summaryrefslogtreecommitdiffstats
path: root/web/html
diff options
context:
space:
mode:
Diffstat (limited to 'web/html')
-rw-r--r--web/html/pkgsubmit.php200
1 files changed, 168 insertions, 32 deletions
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php
index 21b0f94..236073e 100644
--- a/web/html/pkgsubmit.php
+++ b/web/html/pkgsubmit.php
@@ -19,20 +19,22 @@ if ($_COOKIE["AURSID"]) {
if ($_REQUEST["pkgsubmit"]) {
+ $pkg_name = escapeshellarg($_FILES["pfile"]["name"]);
+
# first, see if this package already exists, and if it can be overwritten
#
- $pkg_exists = package_exists($_FILES["pfile"]["name"]);
+ $pkg_exists = package_exists($pkg_name);
if ($pkg_exists) {
# ok, it exists - should it be overwritten, and does the user have
# the permissions to do so?
#
- if (can_overwrite_pkg($_FILES["pfile"]["name"], $_COOKIE["AURSID"])) {
+ if (can_overwrite_pkg($pkg_name, $_COOKIE["AURSID"])) {
if (!$_REQUEST["overwrite"]) {
$error = __("You did not tag the 'overwrite' checkbox.");
}
} else {
$error = __("You are not allowed to overwrite the %h%s%h package.",
- array("<b>", $_FILES["pfile"]["name"], "</b>"));
+ array("<b>", $pkg_name, "</b>"));
}
}
@@ -41,14 +43,14 @@ if ($_COOKIE["AURSID"]) {
# the uploaded package file.
#
- $upload_file = $UPLOAD_DIR . $_FILES["pfile"]["name"];
+ $upload_file = $UPLOAD_DIR . $pkg_name
if (move_uploaded_file($_FILES["pfile"]["tmp_name"], $upload_file)) {
# ok, we can proceed
#
- if (file_exists($INCOMING_DIR . $_FILES["pfile"]["name"])) {
+ if (file_exists($INCOMING_DIR . $pkg_name) {
# blow away the existing file/dir and contents
#
- rm_rf($INCOMING_DIR . $_FILES["pfile"]["name"]);
+ rm_rf($INCOMING_DIR . $pkg_name);
}
} else {
@@ -58,43 +60,177 @@ if ($_COOKIE["AURSID"]) {
}
}
- # at this point, we can safely create the directories, and update
- # the database with the new package
- #
- # TODO extract the package contents and parse the included files
+ # at this point, we can safely unpack the uploaded file and parse
+ # its contents.
#
+ if (!mkdir($INCOMING_DIR.$pkg_name)) {
+ $error = __("Could not create incoming directory: %s.",
+ array($INCOMING_DIR.$pkg_name));
+ } else {
+ if (!chdir($INCOMING_DIR.$pkg_name)) {
+ $error = __("Could not change directory to %s.",
+ array($INCOMING_DIR.$pkg_name));
+ } else {
+ # try .gz first
+ #
+ exec("/bin/sh -c 'tar xzf ".$upload_file."'",, $retval);
+ if (!$retval) {
+ # now try .bz2 format
+ #
+ exec("/bin/sh -c 'tar xjf ".$upload_file."'",, $retval);
+ }
+ if (!$retval) {
+ $error = __("Unknown file format for uploaded file.");
+ }
+ }
+ }
+ # At this point, if no error exists, the package has been extracted
+ # There should be a $INCOMING_DIR.$pkg_name."/".$pkg_name directory
+ # if the user packaged it correctly. However, the final sub-directory
+ # may not exist, in which case, the files will live in,
+ # $INCOMING_DIR.$pkg_name.
+ #
+ if (is_dir($INCOMING_DIR.$pkg_name."/".$pkg_name) &&
+ is_file($INCOMING_DIR.$pkg_name."/".$pkg_name."/PKGBUILD")) {
+ # the files were packaged correctly
+ #
+ if (!chdir($INCOMING_DIR.$pkg_name."/".$pkg_name)) {
+ $error = __("Could not change to directory %s.",
+ array($INCOMING_DIR.$pkg_name."/".$pkg_name));
+ }
+ $pkg_dir = $INCOMING_DIR.$pkg_name."/".$pkg_name;
+ } elseif (is_file($INCOMING_DIR.$pkg_name."/PKGBUILD")) {
+ # not packaged correctly, but recovery is possible
+ #
+ if (!mkdir($INCOMING_DIR.$pkg_name."/".$pkg_name)) {
+ $error = __("Could not create directory %s.",
+ array($INCOMING_DIR.$pkg_name."/".$pkg_name));
+ } else {
+ exec("/bin/sh -c 'mv * ".$pkg_name."'");
+ if (!file_exists($INCOMING_DIR.$pkg_name."/".$pkg_name."/PKGBUILD")) {
+ $error = __("Error exec'ing the mv command.");
+ }
+ }
+ if (!chdir($INCOMING_DIR.$pkg_name."/".$pkg_name)) {
+ $error = __("Could not change to directory %s.",
+ array($INCOMING_DIR.$pkg_name."/".$pkg_name));
+ }
+ $pkg_dir = $INCOMING_DIR.$pkg_name."/".$pkg_name;
+ } else {
+ # some wierd packaging/extraction error - baal
+ #
+ $error = __("Error trying to unpack upload - PKGBUILD does not exist.");
+ }
- # update the backend database
+ # if no error, get list of directory contents and process PKGBUILD
#
- $dbh = db_connect();
- if ($pkg_exists) {
+ if (!$error) {
+ # get list of files
+ #
+ $d = dir($pkg_dir);
+ $pkg_contents = array();
+ while ($f = $d->read()) {
+ if ($f != "." && $f != "..") {
+ $pkg_contents[$f] = filesize($f);
+ }
+ }
+ $d->close();
- # this is an overwrite of an existing package, the database ID
- # needs to be preserved so that any votes are retained. However,
- # PackageDepends, PackageSources, and PackageContents can be
- # purged.
+ # process PKGBIULD
#
- $q = "SELECT * FROM Packages ";
- $q.= "WHERE Name = '".mysql_escape_string($_FILES["pfile"]["name"])."'";
- $result = db_query($q, $dbh);
- $pdata = mysql_fetch_assoc($result);
+ $pkgbuild = array();
+ $fp = fopen($pkg_dir."/PKGBUILD", "r");
+ $seen_build = 0;
+ while (!feof($fp)) {
+ $line = trim(fgets($fp));
+ $lparts = explode("=", $line);
+ if (count($lparts) == 2) {
+ # this is a variable/value pair
+ #
+ $pkgbuild[$lparts[0]] = $lparts[1];
+ } else {
+ # either a comment, blank line, or build function
+ #
+ if (substr($lparts[0], 0, 5) == "build") {
+ $seen_build = 1;
+ }
+ }
+ if ($seen_build) {break;}
+ }
+ fclose($fp);
- # flush out old data that will be replaced with new data
+ # some error checking on PKGBUILD contents
#
- $q = "DELETE FROM PackageContents WHERE PackageID = ".$pdata["ID"];
- db_query($q, $dbh);
- $q = "DELETE FROM PackageDepends WHERE PackageID = ".$pdata["ID"];
- db_query($q, $dbh);
- $q = "DELETE FROM PackageSources WHERE PackageID = ".$pdata["ID"];
- db_query($q, $dbh);
+ if (!$seen_build) {
+ $error = __("Missing build function in PKGBUILD.");
+ }
+ if (!array_key_exists("md5sums", $pkgbuild)) {
+ $error = __("Missing md5sums variable in PKGBUILD.");
+ }
+ if (!array_key_exists("source", $pkgbuild)) {
+ $error = __("Missing source variable in PKGBUILD.");
+ }
+ if (!array_key_exists("url", $pkgbuild)) {
+ $error = __("Missing url variable in PKGBUILD.");
+ }
+ if (!array_key_exists("pkgdesc", $pkgbuild)) {
+ $error = __("Missing pkgdesc variable in PKGBUILD.");
+ }
+ if (!array_key_exists("pkgrel", $pkgbuild)) {
+ $error = __("Missing pkgrel variable in PKGBUILD.");
+ }
+ if (!array_key_exists("pkgver", $pkgbuild)) {
+ $error = __("Missing pkgver variable in PKGBUILD.");
+ }
+ if (!array_key_exists("pkgname", $pkgbuild)) {
+ $error = __("Missing pkgname variable in PKGBUILD.");
+ }
+ }
- } else {
- # this is a brand new package
- #
+ # update the backend database if there are no errors
+ #
+ if (!$error) {
+ $dbh = db_connect();
+ if ($pkg_exists) {
+
+ # this is an overwrite of an existing package, the database ID
+ # needs to be preserved so that any votes are retained. However,
+ # PackageDepends, PackageSources, and PackageContents can be
+ # purged.
+ #
+ $q = "SELECT * FROM Packages ";
+ $q.= "WHERE Name = '".mysql_escape_string($_FILES["pfile"]["name"])."'";
+ $result = db_query($q, $dbh);
+ $pdata = mysql_fetch_assoc($result);
+
+ # flush out old data that will be replaced with new data
+ #
+ $q = "DELETE FROM PackageContents WHERE PackageID = ".$pdata["ID"];
+ db_query($q, $dbh);
+ $q = "DELETE FROM PackageDepends WHERE PackageID = ".$pdata["ID"];
+ db_query($q, $dbh);
+ $q = "DELETE FROM PackageSources WHERE PackageID = ".$pdata["ID"];
+ db_query($q, $dbh);
+
+ # TODO
+ # $q = "UPDATE Packages ..."
+
+ } else {
+ # this is a brand new package
+ #
+ # TODO
+ # $q = "INSERT ..."
+ }
}
+ # TODO clean up on error? How much cleaning to do?
+ #
+ if ($error) {
+ # TODO clean house (filesystem/database)
+ #
+ }
}
@@ -103,7 +239,7 @@ if ($_COOKIE["AURSID"]) {
# give the visitor the default upload form
#
if (ini_get("file_uploads")) {
- if (!$error) {
+ if ($error) {
print "<span class='error'>".$error."</span><br />\n";
print "<br />&nbsp;<br />\n";
}