For some reason we were doing this song and dance "iterate all the known
parameters" business. This is totally unnecessary, clutters the links,
and was spewing errors all over the place, so kill it.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
We don't need mysql_real_escape_string(), we need valid integer
conversions.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Since only TUs/Devs can delete packages, we can remove almost all checks
except the account type check. And now that our DB uses foreign keys,
all of the other deletes happen implicitly when a package is deleted so
we don't need to take care of it here.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This change is necessary to prevent this:
mysql> delete from Users where ID = 112;
ERROR 1451 (23000): Cannot delete or update a parent row: a foreign key constraint fails (`aur`.`Packages`, CONSTRAINT `Packages_ibfk_2` FOREIGN KEY (`SubmitterUID`) REFERENCES `Users` (`ID`) ON DELETE NO ACTION)
As a bonus, due to foreign keys, orphaning of packages will be
automatic.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Remove comment that is mostly bogus- the domain is automatically set.
* When logging out, don't delete the language cookie.
* Make the language cookie persistent.
* Use the minimal time possible to expire cookies; no need to compute
anything.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
We should not rely on the default server setting staying the same
forever.
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Most of the PHP-code was moved to pkgfuncs.php to keep the template simple.
Signed-off-by: PyroPeter <abi1789@googlemail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Can be used to blacklist package names for normal users. TUs and
developers are not affected. This is especially useful if used together
with a cron job that updates the blacklist periodically, e.g. to reject
packages which are available in the binary repos (FS#12902).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
We don't need this anymore since all packages managed here are
well...managed here. Rip out all of the places we were using this field,
many of which depended on the magic value '2' anyway.
On the display side of things, we had a column that was always showing
'unsupported' that is now gone, and you can no longer sort by this column.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Percent signs ("%") and underscores ("_") are not escaped by
mysql_real_escape_string() and are interpreted as wildcards if combined
with "LIKE", so we need to deal with them separately.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Implemented recursive directory deletion in PHP properly without the use
of exec(). This improves security, performance and portability and makes
the code compatible with PHP's Safe Mode as well as with PHP setups that
disable exec() using the "disable_functions" directive.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Comments are now split at link boundaries and links are converted
separately. I find this to be a much cleaner way than re-converting
comments that have already been converted using htmlspecialchars(). This
also doesn't require any callback procedure.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
