summaryrefslogtreecommitdiffstats
path: root/web/template/header.php
AgeCommit message (Collapse)AuthorFilesLines
2012-02-19Merge branch 'maint'Lukas Fleischer1-4/+4
2012-02-19Escape all output strings in the header and footerLukas Fleischer1-3/+3
Escape each output string using htmlspecialchars(). These aren't exploitable; it's still better to escape them properly. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-02-19Fix some more XSS vulnerabilitiesLukas Fleischer1-1/+1
Escape strings properly using htmlspecialchars(). Seems like we missed these in former cleanups. Fixes FS#28515. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-11-02Add a new AUR_LOCATION settingDan McGee1-1/+1
This should be set to something like 'http://localhost' for development or 'https://aur.archlinux.org' in production. It ensures all links in the site stay in the development site and there is no sudden jump from development to production environments. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-06-25fix incompatibility with php short open tagsFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-04-20Use HTTPs for links in the main site navigation bar (fixes FS#23832).Lukas Fleischer1-7/+7
Basically just sync with what archweb currently uses, prefixing all relative URLs with "http://www.archlinux.org". Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-30Fix XSS vulnerability in "web/template/header.php".Lukas Fleischer1-2/+2
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-11Fix broken XHTML.Lukas Fleischer1-2/+2
Fix a lot of invalid XHTML in the templates and actions. There might still be some legacy code left, but this should cover most of it. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2010-08-01header.php: Add missing closing </li> tag.Loui Chang1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-07-23Header and navbar consistent with Arch site redesignDenis Kobozev1-36/+33
-- Loui Chang Change is_tu to check_user_privileges Change div#archdev-navbar style Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-12-08header.php: Remove lingering </li> tag.Loui Chang1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-24Restyle the layout.Loui Chang1-34/+25
Make HTML markup more logical. Remove some unused style sheets rules. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-09-28Change rss2.php references to rss.phpLoui Chang1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-08-11Remove Google ads from headerDan McGee1-14/+0
Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-01-24Rework login form.Loui Chang1-2/+0
Correct some xhtml validation errors. Correct translation usage. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-01-23Fix a few xhtml validation errors.Loui Chang1-3/+2
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-01-04Store account type in local var when possibleDan McGee1-2/+3
No need to call this function way too often, especially when on the package list page where it could be called up to once per row. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-12-21Make all web paths relative.Loui Chang1-7/+7
The site no longer needs to be hosted from the root of a domain, or virtual host. Signed-off-by: Loui Chang <louipc.ist@gmail.com> Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
2008-11-25Renamed Get Arch to Download.Thayer Williams1-7/+7
AL logo now goes to AL homepage, not AUR homepage Appended forward slash to top navigation links Signed-off-by: Thayer Williams <thayer@archlinux.org> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-10-06Move logout link from main menu to login barCallan Barrett1-1/+0
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-03-23Revamped pkg_search_page()Simo Leone1-1/+1
- Reduced database hits - Improved speed - Improved sanity (slightly) - Fixed searches,buttons,gizmos Signed-off-by: Simo Leone <simo@archlinux.org>
2008-03-23Put login into its own function.Loui Chang1-18/+1
Utilise login form template. Also cleaned up a couple notices. Signed-off-by: Loui Chang <louipc.ist@gmail.com> Signed-off-by: Simo Leone <simo@archlinux.org>
2008-01-20Turn action bar into drop boxCallan Barrett1-1/+1
Moves the action bar down to the bottom right of the search results and turns it into a drop-down selection box. Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com> Signed-off-by: Simo Leone <simo@archlinux.org>
2008-01-20Fix login error and translation bugCallan Barrett1-1/+1
Fixes a login error where entering nothing would result in the login message "Incorrect password for username, ." and changes the translation "TU" to "Trusted User" so the menu bar on the accounts page doesn't bug up (we need a new translation system :((() Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com> Signed-off-by: Simo Leone <simo@archlinux.org>
2008-01-20some more tweaks to make it look less like I worked on it.eliott1-0/+14
2008-01-20Hacky attempt to fix lang and navigation barseliott1-49/+48
2008-01-20More cleanup, add TU link to headerCallan Barrett1-6/+13
Cleans up links on front page, adds a TU link to the header to the voting application, fixes some titles and styling for logged in text Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
2008-01-20updates to header. Manual addition of thayers previous patch.eliott1-8/+2
2008-01-20Support for verbose page titlesCallan Barrett1-1/+1
Verbose page titles again Adds support for more verbose page titles based on current page and action by user and removes sort by options from search form as they're obsolete by column links. Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
2008-01-20Tweaks of various page layouts and handling of dataCallan Barrett1-1/+1
This is a patch that fixes a lot of little things: * We no longer have pkgsearch or pkgdetails link functions and all references to them are gone, that's what a back button is for and if we really need it we can come up with something better * No longer have do_Details variable, this means links on the package search are simply ?ID=foo * On the pkgdetails pages when there are either no deps, deps by, sources or comments for a package the list for each will display "None" instead of nothing at all (ruining the layout) * Fixed a bug where if a package had no sources or no deps pkgsubmit.php would submit an empty one * Translation of the word "Search'" has been changed to "Search" Most of these relate to each other. Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
2008-01-20Fix bug with botched AURSID valuesCallan Barrett1-4/+4
In the check_sid function in aur.inc the condition for expiring the cookie and redirecting to hacker.php could never be met and instead the user would be given blank login instead of being considered logged out, now fixed. This also means we no longer need either hacker.php or timeout.php at all. Also, this bug seems to be present in the AUR version running on aur.archlinux.org. Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
2008-01-20Removes timeout page and moves login form to headerCallan Barrett1-3/+25
This removes the need for a timeout page (and probably hacker.php) and moves the login form and status to the header. If your login times out you won't lose your place anymore and links will always work. Works for me but at the moment index_po.php is imported in aur.inc which has to stay until the translations from it for login are moved to aur_po.php. Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
2008-01-20Added header, footer, and login form templatesLoui Chang1-0/+72
Implemented the first two in web/lib/aur.inc. Signed-off-by: Loui Chang <louipc.ist@gmail.com>