<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
include_once 'aur.inc.php';
include_once 'pkgbasefuncs.inc.php';
$SID = $_COOKIE['AURSID'];
$pkgbase_name = htmlspecialchars($_GET['N']);
$votes = pkgbase_votes_from_name($pkgbase_name);
html_header(__("Voters"));
if (has_credential(CRED_PKGBASE_LIST_VOTERS)) {
?>
<div class="box">
<h2>Votes for <a href="<?php
echo get_pkgbase_uri($pkgbase_name);
?>
"><?php
echo $pkgbase_name;
?>
</a></h2>
<div class="boxbody">
<ul>
<?php
while (list($indx, $row) = each($votes)) {
?>
<li>
<a href="<?php
echo get_user_uri($row['Username']);
?>
"><?php
echo htmlspecialchars($row['Username']);
<option value="2" selected="selected"><?php
echo __("Trusted user");
?>
</option>
<?php
} else {
?>
<option value="2"><?php
echo __("Trusted user");
?>
</option>
<?php
}
?>
<?php
if (has_credential(CRED_ACCOUNT_EDIT_DEV)) {
?>
<option value="3"
<?php
$T == 3 ? print " selected=\"selected\">" : (print ">");
print __("Developer") . "\n";
?>
</option>
<option value="4"
<?php
$T == 4 ? print " selected=\"selected\">" : (print ">");
print __("Trusted User & Developer") . "\n";
?>
</option>
<?php
}
<?php
if (isset($row['BaseID'])) {
/* On a package details page. */
$base_id = $row['BaseID'];
} else {
/* On a package base details page. */
$base_id = $row['ID'];
}
$include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
$count = pkgbase_comments_count($base_id, $include_deleted);
?>
<div id="news">
<h3>
<a href="<?php
echo htmlentities(get_pkgbase_uri($pkgbase_name), ENT_QUOTES) . '?' . mkurl('comments=all');
?>
" title="<?php
echo __('View all comments', $count);
?>
(<?php
echo $count;
?>
)"><?php
echo __('Latest Comments');
?>
</a>
<span class="arrow"></span>
</h3>
<?php
if (is_numeric($_GET['id'])) {
$row = vote_details($_GET['id']);
if (empty($row)) {
print __("Could not retrieve proposal details.");
} else {
$isrunning = $row['End'] > time() ? 1 : 0;
# List voters of a proposal.
$whovoted = voter_list($row['ID']);
$canvote = 1;
$hasvoted = 0;
$errorvote = "";
if ($isrunning == 0) {
$canvote = 0;
$errorvote = __("Voting is closed for this proposal.");
} else {
if (!has_credential(CRED_TU_VOTE)) {
$canvote = 0;
$errorvote = __("Only Trusted Users are allowed to vote.");
} else {
if ($row['User'] == username_from_sid($_COOKIE["AURSID"])) {
$canvote = 0;
$errorvote = __("You cannot vote in an proposal about you.");
}
}
}
if (tu_voted($row['ID'], uid_from_sid($_COOKIE["AURSID"]))) {
$canvote = 0;
$hasvoted = 1;
if ($isrunning) {
$errorvote = __("You've already voted for this proposal.");
}
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
include_once "aur.inc.php";
set_lang();
check_sid();
$title = __("Add Proposal");
html_header($title);
if (isset($_COOKIE["AURSID"])) {
$uid = uid_from_sid($_COOKIE["AURSID"]);
}
if (has_credential(CRED_TU_ADD_VOTE)) {
if (!empty($_POST['addVote']) && !check_token()) {
$error = __("Invalid token for user action.");
}
if (!empty($_POST['addVote']) && check_token()) {
$error = "";
if (!empty($_POST['user'])) {
if (!uid_from_username($_POST['user'])) {
$error .= __("Username does not exist.");
} else {
if (open_user_proposals($_POST['user'])) {
$error .= __("%s already has proposal running for them.", htmlentities($_POST['user']));
}
}
}
if (!empty($_POST['type'])) {
switch ($_POST['type']) {
case "add_tu":
/* Addition of a TU */
$len = 7 * 24 * 60 * 60;
?>
</li>
<li><?php
echo html_action_link($base_uri . 'merge/', __('Merge Package'));
?>
</li>
<?php
}
?>
<?php
if ($uid && $row["MaintainerUID"] === NULL) {
?>
<li><?php
echo html_action_form($base_uri . 'adopt/', "do_Adopt", __('Adopt Package'));
?>
</li>
<?php
} elseif (has_credential(CRED_PKGBASE_DISOWN, array($row["MaintainerUID"]))) {
?>
<li><?php
echo html_action_form($base_uri . 'disown/', "do_Disown", __('Disown Package'));
?>
</li>
<?php
}
?>
</ul>
</div>
</div>
?>
</td>
</tr>
<tr>
<th><?php
echo __("Status") . ":";
?>
</th>
<td>
<?php
echo $row["InactivityTS"] ? __("Inactive since") . ' ' . date("Y-m-d H:i", $row["InactivityTS"]) : __("Active");
?>
</td>
</tr>
<?php
if (has_credential(CRED_ACCOUNT_LAST_LOGIN)) {
?>
<tr>
<th><?php
echo __("Last Login") . ":";
?>
</th>
<td>
<?php
echo $row["LastLogin"] ? date("Y-m-d", $row["LastLogin"]) : __("Never");
?>
</td>
</tr>
<?php
}
?>
</p>
<ul>
<?php
foreach (pkgbase_get_pkgnames($base_id) as $pkgname) {
?>
<li><?php
echo htmlspecialchars($pkgname);
?>
</li>
<?php
}
?>
</ul>
<p>
<?php
if (count($comaintainers) > 0 && !has_credential(CRED_PKGBASE_DISOWN)) {
?>
<?php
echo __('By selecting the checkbox, you confirm that you want to disown the package and transfer ownership to %s%s%s.', '<strong>', $comaintainers[0], '</strong>');
?>
<?php
} else {
?>
<?php
echo __('By selecting the checkbox, you confirm that you want to disown the package.');
?>
<?php
}
?>
</p>
<form action="<?php
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
include_once "aur.inc.php";
include_once "pkgbasefuncs.inc.php";
set_lang();
check_sid();
$comment_id = intval($_REQUEST['comment_id']);
list($user_id, $comment) = comment_by_id($comment_id);
if (!isset($base_id) || !has_credential(CRED_COMMENT_EDIT, array($user_id)) || is_null($comment)) {
header('Location: /');
exit;
}
html_header(__("Edit comment"));
include 'pkg_comment_box.php';
html_footer(AURWEB_VERSION);
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
include_once "aur.inc.php";
include_once "pkgbasefuncs.inc.php";
set_lang();
check_sid();
if (!isset($base_id) || !has_credential(CRED_PKGBASE_EDIT_COMAINTAINERS, array(pkgbase_maintainer_uid($base_id)))) {
header('Location: /');
exit;
}
html_header(__("Manage Co-maintainers"));
$users = pkgbase_get_comaintainers($base_id);
include 'comaintainers_form.php';
html_footer(AURWEB_VERSION);
}
} elseif ($action == "AccountInfo") {
# no editing, just looking up user info
#
if (empty($row)) {
print __("Could not retrieve information for the specified user.");
} else {
include "account_details.php";
}
} elseif ($action == "UpdateAccount") {
print $update_account_message;
if (!$success) {
display_account_form("UpdateAccount", in_request("U"), in_request("T"), in_request("S"), in_request("E"), in_request("H"), in_request("P"), in_request("C"), in_request("R"), in_request("L"), in_request("I"), in_request("K"), in_request("PK"), in_request("J"), in_request("ID"), $row["Username"]);
}
} else {
if (has_credential(CRED_ACCOUNT_SEARCH)) {
# display the search page if they're a TU/dev
#
print __("Use this form to search existing accounts.") . "<br />\n";
include 'search_accounts_form.php';
} else {
print __("You are not allowed to access this area.");
}
}
} else {
# visitor is not logged in
#
print __("You must log in to view user information.");
}
echo "</div>";
html_footer(AURWEB_VERSION);
/**
* Display the package details page
*
* @param string $id The package ID to get details page for
* @param array $row Package details retrieved by pkg_get_details()
* @param string $SID The session ID of the visitor
*
* @return void
*/
function pkg_display_details($id = 0, $row, $SID = "")
{
$dbh = DB::connect();
if (isset($row['error'])) {
print "<p>" . $row['error'] . "</p>\n";
} else {
$base_id = pkgbase_from_pkgid($id);
$pkgbase_name = pkgbase_name_from_id($base_id);
include 'pkg_details.php';
if ($SID) {
include 'pkg_comment_box.php';
}
$limit = isset($_GET['comments']) ? 0 : 10;
$include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
$comments = pkgbase_comments($base_id, $limit, $include_deleted);
if (!empty($comments)) {
include 'pkg_comments.php';
}
}
}
/**
* Update the list of co-maintainers of a package base
*
* @param int $base_id The package base ID to update the co-maintainers of
* @param array $users Array of co-maintainer user names
*
* @return array Tuple of success/failure indicator and error message
*/
function pkgbase_set_comaintainers($base_id, $users)
{
if (!has_credential(CRED_PKGBASE_EDIT_COMAINTAINERS, array(pkgbase_maintainer_uid($base_id)))) {
return array(false, __("You are not allowed to manage co-maintainers of this package base."));
}
/* Remove empty and duplicate user names. */
$users = array_unique(array_filter(array_map('trim', $users)));
$dbh = DB::connect();
$uids = array();
foreach ($users as $user) {
$q = "SELECT ID FROM Users ";
$q .= "WHERE UserName = "******"Invalid user name: %s", $user));
}
$uids[] = $uid;
}
$q = sprintf("DELETE FROM PackageComaintainers WHERE PackageBaseID = %d", $base_id);
$dbh->exec($q);
$i = 1;
foreach ($uids as $uid) {
$q = sprintf("INSERT INTO PackageComaintainers (PackageBaseID, UsersID, Priority) VALUES (%d, %d, %d)", $base_id, $uid, $i);
$dbh->exec($q);
$i++;
}
return array(true, __("The package base co-maintainers have been updated."));
}
/**
* Close a deletion/orphan request
*
* @param int $id The package request to close
* @param string $reason Whether the request was accepted or rejected
* @param string $comments Comments to be added to the notification email
* @param boolean $auto_close (optional) Whether the request is auto-closed
*
* @return array Tuple of success/failure indicator and error message
*/
function pkgreq_close($id, $reason, $comments, $auto_close = false)
{
switch ($reason) {
case 'accepted':
$status = 2;
break;
case 'rejected':
$status = 3;
break;
default:
return array(false, __("Invalid reason."));
}
$dbh = DB::connect();
$id = intval($id);
$uid = uid_from_sid($_COOKIE["AURSID"]);
if (!$auto_close && !has_credential(CRED_PKGREQ_CLOSE)) {
return array(false, __("Only TUs and developers can close requests."));
}
$q = "UPDATE PackageRequests SET Status = " . intval($status) . " ";
$q .= "WHERE ID = " . intval($id);
$dbh->exec($q);
/* Send e-mail notifications. */
notify(array('request-close', $uid, $id, $reason), $comments);
return array(true, __("Request closed successfully."));
}
"><?php
echo __("Accounts");
?>
</a></li>
<?php
}
?>
<li><a href="<?php
echo get_user_uri(username_from_sid($_COOKIE['AURSID'])) . 'edit/';
?>
"><?php
echo __(" My Account");
?>
</a></li>
<?php
if (has_credential(CRED_TU_LIST_VOTES)) {
?>
<li><a href="<?php
echo get_uri('/tu/');
?>
"><?php
echo __("Trusted User");
?>
</a></li><?php
}
?>
<li><a href="<?php
echo get_uri('/logout/');
?>
"><?php
echo __("Logout");
/**
* Get the HTML markup of the comment form.
*
* @param array $http_data Query parameters.
*
* @return string The JSON formatted response data.
*/
private function get_comment_form($http_data)
{
if (!isset($http_data['base_id']) || !isset($http_data['pkgbase_name'])) {
$output = array('success' => 0, 'error' => __('Package base ID or package base name missing.'));
return json_encode($output);
}
$comment_id = intval($http_data['arg']);
$base_id = intval($http_data['base_id']);
$pkgbase_name = $http_data['pkgbase_name'];
list($user_id, $comment) = comment_by_id($comment_id);
if (!has_credential(CRED_COMMENT_EDIT, array($user_id))) {
$output = array('success' => 0, 'error' => __('You are not allowed to edit this comment.'));
return json_encode($output);
} elseif (is_null($comment)) {
$output = array('success' => 0, 'error' => __('Comment does not exist.'));
return json_encode($output);
}
ob_start();
include 'pkg_comment_form.php';
$html = ob_get_clean();
$output = array('success' => 1, 'form' => $html);
return json_encode($output);
}
?>
</option>
<?php
}
?>
<option value="do_Notify"><?php
echo __("Notify");
?>
</option>
<option value="do_UnNotify"><?php
echo __("UnNotify");
?>
</option>
</select>
<?php
if (has_credential(CRED_PKGBASE_DELETE)) {
?>
<label for="merge_Into"><?php
echo __("Merge into");
?>
</label>
<input type="text" id="merge_Into" name="merge_Into" />
<?php
}
?>
<label class="confirmation"><input type="checkbox" name="confirm" value="1" /> <?php
echo __("Confirm");
?>
</label>
<input type="hidden" name="token" value="<?php
echo htmlspecialchars($_COOKIE['AURSID']);
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
include_once "aur.inc.php";
include_once "pkgfuncs.inc.php";
set_lang();
check_sid();
html_header(__("Flag Package Out-Of-Date"));
if (has_credential(CRED_PKGBASE_FLAG)) {
?>
<div class="box">
<h2><?php
echo __('Flag Package Out-Of-Date: %s', htmlspecialchars($pkgbase_name));
?>
</h2>
<p>
<?php
echo __('Use this form to flag the package base %s%s%s and the following packages out-of-date: ', '<strong>', htmlspecialchars($pkgbase_name), '</strong>');
?>
</p>
<ul>
<?php
foreach (pkgbase_get_pkgnames($base_id) as $pkgname) {
?>
<li><?php
echo htmlspecialchars($pkgname);
?>
</li>
<?php
}
?>
/**
* Verify a user has the proper permissions to edit an account
*
* @param array $acctinfo User account information for edited account
*
* @return bool True if permission to edit the account, otherwise false
*/
function can_edit_account($acctinfo)
{
if ($acctinfo['AccountType'] == 'Developer' || $acctinfo['AccountType'] == 'Trusted User & Developer') {
return has_credential(CRED_ACCOUNT_EDIT_DEV);
}
$uid = $acctinfo['ID'];
return has_credential(CRED_ACCOUNT_EDIT, array($uid));
}
if (!has_credential(CRED_PKGREQ_FILE)) {
header('Location: /');
exit;
}
html_header(__("File Request"));
include 'pkgreq_form.php';
} elseif (isset($pkgreq_id)) {
if (!has_credential(CRED_PKGREQ_CLOSE)) {
header('Location: /');
exit;
}
html_header(__("Close Request"));
$pkgbase_name = pkgreq_get_pkgbase_name($pkgreq_id);
include 'pkgreq_close_form.php';
} else {
if (!has_credential(CRED_PKGREQ_LIST)) {
header('Location: /');
exit;
}
/* Sanitize paging variables. */
if (isset($_GET['O'])) {
$_GET['O'] = max(intval($_GET['O']), 0);
} else {
$_GET['O'] = 0;
}
if (isset($_GET["PP"])) {
$_GET["PP"] = bound(intval($_GET["PP"]), 50, 250);
} else {
$_GET["PP"] = 50;
}
$results = pkgreq_list($_GET['O'], $_GET['PP']);