summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--web/html/pkgsearch.php32
-rw-r--r--web/lang/index_po.inc5
-rw-r--r--web/lang/mgmnt_po.inc5
-rw-r--r--web/lang/pkgfuncs_po.inc (renamed from web/lang/pkgs_po.inc)0
-rw-r--r--web/lang/search_po.inc20
-rw-r--r--web/lib/acctfuncs.inc1
-rw-r--r--web/lib/pkgfuncs.inc (renamed from web/lib/pkgs.inc)70
7 files changed, 81 insertions, 52 deletions
diff --git a/web/html/pkgsearch.php b/web/html/pkgsearch.php
index 64d229b..9ab00ca 100644
--- a/web/html/pkgsearch.php
+++ b/web/html/pkgsearch.php
@@ -1,6 +1,6 @@
<?
include("aur.inc"); # access AUR common functions
-include("pkgs.inc"); # package specific functions
+include("pkgfuncs.inc"); # package specific functions
include("search_po.inc"); # use some form of this for i18n support
set_lang(); # this sets up the visitor's language
check_sid(); # see if they're still logged in
@@ -39,14 +39,13 @@ if (isset($_REQUEST["do_Flag"])) {
# a message and give the user a link to resume where they were
# in the search
#
- pkg_search_page($_COOKIE["AURSID"], $_REQUEST["L"], $_REQUEST["C"],
- $_REQUEST["K"], $_REQUEST["SB"], $_REQUEST["M"], $_REQUEST["O"],
- $_REQUEST["PP"]);
+ pkg_search_page($_COOKIE["AURSID"]);
+
}
} elseif (isset($_REQUEST["do_Disown"])) {
- if ($atype != "User" && $atype != "") {
+ if ($atype == "User" || $atype == "") {
print __("You do not have access to disown packages.");
print "<br />\n";
@@ -59,14 +58,13 @@ if (isset($_REQUEST["do_Flag"])) {
# a message and give the user a link to resume where they were
# in the search
#
- pkg_search_page($_COOKIE["AURSID"], $_REQUEST["L"], $_REQUEST["C"],
- $_REQUEST["K"], $_REQUEST["SB"], $_REQUEST["M"], $_REQUEST["O"],
- $_REQUEST["PP"]);
+ pkg_search_page($_COOKIE["AURSID"]);
+
}
} elseif (isset($_REQUEST["do_Adopt"])) {
- if ($atype != "User" && $atype != "") {
+ if ($atype == "User" || $atype == "") {
print __("You do not have access to adopt packages.");
print "<br />\n";
@@ -79,9 +77,8 @@ if (isset($_REQUEST["do_Flag"])) {
# a message and give the user a link to resume where they were
# in the search
#
- pkg_search_page($_COOKIE["AURSID"], $_REQUEST["L"], $_REQUEST["C"],
- $_REQUEST["K"], $_REQUEST["SB"], $_REQUEST["M"], $_REQUEST["O"],
- $_REQUEST["PP"]);
+ pkg_search_page($_COOKIE["AURSID"]);
+
}
@@ -94,15 +91,14 @@ if (isset($_REQUEST["do_Flag"])) {
# vote on the packages in $ids array. 'unvote' for any packages
# listed in the $_REQUEST["All_IDs"] array.
#
- print "adopting<br />\n";
+ print "voting<br />\n";
# After voting, show the search page again (or maybe print out
# a message and give the user a link to resume where they were
# in the search
#
- pkg_search_page($_COOKIE["AURSID"], $_REQUEST["L"], $_REQUEST["C"],
- $_REQUEST["K"], $_REQUEST["SB"], $_REQUEST["M"], $_REQUEST["O"],
- $_REQUEST["PP"]);
+ pkg_search_page($_COOKIE["AURSID"]);
+
}
@@ -116,9 +112,7 @@ if (isset($_REQUEST["do_Flag"])) {
} else {
# do_More/do_Less/do_Search/do_MyPackages - just do a search
#
- pkg_search_page($_COOKIE["AURSID"], $_REQUEST["L"], $_REQUEST["C"],
- $_REQUEST["K"], $_REQUEST["SB"], $_REQUEST["M"], $_REQUEST["O"],
- $_REQUEST["PP"]);
+ pkg_search_page($_COOKIE["AURSID"]);
}
diff --git a/web/lang/index_po.inc b/web/lang/index_po.inc
index d96cd67..13c5033 100644
--- a/web/lang/index_po.inc
+++ b/web/lang/index_po.inc
@@ -111,4 +111,9 @@ $_t["en"]["Logged-in as: %h%s%h"] = "Logged-in as: %h%s%h";
# $_t["fr"]["Logged-in as: %h%s%h"] = "--> Traduction française ici. <--";
# $_t["de"]["Logged-in as: %h%s%h"] = "--> Deutsche Übersetzung hier. <--";
+$_t["en"]["Error looking up username, %s."] = "Error looking up username, %s.";
+# $_t["es"]["Error looking up username, %s."] = "--> Traducción española aquí. <--";
+# $_t["fr"]["Error looking up username, %s."] = "--> Traduction française ici. <--";
+# $_t["de"]["Error looking up username, %s."] = "--> Deutsche Übersetzung hier. <--";
+
?> \ No newline at end of file
diff --git a/web/lang/mgmnt_po.inc b/web/lang/mgmnt_po.inc
index 438f50d..824ef50 100644
--- a/web/lang/mgmnt_po.inc
+++ b/web/lang/mgmnt_po.inc
@@ -16,4 +16,9 @@ $_t["en"]["Under construction..."] = "Under construction...";
# $_t["fr"]["Under construction..."] = "--> Traduction française ici. <--";
# $_t["de"]["Under construction..."] = "--> Deutsche Übersetzung hier. <--";
+$_t["en"]["Manage package ID: %s"] = "Manage package ID: %s";
+# $_t["es"]["Manage package ID: %s"] = "--> Traducción española aquí. <--";
+# $_t["fr"]["Manage package ID: %s"] = "--> Traduction française ici. <--";
+# $_t["de"]["Manage package ID: %s"] = "--> Deutsche Übersetzung hier. <--";
+
?> \ No newline at end of file
diff --git a/web/lang/pkgs_po.inc b/web/lang/pkgfuncs_po.inc
index cd96ecb..cd96ecb 100644
--- a/web/lang/pkgs_po.inc
+++ b/web/lang/pkgfuncs_po.inc
diff --git a/web/lang/search_po.inc b/web/lang/search_po.inc
index 438f50d..01527c4 100644
--- a/web/lang/search_po.inc
+++ b/web/lang/search_po.inc
@@ -16,4 +16,24 @@ $_t["en"]["Under construction..."] = "Under construction...";
# $_t["fr"]["Under construction..."] = "--> Traduction française ici. <--";
# $_t["de"]["Under construction..."] = "--> Deutsche Übersetzung hier. <--";
+$_t["en"]["You must be logged in before you can vote for packages."] = "You must be logged in before you can vote for packages.";
+# $_t["es"]["You must be logged in before you can vote for packages."] = "--> Traducción española aquí. <--";
+# $_t["fr"]["You must be logged in before you can vote for packages."] = "--> Traduction française ici. <--";
+# $_t["de"]["You must be logged in before you can vote for packages."] = "--> Deutsche Übersetzung hier. <--";
+
+$_t["en"]["You do not have access to disown packages."] = "You do not have access to disown packages.";
+# $_t["es"]["You do not have access to disown packages."] = "--> Traducción española aquí. <--";
+# $_t["fr"]["You do not have access to disown packages."] = "--> Traduction française ici. <--";
+# $_t["de"]["You do not have access to disown packages."] = "--> Deutsche Übersetzung hier. <--";
+
+$_t["en"]["You must be logged in before you can flag packages."] = "You must be logged in before you can flag packages.";
+# $_t["es"]["You must be logged in before you can flag packages."] = "--> Traducción española aquí. <--";
+# $_t["fr"]["You must be logged in before you can flag packages."] = "--> Traduction française ici. <--";
+# $_t["de"]["You must be logged in before you can flag packages."] = "--> Deutsche Übersetzung hier. <--";
+
+$_t["en"]["You do not have access to adopt packages."] = "You do not have access to adopt packages.";
+# $_t["es"]["You do not have access to adopt packages."] = "--> Traducción española aquí. <--";
+# $_t["fr"]["You do not have access to adopt packages."] = "--> Traduction française ici. <--";
+# $_t["de"]["You do not have access to adopt packages."] = "--> Deutsche Übersetzung hier. <--";
+
?> \ No newline at end of file
diff --git a/web/lib/acctfuncs.inc b/web/lib/acctfuncs.inc
index 9cd7fab..d27b96f 100644
--- a/web/lib/acctfuncs.inc
+++ b/web/lib/acctfuncs.inc
@@ -464,6 +464,7 @@ function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="",
}
$search_vars[] = "SB";
$q.= "LIMIT ". $OFFSET . ", " . $HITS_PER_PAGE;
+
$result = db_query($q, $dbh);
if (!$result) {
print __("No results matched your search criteria.");
diff --git a/web/lib/pkgs.inc b/web/lib/pkgfuncs.inc
index 9fd70cb..c8427ab 100644
--- a/web/lib/pkgs.inc
+++ b/web/lib/pkgfuncs.inc
@@ -1,5 +1,5 @@
<?
-include_once("pkgs_po.inc");
+include_once("pkgfuncs_po.inc");
# grab the current list of PackageCategories
#
@@ -35,8 +35,8 @@ function pkgLocations() {
# display the search form in a boxSoft style
#
-function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
- $D="") {
+function pkg_search_page($SID="") {
+ global $_REQUEST;
# SID: session id cookie
# L: PackageLocations.ID
# C: PackageCategories.ID
@@ -53,16 +53,20 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
$dbh = db_connect();
- if (!$PP) {$PP = 25;}
- if ($O) {
- $OFFSET = intval($O);
- } else {
- $OFFSET = 0;
+ # determine paging variables
+ #
+ isset($_REQUEST["PP"]) ? $PP = intval($_REQUEST["PP"]) : $PP = 25;
+ isset($_REQUEST["O"]) ? $O = intval($_REQUEST["O"]) : $O = 0;
+ if (isset($_REQUEST["do_More"])) {
+ $O += $PP;
+ } elseif (isset($_REQUEST["do_Less"])) {
+ $O -= $PP;
}
- if ($OFFSET < 0) {
- $OFFSET = 0;
+ if ($O < 0) {
+ $O = 0;
}
+
# grab info for user if they're logged in
#
if ($SID) {
@@ -72,15 +76,15 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
# The search form
#
- print "SID=$SID, L=$L, C=$C, K=$K, SB=$SB, M=$M, O=$O, PP=$PP<br />\n";
-
+ $K = str_replace("\"", "", $_REQUEST["K"]); # TODO better testing for
+ # SQL trickery...
print "<form action='/pkgsearch.php' method='post'>\n";
- print "<input type='hidden' name='O' value='".($OFFSET+intval($PP))."'>\n";
- print "<input type='hidden' name='L' value='".$L."'>\n";
- print "<input type='hidden' name='M' value='".$M."'>\n";
- print "<input type='hidden' name='C' value='".$C."'>\n";
+ print "<input type='hidden' name='O' value='".$O."'>\n";
+ print "<input type='hidden' name='L' value='".$_REQUEST["L"]."'>\n";
+ print "<input type='hidden' name='M' value='".$_REQUEST["M"]."'>\n";
+ print "<input type='hidden' name='C' value='".$_REQUEST["C"]."'>\n";
print "<input type='hidden' name='K' value='".$K."'>\n";
- print "<input type='hidden' name='SB' value='".$SB."'>\n";
+ print "<input type='hidden' name='SB' value='".$_REQUEST["SB"]."'>\n";
print "<input type='hidden' name='PP' value='".$PP."'>\n";
print "<center>\n";
@@ -101,7 +105,7 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
print " <select name='L'>\n";
print " <option value=0> ".__("Any")."\n";
while (list($id, $loc) = each($locs)) {
- if ($L == $id) {
+ if ($_REQUEST["L"] == $id) {
print " <option value=".$id." selected> ".$loc."\n";
} else {
print " <option value=".$id."> ".$loc."\n";
@@ -116,7 +120,7 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
print " <select name='C'>\n";
print " <option value=0> ".__("Any")."\n";
while (list($id, $cat) = each($cats)) {
- if ($C == $id) {
+ if ($_REQUEST["C"] == $id) {
print " <option value=".$id." selected> ".$cat."\n";
} else {
print " <option value=".$id."> ".$cat."\n";
@@ -129,7 +133,7 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
print " <span class='f5'><span class='blue'>".__("Keywords");
print "</span></span><br />\n";
print " <input type='text' name='K' size='35'";
- print " value='".$K."' maxlength='35'>\n";
+ print " value=\"".stripslashes($K)."\" maxlength='35'>\n";
print "</td>\n";
print "<td align='right'>\n";
@@ -137,16 +141,16 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
print "</span></span><br />\n";
print " <select name='SB'>\n";
print " <option value=n";
- $SB == "n" ? print " selected> " : print "> ";
+ $_REQUEST["SB"] == "n" ? print " selected> " : print "> ";
print __("Name")."\n";
print " <option value=c";
- $SB == "c" ? print " selected> " : print "> ";
+ $_REQUEST["SB"] == "c" ? print " selected> " : print "> ";
print __("Category")."\n";
print " <option value=l";
- $SB == "l" ? print " selected> " : print "> ";
+ $_REQUEST["SB"] == "l" ? print " selected> " : print "> ";
print __("Location")."\n";
print " <option value=v";
- $SB == "v" ? print " selected> " : print "> ";
+ $_REQUEST["SB"] == "v" ? print " selected> " : print "> ";
print __("Votes")."\n";
print " </select>\n";
print "</td>\n";
@@ -194,16 +198,16 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
# $q.= "ON Packages.ID = PackageVotes.PackageID ";
$q = "SELECT * FROM Packages ";
$has_where = 0;
- if ($L) {
- $q.= "WHERE LocationID = ".intval($L)." ";
+ if (isset($_REQUEST["L"]) && $_REQUEST["L"]) {
+ $q.= "WHERE LocationID = ".mysql_escape_string($_REQUEST["L"])." ";
$has_where = 1;
}
- if ($C) {
+ if (isset($_REQUEST["C"]) && $_REQUEST["C"]) {
if (!$has_where) {
- $q.= "WHERE CategoryID = ".intval($C)." ";
+ $q.= "WHERE CategoryID = ".mysql_escape_string($_REQUEST["C"])." ";
$has_where = 1;
} else {
- $q.= "AND CategoryID = ".intval($C)." ";
+ $q.= "AND CategoryID = ".mysql_escape_string($_REQUEST["C"])." ";
}
}
if ($K) {
@@ -216,7 +220,7 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
$q.= "Description LIKE '%".mysql_escape_string($K)."%') ";
}
}
- if ($M && $SID) {
+ if (isset($_REQUEST["M"]) && $_REQUEST["M"] && $SID) {
if ($myuid) {
if (!$has_where) {
$q.= "WHERE MaintainerUID = ".$myuid." ";
@@ -227,7 +231,7 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
}
}
- switch ($SB) {
+ switch (isset($_REQUEST["SB"])) {
case 'c':
$q.= "ORDER BY CategoryID ASC, Name ASC, LocationID ASC ";
break;
@@ -241,13 +245,13 @@ function pkg_search_page($SID="",$L="",$C="",$K="",$SB="",$M=0,$O=0,$PP=25,
$q.= "ORDER BY Name ASC, LocationID ASC, CategoryID ASC ";
break;
}
- $q.= "LIMIT ".$OFFSET.", ".intval($PP);
+ $q.= "LIMIT ".$O.", ".$PP;
print $q."<br />\n";
$result = db_query($q, $dbh);
if (!$result) {
- print __("No packages matched your search criteria.");
+ print __("Error retrieving package list.");
} elseif (!mysql_num_rows($result)) {
print __("No packages matched your search criteria.");