diff options
Diffstat (limited to 'web/html')
-rw-r--r-- | web/html/login.php | 9 | ||||
-rw-r--r-- | web/html/pkgsubmit.php | 8 |
2 files changed, 9 insertions, 8 deletions
diff --git a/web/html/login.php b/web/html/login.php index e458fec0..dba3af53 100644 --- a/web/html/login.php +++ b/web/html/login.php @@ -5,7 +5,8 @@ include_once("aur.inc.php"); set_lang(); check_sid(); -if (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) { +$disable_http_login = config_get_bool('options', 'disable_http_login'); +if (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) { $login = try_login(); $login_error = $login['error']; } @@ -19,7 +20,7 @@ html_header('AUR ' . __("Login")); <?= __("Logged-in as: %s", '<strong>' . username_from_sid($_COOKIE["AURSID"]) . '</strong>'); ?> <a href="<?= get_uri('/logout/'); ?>">[<?= __("Logout"); ?>]</a> </p> - <?php elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?> + <?php elseif (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?> <form method="post" action="<?= get_uri('/login') ?>"> <fieldset> <legend><?= __('Enter login credentials') ?></legend> @@ -28,7 +29,7 @@ html_header('AUR ' . __("Login")); <?php endif; ?> <p> <label for="id_username"><?= __('Username') . ':'; ?></label> - <input id="id_username" type="text" name="user" size="30" maxlength="<?= USERNAME_MAX_LEN; ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" /> + <input id="id_username" type="text" name="user" size="30" maxlength="<?= config_get_int('options', 'username_max_len'); ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" /> </p> <p> <label for="id_password"><?= __('Password') . ':'; ?></label> @@ -47,7 +48,7 @@ html_header('AUR ' . __("Login")); <?php else: ?> <p> <?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."), - '<a href="' . $AUR_LOCATION . get_uri('/login') . '">', '</a>'); ?> + '<a href="' . aur_location() . get_uri('/login') . '">', '</a>'); ?> </p> <?php endif; ?> </div> diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index 8cecd673..be9220ec 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -1,7 +1,6 @@ <?php set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); -include_once("config.inc.php"); require_once('Archive/Tar.php'); @@ -64,11 +63,12 @@ if ($uid): } # Check uncompressed file size (ZIP bomb protection) - if (!$error && $MAX_FILESIZE_UNCOMPRESSED) { + $max_filesize_uncompressed = config_get_int('options', 'max_filesize_uncompressed'); + if (!$error && $max_filesize_uncompressed) { fseek($fh, -4, SEEK_END); list(, $filesize_uncompressed) = unpack('V', fread($fh, 4)); - if ($filesize_uncompressed > $MAX_FILESIZE_UNCOMPRESSED) { + if ($filesize_uncompressed > $max_filesize_uncompressed) { $error = __("Error - uncompressed file size too large."); } } @@ -273,7 +273,7 @@ if ($uid): } if (isset($pkgbase_name)) { - $incoming_pkgdir = INCOMING_DIR . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name; + $incoming_pkgdir = config_get('paths', 'storage') . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name; } /* Upload PKGBUILD and tarball. */ |