Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

*** empty log message *** 

svn path=/trunk/boinc/; revision=4004
This commit is contained in:
David Anderson 2004-08-06 12:12:26 +00:00
parent 156930d204
commit 5edfed8bf4
4 changed files with 28 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
checkin_notes
View File

@ -15984,3 +15984,19 @@ David 6 Aug 2004
create_work.C
dir_hier_move.C
dir_hier_path.C
David 6 Aug 2004
- In the web "get password" function,
look for not just the email addr but also
any munged versions of the email addr.
So people won't see "no such account" and create a new one.
(from Carl Christensen)
- Add escape_pattern() function for escaping "like" patterns;
use this in team lookup also
html/
inc/
db.inc
user/
mail_passwd.php
team_lookup.php

8
html/inc/db.inc
View File

@ -93,4 +93,12 @@ function lookup_app($id) {
return null;
}
// escape a string for MySQL "like"
//
function escape_pattern($str) {
$str = str_replace('_', '\\\\_', $str);
$str = str_replace('%', '\\\\%', $str);
return $str;
}
?>

7
html/user/mail_passwd.php
View File

@ -8,10 +8,9 @@ db_init();
page_head("Password");
$email_addr = trim(strtolower($HTTP_POST_VARS["email_addr"]));
if (strlen($email_addr)) {
$query = sprintf(
"select * from user where email_addr = '%s'",
$email_addr
);
$esc_email_addr = escape_pattern("@".$email_addr."_");
$query = "select * from user where email_addr = '$email_addr' "
. "or email_addr like '$esc_email_addr'";
$result = mysql_query($query);
$user = mysql_fetch_object($result);
mysql_free_result($result);

3
html/user/team_lookup.php
View File

@ -8,9 +8,8 @@
init_session();
$team_name = $_GET["team_name"];
$words = preg_split("/[\s,]+/", $team_name);
$length = count($words);
$name_lc = strtolower($team_name);
$name_lc = escape_pattern($name_lc);
$query = "select * from team where name like '$name_lc%'";
$result_list = mysql_query($query);