summaryrefslogtreecommitdiffstats
path: root/web/template
AgeCommit message (Collapse)AuthorFilesLines
2014-01-22Further optimize voters.php to only need the package namecanyonknight1-1/+1
* Extends changes in 81d4cc13dcae2f159ed937d4ce41e1df7d3c82b0 * Modify getvotes() to use the package name rather than package ID * Rename getvotes() to votes_for_pkgname() for clarity with new changes * Modify routing framework and links to now use package names for voters.php Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-09-08Convert adopt/disown package action link to formcanyonknight1-17/+17
* Changes adopting/disowning packages to use GET instead of POST * Uses CSS to make form submit button look like a link * Complements commit 3bc951e3d87eaf692a7e47cf16a28d838c7cb2bd Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-09-03tu_list.php: Hide table if no results are foundLukas Fleischer1-12/+13
Instead of showing a table with a single "No results found." entry, do not show the table at all and display the text "No results found." in a <p></p> container. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-09-03Move "Add Proposal" link to "Current Votes"Lukas Fleischer1-0/+7
The page this links to allows for adding an item to the list of current votes. Move the link accordingly. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27Re-add CRSF tokens to most package actionsLukas Fleischer1-0/+6
We fixed all known CRSF vulnerabilities in commit 2c93f0a (Implement token system to fix CSRF vulnerabilities, 2012-06-23). c349cb2 (Add virtual path support for package actions, 2012-07-17) partly reverted this by injecting a valid CRSF token when virtual paths are in use. This patch allows for keeping the virtual path feature, while reintroducing POST forms and CRSF tokens. Actions like package flagging, votes and notifications are no longer prone to CRSF (see FS#35437 for details). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-27pkg_details: Convert most action links to formsLukas Fleischer1-6/+30
Use forms and POST instead of GET for following actions: * Flagging/Unflagging a package out-of-date * Voting for a package and removing votes * Enabling/Disabling notifications Use CSS to make the submit buttons of these forms look like links. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-26tu_details.php: Avoid division by zeroLukas Fleischer1-1/+5
Do not divide by zero if the number of active TUs is unknown. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-26Move "Past Votes" navigation to "Past Votes" boxLukas Fleischer1-0/+14
These are navigation links and do not belong to the action box. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-26Add "Last Votes by TU" listLukas Fleischer1-0/+40
This shows a list of all Trusted Users and the vote ID of the last proposal each of the TUs voted on. This list is sorted by vote ID. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-22tu_details.php: Display vote resultLukas Fleischer1-0/+20
This adds an field that indicates whether the vote was accepted or rejected, based on the rules specified in the TU Bylaws. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-22tu_details.php: Avoid inline computationsLukas Fleischer1-6/+15
Compute the total number of votes and the participation at the beginning of the template instead of doing it inside the template itself. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-22Show participation in vote detailsLukas Fleischer1-0/+6
This is calculated by dividing the sum of all votes by the total number of TUs (where the number of TUs is measured when the vote starts). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-08-22Allow for setting an account's inactivity statusLukas Fleischer2-0/+11
This adds a field to the users table and corresponding fields to the account edit and display forms that allow for setting an (in-)activity status. This might turn out to be useful if a user is on vacation and can not respond to update/orphan/deletion requests. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-03-19Enforce e-mail validation during registrationLukas Fleischer1-2/+2
Remove the password field from the account creation form and always send a password reset request via e-mail instead. This ensures that only users with valid e-mail addresses are able to login. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-02-10Fix default selection on the account edit pageLukas Fleischer1-3/+3
We used a mixture of account type IDs and account type descriptions on the account edit page. This resulted in the account type field always defaulting to "Normal user" after an invalid form had been submitted. Consistently use account type IDs to avoid this. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-01-30Merge branch 'maint'Lukas Fleischer1-2/+2
2013-01-30pkg_details.php: Add missing translatable stringcanyonknight1-2/+2
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-01-19Merge branch 'maint'Lukas Fleischer2-2/+2
2013-01-19user_table.php: Remove unused link parametercanyonknight1-1/+1
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-01-19We live in 2013 nowMarcel Korpel1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2013-01-19Add description meta-element to package pagesMarcel Korpel1-0/+3
Implements FS#33294 Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-11-07pkg_details.php: Fix potential XSS for package names and dep conditionscanyonknight1-3/+3
Package names and dep conditions can be specially crafted for an XSS attack. Properly sanitize these variables on the package details page. In addition, avoid including dep conditions as part of a package link. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-11-04Avoid use of "$_SERVER['REQUEST_URI']"Lukas Fleischer1-1/+1
Use the routing library to build proper URIs instead of relying on the "REQUEST_URI" server variable which can be manipulated and might return bogus URIs. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-11-04pkg_details.php: Remove plural from the adopt/disown buttonLukas Fleischer1-2/+2
Fixes FS#32455. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-11-04Add missing internationalization to a few stringsLukas Fleischer1-2/+2
Fixes FS#32449. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-11-04header.php: Do not lowercase language selection entriesLukas Fleischer1-2/+2
Commit 091c2b5f5523773604699b914c19e6b02ce290bc introduced lower casing to the language drop-down list. Revert this and use htmlspecialchars() to escape language entries instead. Addresses FS#32453. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-28Implement word-wrap for package statisticsLukas Fleischer1-8/+8
Word-wrap labels in the package statistics box, just as we wrap package names in the "Recent Updates" box. Addresses FS#32160. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-22Use HTTPS links everywhere for Arch sitesDan McGee2-5/+5
The main site, wiki, and BBS are using HTTPS exclusively, so link directly to the correct protocol rather than forcing a redirect. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-21Link to the HTTPs login page in the headerLukas Fleischer1-0/+4
Change the login link so that it points directly to the HTTPs version of the login page if "$DISABLE_HTTP_LOGIN" is set and if HTTP is used. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-20account_details.php: Fix XHTML tags being closed incorrectlycanyonknight1-7/+7
Replace incorrect </td> tags with </th> tags Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-20account_edit_form.php: Fix some XHTML errorscanyonknight1-7/+9
* Add </option> close tags * Add VI delimiter to selected option * Add quotes to language codes Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-20tu_list.php: Remove stray "</span>" tagscanyonknight1-1/+1
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-20pkg_comment_form.php: Remove reference to "call" attributecanyonknight1-1/+1
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-20pkg_details.php: Add missing XHTML close tagscanyonknight1-2/+4
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-14pkg_search_results.php: Mark out-of-date packagesLukas Fleischer1-1/+1
Highlight the version number of out-of-date packages on the package search results page using the "flagged" class from archweb. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-14pkg_search_results.php: Move version to a separate columnLukas Fleischer1-1/+3
Synchronize the column layout with archweb. This also allows for easily highlighting the version number of out-of-date packages. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-11pkg_comments.php: Move delete button to same line as poster infocanyonknight1-1/+3
The delete button is currently on a separate line. Change some logic to allow for the button to be on the same line as poster info. Reported-by: Dave Reisner <d@falconindy.com> Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-11pkg_comment_form.php: Remove redundant label for the comment boxcanyonknight1-2/+0
Comment box already uses <h2> tag. Additional label is not needed. Also remove label for form submit button. Reported-by: Dave Reisner <d@falconindy.com> Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-11Remove character limit on password lengthcanyonknight1-2/+2
As all new passwords are hashed and therefore stored in the database at the same length, this limitation is no longer needed. Fixes FS#31855 Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-10Change logo link for consistency with Archwebcanyonknight1-1/+1
Fixes FS#27669 Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-08Refactor TU voters listLukas Fleischer1-1/+5
* Change voters_list() to return an array of voters instead of generating HTML code in the library call. * Change the template to generate HTML code for the list of voters instead of displaying the library's return value. * Use HTML lists. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-04pkg_search_results.php: Word-wrap package descriptionLukas Fleischer1-1/+1
Implements FS#31803. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-04Sync account details page with archwebLukas Fleischer1-54/+52
Synchronize the layout of the account details page with the developer profiles page from archweb. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-10-04Sync account editing page with archwebLukas Fleischer1-105/+76
Synchronize the layout of the account editing page with the profiles page from archweb. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-28pkg_details.php: Utilize account details virtual URLcanyonknight1-0/+8
When virtual URLs are enabled, simpler links can be used to access a user's account details page. Change this for both the maintainer and submitter links. Keeps backwards compatibility with virtual URLs being disabled. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-28Deprecate actions bar when virtual URLs are usedcanyonknight1-3/+1
The only buttons on the actions bar that were still used when virtual URLs are enabled were the package deletion and package merging. These now reside in separate pages, so remove the need for the actions bar when virtual URLs are enabled. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-28Move package merging to a separate pagecanyonknight1-0/+1
Package actions now have a separate box on the package details page. Add a package merge link in that box. Link leads to a new page (pkgmerge.php) that can be used to confirm package merging. A separate page with confirmation is used to avoid CSRFs. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-28Move package deletion to a separate pagecanyonknight1-0/+3
Package actions now have a separate box on the package details page. Make a package deletion link in that box. Link leads to a new page (pkgdel.php) that can be used to confirm package deletion. A separate page with confirmation is used to avoid CSRFs. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-24Avoid use of "<b>"/"</b>"Lukas Fleischer1-4/+4
* Use "<label>"/"</label>" for form labels. * Use "<strong>"/"</strong>" for important text. * Use "<h4>"/"</h4>" for headings. * Drop "<b>"/"</b>" everywhere else. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2012-09-24Use echo shortcut syntaxLukas Fleischer17-312/+312
Replace all occurrences of "<?php echo" and "<?php print" by "<?=" to reduce noise in templates. Note that as of PHP 5.4.0, "<?=" is always available and no longer requires "short_open_tag" to be set. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
generated by cgit v1.2.3-70-g09d2 (git 2.47.0) at 2024-11-02 19:09:30 +0000