* Change all CSS to match archweb
* General clean-up of XHTML formatting
* Change control structures to use PHP alternative syntax for better
readability with inter-mixed XHTML
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Remove "Bugs" and "Discussion" links. Move these to the home page.
* Reorder links in a reasonable and consistent manner.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
Do not show the login form on every page. Move it to a separate login
page and add a link to the navigation bar. Also, add a logout link for
logged-in users.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
XHTML should be eliminated from lib/ as much as possible. This pulls the XHTML
out of a function that simply echoes the code, and moves it into a more
reasonable template file in account_search_results.php
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
XHTML should be eliminated from lib/ as much as possible. This pulls the XHTML
out of a function that simply echoes the code, and moves it into a more
reasonable template file in account_edit_form.php
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Use CSS from archweb
* General clean-up of XHTML formatting
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Change all boxes and other CSS to match archweb
* General fixups in XHTML formatting
* Change results table to match color scheme everywhere else
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move stat tables into widget boxes to match archweb
* Remove old span styles
* Clean-up XHTML formatting
* Minor whitespace fix
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Limit PHP echoing XHTML as much as possible, and use pure XHTML
* Switch to alternative syntax in control structures for better readability of
inter-mixed XHTML
* Remove box for every comment and switch to archweb news post style
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Adjust style to match the overall layout.
* Use proper HTML tags and double quotes.
* Remove the "Reset" button.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
Also, add a copyright notice and the disclaimer.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
* Change search results table to use CSS from archweb with better alternating
line contrast
* Change table results header to match archweb
* General clean-up of XHTML
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Rearrange order of package details to a more logical order
* Add widget box on right side of page that has package actions. Limited to
viewing PKGBUILD, downloading tarball, and printing package flag date.
Eventually should be able to support all AUR package actions.
* Move "Dependencies" and "Required by" to new CSS to allow for them to be
displayed as columns adjacent to one another, with one package per line.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Using a div container to format heading is ridiculous. Use "<h2></h2>"
instead.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
* Add "archweb.css" from the master branch of archweb. We will use this
as base style sheet in the future.
* Add "aur.css" for AUR-specific extensions to "archweb.css".
* Remove the "archnavbar.css" link from the header template since this
is included in "archweb.css".
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
We fixed this for the fields displayed on the package details page in
commit b5fffe9a02cd4fd3b7da66e403f02eea89c8fcad. This should fix the
remaining ones.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
No need to show a full RFC 2822-compliant date here. Instead, display
date, hours and minutes for "Last Updated" and "First Submitted" fields
and display the date only for the out-of-date time stamp.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: canyonknight <canyonknight@gmail.com>
A mix of logical operator styles are currently in use. The predominant style
uses "&&" and "||" instead of "and" and "or", respectively. This inconsistency
is minor, but is easily avoided.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This is more user-friendly than supporting package IDs only and can be
used as a basis to support direct links to AUR packages in places where
links are computer-produced (e.g. Wiki templates).
Addresses FS#21600 and FS#28839.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Use "undisclosed-recipients: ;" when sending mass notifications (such as
comment notifications and the like. Addresses FS#28229.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Escape each output string using htmlspecialchars(). These aren't
exploitable; it's still better to escape them properly.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Escape strings properly using htmlspecialchars(). Seems like we missed
these in former cleanups. Fixes FS#28515.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This should be set to something like 'http://localhost' for development
or 'https://aur.archlinux.org' in production. It ensures all links in
the site stay in the development site and there is no sudden jump from
development to production environments.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Wrap mysql_real_escape_string() in a wrapper function db_escape_string()
to ease porting to other databases, and as another step to pulling more
of the database code into a central location.
This is a rebased version of a patch by elij submitted about half a year
ago.
Thanks-to: elij <elij.mx@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Conflicts:
web/lib/aur.inc.php
Wrap mysql_real_escape_string() in a wrapper function db_escape_string()
to ease porting to other databases, and as another step to pulling more
of the database code into a central location.
This is a rebased version of a patch by elij submitted about half a year
ago.
Thanks-to: elij <elij.mx@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Replacing with CSS styles where appropriate. A previously unused CSS
style is tweaked in the stylesheet to match most of what was done via
non-CSS styling.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This makes the "Category" label as well as "Change category" button on
the package details page translatable. Fixes FS#25692.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
If this is enabled, do not show the login form and display a note
suggesting to switch to a secure connection if a user accesses the site
via HTTP.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
These were never used in the function. Where they are used is in the
pkg_details.php template, so move them closer to their actual usage so
as not to confuse poor programmers such as myself.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Merge all comments and votes of deleted packages into another package if
the "Merge with" field is used. Duplicate votes (votes from a user who
already voted on the target package or voted on more than one of the
deleted packages) are discarded.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This implements the following scheme:
* /packages/cower/ --> /packages/co/cower/
* /packages/j/ --> /packages/j/j/
* /packages/zqy/ --> /packages/zq/zqy/
We take up to the first two characters of each package name as a
intermediate subdirectory, and then the full package name lives
underneath that. Shorter named packages live in a single letter
directory.
Why, you ask? Well because earlier today the AUR hit 32,000 entries in
the unsupported/ directory, making new package uploads impossible. While
some might argue we shouldn't have so many damn packages in the repos,
we should be able to handle this case.
Why two characters instead of one? Our two biggest two-char groups, 'pe'
and 'py', both start with 'p', and have nearly 2000 packages each. Go
Python and Perl.
Still needed is a "move the existing data" script, as well as a set of
rewrite rules for those wishing to preserve backward compatible URLs for
any helper programs doing the wrong thing and relying on them.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
make the sql query form consistent in usage by cleaning up instances
where db_query's result was not inspected before attempting to fetch row
data from the handle
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Basically just sync with what archweb currently uses, prefixing all
relative URLs with "http://www.archlinux.org".
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
There may be characters in package dependencies that are reserved within
URLs (e.g. "+"). Use urlencode() to ensure those are encoded correctly.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Instead, we just store dependencies directly in the PackageDepends
table. Since we don't use this info anywhere besides the package details
page, there is little value in precalculating what is in the AUR vs.
what is not.
An upgrade path is provided via several SQL statements in the UPGRADING
document. There should be no user-visible change from this, but the DB
schema gets a bit more sane and we no longer have loads of junk packages
in our tables that are never shown to the end user. This should also
help the MySQL query planner in several cases as we no longer have to be
careful to exclude dummy packages on every query.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Set it equal to the SubmittedTS field, which will be our indication the
package is new when we show the logo on the front page of the AUR.
This results in the ability to remove the use of the unindexable
GREATEST() function from the AUR code everywhere we had to use it before
to handle the 0 timestamp case.
Note that there is no race condition here in calling UNIX_TIMESTAMP()
twice- it always returns the time at the beginning of statment
execution:
mysql> select unix_timestamp(), sleep(2), unix_timestamp();
+------------------+----------+------------------+
| unix_timestamp() | sleep(2) | unix_timestamp() |
+------------------+----------+------------------+
| 1300851746 | 0 | 1300851746 |
+------------------+----------+------------------+
1 row in set (2.00 sec)
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
