Update of /cvsroot/fink/web/pdb
In directory sc8-pr-cvs5.sourceforge.net:/tmp/cvs-serv13389

Modified Files:
      Tag: redesign_pdb
        package.php 
Log Message:
- Show for which version the info is displayed
- Versions in dist matrix are clickable
- Can now show details for specific version


Index: package.php
===================================================================
RCS file: /cvsroot/fink/web/pdb/package.php,v
retrieving revision 1.43.2.3
retrieving revision 1.43.2.4
diff -u -d -r1.43.2.3 -r1.43.2.4
--- package.php 28 Jan 2007 02:13:12 -0000      1.43.2.3
+++ package.php 31 Jan 2007 07:03:09 -0000      1.43.2.4
@@ -23,6 +23,61 @@
 
 <?
 
+// Read the version field. We use basic HTML encoding for now, and cut off
+// very long values, to make unforseen SQL injection hacks more difficult.
+$version = $_GET['version'];
+if (strlen($version) > 15 || !preg_match("/^[0-9\-.:]+$/", $version)) {
+       $version = '';
+} else {
+       $version = htmlspecialchars($version);
+       if (strlen($version) > 15 || !preg_match("/^[0-9\-.:]+$/", $version))
+               $version = '';
+}
+
+$release = $_GET['release'];
+if (strlen($release) > 35 || !preg_match("/^[a-z0-9\-.]+$/", $release)) {
+       $release = '';
+} else {
+       $release = htmlspecialchars($release);
+       if (strlen($release) > 35 || !preg_match("/^[a-z0-9\-.]+$/", $release))
+               $release = '';
+}
+
+// Get package data to display (use for version-nonspecific pkg metadata)
+$qtodisplay = "SELECT * FROM package WHERE name='$package' ";
+
+if ($version) {
+  if (strrpos($version, ':'))
+    $qtodisplay .= "AND CONCAT(epoch,':',version,'-',revision)='$version' ";
+  else
+    $qtodisplay .= "AND CONCAT(version,'-',revision)='$version' ";
+}
+if ($release) {
+  $qtodisplay .= "AND release='$release' ";
+}
+if (!$version && !$release) {
+  $qtodisplay .= "AND latest=1";
+}
+$qs = mysql_query($qtodisplay, $dbh);
+if (!$qs) {
+  print '<p><b>error during query:</b> '.mysql_error().'</p>';
+} else {
+  $pkg2disp = mysql_fetch_array($qs);
+}
+
+$warning = '';
+if (!$pkg2disp) { # No specific version found, try latest
+  $qtodisplay = "SELECT * FROM package WHERE name='$package' AND latest=1";
+  $qs = mysql_query($qtodisplay, $dbh);
+  if (!$qs) {
+    print '<p><b>error during query:</b> '.mysql_error().'</p>';
+  } else {
+    $pkg2disp = mysql_fetch_array($qs);
+  }
+  $warning = "<b>Warning: Package $package $version not found";
+  $warning .= $release ? " in release '$release'" : '' . "!</b>";
+}
+
 $q = "SELECT * FROM package WHERE name='$package' ORDER BY latest DESC";
 $rs = mysql_query($q, $dbh);
 if (!$rs) {
@@ -40,17 +95,9 @@
     $row = mysql_fetch_array($rs);
   }
 
-  // Get latest version data (use for version-nonspecific pkg metadata)
-  $qlatest = "SELECT * FROM package WHERE name='$package' AND latest=1";
-  $qs = mysql_query($qlatest, $dbh);
-  if (!$qs) {
-    print '<p><b>error during query:</b> '.mysql_error().'</p>';
-  } else {
-    $latest = mysql_fetch_array($qs);
-  }
 
   $is_restrictive = 0;
-  if ($latest[license] && strcasecmp($latest[license],'Restrictive')==0) {
+  if ($pkg2disp[license] && strcasecmp($pkg2disp[license],'Restrictive')==0) {
       $is_restrictive = 1;
   }
 
@@ -113,12 +160,12 @@
       $vers_un = $rmap[$dists["uns"]];
       avail_td(
        strlen($vers_st)
-         ? '<!-- a 
href="../packagedetails.php?tree='.$dists["sta"]."&pkg=$package&version=$vers_st\"
 -->".$vers_st #."</a>"
+         ? "<a 
href=\"$package?version=$vers_st&release=".$dists["sta"]."\">".$vers_st ."</a>"
          : '<i>not present</i>'
        , $bindist_rowspan);
       avail_td(
        strlen($vers_un)
-         ? '<!-- a 
href="../packagedetails.php?tree='.$dists["uns"]."&pkg=$package&version=$vers_un\"
 -->".$vers_un #."</a>"
+         ? "<a 
href=\"$package?version=$vers_un&release=".$dists["uns"]."\">".$vers_un ."</a>"
          : '<i>not present</i>'
        , $bindist_rowspan);
     } else {
@@ -141,10 +188,13 @@
   print "<br>";
 
   it_start();
+  
+  if ($warning)
+    it_item('', $warning);
 
-  it_item("Description:", htmlentities($latest[descshort]));
+  it_item("Description:", htmlentities($pkg2disp[descshort]) . " (" . 
$epoch.$pkg2disp[version]."-".$pkg2disp[revision] . ")");
 
-  $desc = htmlentities($latest[desclong]);
+  $desc = htmlentities($pkg2disp[desclong]);
   if ($desc) {
     # Try to detect urls
     $desc = preg_replace('/http:\/\/[^ &]+/', '<a href="${0}">${0}</a>', 
$desc);
@@ -152,7 +202,7 @@
     it_item('', $desc);
   }
 
-  $descusage = htmlentities($latest[descusage]);
+  $descusage = htmlentities($pkg2disp[descusage]);
   if ($descusage) {
     # Try to detect urls
     $descusage = preg_replace('/http:\/\/[^ &]+/', '<a href="${0}">${0}</a>', 
$descusage);
@@ -161,11 +211,11 @@
     it_item('', $descusage);
   }
 
-  it_item("Section:", '<a 
href="'.$pdbroot.'section.php/'.$latest[section].'">'.$latest[section].'</a>');
+  it_item("Section:", '<a 
href="'.$pdbroot.'section.php/'.$pkg2disp[section].'">'.$pkg2disp[section].'</a>');
 
   // Get the maintainer field, and try to parse out the email address
-  if ($latest[maintainer]) {
-       $maintainers = $latest[maintainer];
+  if ($pkg2disp[maintainer]) {
+       $maintainers = $pkg2disp[maintainer];
        preg_match("/^(.+?)\s*<(\S+)>/", $maintainers, $matches);
     $maintainer = $matches[1];
     $email = $matches[2];
@@ -180,23 +230,23 @@
   } else {
     it_item("Maintainer:", '<a 
href="'.$pdbroot.'maintainer.php?maintainer='.$maintainer.'">'.$maintainer.'</a>');
   }
-  if ($latest[homepage]) {
-    it_item("Website:", '<a 
href="'.$latest[homepage].'">'.$latest[homepage].'</a>');
+  if ($pkg2disp[homepage]) {
+    it_item("Website:", '<a 
href="'.$pkg2disp[homepage].'">'.$pkg2disp[homepage].'</a>');
   }
-  if ($latest[license]) {
-    it_item("License:", '<a 
href="http://fink.sourceforge.net/doc/packaging/policy.php#licenses";>'.$latest[license].'</a>');
+  if ($pkg2disp[license]) {
+    it_item("License:", '<a 
href="http://fink.sourceforge.net/doc/packaging/policy.php#licenses";>'.$pkg2disp[license].'</a>');
   }
-  if ($latest[parentname]) {
-    it_item("Parent:", '<a 
href="'.$pdbroot.'package.php/'.$latest[parentname].'">'.$latest[parentname].'</a>');
+  if ($pkg2disp[parentname]) {
+    it_item("Parent:", '<a 
href="'.$pdbroot.'package.php/'.$pkg2disp[parentname].'">'.$pkg2disp[parentname].'</a>');
   }
-  if ($latest[infofile]) {
-    it_item("Info-File:", '<a 
href="http://fink.cvs.sourceforge.net/'.$latest[infofile].'?view=markup">'.$latest[infofile].'</a>
 (<a href="http://fink.cvs.sourceforge.net/'.$latest[infofile].'">CVS log</a>, 
Last Changed: '.$latest[infofilechanged].')');
+  if ($pkg2disp[infofile]) {
+    it_item("Info-File:", '<a 
href="http://fink.cvs.sourceforge.net/'.$pkg2disp[infofile].'?view=markup">'.$pkg2disp[infofile].'</a>
 (<a href="http://fink.cvs.sourceforge.net/'.$pkg2disp[infofile].'">CVS 
log</a>, Last Changed: '.$pkg2disp[infofilechanged].')');
   }
 
 
        // List the splitoffs of this package
 
-       $q = "SELECT * FROM splitoffs WHERE 
parentkey='$latest[release]$latest[name]'";
+       $q = "SELECT * FROM splitoffs WHERE 
parentkey='$pkg2disp[release]$pkg2disp[name]'";
        $rs = mysql_query($q, $dbh);
        if (!$rs) {
          print '<p><b>error during query:</b> '.mysql_error().'</p>';


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Fink-commits mailing list
Fink-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fink-commits

Reply via email to