pkgfuncs.inc.php 26.7 KB
Newer Older
1
<?php
2

3
include_once("pkgbasefuncs.inc.php");
eric's avatar
eric committed
4

5
6
7
8
9
10
11
12
13
14
/**
 * Determine if the user can delete a specific package comment
 *
 * Only the comment submitter, Trusted Users, and Developers can delete
 * comments. This function is used for the backend side of comment deletion.
 *
 * @param string $comment_id The comment ID in the database
 *
 * @return bool True if the user can delete the comment, otherwise false
 */
Lukas Fleischer's avatar
Lukas Fleischer committed
15
function can_delete_comment($comment_id=0) {
16
	$dbh = DB::connect();
Lukas Fleischer's avatar
Lukas Fleischer committed
17

18
19
	$q = "SELECT UsersID FROM PackageComments ";
	$q.= "WHERE ID = " . intval($comment_id);
canyonknight's avatar
canyonknight committed
20
	$result = $dbh->query($q);
Lukas Fleischer's avatar
Lukas Fleischer committed
21
22
23

	if (!$result) {
		return false;
24
	}
Lukas Fleischer's avatar
Lukas Fleischer committed
25

26
27
28
	$uid = $result->fetch(PDO::FETCH_COLUMN, 0);

	return has_credential(CRED_COMMENT_DELETE, array($uid));
29
}
eric's avatar
eric committed
30

31
32
33
34
35
36
37
38
39
40
/**
 * Determine if the user can delete a specific package comment using an array
 *
 * Only the comment submitter, Trusted Users, and Developers can delete
 * comments. This function is used for the frontend side of comment deletion.
 *
 * @param array $comment All database information relating a specific comment
 *
 * @return bool True if the user can delete the comment, otherwise false
 */
Lukas Fleischer's avatar
Lukas Fleischer committed
41
42
function can_delete_comment_array($comment) {
	return has_credential(CRED_COMMENT_DELETE, array($comment['UsersID']));
43
44
}

45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
/**
 * Determine if the user can edit a specific package comment
 *
 * Only the comment submitter, Trusted Users, and Developers can edit
 * comments. This function is used for the backend side of comment editing.
 *
 * @param string $comment_id The comment ID in the database
 *
 * @return bool True if the user can edit the comment, otherwise false
 */
function can_edit_comment($comment_id=0) {
	$dbh = DB::connect();

	$q = "SELECT UsersID FROM PackageComments ";
	$q.= "WHERE ID = " . intval($comment_id);
	$result = $dbh->query($q);

	if (!$result) {
		return false;
	}

	$uid = $result->fetch(PDO::FETCH_COLUMN, 0);

	return has_credential(CRED_COMMENT_EDIT, array($uid));
}

Marcel Korpel's avatar
Marcel Korpel committed
71
72
73
74
75
76
77
78
79
80
81
82
83
84
/**
 * Determine if the user can edit a specific package comment using an array
 *
 * Only the comment submitter, Trusted Users, and Developers can edit
 * comments. This function is used for the frontend side of comment editing.
 *
 * @param array $comment All database information relating a specific comment
 *
 * @return bool True if the user can edit the comment, otherwise false
 */
function can_edit_comment_array($comment) {
	return has_credential(CRED_COMMENT_EDIT, array($comment['UsersID']));
}

85
86
87
/**
 * Determine if the user can pin a specific package comment
 *
88
89
90
 * Only the Package Maintainer, Package Co-maintainers, Trusted Users, and
 * Developers can pin comments. This function is used for the backend side of
 * comment pinning.
91
92
93
94
95
96
97
98
99
100
 *
 * @param string $comment_id The comment ID in the database
 *
 * @return bool True if the user can pin the comment, otherwise false
 */
function can_pin_comment($comment_id=0) {
	$dbh = DB::connect();

	$q = "SELECT MaintainerUID FROM PackageBases AS pb ";
	$q.= "LEFT JOIN PackageComments AS pc ON pb.ID = pc.PackageBaseID ";
101
102
	$q.= "WHERE pc.ID = " . intval($comment_id) . " ";
	$q.= "UNION ";
103
	$q.= "SELECT pcm.UsersID FROM PackageComaintainers AS pcm ";
104
105
	$q.= "LEFT JOIN PackageComments AS pc ";
	$q.= "ON pcm.PackageBaseID = pc.PackageBaseID ";
106
107
108
109
110
111
112
	$q.= "WHERE pc.ID = " . intval($comment_id);
	$result = $dbh->query($q);

	if (!$result) {
		return false;
	}

113
	$uids = $result->fetchAll(PDO::FETCH_COLUMN, 0);
114

115
	return has_credential(CRED_COMMENT_PIN, $uids);
116
117
118
119
120
}

/**
 * Determine if the user can edit a specific package comment using an array
 *
121
122
123
 * Only the Package Maintainer, Package Co-maintainers, Trusted Users, and
 * Developers can pin comments. This function is used for the frontend side of
 * comment pinning.
124
125
126
127
128
129
130
131
132
 *
 * @param array $comment All database information relating a specific comment
 *
 * @return bool True if the user can edit the comment, otherwise false
 */
function can_pin_comment_array($comment) {
	return can_pin_comment($comment['ID']);
}

133
134
135
136
137
138
139
/**
 * Check to see if the package name already exists in the database
 *
 * @param string $name The package name to check
 *
 * @return string|void Package name if it already exists
 */
140
function pkg_from_name($name="") {
141
	if (!$name) {return NULL;}
142
	$dbh = DB::connect();
143
	$q = "SELECT ID FROM Packages ";
canyonknight's avatar
canyonknight committed
144
145
146
147
148
149
	$q.= "WHERE Name = " . $dbh->quote($name);
	$result = $dbh->query($q);
	if (!$result) {
		return;
	}
	$row = $result->fetch(PDO::FETCH_NUM);
150
151
152
	return $row[0];
}

153
154
155
156
157
158
159
160
161
/**
 * Get licenses for a specific package
 *
 * @param int $pkgid The package to get licenses for
 *
 * @return array All licenses for the package
 */
function pkg_licenses($pkgid) {
	$pkgid = intval($pkgid);
162
163
	if (!$pkgid) {
		return array();
164
	}
165
166
167
	$q = "SELECT l.Name FROM Licenses l ";
	$q.= "INNER JOIN PackageLicenses pl ON pl.LicenseID = l.ID ";
	$q.= "WHERE pl.PackageID = ". $pkgid;
168
169
	$ttl = config_get_int('options', 'cache_pkginfo_ttl');
	$rows = db_cache_result($q, 'licenses:' . $pkgid, PDO::FETCH_NUM, $ttl);
170
	return array_map(function ($x) { return $x[0]; }, $rows);
171
172
}

173
174
175
176
177
178
179
180
181
/**
 * Get package groups for a specific package
 *
 * @param int $pkgid The package to get groups for
 *
 * @return array All package groups for the package
 */
function pkg_groups($pkgid) {
	$pkgid = intval($pkgid);
182
183
	if (!$pkgid) {
		return array();
184
	}
185
186
187
	$q = "SELECT g.Name FROM `Groups` g ";
	$q.= "INNER JOIN PackageGroups pg ON pg.GroupID = g.ID ";
	$q.= "WHERE pg.PackageID = ". $pkgid;
188
189
	$ttl = config_get_int('options', 'cache_pkginfo_ttl');
	$rows = db_cache_result($q, 'groups:' . $pkgid, PDO::FETCH_NUM, $ttl);
190
	return array_map(function ($x) { return $x[0]; }, $rows);
191
192
}

193
194
195
196
197
198
199
200
201
202
/**
 * Get providers for a specific package
 *
 * @param string $name The name of the "package" to get providers for
 *
 * @return array The IDs and names of all providers of the package
 */
function pkg_providers($name) {
	$dbh = DB::connect();
	$q = "SELECT p.ID, p.Name FROM Packages p ";
203
204
205
	$q.= "WHERE p.Name = " . $dbh->quote($name) . " ";
	$q.= "UNION ";
	$q.= "SELECT p.ID, p.Name FROM Packages p ";
206
207
	$q.= "LEFT JOIN PackageRelations pr ON pr.PackageID = p.ID ";
	$q.= "LEFT JOIN RelationTypes rt ON rt.ID = pr.RelTypeID ";
208
	$q.= "WHERE (rt.Name = 'provides' ";
209
	$q.= "AND pr.RelName = " . $dbh->quote($name) . ")";
210
211
212
	$q.= "UNION ";
	$q.= "SELECT 0, Name FROM OfficialProviders ";
	$q.= "WHERE Provides = " . $dbh->quote($name);
213
214
	$ttl = config_get_int('options', 'cache_pkginfo_ttl');
	return db_cache_result($q, 'providers:' . $name, PDO::FETCH_NUM, $ttl);
215
216
}

217
218
219
220
/**
 * Get package dependencies for a specific package
 *
 * @param int $pkgid The package to get dependencies for
221
 * @param int $limit An upper bound for the number of packages to retrieve
222
223
224
 *
 * @return array All package dependencies for the package
 */
225
function pkg_dependencies($pkgid, $limit) {
226
	$pkgid = intval($pkgid);
227
228
	if (!$pkgid) {
		return array();
229
	}
230
231
232
233
234
235
236
	$q = "SELECT pd.DepName, dt.Name, pd.DepDesc, ";
	$q.= "pd.DepCondition, pd.DepArch, p.ID ";
	$q.= "FROM PackageDepends pd ";
	$q.= "LEFT JOIN Packages p ON pd.DepName = p.Name ";
	$q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID ";
	$q.= "WHERE pd.PackageID = ". $pkgid . " ";
	$q.= "ORDER BY pd.DepName LIMIT " . intval($limit);
237
238
	$ttl = config_get_int('options', 'cache_pkginfo_ttl');
	return db_cache_result($q, 'dependencies:' . $pkgid, PDO::FETCH_NUM, $ttl);
239
240
}

241
242
243
244
245
246
247
248
249
/**
 * Get package relations for a specific package
 *
 * @param int $pkgid The package to get relations for
 *
 * @return array All package relations for the package
 */
function pkg_relations($pkgid) {
	$pkgid = intval($pkgid);
250
251
	if (!$pkgid) {
		return array();
252
	}
253
254
255
256
257
	$q = "SELECT pr.RelName, rt.Name, pr.RelCondition, pr.RelArch, p.ID FROM PackageRelations pr ";
	$q.= "LEFT JOIN Packages p ON pr.RelName = p.Name ";
	$q.= "LEFT JOIN RelationTypes rt ON rt.ID = pr.RelTypeID ";
	$q.= "WHERE pr.PackageID = ". $pkgid . " ";
	$q.= "ORDER BY pr.RelName";
258
259
	$ttl = config_get_int('options', 'cache_pkginfo_ttl');
	return db_cache_result($q, 'relations:' . $pkgid, PDO::FETCH_NUM, $ttl);
260
261
}

262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
/**
 * Get the HTML code to display a package dependency link annotation
 * (dependency type, architecture, ...)
 *
 * @param string $type The name of the dependency type
 * @param string $arch The package dependency architecture
 * @param string $desc An optdepends description
 *
 * @return string The HTML code of the label to display
 */
function pkg_deplink_annotation($type, $arch, $desc=false) {
	if ($type == 'depends' && !$arch) {
		return '';
	}

	$link = ' <em>(';

	if ($type == 'makedepends') {
		$link .= 'make';
	} elseif ($type == 'checkdepends') {
		$link .= 'check';
	} elseif ($type == 'optdepends') {
		$link .= 'optional';
	}

	if ($type != 'depends' && $arch) {
		$link .= ', ';
	}

	if ($arch) {
		$link .= htmlspecialchars($arch);
	}

	$link .= ')';
	if ($type == 'optdepends' && $desc) {
		$link .= ' &ndash; ' . htmlspecialchars($desc) . ' </em>';
	}
	$link .= '</em>';

	return $link;
}

304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
/**
 * Get the HTML code to display a package provider link
 *
 * @param string $name The name of the provider
 * @param bool $official True if the package is in the official repositories
 *
 * @return string The HTML code of the link to display
 */
function pkg_provider_link($name, $official) {
	$link = '<a href="';
	if ($official) {
		$link .= 'https://www.archlinux.org/packages/?q=' .
			urlencode($name);
	} else {
		$link .= htmlspecialchars(get_pkg_uri($name), ENT_QUOTES);
	}
	$link .= '" title="' . __('View packages details for') . ' ';
	$link .= htmlspecialchars($name) . '">';
	$link .= htmlspecialchars($name) . '</a>';

	return $link;
}

327
328
329
330
331
/**
 * Get the HTML code to display a package dependency link
 *
 * @param string $name The name of the dependency
 * @param string $type The name of the dependency type
332
 * @param string $desc The (optional) description of the dependency
333
 * @param string $cond The package dependency condition string
334
 * @param string $arch The package dependency architecture
335
336
337
338
 * @param int $pkg_id The package of the package to display the dependency for
 *
 * @return string The HTML code of the label to display
 */
339
function pkg_depend_link($name, $type, $desc, $cond, $arch, $pkg_id) {
340
341
342
343
344
345
346
347
	/*
	 * TODO: We currently perform one SQL query per nonexistent package
	 * dependency. It would be much better if we could annotate dependency
	 * data with providers so that we already know whether a dependency is
	 * a "provision name" or a package from the official repositories at
	 * this point.
	 */
	$providers = pkg_providers($name);
348

349
350
351
352
353
354
355
356
357
	if (count($providers) == 0) {
		$link = '<span class="broken">';
		$link .= htmlspecialchars($name);
		$link .= '</span>';
		$link .= htmlspecialchars($cond) . ' ';
		$link .= pkg_deplink_annotation($type, $arch, $desc);
		return $link;
	}

358
359
360
361
362
363
364
365
366
	$link = htmlspecialchars($name);
	foreach ($providers as $provider) {
		if ($provider[1] == $name) {
			$is_official = ($provider[0] == 0);
			$name = $provider[1];
			$link = pkg_provider_link($name, $is_official);
			break;
		}
	}
367
	$link .= htmlspecialchars($cond) . ' ';
368
369
370
371
372
373
374

	foreach ($providers as $key => $provider) {
		if ($provider[1] == $name) {
			unset($providers[$key]);
		}
	}

375
376
377
	if (count($providers) > 0) {
		$link .= '<span class="virtual-dep">(';
		foreach ($providers as $provider) {
378
			$is_official = ($provider[0] == 0);
379
			$name = $provider[1];
380
			$link .= pkg_provider_link($name, $is_official) . ', ';
381
382
383
		}
		$link = substr($link, 0, -2);
		$link .= ')</span>';
384
385
	}

386
387
388
	$link .= pkg_deplink_annotation($type, $arch, $desc);

	return $link;
389
}
390

391
392
393
394
/**
 * Get the HTML code to display a package requirement link
 *
 * @param string $name The name of the requirement
395
 * @param string $depends The (literal) name of the dependency of $name
396
397
 * @param string $type The name of the dependency type
 * @param string $arch The package dependency architecture
398
 * @param string $pkgname The name of dependant package
399
400
401
 *
 * @return string The HTML code of the link to display
 */
402
function pkg_requiredby_link($name, $depends, $type, $arch, $pkgname) {
403
404
405
406
407
	$link = '<a href="';
	$link .= htmlspecialchars(get_pkg_uri($name), ENT_QUOTES);
	$link .= '" title="' . __('View packages details for') .' ' . htmlspecialchars($name) . '">';
	$link .= htmlspecialchars($name) . '</a>';

408
409
	if ($depends != $pkgname) {
		$link .= ' <span class="virtual-dep">(';
410
		$link .= __('requires %s', htmlspecialchars($depends));
411
412
413
		$link .= ')</span>';
	}

414
	return $link . pkg_deplink_annotation($type, $arch);
415
}
416

417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
/**
 * Get the HTML code to display a package relation
 *
 * @param string $name The name of the relation
 * @param string $cond The package relation condition string
 * @param string $arch The package relation architecture
 *
 * @return string The HTML code of the label to display
 */
function pkg_rel_html($name, $cond, $arch) {
	$html = htmlspecialchars($name) . htmlspecialchars($cond);

	if ($arch) {
		$html .= ' <em>(' . htmlspecialchars($arch) . ')</em>';
	}

	return $html;
}

436
437
438
439
440
/**
 * Get the HTML code to display a source link
 *
 * @param string $url The URL of the source
 * @param string $arch The source architecture
441
 * @param string $package The name of the package
442
443
444
 *
 * @return string The HTML code of the label to display
 */
445
function pkg_source_link($url, $arch, $package) {
446
447
448
449
450
451
	$url = explode('::', $url);
	$parsed_url = parse_url($url[0]);

	if (isset($parsed_url['scheme']) || isset($url[1])) {
		$link = '<a href="' .  htmlspecialchars((isset($url[1]) ? $url[1] : $url[0]), ENT_QUOTES) . '">' . htmlspecialchars($url[0]) . '</a>';
	} else {
452
453
		$file_url = sprintf(config_get('options', 'source_file_uri'), htmlspecialchars($url[0]), $package);
		$link = '<a href="' . $file_url . '">' . htmlspecialchars($url[0]) . '</a>';
454
455
456
457
458
459
460
461
462
	}

	if ($arch) {
		$link .= ' <em>(' . htmlspecialchars($arch) . ')</em>';
	}

	return $link;
}

463
464
465
466
/**
 * Determine packages that depend on a package
 *
 * @param string $name The package name for the dependency search
467
 * @param array $provides A list of virtual provisions of the package
468
 * @param int $limit An upper bound for the number of packages to retrieve
469
470
471
 *
 * @return array All packages that depend on the specified package name
 */
472
function pkg_required($name="", $provides, $limit) {
473
	$deps = array();
Dan McGee's avatar
Dan McGee committed
474
	if ($name != "") {
475
		$dbh = DB::connect();
476
477
478
479
480
481

		$name_list = $dbh->quote($name);
		foreach ($provides as $p) {
			$name_list .= ',' . $dbh->quote($p[0]);
		}

482
483
		$q = "SELECT p.Name, pd.DepName, dt.Name, pd.DepArch ";
		$q.= "FROM PackageDepends pd ";
484
485
		$q.= "LEFT JOIN Packages p ON p.ID = pd.PackageID ";
		$q.= "LEFT JOIN DependencyTypes dt ON dt.ID = pd.DepTypeID ";
486
		$q.= "WHERE pd.DepName IN (" . $name_list . ") ";
487
		$q.= "ORDER BY p.Name LIMIT " . intval($limit);
canyonknight's avatar
canyonknight committed
488
		$result = $dbh->query($q);
489
		if (!$result) {return array();}
canyonknight's avatar
canyonknight committed
490
		while ($row = $result->fetch(PDO::FETCH_NUM)) {
491
492
493
494
495
496
			$deps[] = $row;
		}
	}
	return $deps;
}

497
498
499
500
501
502
503
/**
 * Get all package sources for a specific package
 *
 * @param string $pkgid The package ID to get the sources for
 *
 * @return array All sources associated with a specific package
 */
504
function pkg_sources($pkgid) {
505
	$sources = array();
506
507
	$pkgid = intval($pkgid);
	if ($pkgid > 0) {
508
		$dbh = DB::connect();
509
		$q = "SELECT Source, SourceArch FROM PackageSources ";
510
		$q.= "WHERE PackageID = " . $pkgid;
511
		$q.= " ORDER BY Source";
canyonknight's avatar
canyonknight committed
512
513
514
515
516
		$result = $dbh->query($q);
		if (!$result) {
			return array();
		}
		while ($row = $result->fetch(PDO::FETCH_NUM)) {
517
			$sources[] = $row;
518
519
520
521
522
		}
	}
	return $sources;
}

523
/**
524
 * Get the package details
525
 *
526
 * @param string $id The package ID to get description for
527
 *
528
529
 * @return array The package's details OR error message
 **/
530
function pkg_get_details($id=0) {
531
	$dbh = DB::connect();
532

533
	$q = "SELECT Packages.*, PackageBases.ID AS BaseID, ";
534
535
	$q.= "PackageBases.Name AS BaseName, PackageBases.NumVotes, ";
	$q.= "PackageBases.Popularity, PackageBases.OutOfDateTS, ";
536
537
	$q.= "PackageBases.SubmittedTS, PackageBases.ModifiedTS, ";
	$q.= "PackageBases.SubmitterUID, PackageBases.MaintainerUID, ";
538
	$q.= "PackageBases.PackagerUID, PackageBases.FlaggerUID, ";
539
540
541
	$q.= "(SELECT COUNT(*) FROM PackageRequests ";
	$q.= " WHERE PackageRequests.PackageBaseID = Packages.PackageBaseID ";
	$q.= " AND PackageRequests.Status = 0) AS RequestCount ";
542
	$q.= "FROM Packages, PackageBases ";
543
	$q.= "WHERE PackageBases.ID = Packages.PackageBaseID ";
Loui Chang's avatar
Loui Chang committed
544
	$q.= "AND Packages.ID = " . intval($id);
canyonknight's avatar
canyonknight committed
545
	$result = $dbh->query($q);
eric's avatar
eric committed
546

547
548
	$row = array();

canyonknight's avatar
canyonknight committed
549
	if (!$result) {
550
		$row['error'] = __("Error retrieving package details.");
551
552
	}
	else {
canyonknight's avatar
canyonknight committed
553
		$row = $result->fetch(PDO::FETCH_ASSOC);
eric's avatar
eric committed
554
		if (empty($row)) {
555
			$row['error'] = __("Package details could not be found.");
556
		}
557
558
559
560
561
562
563
564
565
	}

	return $row;
}

/**
 * Display the package details page
 *
 * @param string $id The package ID to get details page for
566
 * @param array $row Package details retrieved by pkg_get_details()
567
568
569
570
 * @param string $SID The session ID of the visitor
 *
 * @return void
 */
571
function pkg_display_details($id=0, $row, $SID="") {
572
	$dbh = DB::connect();
573

574
575
576
577
	if (isset($row['error'])) {
		print "<p>" . $row['error'] . "</p>\n";
	}
	else {
578
579
580
		$base_id = pkgbase_from_pkgid($id);
		$pkgbase_name = pkgbase_name_from_id($base_id);

581
582
583
		include('pkg_details.php');

		if ($SID) {
584
			include('pkg_comment_box.php');
585
586
		}

587
		$include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
588
589
590
591

		$limit_pinned = isset($_GET['pinned']) ? 0 : 5;
		$pinned = pkgbase_comments($base_id, $limit_pinned, false, true);
		if (!empty($pinned)) {
592
			$comment_section = "package";
593
594
			include('pkg_comments.php');
		}
595
		unset($pinned);
596

597

598
599
		$total_comment_count = pkgbase_comments_count($base_id, $include_deleted);
		list($pagination_templs, $per_page, $offset) = calculate_pagination($total_comment_count);
600

601
		$comments = pkgbase_comments($base_id, $per_page, $include_deleted, false, $offset);
602
		if (!empty($comments)) {
603
			$comment_section = "package";
604
			include('pkg_comments.php');
eric's avatar
eric committed
605
606
607
608
		}
	}
}

Lukas Fleischer's avatar
Lukas Fleischer committed
609
610
611
612
613
614
615
/**
 * Output the body of the search results page
 *
 * @param array $params Search parameters
 * @param bool $show_headers True if statistics should be included
 * @param string $SID The session ID of the visitor
 *
616
 * @return int The total number of packages matching the query
Simo Leone's avatar
Simo Leone committed
617
 */
Lukas Fleischer's avatar
Lukas Fleischer committed
618
function pkg_search_page($params, $show_headers=true, $SID="") {
619
	$dbh = DB::connect();
Loui Chang's avatar
Loui Chang committed
620

621
622
623
624
	/*
	 * Get commonly used variables.
	 * TODO: Reduce the number of database queries!
	 */
Loui Chang's avatar
Loui Chang committed
625
	if ($SID)
626
		$myuid = uid_from_sid($SID);
Loui Chang's avatar
Loui Chang committed
627

628
	/* Sanitize paging variables. */
Lukas Fleischer's avatar
Lukas Fleischer committed
629
630
	if (isset($params['O'])) {
		$params['O'] = max(intval($params['O']), 0);
631
	} else {
Lukas Fleischer's avatar
Lukas Fleischer committed
632
		$params['O'] = 0;
Loui Chang's avatar
Loui Chang committed
633
634
	}

Lukas Fleischer's avatar
Lukas Fleischer committed
635
636
	if (isset($params["PP"])) {
		$params["PP"] = bound(intval($params["PP"]), 50, 250);
637
	} else {
Lukas Fleischer's avatar
Lukas Fleischer committed
638
		$params["PP"] = 50;
Loui Chang's avatar
Loui Chang committed
639
640
	}

641
642
643
644
	/*
	 * FIXME: Pull out DB-related code. All of it! This one's worth a
	 * choco-chip cookie, one of those nice big soft ones.
	 */
Loui Chang's avatar
Loui Chang committed
645

646
	/* Build the package search query. */
647
	$q_select = "SELECT ";
Loui Chang's avatar
Loui Chang committed
648
	if ($SID) {
649
		$q_select .= "PackageNotifications.UserID AS Notify,
650
			   PackageVotes.UsersID AS Voted, ";
Loui Chang's avatar
Loui Chang committed
651
	}
652
	$q_select .= "Users.Username AS Maintainer,
653
	Packages.Name, Packages.Version, Packages.Description,
654
655
	PackageBases.NumVotes, PackageBases.Popularity, Packages.ID,
	Packages.PackageBaseID, PackageBases.OutOfDateTS ";
Loui Chang's avatar
Loui Chang committed
656

657
	$q_from = "FROM Packages
658
	LEFT JOIN PackageBases ON (PackageBases.ID = Packages.PackageBaseID)
659
	LEFT JOIN Users ON (PackageBases.MaintainerUID = Users.ID) ";
Loui Chang's avatar
Loui Chang committed
660
	if ($SID) {
661
		/* This is not needed for the total row count query. */
662
		$q_from_extra = "LEFT JOIN PackageVotes
663
		ON (PackageBases.ID = PackageVotes.PackageBaseID AND PackageVotes.UsersID = $myuid)
664
665
		LEFT JOIN PackageNotifications
		ON (PackageBases.ID = PackageNotifications.PackageBaseID AND PackageNotifications.UserID = $myuid) ";
666
667
	} else {
		$q_from_extra = "";
Loui Chang's avatar
Loui Chang committed
668
669
	}

670
	$q_where = 'WHERE PackageBases.PackagerUID IS NOT NULL ';
Loui Chang's avatar
Loui Chang committed
671

Lukas Fleischer's avatar
Lukas Fleischer committed
672
673
	if (isset($params['K'])) {
		if (isset($params["SeB"]) && $params["SeB"] == "m") {
674
			/* Search by maintainer. */
Lukas Fleischer's avatar
Lukas Fleischer committed
675
			$q_where .= "AND Users.Username = " . $dbh->quote($params['K']) . " ";
Loui Chang's avatar
Loui Chang committed
676
		}
Lukas Fleischer's avatar
Lukas Fleischer committed
677
		elseif (isset($params["SeB"]) && $params["SeB"] == "c") {
678
679
680
681
			/* Search by co-maintainer. */
			$q_where .= "AND EXISTS (SELECT * FROM PackageComaintainers ";
			$q_where .= "INNER JOIN Users ON Users.ID = PackageComaintainers.UsersID ";
			$q_where .= "WHERE PackageComaintainers.PackageBaseID = PackageBases.ID ";
Lukas Fleischer's avatar
Lukas Fleischer committed
682
			$q_where .= "AND Users.Username = " . $dbh->quote($params['K']) . ")";
683
		}
684
685
686
687
688
689
690
691
		elseif (isset($params["SeB"]) && $params["SeB"] == "M") {
			/* Search by maintainer and co-maintainer. */
			$q_where .= "AND (Users.Username = " . $dbh->quote($params['K']) . " ";
			$q_where .= "OR EXISTS (SELECT * FROM PackageComaintainers ";
			$q_where .= "INNER JOIN Users ON Users.ID = PackageComaintainers.UsersID ";
			$q_where .= "WHERE PackageComaintainers.PackageBaseID = PackageBases.ID ";
			$q_where .= "AND Users.Username = " . $dbh->quote($params['K']) . "))";
		}
Lukas Fleischer's avatar
Lukas Fleischer committed
692
		elseif (isset($params["SeB"]) && $params["SeB"] == "s") {
693
			/* Search by submitter. */
Lukas Fleischer's avatar
Lukas Fleischer committed
694
			$q_where .= "AND SubmitterUID = " . intval(uid_from_username($params['K'])) . " ";
Loui Chang's avatar
Loui Chang committed
695
		}
Lukas Fleischer's avatar
Lukas Fleischer committed
696
		elseif (isset($params["SeB"]) && $params["SeB"] == "n") {
697
			/* Search by name. */
Lukas Fleischer's avatar
Lukas Fleischer committed
698
			$K = "%" . addcslashes($params['K'], '%_') . "%";
699
			$q_where .= "AND (Packages.Name LIKE " . $dbh->quote($K) . ") ";
Andrea Scarpino's avatar
Andrea Scarpino committed
700
		}
Lukas Fleischer's avatar
Lukas Fleischer committed
701
		elseif (isset($params["SeB"]) && $params["SeB"] == "b") {
702
			/* Search by package base name. */
Lukas Fleischer's avatar
Lukas Fleischer committed
703
			$K = "%" . addcslashes($params['K'], '%_') . "%";
704
705
			$q_where .= "AND (PackageBases.Name LIKE " . $dbh->quote($K) . ") ";
		}
Lukas Fleischer's avatar
Lukas Fleischer committed
706
		elseif (isset($params["SeB"]) && $params["SeB"] == "k") {
Marcel Korpel's avatar
Marcel Korpel committed
707
			/* Search by keywords. */
Lukas Fleischer's avatar
Lukas Fleischer committed
708
			$q_where .= construct_keyword_search($dbh, $params['K'], false);
Marcel Korpel's avatar
Marcel Korpel committed
709
		}
Lukas Fleischer's avatar
Lukas Fleischer committed
710
		elseif (isset($params["SeB"]) && $params["SeB"] == "N") {
711
			/* Search by name (exact match). */
Lukas Fleischer's avatar
Lukas Fleischer committed
712
			$q_where .= "AND (Packages.Name = " . $dbh->quote($params['K']) . ") ";
713
		}
Lukas Fleischer's avatar
Lukas Fleischer committed
714
		elseif (isset($params["SeB"]) && $params["SeB"] == "B") {
715
			/* Search by package base name (exact match). */
Lukas Fleischer's avatar
Lukas Fleischer committed
716
			$q_where .= "AND (PackageBases.Name = " . $dbh->quote($params['K']) . ") ";
717
		}
Loui Chang's avatar
Loui Chang committed
718
		else {
719
			/* Keyword search (default). */
Lukas Fleischer's avatar
Lukas Fleischer committed
720
			$q_where .= construct_keyword_search($dbh, $params['K'], true);
Loui Chang's avatar
Loui Chang committed
721
722
723
		}
	}

Lukas Fleischer's avatar
Lukas Fleischer committed
724
	if (isset($params["do_Orphans"])) {
725
		$q_where .= "AND MaintainerUID IS NULL ";
Loui Chang's avatar
Loui Chang committed
726
	}
727

Lukas Fleischer's avatar
Lukas Fleischer committed
728
729
	if (isset($params['outdated'])) {
		if ($params['outdated'] == 'on') {
730
			$q_where .= "AND OutOfDateTS IS NOT NULL ";
731
		}
Lukas Fleischer's avatar
Lukas Fleischer committed
732
		elseif ($params['outdated'] == 'off') {
733
			$q_where .= "AND OutOfDateTS IS NULL ";
734
		}
735
736
	}

Lukas Fleischer's avatar
Lukas Fleischer committed
737
	$order = (isset($params["SO"]) && $params["SO"] == 'd') ? 'DESC' : 'ASC';
Loui Chang's avatar
Loui Chang committed
738

739
	$q_sort = "ORDER BY ";
Lukas Fleischer's avatar
Lukas Fleischer committed
740
	$sort_by = isset($params["SB"]) ? $params["SB"] : '';
741
	switch ($sort_by) {
Loui Chang's avatar
Loui Chang committed
742
	case 'v':
743
		$q_sort .= "NumVotes " . $order . ", ";
Loui Chang's avatar
Loui Chang committed
744
		break;
745
746
747
	case 'p':
		$q_sort .= "Popularity " . $order . ", ";
		break;
748
749
	case 'w':
		if ($SID) {
750
			$q_sort .= "Voted " . $order . ", ";
751
752
753
754
		}
		break;
	case 'o':
		if ($SID) {
755
			$q_sort .= "Notify " . $order . ", ";
756
757
		}
		break;
Loui Chang's avatar
Loui Chang committed
758
	case 'm':
759
		$q_sort .= "Maintainer " . $order . ", ";
Loui Chang's avatar
Loui Chang committed
760
		break;
761
762
763
	case 'l':
		$q_sort .= "ModifiedTS " . $order . ", ";
		break;
Loui Chang's avatar
Loui Chang committed
764
	case 'a':
765
		/* For compatibility with old search links. */
766
		$q_sort .= "-ModifiedTS " . $order . ", ";
Loui Chang's avatar
Loui Chang committed
767
768
769
770
		break;
	default:
		break;
	}
771
	$q_sort .= " Packages.Name " . $order . " ";
Loui Chang's avatar
Loui Chang committed
772

Lukas Fleischer's avatar
Lukas Fleischer committed
773
	$q_limit = "LIMIT ".$params["PP"]." OFFSET ".$params["O"];
774

775
776
	$q = $q_select . $q_from . $q_from_extra . $q_where . $q_sort . $q_limit;
	$q_total = "SELECT COUNT(*) " . $q_from . $q_where;
Loui Chang's avatar
Loui Chang committed
777

canyonknight's avatar
canyonknight committed
778
779
	$result = $dbh->query($q);
	$result_t = $dbh->query($q_total);
780
	if ($result_t) {
canyonknight's avatar
canyonknight committed
781
782
		$row = $result_t->fetch(PDO::FETCH_NUM);
		$total = $row[0];
783
784
785
786
	}
	else {
		$total = 0;
	}
Simo Leone's avatar
Simo Leone committed
787

788
	if ($result && $total > 0) {
Lukas Fleischer's avatar
Lukas Fleischer committed
789
		if (isset($params["SO"]) && $params["SO"] == "d"){
790
			$SO_next = "a";
Loui Chang's avatar
Loui Chang committed
791
792
		}
		else {
793
			$SO_next = "d";
Loui Chang's avatar
Loui Chang committed
794
		}
795
	}
Simo Leone's avatar
Simo Leone committed
796

797
	/* Calculate the results to use. */
Lukas Fleischer's avatar
Lukas Fleischer committed
798
	$first = $params['O'] + 1;
Simo Leone's avatar
Simo Leone committed
799

800
	/* Calculation of pagination links. */
Lukas Fleischer's avatar
Lukas Fleischer committed
801
	$per_page = ($params['PP'] > 0) ? $params['PP'] : 50;
802
803
804
	$current = ceil($first / $per_page);
	$pages = ceil($total / $per_page);
	$templ_pages = array();
805

806
	if ($current > 1) {
807
808
		$templ_pages['&laquo; ' . __('First')] = 0;
		$templ_pages['&lsaquo; ' . __('Previous')] = ($current - 2) * $per_page;
809
	}
810

811
812
	if ($current - 5 > 1)
		$templ_pages["..."] = false;
813

814
815
816
	for ($i = max($current - 5, 1); $i <= min($pages, $current + 5); $i++) {
		$templ_pages[$i] = ($i - 1) * $per_page;
	}
817

818
819
	if ($current + 5 < $pages)
		$templ_pages["... "] = false;
820

821
	if ($current < $pages) {
822
823
		$templ_pages[__('Next') . ' &rsaquo;'] = $current * $per_page;
		$templ_pages[__('Last') . ' &raquo;'] = ($pages - 1) * $per_page;
824
	}
Simo Leone's avatar
Simo Leone committed
825

826
	$searchresults = array();
canyonknight's avatar
canyonknight committed
827
828
829
830
	if ($result) {
		while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
			$searchresults[] = $row;
		}
831
832
	}

833
834
	include('pkg_search_results.php');

835
	return $total;
eric's avatar
eric committed
836
837
}

Marcel Korpel's avatar
Marcel Korpel committed
838
839
840
841
/**
 * Construct the WHERE part of the sophisticated keyword search
 *
 * @param handle $dbh Database handle
Lukas Fleischer's avatar
Lukas Fleischer committed
842
843
 * @param string $keywords The search term
 * @param bool $namedesc Search name and description fields
Marcel Korpel's avatar
Marcel Korpel committed
844
845
846
 *
 * @return string WHERE part of the SQL clause
 */
Lukas Fleischer's avatar
Lukas Fleischer committed
847
function construct_keyword_search($dbh, $keywords, $namedesc) {
Marcel Korpel's avatar
Marcel Korpel committed
848
849
850
851
852
	$count = 0;
	$where_part = "";
	$q_keywords = "";
	$op = "";

Lukas Fleischer's avatar
Lukas Fleischer committed
853
	foreach (str_getcsv($keywords, ' ') as $term) {
Marcel Korpel's avatar
Marcel Korpel committed
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
		if ($term == "") {
			continue;
		}
		if ($count > 0 && strtolower($term) == "and") {
			$op = "AND ";
			continue;
		}
		if ($count > 0 && strtolower($term) == "or") {
			$op = "OR ";
			continue;
		}
	        if ($count > 0 && strtolower($term) == "not") {
			$op .= "NOT ";
			continue;
		}

		$term = "%" . addcslashes($term, '%_') . "%";
		$q_keywords .= $op . " (";
		if ($namedesc) {
			$q_keywords .= "Packages.Name LIKE " . $dbh->quote($term) . " OR ";
			$q_keywords .= "Description LIKE " . $dbh->quote($term) . " OR ";
		}
		$q_keywords .= "EXISTS (SELECT * FROM PackageKeywords WHERE ";
		$q_keywords .= "PackageKeywords.PackageBaseID = Packages.PackageBaseID AND ";
		$q_keywords .= "PackageKeywords.Keyword LIKE " . $dbh->quote($term) . ")) ";

		$count++;
		if ($count >= 20) {
			break;
		}
		$op = "AND ";
	}

	if (!empty($q_keywords)) {
		$where_part = "AND (" . $q_keywords . ") ";
	}

	return $where_part;
}

894
895
896
897
898
899
900
/**
 * Determine if a POST string has been sent by a visitor
 *
 * @param string $action String to check has been sent via POST
 *
 * @return bool True if the POST string was used, otherwise false
 */
Dan McGee's avatar
Dan McGee committed
901
902
903
904
905
function current_action($action) {
	return (isset($_POST['action']) && $_POST['action'] == $action) ||
		isset($_POST[$action]);
}

906
/**
907
908
909
910
911
 * Determine if sent IDs are valid integers
 *
 * @param array $ids IDs to validate
 *
 * @return array All sent IDs that are valid integers
912
913
914
915
916
917
918
919
920
921
922
923
 */
function sanitize_ids($ids) {
	$new_ids = array();
	foreach ($ids as $id) {
		$id = intval($id);
		if ($id > 0) {
			$new_ids[] = $id;
		}
	}
	return $new_ids;
}

924
925
926
927
928
929
930
931
932
933
/**
 * Determine package information for latest package
 *
 * @param int $numpkgs Number of packages to get information on
 *
 * @return array $packages Package info for the specified number of recent packages
 */
function latest_pkgs($numpkgs) {
	$dbh = DB::connect();

Lukas Fleischer's avatar
Lukas Fleischer committed
934
935
	$q = "SELECT Packages.*, MaintainerUID, SubmittedTS ";
	$q.= "FROM Packages LEFT JOIN PackageBases ON ";
936
	$q.= "PackageBases.ID = Packages.PackageBaseID ";
937
	$q.= "ORDER BY SubmittedTS DESC ";
938
	$q.= "LIMIT " . intval($numpkgs);
939
940
	$result = $dbh->query($q);

941
	$packages = array();
942
943
944
945
946
947
948
949
	if ($result) {
		while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
			$packages[] = $row;
		}
	}

	return $packages;
}