Age | Commit message (Collapse) | Author | Files | Lines |
|
Anything fetched from the DB to Perl should be converted to a UNIX
timestamp, and everything that goes from Perl to the DB should be
converted from a UNIX timestamp to a timestamptz data type.
Also, when creating a session, don't rely on the fact that the
expiration default happens to be the same as the cookie expiration time
calculated in Perl. It's cleaner to calculate the date at one place and
then use that everywhere else.
|
|
For consistency, it's best to do everything related to hashes in
hexadecimal notation in Perl.
|
|
This forces $salt and $pass to be 'downgraded' to byte strings in case
we are given unicode strings (i.e. when fetched from database or YAWF).
This, in turn, prevents global_salt from 'upgrading', which allows
binary data to be used for this string.
|
|
This fixes a 500 error when the cookie was longer than 40 bytes but the
characters after the 40th byte aren't a number. (i.e. the cookies of the
previous auth system)
This will also purge the cookie from the user's browser when
dbSessionCheck() returns false. (There's no sense in keeping it in such
a case)
|
|
Conflicts:
util/dump.sql
util/updates/update_2.6.sql
Also updated ChangeLog and made some tiny style changes.
|
|
-- Updated SQL files to reflect column type change.
-- Subroutine dbSessionAdd rewritten to accept an expiration
timestap as an optional third argument.
|
|
|
|
|
|
-- Changed the way cookie data is handled and removed the need for Crypt::Lite
-- Removed "cookie_key" configuration setting for Crypt::Lite
|
|
This commit is tested to work.
|
|
-- Removed _authGenerateSalt in favor of a one-liner in authPreparePassword.
-- Fixed a self-inflicted "WTF" mistake in authInit caused by a stray paste.
|
|
-- Changed the way cookies are handled to a database-backed system
-- Changed the password hashing algorithm used
-- Introduced a dual-salt method for increasing password encryption strength
|
|
This is more of a test of the new git environment than anything else.
|
|
This adds a small performance penalty, but should make it a lot easier
for people to notice that someone is asking for his/her attention.
Ideally, this count would be the number of *unread* *posts*, rather than
*total* number of *threads*, but we don't store read the state (yet).
|
|
DB/{Votes,VNList,WishList}.pm into ULists.pm
|
|
and login form
|
|
|
|
...this is basically everything we're going to rewrite
|
|
- Re-added old VN list, delete-only and with a warning
- Small code cleanup
git-svn-id: svn://vndb.org/vndb@75 1fe2e327-d9db-4752-bcf7-ef0cb4a1748b
|
|
(written by apple)
git-svn-id: svn://vndb.org/vndb@23 1fe2e327-d9db-4752-bcf7-ef0cb4a1748b
|
|
git-svn-id: svn://vndb.org/vndb@1 1fe2e327-d9db-4752-bcf7-ef0cb4a1748b
|