\n"; html_footer(AUR_VERSION); exit(); } # Must know what package to operate on throughout this entire script # if (!$_REQUEST["ID"]) { print __("Missing package ID."); print "
\n"; html_footer(AUR_VERSION); } # Delete a comment for this package # if ($_REQUEST["del_Comment"]) { if ($_REQUEST["comment_id"]) { if (canDeleteComment($_REQUEST["comment_id"], $atype, $_COOKIE["AURSID"])) { $dbh = db_connect(); $uid = uid_from_sid($_COOKIE["AURSID"]); $q = "UPDATE PackageComments "; $q.= "SET DelUsersID = ".$uid." "; $q.= "WHERE ID = ".intval($_REQUEST["comment_id"]); db_query($q, $dbh); print __("Comment has been deleted.")."
\n"; } else { print __("You are not allowed to delete this comment.")."
\n"; } } else { print __("Missing comment ID.")."
\n"; } html_footer(AUR_VERSION); exit(); } # Add a comment to this package # if ($_REQUEST["add_Comment"]) { if ($_REQUEST["comment"]) { # Insert the comment # $dbh = db_connect(); $q = "INSERT INTO PackageComments "; $q.= "(PackageID, UsersID, Comments, CommentTS) VALUES ("; $q.= intval($_REQUEST["ID"]).", ".uid_from_sid($_COOKIE["AURSID"]) . ", "; $q.= "'".mysql_real_escape_string($_REQUEST["comment"])."', "; $q.= "UNIX_TIMESTAMP())"; db_query($q, $dbh); print __("Comment has been added."); # Send email notifications # $q = "SELECT CommentNotify.*, Users.Email "; $q.= "FROM CommentNotify, Users "; $q.= "WHERE Users.ID = CommentNotify.UserID "; $q.= "AND CommentNotify.UserID != ".uid_from_sid($_COOKIE["AURSID"])." "; $q.= "AND CommentNotify.PkgID = ".intval($_REQUEST["ID"]); $result = db_query($q, $dbh); $bcc = array(); if (mysql_num_rows($result)) { while ($row = mysql_fetch_assoc($result)) { array_push($bcc, $row['Email']); } $q = "SELECT Packages.Name "; $q.= "FROM Packages "; $q.= "WHERE Packages.ID = ".intval($_REQUEST["ID"]); $result = db_query($q, $dbh); $row = mysql_fetch_assoc($result); #TODO: native language emails for users, based on their prefs # Simply making these strings translatable won't work, users would be # getting emails in the language that the user who posted the comment was in $body = "A comment has been added to ".$row['Name']." by " . username_from_sid($_COOKIE["AURSID"]) . ", you may view it at:\nhttp://aur.archlinux.org/packages.php?ID=".$_REQUEST["ID"]."\n\n\"" . $_POST['comment'] . "\"\n\n---\nYou received this e-mail because you chose to receive notifications of new comments on this package, if you no longer wish to recieve notifications about this package, please go the the above package page and click the UnNotify button."; $body = wordwrap($body, 70); $bcc = implode(', ', $bcc); $headers = "Bcc: $bcc\nReply-to: nobody@archlinux.org\nFrom:aur-notify@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: Produced By AUR\n"; @mail(' ', "AUR Comment Notification for ".$row['Name'], $body, $headers); } } else { # Prompt visitor for comment # print "
\n"; print "
\n"; print "\n"; print "\n"; print __("Enter your comment below.")."
 
\n"; print "\n"; print "
 
\n"; print "\n"; print "\n"; print "
\n"; print "
\n"; } html_footer(AUR_VERSION); exit(); } # Change package category # if ($_REQUEST["change_Category"]) { $cat_array = pkgCategories(); $dbh = db_connect(); if ($_REQUEST["category_id"]) { # Try and set the requested category_id # if (array_key_exists($_REQUEST["category_id"], $cat_array)) { $q = "UPDATE Packages SET CategoryID = ".intval($_REQUEST["category_id"]); $q.= " WHERE ID = ".intval($_REQUEST["ID"]); db_query($q, $dbh); print __("Package category updated.")."
\n"; } else { print __("Invalid category ID.")."
\n"; } } else { # Prompt visitor for new category_id # $q = "SELECT CategoryID FROM Packages WHERE ID = ".intval($_REQUEST["ID"]); $result = db_query($q, $dbh); if ($result != NULL) { $catid = mysql_fetch_row($result); } print "
\n"; print "\n"; print "\n"; print __("Select new category").": \n"; print "\n"; print "
 
\n"; print "\n"; print "\n"; print "
\n"; } html_footer(AUR_VERSION); exit(); } print __("You've found a bug if you see this....")."
\n"; html_footer(AUR_VERSION);