check-in: 00fb8be61d user: matt tags: trunk
More ↓