summaryrefslogtreecommitdiffstats
path: root/web
diff options
context:
space:
mode:
Diffstat (limited to 'web')
-rw-r--r--web/html/index.php2
-rw-r--r--web/html/voters.php4
-rw-r--r--web/lib/pkgfuncs.inc.php11
-rw-r--r--web/template/pkg_details.php2
4 files changed, 10 insertions, 9 deletions
diff --git a/web/html/index.php b/web/html/index.php
index ccc94d23..542d594c 100644
--- a/web/html/index.php
+++ b/web/html/index.php
@@ -56,7 +56,7 @@ if (!empty($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) {
include('pkgmerge.php');
return;
case "voters":
- $_GET['ID'] = pkgid_from_name($tokens[2]);
+ $_GET['N'] = $tokens[2];
include('voters.php');
return;
default:
diff --git a/web/html/voters.php b/web/html/voters.php
index 42fe2b58..9a0bdd32 100644
--- a/web/html/voters.php
+++ b/web/html/voters.php
@@ -4,8 +4,8 @@ include_once('aur.inc.php');
include_once('pkgfuncs.inc.php');
$SID = $_COOKIE['AURSID'];
-$pkgname = pkgname_from_id(intval($_GET['ID']);
-$votes = getvotes($pkgid);
+$pkgname = htmlspecialchars($_GET['N']);
+$votes = votes_for_pkgname($pkgname);
$atype = account_from_sid($SID);
html_header(__("Voters"));
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index a4deee6d..c1a64f76 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -1075,16 +1075,17 @@ function pkg_vote ($atype, $ids, $action=true) {
/**
* Get all usernames and IDs that voted for a specific package
*
- * @param string $pkgid The package ID to get all votes for
+ * @param string $pkgname The name of the package to retrieve votes for
*
* @return array User IDs and usernames that voted for a specific package
*/
-function getvotes($pkgid) {
+function votes_for_pkgname($pkgname) {
$dbh = DB::connect();
- $q = "SELECT UsersID,Username FROM PackageVotes ";
- $q.= "LEFT JOIN Users on (UsersID = ID) ";
- $q.= "WHERE PackageID = ". $dbh->quote($pkgid) . " ";
+ $q = "SELECT UsersID,Username,Name FROM PackageVotes ";
+ $q.= "LEFT JOIN Users on (UsersID = Users.ID) ";
+ $q.= "LEFT JOIN Packages on (PackageID = Packages.ID) ";
+ $q.= "WHERE Name = ". $dbh->quote($pkgname) . " ";
$q.= "ORDER BY Username";
$result = $dbh->query($q);
diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php
index bc20a220..bd08282c 100644
--- a/web/template/pkg_details.php
+++ b/web/template/pkg_details.php
@@ -194,7 +194,7 @@ if ($row["MaintainerUID"]):
<?php if ($USE_VIRTUAL_URLS): ?>
<td><a href="<?= get_pkg_uri($row['Name']); ?>voters/"><?= $votes ?></a></td>
<?php else: ?>
- <td><a href="<?= get_uri('/voters/'); ?>?ID=<?= $pkgid ?>"><?= $votes ?></a></td>
+ <td><a href="<?= get_uri('/voters/'); ?>?N=<?= htmlspecialchars($row['Name'], ENT_QUOTES) ?>"><?= $votes ?></a></td>
<?php endif; ?>
<?php else: ?>
<td><?= $votes ?></td>