Age | Commit message (Collapse) | Author | Files | Lines |
|
This field has been renamed in a revision of the .AURINFO format.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Do not remove parentheses from the pkgname to make sure the split
package detection works properly.
Also, fix a regression introduced in 4bb6e88 (pkgsubmit.php: Simplify
package name validation, 2013-03-05) that resulted in the split package
error message never showing up.
Fixes FS#37496.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
According to Trusted User Bylaws, TUs (and only TUs) must take part in
votes. Developers who want to take part in votes should set their account
type to 'Trusted User'.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
* Use the "errorlist" class for errors.
* Refactor some code.
* Properly display error messages when requesting a key.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Currently, one has to press enter twice in order to submit the package
search form with typeahead completion. Add a workaround to fix this.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Directly jump to the package details when selecting an entry from the
drop-down list.
Implements FS#34471.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
* Changes adopting/disowning packages to use GET instead of POST
* Uses CSS to make form submit button look like a link
* Complements commit 3bc951e3d87eaf692a7e47cf16a28d838c7cb2bd
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Instead of showing a table with a single "No results found." entry, do
not show the table at all and display the text "No results found." in a
<p></p> container.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
The page this links to allows for adding an item to the list of current
votes. Move the link accordingly.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Do not show users that took part in past TU votes but no longer have TU
powers. Also, fix the sorting column while we're touching these lines.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Checking whether to add a comment is something that really does not
belong to a function named display_package_details().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Avoid showing a POST data resubmission dialog and simply redirect to the
package page if a package action completed successfully.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Change the return values of following functions to return both
error/success and an error/success message:
* pkg_flag()
* pkg_unflag()
* pkg_adopt()
* pkg_vote()
* pkg_delete()
* pkg_notify()
* pkg_delete_comment()
* pkg_change_category()
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Showing running votes potentially allows for tracking votes and
associating yes/no/abstain votes with specific TUs.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Instead of defaulting to Català (which is the first entry in the list of
supported languages), choose whatever language the unregistered user is
browsing the AUR in.
Fixes FS#34825.
Suggested-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
We fixed all known CRSF vulnerabilities in commit 2c93f0a (Implement
token system to fix CSRF vulnerabilities, 2012-06-23). c349cb2 (Add
virtual path support for package actions, 2012-07-17) partly reverted
this by injecting a valid CRSF token when virtual paths are in use.
This patch allows for keeping the virtual path feature, while
reintroducing POST forms and CRSF tokens. Actions like package flagging,
votes and notifications are no longer prone to CRSF (see FS#35437 for
details).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Use forms and POST instead of GET for following actions:
* Flagging/Unflagging a package out-of-date
* Voting for a package and removing votes
* Enabling/Disabling notifications
Use CSS to make the submit buttons of these forms look like links.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Do not divide by zero if the number of active TUs is unknown.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
These are navigation links and do not belong to the action box.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This shows a list of all Trusted Users and the vote ID of the last
proposal each of the TUs voted on. This list is sorted by vote ID.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This adds an field that indicates whether the vote was accepted or
rejected, based on the rules specified in the TU Bylaws.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Compute the total number of votes and the participation at the beginning
of the template instead of doing it inside the template itself.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
There are only four valid reasons for starting a TU vote, so instead of
letting the user choose a vote length, let her pick a reason and set
vote length and quorum based on that selection.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This is calculated by dividing the sum of all votes by the total number
of TUs (where the number of TUs is measured when the vote starts).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This will be used for automated calculation of vote participation later.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This adds a field to the users table and corresponding fields to the
account edit and display forms that allow for setting an (in-)activity
status.
This might turn out to be useful if a user is on vacation and can not
respond to update/orphan/deletion requests.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
|
|
This resolves issues with backwards incompatible changes to
pack/unpack in php 5.5:
http://www.php.net/manual/de/migration55.incompatible.php
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
The search_accounts_form() wrapper function doesn't have any
arguments and only makes it unclear what is happening within
account.php
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Fixes FS#34508
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
A user might have an empty password due to two reasons:
* The user just created an account and needs to set an initial password.
* The password has been reset by the administrator.
In both cases, the user might be confused as to why the login does not
work. Add a message that helps users debug the issue in both cases.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Adds a new is_ipbanned() function to determine whether the user
attempting to login or register for an account has their IP
address listed in the "Bans" table.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
We already display the 404 error page if someone tries to access an
invalid package via virtual URLs ("/packages/nonexistent"). Add the same
check to "web/html/packages.php" to make sure the same error is shown if
a user requests package details of a nonexistent package ID via legacy
URLs ("/packages.php?ID=-1").
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Save the IP address used for the last login in the "Users" table. This
makes it a bit easier to create IP ban lists for spammers without
looking at web server logs.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Remove the password field from the account creation form and always send
a password reset request via e-mail instead. This ensures that only
users with valid e-mail addresses are able to login.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
If an empty password is passed during account registration, login for
the new user is disabled and a reset key is sent to the new user's
e-mail address so that they can set an initial password manually.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
This allows for reusing reset key submission for other things, such as
sending an initial password reset code during account registration.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Connor Behan <connor.behan@gmail.com>
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|
|
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
|