diff options
Diffstat (limited to 'web')
-rw-r--r-- | web/html/login.php | 9 | ||||
-rw-r--r-- | web/html/pkgsubmit.php | 8 | ||||
-rw-r--r-- | web/lib/DB.class.php | 17 | ||||
-rw-r--r-- | web/lib/acctfuncs.inc.php | 66 | ||||
-rw-r--r-- | web/lib/aur.inc.php | 26 | ||||
-rw-r--r-- | web/lib/aurjson.class.php | 13 | ||||
-rw-r--r-- | web/lib/config.inc.php.proto | 72 | ||||
-rw-r--r-- | web/lib/confparser.inc.php | 20 | ||||
-rw-r--r-- | web/lib/credentials.inc.php | 1 | ||||
-rw-r--r-- | web/lib/pkgbasefuncs.inc.php | 17 | ||||
-rw-r--r-- | web/lib/pkgfuncs.inc.php | 7 | ||||
-rw-r--r-- | web/lib/pkgreqfuncs.inc.php | 41 | ||||
-rw-r--r-- | web/lib/routing.inc.php | 18 | ||||
-rw-r--r-- | web/lib/translator.inc.php | 8 | ||||
-rw-r--r-- | web/template/actions_form.php | 2 | ||||
-rw-r--r-- | web/template/header.php | 2 | ||||
-rw-r--r-- | web/template/pkg_details.php | 13 | ||||
-rw-r--r-- | web/template/pkgbase_details.php | 13 | ||||
-rw-r--r-- | web/template/pkgreq_results.php | 5 | ||||
-rw-r--r-- | web/template/tu_last_votes_list.php | 2 |
20 files changed, 153 insertions, 207 deletions
diff --git a/web/html/login.php b/web/html/login.php index e458fec..dba3af5 100644 --- a/web/html/login.php +++ b/web/html/login.php @@ -5,7 +5,8 @@ include_once("aur.inc.php"); set_lang(); check_sid(); -if (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) { +$disable_http_login = config_get_bool('options', 'disable_http_login'); +if (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])) { $login = try_login(); $login_error = $login['error']; } @@ -19,7 +20,7 @@ html_header('AUR ' . __("Login")); <?= __("Logged-in as: %s", '<strong>' . username_from_sid($_COOKIE["AURSID"]) . '</strong>'); ?> <a href="<?= get_uri('/logout/'); ?>">[<?= __("Logout"); ?>]</a> </p> - <?php elseif (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?> + <?php elseif (!$disable_http_login || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'])): ?> <form method="post" action="<?= get_uri('/login') ?>"> <fieldset> <legend><?= __('Enter login credentials') ?></legend> @@ -28,7 +29,7 @@ html_header('AUR ' . __("Login")); <?php endif; ?> <p> <label for="id_username"><?= __('Username') . ':'; ?></label> - <input id="id_username" type="text" name="user" size="30" maxlength="<?= USERNAME_MAX_LEN; ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" /> + <input id="id_username" type="text" name="user" size="30" maxlength="<?= config_get_int('options', 'username_max_len'); ?>" value="<?php if (isset($_POST['user'])) { print htmlspecialchars($_POST['user'], ENT_QUOTES); } ?>" /> </p> <p> <label for="id_password"><?= __('Password') . ':'; ?></label> @@ -47,7 +48,7 @@ html_header('AUR ' . __("Login")); <?php else: ?> <p> <?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if you want to login."), - '<a href="' . $AUR_LOCATION . get_uri('/login') . '">', '</a>'); ?> + '<a href="' . aur_location() . get_uri('/login') . '">', '</a>'); ?> </p> <?php endif; ?> </div> diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index 8cecd67..be9220e 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -1,7 +1,6 @@ <?php set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); -include_once("config.inc.php"); require_once('Archive/Tar.php'); @@ -64,11 +63,12 @@ if ($uid): } # Check uncompressed file size (ZIP bomb protection) - if (!$error && $MAX_FILESIZE_UNCOMPRESSED) { + $max_filesize_uncompressed = config_get_int('options', 'max_filesize_uncompressed'); + if (!$error && $max_filesize_uncompressed) { fseek($fh, -4, SEEK_END); list(, $filesize_uncompressed) = unpack('V', fread($fh, 4)); - if ($filesize_uncompressed > $MAX_FILESIZE_UNCOMPRESSED) { + if ($filesize_uncompressed > $max_filesize_uncompressed) { $error = __("Error - uncompressed file size too large."); } } @@ -273,7 +273,7 @@ if ($uid): } if (isset($pkgbase_name)) { - $incoming_pkgdir = INCOMING_DIR . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name; + $incoming_pkgdir = config_get('paths', 'storage') . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name; } /* Upload PKGBUILD and tarball. */ diff --git a/web/lib/DB.class.php b/web/lib/DB.class.php index 0975989..b538e0d 100644 --- a/web/lib/DB.class.php +++ b/web/lib/DB.class.php @@ -1,5 +1,7 @@ <?php +include_once("confparser.inc.php"); + class DB { /** @@ -15,8 +17,19 @@ class DB { public static function connect() { if (self::$dbh === null) { try { - self::$dbh = new PDO(AUR_db_DSN_prefix . ":" . AUR_db_host - . ";dbname=" . AUR_db_name, AUR_db_user, AUR_db_pass); + $dsn_prefix = config_get('database', 'dsn_prefix'); + $host = config_get('database', 'host'); + $socket = config_get('database', 'socket'); + $name = config_get('database', 'name'); + $user = config_get('database', 'user'); + $password = config_get('database', 'password'); + + $dsn = $dsn_prefix . + ':host=' . $host . + ';unix_socket=' . $socket . + ';dbname=' . $name; + + self::$dbh = new PDO($dsn, $user, $password); self::$dbh->exec("SET NAMES 'utf8' COLLATE 'utf8_general_ci';"); } catch (PDOException $e) { die('Error - Could not connect to AUR database'); diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index 2272010..1d38fe1 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -89,7 +89,7 @@ function display_account_form($A,$U="",$T="",$S="", */ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="", $P="",$C="",$R="",$L="",$I="",$K="",$J="",$UID=0) { - global $SUPPORTED_LANGS, $AUR_LOCATION; + global $SUPPORTED_LANGS; $error = ''; @@ -118,9 +118,11 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="", } if (!$error && !valid_username($U)) { + $length_min = config_get_int('options', 'username_min_len'); + $length_max = config_get_int('options', 'username_max_len'); + $error = __("The username is invalid.") . "<ul>\n" - ."<li>" . __("It must be between %s and %s characters long", - USERNAME_MIN_LEN, USERNAME_MAX_LEN ) + . "<li>" . __("It must be between %s and %s characters long", $length_min, $length_max) . "</li>" . "<li>" . __("Start and end with a letter or number") . "</li>" . "<li>" . __("Can contain only one period, underscore or hyphen.") @@ -130,8 +132,11 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="", if (!$error && $P && $C && ($P != $C)) { $error = __("Password fields do not match."); } - if (!$error && $P != '' && !good_passwd($P)) - $error = __("Your password must be at least %s characters.",PASSWD_MIN_LEN); + if (!$error && $P != '' && !good_passwd($P)) { + $length_min = config_get_int('options', 'passwd_min_len'); + $error = __("Your password must be at least %s characters.", + $length_min); + } if (!$error && !valid_email($E)) { $error = __("The email address is invalid."); @@ -244,7 +249,7 @@ function process_account_form($TYPE,$A,$U="",$T="",$S="",$E="", 'not work try copying and ' . 'pasting it into your ' . 'browser.', - $AUR_LOCATION); + aur_location()); send_resetkey($email, $subject, $body); print __("A password reset key has been sent to your e-mail address."); @@ -406,14 +411,9 @@ function search_results_page($O=0,$SB="",$U="",$T="", /** * Attempt to login and generate a session * - * @global int $MAX_SESSIONS_PER_USER Maximum sessions a single user may have open - * @global int $PERSISTENT_COOKIE_TIMEOUT Time until cookie expires - * * @return array Session ID for user, error message if applicable */ function try_login() { - global $MAX_SESSIONS_PER_USER, $PERSISTENT_COOKIE_TIMEOUT; - $login_error = ""; $new_sid = ""; $userID = null; @@ -456,16 +456,17 @@ function try_login() { /* Generate a session ID and store it. */ while (!$logged_in && $num_tries < 5) { - if ($MAX_SESSIONS_PER_USER) { + $session_limit = config_get_int('options', 'max_sessions_per_user'); + if ($session_limit) { /* * Delete all user sessions except the - * last ($MAX_SESSIONS_PER_USER - 1). + * last ($session_limit - 1). */ $q = "DELETE s.* FROM Sessions s "; $q.= "LEFT JOIN (SELECT SessionID FROM Sessions "; $q.= "WHERE UsersId = " . $userID . " "; $q.= "ORDER BY LastUpdateTS DESC "; - $q.= "LIMIT " . ($MAX_SESSIONS_PER_USER - 1) . ") q "; + $q.= "LIMIT " . ($session_limit - 1) . ") q "; $q.= "ON s.SessionID = q.SessionID "; $q.= "WHERE s.UsersId = " . $userID . " "; $q.= "AND q.SessionID IS NULL;"; @@ -499,7 +500,8 @@ function try_login() { /* Set the SID cookie. */ if (isset($_POST['remember_me']) && $_POST['remember_me'] == "on") { /* Set cookies for 30 days. */ - $cookie_time = time() + $PERSISTENT_COOKIE_TIMEOUT; + $timeout = config_get_int('options', 'persistent_cookie_timeout'); + $cookie_time = time() + $timeout; /* Set session for 30 days. */ $q = "UPDATE Sessions SET LastUpdateTS = $cookie_time "; @@ -531,18 +533,20 @@ function is_ipbanned() { /** * Validate a username against a collection of rules * - * The username must be longer or equal to USERNAME_MIN_LEN. It must be shorter - * or equal to USERNAME_MAX_LEN. It must start and end with either a letter or - * a number. It can contain one period, hypen, or underscore. Returns boolean - * of whether name is valid. + * The username must be longer or equal to the configured minimum length. It + * must be shorter or equal to the configured maximum length. It must start and + * end with either a letter or a number. It can contain one period, hypen, or + * underscore. Returns boolean of whether name is valid. * * @param string $user Username to validate * * @return bool True if username meets criteria, otherwise false */ function valid_username($user) { - if (strlen($user) < USERNAME_MIN_LEN || - strlen($user) > USERNAME_MAX_LEN) { + $length_min = config_get_int('options', 'username_min_len'); + $length_max = config_get_int('options', 'username_max_len'); + + if (strlen($user) < $length_min || strlen($user) > $length_max) { return false; } else if (!preg_match("/^[a-z0-9]+[.\-_]?[a-z0-9]+$/Di", $user)) { return false; @@ -645,8 +649,6 @@ function create_resetkey($resetkey, $uid) { * @return void */ function send_resetkey($email, $subject, $body) { - global $AUR_LOCATION; - $uid = uid_from_email($email); if ($uid == null) { return; @@ -658,9 +660,8 @@ function send_resetkey($email, $subject, $body) { /* Send e-mail with confirmation link. */ $body = wordwrap($body, 70); - $body .= "\n\n". - "{$AUR_LOCATION}/" . get_uri('/passreset/') . "?". - "resetkey={$resetkey}"; + $body .= "\n\n". aur_location() . "/" . get_uri('/passreset/') . + "?resetkey={$resetkey}"; $headers = "MIME-Version: 1.0\r\n" . "Content-type: text/plain; charset=UTF-8\r\n" . "Reply-to: noreply@aur.archlinux.org\r\n" . @@ -708,10 +709,8 @@ function password_reset($hash, $salt, $resetkey, $email) { * @return bool True if longer than minimum length, otherwise false */ function good_passwd($passwd) { - if ( strlen($passwd) >= PASSWD_MIN_LEN ) { - return true; - } - return false; + $length_min = config_get_int('options', 'passwd_min_len'); + return (strlen($passwd) >= $length_min); } /** @@ -903,16 +902,13 @@ function delete_user_sessions($uid) { /** * Remove sessions from the database that have exceed the timeout * - * @global int $LOGIN_TIMEOUT Time until session expires - * * @return void */ function clear_expired_sessions() { - global $LOGIN_TIMEOUT; - $dbh = DB::connect(); - $q = "DELETE FROM Sessions WHERE LastUpdateTS < (UNIX_TIMESTAMP() - $LOGIN_TIMEOUT)"; + $timeout = config_get_int('options', 'login_timeout'); + $q = "DELETE FROM Sessions WHERE LastUpdateTS < (UNIX_TIMESTAMP() - " . $timeout . ")"; $dbh->query($q); return; diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index 81cbf69..c4a1705 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -10,12 +10,12 @@ date_default_timezone_set('UTC'); include_once('translator.inc.php'); set_lang(); -include_once("config.inc.php"); include_once("DB.class.php"); include_once("routing.inc.php"); include_once("version.inc.php"); include_once("acctfuncs.inc.php"); include_once("cachefuncs.inc.php"); +include_once("confparser.inc.php"); include_once("credentials.inc.php"); /** @@ -26,16 +26,15 @@ include_once("credentials.inc.php"); * session timeout if it is still valid. * * @global array $_COOKIE User cookie values - * @global string $LOGIN_TIMEOUT Time until session times out * * @return void */ function check_sid() { global $_COOKIE; - global $LOGIN_TIMEOUT; if (isset($_COOKIE["AURSID"])) { $failed = 0; + $timeout = config_get_int('options', 'login_timeout'); # the visitor is logged in, try and update the session # $dbh = DB::connect(); @@ -50,7 +49,7 @@ function check_sid() { $failed = 1; } else { $last_update = $row[0]; - if ($last_update + $LOGIN_TIMEOUT <= $row[1]) { + if ($last_update + $timeout <= $row[1]) { $failed = 2; } } @@ -73,11 +72,11 @@ function check_sid() { # and update the idle timestamp # Only update the timestamp if it is less than the - # current time plus $LOGIN_TIMEOUT. + # current time plus $timeout. # # This keeps 'remembered' sessions from being # overwritten. - if ($last_update < time() + $LOGIN_TIMEOUT) { + if ($last_update < time() + $timeout) { $q = "UPDATE Sessions SET LastUpdateTS = UNIX_TIMESTAMP() "; $q.= "WHERE SessionID = " . $dbh->quote($_COOKIE["AURSID"]); $dbh->exec($q); @@ -274,8 +273,6 @@ function uid_from_sid($sid="") { * @return void */ function html_header($title="", $details=array()) { - global $AUR_LOCATION; - global $DISABLE_HTTP_LOGIN; global $LANG; global $SUPPORTED_LANGS; @@ -588,3 +585,16 @@ function array_pkgbuild_merge($pkgbase_info, $section_info) { function bound($n, $min, $max) { return min(max($n, $min), $max); } + +/** + * Return the URL of the AUR root + * + * @return string The URL of the AUR root + */ +function aur_location() { + $location = config_get('options', 'aur_location'); + if (substr($location, -1) != '/') { + $location .= '/'; + } + return $location; +} diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index b31143e..025adaf 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -192,7 +192,8 @@ class AurJSON { } private function process_query($type, $where_condition) { - global $MAX_RPC_RESULTS; + $max_results = config_get_int('options', 'max_rpc_results'); + $package_url = config_get('options', 'package_url'); if ($this->version == 1) { $fields = implode(',', self::$fields_v1); @@ -207,7 +208,7 @@ class AurJSON { "ON Licenses.ID = PackageLicenses.LicenseID " . "WHERE ${where_condition} " . "GROUP BY Packages.ID " . - "LIMIT $MAX_RPC_RESULTS"; + "LIMIT $max_results"; } elseif ($this->version >= 2) { $fields = implode(',', self::$fields_v2); $query = "SELECT {$fields} " . @@ -216,7 +217,7 @@ class AurJSON { "LEFT JOIN Users " . "ON PackageBases.MaintainerUID = Users.ID " . "WHERE ${where_condition} " . - "LIMIT $MAX_RPC_RESULTS"; + "LIMIT $max_results"; } $result = $this->dbh->query($query); @@ -226,7 +227,7 @@ class AurJSON { while ($row = $result->fetch(PDO::FETCH_ASSOC)) { $resultcount++; $pkgbase_name = $row['PackageBase']; - $row['URLPath'] = URL_DIR . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name . "/" . $pkgbase_name . ".tar.gz"; + $row['URLPath'] = $package_url . substr($pkgbase_name, 0, 2) . "/" . $pkgbase_name . "/" . $pkgbase_name . ".tar.gz"; /* * Unfortunately, mysql_fetch_assoc() returns @@ -254,7 +255,7 @@ class AurJSON { } } - if ($resultcount === $MAX_RPC_RESULTS) { + if ($resultcount === $max_results) { return $this->json_error('Too many package results.'); } @@ -303,8 +304,6 @@ class AurJSON { * @return mixed Returns an array of package matches. */ private function search($keyword_string) { - global $MAX_RPC_RESULTS; - if (strlen($keyword_string) < 2) { return $this->json_error('Query arg too small'); } diff --git a/web/lib/config.inc.php.proto b/web/lib/config.inc.php.proto deleted file mode 100644 index 62421ec..0000000 --- a/web/lib/config.inc.php.proto +++ /dev/null @@ -1,72 +0,0 @@ -<?php - -# NOTE: modify these variables if your MySQL setup is different - -define( "AUR_db_DSN_prefix", "mysql" ); -define( "AUR_db_host", "unix_socket=/var/run/mysqld/mysqld.sock" ); -define( "AUR_db_name", "AUR" ); -define( "AUR_db_user", "aur" ); -define( "AUR_db_pass", "aur" ); - -# Configuration of directories where things live -define( "INCOMING_DIR", "/srv/aur/unsupported/" ); -define( "URL_DIR", "/packages/" ); - -define( "USERNAME_MIN_LEN", 3 ); -define( "USERNAME_MAX_LEN", 16 ); -define( "PASSWD_MIN_LEN", 4 ); - -# Default language for displayed messages in the web interface. -define("DEFAULT_LANG", "en"); - -# Enable debug sql output. This sends each query to error_log. Useful for -# development. Should not be enabled in production. Default to 0 (off). -define("SQL_DEBUG", 0); - -# Set cache type. Either "APC", "MEMCACHE", or "NONE". Defaults to NONE. -#define("CACHE_TYPE", "APC"); -#define("CACHE_TYPE", "MEMCACHE"); - -# If using memcache cache_type, list servers. You can separate multiple servers -# with a comma, ex: '127.0.0.1:11211,127.0.0.1:11212'. If undefined, defaults -# to '127.0.0.1:11211'. -#define("MEMCACHE_SERVERS", '127.0.0.1:11211'); - -# Session limit per user -$MAX_SESSIONS_PER_USER = 8; - -# Idle seconds before timeout -$LOGIN_TIMEOUT = 7200; - -# Session timeout when using "Remember me" cookies -$PERSISTENT_COOKIE_TIMEOUT = 60 * 60 * 24 * 30; - -# Uncompressed file size limit for submitted tarballs (ZIP bomb protection) - -# please ensure "upload_max_filesize" is additionally set to no more than 3M, -# otherwise this check might be easy to bypass (FS#22991 for details) -$MAX_FILESIZE_UNCOMPRESSED = 1024 * 1024 * 8; - -# Allow HTTPs logins only -$DISABLE_HTTP_LOGIN = true; - -# Web URL used in email links and absolute redirects, no trailing slash -$AUR_LOCATION = "http://localhost"; - -# Use virtual URLs -- to enable this feature, you also need to tell your web -# server to redirect all requests to "/index.php/$uri". -$USE_VIRTUAL_URLS = true; - -# Maximum number of package results to return through an RPC connection. -# Avoid setting this too high and having a PHP too much memory error. -$MAX_RPC_RESULTS = 5000; - -# Mailing list to send package request notifications to. -$AUR_REQUEST_ML = "aur-requests@archlinux.org"; - -# Time to wait until a package request is due. -$REQUEST_IDLE_TIME = 60 * 60 * 24 * 14; - -# When an orphan request is filed for a package that has been flagged -# out-of-date for the following number of seconds, it is disowned -# automatically. -$AUTO_ORPHAN_AGE = 60 * 60 * 24 * 180; diff --git a/web/lib/confparser.inc.php b/web/lib/confparser.inc.php new file mode 100644 index 0000000..41ee581 --- /dev/null +++ b/web/lib/confparser.inc.php @@ -0,0 +1,20 @@ +<?php + +function config_get($section, $key) { + global $AUR_CONFIG; + + if (!isset($AUR_CONFIG)) { + $AUR_CONFIG = parse_ini_file("../../conf/config", true); + } + + return $AUR_CONFIG[$section][$key]; +} + +function config_get_int($section, $key) { + return intval(config_get($section, $key)); +} + +function config_get_bool($section, $key) { + $val = strtolower(config_get($section, $key)); + return ($val == 'yes' || $val == 'true' || $val == '1'); +} diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php index 0c428f2..6c70ede 100644 --- a/web/lib/credentials.inc.php +++ b/web/lib/credentials.inc.php @@ -1,5 +1,4 @@ <?php -include_once("config.inc.php"); define("CRED_ACCOUNT_CHANGE_TYPE", 1); define("CRED_ACCOUNT_EDIT", 2); diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index e1e4c1a..322ea60 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -1,5 +1,5 @@ <?php -include_once("config.inc.php"); + include_once("pkgreqfuncs.inc.php"); /** @@ -88,7 +88,6 @@ function pkgbase_comments($base_id, $limit, $include_deleted) { /** * Add a comment to a package page and send out appropriate notifications * - * @global string $AUR_LOCATION The AUR's URL used for notification e-mails * @param string $base_id The package base ID to add the comment on * @param string $uid The user ID of the individual who left the comment * @param string $comment The comment left on a package page @@ -96,8 +95,6 @@ function pkgbase_comments($base_id, $limit, $include_deleted) { * @return void */ function pkgbase_add_comment($base_id, $uid, $comment) { - global $AUR_LOCATION; - $dbh = DB::connect(); $q = "INSERT INTO PackageComments "; @@ -135,7 +132,7 @@ function pkgbase_add_comment($base_id, $uid, $comment) { * user who posted the comment was in. */ $body = - 'from ' . $AUR_LOCATION . get_pkgbase_uri($row['Name']) . "\n" + 'from ' . aur_location() . get_pkgbase_uri($row['Name']) . "\n" . username_from_sid($_COOKIE['AURSID']) . " wrote:\n\n" . $comment . "\n\n---\nIf you no longer wish to receive notifications about this package, please go the the above package page and click the UnNotify button."; @@ -221,8 +218,6 @@ function pkgbase_get_details($base_id) { /** * Display the package base details page * - * @global string $AUR_LOCATION The AUR's URL used for notification e-mails - * @global bool $USE_VIRTUAL_URLS True if using URL rewriting, otherwise false * @param string $id The package base ID to get details page for * @param array $row Package base details retrieved by pkgbase_get_details() * @param string $SID The session ID of the visitor @@ -230,9 +225,6 @@ function pkgbase_get_details($base_id) { * @return void */ function pkgbase_display_details($base_id, $row, $SID="") { - global $AUR_LOCATION; - global $USE_VIRTUAL_URLS; - $dbh = DB::connect(); if (isset($row['error'])) { @@ -353,14 +345,11 @@ function pkgbase_maintainer_uid($base_id) { /** * Flag package(s) as out-of-date * - * @global string $AUR_LOCATION The AUR's URL used for notification e-mails * @param array $base_ids Array of package base IDs to flag/unflag * * @return array Tuple of success/failure indicator and error message */ function pkgbase_flag($base_ids) { - global $AUR_LOCATION; - if (!has_credential(CRED_PKGBASE_FLAG)) { return array(false, __("You must be logged in before you can flag packages.")); } @@ -392,7 +381,7 @@ function pkgbase_flag($base_ids) { $result = $dbh->query($q); if ($result) { while ($row = $result->fetch(PDO::FETCH_ASSOC)) { - $body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . " [1]. You may view your package at:\n" . $AUR_LOCATION . get_pkgbase_uri($row['Name']) . "\n\n[1] - " . $AUR_LOCATION . get_user_uri($f_name); + $body = "Your package " . $row['Name'] . " has been flagged out of date by " . $f_name . " [1]. You may view your package at:\n" . aur_location() . get_pkgbase_uri($row['Name']) . "\n\n[1] - " . aur_location() . get_user_uri($f_name); $body = wordwrap($body, 70); $headers = "MIME-Version: 1.0\r\n" . "Content-type: text/plain; charset=UTF-8\r\n" . diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index cf8c2f9..948e2ae 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -1,5 +1,5 @@ <?php -include_once("config.inc.php"); + include_once("pkgbasefuncs.inc.php"); /** @@ -462,8 +462,6 @@ function pkg_get_details($id=0) { /** * Display the package details page * - * @global string $AUR_LOCATION The AUR's URL used for notification e-mails - * @global bool $USE_VIRTUAL_URLS True if using URL rewriting, otherwise false * @param string $id The package ID to get details page for * @param array $row Package details retrieved by pkg_get_details() * @param string $SID The session ID of the visitor @@ -471,9 +469,6 @@ function pkg_get_details($id=0) { * @return void */ function pkg_display_details($id=0, $row, $SID="") { - global $AUR_LOCATION; - global $USE_VIRTUAL_URLS; - $dbh = DB::connect(); if (isset($row['error'])) { diff --git a/web/lib/pkgreqfuncs.inc.php b/web/lib/pkgreqfuncs.inc.php index 1b54a6a..e285477 100644 --- a/web/lib/pkgreqfuncs.inc.php +++ b/web/lib/pkgreqfuncs.inc.php @@ -1,5 +1,6 @@ <?php -include_once("config.inc.php"); + +include_once("confparser.inc.php"); include_once("pkgbasefuncs.inc.php"); /** @@ -76,9 +77,6 @@ function pkgreq_get_creator_email($id) { /** * File a deletion/orphan request against a package base * - * @global string $AUR_LOCATION The AUR's URL used for notification e-mails - * @global string $AUR_REQUEST_ML The request notification mailing list - * @global int $AUTO_ORPHAN_AGE The time to wait until auto-closing a request * @param string $ids The package base IDs to file the request against * @param string $type The type of the request * @param string $merge_into The target of a merge operation @@ -87,10 +85,6 @@ function pkgreq_get_creator_email($id) { * @return array Tuple of success/failure indicator and error message */ function pkgreq_file($ids, $type, $merge_into, $comments) { - global $AUR_LOCATION; - global $AUR_REQUEST_ML; - global $AUTO_ORPHAN_AGE; - if (!has_credential(CRED_PKGREQ_FILE)) { return array(false, __("You must be logged in to file package requests.")); } @@ -166,15 +160,15 @@ function pkgreq_file($ids, $type, $merge_into, $comments) { $username . " [1] filed a request to merge " . $row['Name'] . " [2] into " . $merge_into . " [3]:\n\n" . $comments . "\n\n" . - "[1] " . $AUR_LOCATION . get_user_uri($username) . "\n" . - "[2] " . $AUR_LOCATION . get_pkgbase_uri($row['Name']) . "\n" . - "[3] " . $AUR_LOCATION . get_pkgbase_uri($merge_into) . "\n"; + "[1] " . aur_location() . get_user_uri($username) . "\n" . + "[2] " . aur_location() . get_pkgbase_uri($row['Name']) . "\n" . + "[3] " . aur_location() . get_pkgbase_uri($merge_into) . "\n"; } else { $body = $username . " [1] filed a " . $type . " request for " . $row['Name'] . " [2]:\n\n" . $comments . "\n\n" . - "[1] " . $AUR_LOCATION . get_user_uri($username) . "\n" . - "[2] " . $AUR_LOCATION . get_pkgbase_uri($row['Name']) . "\n"; + "[1] " . aur_location() . get_user_uri($username) . "\n" . + "[2] " . aur_location() . get_pkgbase_uri($row['Name']) . "\n"; } $body = wordwrap($body, 70); $cc = array_unique($cc); @@ -185,14 +179,15 @@ function pkgreq_file($ids, $type, $merge_into, $comments) { $headers .= "From: notify@aur.archlinux.org\r\n" . "Message-ID: $thread_id\r\n" . "X-Mailer: AUR"; - @mail($AUR_REQUEST_ML, "[PRQ#" . $request_id . "] " . ucfirst($type) . - " Request for " . $row['Name'], $body, - $headers); + $ml = config_get('options', 'aur_request_ml'); + @mail($ml, "[PRQ#" . $request_id . "] " . ucfirst($type) . + " Request for " . $row['Name'], $body, $headers); + $auto_orphan_age = config_get('options', 'auto_orphan_age'); $details = pkgbase_get_details($base_id); if ($type == 'orphan' && $details['OutOfDateTS'] > 0 && - time() - $details['OutOfDateTS'] >= $AUTO_ORPHAN_AGE && - $AUTO_ORPHAN_AGE > 0) { + time() - $details['OutOfDateTS'] >= $auto_orphan_age && + $auto_orphan_age > 0) { /* * Close package request. NOTE: This needs to happen *before* * the actual disown operation. Otherwise, the former @@ -214,8 +209,6 @@ function pkgreq_file($ids, $type, $merge_into, $comments) { /** * Close a deletion/orphan request * - * @global string $AUR_LOCATION The AUR's URL used for notification e-mails - * @global string $AUR_REQUEST_ML The request notification mailing list * @param int $id The package request to close * @param string $reason Whether the request was accepted or rejected * @param string $comments Comments to be added to the notification email @@ -224,9 +217,6 @@ function pkgreq_file($ids, $type, $merge_into, $comments) { * @return array Tuple of success/failure indicator and error message */ function pkgreq_close($id, $reason, $comments, $auto_close=false) { - global $AUR_LOCATION; - global $AUR_REQUEST_ML; - switch ($reason) { case 'accepted': $status = 2; @@ -288,7 +278,7 @@ function pkgreq_close($id, $reason, $comments, $auto_close=false) { } if (!$auto_close) { $body .= "\n"; - $body .= "[1] " . $AUR_LOCATION . get_user_uri($username); + $body .= "[1] " . aur_location() . get_user_uri($username); $body .= "\n"; } $body = wordwrap($body, 70); @@ -301,7 +291,8 @@ function pkgreq_close($id, $reason, $comments, $auto_close=false) { "In-Reply-To: $thread_id\r\n" . "References: $thread_id\r\n" . "X-Mailer: AUR"; - @mail($AUR_REQUEST_ML, "[PRQ#" . $id . "] Request " . ucfirst($reason), + $ml = config_get('options', 'aur_request_ml'); + @mail($ml, "[PRQ#" . $id . "] Request " . ucfirst($reason), $body, $headers); return array(true, __("Request closed successfully.")); diff --git a/web/lib/routing.inc.php b/web/lib/routing.inc.php index 2fa3e1f..9585304 100644 --- a/web/lib/routing.inc.php +++ b/web/lib/routing.inc.php @@ -1,5 +1,7 @@ <?php +include_once("confparser.inc.php"); + $ROUTES = array( '' => 'home.php', '/index.php' => 'home.php', @@ -24,6 +26,10 @@ $PKGBASE_PATH = '/pkgbase'; $PKGREQ_PATH = '/requests'; $USER_PATH = '/account'; +function use_virtual_urls() { + return config_get_bool('options', 'use_virtual_urls'); +} + function get_route($path) { global $ROUTES; @@ -36,10 +42,9 @@ function get_route($path) { } function get_uri($path) { - global $USE_VIRTUAL_URLS; global $ROUTES; - if ($USE_VIRTUAL_URLS) { + if (use_virtual_urls()) { return $path; } else { return get_route($path); @@ -62,10 +67,9 @@ function get_pkgreq_route() { } function get_pkg_uri($pkgname) { - global $USE_VIRTUAL_URLS; global $PKG_PATH; - if ($USE_VIRTUAL_URLS) { + if (use_virtual_urls()) { return $PKG_PATH . '/' . urlencode($pkgname) . '/'; } else { return '/' . get_route($PKG_PATH) . '?N=' . urlencode($pkgname); @@ -73,10 +77,9 @@ function get_pkg_uri($pkgname) { } function get_pkgbase_uri($pkgbase_name) { - global $USE_VIRTUAL_URLS; global $PKGBASE_PATH; - if ($USE_VIRTUAL_URLS) { + if (use_virtual_urls()) { return $PKGBASE_PATH . '/' . urlencode($pkgbase_name) . '/'; } else { return '/' . get_route($PKGBASE_PATH) . '?N=' . urlencode($pkgbase_name); @@ -89,10 +92,9 @@ function get_user_route() { } function get_user_uri($username) { - global $USE_VIRTUAL_URLS; global $USER_PATH; - if ($USE_VIRTUAL_URLS) { + if (use_virtual_urls()) { return $USER_PATH . '/' . urlencode($username) . '/'; } else { return '/' . get_route($USER_PATH) . '?U=' . urlencode($username); diff --git a/web/lib/translator.inc.php b/web/lib/translator.inc.php index 448c41b..b50ef4b 100644 --- a/web/lib/translator.inc.php +++ b/web/lib/translator.inc.php @@ -11,7 +11,7 @@ set_include_path(get_include_path() . PATH_SEPARATOR . '../lib' . PATH_SEPARATOR # print __("%s has %s apples.", "Bill", "5"); # print __("This is a %smajor%s problem!", "<strong>", "</strong>"); -include_once('config.inc.php'); +include_once("confparser.inc.php"); include_once('DB.class.php'); include_once('gettext.php'); include_once('streams.php'); @@ -82,7 +82,6 @@ function _n($msgid1, $msgid2, $n) { function set_lang() { global $LANG; global $SUPPORTED_LANGS; - global $PERSISTENT_COOKIE_TIMEOUT; global $streamer, $l10n; $update_cookie = 0; @@ -116,11 +115,12 @@ function set_lang() { # Set $LANG to default if nothing is valid. if (!array_key_exists($LANG, $SUPPORTED_LANGS)) { - $LANG = DEFAULT_LANG; + $LANG = config_get('options', 'default_lang'); } if ($update_cookie) { - $cookie_time = time() + $PERSISTENT_COOKIE_TIMEOUT; + $timeout = intval(config_get('options', 'persistent_cookie_timeout')); + $cookie_time = time() + $timeout; setcookie("AURLANG", $LANG, $cookie_time, "/"); } diff --git a/web/template/actions_form.php b/web/template/actions_form.php index 389297b..f18c01c 100644 --- a/web/template/actions_form.php +++ b/web/template/actions_form.php @@ -1,4 +1,4 @@ -<?php if (!$USE_VIRTUAL_URLS): ?> +<?php if (!use_virtual_urls()): ?> <div class="box"> <form action="<?= htmlspecialchars(get_pkg_uri($row['Name']), ENT_QUOTES); ?>" method="post"> <fieldset> diff --git a/web/template/header.php b/web/template/header.php index d10b162..dd1d480 100644 --- a/web/template/header.php +++ b/web/template/header.php @@ -69,7 +69,7 @@ <li><a href="<?= get_uri('/logout/'); ?>"><?= __("Logout"); ?></a></li> <?php else: ?> <li><a href="<?= get_uri('/register/'); ?>"><?= __("Register"); ?></a></li> - <?php if ($DISABLE_HTTP_LOGIN && empty($_SERVER['HTTPS'])): ?> + <?php if (config_get_bool('options', 'disable_http_login') && empty($_SERVER['HTTPS'])): ?> <li><a href="<?= $AUR_LOCATION . get_uri('/login/'); ?>"><?= __("Login"); ?></a></li> <?php else: ?> <li><a href="<?= get_uri('/login/'); ?>"><?= __("Login"); ?></a></li> diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index d09b3d8..faec0dc 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -21,7 +21,8 @@ $updated_time = ($row["ModifiedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($r $submitted_time = ($row["SubmittedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($row["SubmittedTS"])); $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($row["OutOfDateTS"])); -$urlpath = URL_DIR . substr($row['BaseName'], 0, 2) . "/" . $row['BaseName']; +$package_url = config_get('options', 'package_url'); +$urlpath = $package_url . substr($row['BaseName'], 0, 2) . "/" . $row['BaseName']; $lics = pkg_licenses($row["ID"]); $grps = pkg_groups($row["ID"]); @@ -82,7 +83,7 @@ $sources = pkg_sources($row["ID"]); <li><a href="<?= $urlpath . '/' . $row['BaseName'] ?>.tar.gz"><?= __('Download tarball') ?></a></li> <li><a href="https://wiki.archlinux.org/index.php/Special:Search?search=<?= urlencode($row['Name']) ?>"><?= __('Search wiki') ?></a></li> <li><span class="flagged"><?php if ($row["OutOfDateTS"] !== NULL) { echo __('Flagged out-of-date')." (${out_of_date_time})"; } ?></span></li> - <?php if ($USE_VIRTUAL_URLS && $uid): ?> + <?php if (use_virtual_urls() && $uid): ?> <?php if ($row["OutOfDateTS"] === NULL): ?> <li> <form action="<?= get_pkgbase_uri($row['BaseName']) . 'flag/'; ?>" method="post"> @@ -281,7 +282,7 @@ if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))): <?php if ($row["SubmitterUID"]): if ($SID): - if (!$USE_VIRTUAL_URLS): + if (!use_virtual_urls()): ?> <td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['SubmitterUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($submitter) ?>"><?= html_format_username($submitter) ?></a></td> <?php else: ?> @@ -299,7 +300,7 @@ if ($row["SubmitterUID"]): <?php if ($row["MaintainerUID"]): if ($SID): - if (!$USE_VIRTUAL_URLS): + if (!use_virtual_urls()): ?> <td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['MaintainerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($maintainer) ?>"><?= html_format_username($maintainer) ?></a></td> <?php else: ?> @@ -317,7 +318,7 @@ if ($row["MaintainerUID"]): <?php if ($row["PackagerUID"]): if ($SID): - if (!$USE_VIRTUAL_URLS): + if (!use_virtual_urls()): ?> <td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['PackagerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($packager) ?>"><?= html_format_username($packager) ?></a></td> <?php else: ?> @@ -333,7 +334,7 @@ if ($row["PackagerUID"]): <tr> <th><?= __('Votes') . ': ' ?></th> <?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?> -<?php if ($USE_VIRTUAL_URLS): ?> +<?php if (use_virtual_urls()): ?> <td><a href="<?= get_pkgbase_uri($row['BaseName']); ?>voters/"><?= $votes ?></a></td> <?php else: ?> <td><a href="<?= get_uri('/voters/'); ?>?N=<?= htmlspecialchars($row['BaseName'], ENT_QUOTES) ?>"><?= $votes ?></a></td> diff --git a/web/template/pkgbase_details.php b/web/template/pkgbase_details.php index fb11e60..406408b 100644 --- a/web/template/pkgbase_details.php +++ b/web/template/pkgbase_details.php @@ -19,7 +19,8 @@ $updated_time = ($row["ModifiedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($r $submitted_time = ($row["SubmittedTS"] == 0) ? $msg : gmdate("Y-m-d H:i", intval($row["SubmittedTS"])); $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("Y-m-d", intval($row["OutOfDateTS"])); -$urlpath = URL_DIR . substr($row['Name'], 0, 2) . "/" . $row['Name']; +$package_url = config_get('options', 'package_url'); +$urlpath = $package_url . substr($row['Name'], 0, 2) . "/" . $row['Name']; $pkgs = pkgbase_get_pkgnames($base_id); ?> @@ -33,7 +34,7 @@ $pkgs = pkgbase_get_pkgnames($base_id); <li><a href="<?= $urlpath . '/' . $row['Name'] ?>.tar.gz"><?= __('Download tarball') ?></a></li> <li><a href="https://wiki.archlinux.org/index.php/Special:Search?search=<?= urlencode($row['Name']) ?>"><?= __('Search wiki') ?></a></li> <li><span class="flagged"><?php if ($row["OutOfDateTS"] !== NULL) { echo __('Flagged out-of-date')." (${out_of_date_time})"; } ?></span></li> - <?php if ($USE_VIRTUAL_URLS && $uid): ?> + <?php if (use_virtual_urls() && $uid): ?> <?php if ($row["OutOfDateTS"] === NULL): ?> <li> <form action="<?= get_pkgbase_uri($row['Name']) . 'flag/'; ?>" method="post"> @@ -140,7 +141,7 @@ if (has_credential(CRED_PKGBASE_CHANGE_CATEGORY, array($row["MaintainerUID"]))): <?php if ($row["SubmitterUID"]): if ($SID): - if (!$USE_VIRTUAL_URLS): + if (!use_virtual_urls()): ?> <td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['SubmitterUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($submitter) ?>"><?= html_format_username($submitter) ?></a></td> <?php else: ?> @@ -158,7 +159,7 @@ if ($row["SubmitterUID"]): <?php if ($row["MaintainerUID"]): if ($SID): - if (!$USE_VIRTUAL_URLS): + if (!use_virtual_urls()): ?> <td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['MaintainerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($maintainer) ?>"><?= html_format_username($maintainer) ?></a></td> <?php else: ?> @@ -176,7 +177,7 @@ if ($row["MaintainerUID"]): <?php if ($row["PackagerUID"]): if ($SID): - if (!$USE_VIRTUAL_URLS): + if (!use_virtual_urls()): ?> <td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['PackagerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($packager) ?>"><?= html_format_username($packager) ?></a></td> <?php else: ?> @@ -192,7 +193,7 @@ if ($row["PackagerUID"]): <tr> <th><?= __('Votes') . ': ' ?></th> <?php if (has_credential(CRED_PKGBASE_LIST_VOTERS)): ?> -<?php if ($USE_VIRTUAL_URLS): ?> +<?php if (use_virtual_urls()): ?> <td><a href="<?= get_pkgbase_uri($row['Name']); ?>voters/"><?= $votes ?></a></td> <?php else: ?> <td><a href="<?= get_uri('/voters/'); ?>?N=<?= htmlspecialchars($row['Name'], ENT_QUOTES) ?>"><?= $votes ?></a></td> diff --git a/web/template/pkgreq_results.php b/web/template/pkgreq_results.php index 3d50c82..24ee877 100644 --- a/web/template/pkgreq_results.php +++ b/web/template/pkgreq_results.php @@ -34,9 +34,10 @@ <?php while (list($indx, $row) = each($results)): ?> <?php - $due = ($row['Open'] && time() - intval($row['RequestTS']) > $REQUEST_IDLE_TIME); + $idle_time = config_get_int('options', 'request_idle_time'); + $due = ($row['Open'] && time() - intval($row['RequestTS']) > $idle_time); if (!$due) { - $time_left = $REQUEST_IDLE_TIME - (time() - intval($row['RequestTS'])); + $time_left = $idle_time - (time() - intval($row['RequestTS'])); if ($time_left > 48 * 3600) { $time_left_fmt = __("~%d days left", round($time_left / (24 * 3600))); } elseif ($time_left > 3600) { diff --git a/web/template/tu_last_votes_list.php b/web/template/tu_last_votes_list.php index e897a6a..0b0ee48 100644 --- a/web/template/tu_last_votes_list.php +++ b/web/template/tu_last_votes_list.php @@ -21,7 +21,7 @@ ?> <tr class="<?= $c ?>"> <td> - <?php if (!$USE_VIRTUAL_URLS): ?> + <?php if (!use_virtual_urls()): ?> <a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['UserID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($username) ?>"><?= html_format_username($username) ?></a></td> <?php else: ?> <a href="<?= get_uri('/account/') . html_format_username($username) ?>" title="<?= __('View account information for %s', html_format_username($username)) ?>"><?= html_format_username($username) ?></a> |