summaryrefslogtreecommitdiffstats
path: root/web/html
AgeCommit message (Collapse)AuthorFilesLines
2014-04-05Factor out PKGBUILD parsingLukas Fleischer1-141/+1
This is legacy code. Move it to a separate source file in order to clean up the submission code. The code will be removed altogether in an upcoming release. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-04-05Do not allow for overwriting arbitrary packagesLukas Fleischer1-21/+23
A package should only be overwritten if it already belongs to the package base that is trying to overwrite it. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-04-05Add package base detail pagesLukas Fleischer2-0/+71
This adds package base details pages, similar to the package details pages. Each package base details page contains general information (package base name, category, submitter, maintainer, ...) and links to all the corresponding packages. As on the package details pages, comments and links to several package actions are also provided. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-04-05Add full support for the new .AURINFO formatLukas Fleischer1-116/+153
This adds full support for the new .AURINFO format used by mkaurball, including support for split packages. The old PKGBUILD parser is still available for compatibility reasons. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-04-05Make the delete function remove package basesLukas Fleischer1-4/+4
Deleting a single package without deleting the whole package base makes no sense. Comments and votes are already stored on a per-package basis, making this a straightforward extension. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-04-05Add provisional support for package basesLukas Fleischer1-13/+14
This adds a PackageBases table to the database schema and moves the following fields from the Packages table to PackageBases: * CategoryID * NumVotes * OutOfDateTS * SubmittedTS * ModifiedTS * SubmitterUID * MaintainerUID It also fixes all database accesses to comply with the new layout. Having a separate PackageBases table is the first step to split package support. By now, we create one PackageBases entry per package (where the package base has the same name as the corresponding package). When adding full support for split packages later, the package base name will be derived from the pkgbase variable and a single package base will be shared amongst all packages built from one source package. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-10passreset.php: Make error messages translatableLukas Fleischer1-2/+2
This fixes a regression introduced in commit 48b7407 (passreset.php: Refactor HTML, 2014-01-08). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-10Highlight the AUR link in the navigation barLukas Fleischer1-0/+4
Fixes FS#38498. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-06Style fixes: Capitalization of "true" and "false"Lukas Fleischer1-3/+3
Use "true" instead of "TRUE" and "false" instead of "FALSE" or "False". Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-02-03account_details.php: Add link to edit a user's accountcanyonknight1-0/+5
This improves the ability to edit a user's account directly through UI features rather than manually appending 'edit' to the URL or searching for the account and selecting edit. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-22Further optimize voters.php to only need the package namecanyonknight2-3/+3
* Extends changes in 81d4cc13dcae2f159ed937d4ce41e1df7d3c82b0 * Modify getvotes() to use the package name rather than package ID * Rename getvotes() to votes_for_pkgname() for clarity with new changes * Modify routing framework and links to now use package names for voters.php Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-20voters.php: Remove extra call to pkgname_from_id()canyonknight1-3/+2
No need to store package ID and call pkgname_from_id() twice when the end goal is the package name. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-17pkgsubmit.php: Improve visibility of errorsLukas Fleischer1-4/+4
Make use of the "errorlist" class instead of "pkgoutput" which is no longer defined in the CSS. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-17Add a warning for packages without .AURINFOLukas Fleischer1-0/+7
Display a deprecation warning when a package without meta data is submitted. The user can still decide to ignore that warning by resubmitting the package but doing so is not recommended. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-17Promote the use of mkaurballLukas Fleischer1-1/+1
mkaurball automatically adds .AURINFO meta data when building, so tell people to use that instead of `makepkg --source`. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-17Detect split packages from .AURINFOLukas Fleischer1-0/+6
There is an extension to the .AURINFO format that supports split packages. Since there is no support for split packages in the AUR so far, add a check to identify these cases. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-17Strip whitespace from .AURINFO linesLukas Fleischer1-0/+1
Indentation can be useful if one wants to structure an .AURINFO file. Remove leading and trailing whitespace from each line before parsing. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-17Rename "depend" field to "depends" in .AURINFOLukas Fleischer1-1/+1
This field has been renamed in a revision of the .AURINFO format. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-11Fix split package error handlingLukas Fleischer1-6/+7
Do not remove parentheses from the pkgname to make sure the split package detection works properly. Also, fix a regression introduced in 4bb6e88 (pkgsubmit.php: Simplify package name validation, 2013-03-05) that resulted in the split package error message never showing up. Fixes FS#37496. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-11Forbid developers to voteBalló György1-0/+3
According to Trusted User Bylaws, TUs (and only TUs) must take part in votes. Developers who want to take part in votes should set their account type to 'Trusted User'. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-11passreset.php: Error out if e-mail is emptyLukas Fleischer1-7/+12
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-11passreset.php: Refactor HTMLLukas Fleischer1-13/+12
* Use the "errorlist" class for errors. * Refactor some code. * Properly display error messages when requesting a key. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-11Typeahead workaround for having to press enter twiceJoris Steyn1-0/+9
Currently, one has to press enter twice in order to submit the package search form with typeahead completion. Add a workaround to fix this. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-02Go to package when selecting a typeahead suggestionJoris Steyn1-1/+5
Directly jump to the package details when selecting an entry from the drop-down list. Implements FS#34471. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-09-08Convert adopt/disown package action link to formcanyonknight1-0/+6
* Changes adopting/disowning packages to use GET instead of POST * Uses CSS to make form submit button look like a link * Complements commit 3bc951e3d87eaf692a7e47cf16a28d838c7cb2bd Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-09-03Sync CSS with archwebLukas Fleischer3-146/+159
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-09-03Move "Add Proposal" link to "Current Votes"Lukas Fleischer1-9/+1
The page this links to allows for adding an item to the list of current votes. Move the link accordingly. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27Move package comment check to packages.phpLukas Fleischer1-0/+6
Checking whether to add a comment is something that really does not belong to a function named display_package_details(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27Use POST-Redirect-GET for most package actionsLukas Fleischer1-0/+6
Avoid showing a POST data resubmission dialog and simply redirect to the package page if a package action completed successfully. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27Add boolean return values to several pkg_*() functionsLukas Fleischer1-12/+13
Change the return values of following functions to return both error/success and an error/success message: * pkg_flag() * pkg_unflag() * pkg_adopt() * pkg_vote() * pkg_delete() * pkg_notify() * pkg_delete_comment() * pkg_change_category() Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27Pick sane default registration languageLukas Fleischer1-1/+1
Instead of defaulting to Català (which is the first entry in the list of supported languages), choose whatever language the unregistered user is browsing the AUR in. Fixes FS#34825. Suggested-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27Re-add CRSF tokens to most package actionsLukas Fleischer1-4/+0
We fixed all known CRSF vulnerabilities in commit 2c93f0a (Implement token system to fix CSRF vulnerabilities, 2012-06-23). c349cb2 (Add virtual path support for package actions, 2012-07-17) partly reverted this by injecting a valid CRSF token when virtual paths are in use. This patch allows for keeping the virtual path feature, while reintroducing POST forms and CRSF tokens. Actions like package flagging, votes and notifications are no longer prone to CRSF (see FS#35437 for details). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27pkg_details: Convert most action links to formsLukas Fleischer1-0/+19
Use forms and POST instead of GET for following actions: * Flagging/Unflagging a package out-of-date * Voting for a package and removing votes * Enabling/Disabling notifications Use CSS to make the submit buttons of these forms look like links. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-26Move "Past Votes" navigation to "Past Votes" boxLukas Fleischer1-14/+3
These are navigation links and do not belong to the action box. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-26Add "Last Votes by TU" listLukas Fleischer1-0/+2
This shows a list of all Trusted Users and the vote ID of the last proposal each of the TUs voted on. This list is sorted by vote ID. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-22Add a vote type to the TU proposal formLukas Fleischer1-12/+34
There are only four valid reasons for starting a TU vote, so instead of letting the user choose a vote length, let her pick a reason and set vote length and quorum based on that selection. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-22Allow for setting an account's inactivity statusLukas Fleischer1-2/+3
This adds a field to the users table and corresponding fields to the account edit and display forms that allow for setting an (in-)activity status. This might turn out to be useful if a user is on vacation and can not respond to update/orphan/deletion requests. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-04-24Remove superfluous search wrapper functioncanyonknight1-1/+1
The search_accounts_form() wrapper function doesn't have any arguments and only makes it unclear what is happening within account.php Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-04-20Retrieve package details after package actions are processedcanyonknight1-4/+7
Fixes FS#34508 Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-26Use minified typeahead JS from archwebLukas Fleischer4-313/+3
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-21Return 404 error page if invalid package ID is usedLukas Fleischer1-0/+6
We already display the 404 error page if someone tries to access an invalid package via virtual URLs ("/packages/nonexistent"). Add the same check to "web/html/packages.php" to make sure the same error is shown if a user requests package details of a nonexistent package ID via legacy URLs ("/packages.php?ID=-1"). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-19Enforce e-mail validation during registrationLukas Fleischer1-2/+2
Remove the password field from the account creation form and always send a password reset request via e-mail instead. This ensures that only users with valid e-mail addresses are able to login. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-19Move reset key submission to a separate functionLukas Fleischer1-17/+5
This allows for reusing reset key submission for other things, such as sending an initial password reset code during account registration. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-09pkgsubmit.php: Parse .AURINFO metadataLukas Fleischer1-4/+33
This allows for adding a metadata file called ".AURINFO" to source tarballs to overwrite specific PKGBUILD fields. .AURINFO files are parsed line by line. The syntax for each line is "key = value", where key is any of the following field names: * pkgname * pkgver * pkgdesc * url * license * depend Multiple "depend" lines can be specified to add multiple dependencies. This format closely matches the .PKGINFO format that is used for binary packages in pacman/libalpm. It can be extended by field name prefixes or sections to support split packages later. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-05pkgsubmit.php: Move URL protocol check downLukas Fleischer1-14/+12
Move all PKGBUILD field validations to a central location. Also, change $pkgbuild[] to $new_pkgbuild[] in order to parse evaluated PKGBUILD fields instead of raw ones. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-05pkgsubmit.php: Simplify package name validationLukas Fleischer1-12/+6
Remove redundant filters -- single quotes are already removed in $pkgbuild_new and we do not pass the package name to a shell (additionally, the regular expression already checks for potentially evil characters). Also, move the $pkg_name extraction up to fix the split package check. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-02-10Fix default selection on the account edit pageLukas Fleischer1-1/+1
We used a mixture of account type IDs and account type descriptions on the account edit page. This resulted in the account type field always defaulting to "Normal user" after an invalid form had been submitted. Consistently use account type IDs to avoid this. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-02-10Remove unneeded database connection callscanyonknight4-5/+0
Since all database related functions will establish a connection when needed, there is no need to pre-emptively try and establish a database connection. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-02-10Remove checks before calling connection methodcanyonknight1-3/+1
Large amount of boilerplate code that checks if a database connection exists is useless now that the new connection method automatically does the same check. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-02-10Remove unnecessary database connection parameter from all functionscanyonknight3-16/+16
All functions now have a database connection method that will use the same database connection. This imitates the functionality of passing a database connection as an argument and makes it redundant. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>