[aur-dev] [PATCH 0/8] Assorted working branch changes
Most of these patches are minor changes and fix some lingering bug reports. The final patch is a really big change that I've been testing for a while now, it brings PDO to the AUR code. It is a large change so I'd love to have more eyes look over it and maybe some people test out corner cases and parts of the web interface that I may have failed at testing. This patch series is based against Lukas' "wip" branch [1]. Those changes and my changes in entirety can be had from my "working" branch [2]. [1] http://git.cryptocrack.de/aur.git/log/?h=wip [2] https://github.com/canyonknight/aur/tree/working canyonknight (8): pkgsubmit.php: Make page friendlier for logged out users pkg_details.php: Fix broken HTML for package page with no dependencies Update docs to require Archive_Tar version greater than 1.3.7 Print error message when maximum DB character length is exceeded Allow only Trusted Users, Developers, and Maintainers to unflag packages Fix broken RSS feed link on front page Fix broken package search on front page Migrate all DB code to use PDO INSTALL | 4 +- UPGRADING | 4 + web/html/home.php | 2 +- web/html/pkgsubmit.php | 43 +++-- web/lib/acctfuncs.inc.php | 229 ++++++++++++------------ web/lib/aur.inc.php | 154 ++++++---------- web/lib/aurjson.class.php | 26 ++- web/lib/cachefuncs.inc.php | 4 +- web/lib/config.inc.php.proto | 3 +- web/lib/pkgfuncs.inc.php | 306 +++++++++++++++++--------------- web/lib/stats.inc.php | 4 +- web/lib/translator.inc.php | 6 +- web/template/account_search_results.php | 2 +- web/template/actions_form.php | 3 +- web/template/pkg_details.php | 5 +- web/template/stats/updates_table.php | 2 +- 16 files changed, 400 insertions(+), 397 deletions(-) -- 1.7.11.4
Logged out users who navigate to /submit currently reach a page with only an error message. This adds the full navigation bar for users who errantly reach /submit before logging in. Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/pkgsubmit.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index 84688b4..e87279e 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -460,21 +460,21 @@ html_header("Submit"); </p> </fieldset> </form> - +</div> <?php else: print __("Sorry, uploads are not permitted by this server."); ?> <br /> - +</div> <?php endif; endif; else: # Visitor is not logged in + html_header("Submit"); print __("You must create an account before you can upload packages."); - exit(); ?> <br /> @@ -483,7 +483,7 @@ else: endif; ?> -</div> + <?php html_footer(AUR_VERSION); -- 1.7.11.4
The "Required by" column already handles an empty list appropriately. Move a </div> tag to match that behavior in the "Dependencies" column Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/template/pkg_details.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index 67cb5d1..da173ec 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -179,8 +179,8 @@ if ($row["MaintainerUID"]): <?php endif; ?> <?php endwhile; ?> </ul> - </div> <?php endif; ?> + </div> <div id="pkgreqs" class="listing"> <h3><?php echo __('Required by') . " (" . count($requiredby) . ")"?></h3> <?php if (count($requiredby) > 0): ?> -- 1.7.11.4
Prior to version 1.3.8 of Archive_Tar, long filenames within a tar file would result in the filename being a shortened string of the fullname. This shortening would prevent the upload of any tar file having a filepath longer than 99 characters. Require AUR installations to use an update Archive_Tar version to avoid related issues Fixes FS#30472 Signed-off-by: canyonknight <canyonknight@gmail.com> --- INSTALL | 2 +- UPGRADING | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/INSTALL b/INSTALL index ee4ed5a..ca79f10 100644 --- a/INSTALL +++ b/INSTALL @@ -51,7 +51,7 @@ Setup on Arch Linux: If those php extensions are separate packages on your system, install them. - AUR requires PEAR and the Archive_Tar module. + AUR requires PEAR and the Archive_Tar module (version > 1.3.7). Installing PEAR will vary depending on the system and may already be included with PHP. You can also find it in the PHP source distribution. diff --git a/UPGRADING b/UPGRADING index e0875d3..9318b71 100644 --- a/UPGRADING +++ b/UPGRADING @@ -13,6 +13,8 @@ ALTER TABLE Users ADD COLUMN PGPKey VARCHAR(40) NULL DEFAULT NULL; 2. Merge "web/lib/config.inc.php.proto" with "web/lib/config.inc.php". +3. Update Archive_Tar to version greater than 1.3.7. + From 1.9.0 to 1.9.1 ------------------- -- 1.7.11.4
Packages can currently be submitted with variables longer than the maximum allowed by the DB for that specific field. The string will be shortened without informing the user. This can result in unexpected oddities on submitted packages. Print error messages informing the user when the package name, URL, description, license, or version is too long. Also move the resolution of full package version (including epoch) to an earlier point in pkgsubmit.php Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/pkgsubmit.php | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index e87279e..5783da4 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -277,6 +277,35 @@ if ($uid): } } + # Determine the full package version with epoch + if (!$error) { + if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] > 0) { + $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } else { + $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } + } + + # The DB schema imposes limitations on number of allowed characters + # Print error message when these limitations are exceeded + if (!$error) { + if (strlen($pkg_name) > 64) { + $error = __("Error - Package name cannot be greater than %s characters", 64); + } + if (strlen($new_pkgbuild['url']) > 255) { + $error = __("Error - Package URL cannot be greater than %s characters", 255); + } + if (strlen($new_pkgbuild['pkgdesc']) > 255) { + $error = __("Error - Package description cannot be greater than %s characters", 255); + } + if (strlen($new_pkgbuild['license']) > 40) { + $error = __("Error - Package license cannot be greater than %s characters", 40); + } + if (strlen($pkg_version) > 32) { + $error = __("Error - Package version cannot be greater than %s characters", 32); + } + } + if (isset($pkg_name)) { $incoming_pkgdir = INCOMING_DIR . substr($pkg_name, 0, 2) . "/" . $pkg_name; } @@ -324,12 +353,6 @@ if ($uid): $pdata = pkgdetails_by_pkgname($new_pkgbuild['pkgname'], $dbh); - if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] > 0) { - $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); - } else { - $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); - } - # Check the category to use, "1" meaning "none" (or "keep category" for # existing packages). if (isset($_POST['category'])) { -- 1.7.11.4
On Thu, Aug 09, 2012 at 09:15:49PM -0400, canyonknight wrote:
Packages can currently be submitted with variables longer than the maximum allowed by the DB for that specific field. The string will be shortened without informing the user. This can result in unexpected oddities on submitted packages. Print error messages informing the user when the package name, URL, description, license, or version is too long.
Also move the resolution of full package version (including epoch) to an earlier point in pkgsubmit.php
Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/pkgsubmit.php | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-)
diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index e87279e..5783da4 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -277,6 +277,35 @@ if ($uid): } }
+ # Determine the full package version with epoch + if (!$error) { + if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] > 0) { + $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } else { + $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } + } + + # The DB schema imposes limitations on number of allowed characters + # Print error message when these limitations are exceeded + if (!$error) { + if (strlen($pkg_name) > 64) { + $error = __("Error - Package name cannot be greater than %s characters", 64); + } + if (strlen($new_pkgbuild['url']) > 255) { + $error = __("Error - Package URL cannot be greater than %s characters", 255); + } + if (strlen($new_pkgbuild['pkgdesc']) > 255) { + $error = __("Error - Package description cannot be greater than %s characters", 255); + } + if (strlen($new_pkgbuild['license']) > 40) { + $error = __("Error - Package license cannot be greater than %s characters", 40); + } + if (strlen($pkg_version) > 32) { + $error = __("Error - Package version cannot be greater than %s characters", 32); + }
Only one minor complaint: We should probably use "%d" here. The other patches look fine to me -- thanks!
+ } + if (isset($pkg_name)) { $incoming_pkgdir = INCOMING_DIR . substr($pkg_name, 0, 2) . "/" . $pkg_name; } @@ -324,12 +353,6 @@ if ($uid):
$pdata = pkgdetails_by_pkgname($new_pkgbuild['pkgname'], $dbh);
- if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] > 0) { - $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); - } else { - $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); - } - # Check the category to use, "1" meaning "none" (or "keep category" for # existing packages). if (isset($_POST['category'])) { -- 1.7.11.4
Packages can currently be submitted with variables longer than the maximum allowed by the DB for that specific field. The string will be shortened without informing the user. This can result in unexpected oddities on submitted packages. Print error messages informing the user when the package name, URL, description, license, or version is too long. Also move the resolution of full package version (including epoch) to an earlier point in pkgsubmit.php Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/pkgsubmit.php | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/web/html/pkgsubmit.php b/web/html/pkgsubmit.php index e87279e..5783da4 100644 --- a/web/html/pkgsubmit.php +++ b/web/html/pkgsubmit.php @@ -277,6 +277,35 @@ if ($uid): } } + # Determine the full package version with epoch + if (!$error) { + if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] > 0) { + $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } else { + $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); + } + } + + # The DB schema imposes limitations on number of allowed characters + # Print error message when these limitations are exceeded + if (!$error) { + if (strlen($pkg_name) > 64) { + $error = __("Error - Package name cannot be greater than %d characters", 64); + } + if (strlen($new_pkgbuild['url']) > 255) { + $error = __("Error - Package URL cannot be greater than %d characters", 255); + } + if (strlen($new_pkgbuild['pkgdesc']) > 255) { + $error = __("Error - Package description cannot be greater than %d characters", 255); + } + if (strlen($new_pkgbuild['license']) > 40) { + $error = __("Error - Package license cannot be greater than %d characters", 40); + } + if (strlen($pkg_version) > 32) { + $error = __("Error - Package version cannot be greater than %d characters", 32); + } + } + if (isset($pkg_name)) { $incoming_pkgdir = INCOMING_DIR . substr($pkg_name, 0, 2) . "/" . $pkg_name; } @@ -324,12 +353,6 @@ if ($uid): $pdata = pkgdetails_by_pkgname($new_pkgbuild['pkgname'], $dbh); - if (isset($new_pkgbuild['epoch']) && (int)$new_pkgbuild['epoch'] > 0) { - $pkg_version = sprintf('%d:%s-%s', $new_pkgbuild['epoch'], $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); - } else { - $pkg_version = sprintf('%s-%s', $new_pkgbuild['pkgver'], $new_pkgbuild['pkgrel']); - } - # Check the category to use, "1" meaning "none" (or "keep category" for # existing packages). if (isset($_POST['category'])) { -- 1.7.12
Currently everyone is allowed to unflag a package as out of date. This should be limited to only the appropriate people for a specific package. Fixes FS#27263 Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/lib/pkgfuncs.inc.php | 4 ++++ web/template/actions_form.php | 3 ++- web/template/pkg_details.php | 3 ++- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index 6fad628..c592e39 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -728,6 +728,10 @@ function pkg_flag ($atype, $ids, $action=true, $dbh=NULL) { } $q.= " WHERE ID IN (" . implode(",", $ids) . ")"; + if (!$action && ($atype != "Trusted User" && $atype != "Developer")) { + $q.= "AND MaintainerUID = " . uid_from_sid($_COOKIE["AURSID"], $dbh); + } + db_query($q, $dbh); if ($action) { diff --git a/web/template/actions_form.php b/web/template/actions_form.php index bfc0611..d687f50 100644 --- a/web/template/actions_form.php +++ b/web/template/actions_form.php @@ -21,7 +21,8 @@ <?php if ($row["OutOfDateTS"] === NULL): ?> <input type="submit" class="button" name="do_Flag" value="<?php echo __("Flag Out-of-date") ?>" /> - <?php else: ?> + <?php elseif (($row["OutOfDateTS"] !== NULL) && + ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?> <input type="submit" class="button" name="do_UnFlag" value="<?php echo __("UnFlag Out-of-date") ?>" /> <?php endif; ?> <?php endif; ?> diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index da173ec..7176e10 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -40,7 +40,8 @@ $sources = package_sources($row["ID"]); <?php if ($USE_VIRTUAL_URLS && $uid): ?> <?php if ($row["OutOfDateTS"] === NULL): ?> <li><a href="<?php echo get_pkg_uri($row['Name']) . 'flag/'; ?>"><?php echo __('Flag package out-of-date'); ?></a></li> - <?php else: ?> + <?php elseif (($row["OutOfDateTS"] !== NULL) && + ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?> <li><a href="<?php echo get_pkg_uri($row['Name']) . 'unflag/'; ?>"><?php echo __('Unflag package'); ?></a></li> <?php endif; ?> <?php if (user_voted($uid, $row['ID'])): ?> -- 1.7.11.4
Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/template/stats/updates_table.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/template/stats/updates_table.php b/web/template/stats/updates_table.php index 6e43e22..4955ddc 100644 --- a/web/template/stats/updates_table.php +++ b/web/template/stats/updates_table.php @@ -1,6 +1,6 @@ <h3><?php echo __("Recent Updates") ?></h3> -<a href="rss.php" title="Arch Package Updates RSS Feed" class="rss-icon"><img src="images/feed-icon-14x14.png" alt="RSS Feed" /></a> +<a href="<?php echo get_uri('/rss/') ?>" title="Arch Package Updates RSS Feed" class="rss-icon"><img src="/images/feed-icon-14x14.png" alt="RSS Feed" /></a> <table> <?php foreach ($newest_packages->getIterator() as $row): ?> -- 1.7.11.4
Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/home.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/html/home.php b/web/html/home.php index df112b8..8fecfd4 100644 --- a/web/html/home.php +++ b/web/html/home.php @@ -91,7 +91,7 @@ $dbh = db_connect(); </div> <div id="content-right"> <div id="pkgsearch" class="widget"> - <form id="pkgsearch-form" method="get" action="<?php get_uri('/packages/'); ?>"> + <form id="pkgsearch-form" method="get" action="<?php echo get_uri('/packages/'); ?>"> <fieldset> <label for="pkgsearch-field">Package Search:</label> <input type="hidden" name="O" value="0" /> -- 1.7.11.4
participants (2)
-
canyonknight
-
Lukas Fleischer