summaryrefslogtreecommitdiffstats
path: root/web/html
diff options
context:
space:
mode:
Diffstat (limited to 'web/html')
-rw-r--r--web/html/login.php9
-rw-r--r--web/html/pkgsubmit.php8
2 files changed, 9 insertions, 8 deletions
diff --git a/web/html/login.php b/web/html/login.php
index e458fec0..dba3af53 100644
--- a/web/html/login.php
+++ b/web/html/login.php
@@ -5,7 +5,8 @@ include_once("aur.inc.php");
set_lang();
check_sid();
-if (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
+$disable_http_login = config_get_bool('options', 'disable_http_login');
+if (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
$login = try_login();
$login_error = $login['error'];
}
@@ -19,7 +20,7 @@ html_header('AUR ' . __("Login"));
<?= __("Logged-in as: %s", '<strong>' . username_from_sid($_COOKIE["AURSID"]) . '</strong>'); ?>
<a href="<?= get_uri('/logout/'); ?>">[<?= __("Logout"); ?>]</a>
</p>
- <?php elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?>
+ <?php elseif (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?>
<form method="post" action="<?= get_uri('/login') ?>">
<fieldset>
<legend><?= __('Enter login credentials') ?></legend>
@@ -28,7 +29,7 @@ html_header('AUR ' . __("Login"));
<?php endif; ?>
<p>
<label for="id_username"><?= __('Username') . ':'; ?></label>
- <input id="id_username" type="text" name="user" size="30" maxlength="<?= USERNAME_MAX_LEN; ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" />
+ <input id="id_username" type="text" name="user" size="30" maxlength="<?= config_get_int('options', 'username_max_len'); ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" />
</p>
<p>
<label for="id_password"><?= __('Password') . ':'; ?></label>
@@ -47,7 +48,7 @@ html_header('AUR ' . __("Login"));
<?php else: ?>
<p>
<?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."),
- '<a href="' . $AUR_LOCATION . get_uri('/login') . '">', '</a>'); ?>
+ '<a href="' . aur_location() . get_uri('/login') . '">', '</a>'); ?>
</p>
<?php endif; ?>
</div>
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php
index 8cecd673..be9220ec 100644
--- a/web/html/pkgsubmit.php
+++ b/web/html/pkgsubmit.php
@@ -1,7 +1,6 @@
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
-include_once("config.inc.php");
require_once('Archive/Tar.php');
@@ -64,11 +63,12 @@ if ($uid):
}
# Check uncompressed file size (ZIP bomb protection)
- if (!$error && $MAX_FILESIZE_UNCOMPRESSED) {
+ $max_filesize_uncompressed = config_get_int('options', 'max_filesize_uncompressed');
+ if (!$error && $max_filesize_uncompressed) {
fseek($fh, -4, SEEK_END);
list(, $filesize_uncompressed) = unpack('V', fread($fh, 4));
- if ($filesize_uncompressed > $MAX_FILESIZE_UNCOMPRESSED) {
+ if ($filesize_uncompressed > $max_filesize_uncompressed) {
$error = __("Error - uncompressed file size too large.");
}
}
@@ -273,7 +273,7 @@ if ($uid):
}
if (isset($pkgbase_name)) {
- $incoming_pkgdir = INCOMING_DIR . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name;
+ $incoming_pkgdir = config_get('paths', 'storage') . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name;
}
/* Upload PKGBUILD and tarball. */