Removes reassignment of $base_id in web/template/pkg_comments.php as it is
assigned in both pkgbase_display_details() and pkg_display_details().
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Apparently the reference to "files" can be confusing.
Fixes FS#47167.
Signed-off-by: Eli Schwartz <eschwartz93@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This code is no longer needed since 9746a65 (Port notification routines
to Python, 2015-06-27).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
According to RFC 3696 (and the associated errata), an email address can
be up to 256 characters long. Change the database field and the length
limit on all input fields accordingly.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Change the maxlength attribute of the user name input field such that it
corresponds to the username_max_len option.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
If a dependency neither exists in the official repositories nor in the
AUR, make it appear bold red.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Remove the "(unknown)" suffix that used to be shown for optional
dependencies without a description.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
When obtaining provisions using pkg_providers(), we already include
virtual providers from the official repositories, virtual providers from
the AUR and trivial providers (i.e. packages having the given name) from
the official repositories. Include trivial providers from the AUR as
well.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Since commit 16765d5 (Track providers in the official repositories,
2015-10-21), we know all packages and virtual provisions from the
official repositories. Always obtain and display all providers from both
the official repositories and the AUR.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This currently does not work. Disable it until we have proper support
for flagging multiple packages on the flag page.
Fixes FS#46780.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Maintain a list of virtual provisions of packages from the official
binary package repositories. The list can be updated using the aurblup
script, e.g. via a cronjob.
This allows for adding proper links to package dependencies: If an AUR
package depends on a package from the official repositories (or on a
name provided by a package from the official repositories), add a link
to the corresponding archweb package details page. If an AUR package
depends on another AUR package (or on a name provided by another AUR
package), add a link to the corresponding aurweb package details page.
Otherwise, just display the name and do not add a link at all.
Fixes FS#46549.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This makes the code slightly more efficient and allows for easily
determining the users that were added/removed to the co-maintainer list.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Instead of hardcoding the RPC interface documentation in rpc.php,
include the HTML code of the documentation page generated by AsciiDoc.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
When deleting a package base from the package base deletion form, do not
try to redirect to the package base details page afterwards. Instead,
jump to the package overview.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
After performing a package base action on a separate page, return to the
corresponding package base details page.
Partly fixes FS#46545.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Fixes a regression introduced in 94aeead (aurjson: Pass http_data array
to all functions, 2015-06-28).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Instead of introducing a new message "You do not have the right to edit
this comment." for the RPC interface, use "You are not allowed to edit
this comment." which we already show in the front-end.
Reported-by: Christoph Seitz <seitz.christoph@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Use a better description for sorting by modification time, as it is not
clear whether "Age" refers to the package creation date or to the
modification date.
The possibility to sort by "Age" is kept internally (but hidden from the
user interface) such that old links to search results still work.
Fixes FS#46319.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
When requesting package details, instead of performing another SQL query
to obtain the package name, extract the name from the result of the
package details query.
Also, drop pkg_name_from_id() which is no longer needed after this
optimization.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
In 74edb6f (Use Git repositories to store packages, 2014-06-06), package
creation was moved to the Python backend. Remove several PHP functions
that are no longer needed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Do not use the same function for generating dependency and inverse
dependency links. Instead, factor out common code and create two
separate functions for those (rather different) functionalities.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
When a package base is merged into another one, followers of the old
package base usually want to be notified about comments the new package
base as well.
Fixes FS#27687.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
For all "virtual provisions" in package dependencies, show links to the
actual packages providing the dependency.
This partly implements FS#14125.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
The callback parameter of the RPC interface currently allows for
specifying a prefix of arbitrary length of the returned result. This can
be exploited by certain attacks.
As a countermeasure, this patch restricts the allowed character set for
the callback name to letters, digits, underscores, parenthesis and dots.
It also limits the length of the name to 128 characters. Furthermore,
the reflected callback name is now always prepended with "/**/", which
is a common workaround to protect against attacks such as Rosetta Flash.
Fixes FS#46259.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Accept both user names and email addresses in the login prompt.
Suggested-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This helper function was almost 100% identical to uid_from_username().
Switch to using uid_from_username(), which has a much better name and
implementation, everywhere.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
