This has been introduced by commit aae43d9 (started working on package
comments, 2005-03-05) but it seems to be of no practical use. Remove the
field to save some space.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Use COUNT(*) instead of COUNT(ID) and PDO::FETCH_NUM instead of
PDO::FETCH_ASSOC. This also includes some minor formatting fixes.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Use C-style comments (/* */) instead of # or //.
* Remove some superfluous comments and slightly reword others.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Since commit fb7bde3 (Add support for anonymous comments, 2014-02-04),
we support comments with no specific author. Add a check to
canDeleteComment() and canDeleteCommentArray() to ensure an
unauthenticated user cannot delete such comments.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This allows for removing users without also removing the corresponding
comments. Instead, all comments from deleted users will be displayed as
"Anonymous comment".
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Instead of using a random secondary order, sort by the ID of the last
vote first, then by user name.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
* Extends changes in 81d4cc13dc
* Modify getvotes() to use the package name rather than package ID
* Rename getvotes() to votes_for_pkgname() for clarity with new changes
* Modify routing framework and links to now use package names for voters.php
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Do not show users that took part in past TU votes but no longer have TU
powers. Also, fix the sorting column while we're touching these lines.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Checking whether to add a comment is something that really does not
belong to a function named display_package_details().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Change the return values of following functions to return both
error/success and an error/success message:
* pkg_flag()
* pkg_unflag()
* pkg_adopt()
* pkg_vote()
* pkg_delete()
* pkg_notify()
* pkg_delete_comment()
* pkg_change_category()
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Showing running votes potentially allows for tracking votes and
associating yes/no/abstain votes with specific TUs.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This shows a list of all Trusted Users and the vote ID of the last
proposal each of the TUs voted on. This list is sorted by vote ID.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
There are only four valid reasons for starting a TU vote, so instead of
letting the user choose a vote length, let her pick a reason and set
vote length and quorum based on that selection.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This adds a field to the users table and corresponding fields to the
account edit and display forms that allow for setting an (in-)activity
status.
This might turn out to be useful if a user is on vacation and can not
respond to update/orphan/deletion requests.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This resolves issues with backwards incompatible changes to
pack/unpack in php 5.5:
http://www.php.net/manual/de/migration55.incompatible.php
Signed-off-by: Dave Reisner <dreisner@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
The search_accounts_form() wrapper function doesn't have any
arguments and only makes it unclear what is happening within
account.php
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
A user might have an empty password due to two reasons:
* The user just created an account and needs to set an initial password.
* The password has been reset by the administrator.
In both cases, the user might be confused as to why the login does not
work. Add a message that helps users debug the issue in both cases.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Adds a new is_ipbanned() function to determine whether the user
attempting to login or register for an account has their IP
address listed in the "Bans" table.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Save the IP address used for the last login in the "Users" table. This
makes it a bit easier to create IP ban lists for spammers without
looking at web server logs.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
If an empty password is passed during account registration, login for
the new user is disabled and a reset key is sent to the new user's
e-mail address so that they can set an initial password manually.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This allows for reusing reset key submission for other things, such as
sending an initial password reset code during account registration.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Large amount of boilerplate code that checks if a database
connection exists is useless now that the new connection method
automatically does the same check.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
All functions now have a database connection method that will use
the same database connection. This imitates the functionality of
passing a database connection as an argument and makes it redundant.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Uses the Singleton pattern to ensure all queries use the same
database connection that is released upon script completion.
All database connections should now be called with DB::connect() and
not db_connect().
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
An error message is printed when the number of affected rows is
0 for an edited account. A count of 0 doesn't imply an error,
only that no changes were made in the database.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
A suspended user can stay in active sessions. Introduce new function
delete_user_sessions to remove all open sessions for a specific user.
Allows suspensions to take effect immediately.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
The function is only determining whether a username is valid,
so it makes more sense to simply return a boolean value.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Occurs in the rare situation where a logged out user tries to POST
a CSRF token.
Signed-off-by: canyonknight <canyonknight@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
