summaryrefslogtreecommitdiffstats
path: root/web/html/index.php
AgeCommit message (Collapse)AuthorFilesLines
2014-10-10Use readfile() instead of include for static filesLukas Fleischer1-4/+4
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Add support for deleting user accountsLukas Fleischer1-0/+2
Users can now delete their own accounts by clicking a link in the account edit form and confirming the deletion on a follow-up page. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-04Allow for selecting a reason when closing a requestLukas Fleischer1-0/+19
When closing a package request, Trusted Users can now pick a reason ("Accepted" or "Rejected"). This allows for marking a request as accepted, even if the corresponding package base has already been deleted. Also, the notification email now always explicitly states whether a request has been accepted or closed in the message body. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-06-25Add support for filing package requestsLukas Fleischer1-0/+3
Add a new entry to the package actions box that allows for filing deletion and orphan requests. When choosing that action, the user is redirected to a new page that allows for selecting a request type and entering a comment. When submitting the request, a new entry in the request database is created and an email is sent to a configurable mailing list (defaults to aur-general). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-04-05Prefix package functions with pkg_/pkgbase_Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-04-05Move package actions to package basesLukas Fleischer1-17/+17
Package actions now operate on package bases instead of packages. Move all actions to the correct locations. This also fixes some issues with comment notifications. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-04-05Add package base detail pagesLukas Fleischer1-0/+16
This adds package base details pages, similar to the package details pages. Each package base details page contains general information (package base name, category, submitter, maintainer, ...) and links to all the corresponding packages. As on the package details pages, comments and links to several package actions are also provided. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-01-22Further optimize voters.php to only need the package namecanyonknight1-1/+1
* Extends changes in 81d4cc13dcae2f159ed937d4ce41e1df7d3c82b0 * Modify getvotes() to use the package name rather than package ID * Rename getvotes() to votes_for_pkgname() for clarity with new changes * Modify routing framework and links to now use package names for voters.php Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-09-08Convert adopt/disown package action link to formcanyonknight1-0/+6
* Changes adopting/disowning packages to use GET instead of POST * Uses CSS to make form submit button look like a link * Complements commit 3bc951e3d87eaf692a7e47cf16a28d838c7cb2bd Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27Re-add CRSF tokens to most package actionsLukas Fleischer1-4/+0
We fixed all known CRSF vulnerabilities in commit 2c93f0a (Implement token system to fix CSRF vulnerabilities, 2012-06-23). c349cb2 (Add virtual path support for package actions, 2012-07-17) partly reverted this by injecting a valid CRSF token when virtual paths are in use. This patch allows for keeping the virtual path feature, while reintroducing POST forms and CRSF tokens. Actions like package flagging, votes and notifications are no longer prone to CRSF (see FS#35437 for details). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-26Use minified typeahead JS from archwebLukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-01-19Implemented typeahead suggestMarcel Korpel1-0/+4
Use Twitter Bootstrap JavaScript framework for typeahead support. Add a new "suggest" JSON method, which returns the first 20 packages that match the beginning characters of a query. canyonknight: Link format change, commit message Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-11-24index.php: Move voter page token check to switch control structurecanyonknight1-6/+4
Voter page token check takes place in the same way as other existing token checks. Move the check for consistency. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-30Return 404 for invalid account/package subpagesLukas Fleischer1-8/+26
Display an error page and return a 404 status code in the following cases: * An invalid package name is passed to the "packages" action. * An invalid user name is passed to the "account" action. * An invalid package action is passed. * An invalid account action is passed. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-20Display an error page if a virtual path doesn't existLukas Fleischer1-0/+4
Give user feedback instead of bailing out with an empty HTTP response body. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-28Move package merging to a separate pagecanyonknight1-0/+3
Package actions now have a separate box on the package details page. Add a package merge link in that box. Link leads to a new page (pkgmerge.php) that can be used to confirm package merging. A separate page with confirmation is used to avoid CSRFs. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-28Move package deletion to a separate pagecanyonknight1-0/+3
Package actions now have a separate box on the package details page. Make a package deletion link in that box. Link leads to a new page (pkgdel.php) that can be used to confirm package deletion. A separate page with confirmation is used to avoid CSRFs. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-18Do not set GET parameters in the routing frameworkLukas Fleischer1-2/+5
Setting GET parameters manually is bad style and causes some strange side effects when using virtual URLs and mkurl(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-18index.php: Fix undefined variable noticeLukas Fleischer1-1/+4
Spotted when browsing the package details page while being logged out. Reported-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-18Overhaul ability to edit own accountcanyonknight1-1/+2
* Restructure account.php to remove redundant code. * Remove own_account_details(). * Rework logic check to default to no access to account edit form. * Make default account action viewing account info. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-18Use URL rewriting for user account update pagecanyonknight1-0/+2
The "UpdateAccount" page displays information as to whether an account update was successful. All POST account info goes to this page, so use it with sane URLs. Before: AUR_URL/account/?Action=UpdateAccount&U=userfoo After: AUR_URL/account/userfoo/update Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-18Use URL rewriting for user editing pagecanyonknight1-1/+9
Allows for easier account editing and saner URLs. Update account editing links to use new URL. Before: AUR_URL/account/?Action=DisplayAccount&U=userfoo After: AUR_URL/account/userfoo/edit Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-18Use URL rewriting for user info pagecanyonknight1-0/+6
Navigation to the "AccountInfo" page should only require a user to know the username of the account they are looking for. Update all AUR links that use the user info page to reflect the new URL. Before: AUR_URL/account/?Action=AccountInfo&U=userfoo After: AUR_URL/account/userfoo Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-18Use the "new" icon from archweb for the recent updates tablecanyonknight1-2/+2
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-07-18Use virtual paths for voters pageLukas Fleischer1-0/+6
Link to "/packages/$pkgname/voters/" instead of using "/voters/" and a get parameter to request a specific package by ID. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-07-17routing.inc.php: rtrim() path in get_route()Lukas Fleischer1-1/+1
Return the correct route -- even if a "/" is appended to the URI. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-07-17aur.inc.php: Include routing backendLukas Fleischer1-2/+0
This needs to be available on every page since it is needed for get_uri() and get_pkg_uri() and "web/html/index.php" isn't executed if the virtual path feature is disabled. Reported-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-07-17Add virtual path support for package actionsLukas Fleischer1-1/+31
This allows for using following URLs: * /package/$pkg_name/flag: Flag a package out-of-date * /package/$pkg_name/unflag: Unflag a package * /package/$pkg_name/notify: Enable comment notifications * /package/$pkg_name/unnotify: Disable comment notifications * /package/$pkg_name/vote: Vote for the package * /package/$pkg_name/unvote: Remove vote Note that this code is very hackish and should be refactored once we drop support for legacy URLs. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-07-15Use virtual paths for package detailsLukas Fleischer1-1/+9
Extend the routing front/back ends to allow for using "/package/$pkgname/" for individual packages. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-07-15Add routing front/back endsLukas Fleischer1-120/+32
This adds a URL mapping library that can be used to implement virtual paths. Also, "web/html/index.php" is moved to "web/html/home.php" and "web/html/index.php" becomes a routing front end that maps virtual paths to corresponding files. To enable the virtual path feature, all requests need to be redirected to the "index.php" routing script. If you use lighttpd, following rewrite rule can be used: url.rewrite = ( "^(.*)$" => "/index.php/$1" ) A similar rule can be used for Apache (using mod_rewrite). Note that the current routing front end only works if PATH_INFO is provided. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-07-06index.php: Overhaul to match archwebcanyonknight1-62/+103
* Switch to CSS used by archweb * Move package search to a smaller box to match the style of the main site * Add text describing mailing list and bug tracker. Eventually remove those associated nav bar links. * General clean-up of XHTML Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-07-06Remove all traces of "pgboxtitle"Lukas Fleischer1-3/+1
Using a div container to format heading is ridiculous. Use "<h2></h2>" instead. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: canyonknight <canyonknight@gmail.com>
2012-05-06user_table optimizationDan McGee1-2/+2
Rather than looking up by username, it makes more sense to look the stats up by user ID to reduce the number of needed joins. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-10-24Remove a boatload of inline table stylesDan McGee1-1/+1
Replacing with CSS styles where appropriate. A previously unused CSS style is tweaked in the stylesheet to match most of what was done via non-CSS styling. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-08-20Use "%s" instead of "%h" in format stringsLukas Fleischer1-2/+2
Use the standard string type specifier instead of "%h" in format strings. Both specifiers are treated equally in __() so we shouldn't break anything here. This also allows us to replace the hacky substitution algorithm in __() by vsprintf(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-06-22rename *.inc files to *.inc.php and adjust imports and referenceselij1-2/+2
Lukas: Add note to "UPGRADING". Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2009-08-11Use include_once where applicableDan McGee1-2/+2
All of these are sourcing function libraries so we don't need to include them more than once. Things that insert actual HTML into the output were left calling include(). Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-06-25Remove excess whitespace.Loui Chang1-1/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-01-19Use new conglomerated translation files.Loui Chang1-2/+0
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-12-29Add search bar to index and pkg details pagesCallan Barrett1-0/+2
Also changed it around a little bit so it's not tied down the search results function Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com> Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-12-21Introduce function include_lang for translations.Loui Chang1-5/+5
This includes only the requested language for each page and makes top level language include files obsolete. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-12-17Reword the disclaimer in index.php.Loui Chang1-2/+2
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-11-25Make remembered sessions actually save themselves.Loui Chang1-2/+3
Also clean up a notice in index.php Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-07-28Tweak index.php and update translations.Loui Chang1-15/+16
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-07-22Change some of the index page notices.Loui Chang1-3/+8
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-07-07Move code out of index.phpLoui Chang1-172/+10
Move database queries to functions and html to templates. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-06-17Remove all vim mode lines. Add HACKING file.Loui Chang1-1/+0
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-06-12Split html and php in index.phpCallan Barrett1-160/+177
No more prints, still all in same file Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
2008-06-07Remove obsolete inline CSS in index.php.Michael Klier1-4/+4
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-06-08Revert "Split html from front page"Callan Barrett1-4/+151
This reverts commit 0cf3c5ea8bd2799e1354aa2008edb542e01635ba.