- default: script can be run from command line;
to run from web you need to be logged in as a particular user.
(in addition to .htaccess protection).
- if include $cli_only at start of script:
can only be run from the command line.
- if include $skip_auth_ops at start of script:
can run from web without being logged in
(this is set ONLY in login_action.php)
- admin web: added $cli_only = true to a bunch of scripts
svn path=/trunk/boinc/; revision=19230
Got rid of auth_ops_cmdline() (not needed).
auth_ops() is now called in util_ops.inc;
every script in html/ops/ must include util_ops.inc.
Note: for existing projects, the admin web interface
will now show "access denied".
Projects must think about what access control policy they want,
and specify it in project.inc
svn path=/trunk/boinc/; revision=19053
don't modify user preferences or CPID.
- client: fix bug that shows ATI version incorrectly
- database: host.posts has been repurposed as a salt (or seqno)
for a new type of weak authenticator that won't depend on password
- web code:
modify forum_preferences.posts instead of host.posts.
(actually, the former isn't used either, we just do a select count(*);
should fix this at some point).
svn path=/trunk/boinc/; revision=18865
it was already decremented when the post was hidden
- Added a function to forum_repair.php to fix inconsistencies
due to the above bug
svn path=/trunk/boinc/; revision=15433
informing the project admin that they need to be explicitly edited to
enable updating the database. This will help prevent inadvertent use.
Thanks to David Hammer.
svn path=/trunk/boinc/; revision=5373
David Anderson