Re: [aur-dev] [PATCH 1/2] Add a new AUR_LOCATION setting

Mon, 24 Oct 2011 11:04:20 -0700 

On Fri, Oct 21, 2011 at 03:15:55PM -0500, Dan McGee wrote:
> This should be set to something like 'http://localhost' for development
> or 'https://aur.archlinux.org' in production. It ensures all links in
> the site stay in the development site and there is no sudden jump from
> development to production environments.
> 
> Signed-off-by: Dan McGee <[email protected]>
> ---
> 
> Resubmit v2- tested the pages, correct syntax on variable definition, and
> use 'global' keyword where appropriate.
> 
>  web/html/passreset.php            |    2 +-
>  web/lib/aur.inc.php               |    1 +
>  web/lib/config.inc.php.proto      |    3 +++
>  web/lib/pkgfuncs.inc.php          |    6 +++++-
>  web/template/header.php           |    2 +-
>  web/template/login_form.php       |    2 +-
>  web/template/pkg_comment_form.php |    4 ++--
>  7 files changed, 14 insertions(+), 6 deletions(-)

Mh. This breaks the "switch to HTTPs" feature if you use "http://"; as
prefix. The only two solutions that come to my mind are:

* Make the host name configurable only and prepend the protocol part
  where appropriate.

* Do not support HTTPs unless you specify "https://";. This makes sense
  to me but should be documented..?

> 
> diff --git a/web/html/passreset.php b/web/html/passreset.php
> index 01f3204..47d649d 100644
> --- a/web/html/passreset.php
> +++ b/web/html/passreset.php
> @@ -67,7 +67,7 @@ if (isset($_GET['resetkey'], $_POST['email'], 
> $_POST['password'], $_POST['confir
>                          'your password follow the link below, otherwise 
> ignore '.
>                          'this message and nothing will happen.').
>                          "\n\n".
> -                        'https://aur.archlinux.org/passreset.php?'.
> +                        "{$AUR_LOCATION}/passreset.php?".
>                          "resetkey={$resetkey}";
>               $body = wordwrap($body, 70);
>               $headers = "To: {$email}\nReply-to: 
> [email protected]\nFrom:[email protected]\nX-Mailer: 
> PHP\nX-MimeOLE: Produced By AUR";
> diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php
> index f432697..315092c 100644
> --- a/web/lib/aur.inc.php
> +++ b/web/lib/aur.inc.php
> @@ -327,6 +327,7 @@ function html_header($title="") {
>       global $LANG;
>       global $SUPPORTED_LANGS;
>       global $DISABLE_HTTP_LOGIN;
> +     global $AUR_LOCATION;
>  
>       if (!$DISABLE_HTTP_LOGIN || (isset($_SERVER['HTTPS']) && 
> $_SERVER['HTTPS'])) {
>               $login = try_login();
> diff --git a/web/lib/config.inc.php.proto b/web/lib/config.inc.php.proto
> index fbade86..3230815 100644
> --- a/web/lib/config.inc.php.proto
> +++ b/web/lib/config.inc.php.proto
> @@ -77,3 +77,6 @@ $MAX_FILESIZE_UNCOMPRESSED = 1024 * 1024 * 8;
>  
>  # Allow HTTPs logins only
>  $DISABLE_HTTP_LOGIN = true;
> +
> +# Web URL used in email links and absolute redirects, no trailing slash
> +$AUR_LOCATION = "http://localhost";;
> diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
> index 3e89fa3..f3e9134 100644
> --- a/web/lib/pkgfuncs.inc.php
> +++ b/web/lib/pkgfuncs.inc.php
> @@ -301,6 +301,8 @@ function pkgname_is_blacklisted($name, $dbh=NULL) {
>  # display package details
>  #
>  function package_details($id=0, $SID="", $dbh=NULL) {
> +     global $AUR_LOCATION;
> +
>       if(!$dbh) {
>               $dbh = db_connect();
>       }
> @@ -620,6 +622,8 @@ function sanitize_ids($ids) {
>   * @return string Translated success or error messages
>   */
>  function pkg_flag ($atype, $ids, $action=true, $dbh=NULL) {
> +     global $AUR_LOCATION;
> +
>       if (!$atype) {
>               if ($action) {
>                       return __("You must be logged in before you can flag 
> packages.");
> @@ -666,7 +670,7 @@ function pkg_flag ($atype, $ids, $action=true, $dbh=NULL) 
> {
>               if (mysql_num_rows($result)) {
>                       while ($row = mysql_fetch_assoc($result)) {
>                               # construct email
> -                             $body = "Your package " . $row['Name'] . " has 
> been flagged out of date by " . $f_name . " [1]. You may view your package 
> at:\nhttps://aur.archlinux.org/packages.php?ID="; . $row['ID'] . "\n\n[1] - 
> https://aur.archlinux.org/account.php?Action=AccountInfo&ID="; . $f_uid;
> +                             $body = "Your package " . $row['Name'] . " has 
> been flagged out of date by " . $f_name . " [1]. You may view your package 
> at:\n" . $AUR_LOCATION . "/packages.php?ID=" . $row['ID'] . "\n\n[1] - " . 
> $AUR_LOCATION . "/account.php?Action=AccountInfo&ID=" . $f_uid;
>                               $body = wordwrap($body, 70);
>                               $headers = "Reply-to: 
> [email protected]\nFrom:[email protected]\nX-Mailer: 
> PHP\nX-MimeOLE: Produced By AUR\n";
>                               @mail($row['Email'], "AUR Out-of-date 
> Notification for ".$row['Name'], $body, $headers);
> diff --git a/web/template/header.php b/web/template/header.php
> index 8313bb3..73486b4 100644
> --- a/web/template/header.php
> +++ b/web/template/header.php
> @@ -23,7 +23,7 @@
>                                       <li id="anb-forums"><a 
> href="https://bbs.archlinux.org/"; title="Community forums">Forums</a></li>
>                                       <li id="anb-wiki"><a 
> href="https://wiki.archlinux.org/"; title="Community 
> documentation">Wiki</a></li>
>                                       <li id="anb-bugs"><a 
> href="https://bugs.archlinux.org/"; title="Report and track bugs">Bugs</a></li>
> -                                     <li id="anb-aur"><a 
> href="https://aur.archlinux.org/"; title="Arch Linux User 
> Repository">AUR</a></li>
> +                                     <li id="anb-aur"><a href="/" 
> title="Arch Linux User Repository">AUR</a></li>
>                                       <li id="anb-download"><a 
> href="http://www.archlinux.org/download/"; title="Get Arch 
> Linux">Download</a></li>
>                               </ul>
>                       </div>
> diff --git a/web/template/login_form.php b/web/template/login_form.php
> index c27e9ba..21bdaa7 100644
> --- a/web/template/login_form.php
> +++ b/web/template/login_form.php
> @@ -32,7 +32,7 @@ else {
>  ?>
>  <span class='error'>
>       <?php printf(__("HTTP login is disabled. Please %sswitch to HTTPs%s if 
> you want to login."),
> -             '<a href="https://aur.archlinux.org' . 
> htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) . '">', '</a>'); ?>
> +             '<a href="' . $AUR_LOCATION . 
> htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES) . '">', '</a>'); ?>
>  </span>
>  <?php } ?>
>  </div>
> diff --git a/web/template/pkg_comment_form.php 
> b/web/template/pkg_comment_form.php
> index e52c92d..c6ed69a 100644
> --- a/web/template/pkg_comment_form.php
> +++ b/web/template/pkg_comment_form.php
> @@ -35,9 +35,9 @@ if (isset($_REQUEST['comment'])) {
>               # Simply making these strings translatable won't work, users 
> would be
>               # getting emails in the language that the user who posted the 
> comment was in
>               $body =
> -             'from https://aur.archlinux.org/packages.php?ID='
> +             'from ' . $AUR_LOCATION . '/packages.php?ID='
>               . $_REQUEST['ID'] . "\n"
> -             . username_from_sid($_COOKIE['AURSID']) . " wrote:\n\n"
> +             . username_from_sid($_COOKIE['AURSID'], $dbh) . " wrote:\n\n"
>               . $_POST['comment']
>               . "\n\n---\nIf you no longer wish to receive notifications 
> about this package, please go the the above package page and click the 
> UnNotify button.";
>               $body = wordwrap($body, 70);
> -- 
> 1.7.7

Reply via email to