1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-15 10:00:55 +01:00
Commit graph

9067 commits

Author SHA1 Message Date
vrana
7451c1f6c9 Support NO_BACKSLASH_ESCAPES in escapeStringForLikeClause()
Summary: Also simplify this clunky code.

Test Plan: /owners/view/search/?name=%25

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2114
2012-04-08 21:37:31 -07:00
vrana
a662b09e73 Fix reticle with inline comments editor
Test Plan: Hover textarea in inline comment editor

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2152
2012-04-08 21:35:47 -07:00
vrana
13775fde01 Prefer external [[]] links in Remarkup
Test Plan: I didn't repro it probably because of custom rules.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Maniphest Tasks: T1090

Differential Revision: https://secure.phabricator.com/D2150
2012-04-08 21:33:25 -07:00
vrana
2c8e6f99bd Standardize mysql.configuration-provider
Summary: NOTE: BC break!

Test Plan: /

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, nh

Differential Revision: https://secure.phabricator.com/D2130
2012-04-08 21:32:15 -07:00
epriestley
6c1e2cd8b2 Minor, make sure burnup buckets are unique year-over-year
Auditors: btrahan, vrana, jungejason
2012-04-08 16:33:51 -07:00
epriestley
6eb91b2a0e Improve documentation for System Agents and other account roles
Summary: Explain this stuff better and add some documentation links.

Test Plan: Read documentation, viewed account edit interfaces.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T834

Differential Revision: https://secure.phabricator.com/D2158
2012-04-08 15:10:00 -07:00
epriestley
62e41040f0 Improve exception behavior for storage engine failures
Summary: See T1021. Raise configuration or implementation exceptions immediately. When all engines fail, raise an aggregate exception with details.

Test Plan: Forced all engines to fail, received an aggregate exception. Forced an engine to fail with a config exception, recevied it immediately.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1021

Differential Revision: https://secure.phabricator.com/D2157
2012-04-08 15:07:34 -07:00
epriestley
06367c4801 Improve insert behavior for drag-and-drop and paste uploads
Summary: In Safari, Firefox and Chrome, respect cursor position and selection ranges.

Test Plan: Dragged-and-dropped files into the middle of text, end of text, and a selected text range in Safari, Firefox and Chrome. Copy/pasted files into similar cases in Chrome. Got expected, normal behavior in all cases.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T1016

Differential Revision: https://secure.phabricator.com/D2155
2012-04-08 15:05:40 -07:00
epriestley
23fd936b47 Add some basic signature stripping
Summary: See discussion in T789. Covered the obvious cases, at least. We can refine this as we get a larger sample size.

Test Plan: Unit test coverage.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T789

Differential Revision: https://secure.phabricator.com/D2154
2012-04-08 15:04:12 -07:00
epriestley
056fd755da Detect missing InnoDB in MySQL
Summary: See T993. MySQL fails very very softly if you request an engine which does not exist. Detect and fail if the InnoDB engine is missing or broken.

Test Plan: Faked InnoDB missing, got a failure. Ran normally, got success.

Reviewers: btrahan, vrana, jungejason

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T993

Differential Revision: https://secure.phabricator.com/D2160
2012-04-08 15:03:38 -07:00
epriestley
e4df959064 Use Celerity to version all static resources
Summary:
We don't use versioned URIs for images, so when they change users may get old versions.

This was a particular issue with the recent logo change, which several users reported cache-related issues from.

Instead, use Celerity to manage image URI versions in addition to CSS/JS.

This is complicated, because we need to rewrite image URIs inside of CSS, which means the hash of a CSS file has to be derived from the current image data. Otherwise, when we updated an image the CSS wouldn't update, so we wouldn't be any better off.

So basically we:

  - Find all the "raw" files, and put them into the map.
  - Find all the CSS/JS, perform content-altering transformations on it (i.e., not minification) based on the partial map, and then put it into the map based on transformed hashes.

(If we wanted, we could now do CSS variables or whatever for "free", more or less.)

Test Plan:
  - Regenerated celerity map, browsed site, verified images generated with versioned URIs.
  - Moved "blue" flag image over "green" flag image, regenerated map, verified "green" flag image and the associated CSS changed hashes.
  - Added transformation unit tests; ran unit tests.

Reviewers: btrahan, vrana, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1073

Differential Revision: https://secure.phabricator.com/D2146
2012-04-08 10:07:51 -07:00
epriestley
f7b569e5d9 Don't use "/e" in PHPMailer Lite
Summary: PHP 5.4 raises an E_STRICT warning about "/e", and it's a generally awful idea, even though this case doesn't look exploitable. Silence the warning by using preg_replace_callback() instead of "/e".

Test Plan: Sent myself a message with a bunch of multibyte UTF8 characters in it, it came through cleanly.

Reviewers: btrahan, vrana, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1056

Differential Revision: https://secure.phabricator.com/D2147
2012-04-08 10:02:16 -07:00
epriestley
b90d41dd90 Add an "--ignore-duplicates" flag to import_project_symbols.php
Summary: People are hella lazy and don't want to do this themselves.

Test Plan: Generated a symbol file with duplicates and piped it in, got an import under --ignore-duplicates.

Reviewers: kdeggelman, btrahan, vrana, jungejason

Reviewed By: jungejason

CC: aran

Differential Revision: https://secure.phabricator.com/D2145
2012-04-07 17:25:38 -07:00
epriestley
dd21f7e37c Make error views look less awful
Summary: These elements look heavy and out of place right now.

Test Plan: Looked at error views in uiexample page.

Reviewers: btrahan, vrana, jungejason

Reviewed By: jungejason

CC: aran

Differential Revision: https://secure.phabricator.com/D2144
2012-04-07 17:25:31 -07:00
epriestley
780da42126 Show user a notice when they view "My Projects" for feed but haven't joined any projects
Summary: Currently, we show them everything. Instead, show them an explicit notice.

Test Plan: Looked at "My Projects" feed with no projects.

Reviewers: btrahan, vrana, jungejason

Reviewed By: jungejason

CC: aran

Maniphest Tasks: T1015

Differential Revision: https://secure.phabricator.com/D2143
2012-04-07 17:25:24 -07:00
epriestley
ee278a302e Improve Diffusion blame views
Summary:
  - Make some effort to simplify the code.
  - Make "Skip Past This Commit" work in Git and Mercurial.
  - Make blame work in Mercurial.
  - Add tooltip hover state to show more information about commits.

Test Plan: Viewed blame views in SVN, Git, Hg. Clicked line numbers, hovered/clicked commits, hovered/clicked "blame past..."

Reviewers: btrahan, vrana, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T378

Differential Revision: https://secure.phabricator.com/D2142
2012-04-07 17:24:35 -07:00
vrana
df67401e24 Add typehints to Diffusion browse file controller
Test Plan: Display commit.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2139
2012-04-07 16:03:55 -07:00
Jason Ge
bbeb850d63 Fix missing inline comments issue
Summary:
some inline comments are missing in the revision page. The
reason is that the inline comments got overwritten if multiple groups of
comments are modifying the same file
(https://secure.phabricator.com/diffusion/P/browse/master/src/applications/differential/view/revisioncomment/DifferentialRevisionCommentView.php;f6748bc1907d946ffe5a0957964a5eb5fe90514f$299).

Test Plan: the comments used to be missing renders now.

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: hwang, aran

Differential Revision: https://secure.phabricator.com/D2135
2012-04-07 14:05:52 -07:00
Jason Ge
4f5ce3d9a3 Update ibrary map file
Summary: Update ibrary map file. It's probably caused by D2113.

Test Plan: arc unit passed for the testEverythingImplemented test case.

Reviewers: vrana, epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2134
2012-04-07 14:04:58 -07:00
epriestley
d4839f402c Minor, test fix for D2140? I think this fixes the issue in D2140, pushing to verify...
Auditors: 20after4, btrahan
2012-04-07 12:59:06 -07:00
vrana
5493c0e58e Fix typo 2012-04-07 11:45:31 -07:00
epriestley
ff4f72fdab Minor documentation updates.
Auditors: vrana, btrahan
2012-04-07 11:05:58 -07:00
epriestley
6c2e032dbe Minor, fix a heading in documentation.
Auditors: vrana, btrahan
2012-04-07 11:02:48 -07:00
epriestley
c894344505 Minor, fix some doc links.
Auditors: vrana, btrahan
2012-04-07 10:59:14 -07:00
vrana
d4c5761f41 Customizable MySQL implementation
Test Plan:
- /
- upgrade_schema.php
- Setup
- Try disabling mysql_connect.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2133
2012-04-07 10:54:12 -07:00
epriestley
34ca4a9ba7 Update arcanist documentation to reflect "land", a sane relative commit, and "--auto"
Summary: See D2080. The introduction of `arc land`, defaulting to `origin/master`, and --auto enormously simplifies the documentation.

Test Plan: Read documentation.

Reviewers: btrahan

Reviewed By: btrahan

CC: 20after4, aran

Maniphest Tasks: T894

Differential Revision: https://secure.phabricator.com/D2082
2012-04-07 10:39:51 -07:00
epriestley
869f24bf33 Fix reticle for diff-of-diffs
Summary:
The older logic was incorrect:

  - It chose `change.left` for `data.on_right` being true.
  - 'O' and 'N' mean 'old' and 'new', not 'left' and 'right'. In diff-of-diffs, both sides are 'N'.

So, select the changeset ID correctly (pick the right side one for on_right), and select the new file prefix correctly (N for new, O for old).

Test Plan: Waved my mouse over some inline comments in a diff-of-diffs, got reasonable-looking reticles.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1076

Differential Revision: https://secure.phabricator.com/D2138
2012-04-07 10:39:41 -07:00
vrana
7507981f22 Don't fatal with inaccessible database
Test Plan: Disable `mysql_connect()`.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2137
2012-04-07 10:31:36 -07:00
vrana
58d0ee2de0 Improve Windows support
Test Plan: Display stacktrace, verify that filenames are links.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2132
2012-04-07 10:15:54 -07:00
epriestley
3fdd8c497c Possible fix for T1076, pushing to verify.
I think the issue is that we don't set the left-side changesetID correctly. This seems to work correctly locally, but I'm not sure I got a good repro. Pushing to verify the production test cases provided in T1076.

Auditors: vrana, btrahan
2012-04-07 10:01:28 -07:00
vrana
9b043e5966 Bump required PHP version
Summary:
`mysql_set_charset()` is available since PHP 5.2.3.
I've searched also for other new functions and this is the newest.

Test Plan: /

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2126
2012-04-06 15:26:46 -07:00
Jason Ge
f6748bc190 The existing Audit code forgot to set authorPHID
Summary:
The audit tools has many false positive about Author Not
Matching with Revision. The fix is to set the authorPHID which was
missing in the existing code

Test Plan:
run reparse.php and it doesn't generate false positive result
anymore.

Reviewers: nh, epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2119
2012-04-06 14:16:42 -07:00
epriestley
f7c74e3fb8 Remove an extra </p>
Summary: renderMiniPanel() renders the entire <p>.

Test Plan: Looked at page source for homepage, verified there was no double </p>.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1079

Differential Revision: https://secure.phabricator.com/D2128
2012-04-06 14:09:24 -07:00
vrana
a234a712cd Disable autoload in search for internal class
Test Plan:
/diffusion/symbol/Exception/?jump=1&type=class&lang=php
/diffusion/symbol/Countable/?jump=1&type=class&lang=php

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2124
2012-04-06 12:46:12 -07:00
vrana
e69ba98e20 Prepare for MySQLi support
Summary: This separates common MySQL stuff (identifiers and comments escaping, error codes, connection retries) from PHP extension specific stuff (connect, query, fetch, errors, escape string).

Test Plan:
/
Use `AphrontMySQLiDatabaseConnection` in `PhabricatorLiskDAO`, load homepage, edit task, save task.

Reviewers: epriestley

Reviewed By: epriestley

CC: nh, aran

Differential Revision: https://secure.phabricator.com/D2113
2012-04-06 12:43:56 -07:00
vrana
2211a0b07e Don't render <div> inside <span>
Test Plan: D1

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2121
2012-04-06 10:15:44 -07:00
vrana
23b65c13f4 Use Filesystem::readRandomBytes() in setup
Test Plan: Run setup.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2123
2012-04-06 10:10:33 -07:00
vrana
36ee5dba51 Jump to TOC after Show Diff
Summary: I've found it useful mainly on smaller screen or with lots of comments.

Test Plan: Show Diff

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2122
2012-04-06 09:56:28 -07:00
vrana
1f2028adf0 Render valid HTML
Summary: Also delete some dead code.

Test Plan: /D1

Reviewers: tuomaspelkonen, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2120
2012-04-06 09:56:14 -07:00
vrana
6aa729b1c9 Support MySQL 5.5
Summary:
`116.utf8.sql` throws this under MySQL 5.5:

> Column length too big for column 'keyBody' (max = 21845); use BLOB or TEXT instead

I guess that's because MySQL 5.5 changed maximum length of UTF-8 character from 3 bytes to 4.

I've updated also `116.utf8.sql` for people with new installs.

Test Plan:
  upgrade_schema.php

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2117
2012-04-06 09:55:58 -07:00
vrana
23988ca482 Support Windows
Test Plan:
Enable setup.
Disable setup.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2118
2012-04-06 09:34:06 -07:00
vrana
426d6f2b1f Make getTransactionKey() protected
Test Plan: Search for `getTransactionKey`.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2115
2012-04-06 09:33:37 -07:00
vrana
bc5307f7d5 Fix whitespace 2012-04-06 01:00:32 -07:00
vrana
5f341c79cb Pass connection to mysql_set_charset() 2012-04-05 17:23:29 -07:00
vrana
64facecb87 Fix typo in AphrontMySQLDatabaseConnection 2012-04-05 17:19:07 -07:00
vrana
f698e860cf Remove duplicate remarkup rule
Summary: D2110

Test Plan:
  [[wiki]]
  [[http://example.com]]
  [[http://example.com | example.com]]

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2111
2012-04-05 16:31:17 -07:00
Nick Harper
efb49a6a09 Fix differential.createrevision conduit call
Summary:
This introduces some boundary checking for
PhabricatorOwnersOwner::loadAffiliatedUserPHIDs() if it gets passed an empty
array, which happened when I ran arc diff and it called
differential.createrevision.

Test Plan: ran arc diff

Reviewers: epriestley, meitros, jungejason

CC: aran

Differential Revision: https://secure.phabricator.com/D2112
2012-04-05 15:28:58 -07:00
vrana
ff2b58dab7 Fix MySQL column escaping
Summary:
MySQL doesn't treat `\` as escaping character in ##``##.
This isn't probably SQL injection hole because I've found no calls of this method with user input.
But better safe than sorry.

See also [[http://dev.mysql.com/doc/refman/5.1/en/server-sql-mode.html#sqlmode_no_backslash_escapes | NO_BACKSLASH_ESCAPES]].

Test Plan:
  lang=sql
  SELECT `a\`b`; -- Throws: Syntax error near '`'.
  -- Should throw: Unknown column 'a`b'.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2109
2012-04-05 15:11:05 -07:00
vrana
23d5d7a1a6 Delete unused CSS
Summary: Unused since D2062.

Test Plan:
View commit.
View task.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2108
2012-04-05 10:54:06 -07:00
vrana
d1b7059a2d Open editor from stack trace
Summary:
I've considered that user may have set editor but not checked out Phabricator repositories.
But stack trace is useful mainly for developers.

Test Plan:
Click on path in Unhandled Exception.
Repeat with disabled editor.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2107
2012-04-04 18:19:14 -07:00