diff options
| -rw-r--r-- | web/html/pkgsearch.php | 31 | ||||
| -rw-r--r-- | web/lib/aur.inc | 30 |
2 files changed, 52 insertions, 9 deletions
diff --git a/web/html/pkgsearch.php b/web/html/pkgsearch.php index f5ef888..3911b85 100644 --- a/web/html/pkgsearch.php +++ b/web/html/pkgsearch.php @@ -4,11 +4,38 @@ include("search_po.inc"); # use some form of this for i18n support set_lang(); # this sets up the visitor's language check_sid(); # see if they're still logged in html_header(); # print out the HTML header + +# TODO Maybe pkgsearch, pkgvote can be consolidated? This script can +# provide a search form. In the results, it can contain a checkbox +# for 'flag out of date', 'vote', 'details' link, and a link to 'pkgmgmnt'. +# +# the results page should have columns for, +# pkg name/ver, location, maintainer, description, O-O-D, Vote, details, mgmnt +# -# Any text you print out to the visitor, use the __() function -# for i18n support. See 'testpo.php' for more details. +# get login privileges # +if (isset($_COOKIE["AURSID"])) { + # Only logged in users can do stuff + # + $atype = account_from_sid($_COOKIE["AURSID"]); +} else { + $atype = ""; +} + + +if ($atype && $_REQUEST["Action"] == "Something") { + # do something based on what the user specifies + # +} elseif ($atype && $_REQUEST["Action"] == "SomethingElse") { + # do something else based on what the user specifies + # +} else { + # do the default thing - give the user a search form that they + # can specify: location, category, maintainer, name, 'my pkgs' + # +} print __("Under construction...")."<br/>\n"; diff --git a/web/lib/aur.inc b/web/lib/aur.inc index ecedb51..ce3b7d9 100644 --- a/web/lib/aur.inc +++ b/web/lib/aur.inc @@ -1,6 +1,12 @@ <? include_once("aur_po.inc"); +# TODO do we need to set the domain on cookies? I seem to remember some +# security concerns about not using domains - but it's not like +# we really care if another site can see what language/SID a user +# is using... +# + # Define global variables # $LOGIN_TIMEOUT = 1800; # number of idle seconds before timeout @@ -223,18 +229,28 @@ function set_lang() { # $LANG = $_COOKIE['AURLANG']; - } # TODO query the database if the user is logged in + } elseif (isset($_COOKIE["AURSID"])) { + $dbh = db_connect(); + $q = "SELECT LangPreference FROM Users, Sessions "; + $q.= "WHERE Users.ID = Sessions.UsersID "; + $q.= "AND Sessions.SessionID = '"; + $q.= mysql_escape_string($_COOKIE["AURSID"])."'"; + $result = db_query($q, $dbh); + if (!$result) { + $LANG = "en"; + } else { + $row = mysql_fetch_array($result); + $LANG = $row[0]; + } + } else { + $LANG = "en"; + } - if (!$LANG || !array_key_exists($LANG, $SUPPORTED_LANGS)) { + if (!array_key_exists($LANG, $SUPPORTED_LANGS)) { $LANG = "en"; # default to English } if ($update_cookie) { - # TODO do we need to set the domain too? I seem to remember some - # security concerns about not using domains - but it's not like - # we really care if another site can see what language our visitor - # was using.... - # setcookie("AURLANG", $LANG, 0, "/"); } return; |