======================================================================= --- Release of Lynx2-6FM as Lynx v2.7 (February 15, 1997) --- ======================================================================= 1997-02-15 * Release of Lynx2-6FM as Lynx v2.7. - FM * Included -Ae when compiling the Implementation modules for the snake3 target. - FM 1997-02-14 * Mods to issue an alert about a BASE tag not having an absolute URL only once per document. - FM * Added code for appending LYNX_SIG_FILE to email messages as well as to news posts or followups, and updated the Users Guide accordingly. - FM * Updated build-slang.com. - FM 1997-02-12 * Fixed some problems in the code for using a hookless Lynx image with snew_proxy, snewspost_proxy, and snewsreply_proxy set to "nntp://host:port/" so that it uses Tom Zerucha's (tz@execpc.com) daemon which handles the SSL communications on behalf of the Lynx image. Also polished up all of the news gateway code, and added comments for the benefit of new developers. - FM * Added an ECGOTO command mapped by default to 'G', complementary to the GOTO command (default 'g'), to edit the current document's URL and then go to it. Using case-sensitive letters with different command definitions ensures that both will appear with their brief explanations in the 'k'eymap listing. For ECGOTO, Control-G, failure to modify the URL, or complete deletion of it, all act as a cancel. If the current document has POST content associated with it, a warning will be issued before offering the URL to edit. The POST content is retained if the modification merely involves a change in fragment for the URL. Otherwise, the modified URL (if it has an http scheme) will be submitted with method GET and no POST content. If the ECGOTO command is not cancelled, or not simply a fragment change, the modified URL will be added to the 'g'oto buffer, and can be re-accessed, to edit further, via the GOTO command. See the updated online 'h'elp for more information. - FM 1997-02-10 * Amplified the comments concerning deletion of prototypes for MultiNet socket library functions as they get added to MultiNet's own headers in newer versions of it's socket library. - FM * Added a missing fclose() in post_article() of HTNews.c, and added code to delete the temporary file there, so it's gone as soon as we're done with it. - FM 02-09-97 * Enhanced the Set-Cookie header parser to handle values that contain spaces but were not enclosed in double-quotes, and to use such quoting or not when sending Cookie headers, depending on whether this was done in the Set-Cookie header. Also added anti-crash checks should the parser's efforts to handle both historical (a.k.a. original Netscape) cookies and Version 1 cookies go awry (does deal successfully now with all the cookies which had been reported as problematic). - FM * Mods of the screen handling in LYNews.c for cleaning up any screen trash created by the external editor. - FM * Tracked down an uninitialized pointer in LYNews.c that probably was behind reports of crashes when posting to newsgroups. - FM * Plugged a memory leak in LYMainLoop.c. - TJC * Added posting ability to the news gateway, in lieu of the previous, variably reliable, use of a spawned news client for posting. The news, nntp, and snews URLs now all return links for posting new messages or followups (replies) to the server from which a newsgroup listing or news article was retrieved, unless the server indicates that it does not accept posts from the site at which Lynx is running. See the updated INSTALLATION, userdefs.h, and lynx.cfg files, the "USENET News posting" section of the Users Guide, and "Supported URLs" page of the online 'h'elp for more information. * Fixed typo for e-dieresis in the KOI8-R charset. - AJF * Replaced an inappropriate _user_message() call in HTConfirmCookie() of HTAlert.c with a _statusline() call. The original code could cause crashes with some cookie values. - FM 02-06-97 * Added support for both hex escaped and unescaped white characters in lynxexec and lynxprog URLs. Normally, Lynx strips out any white characters that are not hex escaped in attribute values that are to be resolved as URLs, on the assumption that they were derived from wrapping in the markup. Any serial white characters in lynxexec and lynxprog URLs are condensed to one space (' '), and any lead or trailing white characters are trimmed. Note that we still require hex escaping of spaces in mailto URLs, e.g, HREF="mailto:lynx-dev@sig.net%20(I%20found%20a%20bug.)". - FM * Removed the 'e' switch from tar commands in LYLocal.c for greater portability across all supported Unix flavors. - FM * Expanded the information in the PROBLEMS file on how to deal with DECC and MultiNet header incompatibilites for different combinations of the VMS compiler and socket library versions. - FM * Added TRACE message of the edit command created for the system() call in LYEdit.c. - LWV * Fixed a typo in the userdefs.h comments. - NHE 02-04-97 * Mod in LYMainLoop.c to bypass mailing "not found" messages when MAIL_SYSTEM_ERROR_LOGGING was set TRUE (which it should NOT be, indescriminately) if the document's owner is the lynx-dev list. - FM * Added crash protection checks for the actual presence of anchors in all HText structure anchor scans in GridText.c, based on a crash report and suggested fix for one of them from Jonathan Sergent (sergent@hillres55-129.cc.purdue.edu). - FM * Eliminated the typecast for ttytype (apparently varies across flavors, and each flavor should know it's own typing; we'll see) in LYCurses.c, and moved VMS system definitions with non-ANSI conformant tokens to a separate header for VMS (LYVMSdef.h). - BL * Made the description of HISTORY in the 'k'eymap page more clear that it invokes a list of the "suspended" documents currently held in the history stack. - DC * Typo fixes in the help files and lynx.cfg. - LWV 02-03-97 * Today's distribution is a pre-release of v2.7. The projected official release date is 02-15-97. All header, help and documentation files, and the top directory name, have been updated for v2.7. - FM * Made xli, which is freeware, the default XLOADIMAGE_COMMAND for Unix in userdefs.h (still xv on VMS, since its port is freeware), and expanded the "self-documentation" to indicate where to get this freeware. Added XLOADIMAGE_COMMAND as a configuration symbol in lynx.cfg, so that the compilation default can be overridden on systems which have and prefer xv (all users can override the default mappings for image helper apps via their mailcap files) - FM * Added a -base command line switch which can be used with -source or -mime_header to prepend the request URL as a comment, and a BASE tag (which may or may not be the same as the request URL, depending on HTTP/1.1 headers) for text/html documents, equivalent to the prepend kludge for 'd'ownloads (see 09-20-96 mods). - FM * Added a check for an "ORGANIZATION" environment variable for inclusion as a news post header on Unix (all system logicals intended for news post headers automatically are included on VMS), and a sleep() before restoring curses mode after the post, to allow reading of any error messages from the news software. - FM * Fixed bug which yielded a "[LINK]" instead of "[INLINE]" pseduo-ALT for ALT-less IMG tags used as the content for NAME-ed Anchors without an HREF. - FM * Portability tweaks for the mini inews utility. - FM * Fixed an old and irrelevant typo in HTWriter.c. - JS 01-29-97 * Added more REL tokens that are acceptible for banner links. - FM * Ifdef'ed the standard foo_PATH definitions for FreeBSD at the bottom of userdefs.h, based on a patch from AAC, and assuming they also apply for NetBSD, BSDI, and Linux (we'll see 8-). - FM * Added make freebsd-slang target. - AAC 01-28-97 * Mods of LYSetCookie() to ensure setting of 443 as the default port for https URLs, and force the secure flag on for https URLs whether or not the Set-Cookie header had a secure parameter (too many Version 0 cookies don't, when they should). - FM * Removed -ltermcap from make for all ncurses targets. - FM * Tweaks of make for FreeBSD. - AAC * Use SLtt_get_screen_size() instead of the apparently less portable code for slang in size_change() of LYUtils.c. - JED 01-27-97 * Made ALT a synonym for VALUE in INPUTs with TYPE="image" to cooperate with well-intentioned (though misinformed) providers who use ALT instead of VALUE for the benefit of text clients or GUIs with image handling turned off. - FM * Modified the code for submission of form content with TYPE="image" NAME-ed INPUTs that have a VALUE (or ALT) to "fake" a 0,0 coordinate pair, as when a VALUE (or ALT) is absent, instead of sending a single name=value pair. Requests that using a name=value pair in such cases to indicate that the submission was from a text client or GUI with image handling turned off be included in the HTML specifications keep falling on deaf ears, so we may as well "fake" something closer to what the CGI scripts are expecting, and hope that the script interprets 0,0 as an indicator that the user did not see the image and make a conscious choice within it. * Added code to offer a link for the SRC of the image in INPUTs with TYPE="image", distinct from the submit button, when clickable images is on. - FM * Updated the "HTML Forms" section of the Users Guide. - FM * Fixed a typo in the parsing of Cache-Control MIME headers and META directives. - FM 01-25-97 * Updated lynx_help_main.html, about_lynx.html and about_lynx-dev.html. - FM * Mods to indicate a toolbar by a '#' preceding its first link when the toolbar is being displayed, and to indicate the availability of a toolbar by a '#' in the top, left-hand corner of the screen when the toolbar is not being displayed. Added explanation of this in the online 'h'elp. - FM * Indicate the 'allow' setting (always, never, or via prompt) for each domain in the Cookie Jar Page. - AK * Don't delete cookie-less domains silently during garbage collections if they have their 'allow' set to always or never. - AK & FM * Added ability to change the 'allow' settings for domains via the Cookie Jar Page. - FM * Added basic protection against "denial of service attacks" by limiting a domain to 50 cookies, the total number of stored cookies to 500, and the maximum processed size of a cookie to 4096 bytes. - FM * SGML escape any ampersands or angle brackets in the cookie names, values, parameters, and comments when creating the HTML stream for the Cookie Jar Page, and only include entries for comments if they were present in the servers' Set-Cookie headers. - FM * Updated the online 'h'elp for cookies. - FM * Removed -DNO_KEYPAD from all ncurses targets in the Makefile. - FM 01-23-97 * Added a "Lynx State Management (Me want cookie!)" section to the Lynx Users Guide, and a cross-linked cookie_help.html file for the Cookie Jar Page. - FM * Added prompting for whether to show the body of a 401 status reply or simply return to the current document when an activated link requires authentication via a username and password, and the user has none for that realm, or forgot them. - FM 01-22-97 * Added handling of expires attribute values in Version 0 (a.k.a. Netscape) Set-Cookie MIME headers or META tags, and added "Maximum Gobble Date" entries in the Cookie Jar Page which indicate the maximum intended age for each cookie based on the Version 0 expires or Version 1 max-age attribute values. - FM * Added an LYmktime() function in LYUtils.c which accepts strings in the format "Day, dd-Mon-yy hh:mm:ss GMT" or "Day, dd Mon yyyy hh:mm:ss GMT", parses and converts them to time_t format (seconds since 00:00:00 Jan 1 1970), and returns the time_t value, or zero if the date is in the past. It is used for handling Expires headers or attribute values. - FM * Added parsing of Cache-Control and Expires MIME headers and META tags sufficient to determine whether the no_cache element should be set in the document's structures. - FM * Eliminated the "; $Path=foo; $Domain=blah" attr=value pairs when sending Version 0 (a.k.a. Netscape) cookies in request headers, because too may CGI scripts in the real world have brain-dead parsers and fail when they are included. - FM * Added handling of Set-Cookie directives in META tags. - AK 01-20-97 * Added confirmation prompts for deletions from the Cookie Jar, expanded the garbage collecting for expired cookies, debugged and implemented the code for security checks based on lead and embedded dots in domain values and host prefixes as described in Section 4.3.2 of the -05 State Management draft, added requirement for https URLs (direct, or via proxy) to include cookies which have the secure flag set in request headers, and extensively annotated the cookie support code for ease of further development. - FM * Added ability to set SHOW_CURSOR in lynx.cfg, to override the compilation setting in userdefs.h, and made the -show_cursor command line switch a toggle for the compilation or configuration default. - FM 01-18-97 * Bug fixes and memory leak plugs for the cookie support. Added ability to delete individual cookies or entire domains via the Cookie Jar Page (Ctrl-K). The domains and cookies are displayed as DL/DT/DD blocks, with links for each domain and cookies name. The deletions are done by activating those links, which can be numbered, so it should be OK for blind users. - FM * Tweaks of the news/nntp/snews gateway. - FM * Tweaks of paragraphing if ADDRESS, BANNER, BLOCKQUOTE, BQ, FN, MARQUEE or NOTE blocks are nested (note that nesting does not yield progressive indentations of these blocks). - FM 01-16-97 * Added "first pass" cookie support based on patches from Andrew Kuchling (amk@magnet.com). Still needs work (see comments at top of LYCookie.c). A SET_COOKIE symbol in userdefs.h and lynx.cfg determines whether cookie support will be on or off by default, and the default can be toggled via a -cookies command line switch. When on, Set-Cookie headers invoke confirmations with possible replies of 'Y'es or 'N'o for that cookie, 'A'lways, to accept all cookies from that domain, or ne'V'er to never accept cookies from that domain. The Cookie Jar can be examined via the COOKIE_JAR keystroke command, mapped by default to Ctrl-K. The Cookie Jar, and any 'A'lways or ne'V'er settings, do not presently outlast the Lynx session. - FM 01-14-97 * Added use of DEFAULT_INDEX_FILE or the URL from an -index=URL command line switch as the the HREF for a banner LINK with REL="Index" and no HREF of its own (see the 01-01-97 mods and the HTML Banners section of the Lynx Users Guide). - FM 01-13-97 * Tweaks of the news gateway. - FM * Added "Negotiate: trans" header for GET and HEAD requests. Shouldn't be necessary to get 300 instead of 406 replies when nothing matches the Accept and Accept-foo request headers, but some HTTP/1.1 servers apparently want it when the UA declares itself as HTTP/1.0, as Lynx still does. - FM 01-12-97 * More updates of the online 'h'elp files. - FM * Simplified the code for checking whether a startfile is a bookmark file entered as a URL instead of invoked via the -book switch. The previous code was tripping up some versions of the osf and linux compilers. - FM 01-10-97 * Replaced the realloc() in split_line() of GridText.c with a calloc(), memcpy(), FREE() sequence for all systems, not just AIX and ultrix, based on analysis of memory wastage by Hans Reiser (dl9rdz@cip.e-technik.uni-erlangen.de). - FM * Tweaks of the body= handling in mailto URLs. - FM * Tweaks of the ftp gateway. - FM * Restored inheritence when resolving versus a base with the same scheme, because the RFC1808 and Fielding Draft behavior of not doing so yields too many failures in the real world (sigh...). - FM 01-09-97 * Ugh! The distribution zip still had the Nov 4, 1996 HTTCP.c instead of the one I modified on Christmas. No wonder people were still reporting the wrong messaging with -DNSL_FORK. The right HTTCP.c is in there now. - FM * Mods to resolve the HREFs for LINKs with REV="made" or REV="owner" versus the base (a many, many year old bug finally caught 8-). - FM * Added HTAlert messages about BASE HREF vaules, Location header values, and Refresh URL values that were not received as absolute URLs. We still resolve them versus the RequestURI, since that's invariably what is intended, and thus the optimum "error recovery" strategy. - FM * Added handling of cc= and body= fields in ?searchpart strings of mailto URLs. They are described in draft-hoffman-mailto-url-00.txt recently posted to the URI-WG list. This draft ignores the objections which have been filed about changing the semantics of mailto and breaking clients which are fully conformant with the mailto specs in RFC1738, instead of using a new scheme name (e.g., smtp:) for URLs with mail headers, and it extends the ill-advised use of '&' as puctuation in URLs instead of honoring the previous IETF effort to seek it's replacement by ';' as the URL name=value separator and, in effect, treating them as parameters without need to worry about confusions with entities when the URLs are attribute values in text/html. However, the chairman of the URI-WG is a co-author of this draft, so, sigh... As far as this Lynx code is concerned, the mods are more "error recovery" to cope with the sad things which have afflicted the Web during the past 2-3 years, and use of a ?searchpart in mailto URLs is still DISadvised. Lynx uses only subject=, cc=, and body= fields from a ?searchpart, using it's own "safe" rules for other mail headers, and ignoring ones other than those three in the ?searchpart as "unsafe". The cc= values in a ?searchpart are added to the primary address as a comma-separated list for the mail agent, and Lynx's own Cc: is that entered, optionally, by the user. Any body= field is passed to the external editor, if one has been defined, for review and possible modification. Otherwise, it is scrolled for review. The mailing can be cancelled at any time (via Ctrl-G), and via a statusline prompt after everything has been reviewed, if the user judges the body and/or addresses to be unsafe or inappropriate. - FM * Moved information and prompt strings in LYMail.c to installer-modifiable symbols in LYMessages_en.h. - FM 01-07-97 * Eliminated forced exits for keyboard input buffer overruns on VMS. There's no perfect way to deal with it, but Lynx should recover gracefully most of the time now, and do nothing bad if ungraceful. - FM * Added handling of Content-Base and Content-Location MIME headers when 'd'ownloading, 'p'rinting, or mailing HTML source. For this, as for rendered HTML streams (see 01-06-97 mods) the base is determined according to HTTP/1.1 rules: If a Content-Base header was received, that's the base. Otherwise, if a Content-Location header was received and it's an absolute URL, that's the base. Otherwise, the URL used to retrieve the document is the base. When actually rendering, any BASE tag in the document overrides the base derived from headers. When 'd'ownloading, or outputting HTML source for a 'p'rint option, an X-URL comment with the URL used to retrieve the document and a BASE tag with the header or URL-derived base are inserted at the top of the document. These should be moved down into the actual HEAD section to make the HTML fully legal, but will work as is if the output is used in conjunction with automatic invocation of Lynx or Netscape as a text/html helper application. When mailing with an SMTP-conformant mailer, the actual URL used to retrieve the document is indicated via an X-URL header, and for HTML source, a Content-Base and a Content-Location header are included, set to what was actually received by Lynx via MIME headers, or to the retrieval URL. - FM 01-06-97 * More updates of the online 'h'elp. The Visited Links Page ('V'), multi-bookmark file support, REL/REV and META enhancements, and new switches are now all fully documented in the 'h'elp. - FM * Added handling of Content-Base and Content-Location MIME headers for rendered HTML streams (still using the document's URL in the 'd'ownload and 'p'rint (and mailing) BASE prepending kludge). - FM * Added code to avoid getting tripped up by double-quoted header values in HTMIME.c. We still need more sophisticated parsing of possibly compound HTTP/1.1 headers, but we don't yet use any of those. - FM * Tweak of the efficiency mods for command line parsing in LYMain.c. - FM * Simplified some code in LYMainLoop.c that was tripping up the AIX32 compiler. - FM 01-04-97 * More updates of the online 'h'elp. - FM * Added DIRED_MENU support for .tgz files as for .tar.gz files. - FM 01-03-97 * Made the command line parsing in LYMain.c more efficient. - FM * Added -nopause switch for setting InfoSecs, MessageSecs, and AlertSecs to zero. Can be used to eliminate forced statusline pauses during traversals. - FM * Mods to allow absolute zero quality values for Accept headers, so that in mailcap files users can do things like map image/* to a helper app but exclude particula
#
#
#            Nim's Runtime Library
#        (c) Copyright 2015 Andreas Rumpf
#
#    See the file "copying.txt", included in this
#    distribution, for details about the copyright.
#

## A higher level `PostgreSQL`:idx: database wrapper. This interface
## is implemented for other databases also.
##
## See also: `db_odbc <db_odbc.html>`_, `db_sqlite <db_sqlite.html>`_,
## `db_mysql <db_mysql.html>`_.
##
## Parameter substitution
## ======================
##
## All ``db_*`` modules support the same form of parameter substitution.
## That is, using the ``?`` (question mark) to signify the place where a
## value should be placed. For example:
##
## .. code-block:: Nim
##     sql"INSERT INTO myTable (colA, colB, colC) VALUES (?, ?, ?)"
##
## **Note**: There are two approaches to parameter substitution support by
## this module.
##
## 1.  ``SqlQuery`` using ``?, ?, ?, ...`` (same as all the ``db_*`` modules)
##
## 2. ``SqlPrepared`` using ``$1, $2, $3, ...``
##
## .. code-block:: Nim
##   prepare(db, "myExampleInsert",
##           sql"""INSERT INTO myTable
##                 (colA, colB, colC)
##                 VALUES ($1, $2, $3)""",
##           3)
##
## Examples
## ========
##
## Opening a connection to a database
## ----------------------------------
##
## .. code-block:: Nim
##     import db_postgres
##     let db = open("localhost", "user", "password", "dbname")
##     db.close()
##
## Creating a table
## ----------------
##
## .. code-block:: Nim
##      db.exec(sql"DROP TABLE IF EXISTS myTable")
##      db.exec(sql("""CREATE TABLE myTable (
##                       id integer,
##                       name varchar(50) not null)"""))
##
## Inserting data
## --------------
##
## .. code-block:: Nim
##     db.exec(sql"INSERT INTO myTable (id, name) VALUES (0, ?)",
##             "Dominik")
import strutils, postgres

import db_common
export db_common

type
  DbConn* = PPGconn    ## encapsulates a database connection
  Row* = seq[string]   ## a row of a dataset. NULL database values will be
                       ## converted to nil.
  InstantRow* = object ## a handle that can be
    res: PPGresult     ## used to get a row's
    line: int          ## column text on demand
  SqlPrepared* = distinct string ## a identifier for the prepared queries

proc dbError*(db: DbConn) {.noreturn.} =
  ## raises a DbError exception.
  var e: ref DbError
  new(e)
  e.msg = $pqErrorMessage(db)
  raise e

proc dbQuote*(s: string): string =
  ## DB quotes the string.
  result = "'"
  for c in items(s):
    if c == '\'': add(result, "''")
    else: add(result, c)
  add(result, '\'')

proc dbFormat(formatstr: SqlQuery, args: varargs[string]): string =
  result = ""
  var a = 0
  if args.len > 0 and not string(formatstr).contains("?"):
    dbError("""parameter substitution expects "?" """)
  if args.len == 0:
    return string(formatstr)
  else:
    for c in items(string(formatstr)):
      if c == '?':
        add(result, dbQuote(args[a]))
        inc(a)
      else:
        add(result, c)

proc tryExec*(db: DbConn, query: SqlQuery,
              args: varargs[string, `$`]): bool {.tags: [ReadDbEffect, WriteDbEffect].} =
  ## tries to execute the query and returns true if successful, false otherwise.
  var res = pqexecParams(db, dbFormat(query, args), 0, nil, nil,
                        nil, nil, 0)
  result = pqresultStatus(res) == PGRES_COMMAND_OK
  pqclear(res)

proc tryExec*(db: DbConn, stmtName: SqlPrepared,
              args: varargs[string, `$`]): bool {.tags: [
              ReadDbEffect, WriteDbEffect].} =
  ## tries to execute the query and returns true if successful, false otherwise.
  var arr = allocCStringArray(args)
  var res = pqexecPrepared(db, stmtName.string, int32(args.len), arr,
                           nil, nil, 0)
  deallocCStringArray(arr)
  result = pqresultStatus(res) == PGRES_COMMAND_OK
  pqclear(res)

proc exec*(db: DbConn, query: SqlQuery, args: varargs[string, `$`]) {.
  tags: [ReadDbEffect, WriteDbEffect].} =
  ## executes the query and raises EDB if not successful.
  var res = pqexecParams(db, dbFormat(query, args), 0, nil, nil,
                        nil, nil, 0)
  if pqresultStatus(res) != PGRES_COMMAND_OK: dbError(db)
  pqclear(res)

proc exec*(db: DbConn, stmtName: SqlPrepared,
          args: varargs[string]) {.tags: [ReadDbEffect, WriteDbEffect].} =
  var arr = allocCStringArray(args)
  var res = pqexecPrepared(db, stmtName.string, int32(args.len), arr,
                           nil, nil, 0)
  deallocCStringArray(arr)
  if pqResultStatus(res) != PGRES_COMMAND_OK: dbError(db)
  pqclear(res)

proc newRow(L: int): Row =
  newSeq(result, L)
  for i in 0..L-1: result[i] = ""

proc setupQuery(db: DbConn, query: SqlQuery,
                args: varargs[string]): PPGresult =
  result = pqexec(db, dbFormat(query, args))
  if pqResultStatus(result) != PGRES_TUPLES_OK: dbError(db)

proc setupQuery(db: DbConn, stmtName</