User ID

Capabilities

Contact Info

if( g.perm.Admin && (zCap[0]!='s' || g.perm.Setup) ){ @ } @ %h(db_column_text(&s,1)) if( g.perm.Admin ){ @ } @

%s(zCap)

%s(db_column_text(&s,3))

Privileges And Capabilities:

if( higherUser ){ @

@ User %h(zLogin) has Setup privileges and you only have Admin privileges @ so you are not permitted to make changes to %h(zLogin). @

@ } @

@ The Setup user can make arbitrary @ configuration changes. An Admin user @ can add other users and change user privileges @ and reset user passwords. Both automatically get all other privileges @ listed below. Use these two settings with discretion. @

@ @

@ The "•" mark @ indicates the privileges of nobody that @ are available to all users regardless of whether or not they are logged in. @

@ @

@ The "•" mark @ indicates the privileges of anonymous that @ are inherited by all logged-in users. @

@ @

@ The "•" mark @ indicates the privileges of developer that @ are inherited by all users with the @ Developer privilege. @

@ @

@ The "•" mark @ indicates the privileges of reader that @ are inherited by all users with the Reader @ privilege. @

@ @

@ The Delete privilege give the user the @ ability to erase wiki, tickets, and attachments that have been added @ by anonymous users. This capability is intended for deletion of spam. @ The delete capability is only in effect for 24 hours after the item @ is first posted. The Setup user can @ delete anything at any time. @

@ @

@ The History privilege allows a user @ to see most hyperlinks. This is recommended ON for most logged-in users @ but OFF for user "nobody" to avoid problems with spiders trying to walk @ every historical version of every baseline and file. @

@ @

@ The Zip privilege allows a user to @ see the "download as ZIP" @ hyperlink and permits access to the /zip page. This allows @ users to download ZIP archives without granting other rights like @ Read or @ History. This privilege is recommended for @ user nobody so that automatic package @ downloaders can obtain the sources without going through the login @ procedure. @

@ @

@ The Check-in privilege allows remote @ users to "push". The Check-out privilege @ allows remote users to "pull". The Clone @ privilege allows remote users to "clone". @

@ @

@ The Read Wiki, @ New Wiki, @ Append Wiki, and @ Write Wiki privileges control access to wiki pages. The @ Read Ticket, @ New Ticket, @ Append Ticket, and @ Write Ticket privileges control access @ to trouble tickets. @ The Ticket Report privilege allows @ the user to create or edit ticket report formats. @

@ @

@ Users with the Password privilege @ are allowed to change their own password. Recommended ON for most @ users but OFF for special users developer, @ anonymous, @ and nobody. @

@ @

@ The EMail privilege allows the display of @ sensitive information such as the email address of users and contact @ information on tickets. Recommended OFF for @ anonymous and for @ nobody but ON for @ developer. @

@ @

@ The Attachment privilege is needed in @ order to add attachments to tickets or wiki. Write privilege on the @ ticket or wiki is also required. @

@ @

@ Login is prohibited if the password is an empty string. @

Special Logins

@ No login is required for user nobody. The @ capabilities of the nobody user are @ inherited by all users, regardless of whether or not they are logged in. @ To disable universal access to the repository, make sure no user named @ nobody exists or that the @ nobody user has no capabilities @ enabled. The password for nobody is ignore. @ To avoid problems with spiders overloading the server, it is recommended @ that the h (History) capability be turned @ off for the nobody user. @

@ @

@ Login is required for user anonymous but the @ password is displayed on the login screen beside the password entry box @ so anybody who can read should be able to login as anonymous. @ On the other hand, spiders and web-crawlers will typically not @ be able to login. Set the capabilities of the @ anonymous @ user to things that you want any human to be able to do, but not any @ spider. Every other logged-in user inherits the privileges of @ anonymous. @

@ @

@ The developer user is intended as a template @ for trusted users with check-in privileges. When adding new trusted users, @ simply select the developer privilege to @ cause the new user to inherit all privileges of the @ developer @ user. Similarly, the reader user is a @ template for users who are allowed more access than @ anonymous, @ but less than a developer. @

%s(zLabel)

%s(zErrMsg)

This repository (in the file named "%h(zSelfRepo)") @ is not currently part of any login-group. @ To join a login group, fill out the form below.

login_insert_csrf_secret(); @

@ @ @ @ @ @ @ @ @ @ @ @ @ @ @
Repository filename in group to join: @
Login on the above repo: @
Password: @
Name of login-group: @ @ (only used if creating a new login-group).
@
}else{ Stmt q; int n = 0; @
This repository (in the file "%h(zSelfRepo)") @ is currently part of the "%h(zGroup)" login group. @ Other repositories in that group are:
@ @ db_prepare(&q, "SELECT value," " (SELECT value FROM config" " WHERE name=('peer-name-' || substr(x.name,11)))" " FROM config AS x" " WHERE name GLOB 'peer-repo-*'" " ORDER BY value" ); while( db_step(&q)==SQLITE_ROW ){ const char *zRepo = db_column_text(&q, 0); const char *zTitle = db_column_text(&q, 1); n++; @ } db_finalize(&q); @
Project Name @ Repository File
%d(n). @ %h(zTitle) %h(zRepo)
@ @
login_insert_csrf_secret(); @ To leave this login group press @ @
} style_footer(); } /* ** WEBPAGE: setup_timeline */ void setup_timeline(void){ login_check_credentials(); if( !g.perm.Setup ){ login_needed(); } style_header("Timeline Display Preferences"); db_begin_transaction(); @
login_insert_csrf_secret(); @
onoff_attribute("Allow block-markup in timeline", "timeline-block-markup", "tbm", 0); @
In timeline displays, check-in comments can be displayed with or @ without block markup (paragraphs, tables, etc.)
@
onoff_attribute("Use Universal Coordinated Time (UTC)", "timeline-utc", "utc", 1); @
Show times as UTC (also sometimes called Greenwich Mean Time (GMT) or @ Zulu) instead of in local time.
@
onoff_attribute("Show version differences by default", "show-version-diffs", "vdiff", 0); @
On the version-information pages linked from the timeline can either @ show complete diffs of all file changes, or can just list the names of @ the files that have changed. Users can get to either page by @ clicking. This setting selects the default.
@
entry_attribute("Max timeline comment length", 6, "timeline-max-comment", "tmc", "0"); @
The maximum length of a comment to be displayed in a timeline. @ "0" there is no length limit.
@
@
@
db_end_transaction(0); style_footer(); } /* ** WEBPAGE: setup_settings */ void setup_settings(void){ struct stControlSettings const *pSet; login_check_credentials(); if( !g.perm.Setup ){ login_needed(); } style_header("Settings"); db_open_local(); db_begin_transaction(); @
This page provides a simple interface to the "fossil setting" command. @ See the "fossil help setting" output below for further information on @ the meaning of each setting.
@
@
login_insert_csrf_secret(); for(pSet=ctrlSettings; pSet->name!=0; pSet++){ if( pSet->width==0 ){ onoff_attribute(pSet->name, pSet->name, pSet->var!=0 ? pSet->var : pSet->name, is_truth(pSet->def)); if( pSet->versionable ){ @ (v)
} else { @
} } } @ for(pSet=ctrlSettings; pSet->name!=0; pSet++){ if( pSet->width!=0 ){ entry_attribute(pSet->name, /*pSet->width*/ 40, pSet->name, pSet->var!=0 ? pSet->var : pSet->name, (char*)pSet->def); if( pSet->versionable ){ @ (v)
} else { @
} } } @
@
@
@
Settings marked with (v) are 'versionable' and will be overridden by the contents of files named .fossil-settings/PROPERTY.
@
@ These settings work in the same way, as the set commandline:
@
%s(zHelp_setting_cmd)
db_end_transaction(0); style_footer(); } /* ** WEBPAGE: setup_config */ void setup_config(void){ login_check_credentials(); if( !g.perm.Setup ){ login_needed(); } style_header("WWW Configuration"); db_begin_transaction(); @
login_insert_csrf_secret(); @
entry_attribute("Project Name", 60, "project-name", "pn", ""); @
Give your project a name so visitors know what this site is about. @ The project name will also be used as the RSS feed title.
@
textarea_attribute("Project Description", 5, 60, "project-description", "pd", ""); @
Describe your project. This will be used in page headers for search @ engines as well as a short RSS description.
@
entry_attribute("Index Page", 60, "index-page", "idxpg", "/home"); @
Enter the pathname of the page to display when the "Home" menu @ option is selected and when no pathname is @ specified in the URL. For example, if you visit the url:
@ @
%h(g.zBaseURL)
@ @
And you have specified an index page of "/home" the above will @ automatically redirect to:
@ @
%h(g.zBaseURL)/home
@ @
The default "/home" page displays a Wiki page with the same name @ as the Project Name specified above. Some sites prefer to redirect @ to a documentation page (ex: "/doc/tip/index.wiki") or to "/timeline".
@ @
Note: To avoid a redirect loop or other problems, this entry must @ begin with "/" and it must specify a valid page. For example, @ "/home" will work but "home" will not, since it omits the @ leading "/".
@
onoff_attribute("Use HTML as wiki markup language", "wiki-use-html", "wiki-use-html", 0); @
Use HTML as the wiki markup language. Wiki links will still be parsed @ but all other wiki formatting will be ignored. This option is helpful @ if you have chosen to use a rich HTML editor for wiki markup such as @ TinyMCE.
@
CAUTION: when @ enabling, all HTML tags and attributes are accepted in the wiki. @ No sanitization is done. This means that it is very possible for malicious @ users to inject dangerous HTML, CSS and JavaScript code into your wiki.
@
This should only be enabled when wiki editing is limited @ to trusted users. It should not be used on a publically @ editable wiki.
@
@
@
db_end_transaction(0); style_footer(); } /* ** WEBPAGE: setup_editcss */ void setup_editcss(void){ login_check_credentials(); if( !g.perm.Setup ){ login_needed(); } db_begin_transaction(); if( P("clear")!=0 ){ db_multi_exec("DELETE FROM config WHERE name='css'"); cgi_replace_parameter("css", zDefaultCSS); db_end_transaction(0); cgi_redirect("setup_editcss"); }else{ textarea_attribute(0, 0, 0, "css", "css", zDefaultCSS); } if( P("submit")!=0 ){ db_end_transaction(0); cgi_redirect("setup_editcss"); } style_header("Edit CSS"); @
login_insert_csrf_secret(); @ Edit the CSS below:
textarea_attribute("", 40, 80, "css", "css", zDefaultCSS); @
@ @ @
@
Note: Press your browser Reload button after @ modifying the CSS in order to pull in the modified CSS file.
@
@ The default CSS is shown below for reference. Other examples @ of CSS files can be seen on the skins page. @ See also the header and @ footer editing screens. @
  cgi_append_default_css();
  @ 
style_footer(); db_end_transaction(0); } /* ** WEBPAGE: setup_header */ void setup_header(void){ login_check_credentials(); if( !g.perm.Setup ){ login_needed(); } db_begin_transaction(); if( P("clear")!=0 ){ db_multi_exec("DELETE FROM config WHERE name='header'"); cgi_replace_parameter("header", zDefaultHeader); }else{ textarea_attribute(0, 0, 0, "header", "header", zDefaultHeader); } style_header("Edit Page Header"); @
login_insert_csrf_secret(); @
Edit HTML text with embedded TH1 (a TCL dialect) that will be used to @ generate the beginning of every page through start of the main @ menu.
textarea_attribute("", 40, 80, "header", "header", zDefaultHeader); @
@ @ @
@
@ The default header is shown below for reference. Other examples @ of headers can be seen on the skins page. @ See also the CSS and @ footer editing screeens. @
  @ %h(zDefaultHeader)
  @ 
style_footer(); db_end_transaction(0); } /* ** WEBPAGE: setup_footer */ void setup_footer(void){ login_check_credentials(); if( !g.perm.Setup ){ login_needed(); } db_begin_transaction(); if( P("clear")!=0 ){ db_multi_exec("DELETE FROM config WHERE name='footer'"); cgi_replace_parameter("footer", zDefaultFooter); }else{ textarea_attribute(0, 0, 0, "footer", "footer", zDefaultFooter); } style_header("Edit Page Footer"); @
login_insert_csrf_secret(); @
Edit HTML text with embedded TH1 (a TCL dialect) that will be used to @ generate the end of every page.
textarea_attribute("", 20, 80, "footer", "footer", zDefaultFooter); @
@ @ @
@
@ The default footer is shown below for reference. Other examples @ of footers can be seen on the skins page. @ See also the CSS and @ header editing screens. @
  @ %h(zDefaultFooter)
  @ 
style_footer(); db_end_transaction(0); } /* ** WEBPAGE: setup_logo */ void setup_logo(void){ const char *zMime = db_get("logo-mimetype","image/gif"); const char *aImg = P("im"); int szImg = atoi(PD("im:bytes","0")); if( szImg>0 ){ zMime = PD("im:mimetype","image/gif"); } login_check_credentials(); if( !g.perm.Setup ){ login_needed(); } db_begin_transaction(); if( P("set")!=0 && zMime && zMime[0] && szImg>0 ){ Blob img; Stmt ins; blob_init(&img, aImg, szImg); db_prepare(&ins, "REPLACE INTO config(name,value,mtime)" " VALUES('logo-image',:bytes,now())" ); db_bind_blob(&ins, ":bytes", &img); db_step(&ins); db_finalize(&ins); db_multi_exec( "REPLACE INTO config(name,value,mtime) VALUES('logo-mimetype',%Q,now())", zMime ); db_end_transaction(0); cgi_redirect("setup_logo"); }else if( P("clr")!=0 ){ db_multi_exec( "DELETE FROM config WHERE name GLOB 'logo-*'" ); db_end_transaction(0); cgi_redirect("setup_logo"); } style_header("Edit Project Logo"); @
The current project logo has a MIME-Type of %h(zMime) and looks @ like this:
@
@ @
The logo is accessible to all users at this URL: @ %s(g.zBaseURL)/logo. @ The logo may or may not appear on each @ page depending on the CSS and @ header setup.
@ @
@
To set a new logo image, select a file to use as the logo using @ the entry box below and then press the "Change Logo" button.
login_insert_csrf_secret(); @ Logo Image file: @
@ @ @
@ @
Note: Your browser has probably cached the @ logo image, so you will probably need to press the Reload button on your @ browser after changing the logo to provoke your browser to reload the new @ logo image.
style_footer(); db_end_transaction(0); }

User ID:	%d(uid)	(new user)
Login:
Contact Info:
Capabilities:	#define B(x) inherit[x] if( g.perm.Setup ){ @ %s(B('s'))Setup } @ %s(B('a'))Admin @ %s(B('d'))Delete @ %s(B('e'))Email @ %s(B('p'))Password @ %s(B('i'))Check-In @ %s(B('o'))Check-Out @ %s(B('h'))History @ %s(B('u'))Reader @ %s(B('v'))Developer @ %s(B('g'))Clone @ %s(B('j'))Read Wiki @ %s(B('f'))New Wiki @ %s(B('m'))Append Wiki @ %s(B('k'))Write Wiki @ %s(B('b'))Attachments @ %s(B('r'))Read Ticket @ %s(B('n'))New Ticket @ %s(B('c'))Append Ticket @ %s(B('w'))Write Ticket @ %s(B('t'))Ticket Report @ %s(B('x'))Private @ %s(B('z'))Download Zip @
Password:
Scope:	@ @ Apply changes to this repository only. @ @ Apply changes to all repositories in the "%h(zGroup)" @ login group.

Repository filename in group to join:		@
Login on the above repo:		@
Password:		@
Name of login-group:		@ @ (only used if creating a new login-group).
@