added: config option:
// the way we behave when no_session_cookie_treshold limit is exceeded
// 0 - if a client doesn't send a session cookie again then use a temporary session
// (other sessions from this IP address are not affected)
// 1 - add this IP address to ban list and create a temporary session
// (this will block other sessions from this IP address too)
// default: 0
int no_session_cookie_ban_mode;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@996 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: possibility to ban if a client tries to hijack the session cookie
added: possibility to ban if a client did not send a session cookie
renamed: ezc functions:
login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed)
login_when_available_login -> ipban_current_ip_expires_time
added: config options:
// after how many broken encoded cookie we should ban the current IP
// default: 2 (value in the range <0 - 65535>)
size_t broken_encoded_cookie_treshold;
// after how many incorrect session identifiers (or session indices) we should ban the current IP
// do not set this value too low, as people connecting from the same IP address (from behind a NAT)
// would be banned if they have an old session cookie remembered in the browser
// default: 128 (value in the range <0 - 65535>)
size_t session_hijacking_treshold;
// after how many times a client will be banned if it did not send a session cookie
// default: 1000 (value in the range <0 - 65535>)
size_t no_session_cookie_treshold;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: config options:
// whether or not we should encode the session cookie
// (we have a special algorithm)
// default: false
bool session_cookie_encode;
// if session_cookie_encode is true then you should provide
// a file where AES keys will be stored
std::wstring session_keys_file;
// each session has an index -- an unsigned int value
// this value is sent in the cookie string (is encoded)
// and is incremented when session_index_time_increment time is passed since the last incrementing
// if a client sent the cookie back the difference between
// current index and the index in the cookie should be less than or equal to session_allow_index_difference
// default: 8
size_t session_allow_index_difference;
// the time which should pass after the session index is incremented
// default: 30
// (session_allow_index_difference + 1) * session_index_time_increment should be less than a time
// load of a page and all elements on it such as images (of course it depends on client's download too)
time_t session_index_time_increment;
// time in seconds after a new AES key pair should be generated
// we have 256 pairs of keys so this time multiplied by 256 should not be less than
// the max time of a session (session_remember_max_idle),
// by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle)
// default: 172800 = 2 days (max: 2678400 = 1 month, min: 10)
size_t session_key_renew_time;
changed: when printing the time of a request we print only two non-zero digits
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
ezc_error_prefix (string)
ezc_error_postfix (string)
// prefix and postfix used when there is an error in Ezc patterns
// default:
// prefix: "<!-- "
// postfix: " -->"
added: Ezc::Blocks to templates
added: although patterns have pointers to functions and blocks cached
the Ezc::Generator should use SetFunctions() and SetBlocks() method
in order to correctly recognize variables (aliases)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@978 e52654a7-88a9-db11-a3e9-0013d4bc506e
everywhere we are using std::wstring and wchar_t*
(std::string and char* is used only locally in some places
especially when creating a path to OS file system etc.)
added: to the special thread when winix closes:
a write function for curl: FetchPageOnExitCurlCallback()
without this function the curl library will print
the page's content to the standart output
changed: TextStream<> class from core can make
UTF8<->wide strings conversions
removed: from config: utf8 option
now winix expects UTF8 from the user's input (html forms, url-es)
and outputs strings in the UTF8 format
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@965 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: to config: upload_group
a group name for newly uploaded files (and created necessary directories in the file system)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@961 e52654a7-88a9-db11-a3e9-0013d4bc506e
content between <nofilter>...</nofilter> will not be filtered
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@955 e52654a7-88a9-db11-a3e9-0013d4bc506e
if false that means the user has not set a password yet
(this can be used by a plugins to create a new account without a password set)
in order to login the user first has to set a new password
(this can be done from a some kind of activation link send via email etc)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@954 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: now we are able to use the html filter for the whole out_streams (when ajax is used the output is filtered too)
splitted FilterCompressSend() function -- first we are making the filtering
(after filtering we know the size of the content to send)
added: to Compress:
Compressing(const char * source, size_t source_len, BinaryPage & out_stream, int encoding);
changed: some refactoring in App
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@942 e52654a7-88a9-db11-a3e9-0013d4bc506e
a user could create a hardlink to any file and the new link
had user_id, group_id and permissions the same as for new generated files,
this allowes to overwrite any existing file in the filesystem,
now user_id, group_id, permissions are the same as from the oryginal file
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@941 e52654a7-88a9-db11-a3e9-0013d4bc506e
index_rawcontent.html, index_ajaxcontent.html
now we have out_streams in Request and some special
keyword in ezc templates for sending content to the
specified streams
changed: the way how winix answers to the client's browsers:
info from Request class:
winix answer send to the client's browser
|
|
depending on send_bin_stream
-------------------------------------------------
| |
text answer binary answer
| |
depending on return_json sending out_bin_stream
------------------------------------
| |
normal request ajax request
| |
sending out_streams[0] depending on return_info_only
------------------------------------------------------
| |
generating JSON object from: generating JSON object only from info
out_streams and info, e.g.: e.g.:
{ { info object serialized here }
"stream_1": "some html content",
"stream_2": "some other html content",
"info": { info object serialized here }
}
note that out_streams[0] is not sent
in JSON answers
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@937 e52654a7-88a9-db11-a3e9-0013d4bc506e
the clang compiler by default
changed: Makefile files have been a little cleaned
the main Makefile now will not compile winix and winix.so if there
were not any changes to source files (it's faster)
(added Makefile.dep in the global directory with list of all source/header files)
changed: winix version to 0.5.5
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@933 e52654a7-88a9-db11-a3e9-0013d4bc506e
code for activating an account has been moved here from Pw
changed: the form for reseting a user's password has been moved
to 'passwd' winix function (it was in Pw before)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@926 e52654a7-88a9-db11-a3e9-0013d4bc506e
(when called in a directory)
added: to reload winix function:
reloading (clearing) the cache from 'menu' plugin
added: to 'menu' plugin
possibility to read 'meta' information from files
third argument 'withmeta' to menu_dir_tab ezc function
e.g. [for menu_dir_tab "/directory" "..." "withmeta"]...[end]
and some ezc functions to retrieve the meta values
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@921 e52654a7-88a9-db11-a3e9-0013d4bc506e
for cropping images (and thumbnails)
www.domain.com/dir/file.jpg/imgcrop -- crop an image
www.domain.com/dir/file.jpg/imgcrop/thumb -- crop an image's thumbnail
www.domain.com/dir/file.jpg/imgcrop/newthumb -- crop and create a new thumbnail (from an original image)
www.domain.com/dir/imgcrop -- show images' list with above options
added: to Image class: some methods for cropping
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@919 e52654a7-88a9-db11-a3e9-0013d4bc506e
admin meta information
added: option "a" to meta winix function
editing admin meta information
changed: now if you don't have write access to an item
you can't see the meta information
previous if you had read access you could have seen them
added: in plugin ticket and thread
support for 'closing' (ticket, thread)
(this is only logic, we need some html yet)
added: some ezc function for getting meta/admin meta information
(for the current item and the last directory)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@907 e52654a7-88a9-db11-a3e9-0013d4bc506e
bool Login::LoginUser(const std::wstring & login, const std::wstring & password, bool remember_me,
bool use_ses_log, bool check_abuse)
default 'false' -- it test the time between GET and POST and the rebus (if exists)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@905 e52654a7-88a9-db11-a3e9-0013d4bc506e
possibility to remove a ban (or all bans)
added: to SessionManager: sorting of the ban list (in the second thread)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@903 e52654a7-88a9-db11-a3e9-0013d4bc506e
now after some incorrent login attempts your IP can be banned or blocked
(see new config variables)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
// try to use SSL
// if in the config 'use_ssl' is true and 'use_ssl_only_for_logged_users' is true
// then ssl is used only for logged users but sometimes there is a need to use
// SSL even if noone is logged (for example for such functions like 'login' or 'adduser')
// default: false
// (this option is ignored if 'use_ssl' in the config is false)
bool need_ssl;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@892 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: to Request:
// binary page
BinaryPage binary_page;
// a compressed page ready to send to the client
BinaryPage compressed_page;
// if true then either page or ajaxpage will be sent to the client
// if false then binary_page is sent
// default: true
bool use_text_page;
BinaryPage is defined as (in requesttypes.h):
typedef PT::TextStreamBase<char, 1, 4096> BinaryPage;
added: to Compress: now it can gets BinaryPage as arguments (input, output)
changed: winix version to: 0.5.0
added: in templates: TexTextStream class
for taking input to the TeX typesetting system
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@884 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: 'postredirect' global parameter (it can be a param or post value)
you can use this parameter in a html POST form
after processing the POST request winix will make a redirect to the value
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@881 e52654a7-88a9-db11-a3e9-0013d4bc506e
// used as a JSON output (when ajax_serializer is defined)
// it will be serialized and have at least:
// 'content' string - the whole html content
// 'http_status' integer - http status code (e.g. 200)
PT::Space ajax;
// if not null then the request will have a JSON as an output
PT::SpaceToJSON * ajax_serializer;
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@871 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: to misc: QEncode which takes PT::TextStreamBase as an argument
added: to Locale: methods: IsKey, Get which takes PT::TextStreamBase as an argument
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@860 e52654a7-88a9-db11-a3e9-0013d4bc506e
changed: time zones -- now we have the daylight saving time
different for each year (start, end)
added: config option: time_zone_id (size_t)
time zone identifier for not logged users
or for newly created accounts
those identifiers you can see in etc/time_zones.conf file
or by using timezone winix function with 'a' parameter (timezone/a) (!!IMPROVE ME NOT IMPLEMENTED YET)
default: 34 (Coordinated Universal Time UTC+00:00)
added: config option: locale_default_id (size_t)
locale for not logged users
or for newly created accounts
added: config option: locale_max_id (size_t)
a maximum value of a locale identifier
default: 100 (maximum: 1000)
each locale files should have its own identifier (in "winix_locale_id" field)
from zero to this value
added: config option: time_zone_max_id (size_t)
maximum value of a time zone identifier
time zones with an id greater than this will be skipped
default: 130 (maximum: 1000)
removed: config option: locale_default
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@852 e52654a7-88a9-db11-a3e9-0013d4bc506e
there'll be some generic config files for winix
added: a new file in etc directory: time_zones_file
list of time zones (not finished yet -- daylight saving time is needed)
added: option to config: etc_dir
a directory in which there are some config files
used mainly when winix starts
default: empty (means not for using)
added: option to config: time_zones_file
a file in etc_dir with time zones info
default: time_zones.conf
this is a Space structure with all time zones
added: to system: TimeZones struct
list of time zones read from etc/time_zones.conf
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@849 e52654a7-88a9-db11-a3e9-0013d4bc506e
didn't print the subdomain
added: to rm winix function:
bool Rm::RemoveItemByPath(const std::wstring & path, bool check_access)
fixed: in Upload winix function
when uploading an image we have to get
a mount point where the image is placed (parent dir)
(it was cur->mount beforehand)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@844 e52654a7-88a9-db11-a3e9-0013d4bc506e
this class has information about a time zone (utf offset, daylight saving time)
and methods for converting between UTC and local time
structs User and Config has a TimeZone object
System::ToLocal() and System::ToUTC() uses it for converting
(depending whether a user is logged or not)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@842 e52654a7-88a9-db11-a3e9-0013d4bc506e
now we first demonize (fork) and then open the log file
added: start adding support for PT::Date
we are using instead of tz system structure
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@836 e52654a7-88a9-db11-a3e9-0013d4bc506e
ConfParser is now SpaceParser
added: to SessionManager
Session * SessionManager::FindSession(long id)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@831 e52654a7-88a9-db11-a3e9-0013d4bc506e
added: Job class (system->job object)
a general mechanism for jobs (by using PT::Space as a job structure)
WINIX_JOB plugin message will be sent with a pointer to PT::Space
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@829 e52654a7-88a9-db11-a3e9-0013d4bc506e
and was not used when checking for base url redirect
fixed: return values from plugins should be given in a special structure
they were remembered in plugin object (ret_false, ret_true)
and consequently were not thread safe
now all plugin.Call() methods return PluginRes structure
in which there are ret_false and ret_true variables
changed: small refactoring in AddUser winix function
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@827 e52654a7-88a9-db11-a3e9-0013d4bc506e
(even if it was an administrator and has selected other people)
git-svn-id: svn://ttmath.org/publicrep/winix/trunk@825 e52654a7-88a9-db11-a3e9-0013d4bc506e
Tomasz Sowa