[aur-dev] [PATCH 1/3] Move package deletion to a separate page
Package actions now have a separate box on the package details page. Make a package deletion link in that box. Link leads to a new page (pkgdel.php) that can be used to confirm package deletion. A separate page with confirmation is used to avoid CSRFs. Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/index.php | 3 +++ web/html/pkgdel.php | 45 ++++++++++++++++++++++++++++++++++++++++++++ web/template/pkg_details.php | 3 +++ 3 files changed, 51 insertions(+) create mode 100644 web/html/pkgdel.php diff --git a/web/html/index.php b/web/html/index.php index ce8fa52..3fe6338 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { case "unflag": $_POST['do_UnFlag'] = __('UnFlag'); break; + case "delete": + include('pkgdel.php'); + return; } if (isset($_COOKIE['AURSID'])) { diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php new file mode 100644 index 0000000..a581176 --- /dev/null +++ b/web/html/pkgdel.php @@ -0,0 +1,45 @@ +<?php + +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); + +include_once("aur.inc.php"); +include_once("pkgfuncs.inc.php"); + +set_lang(); +check_sid(); + +html_header(__("Package Deletion")); + +$atype = ""; + +if (isset($_COOKIE["AURSID"])) { + $atype = account_from_sid($_COOKIE["AURSID"]); +} + +if ($atype == "Trusted User" || $atype == "Developer"): ?> +<div class="box"> + <h2><?php echo __('Delete Package: %s', htmlspecialchars($pkgname)) ?></h2> + <p> + <?php echo __('Use this form to delete the package (%s%s%s) from the AUR. ', + '<strong>', htmlspecialchars($pkgname), '</strong>' + ); + echo __('Deletion of a package is permanent. '); + echo __('Select the checkbox to confirm action.') ?> + </p> + <form action="<?php echo get_uri('/packages/'); ?>" method="post"> + <fieldset> + <input type="hidden" name="IDs[<?php echo $pkgid ?>]" value="1" /> + <input type="hidden" name="ID" value="<?php echo $pkgid ?>" /> + <input type="hidden" name="token" value="<?php echo htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <p><input type="checkbox" name="confirm_Delete" value="1" /> + <?php echo __("Confirm package deletion") ?></p> + <p><input type="submit" class="button" name="do_Delete" value="<?php echo __("Delete") ?>" /></p> + </fieldset> + </form> +</div> + +<?php else: + print __("Only Trusted Users and Developers can delete packages."); +endif; + +html_footer(AUR_VERSION); diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index 4e9e073..dcc086b 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -54,6 +54,9 @@ $sources = package_sources($row["ID"]); <?php else: ?> <li><a href="<?= get_pkg_uri($row['Name']) . 'notify/'; ?>"><?= __('Notify of new comments'); ?></a></li> <?php endif; ?> + <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <li><a href="<?= get_pkg_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> + <?php endif; ?> <?php endif; ?> </ul> <?php if ($uid): ?> -- 1.7.12.1
Package actions now have a separate box on the package details page. Add a package merge link in that box. Link leads to a new page (pkgmerge.php) that can be used to confirm package merging. A separate page with confirmation is used to avoid CSRFs. Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/index.php | 3 +++ web/html/pkgmerge.php | 48 ++++++++++++++++++++++++++++++++++++++++++++ web/template/pkg_details.php | 1 + 3 files changed, 52 insertions(+) create mode 100644 web/html/pkgmerge.php diff --git a/web/html/index.php b/web/html/index.php index 3fe6338..12f79cb 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -46,6 +46,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { case "delete": include('pkgdel.php'); return; + case "merge": + include('pkgmerge.php'); + return; } if (isset($_COOKIE['AURSID'])) { diff --git a/web/html/pkgmerge.php b/web/html/pkgmerge.php new file mode 100644 index 0000000..687982e --- /dev/null +++ b/web/html/pkgmerge.php @@ -0,0 +1,48 @@ +<?php + +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); + +include_once("aur.inc.php"); +include_once("pkgfuncs.inc.php"); + +set_lang(); +check_sid(); + +html_header(__("Package Merging")); + +$atype = ""; + +if (isset($_COOKIE["AURSID"])) { + $atype = account_from_sid($_COOKIE["AURSID"]); +} + +if ($atype == "Trusted User" || $atype == "Developer"): ?> +<div class="box"> + <h2><?php echo __('Merge Package: %s', htmlspecialchars($pkgname)) ?></h2> + <p> + <?php echo __('Use this form to merge the package (%s%s%s) into another package. ', + '<strong>', htmlspecialchars($pkgname), '</strong>' + ); + echo __('Once the package has been merged it cannot be reversed. '); + echo __('Enter the package name you wish to merge the package into. '); + echo __('Select the checkbox to confirm action.') ?> + </p> + <form action="<?php echo get_uri('/packages/'); ?>" method="post"> + <fieldset> + <input type="hidden" name="IDs[<?php echo $pkgid ?>]" value="1" /> + <input type="hidden" name="ID" value="<?php echo $pkgid ?>" /> + <input type="hidden" name="token" value="<?php echo htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <p><label for="merge_Into" ><?php echo __("Merge into:") ?></label> + <input type="text" id="merge_Into" name="merge_Into" /></p> + <p><input type="checkbox" name="confirm_Delete" value="1" /> + <?php echo __("Confirm package merge") ?></p> + <p><input type="submit" class="button" name="do_Delete" value="<?php echo __("Merge") ?>" /></p> + </fieldset> + </form> +</div> + +<?php else: + print __("Only Trusted Users and Developers can merge packages."); +endif; + +html_footer(AUR_VERSION); diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index dcc086b..182722d 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -56,6 +56,7 @@ $sources = package_sources($row["ID"]); <?php endif; ?> <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> <li><a href="<?= get_pkg_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> + <li><a href="<?= get_pkg_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li> <?php endif; ?> <?php endif; ?> </ul> -- 1.7.12.1
On Wed, Sep 26, 2012 at 08:03:24PM -0400, canyonknight wrote:
Package actions now have a separate box on the package details page. Add a package merge link in that box.
Link leads to a new page (pkgmerge.php) that can be used to confirm package merging. A separate page with confirmation is used to avoid CSRFs.
Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/index.php | 3 +++ web/html/pkgmerge.php | 48 ++++++++++++++++++++++++++++++++++++++++++++ web/template/pkg_details.php | 1 + 3 files changed, 52 insertions(+) create mode 100644 web/html/pkgmerge.php
diff --git a/web/html/index.php b/web/html/index.php index 3fe6338..12f79cb 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -46,6 +46,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { case "delete": include('pkgdel.php'); return; + case "merge": + include('pkgmerge.php'); + return; }
if (isset($_COOKIE['AURSID'])) { diff --git a/web/html/pkgmerge.php b/web/html/pkgmerge.php new file mode 100644 index 0000000..687982e --- /dev/null +++ b/web/html/pkgmerge.php @@ -0,0 +1,48 @@ +<?php + +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); + +include_once("aur.inc.php"); +include_once("pkgfuncs.inc.php"); + +set_lang(); +check_sid(); + +html_header(__("Package Merging")); + +$atype = ""; + +if (isset($_COOKIE["AURSID"])) { + $atype = account_from_sid($_COOKIE["AURSID"]); +} + +if ($atype == "Trusted User" || $atype == "Developer"): ?> +<div class="box"> + <h2><?php echo __('Merge Package: %s', htmlspecialchars($pkgname)) ?></h2> + <p> + <?php echo __('Use this form to merge the package (%s%s%s) into another package. ', + '<strong>', htmlspecialchars($pkgname), '</strong>' + ); + echo __('Once the package has been merged it cannot be reversed. '); + echo __('Enter the package name you wish to merge the package into. '); + echo __('Select the checkbox to confirm action.') ?> + </p> + <form action="<?php echo get_uri('/packages/'); ?>" method="post"> + <fieldset> + <input type="hidden" name="IDs[<?php echo $pkgid ?>]" value="1" /> + <input type="hidden" name="ID" value="<?php echo $pkgid ?>" /> + <input type="hidden" name="token" value="<?php echo htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <p><label for="merge_Into" ><?php echo __("Merge into:") ?></label> + <input type="text" id="merge_Into" name="merge_Into" /></p> + <p><input type="checkbox" name="confirm_Delete" value="1" /> + <?php echo __("Confirm package merge") ?></p> + <p><input type="submit" class="button" name="do_Delete" value="<?php echo __("Merge") ?>" /></p> + </fieldset> + </form> +</div> + +<?php else: + print __("Only Trusted Users and Developers can merge packages."); +endif; + +html_footer(AUR_VERSION);
Same here, it would be good if we used the echo shortcut syntax here.
diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index dcc086b..182722d 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -56,6 +56,7 @@ $sources = package_sources($row["ID"]); <?php endif; ?> <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> <li><a href="<?= get_pkg_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> + <li><a href="<?= get_pkg_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li> <?php endif; ?> <?php endif; ?> </ul> -- 1.7.12.1
Package actions now have a separate box on the package details page. Add a package merge link in that box. Link leads to a new page (pkgmerge.php) that can be used to confirm package merging. A separate page with confirmation is used to avoid CSRFs. Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/index.php | 3 +++ web/html/pkgmerge.php | 47 ++++++++++++++++++++++++++++++++++++++++++++ web/template/pkg_details.php | 1 + 3 files changed, 51 insertions(+) create mode 100644 web/html/pkgmerge.php diff --git a/web/html/index.php b/web/html/index.php index 3fe6338..12f79cb 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -46,6 +46,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { case "delete": include('pkgdel.php'); return; + case "merge": + include('pkgmerge.php'); + return; } if (isset($_COOKIE['AURSID'])) { diff --git a/web/html/pkgmerge.php b/web/html/pkgmerge.php new file mode 100644 index 0000000..834d0c9 --- /dev/null +++ b/web/html/pkgmerge.php @@ -0,0 +1,47 @@ +<?php + +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); + +include_once("aur.inc.php"); +include_once("pkgfuncs.inc.php"); + +set_lang(); +check_sid(); + +html_header(__("Package Merging")); + +$atype = ""; + +if (isset($_COOKIE["AURSID"])) { + $atype = account_from_sid($_COOKIE["AURSID"]); +} + +if ($atype == "Trusted User" || $atype == "Developer"): ?> +<div class="box"> + <h2><?= __('Merge Package: %s', htmlspecialchars($pkgname)) ?></h2> + <p> + <?= __('Use this form to merge the package (%s%s%s) into another package. ', + '<strong>', htmlspecialchars($pkgname), '</strong>'); ?> + <?= __('Once the package has been merged it cannot be reversed. '); ?> + <?= __('Enter the package name you wish to merge the package into. '); ?> + <?= __('Select the checkbox to confirm action.') ?> + </p> + <form action="<?= get_uri('/packages/'); ?>" method="post"> + <fieldset> + <input type="hidden" name="IDs[<?= $pkgid ?>]" value="1" /> + <input type="hidden" name="ID" value="<?= $pkgid ?>" /> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <p><label for="merge_Into" ><?= __("Merge into:") ?></label> + <input type="text" id="merge_Into" name="merge_Into" /></p> + <p><input type="checkbox" name="confirm_Delete" value="1" /> + <?= __("Confirm package merge") ?></p> + <p><input type="submit" class="button" name="do_Delete" value="<?= __("Merge") ?>" /></p> + </fieldset> + </form> +</div> + +<?php else: + print __("Only Trusted Users and Developers can merge packages."); +endif; + +html_footer(AUR_VERSION); diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index dcc086b..182722d 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -56,6 +56,7 @@ $sources = package_sources($row["ID"]); <?php endif; ?> <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> <li><a href="<?= get_pkg_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> + <li><a href="<?= get_pkg_uri($row['Name']) . 'merge/'; ?>"><?= __('Merge Package'); ?></a></li> <?php endif; ?> <?php endif; ?> </ul> -- 1.7.12.1
The only buttons on the actions bar that were still used when virtual URLs are enabled were the package deletion and package merging. These now reside in separate pages, so remove the need for the actions bar when virtual URLs are enabled. Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/template/actions_form.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/web/template/actions_form.php b/web/template/actions_form.php index 650c6c6..c5abbb3 100644 --- a/web/template/actions_form.php +++ b/web/template/actions_form.php @@ -1,4 +1,4 @@ -<?php if (!$USE_VIRTUAL_URLS || $atype == "Trusted User" || $atype == "Developer" ): ?> +<?php if (!$USE_VIRTUAL_URLS): ?> <div class="box"> <form action="<?= htmlspecialchars(get_pkg_uri($row['Name']), ENT_QUOTES); ?>" method="post"> <fieldset> @@ -6,7 +6,6 @@ <input type="hidden" name="ID" value="<?= $row['ID'] ?>" /> <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> - <?php if (!$USE_VIRTUAL_URLS): ?> <?php if (user_voted($uid, $row['ID'])): ?> <input type="submit" class="button" name="do_UnVote" value="<?= __("UnVote") ?>" /> <?php else: ?> @@ -25,7 +24,6 @@ ($uid == $row["MaintainerUID"] || $atype == "Trusted User" || $atype == "Developer")): ?> <input type="submit" class="button" name="do_UnFlag" value="<?= __("UnFlag Out-of-date") ?>" /> <?php endif; ?> - <?php endif; ?> <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> <input type="submit" class="button" name="do_Delete" value="<?= __("Delete Packages") ?>" /> -- 1.7.12.1
On Wed, Sep 26, 2012 at 08:03:23PM -0400, canyonknight wrote:
Package actions now have a separate box on the package details page. Make a package deletion link in that box.
Link leads to a new page (pkgdel.php) that can be used to confirm package deletion. A separate page with confirmation is used to avoid CSRFs.
Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/index.php | 3 +++ web/html/pkgdel.php | 45 ++++++++++++++++++++++++++++++++++++++++++++ web/template/pkg_details.php | 3 +++ 3 files changed, 51 insertions(+) create mode 100644 web/html/pkgdel.php
diff --git a/web/html/index.php b/web/html/index.php index ce8fa52..3fe6338 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { case "unflag": $_POST['do_UnFlag'] = __('UnFlag'); break; + case "delete": + include('pkgdel.php'); + return; }
if (isset($_COOKIE['AURSID'])) { diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php new file mode 100644 index 0000000..a581176 --- /dev/null +++ b/web/html/pkgdel.php @@ -0,0 +1,45 @@ +<?php + +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); + +include_once("aur.inc.php"); +include_once("pkgfuncs.inc.php"); + +set_lang(); +check_sid(); + +html_header(__("Package Deletion")); + +$atype = ""; + +if (isset($_COOKIE["AURSID"])) { + $atype = account_from_sid($_COOKIE["AURSID"]); +} + +if ($atype == "Trusted User" || $atype == "Developer"): ?> +<div class="box"> + <h2><?php echo __('Delete Package: %s', htmlspecialchars($pkgname)) ?></h2> + <p> + <?php echo __('Use this form to delete the package (%s%s%s) from the AUR. ', + '<strong>', htmlspecialchars($pkgname), '</strong>' + ); + echo __('Deletion of a package is permanent. '); + echo __('Select the checkbox to confirm action.') ?> + </p> + <form action="<?php echo get_uri('/packages/'); ?>" method="post"> + <fieldset> + <input type="hidden" name="IDs[<?php echo $pkgid ?>]" value="1" /> + <input type="hidden" name="ID" value="<?php echo $pkgid ?>" /> + <input type="hidden" name="token" value="<?php echo htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <p><input type="checkbox" name="confirm_Delete" value="1" /> + <?php echo __("Confirm package deletion") ?></p> + <p><input type="submit" class="button" name="do_Delete" value="<?php echo __("Delete") ?>" /></p> + </fieldset> + </form> +</div> + +<?php else: + print __("Only Trusted Users and Developers can delete packages."); +endif; + +html_footer(AUR_VERSION);
You're still using the deprecated "<?php echo" and <?php print" syntax here. It would be great if this could be revised to use the new shortcut syntax.
diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index 4e9e073..dcc086b 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -54,6 +54,9 @@ $sources = package_sources($row["ID"]); <?php else: ?> <li><a href="<?= get_pkg_uri($row['Name']) . 'notify/'; ?>"><?= __('Notify of new comments'); ?></a></li> <?php endif; ?> + <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <li><a href="<?= get_pkg_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> + <?php endif; ?> <?php endif; ?> </ul> <?php if ($uid): ?> -- 1.7.12.1
On Thu, Sep 27, 2012 at 5:08 AM, Lukas Fleischer <archlinux@cryptocrack.de> wrote:
On Wed, Sep 26, 2012 at 08:03:23PM -0400, canyonknight wrote:
Package actions now have a separate box on the package details page. Make a package deletion link in that box.
Link leads to a new page (pkgdel.php) that can be used to confirm package deletion. A separate page with confirmation is used to avoid CSRFs.
Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/index.php | 3 +++ web/html/pkgdel.php | 45 ++++++++++++++++++++++++++++++++++++++++++++ web/template/pkg_details.php | 3 +++ 3 files changed, 51 insertions(+) create mode 100644 web/html/pkgdel.php
diff --git a/web/html/index.php b/web/html/index.php index ce8fa52..3fe6338 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { case "unflag": $_POST['do_UnFlag'] = __('UnFlag'); break; + case "delete": + include('pkgdel.php'); + return; }
if (isset($_COOKIE['AURSID'])) { diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php new file mode 100644 index 0000000..a581176 --- /dev/null +++ b/web/html/pkgdel.php @@ -0,0 +1,45 @@ +<?php + +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); + +include_once("aur.inc.php"); +include_once("pkgfuncs.inc.php"); + +set_lang(); +check_sid(); + +html_header(__("Package Deletion")); + +$atype = ""; + +if (isset($_COOKIE["AURSID"])) { + $atype = account_from_sid($_COOKIE["AURSID"]); +} + +if ($atype == "Trusted User" || $atype == "Developer"): ?> +<div class="box"> + <h2><?php echo __('Delete Package: %s', htmlspecialchars($pkgname)) ?></h2> + <p> + <?php echo __('Use this form to delete the package (%s%s%s) from the AUR. ', + '<strong>', htmlspecialchars($pkgname), '</strong>' + ); + echo __('Deletion of a package is permanent. '); + echo __('Select the checkbox to confirm action.') ?> + </p> + <form action="<?php echo get_uri('/packages/'); ?>" method="post"> + <fieldset> + <input type="hidden" name="IDs[<?php echo $pkgid ?>]" value="1" /> + <input type="hidden" name="ID" value="<?php echo $pkgid ?>" /> + <input type="hidden" name="token" value="<?php echo htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <p><input type="checkbox" name="confirm_Delete" value="1" /> + <?php echo __("Confirm package deletion") ?></p> + <p><input type="submit" class="button" name="do_Delete" value="<?php echo __("Delete") ?>" /></p> + </fieldset> + </form> +</div> + +<?php else: + print __("Only Trusted Users and Developers can delete packages."); +endif; + +html_footer(AUR_VERSION);
You're still using the deprecated "<?php echo" and <?php print" syntax here. It would be great if this could be revised to use the new shortcut syntax.
My mistake. I knew you wanted to use the shortcut syntax in the /template files. I didn't know you also wanted it in the /html files from now on. I'll re-send it later. Thanks!
diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index 4e9e073..dcc086b 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -54,6 +54,9 @@ $sources = package_sources($row["ID"]); <?php else: ?> <li><a href="<?= get_pkg_uri($row['Name']) . 'notify/'; ?>"><?= __('Notify of new comments'); ?></a></li> <?php endif; ?> + <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <li><a href="<?= get_pkg_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> + <?php endif; ?> <?php endif; ?> </ul> <?php if ($uid): ?> -- 1.7.12.1
Package actions now have a separate box on the package details page. Make a package deletion link in that box. Link leads to a new page (pkgdel.php) that can be used to confirm package deletion. A separate page with confirmation is used to avoid CSRFs. Signed-off-by: canyonknight <canyonknight@gmail.com> --- web/html/index.php | 3 +++ web/html/pkgdel.php | 44 ++++++++++++++++++++++++++++++++++++++++++++ web/template/pkg_details.php | 3 +++ 3 files changed, 50 insertions(+) create mode 100644 web/html/pkgdel.php diff --git a/web/html/index.php b/web/html/index.php index ce8fa52..3fe6338 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { case "unflag": $_POST['do_UnFlag'] = __('UnFlag'); break; + case "delete": + include('pkgdel.php'); + return; } if (isset($_COOKIE['AURSID'])) { diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php new file mode 100644 index 0000000..7f244eb --- /dev/null +++ b/web/html/pkgdel.php @@ -0,0 +1,44 @@ +<?php + +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); + +include_once("aur.inc.php"); +include_once("pkgfuncs.inc.php"); + +set_lang(); +check_sid(); + +html_header(__("Package Deletion")); + +$atype = ""; + +if (isset($_COOKIE["AURSID"])) { + $atype = account_from_sid($_COOKIE["AURSID"]); +} + +if ($atype == "Trusted User" || $atype == "Developer"): ?> +<div class="box"> + <h2><?= __('Delete Package: %s', htmlspecialchars($pkgname)) ?></h2> + <p> + <?= __('Use this form to delete the package (%s%s%s) from the AUR. ', + '<strong>', htmlspecialchars($pkgname), '</strong>'); ?> + <?= __('Deletion of a package is permanent. '); ?> + <?= __('Select the checkbox to confirm action.') ?> + </p> + <form action="<?= get_uri('/packages/'); ?>" method="post"> + <fieldset> + <input type="hidden" name="IDs[<?= $pkgid ?>]" value="1" /> + <input type="hidden" name="ID" value="<?= $pkgid ?>" /> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <p><input type="checkbox" name="confirm_Delete" value="1" /> + <?= __("Confirm package deletion") ?></p> + <p><input type="submit" class="button" name="do_Delete" value="<?= __("Delete") ?>" /></p> + </fieldset> + </form> +</div> + +<?php else: + print __("Only Trusted Users and Developers can delete packages."); +endif; + +html_footer(AUR_VERSION); diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php index 4e9e073..dcc086b 100644 --- a/web/template/pkg_details.php +++ b/web/template/pkg_details.php @@ -54,6 +54,9 @@ $sources = package_sources($row["ID"]); <?php else: ?> <li><a href="<?= get_pkg_uri($row['Name']) . 'notify/'; ?>"><?= __('Notify of new comments'); ?></a></li> <?php endif; ?> + <?php if ($atype == "Trusted User" || $atype == "Developer"): ?> + <li><a href="<?= get_pkg_uri($row['Name']) . 'delete/'; ?>"><?= __('Delete Package'); ?></a></li> + <?php endif; ?> <?php endif; ?> </ul> <?php if ($uid): ?> -- 1.7.12.1
participants (3)
-
canyonknight
-
canyonknight@gmail.com
-
Lukas Fleischer