Re: [aur-dev] [PATCH 1/3] Move package deletion to a separate page
On Thu, Sep 27, 2012 at 5:08 AM, Lukas Fleischer
wrote:
> On Wed, Sep 26, 2012 at 08:03:23PM -0400, canyonknight wrote:
>> Package actions now have a separate box on the package details page. Make
>> a package deletion link in that box.
>>
>> Link leads to a new page (pkgdel.php) that can be used to confirm package
>> deletion. A separate page with confirmation is used to avoid CSRFs.
>>
>> Signed-off-by: canyonknight
>> ---
>> web/html/index.php | 3 +++
>> web/html/pkgdel.php | 45
>>
>> web/template/pkg_details.php | 3 +++
>> 3 files changed, 51 insertions(+)
>> create mode 100644 web/html/pkgdel.php
>>
>> diff --git a/web/html/index.php b/web/html/index.php
>> index ce8fa52..3fe6338 100644
>> --- a/web/html/index.php
>> +++ b/web/html/index.php
>> @@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] ==
>> get_pkg_route()) {
>> case "unflag":
>> $_POST['do_UnFlag'] = __('UnFlag');
>> break;
>> + case "delete":
>> + include('pkgdel.php');
>> + return;
>> }
>>
>> if (isset($_COOKIE['AURSID'])) {
>> diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php
>> new file mode 100644
>> index 000..a581176
>> --- /dev/null
>> +++ b/web/html/pkgdel.php
>> @@ -0,0 +1,45 @@
>> +> +
>> +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
>> +
>> +include_once("aur.inc.php");
>> +include_once("pkgfuncs.inc.php");
>> +
>> +set_lang();
>> +check_sid();
>> +
>> +html_header(__("Package Deletion"));
>> +
>> +$atype = "";
>> +
>> +if (isset($_COOKIE["AURSID"])) {
>> + $atype = account_from_sid($_COOKIE["AURSID"]);
>> +}
>> +
>> +if ($atype == "Trusted User" || $atype == "Developer"): ?>
>> +
>> + > ?>
>> +
>> + > from the AUR. ',
>> + '', htmlspecialchars($pkgname), ''
>> + );
>> + echo __('Deletion of a package is permanent. ');
>> + echo __('Select the checkbox to confirm action.') ?>
>> +
>> +
>> +
>> + > value="1" />
>> +
>> +
>> + > value="1" />
>> +
>> + > name="do_Delete" value="" />
>> +
>> +
>> +
>> +
>> +> + print __("Only Trusted Users and Developers can delete packages.");
>> +endif;
>> +
>> +html_footer(AUR_VERSION);
>
> You're still using the deprecated " here. It would be great if this could be revised to use the new shortcut
> syntax.
>
My mistake. I knew you wanted to use the shortcut syntax in the
/template files. I didn't know you also wanted it in the /html files
from now on. I'll re-send it later. Thanks!
>> diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php
>> index 4e9e073..dcc086b 100644
>> --- a/web/template/pkg_details.php
>> +++ b/web/template/pkg_details.php
>> @@ -54,6 +54,9 @@ $sources = package_sources($row["ID"]);
>>
>>
>>
>> + > == "Developer"): ?>
>> +
>> +
>>
>>
>>
>> --
>> 1.7.12.1
Re: [aur-dev] [PATCH 1/3] Move package deletion to a separate page
On Wed, Sep 26, 2012 at 08:03:23PM -0400, canyonknight wrote:
> Package actions now have a separate box on the package details page. Make
> a package deletion link in that box.
>
> Link leads to a new page (pkgdel.php) that can be used to confirm package
> deletion. A separate page with confirmation is used to avoid CSRFs.
>
> Signed-off-by: canyonknight
> ---
> web/html/index.php | 3 +++
> web/html/pkgdel.php | 45
>
> web/template/pkg_details.php | 3 +++
> 3 files changed, 51 insertions(+)
> create mode 100644 web/html/pkgdel.php
>
> diff --git a/web/html/index.php b/web/html/index.php
> index ce8fa52..3fe6338 100644
> --- a/web/html/index.php
> +++ b/web/html/index.php
> @@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] ==
> get_pkg_route()) {
> case "unflag":
> $_POST['do_UnFlag'] = __('UnFlag');
> break;
> + case "delete":
> + include('pkgdel.php');
> + return;
> }
>
> if (isset($_COOKIE['AURSID'])) {
> diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php
> new file mode 100644
> index 000..a581176
> --- /dev/null
> +++ b/web/html/pkgdel.php
> @@ -0,0 +1,45 @@
> + +
> +set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
> +
> +include_once("aur.inc.php");
> +include_once("pkgfuncs.inc.php");
> +
> +set_lang();
> +check_sid();
> +
> +html_header(__("Package Deletion"));
> +
> +$atype = "";
> +
> +if (isset($_COOKIE["AURSID"])) {
> + $atype = account_from_sid($_COOKIE["AURSID"]);
> +}
> +
> +if ($atype == "Trusted User" || $atype == "Developer"): ?>
> +
> + ?>
> +
> + from the AUR. ',
> + '', htmlspecialchars($pkgname), ''
> + );
> + echo __('Deletion of a package is permanent. ');
> + echo __('Select the checkbox to confirm action.') ?>
> +
> +
> +
> + value="1" />
> +
> +
> + value="1" />
> +
> + value="" />
> +
> +
> +
> +
> + + print __("Only Trusted Users and Developers can delete packages.");
> +endif;
> +
> +html_footer(AUR_VERSION);
You're still using the deprecated " diff --git a/web/template/pkg_details.php b/web/template/pkg_details.php
> index 4e9e073..dcc086b 100644
> --- a/web/template/pkg_details.php
> +++ b/web/template/pkg_details.php
> @@ -54,6 +54,9 @@ $sources = package_sources($row["ID"]);
>
>
>
> + "Developer"): ?>
> +
> +
>
>
>
> --
> 1.7.12.1
[aur-dev] [PATCH 1/3] Move package deletion to a separate page
Package actions now have a separate box on the package details page. Make
a package deletion link in that box.
Link leads to a new page (pkgdel.php) that can be used to confirm package
deletion. A separate page with confirmation is used to avoid CSRFs.
Signed-off-by: canyonknight
---
web/html/index.php | 3 +++
web/html/pkgdel.php | 45
web/template/pkg_details.php | 3 +++
3 files changed, 51 insertions(+)
create mode 100644 web/html/pkgdel.php
diff --git a/web/html/index.php b/web/html/index.php
index ce8fa52..3fe6338 100644
--- a/web/html/index.php
+++ b/web/html/index.php
@@ -43,6 +43,9 @@ if (isset($tokens[1]) && '/' . $tokens[1] == get_pkg_route())
{
case "unflag":
$_POST['do_UnFlag'] = __('UnFlag');
break;
+ case "delete":
+ include('pkgdel.php');
+ return;
}
if (isset($_COOKIE['AURSID'])) {
diff --git a/web/html/pkgdel.php b/web/html/pkgdel.php
new file mode 100644
index 000..a581176
--- /dev/null
+++ b/web/html/pkgdel.php
@@ -0,0 +1,45 @@
+
+
+
+
+ ', htmlspecialchars($pkgname), ''
+ );
+ echo __('Deletion of a package is permanent. ');
+ echo __('Select the checkbox to confirm action.') ?>
+
+
+
+
+
+
+
+
+ " />
+
+
+
+
+
+
+
+
--
1.7.12.1
