diff options
Diffstat (limited to 'web/lib/pkgfuncs.inc')
| -rw-r--r-- | web/lib/pkgfuncs.inc | 1001 |
1 files changed, 0 insertions, 1001 deletions
diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc deleted file mode 100644 index 2024aeb..0000000 --- a/web/lib/pkgfuncs.inc +++ /dev/null @@ -1,1001 +0,0 @@ -<?php -include_once("config.inc"); - -# Make sure this visitor can delete the requested package comment -# They can delete if they were the comment submitter, or if they are a TU/Dev -# -function canDeleteComment($comment_id=0, $atype="", $uid=0) { - if ($atype == "Trusted User" || $atype == "Developer") { - # A TU/Dev can delete any comment - return TRUE; - } - $dbh = db_connect(); - $q = "SELECT COUNT(ID) AS CNT "; - $q.= "FROM PackageComments "; - $q.= "WHERE ID = " . intval($comment_id); - $q.= " AND UsersID = " . $uid; - $result = db_query($q, $dbh); - if ($result != NULL) { - $row = mysql_fetch_assoc($result); - if ($row['CNT'] > 0) { - return TRUE; - } - } - return FALSE; -} - -# Make sure this visitor can delete the requested package comment -# They can delete if they were the comment submitter, or if they are a TU/Dev -# -function canDeleteCommentArray($comment, $atype="", $uid=0) { - if ($atype == "Trusted User" || $atype == "Developer") { - # A TU/Dev can delete any comment - return TRUE; - } else if ($comment['UsersID'] == $uid) { - # User's own comment - return TRUE; - } - return FALSE; -} - -# see if this Users.ID can manage the package -# -function canManagePackage($uid=0,$AURMUID=0, $MUID=0, $SUID=0, $managed=0) { - if (!$uid) {return 0;} - - # The uid of the TU/Dev that manages the package - # - if ($uid == $AURMUID) {return 1;} - - # If the package isn't maintained by a TU/Dev, is this the user-maintainer? - # - if ($uid == $MUID && !$managed) {return 1;} - - # If the package isn't maintained by a TU/Dev, is this the user-submitter? - # - if ($uid == $SUID && !$managed) {return 1;} - - # otherwise, no right to manage this package - # - return 0; -} - -# Check if the current user can submit blacklisted packages. -# -function canSubmitBlacklisted($atype = "") { - if ($atype == "Trusted User" || $atype == "Developer") { - # Only TUs/Devs can submit blacklisted packages. - return TRUE; - } - else { - return FALSE; - } -} - -# grab the current list of PackageCategories -# -function pkgCategories() { - $cats = array(); - $dbh = db_connect(); - $q = "SELECT * FROM PackageCategories WHERE ID != 1 "; - $q.= "ORDER BY Category ASC"; - $result = db_query($q, $dbh); - if ($result) { - while ($row = mysql_fetch_row($result)) { - $cats[$row[0]] = $row[1]; - } - } - return $cats; -} - -# check to see if the package name exists -# -function package_exists($name="") { - if (!$name) {return NULL;} - $dbh = db_connect(); - $q = "SELECT ID FROM Packages "; - $q.= "WHERE Name = '".mysql_real_escape_string($name)."' "; - $result = db_query($q, $dbh); - if (!$result) {return NULL;} - $row = mysql_fetch_row($result); - return $row[0]; -} - -# grab package dependencies -# -function package_dependencies($pkgid=0) { - $deps = array(); - $pkgid = intval($pkgid); - if ($pkgid > 0) { - $dbh = db_connect(); - $q = "SELECT pd.DepName, pd.DepCondition, p.ID FROM PackageDepends pd "; - $q.= "LEFT JOIN Packages p ON pd.DepName = p.Name "; - $q.= "WHERE pd.PackageID = ". $pkgid . " "; - $q.= "ORDER BY pd.DepName"; - $result = db_query($q, $dbh); - if (!$result) {return array();} - while ($row = mysql_fetch_row($result)) { - $deps[] = $row; - } - } - return $deps; -} - -function package_required($name="") { - $deps = array(); - if ($name != "") { - $dbh = db_connect(); - $q = "SELECT p.Name, PackageID FROM PackageDepends pd "; - $q.= "JOIN Packages p ON pd.PackageID = p.ID "; - $q.= "WHERE DepName = '".mysql_real_escape_string($name)."' "; - $q.= "ORDER BY p.Name"; - $result = db_query($q, $dbh); - if (!$result) {return array();} - while ($row = mysql_fetch_row($result)) { - $deps[] = $row; - } - } - return $deps; -} - -# Return the number of comments for a specified package -function package_comments_count($pkgid = 0) { - $pkgid = intval($pkgid); - if ($pkgid > 0) { - $dbh = db_connect(); - $q = "SELECT COUNT(*) FROM PackageComments "; - $q.= "WHERE PackageID = " . $pkgid; - $q.= " AND DelUsersID IS NULL"; - } - $result = db_query($q, $dbh); - - if (!$result) { - return; - } - - return mysql_result($result, 0); -} - -# Return an array of package comments -function package_comments($pkgid = 0) { - $comments = array(); - $pkgid = intval($pkgid); - if ($pkgid > 0) { - $dbh = db_connect(); - $q = "SELECT PackageComments.ID, UserName, UsersID, Comments, CommentTS "; - $q.= "FROM PackageComments, Users "; - $q.= "WHERE PackageComments.UsersID = Users.ID"; - $q.= " AND PackageID = " . $pkgid; - $q.= " AND DelUsersID IS NULL"; # only display non-deleted comments - $q.= " ORDER BY CommentTS DESC"; - - if (!isset($_GET['comments'])) { - $q.= " LIMIT 10"; - } - - $result = db_query($q, $dbh); - - if (!$result) { - return; - } - - while ($row = mysql_fetch_assoc($result)) { - $comments[] = $row; - } - } - return $comments; -} - -# grab package sources -# -function package_sources($pkgid=0) { - $sources = array(); - $pkgid = intval($pkgid); - if ($pkgid > 0) { - $dbh = db_connect(); - $q = "SELECT Source FROM PackageSources "; - $q.= "WHERE PackageID = " . $pkgid; - $q.= " ORDER BY Source"; - $result = db_query($q, $dbh); - if (!$result) {return array();} - while ($row = mysql_fetch_row($result)) { - $sources[] = $row[0]; - } - } - return $sources; -} - - -# grab array of Package.IDs that I've voted for: $pkgs[1234] = 1, ... -# -function pkgvotes_from_sid($sid="") { - $pkgs = array(); - if (!$sid) {return $pkgs;} - $dbh = db_connect(); - $q = "SELECT PackageID "; - $q.= "FROM PackageVotes, Users, Sessions "; - $q.= "WHERE Users.ID = Sessions.UsersID "; - $q.= "AND Users.ID = PackageVotes.UsersID "; - $q.= "AND Sessions.SessionID = '".mysql_real_escape_string($sid)."'"; - $result = db_query($q, $dbh); - if ($result) { - while ($row = mysql_fetch_row($result)) { - $pkgs[$row[0]] = 1; - } - } - return $pkgs; -} - -# array of package ids that you're being notified for -# *yoink* -# -function pkgnotify_from_sid($sid="") { - $pkgs = array(); - if (!$sid) {return $pkgs;} - $dbh = db_connect(); - $q = "SELECT PkgID "; - $q.= "FROM CommentNotify, Users, Sessions "; - $q.= "WHERE Users.ID = Sessions.UsersID "; - $q.= "AND Users.ID = CommentNotify.UserID "; - $q.= "AND Sessions.SessionID = '".mysql_real_escape_string($sid)."'"; - $result = db_query($q, $dbh); - if ($result) { - while ($row = mysql_fetch_row($result)) { - $pkgs[$row[0]] = 1; - } - } - return $pkgs; -} - -# get name of package based on pkgid -# -function pkgname_from_id($pkgid=0) { - $pkgid = intval($pkgid); - $name = ""; - if ($pkgid > 0) { - $dbh = db_connect(); - $q = "SELECT Name FROM Packages WHERE ID = " . $pkgid; - $result = db_query($q, $dbh); - if (mysql_num_rows($result) > 0) { - $name = mysql_result($result, 0); - } - } - return $name; -} - -# Check if a package name is blacklisted. -# -function pkgname_is_blacklisted($name) { - $dbh = db_connect(); - $q = "SELECT COUNT(*) FROM PackageBlacklist WHERE Name = '" . mysql_real_escape_string($name) . "'"; - $result = db_query($q, $dbh); - - if (!$result) return false; - return (mysql_result($result, 0) > 0); -} - -# display package details -# -function package_details($id=0, $SID="") { - $atype = account_from_sid($SID); - $uid = uid_from_sid($SID); - - $q = "SELECT Packages.*,Category "; - $q.= "FROM Packages,PackageCategories "; - $q.= "WHERE Packages.CategoryID = PackageCategories.ID "; - $q.= "AND Packages.ID = " . intval($id); - $dbh = db_connect(); - $results = db_query($q, $dbh); - - if (!$results) { - print __("Error retrieving package details.") . "<br />\n"; - } - else { - $row = mysql_fetch_assoc($results); - if (empty($row)) { - print __("Package details could not be found.") . "<br />\n"; - - } - else { - include('pkg_details.php'); - - # Actions Bar - if ($SID) { - include('actions_form.php'); - include('pkg_comment_form.php'); - } - - # Print Comments - $comments = package_comments($id); - if (!empty($comments)) { - include('pkg_comments.php'); - } - } - } - return; -} - - -/* pkg_search_page(SID) - * outputs the body of search/search results page - * - * parameters: - * SID - current Session ID - * preconditions: - * package search page has been accessed - * request variables have not been sanitized - * - * request vars: - * O - starting result number - * PP - number of search hits per page - * C - package category ID number - * K - package search string - * SO - search hit sort order: - * values: a - ascending - * d - descending - * SB - sort search hits by: - * values: c - package category - * n - package name - * v - number of votes - * m - maintainer username - * SeB- property that search string (K) represents - * values: n - package name - * nd - package name & description - * x - package name (exact match) - * m - package maintainer's username - * s - package submitter's username - * do_Orphans - boolean. whether to search packages - * without a maintainer - * - * - * These two are actually handled in packages.php. - * - * IDs- integer array of ticked packages' IDs - * action - action to be taken on ticked packages - * values: do_Flag - Flag out-of-date - * do_UnFlag - Remove out-of-date flag - * do_Adopt - Adopt - * do_Disown - Disown - * do_Delete - Delete (requires confirm_Delete to be set) - * do_Notify - Enable notification - * do_UnNotify - Disable notification - */ -function pkg_search_page($SID="") { - // establish a db connection - $dbh = db_connect(); - - // get commonly used variables... - // TODO: REDUCE DB HITS. - // grab info for user if they're logged in - if ($SID) - $myuid = uid_from_sid($SID); - // get a list of package categories - $cats = pkgCategories(); //meow - - // sanitize paging variables - // - if (isset($_GET['O'])) { - $_GET['O'] = intval($_GET['O']); - if ($_GET['O'] < 0) - $_GET['O'] = 0; - } - else { - $_GET['O'] = 0; - } - - if (isset($_GET["PP"])) { - $_GET["PP"] = intval($_GET["PP"]); - if ($_GET["PP"] < 50) - $_GET["PP"] = 50; - else if ($_GET["PP"] > 250) - $_GET["PP"] = 250; - } - else { - $_GET["PP"] = 50; - } - - // FIXME: pull out DB-related code. all of it. - // this one's worth a choco-chip cookie, - // one of those nice big soft ones - - // build the package search query - // - $q_select = "SELECT "; - if ($SID) { - $q_select .= "CommentNotify.UserID AS Notify, - PackageVotes.UsersID AS Voted, "; - } - $q_select .= "Users.Username AS Maintainer, - PackageCategories.Category, - Packages.Name, Packages.Version, Packages.Description, Packages.NumVotes, - Packages.ID, Packages.OutOfDateTS "; - - $q_from = "FROM Packages - LEFT JOIN Users ON (Packages.MaintainerUID = Users.ID) - LEFT JOIN PackageCategories - ON (Packages.CategoryID = PackageCategories.ID) "; - if ($SID) { - # this portion is not needed for the total row count query - $q_from_extra = "LEFT JOIN PackageVotes - ON (Packages.ID = PackageVotes.PackageID AND PackageVotes.UsersID = $myuid) - LEFT JOIN CommentNotify - ON (Packages.ID = CommentNotify.PkgID AND CommentNotify.UserID = $myuid) "; - } else { - $q_from_extra = ""; - } - - $q_where = "WHERE 1 = 1 "; - // TODO: possibly do string matching on category - // to make request variable values more sensible - if (isset($_GET["C"]) && intval($_GET["C"])) { - $q_where .= "AND Packages.CategoryID = ".intval($_GET["C"])." "; - } - - if (isset($_GET['K'])) { - $_GET['K'] = mysql_real_escape_string(trim($_GET['K'])); - - # Search by maintainer - if (isset($_GET["SeB"]) && $_GET["SeB"] == "m") { - $q_where .= "AND Users.Username = '".$_GET['K']."' "; - } - # Search by submitter - elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "s") { - $q_where .= "AND SubmitterUID = ".uid_from_username($_GET['K'])." "; - } - # Search by name - elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "n") { - $q_where .= "AND (Name LIKE '%".$_GET['K']."%') "; - } - # Search by name (exact match) - elseif (isset($_GET["SeB"]) && $_GET["SeB"] == "x") { - $q_where .= "AND (Name = '".$_GET['K']."') "; - } - # Search by name and description (Default) - else { - $q_where .= "AND (Name LIKE '%".$_GET['K']."%' OR "; - $q_where .= "Description LIKE '%".$_GET['K']."%') "; - } - } - - if (isset($_GET["do_Orphans"])) { - $q_where .= "AND MaintainerUID IS NULL "; - } - - if (isset($_GET['outdated'])) { - if ($_GET['outdated'] == 'on') { - $q_where .= "AND OutOfDateTS IS NOT NULL "; - } - elseif ($_GET['outdated'] == 'off') { - $q_where .= "AND OutOfDateTS IS NULL "; - } - } - - $order = (isset($_GET["SO"]) && $_GET["SO"] == 'd') ? 'DESC' : 'ASC'; - - $q_sort = "ORDER BY Name ".$order.", CategoryID DESC "; - $sort_by = isset($_GET["SB"]) ? $_GET["SB"] : ''; - switch ($sort_by) { - case 'c': - $q_sort = "ORDER BY CategoryID ".$order.", Name ASC "; - break; - case 'v': - $q_sort = "ORDER BY NumVotes ".$order.", Name ASC, CategoryID DESC "; - break; - case 'w': - if ($SID) { - $q_sort = "ORDER BY Voted ".$order.", Name ASC, CategoryID DESC "; - } - break; - case 'o': - if ($SID) { - $q_sort = "ORDER BY Notify ".$order.", Name ASC, CategoryID DESC "; - } - break; - case 'm': - $q_sort = "ORDER BY Maintainer ".$order.", Name ASC "; - break; - case 'a': - $q_sort = "ORDER BY ModifiedTS ".$order.", Name ASC "; - break; - default: - break; - } - - $q_limit = "LIMIT ".$_GET["PP"]." OFFSET ".$_GET["O"]; - - $q = $q_select . $q_from . $q_from_extra . $q_where . $q_sort . $q_limit; - $q_total = "SELECT COUNT(*) " . $q_from . $q_where; - - $result = db_query($q, $dbh); - $result_t = db_query($q_total, $dbh); - if ($result_t) { - $total = mysql_result($result_t, 0); - } - else { - $total = 0; - } - - if ($result && $total > 0) { - if (isset($_GET["SO"]) && $_GET["SO"] == "d"){ - $SO_next = "a"; - } - else { - $SO_next = "d"; - } - } - - // figure out the results to use - $first = $_GET['O'] + 1; - - if (($_GET['PP'] + $_GET['O']) > $total) { - $last = $total; - } else { - $last = $_GET['PP'] + $_GET['O']; - } - - - if ($total > 1 || $total == 0) { - # calculation of pagination links - $per_page = ($_GET['PP'] > 0) ? $_GET['PP'] : 50; - $current = ceil($first / $per_page); - $pages = ceil($total / $per_page); - $templ_pages = array(); - - if ($current > 1) { - $templ_pages[__('First')] = 0; - $templ_pages[__('Previous')] = ($current - 2) * $per_page; - } - - if ($current - 5 > 1) - $templ_pages["..."] = false; - - for ($i = max($current - 5, 1); $i <= min($pages, $current + 5); $i++) { - $templ_pages[$i] = ($i - 1) * $per_page; - } - - if ($current + 5 < $pages) - $templ_pages["... "] = false; - - if ($current < $pages) { - $templ_pages[__('Next')] = $current * $per_page; - $templ_pages[__('Last')] = ($pages - 1) * $per_page; - } - - include('pkg_search_form.php'); - include('pkg_search_results.php'); - } - else { - $pkgdetails = mysql_fetch_assoc($result); - header("Location: packages.php?ID={$pkgdetails['ID']}"); - } - - return; -} - -function current_action($action) { - return (isset($_POST['action']) && $_POST['action'] == $action) || - isset($_POST[$action]); -} - -/** - * Ensure an array of IDs is in fact all valid integers. - */ -function sanitize_ids($ids) { - $new_ids = array(); - foreach ($ids as $id) { - $id = intval($id); - if ($id > 0) { - $new_ids[] = $id; - } - } - return $new_ids; -} - -/** - * Flag and un-flag packages out-of-date - * - * @param string $atype Account type, output of account_from_sid - * @param array $ids Array of package IDs to flag/unflag - * @param boolean $action True flags out-of-date, false un-flags. Flags by - * default - * - * @return string Translated success or error messages - */ -function pkg_flag ($atype, $ids, $action = True) { - if (!$atype) { - if ($action) { - return __("You must be logged in before you can flag packages."); - } else { - return __("You must be logged in before you can unflag packages."); - } - } - - $ids = sanitize_ids($ids); - if (empty($ids)) { - if ($action) { - return __("You did not select any packages to flag."); - } else { - return __("You did not select any packages to unflag."); - } - } - - $dbh = db_connect(); - - $q = "UPDATE Packages SET"; - if ($action) { - $q.= " OutOfDateTS = UNIX_TIMESTAMP()"; - } - else { - $q.= " OutOfDateTS = NULL"; - } - $q.= " WHERE ID IN (" . implode(",", $ids) . ")"; - - db_query($q, $dbh); - - if ($action) { - # Notify of flagging by email - $f_name = username_from_sid($_COOKIE['AURSID']); - $f_email = email_from_sid($_COOKIE['AURSID']); - $f_uid = uid_from_sid($_COOKIE['AURSID']); - $q = "SELECT Packages.Name, Users.Email, Packages.ID "; - $q.= "FROM Packages, Users "; - $q.= "WHERE Packages.ID IN (" . implode(",", $ids) .") "; - $q.= "AND Users.ID = Packages.MaintainerUID "; - $q.= "AND Users.ID != " . $f_uid; - $result = db_query($q, $dbh); - if (mysql_num_rows($result)) { - while ($row = mysql_fetch_assoc($result)) { - # construct email - $body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . " [1]. You may view your package at:\nhttps://aur.archlinux.org/packages.php?ID=" . $row['ID'] . "\n\n[1] - https://aur.archlinux.org/account.php?Action=AccountInfo&ID=" . $f_uid; - $body = wordwrap($body, 70); - $headers = "Reply-to: nobody@archlinux.org\nFrom:aur-notify@archlinux.org\nX-Mailer: PHP\nX-MimeOLE: Produced By AUR\n"; - @mail($row['Email'], "AUR Out-of-date Notification for ".$row['Name'], $body, $headers); - } - } - } - - if ($action) { - return __("The selected packages have been flagged out-of-date."); - } else { - return __("The selected packages have been unflagged."); - } -} - -/** - * Delete packages - * - * @param string $atype Account type, output of account_from_sid - * @param array $ids Array of package IDs to delete - * - * @return string Translated error or success message - */ -function pkg_delete ($atype, $ids) { - if (!$atype) { - return __("You must be logged in before you can delete packages."); - } - - # If they're a TU or dev, can delete - if ($atype != "Trusted User" && $atype != "Developer") { - return __("You do have permission to delete packages."); - } - - $ids = sanitize_ids($ids); - if (empty($ids)) { - return __("You did not select any packages to delete."); - } - - $dbh = db_connect(); - $q = "DELETE FROM Packages WHERE ID IN (" . implode(",", $ids) . ")"; - $result = db_query($q, $dbh); - - return __("The selected packages have been deleted."); -} - -/** - * Adopt or disown packages - * - * @param string $atype Account type, output of account_from_sid - * @param array $ids Array of package IDs to adopt/disown - * @param boolean $action Adopts if true, disowns if false. Adopts by default - * - * @return string Translated error or success message - */ -function pkg_adopt ($atype, $ids, $action = True) { - if (!$atype) { - if ($action) { - return __("You must be logged in before you can adopt packages."); - } else { - return __("You must be logged in before you can disown packages."); - } - } - - $ids = sanitize_ids($ids); - if (empty($ids)) { - if ($action) { - return __("You did not select any packages to adopt."); - } else { - return __("You did not select any packages to disown."); - } - } - - $dbh = db_connect(); - - $field = "MaintainerUID"; - $q = "UPDATE Packages "; - - if ($action) { - $user = uid_from_sid($_COOKIE["AURSID"]); - } else { - $user = 'NULL'; - } - - $q.= "SET $field = $user "; - $q.= "WHERE ID IN (" . implode(",", $ids) . ") "; - - if ($action && $atype == "User") { - # Regular users may only adopt orphan packages from unsupported - $q.= "AND $field IS NULL "; - } else if ($atype == "User") { - $q.= "AND $field = " . uid_from_sid($_COOKIE["AURSID"]); - } - - db_query($q, $dbh); - - if ($action) { - pkg_notify(account_from_sid($_COOKIE["AURSID"]), $ids); - return __("The selected packages have been adopted."); - } else { - return __("The selected packages have been disowned."); - } -} - -/** - * Vote and un-vote for packages - * - * @param string $atype Account type, output of account_from_sid - * @param array $ids Array of package IDs to vote/un-vote - * @param boolean $action Votes if true, un-votes if false. Votes by default - * - * @return string Translated error or success message - */ -function pkg_vote ($atype, $ids, $action = True) { - if (!$atype) { - if ($action) { - return __("You must be logged in before you can vote for packages."); - } else { - return __("You must be logged in before you can un-vote for packages."); - } - } - - $ids = sanitize_ids($ids); - if (empty($ids)) { - if ($action) { - return __("You did not select any packages to vote for."); - } else { - return __("Your votes have been removed from the selected packages."); - } - } - - $dbh = db_connect(); - $my_votes = pkgvotes_from_sid($_COOKIE["AURSID"]); - $uid = uid_from_sid($_COOKIE["AURSID"]); - - $first = 1; - foreach ($ids as $pid) { - if ($action) { - $check = !isset($my_votes[$pid]); - } else { - $check = isset($my_votes[$pid]); - } - - if ($check) { - if ($first) { - $first = 0; - $vote_ids = $pid; - if ($action) { - $vote_clauses = "($uid, $pid)"; - } - } else { - $vote_ids .= ", $pid"; - if ($action) { - $vote_clauses .= ", ($uid, $pid)"; - } - } - } - } - - # only vote for packages the user hasn't already voted for - # - $op = $action ? "+" : "-"; - $q = "UPDATE Packages SET NumVotes = NumVotes $op 1 "; - $q.= "WHERE ID IN ($vote_ids)"; - - db_query($q, $dbh); - - if ($action) { - $q = "INSERT INTO PackageVotes (UsersID, PackageID) VALUES "; - $q.= $vote_clauses; - } else { - $q = "DELETE FROM PackageVotes WHERE UsersID = $uid "; - $q.= "AND PackageID IN ($vote_ids)"; - } - - db_query($q, $dbh); - - if ($action) { - $q = "UPDATE Users SET LastVoted = UNIX_TIMESTAMP() "; - $q.= "WHERE ID = $uid"; - - db_query($q, $dbh); - } - - if ($action) { - return __("Your votes have been cast for the selected packages."); - } else { - return __("Your votes have been removed from the selected packages."); - } -} - -/** - * Toggle notification of packages - * - * @param string $atype Account type, output of account_from_sid - * @param array $ids Array of package IDs to toggle, formatted as $package_id - * @return string Translated error or success message - */ -function pkg_notify ($atype, $ids, $action = True) { - if (!$atype) { -# return __("You must be logged in before you can get notifications on comments."); - return; - } - - $ids = sanitize_ids($ids); - if (empty($ids)) { - return __("Couldn't add to notification list."); - } - - $dbh = db_connect(); - $uid = uid_from_sid($_COOKIE["AURSID"]); - - $output = ""; - - $first = True; - - # There currently shouldn't be multiple requests here, but the - # format in which it's sent requires this. - foreach ($ids as $pid) { - $q = "SELECT Name FROM Packages WHERE ID = $pid"; - $result = db_query($q, $dbh); - if ($result) { - $pkgname = mysql_result($result , 0); - } - else { - $pkgname = ''; - } - - if ($first) - $first = False; - else - $output .= ", "; - - - if ($action) { - $q = "SELECT * FROM CommentNotify WHERE UserID = $uid"; - $q .= " AND PkgID = $pid"; - - # Notification already added. Don't add again. - $result = db_query($q, $dbh); - if (!mysql_num_rows($result)) { - $q = "INSERT INTO CommentNotify (PkgID, UserID) VALUES ($pid, $uid)"; - db_query($q, $dbh); - } - - $output .= $pkgname; - } - else { - $q = "DELETE FROM CommentNotify WHERE PkgID = $pid"; - $q .= " AND UserID = $uid"; - db_query($q, $dbh); - - $output .= $pkgname; - } - } - - if ($action) { - $output = __("You have been added to the comment notification list for %s.", $output); - } - else { - $output = __("You have been removed from the comment notification list for %s.", $output); - } - - return $output; -} - - - -/** - * Delete comment - * - * @param string $atype Account type, output of account_from_sid - * @return string Translated error or success message - */ -function pkg_delete_comment($atype) { - if (!$atype) { - return __("You must be logged in before you can edit package information."); - } - - # Get ID of comment to be removed - if (isset($_POST["comment_id"])) { - $comment_id = $_POST["comment_id"]; - } else { - return __("Missing comment ID."); - } - - $uid = uid_from_sid($_COOKIE["AURSID"]); - if (canDeleteComment($comment_id, $atype, $uid)) { - - $dbh = db_connect(); - $q = "UPDATE PackageComments "; - $q.= "SET DelUsersID = ".$uid." "; - $q.= "WHERE ID = ".intval($comment_id); - db_query($q, $dbh); - return __("Comment has been deleted."); - } else { - return __("You are not allowed to delete this comment."); - } -} - -/** - * Change package category - * - * @param string $atype Account type, output of account_from_sid - * @return string Translated error or success message - */ -function pkg_change_category($atype) { - if (!$atype) { - return __("You must be logged in before you can edit package information."); - } - - # Get ID of the new category - if (isset($_POST["category_id"])) { - $category_id = $_POST["category_id"]; - } else { - return __("Missing category ID."); - } - - $catArray = pkgCategories(); - if (!array_key_exists($category_id, $catArray)) { - return __("Invalid category ID."); - } - - if (isset($_GET["ID"])) { - $pid = $_GET["ID"]; - } else { - return __("Missing package ID."); - } - - # Verify package ownership - $dbh = db_connect(); - $q = "SELECT Packages.MaintainerUID "; - $q.= "FROM Packages "; - $q.= "WHERE Packages.ID = ".$pid; - $result = db_query($q, $dbh); - if ($result) { - $pkg = mysql_fetch_assoc($result); - } - else { - return __("You are not allowed to change this package category."); - } - - $uid = uid_from_sid($_COOKIE["AURSID"]); - if ($uid == $pkg["MaintainerUID"] or - ($atype == "Developer" or $atype == "Trusted User")) { - $q = "UPDATE Packages "; - $q.= "SET CategoryID = ".intval($category_id)." "; - $q.= "WHERE ID = ".intval($pid); - db_query($q, $dbh); - return __("Package category changed."); - } else { - return __("You are not allowed to change this package category."); - } -} |