diff options
| author | Gordian Edenhofer <gordian.edenhofer@gmail.com> | 2015-06-26 21:03:17 +0200 |
|---|---|---|
| committer | Lukas Fleischer <lfleischer@archlinux.org> | 2015-06-27 13:04:03 +0200 |
| commit | 8bd03adb6168b16222510f2e1a148f2ad5ea3afb (patch) | |
| tree | 4bf3bb990c637dec3abf3519c797c434c6547155 /web/lib/aur.inc.php | |
| parent | b036b436aa64be000481f8d1da30ff53d4bcb889 (diff) | |
| download | aurweb-8bd03adb6168b16222510f2e1a148f2ad5ea3afb.tar.xz | |
Fake pkgbase actions for unconfirmed users
Displaying flag, notify, vote, adopt and file request links for
users which did not authenticate themselves and letting those fake
buttons link to the login page.
Signed-off-by: Gordian Edenhofer <gordian.edenhofer@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Diffstat (limited to 'web/lib/aur.inc.php')
| -rw-r--r-- | web/lib/aur.inc.php | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index 95f72ce..7a455c6 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -230,7 +230,12 @@ function html_format_maintainers($maintainer, $comaintainers) { * @return string The generated HTML code for the action link */ function html_action_link($uri, $desc) { - $code = '<a href="' . htmlspecialchars($uri, ENT_QUOTES) . '">'; + if (isset($_COOKIE["AURSID"])) { + $code = '<a href="' . htmlspecialchars($uri, ENT_QUOTES) . '">'; + } else { + $code = '<a href="' . get_uri('/login/', true) . '?referer='; + $code .= urlencode(rtrim(aur_location(), '/') . $uri) . '">'; + } $code .= htmlspecialchars($desc) . '</a>'; return $code; @@ -246,14 +251,19 @@ function html_action_link($uri, $desc) { * @return string The generated HTML code for the action link */ function html_action_form($uri, $action, $desc) { - $code = '<form action="' . htmlspecialchars($uri, ENT_QUOTES) . '" '; - $code .= 'method="post">'; - $code .= '<input type="hidden" name="token" value="'; - $code .= htmlspecialchars($_COOKIE['AURSID'], ENT_QUOTES) . '" />'; - $code .= '<input type="submit" class="button text-button" name="'; - $code .= htmlspecialchars($action, ENT_QUOTES) . '" '; - $code .= 'value="' . htmlspecialchars($desc, ENT_QUOTES) . '" />'; - $code .= '</form>'; + if (isset($_COOKIE["AURSID"])) { + $code = '<form action="' . htmlspecialchars($uri, ENT_QUOTES) . '" '; + $code .= 'method="post">'; + $code .= '<input type="hidden" name="token" value="'; + $code .= htmlspecialchars($_COOKIE['AURSID'], ENT_QUOTES) . '" />'; + $code .= '<input type="submit" class="button text-button" name="'; + $code .= htmlspecialchars($action, ENT_QUOTES) . '" '; + $code .= 'value="' . htmlspecialchars($desc, ENT_QUOTES) . '" />'; + $code .= '</form>'; + } else { + $code = '<a href="' . get_uri('/login/', true) . '">'; + $code .= htmlspecialchars($desc) . '</a>'; + } return $code; } |