Team,
I've implemented a number of changes to eclipse.org-common that are
awaiting some peer review. I have simply added new functions to
app.class.php, and I added two new classes, so this change is fairly
low-risk in that it won't (shouldn't) break any existing code.
Here's what's new:
1. Support for Bugzilla authentication
session.class.php was created to allow users to authenticate to our
website. I will design the actual login page, but this will allow any
Phoenix page to "consume" the login session, and determine if the
current user is logged in (or not), extract their name, and eventually
their committer status, etc.
2. Support for parameter sanitizing SQL
I added $App->sqlSanitize($_value, $_dbh) which will return a
sanitized value. We must start ensuring our incoming parameters
are sanitized before going to the database, even if we're only
issuing SELECT statements against a read-only database.
3. Support for Event Logs
Currently only used for the purpose of tracking logins, but it could be
for other purposes where an event needs to be logged.
The latest patch at
https://bugs.eclipse.org/bugs/show_bug.cgi?id=209557 is what I would
like to commit to the live site. Please review this patch and +1 it if
you feel it is safe to commit.
Thanks,
Denis
--
Denis Roy
Manager, IT Infrastructure
Eclipse Foundation, Inc. -- http://www.eclipse.org/
Office: 613.224.9461 x224 (Eastern time)
Cell: 819.210.6481
denis.roy@xxxxxxxxxxx
|