summaryrefslogtreecommitdiffstats
path: root/web/lib
diff options
context:
space:
mode:
Diffstat (limited to 'web/lib')
-rw-r--r--web/lib/acctfuncs.inc7
-rw-r--r--web/lib/aur.inc23
-rw-r--r--web/lib/aurjson.class.php34
-rw-r--r--web/lib/config.inc.proto22
-rw-r--r--web/lib/pkgfuncs.inc293
-rw-r--r--web/lib/stats.inc72
-rw-r--r--web/lib/translator.inc13
-rw-r--r--web/lib/version.inc2
8 files changed, 414 insertions, 52 deletions
diff --git a/web/lib/acctfuncs.inc b/web/lib/acctfuncs.inc
index bbd6b740..73db2708 100644
--- a/web/lib/acctfuncs.inc
+++ b/web/lib/acctfuncs.inc
@@ -644,7 +644,12 @@ function try_login() {
if ($logged_in) {
# set our SID cookie
- setcookie("AURSID", $new_sid, 0, "/");
+ if ($_POST['remember_me'] == "on")
+ # Set cookies for 30 days.
+ $cookie_time = time() + (60 * 60 * 24 * 30);
+ else
+ $cookie_time = 0;
+ setcookie("AURSID", $new_sid, $cookie_time, "/");
# header("Location: /index.php");
header("Location: " . $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']);
$login_error = "";
diff --git a/web/lib/aur.inc b/web/lib/aur.inc
index 81ffde26..a126bb94 100644
--- a/web/lib/aur.inc
+++ b/web/lib/aur.inc
@@ -311,12 +311,11 @@ function set_lang() {
$LANG = $row[0];
}
$update_cookie = 1;
- } else {
- $LANG = "en";
}
+ # Set $LANG to default if nothing is valid.
if (!array_key_exists($LANG, $SUPPORTED_LANGS)) {
- $LANG = "en"; # default to English
+ $LANG = DEFAULT_LANG;
}
if ($update_cookie) {
@@ -336,7 +335,7 @@ function html_header($title="") {
global $SUPPORTED_LANGS;
$login = try_login();
- $login_error = $login['error'];
+ $login_error = $login['error'];
$title = htmlspecialchars($title, ENT_QUOTES);
@@ -375,19 +374,10 @@ function can_submit_pkg($name="", $sid="") {
# recursive delete directory
#
function rm_rf($dirname="") {
- $d = dir($dirname);
- while ($f = $d->read()) {
- if ($f != "." && $f != "..") {
- if (is_dir($dirname."/".$f)) {
- rm_rf($dirname."/".$f);
- }
- if (is_file($dirname."/".$f) || is_link($dirname."/".$f)) {
- unlink($dirname."/".$f);
- }
- }
+ if ($dirname != "") {
+ exec('rm -rf ' . escapeshellcmd($dirname));
}
- $d->close();
- rmdir($dirname);
+
return;
}
@@ -410,4 +400,3 @@ function uid_from_username($username="")
return $row[0];
}
-?>
diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php
index 953f5aba..6ff9b0f2 100644
--- a/web/lib/aurjson.class.php
+++ b/web/lib/aurjson.class.php
@@ -22,6 +22,8 @@ if (!extension_loaded('json'))
class AurJSON {
private $dbh = false;
private $exposed_methods = array('search','info');
+ private $fields = array('ID','Name','Version','Description',
+ 'URL','URLPath','License','NumVotes','OutOfDate');
/**
* Handles post data, and routes the request.
@@ -42,7 +44,9 @@ class AurJSON {
// do the routing
if ( in_array($http_data['type'], $this->exposed_methods) ) {
// ugh. this works. I hate you php.
- $json = call_user_func_array(array(&$this,$http_data['type']),$http_data['arg']);
+ $json = call_user_func_array(array(&$this,$http_data['type']),
+ $http_data['arg']);
+
// allow rpc callback for XDomainAjax
if ( isset($http_data['callback']) ) {
return $http_data['callback'] . "({$json})";
@@ -87,22 +91,22 @@ class AurJSON {
}
$keyword_string = mysql_real_escape_string($keyword_string, $this->dbh);
- $query = sprintf(
- "SELECT Name,ID FROM Packages WHERE ( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' ) AND DummyPkg=0",
- $keyword_string, $keyword_string );
+
+ $query = "SELECT " . implode(',', $this->fields) .
+ " FROM Packages WHERE DummyPkg=0 AND ";
+ $query .= sprintf("( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' )",
+ $keyword_string, $keyword_string);
$result = db_query($query, $this->dbh);
if ( $result && (mysql_num_rows($result) > 0) ) {
$search_data = array();
while ( $row = mysql_fetch_assoc($result) ) {
- $elem = array(
- 'Name' => $row['Name'],
- 'ID' => $row['ID'] );
- array_push($search_data,$elem);
- }
+ array_push($search_data, $row);
+ }
+
mysql_free_result($result);
- return $this->json_results('search',$search_data);
+ return $this->json_results('search', $search_data);
}
else {
return $this->json_error('No results found');
@@ -115,7 +119,8 @@ class AurJSON {
* @return mixed Returns an array of value data containing the package data
**/
private function info($pqdata) {
- $base_query = "SELECT ID,Name,Version,Description,URL,URLPath,License,NumVotes,OutOfDate FROM Packages WHERE DummyPkg=0 AND ";
+ $base_query = "SELECT " . implode(',', $this->fields) .
+ " FROM Packages WHERE DummyPkg=0 AND ";
if ( is_numeric($pqdata) ) {
// just using sprintf to coerce the pqd to an int
@@ -127,7 +132,8 @@ class AurJSON {
if(get_magic_quotes_gpc()) {
$pqdata = stripslashes($pqdata);
}
- $query_stub = sprintf("Name=\"%s\"",mysql_real_escape_string($pqdata));
+ $query_stub = sprintf("Name=\"%s\"",
+ mysql_real_escape_string($pqdata));
}
$result = db_query($base_query.$query_stub, $this->dbh);
@@ -135,11 +141,11 @@ class AurJSON {
if ( $result && (mysql_num_rows($result) > 0) ) {
$row = mysql_fetch_assoc($result);
mysql_free_result($result);
- return $this->json_results('info',$row);
+ return $this->json_results('info', $row);
}
else {
return $this->json_error('No result found');
}
}
}
-?>
+
diff --git a/web/lib/config.inc.proto b/web/lib/config.inc.proto
index 7a0a155d..7248b930 100644
--- a/web/lib/config.inc.proto
+++ b/web/lib/config.inc.proto
@@ -16,18 +16,24 @@ define( "USERNAME_MAX_LEN", 16 );
define( "PASSWD_MIN_LEN", 4 );
define( "PASSWD_MAX_LEN", 128 );
-$LOGIN_TIMEOUT = 7200; # number of idle seconds before timeout
+# Language that messages are initially written in.
+# This should never change.
+define("DEFAULT_LANG", "en");
-$SUPPORTED_LANGS = array( # what languages we have translations for
+# Languages we have translations for
+$SUPPORTED_LANGS = array(
+ "ca" => "Català",
+ "de" => "Deutsch",
"en" => "English",
- "pl" => "Polski",
+ "es" => "Español",
+ "fr" => "Français",
"it" => "Italiano",
- "ca" => "Català",
+ "pl" => "Polski",
"pt" => "Português",
- "es" => "Español",
- "de" => "Deutsch",
"ru" => "Русский",
- "fr" => "Français"
+ "tr" => "Türkçe"
);
-?>
+# Idle seconds before timeout
+$LOGIN_TIMEOUT = 7200;
+
diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc
index 77b0ab11..7fe3f317 100644
--- a/web/lib/pkgfuncs.inc
+++ b/web/lib/pkgfuncs.inc
@@ -128,6 +128,7 @@ function package_required($pkgid=0) {
$q.= "WHERE PackageDepends.PackageID = Packages.ID ";
$q.= "AND PackageDepends.DepPkgID = ";
$q.= mysql_real_escape_string($pkgid);
+ $q.= " ORDER BY Name";
$result = db_query($q, $dbh);
if (!$result) {return array();}
while ($row = mysql_fetch_row($result)) {
@@ -512,14 +513,12 @@ function package_details($id=0, $SID="") {
if ($row["MaintainerUID"] == 0) {
echo "<input type='submit' class='button' name='do_Adopt'";
echo " value='".__("Adopt Packages")."'>\n";
- }
-
- if ($row["MaintainerUID"] == uid_from_sid($SID) ||
- account_from_sid($SID) == "Trusted User" ||
- account_from_sid($SID) == "Developer") {
+ } else if ($row["MaintainerUID"] == uid_from_sid($SID) ||
+ account_from_sid($SID) == "Trusted User" ||
+ account_from_sid($SID) == "Developer") {
echo "<input type='submit' class='button' name='do_Disown'";
echo " value='".__("Disown Packages")."'>\n";
- }
+ }
if (account_from_sid($SID) == "Trusted User" ||
account_from_sid($SID) == "Developer") {
@@ -986,4 +985,284 @@ function pkg_search_page($SID="") {
return;
}
-?>
+function pkg_flag ($atype, $ids, $action = True) {
+ if (!$atype) {
+ if ($action) {
+ return __("You must be logged in before you can flag packages.");
+ } else {
+ return __("You must be logged in before you can unflag packages.");
+ }
+ }
+
+ if (empty($ids)) {
+ if ($action) {
+ return __("You did not select any packages to flag.");
+ } else {
+ return __("You did not select any packages to unflag.");
+ }
+ }
+
+ foreach ($ids as $pid => $v) {
+ if (!is_numeric($pid)) {
+ if ($action) {
+ return __("You did not select any packages to flag.");
+ } else {
+ return __("You did not select any packages to unflag.");
+ }
+ }
+ }
+
+ $dbh = db_connect();
+
+ $first = 1;
+ foreach ($ids as $pid => $v) {
+ if ($first) {
+ $first = 0;
+ $flag = $pid;
+ } else {
+ $flag .= ", " . $pid;
+ }
+ }
+
+ $ood = $action ? 1 : 0;
+ $q = "UPDATE Packages SET OutOfDate = " . $ood;
+ $q.= " WHERE ID IN (" . $flag . ")";
+
+ db_query($q, $dbh);
+
+ if ($action) {
+ # Notify of flagging by email
+ $f_name = username_from_sid($_COOKIE['AURSID']);
+ $f_email = email_from_sid($_COOKIE['AURSID']);
+ $f_uid = uid_from_sid($_COOKIE['AURSID']);
+ $q = "SELECT Packages.Name, Users.Email, Packages.ID ";
+ $q.= "FROM Packages, Users ";
+ $q.= "WHERE Packages.ID IN (" . $flag .") ";
+ $q.= "AND Users.ID = Packages.MaintainerUID ";
+ $q.= "AND Users.ID != " . $f_uid;
+ $result = db_query($q, $dbh);
+ if (mysql_num_rows($result)) {
+ while ($row = mysql_fetch_assoc($result)) {
+ # construct email
+ $body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . ". You may view your package at:\nhttp://aur.archlinux.org/packages.php?ID=" . $row['ID'];
+ $body = wordwrap($body, 70);
+ $headers = "To: ".$row['Email']."\nReply-to: nobody@archlinux.org\nFrom:aur-notify@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: Produced By AUR\n";
+ @mail(' ', "AUR Out-of-date Notification for ".$row['Name'], $body, $headers);
+ }
+ }
+ }
+
+ if ($action) {
+ return __("The selected packages have been flagged out-of-date.");
+ } else {
+ return __("The selected packages have been unflagged.");
+ }
+}
+
+function pkg_delete ($atype, $ids) {
+ if (!$atype) {
+ return __("You must be logged in before you can disown packages.");
+ }
+
+ if (empty($ids)) {
+ return __("You did not select any packages to delete.");
+ }
+
+ # Delete the packages in $ids array (but only if they are Unsupported)
+ #
+ $dbh = db_connect();
+
+ # Delete the packages in $ids array
+ #
+ $first = 1;
+ foreach ($ids as $pid => $v) {
+ if ($first) {
+ $first = 0;
+ $delete = $pid;
+ } else {
+ $delete .= ", ".$pid;
+ }
+ }
+
+ $field = "MaintainerUID";
+
+ # Only grab Unsupported packages that "we" own or are not owned at all
+ $ids_to_delete = array();
+ $q = "SELECT Packages.ID FROM Packages, PackageLocations ";
+ $q.= "WHERE Packages.ID IN (" . $delete . ") ";
+ $q.= "AND Packages.LocationID = PackageLocations.ID ";
+ $q.= "AND PackageLocations.Location = 'unsupported' ";
+
+ # If they're a TU or dev, can delete
+ if ($atype == "Trusted User" || $atype == "Developer") {
+ $result = db_query($q, $dbh);
+ }
+
+ if ($result != Null && mysql_num_rows($result) > 0) {
+ while ($row = mysql_fetch_assoc($result)) {
+ $ids_to_delete[] = $row['ID'];
+ }
+ }
+
+ if (empty($ids_to_delete)) {
+ return __("None of the selected packages could be deleted.");
+ }
+
+ # These are the packages that are safe to delete
+ foreach ($ids_to_delete as $id) {
+ $q = "DELETE FROM PackageVotes WHERE PackageID = " . $id;
+ $result = db_query($q, $dbh);
+
+ $q = "DELETE FROM PackageDepends WHERE PackageID = " . $id;
+ $result = db_query($q, $dbh);
+
+ $q = "DELETE FROM PackageSources WHERE PackageID = " . $id;
+ $result = db_query($q, $dbh);
+
+ $q = "DELETE FROM PackageComments WHERE PackageID = " . $id;
+ $result = db_query($q, $dbh);
+
+ $q = "DELETE FROM Packages WHERE ID = " . $id;
+ $result = db_query($q, $dbh);
+
+ $q = "DELETE FROM CommentNotify WHERE PkgID = " . $id;
+ $result = db_query($q, $dbh);
+ }
+
+ return __("The selected packages have been deleted.");
+}
+
+function pkg_adopt ($atype, $ids, $action = True) {
+ if (!$atype) {
+ if ($action) {
+ return __("You must be logged in before you can adopt packages.");
+ } else {
+ return __("You must be logged in before you can disown packages.");
+ }
+ }
+
+ if (empty($ids)) {
+ if ($action) {
+ return __("You did not select any packages to adopt.");
+ } else {
+ return __("You did not select any packages to disown.");
+ }
+ }
+
+ $dbh = db_connect();
+
+ $first = 1;
+ foreach ($ids as $pid => $v) {
+ if ($first) {
+ $first = 0;
+ $pkg = $pid;
+ } else {
+ $pkg .= ", ".$pid;
+ }
+ }
+
+ $field = "MaintainerUID";
+ $q = "UPDATE Packages ";
+
+ if ($action) {
+ $user = uid_from_sid($_COOKIE["AURSID"]);
+ } else {
+ $user = 0;
+ }
+
+ $q.= "SET $field = $user ";
+ $q.= "WHERE ID IN ($pkg) ";
+
+ if ($action && $atype == "User") {
+ # Regular users may only adopt orphan packages from unsupported
+ $q.= "AND $field = 0 ";
+ $q.= "AND LocationID = 2 ";
+ } else if ($atype == "User") {
+ $q.= "AND $field = " . uid_from_sid($_COOKIE["AURSID"]);
+ }
+
+ db_query($q, $dbh);
+
+ if ($action) {
+ return __("The selected packages have been adopted.");
+ } else {
+ return __("The selected packages have been disowned.");
+ }
+}
+
+function pkg_vote ($atype, $ids, $action = True) {
+ if (!$atype) {
+ if ($action) {
+ return __("You must be logged in before you can vote for packages.");
+ } else {
+ return __("You must be logged in before you can un-vote for packages.");
+ }
+ }
+
+ if (empty($ids)) {
+ if ($action) {
+ return __("You did not select any packages to vote for.");
+ } else {
+ return __("Your votes have been removed from the selected packages.");
+ }
+ }
+
+ $dbh = db_connect();
+ $my_votes = pkgvotes_from_sid($_COOKIE["AURSID"]);
+ $uid = uid_from_sid($_COOKIE["AURSID"]);
+
+ $first = 1;
+ foreach ($ids as $pid => $v) {
+ if ($action) {
+ $check = !isset($my_votes[$pid]);
+ } else {
+ $check = isset($my_votes[$pid]);
+ }
+
+ if ($check) {
+ if ($first) {
+ $first = 0;
+ $vote_ids = $pid;
+ if ($action) {
+ $vote_clauses = "($uid, $pid)";
+ }
+ } else {
+ $vote_ids .= ", $pid";
+ if ($action) {
+ $vote_clauses .= ", ($uid, $pid)";
+ }
+ }
+ }
+ }
+
+ # only vote for packages the user hasn't already voted for
+ #
+ $op = $action ? "+" : "-";
+ $q = "UPDATE Packages SET NumVotes = NumVotes $op 1 ";
+ $q.= "WHERE ID IN ($vote_ids)";
+
+ db_query($q, $dbh);
+
+ if ($action) {
+ $q = "INSERT INTO PackageVotes (UsersID, PackageID) VALUES ";
+ $q.= $vote_clauses;
+ } else {
+ $q = "DELETE FROM PackageVotes WHERE UsersID = $uid ";
+ $q.= "AND PackageID IN ($vote_ids)";
+ }
+
+ db_query($q, $dbh);
+
+ if ($action) {
+ $q = "UPDATE Users SET LastVoted = UNIX_TIMESTAMP() ";
+ $q.= "WHERE ID = $uid";
+
+ db_query($q, $dbh);
+ }
+
+ if ($action) {
+ return __("Your votes have been cast for the selected packages.");
+ } else {
+ return __("Your votes have been removed from the selected packages.");
+ }
+}
diff --git a/web/lib/stats.inc b/web/lib/stats.inc
new file mode 100644
index 00000000..6fbc0334
--- /dev/null
+++ b/web/lib/stats.inc
@@ -0,0 +1,72 @@
+<?php
+
+include_once('aur.inc');
+
+function updates_table($dbh)
+{
+ $q = 'SELECT * FROM Packages WHERE DummyPkg != 1 ORDER BY GREATEST(SubmittedTS,ModifiedTS) DESC LIMIT 0 , 10';
+ $newest_packages = db_query($q, $dbh);
+ include('stats/updates_table.php');
+}
+
+function user_table($user, $dbh)
+{
+
+ $base_q = 'SELECT count(*) FROM Packages,PackageLocations,Users WHERE Packages.MaintainerUID = Users.ID AND Packages.LocationID = PackageLocations.ID AND PackageLocations.Location = "%s" AND Users.Username="' .
+ mysql_real_escape_string($user).'"';
+
+ $result = db_query(sprintf($base_q, 'unsupported'), $dbh);
+ $row = mysql_fetch_row($result);
+ $maintainer_unsupported_count = $row[0];
+
+ $q = "SELECT count(*) FROM Packages,Users WHERE Packages.OutOfDate = 1 AND Packages.MaintainerUID = Users.ID AND Users.Username='" .
+ mysql_real_escape_string($user)."'";
+
+ $result = db_query($q, $dbh);
+ $row = mysql_fetch_row($result);
+ $flagged_outdated = $row[0];
+
+ # If the user is a TU calculate the number of the packages
+ $atype = account_from_sid($_COOKIE["AURSID"]);
+
+ if (($atype == 'Trusted User') || ($atype == 'Developer')) {
+ $result = db_query(sprintf($base_q, 'community'), $dbh);
+ $row = mysql_fetch_row($result);
+ $maintainer_community_count = $row[0];
+ }
+
+ include('stats/user_table.php');
+}
+
+function general_stats_table($dbh)
+{
+ # AUR statistics
+ $q = "SELECT count(*) FROM Packages,PackageLocations WHERE Packages.LocationID = PackageLocations.ID AND PackageLocations.Location = 'unsupported'";
+ $result = db_query($q, $dbh);
+ $row = mysql_fetch_row($result);
+ $unsupported_count = $row[0];
+
+ $q = "SELECT count(*) FROM Packages,PackageLocations WHERE Packages.LocationID = PackageLocations.ID AND PackageLocations.Location = 'community'";
+ $result = db_query($q, $dbh);
+ $row = mysql_fetch_row($result);
+ $community_count = $row[0];
+
+ $q = "SELECT count(*) from Users";
+ $result = db_query($q, $dbh);
+ $row = mysql_fetch_row($result);
+ $user_count = $row[0];
+
+ $q = "SELECT count(*) from Users,AccountTypes WHERE Users.AccountTypeID = AccountTypes.ID AND AccountTypes.AccountType = 'Trusted User'";
+ $result = db_query($q, $dbh);
+ $row = mysql_fetch_row($result);
+ $tu_count = $row[0];
+
+ $targstamp = intval(strtotime("-7 days"));
+ $q = "SELECT count(*) from Packages WHERE (Packages.SubmittedTS >= $targstamp OR Packages.ModifiedTS >= $targstamp)";
+ $result = db_query($q, $dbh);
+ $row = mysql_fetch_row($result);
+ $update_count = $row[0];
+
+ include('stats/general_stats_table.php');
+}
+
diff --git a/web/lib/translator.inc b/web/lib/translator.inc
index 41ece89b..fb9ed635 100644
--- a/web/lib/translator.inc
+++ b/web/lib/translator.inc
@@ -25,7 +25,6 @@
include_once("common_po.inc");
-
function __() {
global $_t;
global $LANG;
@@ -37,14 +36,20 @@ function __() {
# First argument is always string to be translated
$tag = $args[0];
- $translated = $_t[$LANG][$tag];
+ if (empty($LANG) || $LANG == DEFAULT_LANG)
+ $translated = $tag;
+ else
+ $translated = $_t[$LANG][$tag];
+
if (empty($translated)) {
# if it's a supported language, but there isn't a translation,
# alert the visitor to the missing translation.
#
- $translated = "<b style=\"color: red\">_${tag}_</b>";
+ $translated = "_${tag}_";
}
+ $translated = htmlspecialchars($translated, ENT_QUOTES);
+
# This condition is to reorganise the arguments in case of
# deprecated usage. __("string", array("string","string"))
if (!empty($args[1]) && is_array($args[1])) {
@@ -60,7 +65,7 @@ function __() {
$translated = preg_replace("/\%[sh]/", $args[$i], $translated, 1);
}
}
+
return $translated;
}
-?>
diff --git a/web/lib/version.inc b/web/lib/version.inc
index dcc2f3c2..9ef059f2 100644
--- a/web/lib/version.inc
+++ b/web/lib/version.inc
@@ -1,3 +1,3 @@
<?php
-define( "AUR_VERSION", "<b>v1.5.2</b>" );
+define( "AUR_VERSION", "v1.5.2" );