• last updated 19 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Uniform documentation formatting and indentation, add missing documentation

For Postgres, take advantage of exclusive database api to check for permissions more efficiently, improve doc

Notification request cleanup refactoring

One of the most expensive operations in large site is the cleanup for

notification_requests in situations, where the user has lost

permissions on an object, on which the user wanted to receive

notifications. This check was performed previously in

notification::sweep::cleanup_notifications via a permission check over

all notification requests, which can be very costly on large

sites. This change moves this cleanup into the actual notification

sending, where the permissions have to be sent anyhow.

Fix typo

Fix expression to the original intention: check if ns_conn url ends by ad_conn extra_url

more cleanup for setting of potentially unencoded return_url

    • -2
    • +1
    /openacs-4/packages/xowiki/tcl/folder-procs.tcl
    • -2
    • +2
    /openacs-4/packages/xowiki/tcl/package-procs.tcl
minor cleanup for returnurls

    • -1
    • +1
    /openacs-4/packages/xowf/tcl/xowf-procs.tcl
don't hard-code "Learner" as role

streamline returnredirect commands

make sure, the provided URL is always properly encoded

    • -6
    • +8
    /openacs-4/packages/xowiki/tcl/package-procs.tcl
Fix typo in datamodel creation, make it atomic

ad_return_url: experimental change to produce per default a proper encoded result

Background: before this change, ad_return_url encoded always the query

variables but not the URL path. This mixed result is complex to handle

to achieve ex-post a proper encoding. The function has a flag

"-urlencode", which is nowhere used in OpenACS. Other functions like

e.g. export_vars, or pretty_link return per default as well the

encoded URL. "ad_return_url" has a new flag "-path_encode=false" to

obtain the previous behavior (similar to the other mentioned

functions).

break overlong lines and improve comments

bugfix: don't call get_non_empty_file_formfields in render_answers when in export mode

improve spelling

provide a compatibility function for ns_parsehostport for earlier versions of NaviServer

make spelling more consistent

prefer variable resolver over method calls for unset

    • -4
    • +4
    /openacs-4/packages/xowiki/tcl/xowiki-procs.tcl
minor refactoring to correct old-style widgetSpecs; prefer variable resolver over method calls for unset

support editor=none in arbitrary form-field specs

added composite question per default to the "New" pull-down menu, added message keys for German

    • -0
    • +1
    /openacs-4/packages/xowf/tcl/xowf-procs.tcl
make sure that the query variable "show" is only passed non-empty, otherwise the page-contract of admin/message-list.tcl will fail

Reduce usage of ns_mktemp in OpenACS

ns_mktemp uses the deprecated old POSIX call mktemp(), which should

not be used anymore for security reasons (race between the name

creation and opening the file). This change removes several usages of

"ns_mktemp" from OpenACS and replaces it with calls to the

safe Tcl call "file tempfile ..." (introduced by Tcl 8.6).

prefer usage of "xo::write_tmp_file" over "xo::write_file" for writing tmp files

    • -3
    • +3
    /openacs-4/packages/xowiki/xowiki.info
    • -4
    • +5
    /openacs-4/packages/xowiki/tcl/xowiki-procs.tcl
Reduce usage of ns_mktemp in OpenACS

ns_mktemp uses the deprecated old POSIX call mktemp(), which should

not be used anymore for security reasons (race between the name

creation and opening the file). This change removes several usages of

"ns_mktemp" from OpenACS and replaces it with calls to the

safe Tcl call "file tempfile ..." (introduced by Tcl 8.6).

added function xo::write_tmp_file

The new function uses an atomic call to create a temporary file and

is therefore lass prone to attacks.

bumped verison number to 5.10.0d41

reinstantiate accidentially deleted code

fix header generation

since the headers are set in a loop, "ns_set put" is incorrect

since it is additive. "ns_set update" is correct.

make using page-filter "object_id" backwards compatible by allowing it to be used also during update scripts

improve spelling

improve log message