Re: [aur-dev] [PATCH 1/3] Move package deletion to a separate page
On Thu, Sep 27, 2012 at 5:08 AM, Lukas Fleischer wrote: > On Wed, Sep 26, 2012 at 08:03:23PM -0400, canyonknight wrote: >> Package actions now have a separate box on the package details page. Make >> a package deletion link in that box. >> >> Link leads to a new page (pkgdel.php) that can be used to confirm package >> deletion. A separate page with confirmation is used to avoid CSRFs. >> >> Signed-off-by: canyonknight >> --- >> web/html/index.php | 3 +++ >> web/html/pkgdel.php | 45 >> >> web/template/pkg_details.php | 3 +++ >> 3 files changed, 51 insertions(+) >> create mode 100644 web/html/pkgdel.php >> >> diff --git a/web/html/index.php b/web/html/index.php >> index ce8fa52..3fe6338 100644 >> --- a/web/html/index.php >> +++ b/web/html/index.php >> @@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == >> get_pkg_route()) { >> case "unflag": >> $_POST['do_UnFlag'] = __('UnFlag'); >> break; >> + case "delete": >> + include('pkgdel.php'); >> + return; >> } >> >> if (isset($_COOKIE['AURSID'])) { >> diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php >> new file mode 100644 >> index 000..a581176 >> --- /dev/null >> +++ b/web/html/pkgdel.php >> @@ -0,0 +1,45 @@ >> +> + >> +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); >> + >> +include_once("aur.inc.php"); >> +include_once("pkgfuncs.inc.php"); >> + >> +set_lang(); >> +check_sid(); >> + >> +html_header(__("Package Deletion")); >> + >> +$atype = ""; >> + >> +if (isset($_COOKIE["AURSID"])) { >> + $atype = account_from_sid($_COOKIE["AURSID"]); >> +} >> + >> +if ($atype == "Trusted User" || $atype == "Developer"): ?> >> + >> + > ?> >> + >> + > from the AUR. ', >> + '', htmlspecialchars($pkgname), '' >> + ); >> + echo __('Deletion of a package is permanent. '); >> + echo __('Select the checkbox to confirm action.') ?> >> + >> + >> + >> + > value="1" /> >> + >> + >> + > value="1" /> >> + >> + > name="do_Delete" value="" /> >> + >> + >> + >> + >> +> + print __("Only Trusted Users and Developers can delete packages."); >> +endif; >> + >> +html_footer(AUR_VERSION); > > You're still using the deprecated " here. It would be great if this could be revised to use the new shortcut > syntax. > My mistake. I knew you wanted to use the shortcut syntax in the /template files. I didn't know you also wanted it in the /html files from now on. I'll re-send it later. Thanks! >> diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php >> index 4e9e073..dcc086b 100644 >> --- a/web/template/pkg_details.php >> +++ b/web/template/pkg_details.php >> @@ -54,6 +54,9 @@ $sources = package_sources($row["ID"]); >> >> >> >> + > == "Developer"): ?> >> + >> + >> >> >> >> -- >> 1.7.12.1
Re: [aur-dev] [PATCH 1/3] Move package deletion to a separate page
On Wed, Sep 26, 2012 at 08:03:23PM -0400, canyonknight wrote: > Package actions now have a separate box on the package details page. Make > a package deletion link in that box. > > Link leads to a new page (pkgdel.php) that can be used to confirm package > deletion. A separate page with confirmation is used to avoid CSRFs. > > Signed-off-by: canyonknight > --- > web/html/index.php | 3 +++ > web/html/pkgdel.php | 45 > > web/template/pkg_details.php | 3 +++ > 3 files changed, 51 insertions(+) > create mode 100644 web/html/pkgdel.php > > diff --git a/web/html/index.php b/web/html/index.php > index ce8fa52..3fe6338 100644 > --- a/web/html/index.php > +++ b/web/html/index.php > @@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == > get_pkg_route()) { > case "unflag": > $_POST['do_UnFlag'] = __('UnFlag'); > break; > + case "delete": > + include('pkgdel.php'); > + return; > } > > if (isset($_COOKIE['AURSID'])) { > diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php > new file mode 100644 > index 000..a581176 > --- /dev/null > +++ b/web/html/pkgdel.php > @@ -0,0 +1,45 @@ > + + > +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib'); > + > +include_once("aur.inc.php"); > +include_once("pkgfuncs.inc.php"); > + > +set_lang(); > +check_sid(); > + > +html_header(__("Package Deletion")); > + > +$atype = ""; > + > +if (isset($_COOKIE["AURSID"])) { > + $atype = account_from_sid($_COOKIE["AURSID"]); > +} > + > +if ($atype == "Trusted User" || $atype == "Developer"): ?> > + > + ?> > + > + from the AUR. ', > + '', htmlspecialchars($pkgname), '' > + ); > + echo __('Deletion of a package is permanent. '); > + echo __('Select the checkbox to confirm action.') ?> > + > + > + > + value="1" /> > + > + > + value="1" /> > + > + value="" /> > + > + > + > + > + + print __("Only Trusted Users and Developers can delete packages."); > +endif; > + > +html_footer(AUR_VERSION); You're still using the deprecated " diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php > index 4e9e073..dcc086b 100644 > --- a/web/template/pkg_details.php > +++ b/web/template/pkg_details.php > @@ -54,6 +54,9 @@ $sources = package_sources($row["ID"]); > > > > + "Developer"): ?> > + > + > > > > -- > 1.7.12.1
[aur-dev] [PATCH 1/3] Move package deletion to a separate page
Package actions now have a separate box on the package details page. Make a package deletion link in that box. Link leads to a new page (pkgdel.php) that can be used to confirm package deletion. A separate page with confirmation is used to avoid CSRFs. Signed-off-by: canyonknight --- web/html/index.php | 3 +++ web/html/pkgdel.php | 45 web/template/pkg_details.php | 3 +++ 3 files changed, 51 insertions(+) create mode 100644 web/html/pkgdel.php diff --git a/web/html/index.php b/web/html/index.php index ce8fa52..3fe6338 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { case "unflag": $_POST['do_UnFlag'] = __('UnFlag'); break; + case "delete": + include('pkgdel.php'); + return; } if (isset($_COOKIE['AURSID'])) { diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php new file mode 100644 index 000..a581176 --- /dev/null +++ b/web/html/pkgdel.php @@ -0,0 +1,45 @@ + + + + + ', htmlspecialchars($pkgname), '' + ); + echo __('Deletion of a package is permanent. '); + echo __('Select the checkbox to confirm action.') ?> + + + + + + + + + " /> + + + + + + + + -- 1.7.12.1