diff options
author | canyonknight <canyonknight@gmail.com> | 2012-09-27 23:03:50 +0200 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2012-09-28 08:57:25 +0200 |
commit | 752c5a6e3483b2309e4b48943adce2625a9bc716 (patch) | |
tree | 418351bf207e460d2951fb719deb7f22a12afbf2 | |
parent | 00cffd7ddba6bd7b65fcd4c1ce625515cf5489d0 (diff) | |
download | aur-752c5a6e3483b2309e4b48943adce2625a9bc716.tar.gz aur-752c5a6e3483b2309e4b48943adce2625a9bc716.tar.xz |
Move package merging to a separate page
Package actions now have a separate box on the package details page. Add
a package merge link in that box.
Link leads to a new page (pkgmerge.php) that can be used to confirm package
merging. A separate page with confirmation is used to avoid CSRFs.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-rw-r--r-- | web/html/index.php | 3 | ||||
-rw-r--r-- | web/html/pkgmerge.php | 47 | ||||
-rw-r--r-- | web/template/pkg_details.php | 1 |
3 files changed, 51 insertions, 0 deletions
diff --git a/web/html/index.php b/web/html/index.php index 0b5dfc87..6ee23bc5 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -46,6 +46,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { case "delete": include('pkgdel.php'); return; + case "merge": + include('pkgmerge.php'); + return; } if (isset($_COOKIE['AURSID'])) { diff --git a/web/html/pkgmerge.php b/web/html/pkgmerge.php new file mode 100644 index 00000000..834d0c91 --- /dev/null +++ b/web/html/pkgmerge.php @@ -0,0 +1,47 @@ +<?php + +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); + +include_once("aur.inc.php"); +include_once("pkgfuncs.inc.php"); + +set_lang(); +check_sid(); + +html_header(__("Package Merging")); + +$atype = ""; + +if (isset($_COOKIE["AURSID"])) { + $atype = account_from_sid($_COOKIE["AURSID"]); +} + +if ($atype == "Trusted User" || $atype == "Developer"): ?> +<div class="box"> + <h2><?= __('Merge Package: %s', htmlspecialchars($pkgname)) ?></h2> + <p> + <?= __('Use this form to merge the package (%s%s%s) into another package. ', + '<strong>', htmlspecialchars($pkgname), '</strong>'); ?> + <?= __('Once the package has been merged it cannot be reversed. '); ?> + <?= __('Enter the package name you wish to merge the package into. '); ?> + <?= __('Select the checkbox to confirm action.') ?> + </p> + <form action="<?= get_uri('/packages/'); ?>" method="post"> + <fieldset> + <input type="hidden" name="IDs[<?= $pkgid ?>]" value="1" /> + <input type="hidden" name="ID" value="<?= $pkgid ?>" /> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <p><label for="merge_Into" ><?= __("Merge into:") ?></label> + <input type="text" id="merge_Into" name="merge_Into" /></p> + <p><input type="checkbox" name="confirm_Delete" value="1" /> + <?= __("Confirm package merge") ?></p> + <p><input type="submit" class="button" name="do_Delete" value="<?= __("Merge") ?>" /></p> + </fieldset> + </form> +</div> + +<?php else: + print __("Only Trusted Users and Developers can merge packages."); +endif; + +html_footer(AUR_VERSION); diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index dcc086bb..182722d0 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -56,6 +56,7 @@ $sources = package_sources($row["ID"]); <?php endif; ?> <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> <li><a href="<?= get_pkg_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> + <li><a href="<?= get_pkg_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li> <?php endif; ?> <?php endif; ?> </ul> |