(fix links on profile-index pages)
- web: use cache-control "no-store" only for home.php.
This makes it so that, e.g. if you scroll to the middle of a long page,
follow a link, then click Back,
you'll go back the original scroll position rather than top of page.
svn path=/trunk/boinc/; revision=15391
There are two aspects:
1) undoing magic quotes (if it's being used).
This must be done for all GET and POST string inputs.
It is now done automatically by get_str() and post_str().
The places that refer to $_GET and $_POST directly
must do it themselves using undo_magic_quotes().
2) Escaping user-supplied strings before using them in DB queries.
This is done by process_user_text()
(which should be renamed db_escape_string()).
The new principle:
call process_user_text() in the function that does the DB query
(not at any higher level).
svn path=/trunk/boinc/; revision=15389
1) it's not correct to apply stripslashes() to all form input.
That should be done only if magic quotes is on.
I fixed this by adding a function undo_magic_quotes()
that does the right thing.
2) There's no reason to strip backslashes from user-supplied text
(forum titles and bodies, private messages, passwords etc.)
I'm not sure why this was being done.
It prevented messages from containing backslashes.
svn path=/trunk/boinc/; revision=15364
If present, don't show anything related to computing.
Use this for Bossa/Bolt projects, and the BOINC message boards.
svn path=/trunk/boinc/; revision=15228
which added only confusion.
Implement login directly, using cookies.
- All cookie setting/clearing now goes through two functions,
send_cookie() and clear_cookie().
These deal with path and expiry
(e.g. if you want to have different language or forum settings
on two projects on the same server, that now works).
svn path=/trunk/boinc/; revision=14735
now have community info in a 2nd column on the right.
This accomplishes two things:
1) it puts community info in more places;
2) it provides a reasonable way to format long lists of friends;
they just continue down the right column.
svn path=/trunk/boinc/; revision=14452
- web: add app selection to example project-specific prefs
(commented out by default)
- web: in prefs, flag too-low numeric values as errors,
rather than just setting to min value
- web: fix bug when add new venue from "columns" view
svn path=/trunk/boinc/; revision=14442
strip HTML tags from text (e.g. to remove photos)
- user web: show_image(): separate title (tooltip text)
from "alt" (replaces image if images disabled).
The latter must be terse.
- user web: show_button(): make it work even if Javascript disabled
svn path=/trunk/boinc/; revision=14294
- login form now has ONLY email/passwd
("login with account key" is gone)
- "forgot password?" takes you to a page with two options:
1) type in email address, get an email with login link
2) instructions for recovering account key from BOINC account file
- email is stripped-down, has login link and not much else
fixes#190
svn path=/trunk/boinc/; revision=14263
URL_BASE is assumed to end with a /.
If you put another /, you end up with // in URLs.
This leads to a situation where you can have
one cookie for // and another for / - bad.
If this causes problems for any projects,
they should edit their project.inc accordingly
svn path=/trunk/boinc/; revision=14254
- add more info about team message board (if it exists)
- show list of admins
- show list of new members (in last 24 hours)
- show number of members total, with credit, and with average credit
- move actual list of members to new page (team_members.php)
svn path=/trunk/boinc/; revision=14230
appointed by the founder, who have most of the same
rights as the founder (edit team info, view/remove users).
They can't, however, change the founder, or select/remove Admins.
- user web: added the ability for founder to delete an empty team
- user web: count/show all team members, not just those with credit
- user web: Team Search returns top team if form fields left blank
- Added db_update.php entry for Eric's banishment_vote stuff
svn path=/trunk/boinc/; revision=14108
This lets you lookup up users sorted by
- descending join time
- descending total credit, or
- descending RAC
and lets you filter them by
- country
- presence/absence of team
- presence/absence of profile
It's implemented in such a way that no more than N
DB rows are examined
(i.e. it doesn't necessarily show you all the results)
- PHP database: add enum_fields() member to DbConn and BoincUser.
This is to select a limited number of fields
e.g. to make large queries more efficient.
Also added BoincTeam::lookup_id_cache(); this is an example
of how to look up items likely to be repeated
(like teams when you're showing a list of users)
svn path=/trunk/boinc/; revision=14082
add a function show_button() to display links as buttons
with hover-based explanation.
This should be used whenever clicking on something
performs an action, rather than just going to a new page
(sometimes the boundary is fuzzy)
- user web: fixed bug when send private message by user name
svn path=/trunk/boinc/; revision=14015
Here's how things should eventually be:
- inc/db_conn.inc defines DbConn, a PHP class representing
a connection to a database with
various generic operations (update, insert etc.).
DbConn prepends the DB name to table names,
so you don't have to select a DB;
this means you can access multiple databases
(e.g. BOINC and Bossa) and use persistent connections.
ALL MYSQL-SPECIFIC CODE WILL EVENTUALLY BE HERE.
- inc/boinc_db.inc defines classes BoincUser, BoincTeam etc.,
representing the various BOINC DB tables.
All access to the DB should use these classes.
When you use this framework, no initialization calls are needed.
db.inc is deprecated and should eventually be removed.
I changed get_logged_in_user()
and all team-related code to use this framework.
- user web: show team founder link to "management functions"
even if they're not currently a member;
allow team founder to perform all operations even if not a member.
- turned on E_ALL error checking,
and fixed a bunch of warnings
and a couple of bugs ($team, not team)
- database: update schema/constraints for team fulltext search
- user web: forgot to change Serbia and Montenegro to Serbia
svn path=/trunk/boinc/; revision=13968
David Anderson