1. 30 Apr, 2017 1 commit
  2. 27 Apr, 2017 1 commit
  3. 24 Feb, 2017 1 commit
    • Lukas Fleischer's avatar
      Use bcrypt to hash passwords · 29a48708
      Lukas Fleischer authored
      
      
      Replace the default hash function used for storing passwords by
      password_hash() which internally uses bcrypt. Legacy MD5 hashes are
      still supported and are immediately converted to the new format when a
      user logs in.
      
      Since big parts of the authentication system needed to be rewritten in
      this context, this patch also includes some simplification and
      refactoring of all code related to password checking and resetting.
      
      Fixes FS#52297.
      
      Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
      29a48708
  4. 20 Jan, 2017 1 commit
  5. 10 Nov, 2016 1 commit
  6. 11 Sep, 2015 1 commit
  7. 31 Aug, 2015 1 commit
  8. 08 Aug, 2015 1 commit
  9. 12 Jul, 2015 1 commit
  10. 27 Jun, 2015 2 commits
  11. 20 Jun, 2015 1 commit
  12. 14 Jun, 2015 2 commits
  13. 24 Oct, 2014 1 commit
  14. 08 Aug, 2014 1 commit
  15. 15 Jul, 2014 1 commit
  16. 01 Jul, 2014 1 commit
  17. 05 Jun, 2014 1 commit
  18. 29 May, 2014 1 commit
  19. 03 May, 2014 1 commit
    • Lukas Fleischer's avatar
      Fix parsing of array overrides · 782e9eb1
      Lukas Fleischer authored
      
      
      If a depends (makedepends, checkdepends, optdepends, conflicts,
      provides, replaces, license, groups, source) line appears in a package
      section, it replaces the corresponding array from the pkgbase section.
      If there is a single "depends = " line in the package section, the
      depends array of that package is considered empty.
      
      This partly reverts the behavior introduced in commit 137a9ae (Fix
      parsing of array overrides, 2014-05-03).
      
      Signed-off-by: default avatarLukas Fleischer <archlinux@cryptocrack.de>
      782e9eb1
  20. 19 Apr, 2014 1 commit
  21. 05 Apr, 2014 2 commits
    • Lukas Fleischer's avatar
      Do not allow for overwriting arbitrary packages · 8921e4de
      Lukas Fleischer authored
      
      
      A package should only be overwritten if it already belongs to the
      package base that is trying to overwrite it.
      
      Signed-off-by: default avatarLukas Fleischer <archlinux@cryptocrack.de>
      8921e4de
    • Lukas Fleischer's avatar
      Add provisional support for package bases · b7941073
      Lukas Fleischer authored
      
      
      This adds a PackageBases table to the database schema and moves the
      following fields from the Packages table to PackageBases:
      
      * CategoryID
      * NumVotes
      * OutOfDateTS
      * SubmittedTS
      * ModifiedTS
      * SubmitterUID
      * MaintainerUID
      
      It also fixes all database accesses to comply with the new layout.
      
      Having a separate PackageBases table is the first step to split package
      support. By now, we create one PackageBases entry per package (where the
      package base has the same name as the corresponding package). When
      adding full support for split packages later, the package base name will
      be derived from the pkgbase variable and a single package base will be
      shared amongst all packages built from one source package.
      
      Signed-off-by: default avatarLukas Fleischer <archlinux@cryptocrack.de>
      b7941073
  22. 10 Feb, 2013 4 commits
  23. 30 Jan, 2013 1 commit
  24. 19 Jan, 2013 2 commits
  25. 21 Oct, 2012 1 commit
  26. 24 Sep, 2012 1 commit
  27. 20 Sep, 2012 1 commit
  28. 17 Sep, 2012 1 commit
    • canyonknight's avatar
      Migrate all DB code to use PDO · e171f6f3
      canyonknight authored
      
      
      All DB code currently uses the quickly aging mysql_* functions. These
      functions are strongly discouraged and may eventually be deprecated.
      
      Transition all code to utilize the PDO data access abstraction layer. PDO
      allows for consistent query code across multiple databases. This could
      potentially allow for someone to use a database other than MySQL with
      minimal code changes.
      
      All functions and behaviors are reproduced as faithfully as possible with
      PDO equivalents and some changes in code.
      
      Signed-off-by: default avatarcanyonknight <canyonknight@gmail.com>
      Signed-off-by: default avatarLukas Fleischer <archlinux@cryptocrack.de>
      e171f6f3
  29. 17 Jul, 2012 1 commit
  30. 14 Jul, 2012 1 commit
  31. 06 Jul, 2012 3 commits