Age | Commit message (Collapse) | Author | Files | Lines |
|
Replace the default hash function used for storing passwords by
password_hash() which internally uses bcrypt. Legacy MD5 hashes are
still supported and are immediately converted to the new format when a
user logs in.
Since big parts of the authentication system needed to be rewritten in
this context, this patch also includes some simplification and
refactoring of all code related to password checking and resetting.
Fixes FS#52297.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Use "<?=" instead of "<?" for printing.
Fixes a regression introduced in a9048bb (Dedupe translatable strings,
2015-11-25).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of triggering a PHP warning and using an empty title if no
package base is specified, use a default title.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Only show package requests created less than 6 months ago on the
dashboard.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Move the package search links below the section headings.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Add a new table which shows all package requests affecting the currently
logged in user.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Introduce a new boolean flag that can be used to disable extended
headers, pagination and forms.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Do not include the wrapper div container in the template.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Implement a table that shows all packages which are flagged out-of-date
and either maintained or co-maintained by the currently logged in user.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
In addition to showing the 50 most recent maintained and co-maintained
packages, add links to all packages one owns or co-maintains.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
For logged in users, the home page is replaced with an overview of the
packages the user maintains or co-maintains.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Do not print the wrapper div container when calling pkg_search_page().
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
* Pass search parameters using an associative array instead of $_GET.
* Add a boolean parameter to enable and disable headers/footers.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
This makes it easier to display search results without showing the
search form.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Modify the call to process_account_form() to only having one parameter per
line.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Currently, aurweb displays all dates and times in UTC time. This patch
adds a capability for each logged in user to set their preferred
timezone.
Implements FS#48729.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
When clicking on the linked Git clone URL of a package base, users are
faced with a 404 error page since the URL is not supposed to be opened
in a web browser. Add some notes to 404 error pages corresponding to Git
clone URLs that explain how to use them instead.
Fixes FS#51266.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Commits 6ec4a35 (Send notifications when changing ownership, 2016-02-21)
and e3670ef (Add a homepage field to accounts, 2016-06-02) forgot to
change some usages of display_account_form() and process_account_form()
to account for the new parameter. The former also forgot to add the new
column to the database schema.
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Allow users to add a link to their homepage to their profile.
Implements FS#22774.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Eric Engestrom <eric@engestrom.ch>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Introduce a new notification option to receive notifications when a new
commit is pushed to a package repository.
Implements FS#30109.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Add a configuration option to the account edit page that allows for
globally enabling/disabling package base comment notifications.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
It was hard to make it consistent with the other new icons from Open
Iconic and it hadn't much use after all.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
The other new icons (in package comments) behave the same way.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
After 24734d0 (Shorten Email column to 254 characters, 2015-11-12) the
maximum length of the input fields should be shortened, too.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Only Developers and Trusted Users can undelete comments.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Implements: FS#46546
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Use a flat icon from the Open Iconic collection to mark new packages.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Use a flat icon from the Open Iconic collection for the RSS feed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Remove some very old and outdated logos. Update the RSS feed to use the
new logo.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
The new SVG icons used in aurweb are taken from the Open Iconic project.
Add their license to our source tree.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Adds capability to pin comments before others.
Implements FS#10863.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Apparently the reference to "files" can be confusing.
Fixes FS#47167.
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
According to RFC 3696 (and the associated errata), an email address can
be up to 256 characters long. Change the database field and the length
limit on all input fields accordingly.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
If a dependency neither exists in the official repositories nor in the
AUR, make it appear bold red.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Fixes FS#46545.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Instead of hardcoding the RPC interface documentation in rpc.php,
include the HTML code of the documentation page generated by AsciiDoc.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
When deleting a package base from the package base deletion form, do not
try to redirect to the package base details page afterwards. Instead,
jump to the package overview.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
After performing a package base action on a separate page, return to the
corresponding package base details page.
Partly fixes FS#46545.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Implements FS#42343.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
When requesting package details, instead of performing another SQL query
to obtain the package name, extract the name from the result of the
package details query.
Also, drop pkg_name_from_id() which is no longer needed after this
optimization.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Accept both user names and email addresses in the login prompt.
Suggested-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
This helper function was almost 100% identical to uid_from_username().
Switch to using uid_from_username(), which has a much better name and
implementation, everywhere.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|
|
Implements FS#42827.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
|