diff options
author | Dan McGee <dan@archlinux.org> | 2011-03-01 18:56:33 +0100 |
---|---|---|
committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-03-04 10:29:16 +0100 |
commit | ef8fab0c12f567acac80c050f44db38111f00104 (patch) | |
tree | 31b1b636aa962805b8878063af9b418b83d8a9a4 /web | |
parent | 3d5b735faec49c03c77732c3c21c2f91e59e060c (diff) | |
download | aur-ef8fab0c.tar.gz aur-ef8fab0c.tar.xz |
Ensure all variables are set in package search form
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web')
-rw-r--r-- | web/lib/pkgfuncs.inc | 34 |
1 files changed, 13 insertions, 21 deletions
diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc index ef8c20f3..0fbe3100 100644 --- a/web/lib/pkgfuncs.inc +++ b/web/lib/pkgfuncs.inc @@ -463,24 +463,23 @@ function pkg_search_page($SID="") { // TODO: possibly do string matching on category // to make request variable values more sensible - if (intval($_GET["C"])) { + if (isset($_GET["C"]) && intval($_GET["C"])) { $q.= "AND Packages.CategoryID = ".intval($_GET["C"])." "; } - if ($_GET['K']) { + if (isset($_GET['K'])) { $_GET['K'] = mysql_real_escape_string(trim($_GET['K'])); + # Search by maintainer - if ($_GET["SeB"] == "m") { + if (isset($_GET["SeB"]) && $_GET["SeB"] == "m") { $q.= "AND Users.Username = '".$_GET['K']."' "; } # Search by submitter - elseif ($_GET["SeB"] == "s") { - // FIXME: this shouldn't be making 2 queries - // kill the call to uid_from_username + elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "s") { $q.= "AND SubmitterUID = ".uid_from_username($_GET['K'])." "; # Search by name } - elseif ($_GET["SeB"] == "n") { + elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "n") { $q.= "AND (Name LIKE '%".$_GET['K']."%') "; } # Search by name and description (Default) @@ -490,7 +489,7 @@ function pkg_search_page($SID="") { } } - if ($_GET["do_Orphans"]) { + if (isset($_GET["do_Orphans"]) && $_GET["do_Orphans"] == 'Orphans') { $q.= "AND MaintainerUID IS NULL "; } @@ -503,37 +502,32 @@ function pkg_search_page($SID="") { } } - $order = $_GET["SO"] == 'd' ? 'DESC' : 'ASC'; + $order = (isset($_GET["SO"]) && $_GET["SO"] == 'd') ? 'DESC' : 'ASC'; $q_sort = "ORDER BY Name ".$order.", CategoryID DESC "; - switch ($_GET["SB"]) { + $sort_by = isset($_GET["SB"]) ? $_GET["SB"] : ''; + switch ($sort_by) { case 'c': $q_sort = "ORDER BY CategoryID ".$order.", Name ASC "; - $_GET["SB"] = 'c'; break; case 'v': $q_sort = "ORDER BY NumVotes ".$order.", Name ASC, CategoryID DESC "; - $_GET["SB"] = 'v'; break; case 'w': if ($SID) { $q_sort = "ORDER BY Voted ".$order.", Name ASC, CategoryID DESC "; } - $_GET["SB"] = 'w'; break; case 'o': if ($SID) { $q_sort = "ORDER BY Notify ".$order.", Name ASC, CategoryID DESC "; } - $_GET["SB"] = 'o'; break; case 'm': $q_sort = "ORDER BY Maintainer ".$order.", Name ASC "; - $_GET["SB"] = 'm'; break; case 'a': $q_sort = "ORDER BY GREATEST(SubmittedTS,ModifiedTS) ".$order.", Name ASC "; - $_GET["SB"] = 'a'; break; default: break; @@ -547,13 +541,11 @@ function pkg_search_page($SID="") { $total = mysql_result(db_query('SELECT FOUND_ROWS() AS Total', $dbh), 0); if ($result && $total > 0) { - if ($_GET["SO"] == "d"){ - $SO_next="a"; - $_GET["SO"] = 'd'; + if (isset($_GET["SO"]) && $_GET["SO"] == "d"){ + $SO_next = "a"; } else { - $SO_next="d"; - $_GET["SO"] = 'a'; + $SO_next = "d"; } } |