When requesting package details, instead of performing another SQL query
to obtain the package name, extract the name from the result of the
package details query.
Also, drop pkg_name_from_id() which is no longer needed after this
optimization.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
In 74edb6f (Use Git repositories to store packages, 2014-06-06), package
creation was moved to the Python backend. Remove several PHP functions
that are no longer needed.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Do not use the same function for generating dependency and inverse
dependency links. Instead, factor out common code and create two
separate functions for those (rather different) functionalities.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Fixes a regression introduced in 4112e57 (Add a restore command to the
SSH interface, 2015-08-14).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
When a package base is merged into another one, followers of the old
package base usually want to be notified about comments the new package
base as well.
Fixes FS#27687.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
For all "virtual provisions" in package dependencies, show links to the
actual packages providing the dependency.
This partly implements FS#14125.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
The callback parameter of the RPC interface currently allows for
specifying a prefix of arbitrary length of the returned result. This can
be exploited by certain attacks.
As a countermeasure, this patch restricts the allowed character set for
the callback name to letters, digits, underscores, parenthesis and dots.
It also limits the length of the name to 128 characters. Furthermore,
the reflected callback name is now always prepended with "/**/", which
is a common workaround to protect against attacks such as Rosetta Flash.
Fixes FS#46259.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Accept both user names and email addresses in the login prompt.
Suggested-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This helper function was almost 100% identical to uid_from_username().
Switch to using uid_from_username(), which has a much better name and
implementation, everywhere.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
The __() helper function already escapes HTML special characters. Do not
escape them again in html_action_*().
Fixes FS#45780.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Sometimes, a user accidentally flags a package out-of-date. Allow users
to unflag packages that they flagged themselves, thereby providing a way
to undo these actions.
Implements FS#46145.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Add a new FlaggerUID field to the database and use it to store the user
ID of the account who recently flagged a package out-of-date.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Currently, package creation has to be done separately from first
submission, so ModifiedTS will never be the same as SubmittedTS.
Consider all packages that are submitted within an hour from package
creation as new.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Show item count on sources section just like it is done for
dependencies and required by.
Fixes FS#45881.
Signed-off-by: Stefan Auditor <stefan.auditor@erdfisch.de>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
To be more flexible with messages, we shouldn't always output this
message when a comment has been sent. Moreover, currently it is not
displayed due to the POST-Redirect-GET pattern, where the comment
parameter is lost after redirection.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Circumvents the temporary regression in git that clones a repository
as foo-git.git instead of foo-git and matches the format used by
other commonly used git hosting providers.
Fixes FS#45834.
Signed-off-by: Stefan Auditor <stefan.auditor@erdfisch.de>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Update the link to the project page on Transifex and remove an outdated link
to the Arch Wiki.
Fixes FS#45966.
Signed-off-by: Stefan Auditor <stefan.auditor@erdfisch.de>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Implement a new command that can be used to restore deleted package
bases without having to push a new commit.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
The pkgbase variable already contains the package base name at this
point, no need to reassign it.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Since c4870a9 (git-update: Only check HEAD for blacklisted packages,
2015-06-04), only the HEAD commit package name is looked up in the
blacklist. This means that we no longer need to read the blacklist
before running the commit walker. Moving the blacklist reading code
further down makes the code easier to read.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This method will be used by the JavaScript comment editing and produces
a form containing the comment.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
For use in the new RPC interface to edit comments, the form shouldn't
always print a header. Create a new template pkg_comment_box.php that
prints form and box, change template pkg_comment_form.php to only
print the form.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
We no longer use the term [unsupported] to refer to the "repository" of
AUR packages. Update texts and variable names accordingly.
Fixes FS#45381.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Don't print messages (and the account form) in process_account_form()
anymore, but return them to the caller. When updating accounts, this
function will be called before the headers are written.
If a username has been changed by process_account_form(), the headers
now show the updated username from the database in the 'My Account'
link. Clicking on it immediately after changing a username will no
longer lead to a non-existing URL.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This fixes a bug where the new user name input by the user was
invalid, causing the account deletion link and the form action to be
wrong.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This needs to be disabled on package pages to be able to add a URL
fragment after comment editing.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Create two new actions, do_AddComment and do_EditComment. When editing
or deleting a comment, a timestamp is added.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Show an icon next to the comment deletion icon, which leads to a
comment edit form.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This also puts the icon to the right and the timestamp in the byline
and wipes out a repeated instance of the byline.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
These are already output by html_action_link.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
