* Add "archweb.css" from the master branch of archweb. We will use this
as base style sheet in the future.
* Add "aur.css" for AUR-specific extensions to "archweb.css".
* Remove the "archnavbar.css" link from the header template since this
is included in "archweb.css".
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Escape each output string using htmlspecialchars(). These aren't
exploitable; it's still better to escape them properly.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Escape strings properly using htmlspecialchars(). Seems like we missed
these in former cleanups. Fixes FS#28515.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This should be set to something like 'http://localhost' for development
or 'https://aur.archlinux.org' in production. It ensures all links in
the site stay in the development site and there is no sudden jump from
development to production environments.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Basically just sync with what archweb currently uses, prefixing all
relative URLs with "http://www.archlinux.org".
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Fix a lot of invalid XHTML in the templates and actions. There might
still be some legacy code left, but this should cover most of it.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
No need to call this function way too often, especially when on the package
list page where it could be called up to once per row.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
The site no longer needs to be hosted from the
root of a domain, or virtual host.
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
AL logo now goes to AL homepage, not AUR homepage
Appended forward slash to top navigation links
Signed-off-by: Thayer Williams <thayer@archlinux.org>
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
Utilise login form template.
Also cleaned up a couple notices.
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
Signed-off-by: Simo Leone <simo@archlinux.org>
Moves the action bar down to the bottom right of the search results and turns it
into a drop-down selection box.
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
Signed-off-by: Simo Leone <simo@archlinux.org>
Fixes a login error where entering nothing would result in the login message
"Incorrect password for username, ." and changes the translation "TU" to
"Trusted User" so the menu bar on the accounts page doesn't bug up (we need a
new translation system :((()
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
Signed-off-by: Simo Leone <simo@archlinux.org>
Cleans up links on front page, adds a TU link to the header to the voting
application, fixes some titles and styling for logged in text
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
Verbose page titles again
Adds support for more verbose page titles based on current
page and action by user and removes sort by options from
search form as they're obsolete by column links.
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
This is a patch that fixes a lot of little things:
* We no longer have pkgsearch or pkgdetails link functions and all
references to them are gone, that's what a back button is for and if
we really need it we can come up with something better
* No longer have do_Details variable, this means links on the package
search are simply ?ID=foo
* On the pkgdetails pages when there are either no deps, deps by,
sources or comments for a package the list for each will display
"None" instead of nothing at all (ruining the layout)
* Fixed a bug where if a package had no sources or no deps
pkgsubmit.php would submit an empty one
* Translation of the word "Search'" has been changed to "Search"
Most of these relate to each other.
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
In the check_sid function in aur.inc the condition for expiring the
cookie and redirecting to hacker.php could never be met and instead
the user would be given blank login instead of being considered logged
out, now fixed. This also means we no longer need either hacker.php or
timeout.php at all.
Also, this bug seems to be present in the AUR version running on
aur.archlinux.org.
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
This removes the need for a timeout page (and probably hacker.php) and
moves the login form and status to the header. If your login times out
you won't lose your place anymore and links will always work. Works
for me but at the moment index_po.php is imported in aur.inc which has
to stay until the translations from it for login are moved to
aur_po.php.
Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
