Index: common.c --- common.c.orig 2006-12-14 01:29:24 +0100 +++ common.c 2007-03-04 11:35:11 +0100 @@ -397,7 +397,7 @@ /* We don't want to be redirected back to captcha page, but ratehr to ** one from which we were redirected to captcha in the first place. */ - const char *zUri = (P("cnxp")!=0) ? P("cnxp") : getenv("REQUEST_URI"); + const char *zUri = (P("nxp")!=0) ? P("nxp") : getenv("REQUEST_URI"); @ @ Not logged in } Index: db.c --- db.c.orig 2007-01-28 19:40:07 +0100 +++ db.c 2007-03-04 11:35:11 +0100 @@ -154,13 +154,13 @@ }else if( (!g.okWrite || g.isAnon) && sqlite3StrICmp(zArg1,"ticket")==0 && sqlite3StrICmp(zArg2,"contact")==0){ return SQLITE_IGNORE; - }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"chng")==0 ){ + }else if( !g.okRead && sqlite3StrICmp(zArg1,"chng")==0 ){ return SQLITE_IGNORE; }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"filechng")==0 ){ return SQLITE_IGNORE; }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"file")==0 ){ return SQLITE_IGNORE; - }else if( !g.okCheckout && sqlite3StrICmp(zArg1,"inspect")==0 ){ + }else if( !g.okRead && sqlite3StrICmp(zArg1,"inspect")==0 ){ return SQLITE_IGNORE; }else if( !g.okRead && sqlite3StrICmp(zArg1,"ticket")==0 ){ return SQLITE_IGNORE; @@ -2020,7 +2020,7 @@ */ static void f_decode(sqlite3_context *context, int argc, sqlite3_value **argv){ if( argc==2 ) { - const char *zIn = (const char*)sqlite3_value_text(argv[0]); + const char *zIn = (const char*)sqlite3_value_blob(argv[0]); int nBytes = sqlite3_value_int(argv[1]); if( zIn && zIn[0] && nBytes>0 ){ char *zOut = calloc(nBytes,1); Index: format.c --- format.c.orig 2007-01-28 23:50:24 +0100 +++ format.c 2007-03-04 11:35:11 +0100 @@ -778,7 +778,7 @@ if( az && az[0] && az[1] ){ cgi_printf("",zLink,az[0]); /* FIXME: should use a with the ticket status as a class */ - if( az[1][0] == 'n' || az[1][0] == 'a' ){ + if( az[1][0] != 'c' ){ cgi_printf("#%d",tn); }else{ cgi_printf("#%d",tn); Index: makeheaders.c --- makeheaders.c.orig 2006-12-14 01:35:46 +0100 +++ makeheaders.c 2007-03-04 11:35:11 +0100 @@ -2136,7 +2136,7 @@ zArg++; } if( *zArg==0 || *zArg=='\n' ){ return 0; } - nArg = pToken->nText + (int)pToken->zText - (int)zArg; + nArg = pToken->nText + pToken->zText - zArg; if( nArg==9 && strncmp(zArg,"INTERFACE",9)==0 ){ PushIfMacro(0,0,0,pToken->nLine,PS_Interface); }else if( nArg==16 && strncmp(zArg,"EXPORT_INTERFACE",16)==0 ){ @@ -2155,7 +2155,7 @@ zArg++; } if( *zArg==0 || *zArg=='\n' ){ return 0; } - nArg = pToken->nText + (int)pToken->zText - (int)zArg; + nArg = pToken->nText + pToken->zText - zArg; PushIfMacro("defined",zArg,nArg,pToken->nLine,0); }else if( nCmd==6 && strncmp(zCmd,"ifndef",6)==0 ){ /* @@ -2166,7 +2166,7 @@ zArg++; } if( *zArg==0 || *zArg=='\n' ){ return 0; } - nArg = pToken->nText + (int)pToken->zText - (int)zArg; + nArg = pToken->nText + pToken->zText - zArg; PushIfMacro("!defined",zArg,nArg,pToken->nLine,0); }else if( nCmd==4 && strncmp(zCmd,"else",4)==0 ){ /* @@ -2792,7 +2792,7 @@ fprintf(stderr, "%s: Can't overwrite this file because it wasn't previously\n" "%*s generated by 'makeheaders'.\n", - pFile->zHdr, strlen(pFile->zHdr), ""); + pFile->zHdr, (int)strlen(pFile->zHdr), ""); nErr++; }else if( strcmp(zOldVersion,zNewVersion)!=0 ){ if( report ) fprintf(report,"updated\n"); @@ -2951,10 +2951,10 @@ pDecl->zName, zLabel, pDecl->zFile, - pDecl->pComment ? (int)pDecl->pComment/sizeof(Token) : 0, + pDecl->pComment ? /* TOTALLY BOGUS: (int)pDecl->pComment/sizeof(Token) */ 0 : 0, pDecl->pComment ? pDecl->pComment->nText+1 : 0, - pDecl->zIf ? strlen(pDecl->zIf)+1 : 0, - zDecl ? strlen(zDecl) : 0, + pDecl->zIf ? (int)strlen(pDecl->zIf)+1 : 0, + zDecl ? (int)strlen(zDecl) : 0, pDecl->pComment ? pDecl->pComment->nLine : 0, pDecl->tokenCode.nText ? pDecl->tokenCode.nText+1 : 0 ); Index: svn.c --- svn.c.orig 2006-12-14 01:27:25 +0100 +++ svn.c 2007-03-04 11:35:11 +0100 @@ -205,7 +205,10 @@ * If there's no repository defined, bail and wait until the admin sets one. */ zRoot = db_config("cvsroot",""); - if( zRoot[0]==0 ) return 1; + if( zRoot[0]==0 ) { + db_execute("COMMIT"); + return 1; + } nBaseRevision = atoi(db_config("historysize","0")); if( nBaseRevision Index: throttle.c --- throttle.c.orig 2006-05-25 10:20:24 +0200 +++ throttle.c 2007-03-04 11:35:11 +0100 @@ -165,7 +165,7 @@ } if( zUrl==0 ) zUrl = "index"; - cgi_redirect(mprintf("captcha?cnxp=%T", zUrl)); + cgi_redirect(mprintf("captcha?nxp=%T", zUrl)); }else if( overload && exitOnOverload ){ /* Just block the client */ lockout(); Index: ticket.c --- ticket.c.orig 2006-12-14 01:33:31 +0100 +++ ticket.c 2007-03-04 11:35:11 +0100 @@ -392,7 +392,7 @@ @ @ @ Assigned To: - az = db_query("SELECT id FROM user UNION SELECT '' ORDER BY id"); + az = db_query("SELECT id FROM user WHERE capabilities LIKE '%%w%%' UNION SELECT '' ORDER BY id"); cgi_v_optionmenu(0, "w", zWho, (const char **)az); db_query_free(az); @ @@ -1335,7 +1335,7 @@ @ @ Assigned To: azUsers = (const char**)db_query( - "SELECT id FROM user UNION SELECT '' ORDER BY id"); + "SELECT id FROM user WHERE capabilities LIKE '%%w%%' UNION SELECT '' ORDER BY id"); cgi_v_optionmenu(0, "a", aParm[4].zNew, azUsers); @ @     @@ -1463,14 +1463,16 @@ const char *zTn; char *zErrMsg = 0; char *zTktTitle; + const char *zOwner; login_check_credentials(); - if( !g.okWrite ){ login_needed(); return; } throttle(1,1); tn = rn = 0; zTn = PD("tn",""); sscanf(zTn, "%d,%d", &tn, &rn); if( tn<=0 ){ cgi_redirect("index"); return; } + zOwner = db_short_query("SELECT owner FROM ticket WHERE tn=%d", tn); + if( !g.okWrite && !(zOwner != NULL && strcmp(zOwner, g.zUser) == 0) ){ login_needed(); return; } bprintf(zPage,sizeof(zPage),"%d",tn); doPreview = P("pre")!=0; doSubmit = P("submit")!=0;