diff options
| author | Lukas Fleischer <archlinux@cryptocrack.de> | 2010-11-04 18:10:56 +0100 |
|---|---|---|
| committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-01-19 23:18:09 +0100 |
| commit | ec0dfc27deb246ee7d7f19fd5290e499805869d2 (patch) | |
| tree | 3f267383b82cc4ef34f3c3e51b10bb0795b948e6 /web/template/pkg_details.php | |
| parent | 233f67b87edf0d063c0f56cece50c2f1bb1a31ff (diff) | |
| download | aur-ec0dfc27deb246ee7d7f19fd5290e499805869d2.tar.gz aur-ec0dfc27deb246ee7d7f19fd5290e499805869d2.tar.xz | |
Removed code for tarball extraction.
Automatic tarball extraction was vulnerable in different ways. Users
should also only use source tarballs to build packages, so this has been
removed completely. From now on, only the PKGBUILD is extracted in a
secure manner.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template/pkg_details.php')
| -rw-r--r-- | web/template/pkg_details.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index 7c6356d1..8dd3d284 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -77,8 +77,9 @@ $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("r", intval($row[ <p><span class='f3'> <?php if ($row['LocationID'] == 2) { - $urlpath = URL_DIR . $row['Name'] . '/' . $row['Name']; - print "<a href='$urlpath.tar.gz'>".__("Tarball")."</a> :: <a href='$urlpath'>".__("Files")."</a> :: <a href='$urlpath/PKGBUILD'>PKGBUILD</a></span>"; + $urlpath = URL_DIR . $row['Name']; + print "<a href='$urlpath/" . $row['Name'] . ".tar.gz'>".__("Tarball")."</a> :: "; + print "<a href='$urlpath/PKGBUILD'>".__("PKGBUILD")."</a></span>"; } if ($row["OutOfDateTS"] !== NULL) { |