summaryrefslogtreecommitdiffstats
path: root/web/html
AgeCommit message (Collapse)AuthorFilesLines
2011-01-25Replaced rm_rf() by rm_tree().Lukas Fleischer1-1/+1
Implemented recursive directory deletion in PHP properly without the use of exec(). This improves security, performance and portability and makes the code compatible with PHP's Safe Mode as well as with PHP setups that disable exec() using the "disable_functions" directive. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-25Removed links to internal sources from package details.Lukas Fleischer1-0/+6
Tarball extraction code has been removed in commit ec0dfc27deb246ee7d7f19fd5290e499805869d2, so links to package sources contained in the source tarball itself will no longer be accessible through the AUR frontend. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-24Build URLs from package names (fixes FS#15308, FS#19327).Lukas Fleischer1-5/+3
Drop the "URLPath" field from the "Packages" table, build URLs from package names instead. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-20Black fonts for out-of-date rows in search results (fixes FS#20514).Lukas Fleischer1-0/+2
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-19Removed code for tarball extraction.Lukas Fleischer1-48/+12
Automatic tarball extraction was vulnerable in different ways. Users should also only use source tarballs to build packages, so this has been removed completely. From now on, only the PKGBUILD is extracted in a secure manner. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2010-12-05Do not display current votes in All Votes, and rename it as Past VotesAndrea Scarpino1-2/+2
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-11-21Auto redirect from confirmation screens.Dan Vratil3-109/+8
Finally move comment deletion and category editing into functions and remove pkgedit.php Signed-off-by: Loui Chang <louipc.ist@gmail.com> -Fix indentation -Fix variable naming conflict $id vs $cid
2010-11-21Bold links in the archnavbar header.Lukas Fleischer1-0/+4
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-11-10Add timestamp when a package is flagged out-of-date (FS#20848).Lukas Fleischer1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com> - resolve conflict and omit i18n changes.
2010-11-03Set background-color to white.Loui Chang1-0/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-10-08Modify some strings for translation.Loui Chang1-4/+3
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-08-12Fix the search-button to allow captions wider than 80px (e.g. in german ↵PyroPeter1-1/+1
translation) Change width to min-width. - Loui Signed-off-by: PyroPeter <abi1789@googlemail.com> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-07-23Header and navbar consistent with Arch site redesignDenis Kobozev3-0/+41
-- Loui Chang Change is_tu to check_user_privileges Change div#archdev-navbar style Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-07-02Confirmation when deleting packagesLukas Fleischer1-2/+7
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-06-24pkgsubmit: Remove build function checkAndrea Scarpino1-15/+1
Closes: http://bugs.archlinux.org/task/19914 Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-06-05pkgsubmit: store the previous path with getcwd()mickael91-1/+3
This solves the problem of include files not being found after an error. $_SERVER['DOCUMENT_ROOT'] is not reliable because the AUR might be installed in a subdirectory. This closes http://bugs.archlinux.org/task/16887 Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-04-17Support for storing salted passwordsDenis1-1/+4
To upgrade existing databases: ALTER TABLE Users ADD Salt CHAR(32) NOT NULL DEFAULT ''; Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-03-13packages.php: Fix explicit sorting when search keywords aren't specified.Loui Chang1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-03-12titlelogo.png: Update againLoui Chang1-0/+0
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-03-12packages.php: Only sort by vote if search keyword isn't set.Loui Chang1-1/+1
People entering explicit search terms would expect alphabetical order. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-02-26Update Arch Linux titlelogo.Loui Chang1-0/+0
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-12-26tu.php: Sort votes by descending date.Loui Chang1-4/+4
Also make syntax more straightforward. 'asc' is ascending, rather than 'up'. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-12-16packages.php: Check if _GET value is set before assuming a default.Loui Chang1-2/+4
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-12-15packages.php: Make default view sort packages by descending votes.Loui Chang1-0/+2
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-24Change legend style and default font size.Loui Chang2-1/+7
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-24Reposition language menu in the header.Loui Chang1-2/+2
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-24pkgsubmit.php: Remove redundant error message.Loui Chang1-8/+0
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-24Remove obsolete images.Loui Chang4-0/+0
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-24Bring TU addvote into the current layout.Loui Chang3-19/+25
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-24Restyle the layout.Loui Chang4-122/+73
Make HTML markup more logical. Remove some unused style sheets rules. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-23tu: Bring Trusted User interface in line with the rest of the site.Loui Chang1-12/+4
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-23tu.php: Remove trailing whitespace.Loui Chang1-4/+4
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-13Implement 'Password Reset' facility (FS#3061)Evangelos Foutras1-0/+137
This works by adding a new field to the 'Users' table called 'ResetKey', which is a 32 characters long, random string. When the user requests a password reset, a new 'reset key' is generated and sent to the user's e-mail address in the form of a link in the following format: http://aur.archlinux.org/passreset.php?resetkey=<reset key> When the above link is followed, the user is presented with a form to verify his/her e-mail address and specify the new desired password. If the e-mail address matches the reset key in the database, the new password is assigned to the account. If there is an error, a relevant message is displayed and the user is prompted to re-enter the required information. Upon successful completion of this procedure, the ResetKey field in the database is blanked and the specific key cannot be reused. One SQL query is needed to add the ResetKey field to the 'Users' table: ALTER TABLE `Users` ADD `ResetKey` CHAR(32) NOT NULL DEFAULT ''; Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-10pkgsubmit: Instruct users how to make source packages.Loui Chang1-6/+7
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-09Fix a missing exit() call in pkgedit.phpLaszlo Papp1-0/+1
Signed-off-by: Laszlo Papp <djszapi@archlinux.us> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-10-26Untranslate TU vote fields so they're properly saved in the database.Loui Chang1-3/+3
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-09-29Remove the plain PKGBUILD upload feature.Loui Chang1-4/+0
makepkg --source should be used to upload packages. It provides a bit of error checking and it's good to support only a single format here. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-09-29Add usage output info for maintainer search extensionLaszlo Papp1-1/+2
Add msearch type to the list on http://aur.archlinux.org/rpc.php Signed-off-by: Laszlo Papp <djszapi@archlinux.us> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-09-28Change rss2.php references to rss.phpLoui Chang1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-09-28renamed rss2 -> rsselij1-0/+0
changed file name, as the 2 is relatively meaningless. I think at one time it qualified it as a rss2.0 feed, but the distinction is valueless at this point, since the generated xml itself declares the rss version. make sure to set an apache rewrite rule for any production systems that require it. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-09-28cleanup rss2.phpelij2-21/+12
- removed excessive string catenation, replaced with variable substitution - consolidated http/https protocol checks - simplified host header parse (centralized) - moved cache file to /tmp, to remove need to custom permission directory in webdir Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-09-28user_doc is more or less reflected in the README/wikielij1-160/+0
Kind of pointless to keep it around. Especially in here. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-08-11Use include_once where applicableDan McGee10-21/+20
All of these are sourcing function libraries so we don't need to include them more than once. Things that insert actual HTML into the output were left calling include(). Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-08-11rpc: small optimizationsDan McGee1-2/+2
Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-07-20Add voter list on packages for TUs and devs.Loui Chang1-0/+40
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-06-25Remove excess whitespace.1.5.6.3Loui Chang4-9/+8
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-06-18submit button i18nSergej Pupykin1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-06-18Turn on package notification by default for new packagesCallan Barrett1-0/+3
Version using package functions Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-06-18fix FS#13122 (again): removing comment removal as early as possibleGergely Imreh1-3/+3
comments need to be removed before concatenating lines, otherwise not matched brackets can cause problems on submit Signed-off-by: Gergely Imreh <imrehg@gmail.com> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-04-13Don't hit the database twice per comment on packageDan McGee1-2/+2
It's performance improvement day today. For non-superusers, we were hitting the database twice per comment on a package- once to get the UID, and once to check the owner of the comment. The best part is we already knew the owner of the comment, and we only need to get our own UID once. For viewing a package like yaourt, this cuts a single pageview from over 700 queries to around 18, which is still not great but a pretty big improvement. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Loui Chang <louipc.ist@gmail.com>