<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
include_once "aur.inc.php";
set_lang();
include_once 'pkgfuncs.inc.php';
check_sid();
/*
* Retrieve package base ID and name, unless initialized by the routing
* framework.
*/
if (!isset($base_id) || !isset($pkgbase_name)) {
if (isset($_GET['ID'])) {
$base_id = intval($_GET['ID']);
$pkgbase_name = pkgbase_name_from_id($_GET['ID']);
} else {
if (isset($_GET['N'])) {
$base_id = pkgbase_from_name($_GET['N']);
$pkgbase_name = $_GET['N'];
} else {
unset($base_id, $pkgbase_name);
}
}
if (isset($base_id) && ($base_id == 0 || $base_id == NULL || $pkgbase_name == NULL)) {
header("HTTP/1.0 404 Not Found");
include "./404.php";
return;
}
}
/* Set the title to package base name. */
$title = $pkgbase_name;
/**
* Delete package bases
*
* @param array $base_ids Array of package base IDs to delete
* @param int $merge_base_id Package base to merge the deleted ones into
* @param int $via Package request to close upon deletion
* @param bool $grant Allow anyone to delete the package base
*
* @return array Tuple of success/failure indicator and error message
*/
function pkgbase_delete($base_ids, $merge_base_id, $via, $grant = false)
{
if (!$grant && !has_credential(CRED_PKGBASE_DELETE)) {
return array(false, __("You do not have permission to delete packages."));
}
$base_ids = sanitize_ids($base_ids);
if (empty($base_ids)) {
return array(false, __("You did not select any packages to delete."));
}
$dbh = DB::connect();
if ($merge_base_id) {
$merge_base_name = pkgbase_name_from_id($merge_base_id);
}
$uid = uid_from_sid($_COOKIE['AURSID']);
foreach ($base_ids as $base_id) {
if ($merge_base_id) {
notify(array('delete', $uid, $base_id, $merge_base_id));
} else {
notify(array('delete', $uid, $base_id));
}
}
/*
* Close package request if the deletion was initiated through the
* request interface. NOTE: This needs to happen *before* the actual
* deletion. Otherwise, the former maintainer will not be included in
* the Cc list of the request notification email.
*/
if ($via) {
pkgreq_close(intval($via), 'accepted', '');
}
/* Scan through pending deletion requests and close them. */
if (!$action) {
$username = username_from_sid($_COOKIE['AURSID']);
foreach ($base_ids as $base_id) {
$pkgreq_ids = array_merge(pkgreq_by_pkgbase($base_id));
foreach ($pkgreq_ids as $pkgreq_id) {
pkgreq_close(intval($pkgreq_id), 'accepted', 'The user ' . $username . ' deleted the package.', true);
}
}
}
if ($merge_base_id) {
/* Merge comments */
$q = "UPDATE PackageComments ";
$q .= "SET PackageBaseID = " . intval($merge_base_id) . " ";
$q .= "WHERE PackageBaseID IN (" . implode(",", $base_ids) . ")";
$dbh->exec($q);
/* Merge notifications */
$q = "SELECT DISTINCT UserID FROM CommentNotify cn ";
$q .= "WHERE PackageBaseID IN (" . implode(",", $base_ids) . ") ";
$q .= "AND NOT EXISTS (SELECT * FROM CommentNotify cn2 ";
$q .= "WHERE cn2.PackageBaseID = " . intval($merge_base_id) . " ";
$q .= "AND cn2.UserID = cn.UserID)";
$result = $dbh->query($q);
while ($notify_uid = $result->fetch(PDO::FETCH_COLUMN, 0)) {
$q = "INSERT INTO CommentNotify (UserID, PackageBaseID) ";
$q .= "VALUES (" . intval($notify_uid) . ", " . intval($merge_base_id) . ")";
$dbh->exec($q);
}
/* Merge votes */
foreach ($base_ids as $base_id) {
$q = "UPDATE PackageVotes ";
$q .= "SET PackageBaseID = " . intval($merge_base_id) . " ";
$q .= "WHERE PackageBaseID = " . $base_id . " ";
$q .= "AND UsersID NOT IN (";
$q .= "SELECT * FROM (SELECT UsersID ";
$q .= "FROM PackageVotes ";
$q .= "WHERE PackageBaseID = " . intval($merge_base_id);
$q .= ") temp)";
$dbh->exec($q);
}
$q = "UPDATE PackageBases ";
$q .= "SET NumVotes = (SELECT COUNT(*) FROM PackageVotes ";
$q .= "WHERE PackageBaseID = " . intval($merge_base_id) . ") ";
$q .= "WHERE ID = " . intval($merge_base_id);
$dbh->exec($q);
}
$q = "DELETE FROM Packages WHERE PackageBaseID IN (" . implode(",", $base_ids) . ")";
$dbh->exec($q);
$q = "DELETE FROM PackageBases WHERE ID IN (" . implode(",", $base_ids) . ")";
$dbh->exec($q);
return array(true, __("The selected packages have been deleted."));
}
/**
* Display the package details page
*
* @param string $id The package ID to get details page for
* @param array $row Package details retrieved by pkg_get_details()
* @param string $SID The session ID of the visitor
*
* @return void
*/
function pkg_display_details($id = 0, $row, $SID = "")
{
$dbh = DB::connect();
if (isset($row['error'])) {
print "<p>" . $row['error'] . "</p>\n";
} else {
$base_id = pkgbase_from_pkgid($id);
$pkgbase_name = pkgbase_name_from_id($base_id);
include 'pkg_details.php';
if ($SID) {
include 'pkg_comment_box.php';
}
$limit = isset($_GET['comments']) ? 0 : 10;
$include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
$comments = pkgbase_comments($base_id, $limit, $include_deleted);
if (!empty($comments)) {
include 'pkg_comments.php';
}
}
}
/**
* File a deletion/orphan request against a package base
*
* @param string $ids The package base IDs to file the request against
* @param string $type The type of the request
* @param string $merge_into The target of a merge operation
* @param string $comments The comments to be added to the request
*
* @return array Tuple of success/failure indicator and error message
*/
function pkgreq_file($ids, $type, $merge_into, $comments)
{
if (!has_credential(CRED_PKGREQ_FILE)) {
return array(false, __("You must be logged in to file package requests."));
}
if (!empty($merge_into) && !preg_match("/^[a-z0-9][a-z0-9\\.+_-]*\$/D", $merge_into)) {
return array(false, __("Invalid name: only lowercase letters are allowed."));
}
if (!empty($merge_into) && !pkgbase_from_name($merge_into)) {
return array(false, __("Cannot find package to merge votes and comments into."));
}
if (empty($comments)) {
return array(false, __("The comment field must not be empty."));
}
$dbh = DB::connect();
$uid = uid_from_sid($_COOKIE["AURSID"]);
/* TODO: Allow for filing multiple requests at once. */
$base_id = intval($ids[0]);
$pkgbase_name = pkgbase_name_from_id($base_id);
if ($merge_into == $pkgbase_name) {
return array(false, __("Cannot merge a package base with itself."));
}
$q = "SELECT ID FROM RequestTypes WHERE Name = " . $dbh->quote($type);
$result = $dbh->query($q);
if ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$type_id = $row['ID'];
} else {
return array(false, __("Invalid request type."));
}
$q = "INSERT INTO PackageRequests ";
$q .= "(ReqTypeID, PackageBaseID, PackageBaseName, MergeBaseName, ";
$q .= "UsersID, Comments, RequestTS) VALUES (" . $type_id . ", ";
$q .= $base_id . ", " . $dbh->quote($pkgbase_name) . ", ";
$q .= $dbh->quote($merge_into) . ", " . $uid . ", ";
$q .= $dbh->quote($comments) . ", UNIX_TIMESTAMP())";
$dbh->exec($q);
$request_id = $dbh->lastInsertId();
/* Send e-mail notifications. */
$params = array('request-open', $uid, $request_id, $type, $base_id);
if ($type === 'merge') {
$params[] = $merge_into;
}
notify($params, $comments);
$auto_orphan_age = config_get('options', 'auto_orphan_age');
$auto_delete_age = config_get('options', 'auto_delete_age');
$details = pkgbase_get_details($base_id);
if ($type == 'orphan' && $details['OutOfDateTS'] > 0 && time() - $details['OutOfDateTS'] >= $auto_orphan_age && $auto_orphan_age > 0) {
/*
* Close package request. NOTE: This needs to happen *before*
* the actual disown operation. Otherwise, the former
* maintainer will not be included in the Cc list of the
* request notification email.
*/
$out_of_date_time = gmdate("Y-m-d", intval($details["OutOfDateTS"]));
pkgreq_close($request_id, "accepted", "The package base has been flagged out-of-date " . "since " . $out_of_date_time . ".", true);
$q = "UPDATE PackageBases SET MaintainerUID = NULL ";
$q .= "WHERE ID = " . $base_id;
$dbh->exec($q);
} else {
if ($type == 'deletion' && $details['MaintainerUID'] == $uid && $details['SubmittedTS'] > 0 && $auto_delete_age > 0 && time() - $details['SubmittedTS'] <= $auto_delete_age) {
/*
* Close package request. NOTE: This needs to happen *before*
* the actual deletion operation. Otherwise, the former
* maintainer will not be included in the Cc list of the
* request notification email.
*/
pkgreq_close($request_id, "accepted", "Deletion of a fresh package requested by its " . "current maintainer.", true);
pkgbase_delete(array($base_id), NULL, NULL, true);
}
}
return array(true, __("Added request successfully."));
}
