diff options
Diffstat (limited to 'web/html/pkgsubmit.php')
-rw-r--r-- | web/html/pkgsubmit.php | 169 |
1 files changed, 70 insertions, 99 deletions
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index c566cb47..65e2f6db 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -33,10 +33,23 @@ if ($uid): } # Before processing, make sure we even have a file - if (!$error) { - if ($_FILES['pfile']['size'] == 0){ + switch($_FILES['pfile']['error']) { + case UPLOAD_ERR_INI_SIZE: + $maxsize = ini_get('upload_max_filesize'); + $error = __("Error - Uploaded file larger than maximum allowed size (%s)", $maxsize); + break; + case UPLOAD_ERR_PARTIAL: + $error = __("Error - File partially uploaded"); + break; + case UPLOAD_ERR_NO_FILE: $error = __("Error - No file uploaded"); - } + break; + case UPLOAD_ERR_NO_TMP_DIR: + $error = __("Error - Could not locate temporary upload folder"); + break; + case UPLOAD_ERR_CANT_WRITE: + $error = __("Error - File could not be written"); + break; } # Check whether the file is gzip'ed @@ -72,23 +85,25 @@ if ($uid): $pkgbuild_raw = ''; $dircount = 0; foreach ($tar->listContent() as $tar_file) { - if (preg_match('/^[^\/]+\/PKGBUILD$/', $tar_file['filename'])) { - $pkgbuild_raw = $tar->extractInString($tar_file['filename']); + if ($tar_file['typeflag'] == 0) { + if (strchr($tar_file['filename'], '/') === false) { + $error = __("Error - source tarball may not contain files outside a directory."); + break; + } + elseif (substr($tar_file['filename'], -9) == '/PKGBUILD') { + $pkgbuild_raw = $tar->extractInString($tar_file['filename']); + } } - elseif (preg_match('/^[^\/]+\/$/', $tar_file['filename'])) { - if (++$dircount > 1) { + elseif ($tar_file['typeflag'] == 5) { + if (substr_count($tar_file['filename'], "/") > 1) { + $error = __("Error - source tarball may not contain nested subdirectories."); + break; + } + elseif (++$dircount > 1) { $error = __("Error - source tarball may not contain more than one directory."); break; } } - elseif (preg_match('/^[^\/]+$/', $tar_file['filename'])) { - $error = __("Error - source tarball may not contain files outside a directory."); - break; - } - elseif (preg_match('/^[^\/]+\/[^\/]+\//', $tar_file['filename'])) { - $error = __("Error - source tarball may not contain nested subdirectories."); - break; - } } if (!$error && empty($pkgbuild_raw)) { @@ -280,7 +295,7 @@ if ($uid): $error = __( "Could not create directory %s.", $incoming_pkgdir); } } else { - $error = __( "You are not allowed to overwrite the %h%s%h package.", "<b>", $pkg_name, "</b>"); + $error = __( "You are not allowed to overwrite the %s%s%s package.", "<b>", $pkg_name, "</b>"); } if (!$error) { @@ -304,13 +319,10 @@ if ($uid): # Update the backend database if (!$error) { - $dbh = db_connect(); - db_query("BEGIN", $dbh); + begin_atomic_commit($dbh); - $q = "SELECT * FROM Packages WHERE Name = '" . db_escape_string($new_pkgbuild['pkgname']) . "'"; - $result = db_query($q, $dbh); - $pdata = mysql_fetch_assoc($result); + $pdata = pkgdetails_by_pkgname($new_pkgbuild['pkgname'], $dbh); if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] > 0) { $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); @@ -337,46 +349,20 @@ if ($uid): $packageID = $pdata["ID"]; # Flush out old data that will be replaced with new data - $q = "DELETE FROM PackageDepends WHERE PackageID = " . $packageID; - db_query($q, $dbh); - $q = "DELETE FROM PackageSources WHERE PackageID = " . $packageID; - db_query($q, $dbh); + remove_pkg_deps($packageID, $dbh); + remove_pkg_sources($packageID, $dbh); # If a new category was chosen, change it to that if ($category_id > 1) { - $q = sprintf( "UPDATE Packages SET CategoryID = %d WHERE ID = %d", - $category_id, - $packageID); - - db_query($q, $dbh); + update_pkg_category($packageID, $category_id); } # Update package data - $q = sprintf("UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s', License = '%s', Description = '%s', URL = '%s', OutOfDateTS = NULL, MaintainerUID = %d WHERE ID = %d", - db_escape_string($new_pkgbuild['pkgname']), - db_escape_string($pkg_version), - db_escape_string($new_pkgbuild['license']), - db_escape_string($new_pkgbuild['pkgdesc']), - db_escape_string($new_pkgbuild['url']), - $uid, - $packageID); - - db_query($q, $dbh); - + update_pkgdetails($packageID, $new_pkgbuild['pkgname'], $new_pkgbuild['license'], $pkg_version, "", $new_pkgbuild['pkgdesc'], $new_pkgbuild['url'], "", $uid, $dbh); } else { # This is a brand new package - $q = sprintf("INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, SubmittedTS, ModifiedTS, SubmitterUID, MaintainerUID) VALUES ('%s', '%s', '%s', %d, '%s', '%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), %d, %d)", - db_escape_string($new_pkgbuild['pkgname']), - db_escape_string($new_pkgbuild['license']), - db_escape_string($pkg_version), - $category_id, - db_escape_string($new_pkgbuild['pkgdesc']), - db_escape_string($new_pkgbuild['url']), - $uid, - $uid); - - db_query($q, $dbh); - $packageID = mysql_insert_id($dbh); + new_pkgdetails($new_pkgbuild['pkgname'], $new_pkgbuild['license'], $pkg_version, $category_id, $new_pkgbuild['pkgdesc'], $new_pkgbuild['url'], $uid, $dbh); + $packageID = last_insert_id($dbh); } @@ -393,23 +379,15 @@ if ($uid): else if ($deppkgname == "#") { break; } - - $q = sprintf("INSERT INTO PackageDepends (PackageID, DepName, DepCondition) VALUES (%d, '%s', '%s')", - $packageID, - db_escape_string($deppkgname), - db_escape_string($depcondition)); - - db_query($q, $dbh); + add_pkg_dep($packageID, $deppkgname, $depcondition, $dbh); } } # Insert sources - $sources = explode(" ", $new_pkgbuild['source']); - foreach ($sources as $src) { - if ($src != "" ) { - $q = "INSERT INTO PackageSources (PackageID, Source) VALUES ("; - $q .= $packageID . ", '" . db_escape_string($src) . "')"; - db_query($q, $dbh); + if (!empty($new_pkgbuild['source'])) { + $sources = explode(" ", $new_pkgbuild['source']); + foreach ($sources as $src) { + add_pkg_src($packageID, $src, $dbh); } } @@ -420,7 +398,7 @@ if ($uid): } # Entire package creation process is atomic - db_query("COMMIT", $dbh); + end_atomic_commit($dbh); header('Location: packages.php?ID=' . $packageID); } @@ -438,11 +416,8 @@ html_header("Submit"); <p class="pkgoutput"><?php print $error ?></p> <?php endif; ?> -<div class="pgbox"> - <div class="pgboxtitle"> - <span class="f3"><?php print __("Submit"); ?></span> - </div> - <div class="pgboxbody"> +<div class="box"> + <h2><?php echo __("Submit"); ?></h2> <p><?php echo __("Upload your source packages here. Create source packages with `makepkg --source`.") ?></p> <?php @@ -454,39 +429,36 @@ html_header("Submit"); $pkg_categories = pkgCategories(); ?> -<form action='pkgsubmit.php' method='post' enctype='multipart/form-data'> - <div> <input type='hidden' name='pkgsubmit' value='1' /> - <input type='hidden' name='token' value='<?php print htmlspecialchars($_COOKIE['AURSID']) ?>' /> </div> - <table border='0' cellspacing='5'> - <tr> - <td class='f4' align='right'><?php print __("Package Category"); ?>:</td> - <td class='f4' align='left'> - <select name='category'> - <option value='1'><?php print __("Select Category"); ?></option> +<form action="pkgsubmit.php" method="post" enctype="multipart/form-data"> + <fieldset> + <div> + <input type="hidden" name="pkgsubmit" value="1" /> + <input type="hidden" name="token" value="<?php print htmlspecialchars($_COOKIE['AURSID']) ?>" /> </div> + </div> + <p> + <label for="id_category"><?php print __("Package Category"); ?>:</label> + <select id="id_category" name="category"> + <option value="1"><?php print __("Select Category"); ?></option> <?php foreach ($pkg_categories as $num => $cat): - print "<option value='" . $num . "'"; + print '<option value="' . $num . '"'; if (isset($_POST['category']) && $_POST['category'] == $cat): - print " selected='selected'"; + print ' selected="selected"'; endif; - print ">" . $cat . "</option>"; + print '>' . $cat . '</option>'; endforeach; ?> </select> - </td> - </tr> - <tr> - <td class='f4' align='right'><?php print __("Upload package file"); ?>:</td> - <td class='f4' align='left'> - <input type='file' name='pfile' size='30' /> - </td> - </tr> - <tr> - <td align='left'> - <input class='button' type='submit' value='<?php print __("Upload"); ?>' /> - </td> - </tr> - </table> + </p> + <p> + <label for="id_file"><?php print __("Upload package file"); ?>:</label> + <input id="id_file" type="file" name="pfile" size='30' /> + </p> + <p> + <label></label> + <input class="button" type="submit" value="<?php print __("Upload"); ?>" /> + </p> + </fieldset> </form> <?php @@ -511,7 +483,6 @@ else: endif; ?> - </div> </div> <?php |