<?php set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); include_once "aur.inc.php"; set_lang(); include_once 'pkgfuncs.inc.php'; check_sid(); /* * Retrieve package base ID and name, unless initialized by the routing * framework. */ if (!isset($base_id) || !isset($pkgbase_name)) { if (isset($_GET['ID'])) { $base_id = intval($_GET['ID']); $pkgbase_name = pkgbase_name_from_id($_GET['ID']); } else { if (isset($_GET['N'])) { $base_id = pkgbase_from_name($_GET['N']); $pkgbase_name = $_GET['N']; } else { unset($base_id, $pkgbase_name); } } if (isset($base_id) && ($base_id == 0 || $base_id == NULL || $pkgbase_name == NULL)) { header("HTTP/1.0 404 Not Found"); include "./404.php"; return; } } /* Set the title to package base name. */ $title = $pkgbase_name;
/** * Delete package bases * * @param array $base_ids Array of package base IDs to delete * @param int $merge_base_id Package base to merge the deleted ones into * @param int $via Package request to close upon deletion * @param bool $grant Allow anyone to delete the package base * * @return array Tuple of success/failure indicator and error message */ function pkgbase_delete($base_ids, $merge_base_id, $via, $grant = false) { if (!$grant && !has_credential(CRED_PKGBASE_DELETE)) { return array(false, __("You do not have permission to delete packages.")); } $base_ids = sanitize_ids($base_ids); if (empty($base_ids)) { return array(false, __("You did not select any packages to delete.")); } $dbh = DB::connect(); if ($merge_base_id) { $merge_base_name = pkgbase_name_from_id($merge_base_id); } $uid = uid_from_sid($_COOKIE['AURSID']); foreach ($base_ids as $base_id) { if ($merge_base_id) { notify(array('delete', $uid, $base_id, $merge_base_id)); } else { notify(array('delete', $uid, $base_id)); } } /* * Close package request if the deletion was initiated through the * request interface. NOTE: This needs to happen *before* the actual * deletion. Otherwise, the former maintainer will not be included in * the Cc list of the request notification email. */ if ($via) { pkgreq_close(intval($via), 'accepted', ''); } /* Scan through pending deletion requests and close them. */ if (!$action) { $username = username_from_sid($_COOKIE['AURSID']); foreach ($base_ids as $base_id) { $pkgreq_ids = array_merge(pkgreq_by_pkgbase($base_id)); foreach ($pkgreq_ids as $pkgreq_id) { pkgreq_close(intval($pkgreq_id), 'accepted', 'The user ' . $username . ' deleted the package.', true); } } } if ($merge_base_id) { /* Merge comments */ $q = "UPDATE PackageComments "; $q .= "SET PackageBaseID = " . intval($merge_base_id) . " "; $q .= "WHERE PackageBaseID IN (" . implode(",", $base_ids) . ")"; $dbh->exec($q); /* Merge notifications */ $q = "SELECT DISTINCT UserID FROM CommentNotify cn "; $q .= "WHERE PackageBaseID IN (" . implode(",", $base_ids) . ") "; $q .= "AND NOT EXISTS (SELECT * FROM CommentNotify cn2 "; $q .= "WHERE cn2.PackageBaseID = " . intval($merge_base_id) . " "; $q .= "AND cn2.UserID = cn.UserID)"; $result = $dbh->query($q); while ($notify_uid = $result->fetch(PDO::FETCH_COLUMN, 0)) { $q = "INSERT INTO CommentNotify (UserID, PackageBaseID) "; $q .= "VALUES (" . intval($notify_uid) . ", " . intval($merge_base_id) . ")"; $dbh->exec($q); } /* Merge votes */ foreach ($base_ids as $base_id) { $q = "UPDATE PackageVotes "; $q .= "SET PackageBaseID = " . intval($merge_base_id) . " "; $q .= "WHERE PackageBaseID = " . $base_id . " "; $q .= "AND UsersID NOT IN ("; $q .= "SELECT * FROM (SELECT UsersID "; $q .= "FROM PackageVotes "; $q .= "WHERE PackageBaseID = " . intval($merge_base_id); $q .= ") temp)"; $dbh->exec($q); } $q = "UPDATE PackageBases "; $q .= "SET NumVotes = (SELECT COUNT(*) FROM PackageVotes "; $q .= "WHERE PackageBaseID = " . intval($merge_base_id) . ") "; $q .= "WHERE ID = " . intval($merge_base_id); $dbh->exec($q); } $q = "DELETE FROM Packages WHERE PackageBaseID IN (" . implode(",", $base_ids) . ")"; $dbh->exec($q); $q = "DELETE FROM PackageBases WHERE ID IN (" . implode(",", $base_ids) . ")"; $dbh->exec($q); return array(true, __("The selected packages have been deleted.")); }
/** * Display the package details page * * @param string $id The package ID to get details page for * @param array $row Package details retrieved by pkg_get_details() * @param string $SID The session ID of the visitor * * @return void */ function pkg_display_details($id = 0, $row, $SID = "") { $dbh = DB::connect(); if (isset($row['error'])) { print "<p>" . $row['error'] . "</p>\n"; } else { $base_id = pkgbase_from_pkgid($id); $pkgbase_name = pkgbase_name_from_id($base_id); include 'pkg_details.php'; if ($SID) { include 'pkg_comment_box.php'; } $limit = isset($_GET['comments']) ? 0 : 10; $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED); $comments = pkgbase_comments($base_id, $limit, $include_deleted); if (!empty($comments)) { include 'pkg_comments.php'; } } }
/** * File a deletion/orphan request against a package base * * @param string $ids The package base IDs to file the request against * @param string $type The type of the request * @param string $merge_into The target of a merge operation * @param string $comments The comments to be added to the request * * @return array Tuple of success/failure indicator and error message */ function pkgreq_file($ids, $type, $merge_into, $comments) { if (!has_credential(CRED_PKGREQ_FILE)) { return array(false, __("You must be logged in to file package requests.")); } if (!empty($merge_into) && !preg_match("/^[a-z0-9][a-z0-9\\.+_-]*\$/D", $merge_into)) { return array(false, __("Invalid name: only lowercase letters are allowed.")); } if (!empty($merge_into) && !pkgbase_from_name($merge_into)) { return array(false, __("Cannot find package to merge votes and comments into.")); } if (empty($comments)) { return array(false, __("The comment field must not be empty.")); } $dbh = DB::connect(); $uid = uid_from_sid($_COOKIE["AURSID"]); /* TODO: Allow for filing multiple requests at once. */ $base_id = intval($ids[0]); $pkgbase_name = pkgbase_name_from_id($base_id); if ($merge_into == $pkgbase_name) { return array(false, __("Cannot merge a package base with itself.")); } $q = "SELECT ID FROM RequestTypes WHERE Name = " . $dbh->quote($type); $result = $dbh->query($q); if ($row = $result->fetch(PDO::FETCH_ASSOC)) { $type_id = $row['ID']; } else { return array(false, __("Invalid request type.")); } $q = "INSERT INTO PackageRequests "; $q .= "(ReqTypeID, PackageBaseID, PackageBaseName, MergeBaseName, "; $q .= "UsersID, Comments, RequestTS) VALUES (" . $type_id . ", "; $q .= $base_id . ", " . $dbh->quote($pkgbase_name) . ", "; $q .= $dbh->quote($merge_into) . ", " . $uid . ", "; $q .= $dbh->quote($comments) . ", UNIX_TIMESTAMP())"; $dbh->exec($q); $request_id = $dbh->lastInsertId(); /* Send e-mail notifications. */ $params = array('request-open', $uid, $request_id, $type, $base_id); if ($type === 'merge') { $params[] = $merge_into; } notify($params, $comments); $auto_orphan_age = config_get('options', 'auto_orphan_age'); $auto_delete_age = config_get('options', 'auto_delete_age'); $details = pkgbase_get_details($base_id); if ($type == 'orphan' && $details['OutOfDateTS'] > 0 && time() - $details['OutOfDateTS'] >= $auto_orphan_age && $auto_orphan_age > 0) { /* * Close package request. NOTE: This needs to happen *before* * the actual disown operation. Otherwise, the former * maintainer will not be included in the Cc list of the * request notification email. */ $out_of_date_time = gmdate("Y-m-d", intval($details["OutOfDateTS"])); pkgreq_close($request_id, "accepted", "The package base has been flagged out-of-date " . "since " . $out_of_date_time . ".", true); $q = "UPDATE PackageBases SET MaintainerUID = NULL "; $q .= "WHERE ID = " . $base_id; $dbh->exec($q); } else { if ($type == 'deletion' && $details['MaintainerUID'] == $uid && $details['SubmittedTS'] > 0 && $auto_delete_age > 0 && time() - $details['SubmittedTS'] <= $auto_delete_age) { /* * Close package request. NOTE: This needs to happen *before* * the actual deletion operation. Otherwise, the former * maintainer will not be included in the Cc list of the * request notification email. */ pkgreq_close($request_id, "accepted", "Deletion of a fresh package requested by its " . "current maintainer.", true); pkgbase_delete(array($base_id), NULL, NULL, true); } } return array(true, __("Added request successfully.")); }