<?php include_once("pkgfuncs_po.inc"); include_once("config.inc"); # define variables used during pkgsearch # $pkgsearch_vars = array("O", "L", "C", "K", "SB", "SO", "PP", "do_MyPackages", "do_Orphans", "SeB"); # print out the 'return to package details' link # function pkgdetails_link($id=0) { $url_data = "<a href='/packages.php?do_Details=1&ID=".intval($id)."'>"; print __("Go back to %hpackage details view%h.", array($url_data, "</a>")); print "\n<br />\n"; return; } # print out the 'return to search results' link # function pkgsearch_results_link() { global $_REQUEST; global $pkgsearch_vars; $url_data = "<a href='/packages.php?do_Search=1"; while (list($k, $var) = each($pkgsearch_vars)) { if (($var == "do_MyPackages" || $var == "do_Orphans") && $_REQUEST[$var]) { $url_data.="&".$var."=1"; } else { $url_data.="&".$var."=".rawurlencode(stripslashes($_REQUEST[$var])); } } $url_data .= "'>"; print __("Go back to %hsearch results%h.", array($url_data, "</a>")); print "\n<br />\n"; return; } # Make sure this visitor can delete the requested package comment # They can delete if they were the comment submitter, or if they are a TU/Dev # function canDeleteComment($comment_id=0, $atype="", $SID="") { if ($atype == "Trusted User" || $atype == "Developer") { # A TU/Dev can delete any comment # return TRUE; } $uid = uid_from_sid($SID); $dbh = db_connect(); $q = "SELECT COUNT(ID) AS CNT "; $q.= "FROM PackageComments "; $q.= "WHERE ID = " . intval($comment_id); $q.= " AND UsersID = " . $uid; $result = db_query($q, $dbh); if ($result != NULL) { $row = mysql_fetch_assoc($result); if ($row['CNT'] > 0) { return TRUE; } } return FALSE; } # see if this Users.ID can manage the package # function canManagePackage($uid=0,$AURMUID=0, $MUID=0, $SUID=0, $managed=0) { if (!$uid) {return 0;} # The uid of the TU/Dev that manages the package # if ($uid == $AURMUID) {return 1;} # If the package isn't maintained by a TU/Dev, is this the user-maintainer? # if ($uid == $MUID && !$managed) {return 1;} # If the package isn't maintained by a TU/Dev, is this the user-submitter? # if ($uid == $SUID && !$managed) {return 1;} # otherwise, no right to manage this package # return 0; } # grab the current list of PackageCategories # function pkgCategories() { $cats = array(); $dbh = db_connect(); $q = "SELECT * FROM PackageCategories WHERE ID != 1 "; $q.= "ORDER BY Category ASC"; $result = db_query($q, $dbh); if ($result) { while ($row = mysql_fetch_row($result)) { $cats[$row[0]] = $row[1]; } } return $cats; } # grab the current list of PackageLocations # function pkgLocations() { $locs = array(); $dbh = db_connect(); $q = "SELECT * FROM PackageLocations WHERE ID != 1 "; $q.= "ORDER BY Location ASC"; $result = db_query($q, $dbh); if ($result) { while ($row = mysql_fetch_row($result)) { $locs[$row[0]] = $row[1]; } } return $locs; } # check to see if the package name exists # function package_exists($name="") { if (!$name) {return NULL;} $dbh = db_connect(); $q = "SELECT ID FROM Packages "; $q.= "WHERE Name = '".mysql_real_escape_string($name)."' "; $q.= "AND DummyPkg = 0"; $result = db_query($q, $dbh); if (!$result) {return NULL;} $row = mysql_fetch_row($result); return $row[0]; } # grab package dependencies # function package_dependencies($pkgid=0) { $deps = array(); if ($pkgid) { $dbh = db_connect(); $q = "SELECT DepPkgID, Name, DummyPkg, DepCondition FROM PackageDepends, Packages "; $q.= "WHERE PackageDepends.DepPkgID = Packages.ID "; $q.= "AND PackageDepends.PackageID = ".mysql_real_escape_string($pkgid); $q.= " ORDER BY Name"; $result = db_query($q, $dbh); if (!$result) {return array();} while ($row = mysql_fetch_row($result)) { $deps[] = $row; } } return $deps; } # reverse deps by tardo # function package_required($pkgid=0) { $deps = array(); if ($pkgid) { $dbh = db_connect(); $q = "SELECT PackageID, Name, DummyPkg from PackageDepends, Packages "; $q.= "WHERE PackageDepends.PackageID = Packages.ID "; $q.= "AND PackageDepends.DepPkgID = "; $q.= mysql_real_escape_string($pkgid); $result = db_query($q, $dbh); if (!$result) {return array();} while ($row = mysql_fetch_row($result)) { $deps[] = $row; } } return $deps; } # create a dummy package and return it's Packages.ID if it already exists, # return the existing ID # function create_dummy($pname="", $sid="") { if ($pname && $sid) { $uid = uid_from_sid($sid); if (!$uid) {return NULL;} $dbh = db_connect(); $q = "SELECT ID FROM Packages WHERE Name = '"; $q.= mysql_real_escape_string($pname)."'"; $result = db_query($q, $dbh); if (!mysql_num_rows($result)) { # Insert the dummy # $q = "INSERT INTO Packages (Name, Description, URL, SubmittedTS, "; $q.= "SubmitterUID, DummyPkg) VALUES ('"; $q.= mysql_real_escape_string($pname)."', 'A dummy package', '/#', "; $q.= "UNIX_TIMESTAMP(), ".$uid.", 1)"; $result = db_query($q, $dbh); if (!$result) { return NULL; } return mysql_insert_id($dbh); } else { $data = mysql_fetch_row($result); return $data[0]; } } return NULL; } # grab package comments # function package_comments($pkgid=0) { $comments = array(); if ($pkgid) { $dbh = db_connect(); $q = "SELECT PackageComments.ID, UserName, UsersID, Comments, CommentTS "; $q.= "FROM PackageComments, Users "; $q.= "WHERE PackageComments.UsersID = Users.ID"; $q.= " AND PackageID = ".mysql_real_escape_string($pkgid); $q.= " AND DelUsersID = 0"; # only display non-deleted comments $q.= " ORDER BY CommentTS DESC"; $result = db_query($q, $dbh); if (!$result) {return array();} while ($row = mysql_fetch_assoc($result)) { $comments[] = $row; } } return $comments; } # grab package sources # function package_sources($pkgid=0) { $sources = array(); if ($pkgid) { $dbh = db_connect(); $q = "SELECT Source FROM PackageSources "; $q.= "WHERE PackageID = ".mysql_real_escape_string($pkgid); $q.= " ORDER BY Source"; $result = db_query($q, $dbh); if (!$result) {return array();} while ($row = mysql_fetch_row($result)) { $sources[] = $row[0]; } } return $sources; } # grab array of Package.IDs that I've voted for: $pkgs[1234] = 1, ... # function pkgvotes_from_sid($sid="") { $pkgs = array(); if (!$sid) {return $pkgs;} $dbh = db_connect(); $q = "SELECT PackageID "; $q.= "FROM PackageVotes, Users, Sessions "; $q.= "WHERE Users.ID = Sessions.UsersID "; $q.= "AND Users.ID = PackageVotes.UsersID "; $q.= "AND Sessions.SessionID = '".mysql_real_escape_string($sid)."'"; $result = db_query($q, $dbh); if ($result) { while ($row = mysql_fetch_row($result)) { $pkgs[$row[0]] = 1; } } return $pkgs; } # display package details # function package_details($id=0, $SID="") { global $_REQUEST; global $pkgsearch_vars; $q = "SELECT Packages.*,Location,Category "; $q.= "FROM Packages,PackageLocations,PackageCategories "; $q.= "WHERE Packages.LocationID = PackageLocations.ID "; $q.= "AND Packages.CategoryID = PackageCategories.ID "; $q.= "AND Packages.ID = ".intval($_REQUEST["ID"]); $dbh = db_connect(); $results = db_query($q, $dbh); if (!$results) { print __("Error retrieving package details.")."<br />\n"; } else { $row = mysql_fetch_assoc($results); if (empty($row)) { print __("Package details could not be found.")."<br />\n"; } else { # print out package details # print "<br />\n"; print "<center>\n"; print "<table cellspacing='3' class='boxSoft'>\n"; print "<tr>\n"; print " <td class='boxSoftTitle' align='right'>"; print "<span class='f3'>".__("Package Details")."</span></td>\n"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft'>\n"; print "<center>\n"; print "<table>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><span class='f2'>"; print $row["Name"] . " " . $row["Version"]."</span></td>\n"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><span class='f3'>"; print "<a href='".$row["URL"]."'>".$row["URL"]."</a></span></td>\n"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><span class='f3'>".$row["Description"]; print "</a></span></td>\n"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='30'></td>"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><span class='f3'>"; if ($row["Location"] == "unsupported" and ( uid_from_sid($SID) == $row["MaintainerUID"] or (account_from_sid($SID) == "Developer" or account_from_sid($SID) == "Trusted User"))) { $edit_cat = "<a href='/pkgedit.php?change_Category=1&ID="; $edit_cat .= intval($_REQUEST["ID"])."'>".$row["Category"]."</a>"; $edit_cat .= " <span class='fix'>("; $edit_cat .= __("change category").")</span>"; } else { $edit_cat = $row["Category"]; } print $row["Location"]." :: ".$edit_cat."</span></td>"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><span class='f3'>".__("Maintainer").": "; if ($row["MaintainerUID"]) { $maintainer = username_from_id($row["MaintainerUID"]); if ($SID) { print "<a href='/account.php?Action=AccountInfo&ID="; print $row["MaintainerUID"] . "'>"; print $maintainer . "</a></span></td>"; } else { print $maintainer . "</span></td>"; } } else { $maintainer = "None"; print $maintainer . "</span></td>"; } print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><span class='f3'>".__("Votes").": "; print $row["NumVotes"] . "</span></td>"; print "</tr>\n"; # In case of wanting to put a custom message $msg = __("unknown"); $license = $row["License"] == "" ? $msg : $row["License"]; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><br><span class='f3'>".__("License").": ".$license; print "</a></span></td>\n"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='15'></td>"; print "</tr>\n"; # Print the timestamps for last updates $updated_time = ($row["ModifiedTS"] == 0) ? "(unknown)" : gmdate("r", intval($row["ModifiedTS"])); $submitted_time = ($row["SubmittedTS"] == 0) ? "(unknown)" : gmdate("r", intval($row["SubmittedTS"])); print "<tr>\n"; print " <td class='boxSoft' colspan='2'>"; print "<span class='f3'>"; print __("Last Updated").": ".$updated_time."<br>"; print __("First Submitted").": ".$submitted_time; print "</span>"; print "</td>\n"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='15'></td>"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft' colspan='2'><span class='f3'>"; if ($row["LocationID"] == 2) { global $URL_DIR; $urlpath = $URL_DIR.$row["Name"]."/".$row["Name"]; print "<a href='$urlpath.tar.gz'>".__("Tarball")."</a> :: <a href='$urlpath'>".__("Files")."</a> :: <a href='$urlpath/PKGBUILD'>PKGBUILD</a></span></td>"; } elseif ($row["LocationID"] == 3) { print "<a href='http://cvs.archlinux.org/cgi-bin/viewcvs.cgi/" . $row["Category"] . "/" . $row["Name"] . "/?cvsroot=AUR&only_with_tag=CURRENT'>CVS</td>"; } print "</tr>\n"; if ($row["LocationID"] == 2) { print "<tr>\n"; print " <td colspan='2'>"; if ($row["Safe"]) { print "<span class='f7'>".__("The above files have been verified (by %h%s%h) and are safe to use.", array("<a href='/account.php?Action=AccountInfo&ID=".$row["VerifiedBy"]."'>", username_from_id($row["VerifiedBy"]), "</a>"))."</span></td>"; } else { print "<span class='f6'>".__("Be careful! The above files may contain malicious code that can damage your system.")."</span></td>"; } } if ($row["OutOfDate"] == 1) { print "\n<tr><td colspan='2'>"; print "<span class='f6'>".__("This package has been flagged out of date.")."</span></td></tr>"; } print "<tr>\n"; print " <td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='30'></td>"; print "</tr>\n"; print "<tr>\n"; print " <td valign='top' style='padding-right: 10'>"; print "<table class='boxSoft' style='width: 200px'>"; print "<tr><td class='boxSoftTitle'><span class='f3'>"; print __("Dependencies")."</span></td></tr>\n"; print "<tr><td class='boxSoft'>"; $deps = package_dependencies($row["ID"]); # $deps[0] = array('id','name', 'dummy'); while (list($k, $darr) = each($deps)) { $url = "<a href='/packages.php?do_Details=1&ID=".$darr[0]; while(list($k, $var) = each($pkgsearch_vars)) { if (($var == "do_MyPackages" || $var == "do_Orphans") && $_REQUEST[$var]) { $url .= "&".$var."=1"; } else { $url .= "&".$var."=".rawurlencode(stripslashes($_REQUEST[$var])); } } reset($pkgsearch_vars); // $darr[3] is the DepCondition if ($darr[2] == 0) print $url."'>".$darr[1].$darr[3]."</a><br />\n"; else print "<a href='#'>".$darr[1].$darr[3]."</a><br />\n"; } print "</td></tr>\n"; print "</table></td>"; # reverse-deps by tardo - could use some beautification print " <td valign='top'>"; print "<table class='boxSoft' style='width: 200px'>"; print "<tr><td class='boxSoftTitle'><span class='f3'>"; print __("Required by")."</span></td></tr>\n"; print "<tr><td class='boxSoft'>"; $deps = package_required($row["ID"]); while (list($k, $darr) = each($deps)) { $url = "<a href='/packages.php?do_Details=1&ID=".$darr[0]; while(list($k, $var) = each($pkgsearch_vars)) { if (($var == "do_MyPackages" || $var == "do_Orphans") && $_REQUEST[$var]) { $url .= "&".$var."=1"; } else { $url .= "&".$var."=".rawurlencode(stripslashes($_REQUEST[$var])); } } reset($pkgsearch_vars); // $darr[3] is the DepCondition if ($darr[2] == 0) print $url."'>".$darr[1].$darr[3]."</a><br />\n"; else print "<a href='#'>".$darr[1].$darr[3]."</a><br />\n"; } print "</td></tr>\n"; print "</table></td>"; print " <td valign='top'>"; print "<table class='boxSoft' style='width: 200px'>"; print "<tr><td class='boxSoftTitle'><span class='f3'>"; print __("Sources")."</span></td></tr>\n"; print "<tr><td class='boxSoft'>"; $sources = package_sources($row["ID"]); # $sources[0] = 'src'; while (list($k, $src) = each($sources)) { $parsed_url = parse_url($src); if ($parsed_url['scheme']) { //It is an external source print "<a href='".$src."'>".$src."</a><br />\n"; } else { //It is presumably an internal source if ($row["LocationID"] == 2) { print "<a href='".dirname($row['URLPath'])."/".$row['Name']; print "/".$src."'>".$src."</a><br />\n"; } elseif ($row["LocationID"] == 3) { print "<a href='http://cvs.archlinux.org/cgi-bin/viewcvs.cgi/*checkout*/".$row["Category"]."/".$row["Name"]."/".$src."/?rev=HEAD&cvsroot=AUR&only_with_tag=CURRENT'>"; print $src."</a><br />\n"; } } } print "</td></tr>\n"; print "</table></td>"; print "</tr>\n"; print "<tr>\n"; print " <td colspan='2'><img src='/images/pad.gif' height='2'>"; print "</td></tr>\n"; print "</table>\n"; print "</center>\n"; print " </td>\n"; print "</tr>\n"; print "</table><br />\n"; # Actions Bar # if ($SID) { print "<table cellspacing='3' class='boxSoft'>\n"; print "<tr><td class='boxSoftTitle' align='right'><span class='f3'>".__("Actions")."</span></td></tr>\n"; print "<tr>\n"; print "<td class='boxSoft'><form action='/packages.php' method='post'>\n"; print "<input type='hidden' name='IDs[".$row["ID"]."]' value='1'>\n"; print "<input type='hidden' name='ID' value='".$row["ID"]."'>\n"; # Voting Button # $q = "SELECT * FROM PackageVotes WHERE UsersID = ".uid_from_sid($SID); $q.= " AND PackageID = ".$row["ID"]; if (!mysql_num_rows(db_query($q, $dbh))) { print "<input type='submit' class='button' name='do_Vote'"; print " value='".__("Vote")."'>"; } else { print "<input type='submit' class='button' name='do_UnVote'"; print " value='".__("Un-Vote")."'>"; } # Comment Nofify Button # $q = "SELECT * FROM CommentNotify WHERE UserID = ".uid_from_sid($SID); $q.= " AND PkgID = ".$row["ID"]; if (!mysql_num_rows(db_query($q, $dbh))) { print "<input type='submit' class='button' name='do_Notify'"; print " value='".__("Notify")."' title='".__("New Comment Notification")."'>"; } else { print "<input type='submit' class='button' name='do_UnNotify'"; print " value='".__("UnNotify")."' title='".__("No New Comment Notification")."'>"; } # Flag Safe Button # if ($row["LocationID"] == 2 && (account_from_sid($SID) == "Trusted User" || account_from_sid($SID) == "Developer")) { if ($row["Safe"] == 0) { print "<input type='submit' class='button' name='do_FlagSafe'"; print " value='".__("Flag Safe")."' title='".__("Flag Package Safe To Use")."'>"; } else { print "<input type='submit' class='button' name='do_UnFlagSafe'"; print " value='".__("Unflag Safe")."' title='".__("Unflag Package Safe To Use")."'>"; } } if ($row["OutOfDate"] == 0) { print "<input type='submit' class='button' name='do_Flag'"; print " value='".__("Flag Out-of-date")."'>\n"; } else { print "<input type='submit' class='button' name='do_UnFlag'"; print " value='".__("Unflag Out-of-date")."'>\n"; } if ($row["AURMaintainerUID"] == 0 && $row["MaintainerUID"] == 0) { print "<input type='submit' class='button' name='do_Adopt'"; print " value='".__("Adopt Packages")."'>\n"; } if ($row["MaintainerUID"] == uid_from_sid($SID)) { print "<input type='submit' class='button' name='do_Disown'"; print " value='".__("Disown Packages")."'>\n"; } if ($row["MaintainerUID"] == uid_from_sid($SID) || account_from_sid($SID) == "Trusted User" || account_from_sid($SID) == "Developer") { print "<input type='submit' class='button' name='do_Delete'"; print " value='".__("Delete Packages")."'>\n"; } print "</form></td></tr>\n"; print "</table><br />\n"; } # Comments # print "<table cellspacing='3' class='boxSoft'>\n"; print "<tr><td class='boxSoftTitle' align='right'><span class='f3'>".__("Comments")."</span></td></tr>\n"; print "<tr>\n"; print "<td class='boxSoft'>"; print "<table width='100%'>\n"; $comments = package_comments($row["ID"]); if (!empty($comments)) { while (list($indx, $carr) = each($comments)) { print "<tr>\n"; print " <td class='boxSoft' colspan='2'>"; print "<img src='/images/pad.gif' height='2'></td></tr>\n"; print "<tr>\n"; print " <td valign='top' style='padding-right: 10' colspan='2'>"; print "<table class='boxSoft' width='100%'>"; print "<tr><td class='boxSoftTitle'><span class='f3'>"; if (canDeleteComment($carr["ID"], account_from_sid($SID), $SID)) { $durl = "<a href='/pkgedit.php?del_Comment=1"; $durl.= "&comment_id=".$carr["ID"]."&ID=".$row["ID"]; $durl.= "'><img src='/images/x.png' border='0'"; $durl.= " alt=\"".__("Delete comment")."\"></a>"; print $durl . " "; } if ($SID) { print __("Comment by: %h%s%h on %h%s%h", array("<a href='/account.php?Action=AccountInfo&ID=".$carr["UsersID"]."'><b>",$carr["UserName"],"</b></a>", "<i>",gmdate("Ymd [H:i:s]",$carr["CommentTS"]),"</i>")); } else { print __("Comment by: %h%s%h on %h%s%h", array("<b>",$carr["UserName"],"</b>", "<i>",gmdate("Ymd [H:i:s]",$carr["CommentTS"]),"</i>")); } print "</span>"; print "<tr><td class='boxSoft'>"; print "<code>\n"; print nl2br(htmlspecialchars($carr["Comments"])); print "</code>\n"; print "</td></tr>\n"; print "</table>\n"; print " </td>\n"; print "</tr>\n"; } } print "<tr>\n"; print " <td colspan='2'><img src='/images/pad.gif' height='2'>"; print "</td></tr>\n"; print "<tr>\n"; print " <td colspan='2'>"; print "<form action='/pkgedit.php' method='post'>\n"; print "<input type='hidden' name='ID' value='".$row["ID"]."'>\n"; print "<input type='submit' class='button' name='add_Comment' value=\""; print __("Add Comment")."\">"; print "</form>\n"; print " </td>"; print "</tr>\n"; print "</table>\n"; print "</td></tr></table>\n"; } } return; } # display the search form in a boxSoft style # function pkg_search_page($SID="") { global $_REQUEST; global $pkgsearch_vars; # SID: session id cookie $locs = pkgLocations(); $cats = pkgCategories(); $devs = getDevelopers(); $tus = getTrustedUsers(); $users = getUsers(); $dbh = db_connect(); # determine paging variables # $_REQUEST["PP"] ? $PP = intval($_REQUEST["PP"]) : $PP = 25; if ($PP < 25) {$PP = 25;} if ($PP > 100) {$PP = 100;} $_REQUEST["O"] ? $O = intval($_REQUEST["O"]) : $O = 0; if ($_REQUEST["do_More"]) { $O += $PP; } elseif ($_REQUEST["do_Less"]) { $O -= $PP; } if ($O < 0) { $O = 0; } if ($_REQUEST["do_Search"] && $_REQUEST["do_Search"] != 1) { # reset the offset to zero if they hit Go # $_REQUEST["do_MyPackages"] = 0; $_REQUEST["do_Orphans"] = 0; $O = 0; } if ($_REQUEST["do_MyPackages"] && $_REQUEST["do_MyPackages"] != 1) { # reset the offset to zero if they hit My Packages # $_REQUEST["do_Search"] = 0; $_REQUEST["do_Orphans"] = 0; $O = 0; } if ($_REQUEST["do_Orphans"] && $_REQUEST["do_Orphans"] != 1) { # reset the offset to zero if they hit Orphans # $_REQUEST["do_Search"] = 0; $_REQUEST["do_MyPackages"] = 0; $O = 0; } $_REQUEST["O"] = $O; # so that pkg_search_results() works # grab info for user if they're logged in # if ($SID) { $myuid = uid_from_sid($SID); $acct = account_from_sid($SID); $my_votes = pkgvotes_from_sid($SID); } # The search form # print "<form action='/packages.php' method='post'>\n"; print "<input type='hidden' name='O' value='".$O."'>\n"; print "<center>\n"; print "<table cellspacing='3' class='boxSoft'>\n"; print "<tr>\n"; print " <td class='boxSoftTitle' align='right'>\n"; print " <span class='f3'>".__("Search Criteria")."</span>\n"; print " </td>\n"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft'>\n"; print "<table style='width: 100%' align='center'>\n"; print "<tr>\n"; print "<td align='right'>\n"; print " <span class='f5'><span class='blue'>".__("Location"); print "</span></span><br />\n"; print " <select name='L'>\n"; print " <option value=0> ".__("Any")."\n"; while (list($id, $loc) = each($locs)) { if (intval($_REQUEST["L"]) == $id) { print " <option value=".$id." selected> ".$loc."\n"; } else { print " <option value=".$id."> ".$loc."\n"; } } print " </select>\n"; print "</td>\n"; print "<td align='right'>\n"; print " <span class='f5'><span class='blue'>".__("Category"); print "</span></span><br />\n"; print " <select name='C'>\n"; print " <option value=0> ".__("Any")."\n"; while (list($id, $cat) = each($cats)) { if (intval($_REQUEST["C"]) == $id) { print " <option value=".$id." selected> ".$cat."\n"; } else { print " <option value=".$id."> ".$cat."\n"; } } print " </select>\n"; print "</td>\n"; print "<td align='right'>\n"; print " <span class='f5'><span class='blue'>".__("Keywords"); print "</span></span><br />\n"; print " <input type='text' name='K' size='20'"; # Added to trim() to avoid the problem described in #6191 $K = trim(str_replace("\"", "", $_REQUEST["K"])); # TODO better testing for SQL trickery... print " value=\"".stripslashes($K)."\" maxlength='35'>\n"; print "</td>\n"; print "<td align='right'>\n"; print " <span class='f5'><span class='blue'>".__("Search by"); print "</span></span><br />\n"; print " <select name='SeB'>\n"; # by name/description print " <option value=nd"; $_REQUEST["SeB"] == "nd" ? print " selected> " : print "> "; print __("Name")."</option>\n"; # by maintainer print " <option value=m"; $_REQUEST["SeB"] == "m" ? print " selected> " : print "> "; print __("Maintainer")."</option>\n"; print " <option value=s"; $_REQUEST["SeB"] == "s" ? print " selected> " : print "> "; print __("Submitter")."</option>\n"; print " </select>\n"; print "</td>\n"; /* Status Safe-Unsafe */ # Added the code below to handle the safe package flag. # So we can search for then for 'all' packages, 'safe' # packages and 'unsafe' packages. print "<td align='right'>\n"; print " <span class='f5'><span class='blue'>".__("Status"); print "</span></span><br />\n"; print " <select name='PaS'>\n"; # Flagged Safe print " <option value=all"; $_REQUEST["PaS"] == "all" ? print " selected> " : print "> "; print __("All")."</option>\n"; # Flagged Safe print " <option value=fs"; $_REQUEST["PaS"] == "fs" ? print " selected> " : print "> "; print __("Safe")."</option>\n"; # Unflagged Safe print " <option value=us"; $_REQUEST["PaS"] == "us" ? print " selected> " : print "> "; print __("Unsafe")."</option>\n"; print " </select>\n"; print "</td>\n"; /* End of Package Status */ /* Sort by */ print "<td align='right'>\n"; print " <span class='f5'><span class='blue'>".__("Sort by"); print "</span></span><br />\n"; print " <select name='SB'>\n"; print " <option value=n"; $_REQUEST["SB"] == "n" ? print " selected> " : print "> "; print __("Name")."</option>\n"; print " <option value=c"; $_REQUEST["SB"] == "c" ? print " selected> " : print "> "; print __("Category")."</option>\n"; print " <option value=l"; $_REQUEST["SB"] == "l" ? print " selected> " : print "> "; print __("Location")."</option>\n"; print " <option value=v"; $_REQUEST["SB"] == "v" ? print " selected> " : print "> "; print __("Votes")."</option>\n"; print " <option value=m"; $_REQUEST["SB"] == "m" ? print " selected> " : print "> "; print __("Maintainer")."</option>\n"; print " <option value=a"; $_REQUEST["SB"] == "a" ? print " selected> " : print "> "; print __("Age")."</option>\n"; print " </select>\n"; print "</td>\n"; print "<td align='right'>\n"; print " <span class='f5'><span class='blue'>".__("Sort order"); print "</span></span><br />\n"; print " <select name='SO'>\n"; print " <option value=a"; $_REQUEST["SO"] == "a" ? print " selected> " : print "> "; print __("Ascending")."</option>\n"; print " <option value=d"; $_REQUEST["SO"] == "d" ? print " selected> " : print "> "; print __("Descending")."</option>\n"; print " </select>\n"; print "</td>\n"; /* End of Sort by */ print "<td align='right'>\n"; print " <span class='f5'><span class='blue'>".__("Per page"); print "</span></span><br />\n"; print " <select name='PP'>\n"; print " <option value=25"; $PP == 25 ? print " selected> 25\n" : print "> 25\n"; print " <option value=50"; $PP == 50 ? print " selected> 50\n" : print "> 50\n"; print " <option value=75"; $PP == 75 ? print " selected> 75\n" : print "> 75\n"; print " <option value=100"; $PP == 100 ? print " selected> 100\n" : print "> 100\n"; print " </select>\n"; print "</td>\n"; # Added to break put the buttons in a new line print"</tr></table><center><table><tr>"; print "<td align='right' valign='bottom'> \n"; print " <input type='submit' style='width:80px' class='button' name='do_Search'"; print " value='".__("Go")."'>\n"; print "</td>\n"; /* * Commented the My Packages button because there is no need for it * cause we already have a link. * if ($SID) { print "<td align='right' valign='bottom'> \n"; print " <input type='submit' class='button' name='do_MyPackages'"; print " value='".__("My Packages")."'>\n"; print "</td>\n"; }*/ print "<td align='right' valign='bottom'> \n"; print " <input type='submit' style='width:80px' class='button' name='do_Orphans'"; print " value='".__("Orphans")."'>\n"; print "</td>\n"; print "</tr>\n"; print "</table>\n"; print " </td>\n"; print "</tr>\n"; print "</table>\n"; print "</center>\n"; print "<br />\n"; # query to pull out package info # # $q = "SELECT Packages.*, IF(ISNULL(PackageID), 0, COUNT(*)) AS Votes "; # $q.= "FROM Packages LEFT JOIN PackageVotes "; # $q.= "ON Packages.ID = PackageVotes.PackageID "; $q = "SELECT * FROM Users RIGHT JOIN Packages "; $q.= "ON (Users.ID = Packages.MaintainerUID) "; $q.= "WHERE DummyPkg != 1 "; $has_where = 1; if (intval($_REQUEST["L"])) { if (!$has_where) { $q.= "WHERE LocationID = ".intval($_REQUEST["L"])." "; } else { $q .= "AND LocationID = ".intval($_REQUEST["L"])." "; } $has_where = 1; } if (intval($_REQUEST["C"])) { if (!$has_where) { $q.= "WHERE CategoryID = ".intval($_REQUEST["C"])." "; $has_where = 1; } else { $q.= "AND CategoryID = ".intval($_REQUEST["C"])." "; } } if ($K) { #search by maintainer if ($_REQUEST["SeB"] == "m"){ if (!$has_where) { $q.= "WHERE Username = '".mysql_real_escape_string($K)."' "; $has_where = 1; } else { $q.= "AND Username = '".mysql_real_escape_string($K)."' "; } } elseif ($_REQUEST["SeB"] == "s") { if (!$has_where) { $q.= "WHERE SubmitterUID = ".uid_from_username($K)." "; $has_where = 1; } else { $q.= "AND SubmitterUID = ".uid_from_username($K)." "; } # the default behaivior, query the name/description } else { if (!$has_where) { $q.= "WHERE (Name LIKE '%".mysql_real_escape_string($K)."%' OR "; $q.= "Description LIKE '%".mysql_real_escape_string($K)."%') "; $has_where = 1; } else { $q.= "AND (Name LIKE '%".mysql_real_escape_string($K)."%' OR "; $q.= "Description LIKE '%".mysql_real_escape_string($K)."%') "; } } } if ($_REQUEST["do_MyPackages"] && $SID) { # list packages that the user is a AUR Maintainer of, or if it the # vistior is a registered user, if they are the Maintainer. # if ($myuid) { if (!$has_where) { $q.= "WHERE (AURMaintainerUID = ".$myuid." OR "; $has_where = 1; } else { $q.= "AND (AURMaintainerUID = ".$myuid." OR "; } //$q.= "MaintainerUID = ".$myuid." OR SubmitterUID = ".$myuid.") "; $q.= "MaintainerUID = ".$myuid.") "; } } if ($_REQUEST["do_Orphans"]) { # List packages that have neither a Maintainer nor AURMaintainer # if (!$has_where) { $q.= "WHERE (AURMaintainerUID = 0 AND "; $q.= "MaintainerUID = 0) "; $has_where = 1; } else { $q.= "AND (AURMaintainerUID = 0 AND "; $q.= "MaintainerUID = 0) "; } } # Added the code below to handle the safe package flag. # So we can search for then for 'all' packages, 'safe' # packages and 'unsafe' packages. if ($_REQUEST["PaS"] <> "all") { # Flagged Safe if ($_REQUEST["PaS"] == "fs") if (!$has_where) { $q.= "WHERE Safe = 1 "; $has_where = 1; } else { $q.= "AND Safe = 1 "; } # Unflagged Safe if ($_REQUEST["PaS"] == "us") if (!$has_where) { $q.= "WHERE Safe = 0 AND LocationID != 3 "; $has_where = 1; } else { $q.= "AND Safe = 0 AND LocationID != 3 "; } } $order = $_REQUEST["SO"] == 'd' ? 'DESC' : 'ASC'; switch ($_REQUEST["SB"]) { case 'c': $q.= "ORDER BY CategoryID ".$order.", Name ASC, LocationID ASC "; break; case 'l': $q.= "ORDER BY LocationID ".$order.", Name ASC, CategoryID DESC "; break; case 'v': $q.= "ORDER BY NumVotes ".$order.", Name ASC, CategoryID DESC "; break; case 'm': $q.= "ORDER BY Username ".$order.", Name ASC, LocationID ASC "; break; case 'a': $q.= "ORDER BY GREATEST(SubmittedTS,ModifiedTS) ".$order.", Name ASC, LocationID ASC "; break; default: $q.= "ORDER BY Name ".$order.", LocationID ASC, CategoryID DESC "; break; } $qnext = $q."LIMIT ".($O+$PP).", ".$PP; //next page's worth $q.= "LIMIT ".$O.", ".$PP; print "<!-- Query: ".$q." -->\n"; $result = db_query($q, $dbh); if (!$result) { print __("Error retrieving package list."); } elseif (!mysql_num_rows($result)) { print __("No packages matched your search criteria."); } else { if ($SID) { # The 'Actions' table # print "<center>\n"; print "<table cellspacing='3' class='boxSoft'>\n"; print "<tr>\n"; print " <td class='boxSoftTitle' align='right'>\n"; print " <span class='f3'>".__("Actions")."</span>\n"; print " </td>\n"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft'>\n"; print "<table style='width: 100%' align='center'>\n"; print "<tr>\n"; print " <td align='center'>"; print "<input type='submit' class='button' name='do_Flag'"; print " value='".__("Flag Out-of-date")."'></td>\n"; print " <td align='center'>"; print "<input type='submit' class='button' name='do_UnFlag'"; print " value='".__("Unflag Out-of-date")."'></td>\n"; print " <td align='center'>"; print "<input type='submit' class='button' name='do_Adopt'"; print " value='".__("Adopt Packages")."'></td>\n"; print " <td align='center'>"; print "<input type='submit' class='button' name='do_Disown'"; print " value='".__("Disown Packages")."'></td>\n"; print " <td align='center'>"; print "<input type='submit' class='button' name='do_Delete'"; print " value='".__("Delete Packages")."'></td>\n"; print " <td align='center'>"; print "<input type='submit' class='button' name='do_Vote'"; print " value='".__("Vote")."'></td>\n"; print " <td align='center'>"; print "<input type='submit' class='button' name='do_UnVote'"; print " value='".__("Un-Vote")."'></td>\n"; print "</tr>\n"; print "</table>\n"; print " </td>\n"; print "</tr>\n"; print "</table>\n"; print "</center>\n"; print "<br />\n"; } # print out package search results # # SO_next used to change sort order on header click if ($_REQUEST["SO"] == "d"){ $SO_next="a"; } else { $SO_next="d"; } print "<center>\n"; print "<table cellspacing='3' class='boxSoft'>\n"; print "<tr>\n"; print " <td class='boxSoftTitle' align='right'>\n"; print " <span class='f3'>".__("Package Listing")."</span>\n"; print " </td>\n"; print "</tr>\n"; print "<tr>\n"; print " <td class='boxSoft'>\n"; print "<table width='100%' cellspacing='0' cellpadding='2'>\n"; print "<tr>\n"; if ($SID) { print " <th style='border-bottom: #666 1px solid; vertical-align:"; print " bottom'> </th>\n"; } print " <th style='border-bottom: #666 1px solid; vertical-align:"; print " bottom'><span class='f2'>"; print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=l&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_MyPackages=".$_REQUEST["do_MyPackages"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Location")."</a>"; print "</span></th>\n"; print " <th style='border-bottom: #666 1px solid; vertical-align:"; print " bottom'><span class='f2'>"; print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=c&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_MyPackages=".$_REQUEST["do_MyPackages"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Category")."</a>"; print "</span></th>\n"; print " <th style='border-bottom: #666 1px solid; vertical-align:"; print " bottom'><span class='f2'>"; print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=n&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_MyPackages=".$_REQUEST["do_MyPackages"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Name")."</a>"; print "</span></th>\n"; print " <th style='border-bottom: #666 1px solid; vertical-align:"; print " bottom'><span class='f2'>"; print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=v&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_MyPackages=".$_REQUEST["do_MyPackages"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Votes")."</a>"; print "</span></th>\n"; if ($SID) { print " <th style='border-bottom: #666 1px solid; vertical-align:"; print " bottom'><span class='f2'>".__("Voted")."</span></th>\n"; } print " <th style='border-bottom: #666 1px solid; vertical-align:"; print " bottom'><span class='f2'>".__("Description")."</a>"; print "</span></th>\n"; print " <th style='border-bottom: #666 1px solid; vertical-align:"; print " bottom'><span class='f2'>"; print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=m&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_MyPackages=".$_REQUEST["do_MyPackages"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Maintainer")."</a>"; print "</span></th>\n"; # REMOVED LINK TO 'pkgmgmnt.php' # if ($SID) { # print " <th style='border-bottom: #666 1px solid; vertical-align:"; # print " bottom'><span class='f2'>".__("Manage")."</span></th>\n"; # } print "</tr>\n"; for ($i=0; $row = mysql_fetch_assoc($result); $i++) { (($i % 2) == 0) ? $c = "data1" : $c = "data2"; print "<tr>\n"; if ($SID) { print " <td class='".$c."'>"; if ($row["OutOfDate"]) { print "<span style='background-color: red'>"; } print "<input type='checkbox' name='IDs[".$row["ID"]."]' value='1'>"; # if ($i == 0) { # $all_ids = $row["ID"]; # } else { # $all_ids .= ":".$row["ID"]; # } if ($row["OutOfDate"]) { print "</span>"; } print "</td>\n"; } print " <td class='".$c."'><span class='f5'><span class='blue'>"; print $locs[$row["LocationID"]]."</span></span></td>\n"; print " <td class='".$c."'><span class='f5'><span class='blue'>"; print $cats[$row["CategoryID"]]."</span></span></td>\n"; print " <td class='".$c."'><span class='f4'>"; $url = "<a href='/packages.php?"; $url .= "do_Details=1&ID="; $url .= $row["ID"]; while (list($k, $var) = each($pkgsearch_vars)) { # I'm never convinced how to do this encoding/decoding properly. # php.net recommends htmlentities(urlencode(data)), but that # doesn't work! # if (($var == "do_MyPackages" || $var == "do_Orphans") && $_REQUEST[$var]) { $url .= "&".$var."=1"; } else { $url .= "&".$var."=".rawurlencode(stripslashes($_REQUEST[$var])); } } reset($pkgsearch_vars); $url.= "'>"; if ($row["Safe"] == 1 || $locs[$row["LocationID"]] == "community") { $url.="<span class='green'>"; } else { $url.="<span class='black'>"; } $url.=$row["Name"]; $url.= " ".$row["Version"]."</span></a>"; print $url."</span></td>\n"; print " <td class='".$c."'><span class='f5'><span class='blue'>"; print " ".$row["NumVotes"]."</span></span></td>\n"; if ($SID) { print " <td class='".$c."'><span class='f5'><span class='blue'>"; if (isset($my_votes[$row["ID"]])) { print " ".__("Yes")."</span></td>\n"; } else { print " </span></td>\n"; } } print " <td class='".$c."'><span class='f4'><span class='blue'>"; print $row["Description"]."</span></span></td>\n"; print " <td class='".$c."'><span class='f5'><span class='blue'>"; # print the package manager, also determine if it is managed # $managed = 1; # if (isset($devs[$row["AURMaintainerUID"]])) { # print $devs[$row["AURMaintainerUID"]]["Username"]; # } else # if (isset($tus[$row["MaintainerUID"]])) { # print $tus[$row["MaintainerUID"]]["Username"]; if (isset($users[$row["MaintainerUID"]])) { # Add a link to the user packages, e.g, if you click on the Solve the sorting problem, so we can force the # maintainer name, you will be redirected to a page with the user packages. $user = $users[$row["MaintainerUID"]]["Username"]; print "<a href='packages.php?K=".$user."&SeB=m'>".$users[$row["MaintainerUID"]]["Username"]."</a>"; } else { print "<span style='color: blue; font-style: italic;'>"; print __("orphan"); print "</span>"; $managed = 0; } print "</span></span></td>\n"; # REMOVED LINK TO 'pkgmgmnt.php' # # print the managed link if applicable # # # if (canManagePackage($myuid, $row["AURMaintainerUID"], # $row["MaintainerUID"], $row["SubmitterUID"], $managed)) { # $manage_url = "<a href='/pkgmgmnt.php?ID="; # $manage_url.= $row["ID"]."'><span class='black'>Manage</span></a>"; # print " <td class='".$c."'><span class='f4'>"; # print $manage_url."</span></td>\n"; # } else { # print "<td class='".$c."'><span class='f4'> </span></td>\n"; # } print "</tr>\n"; } print "</table>\n"; print " </td>\n"; print "</tr>\n"; print "</table>\n"; # print "<input type='hidden' name='All_IDs' value='".$all_ids."'>\n"; if ($_REQUEST["do_MyPackages"]) { print "<input type='hidden' name='do_MyPackages' value='1'>\n"; } if ($_REQUEST["do_Orphans"]) { print "<input type='hidden' name='do_Orphans' value='1'>\n"; } print "<table width='90%' cellspacing='0' cellpadding='2'>\n"; print "<tr>\n"; print " <td>\n"; print " <table border='0' cellpadding='0' cellspacing='0' width='100%'>\n"; print " <tr>\n"; # first print the legend print " <td colspan='2' align='center'>"; print " <span class='f5'>\n"; if ($SID) { print " <font style='background-color: red'>".__("O%hut-of-Date", array('</font>'))." "; } print ' <span class="green">'.__("Safe")."</span>\n"; print " </span></td>\n"; print " </tr>"; # now print the forward and back buttons on the bottom # LEFT print " <tr>"; print " <td align='left'>"; if (($O-$PP) >= 0) { print " <input type='submit' class='button' name='do_Less'"; print " value='<-- ".__("Less")."'>\n"; } else { print " "; } print " </td>"; # RIGHT print " <td align='right'>"; if (mysql_num_rows(db_query($qnext, $dbh))) { print " <input type='submit' class='button' name='do_More'"; print " value='".__("More")." -->'>\n"; } print " </td>\n"; print " </tr>\n"; print " </table>\n"; print " </td>\n"; print "</tr>\n"; print "</table>\n"; print "</center>\n"; } print "</form>\n"; return; } # vim: ts=2 sw=2 noet ft=php ?>