summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2012-07-14acctfuncs.inc.php: Make user_suspended() work correctlycanyonknight1-1/+1
Fixes broken account suspension system. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-06-24Implement token system to fix CSRF vulnerabilitiescanyonknight13-46/+82
Specially crafted pages can force authenticated users to unknowingly perform actions on the AUR website despite being on an attacker's website. This cross-site request forgery (CSRF) vulnerability applies to all POST data on the AUR. Implement a token system using a double submit cookie. Have a hidden form value on every page containing POST forms. Use the newly added check_token() to verify the token sent via POST matches the "AURSID" cookie value. Random nature of the token limits potential for CSRF. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-03-09Release 1.9.1v1.9.1Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-03-09UPGRADING: Add release notes for 1.9.1Lukas Fleischer1-0/+7
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-03-09Replace "nb_NO" translation by "nb"Lukas Fleischer3-163/+164
This one is not a specific dialect, so "nb" (Norwegian Bokmål) is the better name to use here. Thanks-to: Alexander Rødseth <rodseth@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-03-09Replace "pt" translation by "pt_PT"Lukas Fleischer3-229/+230
This makes the difference between Portuguese (Brazil) and Portuguese (Portugal) a bit clearer. Also, "pt_PT" is way more up to date than "pt". Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-03-09Translation updates from TransifexLukas Fleischer23-1401/+1105
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-02-19Escape all output strings in the header and footerLukas Fleischer2-4/+4
Escape each output string using htmlspecialchars(). These aren't exploitable; it's still better to escape them properly. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-02-19Fix some more XSS vulnerabilitiesLukas Fleischer3-3/+3
Escape strings properly using htmlspecialchars(). Seems like we missed these in former cleanups. Fixes FS#28515. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-10-25Escape wildcards in "LIKE" patternsLukas Fleischer4-13/+15
Percent signs ("%") and underscores ("_") are not escaped by mysql_real_escape_string() and are interpreted as wildcards if combined with "LIKE". Write a wrapper function db_escape_like() and use it where appropriate. Note that we already fixed this for the RPC interface in commit da2ebb667b7a332ddd8d905bf9b9a8694765fed6 but missed the other places. This patch should fix all remaining flaws reported in FS#26527. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-10-25Wrap mysql_real_escape_string() in a functionLukas Fleischer12-61/+67
Wrap mysql_real_escape_string() in a wrapper function db_escape_string() to ease porting to other databases, and as another step to pulling more of the database code into a central location. This is a rebased version of a patch by elij submitted about half a year ago. Thanks-to: elij <elij.mx@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Conflicts: web/lib/aur.inc.php
2011-09-05Update message catalogLukas Fleischer1-5/+10
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-09-05web/template/login_form.php: Escape the request URILukas Fleischer1-1/+1
Reported-by: Thomas Bächler <thomas@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-09-05web/html/pkgsubmit.php: Deal with unset category IDLukas Fleischer1-3/+15
Do not move the package to the incoming package directory and fail to create proper database entries if some AUR upload helper doesn't provide a category. We got several failing constraints here, such as: Cannot add or update a child row: a foreign key constraint fails (`AUR`.`Packages`, CONSTRAINT `Packages_ibfk_1` FOREIGN KEY (`CategoryID`) REFERENCES `PackageCategories` (`ID`) ON DELETE NO ACTION) Instead, default to "1" (which is "none", or "keep category" for existing packages) if no category is supplied. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-09-05Link to current page in the login bar HTTPs linkLukas Fleischer1-2/+2
This is way more convenient if you follow a HTTP link. Implements FS#25757. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-22RPC: Fix info queries when using package IDsLukas Fleischer1-1/+1
Info queries using package IDs were no longer working due to commit c6d84b3a8df10c522d79c754d4f73cb2a352586f, which introduced a table join in process_query(), thus making the "ID" column ambiguous. Fix this by explicitly specifying the table to use. Fixes FS#25696. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-22Add missing __() to category info in package detailsLukas Fleischer1-3/+3
This makes the "Category" label as well as "Change category" button on the package details page translatable. Fixes FS#25692. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-22UPGRADING: Fix rewrite rulesLukas Fleischer1-2/+2
Do not attempt to rewrite "/packages/fo/foo/foo.tar.gz". Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-20Release 1.9.0v1.9.0Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-20Replace "el_GR" translation by "el"Lukas Fleischer4-838/+874
We discussed this on aur-dev. We shouldn't specify a territory unless translations are specific to a variant of the Greek language. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-20Add Portuguese (Brazilian) translationLukas Fleischer3-0/+861
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-20Translation updates from TransifexLukas Fleischer8-578/+610
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-19UPGRADING: Add note on aurblup config changesLukas Fleischer1-0/+2
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-19aurblup: Update config.h.protoDan McGee1-3/+10
* Switch to x86_64 architecture by default * Add more repositories (including multilib) * Update default configuration path to include .php file extension Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-13Rebuild message catalog and translationsLukas Fleischer23-483/+614
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-13Add Finnish and Dutch translationsLukas Fleischer4-0/+1701
Thanks-to: Jesse Jaara <jesse.jaara@gmail.com> Thanks-to: Jelle van der Waa <jelle@vdwaa.nl> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-13Translation updates from TransifexLukas Fleischer20-4957/+1371
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-13po/POTFILES: Fix library file pathsLukas Fleischer1-3/+3
Regression introduced in 888db089c515270fd5cd9a9bedd217110f43bc4c. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-13po/Makefile: Fix version file pathLukas Fleischer1-1/+1
We broke this in 888db089c515270fd5cd9a9bedd217110f43bc4c when adding the ".php" extension to all inclusion files. Seems like we forgot to do this in the Makefile. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-12Use secure and httponly session cookiesLukas Fleischer3-4/+4
As discussed on the mailing list, enable "secure" and "httponly" for session cookies to prevent them from being transferred over insecure connections. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11Add a configuration setting to disallow HTTP loginLukas Fleischer3-3/+17
If this is enabled, do not show the login form and display a note suggesting to switch to a secure connection if a user accesses the site via HTTP. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11UPGRADING: Add note on backward compatible package URLsLukas Fleischer1-0/+17
Thanks-to: Dave Reisner <d@falconindy.com> Thanks-to: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11UPGRADING: Mention the upload directory transform scriptLukas Fleischer1-0/+3
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11Remove unnecessary atype and uid lookup from package_details()Dan McGee2-3/+2
These were never used in the function. Where they are used is in the pkg_details.php template, so move them closer to their actual usage so as not to confuse poor programmers such as myself. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11Use 'true' instead of 'True' everywhereDan McGee2-9/+9
Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11Make package creation and update atomicDan McGee1-1/+5
Add BEGIN and COMMIT statements where it makes sense to do so. This allows the entire package creation or update process to be atomic and not be seen until it is complete. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11pkgfuncs.inc.php: allow all DB funcs to take handle argDan McGee1-61/+102
Allows handle reuse if one is available. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11aur.inc.php: allow all functions using DB to take handle as argDan McGee1-25/+49
This prevents needless calls to db_connect() if we already have a reference to a handle we can pass into a function. Although the current underlying implementation using mysql_connect() will return the same connection if all parameters are the same, this might not be true if we switch to a more modern (e.g. PDO) interface. In the face of safe transactions, it is extremely important all actions are being taken over the same connection to the database. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11Allow for merging deleted packages into existing onesLukas Fleischer3-2/+18
Merge all comments and votes of deleted packages into another package if the "Merge with" field is used. Duplicate votes (votes from a user who already voted on the target package or voted on more than one of the deleted packages) are discarded. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-11Add "mergepkgid" argument to pkg_delete()Lukas Fleischer1-1/+30
This allows for merging comments and votes of deleted packages into another one which is useful if a package needs to be renamed. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: Dan McGee <dan@archlinux.org>
2011-08-11Rename package_exists() to pkgid_from_name()Lukas Fleischer3-4/+4
Describe what this function actually does: Return the ID of a package with a given name and return NULL if such a package doesn't exist. The function name is chosen in a fashion similar to other functions from "pkgfuncs.inc.php" (pkgname_from_id(), pkgnotify_from_sid(), ...). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-10Add a upload directory transform scriptDan McGee1-0/+58
This goes with the previous patch that moves uploads into segmented subdirectories. To actually run, follow the DRYRUN instructions. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-10Segment the upload directory by package name prefixDan McGee4-13/+21
This implements the following scheme: * /packages/cower/ --> /packages/co/cower/ * /packages/j/ --> /packages/j/j/ * /packages/zqy/ --> /packages/zq/zqy/ We take up to the first two characters of each package name as a intermediate subdirectory, and then the full package name lives underneath that. Shorter named packages live in a single letter directory. Why, you ask? Well because earlier today the AUR hit 32,000 entries in the unsupported/ directory, making new package uploads impossible. While some might argue we shouldn't have so many damn packages in the repos, we should be able to handle this case. Why two characters instead of one? Our two biggest two-char groups, 'pe' and 'py', both start with 'p', and have nearly 2000 packages each. Go Python and Perl. Still needed is a "move the existing data" script, as well as a set of rewrite rules for those wishing to preserve backward compatible URLs for any helper programs doing the wrong thing and relying on them. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-10Allow SQL_DEBUG to be undefinedDan McGee1-1/+1
We shouldn't require this as it is a new config parameter and it causes PHP warnings to be spewed everywhere. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-10scripts/cleanup: use native PHP onlyDan McGee1-9/+11
No need to shell out to the system here. Also fix the script so it actually works. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-07-29Fix empty depends database insertLukas Fleischer1-11/+16
Do not try to insert a falsey value into the database in case of "depends=()". Signed-off-by: Manuel <manutortosa@chakra-project.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-06-28Replace split() invocations with explode()Lukas Fleischer1-1/+1
Do not use split(), which has been deprecated as of PHP 5.3.0. As we don't even require regular expressions here, just use explode() instead. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-06-28aurblup: use implicit make rules and adjust CFLAGSDan McGee2-5/+1
We don't need to add rules for implicit .c -> .o conversions. Also add -O2 to the CFLAGS as gcc doesn't print many warnings unless at least some level of optimization is used. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-06-28aurblup: mark all functions and global variables staticDan McGee1-23/+23
These don't need visibility outside of this compilation unit. This also allows a C compiler to inline and optimize as it sees fit. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-06-28aurblup: blacklist processing query changesDan McGee2-21/+5
* Do all list building and freeing outside of the transaction to keep it as short as possible. * Remove ability to blacklist without transactions as we now only support InnoDB/transactional engines with proper relations. * No need to turn autocommit off; BEGIN TRANSACTION operates regardless of this setting. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>