When removing an account, remove the user from all last packager fields
before deletion to make sure that no package bases are deleted, even if
propagation constraints are missing.
Fixes FS#53956.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This allows for adding Terms of Service documents to the database that
registered users need to accept before using the AUR. A revision field
can be used to indicate whether a document was updated. If it is
increased, all users are again asked to accept the new terms.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Instead of unconditionally calling fetch on the return value of query(),
error out early if the value evaluates to false. Also, make sure that
the results array is always initialized, even if the result set is
empty.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
The $salt variable is no longer needed as of 29a4870 (Use bcrypt to hash
passwords, 2017-02-24).
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Replace the default hash function used for storing passwords by
password_hash() which internally uses bcrypt. Legacy MD5 hashes are
still supported and are immediately converted to the new format when a
user logs in.
Since big parts of the authentication system needed to be rewritten in
this context, this patch also includes some simplification and
refactoring of all code related to password checking and resetting.
Fixes FS#52297.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Currently, when a user edits their language setting from the edit user form,
the changes aren't reflected until the user either lets the original cookie
expire, deletes the cookie manually, or changes the language a second time via
the dropdown menu on the top of the page. This patch makes the language cookie
get updated when it is changed from the edit user form.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Currently, aurweb displays all dates and times in UTC time. This patch
adds a capability for each logged in user to set their preferred
timezone.
Implements FS#48729.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
UNIX_TIMESTAMP is not part of the SQL standard. Instead, all usage in
the web interface is changed to use PHP's time() function.
Signed-off-by: Mark Weiman <mark.weiman@markzz.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Directly store the information contained in $_SERVER['REMOTE_ADDR']
instead of using ip2long() which does not support IPv6 addresses. Note
that the LastLoginIPAddress field is designed to be used by the
administrator on rare occasions only (e.g. to fight spam) and is not
displayed anywhere.
Fixes FS#48557.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Add a new option that makes it possible to subscribe to package
ownership changes (adoption/disownment).
Fixes FS#15412.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Introduce a new notification option to receive notifications when a new
commit is pushed to a package repository.
Implements FS#30109.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Add a configuration option to the account edit page that allows for
globally enabling/disabling package base comment notifications.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
As a preparatory step to adding support for package notifications on
events other than comments, rename the database table accordingly.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Directly retrieve comments from the database instead of additionally
passing them via stdin.
Fixes FS#46742.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Accept both user names and email addresses in the login prompt.
Suggested-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This helper function was almost 100% identical to uid_from_username().
Switch to using uid_from_username(), which has a much better name and
implementation, everywhere.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Don't print messages (and the account form) in process_account_form()
anymore, but return them to the caller. When updating accounts, this
function will be called before the headers are written.
If a username has been changed by process_account_form(), the headers
now show the updated username from the database in the 'My Account'
link. Clicking on it immediately after changing a username will no
longer lead to a non-existing URL.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This fixes a bug where the new user name input by the user was
invalid, causing the account deletion link and the form action to be
wrong.
Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Use a Python script for sending notification emails. The notification
action and additional parameters are passed via command line arguments.
For comment and package request notifications, the text is passed via
stdin.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
`ssh-keygen -l` returns more than four tokens when there is whitespace
in the key comment.
Fixes FS#45488.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit changes the messages printed when changing the accound
details so that it only prints that no changes were made if either the
account change SQL query or the account_set_ssh_keys call failed.
Reported-by: Alexis Chotard <alexis.horgix.chotard@gmail.com>
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Attaching more than one SSH public key to the same account is useful,
e.g. if one uses different machines to access the AUR SSH interface.
Multiple keys can now be specified by adding multiple lines to the text
area on the account edit form.
Implements FS#45469.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Acked-by: Leonidas Spyropoulos <artafinde@gmail.com>
After the user was authenticated a redirect to the site which
linked the user to the login page is done. This fixes FS#32481.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Use NULL instead of an empty string if the SSH public key field is left
empty. Additionally, do not check for duplicate keys in that case.
Fixes FS#45109.
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Users can now add an SSH public key on the account edit page. This will
later be used to authenticate users via SSH.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Replace web/lib/config.inc.php with an INI-style configuration file.
This allows us to get rid of several globals and makes it easier to use
the same configuration file in external scripts.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
When using preg_match() to check for a match that starts at the
beginning of the string and ends at the last character of the string, we
do not want to allow an additional newline character to sneak in.
Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY
modifier prevents users from registering with user names that end with a
newline character.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Add a check to remove a notice which is displayed after registration
since commit 03c6304 (Rework permission handling, 2014-07-15).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Prevent Trusted Users and developers from accidentally using a name that
contains invalid characters. Also, remove user_is_privileged() which is
no longer needed after this change.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Add a new function has_credential() that checks whether the currently
logged in user is allowed to perform a given action. Moving all
permission handling to this central place makes adding new user groups
and adjusting permissions much more convenient.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Return null instead of the string "None" in username_from_id(),
uid_from_email() and uid_from_username().
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
In commit 0722f46 (Simplify valid_user() and valid_username(),
2014-02-06), the conversion to lower case letters was unintentionally
removed and in consequence, names with upper case letters have been
rejected since then.
Instead of reintroducing the conversion, add the "i" modifier to the
regular expression validating the name to do case-insensitive pattern
matching.
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Replace a misplaced semicolon with the concatenation operator. This
makes the AUR insert proper Reply-to and From headers again when sending
password reset emails on registration.
Fixes a regression introduced in 94a4f59 (Set Content-type header when
sending UTF-8 mails, 2014-02-10).
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
