diff options
Diffstat (limited to 'web/lib')
| -rw-r--r-- | web/lib/acctfuncs.inc | 7 | ||||
| -rw-r--r-- | web/lib/aur.inc | 23 | ||||
| -rw-r--r-- | web/lib/aurjson.class.php | 34 | ||||
| -rw-r--r-- | web/lib/config.inc.proto | 22 | ||||
| -rw-r--r-- | web/lib/pkgfuncs.inc | 293 | ||||
| -rw-r--r-- | web/lib/stats.inc | 72 | ||||
| -rw-r--r-- | web/lib/translator.inc | 13 | ||||
| -rw-r--r-- | web/lib/version.inc | 2 |
8 files changed, 414 insertions, 52 deletions
diff --git a/web/lib/acctfuncs.inc b/web/lib/acctfuncs.inc index bbd6b740..73db2708 100644 --- a/web/lib/acctfuncs.inc +++ b/web/lib/acctfuncs.inc @@ -644,7 +644,12 @@ function try_login() { if ($logged_in) { # set our SID cookie - setcookie("AURSID", $new_sid, 0, "/"); + if ($_POST['remember_me'] == "on") + # Set cookies for 30 days. + $cookie_time = time() + (60 * 60 * 24 * 30); + else + $cookie_time = 0; + setcookie("AURSID", $new_sid, $cookie_time, "/"); # header("Location: /index.php"); header("Location: " . $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']); $login_error = ""; diff --git a/web/lib/aur.inc b/web/lib/aur.inc index 81ffde26..a126bb94 100644 --- a/web/lib/aur.inc +++ b/web/lib/aur.inc @@ -311,12 +311,11 @@ function set_lang() { $LANG = $row[0]; } $update_cookie = 1; - } else { - $LANG = "en"; } + # Set $LANG to default if nothing is valid. if (!array_key_exists($LANG, $SUPPORTED_LANGS)) { - $LANG = "en"; # default to English + $LANG = DEFAULT_LANG; } if ($update_cookie) { @@ -336,7 +335,7 @@ function html_header($title="") { global $SUPPORTED_LANGS; $login = try_login(); - $login_error = $login['error']; + $login_error = $login['error']; $title = htmlspecialchars($title, ENT_QUOTES); @@ -375,19 +374,10 @@ function can_submit_pkg($name="", $sid="") { # recursive delete directory # function rm_rf($dirname="") { - $d = dir($dirname); - while ($f = $d->read()) { - if ($f != "." && $f != "..") { - if (is_dir($dirname."/".$f)) { - rm_rf($dirname."/".$f); - } - if (is_file($dirname."/".$f) || is_link($dirname."/".$f)) { - unlink($dirname."/".$f); - } - } + if ($dirname != "") { + exec('rm -rf ' . escapeshellcmd($dirname)); } - $d->close(); - rmdir($dirname); + return; } @@ -410,4 +400,3 @@ function uid_from_username($username="") return $row[0]; } -?> diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index 953f5aba..6ff9b0f2 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -22,6 +22,8 @@ if (!extension_loaded('json')) class AurJSON { private $dbh = false; private $exposed_methods = array('search','info'); + private $fields = array('ID','Name','Version','Description', + 'URL','URLPath','License','NumVotes','OutOfDate'); /** * Handles post data, and routes the request. @@ -42,7 +44,9 @@ class AurJSON { // do the routing if ( in_array($http_data['type'], $this->exposed_methods) ) { // ugh. this works. I hate you php. - $json = call_user_func_array(array(&$this,$http_data['type']),$http_data['arg']); + $json = call_user_func_array(array(&$this,$http_data['type']), + $http_data['arg']); + // allow rpc callback for XDomainAjax if ( isset($http_data['callback']) ) { return $http_data['callback'] . "({$json})"; @@ -87,22 +91,22 @@ class AurJSON { } $keyword_string = mysql_real_escape_string($keyword_string, $this->dbh); - $query = sprintf( - "SELECT Name,ID FROM Packages WHERE ( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' ) AND DummyPkg=0", - $keyword_string, $keyword_string ); + + $query = "SELECT " . implode(',', $this->fields) . + " FROM Packages WHERE DummyPkg=0 AND "; + $query .= sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )", + $keyword_string, $keyword_string); $result = db_query($query, $this->dbh); if ( $result && (mysql_num_rows($result) > 0) ) { $search_data = array(); while ( $row = mysql_fetch_assoc($result) ) { - $elem = array( - 'Name' => $row['Name'], - 'ID' => $row['ID'] ); - array_push($search_data,$elem); - } + array_push($search_data, $row); + } + mysql_free_result($result); - return $this->json_results('search',$search_data); + return $this->json_results('search', $search_data); } else { return $this->json_error('No results found'); @@ -115,7 +119,8 @@ class AurJSON { * @return mixed Returns an array of value data containing the package data **/ private function info($pqdata) { - $base_query = "SELECT ID,Name,Version,Description,URL,URLPath,License,NumVotes,OutOfDate FROM Packages WHERE DummyPkg=0 AND "; + $base_query = "SELECT " . implode(',', $this->fields) . + " FROM Packages WHERE DummyPkg=0 AND "; if ( is_numeric($pqdata) ) { // just using sprintf to coerce the pqd to an int @@ -127,7 +132,8 @@ class AurJSON { if(get_magic_quotes_gpc()) { $pqdata = stripslashes($pqdata); } - $query_stub = sprintf("Name=\"%s\"",mysql_real_escape_string($pqdata)); + $query_stub = sprintf("Name=\"%s\"", + mysql_real_escape_string($pqdata)); } $result = db_query($base_query.$query_stub, $this->dbh); @@ -135,11 +141,11 @@ class AurJSON { if ( $result && (mysql_num_rows($result) > 0) ) { $row = mysql_fetch_assoc($result); mysql_free_result($result); - return $this->json_results('info',$row); + return $this->json_results('info', $row); } else { return $this->json_error('No result found'); } } } -?> + diff --git a/web/lib/config.inc.proto b/web/lib/config.inc.proto index 7a0a155d..7248b930 100644 --- a/web/lib/config.inc.proto +++ b/web/lib/config.inc.proto @@ -16,18 +16,24 @@ define( "USERNAME_MAX_LEN", 16 ); define( "PASSWD_MIN_LEN", 4 ); define( "PASSWD_MAX_LEN", 128 ); -$LOGIN_TIMEOUT = 7200; # number of idle seconds before timeout +# Language that messages are initially written in. +# This should never change. +define("DEFAULT_LANG", "en"); -$SUPPORTED_LANGS = array( # what languages we have translations for +# Languages we have translations for +$SUPPORTED_LANGS = array( + "ca" => "Català", + "de" => "Deutsch", "en" => "English", - "pl" => "Polski", + "es" => "Español", + "fr" => "Français", "it" => "Italiano", - "ca" => "Català", + "pl" => "Polski", "pt" => "Português", - "es" => "Español", - "de" => "Deutsch", "ru" => "Русский", - "fr" => "Français" + "tr" => "Türkçe" ); -?> +# Idle seconds before timeout +$LOGIN_TIMEOUT = 7200; + diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc index 77b0ab11..7fe3f317 100644 --- a/web/lib/pkgfuncs.inc +++ b/web/lib/pkgfuncs.inc @@ -128,6 +128,7 @@ function package_required($pkgid=0) { $q.= "WHERE PackageDepends.PackageID = Packages.ID "; $q.= "AND PackageDepends.DepPkgID = "; $q.= mysql_real_escape_string($pkgid); + $q.= " ORDER BY Name"; $result = db_query($q, $dbh); if (!$result) {return array();} while ($row = mysql_fetch_row($result)) { @@ -512,14 +513,12 @@ function package_details($id=0, $SID="") { if ($row["MaintainerUID"] == 0) { echo "<input type='submit' class='button' name='do_Adopt'"; echo " value='".__("Adopt Packages")."'>\n"; - } - - if ($row["MaintainerUID"] == uid_from_sid($SID) || - account_from_sid($SID) == "Trusted User" || - account_from_sid($SID) == "Developer") { + } else if ($row["MaintainerUID"] == uid_from_sid($SID) || + account_from_sid($SID) == "Trusted User" || + account_from_sid($SID) == "Developer") { echo "<input type='submit' class='button' name='do_Disown'"; echo " value='".__("Disown Packages")."'>\n"; - } + } if (account_from_sid($SID) == "Trusted User" || account_from_sid($SID) == "Developer") { @@ -986,4 +985,284 @@ function pkg_search_page($SID="") { return; } -?> +function pkg_flag ($atype, $ids, $action = True) { + if (!$atype) { + if ($action) { + return __("You must be logged in before you can flag packages."); + } else { + return __("You must be logged in before you can unflag packages."); + } + } + + if (empty($ids)) { + if ($action) { + return __("You did not select any packages to flag."); + } else { + return __("You did not select any packages to unflag."); + } + } + + foreach ($ids as $pid => $v) { + if (!is_numeric($pid)) { + if ($action) { + return __("You did not select any packages to flag."); + } else { + return __("You did not select any packages to unflag."); + } + } + } + + $dbh = db_connect(); + + $first = 1; + foreach ($ids as $pid => $v) { + if ($first) { + $first = 0; + $flag = $pid; + } else { + $flag .= ", " . $pid; + } + } + + $ood = $action ? 1 : 0; + $q = "UPDATE Packages SET OutOfDate = " . $ood; + $q.= " WHERE ID IN (" . $flag . ")"; + + db_query($q, $dbh); + + if ($action) { + # Notify of flagging by email + $f_name = username_from_sid($_COOKIE['AURSID']); + $f_email = email_from_sid($_COOKIE['AURSID']); + $f_uid = uid_from_sid($_COOKIE['AURSID']); + $q = "SELECT Packages.Name, Users.Email, Packages.ID "; + $q.= "FROM Packages, Users "; + $q.= "WHERE Packages.ID IN (" . $flag .") "; + $q.= "AND Users.ID = Packages.MaintainerUID "; + $q.= "AND Users.ID != " . $f_uid; + $result = db_query($q, $dbh); + if (mysql_num_rows($result)) { + while ($row = mysql_fetch_assoc($result)) { + # construct email + $body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . ". You may view your package at:\nhttp://aur.archlinux.org/packages.php?ID=" . $row['ID']; + $body = wordwrap($body, 70); + $headers = "To: ".$row['Email']."\nReply-to: nobody@archlinux.org\nFrom:aur-notify@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: Produced By AUR\n"; + @mail(' ', "AUR Out-of-date Notification for ".$row['Name'], $body, $headers); + } + } + } + + if ($action) { + return __("The selected packages have been flagged out-of-date."); + } else { + return __("The selected packages have been unflagged."); + } +} + +function pkg_delete ($atype, $ids) { + if (!$atype) { + return __("You must be logged in before you can disown packages."); + } + + if (empty($ids)) { + return __("You did not select any packages to delete."); + } + + # Delete the packages in $ids array (but only if they are Unsupported) + # + $dbh = db_connect(); + + # Delete the packages in $ids array + # + $first = 1; + foreach ($ids as $pid => $v) { + if ($first) { + $first = 0; + $delete = $pid; + } else { + $delete .= ", ".$pid; + } + } + + $field = "MaintainerUID"; + + # Only grab Unsupported packages that "we" own or are not owned at all + $ids_to_delete = array(); + $q = "SELECT Packages.ID FROM Packages, PackageLocations "; + $q.= "WHERE Packages.ID IN (" . $delete . ") "; + $q.= "AND Packages.LocationID = PackageLocations.ID "; + $q.= "AND PackageLocations.Location = 'unsupported' "; + + # If they're a TU or dev, can delete + if ($atype == "Trusted User" || $atype == "Developer") { + $result = db_query($q, $dbh); + } + + if ($result != Null && mysql_num_rows($result) > 0) { + while ($row = mysql_fetch_assoc($result)) { + $ids_to_delete[] = $row['ID']; + } + } + + if (empty($ids_to_delete)) { + return __("None of the selected packages could be deleted."); + } + + # These are the packages that are safe to delete + foreach ($ids_to_delete as $id) { + $q = "DELETE FROM PackageVotes WHERE PackageID = " . $id; + $result = db_query($q, $dbh); + + $q = "DELETE FROM PackageDepends WHERE PackageID = " . $id; + $result = db_query($q, $dbh); + + $q = "DELETE FROM PackageSources WHERE PackageID = " . $id; + $result = db_query($q, $dbh); + + $q = "DELETE FROM PackageComments WHERE PackageID = " . $id; + $result = db_query($q, $dbh); + + $q = "DELETE FROM Packages WHERE ID = " . $id; + $result = db_query($q, $dbh); + + $q = "DELETE FROM CommentNotify WHERE PkgID = " . $id; + $result = db_query($q, $dbh); + } + + return __("The selected packages have been deleted."); +} + +function pkg_adopt ($atype, $ids, $action = True) { + if (!$atype) { + if ($action) { + return __("You must be logged in before you can adopt packages."); + } else { + return __("You must be logged in before you can disown packages."); + } + } + + if (empty($ids)) { + if ($action) { + return __("You did not select any packages to adopt."); + } else { + return __("You did not select any packages to disown."); + } + } + + $dbh = db_connect(); + + $first = 1; + foreach ($ids as $pid => $v) { + if ($first) { + $first = 0; + $pkg = $pid; + } else { + $pkg .= ", ".$pid; + } + } + + $field = "MaintainerUID"; + $q = "UPDATE Packages "; + + if ($action) { + $user = uid_from_sid($_COOKIE["AURSID"]); + } else { + $user = 0; + } + + $q.= "SET $field = $user "; + $q.= "WHERE ID IN ($pkg) "; + + if ($action && $atype == "User") { + # Regular users may only adopt orphan packages from unsupported + $q.= "AND $field = 0 "; + $q.= "AND LocationID = 2 "; + } else if ($atype == "User") { + $q.= "AND $field = " . uid_from_sid($_COOKIE["AURSID"]); + } + + db_query($q, $dbh); + + if ($action) { + return __("The selected packages have been adopted."); + } else { + return __("The selected packages have been disowned."); + } +} + +function pkg_vote ($atype, $ids, $action = True) { + if (!$atype) { + if ($action) { + return __("You must be logged in before you can vote for packages."); + } else { + return __("You must be logged in before you can un-vote for packages."); + } + } + + if (empty($ids)) { + if ($action) { + return __("You did not select any packages to vote for."); + } else { + return __("Your votes have been removed from the selected packages."); + } + } + + $dbh = db_connect(); + $my_votes = pkgvotes_from_sid($_COOKIE["AURSID"]); + $uid = uid_from_sid($_COOKIE["AURSID"]); + + $first = 1; + foreach ($ids as $pid => $v) { + if ($action) { + $check = !isset($my_votes[$pid]); + } else { + $check = isset($my_votes[$pid]); + } + + if ($check) { + if ($first) { + $first = 0; + $vote_ids = $pid; + if ($action) { + $vote_clauses = "($uid, $pid)"; + } + } else { + $vote_ids .= ", $pid"; + if ($action) { + $vote_clauses .= ", ($uid, $pid)"; + } + } + } + } + + # only vote for packages the user hasn't already voted for + # + $op = $action ? "+" : "-"; + $q = "UPDATE Packages SET NumVotes = NumVotes $op 1 "; + $q.= "WHERE ID IN ($vote_ids)"; + + db_query($q, $dbh); + + if ($action) { + $q = "INSERT INTO PackageVotes (UsersID, PackageID) VALUES "; + $q.= $vote_clauses; + } else { + $q = "DELETE FROM PackageVotes WHERE UsersID = $uid "; + $q.= "AND PackageID IN ($vote_ids)"; + } + + db_query($q, $dbh); + + if ($action) { + $q = "UPDATE Users SET LastVoted = UNIX_TIMESTAMP() "; + $q.= "WHERE ID = $uid"; + + db_query($q, $dbh); + } + + if ($action) { + return __("Your votes have been cast for the selected packages."); + } else { + return __("Your votes have been removed from the selected packages."); + } +} diff --git a/web/lib/stats.inc b/web/lib/stats.inc new file mode 100644 index 00000000..6fbc0334 --- /dev/null +++ b/web/lib/stats.inc @@ -0,0 +1,72 @@ +<?php + +include_once('aur.inc'); + +function updates_table($dbh) +{ + $q = 'SELECT * FROM Packages WHERE DummyPkg != 1 ORDER BY GREATEST(SubmittedTS,ModifiedTS) DESC LIMIT 0 , 10'; + $newest_packages = db_query($q, $dbh); + include('stats/updates_table.php'); +} + +function user_table($user, $dbh) +{ + + $base_q = 'SELECT count(*) FROM Packages,PackageLocations,Users WHERE Packages.MaintainerUID = Users.ID AND Packages.LocationID = PackageLocations.ID AND PackageLocations.Location = "%s" AND Users.Username="' . + mysql_real_escape_string($user).'"'; + + $result = db_query(sprintf($base_q, 'unsupported'), $dbh); + $row = mysql_fetch_row($result); + $maintainer_unsupported_count = $row[0]; + + $q = "SELECT count(*) FROM Packages,Users WHERE Packages.OutOfDate = 1 AND Packages.MaintainerUID = Users.ID AND Users.Username='" . + mysql_real_escape_string($user)."'"; + + $result = db_query($q, $dbh); + $row = mysql_fetch_row($result); + $flagged_outdated = $row[0]; + + # If the user is a TU calculate the number of the packages + $atype = account_from_sid($_COOKIE["AURSID"]); + + if (($atype == 'Trusted User') || ($atype == 'Developer')) { + $result = db_query(sprintf($base_q, 'community'), $dbh); + $row = mysql_fetch_row($result); + $maintainer_community_count = $row[0]; + } + + include('stats/user_table.php'); +} + +function general_stats_table($dbh) +{ + # AUR statistics + $q = "SELECT count(*) FROM Packages,PackageLocations WHERE Packages.LocationID = PackageLocations.ID AND PackageLocations.Location = 'unsupported'"; + $result = db_query($q, $dbh); + $row = mysql_fetch_row($result); + $unsupported_count = $row[0]; + + $q = "SELECT count(*) FROM Packages,PackageLocations WHERE Packages.LocationID = PackageLocations.ID AND PackageLocations.Location = 'community'"; + $result = db_query($q, $dbh); + $row = mysql_fetch_row($result); + $community_count = $row[0]; + + $q = "SELECT count(*) from Users"; + $result = db_query($q, $dbh); + $row = mysql_fetch_row($result); + $user_count = $row[0]; + + $q = "SELECT count(*) from Users,AccountTypes WHERE Users.AccountTypeID = AccountTypes.ID AND AccountTypes.AccountType = 'Trusted User'"; + $result = db_query($q, $dbh); + $row = mysql_fetch_row($result); + $tu_count = $row[0]; + + $targstamp = intval(strtotime("-7 days")); + $q = "SELECT count(*) from Packages WHERE (Packages.SubmittedTS >= $targstamp OR Packages.ModifiedTS >= $targstamp)"; + $result = db_query($q, $dbh); + $row = mysql_fetch_row($result); + $update_count = $row[0]; + + include('stats/general_stats_table.php'); +} + diff --git a/web/lib/translator.inc b/web/lib/translator.inc index 41ece89b..fb9ed635 100644 --- a/web/lib/translator.inc +++ b/web/lib/translator.inc @@ -25,7 +25,6 @@ include_once("common_po.inc"); - function __() { global $_t; global $LANG; @@ -37,14 +36,20 @@ function __() { # First argument is always string to be translated $tag = $args[0]; - $translated = $_t[$LANG][$tag]; + if (empty($LANG) || $LANG == DEFAULT_LANG) + $translated = $tag; + else + $translated = $_t[$LANG][$tag]; + if (empty($translated)) { # if it's a supported language, but there isn't a translation, # alert the visitor to the missing translation. # - $translated = "<b style=\"color: red\">_${tag}_</b>"; + $translated = "_${tag}_"; } + $translated = htmlspecialchars($translated, ENT_QUOTES); + # This condition is to reorganise the arguments in case of # deprecated usage. __("string", array("string","string")) if (!empty($args[1]) && is_array($args[1])) { @@ -60,7 +65,7 @@ function __() { $translated = preg_replace("/\%[sh]/", $args[$i], $translated, 1); } } + return $translated; } -?> diff --git a/web/lib/version.inc b/web/lib/version.inc index dcc2f3c2..9ef059f2 100644 --- a/web/lib/version.inc +++ b/web/lib/version.inc @@ -1,3 +1,3 @@ <?php -define( "AUR_VERSION", "<b>v1.5.2</b>" ); +define( "AUR_VERSION", "v1.5.2" ); |