summaryrefslogtreecommitdiffstats
path: root/web/html/pkgsubmit.php
diff options
context:
space:
mode:
Diffstat (limited to 'web/html/pkgsubmit.php')
-rw-r--r--web/html/pkgsubmit.php169
1 files changed, 70 insertions, 99 deletions
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php
index c566cb47..65e2f6db 100644
--- a/web/html/pkgsubmit.php
+++ b/web/html/pkgsubmit.php
@@ -33,10 +33,23 @@ if ($uid):
}
# Before processing, make sure we even have a file
- if (!$error) {
- if ($_FILES['pfile']['size'] == 0){
+ switch($_FILES['pfile']['error']) {
+ case UPLOAD_ERR_INI_SIZE:
+ $maxsize = ini_get('upload_max_filesize');
+ $error = __("Error - Uploaded file larger than maximum allowed size (%s)", $maxsize);
+ break;
+ case UPLOAD_ERR_PARTIAL:
+ $error = __("Error - File partially uploaded");
+ break;
+ case UPLOAD_ERR_NO_FILE:
$error = __("Error - No file uploaded");
- }
+ break;
+ case UPLOAD_ERR_NO_TMP_DIR:
+ $error = __("Error - Could not locate temporary upload folder");
+ break;
+ case UPLOAD_ERR_CANT_WRITE:
+ $error = __("Error - File could not be written");
+ break;
}
# Check whether the file is gzip'ed
@@ -72,23 +85,25 @@ if ($uid):
$pkgbuild_raw = '';
$dircount = 0;
foreach ($tar->listContent() as $tar_file) {
- if (preg_match('/^[^\/]+\/PKGBUILD$/', $tar_file['filename'])) {
- $pkgbuild_raw = $tar->extractInString($tar_file['filename']);
+ if ($tar_file['typeflag'] == 0) {
+ if (strchr($tar_file['filename'], '/') === false) {
+ $error = __("Error - source tarball may not contain files outside a directory.");
+ break;
+ }
+ elseif (substr($tar_file['filename'], -9) == '/PKGBUILD') {
+ $pkgbuild_raw = $tar->extractInString($tar_file['filename']);
+ }
}
- elseif (preg_match('/^[^\/]+\/$/', $tar_file['filename'])) {
- if (++$dircount > 1) {
+ elseif ($tar_file['typeflag'] == 5) {
+ if (substr_count($tar_file['filename'], "/") > 1) {
+ $error = __("Error - source tarball may not contain nested subdirectories.");
+ break;
+ }
+ elseif (++$dircount > 1) {
$error = __("Error - source tarball may not contain more than one directory.");
break;
}
}
- elseif (preg_match('/^[^\/]+$/', $tar_file['filename'])) {
- $error = __("Error - source tarball may not contain files outside a directory.");
- break;
- }
- elseif (preg_match('/^[^\/]+\/[^\/]+\//', $tar_file['filename'])) {
- $error = __("Error - source tarball may not contain nested subdirectories.");
- break;
- }
}
if (!$error && empty($pkgbuild_raw)) {
@@ -280,7 +295,7 @@ if ($uid):
$error = __( "Could not create directory %s.", $incoming_pkgdir);
}
} else {
- $error = __( "You are not allowed to overwrite the %h%s%h package.", "<b>", $pkg_name, "</b>");
+ $error = __( "You are not allowed to overwrite the %s%s%s package.", "<b>", $pkg_name, "</b>");
}
if (!$error) {
@@ -304,13 +319,10 @@ if ($uid):
# Update the backend database
if (!$error) {
-
$dbh = db_connect();
- db_query("BEGIN", $dbh);
+ begin_atomic_commit($dbh);
- $q = "SELECT * FROM Packages WHERE Name = '" . db_escape_string($new_pkgbuild['pkgname']) . "'";
- $result = db_query($q, $dbh);
- $pdata = mysql_fetch_assoc($result);
+ $pdata = pkgdetails_by_pkgname($new_pkgbuild['pkgname'], $dbh);
if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] > 0) {
$pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']);
@@ -337,46 +349,20 @@ if ($uid):
$packageID = $pdata["ID"];
# Flush out old data that will be replaced with new data
- $q = "DELETE FROM PackageDepends WHERE PackageID = " . $packageID;
- db_query($q, $dbh);
- $q = "DELETE FROM PackageSources WHERE PackageID = " . $packageID;
- db_query($q, $dbh);
+ remove_pkg_deps($packageID, $dbh);
+ remove_pkg_sources($packageID, $dbh);
# If a new category was chosen, change it to that
if ($category_id > 1) {
- $q = sprintf( "UPDATE Packages SET CategoryID = %d WHERE ID = %d",
- $category_id,
- $packageID);
-
- db_query($q, $dbh);
+ update_pkg_category($packageID, $category_id);
}
# Update package data
- $q = sprintf("UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s', License = '%s', Description = '%s', URL = '%s', OutOfDateTS = NULL, MaintainerUID = %d WHERE ID = %d",
- db_escape_string($new_pkgbuild['pkgname']),
- db_escape_string($pkg_version),
- db_escape_string($new_pkgbuild['license']),
- db_escape_string($new_pkgbuild['pkgdesc']),
- db_escape_string($new_pkgbuild['url']),
- $uid,
- $packageID);
-
- db_query($q, $dbh);
-
+ update_pkgdetails($packageID, $new_pkgbuild['pkgname'], $new_pkgbuild['license'], $pkg_version, "", $new_pkgbuild['pkgdesc'], $new_pkgbuild['url'], "", $uid, $dbh);
} else {
# This is a brand new package
- $q = sprintf("INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, SubmittedTS, ModifiedTS, SubmitterUID, MaintainerUID) VALUES ('%s', '%s', '%s', %d, '%s', '%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), %d, %d)",
- db_escape_string($new_pkgbuild['pkgname']),
- db_escape_string($new_pkgbuild['license']),
- db_escape_string($pkg_version),
- $category_id,
- db_escape_string($new_pkgbuild['pkgdesc']),
- db_escape_string($new_pkgbuild['url']),
- $uid,
- $uid);
-
- db_query($q, $dbh);
- $packageID = mysql_insert_id($dbh);
+ new_pkgdetails($new_pkgbuild['pkgname'], $new_pkgbuild['license'], $pkg_version, $category_id, $new_pkgbuild['pkgdesc'], $new_pkgbuild['url'], $uid, $dbh);
+ $packageID = last_insert_id($dbh);
}
@@ -393,23 +379,15 @@ if ($uid):
else if ($deppkgname == "#") {
break;
}
-
- $q = sprintf("INSERT INTO PackageDepends (PackageID, DepName, DepCondition) VALUES (%d, '%s', '%s')",
- $packageID,
- db_escape_string($deppkgname),
- db_escape_string($depcondition));
-
- db_query($q, $dbh);
+ add_pkg_dep($packageID, $deppkgname, $depcondition, $dbh);
}
}
# Insert sources
- $sources = explode(" ", $new_pkgbuild['source']);
- foreach ($sources as $src) {
- if ($src != "" ) {
- $q = "INSERT INTO PackageSources (PackageID, Source) VALUES (";
- $q .= $packageID . ", '" . db_escape_string($src) . "')";
- db_query($q, $dbh);
+ if (!empty($new_pkgbuild['source'])) {
+ $sources = explode(" ", $new_pkgbuild['source']);
+ foreach ($sources as $src) {
+ add_pkg_src($packageID, $src, $dbh);
}
}
@@ -420,7 +398,7 @@ if ($uid):
}
# Entire package creation process is atomic
- db_query("COMMIT", $dbh);
+ end_atomic_commit($dbh);
header('Location: packages.php?ID=' . $packageID);
}
@@ -438,11 +416,8 @@ html_header("Submit");
<p class="pkgoutput"><?php print $error ?></p>
<?php endif; ?>
-<div class="pgbox">
- <div class="pgboxtitle">
- <span class="f3"><?php print __("Submit"); ?></span>
- </div>
- <div class="pgboxbody">
+<div class="box">
+ <h2><?php echo __("Submit"); ?></h2>
<p><?php echo __("Upload your source packages here. Create source packages with `makepkg --source`.") ?></p>
<?php
@@ -454,39 +429,36 @@ html_header("Submit");
$pkg_categories = pkgCategories();
?>
-<form action='pkgsubmit.php' method='post' enctype='multipart/form-data'>
- <div> <input type='hidden' name='pkgsubmit' value='1' />
- <input type='hidden' name='token' value='<?php print htmlspecialchars($_COOKIE['AURSID']) ?>' /> </div>
- <table border='0' cellspacing='5'>
- <tr>
- <td class='f4' align='right'><?php print __("Package Category"); ?>:</td>
- <td class='f4' align='left'>
- <select name='category'>
- <option value='1'><?php print __("Select Category"); ?></option>
+<form action="pkgsubmit.php" method="post" enctype="multipart/form-data">
+ <fieldset>
+ <div>
+ <input type="hidden" name="pkgsubmit" value="1" />
+ <input type="hidden" name="token" value="<?php print htmlspecialchars($_COOKIE['AURSID']) ?>" /> </div>
+ </div>
+ <p>
+ <label for="id_category"><?php print __("Package Category"); ?>:</label>
+ <select id="id_category" name="category">
+ <option value="1"><?php print __("Select Category"); ?></option>
<?php
foreach ($pkg_categories as $num => $cat):
- print "<option value='" . $num . "'";
+ print '<option value="' . $num . '"';
if (isset($_POST['category']) && $_POST['category'] == $cat):
- print " selected='selected'";
+ print ' selected="selected"';
endif;
- print ">" . $cat . "</option>";
+ print '>' . $cat . '</option>';
endforeach;
?>
</select>
- </td>
- </tr>
- <tr>
- <td class='f4' align='right'><?php print __("Upload package file"); ?>:</td>
- <td class='f4' align='left'>
- <input type='file' name='pfile' size='30' />
- </td>
- </tr>
- <tr>
- <td align='left'>
- <input class='button' type='submit' value='<?php print __("Upload"); ?>' />
- </td>
- </tr>
- </table>
+ </p>
+ <p>
+ <label for="id_file"><?php print __("Upload package file"); ?>:</label>
+ <input id="id_file" type="file" name="pfile" size='30' />
+ </p>
+ <p>
+ <label></label>
+ <input class="button" type="submit" value="<?php print __("Upload"); ?>" />
+ </p>
+ </fieldset>
</form>
<?php
@@ -511,7 +483,6 @@ else:
endif;
?>
- </div>
</div>
<?php