ELOG/elog
0
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Hide wrong password from URL

Browse Source 
SVN revision: 303
This commit is contained in:
ritt
2002-12-10 08:20:10 +00:00
parent 6dc080b41e
commit 24b86cec33
2 changed files with 31 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
doc/CHANGELOG.TXT
+8
View File
@@ -2,6 +2,14 @@ Version 2.2.4, released Nobember xxth, 2002
===========================================
- Added option "Menu text = xxxx" and "Find Menu text = xxxx"
- Fixed bug with "hosts allow = .."
- Fixed problem that when hitting "Back" after a wrong message submission
old text was gone
- Fixed bug with displaying attributes in search all logbooks
- Added strlcpy and strlcat to avoid buffer overflows
- Implemented "Line as link" option
- Implemented collapse/expand of threaded display
- Do not display password in URL if wrong password
Version 2.2.3, released Nobember 20th, 2002
===========================================
elogd.c
+23 -3
View File
@@ -6,6 +6,9 @@
Contents: Web server program for Electronic Logbook ELOG
$Log$
Revision 2.112 2002/12/10 08:20:09 midas
Hide wrong password from URL
Revision 2.111 2002/12/10 07:53:21 midas
Implemented expand/collapse
@@ -9502,18 +9505,29 @@ char str[256];
if (strcmp(password, str) == 0)
return TRUE;
if (!isparam("wpwd") && password[0])
{
strlcpy(str, redir, sizeof(str));
if (strchr(str, '?'))
strlcat(str, "&wpwd=1", sizeof(str));
else
strlcat(str, "?wpwd=1", sizeof(str));
redirect(str);
return FALSE;
}
/* show web password page */
show_standard_header(loc("ELOG password"), NULL);
/* define hidden fields for current destination */
if (redir[0] && !password[0])
if (redir[0])
rsprintf("<input type=hidden name=redir value=\"%s\">\n", redir);
rsprintf("<p><p><p><table border=%s width=50%% bgcolor=%s cellpadding=1 cellspacing=0 align=center>",
gt("Border width"), gt("Frame color"));
rsprintf("<tr><td><table cellpadding=5 cellspacing=0 border=0 width=100%% bgcolor=%s>\n", gt("Frame color"));
if (password[0])
if (isparam("wpwd"))
rsprintf("<tr><th bgcolor=#FF0000>%s!</th></tr>\n", loc("Wrong password"));
rsprintf("<tr><td align=center bgcolor=%s>\n", gt("Title bgcolor"));
@@ -9709,6 +9723,12 @@ char status, str[256], upwd[256], full_name[256], email[256];
return TRUE;
}
if (!isparam("wpwd") && password[0])
{
redirect("?wpwd=1");
return FALSE;
}
/* show login password page */
show_standard_header("ELOG login", NULL);
@@ -9719,7 +9739,7 @@ char status, str[256], upwd[256], full_name[256], email[256];
gt("Border width"), gt("Frame color"));
rsprintf("<tr><td><table cellpadding=5 cellspacing=0 border=0 width=100%% bgcolor=%s>\n", gt("Frame color"));
if (password[0])
if (isparam("wpwd"))
rsprintf("<tr><th bgcolor=#FF0000>%s!</th></tr>\n", loc("Wrong password"));
rsprintf("<tr><td align=center bgcolor=%s>\n", gt("Title bgcolor"));