[aur-dev] [PATCH 1/3] Do not return "None" in user functions

Lukas Fleischer archlinux at cryptocrack.de
Thu Jun 5 09:16:54 EDT 2014


Return null instead of the string "None" in username_from_id(),
uid_from_email() and uid_from_username().

Signed-off-by: Lukas Fleischer <archlinux at cryptocrack.de>
---
 web/html/passreset.php              |  2 +-
 web/lib/acctfuncs.inc.php           |  2 +-
 web/lib/aur.inc.php                 | 44 ++++++++++++++++++++-----------------
 web/template/pkg_details.php        | 18 +++++++--------
 web/template/pkgbase_details.php    | 18 +++++++--------
 web/template/tu_details.php         |  2 +-
 web/template/tu_last_votes_list.php |  4 ++--
 7 files changed, 47 insertions(+), 43 deletions(-)

diff --git a/web/html/passreset.php b/web/html/passreset.php
index 9541021..9d8e1ae 100644
--- a/web/html/passreset.php
+++ b/web/html/passreset.php
@@ -25,7 +25,7 @@ if (isset($_GET['resetkey'], $_POST['email'], $_POST['password'], $_POST['confir
 		$error = __('Missing a required field.');
 	} elseif ($password != $confirm) {
 		$error = __('Password fields do not match.');
-	} elseif ($uid == NULL || $uid == 'None') {
+	} elseif ($uid == null) {
 		$error = __('Invalid e-mail.');
 	}
 
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index 51ffec6..a996561 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -642,7 +642,7 @@ function send_resetkey($email, $subject, $body) {
 	global $AUR_LOCATION;
 
 	$uid = uid_from_email($email);
-	if ($uid != NULL && $uid != 'None') {
+	if ($uid != null) {
 		/*
 		 * We (ab)use new_sid() to get a random 32 characters long
 		 * string.
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
index 99f5ae4..3368696 100644
--- a/web/lib/aur.inc.php
+++ b/web/lib/aur.inc.php
@@ -135,20 +135,19 @@ function new_sid() {
  *
  * @param string $id User's ID
  *
- * @return string Username if it exists, otherwise "None"
+ * @return string Username if it exists, otherwise null
  */
-function username_from_id($id="") {
-	if (!$id) {
-		return "";
-	}
+function username_from_id($id) {
+	$id = intval($id);
+
 	$dbh = DB::connect();
 	$q = "SELECT Username FROM Users WHERE ID = " . $dbh->quote($id);
 	$result = $dbh->query($q);
 	if (!$result) {
-		return "None";
+		return null;
 	}
-	$row = $result->fetch(PDO::FETCH_NUM);
 
+	$row = $result->fetch(PDO::FETCH_NUM);
 	return $row[0];
 }
 
@@ -178,6 +177,17 @@ function username_from_sid($sid="") {
 }
 
 /**
+ * Format a user name for inclusion in HTML data
+ *
+ * @param string $username The user name to format
+ *
+ * @return void
+ */
+function html_format_username($username) {
+	return $username ? htmlspecialchars($username) : __("None");
+}
+
+/**
  * Determine the user's e-mail address in the database using a session ID
  *
  * @param string $sid User's session ID
@@ -363,20 +373,17 @@ function rm_tree($dirname) {
  *
  * @param string $username The username of an account
  *
- * @return string Return user ID if exists for username, otherwise "None"
+ * @return string Return user ID if exists for username, otherwise null
  */
-function uid_from_username($username="") {
-	if (!$username) {
-		return "";
-	}
+function uid_from_username($username) {
 	$dbh = DB::connect();
 	$q = "SELECT ID FROM Users WHERE Username = " . $dbh->quote($username);
 	$result = $dbh->query($q);
 	if (!$result) {
-		return "None";
+		return null;
 	}
-	$row = $result->fetch(PDO::FETCH_NUM);
 
+	$row = $result->fetch(PDO::FETCH_NUM);
 	return $row[0];
 }
 
@@ -387,18 +394,15 @@ function uid_from_username($username="") {
  *
  * @return string The user's ID
  */
-function uid_from_email($email="") {
-	if (!$email) {
-		return "";
-	}
+function uid_from_email($email) {
 	$dbh = DB::connect();
 	$q = "SELECT ID FROM Users WHERE Email = " . $dbh->quote($email);
 	$result = $dbh->query($q);
 	if (!$result) {
-		return "None";
+		return null;
 	}
-	$row = $result->fetch(PDO::FETCH_NUM);
 
+	$row = $result->fetch(PDO::FETCH_NUM);
 	return $row[0];
 }
 
diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php
index c813e35..6326d4e 100644
--- a/web/template/pkg_details.php
+++ b/web/template/pkg_details.php
@@ -261,12 +261,12 @@ if ($row["SubmitterUID"]):
 	if ($SID):
 		if (!$USE_VIRTUAL_URLS):
 ?>
-			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['SubmitterUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= htmlspecialchars($submitter) ?>"><?= htmlspecialchars($submitter) ?></a></td>
+			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['SubmitterUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($submitter) ?>"><?= html_format_username($submitter) ?></a></td>
 		<?php else: ?>
-			<td><a href="<?= get_uri('/account/') . htmlspecialchars($submitter, ENT_QUOTES) ?>" title="<?= __('View account information for %s', htmlspecialchars($submitter)) ?>"><?= htmlspecialchars($submitter) ?></a></td>
+			<td><a href="<?= get_uri('/account/') . html_format_username($submitter) ?>" title="<?= __('View account information for %s', html_format_username($submitter)) ?>"><?= html_format_username($submitter) ?></a></td>
 		<?php endif; ?>
 <?php else: ?>
-		<td><?= htmlspecialchars($submitter) ?></td>
+		<td><?= html_format_username($submitter) ?></td>
 	<?php endif; ?>
 <?php else: ?>
 			<td><?= __('None') ?></td>
@@ -279,12 +279,12 @@ if ($row["MaintainerUID"]):
 	if ($SID):
 		if (!$USE_VIRTUAL_URLS):
 ?>
-			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['MaintainerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= htmlspecialchars($maintainer) ?>"><?= htmlspecialchars($maintainer) ?></a></td>
+			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['MaintainerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($maintainer) ?>"><?= html_format_username($maintainer) ?></a></td>
 		<?php else: ?>
-			<td><a href="<?= get_uri('/account/') . htmlspecialchars($maintainer, ENT_QUOTES) ?>" title="<?= __('View account information for %s', htmlspecialchars($maintainer)) ?>"><?= htmlspecialchars($maintainer) ?></a></td>
+			<td><a href="<?= get_uri('/account/') . html_format_username($maintainer) ?>" title="<?= __('View account information for %s', html_format_username($maintainer)) ?>"><?= html_format_username($maintainer) ?></a></td>
 		<?php endif; ?>
 	<?php else: ?>
-		<td><?= htmlspecialchars($maintainer) ?></td>
+		<td><?= html_format_username($maintainer) ?></td>
 	<?php endif; ?>
 <?php else: ?>
 			<td><?= __('None') ?></td>
@@ -297,12 +297,12 @@ if ($row["PackagerUID"]):
 	if ($SID):
 		if (!$USE_VIRTUAL_URLS):
 ?>
-			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['PackagerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= htmlspecialchars($packager) ?>"><?= htmlspecialchars($packager) ?></a></td>
+			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['PackagerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($packager) ?>"><?= html_format_username($packager) ?></a></td>
 		<?php else: ?>
-			<td><a href="<?= get_uri('/account/') . htmlspecialchars($packager, ENT_QUOTES) ?>" title="<?= __('View account information for %s', htmlspecialchars($packager)) ?>"><?= htmlspecialchars($packager) ?></a></td>
+			<td><a href="<?= get_uri('/account/') . html_format_username($packager) ?>" title="<?= __('View account information for %s', html_format_username($packager)) ?>"><?= html_format_username($packager) ?></a></td>
 		<?php endif; ?>
 	<?php else: ?>
-		<td><?= htmlspecialchars($packager) ?></td>
+		<td><?= html_format_username($packager) ?></td>
 	<?php endif; ?>
 <?php else: ?>
 			<td><?= __('None') ?></td>
diff --git a/web/template/pkgbase_details.php b/web/template/pkgbase_details.php
index da9a962..6c617bf 100644
--- a/web/template/pkgbase_details.php
+++ b/web/template/pkgbase_details.php
@@ -144,12 +144,12 @@ if ($row["SubmitterUID"]):
 	if ($SID):
 		if (!$USE_VIRTUAL_URLS):
 ?>
-			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['SubmitterUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= htmlspecialchars($submitter) ?>"><?= htmlspecialchars($submitter) ?></a></td>
+			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['SubmitterUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($submitter) ?>"><?= html_format_username($submitter) ?></a></td>
 		<?php else: ?>
-			<td><a href="<?= get_uri('/account/') . htmlspecialchars($submitter, ENT_QUOTES) ?>" title="<?= __('View account information for %s', htmlspecialchars($submitter)) ?>"><?= htmlspecialchars($submitter) ?></a></td>
+			<td><a href="<?= get_uri('/account/') . html_format_username($submitter, ENT_QUOTES) ?>" title="<?= __('View account information for %s', html_format_username($submitter)) ?>"><?= html_format_username($submitter) ?></a></td>
 		<?php endif; ?>
 <?php else: ?>
-		<td><?= htmlspecialchars($submitter) ?></td>
+		<td><?= html_format_username($submitter) ?></td>
 	<?php endif; ?>
 <?php else: ?>
 			<td><?= __('None') ?></td>
@@ -162,12 +162,12 @@ if ($row["MaintainerUID"]):
 	if ($SID):
 		if (!$USE_VIRTUAL_URLS):
 ?>
-			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['MaintainerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= htmlspecialchars($maintainer) ?>"><?= htmlspecialchars($maintainer) ?></a></td>
+			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['MaintainerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($maintainer) ?>"><?= html_format_username($maintainer) ?></a></td>
 		<?php else: ?>
-			<td><a href="<?= get_uri('/account/') . htmlspecialchars($maintainer, ENT_QUOTES) ?>" title="<?= __('View account information for %s', htmlspecialchars($maintainer)) ?>"><?= htmlspecialchars($maintainer) ?></a></td>
+			<td><a href="<?= get_uri('/account/') . html_format_username($maintainer) ?>" title="<?= __('View account information for %s', html_format_username($maintainer)) ?>"><?= html_format_username($maintainer) ?></a></td>
 		<?php endif; ?>
 	<?php else: ?>
-		<td><?= htmlspecialchars($maintainer) ?></td>
+		<td><?= html_format_username($maintainer) ?></td>
 	<?php endif; ?>
 <?php else: ?>
 			<td><?= __('None') ?></td>
@@ -180,12 +180,12 @@ if ($row["PackagerUID"]):
 	if ($SID):
 		if (!$USE_VIRTUAL_URLS):
 ?>
-			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['PackagerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= htmlspecialchars($packager) ?>"><?= htmlspecialchars($packager) ?></a></td>
+			<td><a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['PackagerUID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($packager) ?>"><?= html_format_username($packager) ?></a></td>
 		<?php else: ?>
-			<td><a href="<?= get_uri('/account/') . htmlspecialchars($packager, ENT_QUOTES) ?>" title="<?= __('View account information for %s', htmlspecialchars($packager)) ?>"><?= htmlspecialchars($packager) ?></a></td>
+			<td><a href="<?= get_uri('/account/') . html_format_username($packager) ?>" title="<?= __('View account information for %s', html_format_username($packager)) ?>"><?= html_format_username($packager) ?></a></td>
 		<?php endif; ?>
 	<?php else: ?>
-		<td><?= htmlspecialchars($packager) ?></td>
+		<td><?= html_format_username($packager) ?></td>
 	<?php endif; ?>
 <?php else: ?>
 			<td><?= __('None') ?></td>
diff --git a/web/template/tu_details.php b/web/template/tu_details.php
index fca1815..38f6c0d 100644
--- a/web/template/tu_details.php
+++ b/web/template/tu_details.php
@@ -39,7 +39,7 @@ if ($yes > $active_tus / 2) {
 			<?php endif; ?>
 		</strong>
 		<br />
-		<?= __("Submitted: %s by %s", gmdate("Y-m-d H:i", $row['Submitted']), username_from_id($row['SubmitterID'])) ?>
+		<?= __("Submitted: %s by %s", gmdate("Y-m-d H:i", $row['Submitted']), html_format_username(username_from_id($row['SubmitterID']))) ?>
 		<br />
 		<?= __("End") ?>:
 		<strong><?= gmdate("Y-m-d H:i", $row['End']) ?></strong>
diff --git a/web/template/tu_last_votes_list.php b/web/template/tu_last_votes_list.php
index 090ce8d..e897a6a 100644
--- a/web/template/tu_last_votes_list.php
+++ b/web/template/tu_last_votes_list.php
@@ -22,9 +22,9 @@
 			<tr class="<?= $c ?>">
 				<td>
 					<?php if (!$USE_VIRTUAL_URLS): ?>
-					<a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['UserID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= htmlspecialchars($username) ?>"><?= htmlspecialchars($username) ?></a></td>
+					<a href="<?= get_uri('/account/'); ?>?Action=AccountInfo&ID=<?= htmlspecialchars($row['UserID'], ENT_QUOTES) ?>" title="<?= __('View account information for')?> <?= html_format_username($username) ?>"><?= html_format_username($username) ?></a></td>
 					<?php else: ?>
-					<a href="<?= get_uri('/account/') . htmlspecialchars($username, ENT_QUOTES) ?>" title="<?= __('View account information for %s', htmlspecialchars($username)) ?>"><?= htmlspecialchars($username) ?></a>
+					<a href="<?= get_uri('/account/') . html_format_username($username) ?>" title="<?= __('View account information for %s', html_format_username($username)) ?>"><?= html_format_username($username) ?></a>
 					<?php endif; ?>
 				</td>
 				<td>
-- 
2.0.0



More information about the aur-dev mailing list