diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/sledjchisl/sledjchisl.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/sledjchisl/sledjchisl.c b/src/sledjchisl/sledjchisl.c index 00c4c19..d238e58 100644 --- a/src/sledjchisl/sledjchisl.c +++ b/src/sledjchisl/sledjchisl.c | |||
@@ -2319,6 +2319,7 @@ cookie *setCookie(reqData *Rd, char *cki, char *value) | |||
2319 | char *cook = xstrdup(cki); | 2319 | char *cook = xstrdup(cki); |
2320 | int l, i; | 2320 | int l, i; |
2321 | 2321 | ||
2322 | // TODO - would URL encoding do the trick? | ||
2322 | // Validate this, as there is a limited set of characters allowed. | 2323 | // Validate this, as there is a limited set of characters allowed. |
2323 | qstrreplace("tr", cook, "()<>@,;:\\\"/[]?={} \t", "_"); | 2324 | qstrreplace("tr", cook, "()<>@,;:\\\"/[]?={} \t", "_"); |
2324 | freeCookie(Rd, cook); | 2325 | freeCookie(Rd, cook); |
@@ -5004,6 +5005,8 @@ static void accountLoginWeb(reqData *Rd, inputForm *oF, inputValue *oV) | |||
5004 | accountWebFooter(Rd, oF); | 5005 | accountWebFooter(Rd, oF); |
5005 | } | 5006 | } |
5006 | 5007 | ||
5008 | // TODO - accountViewWeb() and accountViewWeb() should view and edit arbitrary accounts the user is not logged in as, | ||
5009 | // but limit things based on being that viewed / edited account, and the users level. | ||
5007 | static void accountViewWeb(reqData *Rd, inputForm *oF, inputValue *oV) | 5010 | static void accountViewWeb(reqData *Rd, inputForm *oF, inputValue *oV) |
5008 | { | 5011 | { |
5009 | char *name = getStrH(Rd->database, "Lua.name"), | 5012 | char *name = getStrH(Rd->database, "Lua.name"), |
@@ -7245,6 +7248,7 @@ fcgiDone: | |||
7245 | } | 7248 | } |
7246 | else if (!strcmp(cmd, "start")) // "start sim01" "start Welcome" "start" start everything | 7249 | else if (!strcmp(cmd, "start")) // "start sim01" "start Welcome" "start" start everything |
7247 | { | 7250 | { |
7251 | // TODO - check if sim is down, but tmux window is still up, and close the tmux window first. | ||
7248 | } | 7252 | } |
7249 | else if (!strcmp(cmd, "backup")) // "backup onefang rejected" "backup sim01" "backup Welcome" "backup" backup everything | 7253 | else if (!strcmp(cmd, "backup")) // "backup onefang rejected" "backup sim01" "backup Welcome" "backup" backup everything |
7250 | { // If it's not a sim code, and not a sim name, it's an account inventory. | 7254 | { // If it's not a sim code, and not a sim name, it's an account inventory. |