summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-02-26Add missing foreign keys and constraints to the DB.Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-26Use a real sync algorithm in aurblup (fixes FS#23039).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-25Reject blacklisted packages on initial submission only.Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-23Protect users against ZIP bombs (fixes FS#22991).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-23Add a per-user session limit (fixes FS#12898).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-22Add ability to search for non-out-of-date packages (fixes FS#17896).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-21Reject packages with subdirectories (fixes FS#22995).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-21Fix typo in "web/lib/pkgfuncs.inc".Wieland Hoffmann
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-21Make persistent cookie timeout configurable via "config.inc" (FS#22994).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-21Automatically adopt when updating an orphan package (fixes FS#22992).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-21Use move_uploaded_file() instead of rename() in "pkgsubmit.php".Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-20Release 1.8.0.1.8.0Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-18Add myself to "AUTHORS".Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-18"TODO" cleanup.Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-18Support for langauges written right-to-leftPyroPeter
Signed-off-by: PyroPeter <abi1789@googlemail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-18pkg_search_results: replace blind-table with floating divsPyroPeter
* I tried to remove errors in the sgml-structure e.g.: <div> <?php if (foo) { ?> </div> <?php } ?> * I did not remove or add code (except the <table> and <div> stuff, of cause). I only changed the order of the html/php-tags. * The bottom and top of the script are now properly indented. I did not indent the middle part (table of search results) because that would render the diff completely useless. Signed-off-by: PyroPeter <abi1789@googlemail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-17pkg_search_results: rewrite of paginationPyroPeter
* Most of the PHP-code was moved to pkgfuncs.php to keep the template simple. Signed-off-by: PyroPeter <abi1789@googlemail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-15Add note on InnoDB compatibility to "UPGRADING".Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-11Add note about aurblup to "UPGRADING".Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-11Update aurblup "README".Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-11Use VARCHAR instead of CHAR in "PackageBlacklist" table.Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-11Add support for MySQL transactions to aurblup.Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-11Fix typos in aurblup source and "README".Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-11Add packages' provides and replaces to the blacklist in aurblup.Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-11Fix memory leak in aurblup.Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-11Add AUR package blacklist updater (aurblup).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-11Add a package name blacklist.Lukas Fleischer
Can be used to blacklist package names for normal users. TUs and developers are not affected. This is especially useful if used together with a cron job that updates the blacklist periodically, e.g. to reject packages which are available in the binary repos (FS#12902). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-10Remove unused fulltext index from "Packages" table.Lukas Fleischer
Drop fulltext indexes, which prevent the use of InnoDB, from "Packages" table. All search routines use "LIKE" patterns, so fulltext search has actually never been used. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-09Minor bugfix in pkg_change_category().Lukas Fleischer
This cleans up some broken MySQL query introduced by commit 57a5cbfd. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-09Use VARCHAR instead of CHAR where appropriate.Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-08Show submitter in package details (fixes FS#15488).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-02Minor variable parser bug fix (cf. commits 492c8c66, 7a58e99e).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-02Parse versioned deps correctly when using "<" or ">" (fixes FS#22679).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-01Drop "PackageContents" table and references.Lukas Fleischer
We don't even touch source tarballs anymore - except for extracting the PKGBUILD, so this is no longer needed. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-01Remove "FSPath" column from "Packages" table.Lukas Fleischer
This field is not used anymore, so drop it from the table and remove all references. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-01Improve PKGBUILD variable parser correctness (cf. commit 492c8c66).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-02-01Drop PackageLocations table and referencesDan McGee
We don't need this anymore since all packages managed here are well...managed here. Rip out all of the places we were using this field, many of which depended on the magic value '2' anyway. On the display side of things, we had a column that was always showing 'unsupported' that is now gone, and you can no longer sort by this column. Signed-off-by: Dan McGee <dan@archlinux.org> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-28Avoid infinite loop in PKGBUILD variable parser (fixes FS#19482).Lukas Fleischer
Improves variable substitution in the PKGBUILD parser a bit to avoid infinite replacement loops when a PKGBUILD contains assigments of the form "foo=${foo[@]}bar". Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-28aurjson: Escape wildcards in "LIKE" patterns (fixes FS#18626).Lukas Fleischer
Percent signs ("%") and underscores ("_") are not escaped by mysql_real_escape_string() and are interpreted as wildcards if combined with "LIKE", so we need to deal with them separately. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-28Use UTF-8 in RSS feeds (fixes FS#10706).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-25Replaced rm_rf() by rm_tree().Lukas Fleischer
Implemented recursive directory deletion in PHP properly without the use of exec(). This improves security, performance and portability and makes the code compatible with PHP's Safe Mode as well as with PHP setups that disable exec() using the "disable_functions" directive. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-25Removed links to internal sources from package details.Lukas Fleischer
Tarball extraction code has been removed in commit ec0dfc27deb246ee7d7f19fd5290e499805869d2, so links to package sources contained in the source tarball itself will no longer be accessible through the AUR frontend. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-24Use "python2" shebang for "newpackage-notify" and "gendummydata.py".Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-24Build URLs from package names (fixes FS#15308, FS#19327).Lukas Fleischer
Drop the "URLPath" field from the "Packages" table, build URLs from package names instead. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-20Black fonts for out-of-date rows in search results (fixes FS#20514).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-20Implemented "First" and "Last" link for search results (fixes FS#15690).Lukas Fleischer
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-19Removed code for tarball extraction.Lukas Fleischer
Automatic tarball extraction was vulnerable in different ways. Users should also only use source tarballs to build packages, so this has been removed completely. From now on, only the PKGBUILD is extracted in a secure manner. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-19Do not overwrite package details when adding comments (fixes FS#22075).Lukas Fleischer
Ensure that the "$row" variable isn't overwritten in "web/template/pkg_comment_form.php" during sending mail notifications when adding a comment. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2011-01-19Make external links in comments clickable (FS#20137).Lukas Fleischer
Comments are now split at link boundaries and links are converted separately. I find this to be a much cleaner way than re-converting comments that have already been converted using htmlspecialchars(). This also doesn't require any callback procedure. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
2010-12-04Do not display current votes in All Votes, and rename it as Past VotesAndrea Scarpino
Signed-off-by: Loui Chang <louipc.ist@gmail.com>