summaryrefslogtreecommitdiffstats
path: root/web/template
AgeCommit message (Collapse)AuthorFilesLines
2011-03-30Fix XSS vulnerability in "web/template/header.php".Lukas Fleischer1-2/+2
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-30Fix XSS vulnerabilities in package comment templates.Lukas Fleischer2-3/+3
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-24Bump up default per-page value to 50Dan McGee1-1/+1
25 is woefully small for the number of packages many searches can return, and with 28000+ packages in AUR, it makes sense to show a lot more per page by default. The new choices of (50, 100, 250) happen to match those from the main site. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-15Fix main site package search URLDan McGee1-2/+2
I've been wanting to kill this one for a long time. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-11Fix XSS vulnerability in package search results and package details.Lukas Fleischer2-10/+10
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-11Fix broken XHTML.Lukas Fleischer9-108/+114
Fix a lot of invalid XHTML in the templates and actions. There might still be some legacy code left, but this should cover most of it. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-10More PHP Notice undefined fixupsDan McGee1-1/+5
Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-04Fix outdated link in My Statistics paneDan McGee1-1/+1
Regression introduced in commit c39183c3ee7eb1. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-04Remove dead dependency/required by link codeDan McGee1-24/+7
For some reason we were doing this song and dance "iterate all the known parameters" business. This is totally unnecessary, clutters the links, and was spewing errors all over the place, so kill it. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-04Fix PHP notices in pkg_search_formDan McGee1-7/+7
If we were displaying this without coming from a previous query submit, notices were emitted all over the place. Fix them by adding an isset() first to each variable we try to access. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-04Fix PHP notice: requiredby arrayDan McGee1-3/+2
Required by query does not have a dep condition element. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-04Fix main site URLDan McGee1-2/+2
Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-04Small template cleanupDan McGee1-2/+1
Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-27Define "Packages.SubmitterUID" and "Packages.MaintainerUID" as "NULL".Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-22Add ability to search for non-out-of-date packages (fixes FS#17896).Lukas Fleischer1-5/+14
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-18Support for langauges written right-to-leftPyroPeter1-1/+1
Signed-off-by: PyroPeter <abi1789@googlemail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-18pkg_search_results: replace blind-table with floating divsPyroPeter1-60/+56
* I tried to remove errors in the sgml-structure e.g.: <div> <?php if (foo) { ?> </div> <?php } ?> * I did not remove or add code (except the <table> and <div> stuff, of cause). I only changed the order of the html/php-tags. * The bottom and top of the script are now properly indented. I did not indent the middle part (table of search results) because that would render the diff completely useless. Signed-off-by: PyroPeter <abi1789@googlemail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-17pkg_search_results: rewrite of paginationPyroPeter1-63/+14
* Most of the PHP-code was moved to pkgfuncs.php to keep the template simple. Signed-off-by: PyroPeter <abi1789@googlemail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-08Show submitter in package details (fixes FS#15488).Lukas Fleischer1-0/+11
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-01Drop PackageLocations table and referencesDan McGee3-18/+10
We don't need this anymore since all packages managed here are well...managed here. Rip out all of the places we were using this field, many of which depended on the magic value '2' anyway. On the display side of things, we had a column that was always showing 'unsupported' that is now gone, and you can no longer sort by this column. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-25Removed links to internal sources from package details.Lukas Fleischer1-3/+2
Tarball extraction code has been removed in commit ec0dfc27deb246ee7d7f19fd5290e499805869d2, so links to package sources contained in the source tarball itself will no longer be accessible through the AUR frontend. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-24Build URLs from package names (fixes FS#15308, FS#19327).Lukas Fleischer1-2/+3
Drop the "URLPath" field from the "Packages" table, build URLs from package names instead. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-20Implemented "First" and "Last" link for search results (fixes FS#15690).Lukas Fleischer1-0/+2
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-19Removed code for tarball extraction.Lukas Fleischer1-2/+3
Automatic tarball extraction was vulnerable in different ways. Users should also only use source tarballs to build packages, so this has been removed completely. From now on, only the PKGBUILD is extracted in a secure manner. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-19Do not overwrite package details when adding comments (fixes FS#22075).Lukas Fleischer1-1/+1
Ensure that the "$row" variable isn't overwritten in "web/template/pkg_comment_form.php" during sending mail notifications when adding a comment. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-19Make external links in comments clickable (FS#20137).Lukas Fleischer1-1/+1
Comments are now split at link boundaries and links are converted separately. I find this to be a much cleaner way than re-converting comments that have already been converted using htmlspecialchars(). This also doesn't require any callback procedure. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2010-11-21Auto redirect from confirmation screens.Dan Vratil2-15/+31
Finally move comment deletion and category editing into functions and remove pkgedit.php Signed-off-by: Loui Chang <louipc.ist@gmail.com> -Fix indentation -Fix variable naming conflict $id vs $cid
2010-11-10Add timestamp when a package is flagged out-of-date (FS#20848).Lukas Fleischer3-4/+5
Signed-off-by: Loui Chang <louipc.ist@gmail.com> - resolve conflict and omit i18n changes.
2010-11-03TU: Use htmlspecialchars instead of htmlentities.Loui Chang2-6/+2
Let the utf8 shine through. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-10-08Modify some strings for translation.Loui Chang1-2/+2
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-10-03Fix columns headers visibilityManuel Tortosa1-2/+2
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-08-20pkg_search_form: Properly call translation function to translate strings.Loui Chang1-9/+9
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-08-12Fix the search-button to allow captions wider than 80px (e.g. in german ↵PyroPeter1-2/+2
translation) Change width to min-width. - Loui Signed-off-by: PyroPeter <abi1789@googlemail.com> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-08-01header.php: Add missing closing </li> tag.Loui Chang1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-07-23Header and navbar consistent with Arch site redesignDenis Kobozev1-36/+33
-- Loui Chang Change is_tu to check_user_privileges Change div#archdev-navbar style Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-07-02Confirmation when deleting packagesLukas Fleischer2-0/+5
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-06-05Remove mystery code.Loui Chang1-1/+0
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-06-05Add sorting by "Voted" and "Notify" fieldsLukas Fleischer2-3/+7
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-04-15pkg_comments: Only display 10 comments by default.Loui Chang1-1/+11
Add a mechanism to view all comments. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2010-04-15add search only by nameAndrea Scarpino1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-12-08header.php: Remove lingering </li> tag.Loui Chang1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-24Change legend style and default font size.Loui Chang1-3/+2
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-24Restyle the layout.Loui Chang2-35/+25
Make HTML markup more logical. Remove some unused style sheets rules. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-23tu: Bring Trusted User interface in line with the rest of the site.Loui Chang2-18/+5
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-23login_form: Change 'Forgot Password' to translatable string.Loui Chang1-2/+2
Also change layout and styling. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-13Implement 'Password Reset' facility (FS#3061)Evangelos Foutras1-1/+1
This works by adding a new field to the 'Users' table called 'ResetKey', which is a 32 characters long, random string. When the user requests a password reset, a new 'reset key' is generated and sent to the user's e-mail address in the form of a link in the following format: http://aur.archlinux.org/passreset.php?resetkey=<reset key> When the above link is followed, the user is presented with a form to verify his/her e-mail address and specify the new desired password. If the e-mail address matches the reset key in the database, the new password is assigned to the account. If there is an error, a relevant message is displayed and the user is prompted to re-enter the required information. Upon successful completion of this procedure, the ResetKey field in the database is blanked and the specific key cannot be reused. One SQL query is needed to add the ResetKey field to the 'Users' table: ALTER TABLE `Users` ADD `ResetKey` CHAR(32) NOT NULL DEFAULT ''; Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-10-26pkg_search_results: Translate special characters to html entities.Loui Chang1-1/+1
Reported-by: Cedric Staniewski <cedric@gmx.ca> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-10-26pkg_details: Translate special characters to html entities in package ↵Loui Chang1-1/+1
description. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-09-28Change rss2.php references to rss.phpLoui Chang2-2/+2
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-08-26remove communitySergej Pupykin3-27/+0
Signed-off-by: Loui Chang <louipc.ist@gmail.com>