From 04069871bb3f308d6dfefdb4a50df0f21f1b0bd7 Mon Sep 17 00:00:00 2001
From: Patrick Georgi <patrick@georgi-clan.de>
Date: Thu, 3 Mar 2011 21:03:26 +0100
Subject: [PATCH 1/3] Fixes to bugs introduced by the multiple mail feature

---
 src/IDF/Form/Password.php        | 2 +-
 src/IDF/Form/UserChangeEmail.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/IDF/Form/Password.php b/src/IDF/Form/Password.php
index 795a539..98b6949 100644
--- a/src/IDF/Form/Password.php
+++ b/src/IDF/Form/Password.php
@@ -86,7 +86,7 @@ class IDF_Form_Password extends Pluf_Form
                 $return_url = Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecoveryInputCode');
                 $tmpl = new Pluf_Template('idf/user/passrecovery-email.txt');
                 $cr = new Pluf_Crypt(md5(Pluf::f('secret_key')));
-                $code = trim($cr->encrypt($user->email.':'.$user->id.':'.time()), 
+                $code = trim($cr->encrypt($user->email.':'.$user->id.':'.time().':primary'), 
                              '~');
                 $code = substr(md5(Pluf::f('secret_key').$code), 0, 2).$code;
                 $url = Pluf::f('url_base').Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecovery', array($code), array(), false);
diff --git a/src/IDF/Form/UserChangeEmail.php b/src/IDF/Form/UserChangeEmail.php
index aa611c0..308bd6e 100644
--- a/src/IDF/Form/UserChangeEmail.php
+++ b/src/IDF/Form/UserChangeEmail.php
@@ -63,7 +63,7 @@ class IDF_Form_UserChangeEmail extends Pluf_Form
             throw new Pluf_Form_Invalid(__('The validation key is not valid. Please copy/paste it from your confirmation email.'));
         }
         $cr = new Pluf_Crypt(md5(Pluf::f('secret_key')));
-        return explode(':', $cr->decrypt($encrypted), 3);
+        return explode(':', $cr->decrypt($encrypted), 4);
         
     }
 

From 177cf836b4bc3688baa5a02261932960fde75a35 Mon Sep 17 00:00:00 2001
From: Thomas Keller <me@thomaskeller.biz>
Date: Thu, 3 Mar 2011 23:41:56 +0100
Subject: [PATCH 2/3] Stupid me, the condition needs to work on the count of
 the children, of course.

---
 www/media/idf/js/wiki-toc.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/www/media/idf/js/wiki-toc.js b/www/media/idf/js/wiki-toc.js
index 940e211..8b59f35 100644
--- a/www/media/idf/js/wiki-toc.js
+++ b/www/media/idf/js/wiki-toc.js
@@ -5,7 +5,7 @@ $(document).ready(function() {
             .addClass("wiki-" + this.tagName.toLowerCase())
             .appendTo('#wiki-toc-content');
     });
-    if ($('#wiki-toc-content').size() < 2)
+    if ($('#wiki-toc-content *').size() < 2)
         $('#wiki-toc').hide();
 });
 

From f63bfcb4f64642ddf321deedf63638aaf57829a7 Mon Sep 17 00:00:00 2001
From: Thomas Keller <me@thomaskeller.biz>
Date: Thu, 3 Mar 2011 23:42:21 +0100
Subject: [PATCH 3/3] Raise PCRE's backtrack_limit for our regex callback usage
 to avoid spurious errors on weird input (fixes issue 618).

---
 src/IDF/Template/IssueComment.php | 11 +++++++++--
 src/IDF/Template/Markdown.php     | 15 +++++++++++----
 2 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/src/IDF/Template/IssueComment.php b/src/IDF/Template/IssueComment.php
index 280cf2b..a3f23e5 100644
--- a/src/IDF/Template/IssueComment.php
+++ b/src/IDF/Template/IssueComment.php
@@ -34,6 +34,11 @@ class IDF_Template_IssueComment extends Pluf_Template_Tag
 
     function start($text, $request, $echo=true, $wordwrap=true, $esc=true, $autolink=true, $nl2br=false)
     {
+        // PHP sets the backtrack limit quite low, so some regexes may
+        // fail unexpectedly on large inputs or weird cornercases (see issue 618)
+        $pcre_backtrack_limit = ini_get('pcre.backtrack_limit');
+        ini_set('pcre.backtrack_limit', 10000000);
+
         $this->project = $request->project;
         $this->request = $request;
         $this->scm = IDF_Scm::get($request->project);
@@ -67,6 +72,8 @@ class IDF_Template_IssueComment extends Pluf_Template_Tag
         } else {
             return $text;
         }
+
+        ini_set('pcre.backtrack_limit', $pcre_backtrack_limit);
     }
 
     /**
@@ -234,7 +241,7 @@ class IDF_Template_IssueComment extends Pluf_Template_Tag
     public function linkIssue($issue, $title, $anchor='')
     {
         $ic = (in_array($issue->status, $this->project->getTagIdsByStatus('closed'))) ? 'issue-c' : 'issue-o';
-        return '<a href="'.Pluf_HTTP_URL_urlForView('IDF_Views_Issue::view', 
+        return '<a href="'.Pluf_HTTP_URL_urlForView('IDF_Views_Issue::view',
                                                     array($this->project->shortname, $issue->id)).$anchor.'" class="'.$ic.'" title="'.Pluf_esc($issue->summary).'">'.Pluf_esc($title).'</a>';
     }
 
@@ -248,7 +255,7 @@ class IDF_Template_IssueComment extends Pluf_Template_Tag
     public function linkReview($review, $title, $anchor='')
     {
         $ic = (in_array($review->status, $this->project->getTagIdsByStatus('closed'))) ? 'issue-c' : 'issue-o';
-        return '<a href="'.Pluf_HTTP_URL_urlForView('IDF_Views_Review::view', 
+        return '<a href="'.Pluf_HTTP_URL_urlForView('IDF_Views_Review::view',
                                                     array($this->project->shortname, $review->id)).$anchor.'" class="'.$ic.'" title="'.Pluf_esc($review->summary).'">'.Pluf_esc($title).'</a>';
     }
 }
diff --git a/src/IDF/Template/Markdown.php b/src/IDF/Template/Markdown.php
index 2489da3..9b33a06 100644
--- a/src/IDF/Template/Markdown.php
+++ b/src/IDF/Template/Markdown.php
@@ -34,6 +34,11 @@ class IDF_Template_Markdown extends Pluf_Template_Tag
 
     function start($text, $request)
     {
+        // PHP sets the backtrack limit quite low, so some regexes may
+        // fail unexpectedly on large inputs or weird cornercases (see issue 618)
+        $pcre_backtrack_limit = ini_get('pcre.backtrack_limit');
+        ini_set('pcre.backtrack_limit', 10000000);
+
         $this->project = $request->project;
         $this->request = $request;
         // Replace like in the issue text
@@ -43,7 +48,7 @@ class IDF_Template_Markdown extends Pluf_Template_Tag
         // the content of the file into the wki page
         if ($this->request->rights['hasSourceAccess']) {
             $text = preg_replace_callback('#\[\[\[([^\,]+)(?:, ([^/]+))?\]\]\]#im',
-                                          array($this, 'callbackEmbeddedDoc'), 
+                                          array($this, 'callbackEmbeddedDoc'),
                                           $text);
         }
         // Replace [Page]([[PageName]]) with corresponding link to the page, with link text being Page.
@@ -56,6 +61,8 @@ class IDF_Template_Markdown extends Pluf_Template_Tag
                                       $text);
         $filter = new IDF_Template_MarkdownPrefilter();
         echo $filter->go(Pluf_Text_MarkDown_parse($text));
+
+        ini_set('pcre.backtrack_limit', $pcre_backtrack_limit);
     }
 
     function callbackWikiPageNoName($m)
@@ -66,7 +73,7 @@ class IDF_Template_Markdown extends Pluf_Template_Tag
 
     function callbackWikiPage($m)
     {
-        $sql = new Pluf_SQL('project=%s AND title=%s', 
+        $sql = new Pluf_SQL('project=%s AND title=%s',
                             array($this->project->id, $m[2]));
         $pages = Pluf::factory('IDF_WikiPage')->getList(array('filter'=>$sql->gen()));
         if ($pages->count() != 1 and $this->request->rights['hasWikiAccess']
@@ -78,7 +85,7 @@ class IDF_Template_Markdown extends Pluf_Template_Tag
         }
         return '<a href="'.Pluf_HTTP_URL_urlForView('IDF_Views_Wiki::view', array($this->project->shortname, $pages[0]->title)).'" title="'.Pluf_esc($pages[0]->summary).'">'.$m[1].'</a>';
     }
-    
+
     function callbackEmbeddedDoc($m)
     {
         $scm = IDF_Scm::get($this->request->project);
@@ -94,7 +101,7 @@ class IDF_Template_Markdown extends Pluf_Template_Tag
             return $m[0];
         }
         $info = pathinfo($m[1]);
-        $fileinfo = array($res->headers['Content-Type'], $m[1], 
+        $fileinfo = array($res->headers['Content-Type'], $m[1],
                           isset($info['extension']) ? $info['extension'] : 'bin');
         if (!IDF_FileUtil::isText($fileinfo)) {
             return $m[0];