Fossil: Check-in [25eae5150c]

Fossil SCM

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:/setup_uedit now records deletion of a user in the administrative log.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256:25eae5150c226d9421db50a404c27ed2ee111d3fcd9e2d79f22fd4c4236c91b6
User & Date: stephan 2019-05-17 05:58:16
Context
2019-05-17
09:41
Added missing nonce to script tags in the bootstrap skin, one of which caused the submenus to not be properly displayed. check-in: 6b47b08e87 user: stephan tags: trunk
08:17
Fix for building with OpenSSL 1.1.1b using MinGW. Closed-Leaf check-in: d2b44d9e81 user: mistachkin tags: mingwFix
06:48
Create new branch named "moderate-disapprove-on-user-delete" (ooops - all these years and i never realized that "branch new" automatically creates a new empty commit!) check-in: a0595089e5 user: stephan tags: moderate-disapprove-on-user-delete
05:58
/setup_uedit now records deletion of a user in the administrative log. check-in: 25eae5150c user: stephan tags: trunk
2019-05-16
14:34
The "fossil all ui" command no longer shows repositories that cannot be opened. check-in: 4c2504dce1 user: drh tags: trunk
Changes

Changes to src/setupuser.c.

295
296
297
298
299
300
301


302
303
304
305
306
307
308

  /* Check for requests to delete the user */
  if( P("delete") && cgi_csrf_safe(1) ){
    int n;
    if( P("verifydelete") ){
      /* Verified delete user request */
      db_multi_exec("DELETE FROM user WHERE uid=%d", uid);


      cgi_redirect(cgi_referer("setup_ulist"));
      return;
    }
    n = db_int(0, "SELECT count(*) FROM event"
                  " WHERE user=%Q AND objid NOT IN private",
                  P("login"));
    if( n==0 ){







>
>







295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310

  /* Check for requests to delete the user */
  if( P("delete") && cgi_csrf_safe(1) ){
    int n;
    if( P("verifydelete") ){
      /* Verified delete user request */
      db_multi_exec("DELETE FROM user WHERE uid=%d", uid);
      admin_log("Deleted user [%s] (uid %d).",
                PD("login","???")/*safe-for-%s*/, uid);
      cgi_redirect(cgi_referer("setup_ulist"));
      return;
    }
    n = db_int(0, "SELECT count(*) FROM event"
                  " WHERE user=%Q AND objid NOT IN private",
                  P("login"));
    if( n==0 ){