summaryrefslogtreecommitdiffstats
path: root/web/lib
diff options
context:
space:
mode:
Diffstat (limited to 'web/lib')
-rw-r--r--web/lib/acctfuncs.inc.php81
-rw-r--r--web/lib/aur.inc.php57
-rw-r--r--web/lib/aurjson.class.php17
-rw-r--r--web/lib/config.inc.php.proto28
-rw-r--r--web/lib/pkgfuncs.inc.php38
-rw-r--r--web/lib/translator.inc.php101
6 files changed, 178 insertions, 144 deletions
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 9bd6e51..512e66c 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -35,7 +35,7 @@ function display_account_form($UTYPE,$A,$U="",$T="",$S="",
print "<input type='hidden' name='ID' value='".$UID."' />\n";
}
print "</fieldset>";
- print "<table border='0' cellpadding='0' cellspacing='0' width='80%' style=\"margin:0 auto;\">\n";
+ print "<table>\n";
print "<tr><td colspan='2'>&nbsp;</td></tr>\n";
print "<tr>";
@@ -171,14 +171,15 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
# error check and process request for a new/modified account
global $SUPPORTED_LANGS;
+ $dbh = db_connect();
+
if(isset($_COOKIE['AURSID'])) {
- $editor_user = uid_from_sid($_COOKIE['AURSID']);
+ $editor_user = uid_from_sid($_COOKIE['AURSID'], $dbh);
}
else {
$editor_user = null;
}
- $dbh = db_connect();
$error = "";
if (empty($E) || empty($U)) {
$error = __("Missing a required field.");
@@ -196,7 +197,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
}
}
- if (!$error && !valid_username($U) && !user_is_privileged($editor_user))
+ if (!$error && !valid_username($U) && !user_is_privileged($editor_user, $dbh))
$error = __("The username is invalid.") . "<ul>\n"
."<li>" . __("It must be between %s and %s characters long",
USERNAME_MIN_LEN, USERNAME_MAX_LEN )
@@ -233,7 +234,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
if ($result) {
$row = mysql_fetch_array($result);
if ($row[0]) {
- $error = __("The username, %h%s%h, is already in use.",
+ $error = __("The username, %s%s%s, is already in use.",
"<b>", htmlspecialchars($U,ENT_QUOTES), "</b>");
}
}
@@ -251,7 +252,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
if ($result) {
$row = mysql_fetch_array($result);
if ($row[0]) {
- $error = __("The address, %h%s%h, is already in use.",
+ $error = __("The address, %s%s%s, is already in use.",
"<b>", htmlspecialchars($E,ENT_QUOTES), "</b>");
}
}
@@ -273,12 +274,12 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
"VALUES (1, 0, '" . implode("', '", $escaped) . "')";
$result = db_query($q, $dbh);
if (!$result) {
- print __("Error trying to create account, %h%s%h: %s.",
+ print __("Error trying to create account, %s%s%s: %s.",
"<b>", htmlspecialchars($U,ENT_QUOTES), "</b>", mysql_error($dbh));
} else {
# account created/modified, tell them so.
#
- print __("The account, %h%s%h, has been successfully created.",
+ print __("The account, %s%s%s, has been successfully created.",
"<b>", htmlspecialchars($U,ENT_QUOTES), "</b>");
print "<p>\n";
print __("Click on the Home link above to login.");
@@ -310,10 +311,10 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
$q.= " WHERE ID = ".intval($UID);
$result = db_query($q, $dbh);
if (!$result) {
- print __("Error trying to modify account, %h%s%h: %s.",
+ print __("Error trying to modify account, %s%s%s: %s.",
"<b>", htmlspecialchars($U,ENT_QUOTES), "</b>", mysql_error($dbh));
} else {
- print __("The account, %h%s%h, has been successfully modified.",
+ print __("The account, %s%s%s, has been successfully modified.",
"<b>", htmlspecialchars($U,ENT_QUOTES), "</b>");
}
}
@@ -415,13 +416,7 @@ function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="",
} else {
$num_rows = mysql_num_rows($result);
if ($num_rows) {
- print "<table border='0' cellpadding='0'";
- print " cellspacing='0' width='90%'";
- print " style=\"margin:0 auto\">\n";
- print "<tr>";
- print "<td colspan='2'>";
- print "<table border='0' cellpadding='0'";
- print " cellspacing='0' width='100%'>\n";
+ print "<table class='results'>\n";
print "<tr>";
print "<th class='header'>";
print "<span class='f2'>".__("Username")."</span></th>";
@@ -466,7 +461,7 @@ function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="",
print "</span></td>";
print "<td class='".$c."'><span class='f5'>";
$row["LastVoted"]
- ? print date("Ymd", $row["LastVoted"])
+ ? print date("Y-m-d", $row["LastVoted"])
: print __("Never");
print "</span></td>";
print "<td class='".$c."'><span class='f5'>";
@@ -483,8 +478,8 @@ function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="",
$i++;
}
print "</table>\n";
- print "</td></tr>\n";
+ print "<table class='results'>\n";
print "<tr>";
print "<td align='left'>";
print "<form action='account.php' method='post'>\n";
@@ -531,16 +526,17 @@ function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="",
# Display non-editable account info
#
-function display_account_info($U="", $T="", $E="", $R="", $I="") {
+function display_account_info($U="", $T="", $E="", $R="", $I="", $LV="") {
# U: value to display for username
# T: value to display for account type
# E: value to display for email address
# R: value to display for RealName
# I: value to display for IRC nick
+ # LV: value to display for last voted
global $SUPPORTED_LANGS;
- print "<table border='0' cellpadding='0' cellspacing='0' width='33%' style=\"margin:0 auto;\">\n";
+ print "<table>\n";
print " <tr>\n";
print " <td colspan='2'>&nbsp;</td>\n";
print " </tr>\n";
@@ -579,6 +575,13 @@ function display_account_info($U="", $T="", $E="", $R="", $I="") {
print " </tr>\n";
print " <tr>\n";
+ print " <td align='left'>".__("Last Voted").":</td>\n";
+ print " <td align='left'>";
+ print $LV ? date("Y-m-d", $LV) : __("Never");
+ print "</td>\n";
+ print " </tr>\n";
+
+ print " <tr>\n";
print " <td colspan='2'><a href='packages.php?K=".$U."&amp;SeB=m'>".__("View this user's packages")."</a></td>\n";
print " </tr>\n";
@@ -598,21 +601,20 @@ function try_login() {
$userID = null;
if ( isset($_REQUEST['user']) || isset($_REQUEST['passwd']) ) {
+ $dbh = db_connect();
+ $userID = valid_user($_REQUEST['user'], $dbh);
- $userID = valid_user($_REQUEST['user']);
-
- if ( user_suspended( $userID ) ) {
+ if ( user_suspended($userID, $dbh) ) {
$login_error = "Account Suspended.";
}
elseif ( $userID && isset($_REQUEST['passwd'])
- && valid_passwd($userID, $_REQUEST['passwd']) ) {
+ && valid_passwd($userID, $_REQUEST['passwd'], $dbh) ) {
$logged_in = 0;
$num_tries = 0;
# Account looks good. Generate a SID and store it.
- $dbh = db_connect();
while (!$logged_in && $num_tries < 5) {
if ($MAX_SESSIONS_PER_USER) {
# Delete all user sessions except the
@@ -643,8 +645,11 @@ function try_login() {
}
if ($logged_in) {
- # set our SID cookie
+ $q = "UPDATE Users SET LastLogin = UNIX_TIMESTAMP() ";
+ $q.= "WHERE ID = '$userID'";
+ db_query($q, $dbh);
+ # set our SID cookie
if (isset($_POST['remember_me']) &&
$_POST['remember_me'] == "on") {
# Set cookies for 30 days.
@@ -710,11 +715,10 @@ function valid_username( $user )
* Checks if the username is valid and if it exists in the database
* Returns the username ID or nothing
*/
-function valid_user( $user )
+function valid_user( $user, $dbh )
{
/* if ( $user = valid_username($user) ) { */
if ( $user ) {
- $dbh = db_connect();
$q = "SELECT ID FROM Users WHERE Username = '"
. db_escape_string($user). "'";
@@ -739,11 +743,9 @@ function good_passwd( $passwd )
/* Verifies that the password is correct for the userID specified.
* Returns true or false
*/
-function valid_passwd( $userID, $passwd )
+function valid_passwd( $userID, $passwd, $dbh )
{
if ( strlen($passwd) > 0 ) {
- $dbh = db_connect();
-
# get salt for this user
$salt = get_salt($userID);
if ($salt) {
@@ -784,12 +786,11 @@ function valid_passwd( $userID, $passwd )
/*
* Is the user account suspended?
*/
-function user_suspended( $id )
+function user_suspended( $id, $dbh )
{
if (!$id) {
return false;
}
- $dbh = db_connect();
$q = "SELECT Suspended FROM Users WHERE ID = " . $id;
$result = db_query($q, $dbh);
if ($result) {
@@ -804,9 +805,8 @@ function user_suspended( $id )
/*
* This should be expanded to return something
*/
-function user_delete( $id )
+function user_delete( $id, $dbh )
{
- $dbh = db_connect();
$q = "DELETE FROM Users WHERE ID = " . $id;
db_query($q, $dbh);
return;
@@ -816,9 +816,8 @@ function user_delete( $id )
* A different way of determining a user's privileges
* rather than account_from_sid()
*/
-function user_is_privileged( $id )
+function user_is_privileged( $id, $dbh )
{
- $dbh = db_connect();
$q = "SELECT AccountTypeID FROM Users WHERE ID = " . $id;
$result = db_query($q, $dbh);
if ($result) {
@@ -832,13 +831,9 @@ function user_is_privileged( $id )
}
# Clear out old expired sessions.
-function clear_expired_sessions($dbh = null) {
+function clear_expired_sessions( $dbh ) {
global $LOGIN_TIMEOUT;
- if (empty($dbh)) {
- $dbh = db_connect();
- }
-
$q = "DELETE FROM Sessions WHERE LastUpdateTS < (UNIX_TIMESTAMP() - $LOGIN_TIMEOUT)";
db_query($q, $dbh);
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index 6bc36ac..ed0920f 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -272,63 +272,6 @@ function db_query($query="", $db_handle="") {
return $result;
}
-# set up the visitor's language
-#
-function set_lang($dbh=NULL) {
- global $LANG;
- global $SUPPORTED_LANGS;
- global $PERSISTENT_COOKIE_TIMEOUT;
- global $streamer, $l10n;
-
- $update_cookie = 0;
- if (isset($_REQUEST['setlang'])) {
- # visitor is requesting a language change
- #
- $LANG = $_REQUEST['setlang'];
- $update_cookie = 1;
-
- } elseif (isset($_COOKIE['AURLANG'])) {
- # If a cookie is set, use that
- #
- $LANG = $_COOKIE['AURLANG'];
-
- } elseif (isset($_COOKIE["AURSID"])) {
- # No language but a session; use default lang preference
- #
- if(!$dbh) {
- $dbh = db_connect();
- }
- $q = "SELECT LangPreference FROM Users, Sessions ";
- $q.= "WHERE Users.ID = Sessions.UsersID ";
- $q.= "AND Sessions.SessionID = '";
- $q.= db_escape_string($_COOKIE["AURSID"])."'";
- $result = db_query($q, $dbh);
-
- if ($result) {
- $row = mysql_fetch_array($result);
- $LANG = $row[0];
- }
- $update_cookie = 1;
- }
-
- # Set $LANG to default if nothing is valid.
- if (!array_key_exists($LANG, $SUPPORTED_LANGS)) {
- $LANG = DEFAULT_LANG;
- }
-
- if ($update_cookie) {
- $cookie_time = time() + $PERSISTENT_COOKIE_TIMEOUT;
- setcookie("AURLANG", $LANG, $cookie_time, "/");
- }
-
- $streamer = new FileReader('../locale/' . $LANG .
- '/LC_MESSAGES/aur.mo');
- $l10n = new gettext_reader($streamer, true);
-
- return;
-}
-
-
# common header
#
function html_header($title="") {
diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php
index 6c7725c..234a3c4 100644
--- a/web/lib/aurjson.class.php
+++ b/web/lib/aurjson.class.php
@@ -18,11 +18,14 @@ class AurJSON {
'search', 'info', 'multiinfo', 'msearch'
);
private static $fields = array(
- 'Packages.ID', 'Name', 'Version', 'CategoryID',
- 'Description', 'URL', 'License',
- 'NumVotes', '(OutOfDateTS IS NOT NULL) AS OutOfDate',
+ 'Packages.ID', 'Name', 'Version', 'CategoryID', 'Description', 'URL',
+ 'License', 'NumVotes', 'OutOfDateTS AS OutOfDate',
'SubmittedTS AS FirstSubmitted', 'ModifiedTS AS LastModified'
);
+ private static $numeric_fields = array(
+ 'ID', 'CategoryID', 'NumVotes', 'OutOfDate', 'FirstSubmitted',
+ 'LastModified'
+ );
/**
* Handles post data, and routes the request.
@@ -127,6 +130,14 @@ class AurJSON {
$name = $row['Name'];
$row['URLPath'] = URL_DIR . substr($name, 0, 2) . "/" . $name . "/" . $name . ".tar.gz";
+ /* Unfortunately, mysql_fetch_assoc() returns all fields as
+ * strings. We need to coerce numeric values into integers to
+ * provide proper data types in the JSON response.
+ */
+ foreach (self::$numeric_fields as $field) {
+ $row[$field] = intval($row[$field]);
+ }
+
if ($type == 'info') {
$search_data = $row;
break;
diff --git a/web/lib/config.inc.php.proto b/web/lib/config.inc.php.proto
index fbade86..d1f1cd1 100644
--- a/web/lib/config.inc.php.proto
+++ b/web/lib/config.inc.php.proto
@@ -33,34 +33,6 @@ define("SQL_DEBUG", 0);
# to '127.0.0.1:11211'.
#define("MEMCACHE_SERVERS", '127.0.0.1:11211');
-# Languages we have translations for
-$SUPPORTED_LANGS = array(
- "ca" => "Català",
- "cs" => "česky",
- "da" => "Dansk",
- "de" => "Deutsch",
- "en" => "English",
- "el" => "Ελληνικά",
- "es" => "Español",
- "fi" => "Finnish",
- "fr" => "Français",
- "he" => "עברית",
- "hr" => "Hrvatski",
- "hu" => "Magyar",
- "it" => "Italiano",
- "nb_NO" => "Norsk",
- "nl" => "Dutch",
- "pl" => "Polski",
- "pt" => "Português",
- "pt_BR" => "Português (Brasil)",
- "ro" => "Română",
- "ru" => "Русский",
- "sr" => "Srpski",
- "tr" => "Türkçe",
- "uk" => "Українська",
- "zh_CN" => "简体中文"
-);
-
# Session limit per user
$MAX_SESSIONS_PER_USER = 8;
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index 88b18b8..558cf3f 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -708,6 +708,44 @@ function pkg_delete ($atype, $ids, $mergepkgid, $dbh=NULL) {
}
if ($mergepkgid) {
+ $mergepkgname = pkgname_from_id($mergepkgid, $dbh);
+ }
+
+ # Send email notifications
+ foreach ($ids as $pkgid) {
+ $q = 'SELECT CommentNotify.*, Users.Email ';
+ $q.= 'FROM CommentNotify, Users ';
+ $q.= 'WHERE Users.ID = CommentNotify.UserID ';
+ $q.= 'AND CommentNotify.UserID != ' . uid_from_sid($_COOKIE['AURSID']) . ' ';
+ $q.= 'AND CommentNotify.PkgID = ' . $pkgid;
+ $result = db_query($q, $dbh);
+ $bcc = array();
+
+ while ($row = mysql_fetch_assoc($result)) {
+ array_push($bcc, $row['Email']);
+ }
+ if (!empty($bcc)) {
+ $pkgname = pkgname_from_id($pkgid);
+
+ # TODO: native language emails for users, based on their prefs
+ # Simply making these strings translatable won't work, users would be
+ # getting emails in the language that the user who posted the comment was in
+ $body = "";
+ if ($mergepkgid) {
+ $body .= username_from_sid($_COOKIE['AURSID']) . " merged \"".$pkgname."\" into \"$mergepkgname\".\n\n";
+ $body .= "You will no longer receive notifications about this package, please go to https://aur.archlinux.org/packages.php?ID=".$mergepkgid." and click the Notify button if you wish to recieve them again.";
+ } else {
+ $body .= username_from_sid($_COOKIE['AURSID']) . " deleted \"".$pkgname."\".\n\n";
+ $body .= "You will no longer receive notifications about this package.";
+ }
+ $body = wordwrap($body, 70);
+ $bcc = implode(', ', $bcc);
+ $headers = "Bcc: $bcc\nReply-to: nobody@archlinux.org\nFrom: aur-notify@archlinux.org\nX-Mailer: AUR\n";
+ @mail(' ', "AUR Package deleted: " . $pkgname, $body, $headers);
+ }
+ }
+
+ if ($mergepkgid) {
/* Merge comments */
$q = "UPDATE PackageComments ";
$q.= "SET PackageID = " . intval($mergepkgid) . " ";
diff --git a/web/lib/translator.inc.php b/web/lib/translator.inc.php
index 44c87bd..0bcfb9c 100644
--- a/web/lib/translator.inc.php
+++ b/web/lib/translator.inc.php
@@ -5,12 +5,11 @@ set_include_path(get_include_path() . PATH_SEPARATOR . '../lib' . PATH_SEPARATOR
# usage:
# use the __() function for returning translated strings of
-# text. The string can contain escape codes %h for HTML
-# and %s for regular text.
+# text. The string can contain escape codes "%s".
#
# examples:
# print __("%s has %s apples.", "Bill", "5");
-# print __("This is a %hmajor%h problem!", "<b>", "</b>");
+# print __("This is a %smajor%s problem!", "<b>", "</b>");
include_once('config.inc.php');
include_once('gettext.php');
@@ -18,6 +17,34 @@ include_once('streams.php');
global $streamer, $l10n;
+# Languages we have translations for
+$SUPPORTED_LANGS = array(
+ "ca" => "Català",
+ "cs" => "česky",
+ "da" => "Dansk",
+ "de" => "Deutsch",
+ "en" => "English",
+ "el" => "Ελληνικά",
+ "es" => "Español",
+ "fi" => "Finnish",
+ "fr" => "Français",
+ "he" => "עברית",
+ "hr" => "Hrvatski",
+ "hu" => "Magyar",
+ "it" => "Italiano",
+ "nb_NO" => "Norsk",
+ "nl" => "Dutch",
+ "pl" => "Polski",
+ "pt" => "Português",
+ "pt_BR" => "Português (Brasil)",
+ "ro" => "Română",
+ "ru" => "Русский",
+ "sr" => "Srpski",
+ "tr" => "Türkçe",
+ "uk" => "Українська",
+ "zh_CN" => "简体中文"
+);
+
function __() {
global $LANG;
global $l10n;
@@ -26,25 +53,73 @@ function __() {
$args = func_get_args();
# First argument is always string to be translated
- $tag = $args[0];
+ $tag = array_shift($args);
# Translate using gettext_reader initialized before.
$translated = $l10n->translate($tag);
$translated = htmlspecialchars($translated, ENT_QUOTES);
- $num_args = sizeof($args);
-
# Subsequent arguments are strings to be formatted
- #
- # TODO: make this more robust.
- # '%%' should translate to a literal '%'
+ if (count($args) > 0) {
+ $translated = vsprintf($translated, $args);
+ }
+
+ return $translated;
+}
+
+# set up the visitor's language
+#
+function set_lang($dbh=NULL) {
+ global $LANG;
+ global $SUPPORTED_LANGS;
+ global $PERSISTENT_COOKIE_TIMEOUT;
+ global $streamer, $l10n;
+
+ $update_cookie = 0;
+ if (isset($_REQUEST['setlang'])) {
+ # visitor is requesting a language change
+ #
+ $LANG = $_REQUEST['setlang'];
+ $update_cookie = 1;
- if ( $num_args > 1 ) {
- for ($i = 1; $i < $num_args; $i++) {
- $translated = preg_replace("/\%[sh]/", $args[$i], $translated, 1);
+ } elseif (isset($_COOKIE['AURLANG'])) {
+ # If a cookie is set, use that
+ #
+ $LANG = $_COOKIE['AURLANG'];
+
+ } elseif (isset($_COOKIE["AURSID"])) {
+ # No language but a session; use default lang preference
+ #
+ if(!$dbh) {
+ $dbh = db_connect();
+ }
+ $q = "SELECT LangPreference FROM Users, Sessions ";
+ $q.= "WHERE Users.ID = Sessions.UsersID ";
+ $q.= "AND Sessions.SessionID = '";
+ $q.= mysql_real_escape_string($_COOKIE["AURSID"])."'";
+ $result = db_query($q, $dbh);
+
+ if ($result) {
+ $row = mysql_fetch_array($result);
+ $LANG = $row[0];
}
+ $update_cookie = 1;
}
- return $translated;
+ # Set $LANG to default if nothing is valid.
+ if (!array_key_exists($LANG, $SUPPORTED_LANGS)) {
+ $LANG = DEFAULT_LANG;
+ }
+
+ if ($update_cookie) {
+ $cookie_time = time() + $PERSISTENT_COOKIE_TIMEOUT;
+ setcookie("AURLANG", $LANG, $cookie_time, "/");
+ }
+
+ $streamer = new FileReader('../locale/' . $LANG .
+ '/LC_MESSAGES/aur.mo');
+ $l10n = new gettext_reader($streamer, true);
+
+ return;
}