Commit 57a5cbfd authored by Dan Vratil's avatar Dan Vratil Committed by Loui Chang
Browse files

Auto redirect from confirmation screens.



Finally move comment deletion and category editing into functions and
remove pkgedit.php
Signed-off-by: default avatarLoui Chang <louipc.ist@gmail.com>
-Fix indentation
-Fix variable naming conflict $id vs $cid
parent 01fc2024
...@@ -187,4 +187,8 @@ input.button { ...@@ -187,4 +187,8 @@ input.button {
font-size: 12px; font-size: 12px;
padding: 2px 8px; padding: 2px 8px;
} }
input[type=image] {
border: 0;
background: none;
}
...@@ -57,6 +57,10 @@ if ($_POST['action'] == "do_Flag" || isset($_POST['do_Flag'])) { ...@@ -57,6 +57,10 @@ if ($_POST['action'] == "do_Flag" || isset($_POST['do_Flag'])) {
$output = pkg_notify($atype, $ids); $output = pkg_notify($atype, $ids);
} elseif ($_POST['action'] == "do_UnNotify" || isset($_POST['do_UnNotify'])) { } elseif ($_POST['action'] == "do_UnNotify" || isset($_POST['do_UnNotify'])) {
$output = pkg_notify($atype, $ids, False); $output = pkg_notify($atype, $ids, False);
} elseif ($_POST['action'] == "do_DeleteComment" || isset($_POST["do_DeleteComment"])) {
$output = pkg_delete_comment($atype);
} elseif ($_POST['action'] == "do_ChangeCategory" || isset($_POST['do_ChangeCategory'])) {
$output = pkg_change_category($atype);
} }
html_header($title); html_header($title);
......
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
include_once("aur.inc"); # access AUR common functions
include_once("pkgfuncs.inc"); # use some form of this for i18n support
set_lang(); # this sets up the visitor's language
check_sid(); # see if they're still logged in
html_header(); # print out the HTML header
# Make sure this visitor is logged in
#
if (isset($_COOKIE["AURSID"])) {
$atype = account_from_sid($_COOKIE["AURSID"]);
} else {
$atype = "";
}
if (!$atype) {
print __("You must be logged in before you can edit package information.");
print "<br />\n";
html_footer(AUR_VERSION);
exit();
}
# Must know what package to operate on throughout this entire script
#
if (!$_REQUEST["ID"]) {
print __("Missing package ID.");
print "<br />\n";
html_footer(AUR_VERSION);
exit();
}
# Delete a comment for this package
#
if ($_REQUEST["del_Comment"]) {
if ($_REQUEST["comment_id"]) {
$uid = uid_from_sid($_COOKIE["AURSID"]);
if (canDeleteComment($_REQUEST["comment_id"], $atype, $uid)) {
$dbh = db_connect();
$q = "UPDATE PackageComments ";
$q.= "SET DelUsersID = ".$uid." ";
$q.= "WHERE ID = ".intval($_REQUEST["comment_id"]);
db_query($q, $dbh);
print __("Comment has been deleted.")."<br />\n";
} else {
print __("You are not allowed to delete this comment.")."<br />\n";
}
} else {
print __("Missing comment ID.")."<br />\n";
}
html_footer(AUR_VERSION);
exit();
}
# Change package category
#
if ($_REQUEST["change_Category"]) {
$cat_array = pkgCategories();
$dbh = db_connect();
if ($_REQUEST["category_id"]) {
# Try and set the requested category_id
#
if (array_key_exists($_REQUEST["category_id"], $cat_array)) {
$q = "UPDATE Packages SET CategoryID = ".intval($_REQUEST["category_id"]);
$q.= " WHERE ID = ".intval($_REQUEST["ID"]);
db_query($q, $dbh);
print __("Package category updated.")."<br />\n";
} else {
print __("Invalid category ID.")."<br />\n";
}
} else {
# Prompt visitor for new category_id
#
$q = "SELECT CategoryID FROM Packages WHERE ID = ".intval($_REQUEST["ID"]);
$result = db_query($q, $dbh);
if ($result != NULL) {
$catid = mysql_fetch_row($result);
}
print "<form action='pkgedit.php' method='post'>\n";
print "<input type='hidden' name='change_Category' value='1'>\n";
print "<input type='hidden' name='ID' value=\"".$_REQUEST["ID"]."\">\n";
print __("Select new category").":&nbsp;\n";
print "<select name='category_id'>\n";
while (list($id,$cat) = each($cat_array)) {
print "<option value='".$id."'";
if ($id == $catid[0]) {
print " selected";
}
print "> ".$cat."</option>\n";
}
print "</select>\n";
print "<br />&nbsp;<br />\n";
print "<input type='submit' value=\"".__("Submit")."\">\n";
print "<input type='reset' value=\"".__("Reset")."\">\n";
print "</form>\n";
}
html_footer(AUR_VERSION);
exit();
}
print __("You've found a bug if you see this....")."<br />\n";
html_footer(AUR_VERSION);
...@@ -984,3 +984,89 @@ function pkg_notify ($atype, $ids, $action = True) { ...@@ -984,3 +984,89 @@ function pkg_notify ($atype, $ids, $action = True) {
return $output; return $output;
} }
/**
* Delete comment
*
* @param string $atype Account type, output of account_from_sid
* @return string Translated error or success message
*/
function pkg_delete_comment($atype) {
if (!$atype) {
return __("You must be logged before you can edit package information.");
}
# Get ID of comment to be removed
if (isset($_POST["comment_id"])) {
$comment_id = $_POST["comment_id"];
} else {
return __("Missing comment ID.");
}
$uid = uid_from_sid($_COOKIE["AURSID"]);
if (canDeleteComment($comment_id, $atype, $uid)) {
$dbh = db_connect();
$q = "UPDATE PackageComments ";
$q.= "SET DelUsersID = ".$uid." ";
$q.= "WHERE ID = ".intval($comment_id);
db_query($q, $dbh);
return __("Comment has been deleted.");
} else {
return __("You are not allowed to delete this comment.");
}
}
/**
* Change package category
*
* @param string $atype Account type, output of account_from_sid
* @return string Translated error or success message
*/
function pkg_change_category($atype) {
if (!$atype) {
return __("You must be logged before you can edit package information.");
}
# Get ID of the new category
if (isset($_POST["category_id"])) {
$category_id = $_POST["category_id"];
} else {
return __("Missing category ID.");
}
$catArray = pkgCategories();
if (!array_key_exists($category_id, $catArray)) {
return __("Invalid category ID.");
}
if (isset($_GET["ID"])) {
$pid = $_GET["ID"];
} else {
return __("Missing package ID.");
}
# Verify package ownership and location
$dbh = db_connect();
$q = "SELECT Packages.MaintainerUID,";
$q.= "PackageLocations.Location ";
$q.= "FROM Packages ";
$q.= "LEFT JOIN PackageLocations ON Packages.LocationID = PackageLocations.ID ";
$q.= "WHERE Packages.ID = ".$pid;
$result = db_query($q, $dbh);
echo mysql_error();
$pkg = mysql_fetch_assoc($result);
$uid = uid_from_sid($_COOKIE["AURSID"]);
if ($pkg["Location"] == "unsupported" and ($uid == $pkg["MaintainerUID"] or
($atype == "Developer" or $atype == "Trusted User"))) {
$q = "UPDATE Packages ";
$q.= "SET CategoryID = ".intval($category_id)." ";
$q.= "WHERE ID = ".intval($pid);
db_query($q, $dbh);
return __("Package category changed.");
} else {
return __("You are not allowed to change this package category.");
}
}
...@@ -3,20 +3,25 @@ ...@@ -3,20 +3,25 @@
$uid = uid_from_sid($SID); $uid = uid_from_sid($SID);
while (list($indx, $carr) = each($comments)) { ?> while (list($indx, $carr) = each($comments)) { ?>
<div class="comment-header"><?php <div class="comment-header"><?php
if (canDeleteCommentArray($carr, $atype, $uid)) {
$durl = '<a href="pkgedit.php?del_Comment=1';
$durl.= '&comment_id=' . $carr['ID'] . '&ID=' . $row['ID'];
$durl.= '"><img src="images/x.png" border="0"';
$durl.= ' alt="' . __("Delete comment") . '"></a> ';
echo $durl;
}
if ($SID) { if ($SID) {
$carr['UserName'] = "<a href=\"account.php?Action=AccountInfo&amp;ID={$carr['UsersID']}\">{$carr['UserName']}</a>"; $carr['UserName'] = "<a href=\"account.php?Action=AccountInfo&amp;ID={$carr['UsersID']}\">{$carr['UserName']}</a>";
} }
echo __('Comment by: %s on %s', $carr['UserName'], gmdate('r', $carr['CommentTS'])); $commentHeader =__('Comment by: %s on %s', $carr['UserName'], gmdate('r', $carr['CommentTS']));
if (canDeleteCommentArray($carr, $atype, $uid)) {
$durl = '<form method="POST" action="packages.php?ID='.$row['ID'].'">';
$durl.= '<input type="hidden" name="action" value="do_DeleteComment">';
$durl.= '<input type="hidden" name="comment_id" value="'.$carr['ID'].'">';
$durl.= '<input type="image" src="images/x.png" border="0" ';
$durl.= ' alt="'.__("Delete comment").'" name="submit" value="1" ';
$durl.= ' width="19" height="18">&nbsp;';
$commentHeader = $durl.$commentHeader."</form>";
}
echo $commentHeader;
?></div> ?></div>
<blockquote class="comment-body"> <blockquote class="comment-body">
<div> <div>
......
...@@ -4,13 +4,24 @@ $pkgid = intval($_REQUEST['ID']); ...@@ -4,13 +4,24 @@ $pkgid = intval($_REQUEST['ID']);
if ($row["Location"] == "unsupported" and ($uid == $row["MaintainerUID"] or if ($row["Location"] == "unsupported" and ($uid == $row["MaintainerUID"] or
($atype == "Developer" or $atype == "Trusted User"))) { ($atype == "Developer" or $atype == "Trusted User"))) {
$edit_cat = "<a href='pkgedit.php?change_Category=1&amp;ID="; $catarr = pkgCategories();
$edit_cat .= $pkgid ."'>".$row["Category"]."</a>"; $edit_cat = "<form method='POST' action='packages.php?ID=".$pkgid."'>\n";
$edit_cat .= " &nbsp;<span class='fix'>("; $edit_cat.= "<input type='hidden' name='action' value='do_ChangeCategory'>";
$edit_cat .= __("change category").")</span>"; $edit_cat.= $row['Location']." :: ";
$edit_cat.= "<select name='category_id'>\n";
foreach ($catarr as $cid => $catname) {
$edit_cat.= "<option value='$cid'";
if ($cid == $row["CategoryID"]) {
$edit_cat.="selected";
}
$edit_cat.=">".$catname."</option>";
}
$edit_cat.= "</select>&nbsp;<input type='submit' value='Change category'>";
$edit_cat.= "</form>";
} }
else { else {
$edit_cat = $row['Category']; $edit_cat = $row['Location']." :: ".$row['Category'];
} }
if ($row["MaintainerUID"]) { if ($row["MaintainerUID"]) {
...@@ -49,7 +60,7 @@ $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("r", intval($row[ ...@@ -49,7 +60,7 @@ $out_of_date_time = ($row["OutOfDateTS"] == 0) ? $msg : gmdate("r", intval($row[
</p> </p>
<p> <p>
<span class='f3'><?php echo $row['Location'] . ' :: ' . $edit_cat ?></span><br /> <span class='f3'><?php echo $edit_cat ?></span><br />
<span class='f3'><?php echo __('Maintainer') .': ' . $maintainer ?></span><br /> <span class='f3'><?php echo __('Maintainer') .': ' . $maintainer ?></span><br />
<span class='f3'><?php echo $votes ?></span> <span class='f3'><?php echo $votes ?></span>
</p> </p>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment