- Fix a tricky Tcl_Obj sharing bug triggered by the usage of C-level

IndexObjs based on volatile tables. Consider the following example:

proc foo {x} {

return [bar -value x ...]


The Tcl_Obj "x" is shared as name of argument and as a value of the

non-positional parameter "-value". When bar (e.g. C-implemented)

uses Tcl_GetIndexFromObj*() to lookup "x" in a table of options,

which is volatile, the involved Tcl_Obj will be converted to an


On a call with wrong number of arguments( e.g."foo 1 2 3"), Tcl

will try to give a nice error message, saying that "foo x" can be

called only with one argument. When printing argument "x", it sees

that "x" is an indexObj, and for these kinds of objects, "x" might

be an abbreviated version of a full name. Since the table behind

the indexObj is in the case above volatile, a crash might happen.

The committed fix above is just a temporary measure. NaviServer should

try to avoid such Tcl_Obj conversions in these cases. It is also

questionable, whether the attempt to interpret a argument name as

an abbreviated.

deactivate html hacking (replace textarea by "p") since rendering is

broken due to bootstrap's "form-control" class

    • -2
    • +2
strip white space

Make page for managing the parameter "PrivateEmailLevelP" subsite aware.

allow empty correct_when specifications

Whitespace cleanup

Use already existing message-key.

ensure that every formfield is disabled in the disabled_fc list (e.g. mc-interaction)

Export message keys to normalize sorting anx xml quoting (will prevent huge diffs with new message keys)

Fixed typo in message-key. Bump acs-lang version to reload message keys.

reduce verbosity

use new form-field type "correct_when"

provide new form-field "correct_when" for conveniant user interaction

the form-field type is currently just a text field with a tailored

help text, but can be extended in the future via pull-downs etc.

    • -2
    • +2
use ad_return_complaint for invalid query parameter parsing (at least in connection threads)

fix workflow such these work as well with shared workflow definitons

    • -26
    • +26
    • -38
    • +44
New test for json and utf-8 encoding against Postman Echo webservice (https://docs.postman-echo.com)

Remove unused variable

provide missing args for references call

Use template::util::tcl_to_sql_list for proper list element quoting

impreve robustness of ad_doc parsing

ns_quotehtml user submitted value inside an error message to prevent potential XSS attack

Fix incorrect proc name

- overhaul of online-exam:

- support for new question types

* text_interaction

* text_entry_interaction

* mc interacotpm

- support for autocorrection feedback in print-out (first version)

based on "correct_when" (this is per tield-type, also extensible)

currently 9 types of predicates, "btwn" (heißt "zwischen"),

eq, ne, gt, ge, lt, le, match, in

- fully internationlaized

- todo:

* better support for mc,

* submission certificates for students (comtaining a digest)

* percentage grading

* export for potential post-processing of results

* improved styling

    • -121
    • +253
    • -159
    • +214
- improved source code documentation

- improved checking, when ID or object is returned

    • -27
    • +57
- new interaction type text_entry_interaction (abbreviated as "te" in test_item question_type)

create multipe text interactions

- added autocorrection via "correct_when" to text interaction and text_entry_interaction

- improved source code documentation

- break overlong lines

- removed usages of :instvar

- still TODO: base mc question on complex formfile types rather than HTML primitives,

since this allows better adoption to different rendering styles and better feedback modes

    • -81
    • +249
extend message catalog

prefer resolver variables over method calls.

improve spelling

remove obsolete calls (ad_quotehtml) and make code more robust

fix for issue #3427