Remove the options to expand entities and so continue when encountering invalid /
malformed XML, as both of these can be exploited by supplying
maliciously crafted XML.
Signed-off-by: Michael Keller <mikeller@042.ch>
printf() is a horrible interface as it does no type checking.
Let's at least use the compiler to check format strings and
arguments. This obviously doesn't work for translated strings
and using report_error on translated strings is dubious. But OK.
Had to convert a number of report_error() calls to supress
warnings.
Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
Include unused tanks in merges of multiple logs into a single dive if
the 'Show unused cylinders' preference is enabled.
Also rename the preference (in code) to `include_unused_tanks` to
reflect the fact that it is already used in more places than just the
display (exporting, cloning dives).
Simplified the cylinder model to make forced inclusion of unused tanks
dependent on use of the model in planner.
Leaving the persisted name of the preference as `display_unused_tanks`
to avoid resetting this for all users - is there a good way to migrate
preference names?
Signed-off-by: Michael Keller <github@ike.ch>
Because of the old connect syntax used the incorrect signal names weren't
caught at compile time. To switch to the new syntax we had to make two
functions pure virtual in the WebServices class - let's hope I got that right.
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
The only things in display.h were profile related, so the
split between these two files is not comprehensible.
In fact profile.h includes display.h, because it needs the
struct defined therein. Let's just merge these two files.
Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
Due to changes in the handling of sensor-ids, invalid XMLs were
generated. In particular, these contained duplicate attributes
in the sample tags.
Even though these files shouldn't exist, let's try to parse
them anyway. Some data will be lost, but that's better than
not opening the file.
libxml2 can be told to try to recover from such petty(?) errors
by passing the XML_PARSE_RECOVER flag.
Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
This adds a cleanup function to be called after a divelogs.de upload
finishes (successful or not) to make sure the temporary zip file is
closed and removed.
Signed-off-by: Richard Fuchs <dfx@dfx.at>
On multi-user systems with a shared directory for temporary files, using
a static file name can lead to permissions problems and subsequent
errors due to collisions. Use a random unique file name for each
generated file to avoid these problems.
Note: the temporary file generated from the divelogs.de upload is still
left behind after the upload finishes.
Signed-off-by: Richard Fuchs <dfx@dfx.at>
The data of the membuffer is passed as a data/length pair
to xmlReadMemory(). There is no point in NUL-terminating it.
Moreover, pass the data directly to xmlReadMemory()
instead of via variables. These variables are reused
later with a different meaning, making this super-confusing.
The membuf variable is turned from "const char *" to "char *"
to signal that we own the buffer.
Amazingly, zip_source_buffer() frees the buffer, even though
a "const void *" is passed in. This API is pure madness. Add
a comment.
Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
Thus, the membuffer data is automatically freed when going
out of scope - one thing less to worry about.
This fixes one use-after-free bug in uploadDiveLogsDE.cpp
and one extremely questionable practice in divetooltipitem.cpp:
The membuffer was a shared instance across all instances
of the DiveToolTipItem.
Remves unnecessary #include directives in files that didn't
even use membuffer.
Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
When user has selected to show unused cylinders in equipment tab,
respect this setting when exporting to divelogs.de.
Fixes#3277
Signed-off-by: Miika Turkia <miika.turkia@gmail.com>
These just make no sense. Since the value is copied, it
has no meaning to the caller whether the function can
change the value (and vice versa for return types).
Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
The uploadStatus signal can be used to inform the user about
the process e.g.
- preparing zip file
- starting actual upload
It is a suplement to uploadProgress, that only informs about
the network part.
Signed-off-by: Jan Iversen <jan@casacondor.com>
Secure that the slots/signals in uploadDiveLogsDE, which are without
UI, can be used in DivelogsDeWebServices (to add the UI part).
Signed-off-by: Jan Iversen <jan@casacondor.com>
The difference between slot names and signal names was to insignificant
e.g. uploadFinish (signal) uploadFinished (slot).
Change slot names to slot_<name> should clear any confusion.
Signed-off-by: Jan Iversen <jan@casacondor.com>
In order to replace DivelogsDeWebServices::prepare_dives_for_divelogs with
uploadDiveLogsDE::prepareDives, first step is to make the functions identical.
amount_selected is not maintained for mobile, add #ifdef SUBSURFACE_MOBILE
Add comment, to make code more readable
add white line to make code more readable
change to use variable ds (created a couple of lines earlier
Avoid "goto" by adding close code
Remove label and close code (it was only called in 1 place)
Signed-off-by: Jan Iversen <jan@casacondor.com>
use report_error directly, instead of making a QString first,
argument syntax are different (%s vs. %1)
Signed-off-by: Jan Iversen <jan@casacondor.com>
The implementation is based on class DivelogsDeWebServices in
desktop-widgets but without the UI entanglement
Signed-off-by: Jan Iversen <jan@casacondor.com>