pkgfuncs.inc 40.8 KB
Newer Older
eric's avatar
eric committed
1
<?
2
include_once("pkgfuncs_po.inc");
3
include_once("config.inc");
eric's avatar
eric committed
4

5
6
# define variables used during pkgsearch
#
simo's avatar
simo committed
7
$pkgsearch_vars = array("O", "L", "C", "K", "SB", "SO", "PP", "do_MyPackages", "do_Orphans", "SeB");
8
9


10
11
12
13
14
15
16
17
18
19
20
# print out the 'return to package details' link
#
function pkgdetails_link($id=0) {
	$url_data = "<a href='/packages.php?do_Details=1&ID=".intval($id)."'>";
	print __("Go back to %hpackage details view%h.",
		array($url_data, "</a>"));
	print "\n<br />\n";
	return;
}


eric's avatar
eric committed
21
22
23
# print out the 'return to search results' link
#
function pkgsearch_results_link() {
24
	global $_REQUEST;
eric's avatar
eric committed
25
26
	global $pkgsearch_vars;

eric's avatar
eric committed
27
	$url_data = "<a href='/packages.php?do_Search=1";
eric's avatar
eric committed
28
	while (list($k, $var) = each($pkgsearch_vars)) {
29
		if (($var == "do_MyPackages" || $var == "do_Orphans") && $_REQUEST[$var]) {
eric's avatar
eric committed
30
31
32
33
34
35
36
37
			$url_data.="&".$var."=1";
		} else {
			$url_data.="&".$var."=".rawurlencode(stripslashes($_REQUEST[$var]));
		}
	}
	$url_data .= "'>";
	print __("Go back to %hsearch results%h.",
		array($url_data, "</a>"));
38
	print "\n<br />\n";
eric's avatar
eric committed
39
40
41
42

	return;
}

43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# Make sure this visitor can delete the requested package comment
# They can delete if they were the comment submitter, or if they are a TU/Dev
#
function canDeleteComment($comment_id=0, $atype="", $SID="") {
	if ($atype == "Trusted User" || $atype == "Developer") {
		# A TU/Dev can delete any comment
		#
		return TRUE;
	}
	$uid = uid_from_sid($SID);
	$dbh = db_connect();
	$q = "SELECT COUNT(ID) AS CNT ";
	$q.= "FROM PackageComments ";
	$q.= "WHERE ID = " . intval($comment_id);
	$q.= " AND UsersID = " . $uid;
	$result = db_query($q, $dbh);
	if ($result != NULL) {
		$row = mysql_fetch_assoc($result);
		if ($row['CNT'] > 0) {
			return TRUE;
		}
	}
	return FALSE;
}
eric's avatar
eric committed
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

# see if this Users.ID can manage the package
#
function canManagePackage($uid=0,$AURMUID=0, $MUID=0, $SUID=0, $managed=0) {
	if (!$uid) {return 0;}

	# The uid of the TU/Dev that manages the package
	#
	if ($uid == $AURMUID) {return 1;}

	# If the package isn't maintained by a TU/Dev, is this the user-maintainer?
	#
	if ($uid == $MUID && !$managed) {return 1;}

	# If the package isn't maintained by a TU/Dev, is this the user-submitter?
	#
	if ($uid == $SUID && !$managed) {return 1;}

	# otherwise, no right to manage this package
	#
	return 0;
}

eric's avatar
eric committed
90
91
92
93
94
# grab the current list of PackageCategories
#
function pkgCategories() {
	$cats = array();
	$dbh = db_connect();
95
	$q = "SELECT * FROM PackageCategories WHERE ID != 1 ";
eric's avatar
eric committed
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
	$q.= "ORDER BY Category ASC";
	$result = db_query($q, $dbh);
	if ($result) {
		while ($row = mysql_fetch_row($result)) {
			$cats[$row[0]] = $row[1];
		}
	}
	return $cats;
}

# grab the current list of PackageLocations
#
function pkgLocations() {
	$locs = array();
	$dbh = db_connect();
111
	$q = "SELECT * FROM PackageLocations WHERE ID != 1 ";
eric's avatar
eric committed
112
113
114
115
116
117
118
119
120
121
	$q.= "ORDER BY Location ASC";
	$result = db_query($q, $dbh);
	if ($result) {
		while ($row = mysql_fetch_row($result)) {
			$locs[$row[0]] = $row[1];
		}
	}
	return $locs;
}

122
123
124
125
126
127
# check to see if the package name exists
#
function package_exists($name="") {
	if (!$name) {return NULL;}
	$dbh = db_connect();
	$q = "SELECT ID FROM Packages ";
128
	$q.= "WHERE Name = '".mysql_real_escape_string($name)."' ";
129
130
131
132
133
134
135
	$q.= "AND DummyPkg = 0";
	$result = db_query($q, $dbh);
	if (!$result) {return NULL;}
	$row = mysql_fetch_row($result);
	return $row[0];
}

136
137
138
139
140
141
# grab package dependencies
#
function package_dependencies($pkgid=0) {
	$deps = array();
	if ($pkgid) {
		$dbh = db_connect();
142
		$q = "SELECT DepPkgID, Name, DummyPkg, DepCondition FROM PackageDepends, Packages ";
143
		$q.= "WHERE PackageDepends.DepPkgID = Packages.ID ";
144
		$q.= "AND PackageDepends.PackageID = ".mysql_real_escape_string($pkgid);
145
146
147
148
149
150
151
152
153
154
		$q.= " ORDER BY Name";
		$result = db_query($q, $dbh);
		if (!$result) {return array();}
		while ($row = mysql_fetch_row($result)) {
			$deps[] = $row;
		}
	}
	return $deps;
}

155
156
157
158
159
160
# create a dummy package and return it's Packages.ID  if it already exists,
# return the existing ID
#
function create_dummy($pname="", $sid="") {
	if ($pname && $sid) {
		$uid = uid_from_sid($sid);
jchu's avatar
jchu committed
161
		if (!$uid) {return NULL;}
162
163
		$dbh = db_connect();
		$q = "SELECT ID FROM Packages WHERE Name = '";
164
		$q.= mysql_real_escape_string($pname)."'";
165
		$result = db_query($q, $dbh);
jchu's avatar
jchu committed
166
		if (!mysql_num_rows($result)) {
167
168
			# Insert the dummy
			#
169
			$q = "INSERT INTO Packages (Name, Description, URL, SubmittedTS, ";
170
			$q.= "SubmitterUID, DummyPkg) VALUES ('";
171
			$q.= mysql_real_escape_string($pname)."', 'A dummy package', '/#', ";
172
			$q.= "UNIX_TIMESTAMP(), ".$uid.", 1)";
173
174
175
176
			$result = db_query($q, $dbh);
			if (!$result) {
				return NULL;
			}
jchu's avatar
jchu committed
177
			return mysql_insert_id($dbh);
178
179
		} else {
			$data = mysql_fetch_row($result);
jchu's avatar
jchu committed
180
			return $data[0];
181
182
183
184
185
186
		}
	}
	return NULL;

}

eric's avatar
eric committed
187
188
189
190
191
192
# grab package comments
#
function package_comments($pkgid=0) {
	$comments = array();
	if ($pkgid) {
		$dbh = db_connect();
193
		$q = "SELECT PackageComments.ID, UserName, UsersID, Comments, CommentTS ";
eric's avatar
eric committed
194
195
		$q.= "FROM PackageComments, Users ";
		$q.= "WHERE PackageComments.UsersID = Users.ID";
196
		$q.= " AND PackageID = ".mysql_real_escape_string($pkgid);
eric's avatar
eric committed
197
		$q.= " AND DelUsersID = 0"; # only display non-deleted comments
198
		$q.= " ORDER BY CommentTS DESC";
eric's avatar
eric committed
199
200
201
202
203
204
205
206
207
		$result = db_query($q, $dbh);
		if (!$result) {return array();}
		while ($row = mysql_fetch_assoc($result)) {
			$comments[] = $row;
		}
	}
	return $comments;
}

208
209
210
211
212
213
214
# grab package sources
#
function package_sources($pkgid=0) {
	$sources = array();
	if ($pkgid) {
		$dbh = db_connect();
		$q = "SELECT Source FROM PackageSources ";
215
		$q.= "WHERE PackageID = ".mysql_real_escape_string($pkgid);
216
217
218
219
220
221
222
223
224
225
		$q.= " ORDER BY Source";
		$result = db_query($q, $dbh);
		if (!$result) {return array();}
		while ($row = mysql_fetch_row($result)) {
			$sources[] = $row[0];
		}
	}
	return $sources;
}

226
227
228
229
230
231
232
233
234
235
236

# grab array of Package.IDs that I've voted for: $pkgs[1234] = 1, ...
#
function pkgvotes_from_sid($sid="") {
	$pkgs = array();
	if (!$sid) {return $pkgs;}
	$dbh = db_connect();
	$q = "SELECT PackageID ";
	$q.= "FROM PackageVotes, Users, Sessions ";
	$q.= "WHERE Users.ID = Sessions.UsersID ";
	$q.= "AND Users.ID = PackageVotes.UsersID ";
237
	$q.= "AND Sessions.SessionID = '".mysql_real_escape_string($sid)."'";
238
239
240
241
242
243
244
245
246
247
	$result = db_query($q, $dbh);
	if ($result) {
		while ($row = mysql_fetch_row($result)) {
			$pkgs[$row[0]] = 1;
		}
	}
	return $pkgs;
}


eric's avatar
eric committed
248
249
# display package details
#
250
function package_details($id=0, $SID="") {
251
	global $_REQUEST;
eric's avatar
eric committed
252
	global $pkgsearch_vars;
jchu's avatar
jchu committed
253
	$q = "SELECT Packages.*,Location,Category ";
254
255
256
	$q.= "FROM Packages,PackageLocations,PackageCategories ";
 	$q.= "WHERE Packages.LocationID = PackageLocations.ID ";
	$q.= "AND Packages.CategoryID = PackageCategories.ID ";
257
	$q.= "AND Packages.ID = ".intval($_REQUEST["ID"]);
eric's avatar
eric committed
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
	$dbh = db_connect();
	$results = db_query($q, $dbh);
	if (!$results) {
		print __("Error retrieving package details.")."<br />\n";

	} else {
		$row = mysql_fetch_assoc($results);
		if (empty($row)) {
			print __("Package details could not be found.")."<br />\n";

		} else {

			# print out package details
			#
			print "<br />\n";
			print "<center>\n";
			print "<table cellspacing='3' class='boxSoft'>\n";
			print "<tr>\n";
			print "  <td class='boxSoftTitle' align='right'>";
eric's avatar
eric committed
277
			print "<span class='f3'>".__("Package Details")."</span></td>\n";
eric's avatar
eric committed
278
279
280
281
282
283
			print "</tr>\n";
			print "<tr>\n";
			print "  <td class='boxSoft'>\n";
			print "<center>\n";
			print "<table>\n";
			print "<tr>\n";
284
			print "  <td class='boxSoft' colspan='2'><span class='f2'>";
285
			print $row["Name"] . " " . $row["Version"]."</span></td>\n";
286
287
			print "</tr>\n";
			print "<tr>\n";
288
			print "  <td class='boxSoft' colspan='2'><span class='f3'>";
289
290
291
			print "<a href='".$row["URL"]."'>".$row["URL"]."</a></span></td>\n";
			print "</tr>\n";
			print "<tr>\n";
292
			print "  <td class='boxSoft' colspan='2'><span class='f3'>".$row["Description"];
293
294
295
			print "</a></span></td>\n";
			print "</tr>\n";
			print "<tr>\n";
296
			print "  <td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='30'></td>";
297
			print "</tr>\n";
298

299
			print "<tr>\n";
300
			print "  <td class='boxSoft' colspan='2'><span class='f3'>";
301
302
303
304
			if ($row["Location"] == "unsupported" and ( 
					uid_from_sid($SID) == $row["MaintainerUID"] or
					(account_from_sid($SID) == "Developer" or
					 account_from_sid($SID) == "Trusted User"))) {
pjmattal's avatar
pjmattal committed
305
306
307
308
309
310
311
			  $edit_cat = "<a href='/pkgedit.php?change_Category=1&ID=";
			  $edit_cat .= intval($_REQUEST["ID"])."'>".$row["Category"]."</a>";
			  $edit_cat .= " &nbsp;<span class='fix'>(";
			  $edit_cat .= __("change category").")</span>";
			} else {
				$edit_cat = $row["Category"];
			}
312
			print $row["Location"]." :: ".$edit_cat."</span></td>";
pjmattal's avatar
pjmattal committed
313

314
315
			print "</tr>\n";
			print "<tr>\n";
316
			print "  <td class='boxSoft' colspan='2'><span class='f3'>".__("Maintainer").": ";
317
			if ($row["MaintainerUID"]) {
318
				$maintainer = username_from_id($row["MaintainerUID"]);
319
320
321
322
323
324
325
				if ($SID) {
					print "<a href='/account.php?Action=AccountInfo&ID=";
					print $row["MaintainerUID"] . "'>";
					print $maintainer . "</a></span></td>";
				} else {
					print $maintainer . "</span></td>";
				}
326
327
			} else {
				$maintainer = "None";
328
				print $maintainer . "</span></td>";
329
330
			}
			print "</tr>\n";
331
332
333
334
335
			
			print "<tr>\n";
			print "  <td class='boxSoft' colspan='2'><span class='f3'>".__("Votes").": ";
			print $row["NumVotes"] . "</span></td>";
			print "</tr>\n";
336
337
            
            # In case of wanting to put a custom message
338
            $msg = __("unknown");
339
340
341
            $license = $row["License"] == "" ? $msg : $row["License"];
            
            print "<tr>\n";
342
            print "  <td class='boxSoft' colspan='2'><br><span class='f3'>".__("License").": ".$license;
343
344
            print "</a></span></td>\n";
            print "</tr>\n";            
345
346
347
348
349
350

			print "<tr>\n";
			print "  <td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='15'></td>";
			print "</tr>\n";

			# Print the timestamps for last updates
simo's avatar
simo committed
351
352
			$updated_time = ($row["ModifiedTS"] == 0) ? "(unknown)" : gmdate("r", intval($row["ModifiedTS"]));
			$submitted_time = ($row["SubmittedTS"] == 0) ? "(unknown)" : gmdate("r", intval($row["SubmittedTS"]));
353
354
355
356
357
358
359
360
361
			print "<tr>\n";
			print "  <td class='boxSoft' colspan='2'>";
			print "<span class='f3'>";
			print __("Last Updated").": ".$updated_time."<br>";
			print __("First Submitted").": ".$submitted_time;
			print "</span>";
			print "</td>\n";
			print "</tr>\n";

362
			print "<tr>\n";
363
			print "  <td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='15'></td>";
jchu's avatar
jchu committed
364
365
			print "</tr>\n";
			print "<tr>\n";
366
			print "  <td class='boxSoft' colspan='2'><span class='f3'>";
pjmattal's avatar
pjmattal committed
367
			if ($row["LocationID"] == 2) {
368
369
370
				global $URL_DIR;
				$urlpath = $URL_DIR.$row["Name"]."/".$row["Name"];
				print "<a href='$urlpath.tar.gz'>".__("Tarball")."</a> :: <a href='$urlpath'>".__("Files")."</a> :: <a href='$urlpath/PKGBUILD'>PKGBUILD</a></span></td>";
pjmattal's avatar
pjmattal committed
371
372
373
			} elseif ($row["LocationID"] == 3) {
			  print "<a href='http://cvs.archlinux.org/cgi-bin/viewcvs.cgi/" . $row["Category"] . "/" . $row["Name"] . "/?cvsroot=AUR&only_with_tag=CURRENT'>CVS</td>";
			}
jchu's avatar
jchu committed
374
			print "</tr>\n";
375
376
377
378
379
380
381
382
383
			if ($row["LocationID"] == 2) {
			  print "<tr>\n";
			  print "  <td colspan='2'>";
			  if ($row["Safe"]) {
			    print "<span class='f7'>".__("The above files have been verified (by %s) and are safe to use.", array(username_from_id($row["VerifiedBy"])))."</span></td>";
			  } else {
			    print "<span class='f6'>".__("Be careful! The above files may contain malicious code that can damage your system.")."</span></td>";
			  }
			}
jchu's avatar
jchu committed
384
			print "<tr>\n";
385
			print "  <td class='boxSoft' colspan='2'><img src='/images/pad.gif' height='30'></td>";
386
387
388
389
390
			print "</tr>\n";
			print "<tr>\n";
			print "  <td valign='top' style='padding-right: 10'>";
			print "<table class='boxSoft' style='width: 200px'>";
			print "<tr><td class='boxSoftTitle'><span class='f3'>";
eric's avatar
eric committed
391
			print __("Dependencies")."</span></td></tr>\n";
392
			print "<tr><td class='boxSoft'>";
393
			$deps = package_dependencies($row["ID"]); # $deps[0] = array('id','name', 'dummy');
394
			while (list($k, $darr) = each($deps)) {
eric's avatar
eric committed
395
				$url = "<a href='/packages.php?do_Details=1&ID=".$darr[0];
eric's avatar
eric committed
396
				while(list($k, $var) = each($pkgsearch_vars)) {
397
					if (($var == "do_MyPackages" || $var == "do_Orphans") && $_REQUEST[$var]) {
398
399
400
401
						$url .= "&".$var."=1";
					} else {
						$url .= "&".$var."=".rawurlencode(stripslashes($_REQUEST[$var]));
					}
eric's avatar
eric committed
402
403
				}
				reset($pkgsearch_vars);
404
405
406
407
408
                                               
                // $darr[3] is the DepCondition                                               
                                               
				if ($darr[2] == 0) print $url."'>".$darr[1].$darr[3]."</a><br />\n";
				else print "<a href='#'>".$darr[1].$darr[3]."</a><br />\n";
409
410
411
412
413
414
415
			}
			print "</td></tr>\n";
			print "</table></td>";

			print "  <td valign='top'>";
			print "<table class='boxSoft' style='width: 200px'>";
			print "<tr><td class='boxSoftTitle'><span class='f3'>";
eric's avatar
eric committed
416
			print __("Sources")."</span></td></tr>\n";
417
418
419
			print "<tr><td class='boxSoft'>";
			$sources = package_sources($row["ID"]); # $sources[0] = 'src';
			while (list($k, $src) = each($sources)) {
420
421
422
423
424
425
426
427
428
				$parsed_url = parse_url($src);
				if ($parsed_url['scheme'])
				{
					//It is an external source
					print "<a href='".$src."'>".$src."</a><br />\n";
				}
				else 
				{
					//It is presumably an internal source
simo's avatar
simo committed
429
430
431
432
					if ($row["LocationID"] == 2) {
						print "<a href='".dirname($row['URLPath'])."/".$row['Name'];
						print "/".$src."'>".$src."</a><br />\n";
					} elseif ($row["LocationID"] == 3) {
simo's avatar
simo committed
433
						print "<a href='http://cvs.archlinux.org/cgi-bin/viewcvs.cgi/*checkout*/".$row["Category"]."/".$row["Name"]."/".$src."/?rev=HEAD&cvsroot=AUR&only_with_tag=CURRENT'>";
simo's avatar
simo committed
434
435
						print $src."</a><br />\n";
					}
436
				}
437
438
439
			}
			print "</td></tr>\n";
			print "</table></td>";
eric's avatar
eric committed
440
			print "</tr>\n";
simo's avatar
simo committed
441
442
443
444
445
446
447
448
449
			print "<tr>\n";
			print "  <td colspan='2'><img src='/images/pad.gif' height='2'>";
			print "</td></tr>\n";
			print "</table>\n";
			print "</center>\n";
			print "  </td>\n";
			print "</tr>\n";

			print "</table><br />\n";
eric's avatar
eric committed
450

simo's avatar
simo committed
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
			# Actions Bar
			#
			if ($SID) {
				print "<table cellspacing='3' class='boxSoft'>\n";
				print "<tr><td class='boxSoftTitle' align='right'><span class='f3'>".__("Actions")."</span></td></tr>\n";
				print "<tr>\n";
				print "<td class='boxSoft'><form action='/packages.php' method='post'>\n";
				print "<input type='hidden' name='IDs[".$row["ID"]."]' value='1'>\n";
				print "<input type='hidden' name='ID' value='".$row["ID"]."'>\n";
				# Voting Button
				#
				$q = "SELECT * FROM PackageVotes WHERE UsersID = ".uid_from_sid($SID);
				$q.= " AND PackageID = ".$row["ID"];
				if (!mysql_num_rows(db_query($q, $dbh))) {
					print "<input type='submit' class='button' name='do_Vote'";
					print " value='".__("Vote")."'>";
				} else {
					print "<input type='submit' class='button' name='do_UnVote'";
					print " value='".__("Un-Vote")."'>";
				}
				# Comment Nofify Button
				#
				$q = "SELECT * FROM CommentNotify WHERE UserID = ".uid_from_sid($SID);
				$q.= " AND PkgID = ".$row["ID"];
				if (!mysql_num_rows(db_query($q, $dbh))) {
					print "<input type='submit' class='button' name='do_Notify'";
					print " value='".__("Notify")."' title='".__("New Comment Notification")."'>";
				} else {
					print "<input type='submit' class='button' name='do_UnNotify'";
					print " value='".__("UnNotify")."' title='".__("No New Comment Notification")."'>";
				}
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
				# Flag Safe Button
				#
				if ($row["LocationID"] == 2 && (account_from_sid($SID) == "Trusted User" || account_from_sid($SID) == "Developer"))
				{
					if ($row["Safe"] == 0)
					{
						print "<input type='submit' class='button' name='do_FlagSafe'";
						print " value='".__("Flag Safe")."' title='".__("Flag Package Safe To Use")."'>";
					}
					else
					{
						print "<input type='submit' class='button' name='do_UnFlagSafe'";
						print " value='".__("Unflag Safe")."' title='".__("Unflag Package Safe To Use")."'>";
					}
				}
497
498
					if ($row["OutOfDate"] == 0)
					{
499
500
						print "<input type='submit' class='button' name='do_Flag'";
						print "	value='".__("Flag Out-of-date")."'>\n";
501
502
503
					}
					else
					{
504
505
						print "<input type='submit' class='button' name='do_UnFlag'";
						print "	value='".__("Unflag Out-of-date")."'>\n";
506
507
508
509
					}
					
					if ($row["AURMaintainerUID"] == 0 && $row["MaintainerUID"] == 0)
					{
510
511
						print "<input type='submit' class='button' name='do_Adopt'";
						print "	value='".__("Adopt Packages")."'>\n";
512
513
514
515
					}
					
					if ($row["MaintainerUID"] == uid_from_sid($SID))
					{
516
517
						print "<input type='submit' class='button' name='do_Disown'";
						print "	value='".__("Disown Packages")."'>\n";
518
					}	
519
					
520
521
522
523
					if ($row["MaintainerUID"] == uid_from_sid($SID) ||
					    account_from_sid($SID) == "Trusted User" ||
					    account_from_sid($SID) == "Developer")
					{
524
525
						print "<input type='submit' class='button' name='do_Delete'";
						print "	value='".__("Delete Packages")."'>\n";
526
					}
527
						
simo's avatar
simo committed
528
529
530
531
532
				print "</form></td></tr>\n";				
				print "</table><br />\n";
			}
			
			# Comments
eric's avatar
eric committed
533
			#
simo's avatar
simo committed
534
535
536
537
538
539
			print "<table cellspacing='3' class='boxSoft'>\n";
			print "<tr><td class='boxSoftTitle' align='right'><span class='f3'>".__("Comments")."</span></td></tr>\n";
			print "<tr>\n";
			print "<td class='boxSoft'>";	

			print "<table width='100%'>\n";
eric's avatar
eric committed
540
541
542
543
			$comments = package_comments($row["ID"]);
			if (!empty($comments)) {
				while (list($indx, $carr) = each($comments)) {
					print "<tr>\n";
544
					print "  <td class='boxSoft' colspan='2'>";
eric's avatar
eric committed
545
546
547
548
549
550
					print "<img src='/images/pad.gif' height='2'></td></tr>\n";

					print "<tr>\n";
					print "  <td valign='top' style='padding-right: 10' colspan='2'>";
					print "<table class='boxSoft' width='100%'>";
					print "<tr><td class='boxSoftTitle'><span class='f3'>";
551
552
553
554
555
					if (canDeleteComment($carr["ID"], account_from_sid($SID), $SID)) {
						$durl = "<a href='/pkgedit.php?del_Comment=1";
						$durl.= "&comment_id=".$carr["ID"]."&ID=".$row["ID"];
						$durl.= "'><img src='/images/x.png' border='0'";
						$durl.= " alt=\"".__("Delete comment")."\"></a>";
556
557

					  print $durl . "&nbsp;&nbsp;";
558
					}
559
560
561
					if ($SID) {
						print __("Comment by: %h%s%h on %h%s%h",
							array("<a href='/account.php?Action=AccountInfo&ID=".$carr["UsersID"]."'><b>",$carr["UserName"],"</b></a>",
simo's avatar
simo committed
562
							      "<i>",gmdate("Ymd [H:i:s]",$carr["CommentTS"]),"</i>"));
563
564
					} else {
						print __("Comment by: %h%s%h on %h%s%h",
eric's avatar
eric committed
565
							array("<b>",$carr["UserName"],"</b>",
simo's avatar
simo committed
566
							      "<i>",gmdate("Ymd [H:i:s]",$carr["CommentTS"]),"</i>"));
567
					}
568
					print "</span>";
eric's avatar
eric committed
569
					print "<tr><td class='boxSoft'>";
570
					print "<code>\n";
571
					print str_replace("\n", "<br>", str_replace('"',"&quot;", htmlspecialchars(strip_tags(stripslashes($carr["Comments"])))));
572
					print "</code>\n";
eric's avatar
eric committed
573
574
575
576
577
578
					print "</td></tr>\n";
					print "</table>\n";
					print "  </td>\n";
					print "</tr>\n";
				}
			}
579

eric's avatar
eric committed
580
581
582
583
584
585
586
587
588
589
590
			print "<tr>\n";
			print "  <td colspan='2'><img src='/images/pad.gif' height='2'>";
			print "</td></tr>\n";
			print "<tr>\n";
			print "  <td colspan='2'>";
			print "<form action='/pkgedit.php' method='post'>\n";
			print "<input type='hidden' name='ID' value='".$row["ID"]."'>\n";
			print "<input type='submit' class='button' name='add_Comment' value=\"";
			print __("Add Comment")."\">";
			print "</form>\n";
			print "  </td>";
eric's avatar
eric committed
591
592
593
594
			print "</tr>\n";

			print "</table>\n";

simo's avatar
simo committed
595
596
597
			
			print "</td></tr></table>\n";
			
eric's avatar
eric committed
598
599
600
601
602
603
		}
	}
	return;
}


eric's avatar
eric committed
604
605
# display the search form in a boxSoft style
#
606
607
function pkg_search_page($SID="") {
	global $_REQUEST;
eric's avatar
eric committed
608
	global $pkgsearch_vars;
609
	# SID: session id cookie
eric's avatar
eric committed
610

eric's avatar
eric committed
611
612
	$locs = pkgLocations();
	$cats = pkgCategories();
613
614
	$devs = getDevelopers();
	$tus = getTrustedUsers();
pjmattal's avatar
pjmattal committed
615
	$users = getUsers();
616
	$dbh = db_connect();
eric's avatar
eric committed
617

618

619
620
	# determine paging variables
	#
eric's avatar
eric committed
621
	$_REQUEST["PP"] ? $PP = intval($_REQUEST["PP"]) : $PP = 25;
eric's avatar
eric committed
622
623
	if ($PP < 25) {$PP = 25;}
	if ($PP > 100) {$PP = 100;}
eric's avatar
eric committed
624
625
	$_REQUEST["O"] ? $O = intval($_REQUEST["O"]) : $O = 0;
	if ($_REQUEST["do_More"]) {
626
		$O += $PP;
eric's avatar
eric committed
627
	} elseif ($_REQUEST["do_Less"]) {
628
		$O -= $PP;
eric's avatar
eric committed
629
	}
630
631
	if ($O < 0) {
		$O = 0;
eric's avatar
eric committed
632
	}
633
634
	if ($_REQUEST["do_Search"] && $_REQUEST["do_Search"] != 1) {
		# reset the offset to zero if they hit Go
eric's avatar
eric committed
635
		#
eric's avatar
eric committed
636
		$_REQUEST["do_MyPackages"] = 0;
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
		$_REQUEST["do_Orphans"] = 0;
		$O = 0;
	}
	if ($_REQUEST["do_MyPackages"] && $_REQUEST["do_MyPackages"] != 1) {
		# reset the offset to zero if they hit My Packages
		#
		$_REQUEST["do_Search"] = 0;
		$_REQUEST["do_Orphans"] = 0;
		$O = 0;
	}
	if ($_REQUEST["do_Orphans"] && $_REQUEST["do_Orphans"] != 1) {
		# reset the offset to zero if they hit Orphans
		#
		$_REQUEST["do_Search"] = 0;
		$_REQUEST["do_MyPackages"] = 0;
eric's avatar
eric committed
652
653
		$O = 0;
	}
654
	$_REQUEST["O"] = $O; # so that pkg_search_results() works
eric's avatar
eric committed
655

656

657
658
659
660
661
	# grab info for user if they're logged in
	#
	if ($SID) {
		$myuid = uid_from_sid($SID);
		$acct = account_from_sid($SID);
662
		$my_votes = pkgvotes_from_sid($SID);
663
664
665
666
	}

	# The search form
	#
eric's avatar
eric committed
667
	print "<form action='/packages.php' method='post'>\n";
668
	print "<input type='hidden' name='O' value='".$O."'>\n";
669

eric's avatar
eric committed
670
671
672
673
	print "<center>\n";
	print "<table cellspacing='3' class='boxSoft'>\n";
	print "<tr>\n";
	print "  <td class='boxSoftTitle' align='right'>\n";
674
	print "    <span class='f3'>".__("Search Criteria")."</span>\n";
eric's avatar
eric committed
675
676
677
678
679
680
681
682
683
	print "  </td>\n";
	print "</tr>\n";
	print "<tr>\n";
	print "  <td class='boxSoft'>\n";
	print "<table style='width: 100%' align='center'>\n";

	print "<tr>\n";
	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Location");
684
	print "</span></span><br />\n";
eric's avatar
eric committed
685
686
687
	print "  <select name='L'>\n";
	print "  <option value=0> ".__("Any")."\n";
	while (list($id, $loc) = each($locs)) {
eric's avatar
eric committed
688
		if (intval($_REQUEST["L"]) == $id) {
eric's avatar
eric committed
689
690
691
692
693
694
695
696
697
698
			print "  <option value=".$id." selected> ".$loc."\n";
		} else {
			print "  <option value=".$id."> ".$loc."\n";
		}
	}
	print "  </select>\n";
	print "</td>\n";

	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Category");
699
	print "</span></span><br />\n";
eric's avatar
eric committed
700
701
702
	print "  <select name='C'>\n";
	print "  <option value=0> ".__("Any")."\n";
	while (list($id, $cat) = each($cats)) {
eric's avatar
eric committed
703
		if (intval($_REQUEST["C"]) == $id) {
eric's avatar
eric committed
704
705
706
707
708
709
710
711
712
713
			print "  <option value=".$id." selected> ".$cat."\n";
		} else {
			print "  <option value=".$id."> ".$cat."\n";
		}
	}
	print "  </select>\n";
	print "</td>\n";

	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Keywords");
714
	print "</span></span><br />\n";
715
	print "  <input type='text' name='K' size='20'";
dsa's avatar
dsa committed
716
717
718
719
	
	# Added to trim() to avoid the problem described in #6191
	$K = trim(str_replace("\"", "", $_REQUEST["K"])); # TODO better testing for SQL trickery...
	
720
	print " value=\"".stripslashes($K)."\" maxlength='35'>\n";
eric's avatar
eric committed
721
	print "</td>\n";
simo's avatar
simo committed
722
723
	
	print "<td align='right'>\n";
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
    print "  <span class='f5'><span class='blue'>".__("Search by");
    print "</span></span><br />\n";
    
    print "  <select name='SeB'>\n";
    # by name/description
    print "  <option value=nd";
    $_REQUEST["SeB"] == "nd" ? print " selected> " : print "> ";
    print __("Name")."</option>\n";    
    # by maintainer
    print "  <option value=m";
    $_REQUEST["SeB"] == "m" ? print " selected> " : print "> ";
    print __("Maintainer")."</option>\n";
    print "  <option value=s";
    $_REQUEST["SeB"] == "s" ? print " selected> " : print "> ";
    print __("Submitter")."</option>\n";    

    print "  </select>\n";
    print "</td>\n";
    
    /* Status Safe-Unsafe */
    
    # Added the code below to handle the safe package flag.
    # So we can search for then for 'all' packages, 'safe'
    # packages and 'unsafe' packages.
    
    print "<td align='right'>\n";
    print "  <span class='f5'><span class='blue'>".__("Status");
    print "</span></span><br />\n";
    
    print "  <select name='PaS'>\n";
    
    # Flagged Safe
    print "  <option value=all";
    $_REQUEST["PaS"] == "all" ? print " selected> " : print "> ";
    print __("All")."</option>\n";
        
    # Flagged Safe
    print "  <option value=fs";
    $_REQUEST["PaS"] == "fs" ? print " selected> " : print "> ";
    print __("Safe")."</option>\n";
    # Unflagged Safe
    print "  <option value=us";
    $_REQUEST["PaS"] == "us" ? print " selected> " : print "> ";
    print __("Unsafe")."</option>\n";
    
    print "  </select>\n";
    print "</td>\n";
    
    /* End of Package Status */
simo's avatar
simo committed
773
	
774
    /* Sort by */
simo's avatar
simo committed
775
	
776
    print "<td align='right'>\n";
eric's avatar
eric committed
777
	print "  <span class='f5'><span class='blue'>".__("Sort by");
778
	print "</span></span><br />\n";
eric's avatar
eric committed
779
	print "  <select name='SB'>\n";
780

781
	print "  <option value=n";
782
	$_REQUEST["SB"] == "n" ? print " selected> " : print "> ";
783
784
	print __("Name")."</option>\n";

eric's avatar
eric committed
785
	print "  <option value=c";
786
	$_REQUEST["SB"] == "c" ? print " selected> " : print "> ";
787
788
	print __("Category")."</option>\n";

eric's avatar
eric committed
789
	print "  <option value=l";
790
	$_REQUEST["SB"] == "l" ? print " selected> " : print "> ";
791
792
	print __("Location")."</option>\n";

793
	print "  <option value=v";
794
	$_REQUEST["SB"] == "v" ? print " selected> " : print "> ";
795
796
797
798
799
800
801
802
803
804
	print __("Votes")."</option>\n";

	print "  <option value=m";
	$_REQUEST["SB"] == "m" ? print " selected> " : print "> ";
	print __("Maintainer")."</option>\n";

	print "  <option value=a";
	$_REQUEST["SB"] == "a" ? print " selected> " : print "> ";
	print __("Age")."</option>\n";

eric's avatar
eric committed
805
806
807
	print "  </select>\n";
	print "</td>\n";

808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Sort order");
	print "</span></span><br />\n";
	print "  <select name='SO'>\n";

	print "  <option value=a";
	$_REQUEST["SO"] == "a" ? print " selected> " : print "> ";
	print __("Ascending")."</option>\n";

	print "  <option value=d";
	$_REQUEST["SO"] == "d" ? print " selected> " : print "> ";
	print __("Descending")."</option>\n";

	print "  </select>\n";
	print "</td>\n";
823
824
825

    /* End of Sort by */
    
eric's avatar
eric committed
826
827
	print "<td align='right'>\n";
	print "  <span class='f5'><span class='blue'>".__("Per page");
828
	print "</span></span><br />\n";
eric's avatar
eric committed
829
830
	print "  <select name='PP'>\n";
	print "  <option value=25";
831
	$PP == 25 ? print " selected> 25\n" : print "> 25\n";
eric's avatar
eric committed
832
	print "  <option value=50";
833
	$PP == 50 ? print " selected> 50\n" : print "> 50\n";
eric's avatar
eric committed
834
	print "  <option value=75";
835
	$PP == 75 ? print " selected> 75\n" : print "> 75\n";
eric's avatar
eric committed
836
	print "  <option value=100";
837
	$PP == 100 ? print " selected> 100\n" : print "> 100\n";
eric's avatar
eric committed
838
839
	print "  </select>\n";
	print "</td>\n";
840
841
842
	
	# Added to break put the buttons in a new line
	print"</tr></table><center><table><tr>";
eric's avatar
eric committed
843
844

	print "<td align='right' valign='bottom'>&nbsp;\n";
845
	print "  <input type='submit' style='width:80px' class='button' name='do_Search'";
846
	print " value='".__("Go")."'>\n";
eric's avatar
eric committed
847
848
	print "</td>\n";

849
850
851
852
	/*
	 *  Commented the My Packages button because there is no need for it
	 *  cause we already have a link.
	 * 
853
854
	if ($SID) {
		print "<td align='right' valign='bottom'>&nbsp;\n";
855
		print "  <input type='submit' class='button' name='do_MyPackages'";
856
857
	 	print "	value='".__("My Packages")."'>\n";
		print "</td>\n";
858
	}*/
859

860
	print "<td align='right' valign='bottom'>&nbsp;\n";
861
	print "  <input type='submit' style='width:80px'  class='button' name='do_Orphans'";
862
863
864
	print " value='".__("Orphans")."'>\n";
	print "</td>\n";

eric's avatar
eric committed
865
866
	print "</tr>\n";
	print "</table>\n";
867
868
869
870
871
872
873
874
875

	print "  </td>\n";
	print "</tr>\n";
	print "</table>\n";
	print "</center>\n";
	print "<br />\n";

	# query to pull out package info
	#
876
877
878
#	$q = "SELECT Packages.*, IF(ISNULL(PackageID), 0, COUNT(*)) AS Votes ";
#	$q.= "FROM Packages LEFT JOIN PackageVotes ";
#	$q.= "ON Packages.ID = PackageVotes.PackageID ";
879
	$q = "SELECT * FROM Users RIGHT JOIN Packages ";
880
881
	$q.= "ON (Users.ID = Packages.MaintainerUID) ";
	$q.= "WHERE DummyPkg != 1 ";
882
883
	$has_where = 1;

eric's avatar
eric committed
884
	if (intval($_REQUEST["L"])) {
pjmattal's avatar
pjmattal committed
885
886
887
888
889
		if (!$has_where) {
		  $q.= "WHERE LocationID = ".intval($_REQUEST["L"])." ";
		} else {
			$q .= "AND LocationID = ".intval($_REQUEST["L"])." ";
		}
890
891
		$has_where = 1;
	}
eric's avatar
eric committed
892
	if (intval($_REQUEST["C"])) {
893
		if (!$has_where) {
eric's avatar
eric committed
894
			$q.= "WHERE CategoryID = ".intval($_REQUEST["C"])." ";
895
896
			$has_where = 1;
		} else {
eric's avatar
eric committed
897
			$q.= "AND CategoryID = ".intval($_REQUEST["C"])." ";
898
899
900
		}
	}
	if ($K) {
simo's avatar
simo committed
901
902
903
		#search by maintainer
		if ($_REQUEST["SeB"] == "m"){
			if (!$has_where) {
904
				$q.= "WHERE Username = '".mysql_real_escape_string($K)."' ";
simo's avatar
simo committed
905
				$has_where = 1;
simo's avatar
simo committed
906
			} else {
907
				$q.= "AND Username = '".mysql_real_escape_string($K)."' ";
simo's avatar
simo committed
908
			}
909
        } elseif ($_REQUEST["SeB"] == "s") {
simo's avatar
simo committed
910
911
912
913
914
			if (!$has_where) {
				$q.= "WHERE SubmitterUID = ".uid_from_username($K)." ";
				$has_where = 1;
			} else {
				$q.= "AND SubmitterUID = ".uid_from_username($K)." ";
simo's avatar
simo committed
915
916
			}
		# the default behaivior, query the name/description
simo's avatar
simo committed
917
		} else {
simo's avatar
simo committed
918
			if (!$has_where) {
919
920
				$q.= "WHERE (Name LIKE '%".mysql_real_escape_string($K)."%' OR ";
				$q.= "Description LIKE '%".mysql_real_escape_string($K)."%') ";
simo's avatar
simo committed
921
922
				$has_where = 1;
			} else {
923
924
				$q.= "AND (Name LIKE '%".mysql_real_escape_string($K)."%' OR ";
				$q.= "Description LIKE '%".mysql_real_escape_string($K)."%') ";
simo's avatar
simo committed
925
			}
926
927
		}
	}
928
929
    
    if ($_REQUEST["do_MyPackages"] && $SID) {
eric's avatar
eric committed
930
931
932
		# list packages that the user is a AUR Maintainer of, or if it the
		# vistior is a registered user, if they are the Maintainer.
		#
933
934
		if ($myuid) {
			if (!$has_where) {
eric's avatar
eric committed
935
				$q.= "WHERE (AURMaintainerUID = ".$myuid." OR ";
936
937
				$has_where = 1;
			} else {
eric's avatar
eric committed
938
				$q.= "AND (AURMaintainerUID = ".$myuid." OR ";
939
			}
940
941
			//$q.= "MaintainerUID = ".$myuid." OR SubmitterUID = ".$myuid.") ";
			$q.= "MaintainerUID = ".$myuid.") ";
942
943
		}
	}
944
945
946
947
948
949
950
951
952
953
954
955
	if ($_REQUEST["do_Orphans"]) {
		# List packages that have neither a Maintainer nor AURMaintainer
		#
			if (!$has_where) {
				$q.= "WHERE (AURMaintainerUID = 0 AND ";
				$q.= "MaintainerUID = 0) ";
				$has_where = 1;
			} else {
				$q.= "AND (AURMaintainerUID = 0 AND ";
				$q.= "MaintainerUID = 0) ";
			}
	}
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
    
    # Added the code below to handle the safe package flag.
    # So we can search for then for 'all' packages, 'safe'
    # packages and 'unsafe' packages.
    if ($_REQUEST["PaS"] <> "all") {
        # Flagged Safe
        if ($_REQUEST["PaS"] == "fs")
            if (!$has_where) {
                $q.= "WHERE Safe = 1 ";
                $has_where = 1;
            } else {
                $q.= "AND Safe = 1 ";
            }
            
        # Unflagged Safe        
        if ($_REQUEST["PaS"] == "us")
            if (!$has_where) {
973
                $q.= "WHERE Safe = 0 AND LocationID != 3 ";
974
975
                $has_where = 1;
            } else {
976
                $q.= "AND Safe = 0 AND LocationID != 3 ";
977
978
979
980
981
982
            }
    }
	
    $order = $_REQUEST["SO"] == 'd' ? 'DESC' : 'ASC';
	
    switch ($_REQUEST["SB"]) {
983
		case 'c':
984
			$q.= "ORDER BY CategoryID ".$order.", Name ASC, LocationID ASC ";
985
986
			break;
		case 'l':
987
			$q.= "ORDER BY LocationID ".$order.", Name ASC, CategoryID DESC ";
988
			break;
989
		case 'v':
990
			$q.= "ORDER BY NumVotes ".$order.", Name ASC, CategoryID DESC ";
991
			break;
992
		case 'm':
993
			$q.= "ORDER BY Username ".$order.", Name ASC, LocationID ASC ";
994
995
			break;
		case 'a':
996
			$q.= "ORDER BY GREATEST(SubmittedTS,ModifiedTS) ".$order.", Name ASC, LocationID ASC ";
997
			break;
998
		default:
999
			$q.= "ORDER BY Name ".$order.", LocationID ASC, CategoryID DESC ";
1000
			break;
For faster browsing, not all history is shown. View entire blame