Age | Commit message (Collapse) | Author | Files | Lines |
|
Instead of converting package comments from plain text to HTML code when
they are displayed, do the conversion when the comment is posted and
store the rendered result in the database. The conversion itself is done
by a Python script which uses Bleach for sanitizing the text.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of using CSS to limit the height of package comments as
implemented in 7b13203 (Limit comment height to 15 lines, 2016-03-12),
use JavaScript to collapse long comments and add a link to expand them.
Clicking the same link twice results in the corresponding comment being
collapsed again.
If JavaScript is disabled, the full comments are shown (without any
possibility to collapse or expand).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Split optional dependency descriptions from dependency names before
storing them in the database and use a separate column to store the
descriptions.
This allows us to simplify and optimize the SQL queries in
pkg_dependencies() as well as pkg_required().
Suggested-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Make sure that the get_extended_fields() invocation succeeded before
merging regular and extended fields in process_query().
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of unconditionally calling fetch on the return value of query(),
error out early if the value evaluates to false.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of unconditionally calling fetch on the return value of query(),
error out early if the value evaluates to false. Also, make sure that
the results array is always initialized, even if the result set is
empty.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of unconditionally calling fetch on the return value of query(),
error out early if the value evaluates to false.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
>From the mysql 5.7 breaking change page:
Columns in a PRIMARY KEY must be NOT NULL, but if declared explicitly as
NULL produced no error. Now an error occurs. For example, a statement
such as CREATE TABLE t (i INT NULL PRIMARY KEY) is rejected. The same
occurs for similar ALTER TABLE statements. (Bug #13995622, Bug #66987,
Bug #15967545, Bug #16545198)
References:
http://stackoverflow.com/a/22314073
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
When running in strict mode, mysql throws an error upon encountering
these definitions since they are not supported.
References:
https://dev.mysql.com/doc/refman/5.7/en/data-type-defaults.html
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Add instructions to test aurweb's web interface via the PHP built-in web
server.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Reject commits containing .SRCINFO files without any pkgname entries.
Suggested-by: Bruno Pagani <bruno.n.pagani@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of making all tests fail, error out during initialization if the
SQLite schema has not been generated.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Sqlite3 does not support the MD5 function like MySQL does, instead of the
database program hash the passwords, have Python's hashlib module do it
instead.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Allow for automatically converting the schema into a schema that works
with SQLite by running `make` from the schema/ subdirectory. Use the new
Makefile in the test suite.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Modify the schema such that it only creates the necessary tables,
indices and predefined data. This makes it easier to import the schema
into a database with a name other than "AUR".
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Do not trigger a PHP warning if there are no votes to be added or
removed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Only show the comment paragraph if the package base is actually flagged
out-of-date.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
The variable $action is always undefined in pkgbase_delete() which makes
the if-statement always true and triggers a warning whenever a package
base is removed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
In commit e171f6f (Migrate all DB code to use PDO, 2012-08-08),
PDOStatement::fetchAll() was introduced as a drop-in replacement for
mysql_fetch_array(). However, PDOStatement::fetchAll() returns a list of
all results while mysql_fetch_array() returns a single result only.
Instead of adding the missing indirection, simplify the code by using
PDO::fetchColumn().
Also add some safeguards to prevent warnings if the result set returned
by the query is empty.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
The SQL query retrieving the time zone from the database may return an
empty result set if the session timeout was reached. Handle such cases
gracefully by leaving the timezone variable unset.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Drop the fragment part of the redirection code which is an artifact of
the original code copy-pasted in commit ca954fe (Do not redirect when
showing errors during flagging, 2015-10-21).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
The $salt variable is no longer needed as of 29a4870 (Use bcrypt to hash
passwords, 2017-02-24).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
The pkgbuild_uri option was replaced by source_file_uri in 9df1bd5 (Add
direct links to each source file, 2017-02-12). Change one remaining
reference to pkgbuild_uri accordingly.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Fixes a regression introduced in 608c483 (Add user set timezones,
2017-01-20).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
|
|
Display a message that no requests matched the filter criteria instead
of showing an empty package requests table.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Replace the default hash function used for storing passwords by
password_hash() which internally uses bcrypt. Legacy MD5 hashes are
still supported and are immediately converted to the new format when a
user logs in.
Since big parts of the authentication system needed to be rewritten in
this context, this patch also includes some simplification and
refactoring of all code related to password checking and resetting.
Fixes FS#52297.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Do not overwrite the $uid variable when updating co-maintainers.
Fixes FS#52225.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Morten Linderud <morten@linderud.pw>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Use "<?=" instead of "<?" for printing.
Fixes a regression introduced in a9048bb (Dedupe translatable strings,
2015-11-25).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of triggering a PHP warning and using an empty title if no
package base is specified, use a default title.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Only show package requests created less than 6 months ago on the
dashboard.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Allow for hiding requests which were opened before a given time stamp.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
All error messages in aurjson except two end with a period. Add the
missing periods to make the messages consistent.
Signed-off-by: Michael Straube <straubem@gmx.de>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Currently, each source file which is an external link (http://,
https://, ...) is a clickable link.
This commit extends the behaviour by making files from the repository
clickable as well. The link brings the user to the corresponding cgit
page.
Also, the link to the PKGBUILD is altered to make the configuration more
consistent.
Signed-off-by: Janne Heß <jannehess@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|