AgeCommit message (Collapse)AuthorFilesLines
2015-09-20formValidate: Created templates for gtin and editsum fieldsYorhel8-26/+40
2015-09-20Use plural version of reqPostsYorhel1-1/+1
Surprisingly, this was the only change I needed to make to comply with the TUWF reqGet-style function split.
2015-09-20Use the new reqQuery() + update usage of reqPath() for TUWF 1.0Yorhel2-3/+2
2015-09-20Update usage kv_validate() to upcoming TUWF 1.0Yorhel15-101/+90
And added new 'page' and 'id' templates for more strict validation.
2015-09-17Handler::Discussions: Add search box to non-item thread listsYorhel1-22/+31
As requested at
2015-09-17Handler::VNEdit: Use json_validate() for the VN staff/cast dataYorhel1-36/+38
This (only very slightly) simplified further processing of the data. It does add more validation than was present: Previously it was possible to send invalid roles (would give a 500) or invalid numeric IDs (would throw some perl warnings). These issues are now handled earlier on. This change also puts a maximum length on the notes field, but nobody has passed the 300 characters so far.
2015-09-17Rename jsonEncode/Decode to C-style namingYorhel3-13/+13
CamelCase is used for methods, C-style names for functions. I'm just nitpicking now.
2015-09-17Created json_validate() for JSON form data, used for Staff alias editorYorhel3-25/+44
The intention is to move more JS editing forms to use JSON, but manually verifying JSON objects is both painful and likely to introduce errors or vulnerabilities. json_validate() is a bit of a hack, but has the advantage that its validation syntax is the same as for normal forms, and it automatically strips whitespace. I intent to give kv_validate() an upgrade to be more flexible/modular so it can do more custom normalization. But that's for later. I've been meaning to rewrite the JS forms anyway together with the large JS rewrite, but I'm rather lazy. This is one small step in the right direction anyway. Note that json_validate() assumes that the JS code will provide user-friendly messages on bad input, but the staff alias editor doesn't quite do this yet.
2015-09-08Multi::API: Set keepalive on sockets to detect dead TCP connectionsYorhel1-0/+1
Hopefully prevents issues like
2015-09-08L10N: Fix typo in board searchYorhel1-1/+1
2015-09-07Handler::Discussions: Fix two bugs introduced in last commitYorhel2-2/+2
2015-09-07Handler::Discussions: Use ts_headline() to format search resultsYorhel4-7/+47
And also fix strip_bb_tags() to be case-insensitive and fix a bug in converting the query into a tsquery.
2015-09-07Handler::Discussions: Remove formcode from search formYorhel2-4/+7
It's not verified and only uglifies the URLs.
2015-09-07Implement discussion board search functionYorhel8-14/+265
Inspired by wakaranai's implementation at This version is different in a number of aspects: - Separate search functions for title search and fulltext post search. Perhaps not the most convenient option, but the downside of a combined search is that if the query matches the threads' title, then all of the posts in that thread will show up in the results. This didn't seem very useful. - Sorting is based purely on post date. Rank-based sort is slow without a separate caching column, and in my opinion not all that useful. Implementation differences: - Integrated in the existing DB::Discussions functions, so less code to maintain and more code reuse. - No separate caching column for the tsvector, a functional index is used instead. This is a bit slower (index results need to be re-checked against the actual messages, hence the slowdown), but has the advantage of smaller database dumps and less complexity in updating the cache. Things to fix or look at: - Highlighting of the search query in message contents. - Allow or-style query matching
2015-09-06SQL: Convert threads_board.type to ENUMYorhel4-3/+9
The char(2) solution is both inefficient and ugly. Also needed to be careful with handling the extra space that Postgres would automatically add to single-character types.
2015-09-03CSS: Add overflow:hidden to screenshots on homepageYorhel1-1/+1
As suggested at
2015-09-03JS: Fix argument replacement regexp in mt()Yorhel1-1/+1
This caused every [_#] to be replaced multiple times.
2015-08-31Handler::VNPage: Increase limit on number of visible releasesYorhel1-2/+2
From 50 to 200.
2015-08-18vnstaff.js: Export vnsStaffData for use by vncast.jsYorhel1-4/+5
To fix the cast editor. Add pngcrush/slow options + force png32 + atomic replaceYorhel3-6/+24
A recent version of imagemagick creates 16 bit depth PNG images by default for some reason. This results in an unnecessarily large file size increase and pngcrush doesn't do much to counter it (and its -bit_depth option has been deprecated, too). The atomic replace is quite handy to avoid people seeing any wierd intermediate images while the slow+pngcrush options are being used.
2015-08-17Merge branch 'jscleanup'Yorhel35-3464/+3544
2015-08-17jsgen: Support external command for JS compression (like uglifyjs)Yorhel5-17/+46
Tends to compress a bit better than JavaScript::Minifier::JS. But is also a lot slower, so not really useful when devving. Stats for en.js: raw gzip uglifyjs 68199 19446 JS::Minifier::XS 79862 21624 Uncompressed 107662 28663 On an unrelated note, I like how jQuery boasts about being "Only 32kB minified and gzipped.". That's quite a bit more than all of VNDB's Javascript combined. For a damn library.
2015-08-17js: Clean up misc.jsYorhel4-134/+153
- Individual blocks don't leak variables into the parent scope anymore. Previously some blocks would re-use variables from other blocks, creating (almost invisible) dependencies between te blocks. - More consistent code for ulist-change-dropdowns, and all of them have a ref= argument now. - Use 'hidden' class instead of style.display wherever that makes sense. - Remove dead 'advselect' code. Hasn't been used since the addition of search filters. - lang_select doesn't rely on the position of the language class in className anymore (seriously that stuff is fragile...)
2015-08-17js: Add L10N strings to all relevant varsYorhel5-66/+33
This simplifies the JS code in some places and removes a whole number of L10N strings from the "l10n_str" var, thus shrinking the JS size a bit (uncompressed about 1500 bytes, in fact. 500 bytes after gzip).
2015-08-16js: Clean up charops.js & tagops.jsYorhel2-111/+123
charops.js was already recently (re)written and followed much of the new conventions, so that was easy. tagops.js has been simplified somewhat, and does not rely on the position of the "tagspl#" class anymore.
2015-08-15js: Let preprocess L10N strings + add L10N strings to some varsYorhel7-71/+77
This simplifies the JS version of mt() a bit and makes the whole internationalization framework a bit more robust. I also changed the VARS.{rlist_status,age_ratings,languages,platforms,char_roles} arrays to include the L10N string. This simplifies the JS code and reduces the JS size. There's a few more of such lists that can be transformed in the same way, I'll get to that later.
2015-08-15js: Wrap included files in anonymous functionYorhel8-461/+436
This removes the need to indent all files and add the anonymous function manually, and it also provides clean and consistent semantics. I already rewrote the library-like files earlier on to add their public interfaces to the window object, so everything should keep working after this change. It's still possible that some files use use a function from another non-library file. Those will break, but I'm sure such cases will be found soon enough, if they exist.
2015-08-15js: Cleanup + improve dropdownsearch.jsYorhel1-131/+165
Same as usual. Some additional changes - Removed parfunc argument to dsInit(), not used anywhere. - The ds_box div is only created when used.
2015-08-14CSS: Add sans-serif as fallback fontYorhel1-4/+4
2015-08-11js: Cleanup dropdown.js + remove http_request globalYorhel3-73/+90
dropdown.js has also been improved a bit to only add the dd_box node to the DOM when it's actually going to be used, and it now only captures document.onmousemove when a box is shown.
2015-08-11js: Cleanup dateselector.jsYorhel2-59/+88
2015-08-11js: Cleanup tabs.jsYorhel1-34/+46
2015-08-10js: Clean up iv.js to use own namespace + better prev/next generationYorhel2-88/+119
2015-08-10js: Move generated variables into global VARS structureYorhel10-82/+83
This removes one source of namespace polution, and makes it more clear which code is using the variables.
2015-08-10Split script.js into multiple smaller filesYorhel28-3385/+3333
First part of a Javascript cleanup.
2015-08-08Char page: Dynamically show/hide trait groups depending on visible traitsYorhel2-14/+10
2015-08-08Hide sexual traits by default + Add profile option to change defaultYorhel5-6/+21
2015-08-08Add sexual trait toggle to character informationYorhel6-56/+91
It's not a preference yet and the sexual traits are still visible by default. I'll fix that later.
2015-07-27Handler::VNPage: Bunch of fixes for release page comparison rewriteYorhel1-5/+4
- Remove the obsolete 'use's - Re-add max-width style when requested - Fix comparison in displaying media - Fix sorting on animation column
2015-07-26Handler::VNPage: Rewrite release comparison pageYorhel1-408/+227
The previous code was using experimental perl features (switch / smartmatch) that weren't really needed, and the information about individual columns was spread around in multiple functions. This rewrite makes the code consistent with the rest of VNDB, and has *all* of the column-specific information in one data structure. I did not replicate the similar-cell-merging feature, partly because the code for it is definitely not trivial and partly because it doesn't make the table look any less cluttered. In fact, I feel that it only makes the table harder to interpret because it looks messy. This is a matter opinion, of course, so I might reimplement the feature if people who actually use this comparison page want to. Overall, I'm still undecided on whether this comparison page should exist at all in its current form - it's not very user-friendly and often looks cluttered. I'm keeping it because it does have some use-cases where it avoids opening every release page to do a manual comparison, but I'd love a more friendly-looking alternative.
2015-07-25L10N: Remove unused translation stringsYorhel1-108/+0
Found with the tooling in the l10nusage branch.
2015-07-25Handler::Misc: Fix minor calculation error in determining "admin" userYorhel1-1/+1
2015-07-22Util::BrowseHTML: Fix XSS in "order by" link URLsYorhel1-2/+2
Reported by dim0k at
2015-07-21Add profile option for the default spoiler settingYorhel10-50/+54
This fixes the unexpected behaviour that changing the spoiler setting on one page will change it for all pages. All manual spoiler changing options are temporary now.
2015-07-21L10N: Combine spoiler setting stringsYorhel6-165/+58
2015-07-21Add profile option for default visible tag categories on VN pagesYorhel7-8/+26
The name of the profile setting isn't very clear. Not sure what to do with it.
2015-07-21Add profile option to show or summarize tags on VN pages by defaultYorhel6-6/+25
2015-07-21Multi::API: Support IPv6Yorhel1-1/+5
This was more trivial than I had expected. I already took ipv6 into account when rewriting the API for AnyEvent (including the use of norm_ip()), so that part was fine. The only part I had to fix was the listening socket, and I had to ensure that the $c->{ip} was correct. The first was easy, and the latter was properly handled by AnyEvent automatically. Looks like AnyEvent automatically 'unpacks' IPv4-mapped IPv6 addresses, so I didn't have to deal with that myself.
2015-07-20Multi::API: Throttle "throttled" error repliesYorhel1-3/+13
This is to save system resources when a misbehaving client keeps sending commands while it's being throttled. It also protects against trivial DoS attacks.
2015-07-20L10N: Support plural forms for charrolesYorhel3-34/+34
Used /v+/chars, other occurrences just use singular.