Add more spam words for user notes

Recently, we get an awful lot of spam; let's constrain it.

Try adding Reply-To header to commit mails

Not sure whether this will get stripped by the mailing list, but
let's try it. I don't want to specify the author/committer email
in From,

Try adding Reply-To header to commit mails

Not sure whether this will get stripped by the mailing list, but
let's try it. I don't want to specify the author/committer email
in From, as it'll likely run afoul of DMARC.

show more ...

Try to fix mail charset issue

Set utf-8 as the charset when using PHPMailer. The manual encoding
code was a leftover from direct calls to mail() and only handles
the charset in the s

Try to fix mail charset issue

Set utf-8 as the charset when using PHPMailer. The manual encoding
code was a leftover from direct calls to mail() and only handles
the charset in the subject but not other headers.

show more ...

Make "Fixed bug" check case-insensitive

Remove magic_quotes filter handling

The magic quotes filter is now disabled.

Finish migration to safe queries

Fix a typo

Adjust note.sql schema to work on current MySQL

Fix event searchby logic

The !$searchby checks no longer did something meaningful after
switching to the Query object.

Let me view phpinfo

Migrate more code to safe query abstraction

Getting closer to done...

Move more queries to safe abstraction

Add a Query class to assemble queries by parts, and ?int placeholder
which is needed for LIMIT clauses.

Use db_query_safe() in more places

Replace most of the raw mysql_query() calls.

Remove fetch/countries.php

This was used by scripts/update-backend at one point, now the
list is hardcoded.

Remove unused mirrors.sql

We no longer have mirrors.

Remove alerts functionality

This was never used, and is in a broken state right now (references
an incorrect database schema).

It seems rather unlikely that this functionality i

Remove alerts functionality

This was never used, and is in a broken state right now (references
an incorrect database schema).

It seems rather unlikely that this functionality is going to be
finished at this point, so instead drop it entirely.

show more ...

Use db_query_safe() in forgot.php

Add safe(r) query abstraction

Add db_query_safe that accepts parameters separately. Use it in
some places.

Use db_connect() in some places

Add basic instructions for local setup

Not to make everything work, but at least something...

Don't handle full_special_chars default.filter

default.filter on this server is set to magic_quotes, so remove
the handling for the full_special_chars case.

Handle optional github user name

Author/committer may not necessarily have a github account.

Replace uses of escape() with appropriate functions

For queries, use real_clean(), for html use hsrc().

Remove get_magic_quotes_gpc() checks

master.php.net runs PHP 5.4, where magic quotes no longer exist.
Add a sanity check that they're really disable, and drop code
handling them. The

Remove get_magic_quotes_gpc() checks

master.php.net runs PHP 5.4, where magic quotes no longer exist.
Add a sanity check that they're really disable, and drop code
handling them. There was at least one use of escape() that wouldn't
do the right thing if this code was run with magic quotes.

show more ...

Use strict comparison for password

Rather unlikely, but could give false positives for 0e comparisons.