Age | Commit message (Collapse) | Author | Files | Lines |
|
make the sql query form consistent in usage by cleaning up instances
where db_query's result was not inspected before attempting to fetch row
data from the handle
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Ensure we are not quoting these values in any of our SQL queries.
Thanks-to: elij <elij.mx@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Increases compatibility with standard SQL dialect.
Thanks-to: elij <elij.mx@gmail.com>
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
PHP requires callback functions to be passed as strings. Fix this to
supress PHP notices.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Do this in preparation for the upcoming notification script removal.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fix a lot of invalid XHTML in the templates and actions. There might
still be some legacy code left, but this should cover most of it.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This change is necessary to prevent this:
mysql> delete from Users where ID = 112;
ERROR 1451 (23000): Cannot delete or update a parent row: a foreign key constraint fails (`aur`.`Packages`, CONSTRAINT `Packages_ibfk_2` FOREIGN KEY (`SubmitterUID`) REFERENCES `Users` (`ID`) ON DELETE NO ACTION)
As a bonus, due to foreign keys, orphaning of packages will be
automatic.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
To upgrade existing databases:
ALTER TABLE Users ADD Salt CHAR(32) NOT NULL DEFAULT '';
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
I forgot about the forms.
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
|
|
This includes only the requested language for each page and
makes top level language include files obsolete.
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
The site no longer needs to be hosted from the
root of a domain, or virtual host.
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Also clean up a notice in index.php
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Patch by: BaSh <bash.lnx@gmail.com>
Adds query string to url when logging in
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
|
|
update a few others to new usage
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
Signed-off-by: Simo Leone <simo@archlinux.org>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
Signed-off-by: Simo Leone <simo@archlinux.org>
|
|
Utilise login form template.
Also cleaned up a couple notices.
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
Signed-off-by: Simo Leone <simo@archlinux.org>
|
|
try_login() to login users
valid_username() checks if a new username fits criteria
valid_user() checks if the user exists in the database
good_passwd() only checks for minimum password length for now.
can be later expanded to tell a user to make a stronger password.
valid_passwd() checks if the password for the specified user is correct
user_suspended() checks if the user is suspended (or not)
user_delete() deletes a user (it doesn't orphan PKGs yet though)
user_is_privileged() returns privilege level User (0) TU (2) Dev (3) of
user ID. 0 is used for a regular user for ease in conditionals.
Also: Enforce proper usernames on account creation or editing
Fix bug where $SUPPORTED_LANGS needs to be reset on account creation
Fix bug where an account could be created with an empty passwd
Display (required) beside password fields on account creation
Enforce good_passwd() on account creation
TUs and Devs can edit a user to have a username that doesn't conform to
the standard valid_username(). This is to allow them to edit old
accounts without messing up the user name.
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
This has a couple of bugs I just discovered arrgh. We shall return
This reverts commit 5e7e9f1b21d8803c718ac8551f8e0e25709fcd6f.
|
|
try_login() to login users
valid_username() checks if a new username fits criteria
valid_user() checks if the user exists in the database
good_passwd() only checks for minimum password length for now.
can be later expanded to tell a user to make a stronger password.
valid_passwd() checks if the password for the specified user is correct
user_suspended() checks if the user is suspended (or not)
user_delete() deletes a user
Also: Enforce proper usernames on account creation
Fix bug where $SUPPORTED_LANGS needs to be reset on account creation
Fix bug where an account could be created with an empty passwd
Display (required) beside password fields on account creation
Enforce good_passwd() on account creation
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
|
|
|
|
- Replaced all occurences of mysql_escape_string()
with mysql_real_escape_string().
|
|
|
|
|
|
also modified it slightly so that we no longer look at AURMaintainerUID for maintainer
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|