diff options
Diffstat (limited to 'web/lib/pkgfuncs.inc.php')
-rw-r--r-- | web/lib/pkgfuncs.inc.php | 310 |
1 files changed, 295 insertions, 15 deletions
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index 88b18b88..0009b93b 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -200,6 +200,56 @@ function package_comments($pkgid, $dbh=NULL) { return $comments; } +# Add a comment to a package page and send out appropriate notifications +# TODO: Move notification logic to separate function where it belongs +function add_package_comment($pkgid, $uid, $comment, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + + $q = 'INSERT INTO PackageComments '; + $q.= '(PackageID, UsersID, Comments, CommentTS) VALUES ('; + $q.= intval($pkgid) . ', ' . $uid . ', '; + $q.= "'" . db_escape_string($comment) . "', "; + $q.= 'UNIX_TIMESTAMP())'; + db_query($q, $dbh); + + # Send email notifications + $q = 'SELECT CommentNotify.*, Users.Email '; + $q.= 'FROM CommentNotify, Users '; + $q.= 'WHERE Users.ID = CommentNotify.UserID '; + $q.= 'AND CommentNotify.UserID != ' . $uid . ' '; + $q.= 'AND CommentNotify.PkgID = ' . intval($pkgid); + $result = db_query($q, $dbh); + $bcc = array(); + + if (mysql_num_rows($result)) { + while ($row = mysql_fetch_assoc($result)) { + array_push($bcc, $row['Email']); + } + + $q = 'SELECT Packages.* '; + $q.= 'FROM Packages '; + $q.= 'WHERE Packages.ID = ' . intval($pkgid); + $result = db_query($q, $dbh); + $row = mysql_fetch_assoc($result); + + # TODO: native language emails for users, based on their prefs + # Simply making these strings translatable won't work, users would be + # getting emails in the language that the user who posted the comment was in + $body = + 'from ' . $AUR_LOCATION . '/packages.php?ID=' + . $pkgid . "\n" + . username_from_sid($_COOKIE['AURSID'], $dbh) . " wrote:\n\n" + . $comment + . "\n\n---\nIf you no longer wish to receive notifications about this package, please go the the above package page and click the UnNotify button."; + $body = wordwrap($body, 70); + $bcc = implode(', ', $bcc); + $headers = "Bcc: $bcc\nReply-to: nobody@archlinux.org\nFrom: aur-notify@archlinux.org\nX-Mailer: AUR\n"; + @mail('undisclosed-recipients: ;', "AUR Comment for " . $row['Name'], $body, $headers); + } +} + # grab package sources # function package_sources($pkgid, $dbh=NULL) { @@ -269,20 +319,37 @@ function pkgnotify_from_sid($sid="", $dbh=NULL) { # get name of package based on pkgid # -function pkgname_from_id($pkgid, $dbh=NULL) { - $pkgid = intval($pkgid); - $name = ""; - if ($pkgid > 0) { +function pkgname_from_id($pkgids, $dbh=NULL) { + if (is_array($pkgids)) { + $pkgids = sanitize_ids($pkgids); + $names = array(); + if(!$dbh) { + $dbh = db_connect(); + } + $q = "SELECT Name FROM Packages WHERE ID IN (" . + implode(",", $pkgids) . ")"; + $result = db_query($q, $dbh); + if (mysql_num_rows($result) > 0) { + while ($row = mysql_fetch_assoc($result)) { + $names[] = $row['Name']; + } + } + return $names; + } + elseif ($pkgids > 0) { if(!$dbh) { $dbh = db_connect(); } - $q = "SELECT Name FROM Packages WHERE ID = " . $pkgid; + $q = "SELECT Name FROM Packages WHERE ID = " . $pkgids; $result = db_query($q, $dbh); if (mysql_num_rows($result) > 0) { $name = mysql_result($result, 0); } + return $name; + } + else { + return NULL; } - return $name; } # Check if a package name is blacklisted. @@ -301,6 +368,8 @@ function pkgname_is_blacklisted($name, $dbh=NULL) { # display package details # function package_details($id=0, $SID="", $dbh=NULL) { + global $AUR_LOCATION; + if(!$dbh) { $dbh = db_connect(); } @@ -312,12 +381,12 @@ function package_details($id=0, $SID="", $dbh=NULL) { $results = db_query($q, $dbh); if (!$results) { - print __("Error retrieving package details.") . "<br />\n"; + print "<p>" . __("Error retrieving package details.") . "</p>\n"; } else { $row = mysql_fetch_assoc($results); if (empty($row)) { - print __("Package details could not be found.") . "<br />\n"; + print "<p>" . __("Package details could not be found.") . "</p>\n"; } else { @@ -326,6 +395,10 @@ function package_details($id=0, $SID="", $dbh=NULL) { # Actions Bar if ($SID) { include('actions_form.php'); + if (isset($_REQUEST['comment']) && check_token()) { + $uid = uid_from_sid($SID, $dbh); + add_package_comment($id, $uid, $_REQUEST['comment'], $dbh); + } include('pkg_comment_form.php'); } @@ -563,8 +636,8 @@ function pkg_search_page($SID="", $dbh=NULL) { $templ_pages = array(); if ($current > 1) { - $templ_pages[__('First')] = 0; - $templ_pages[__('Previous')] = ($current - 2) * $per_page; + $templ_pages['« ' . __('First')] = 0; + $templ_pages['‹ ' . __('Previous')] = ($current - 2) * $per_page; } if ($current - 5 > 1) @@ -578,11 +651,16 @@ function pkg_search_page($SID="", $dbh=NULL) { $templ_pages["... "] = false; if ($current < $pages) { - $templ_pages[__('Next')] = $current * $per_page; - $templ_pages[__('Last')] = ($pages - 1) * $per_page; + $templ_pages[__('Next') . ' ›'] = $current * $per_page; + $templ_pages[__('Last') . ' »'] = ($pages - 1) * $per_page; } include('pkg_search_form.php'); + + while ($row = mysql_fetch_assoc($result)) { + $searchresults[] = $row; + } + include('pkg_search_results.php'); return; @@ -618,6 +696,8 @@ function sanitize_ids($ids) { * @return string Translated success or error messages */ function pkg_flag ($atype, $ids, $action=true, $dbh=NULL) { + global $AUR_LOCATION; + if (!$atype) { if ($action) { return __("You must be logged in before you can flag packages."); @@ -664,7 +744,7 @@ function pkg_flag ($atype, $ids, $action=true, $dbh=NULL) { if (mysql_num_rows($result)) { while ($row = mysql_fetch_assoc($result)) { # construct email - $body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . " [1]. You may view your package at:\nhttps://aur.archlinux.org/packages.php?ID=" . $row['ID'] . "\n\n[1] - https://aur.archlinux.org/account.php?Action=AccountInfo&ID=" . $f_uid; + $body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . " [1]. You may view your package at:\n" . $AUR_LOCATION . "/packages.php?ID=" . $row['ID'] . "\n\n[1] - " . $AUR_LOCATION . "/account.php?Action=AccountInfo&ID=" . $f_uid; $body = wordwrap($body, 70); $headers = "Reply-to: nobody@archlinux.org\nFrom:aur-notify@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: Produced By AUR\n"; @mail($row['Email'], "AUR Out-of-date Notification for ".$row['Name'], $body, $headers); @@ -708,6 +788,44 @@ function pkg_delete ($atype, $ids, $mergepkgid, $dbh=NULL) { } if ($mergepkgid) { + $mergepkgname = pkgname_from_id($mergepkgid, $dbh); + } + + # Send email notifications + foreach ($ids as $pkgid) { + $q = 'SELECT CommentNotify.*, Users.Email '; + $q.= 'FROM CommentNotify, Users '; + $q.= 'WHERE Users.ID = CommentNotify.UserID '; + $q.= 'AND CommentNotify.UserID != ' . uid_from_sid($_COOKIE['AURSID']) . ' '; + $q.= 'AND CommentNotify.PkgID = ' . $pkgid; + $result = db_query($q, $dbh); + $bcc = array(); + + while ($row = mysql_fetch_assoc($result)) { + array_push($bcc, $row['Email']); + } + if (!empty($bcc)) { + $pkgname = pkgname_from_id($pkgid); + + # TODO: native language emails for users, based on their prefs + # Simply making these strings translatable won't work, users would be + # getting emails in the language that the user who posted the comment was in + $body = ""; + if ($mergepkgid) { + $body .= username_from_sid($_COOKIE['AURSID']) . " merged \"".$pkgname."\" into \"$mergepkgname\".\n\n"; + $body .= "You will no longer receive notifications about this package, please go to https://aur.archlinux.org/packages.php?ID=".$mergepkgid." and click the Notify button if you wish to recieve them again."; + } else { + $body .= username_from_sid($_COOKIE['AURSID']) . " deleted \"".$pkgname."\".\n\n"; + $body .= "You will no longer receive notifications about this package."; + } + $body = wordwrap($body, 70); + $bcc = implode(', ', $bcc); + $headers = "Bcc: $bcc\nReply-to: nobody@archlinux.org\nFrom: aur-notify@archlinux.org\nX-Mailer: AUR\n"; + @mail('undisclosed-recipients: ;', "AUR Package deleted: " . $pkgname, $body, $headers); + } + } + + if ($mergepkgid) { /* Merge comments */ $q = "UPDATE PackageComments "; $q.= "SET PackageID = " . intval($mergepkgid) . " "; @@ -889,6 +1007,71 @@ function pkg_vote ($atype, $ids, $action=true, $dbh=NULL) { } } +# Get all usernames and ids for a specifc package id +function getvotes($pkgid, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + + $pkgid = db_escape_string($pkgid); + + $q = "SELECT UsersID,Username FROM PackageVotes "; + $q.= "LEFT JOIN Users on (UsersID = ID) "; + $q.= "WHERE PackageID = ". $pkgid . " "; + $q.= "ORDER BY Username"; + $result = db_query($q, $dbh); + + if (!$result) { + return; + } + + while ($row = mysql_fetch_assoc($result)) { + $votes[] = $row; + } + + return $votes; +} + +# Determine if a user has already voted for a specific package +function user_voted($uid, $pkgid, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + + $uid = db_escape_string($uid); + $pkgid = db_escape_string($pkgid); + + $q = "SELECT * FROM PackageVotes WHERE UsersID = ". $uid; + $q.= " AND PackageID = ".$pkgid; + $result = db_query($q, $dbh); + if (mysql_num_rows($result)) { + return true; + } + else { + return false; + } +} + +# Determine if a user wants notifications for a specific package +function user_notify($uid, $pkgid, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + + $uid = db_escape_string($uid); + $pkgid = db_escape_string($pkgid); + + $q = "SELECT * FROM CommentNotify WHERE UserID = ". $uid; + $q.= " AND PkgID = ".$pkgid; + $result = db_query($q, $dbh); + if (mysql_num_rows($result)) { + return true; + } + else { + return false; + } +} + /** * Toggle notification of packages * @@ -1046,8 +1229,8 @@ function pkg_change_category($atype, $dbh=NULL) { } $uid = uid_from_sid($_COOKIE["AURSID"], $dbh); - if ($uid == $pkg["MaintainerUID"] or - ($atype == "Developer" or $atype == "Trusted User")) { + if ($uid == $pkg["MaintainerUID"] || + ($atype == "Developer" || $atype == "Trusted User")) { $q = "UPDATE Packages "; $q.= "SET CategoryID = ".intval($category_id)." "; $q.= "WHERE ID = ".intval($pid); @@ -1057,3 +1240,100 @@ function pkg_change_category($atype, $dbh=NULL) { return __("You are not allowed to change this package category."); } } + +function pkgdetails_by_pkgname($pkgname, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + $q = "SELECT * FROM Packages WHERE Name = '" . db_escape_string($pkgname) . "'"; + $result = db_query($q, $dbh); + if ($result) { + $pdata = mysql_fetch_assoc($result); + } + return $pdata; +} + +function new_pkgdetails($pkgname, $license, $pkgver, $category_id, $pkgdesc, $pkgurl, $uid, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + $q = sprintf("INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, SubmittedTS, ModifiedTS, SubmitterUID, MaintainerUID) VALUES ('%s', '%s', '%s', %d, '%s', '%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), %d, %d)", + db_escape_string($pkgname), + db_escape_string($license), + db_escape_string($pkgver), + $category_id, + db_escape_string($pkgdesc), + db_escape_string($pkgurl), + $uid, + $uid); + + db_query($q, $dbh); +} + +function update_pkgdetails($pkgname, $license, $pkgver, $pkgdesc, $pkgurl, $uid, $pkgid, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + # This is an overwrite of an existing package + $q = sprintf("UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s', License = '%s', Description = '%s', URL = '%s', OutOfDateTS = NULL, MaintainerUID = %d WHERE ID = %d", + db_escape_string($pkgname), + db_escape_string($pkgver), + db_escape_string($license), + db_escape_string($pkgdesc), + db_escape_string($pkgurl), + $uid, + $pkgid); + + db_query($q, $dbh); +} + +function add_pkg_dep($pkgid, $depname, $depcondition, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + $q = sprintf("INSERT INTO PackageDepends (PackageID, DepName, DepCondition) VALUES (%d, '%s', '%s')", + $pkgid, + db_escape_string($depname), + db_escape_string($depcondition)); + + db_query($q, $dbh); +} + +function add_pkg_src($pkgid, $pkgsrc, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + $q = "INSERT INTO PackageSources (PackageID, Source) VALUES ("; + $q .= $pkgid . ", '" . db_escape_string($pkgsrc) . "')"; + + db_query($q, $dbh); +} + +function update_pkg_category($pkgid, $category_id, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + $q = sprintf( "UPDATE Packages SET CategoryID = %d WHERE ID = %d", + $category_id, + $pkgid); + + db_query($q, $dbh); +} + +function remove_pkg_deps($pkgid, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + $q = "DELETE FROM PackageDepends WHERE PackageID = " . $pkgid; + + db_query($q, $dbh); +} + +function remove_pkg_sources($pkgid, $dbh=NULL) { + if(!$dbh) { + $dbh = db_connect(); + } + $q = "DELETE FROM PackageSources WHERE PackageID = " . $pkgid; + + db_query($q, $dbh); +} |