| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
$this->output->parse_exec_vars is a protected variable so we can't
access it like the documentation suggests (yes this is a bug that
should be reported...), but even if it worked I'm not confident the
output class should be trusted with arbitrary input. Upstream might at
some point add another "feature" so this is the safe way to go.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
cron code already handled this correctly, valid() didn't.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Only login when necessary.
This also makes test_login() work properly (before the automatic login
would have intercepted the failure and in case of a good login
test_login() would test the credentials a second time.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
trim() would give us an empty string if base64_decode() returns false.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This allows to easily add LDAP and other support.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This can be used to track data for all kinds of one-time actions like
invitations and password resets.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This change *should* be backwards compatible.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
The DB col is set to ascii_general_ci so if the username doesn't pass
the charset check we shouldn't even bother query the db because that can
trigger a collation error (utf-8 vs ascii).
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Initial-work-by: Oliver Mader <b52@reaktor42.de>
Additional-work-by: Markus Cisler <mrkscslr@gmail.com>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Passing the authentication headers is slightly complicated with fastcgi
so we support both and let the users choose.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Pygments calls it that and mode was an undescriptive name anyway.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Previously we displayed an empty page since stderr usually goes to the
error log of the web server.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Pygments has lexers with space in the name and those won't work unless
we decode them.
Example: "Duel View"
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Assuming utf8 breaks if the input file is latin1. This automaticaly
guesses if it's utf8 or latin1. If this isn't enough, we can switch to
chardet, but that adds a new dependency.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Trigger: echo test | curl -F "file=@-;filename=stdin" <url>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Most sessions are just people viewing a paste. Those don't need a
session until they want to log in so we don't have to pollute the
database and waste resources.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
No need to repeat that for every line.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
- faster than geshi
- easier to modify the css because there is only one
- geshi upstream seems pretty dead
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Muser already uses this scheme as it is easier to type.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
