Re: [aur-dev] [PATCH] Wrap comments in tags, fixes FS#14391

On Wed 29 Jun 2011 16:23 -0500, Dan McGee wrote: > On Wednesday, June 29, 2011, Manuel Tortosa wrote: > > Exactly this, wrap the comments in tags allowing patches or at least > > better build output formatting. > > -1, and I believe this isn't the first time this has been proposed. It > makes ev

Re: [aur-dev] [PATCH] Convert the language selection bar in a select form

On Wednesday 29 June 2011 23:19:11 Lukas Fleischer wrote: > Again, printing "$_REQUEST['ID']" without escaping introduces a XSS > vulnerability. Do we actually need this field at all? Currently in AUR if you try to change the language in a package info page, you get directed to the list of packag

Re: [aur-dev] [PATCH] Convert the language selection bar in a select form

On Wednesday 29 June 2011 23:19:11 Lukas Fleischer wrote: > Using '$_SERVER["PHP_SELF"]' without escaping quotes introduces a > potential XSS vulnerability [1]. Thanks for the info.

Re: [aur-dev] [PATCH] Wrap comments in tags, fixes FS#14391

On Wednesday, June 29, 2011, Manuel Tortosa wrote: > Exactly this, wrap the comments in tags allowing patches or at least > better build output formatting. -1, and I believe this isn't the first time this has been proposed. It makes everything else less readable at the expense of a few comments.

Re: [aur-dev] [PATCH] Wrap comments in tags, fixes FS#14391

On Wed, Jun 29, 2011 at 10:32:48PM +0200, Manuel Tortosa wrote: > Exactly this, wrap the comments in tags allowing patches or at least > better build output formatting. > > Greez What's the motivation behind this one? Imho, comments are supposed to be comments - that is plain text messages with

Re: [aur-dev] [PATCH] Convert the language selection bar in a select form

On Wed, Jun 29, 2011 at 10:13:09PM +0200, Manuel Tortosa wrote: > >From 013006224eaf48f7aec1b67ab20e9df82b920a16 Mon Sep 17 00:00:00 2001 > From: Manuel > Date: Wed, 29 Jun 2011 22:11:37 +0200 > Subject: [PATCH 2/2] Convert the language selection menu in a select form > > > Signed-off-by: Manuel

Re: [aur-dev] [PATCH] Fix empty depends database insert

On Wed, Jun 29, 2011 at 09:52:07PM +0200, Manuel Tortosa wrote: > In pkgsubmit.php in this part: > > foreach ($depends as $dep) { > $deppkgname = preg_replace("/(<|<=|=|>=|>).*/", "", $dep); > $depcondition = str_replace($deppkgname, "", $dep); > > if ($deppkgname == "#") { >

[aur-dev] [PATCH] Wrap comments in tags, fixes FS#14391

Exactly this, wrap the comments in tags allowing patches or at least better build output formatting. Greez>From 28601fb46b1d28904a81b043b39592836108 Mon Sep 17 00:00:00 2001 From: Manuel Date: Wed, 29 Jun 2011 22:31:22 +0200 Subject: [PATCH 3/3] Wrap comments in tags, fixes FS#14391 Sign

[aur-dev] [PATCH] Convert the language selection bar in a select form

Subject says all. Greez. Manuel>From 013006224eaf48f7aec1b67ab20e9df82b920a16 Mon Sep 17 00:00:00 2001 From: Manuel Date: Wed, 29 Jun 2011 22:11:37 +0200 Subject: [PATCH 2/2] Convert the language selection menu in a select form Signed-off-by: Manuel --- web/template/header.php | 25

[aur-dev] [PATCH] Fix empty depends database insert

In pkgsubmit.php in this part: foreach ($depends as $dep) { $deppkgname = preg_replace("/(<|<=|=|>=|>).*/", "", $dep); $depcondition = str_replace($deppkgname, "", $dep); if ($deppkgname == "#") { break; } $q = sprintf("INSERT INTO PackageD