- Mar 26, 2013
-
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Mar 25, 2013
-
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
A user might have an empty password due to two reasons: * The user just created an account and needs to set an initial password. * The password has been reset by the administrator. In both cases, the user might be confused as to why the login does not work. Add a message that helps users debug the issue in both cases. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Mar 24, 2013
-
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
Adds a new is_ipbanned() function to determine whether the user attempting to login or register for an account has their IP address listed in the "Bans" table. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
The "Bans" table creates a DB structure for the ability to ban IP addresses. It takes an IP address converted by ip2long(). The table will eventually be able to be populated directly through the web interface by Trusted Users and Developers. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Mar 21, 2013
-
-
Lukas Fleischer authored
We already display the 404 error page if someone tries to access an invalid package via virtual URLs ("/packages/nonexistent"). Add the same check to "web/html/packages.php" to make sure the same error is shown if a user requests package details of a nonexistent package ID via legacy URLs ("/packages.php?ID=-1"). Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
* Update maintainer list. * Replace contributor list by a reference to `git shortlog -s`. * Sync introduction and formatting of translators with pacman. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
Save the IP address used for the last login in the "Users" table. This makes it a bit easier to create IP ban lists for spammers without looking at web server logs. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Mar 19, 2013
-
-
Lukas Fleischer authored
Remove the password field from the account creation form and always send a password reset request via e-mail instead. This ensures that only users with valid e-mail addresses are able to login. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
If an empty password is passed during account registration, login for the new user is disabled and a reset key is sent to the new user's e-mail address so that they can set an initial password manually. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
This allows for reusing reset key submission for other things, such as sending an initial password reset code during account registration. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Connor Behan authored
Signed-off-by: Connor Behan <connor.behan@gmail.com> Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Mar 18, 2013
-
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Mar 08, 2013
-
-
Lukas Fleischer authored
This allows for adding a metadata file called ".AURINFO" to source tarballs to overwrite specific PKGBUILD fields. .AURINFO files are parsed line by line. The syntax for each line is "key = value", where key is any of the following field names: * pkgname * pkgver * pkgdesc * url * license * depend Multiple "depend" lines can be specified to add multiple dependencies. This format closely matches the .PKGINFO format that is used for binary packages in pacman/libalpm. It can be extended by field name prefixes or sections to support split packages later. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Mar 05, 2013
-
-
Lukas Fleischer authored
Move all PKGBUILD field validations to a central location. Also, change $pkgbuild[] to $new_pkgbuild[] in order to parse evaluated PKGBUILD fields instead of raw ones. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
Remove redundant filters -- single quotes are already removed in $pkgbuild_new and we do not pass the package name to a shell (additionally, the regular expression already checks for potentially evil characters). Also, move the $pkg_name extraction up to fix the split package check. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Feb 15, 2013
-
-
Lukas Fleischer authored
Drop the (very bad) PHP parser and allow for passing all necessary configuration via command line parameters. Also, add a convenience wrapper written in PHP that parses the configuration file and subsequently calls aurblup with correct command line options. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Feb 10, 2013
-
-
Lukas Fleischer authored
We used a mixture of account type IDs and account type descriptions on the account edit page. This resulted in the account type field always defaulting to "Normal user" after an invalid form had been submitted. Consistently use account type IDs to avoid this. Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
Since all database related functions will establish a connection when needed, there is no need to pre-emptively try and establish a database connection. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
Large amount of boilerplate code that checks if a database connection exists is useless now that the new connection method automatically does the same check. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
All functions now have a database connection method that will use the same database connection. This imitates the functionality of passing a database connection as an argument and makes it redundant. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
Uses the Singleton pattern to ensure all queries use the same database connection that is released upon script completion. All database connections should now be called with DB::connect() and not db_connect(). Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Jan 30, 2013
-
-
Lukas Fleischer authored
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
Lukas Fleischer authored
-
canyonknight authored
An error message is printed when the number of affected rows is 0 for an edited account. A count of 0 doesn't imply an error, only that no changes were made in the database. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
A suspended user can stay in active sessions. Introduce new function delete_user_sessions to remove all open sessions for a specific user. Allows suspensions to take effect immediately. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
The function is only determining whether a username is valid, so it makes more sense to simply return a boolean value. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
Occurs in the rare situation where a logged out user tries to POST a CSRF token. Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
- Jan 19, 2013
-
-
Lukas Fleischer authored
-
canyonknight authored
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-
canyonknight authored
Signed-off-by: canyonknight <canyonknight@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
-