external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Clean up of pkgsubmit.php

Browse source 
Moved some stuff around, rewrote some stuff although the functionality is
exactly the same as before

Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
This commit is contained in:
Callan Barrett 2008-06-13 19:45:40 +08:00
parent f5204ee18d
commit dc5b3d674e
1 changed files with 166 additions and 207 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

341
web/html/pkgsubmit.php
View file

@ -24,7 +24,7 @@ html_header("Submit");
<?php <?php
if ($_COOKIE["AURSID"]) { if ($_COOKIE["AURSID"]):
# Track upload errors # Track upload errors
$error = ""; $error = "";
@ -66,7 +66,7 @@ if ($_COOKIE["AURSID"]) {
if (!$error) { if (!$error) {
$pkgbuild = File_Find::search('PKGBUILD', $tempdir); $pkgbuild = File_Find::search('PKGBUILD', $tempdir);
if (count($pkgbuild) > 0) { if (count($pkgbuild)) {
$pkgbuild = $pkgbuild[0]; $pkgbuild = $pkgbuild[0];
$pkg_dir = dirname($pkgbuild); $pkg_dir = dirname($pkgbuild);
} else { } else {
@ -75,7 +75,8 @@ if ($_COOKIE["AURSID"]) {
} }
# if no error, get list of directory contents and process PKGBUILD # if no error, get list of directory contents and process PKGBUILD
# # TODO: This needs to be completely rewritten to support stuff like arrays
# and variable substitution among other things.
if (!$error) { if (!$error) {
# process PKGBIULD - remove line concatenation # process PKGBIULD - remove line concatenation
# #
@ -153,10 +154,6 @@ if ($_COOKIE["AURSID"]) {
$seen_build_function = 1; $seen_build_function = 1;
} }
} }
# XXX: closes bug #2280? Might as well let the loop complete rather
# than break after the build() function.
#
#if ($seen_build_function) {break;}
} }
# some error checking on PKGBUILD contents - just make sure each # some error checking on PKGBUILD contents - just make sure each
@ -166,32 +163,12 @@ if ($_COOKIE["AURSID"]) {
if (!$seen_build_function) { if (!$seen_build_function) {
$error = __("Missing build function in PKGBUILD."); $error = __("Missing build function in PKGBUILD.");
} }
if (!array_key_exists("md5sums", $pkgbuild)) {
$error = __("Missing md5sums variable in PKGBUILD."); $req_vars = array("md5sums", "source", "url", "pkgdesc", "license", "pkgrel", "pkgver", "arch", "pkgname");
foreach ($req_vars as $var) {
if (!array_key_exists($var, $pkgbuild)) {
$error = __("Missing " . $var . " variable in PKGBUILD.");
} }
if (!array_key_exists("source", $pkgbuild)) {
$error = __("Missing source variable in PKGBUILD.");
}
if (!array_key_exists("url", $pkgbuild)) {
$error = __("Missing url variable in PKGBUILD.");
}
if (!array_key_exists("pkgdesc", $pkgbuild)) {
$error = __("Missing pkgdesc variable in PKGBUILD.");
}
if (!array_key_exists("license", $pkgbuild)) {
$error = __("Missing license variable in PKGBUILD.");
}
if (!array_key_exists("pkgrel", $pkgbuild)) {
$error = __("Missing pkgrel variable in PKGBUILD.");
}
if (!array_key_exists("pkgver", $pkgbuild)) {
$error = __("Missing pkgver variable in PKGBUILD.");
}
if (!array_key_exists("arch", $pkgbuild)) {
$error = __("Missing arch variable in PKGBUILD.");
}
if (!array_key_exists("pkgname", $pkgbuild)) {
$error = __("Missing pkgname variable in PKGBUILD.");
} }
} }
@ -212,7 +189,7 @@ if ($_COOKIE["AURSID"]) {
# Now, run through the pkgbuild array and do any $pkgname/$pkgver # Now, run through the pkgbuild array and do any $pkgname/$pkgver
# substituions. # substituions.
# #
#TODO: run through and do ALL substitutions, to cover custom vars # TODO: run through and do ALL substitutions, to cover custom vars
if (!$error) { if (!$error) {
$pkgname_var = $pkgbuild["pkgname"]; $pkgname_var = $pkgbuild["pkgname"];
$pkgver_var = $pkgbuild["pkgver"]; $pkgver_var = $pkgbuild["pkgver"];
@ -226,54 +203,49 @@ if ($_COOKIE["AURSID"]) {
} }
} }
# now we've parsed the pkgbuild, let's move it to where it belongs # Now we've parsed the pkgbuild, let's move it to where it belongs
#
if (!$error) { if (!$error) {
$pkg_name = str_replace("'", "", $pkgbuild['pkgname']); $pkg_name = str_replace("'", "", $pkgbuild['pkgname']);
$pkg_name = escapeshellarg($pkg_name); $pkg_name = escapeshellarg($pkg_name);
$pkg_name = str_replace("'", "", $pkg_name); # get rid of single quotes $pkg_name = str_replace("'", "", $pkg_name);
# Solves the problem when you try to submit PKGBUILD
# that have the name with a period like (gstreamer0.10)
# Added support for packages with + characters like (mysql++).
$presult = preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $pkg_name); $presult = preg_match("/^[a-z0-9][a-z0-9\.+_-]*$/", $pkg_name);
if ($presult == FALSE || $presult <= 0) { if (!$presult) {
# FALSE => error processing regex, 0 => invalid characters
#
$error = __("Invalid name: only lowercase letters are allowed."); $error = __("Invalid name: only lowercase letters are allowed.");
} }
} }
if (!$error) { if (!$error) {
# first, see if this package already exists, and if it can be overwritten # First, see if this package already exists, and if it can be overwritten
#
$pkg_exists = package_exists($pkg_name); $pkg_exists = package_exists($pkg_name);
if (can_submit_pkg($pkg_name, $_COOKIE["AURSID"])) { if (can_submit_pkg($pkg_name, $_COOKIE["AURSID"])) {
if (file_exists(INCOMING_DIR . $pkg_name)) { if (file_exists(INCOMING_DIR . $pkg_name)) {
# blow away the existing file/dir and contents # Blow away the existing file/dir and contents
#
rm_rf(INCOMING_DIR . $pkg_name); rm_rf(INCOMING_DIR . $pkg_name);
} }
if (!@mkdir(INCOMING_DIR.$pkg_name)) { if (!@mkdir(INCOMING_DIR . $pkg_name)) {
$error = __("Could not create directory %s.", $error = __( "Could not create directory %s."
array(INCOMING_DIR.$pkg_name)); , INCOMING_DIR . $pkg_name
);
} }
rename($pkg_dir, INCOMING_DIR . $pkg_name . "/" . $pkg_name); rename($pkg_dir, INCOMING_DIR . $pkg_name . "/" . $pkg_name);
} else { } else {
$error = __("You are not allowed to overwrite the %h%s%h package.", $error = __( "You are not allowed to overwrite the %h%s%h package."
array("<b>", $pkg_name, "</b>")); , "<b>"
, $pkg_name
, "</b>"
);
} }
} }
# Re-tar the package for consistency's sake # Re-tar the package for consistency's sake
#
if (!$error) { if (!$error) {
if (!@chdir(INCOMING_DIR.$pkg_name)) { if (!@chdir(INCOMING_DIR . $pkg_name)) {
$error = __("Could not change directory to %s.", $error = __("Could not change directory to %s.",
array(INCOMING_DIR.$pkg_name)); array(INCOMING_DIR . $pkg_name));
} }
} }
@ -286,181 +258,161 @@ if ($_COOKIE["AURSID"]) {
} }
} }
# whether it failed or not we can clean this out # Whether it failed or not we can clean this out
if (file_exists($tempdir)) { if (file_exists($tempdir)) {
rm_rf($tempdir); rm_rf($tempdir);
} }
# update the backend database # Update the backend database
#
if (!$error) { if (!$error) {
$dbh = db_connect(); $dbh = db_connect();
# this is an overwrite of an existing package, the database ID
# This is an overwrite of an existing package, the database ID
# needs to be preserved so that any votes are retained. However, # needs to be preserved so that any votes are retained. However,
# PackageDepends, PackageSources, and PackageContents can be # PackageDepends and PackageSources can be purged.
# purged.
# $q = "SELECT * FROM Packages WHERE Name = '" . mysql_real_escape_string($new_pkgbuild['pkgname']) . "'";
$q = "SELECT * FROM Packages ";
$q.= "WHERE Name = '".mysql_real_escape_string($new_pkgbuild['pkgname'])."'";
$result = db_query($q, $dbh); $result = db_query($q, $dbh);
$pdata = mysql_fetch_assoc($result); $pdata = mysql_fetch_assoc($result);
if ($pdata) { if ($pdata) {
# flush out old data that will be replaced with new data # Flush out old data that will be replaced with new data
# $q = "DELETE FROM PackageDepends WHERE PackageID = " . $pdata["ID"];
$q = "DELETE FROM PackageDepends WHERE PackageID = ".$pdata["ID"];
db_query($q, $dbh); db_query($q, $dbh);
$q = "DELETE FROM PackageSources WHERE PackageID = ".$pdata["ID"]; $q = "DELETE FROM PackageSources WHERE PackageID = " . $pdata["ID"];
db_query($q, $dbh); db_query($q, $dbh);
# update package data # If the package was a dummy, undummy it
# if ($pdata['DummyPkg']) {
$q = "UPDATE Packages SET "; $q = sprintf( "UPDATE Packages SET DummyPkg = 0, SubmitterUID = %d, MaintainerUID = %d, SubmittedTS = UNIX_TIMESTAMP() WHERE ID = %d"
# if the package was a dummy, undummy it and change submitter , uid_from_sid($_COOKIE["AURSID"])
# also give it a maintainer so we dont go making an orphan , uid_from_sid($_COOKIE["AURSID"])
if ($pdata['DummyPkg'] == 1) { , $pdata["ID"]
$q.= "DummyPkg = 0, "; );
$q.= "SubmitterUID = ".uid_from_sid($_COOKIE["AURSID"]).", ";
$q.= "MaintainerUID = ".uid_from_sid($_COOKIE["AURSID"]).", "; db_query($q, $dbh);
$q.= "SubmittedTS = UNIX_TIMESTAMP(), ";
} else {
$q.="ModifiedTS = UNIX_TIMESTAMP(), ";
} }
$q.="Name='".mysql_real_escape_string($new_pkgbuild['pkgname'])."', ";
$q.="Version='".mysql_real_escape_string($new_pkgbuild['pkgver'])."-". # If a new category was chosen, change it to that
mysql_real_escape_string($new_pkgbuild['pkgrel'])."',";
if ($_POST['category'] > 1) { if ($_POST['category'] > 1) {
$q.="CategoryID=".mysql_real_escape_string($_REQUEST['category']).", "; $q = sprintf( "UPDATE Packages SET CategoryID = %d WHERE ID = %d"
, mysql_real_escape_string($_REQUEST['category'])
, $pdata["ID"]
);
db_query($q, $dbh);
} }
$q.="License='".mysql_real_escape_string($new_pkgbuild['license'])."', ";
$q.="Description='".mysql_real_escape_string($new_pkgbuild['pkgdesc'])."', ";
$q.="URL='".mysql_real_escape_string($new_pkgbuild['url'])."', ";
$q.="LocationID=2, ";
$fspath=INCOMING_DIR.$pkg_name."/".$pkg_name.".tar.gz";
$q.="FSPath='".mysql_real_escape_string($fspath)."', ";
$urlpath=URL_DIR.$pkg_name."/".$pkg_name.".tar.gz";
$q.="OutOfDate=0, ";
$q.="URLPath='".mysql_real_escape_string($urlpath)."' ";
$q.="WHERE ID = " . $pdata["ID"];
$result = db_query($q, $dbh);
# update package depends # Update package data
# $q = sprintf( "UPDATE Packages SET ModifiedTS = UNIX_TIMESTAMP(), Name = '%s', Version = '%s-%s', License = '%s', Description = '%s', URL = '%s', LocationID = 2, FSPath = '%s', URLPath = '%s', OutOfDate = 0 WHERE ID = %d"
, mysql_real_escape_string($new_pkgbuild['pkgname'])
, mysql_real_escape_string($new_pkgbuild['pkgver'])
, mysql_real_escape_string($new_pkgbuild['pkgrel'])
, mysql_real_escape_string($new_pkgbuild['license'])
, mysql_real_escape_string($new_pkgbuild['pkgdesc'])
, mysql_real_escape_string($new_pkgbuild['url'])
, mysql_real_escape_string(INCOMING_DIR . $pkg_name . "/" . $pkg_name . ".tar.gz")
, mysql_real_escape_string(URL_DIR . $pkg_name . "/" . $pkg_name . ".tar.gz")
, $pdata["ID"]
);
db_query($q, $dbh);
# Update package depends
$depends = explode(" ", $new_pkgbuild['depends']); $depends = explode(" ", $new_pkgbuild['depends']);
foreach ($depends as $dep) {
while (list($k, $v) = each($depends)) {
$q = "INSERT INTO PackageDepends (PackageID, DepPkgID, DepCondition) VALUES ("; $q = "INSERT INTO PackageDepends (PackageID, DepPkgID, DepCondition) VALUES (";
$deppkgname = preg_replace("/[<>]?=.*/", "", $v); $deppkgname = preg_replace("/[<>]?=.*/", "", $dep);
$depcondition = str_replace($deppkgname, "", $v); $depcondition = str_replace($deppkgname, "", $dep);
# Solve the problem with comments and deps
# added by: dsa <dsandrade@gmail.com>
if ($deppkgname == "#") { break; } if ($deppkgname == "#") { break; }
$deppkgid = create_dummy($deppkgname, $_COOKIE['AURSID']); $deppkgid = create_dummy($deppkgname, $_COOKIE['AURSID']);
$q .= $pdata["ID"] . ", " . $deppkgid . ", '" . mysql_real_escape_string($depcondition) . "')";
if(!empty($depcondition)) {
$q .= $pdata["ID"].", ".$deppkgid.", '".$depcondition."')";
} else {
$q .= $pdata["ID"].", ".$deppkgid.", '')";
}
db_query($q, $dbh); db_query($q, $dbh);
} }
# Insert sources, if they don't exist don't inser them # Insert sources
#
if ($new_pkgbuild['source'] != "") {
$sources = explode(" ", $new_pkgbuild['source']); $sources = explode(" ", $new_pkgbuild['source']);
while (list($k, $v) = each($sources)) { foreach ($sources as $src) {
$q = "INSERT INTO PackageSources (PackageID, Source) VALUES ("; $q = "INSERT INTO PackageSources (PackageID, Source) VALUES (";
$q .= $pdata["ID"].", '".mysql_real_escape_string($v)."')"; $q .= $pdata["ID"] . ", '" . mysql_real_escape_string($src) . "')";
db_query($q, $dbh); db_query($q, $dbh);
} }
}
} else {
# this is a brand new package
#
$q = "INSERT INTO Packages ";
$q.= " (Name, License, Version, CategoryID, Description, URL, LocationID, ";
$q.= " SubmittedTS, SubmitterUID, MaintainerUID, FSPath, URLPath) ";
$q.= "VALUES ('";
$q.= mysql_real_escape_string($new_pkgbuild['pkgname'])."', '";
$q.= mysql_real_escape_string($new_pkgbuild['license'])."', '";
$q.= mysql_real_escape_string($new_pkgbuild['pkgver'])."-".
mysql_real_escape_string($new_pkgbuild['pkgrel'])."', ";
$q.= mysql_real_escape_string($_REQUEST['category']).", '";
$q.= mysql_real_escape_string($new_pkgbuild['pkgdesc'])."', '";
$q.= mysql_real_escape_string($new_pkgbuild['url']);
$q.= "', 2, ";
$q.= "UNIX_TIMESTAMP(), ";
$q.= uid_from_sid($_COOKIE["AURSID"]).", ";
$q.= uid_from_sid($_COOKIE["AURSID"]).", '";
$fspath=INCOMING_DIR.$pkg_name."/".$pkg_name.".tar.gz";
$q.= mysql_real_escape_string($fspath)."', '";
$urlpath=URL_DIR.$pkg_name."/".$pkg_name.".tar.gz";
$q.= mysql_real_escape_string($urlpath)."')";
$result = db_query($q, $dbh);
# print $result . "<br>";
} else {
# This is a brand new package
$q = sprintf( "INSERT INTO Packages (Name, License, Version, CategoryID, Description, URL, LocationID, SubmittedTS, SubmitterUID, MaintainerUID, FSPath, URLPath) VALUES ('%s', '%s', '%s-%s', %d, '%s', '%s', 2, UNIX_TIMESTAMP(), %d, %d, '%s', '%s')"
, mysql_real_escape_string($new_pkgbuild['pkgname'])
, mysql_real_escape_string($new_pkgbuild['license'])
, mysql_real_escape_string($new_pkgbuild['pkgver'])
, mysql_real_escape_string($new_pkgbuild['pkgrel'])
, mysql_real_escape_string($_REQUEST['category'])
, mysql_real_escape_string($new_pkgbuild['pkgdesc'])
, mysql_real_escape_string($new_pkgbuild['url'])
, uid_from_sid($_COOKIE["AURSID"])
, uid_from_sid($_COOKIE["AURSID"])
, mysql_real_escape_string(INCOMING_DIR . $pkg_name . "/" . $pkg_name . ".tar.gz")
, mysql_real_escape_string(URL_DIR . $pkg_name . "/" . $pkg_name . ".tar.gz")
);
$result = db_query($q, $dbh);
$packageID = mysql_insert_id($dbh); $packageID = mysql_insert_id($dbh);
# update package depends # Update package depends
#
$depends = explode(" ", $new_pkgbuild['depends']); $depends = explode(" ", $new_pkgbuild['depends']);
while (list($k, $v) = each($depends)) { foreach ($depends as $dep) {
$q = "INSERT INTO PackageDepends (PackageID, DepPkgID, DepCondition) VALUES ("; $q = "INSERT INTO PackageDepends (PackageID, DepPkgID, DepCondition) VALUES (";
$deppkgname = preg_replace("/[<>]?=.*/", "", $v); $deppkgname = preg_replace("/[<>]?=.*/", "", $dep);
$depcondition = str_replace($deppkgname, "", $v); $depcondition = str_replace($deppkgname, "", $dep);
# Solve the problem with comments and deps
# added by: dsa <dsandrade@gmail.com>
if ($deppkgname == "#") { break; } if ($deppkgname == "#") { break; }
$deppkgid = create_dummy($deppkgname, $_COOKIE['AURSID']); $deppkgid = create_dummy($deppkgname, $_COOKIE['AURSID']);
$q .= $packageID . ", " . $deppkgid . ", '" . mysql_real_escape_string($depcondition) . "')";
if(!empty($depcondition)) {
$q .= $packageID.", ".$deppkgid.", '".$depcondition."')";
} else {
$q .= $packageID.", ".$deppkgid.", '')";
}
db_query($q, $dbh); db_query($q, $dbh);
} }
# insert sources # Insert sources
#
if ($new_pkgbuild['source'] != "") {
$sources = explode(" ", $new_pkgbuild['source']); $sources = explode(" ", $new_pkgbuild['source']);
while (list($k, $v) = each($sources)) { foreach ($sources as $src) {
$q = "INSERT INTO PackageSources (PackageID, Source) VALUES ("; $q = "INSERT INTO PackageSources (PackageID, Source) VALUES (";
$q .= $packageID.", '".mysql_real_escape_string($v)."')"; $q .= $packageID . ", '" . mysql_real_escape_string($src) . "')";
db_query($q, $dbh); db_query($q, $dbh);
} }
}
} }
} }
# must chdir because include dirs are relative!
chdir($_SERVER['DOCUMENT_ROOT']); chdir($_SERVER['DOCUMENT_ROOT']);
} }
if (!$_REQUEST["pkgsubmit"] || $error) { if (!$_REQUEST["pkgsubmit"] || $error):
# User is not uploading, or there were errors uploading - then # User is not uploading, or there were errors uploading - then
# give the visitor the default upload form # give the visitor the default upload form
# if (ini_get("file_uploads")):
if (ini_get("file_uploads")) { if ($error):
if ($error) { ?>
print "<span class='error'>".$error."</span><br />\n";
print "<br />\n";
}
if ($warning) { <span class='error'><?php print $error; ?></span><br />
print "<br><span class='error'>".$warning."</span><br />\n"; <br />
print "<br />\n";
} <?php
endif;
if ($warning):
?>
<br><span class='error'><?php print $warning; ?></span><br />
<br />
<?php
endif;
$pkg_categories = pkgCategories(); $pkg_categories = pkgCategories();
$pkg_locations = pkgLocations(); $pkg_locations = pkgLocations();
@ -475,13 +427,13 @@ if ($_COOKIE["AURSID"]) {
<select name='category'> <select name='category'>
<option value='1'><?php print __("Select Category"); ?></option> <option value='1'><?php print __("Select Category"); ?></option>
<?php <?php
while (list($k, $v) = each($pkg_categories)) { foreach ($pkg_categories as $num => $cat):
print "<option value='".$k."'"; print "<option value='" . $num . "'";
if (isset($_POST['category']) && $_POST['category'] == $k) { if (isset($_POST['category']) && $_POST['category'] == $cat):
print " selected='selected'"; print " selected='selected'";
} endif;
print "> " . $v . "</option>"; print ">" . $cat . "</option>";
} endforeach;
?> ?>
</select> </select>
</td> </td>
@ -501,34 +453,41 @@ if ($_COOKIE["AURSID"]) {
</form> </form>
<?php <?php
} else { else:
print __("Sorry, uploads are not permitted by this server."); print __("Sorry, uploads are not permitted by this server.");
print "<br />\n"; ?>
}
} else { <br />
<?php
endif;
else:
print __("Package upload successful."); print __("Package upload successful.");
if ($warning) { if ($warning):
print "<span class='warning'>".$warning."</span><br />\n"; ?>
print "<br />\n";
}
}
} else { <span class='warning'><?php print $warning; ?></span><br />
# visitor is not logged in <br />
#
<?php
endif;
endif;
else:
# Visitor is not logged in
print __("You must create an account before you can upload packages."); print __("You must create an account before you can upload packages.");
print "<br />\n"; ?>
}
<br />
<?php
endif;
?> ?>
</div> </div>
</div> </div>
<?php <?php
html_footer(AUR_VERSION); html_footer(AUR_VERSION);
# vim: ts=2 sw=2 noet ft=php # vim: ts=2 sw=2 noet ft=php
?> ?>