Commit Graph

31 Commits

Author SHA1 Message Date
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Sam 5f64fd0a21 DEV: remove exec_sql and replace with mini_sql
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Régis Hanol ff06ce4cce fix the build 2018-06-13 23:05:23 +02:00
Régis Hanol 051d1a3c36 PERF: faster Screened IP Address roll up 2018-06-13 22:47:23 +02:00
Neil Lalonde 4d44024c82 FIX: error when trying to block an IP address. Return a message when IP address matches an existing screened IP address, including ranges. 2018-03-19 14:34:43 -04:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Guo Xiang Tan da21fad10b SECURITY: Possible SQL injection. 2016-07-18 15:35:41 +08:00
Neil Lalonde 5ca26a7707 FEATURE: add site setting use_admin_ip_whitelist to enable/disable the whitelisting of admins by IP address 2015-09-23 12:15:08 -04:00
Régis Hanol fc962eb378 FEATURE: automatic daily roll-up for screened IP addresses 2015-03-09 18:55:17 +01:00
Neil Lalonde 7c14db44cc UX: improve message when admin login is blocked because of admin ip address whitelisting 2015-03-02 12:13:22 -05:00
Régis Hanol c4e427cf73 FEATURE: filter screened IP addresses 2015-02-10 19:38:59 +01:00
Régis Hanol 0398ab7514 FIX: when adding an IP to the spammer list, check the broader ban list
first

FEATURE: allow admins to search users using IP ranges
2014-11-21 18:16:06 +01:00
Neil Lalonde d96acdeafa FEATURE: screened IP address range can be entered like 192.* instead of 192.*.*.* 2014-09-24 12:05:29 -04:00
Neil Lalonde ca5f361d0a FEATURE: restrict admin access based on IP address 2014-09-05 12:06:01 -04:00
Sam 414c6d191f FIX: remove nullable dates post upgrade to Rails 4 2014-08-27 15:19:25 +10:00
Akshay 7ef61144e7 Avoid using to_s when performing String Interpolation 2014-08-14 23:55:27 +05:30
Sam b1d5f4440b Annotate models 2014-05-28 12:30:57 +10:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Sam 862a6696c0 Correct annotations
allow longer usernames (up to 60)
2014-04-15 15:53:48 +10:00
Régis Hanol 6373de550f update annotations 2014-04-08 17:35:44 +02:00
Neil Lalonde 5fd390c600 FIX: nuke spammer from flags page 2014-02-21 14:14:30 -05:00
Neil Lalonde d0ecccb7e4 Translate asterisks in ip addresses to mask format so people can enter things like 127.*.*.* in screened ip addresses form 2014-02-18 13:00:55 -05:00
Neil Lalonde 6c23a1903e FIX: show ip address with mask again on /admin/logs/screened_ip_addresses 2014-02-18 10:33:08 -05:00
Sam 2db3cfb16b annotate models 2013-12-05 17:40:35 +11:00
Sam 1b19444b44 URGENT FIX: code would fail in Ruby 1.9.3 exception does not exist 2013-11-18 09:32:02 +11:00
Neil Lalonde 8724b2e2b6 Add comments about the IPAddr hack 2013-11-05 11:24:13 -05:00
Sam 1e21fc8c9a fix regression in Rails 4 2013-11-05 10:32:35 +11:00
Neil Lalonde 8aab2253d0 Whitelisted ip addresses will not be flagged as spam by flag_sockpuppets 2013-10-23 17:11:35 -04:00
Neil Lalonde c1008f4359 Fixes for postgresql inet columns in Rails 4. They're backed by an IPAddr class now, which breaks sql parameter marker support, and automatically sets the attribute to nil when trying to assign an invalid ip address. 2013-10-22 19:19:32 -04:00
Neil Lalonde 7d582fbee3 Screened ip address can be edited, deleted, and changed to allow or block. 2013-10-22 16:30:46 -04:00
Neil Lalonde 648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00