diff options
-rw-r--r-- | web/html/pkgsubmit.php | 12 | ||||
-rw-r--r-- | web/lib/pkgfuncs.inc | 9 |
2 files changed, 12 insertions, 9 deletions
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index a7b4152b..df25360a 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -25,8 +25,10 @@ if ($_COOKIE["AURSID"]): $error = __("Error - No file uploaded"); } + $uid = uid_from_sid($_COOKIE['AURSID']); + # Temporary dir to put the tarball contents - $tempdir = UPLOAD_DIR . uid_from_sid($_COOKIE['AURSID']) . time(); + $tempdir = UPLOAD_DIR . $uid . time(); if (!$error) { if (!@mkdir($tempdir)) { @@ -278,8 +280,8 @@ if ($_COOKIE["AURSID"]): # If the package was a dummy, undummy it if ($pdata['DummyPkg']) { $q = sprintf( "UPDATE Packages SET DummyPkg = 0, SubmitterUID = %d, MaintainerUID = %d, SubmittedTS = UNIX_TIMESTAMP() WHERE ID = %d", - uid_from_sid($_COOKIE["AURSID"]), - uid_from_sid($_COOKIE["AURSID"]), + $uid, + $uid, $pdata["ID"]); db_query($q, $dbh); @@ -346,8 +348,8 @@ if ($_COOKIE["AURSID"]): mysql_real_escape_string($_REQUEST['category']), mysql_real_escape_string($new_pkgbuild['pkgdesc']), mysql_real_escape_string($new_pkgbuild['url']), - uid_from_sid($_COOKIE["AURSID"]), - uid_from_sid($_COOKIE["AURSID"]), + $uid, + $uid, mysql_real_escape_string($incoming_pkgdir . "/" . $pkg_name . ".tar.gz"), mysql_real_escape_string(URL_DIR . $pkg_name . "/" . $pkg_name . ".tar.gz")); diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc index 2ebae895..9535f183 100644 --- a/web/lib/pkgfuncs.inc +++ b/web/lib/pkgfuncs.inc @@ -272,6 +272,7 @@ function package_details($id=0, $SID="") { global $_REQUEST; global $pkgsearch_vars; $atype = account_from_sid($SID); + $uid = uid_from_sid($SID); $q = "SELECT Packages.*,Location,Category "; $q.= "FROM Packages,PackageLocations,PackageCategories "; $q.= "WHERE Packages.LocationID = PackageLocations.ID "; @@ -304,7 +305,7 @@ function package_details($id=0, $SID="") { echo " <tr><td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='30'></td></tr>\n"; echo " <tr><td class='boxSoft' colspan='2'><span class='f3'>"; if ($row["Location"] == "unsupported" and ( - uid_from_sid($SID) == $row["MaintainerUID"] or + $uid == $row["MaintainerUID"] or ($atype == "Developer" or $atype == "Trusted User"))) { $edit_cat = "<a href='pkgedit.php?change_Category=1&ID="; @@ -479,7 +480,7 @@ function package_details($id=0, $SID="") { echo " <input type='hidden' name='ID' value='".$row["ID"]."'>\n"; # Voting Button # - $q = "SELECT * FROM PackageVotes WHERE UsersID = ".uid_from_sid($SID); + $q = "SELECT * FROM PackageVotes WHERE UsersID = ". $uid; $q.= " AND PackageID = ".$row["ID"]; if (!mysql_num_rows(db_query($q, $dbh))) { echo " <input type='submit' class='button' name='do_Vote'"; @@ -490,7 +491,7 @@ function package_details($id=0, $SID="") { } # Comment Nofify Button # - $q = "SELECT * FROM CommentNotify WHERE UserID = ".uid_from_sid($SID); + $q = "SELECT * FROM CommentNotify WHERE UserID = ". $uid; $q.= " AND PkgID = ".$row["ID"]; if (!mysql_num_rows(db_query($q, $dbh))) { echo "<input type='submit' class='button' name='do_Notify'"; @@ -511,7 +512,7 @@ function package_details($id=0, $SID="") { if ($row["MaintainerUID"] == 0) { echo "<input type='submit' class='button' name='do_Adopt'"; echo " value='".__("Adopt Packages")."'>\n"; - } else if ($row["MaintainerUID"] == uid_from_sid($SID) || + } else if ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer") { echo "<input type='submit' class='button' name='do_Disown'"; echo " value='".__("Disown Packages")."'>\n"; |