<?php set_include_path(get_include_path() . PATH_SEPARATOR . '../lib' . PATH_SEPARATOR . '../lang'); include("aur.inc"); # access AUR common functions include("pkgfuncs.inc"); # package specific functions include("search_po.inc"); # use some form of this for i18n support set_lang(); # this sets up the visitor's language check_sid(); # see if they're still logged in # set the title to something useful depending on # what "page" we're on # if (isset($_GET['ID'])) { $id = pkgname_from_id($_GET['ID']); if (!empty($id)) { $title = $id; } } else if (!empty($_GET['K'])) { $title = "Search: " . $_GET['K']; } else { $title = __("Packages"); } html_header($title); # print out the HTML header # get login privileges # if (isset($_COOKIE["AURSID"])) { # Only logged in users can do stuff # $atype = account_from_sid($_COOKIE["AURSID"]); } else { $atype = ""; } # grab the list of Package IDs to be operated on # isset($_POST["IDs"]) ? $ids = $_POST["IDs"] : $ids = array(); #isset($_REQUEST["All_IDs"]) ? # $all_ids = explode(":", $_REQUEST["All_IDs"]) : # $all_ids = array(); # determine what button the visitor clicked # if ($_POST['action'] == "do_Flag" || isset($_POST['do_Flag'])) { if (!$atype) { print __("You must be logged in before you can flag packages."); print "<br />\n"; } else { if (!empty($ids)) { $dbh = db_connect(); # Flag the packages in $ids array # $first = 1; while (list($pid, $v) = each($ids)) { if ($first) { $first = 0; $flag = $pid; } else { $flag .= ", ".$pid; } } $q = "UPDATE Packages SET OutOfDate = 1 "; $q.= "WHERE ID IN (" . $flag . ")"; db_query($q, $dbh); print "<p>\n"; print __("The selected packages have been flagged out-of-date."); print "</p>\n"; # notification by tardo. $f_name = username_from_sid($_COOKIE['AURSID']); $f_email = email_from_sid($_COOKIE['AURSID']); $f_uid = uid_from_sid($_COOKIE['AURSID']); $q = "SELECT Packages.Name, Users.Email, Packages.ID "; $q.= "FROM Packages, Users "; $q.= "WHERE Packages.ID IN (" . $flag .") "; $q.= "AND Users.ID = Packages.MaintainerUID "; $q.= "AND Users.ID != " . $f_uid; $result = db_query($q, $dbh); if (mysql_num_rows($result)) { while ($row = mysql_fetch_assoc($result)) { # construct email $body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . ". You may view your package at:\nhttp://aur.archlinux.org/packages.php?do_Details=1&ID=" . $row['ID']; $body = wordwrap($body, 70); $headers = "To: ".$row['Email']."\nReply-to: nobody@archlinux.org\nFrom:aur-notify@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: Produced By AUR\n"; @mail(' ', "AUR Out-of-date Notification for ".$row['Name'], $body, $headers); } } } else { print "<p>\n"; print __("You did not select any packages to flag."); print "</p>\n"; } } } elseif ($_POST['action'] == "do_UnFlag" || isset($_POST['do_UnFlag'])) { if (!$atype) { print __("You must be logged in before you can unflag packages."); print "<br />\n"; } else { if (!empty($ids)) { $dbh = db_connect(); # Un-Flag the packages in $ids array # $first = 1; while (list($pid, $v) = each($ids)) { if ($first) { $first = 0; $unflag = $pid; } else { $unflag .= ", ".$pid; } } $q = "UPDATE Packages SET OutOfDate = 0 "; $q.= "WHERE ID IN (" . $unflag . ")"; db_query($q, $dbh); print "<p>\n"; print __("The selected packages have been unflagged."); print "</p>\n"; } else { print "<p>\n"; print __("You did not select any packages to unflag."); print "</p>\n"; } } } elseif ($_POST['action'] == "do_Disown" || isset($_POST['do_Disown'])) { if (!$atype) { print __("You must be logged in before you can disown packages."); print "<br />\n"; } else { # Disown the packages in $ids array # if (!empty($ids)) { $dbh = db_connect(); # Disown the packages in $ids array # $first = 1; while (list($pid, $v) = each($ids)) { if ($first) { $first = 0; $disown = $pid; } else { $disown .= ", ".$pid; } } $field = "MaintainerUID"; $q = "UPDATE Packages "; $q.= "SET ".$field." = 0 "; $q.= "WHERE ID IN (" . $disown . ") "; # If a user is a TU or dev they can disown any package if ($atype == "User") { $q.= "AND ".$field." = ".uid_from_sid($_COOKIE["AURSID"]); } db_query($q, $dbh); print "<p>\n"; print __("The selected packages have been disowned."); print "</p>\n"; } else { print "<p>\n"; print __("You did not select any packages to disown."); print "</p>\n"; } } } elseif ($_POST['action'] == "do_Delete" || isset($_POST['do_Delete'])) { if (!$atype) { print __("You must be logged in before you can disown packages."); print "<br />\n"; } else { # Delete the packages in $ids array (but only if they are Unsupported) # if (!empty($ids)) { $dbh = db_connect(); # Delete the packages in $ids array # $first = 1; while (list($pid, $v) = each($ids)) { if ($first) { $first = 0; $delete = $pid; } else { $delete .= ", ".$pid; } } $field = "MaintainerUID"; # Only grab Unsupported packages that "we" own or are not owned at all # $ids_to_delete = array(); $q = "SELECT Packages.ID FROM Packages, PackageLocations "; $q.= "WHERE Packages.ID IN (" . $delete . ") "; $q.= "AND Packages.LocationID = PackageLocations.ID "; $q.= "AND PackageLocations.Location = 'unsupported' "; # If they're a TU or dev, can always delete, otherwise check ownership # if ($atype == "Trusted User" || $atype == "Developer") { $result = db_query($q, $dbh); } if ($result != Null && mysql_num_rows($result) > 0) { while ($row = mysql_fetch_assoc($result)) { $ids_to_delete[] = $row['ID']; } } if (!empty($ids_to_delete)) { # These are the packages that are safe to delete # foreach ($ids_to_delete as $id) { # delete from PackageVotes $q = "DELETE FROM PackageVotes WHERE PackageID = " . $id; $result = db_query($q, $dbh); # delete from PackageDepends $q = "DELETE FROM PackageDepends WHERE PackageID = " . $id; $result = db_query($q, $dbh); # delete from PackageSources $q = "DELETE FROM PackageSources WHERE PackageID = " . $id; $result = db_query($q, $dbh); # delete from PackageComments $q = "DELETE FROM PackageComments WHERE PackageID = " . $id; $result = db_query($q, $dbh); # delete from Packages $q = "DELETE FROM Packages WHERE ID = " . $id; $result = db_query($q, $dbh); # delete from CommentNotify $q = "DELETE FROM CommentNotify WHERE PkgID = " . $id; $result = db_query($q, $dbh); # Print the success message print "<p>\n"; print __("The selected packages have been deleted."); print "</p>\n"; } } else { print "<p>\n"; print __("None of the selected packages could be deleted."); print "</p>\n"; } # end if (!empty($ids_to_delete)) } else { print "<p>\n"; print __("You did not select any packages to delete."); print "</p>\n"; } # end if (!empty($ids)) } # end if (!atype) } elseif ($_POST['action'] == "do_Adopt" || isset($_POST['do_Adopt'])) { if (!$atype) { print __("You must be logged in before you can adopt packages."); print "<br />\n"; } else { # Adopt the packages in $ids array # if (!empty($ids)) { $dbh = db_connect(); # Adopt the packages in $ids array # $first = 1; while (list($pid, $v) = each($ids)) { if ($first) { $first = 0; $adopt = $pid; } else { $adopt .= ", ".$pid; } } $field = "MaintainerUID"; # NOTE: Only "orphaned" packages can be adopted at a particular # user class (TU/Dev or User). # $q = "UPDATE Packages "; $q.= "SET ".$field." = ".uid_from_sid($_COOKIE["AURSID"])." "; $q.= "WHERE ID IN (" . $adopt . ") "; if ($atype == "User") { # Regular users may only adopt orphan packages from unsupported # FIXME: We assume that LocationID for unsupported is "2" $q.= "AND ".$field." = 0"; $q.= " AND LocationID = 2"; } db_query($q, $dbh); print "<p>\n"; print __("The selected packages have been adopted."); print "</p>\n"; } else { print "<p>\n"; print __("You did not select any packages to adopt."); print "</p>\n"; } } } elseif ($_POST['action'] == "do_Vote" || isset($_POST['do_Vote'])) { if (!$atype) { print __("You must be logged in before you can vote for packages."); print "<br />\n"; } else { # vote on the packages in $ids array. # if (!empty($ids)) { $dbh = db_connect(); $my_votes = pkgvotes_from_sid($_COOKIE["AURSID"]); $uid = uid_from_sid($_COOKIE["AURSID"]); # $vote_ids will contain the string of Package.IDs that # the visitor hasn't voted for already # $first = 1; while (list($pid, $v) = each($ids)) { if (!isset($my_votes[$pid])) { # cast a vote for this package # if ($first) { $first = 0; $vote_ids = $pid; $vote_clauses = "(".$uid.", ".$pid.")"; } else { $vote_ids .= ", ".$pid; $vote_clauses .= ", (".$uid.", ".$pid.")"; } } } # only vote for packages the user hasn't already voted for # $q = "UPDATE Packages SET NumVotes = NumVotes + 1 "; $q.= "WHERE ID IN (".$vote_ids.")"; db_query($q, $dbh); $q = "INSERT INTO PackageVotes (UsersID, PackageID) VALUES "; $q.= $vote_clauses; db_query($q, $dbh); # Update the LastVoted field for this user # $q = "UPDATE Users SET LastVoted = UNIX_TIMESTAMP() "; $q.= "WHERE ID = ".$uid; db_query($q, $dbh); print "<p>\n"; print __("Your votes have been cast for the selected packages."); print "</p>\n"; } else { print "<p>\n"; print __("You did not select any packages to vote for."); print "</p>\n"; } } } elseif ($_POST['action'] == "do_UnVote" || isset($_POST['do_UnVote'])) { if (!$atype) { print __("You must be logged in before you can un-vote for packages."); print "<br />\n"; } else { # un-vote on the packages in $ids array. # if (!empty($ids)) { $dbh = db_connect(); $my_votes = pkgvotes_from_sid($_COOKIE["AURSID"]); $uid = uid_from_sid($_COOKIE["AURSID"]); # $unvote_ids will contain the string of Package.IDs that # the visitor has voted for and wants to unvote. # $first = 1; while (list($pid, $v) = each($ids)) { if (isset($my_votes[$pid])) { # cast a un-vote for this package # if ($first) { $first = 0; $unvote_ids = $pid; } else { $unvote_ids .= ", ".$pid; } } } # only un-vote for packages the user has already voted for # $q = "UPDATE Packages SET NumVotes = NumVotes - 1 "; $q.= "WHERE ID IN (".$unvote_ids.")"; db_query($q, $dbh); $q = "DELETE FROM PackageVotes WHERE UsersID = ".$uid." "; $q.= "AND PackageID IN (".$unvote_ids.")"; db_query($q, $dbh); print "<p>\n"; print __("Your votes have been removed from the selected packages."); print "</p>\n"; } else { print "<p>\n"; print __("You did not select any packages to un-vote for."); print "</p>\n"; } } } elseif (isset($_GET["ID"])) { if (!intval($_GET["ID"])) { print __("Error trying to retrieve package details.")."<br />\n"; } else { package_details($_GET["ID"], $_COOKIE["AURSID"]); } } elseif ($_POST['action'] == "do_Notify" || isset($_POST['do_Notify'])) { # I realize that the implementation here seems a bit convoluted, but we want to # ensure that everything happens as it should, even if someone called this page # without having clicked a button somewhere (naughty naughty). This also leaves # room to someday expand and allow to add oneself to multiple lists at once. -SL if (!$atype) { print __("You must be logged in before you can get notifications on comments."); print "<br />\n"; } else { if (!empty($ids)) { $dbh = db_connect(); $uid = uid_from_sid($_COOKIE["AURSID"]); # There currently shouldn't be multiple requests here, but the format in which # it's sent requires this while (list($pid, $v) = each($ids)) { $q = "SELECT Name FROM Packages WHERE ID = " . $pid; $pkgname = mysql_result(db_query($q, $dbh), 0); $q = "SELECT * FROM CommentNotify WHERE UserID = ".$uid; $q.= " AND PkgID = ".$pid; if (!mysql_num_rows(db_query($q, $dbh))) { $q = "INSERT INTO CommentNotify (PkgID, UserID) VALUES (".$pid.', '.$uid.')'; db_query($q, $dbh); print '<p>'; print __("You have been added to the comment notification list for %s.", array("<b>" . $pkgname . "</b>")); print '<br /></p>'; } else { $q = "DELETE FROM CommentNotify WHERE PkgID = ".$pid; $q.= " AND UserID = ".$uid; db_query($q, $dbh); print '<p>'; print __("You have been removed from the comment notification list for %s.", array("<b>" . $pkgname . "</b>")); print '<br /></p>'; } } } else { print '<p>'; print __("Couldn't add to notification list."); print '<br /></p>'; } } } else { # just do a search # pkg_search_page($_COOKIE["AURSID"]); } html_footer(AUR_VERSION); ?>