* Move DB code in rss.php to new function in aur.inc.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move DB code in tu.php and tu.php and tu_list.php to new functions in
accfuncs.inc.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move DB code in account.php to new functions in acctfuncs.inc.php
* Centralization of DB code important in a future transition to PDO interface
* Consolidate redudant SQL statements from DisplayAccount and AccountInfo
* Consolidation also adds ability to edit accounts based on username
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move DB code in pkgsubmit.php to new functions in aur.inc.php and
pkgfuncs.inc.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move DB code in passreset.php to new functions in acctfuncs.inc.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move DB code for removing a session in logout.php to a new function in
acctfuncs.inc.php
* Add ability for clear_expired_sessions function to check for DB connection
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move DB code and e-mail code from pkg_comment_form.php to new function in
pkgfuncs.inc.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move DB code from pkg_search_results.php to already existing function
in pkgfuncs.inc.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move DB code from account_search_results.php to already existing function
in acctfuncs.inc.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Create new functions in pkgfuncs.inc.php with SQL queries from
action_form.php
* Centralization of DB code important in a future transition to PDO interface
* Flip logic of vote and notify XHTML button to use function return rather
than a more confusing NOT (!) logical operator statement
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Verifying a username exists should use already present valid_user function
* Create new functions in acctfuncs.inc.php with SQL queries from addvote.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Create new function in pkgfuncs.inc.php with SQL queries from voters.php
* Centralization of DB code important in a future transition to PDO interface
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Move all languages to a select container to save some space. Language
selection is a rarely used feature, so there's no need to make this a
one click option.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Change all CSS to match archweb
* General clean-up of XHTML formatting
* Change control structures to use PHP alternative syntax for better
readability with inter-mixed XHTML
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Remove "Bugs" and "Discussion" links. Move these to the home page.
* Reorder links in a reasonable and consistent manner.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
Do not show the login form on every page. Move it to a separate login
page and add a link to the navigation bar. Also, add a logout link for
logged-in users.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
* Switch to CSS used by archweb
* General fixups in XHTML
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
XHTML should be eliminated from lib/ as much as possible. This pulls the XHTML
out of a function that simply echoes the code, and moves it into a more
reasonable template file in account_search_results.php
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
XHTML should be eliminated from lib/ as much as possible. This pulls the XHTML
out of a function that simply echoes the code, and moves it into a more
reasonable template file in account_edit_form.php
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Use CSS from archweb
* General clean-up of XHTML formatting
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Switch CSS over to archweb styling
* General clean-up of XHTML
* Set proposal box size to something more sane for a default
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Change all boxes and other CSS to match archweb
* General fixups in XHTML formatting
* Change results table to match color scheme everywhere else
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Move stat tables into widget boxes to match archweb
* Remove old span styles
* Clean-up XHTML formatting
* Minor whitespace fix
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Limit PHP echoing XHTML as much as possible, and use pure XHTML
* Switch to alternative syntax in control structures for better readability of
inter-mixed XHTML
* Remove box for every comment and switch to archweb news post style
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Adjust style to match the overall layout.
* Use proper HTML tags and double quotes.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
* Adjust style to match the overall layout.
* Use proper HTML tags and double quotes.
* Remove the "Reset" button.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
* Currently voters.php has no navigation links and/or styling. This patch adds
the appropriate styling
* User PHP alternative syntax for control structures
* Change a variable name to more frequently used "atype"
* General clean-up of XHTML
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Also, add a copyright notice and the disclaimer.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
* Switch to CSS used by archweb
* Move package search to a smaller box to match the style of the main site
* Add text describing mailing list and bug tracker. Eventually remove those
associated nav bar links.
* General clean-up of XHTML
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Change search results table to use CSS from archweb with better alternating
line contrast
* Change table results header to match archweb
* General clean-up of XHTML
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Rearrange order of package details to a more logical order
* Add widget box on right side of page that has package actions. Limited to
viewing PKGBUILD, downloading tarball, and printing package flag date.
Eventually should be able to support all AUR package actions.
* Move "Dependencies" and "Required by" to new CSS to allow for them to be
displayed as columns adjacent to one another, with one package per line.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Using a div container to format heading is ridiculous. Use "<h2></h2>"
instead.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
* Add "archweb.css" from the master branch of archweb. We will use this
as base style sheet in the future.
* Add "aur.css" for AUR-specific extensions to "archweb.css".
* Remove the "archnavbar.css" link from the header template since this
is included in "archweb.css".
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
We fixed this for the fields displayed on the package details page in
commit b5fffe9a02cd4fd3b7da66e403f02eea89c8fcad. This should fix the
remaining ones.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: canyonknight <canyonknight@gmail.com>
No need to show a full RFC 2822-compliant date here. Instead, display
date, hours and minutes for "Last Updated" and "First Submitted" fields
and display the date only for the out-of-date time stamp.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: canyonknight <canyonknight@gmail.com>
A mix of logical operator styles are currently in use. The predominant style
uses "&&" and "||" instead of "and" and "or", respectively. This inconsistency
is minor, but is easily avoided.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Introduce ability to specify number of open and closed dummy trusted user
proposals
* First step for eventually adding dummy votes for proposals
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
There is no reason the MaintainerUID can't be treated as a string within this
script. By changing to a string an "if" statement can be eliminated.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Exit with an error if fortune command isn't found
* No reason to enforce the "-l" option from the fortune command
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Remove outdated information
* Give a brief synopsis of what the web visible PHP files do
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Old README file is severely outdated, update with current information.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Move documentation related to installation to a separate INSTALL file.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This allows for getting the package names of multiple packages at once,
without having to iterate over them and making one DB query per package.
pkgname_from_id() now accepts both integer arrays and single integers
(backwards compatibility mode).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Specially crafted pages can force authenticated users to unknowingly perform
actions on the AUR website despite being on an attacker's website. This
cross-site request forgery (CSRF) vulnerability applies to all POST data on
the AUR.
Implement a token system using a double submit cookie. Have a hidden form
value on every page containing POST forms. Use the newly added check_token() to
verify the token sent via POST matches the "AURSID" cookie value. Random
nature of the token limits potential for CSRF.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Rather than looking up by username, it makes more sense to look the
stats up by user ID to reduce the number of needed joins.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
