On Fri, 26 Jun 2015 at 18:06:36, Gordian Edenhofer wrote:
Displaying flag, notify, vote, adopt and file requet buttons for users which did not authenticate themselves and letting those fake buttons link to the login page. --- web/template/pkgbase_actions.php | 47 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+)
diff --git a/web/template/pkgbase_actions.php b/web/template/pkgbase_actions.php index a659c88..cd55464 100644 --- a/web/template/pkgbase_actions.php +++ b/web/template/pkgbase_actions.php @@ -45,6 +45,53 @@ <?php elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))): ?> <li><?= html_action_form($base_uri . 'disown/', "do_Disown", __('Disown Package')) ?></li> <?php endif; ?> + + <?php else: ?> + <?php if ($row["OutOfDateTS"] === NULL): ?> + <li> + <?php if (config_get_bool('options', 'disable_http_login') && empty($_SERVER['HTTPS'])): ?> + <?= html_action_link(get_uri('/login/', true), __('Flag package out-of-date')) ?> + <?php else: ?> + <?= html_action_link(get_uri('/login/'), __('Flag package out-of-date')) ?> + <?php endif; ?> [...]
Thanks for submitting a reworked version! I still think this is way too much duplicate code, though. First of all, you are repeating the same if-else statement over and over again which is an indication that there should be a wrapper function. But then again, I don't think we need two differentiate those cases at all. Redirecting to the HTTP page when the user chooses to use HTTP is fine. The official setup even uses HTTPs unconditionally, so this doesn't affect us at all. Maybe it is time to drop the disable_http_login setting... I also still think that it is possible to implement this without duplicating all the links. Is there a reason we cannot simply remove the $uid check from the pkgbase_actions template and make the html_action_link() helper generate either proper or fake links, based on whether you are logged in? Regards, Lukas