summaryrefslogtreecommitdiffstats
path: root/web/template/tu_details.php
AgeCommit message (Collapse)AuthorFilesLines
2012-07-14Merge branch 'maint'Lukas Fleischer1-0/+1
Conflicts: web/html/account.php web/html/addvote.php web/html/pkgsubmit.php web/lib/acctfuncs.inc.php web/template/actions_form.php web/template/pkg_comment_form.php web/template/pkg_comments.php web/template/pkg_details.php web/template/pkg_search_results.php web/template/tu_details.php
2012-07-06Overhaul trusted user proposal page to match archwebcanyonknight1-69/+68
* Change all boxes and other CSS to match archweb * General fixups in XHTML formatting * Change results table to match color scheme everywhere else Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-07-06Remove all traces of "pgboxtitle"Lukas Fleischer1-4/+2
Using a div container to format heading is ridiculous. Use "<h2></h2>" instead. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: canyonknight <canyonknight@gmail.com>
2012-07-06Use sane date format strings everywhereLukas Fleischer1-2/+2
We fixed this for the fields displayed on the package details page in commit b5fffe9a02cd4fd3b7da66e403f02eea89c8fcad. This should fix the remaining ones. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Signed-off-by: canyonknight <canyonknight@gmail.com>
2012-06-24Implement token system to fix CSRF vulnerabilitiescanyonknight1-0/+1
Specially crafted pages can force authenticated users to unknowingly perform actions on the AUR website despite being on an attacker's website. This cross-site request forgery (CSRF) vulnerability applies to all POST data on the AUR. Implement a token system using a double submit cookie. Have a hidden form value on every page containing POST forms. Use the newly added check_token() to verify the token sent via POST matches the "AURSID" cookie value. Random nature of the token limits potential for CSRF. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-10-24Remove a boatload of inline table stylesDan McGee1-6/+6
Replacing with CSS styles where appropriate. A previously unused CSS style is tweaked in the stylesheet to match most of what was done via non-CSS styling. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-03-11Fix broken XHTML.Lukas Fleischer1-4/+6
Fix a lot of invalid XHTML in the templates and actions. There might still be some legacy code left, but this should cover most of it. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2010-11-03TU: Use htmlspecialchars instead of htmlentities.Loui Chang1-1/+1
Let the utf8 shine through. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-11-23tu: Bring Trusted User interface in line with the rest of the site.Loui Chang1-6/+1
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-02-13Change layout of tu_details.Loui Chang1-13/+19
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2009-02-13List TUs that voted on a proposal.Angel 'angvp' Velasquez1-1/+14
This patch lists who voted on a proposal after the proposal is closed. Signed-off-by: Loui Chang <louipc.ist@gmail.com>
2008-12-22Make some translatable strings friendlier to common usage.Loui Chang1-4/+4
Removing trailing colons and whitespace makes them more usable. Signed-off-by: Loui Chang <louipc.ist@gmail.com> Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com>
2008-10-05Major rearrangement of tu.php, strings setup for translationCallan Barrett1-0/+62
All the strings are set up to be translated now, HTML of tu.php has been moved to templates and the worst of it rewritten (there's no longer a massive function in it) Signed-off-by: Callan Barrett <wizzomafizzo@gmail.com> Signed-off-by: Loui Chang <louipc.ist@gmail.com>