fixed topic name in posts so that it came out right; fixed SIG welcome
page so that it generates correct URL; repaired a security hole (well, not really, but a PERCEIVED security hole) regarding accounts that have been created but not yet confirmed
This commit is contained in:
parent
89429a4b40
commit
acc7f06e66
|
@ -216,6 +216,65 @@ class UserContextImpl implements UserContext, UserBackend
|
||||||
|
|
||||||
} // end sendEmailConfirmation
|
} // end sendEmailConfirmation
|
||||||
|
|
||||||
|
private void autoJoinSIGs(Connection conn) throws SQLException
|
||||||
|
{
|
||||||
|
if (logger.isDebugEnabled())
|
||||||
|
logger.debug("autoJoinSIGs (uid " + uid + ", level " + level + ")");
|
||||||
|
|
||||||
|
// See which SIGs we are eligible to autojoin.
|
||||||
|
Statement stmt = conn.createStatement();
|
||||||
|
StringBuffer sql =
|
||||||
|
new StringBuffer("SELECT sigmember.sigid, sigmember.locked FROM users, sigmember, sigs "
|
||||||
|
+ "WHERE sigmember.uid = users.uid AND sigmember.sigid = sigs.sigid "
|
||||||
|
+ "AND users.is_anon = 1 AND sigs.join_lvl <= ");
|
||||||
|
sql.append(level).append(';');
|
||||||
|
if (logger.isDebugEnabled())
|
||||||
|
logger.debug("SQL: " + sql.toString());
|
||||||
|
ResultSet rs = stmt.executeQuery(sql.toString());
|
||||||
|
|
||||||
|
// Save the SIGIDs returned into temporary array lists.
|
||||||
|
ArrayList tmp_sigid = new ArrayList();
|
||||||
|
ArrayList tmp_locked = new ArrayList();
|
||||||
|
while (rs.next())
|
||||||
|
{ // save off the "sigid" and "locked" column pairs
|
||||||
|
tmp_sigid.add(new Integer(rs.getInt(1)));
|
||||||
|
tmp_locked.add(new Boolean(rs.getBoolean(2)));
|
||||||
|
|
||||||
|
} // end while
|
||||||
|
|
||||||
|
// Figure out which of those SIGs we haven't joined yet and set up to autojoin them.
|
||||||
|
sql.setLength(0);
|
||||||
|
for (int i=0; i<tmp_sigid.size(); i++)
|
||||||
|
{ // see if the user is already a member of this SIG
|
||||||
|
Integer x_sigid = (Integer)(tmp_sigid.get(i));
|
||||||
|
rs = stmt.executeQuery("SELECT sigid FROM sigmember WHERE sigid = " + x_sigid + " AND uid = " + uid
|
||||||
|
+ ";");
|
||||||
|
if (!(rs.next()))
|
||||||
|
{ // tack this information onto the end of our big "INSERT" command
|
||||||
|
Boolean x_locked = (Boolean)(tmp_locked.get(i));
|
||||||
|
if (sql.length()==0)
|
||||||
|
sql.append("INSERT INTO sigmember (sigid, uid, granted_lvl, locked) VALUES ");
|
||||||
|
else
|
||||||
|
sql.append(", ");
|
||||||
|
sql.append("(").append(x_sigid).append(", ").append(uid).append(", ");
|
||||||
|
sql.append(DefaultLevels.memberSIG()).append(", ").append(x_locked.booleanValue() ? '1' : '0');
|
||||||
|
sql.append(")");
|
||||||
|
|
||||||
|
} // end if
|
||||||
|
|
||||||
|
} // end for
|
||||||
|
|
||||||
|
if (sql.length()>0)
|
||||||
|
{ // execute the big update
|
||||||
|
sql.append(';');
|
||||||
|
if (logger.isDebugEnabled())
|
||||||
|
logger.debug("SQL: " + sql.toString());
|
||||||
|
stmt.executeUpdate(sql.toString());
|
||||||
|
|
||||||
|
} // end if
|
||||||
|
|
||||||
|
} // end autoJoinSIGs
|
||||||
|
|
||||||
/*--------------------------------------------------------------------------------
|
/*--------------------------------------------------------------------------------
|
||||||
* Implementations from interface UserContext
|
* Implementations from interface UserContext
|
||||||
*--------------------------------------------------------------------------------
|
*--------------------------------------------------------------------------------
|
||||||
|
@ -402,6 +461,9 @@ class UserContextImpl implements UserContext, UserBackend
|
||||||
email_verified = true;
|
email_verified = true;
|
||||||
level = DefaultLevels.afterEmailVerification();
|
level = DefaultLevels.afterEmailVerification();
|
||||||
|
|
||||||
|
autoJoinSIGs(conn); // EJB 4/14/2001 - handle autojoin of any SIGs we couldn't autojoin at account
|
||||||
|
// creation time
|
||||||
|
|
||||||
// record an audit message indicating that we verified OK
|
// record an audit message indicating that we verified OK
|
||||||
ar = new AuditRecord(AuditRecord.VERIFY_OK,uid,remote_addr);
|
ar = new AuditRecord(AuditRecord.VERIFY_OK,uid,remote_addr);
|
||||||
|
|
||||||
|
@ -1414,5 +1476,30 @@ class UserContextImpl implements UserContext, UserBackend
|
||||||
this.last_access = last_access;
|
this.last_access = last_access;
|
||||||
|
|
||||||
} // end loadNewUser
|
} // end loadNewUser
|
||||||
|
|
||||||
|
void autoJoinSIGs() throws DataException
|
||||||
|
{
|
||||||
|
Connection conn = null;
|
||||||
|
|
||||||
|
try
|
||||||
|
{ // get a database connection and call the internal function
|
||||||
|
conn = datapool.getConnection();
|
||||||
|
autoJoinSIGs(conn);
|
||||||
|
|
||||||
|
} // end try
|
||||||
|
catch (SQLException e)
|
||||||
|
{ // database error - this is a DataException
|
||||||
|
logger.error("error autojoining SIGs: " + e.getMessage(),e);
|
||||||
|
throw new DataException("unable to autojoin SIGs: " + e.getMessage(),e);
|
||||||
|
|
||||||
|
} // end catch
|
||||||
|
finally
|
||||||
|
{ // make sure the connection is released before we go
|
||||||
|
if (conn!=null)
|
||||||
|
datapool.releaseConnection(conn);
|
||||||
|
|
||||||
|
} // end finally
|
||||||
|
|
||||||
|
} // end autoJoinSIGs
|
||||||
|
|
||||||
} // end class UserContextImpl
|
} // end class UserContextImpl
|
||||||
|
|
|
@ -1029,31 +1029,6 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
|
||||||
if (logger.isDebugEnabled())
|
if (logger.isDebugEnabled())
|
||||||
logger.debug("...created userprefs");
|
logger.debug("...created userprefs");
|
||||||
|
|
||||||
// get the list of SIG IDs the anonymous user is a member of
|
|
||||||
rs = stmt.executeQuery("SELECT sigmember.sigid, sigmember.locked FROM users, sigmember "
|
|
||||||
+ "WHERE sigmember.uid = users.uid AND users.is_anon = 1;");
|
|
||||||
sql.setLength(0);
|
|
||||||
while (rs.next())
|
|
||||||
{ // set up to insert into the sigmember table
|
|
||||||
if (sql.length()==0)
|
|
||||||
sql.append("INSERT INTO sigmember (sigid, uid, granted_lvl, locked) VALUES ");
|
|
||||||
else
|
|
||||||
sql.append(", ");
|
|
||||||
sql.append("(").append(rs.getInt(1)).append(", ").append(new_uid).append(", ");
|
|
||||||
sql.append(DefaultLevels.memberSIG()).append(", ").append(rs.getInt(2)).append(")");
|
|
||||||
|
|
||||||
} // end while
|
|
||||||
|
|
||||||
if (sql.length()>0)
|
|
||||||
{ // execute the big update
|
|
||||||
sql.append(';');
|
|
||||||
stmt.executeUpdate(sql.toString());
|
|
||||||
|
|
||||||
} // end if
|
|
||||||
|
|
||||||
if (logger.isDebugEnabled())
|
|
||||||
logger.debug("...loaded default SIG memberships");
|
|
||||||
|
|
||||||
// get the sidebox configuration for this user
|
// get the sidebox configuration for this user
|
||||||
rs = stmt.executeQuery("SELECT sideboxes.boxid, sideboxes.sequence, sideboxes.param FROM sideboxes, "
|
rs = stmt.executeQuery("SELECT sideboxes.boxid, sideboxes.sequence, sideboxes.param FROM sideboxes, "
|
||||||
+ "users WHERE sideboxes.uid = users.uid AND users.is_anon = 1;");
|
+ "users WHERE sideboxes.uid = users.uid AND users.is_anon = 1;");
|
||||||
|
@ -1144,6 +1119,7 @@ public class VeniceEngineImpl implements VeniceEngine, EngineBackend
|
||||||
// create a new context for the user (they're now effectively logged in)
|
// create a new context for the user (they're now effectively logged in)
|
||||||
UserContextImpl rc = new UserContextImpl(this,datapool);
|
UserContextImpl rc = new UserContextImpl(this,datapool);
|
||||||
rc.loadNewUser(remote_addr,new_uid,DefaultLevels.newUser(),username,confirm_num,created,created);
|
rc.loadNewUser(remote_addr,new_uid,DefaultLevels.newUser(),username,confirm_num,created,created);
|
||||||
|
rc.autoJoinSIGs(); // EJB 4/14/2001
|
||||||
if (logger.isDebugEnabled())
|
if (logger.isDebugEnabled())
|
||||||
logger.debug("...created new user context");
|
logger.debug("...created new user context");
|
||||||
return rc;
|
return rc;
|
||||||
|
|
|
@ -405,4 +405,13 @@ public class TopicPosts implements JSPRender
|
||||||
|
|
||||||
} // end getNumPostsPerPage
|
} // end getNumPostsPerPage
|
||||||
|
|
||||||
|
public boolean displayAttachmentInNewWindow(TopicMessageContext msg)
|
||||||
|
{
|
||||||
|
if (!(msg.hasAttachment()))
|
||||||
|
return false;
|
||||||
|
String type = msg.getAttachmentType();
|
||||||
|
return (type.startsWith("text/") || type.startsWith("image/"));
|
||||||
|
|
||||||
|
} // end displayAttachmentInNewWindow
|
||||||
|
|
||||||
} // end class TopicPosts
|
} // end class TopicPosts
|
||||||
|
|
|
@ -26,18 +26,13 @@
|
||||||
RenderData rdat = RenderConfig.createRenderData(application,request,response);
|
RenderData rdat = RenderConfig.createRenderData(application,request,response);
|
||||||
%>
|
%>
|
||||||
<% if (rdat.useHTMLComments()) { %><!-- <%= data.getIdentifyingData() %> --><% } %>
|
<% if (rdat.useHTMLComments()) { %><!-- <%= data.getIdentifyingData() %> --><% } %>
|
||||||
<%
|
<%= rdat.getStdFontTag("#3333AA",5) %><B><%= data.getTopicName() %></B></FONT>
|
||||||
String tmp;
|
<%= rdat.getStdFontTag("#3333AA",3) %><B>
|
||||||
if (data.isTopicArchived())
|
<% if (data.isTopicArchived()) { %>(Archived)<% } else if (data.isTopicFrozen()) { %>(Frozen)<% } %>
|
||||||
tmp = "(Archived) ";
|
<%= data.getTotalMessages() %> Total; <%= data.getNewMessages() %> New;
|
||||||
else if (data.isTopicFrozen())
|
Last: <%= rdat.formatDateForDisplay(data.getLastUpdate()) %>
|
||||||
tmp = "(Frozen) ";
|
</B></FONT>
|
||||||
else
|
|
||||||
tmp = "";
|
|
||||||
rdat.writeContentHeader(out,data.getTopicName(),tmp + data.getTotalMessages() + " Total; "
|
|
||||||
+ data.getNewMessages() + " New; Last: "
|
|
||||||
+ rdat.formatDateForDisplay(data.getLastUpdate()));
|
|
||||||
%>
|
|
||||||
<TABLE BORDER=0 WIDTH="100%" CELLPADDING=0 CELLSPACING=0>
|
<TABLE BORDER=0 WIDTH="100%" CELLPADDING=0 CELLSPACING=0>
|
||||||
<TR VALIGN=BOTTOM>
|
<TR VALIGN=BOTTOM>
|
||||||
<TD NOWRAP ALIGN=LEFT>
|
<TD NOWRAP ALIGN=LEFT>
|
||||||
|
@ -176,7 +171,8 @@
|
||||||
</EM>)
|
</EM>)
|
||||||
<% if (msg.hasAttachment()) { %>
|
<% if (msg.hasAttachment()) { %>
|
||||||
<A HREF="<%= rdat.getEncodedServletPath("attachment?" + data.getConfLocator() + "&msg="
|
<A HREF="<%= rdat.getEncodedServletPath("attachment?" + data.getConfLocator() + "&msg="
|
||||||
+ msg.getPostID()) %>" TARGET="_blank"><IMG
|
+ msg.getPostID()) %>"
|
||||||
|
<% if (data.displayAttachmentInNewWindow(msg)) { %>TARGET="_blank"<% } %> ><IMG
|
||||||
SRC="<%= rdat.getFullImagePath("attachment.gif") %>"
|
SRC="<%= rdat.getFullImagePath("attachment.gif") %>"
|
||||||
ALT="(Attachment <%= msg.getAttachmentFilename() %> - <%= msg.getAttachmentLength() %> bytes)"
|
ALT="(Attachment <%= msg.getAttachmentFilename() %> - <%= msg.getAttachmentLength() %> bytes)"
|
||||||
WIDTH=16 HEIGHT=16 BORDER=0></A>
|
WIDTH=16 HEIGHT=16 BORDER=0></A>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user