summaryrefslogtreecommitdiffstats
path: root/web
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2011-03-01 18:56:33 +0100
committerLukas Fleischer <archlinux@cryptocrack.de>2011-03-04 10:29:16 +0100
commitef8fab0c12f567acac80c050f44db38111f00104 (patch)
tree31b1b636aa962805b8878063af9b418b83d8a9a4 /web
parent3d5b735faec49c03c77732c3c21c2f91e59e060c (diff)
downloadaur-ef8fab0c.tar.gz
aur-ef8fab0c.tar.xz
Ensure all variables are set in package search form
Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web')
-rw-r--r--web/lib/pkgfuncs.inc34
1 files changed, 13 insertions, 21 deletions
diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc
index ef8c20f3..0fbe3100 100644
--- a/web/lib/pkgfuncs.inc
+++ b/web/lib/pkgfuncs.inc
@@ -463,24 +463,23 @@ function pkg_search_page($SID="") {
// TODO: possibly do string matching on category
// to make request variable values more sensible
- if (intval($_GET["C"])) {
+ if (isset($_GET["C"]) && intval($_GET["C"])) {
$q.= "AND Packages.CategoryID = ".intval($_GET["C"])." ";
}
- if ($_GET['K']) {
+ if (isset($_GET['K'])) {
$_GET['K'] = mysql_real_escape_string(trim($_GET['K']));
+
# Search by maintainer
- if ($_GET["SeB"] == "m") {
+ if (isset($_GET["SeB"]) && $_GET["SeB"] == "m") {
$q.= "AND Users.Username = '".$_GET['K']."' ";
}
# Search by submitter
- elseif ($_GET["SeB"] == "s") {
- // FIXME: this shouldn't be making 2 queries
- // kill the call to uid_from_username
+ elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "s") {
$q.= "AND SubmitterUID = ".uid_from_username($_GET['K'])." ";
# Search by name
}
- elseif ($_GET["SeB"] == "n") {
+ elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "n") {
$q.= "AND (Name LIKE '%".$_GET['K']."%') ";
}
# Search by name and description (Default)
@@ -490,7 +489,7 @@ function pkg_search_page($SID="") {
}
}
- if ($_GET["do_Orphans"]) {
+ if (isset($_GET["do_Orphans"]) && $_GET["do_Orphans"] == 'Orphans') {
$q.= "AND MaintainerUID IS NULL ";
}
@@ -503,37 +502,32 @@ function pkg_search_page($SID="") {
}
}
- $order = $_GET["SO"] == 'd' ? 'DESC' : 'ASC';
+ $order = (isset($_GET["SO"]) && $_GET["SO"] == 'd') ? 'DESC' : 'ASC';
$q_sort = "ORDER BY Name ".$order.", CategoryID DESC ";
- switch ($_GET["SB"]) {
+ $sort_by = isset($_GET["SB"]) ? $_GET["SB"] : '';
+ switch ($sort_by) {
case 'c':
$q_sort = "ORDER BY CategoryID ".$order.", Name ASC ";
- $_GET["SB"] = 'c';
break;
case 'v':
$q_sort = "ORDER BY NumVotes ".$order.", Name ASC, CategoryID DESC ";
- $_GET["SB"] = 'v';
break;
case 'w':
if ($SID) {
$q_sort = "ORDER BY Voted ".$order.", Name ASC, CategoryID DESC ";
}
- $_GET["SB"] = 'w';
break;
case 'o':
if ($SID) {
$q_sort = "ORDER BY Notify ".$order.", Name ASC, CategoryID DESC ";
}
- $_GET["SB"] = 'o';
break;
case 'm':
$q_sort = "ORDER BY Maintainer ".$order.", Name ASC ";
- $_GET["SB"] = 'm';
break;
case 'a':
$q_sort = "ORDER BY GREATEST(SubmittedTS,ModifiedTS) ".$order.", Name ASC ";
- $_GET["SB"] = 'a';
break;
default:
break;
@@ -547,13 +541,11 @@ function pkg_search_page($SID="") {
$total = mysql_result(db_query('SELECT FOUND_ROWS() AS Total', $dbh), 0);
if ($result && $total > 0) {
- if ($_GET["SO"] == "d"){
- $SO_next="a";
- $_GET["SO"] = 'd';
+ if (isset($_GET["SO"]) && $_GET["SO"] == "d"){
+ $SO_next = "a";
}
else {
- $SO_next="d";
- $_GET["SO"] = 'a';
+ $SO_next = "d";
}
}