summaryrefslogtreecommitdiff
path: root/util
AgeCommit message (Collapse)AuthorFilesLines
2015-08-10js: Move generated variables into global VARS structureYorhel1-46/+44
This removes one source of namespace polution, and makes it more clear which code is using the variables.
2015-08-10Split script.js into multiple smaller filesYorhel1-3/+13
First part of a Javascript cleanup.
2015-08-08Hide sexual traits by default + Add profile option to change defaultYorhel2-1/+2
2015-07-21Add profile option for the default spoiler settingYorhel2-1/+2
This fixes the unexpected behaviour that changing the spoiler setting on one page will change it for all pages. All manual spoiler changing options are temporary now.
2015-07-21Add profile option for default visible tag categories on VN pagesYorhel2-1/+2
The name of the profile setting isn't very clear. Not sure what to do with it.
2015-07-21Add profile option to show or summarize tags on VN pages by defaultYorhel2-1/+6
2015-07-19Remove the MSIE browser check & warning pageYorhel1-3/+0
It's a relic of the past. IE 6 & 7 are very rarely used nowadays, and people still using it will quickly realize why things don't quite work - they'll be used to it.
2015-05-13Add staff statistic to main menuYorhel2-0/+10
2015-05-13I18N: Add cleanup routine to lang.pl + remove English text from tlsYorhel1-0/+44
2015-05-13Change order of staff rolesYorhel2-1/+10
https://vndb.org/t6138.226 - https://vndb.org/t6048.132
2015-05-11New language: Catalan (/Valencian)Yorhel2-1/+3
2015-05-11Three new platforms: FM Towns, PC Engine, X68000Yorhel2-1/+7
2015-05-11Generate icons.png and associated CSS automaticallyYorhel2-0/+151
It became a bit of a hassle to keep updating that file manually in Gimp. This script performs surprisingly well for our set of icons.
2015-05-03Remove "script" role from vn<->staff linksYorhel1-0/+12
Note that it's still in the postgresql ENUM type. Removing that is possible, but not very trivial.
2015-01-29staff: Added 'scenario' credit typeYorhel2-1/+3
2015-01-28sql: Merge staff changes into /util/sql/ and rename staff.sql2.24Yorhel3-2/+64
So that the /util/sql/ files are in sync with the actual DB again.
2015-01-28Merge branch 'staff' into masterYorhel1-1/+1
Conflicts: lib/VNDB/DB/VN.pm lib/VNDB/Handler/VNPage.pm
2015-01-17staff: Fix search to ignore spaces in Japanese namesmorkt1-0/+1
2015-01-12staff: Add notifications for staff edits/deletesYorhel2-2/+12
2015-01-12staff: Remove some remnants of the staff imagesYorhel2-4/+3
2015-01-04staff: Add some link fields and guidelinesmorkt2-4/+7
2015-01-02staff: Fix deleting of staff + use JSON to pass data + minor fixesmorkt1-0/+2
2014-12-28More progress on the staff + cast DBmorkt2-9/+12
2014-12-24Further progress on the staff databasemorkt1-1/+2
- Moves staff<->vn linking form to the main VN edit form - Fixes a bug with linking staff aliases to VNs - Adds staff changes to the VN revisions - And some misc. improvements
2014-12-22Initial implementation of a staff/seiyuu databasemorkt3-2/+112
2014-12-02Completely drop l_vnn column from VN infoYorhel3-3/+6
Used to link to a visual-novels.net review or something. Links have been hidden and dead since ages. No need to keep the column around.
2014-10-16Completely get rid of the old charedit perm flagYorhel1-0/+4
2014-10-16Hash session tokens with SHA-1 when storing in DBYorhel1-0/+6
This ensures that, if an attacker evers gets read access to the database, he will not be able to compromise any accounts. SHA-1 suffices here, because the data being hashed is a random 20 byte string. The search space is so damn large that you can't sanely brute force it, nor are rainbow tables any use at that scale. They're not salted. The password reset tokens are also hashed in the database and do include salt, but I've no idea why we did that.
2014-10-15Use scrypt for new password hashesYorhel1-1/+7
I increased the N parameter to approximate about 500ms to generate the hash. This is quite a paranoid setting for a website, but login attempts are throttled so there's not much of a DoS factor. (Alright, password changing feature isn't throttled so the DoS factor still exists. But really, there's some pages with longer page generation times anyway.) I did lower the size of the salt a bit (Crypt::ScryptKDF uses 256 bits by default), because 64 bits of randomness should have low enough chance of collision with only ~100k users (even with a million users, seriously).
2014-10-15SQL: Merge users.(passwd|salt) in one column + document valuesYorhel2-1/+15
It doesn't make a whole lot to separate the hashed password and the salt from each other, you need both to do anything with them, and from the database perspective they're both completely opaque strings only usable for direct comparison with other hashed strings. This change is mostly as preparation for switching to a proper key derivation function (sha256 isn't...) and to add support for longer and/or binary salt. Because the passwd field now needs to be interpreted in Perl, it's being passed around as a binary string rather than a hex-encoded value. API login is broken in this commit. I'll get to that.
2014-10-13SQL: Use enum to represent platformsYorhel4-4/+15
I believe I didn't do this conversion earlier (back when I converted the language types) because PostgreSQL didn't support dynamically adding new values to an existing enum back then, and modifying an enum was a huge pain. Recent versions do support this, so there's no reason to keep it as a string. ...I just felt like adding some churn to the code base.
2014-10-11SQL: Convert login_throttle.timeout to a timestamptzYorhel2-1/+5
Easier to work with in custom queries.
2014-09-15Change normalization factor in popularity ranking calculationYorhel1-1/+1
Suggested by Hinoe, quoting his reasoning: In popularity rankings, change the normalization from "sqrt(LowerVoteCount)" == "LowerVoteCount^0.5" to something that grows somewhat more slowly. Details: Natural logarithm itself (ln(LowerVoteCount+1)) is too slow; at the current VN count (15403), it returns 9.64; however, sqrt(15402) is just above 124.1, which I feel is already too high. After experimenting with the exponents a bit, I decided that the best point likely lies between 0.3, which returns a bit above 18.0, and 0.4, which returns a bit above 47.3. Thus, I suggest that the new function be LowerVoteCount^0.36788; the exponent is a 5-digit approximation of e^-1, just because it's a nice number in the specified area and works well, returning circa 34.7.
2014-09-01Disallow ( and ) in email regexYorhel1-1/+1
2014-08-29Throttle failed login attempts (10/day)Yorhel2-0/+12
2014-08-29Sync language type util/sql/all.sql with recent updateYorhel1-1/+1
2014-08-21Add Romanian languageYorhel1-0/+3
2014-07-09Disallow comma in email pattern matchYorhel1-1/+1
2013-09-16Added 960x600 resolutionYorhel1-1/+5
2013-09-14Added Arabic and Hebrew languagesYorhel2-2/+2
2013-05-19Allow * in URL validatorYorhel1-1/+1
Fixes http://vndb.org/t4105
2013-04-17Fix form validation bug on /u*/posts + disallow space in email fieldYorhel1-1/+1
2013-01-05Screenshot uploader: Load stuff synchronously + removed processing flagYorhel2-1/+2
All the async stuff isn't necessary now that images are processed synchronously.
2013-01-05Don't use Multi for processing screenshotsYorhel3-9/+3
TODO: Get rid of the 'processing' flag and all the async loading of screenshot data in the screenshot uploader.
2013-01-05Don't use Multi for processing character imagesYorhel3-9/+3
2013-01-05Don't use Multi for processing VN cover imagesYorhel3-8/+6
I used to do this to avoid loading Image::Magick in each TUWF process, decreasing memory usage, and lowering the blocking time by avoiding too much processing. Memory isn't much of a problem nowadays, and processing images is fast enough, too, so this complexity isn't necessary anymore. (Character images and screenshots pending)
2012-07-24Add wishlist / VN list status options to VN list browserSpaceRanger2-1/+7
2012-06-05schema.sql: Fix order of some columns + remove useless DEFAULT NULLYorhel1-4/+4
The ordering unfortunately matters for some tables, due to the edit_* stored procedures relying on it. :-(
2012-06-04all.sql: Fix creation of the deleted and multi accountsYorhel1-2/+2
2012-06-04schema.sql: Fix creation of anime tableYorhel1-2/+2