[prev in list] [next in list] [prev in thread] [next in thread]
List: fink-commits
Subject: [cvs] web/pdb package.php,1.43.2.3,1.43.2.4
From: Christian Schaffner <chris01 () users ! sourceforge ! net>
Date: 2007-01-31 7:03:12
Message-ID: E1HC9Uu-0003S5-Lr () mail ! sourceforge ! net
[Download RAW message or body]
Update of /cvsroot/fink/web/pdb
In directory sc8-pr-cvs5.sourceforge.net:/tmp/cvs-serv13389
Modified Files:
Tag: redesign_pdb
package.php
Log Message:
- Show for which version the info is displayed
- Versions in dist matrix are clickable
- Can now show details for specific version
Index: package.php
===================================================================
RCS file: /cvsroot/fink/web/pdb/package.php,v
retrieving revision 1.43.2.3
retrieving revision 1.43.2.4
diff -u -d -r1.43.2.3 -r1.43.2.4
--- package.php 28 Jan 2007 02:13:12 -0000 1.43.2.3
+++ package.php 31 Jan 2007 07:03:09 -0000 1.43.2.4
@@ -23,6 +23,61 @@
<?
+// Read the version field. We use basic HTML encoding for now, and cut off
+// very long values, to make unforseen SQL injection hacks more difficult.
+$version = $_GET['version'];
+if (strlen($version) > 15 || !preg_match("/^[0-9\-.:]+$/", $version)) {
+ $version = '';
+} else {
+ $version = htmlspecialchars($version);
+ if (strlen($version) > 15 || !preg_match("/^[0-9\-.:]+$/", $version))
+ $version = '';
+}
+
+$release = $_GET['release'];
+if (strlen($release) > 35 || !preg_match("/^[a-z0-9\-.]+$/", $release)) {
+ $release = '';
+} else {
+ $release = htmlspecialchars($release);
+ if (strlen($release) > 35 || !preg_match("/^[a-z0-9\-.]+$/", $release))
+ $release = '';
+}
+
+// Get package data to display (use for version-nonspecific pkg metadata)
+$qtodisplay = "SELECT * FROM package WHERE name='$package' ";
+
+if ($version) {
+ if (strrpos($version, ':'))
+ $qtodisplay .= "AND CONCAT(epoch,':',version,'-',revision)='$version' ";
+ else
+ $qtodisplay .= "AND CONCAT(version,'-',revision)='$version' ";
+}
+if ($release) {
+ $qtodisplay .= "AND release='$release' ";
+}
+if (!$version && !$release) {
+ $qtodisplay .= "AND latest=1";
+}
+$qs = mysql_query($qtodisplay, $dbh);
+if (!$qs) {
+ print '<p><b>error during query:</b> '.mysql_error().'</p>';
+} else {
+ $pkg2disp = mysql_fetch_array($qs);
+}
+
+$warning = '';
+if (!$pkg2disp) { # No specific version found, try latest
+ $qtodisplay = "SELECT * FROM package WHERE name='$package' AND latest=1";
+ $qs = mysql_query($qtodisplay, $dbh);
+ if (!$qs) {
+ print '<p><b>error during query:</b> '.mysql_error().'</p>';
+ } else {
+ $pkg2disp = mysql_fetch_array($qs);
+ }
+ $warning = "<b>Warning: Package $package $version not found";
+ $warning .= $release ? " in release '$release'" : '' . "!</b>";
+}
+
$q = "SELECT * FROM package WHERE name='$package' ORDER BY latest DESC";
$rs = mysql_query($q, $dbh);
if (!$rs) {
@@ -40,17 +95,9 @@
$row = mysql_fetch_array($rs);
}
- // Get latest version data (use for version-nonspecific pkg metadata)
- $qlatest = "SELECT * FROM package WHERE name='$package' AND latest=1";
- $qs = mysql_query($qlatest, $dbh);
- if (!$qs) {
- print '<p><b>error during query:</b> '.mysql_error().'</p>';
- } else {
- $latest = mysql_fetch_array($qs);
- }
$is_restrictive = 0;
- if ($latest[license] && strcasecmp($latest[license],'Restrictive')==0) {
+ if ($pkg2disp[license] && strcasecmp($pkg2disp[license],'Restrictive')==0) {
$is_restrictive = 1;
}
@@ -113,12 +160,12 @@
$vers_un = $rmap[$dists["uns"]];
avail_td(
strlen($vers_st)
- ? '<!-- a href="../packagedetails.php?tree='.$dists["sta"]."&pkg=$package&version=$vers_st\" \
-->".$vers_st #."</a>" + ? "<a \
href=\"$package?version=$vers_st&release=".$dists["sta"]."\">".$vers_st ."</a>" : \
'<i>not present</i>' , $bindist_rowspan);
avail_td(
strlen($vers_un)
- ? '<!-- a href="../packagedetails.php?tree='.$dists["uns"]."&pkg=$package&version=$vers_un\" \
-->".$vers_un #."</a>" + ? "<a \
href=\"$package?version=$vers_un&release=".$dists["uns"]."\">".$vers_un ."</a>" : \
'<i>not present</i>' , $bindist_rowspan);
} else {
@@ -141,10 +188,13 @@
print "<br>";
it_start();
+
+ if ($warning)
+ it_item('', $warning);
- it_item("Description:", htmlentities($latest[descshort]));
+ it_item("Description:", htmlentities($pkg2disp[descshort]) . " (" . \
$epoch.$pkg2disp[version]."-".$pkg2disp[revision] . ")");
- $desc = htmlentities($latest[desclong]);
+ $desc = htmlentities($pkg2disp[desclong]);
if ($desc) {
# Try to detect urls
$desc = preg_replace('/http:\/\/[^ &]+/', '<a href="${0}">${0}</a>', $desc);
@@ -152,7 +202,7 @@
it_item('', $desc);
}
- $descusage = htmlentities($latest[descusage]);
+ $descusage = htmlentities($pkg2disp[descusage]);
if ($descusage) {
# Try to detect urls
$descusage = preg_replace('/http:\/\/[^ &]+/', '<a href="${0}">${0}</a>', \
$descusage); @@ -161,11 +211,11 @@
it_item('', $descusage);
}
- it_item("Section:", '<a \
href="'.$pdbroot.'section.php/'.$latest[section].'">'.$latest[section].'</a>'); + \
it_item("Section:", '<a \
href="'.$pdbroot.'section.php/'.$pkg2disp[section].'">'.$pkg2disp[section].'</a>');
// Get the maintainer field, and try to parse out the email address
- if ($latest[maintainer]) {
- $maintainers = $latest[maintainer];
+ if ($pkg2disp[maintainer]) {
+ $maintainers = $pkg2disp[maintainer];
preg_match("/^(.+?)\s*<(\S+)>/", $maintainers, $matches);
$maintainer = $matches[1];
$email = $matches[2];
@@ -180,23 +230,23 @@
} else {
it_item("Maintainer:", '<a \
href="'.$pdbroot.'maintainer.php?maintainer='.$maintainer.'">'.$maintainer.'</a>'); \
}
- if ($latest[homepage]) {
- it_item("Website:", '<a \
href="'.$latest[homepage].'">'.$latest[homepage].'</a>'); + if ($pkg2disp[homepage]) \
{ + it_item("Website:", '<a \
href="'.$pkg2disp[homepage].'">'.$pkg2disp[homepage].'</a>'); }
- if ($latest[license]) {
- it_item("License:", '<a \
href="http://fink.sourceforge.net/doc/packaging/policy.php#licenses">'.$latest[license].'</a>');
+ if ($pkg2disp[license]) {
+ it_item("License:", '<a \
href="http://fink.sourceforge.net/doc/packaging/policy.php#licenses">'.$pkg2disp[license].'</a>');
}
- if ($latest[parentname]) {
- it_item("Parent:", '<a \
href="'.$pdbroot.'package.php/'.$latest[parentname].'">'.$latest[parentname].'</a>'); \
+ if ($pkg2disp[parentname]) { + it_item("Parent:", '<a \
href="'.$pdbroot.'package.php/'.$pkg2disp[parentname].'">'.$pkg2disp[parentname].'</a>');
}
- if ($latest[infofile]) {
- it_item("Info-File:", '<a \
href="http://fink.cvs.sourceforge.net/'.$latest[infofile].'?view=markup">'.$latest[infofile].'</a> \
(<a href="http://fink.cvs.sourceforge.net/'.$latest[infofile].'">CVS log</a>, Last \
Changed: '.$latest[infofilechanged].')'); + if ($pkg2disp[infofile]) {
+ it_item("Info-File:", '<a \
href="http://fink.cvs.sourceforge.net/'.$pkg2disp[infofile].'?view=markup">'.$pkg2disp[infofile].'</a> \
(<a href="http://fink.cvs.sourceforge.net/'.$pkg2disp[infofile].'">CVS log</a>, Last \
Changed: '.$pkg2disp[infofilechanged].')'); }
// List the splitoffs of this package
- $q = "SELECT * FROM splitoffs WHERE parentkey='$latest[release]$latest[name]'";
+ $q = "SELECT * FROM splitoffs WHERE parentkey='$pkg2disp[release]$pkg2disp[name]'";
$rs = mysql_query($q, $dbh);
if (!$rs) {
print '<p><b>error during query:</b> '.mysql_error().'</p>';
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Fink-commits mailing list
Fink-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fink-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic