external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use an INI-style configuration file

Browse source 
Replace web/lib/config.inc.php with an INI-style configuration file.
This allows us to get rid of several globals and makes it easier to use
the same configuration file in external scripts.

Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer 2014-10-24 08:31:47 +02:00
parent a0a5230708
commit 76343fb915
24 changed files with 200 additions and 216 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
conf/config.proto Normal file
View file

@ -0,0 +1,29 @@
[database]
dsn_prefix = mysql
host = localhost
socket = /var/run/mysqld/mysqld.sock
name = AUR
user = aur
password = aur
[paths]
storage = /srv/aur/unsupported/
[options]
username_min_len = 3
username_max_len = 16
passwd_min_len = 4
default_lang = en
sql_debug = 0
max_sessions_per_user = 8
login_timeout = 7200
persistent_cookie_timeout = 2592000
max_filesize_uncompressed = 8388608
disable_http_login = 1
aur_location = http://localhost
package_url = /packages/
use_virtual_urls = 1
max_rpc_results = 5000
aur_request_ml = aur-requests@archlinux.org
request_idle_time = 1209600
auto_orphan_age = 15552000

12
scripts/aurblup/aurblup-wrapper
View file

@ -8,10 +8,14 @@ if (empty($dir)) {
}
set_include_path(get_include_path() . PATH_SEPARATOR . "$dir/lib");
include("config.inc.php");
include("confparser.inc.php");
$user = config_get('database', 'user');
$password = config_get('database', 'password');
$name = config_get('database', 'name');
exec($dir . "/../scripts/aurblup/aurblup " .
"-S /var/run/mysqld/mysqld.sock " .
"-u " . escapeshellarg(AUR_db_user) . " " .
"-p " . escapeshellarg(AUR_db_pass) . " " .
"-D " . escapeshellarg(AUR_db_name));
"-u " . escapeshellarg($user) . " " .
"-p " . escapeshellarg($password) . " " .
"-D " . escapeshellarg($name));

11
scripts/cleanup
View file

@ -16,24 +16,25 @@ if (empty($dir)) {
}
set_include_path(get_include_path() . PATH_SEPARATOR . "$dir/lib");
include("config.inc.php");
include("confparser.inc.php");
include("aur.inc.php");
include("pkgfuncs.inc.php");
$count = 0;
$buckets = scandir(INCOMING_DIR);
$incoming_dir = config_get('paths', 'storage');
$buckets = scandir($incoming_dir);
foreach ($buckets as $bucket) {
$bucketpath = INCOMING_DIR . $bucket;
$bucketpath = $incoming_dir . $bucket;
if ($bucket == '.' || $bucket == '..' || !is_dir($bucketpath)) {
continue;
}
$files = scandir(INCOMING_DIR . $bucket);
$files = scandir($incoming_dir . $bucket);
foreach ($files as $pkgname) {
if ($pkgname == '.' || $pkgname == '..') {
continue;
}
$fullpath = INCOMING_DIR . $bucket . "/" . $pkgname;
$fullpath = $incoming_dir . $bucket . "/" . $pkgname;
if (!pkg_from_name($pkgname) && is_dir($fullpath)) {
echo 'Removing ' . $fullpath . "\n";
rm_tree($fullpath);

4
upgrading/3.5.0.txt
View file

@ -17,3 +17,7 @@ ALTER TABLE PackageVotes ADD COLUMN VoteTS BIGINT NULL DEFAULT NULL;
----
INSERT INTO PackageCategories (Category) VALUES ('wayland');
----
4. The configuration file format has been changed. Make sure you convert
web/lib/config.inc.php to the new format (see conf/config.proto for an example
configuration) and put the resulting file in conf/config.

9
web/html/login.php
View file

@ -5,7 +5,8 @@ include_once("aur.inc.php");
set_lang();
check_sid();
if (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
$disable_http_login = config_get_bool('options', 'disable_http_login');
if (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) {
$login = try_login();
$login_error = $login['error'];
}
@ -19,7 +20,7 @@ html_header('AUR ' . __("Login"));
<?= __("Logged-in as: %s", '<strong>' . username_from_sid($_COOKIE["AURSID"]) . '</strong>'); ?>
<a href="<?= get_uri('/logout/'); ?>">[<?= __("Logout"); ?>]</a>
</p>
<?php elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?>
<?php elseif (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?>
<form method="post" action="<?= get_uri('/login') ?>">
<fieldset>
<legend><?= __('Enter login credentials') ?></legend>
@ -28,7 +29,7 @@ html_header('AUR ' . __("Login"));
<?php endif; ?>
<p>
<label for="id_username"><?= __('Username') . ':'; ?></label>
<input id="id_username" type="text" name="user" size="30" maxlength="<?= USERNAME_MAX_LEN; ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" />
<input id="id_username" type="text" name="user" size="30" maxlength="<?= config_get_int('options', 'username_max_len'); ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" />
</p>
<p>
<label for="id_password"><?= __('Password') . ':'; ?></label>
@ -47,7 +48,7 @@ html_header('AUR ' . __("Login"));
<?php else: ?>
<p>
<?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."),
'<a href="' . $AUR_LOCATION . get_uri('/login') . '">', '</a>'); ?>
'<a href="' . aur_location() . get_uri('/login') . '">', '</a>'); ?>
</p>
<?php endif; ?>
</div>

8
web/html/pkgsubmit.php
View file

@ -1,7 +1,6 @@
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
include_once("config.inc.php");
require_once('Archive/Tar.php');
@ -64,11 +63,12 @@ if ($uid):
}
# Check uncompressed file size (ZIP bomb protection)
if (!$error && $MAX_FILESIZE_UNCOMPRESSED) {
$max_filesize_uncompressed = config_get_int('options', 'max_filesize_uncompressed');
if (!$error && $max_filesize_uncompressed) {
fseek($fh, -4, SEEK_END);
list(, $filesize_uncompressed) = unpack('V', fread($fh, 4));
if ($filesize_uncompressed > $MAX_FILESIZE_UNCOMPRESSED) {
if ($filesize_uncompressed > $max_filesize_uncompressed) {
$error = __("Error - uncompressed file size too large.");
}
}
@ -273,7 +273,7 @@ if ($uid):
}
if (isset($pkgbase_name)) {
$incoming_pkgdir = INCOMING_DIR . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name;
$incoming_pkgdir = config_get('paths', 'storage') . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name;
}
/* Upload PKGBUILD and tarball. */

17
web/lib/DB.class.php
View file

@ -1,5 +1,7 @@
<?php
include_once("confparser.inc.php");
class DB {
/**
@ -15,8 +17,19 @@ class DB {
public static function connect() {
if (self::$dbh === null) {
try {
self::$dbh = new PDO(AUR_db_DSN_prefix . ":" . AUR_db_host
. ";dbname=" . AUR_db_name, AUR_db_user, AUR_db_pass);
$dsn_prefix = config_get('database', 'dsn_prefix');
$host = config_get('database', 'host');
$socket = config_get('database', 'socket');
$name = config_get('database', 'name');
$user = config_get('database', 'user');
$password = config_get('database', 'password');
$dsn = $dsn_prefix .
':host=' . $host .
';unix_socket=' . $socket .
';dbname=' . $name;
self::$dbh = new PDO($dsn, $user, $password);
self::$dbh->exec("SET NAMES 'utf8' COLLATE 'utf8_general_ci';");
} catch (PDOException $e) {
die('Error - Could not connect to AUR database');

66
web/lib/acctfuncs.inc.php
View file

@ -89,7 +89,7 @@ function display_account_form($A,$U="",$T="",$S="",
*/
function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",
$P="",$C="",$R="",$L="",$I="",$K="",$J="",$UID=0) {
global $SUPPORTED_LANGS, $AUR_LOCATION;
global $SUPPORTED_LANGS;
$error = '';
@ -118,9 +118,11 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",
}
if (!$error && !valid_username($U)) {
$length_min = config_get_int('options', 'username_min_len');
$length_max = config_get_int('options', 'username_max_len');
$error = __("The username is invalid.") . "<ul>\n"
."<li>" . __("It must be between %s and %s characters long",
USERNAME_MIN_LEN, USERNAME_MAX_LEN )
. "<li>" . __("It must be between %s and %s characters long", $length_min, $length_max)
. "</li>"
. "<li>" . __("Start and end with a letter or number") . "</li>"
. "<li>" . __("Can contain only one period, underscore or hyphen.")
@ -130,8 +132,11 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",
if (!$error && $P && $C && ($P != $C)) {
$error = __("Password fields do not match.");
}
if (!$error && $P != '' && !good_passwd($P))
$error = __("Your password must be at least %s characters.",PASSWD_MIN_LEN);
if (!$error && $P != '' && !good_passwd($P)) {
$length_min = config_get_int('options', 'passwd_min_len');
$error = __("Your password must be at least %s characters.",
$length_min);
}
if (!$error && !valid_email($E)) {
$error = __("The email address is invalid.");
@ -244,7 +249,7 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="",
'not work try copying and ' .
'pasting it into your ' .
'browser.',
$AUR_LOCATION);
aur_location());
send_resetkey($email, $subject, $body);
print __("A password reset key has been sent to your e-mail address.");
@ -406,14 +411,9 @@ function search_results_page($O=0,$SB="",$U="",$T="",
/**
* Attempt to login and generate a session
*
* @global int $MAX_SESSIONS_PER_USER Maximum sessions a single user may have open
* @global int $PERSISTENT_COOKIE_TIMEOUT Time until cookie expires
*
* @return array Session ID for user, error message if applicable
*/
function try_login() {
global $MAX_SESSIONS_PER_USER, $PERSISTENT_COOKIE_TIMEOUT;
$login_error = "";
$new_sid = "";
$userID = null;
@ -456,16 +456,17 @@ function try_login() {
/* Generate a session ID and store it. */
while (!$logged_in && $num_tries < 5) {
if ($MAX_SESSIONS_PER_USER) {
$session_limit = config_get_int('options', 'max_sessions_per_user');
if ($session_limit) {
/*
* Delete all user sessions except the
* last ($MAX_SESSIONS_PER_USER - 1).
* last ($session_limit - 1).
*/
$q = "DELETE s.* FROM Sessions s ";
$q.= "LEFT JOIN (SELECT SessionID FROM Sessions ";
$q.= "WHERE UsersId = " . $userID . " ";
$q.= "ORDER BY LastUpdateTS DESC ";
$q.= "LIMIT " . ($MAX_SESSIONS_PER_USER - 1) . ") q ";
$q.= "LIMIT " . ($session_limit - 1) . ") q ";
$q.= "ON s.SessionID = q.SessionID ";
$q.= "WHERE s.UsersId = " . $userID . " ";
$q.= "AND q.SessionID IS NULL;";
@ -499,7 +500,8 @@ function try_login() {
/* Set the SID cookie. */
if (isset($_POST['remember_me']) && $_POST['remember_me'] == "on") {
/* Set cookies for 30 days. */
$cookie_time = time() + $PERSISTENT_COOKIE_TIMEOUT;
$timeout = config_get_int('options', 'persistent_cookie_timeout');
$cookie_time = time() + $timeout;
/* Set session for 30 days. */
$q = "UPDATE Sessions SET LastUpdateTS = $cookie_time ";
@ -531,18 +533,20 @@ function is_ipbanned() {
/**
* Validate a username against a collection of rules
*
* The username must be longer or equal to USERNAME_MIN_LEN. It must be shorter
* or equal to USERNAME_MAX_LEN. It must start and end with either a letter or
* a number. It can contain one period, hypen, or underscore. Returns boolean
* of whether name is valid.
* The username must be longer or equal to the configured minimum length. It
* must be shorter or equal to the configured maximum length. It must start and
* end with either a letter or a number. It can contain one period, hypen, or
* underscore. Returns boolean of whether name is valid.
*
* @param string $user Username to validate
*
* @return bool True if username meets criteria, otherwise false
*/
function valid_username($user) {
if (strlen($user) < USERNAME_MIN_LEN ||
strlen($user) > USERNAME_MAX_LEN) {
$length_min = config_get_int('options', 'username_min_len');
$length_max = config_get_int('options', 'username_max_len');
if (strlen($user) < $length_min || strlen($user) > $length_max) {
return false;
} else if (!preg_match("/^[a-z0-9]+[.\-_]?[a-z0-9]+$/Di", $user)) {
return false;
@ -645,8 +649,6 @@ function create_resetkey($resetkey, $uid) {
* @return void
*/
function send_resetkey($email, $subject, $body) {
global $AUR_LOCATION;
$uid = uid_from_email($email);
if ($uid == null) {
return;
@ -658,9 +660,8 @@ function send_resetkey($email, $subject, $body) {
/* Send e-mail with confirmation link. */
$body = wordwrap($body, 70);
$body .= "\n\n".
"{$AUR_LOCATION}/" . get_uri('/passreset/') . "?".
"resetkey={$resetkey}";
$body .= "\n\n". aur_location() . "/" . get_uri('/passreset/') .
"?resetkey={$resetkey}";
$headers = "MIME-Version: 1.0\r\n" .
"Content-type: text/plain; charset=UTF-8\r\n" .
"Reply-to: noreply@aur.archlinux.org\r\n" .
@ -708,10 +709,8 @@ function password_reset($hash, $salt, $resetkey, $email) {
* @return bool True if longer than minimum length, otherwise false
*/
function good_passwd($passwd) {
if ( strlen($passwd) >= PASSWD_MIN_LEN ) {
return true;
}
return false;
$length_min = config_get_int('options', 'passwd_min_len');
return (strlen($passwd) >= $length_min);
}
/**
@ -903,16 +902,13 @@ function delete_user_sessions($uid) {
/**
* Remove sessions from the database that have exceed the timeout
*
* @global int $LOGIN_TIMEOUT Time until session expires
*
* @return void
*/
function clear_expired_sessions() {
global $LOGIN_TIMEOUT;
$dbh = DB::connect();
$q = "DELETE FROM Sessions WHERE LastUpdateTS < (UNIX_TIMESTAMP() - $LOGIN_TIMEOUT)";
$timeout = config_get_int('options', 'login_timeout');
$q = "DELETE FROM Sessions WHERE LastUpdateTS < (UNIX_TIMESTAMP() - " . $timeout . ")";
$dbh->query($q);
return;

26
web/lib/aur.inc.php
View file

@ -10,12 +10,12 @@ date_default_timezone_set('UTC');
include_once('translator.inc.php');
set_lang();
include_once("config.inc.php");
include_once("DB.class.php");
include_once("routing.inc.php");
include_once("version.inc.php");
include_once("acctfuncs.inc.php");
include_once("cachefuncs.inc.php");
include_once("confparser.inc.php");
include_once("credentials.inc.php");
/**
@ -26,16 +26,15 @@ include_once("credentials.inc.php");
* session timeout if it is still valid.
*
* @global array $_COOKIE User cookie values
* @global string $LOGIN_TIMEOUT Time until session times out
*
* @return void
*/
function check_sid() {
global $_COOKIE;
global $LOGIN_TIMEOUT;
if (isset($_COOKIE["AURSID"])) {
$failed = 0;
$timeout = config_get_int('options', 'login_timeout');
# the visitor is logged in, try and update the session
#
$dbh = DB::connect();
@ -50,7 +49,7 @@ function check_sid() {
$failed = 1;
} else {
$last_update = $row[0];
if ($last_update + $LOGIN_TIMEOUT <= $row[1]) {
if ($last_update + $timeout <= $row[1]) {
$failed = 2;
}
}
@ -73,11 +72,11 @@ function check_sid() {
# and update the idle timestamp
# Only update the timestamp if it is less than the
# current time plus $LOGIN_TIMEOUT.
# current time plus $timeout.
#
# This keeps 'remembered' sessions from being
# overwritten.
if ($last_update < time() + $LOGIN_TIMEOUT) {
if ($last_update < time() + $timeout) {
$q = "UPDATE Sessions SET LastUpdateTS = UNIX_TIMESTAMP() ";
$q.= "WHERE SessionID = " . $dbh->quote($_COOKIE["AURSID"]);
$dbh->exec($q);
@ -274,8 +273,6 @@ function uid_from_sid($sid="") {
* @return void
*/
function html_header($title="", $details=array()) {
global $AUR_LOCATION;
global $DISABLE_HTTP_LOGIN;
global $LANG;
global $SUPPORTED_LANGS;
@ -588,3 +585,16 @@ function array_pkgbuild_merge($pkgbase_info, $section_info) {
function bound($n, $min, $max) {
return min(max($n, $min), $max);
}
/**
* Return the URL of the AUR root
*
* @return string The URL of the AUR root
*/
function aur_location() {
$location = config_get('options', 'aur_location');
if (substr($location, -1) != '/') {
$location .= '/';
}
return $location;
}

13
web/lib/aurjson.class.php
View file

@ -192,7 +192,8 @@ class AurJSON {
}
private function process_query($type, $where_condition) {
global $MAX_RPC_RESULTS;
$max_results = config_get_int('options', 'max_rpc_results');
$package_url = config_get('options', 'package_url');
if ($this->version == 1) {
$fields = implode(',', self::$fields_v1);
@ -207,7 +208,7 @@ class AurJSON {
"ON Licenses.ID = PackageLicenses.LicenseID " .
"WHERE ${where_condition} " .
"GROUP BY Packages.ID " .
"LIMIT $MAX_RPC_RESULTS";
"LIMIT $max_results";
} elseif ($this->version >= 2) {
$fields = implode(',', self::$fields_v2);
$query = "SELECT {$fields} " .
@ -216,7 +217,7 @@ class AurJSON {
"LEFT JOIN Users " .
"ON PackageBases.MaintainerUID = Users.ID " .
"WHERE ${where_condition} " .
"LIMIT $MAX_RPC_RESULTS";
"LIMIT $max_results";
}
$result = $this->dbh->query($query);
@ -226,7 +227,7 @@ class AurJSON {
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$resultcount++;
$pkgbase_name = $row['PackageBase'];
$row['URLPath'] = URL_DIR . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name . "/" . $pkgbase_name . ".tar.gz";
$row['URLPath'] = $package_url . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name . "/" . $pkgbase_name . ".tar.gz";
/*
* Unfortunately, mysql_fetch_assoc() returns
@ -254,7 +255,7 @@ class AurJSON {
}
}
if ($resultcount === $MAX_RPC_RESULTS) {
if ($resultcount === $max_results) {
return $this->json_error('Too many package results.');
}
@ -303,8 +304,6 @@ class AurJSON {
* @return mixed Returns an array of package matches.
*/
private function search($keyword_string) {
global $MAX_RPC_RESULTS;
if (strlen($keyword_string) < 2) {
return $this->json_error('Query arg too small');
}

72
web/lib/config.inc.php.proto
View file

@ -1,72 +0,0 @@
<?php
# NOTE: modify these variables if your MySQL setup is different
define( "AUR_db_DSN_prefix", "mysql" );
define( "AUR_db_host", "unix_socket=/var/run/mysqld/mysqld.sock" );
define( "AUR_db_name", "AUR" );
define( "AUR_db_user", "aur" );
define( "AUR_db_pass", "aur" );
# Configuration of directories where things live
define( "INCOMING_DIR", "/srv/aur/unsupported/" );
define( "URL_DIR", "/packages/" );
define( "USERNAME_MIN_LEN", 3 );
define( "USERNAME_MAX_LEN", 16 );
define( "PASSWD_MIN_LEN", 4 );
# Default language for displayed messages in the web interface.
define("DEFAULT_LANG", "en");
# Enable debug sql output. This sends each query to error_log. Useful for
# development. Should not be enabled in production. Default to 0 (off).
define("SQL_DEBUG", 0);
# Set cache type. Either "APC", "MEMCACHE", or "NONE". Defaults to NONE.
#define("CACHE_TYPE", "APC");
#define("CACHE_TYPE", "MEMCACHE");
# If using memcache cache_type, list servers. You can separate multiple servers
# with a comma, ex: '127.0.0.1:11211,127.0.0.1:11212'. If undefined, defaults
# to '127.0.0.1:11211'.
#define("MEMCACHE_SERVERS", '127.0.0.1:11211');
# Session limit per user
$MAX_SESSIONS_PER_USER = 8;
# Idle seconds before timeout
$LOGIN_TIMEOUT = 7200;
# Session timeout when using "Remember me" cookies
$PERSISTENT_COOKIE_TIMEOUT = 60 * 60 * 24 * 30;
# Uncompressed file size limit for submitted tarballs (ZIP bomb protection) -
# please ensure "upload_max_filesize" is additionally set to no more than 3M,
# otherwise this check might be easy to bypass (FS#22991 for details)
$MAX_FILESIZE_UNCOMPRESSED = 1024 * 1024 * 8;
# Allow HTTPs logins only
$DISABLE_HTTP_LOGIN = true;
# Web URL used in email links and absolute redirects, no trailing slash
$AUR_LOCATION = "http://localhost";
# Use virtual URLs -- to enable this feature, you also need to tell your web
# server to redirect all requests to "/index.php/$uri".
$USE_VIRTUAL_URLS = true;
# Maximum number of package results to return through an RPC connection.
# Avoid setting this too high and having a PHP too much memory error.
$MAX_RPC_RESULTS = 5000;
# Mailing list to send package request notifications to.
$AUR_REQUEST_ML = "aur-requests@archlinux.org";
# Time to wait until a package request is due.
$REQUEST_IDLE_TIME = 60 * 60 * 24 * 14;
# When an orphan request is filed for a package that has been flagged
# out-of-date for the following number of seconds, it is disowned
# automatically.
$AUTO_ORPHAN_AGE = 60 * 60 * 24 * 180;

20
web/lib/confparser.inc.php Normal file
View file

@ -0,0 +1,20 @@
<?php
function config_get($section, $key) {
global $AUR_CONFIG;
if (!isset($AUR_CONFIG)) {
$AUR_CONFIG = parse_ini_file("../../conf/config", true);
}
return $AUR_CONFIG[$section][$key];
}
function config_get_int($section, $key) {
return intval(config_get($section, $key));
}
function config_get_bool($section, $key) {
$val = strtolower(config_get($section, $key));
return ($val == 'yes' || $val == 'true' || $val == '1');
}

1
web/lib/credentials.inc.php
View file

@ -1,5 +1,4 @@
<?php
include_once("config.inc.php");
define("CRED_ACCOUNT_CHANGE_TYPE", 1);
define("CRED_ACCOUNT_EDIT", 2);

17
web/lib/pkgbasefuncs.inc.php
View file

@ -1,5 +1,5 @@
<?php
include_once("config.inc.php");
include_once("pkgreqfuncs.inc.php");
/**
@ -88,7 +88,6 @@ function pkgbase_comments($base_id, $limit, $include_deleted) {
/**
* Add a comment to a package page and send out appropriate notifications
*
* @global string $AUR_LOCATION The AUR's URL used for notification e-mails
* @param string $base_id The package base ID to add the comment on
* @param string $uid The user ID of the individual who left the comment
* @param string $comment The comment left on a package page
@ -96,8 +95,6 @@ function pkgbase_comments($base_id, $limit, $include_deleted) {
* @return void
*/
function pkgbase_add_comment($base_id, $uid, $comment) {
global $AUR_LOCATION;
$dbh = DB::connect();
$q = "INSERT INTO PackageComments ";
@ -135,7 +132,7 @@ function pkgbase_add_comment($base_id, $uid, $comment) {
* user who posted the comment was in.
*/
$body =
'from ' . $AUR_LOCATION . get_pkgbase_uri($row['Name']) . "\n"
'from ' . aur_location() . get_pkgbase_uri($row['Name']) . "\n"
. username_from_sid($_COOKIE['AURSID']) . " wrote:\n\n"
. $comment
. "\n\n---\nIf you no longer wish to receive notifications about this package, please go the the above package page and click the UnNotify button.";
@ -221,8 +218,6 @@ function pkgbase_get_details($base_id) {
/**
* Display the package base details page
*
* @global string $AUR_LOCATION The AUR's URL used for notification e-mails
* @global bool $USE_VIRTUAL_URLS True if using URL rewriting, otherwise false
* @param string $id The package base ID to get details page for
* @param array $row Package base details retrieved by pkgbase_get_details()
* @param string $SID The session ID of the visitor
@ -230,9 +225,6 @@ function pkgbase_get_details($base_id) {
* @return void
*/
function pkgbase_display_details($base_id, $row, $SID="") {
global $AUR_LOCATION;
global $USE_VIRTUAL_URLS;
$dbh = DB::connect();
if (isset($row['error'])) {
@ -353,14 +345,11 @@ function pkgbase_maintainer_uid($base_id) {
/**
* Flag package(s) as out-of-date
*
* @global string $AUR_LOCATION The AUR's URL used for notification e-mails
* @param array $base_ids Array of package base IDs to flag/unflag
*
* @return array Tuple of success/failure indicator and error message
*/
function pkgbase_flag($base_ids) {
global $AUR_LOCATION;
if (!has_credential(CRED_PKGBASE_FLAG)) {
return array(false, __("You must be logged in before you can flag packages."));
}
@ -392,7 +381,7 @@ function pkgbase_flag($base_ids) {
$result = $dbh->query($q);
if ($result) {
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . " [1]. You may view your package at:\n" . $AUR_LOCATION . get_pkgbase_uri($row['Name']) . "\n\n[1] - " . $AUR_LOCATION . get_user_uri($f_name);
$body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . " [1]. You may view your package at:\n" . aur_location() . get_pkgbase_uri($row['Name']) . "\n\n[1] - " . aur_location() . get_user_uri($f_name);
$body = wordwrap($body, 70);
$headers = "MIME-Version: 1.0\r\n" .
"Content-type: text/plain; charset=UTF-8\r\n" .

7
web/lib/pkgfuncs.inc.php
View file

@ -1,5 +1,5 @@
<?php
include_once("config.inc.php");
include_once("pkgbasefuncs.inc.php");
/**
@ -462,8 +462,6 @@ function pkg_get_details($id=0) {
/**
* Display the package details page
*
* @global string $AUR_LOCATION The AUR's URL used for notification e-mails
* @global bool $USE_VIRTUAL_URLS True if using URL rewriting, otherwise false
* @param string $id The package ID to get details page for
* @param array $row Package details retrieved by pkg_get_details()
* @param string $SID The session ID of the visitor
@ -471,9 +469,6 @@ function pkg_get_details($id=0) {
* @return void
*/
function pkg_display_details($id=0, $row, $SID="") {
global $AUR_LOCATION;
global $USE_VIRTUAL_URLS;
$dbh = DB::connect();
if (isset($row['error'])) {

41
web/lib/pkgreqfuncs.inc.php
View file

@ -1,5 +1,6 @@
<?php
include_once("config.inc.php");
include_once("confparser.inc.php");
include_once("pkgbasefuncs.inc.php");
/**
@ -76,9 +77,6 @@ function pkgreq_get_creator_email($id) {
/**
* File a deletion/orphan request against a package base
*
* @global string $AUR_LOCATION The AUR's URL used for notification e-mails
* @global string $AUR_REQUEST_ML The request notification mailing list
* @global int $AUTO_ORPHAN_AGE The time to wait until auto-closing a request
* @param string $ids The package base IDs to file the request against
* @param string $type The type of the request
* @param string $merge_into The target of a merge operation
@ -87,10 +85,6 @@ function pkgreq_get_creator_email($id) {
* @return array Tuple of success/failure indicator and error message
*/
function pkgreq_file($ids, $type, $merge_into, $comments) {
global $AUR_LOCATION;
global $AUR_REQUEST_ML;
global $AUTO_ORPHAN_AGE;
if (!has_credential(CRED_PKGREQ_FILE)) {
return array(false, __("You must be logged in to file package requests."));
}
@ -166,15 +160,15 @@ function pkgreq_file($ids, $type, $merge_into, $comments) {
$username . " [1] filed a request to merge " .
$row['Name'] . " [2] into " . $merge_into .
" [3]:\n\n" . $comments . "\n\n" .
"[1] " . $AUR_LOCATION . get_user_uri($username) . "\n" .
"[2] " . $AUR_LOCATION . get_pkgbase_uri($row['Name']) . "\n" .
"[3] " . $AUR_LOCATION . get_pkgbase_uri($merge_into) . "\n";
"[1] " . aur_location() . get_user_uri($username) . "\n" .
"[2] " . aur_location() . get_pkgbase_uri($row['Name']) . "\n" .
"[3] " . aur_location() . get_pkgbase_uri($merge_into) . "\n";
} else {
$body =
$username . " [1] filed a " . $type . " request for " .
$row['Name'] . " [2]:\n\n" . $comments . "\n\n" .
"[1] " . $AUR_LOCATION . get_user_uri($username) . "\n" .
"[2] " . $AUR_LOCATION . get_pkgbase_uri($row['Name']) . "\n";
"[1] " . aur_location() . get_user_uri($username) . "\n" .
"[2] " . aur_location() . get_pkgbase_uri($row['Name']) . "\n";
}
$body = wordwrap($body, 70);
$cc = array_unique($cc);
@ -185,14 +179,15 @@ function pkgreq_file($ids, $type, $merge_into, $comments) {
$headers .= "From: notify@aur.archlinux.org\r\n" .
"Message-ID: $thread_id\r\n" .
"X-Mailer: AUR";
@mail($AUR_REQUEST_ML, "[PRQ#" . $request_id . "] " . ucfirst($type) .
" Request for " . $row['Name'], $body,
$headers);
$ml = config_get('options', 'aur_request_ml');
@mail($ml, "[PRQ#" . $request_id . "] " . ucfirst($type) .
" Request for " . $row['Name'], $body, $headers);
$auto_orphan_age = config_get('options', 'auto_orphan_age');
$details = pkgbase_get_details($base_id);
if ($type == 'orphan' && $details['OutOfDateTS'] > 0 &&
time() - $details['OutOfDateTS'] >= $AUTO_ORPHAN_AGE &&
$AUTO_ORPHAN_AGE > 0) {
time() - $details['OutOfDateTS'] >= $auto_orphan_age &&
$auto_orphan_age > 0) {
/*
* Close package request. NOTE: This needs to happen *before*
* the actual disown operation. Otherwise, the former
@ -214,8 +209,6 @@ function pkgreq_file($ids, $type, $merge_into, $comments) {
/**
* Close a deletion/orphan request
*
* @global string $AUR_LOCATION The AUR's URL used for notification e-mails
* @global string $AUR_REQUEST_ML The request notification mailing list
* @param int $id The package request to close
* @param string $reason Whether the request was accepted or rejected
* @param string $comments Comments to be added to the notification email
@ -224,9 +217,6 @@ function pkgreq_file($ids, $type, $merge_into, $comments) {
* @return array Tuple of success/failure indicator and error message
*/
function pkgreq_close($id, $reason, $comments, $auto_close=false) {
global $AUR_LOCATION;
global $AUR_REQUEST_ML;
switch ($reason) {
case 'accepted':
$status = 2;
@ -288,7 +278,7 @@ function pkgreq_close($id, $reason, $comments, $auto_close=false) {
}
if (!$auto_close) {
$body .= "\n";
$body .= "[1] " . $AUR_LOCATION . get_user_uri($username);
$body .= "[1] " . aur_location() . get_user_uri($username);
$body .= "\n";
}
$body = wordwrap($body, 70);
@ -301,7 +291,8 @@ function pkgreq_close($id, $reason, $comments, $auto_close=false) {
"In-Reply-To: $thread_id\r\n" .
"References: $thread_id\r\n" .
"X-Mailer: AUR";
@mail($AUR_REQUEST_ML, "[PRQ#" . $id . "] Request " . ucfirst($reason),
$ml = config_get('options', 'aur_request_ml');
@mail($ml, "[PRQ#" . $id . "] Request " . ucfirst($reason),
$body, $headers);
return array(true, __("Request closed successfully."));

18
web/lib/routing.inc.php
View file

@ -1,5 +1,7 @@
<?php
include_once("confparser.inc.php");
$ROUTES = array(
'' => 'home.php',
'/index.php' => 'home.php',
@ -24,6 +26,10 @@ $PKGBASE_PATH = '/pkgbase';
$PKGREQ_PATH = '/requests';
$USER_PATH = '/account';
function use_virtual_urls() {
return config_get_bool('options', 'use_virtual_urls');
}
function get_route($path) {
global $ROUTES;
@ -36,10 +42,9 @@ function get_route($path) {
}
function get_uri($path) {
global $USE_VIRTUAL_URLS;
global $ROUTES;
if ($USE_VIRTUAL_URLS) {
if (use_virtual_urls()) {
return $path;
} else {
return get_route($path);
@ -62,10 +67,9 @@ function get_pkgreq_route() {
}
function get_pkg_uri($pkgname) {
global $USE_VIRTUAL_URLS;
global $PKG_PATH;
if ($USE_VIRTUAL_URLS) {
if (use_virtual_urls()) {
return $PKG_PATH . '/' . urlencode($pkgname) . '/';
} else {
return '/' . get_route($PKG_PATH) . '?N=' . urlencode($pkgname);
@ -73,10 +77,9 @@ function get_pkg_uri($pkgname) {
}
function get_pkgbase_uri($pkgbase_name) {
global $USE_VIRTUAL_URLS;
global $PKGBASE_PATH;
if ($USE_VIRTUAL_URLS) {
if (use_virtual_urls()) {
return $PKGBASE_PATH . '/' . urlencode($pkgbase_name) . '/';
} else {
return '/' . get_route($PKGBASE_PATH) . '?N=' . urlencode($pkgbase_name);
@ -89,10 +92,9 @@ function get_user_route() {
}
function get_user_uri($username) {
global $USE_VIRTUAL_URLS;
global $USER_PATH;
if ($USE_VIRTUAL_URLS) {
if (use_virtual_urls()) {
return $USER_PATH . '/' . urlencode($username) . '/';
} else {
return '/' . get_route($USER_PATH) . '?U=' . urlencode($username);

8
web/lib/translator.inc.php
View file

@ -11,7 +11,7 @@ set_include_path(get_include_path() . PATH_SEPARATOR . '../lib' . PATH_SEPARATOR
# print __("%s has %s apples.", "Bill", "5");
# print __("This is a %smajor%s problem!", "<strong>", "</strong>");
include_once('config.inc.php');
include_once("confparser.inc.php");
include_once('DB.class.php');
include_once('gettext.php');
include_once('streams.php');
@ -82,7 +82,6 @@ function _n($msgid1, $msgid2, $n) {
function set_lang() {
global $LANG;
global $SUPPORTED_LANGS;
global $PERSISTENT_COOKIE_TIMEOUT;
global $streamer, $l10n;
$update_cookie = 0;
@ -116,11 +115,12 @@ function set_lang() {
# Set $LANG to default if nothing is valid.
if (!array_key_exists($LANG, $SUPPORTED_LANGS)) {
$LANG = DEFAULT_LANG;
$LANG = config_get('options', 'default_lang');
}
if ($update_cookie) {
$cookie_time = time() + $PERSISTENT_COOKIE_TIMEOUT;
$timeout = intval(config_get('options', 'persistent_cookie_timeout'));
$cookie_time = time() + $timeout;
setcookie("AURLANG", $LANG, $cookie_time, "/");
}

2
web/template/actions_form.php
View file

@ -1,4 +1,4 @@
<?php if (!$USE_VIRTUAL_URLS): ?>
<?php if (!use_virtual_urls()): ?>
<div class="box">
<form action="<?= htmlspecialchars(get_pkg_uri($row['Name']), ENT_QUOTES); ?>" method="post">
<fieldset>

2
web/template/header.php
View file

@ -69,7 +69,7 @@
<li><a href="<?= get_uri('/logout/'); ?>"><?= __("Logout"); ?></a></li>
<?php else: ?>
<li><a href="<?= get_uri('/register/'); ?>"><?= __("Register"); ?></a></li>
<?php if ($DISABLE_HTTP_LOGIN && empty($_SERVER['HTTPS'])): ?>
<?php if (config_get_bool('options', 'disable_http_login') && empty($_SERVER['HTTPS'])): ?>
<li><a href="<?= $AUR_LOCATION . get_uri('/login/'); ?>"><?= __("Login"); ?></a></li>
<?php else: ?>
<li><a href="<?= get_uri('/login/'); ?>"><?= __("Login"); ?></a></li>

13
web/template/pkg_details.php
View file

@ -21,7 +21,8 @@ $updated_time = ($row["ModifiedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($r
$submitted_time = ($row["SubmittedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($row["SubmittedTS"]));
$out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($row["OutOfDateTS"]));
$urlpath = URL_DIR . substr($row['BaseName'], 0, 2) . "/" . $row['BaseName'];
$package_url = config_get('options', 'package_url');
$urlpath = $package_url . substr($row['BaseName'], 0, 2) . "/" . $row['BaseName'];
$lics = pkg_licenses($row["ID"]);
$grps = pkg_groups($row["ID"]);
@ -82,7 +83,7 @@ $sources = pkg_sources($row["ID"]);
<li><a href="<?= $urlpath . '/' . $row['BaseName'] ?>.tar.gz"><?= __('Download tarball') ?></a></li>
<li><a href="https://wiki.archlinux.org/index.php/Special:Search?search=<?= urlencode($row['Name']) ?>"><?= __('Search wiki') ?></a></li>
<li><span class="flagged"><?php if ($row["OutOfDateTS"] !== NULL) { echo __('Flagged out-of-date')." (${out_of_date_time})"; } ?></span></li>
<?php if ($USE_VIRTUAL_URLS && $uid): ?>
<?php if (use_virtual_urls() && $uid): ?>
<?php if ($row["OutOfDateTS"] === NULL): ?>
<li>
<form action="<?= get_pkgbase_uri($row['BaseName']) . 'flag/'; ?>" method="post">
@ -281,7 +282,7 @@ if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))):
<?php
if ($row["SubmitterUID"]):
if ($SID):
if (!$USE_VIRTUAL_URLS):
if (!use_virtual_urls()):
?>
<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&amp;ID=<?= htmlspecialchars($row['SubmitterUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($submitter) ?>"><?= html_format_username($submitter) ?></a></td>
<?php else: ?>
@ -299,7 +300,7 @@ if ($row["SubmitterUID"]):
<?php
if ($row["MaintainerUID"]):
if ($SID):
if (!$USE_VIRTUAL_URLS):
if (!use_virtual_urls()):
?>
<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&amp;ID=<?= htmlspecialchars($row['MaintainerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($maintainer) ?>"><?= html_format_username($maintainer) ?></a></td>
<?php else: ?>
@ -317,7 +318,7 @@ if ($row["MaintainerUID"]):
<?php
if ($row["PackagerUID"]):
if ($SID):
if (!$USE_VIRTUAL_URLS):
if (!use_virtual_urls()):
?>
<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&amp;ID=<?= htmlspecialchars($row['PackagerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($packager) ?>"><?= html_format_username($packager) ?></a></td>
<?php else: ?>
@ -333,7 +334,7 @@ if ($row["PackagerUID"]):
<tr>
<th><?= __('Votes') . ': ' ?></th>
<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?>
<?php if ($USE_VIRTUAL_URLS): ?>
<?php if (use_virtual_urls()): ?>
<td><a href="<?= get_pkgbase_uri($row['BaseName']); ?>voters/"><?= $votes ?></a></td>
<?php else: ?>
<td><a href="<?= get_uri('/voters/'); ?>?N=<?= htmlspecialchars($row['BaseName'], ENT_QUOTES) ?>"><?= $votes ?></a></td>

13
web/template/pkgbase_details.php
View file

@ -19,7 +19,8 @@ $updated_time = ($row["ModifiedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($r
$submitted_time = ($row["SubmittedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($row["SubmittedTS"]));
$out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($row["OutOfDateTS"]));
$urlpath = URL_DIR . substr($row['Name'], 0, 2) . "/" . $row['Name'];
$package_url = config_get('options', 'package_url');
$urlpath = $package_url . substr($row['Name'], 0, 2) . "/" . $row['Name'];
$pkgs = pkgbase_get_pkgnames($base_id);
?>
@ -33,7 +34,7 @@ $pkgs = pkgbase_get_pkgnames($base_id);
<li><a href="<?= $urlpath . '/' . $row['Name'] ?>.tar.gz"><?= __('Download tarball') ?></a></li>
<li><a href="https://wiki.archlinux.org/index.php/Special:Search?search=<?= urlencode($row['Name']) ?>"><?= __('Search wiki') ?></a></li>
<li><span class="flagged"><?php if ($row["OutOfDateTS"] !== NULL) { echo __('Flagged out-of-date')." (${out_of_date_time})"; } ?></span></li>
<?php if ($USE_VIRTUAL_URLS && $uid): ?>
<?php if (use_virtual_urls() && $uid): ?>
<?php if ($row["OutOfDateTS"] === NULL): ?>
<li>
<form action="<?= get_pkgbase_uri($row['Name']) . 'flag/'; ?>" method="post">
@ -140,7 +141,7 @@ if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))):
<?php
if ($row["SubmitterUID"]):
if ($SID):
if (!$USE_VIRTUAL_URLS):
if (!use_virtual_urls()):
?>
<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&amp;ID=<?= htmlspecialchars($row['SubmitterUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($submitter) ?>"><?= html_format_username($submitter) ?></a></td>
<?php else: ?>
@ -158,7 +159,7 @@ if ($row["SubmitterUID"]):
<?php
if ($row["MaintainerUID"]):
if ($SID):
if (!$USE_VIRTUAL_URLS):
if (!use_virtual_urls()):
?>
<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&amp;ID=<?= htmlspecialchars($row['MaintainerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($maintainer) ?>"><?= html_format_username($maintainer) ?></a></td>
<?php else: ?>
@ -176,7 +177,7 @@ if ($row["MaintainerUID"]):
<?php
if ($row["PackagerUID"]):
if ($SID):
if (!$USE_VIRTUAL_URLS):
if (!use_virtual_urls()):
?>
<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&amp;ID=<?= htmlspecialchars($row['PackagerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($packager) ?>"><?= html_format_username($packager) ?></a></td>
<?php else: ?>
@ -192,7 +193,7 @@ if ($row["PackagerUID"]):
<tr>
<th><?= __('Votes') . ': ' ?></th>
<?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?>
<?php if ($USE_VIRTUAL_URLS): ?>
<?php if (use_virtual_urls()): ?>
<td><a href="<?= get_pkgbase_uri($row['Name']); ?>voters/"><?= $votes ?></a></td>
<?php else: ?>
<td><a href="<?= get_uri('/voters/'); ?>?N=<?= htmlspecialchars($row['Name'], ENT_QUOTES) ?>"><?= $votes ?></a></td>

5
web/template/pkgreq_results.php
View file

@ -34,9 +34,10 @@
<?php while (list($indx, $row) = each($results)): ?>
<?php
$due = ($row['Open'] && time() - intval($row['RequestTS']) > $REQUEST_IDLE_TIME);
$idle_time = config_get_int('options', 'request_idle_time');
$due = ($row['Open'] && time() - intval($row['RequestTS']) > $idle_time);
if (!$due) {
$time_left = $REQUEST_IDLE_TIME - (time() - intval($row['RequestTS']));
$time_left = $idle_time - (time() - intval($row['RequestTS']));
if ($time_left > 48 * 3600) {
$time_left_fmt = __("~%d days left", round($time_left / (24 * 3600)));
} elseif ($time_left > 3600) {

2
web/template/tu_last_votes_list.php
View file

@ -21,7 +21,7 @@
?>
<tr class="<?= $c ?>">
<td>
<?php if (!$USE_VIRTUAL_URLS): ?>
<?php if (!use_virtual_urls()): ?>
<a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&amp;ID=<?= htmlspecialchars($row['UserID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($username) ?>"><?= html_format_username($username) ?></a></td>
<?php else: ?>
<a href="<?= get_uri('/account/') . html_format_username($username) ?>" title="<?= __('View account information for %s', html_format_username($username)) ?>"><?= html_format_username($username) ?></a>