summaryrefslogtreecommitdiffstats
path: root/web/template/pkg_details.php
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2010-11-04 18:10:56 +0100
committerLukas Fleischer <archlinux@cryptocrack.de>2011-01-19 23:18:09 +0100
commitec0dfc27deb246ee7d7f19fd5290e499805869d2 (patch)
tree3f267383b82cc4ef34f3c3e51b10bb0795b948e6 /web/template/pkg_details.php
parent233f67b87edf0d063c0f56cece50c2f1bb1a31ff (diff)
downloadaurweb-ec0dfc27deb246ee7d7f19fd5290e499805869d2.tar.xz
Removed code for tarball extraction.
Automatic tarball extraction was vulnerable in different ways. Users should also only use source tarballs to build packages, so this has been removed completely. From now on, only the PKGBUILD is extracted in a secure manner. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Diffstat (limited to 'web/template/pkg_details.php')
-rw-r--r--web/template/pkg_details.php5
1 files changed, 3 insertions, 2 deletions
diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php
index 7c6356d..8dd3d28 100644
--- a/web/template/pkg_details.php
+++ b/web/template/pkg_details.php
@@ -77,8 +77,9 @@ $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("r", intval($row[
<p><span class='f3'>
<?php
if ($row['LocationID'] == 2) {
- $urlpath = URL_DIR . $row['Name'] . '/' . $row['Name'];
- print "<a href='$urlpath.tar.gz'>".__("Tarball")."</a> :: <a href='$urlpath'>".__("Files")."</a> :: <a href='$urlpath/PKGBUILD'>PKGBUILD</a></span>";
+ $urlpath = URL_DIR . $row['Name'];
+ print "<a href='$urlpath/" . $row['Name'] . ".tar.gz'>".__("Tarball")."</a> :: ";
+ print "<a href='$urlpath/PKGBUILD'>".__("PKGBUILD")."</a></span>";
}
if ($row["OutOfDateTS"] !== NULL) {