summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--po/aur.pot15
-rw-r--r--web/html/pkgsubmit.php18
-rw-r--r--web/template/login_form.php6
3 files changed, 28 insertions, 11 deletions
diff --git a/po/aur.pot b/po/aur.pot
index ab3169f0..09eb858e 100644
--- a/po/aur.pot
+++ b/po/aur.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: AUR v1.9.0\n"
"Report-Msgid-Bugs-To: https://bugs.archlinux.org/index.php?project=2\n"
-"POT-Creation-Date: 2011-08-13 12:46+0200\n"
+"POT-Creation-Date: 2011-09-05 17:02+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -536,6 +536,12 @@ msgstr ""
msgid "Bad username or password."
msgstr ""
+msgid "Category"
+msgstr ""
+
+msgid "Change category"
+msgstr ""
+
msgid "Votes"
msgstr ""
@@ -700,7 +706,9 @@ msgstr ""
msgid "Forgot Password"
msgstr ""
-msgid "HTTP login is disabled. Please switch to HTTPs if you want to login: "
+#, php-format
+msgid ""
+"HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."
msgstr ""
msgid "Recent Updates"
@@ -748,9 +756,6 @@ msgstr ""
msgid "Package Listing"
msgstr ""
-msgid "Category"
-msgstr ""
-
msgid "Name"
msgstr ""
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php
index a5cc0c05..36f74bf9 100644
--- a/web/html/pkgsubmit.php
+++ b/web/html/pkgsubmit.php
@@ -311,6 +311,18 @@ if ($uid):
$pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']);
}
+ # Check the category to use, "1" meaning "none" (or "keep category" for
+ # existing packages).
+ if (isset($_POST['category'])) {
+ $category_id = intval($_POST['category']);
+ if ($category_id <= 0) {
+ $category_id = 1;
+ }
+ }
+ else {
+ $category_id = 1;
+ }
+
if ($pdata) {
# This is an overwrite of an existing package, the database ID
# needs to be preserved so that any votes are retained. However,
@@ -324,9 +336,9 @@ if ($uid):
db_query($q, $dbh);
# If a new category was chosen, change it to that
- if ($_POST['category'] > 1) {
+ if ($category_id > 1) {
$q = sprintf( "UPDATE Packages SET CategoryID = %d WHERE ID = %d",
- mysql_real_escape_string($_REQUEST['category']),
+ $category_id,
$packageID);
db_query($q, $dbh);
@@ -350,7 +362,7 @@ if ($uid):
mysql_real_escape_string($new_pkgbuild['pkgname']),
mysql_real_escape_string($new_pkgbuild['license']),
mysql_real_escape_string($pkg_version),
- mysql_real_escape_string($_REQUEST['category']),
+ $category_id,
mysql_real_escape_string($new_pkgbuild['pkgdesc']),
mysql_real_escape_string($new_pkgbuild['url']),
$uid,
diff --git a/web/template/login_form.php b/web/template/login_form.php
index b351a27e..c27e9ba3 100644
--- a/web/template/login_form.php
+++ b/web/template/login_form.php
@@ -11,7 +11,7 @@ elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']))
print "<span class='error'>" . $login_error . "</span><br />\n";
}
?>
-<form method="post" action="<?php echo $_SERVER['REQUEST_URI'] ?>">
+<form method="post" action="<?php echo htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) ?>">
<div>
<label for="user"><?php print __('Username') . ':'; ?></label>
<input type="text" name="user" id="user" size="30" maxlength="<?php print USERNAME_MAX_LEN; ?>" value="<?php
@@ -31,8 +31,8 @@ elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']))
else {
?>
<span class='error'>
- <?php echo __("HTTP login is disabled. Please switch to HTTPs if you want to login: "); ?>
- <a href="https://aur.archlinux.org/">https://aur.archlinux.org/</a>
+ <?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."),
+ '<a href="https://aur.archlinux.org' . htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) . '">', '</a>'); ?>
</span>
<?php } ?>
</div>