This partly reverts commit ddc5435 (Add packages' provides and replaces
to the blacklist in aurblup., 2011-02-08). While adding replaces is
fine, blacklisting provides prevents from uploading alternative
implementations of a program which is not what we want.
Fixes FS#43381.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
The number of columns in the SQLs doesn't match the number of rows,
so an error like below occurs:
ERROR 1136 (21S01) at line 50929: Column count doesn't match value count
at row 1
Signed-off-by: Shinya Yamaoka <contact@mail.libmacro.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
We already check for a minimum password length on the account edit page.
Add the same check to the password reset form (which is also used to set
an initial password).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Support for non-virtual URLs has been broken for a long time and is no
longer used on the official AUR setup.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Replace web/lib/config.inc.php with an INI-style configuration file.
This allows us to get rid of several globals and makes it easier to use
the same configuration file in external scripts.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
As a follow-up to 4d7da95 (Add support for architecture-specific fields,
2014-08-10), handle architecture-specific source fields as well.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This can be used to regularly generate lists of packages and package
bases that are made available under /packages.gz and /pkgbase.gz,
respectively.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This adds support for architecture-specific dependencies and relations.
Support for this has recently been added to makepkg, see commit 2b556d8
(PKGBUILD: handle arch specific attributes, 2014-07-25) in the pacman
repository for details.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Only show the request form to users that are logged in.
* Only show the close request form to Trusted Users and developers.
* Check for a valid login in pkgreq_file().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Return true if and only if the SQL query was executed successfully.
Logins with an unsalted password no longer fail now.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Automatically add users to the notification list when adopting a
package. This used to work bug was broken by 03c6304 (Rework permission
handling, 2014-07-15). Fixes FS#41426.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
When using preg_match() to check for a match that starts at the
beginning of the string and ends at the last character of the string, we
do not want to allow an additional newline character to sneak in.
Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY
modifier prevents users from registering with user names that end with a
newline character.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Trusted Users should almost always wait for two weeks before accepting
an orphan request. Lock orphan requests during the first two weeks.
Package bases can still be orphaned and package requests can still be
closed manually during that period of time.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
When auto-accepting a request, we need to close the package request
before performing the actual action (disown/deletion/merge). Otherwise,
the former maintainer is not included in the Cc list of the
acceptance/rejection notification email.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
When a user files a request for a package maintained by himself, he is
currently included in the Cc list twice. Use array_unique() to omit
repeated entries.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
