getdeb-collaboration team mailing list archive

[Peter van der Does <peter@xxxxxxxxxxxxxxxx>]

On Sat, 25 Oct 2008 08:58:54 +0100
João Luís Marques Pinto <joao.pinto@xxxxxxxxxx> wrote:


> >   Hello Peter,
> I see a potential problem witht he update_fs.php parameter based
> change, If someone manually calls update_fs.php with random r1 and
> r2, will those be set as the active ?
> 
> When a new app is added the entire info added and update_fs.php is
> used manually, because of this by default r1 and r2 should be set to
> the 2 latest release ids.
> 

The way to solve the first problem is by adding a nonce field, like in
the resetpassword. The field value would be created using the secret
key and the two fields. If the nonce check fails in the update_fs
script nothing will be done.

I'm not sure what you mean with 2 latest release id's. Do you mean that
r1 should hold the current release on GetDeb and the newly installed
one for the i386 platform and the r2 the same for the amd64 platform?

I don't know the entire process of setting up a new application but a
solution could be to create a new page for adding new applications,
almost similar to the update but the file would have the extension new
and the file contains the two release id's needed. 

The way to find the previous application would be:
1. Search gd_app_release using r1
2. Search the gd_app_version table using the ver_id from
the result from step 1
3. Search gd_app_version for all app_id from step 2,
desc on id.
4. Using the id's from step 3 walk through gd_app_release for the same
distro's as the new release until we find an enabled release and disable
this one. If none found, that's ok too.


-- 
Peter van der Does

GPG key: E77E8E98

WordPress Plugin Developer
http://blog.avirtualhome.com

GetDeb Package Builder/GetDeb Site Coder
http://www.getdeb.net - Software you want for Ubuntu

Attachment: signature.asc
Description: PGP signature