diff options
-rw-r--r-- | po/aur.pot | 15 | ||||
-rw-r--r-- | web/html/pkgsubmit.php | 18 | ||||
-rw-r--r-- | web/template/login_form.php | 6 |
3 files changed, 28 insertions, 11 deletions
@@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: AUR v1.9.0\n" "Report-Msgid-Bugs-To: https://bugs.archlinux.org/index.php?project=2\n" -"POT-Creation-Date: 2011-08-13 12:46+0200\n" +"POT-Creation-Date: 2011-09-05 17:02+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -536,6 +536,12 @@ msgstr "" msgid "Bad username or password." msgstr "" +msgid "Category" +msgstr "" + +msgid "Change category" +msgstr "" + msgid "Votes" msgstr "" @@ -700,7 +706,9 @@ msgstr "" msgid "Forgot Password" msgstr "" -msgid "HTTP login is disabled. Please switch to HTTPs if you want to login: " +#, php-format +msgid "" +"HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login." msgstr "" msgid "Recent Updates" @@ -748,9 +756,6 @@ msgstr "" msgid "Package Listing" msgstr "" -msgid "Category" -msgstr "" - msgid "Name" msgstr "" diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index a5cc0c05..36f74bf9 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -311,6 +311,18 @@ if ($uid): $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); } + # Check the category to use, "1" meaning "none" (or "keep category" for + # existing packages). + if (isset($_POST['category'])) { + $category_id = intval($_POST['category']); + if ($category_id <= 0) { + $category_id = 1; + } + } + else { + $category_id = 1; + } + if ($pdata) { # This is an overwrite of an existing package, the database ID # needs to be preserved so that any votes are retained. However, @@ -324,9 +336,9 @@ if ($uid): db_query($q, $dbh); # If a new category was chosen, change it to that - if ($_POST['category'] > 1) { + if ($category_id > 1) { $q = sprintf( "UPDATE Packages SET CategoryID = %d WHERE ID = %d", - mysql_real_escape_string($_REQUEST['category']), + $category_id, $packageID); db_query($q, $dbh); @@ -350,7 +362,7 @@ if ($uid): mysql_real_escape_string($new_pkgbuild['pkgname']), mysql_real_escape_string($new_pkgbuild['license']), mysql_real_escape_string($pkg_version), - mysql_real_escape_string($_REQUEST['category']), + $category_id, mysql_real_escape_string($new_pkgbuild['pkgdesc']), mysql_real_escape_string($new_pkgbuild['url']), $uid, diff --git a/web/template/login_form.php b/web/template/login_form.php index b351a27e..c27e9ba3 100644 --- a/web/template/login_form.php +++ b/web/template/login_form.php @@ -11,7 +11,7 @@ elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) print "<span class='error'>" . $login_error . "</span><br />\n"; } ?> -<form method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>"> +<form method="post" action="<?php echo htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) ?>"> <div> <label for="user"><?php print __('Username') . ':'; ?></label> <input type="text" name="user" id="user" size="30" maxlength="<?php print USERNAME_MAX_LEN; ?>" value="<?php @@ -31,8 +31,8 @@ elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) else { ?> <span class='error'> - <?php echo __("HTTP login is disabled. Please switch to HTTPs if you want to login: "); ?> - <a href="https://aur.archlinux.org/">https://aur.archlinux.org/</a> + <?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."), + '<a href="https://aur.archlinux.org' . htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) . '">', '</a>'); ?> </span> <?php } ?> </div> |