pkgfuncs.inc 39.2 KB
Newer Older
1
<?php
2
include_once("pkgfuncs_po.inc");
3
include_once("config.inc");
eric's avatar
eric committed
4

5
6
# define variables used during pkgsearch
#
simo's avatar
simo committed
7
$pkgsearch_vars = array("O", "L", "C", "K", "SB", "SO", "PP", "do_MyPackages", "do_Orphans", "SeB");
8

9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# Make sure this visitor can delete the requested package comment
# They can delete if they were the comment submitter, or if they are a TU/Dev
#
function canDeleteComment($comment_id=0, $atype="", $SID="") {
	if ($atype == "Trusted User" || $atype == "Developer") {
		# A TU/Dev can delete any comment
		#
		return TRUE;
	}
	$uid = uid_from_sid($SID);
	$dbh = db_connect();
	$q = "SELECT COUNT(ID) AS CNT ";
	$q.= "FROM PackageComments ";
	$q.= "WHERE ID = " . intval($comment_id);
	$q.= " AND UsersID = " . $uid;
	$result = db_query($q, $dbh);
	if ($result != NULL) {
		$row = mysql_fetch_assoc($result);
		if ($row['CNT'] > 0) {
			return TRUE;
		}
	}
	return FALSE;
}
eric's avatar
eric committed
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

# see if this Users.ID can manage the package
#
function canManagePackage($uid=0,$AURMUID=0, $MUID=0, $SUID=0, $managed=0) {
	if (!$uid) {return 0;}

	# The uid of the TU/Dev that manages the package
	#
	if ($uid == $AURMUID) {return 1;}

	# If the package isn't maintained by a TU/Dev, is this the user-maintainer?
	#
	if ($uid == $MUID && !$managed) {return 1;}

	# If the package isn't maintained by a TU/Dev, is this the user-submitter?
	#
	if ($uid == $SUID && !$managed) {return 1;}

	# otherwise, no right to manage this package
	#
	return 0;
}

eric's avatar
eric committed
56
57
58
59
60
# grab the current list of PackageCategories
#
function pkgCategories() {
	$cats = array();
	$dbh = db_connect();
61
	$q = "SELECT * FROM PackageCategories WHERE ID != 1 ";
eric's avatar
eric committed
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
	$q.= "ORDER BY Category ASC";
	$result = db_query($q, $dbh);
	if ($result) {
		while ($row = mysql_fetch_row($result)) {
			$cats[$row[0]] = $row[1];
		}
	}
	return $cats;
}

# grab the current list of PackageLocations
#
function pkgLocations() {
	$locs = array();
	$dbh = db_connect();
77
	$q = "SELECT * FROM PackageLocations WHERE ID != 1 AND ID < 4 ";
eric's avatar
eric committed
78
79
80
81
82
83
84
85
86
87
	$q.= "ORDER BY Location ASC";
	$result = db_query($q, $dbh);
	if ($result) {
		while ($row = mysql_fetch_row($result)) {
			$locs[$row[0]] = $row[1];
		}
	}
	return $locs;
}

88
89
90
91
92
93
# check to see if the package name exists
#
function package_exists($name="") {
	if (!$name) {return NULL;}
	$dbh = db_connect();
	$q = "SELECT ID FROM Packages ";
94
	$q.= "WHERE Name = '".mysql_real_escape_string($name)."' ";
95
96
97
98
99
100
101
	$q.= "AND DummyPkg = 0";
	$result = db_query($q, $dbh);
	if (!$result) {return NULL;}
	$row = mysql_fetch_row($result);
	return $row[0];
}

102
103
104
105
106
107
# grab package dependencies
#
function package_dependencies($pkgid=0) {
	$deps = array();
	if ($pkgid) {
		$dbh = db_connect();
108
		$q = "SELECT DepPkgID, Name, DummyPkg, DepCondition FROM PackageDepends, Packages ";
109
		$q.= "WHERE PackageDepends.DepPkgID = Packages.ID ";
110
		$q.= "AND PackageDepends.PackageID = ".mysql_real_escape_string($pkgid);
111
112
113
114
115
116
117
118
119
120
		$q.= " ORDER BY Name";
		$result = db_query($q, $dbh);
		if (!$result) {return array();}
		while ($row = mysql_fetch_row($result)) {
			$deps[] = $row;
		}
	}
	return $deps;
}

121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# reverse deps by tardo
#
function package_required($pkgid=0) {
	$deps = array();
	if ($pkgid) {
		$dbh = db_connect();
		$q = "SELECT PackageID, Name, DummyPkg from PackageDepends, Packages ";
		$q.= "WHERE PackageDepends.PackageID = Packages.ID ";
		$q.= "AND PackageDepends.DepPkgID = ";
		$q.= mysql_real_escape_string($pkgid);
		$result = db_query($q, $dbh);
		if (!$result) {return array();}
		while ($row = mysql_fetch_row($result)) {
			$deps[] = $row;
		}
	}
	return $deps;
}

140
141
142
143
144
145
# create a dummy package and return it's Packages.ID  if it already exists,
# return the existing ID
#
function create_dummy($pname="", $sid="") {
	if ($pname && $sid) {
		$uid = uid_from_sid($sid);
jchu's avatar
jchu committed
146
		if (!$uid) {return NULL;}
147
148
		$dbh = db_connect();
		$q = "SELECT ID FROM Packages WHERE Name = '";
149
		$q.= mysql_real_escape_string($pname)."'";
150
		$result = db_query($q, $dbh);
jchu's avatar
jchu committed
151
		if (!mysql_num_rows($result)) {
152
153
			# Insert the dummy
			#
154
			$q = "INSERT INTO Packages (Name, Description, URL, SubmittedTS, ";
155
			$q.= "SubmitterUID, DummyPkg) VALUES ('";
156
			$q.= mysql_real_escape_string($pname)."', 'A dummy package', '/#', ";
157
			$q.= "UNIX_TIMESTAMP(), ".$uid.", 1)";
158
159
160
161
			$result = db_query($q, $dbh);
			if (!$result) {
				return NULL;
			}
jchu's avatar
jchu committed
162
			return mysql_insert_id($dbh);
163
164
		} else {
			$data = mysql_fetch_row($result);
jchu's avatar
jchu committed
165
			return $data[0];
166
167
168
169
170
171
		}
	}
	return NULL;

}

eric's avatar
eric committed
172
173
174
175
176
177
# grab package comments
#
function package_comments($pkgid=0) {
	$comments = array();
	if ($pkgid) {
		$dbh = db_connect();
178
		$q = "SELECT PackageComments.ID, UserName, UsersID, Comments, CommentTS ";
eric's avatar
eric committed
179
180
		$q.= "FROM PackageComments, Users ";
		$q.= "WHERE PackageComments.UsersID = Users.ID";
181
		$q.= " AND PackageID = ".mysql_real_escape_string($pkgid);
eric's avatar
eric committed
182
		$q.= " AND DelUsersID = 0"; # only display non-deleted comments
183
		$q.= " ORDER BY CommentTS DESC";
eric's avatar
eric committed
184
185
186
187
188
189
190
191
192
		$result = db_query($q, $dbh);
		if (!$result) {return array();}
		while ($row = mysql_fetch_assoc($result)) {
			$comments[] = $row;
		}
	}
	return $comments;
}

193
194
195
196
197
198
199
# grab package sources
#
function package_sources($pkgid=0) {
	$sources = array();
	if ($pkgid) {
		$dbh = db_connect();
		$q = "SELECT Source FROM PackageSources ";
200
		$q.= "WHERE PackageID = ".mysql_real_escape_string($pkgid);
201
202
203
204
205
206
207
208
209
210
		$q.= " ORDER BY Source";
		$result = db_query($q, $dbh);
		if (!$result) {return array();}
		while ($row = mysql_fetch_row($result)) {
			$sources[] = $row[0];
		}
	}
	return $sources;
}

211
212
213
214
215
216
217
218
219
220
221

# grab array of Package.IDs that I've voted for: $pkgs[1234] = 1, ...
#
function pkgvotes_from_sid($sid="") {
	$pkgs = array();
	if (!$sid) {return $pkgs;}
	$dbh = db_connect();
	$q = "SELECT PackageID ";
	$q.= "FROM PackageVotes, Users, Sessions ";
	$q.= "WHERE Users.ID = Sessions.UsersID ";
	$q.= "AND Users.ID = PackageVotes.UsersID ";
222
	$q.= "AND Sessions.SessionID = '".mysql_real_escape_string($sid)."'";
223
224
225
226
227
228
229
230
231
	$result = db_query($q, $dbh);
	if ($result) {
		while ($row = mysql_fetch_row($result)) {
			$pkgs[$row[0]] = 1;
		}
	}
	return $pkgs;
}

232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
# array of package ids that you're being notified for
# *yoink*
#
function pkgnotify_from_sid($sid="") {
	$pkgs = array();
	if (!$sid) {return $pkgs;}
	$dbh = db_connect();
	$q = "SELECT PkgID ";
	$q.= "FROM CommentNotify, Users, Sessions ";
	$q.= "WHERE Users.ID = Sessions.UsersID ";
	$q.= "AND Users.ID = CommentNotify.UserID ";
	$q.= "AND Sessions.SessionID = '".mysql_real_escape_string($sid)."'";
	$result = db_query($q, $dbh);
	if ($result) {
		while ($row = mysql_fetch_row($result)) {
			$pkgs[$row[0]] = 1;
		}
	}
	return $pkgs;
}
252

eric's avatar
eric committed
253
254
# display package details
#
255
function package_details($id=0, $SID="") {
256
	global $_REQUEST;
eric's avatar
eric committed
257
	global $pkgsearch_vars;
jchu's avatar
jchu committed
258
	$q = "SELECT Packages.*,Location,Category ";
259
260
261
	$q.= "FROM Packages,PackageLocations,PackageCategories ";
 	$q.= "WHERE Packages.LocationID = PackageLocations.ID ";
	$q.= "AND Packages.CategoryID = PackageCategories.ID ";
262
	$q.= "AND Packages.ID = ".intval($_REQUEST["ID"]);
eric's avatar
eric committed
263
264
265
266
267
268
269
270
271
272
273
274
275
	$dbh = db_connect();
	$results = db_query($q, $dbh);
	if (!$results) {
		print __("Error retrieving package details.")."<br />\n";

	} else {
		$row = mysql_fetch_assoc($results);
		if (empty($row)) {
			print __("Package details could not be found.")."<br />\n";

		} else {

			# print out package details
276
            #
eliott's avatar
eliott committed
277
278
279
            echo "<div class=\"pgbox\">\n";
            echo "  <div class=\"pgboxtitle\"><span class=\"f3\">".__("Package Details")."</span></div>\n";
            echo "  <div class=\"pgboxbody\">\n";
280
281
282
283
284
285
286
287
288
			echo "    <table>\n";
			echo "      <tr><td class='boxSoft' colspan='2'><span class='f2'>";
			echo $row["Name"] . " " . $row["Version"]."</span></td></tr>\n";
			echo "      <tr><td class='boxSoft' colspan='2'><span class='f3'>";
			echo "<a href='".$row["URL"]."'>".$row["URL"]."</a></span></td></tr>\n";
			echo "      <tr><td class='boxSoft' colspan='2'><span class='f3'>".$row["Description"];
			echo "</a></span></td></tr>\n";
			echo "      <tr><td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='30'></td></tr>\n";
			echo "      <tr><td class='boxSoft' colspan='2'><span class='f3'>";
289
290
291
292
			if ($row["Location"] == "unsupported" and ( 
					uid_from_sid($SID) == $row["MaintainerUID"] or
					(account_from_sid($SID) == "Developer" or
					 account_from_sid($SID) == "Trusted User"))) {
pjmattal's avatar
pjmattal committed
293
294
295
296
297
298
299
			  $edit_cat = "<a href='/pkgedit.php?change_Category=1&ID=";
			  $edit_cat .= intval($_REQUEST["ID"])."'>".$row["Category"]."</a>";
			  $edit_cat .= " &nbsp;<span class='fix'>(";
			  $edit_cat .= __("change category").")</span>";
			} else {
				$edit_cat = $row["Category"];
			}
300
301
			echo $row["Location"]." :: ".$edit_cat."</span></td></tr>\n";
			echo "        <tr><td class='boxSoft' colspan='2'><span class='f3'>".__("Maintainer").": ";
302
			if ($row["MaintainerUID"]) {
303
				$maintainer = username_from_id($row["MaintainerUID"]);
304
				if ($SID) {
305
306
307
					echo "<a href='/account.php?Action=AccountInfo&ID=";
					echo $row["MaintainerUID"] . "'>";
					echo $maintainer . "</a></span></td>";
308
				} else {
309
					echo $maintainer . "</span></td>";
310
				}
311
312
			} else {
				$maintainer = "None";
313
				echo $maintainer . "</span></td>";
314
			}
315
316
317
			echo "      </tr>\n";
			echo "      <tr><td class='boxSoft' colspan='2'><span class='f3'>".__("Votes").": ";
			echo $row["NumVotes"] . "</span></td></tr>\n";
318
319
            
            # In case of wanting to put a custom message
320
            $msg = __("unknown");
321
322
            $license = $row["License"] == "" ? $msg : $row["License"];
            
323
324
325
            echo "      <tr><td class='boxSoft' colspan='2'><br><span class='f3'>".__("License").": ".$license;
            echo "</a></span></td></tr>\n";            
			echo "      <tr><td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='15'></td></tr>\n";
326
327

			# Print the timestamps for last updates
simo's avatar
simo committed
328
329
			$updated_time = ($row["ModifiedTS"] == 0) ? "(unknown)" : gmdate("r", intval($row["ModifiedTS"]));
			$submitted_time = ($row["SubmittedTS"] == 0) ? "(unknown)" : gmdate("r", intval($row["SubmittedTS"]));
330
331
332
333
334
			echo "      <tr><td class='boxSoft' colspan='2'><span class='f3'>";
			echo __("Last Updated").": ".$updated_time."<br>";
			echo __("First Submitted").": ".$submitted_time."</span></td></tr>\n";
			echo "      <tr><td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='15'></td></tr>\n";
			echo "      <tr><td class='boxSoft' colspan='2'><span class='f3'>";
pjmattal's avatar
pjmattal committed
335
			if ($row["LocationID"] == 2) {
336
				$urlpath = URL_DIR.$row["Name"]."/".$row["Name"];
337
				print "<a href='$urlpath.tar.gz'>".__("Tarball")."</a> :: <a href='$urlpath'>".__("Files")."</a> :: <a href='$urlpath/PKGBUILD'>PKGBUILD</a></span></td>";
pjmattal's avatar
pjmattal committed
338
			} elseif ($row["LocationID"] == 3) {
339
			  echo "<a href='http://cvs.archlinux.org/cgi-bin/viewcvs.cgi/" . $row["Category"] . "/" . $row["Name"] . "/?cvsroot=AUR&only_with_tag=CURRENT'>CVS</td>";
pjmattal's avatar
pjmattal committed
340
			}
341
			echo "</tr>\n";
342
			if ($row["OutOfDate"] == 1) {
343
344
				echo "\n<tr><td colspan='2'>";
				echo "<span class='f6'>".__("This package has been flagged out of date.")."</span></td></tr>";
345
			}
346
347
348
349
350
351
352
			echo "      <tr><td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='30'></td></tr>\n";
            echo "      <tr>\n";
            echo "        <td valign='top' style='padding-right: 10'>\n";
			echo "          <table class='boxSoft' style='width: 200px'>\n";
			echo "            <tr><td class='boxSoftTitle'><span class='f3'>";
			echo __("Dependencies")."</span></td></tr>\n";
			echo "            <tr><td class='boxSoft'>";
353
			$deps = package_dependencies($row["ID"]); # $deps[0] = array('id','name', 'dummy');
354
355
356
357
358
359
360
361
362
363
364
			if (count($deps) == 0) {
				print "None\n";
			} else {
				while (list($k, $darr) = each($deps)) {
					$url = "<a href='/packages.php?do_Details=1&ID=".$darr[0];
					while(list($k, $var) = each($pkgsearch_vars)) {
						if (($var == "do_MyPackages" || $var == "do_Orphans") && $_REQUEST[$var]) {
							$url .= "&".$var."=1";
						} else {
							$url .= "&".$var."=".rawurlencode(stripslashes($_REQUEST[$var]));
						}
365
					}
366
367
368
369
370
371
					reset($pkgsearch_vars);
																								 
									// $darr[3] is the DepCondition                                               
																								 
					if ($darr[2] == 0) echo $url."'>".$darr[1].$darr[3]."</a><br />\n";
					else echo "<a href='http://archlinux.org/packages/search/".$darr[1]."'>".$darr[1].$darr[3]."</a><br />\n";
eric's avatar
eric committed
372
				}
373
			}
374
375
			echo "</td></tr>\n";
			echo "</table></td>";
376
377

			# reverse-deps by tardo - could use some beautification
378
379
380
381
382
			echo "  <td valign='top'>";
			echo "<table class='boxSoft' style='width: 200px'>";
			echo "<tr><td class='boxSoftTitle'><span class='f3'>";
			echo __("Required by")."</span></td></tr>\n";
			echo "<tr><td class='boxSoft'>";
383
			$deps = package_required($row["ID"]);
384
385
386
387
388
389
390
391
392
393
394
			if (count($deps) == 0) {
				print "None\n";
			} else {
				while (list($k, $darr) = each($deps)) {
					$url = "<a href='/packages.php?do_Details=1&ID=".$darr[0];
					while(list($k, $var) = each($pkgsearch_vars)) {
						if (($var == "do_MyPackages" || $var == "do_Orphans") && $_REQUEST[$var]) {
							$url .= "&".$var."=1";
						} else {
							$url .= "&".$var."=".rawurlencode(stripslashes($_REQUEST[$var]));
						}
395
					}
396
397
398
399
400
401
					reset($pkgsearch_vars);
																								 
									// $darr[3] is the DepCondition                                               
																								 
					if ($darr[2] == 0) print $url."'>".$darr[1].$darr[3]."</a><br />\n";
					else print "<a href='http://archlinux.org/packages/search/".$darr[1]."'>".$darr[1].$darr[3]."</a><br />\n";
402
				}
403
			}
404
405
406
			echo "</td></tr>\n";
			echo "          </table>\n";
			echo "        </td>\n";
407
408
409
410
411
			echo "        <td valign='top'>\n";
			echo "          <table class='boxSoft' style='width: 200px'>\n";
			echo "            <tr><td class='boxSoftTitle'><span class='f3'>";
			echo __("Sources")."</span></td></tr>\n";
			echo "            <tr><td class='boxSoft'>";
412
			$sources = package_sources($row["ID"]); # $sources[0] = 'src';
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
			if (count($sources) == 0) {
				print "None\n";
			} else {
				while (list($k, $src) = each($sources)) {
					$parsed_url = parse_url($src);
					if ($parsed_url['scheme'])
					{
						//It is an external source
						echo "<a href='".$src."'>".$src."</a><br />\n";
					}
					else 
					{
						//It is presumably an internal source
						if ($row["LocationID"] == 2) {
							echo "<a href='".dirname($row['URLPath'])."/".$row['Name'];
							echo "/".$src."'>".$src."</a><br />\n";
						} elseif ($row["LocationID"] == 3) {
							echo "<a href='http://cvs.archlinux.org/cgi-bin/viewcvs.cgi/*checkout*/".$row["Category"]."/".$row["Name"]."/".$src."/?rev=HEAD&cvsroot=AUR&only_with_tag=CURRENT'>";
							echo $src."</a><br />\n";
						}
simo's avatar
simo committed
433
					}
434
				}
435
			}
436
			echo "</td></tr>\n";
437
438
			echo "          </table>\n";
			echo "        </td>\n";
439
440
			echo "      </tr>\n";
			echo "    </table>\n";
441
442
443
			echo "  </div>\n";
			echo "</div>\n\n";
			echo "<br />\n\n";
444

eric's avatar
eric committed
445

simo's avatar
simo committed
446
447
448
			# Actions Bar
			#
			if ($SID) {
eliott's avatar
eliott committed
449
450
451
                echo "<div class=\"pgbox\">\n";
                echo "  <div class=\"pgboxtitle\"><span class=\"f3\">".__("Actions")."</span></div>\n";
                echo "  <div class=\"pgboxbody\">\n";
452
                echo "    <form action='/packages.php' method='post'>\n";
453
454
				echo "      <input type='hidden' name='IDs[".$row["ID"]."]' value='1'>\n";
				echo "      <input type='hidden' name='ID' value='".$row["ID"]."'>\n";
simo's avatar
simo committed
455
456
457
458
459
				# Voting Button
				#
				$q = "SELECT * FROM PackageVotes WHERE UsersID = ".uid_from_sid($SID);
				$q.= " AND PackageID = ".$row["ID"];
				if (!mysql_num_rows(db_query($q, $dbh))) {
460
461
					echo "      <input type='submit' class='button' name='do_Vote'";
					echo " value='".__("Vote")."'>";
simo's avatar
simo committed
462
				} else {
463
464
					echo "<input type='submit' class='button' name='do_UnVote'";
					echo " value='".__("Un-Vote")."'>";
simo's avatar
simo committed
465
466
467
468
469
470
				}
				# Comment Nofify Button
				#
				$q = "SELECT * FROM CommentNotify WHERE UserID = ".uid_from_sid($SID);
				$q.= " AND PkgID = ".$row["ID"];
				if (!mysql_num_rows(db_query($q, $dbh))) {
471
472
					echo "<input type='submit' class='button' name='do_Notify'";
					echo " value='".__("Notify")."' title='".__("New Comment Notification")."'>";
simo's avatar
simo committed
473
				} else {
474
					echo "<input type='submit' class='button' name='do_Notify'";
475
					echo " value='".__("UnNotify")."' title='".__("No New Comment Notification")."'>";
simo's avatar
simo committed
476
				}
477
478
479
480
481
482
483

                if ($row["OutOfDate"] == 0) {
                    echo "<input type='submit' class='button' name='do_Flag'";
                    echo " value='".__("Flag Out-of-date")."'>\n";
                } else {
                    echo "<input type='submit' class='button' name='do_UnFlag'";
                    echo " value='".__("Unflag Out-of-date")."'>\n";
484
				}
485
					
486
487
488
489
                if ($row["AURMaintainerUID"] == 0 && $row["MaintainerUID"] == 0) {
                    echo "<input type='submit' class='button' name='do_Adopt'";
                    echo " value='".__("Adopt Packages")."'>\n";
                }
490
					
491
492
493
				if ($row["MaintainerUID"] == uid_from_sid($SID) ||
            account_from_sid($SID) == "Trusted User" ||
            account_from_sid($SID) == "Developer") {
494
495
496
					echo "<input type='submit' class='button' name='do_Disown'";
					echo " value='".__("Disown Packages")."'>\n";
				}	
497
					
498
499
500
501
502
503
				if ($row["MaintainerUID"] == uid_from_sid($SID) ||
				    account_from_sid($SID) == "Trusted User" ||
				    account_from_sid($SID) == "Developer") {
					echo "<input type='submit' class='button' name='do_Delete'";
					echo " value='".__("Delete Packages")."'>\n";
				}
504
						
505
506
507
508
                echo "    </form>\n";
                echo "  </div>\n";
                echo "</div>\n";
                echo "\n<br />\n\n";
simo's avatar
simo committed
509
			}
510
			
simo's avatar
simo committed
511
			# Comments
eric's avatar
eric committed
512
			#
513
514
515
			echo "<div class=\"pgbox\">\n";
			echo "  <div class=\"pgboxtitle\"><span class=\"f3\">".__("Comments")."</span></div>\n";
			echo "  <div class=\"pgboxbody-comment\">\n";
516
			echo "    <table width='100%'>\n";
517
518
519
520
521
522
523
524
525
526
			if (isset($_COOKIE['AURSID'])) {
				echo "<tr><td>";
				echo "          <form action='/pkgedit.php' method='post'>\n";
				echo "            <input type='hidden' name='ID' value='".$row["ID"]."'>\n";
				echo "            <input type='submit' class='button' name='add_Comment' value=\"";
				echo __("Add Comment")."\">\n";
				echo "          </form>\n";
				echo "</tr></td>";
				//echo "<br />\n";
			}
eric's avatar
eric committed
527
528
529
			$comments = package_comments($row["ID"]);
			if (!empty($comments)) {
				while (list($indx, $carr) = each($comments)) {
530
531
532
533

					echo "      <tr>\n";
					echo "        <td valign='top' style='padding-right: 10' colspan='2'>\n";
					echo "          <table class='boxSoft' width='100%'>\n";
534
535
					echo "            <tr>\n";
					echo "              <td class='boxSoftTitle'><span class='f3'>";
536
537
538
539
540
					if (canDeleteComment($carr["ID"], account_from_sid($SID), $SID)) {
						$durl = "<a href='/pkgedit.php?del_Comment=1";
						$durl.= "&comment_id=".$carr["ID"]."&ID=".$row["ID"];
						$durl.= "'><img src='/images/x.png' border='0'";
						$durl.= " alt=\"".__("Delete comment")."\"></a>";
541

542
					  echo $durl . "&nbsp;&nbsp;";
543
					}
544
					if ($SID) {
545
						echo __("Comment by: %h%s%h on %h%s%h",
546
							array("<a href='/account.php?Action=AccountInfo&ID=".$carr["UsersID"]."'><b>",$carr["UserName"],"</b></a>",
simo's avatar
simo committed
547
							      "<i>",gmdate("Ymd [H:i:s]",$carr["CommentTS"]),"</i>"));
548
					} else {
549
						echo __("Comment by: %h%s%h on %h%s%h",
eric's avatar
eric committed
550
							array("<b>",$carr["UserName"],"</b>",
simo's avatar
simo committed
551
							      "<i>",gmdate("Ymd [H:i:s]",$carr["CommentTS"]),"</i>"));
552
					}
553
554
555
556
					echo "</span></td>\n";
					echo "            </tr>\n";
					echo "            <tr>\n";
					echo "              <td class='boxSoft'>";
557
					echo "<code>\n";
558
					echo nl2br(htmlspecialchars($carr["Comments"]));
559
560
					echo "</code></td>\n";
					echo "            </tr>\n";
561
562
563
					echo "          </table>\n";
					echo "        </td>\n";
					echo "      </tr>\n";
eric's avatar
eric committed
564
				}
565
566
			} else {
				print "<tr><td>None</td></tr>\n";
eric's avatar
eric committed
567
			}
568
			echo "    </table>\n";
569
570
			echo "  </div>\n";
			echo "</div>\n";
eric's avatar
eric committed
571
572
573
574
575
576
		}
	}
	return;
}


eric's avatar
eric committed
577
578
# display the search form in a boxSoft style
#
579
580
function pkg_search_page($SID="") {
	global $_REQUEST;
eric's avatar
eric committed
581
	global $pkgsearch_vars;
582
	# SID: session id cookie
eric's avatar
eric committed
583

eric's avatar
eric committed
584
585
	$locs = pkgLocations();
	$cats = pkgCategories();
586
587
	$devs = getDevelopers();
	$tus = getTrustedUsers();
pjmattal's avatar
pjmattal committed
588
	$users = getUsers();
589
	$dbh = db_connect();
eric's avatar
eric committed
590

591

592
593
	# determine paging variables
	#
eric's avatar
eric committed
594
	$_REQUEST["PP"] ? $PP = intval($_REQUEST["PP"]) : $PP = 25;
eric's avatar
eric committed
595
596
	if ($PP < 25) {$PP = 25;}
	if ($PP > 100) {$PP = 100;}
eric's avatar
eric committed
597
598
	$_REQUEST["O"] ? $O = intval($_REQUEST["O"]) : $O = 0;
	if ($_REQUEST["do_More"]) {
599
		$O += $PP;
eric's avatar
eric committed
600
	} elseif ($_REQUEST["do_Less"]) {
601
		$O -= $PP;
eric's avatar
eric committed
602
	}
603
604
	if ($O < 0) {
		$O = 0;
eric's avatar
eric committed
605
	}
606
607
	if ($_REQUEST["do_Search"] && $_REQUEST["do_Search"] != 1) {
		# reset the offset to zero if they hit Go
eric's avatar
eric committed
608
		#
eric's avatar
eric committed
609
		$_REQUEST["do_MyPackages"] = 0;
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
		$_REQUEST["do_Orphans"] = 0;
		$O = 0;
	}
	if ($_REQUEST["do_MyPackages"] && $_REQUEST["do_MyPackages"] != 1) {
		# reset the offset to zero if they hit My Packages
		#
		$_REQUEST["do_Search"] = 0;
		$_REQUEST["do_Orphans"] = 0;
		$O = 0;
	}
	if ($_REQUEST["do_Orphans"] && $_REQUEST["do_Orphans"] != 1) {
		# reset the offset to zero if they hit Orphans
		#
		$_REQUEST["do_Search"] = 0;
		$_REQUEST["do_MyPackages"] = 0;
eric's avatar
eric committed
625
626
		$O = 0;
	}
627
	$_REQUEST["O"] = $O; # so that pkg_search_results() works
eric's avatar
eric committed
628

629

630
631
632
633
634
	# grab info for user if they're logged in
	#
	if ($SID) {
		$myuid = uid_from_sid($SID);
		$acct = account_from_sid($SID);
635
		$my_votes = pkgvotes_from_sid($SID);
636
		$my_notify = pkgnotify_from_sid($SID);
637
638
639
640
	}

	# The search form
	#
eric's avatar
eric committed
641
	print "<form action='/packages.php' method='post'>\n";
642
	print "<input type='hidden' name='O' value='".$O."'>\n";
643

eric's avatar
eric committed
644
645
646
647
	print "<center>\n";
	print "<table cellspacing='3' class='boxSoft'>\n";
	print "<tr>\n";
	print "  <td class='boxSoftTitle' align='right'>\n";
648
	print "    <span class='f3'>".__("Search Criteria")."</span>\n";
eric's avatar
eric committed
649
650
651
652
653
654
655
656
657
	print "  </td>\n";
	print "</tr>\n";
	print "<tr>\n";
	print "  <td class='boxSoft'>\n";
	print "<table style='width: 100%' align='center'>\n";

	print "<tr>\n";
	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Location");
658
	print "</span></span><br />\n";
eric's avatar
eric committed
659
660
661
	print "  <select name='L'>\n";
	print "  <option value=0> ".__("Any")."\n";
	while (list($id, $loc) = each($locs)) {
eric's avatar
eric committed
662
		if (intval($_REQUEST["L"]) == $id) {
eric's avatar
eric committed
663
664
665
666
667
668
669
670
671
672
			print "  <option value=".$id." selected> ".$loc."\n";
		} else {
			print "  <option value=".$id."> ".$loc."\n";
		}
	}
	print "  </select>\n";
	print "</td>\n";

	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Category");
673
	print "</span></span><br />\n";
eric's avatar
eric committed
674
675
676
	print "  <select name='C'>\n";
	print "  <option value=0> ".__("Any")."\n";
	while (list($id, $cat) = each($cats)) {
eric's avatar
eric committed
677
		if (intval($_REQUEST["C"]) == $id) {
eric's avatar
eric committed
678
679
680
681
682
683
684
685
686
687
			print "  <option value=".$id." selected> ".$cat."\n";
		} else {
			print "  <option value=".$id."> ".$cat."\n";
		}
	}
	print "  </select>\n";
	print "</td>\n";

	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Keywords");
688
	print "</span></span><br />\n";
689
	print "  <input type='text' name='K' size='20'";
dsa's avatar
dsa committed
690
691
692
693
	
	# Added to trim() to avoid the problem described in #6191
	$K = trim(str_replace("\"", "", $_REQUEST["K"])); # TODO better testing for SQL trickery...
	
694
	print " value=\"".stripslashes($K)."\" maxlength='35'>\n";
eric's avatar
eric committed
695
	print "</td>\n";
simo's avatar
simo committed
696
697
	
	print "<td align='right'>\n";
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
    print "  <span class='f5'><span class='blue'>".__("Search by");
    print "</span></span><br />\n";
    
    print "  <select name='SeB'>\n";
    # by name/description
    print "  <option value=nd";
    $_REQUEST["SeB"] == "nd" ? print " selected> " : print "> ";
    print __("Name")."</option>\n";    
    # by maintainer
    print "  <option value=m";
    $_REQUEST["SeB"] == "m" ? print " selected> " : print "> ";
    print __("Maintainer")."</option>\n";
    print "  <option value=s";
    $_REQUEST["SeB"] == "s" ? print " selected> " : print "> ";
    print __("Submitter")."</option>\n";    

    print "  </select>\n";
    print "</td>\n";
    
    /* Sort by */
simo's avatar
simo committed
718
	
719
    print "<td align='right'>\n";
eric's avatar
eric committed
720
	print "  <span class='f5'><span class='blue'>".__("Sort by");
721
	print "</span></span><br />\n";
eric's avatar
eric committed
722
	print "  <select name='SB'>\n";
723

724
	print "  <option value=n";
725
	$_REQUEST["SB"] == "n" ? print " selected> " : print "> ";
726
727
	print __("Name")."</option>\n";

eric's avatar
eric committed
728
	print "  <option value=c";
729
	$_REQUEST["SB"] == "c" ? print " selected> " : print "> ";
730
731
	print __("Category")."</option>\n";

eric's avatar
eric committed
732
	print "  <option value=l";
733
	$_REQUEST["SB"] == "l" ? print " selected> " : print "> ";
734
735
	print __("Location")."</option>\n";

736
	print "  <option value=v";
737
	$_REQUEST["SB"] == "v" ? print " selected> " : print "> ";
738
739
740
741
742
743
744
745
746
747
	print __("Votes")."</option>\n";

	print "  <option value=m";
	$_REQUEST["SB"] == "m" ? print " selected> " : print "> ";
	print __("Maintainer")."</option>\n";

	print "  <option value=a";
	$_REQUEST["SB"] == "a" ? print " selected> " : print "> ";
	print __("Age")."</option>\n";

eric's avatar
eric committed
748
749
750
	print "  </select>\n";
	print "</td>\n";

751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Sort order");
	print "</span></span><br />\n";
	print "  <select name='SO'>\n";

	print "  <option value=a";
	$_REQUEST["SO"] == "a" ? print " selected> " : print "> ";
	print __("Ascending")."</option>\n";

	print "  <option value=d";
	$_REQUEST["SO"] == "d" ? print " selected> " : print "> ";
	print __("Descending")."</option>\n";

	print "  </select>\n";
	print "</td>\n";
766
767
768

    /* End of Sort by */
    
eric's avatar
eric committed
769
770
	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Per page");
771
	print "</span></span><br />\n";
eric's avatar
eric committed
772
773
	print "  <select name='PP'>\n";
	print "  <option value=25";
774
	$PP == 25 ? print " selected> 25\n" : print "> 25\n";
eric's avatar
eric committed
775
	print "  <option value=50";
776
	$PP == 50 ? print " selected> 50\n" : print "> 50\n";
eric's avatar
eric committed
777
	print "  <option value=75";
778
	$PP == 75 ? print " selected> 75\n" : print "> 75\n";
eric's avatar
eric committed
779
	print "  <option value=100";
780
	$PP == 100 ? print " selected> 100\n" : print "> 100\n";
eric's avatar
eric committed
781
782
	print "  </select>\n";
	print "</td>\n";
783
784
785
	
	# Added to break put the buttons in a new line
	print"</tr></table><center><table><tr>";
eric's avatar
eric committed
786
787

	print "<td align='right' valign='bottom'>&nbsp;\n";
788
	print "  <input type='submit' style='width:80px' class='button' name='do_Search'";
789
	print " value='".__("Go")."'>\n";
eric's avatar
eric committed
790
791
	print "</td>\n";

792
793
794
795
	/*
	 *  Commented the My Packages button because there is no need for it
	 *  cause we already have a link.
	 * 
796
797
	if ($SID) {
		print "<td align='right' valign='bottom'>&nbsp;\n";
798
		print "  <input type='submit' class='button' name='do_MyPackages'";
799
800
	 	print "	value='".__("My Packages")."'>\n";
		print "</td>\n";
801
	}*/
802

803
	print "<td align='right' valign='bottom'>&nbsp;\n";
804
	print "  <input type='submit' style='width:80px'  class='button' name='do_Orphans'";
805
806
807
	print " value='".__("Orphans")."'>\n";
	print "</td>\n";

eric's avatar
eric committed
808
809
	print "</tr>\n";
	print "</table>\n";
810
811
812
813
814
815
816
817
818

	print "  </td>\n";
	print "</tr>\n";
	print "</table>\n";
	print "</center>\n";
	print "<br />\n";

	# query to pull out package info
	#
819
820
821
#	$q = "SELECT Packages.*, IF(ISNULL(PackageID), 0, COUNT(*)) AS Votes ";
#	$q.= "FROM Packages LEFT JOIN PackageVotes ";
#	$q.= "ON Packages.ID = PackageVotes.PackageID ";
822
	$q = "SELECT * FROM Users RIGHT JOIN Packages ";
823
824
	$q.= "ON (Users.ID = Packages.MaintainerUID) ";
	$q.= "WHERE DummyPkg != 1 ";
825
826
	$has_where = 1;

eric's avatar
eric committed
827
	if (intval($_REQUEST["L"])) {
pjmattal's avatar
pjmattal committed
828
829
830
831
832
		if (!$has_where) {
		  $q.= "WHERE LocationID = ".intval($_REQUEST["L"])." ";
		} else {
			$q .= "AND LocationID = ".intval($_REQUEST["L"])." ";
		}
833
834
		$has_where = 1;
	}
eric's avatar
eric committed
835
	if (intval($_REQUEST["C"])) {
836
		if (!$has_where) {
eric's avatar
eric committed
837
			$q.= "WHERE CategoryID = ".intval($_REQUEST["C"])." ";
838
839
			$has_where = 1;
		} else {
eric's avatar
eric committed
840
			$q.= "AND CategoryID = ".intval($_REQUEST["C"])." ";
841
842
843
		}
	}
	if ($K) {
simo's avatar
simo committed
844
845
846
		#search by maintainer
		if ($_REQUEST["SeB"] == "m"){
			if (!$has_where) {
847
				$q.= "WHERE Username = '".mysql_real_escape_string($K)."' ";
simo's avatar
simo committed
848
				$has_where = 1;
simo's avatar
simo committed
849
			} else {
850
				$q.= "AND Username = '".mysql_real_escape_string($K)."' ";
simo's avatar
simo committed
851
			}
852
        } elseif ($_REQUEST["SeB"] == "s") {
simo's avatar
simo committed
853
854
855
856
857
			if (!$has_where) {
				$q.= "WHERE SubmitterUID = ".uid_from_username($K)." ";
				$has_where = 1;
			} else {
				$q.= "AND SubmitterUID = ".uid_from_username($K)." ";
simo's avatar
simo committed
858
859
			}
		# the default behaivior, query the name/description
simo's avatar
simo committed
860
		} else {
simo's avatar
simo committed
861
			if (!$has_where) {
862
863
				$q.= "WHERE (Name LIKE '%".mysql_real_escape_string($K)."%' OR ";
				$q.= "Description LIKE '%".mysql_real_escape_string($K)."%') ";
simo's avatar
simo committed
864
865
				$has_where = 1;
			} else {
866
867
				$q.= "AND (Name LIKE '%".mysql_real_escape_string($K)."%' OR ";
				$q.= "Description LIKE '%".mysql_real_escape_string($K)."%') ";
simo's avatar
simo committed
868
			}
869
870
		}
	}
871
872
    
    if ($_REQUEST["do_MyPackages"] && $SID) {
eric's avatar
eric committed
873
874
875
		# list packages that the user is a AUR Maintainer of, or if it the
		# vistior is a registered user, if they are the Maintainer.
		#
876
877
		if ($myuid) {
			if (!$has_where) {
eric's avatar
eric committed
878
				$q.= "WHERE (AURMaintainerUID = ".$myuid." OR ";
879
880
				$has_where = 1;
			} else {
eric's avatar
eric committed
881
				$q.= "AND (AURMaintainerUID = ".$myuid." OR ";
882
			}
883
884
			//$q.= "MaintainerUID = ".$myuid." OR SubmitterUID = ".$myuid.") ";
			$q.= "MaintainerUID = ".$myuid.") ";
885
886
		}
	}
887
888
889
890
891
892
893
894
895
896
897
898
	if ($_REQUEST["do_Orphans"]) {
		# List packages that have neither a Maintainer nor AURMaintainer
		#
			if (!$has_where) {
				$q.= "WHERE (AURMaintainerUID = 0 AND ";
				$q.= "MaintainerUID = 0) ";
				$has_where = 1;
			} else {
				$q.= "AND (AURMaintainerUID = 0 AND ";
				$q.= "MaintainerUID = 0) ";
			}
	}
899
900
901
902
	
    $order = $_REQUEST["SO"] == 'd' ? 'DESC' : 'ASC';
	
    switch ($_REQUEST["SB"]) {
903
		case 'c':
904
			$q.= "ORDER BY CategoryID ".$order.", Name ASC, LocationID ASC ";
905
906
			break;
		case 'l':
907
			$q.= "ORDER BY LocationID ".$order.", Name ASC, CategoryID DESC ";
908
			break;
909
		case 'v':
910
			$q.= "ORDER BY NumVotes ".$order.", Name ASC, CategoryID DESC ";
911
			break;
912
		case 'm':
913
			$q.= "ORDER BY Username ".$order.", Name ASC, LocationID ASC ";
914
915
			break;
		case 'a':
916
			$q.= "ORDER BY GREATEST(SubmittedTS,ModifiedTS) ".$order.", Name ASC, LocationID ASC ";
917
			break;
918
		default:
919
			$q.= "ORDER BY Name ".$order.", LocationID ASC, CategoryID DESC ";
920
921
			break;
	}
922
		
923
	$qnext = $q."LIMIT ".($O+$PP).", ".$PP; //next page's worth
924
	$q.= "LIMIT ".$O.", ".$PP;
925

926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
	if ($SID) {
		# The 'Actions' table
		#
		print "<center>\n";
		print "<table cellspacing='3' class='boxSoft'>\n";
		print "<tr>\n";
		print "  <td class='boxSoftTitle' align='right'>\n";
		print "    <span class='f3'>".__("Actions")."</span>\n";
		print "  </td>\n";
		print "</tr>\n";
		print "<tr>\n";
		print "  <td class='boxSoft'>\n";
		print "<table style='width: 100%' align='center'>\n";
		print "<tr>\n";
		print "  <td align='center'>";
		print "<input type='submit' class='button' name='do_Flag'";
		print "	value='".__("Flag Out-of-date")."'></td>\n";
		print "  <td align='center'>";
		print "<input type='submit' class='button' name='do_UnFlag'";
		print "	value='".__("Unflag Out-of-date")."'></td>\n";
		print "  <td align='center'>";
		print "<input type='submit' class='button' name='do_Adopt'";
		print "	value='".__("Adopt Packages")."'></td>\n";
		print "  <td align='center'>";
		print "<input type='submit' class='button' name='do_Disown'";
		print "	value='".__("Disown Packages")."'></td>\n";
		print "  <td align='center'>";
		print "<input type='submit' class='button' name='do_Delete'";
		print "	value='".__("Delete Packages")."'></td>\n";
		print "  <td align='center'>";
		print "<input type='submit' class='button' name='do_Notify'";
		print "	value='".__("Toggle Notify")."'></td>\n";
		print "  <td align='center'>";
		print "</tr>\n";
		print "</table>\n";
		print "  </td>\n";
		print "</tr>\n";
		print "</table>\n";
		print "</center>\n";
		print "<br />\n";
	}

	// Why?
	// print "<!-- Query: ".$q." -->\n";
	
971
	$result = db_query($q, $dbh);
972
973
974
975
976
977
978
979
980
981
982
983
	
	print "<center>\n";
	print "<table cellspacing='3' class='boxSoft'>\n";
	print "<tr>\n";
	print "  <td class='boxSoftTitle' align='right'>\n";
	print "    <span class='f3'>".__("Package Listing")."</span>\n";
	print "  </td>\n";
	print "</tr>\n";
	print "<tr>\n";
	print "  <td class='boxSoft'>\n";
	print "<table width='100%' cellspacing='0' cellpadding='2'>\n";

984
	if (!$result) {
985
		print "<div class='pgboxbody'>";
986
		print __("Error retrieving package list.");
987
		print "</div>";
eric's avatar
eric committed
988
	} elseif (!mysql_num_rows($result)) {
989
		print "<div class='pgboxbody'>";
eric's avatar
eric committed
990
		print __("No packages matched your search criteria.");
991
		print "</div>";
eric's avatar
eric committed
992
	} else {
993
994
		# print out package search results
		#
simo's avatar
simo committed
995
996
997
998
999
1000

		# SO_next used to change sort order on header click
		if ($_REQUEST["SO"] == "d"){
			$SO_next="a";
		} else {
			$SO_next="d";
For faster browsing, not all history is shown. View entire blame