summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGordian Edenhofer <gordian.edenhofer@gmail.com>2015-06-26 21:03:17 +0200
committerLukas Fleischer <lfleischer@archlinux.org>2015-06-27 13:04:03 +0200
commit8bd03adb6168b16222510f2e1a148f2ad5ea3afb (patch)
tree4bf3bb990c637dec3abf3519c797c434c6547155
parentb036b436aa64be000481f8d1da30ff53d4bcb889 (diff)
downloadaur-8bd03adb6168b16222510f2e1a148f2ad5ea3afb.tar.gz
aur-8bd03adb6168b16222510f2e1a148f2ad5ea3afb.tar.xz
Fake pkgbase actions for unconfirmed users
Displaying flag, notify, vote, adopt and file request links for users which did not authenticate themselves and letting those fake buttons link to the login page. Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
-rw-r--r--web/lib/aur.inc.php28
-rw-r--r--web/template/pkgbase_actions.php2
2 files changed, 19 insertions, 11 deletions
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index 95f72cef..7a455c6e 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -230,7 +230,12 @@ function html_format_maintainers($maintainer, $comaintainers) {
* @return string The generated HTML code for the action link
*/
function html_action_link($uri, $desc) {
- $code = '<a href="' . htmlspecialchars($uri, ENT_QUOTES) . '">';
+ if (isset($_COOKIE["AURSID"])) {
+ $code = '<a href="' . htmlspecialchars($uri, ENT_QUOTES) . '">';
+ } else {
+ $code = '<a href="' . get_uri('/login/', true) . '?referer=';
+ $code .= urlencode(rtrim(aur_location(), '/') . $uri) . '">';
+ }
$code .= htmlspecialchars($desc) . '</a>';
return $code;
@@ -246,14 +251,19 @@ function html_action_link($uri, $desc) {
* @return string The generated HTML code for the action link
*/
function html_action_form($uri, $action, $desc) {
- $code = '<form action="' . htmlspecialchars($uri, ENT_QUOTES) . '" ';
- $code .= 'method="post">';
- $code .= '<input type="hidden" name="token" value="';
- $code .= htmlspecialchars($_COOKIE['AURSID'], ENT_QUOTES) . '" />';
- $code .= '<input type="submit" class="button text-button" name="';
- $code .= htmlspecialchars($action, ENT_QUOTES) . '" ';
- $code .= 'value="' . htmlspecialchars($desc, ENT_QUOTES) . '" />';
- $code .= '</form>';
+ if (isset($_COOKIE["AURSID"])) {
+ $code = '<form action="' . htmlspecialchars($uri, ENT_QUOTES) . '" ';
+ $code .= 'method="post">';
+ $code .= '<input type="hidden" name="token" value="';
+ $code .= htmlspecialchars($_COOKIE['AURSID'], ENT_QUOTES) . '" />';
+ $code .= '<input type="submit" class="button text-button" name="';
+ $code .= htmlspecialchars($action, ENT_QUOTES) . '" ';
+ $code .= 'value="' . htmlspecialchars($desc, ENT_QUOTES) . '" />';
+ $code .= '</form>';
+ } else {
+ $code = '<a href="' . get_uri('/login/', true) . '">';
+ $code .= htmlspecialchars($desc) . '</a>';
+ }
return $code;
}
diff --git a/web/template/pkgbase_actions.php b/web/template/pkgbase_actions.php
index 757b0635..61ad18f5 100644
--- a/web/template/pkgbase_actions.php
+++ b/web/template/pkgbase_actions.php
@@ -9,7 +9,6 @@
<li><a href="<?= $snapshot_uri ?>"><?= __('Download snapshot') ?></a>
<li><a href="https://wiki.archlinux.org/index.php/Special:Search?search=<?= urlencode($row['Name']) ?>"><?= __('Search wiki') ?></a></li>
<li><span class="flagged"><?php if ($row["OutOfDateTS"] !== NULL) { echo __('Flagged out-of-date')." (${out_of_date_time})"; } ?></span></li>
- <?php if ($uid): ?>
<?php if ($row["OutOfDateTS"] === NULL): ?>
<li><?= html_action_form($base_uri . 'flag/', "do_Flag", __('Flag package out-of-date')) ?></li>
<?php elseif (($row["OutOfDateTS"] !== NULL) && has_credential(CRED_PKGBASE_UNFLAG, $maintainers)): ?>
@@ -45,7 +44,6 @@
<?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?>
<li><?= html_action_form($base_uri . 'disown/', "do_Disown", __('Disown Package')) ?></li>
<?php endif; ?>
- <?php endif; ?>
</ul>
</div>
</div>