mirror of
https://gitlab.archlinux.org/archlinux/aurweb.git
synced 2025-02-03 10:43:03 +01:00
175 lines
5.5 KiB
PHP
175 lines
5.5 KiB
PHP
<?php
|
|
|
|
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
|
|
|
|
include("aur.inc"); # access AUR common functions
|
|
include("pkgfuncs.inc"); # use some form of this for i18n support
|
|
set_lang(); # this sets up the visitor's language
|
|
check_sid(); # see if they're still logged in
|
|
html_header(); # print out the HTML header
|
|
|
|
# Make sure this visitor is logged in
|
|
#
|
|
if (isset($_COOKIE["AURSID"])) {
|
|
$atype = account_from_sid($_COOKIE["AURSID"]);
|
|
} else {
|
|
$atype = "";
|
|
}
|
|
if (!$atype) {
|
|
print __("You must be logged in before you can edit package information.");
|
|
print "<br />\n";
|
|
html_footer(AUR_VERSION);
|
|
exit();
|
|
}
|
|
|
|
# Must know what package to operate on throughout this entire script
|
|
#
|
|
if (!$_REQUEST["ID"]) {
|
|
print __("Missing package ID.");
|
|
print "<br />\n";
|
|
html_footer(AUR_VERSION);
|
|
}
|
|
|
|
|
|
# Delete a comment for this package
|
|
#
|
|
if ($_REQUEST["del_Comment"]) {
|
|
if ($_REQUEST["comment_id"]) {
|
|
if (canDeleteComment($_REQUEST["comment_id"], $atype, $_COOKIE["AURSID"])) {
|
|
$dbh = db_connect();
|
|
$uid = uid_from_sid($_COOKIE["AURSID"]);
|
|
$q = "UPDATE PackageComments ";
|
|
$q.= "SET DelUsersID = ".$uid." ";
|
|
$q.= "WHERE ID = ".intval($_REQUEST["comment_id"]);
|
|
db_query($q, $dbh);
|
|
print __("Comment has been deleted.")."<br />\n";
|
|
} else {
|
|
print __("You are not allowed to delete this comment.")."<br />\n";
|
|
}
|
|
} else {
|
|
print __("Missing comment ID.")."<br />\n";
|
|
}
|
|
html_footer(AUR_VERSION);
|
|
exit();
|
|
}
|
|
|
|
# Add a comment to this package
|
|
#
|
|
if ($_REQUEST["add_Comment"]) {
|
|
if ($_REQUEST["comment"]) {
|
|
# Insert the comment
|
|
#
|
|
$dbh = db_connect();
|
|
$q = "INSERT INTO PackageComments ";
|
|
$q.= "(PackageID, UsersID, Comments, CommentTS) VALUES (";
|
|
$q.= intval($_REQUEST["ID"]).", ".uid_from_sid($_COOKIE["AURSID"]) . ", ";
|
|
$q.= "'".mysql_real_escape_string($_REQUEST["comment"])."', ";
|
|
$q.= "UNIX_TIMESTAMP())";
|
|
db_query($q, $dbh);
|
|
print __("Comment has been added.");
|
|
|
|
# Send email notifications
|
|
#
|
|
$q = "SELECT CommentNotify.*, Users.Email ";
|
|
$q.= "FROM CommentNotify, Users ";
|
|
$q.= "WHERE Users.ID = CommentNotify.UserID ";
|
|
$q.= "AND CommentNotify.UserID != ".uid_from_sid($_COOKIE["AURSID"])." ";
|
|
$q.= "AND CommentNotify.PkgID = ".intval($_REQUEST["ID"]);
|
|
$result = db_query($q, $dbh);
|
|
$bcc = array();
|
|
if (mysql_num_rows($result)) {
|
|
while ($row = mysql_fetch_assoc($result)) {
|
|
array_push($bcc, $row['Email']);
|
|
}
|
|
$q = "SELECT Packages.Name ";
|
|
$q.= "FROM Packages ";
|
|
$q.= "WHERE Packages.ID = ".intval($_REQUEST["ID"]);
|
|
$result = db_query($q, $dbh);
|
|
$row = mysql_fetch_assoc($result);
|
|
#TODO: native language emails for users, based on their prefs
|
|
# Simply making these strings translatable won't work, users would be
|
|
# getting emails in the language that the user who posted the comment was in
|
|
$body =
|
|
"from http://aur.archlinux.org/packages.php?ID="
|
|
. $_REQUEST["ID"] . "\n"
|
|
. username_from_sid($_COOKIE["AURSID"]) . " wrote:\n\n"
|
|
. $_POST['comment']
|
|
. "\n\n---\nIf you no longer wish to receive notifications about this package, please go the the above package page and click the UnNotify button.";
|
|
$body = wordwrap($body, 70);
|
|
$bcc = implode(', ', $bcc);
|
|
$headers = "Bcc: $bcc\nReply-to: nobody@archlinux.org\nFrom: aur-notify@archlinux.org\nX-Mailer: AUR\n";
|
|
@mail(' ', "AUR Comment for ".$row['Name'], $body, $headers);
|
|
}
|
|
|
|
} else {
|
|
# Prompt visitor for comment
|
|
#
|
|
print "<div align='center'>\n";
|
|
print "<form action='pkgedit.php' method='post'>\n";
|
|
print "<input type='hidden' name='add_Comment' value='1'>\n";
|
|
print "<input type='hidden' name='ID' value=\"".$_REQUEST["ID"]."\">\n";
|
|
print __("Enter your comment below.")."<br /> <br />\n";
|
|
print "<textarea name='comment' rows='10' cols='50'></textarea>\n";
|
|
print "<br /> <br />\n";
|
|
print "<input type='submit' value=\"".__("Submit")."\">\n";
|
|
print "<input type='reset' value=\"".__("Reset")."\">\n";
|
|
print "</form>\n";
|
|
print "</div>\n";
|
|
}
|
|
html_footer(AUR_VERSION);
|
|
exit();
|
|
}
|
|
|
|
# Change package category
|
|
#
|
|
if ($_REQUEST["change_Category"]) {
|
|
$cat_array = pkgCategories();
|
|
$dbh = db_connect();
|
|
|
|
if ($_REQUEST["category_id"]) {
|
|
# Try and set the requested category_id
|
|
#
|
|
if (array_key_exists($_REQUEST["category_id"], $cat_array)) {
|
|
$q = "UPDATE Packages SET CategoryID = ".intval($_REQUEST["category_id"]);
|
|
$q.= " WHERE ID = ".intval($_REQUEST["ID"]);
|
|
db_query($q, $dbh);
|
|
print __("Package category updated.")."<br />\n";
|
|
|
|
} else {
|
|
print __("Invalid category ID.")."<br />\n";
|
|
}
|
|
} else {
|
|
# Prompt visitor for new category_id
|
|
#
|
|
$q = "SELECT CategoryID FROM Packages WHERE ID = ".intval($_REQUEST["ID"]);
|
|
$result = db_query($q, $dbh);
|
|
if ($result != NULL) {
|
|
$catid = mysql_fetch_row($result);
|
|
}
|
|
print "<form action='pkgedit.php' method='post'>\n";
|
|
print "<input type='hidden' name='change_Category' value='1'>\n";
|
|
print "<input type='hidden' name='ID' value=\"".$_REQUEST["ID"]."\">\n";
|
|
print __("Select new category").": \n";
|
|
print "<select name='category_id'>\n";
|
|
while (list($id,$cat) = each($cat_array)) {
|
|
print "<option value='".$id."'";
|
|
if ($id == $catid[0]) {
|
|
print " selected";
|
|
}
|
|
print "> ".$cat."</option>\n";
|
|
}
|
|
print "</select>\n";
|
|
print "<br /> <br />\n";
|
|
print "<input type='submit' value=\"".__("Submit")."\">\n";
|
|
print "<input type='reset' value=\"".__("Reset")."\">\n";
|
|
print "</form>\n";
|
|
|
|
}
|
|
html_footer(AUR_VERSION);
|
|
exit();
|
|
}
|
|
|
|
print __("You've found a bug if you see this....")."<br />\n";
|
|
|
|
html_footer(AUR_VERSION);
|
|
|