summaryrefslogtreecommitdiffstats
path: root/web
AgeCommit message (Collapse)AuthorFilesLines
2014-12-27Use raw scanner mode in config_get()Lukas Fleischer1-1/+1
We do not want PHP to parse the values for us. Use raw scanner mode to avoid issues with certain values, such as regular expressions. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-27Release 3.5.1Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-19Suggest using makepkg instead of mkaurballLukas Fleischer1-2/+2
pacman 4.2.0 supports .SRCINFO and generates meta data by default. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-13Redirect to requests page after accepting deletionsLukas Fleischer1-1/+2
Fixes FS#43100. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-13Show user name in title on the account details pageLukas Fleischer1-13/+19
Suggested-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-12-13Avoid double slashes in notification email bodyLukas Fleischer6-20/+26
Refactor some of the URI generation code to avoid double slashes in absolute URIs. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-11-22Release 3.5.0Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-11-21Remove duplicate slash in the password reset URLLukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-11-21Check password length on the password reset formLukas Fleischer1-0/+4
We already check for a minimum password length on the account edit page. Add the same check to the password reset form (which is also used to set an initial password). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-11-21Always use virtual URLsLukas Fleischer7-170/+45
Support for non-virtual URLs has been broken for a long time and is no longer used on the official AUR setup. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-11-19Fix login linkLukas Fleischer1-1/+1
Regression introduced in 76343fb (Use an INI-style configuration file, 2014-10-24). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-11-18Add support for .SRCINFOLukas Fleischer1-3/+4
pacman officially supports .SRCINFO since commit 6029a77 (makepkg: introduce .SRCINFO files for source packages, 2014-11-08). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-24Use an INI-style configuration fileLukas Fleischer20-207/+153
Replace web/lib/config.inc.php with an INI-style configuration file. This allows us to get rid of several globals and makes it easier to use the same configuration file in external scripts. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-17voters.php: Show time stamps if availableLukas Fleischer2-2/+7
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-16Add a time stamp to package base votesLukas Fleischer1-3/+3
This can potentially be used to identify trending packages. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-11Merge branch 'maint'Lukas Fleischer1-1/+1
2014-10-10Add support for architecture-specific sourcesLukas Fleischer3-28/+44
As a follow-up to 4d7da95 (Add support for architecture-specific fields, 2014-08-10), handle architecture-specific source fields as well. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-10Add a script to generate package listsLukas Fleischer1-0/+6
This can be used to regularly generate lists of packages and package bases that are made available under /packages.gz and /pkgbase.gz, respectively. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-10Use readfile() instead of include for static filesLukas Fleischer1-4/+4
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-10Use proper email address in send_resetkey()Lukas Fleischer1-1/+1
Fixes FS#41860. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-03Merge branch 'maint'Lukas Fleischer2-2/+3
2014-10-03Include proper timestamp in auto-accept emailsLukas Fleischer1-1/+1
Fixes a regression introduced in c70b340 (Close requests before accepting, 2014-07-29). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-03Fix permission check in pkgreq_close()Lukas Fleischer1-1/+1
Make sure that requests can be auto-accepted if filed by a regular user. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-10-03rss.php: Include package functionsLukas Fleischer1-0/+1
This is needed since 4426877 (Move latest_pkgs() to pkgfuncs.inc.php, 2014-05-29). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-11Merge branch 'maint'Lukas Fleischer7-7/+21
2014-08-10Add support for architecture-specific fieldsLukas Fleischer3-37/+106
This adds support for architecture-specific dependencies and relations. Support for this has recently been added to makepkg, see commit 2b556d8 (PKGBUILD: handle arch specific attributes, 2014-07-25) in the pacman repository for details. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-10Group dependencies by dependency typeLukas Fleischer1-0/+10
Implements FS#40888. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-08Add permission checks to the request featureLukas Fleischer3-0/+14
* Only show the request form to users that are logged in. * Only show the close request form to Trusted Users and developers. * Check for a valid login in pkgreq_file(). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-08Fix the return value of save_salt()Lukas Fleischer1-1/+1
Return true if and only if the SQL query was executed successfully. Logins with an unsalted password no longer fail now. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-06Fix notification handling on submission and adoptionLukas Fleischer2-2/+2
Automatically add users to the notification list when adopting a package. This used to work bug was broken by 03c6304 (Rework permission handling, 2014-07-15). Fixes FS#41426. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-06Add PCRE_DOLLAR_ENDONLY to preg_match()Lukas Fleischer3-4/+4
When using preg_match() to check for a match that starts at the beginning of the string and ends at the last character of the string, we do not want to allow an additional newline character to sneak in. Amongst other potential loopholes, adding the PCRE_DOLLAR_ENDONLY modifier prevents users from registering with user names that end with a newline character. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-02Release 3.4.3Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-08-02Count users in "Trusted User & Developer" group as TUBalló György2-3/+3
This reflects the changes in 3610f3c. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Release 3.4.2Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Lock fresh orphan requestsLukas Fleischer1-2/+18
Trusted Users should almost always wait for two weeks before accepting an orphan request. Lock orphan requests during the first two weeks. Package bases can still be orphaned and package requests can still be closed manually during that period of time. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Close requests before acceptingLukas Fleischer2-11/+29
When auto-accepting a request, we need to close the package request before performing the actual action (disown/deletion/merge). Otherwise, the former maintainer is not included in the Cc list of the acceptance/rejection notification email. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Remove duplicate recipients from CcLukas Fleischer1-0/+2
When a user files a request for a package maintained by himself, he is currently included in the Cc list twice. Use array_unique() to omit repeated entries. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Allow users to delete their own commentsLukas Fleischer1-13/+5
Fixes a regression introduced in 03c6304 (Rework permission handling, 2014-07-15). Fixes FS#41379. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Release 3.4.1Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Suppress PHP notice in process_account_form()Lukas Fleischer1-3/+6
Add a check to remove a notice which is displayed after registration since commit 03c6304 (Rework permission handling, 2014-07-15). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Fix the registration formLukas Fleischer1-3/+3
Pass the right parameters to display_account_form() and process_account_form() when showing/processing the registration form. Fixes a regression introduced in 03c6304 (Rework permission handling, 2014-07-15). Reported-by: Karthik K <hashken.distro@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-29Do not show deletion link on the registration pageLukas Fleischer1-1/+1
In 7df8dc8 (Add support for deleting user accounts, 2014-07-25), a link to the account deletion page was added to the account edit form. Make sure we only show this link if the user actually wants to edit an account and do not show this link on the account registration page. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-28Release 3.4.0Lukas Fleischer1-1/+1
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Do not allow regular users to edit all accountsLukas Fleischer1-1/+1
Fixes a regression introduced in 03c6304 (Rework permission handling, 2014-07-15). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Add support for deleting user accountsLukas Fleischer4-0/+44
Users can now delete their own accounts by clicking a link in the account edit form and confirming the deletion on a follow-up page. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Clean up user references in user_delete()Lukas Fleischer1-0/+35
Explicitly clean up all references before deleting a user. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-25Make deleted comments visible to Trusted UsersLukas Fleischer5-11/+30
This allows Trusted Users to check whether a user posted a politically incorrect comment, even if he already deleted it. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Add typeahead suggest to the merge request formLukas Fleischer3-2/+56
Add the typeahead implementation we already use for the package search to the merge target text field. Instead of suggesting packages, suggest package base names. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23Prevent merging a package base with itselfLukas Fleischer2-4/+11
Instead of deleting the package, show an error message if a user tries to merge a package base with itself. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2014-07-23pkgreq_results.php: Only show non-empty merge targetsLukas Fleischer1-1/+6
In the column that contains the merge target, only display the parentheses if the merge target is a non-empty string. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>