summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)AuthorFilesLines
2017-03-03VNBrowse: Remember sort options when changing query or filtersYorhel1-2/+2
2017-03-03API: Add traits filter to get characterYorhel1-0/+4
2017-03-03Don't allow deleted or unapproved traits to be linked to char entriesYorhel2-0/+4
Fixes https://vndb.org/t2520.213
2017-02-20APIDump: Add votes2.gz with dates, update sizes in d14Yorhel1-1/+9
2017-02-20Multi::IRC: Whitelist c64 in id detectionYorhel1-1/+1
2017-01-29IRC: Remove eval commandYorhel1-9/+0
I never use it. And it's scary.
2017-01-25Ignore duplicate board IDs in threat editYorhel1-1/+1
https://vndb.org/t2520.209
2017-01-25Disable links to AnimeNFO for the momentYorhel1-4/+5
https://vndb.org/t2520.210
2017-01-25API: Fix Unicode password login + some messagesYorhel1-3/+3
2017-01-21Don't omit metadata with a value of '0'flan1-1/+1
2017-01-19Add Open Graph tags for the main page and vrspcflan7-10/+70
2016-12-04API: Add username filter to "get user" + d11 updatesYorhel1-0/+5
2016-11-27SQL: Use separate role for Multi2.26Yorhel1-25/+24
2016-11-27SQL: Use separate role for the website + disallow access to user dataYorhel3-135/+170
Previously the website was connected to the database with a "database owner" user, which has far too many permissions. Now there's a special vndb_site user with only the necessary permissions. The primary reason to do this is to decrease the impact if the site process is compromised. E.g. it's now no longer possible to delete or modify old entry revisions. An attacker can still do a lot of damage, however. Additionally (and this was the main reason to implement this change in the first place), the user sessions, passwords and email data is now not easily accessible anymore. Hopefully, the new user management abstractions will prevent email and password dumps in case of an SQL injection or RCE vulnerability in the site code. Of course, this only works if my implementation is fully correct and there's no privilige escalation vulnerability somewhere. Furthermore, changing your password now invalidates any existing sessions, and the password reset function is disabled for 'usermods' (because usermods can list email addresses from the database, and the password reset function could still allow an attacker to gain access to anyone's account). I also changed the format of the password reset tokens, as they totally don't need to be salted.
2016-11-03List deleted releases when adding a new releaseYorhel2-5/+29
2016-11-03Add duplicate check to producer entryYorhel3-12/+76
2016-10-16Support more than 100 characters per VNYorhel2-2/+2
2016-10-16VNPage: Add gender icons to character summaryYorhel1-0/+1
2016-10-16Doc update + IRC bot language fixYorhel1-1/+1
2016-09-18Suppress silly Perl 5.22 warnings about extra sprintf argsYorhel3-0/+3
2016-09-11API: Add VN relations "official" fieldYorhel1-5/+2
2016-09-11Fix http->https in d14 + increase IRC quote spam intervalYorhel1-1/+1
2016-08-31API: Add simple "get user" commandYorhel1-4/+24
2016-07-31Handler::VNEdit: Fix bug with new staff/cast being removed on form errorYorhel1-6/+5
The names of the staff were fetched from the existing VN entry, so any newly added staff were not present in that list, and would thus not show up when the form validation failed. This fix makes sure to always fetch the required data from the database.
2016-07-31API: Support array mathing in "get character" vn filterYorhel1-0/+1
2016-07-03Generalize substring search relevance + apply to most dropdown searchesYorhel8-51/+40
This is a generalization of the search improvements made in 7da2edeaa0f6cf7794f4f8f68960497dc1be893c and 92235222dba4e5d0c7713d53ef12e0f10e371b83 And has been applied to the dropdown searches for producers, staff, tags and traits. For all those searches, exact matches are listed first, followed by prefix matches, and then substring matches. Relevance is currently only based on the primary name/title and ignores aliases (except for staff). This is fixable, but not trivial, and I'm not sure it's all that useful.
2016-07-03DB::Tags::dbTTTree: Use hash lookup for parent IDsYorhel1-3/+4
Reduces page load time of the trait index from 200ms to 20ms. Also provides a slight improvement for other tag/trait tree views.
2016-07-03Charedit/traits: Prioritize exact match when finding traitsYorhel2-2/+15
2016-07-03Various staff search improvementsYorhel3-19/+25
- Exact match is now case-insensitive - Main staff search supports exact match with =-prefix - On VN edit dropdown: exact matches are sorted before other matches - VN edit dropdown now also displays original name
2016-07-02JS: Use alias ID in dropdown search to fix selectionYorhel1-1/+1
2016-07-02Util::ValidateTemplates: Fix forgotten import of kv_validateYorhel1-0/+1
2016-07-02Validate release dates + move validation out of vndb.plYorhel3-1/+104
2016-06-19API: Add "tags" filter to "get vn" + increase throttle throttleYorhel1-4/+8
2016-06-12API: Increase some limits + set custom TCP keepalive valuesYorhel1-3/+15
2016-06-05Fix typo on release page.Albin Bernhardsson1-1/+1
2016-05-15API: Allow sorting 'get vn' on stats fieldsYorhel1-1/+4
2016-04-11API: Added "vns" flag and member to "get character"Yorhel1-0/+9
2016-04-11Handler::Discussions: Increase boards limitYorhel1-1/+1
2016-02-12Minor fixes / behaviour reverts related to the removal of L10NYorhel4-7/+7
- Fix mouse-over text of language flag on homepage - Capitalize release types in edit form - Use plural form of character roles on VN page listing
2016-01-29Multi::API: added 'screens' flag to 'get vn'Yorhel1-0/+18
2016-01-26Handler::Misc: Fix perl warning on 404 */histYorhel1-1/+1
2016-01-23L10N: Remove all remaining traces of the interface translation featureYorhel3-555/+0
...unless I missed something.
2016-01-23L10N: Intern all VNDB::Handler::* stuffYorhel14-812/+911
Most of these replacements were automated. This ended up being less work than I had anticipated. I also fixed a few minor bugs along the way, but probably introduced more than I fixed.
2016-01-20L10N: Intern all VNDB::Util::* stuffYorhel16-269/+309
With some related edits in other parts of the code, mostly due to interface changes to htmlRevision() and htmlFormError(). Trivial replacements were automated by a super awesome script.
2016-01-19Move some VNDB::L10N stuff to VNDB::Func + intern VNDB::FuncYorhel15-102/+104
2016-01-18Fix display of spoiler in chartraits.js + warning in Handler/Chars.pmYorhel1-1/+1
2016-01-17L10N: Intern all Javascript strings and rename main JS fileYorhel1-1/+1
This has been mostly automated.
2016-01-17L10N: Intern blood_types/genders/(char|staff)_roles/discussion_boardsYorhel7-46/+41
I definitely needed the Tie::IxHash thing for these.
2016-01-17Use Tie::IxHash for some global.pl listsYorhel8-25/+26
This removes the reliance on sort() to provide meaningful ordering (the keys aren't always good for ordering) and removes the 'order' hack used for (vn|prod)_relations.
2016-01-17L10N: Intern VN/producer relations + update relation graphsYorhel4-22/+19
Now that graphviz knows the actual strings, it has a better opportunity to create better graphs. (Most of them still look messy tho)