Fix text in emails

Fixes #130

.gitignore

@@ -1,12 +1,15 @@
 config.cfg
-config.prod.cfg
+*.env
 *.sqlite
-main.css
+.vscode
+custom.css
 tmp
 log.txt
 *.rdb
 uploads
 thumbnails
+celerybeat-schedule
+/data
 
 # Created by https://www.gitignore.io/api/linux,macos,python,windows
 

Dockerfile

@@ -0,0 +1,17 @@
+FROM python:3.6
+
+WORKDIR /home/cdb
+
+COPY requirements.txt requirements.txt
+RUN pip install -r ./requirements.txt
+RUN pip install gunicorn
+RUN pip install psycopg2
+
+COPY runprodguni.sh ./
+COPY rundebug.sh ./
+RUN chmod +x runprodguni.sh
+
+COPY setup.py ./setup.py
+COPY app app
+COPY migrations migrations
+COPY config.cfg ./config.cfg

README.md

@@ -1,57 +1,17 @@
 # Content Database
 
-## Setup
+Content database for Minetest mods, games, and more.
 
-First create a Python virtual env:
-
-	virtualenv env -ppython3
-	source env/bin/activate
-
-then use pip:
-
-	pip3 install -r requirements.txt
-
-### Development
-
-* Copy config.example.cfg to config.cfg
-* Fill SECRET_KEY and WTF_CSRF_SECRET_KEY in with a random string
-* Make a Github OAuth Client at <https://github.com/settings/developers>:
-	* Homepage URL - `http://localhost:5000/`
-	* Authorization callback URL - `http://localhost:5000/user/github/callback/`
-* Put client id and client secret in GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET
-* Setup the database: python3 setup.py
-
-
-## Running
-
-### Development
-
-You need to enter the virtual environment if you haven't yet in
-the current session:
-
-	source env/bin/activate
-
-If you need to, reset the db like so:
-
-	python3 setup.py -t
-
-Then run the server:
-
-	./rundebug.py
-
-Then view in your web browser: http://localhost:5000/
+Developed by rubenwardy, license GPLv3.0+.
 
 ## How-tos
 
-### Start celery worker
+Note: you should first read one of the guides on the [Github repo wiki](https://github.com/minetest/contentdb/wiki)
 
 ```sh
+# Run celery worker
 FLASK_CONFIG=../config.cfg celery -A app.tasks.celery worker
-```
 
-### Create migration
-
-```sh
 # if sqlite
 python setup.py -t
 rm db.sqlite && python setup.py -t && FLASK_CONFIG=../config.cfg FLASK_APP=app/__init__.py flask db stamp head
@@ -61,4 +21,7 @@ FLASK_CONFIG=../config.cfg FLASK_APP=app/__init__.py flask db migrate
 
 # Run migration
 FLASK_CONFIG=../config.cfg FLASK_APP=app/__init__.py flask db upgrade
+
+# Enter docker
+docker exec -it contentdb_app_1 bash
 ```

app/__init__.py

@@ -17,12 +17,14 @@
 
 from flask import *
 from flask_user import *
+from flask_gravatar import Gravatar
 import flask_menu as menu
 from flask_mail import Mail
-from flask.ext import markdown
+from flaskext.markdown import Markdown
 from flask_github import GitHub
 from flask_wtf.csrf import CsrfProtect
 from flask_flatpages import FlatPages
+from flask_babel import Babel
 import os
 
 app = Flask(__name__, static_folder="public/static")
@@ -31,11 +33,30 @@ app.config["FLATPAGES_EXTENSION"] = ".md"
 app.config.from_pyfile(os.environ["FLASK_CONFIG"])
 
 menu.Menu(app=app)
-markdown.Markdown(app, extensions=["fenced_code"], safe_mode=True, output_format="html5")
+markdown = Markdown(app, extensions=["fenced_code"], safe_mode=True, output_format="html5")
 github = GitHub(app)
 csrf = CsrfProtect(app)
 mail = Mail(app)
 pages = FlatPages(app)
+babel = Babel(app)
+gravatar = Gravatar(app,
+		size=58,
+		rating='g',
+		default='mp',
+		force_default=False,
+		force_lower=False,
+		use_ssl=True,
+		base_url=None)
+
+if not app.debug:
+	from .maillogger import register_mail_error_handler
+	register_mail_error_handler(app, mail)
+
+
+@babel.localeselector
+def get_locale():
+    return request.accept_languages.best_match(app.config['LANGUAGES'].keys())
+
 
 from . import models, tasks
 from .views import *

app/flatpages/help.md

@@ -2,4 +2,5 @@ title: Help
 
 * [Package Tags](package_tags)
 * [Ranks and Permissions](ranks_permissions)
+* [Content Ratings and Flags](content_flags)
 * [Reporting Content](reporting)

app/flatpages/help/content_flags.md

@@ -0,0 +1,26 @@
+title: Content Flags
+
+Content flags allow you to hide content based on your preferences.
+The filtering is done server-side, which means that you don't need to update
+your client to use new flags.
+
+## Flags
+
+* `nonfree` - can be used to hide packages which do not qualify as
+	'free software', as defined by the Free Software Foundation.
+* A content rating, given below.
+
+
+## Ratings
+
+Content ratings aren't currently supported by ContentDB.
+Instead, mature content isn't allowed at all for now.
+
+In the future, more mature content will be allowed but labelled with
+content ratings which may contain the following:
+
+* android_default - meta-rating which includes gore and drugs.
+* desktop_default - meta-rating which won't include anything for now.
+* gore - more than just blood
+* drugs
+* swearing

app/flatpages/help/ranks_permissions.md

@@ -34,6 +34,8 @@ title: Ranks and Permissions
 			<th>N</th>
 			<th>Y</th>
 			<th>N</th>
+			<th>Y</th>
+			<th>N</th>
 		</tr>
 	</thead>
 	<tbody>
@@ -58,7 +60,7 @@ title: Ranks and Permissions
 			<th></th>
 			<th></th> <!-- member -->
 			<th></th>
-			<th>✓</th> <!-- trusted member -->
+			<th></th> <!-- trusted member -->
 			<th></th>
 			<th>✓</th> <!-- editor -->
 			<th>✓</th>
@@ -101,7 +103,7 @@ title: Ranks and Permissions
 			<td>Approve Screenshot</td>
 			<th></th> <!-- new -->
 			<th></th>
-			<th>✓</th> <!-- member -->
+			<th></th> <!-- member -->
 			<th></th>
 			<th>✓</th> <!-- trusted member -->
 			<th></th>
@@ -187,6 +189,21 @@ title: Ranks and Permissions
 			<th>✓</th> <!-- admin -->
 			<th>✓</th>
 		</tr>
+		<tr>
+			<td>See Private Thread</td>
+			<th>✓</th> <!-- new -->
+			<th></th>
+			<th>✓</th> <!-- member -->
+			<th></th>
+			<th>✓</th> <!-- trusted member -->
+			<th></th>
+			<th>✓</th> <!-- editor -->
+			<th>✓</th>
+			<th>✓</th> <!-- moderator -->
+			<th>✓</th>
+			<th>✓</th> <!-- admin -->
+			<th>✓</th>
+		</tr>
 		<tr>
 			<td>Set Email</td>
 			<th>✓</th> <!-- new -->

app/flatpages/help/reporting.md

@@ -5,4 +5,4 @@ laws.
 
 We take copyright violation and other offenses very seriously.
 
-<a href="https://rubenwardy.com/contact/" class="button btn_green">Contact</a>
+<a href="https://rubenwardy.com/contact/" class="btn btn-success">Contact</a>

app/flatpages/help/wtfpl.md

@@ -0,0 +1,42 @@
+title: WTFPL is a terrible license
+no_h1: true
+
+<div id="warning" class="alert alert-warning">
+	<span class="icon_message"></span>
+
+	Please reconsider the choice of WTFPL as a license.
+
+	<script src="/static/jquery.min.js"></script>
+	<script>
+		// @author rubenwardy
+		// @license magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
+
+		var params = new URLSearchParams(location.search);
+		var r      = params.get("r");
+		if (r)
+			document.write("<a class='alert_right button' href='" + r + "'>Okay</a>");
+		else
+			$("#warning").hide();
+	</script>
+</div>
+
+# WTFPL is a terrible license
+
+The use of WTFPL as a license is discouraged for multiple reasons.
+
+* **No Warranty disclaimer:** This could open you up to being sued.<sup>[1]</sup>
+* **Swearing:** This prevents settings like schools from using your content.
+* **Not OSI Approved:** Same as public domain?
+
+The Open Source Initiative chose not to approve the license as an open-source
+license, saying:<sup>[3]</sup>
+
+> It's no different from dedication to the public domain.
+> Author has submitted license approval request – author is free to make public domain dedication.
+> Although he agrees with the recommendation, Mr. Michlmayr notes that public domain doesn't exist in Europe. Recommend: Reject.
+
+## Sources
+
+1. [WTFPL is harmful to software developers](https://cubicspot.blogspot.com/2017/04/wtfpl-is-harmful-to-software-developers.html)
+2. [FSF](https://www.gnu.org/licenses/license-list.en.html)
+3. [OSI](https://opensource.org/minutes20090304)

app/flatpages/policy_and_guidance.md

@@ -1,14 +1,28 @@
 title: Package Inclusion Policy and Guidance
 
-<div class="box box_grey alert alert-warning">
+<div class="alert alert-warning">
 	<b>Note:</b> This is a draft
 </div>
 
-## 1. General
+## 0. Overview
 
-It is not permitted to submit abusive, obscene, vulgar, slanderous, hateful,
-threatening, sexually-orientated or any material that may violate any laws be
-it of your country, the country where "Content DB” is hosted or International Law.
+ContentDB is for the community, and as such listings should be useful to the
+community. To help with this, there are a few rules to improve the quality of
+the listings and to combat abuse.
+
+* No inappropriate content. <sup>2.1</sup>
+* Content must be playable/useful, but not necessarily finished. <sup>2.2</sup>
+* Don't use the name of another mod unless your mod is a fork or reimplementation. <sup>3</sup>
+* Licenses must allow derivatives, redistribution, and must not discriminate. <sup>4</sup>
+* Don't put promotions or advertisements in package listings, except for
+  donation and personal website links which are permitted in the
+  long description. <sup>5</sup>
+* The ContentDB admin reserves the right to remove packages for any reason,
+  including ones not covered by this document, and to ban users who abuse
+  this service. <sup>1</sup>
+
+
+## 1. General
 
 The ContentDB admin reserves the right to remove packages for any reason,
 including ones not covered by this document, and to ban users who abuse this service.
@@ -16,20 +30,32 @@ including ones not covered by this document, and to ban users who abuse this ser
 Also see the [help page on tags](/help/package_tags/).
 
 
-## 2. Accepted Content and State of Completion
+## 2. Accepted Content
+
+### 2.1. Acceptable Content
+
+Sexually-orientated content is not permitted.
+
+Mature content, including that relating to drugs, excessive gore, violence, or
+horror, is not currently permitted - but will be in the future.
 
 The submission of malware is strictly prohibited. This includes software which
 does not do as it advertises, for example if it posts telemetry without stating
 clearly that it does in the package meta.
 
-ContentDB should only currently contain playable content, ie: stuff that would
-be in Mod Releases and Game Releases. Please don't upload any Work In Progress (WIP)
-things. This will probably change in future if/when an "early access" feature is
-added.
+### 2.2. State of Completion
 
-Adding non-player facing mods, such as libraries and server tools, is perfectly fine.
-ContentDB isn't just for player-facing things, and adding libraries allows them to be
-installed when a mod depends on it.
+ContentDB should only currently contain playable content - content which is
+sufficiently complete to be useful to end users. It's fine to add stuff which
+is still a work in progress (WIP) as long as it adds sufficient value -
+MineClone 2 is a good example of a WIP package which may break between releases
+but still has value. Note that this doesn't mean that you should add a thing
+you started working on yesterday, it's worth adding all the basic stuff to
+make your package useful.
+
+Adding non-player facing mods, such as libraries and server tools, is perfectly fine
+and encouraged. ContentDB isn't just for player-facing things, and adding
+libraries allows them to be installed when a mod depends on it.
 
 
 ## 3. Technical Names
@@ -39,7 +65,7 @@ installed when a mod depends on it.
 The first package to use a name based on the creation of its forum topic or
 contentdb submission has the right to the technical name. The use of a package
 on a server or in private doesn't reserve its name. No other packages of the same
-type may use the same name, except for the exception given by 2.2.
+type may use the same name, except for the exception given by 3.2.
 
 If it turns out that we made a mistake by approving a package and that the
 name should have been given to another package, then we *may* unapprove the
@@ -48,6 +74,8 @@ package and give the name to the correct one.
 If you submit a package where you don't have the right to the name you will be asked
 to change the name of the package, or your package won't be accepted.
 
+We reserve the right to issue exceptions for this where we feel necessary.
+
 ### 3.2 Mod Forks and Reimplementations
 
 An exception to the above is that mods are allowed to have the same name as a
@@ -66,39 +94,46 @@ Please ensure that you correctly credit any resources (code, assets, or otherwis
 that you have used in your package.
 
 **The use of licenses which do not allow derivatives or redistribution is not
-permitted. This includes CC-ND (No-Derivatives) and lots of closed source licenses.**
+permitted. This includes CC-ND (No-Derivatives) and lots of closed source licenses.
+The use of licenses which discriminate between groups of people or forbid the use
+of the content on servers or singleplayer is also not permitted.**
 
 However, closed sourced licenses are allowed if they allow the above.
 
-If the license you use is not on the list then please choose the correct "Other"
-option.
+If the license you use is not on the list then please select "Other", and we'll
+get around to adding it.
 
 Please note that the definitions of "free" and "non-free" is the same as that
 of the [Free Software Foundation](https://www.gnu.org/philosophy/free-sw.en.html).
 
 ### 4.2 Recommended Licenses
 
+It is highly recommended that you use a free and open source software license.
+FOSS licenses result in a sharing community and will increase the number of potential users your package has.
+Using a closed source license will result in your package being massively penalised in the search results and package lists.
+
 It is recommended that you use a proper license for code with a warranty
 disclaimer, such as the (L)GPL or MIT. You should also use a proper media license
 for media, such as a Creative Commons license.
 
-The use of WTFPL is discouraged as it doesn't contain a valid warranty disclaimer,
-and also includes swearing which dissuades teachers from using your content.
+The use of WTFPL is discouraged as it doesn't contain a [valid warranty disclaimer](https://cubicspot.blogspot.com/2017/04/wtfpl-is-harmful-to-software-developers.html),
+and also includes swearing which prevents settings like schools from using your content.
+[Read more](/help/wtfpl/).
 
 Public domain is not a valid license in many countries, please use CC0 or MIT instead.
 
 
 ## 5. Promotions and Advertisements (inc. asking for donations)
 
-Any information other than the long description - including screenshots - must
-not contain any promotions or advertisements. This includes asking for donations,
-promoting online shops, or linking to personal websites and social media.
+You may note place any promotions or advertisements in any meta data including
+screensthos. This includes asking for donations, promoting online shops,
+or linking to personal websites and social media. Please instead use the
+fields provided on your user profile page to place links to websites and
+donation pages.
 
 ContentDB is for the community. We may remove any promotions if we feel that
 they're inappropriate.
 
-Paid promotions are not allowed at all, anywhere.
-
 
 ## 6. Reporting Violations
 

app/maillogger.py

@@ -0,0 +1,109 @@
+import logging
+from enum import Enum
+from app.tasks.emails import sendEmailRaw
+
+def _has_newline(line):
+	"""Used by has_bad_header to check for \\r or \\n"""
+	if line and ("\r" in line or "\n" in line):
+		return True
+	return False
+
+def _is_bad_subject(subject):
+	"""Copied from: flask_mail.py class Message def has_bad_headers"""
+	if _has_newline(subject):
+		for linenum, line in enumerate(subject.split("\r\n")):
+			if not line:
+				return True
+			if linenum > 0 and line[0] not in "\t ":
+				return True
+			if _has_newline(line):
+				return True
+			if len(line.strip()) == 0:
+				return True
+	return False
+
+
+class FlaskMailSubjectFormatter(logging.Formatter):
+	def format(self, record):
+		record.message = record.getMessage()
+		if self.usesTime():
+			record.asctime = self.formatTime(record, self.datefmt)
+		s = self.formatMessage(record)
+		return s
+
+class FlaskMailTextFormatter(logging.Formatter):
+	pass
+
+# TODO: hier nog niet tevreden over (vooral logger.error(..., exc_info, stack_info))
+class FlaskMailHTMLFormatter(logging.Formatter):
+	pre_template = "<h1>%s</h1><pre>%s</pre>"
+	def formatException(self, exc_info):
+		formatted_exception = logging.Handler.formatException(self, exc_info)
+		return FlaskMailHTMLFormatter.pre_template % ("Exception information", formatted_exception)
+	def formatStack(self, stack_info):
+		return FlaskMailHTMLFormatter.pre_template % ("<h1>Stack information</h1><pre>%s</pre>", stack_info)
+
+
+# see: https://github.com/python/cpython/blob/3.6/Lib/logging/__init__.py (class Handler)
+
+class FlaskMailHandler(logging.Handler):
+	def __init__(self, mailer, subject_template, level=logging.NOTSET):
+		logging.Handler.__init__(self, level)
+		self.mailer = mailer
+		self.send_to = mailer.app.config["MAIL_UTILS_ERROR_SEND_TO"]
+		self.subject_template = subject_template
+		self.html_formatter = None
+
+	def setFormatter(self, text_fmt, html_fmt=None):
+		"""
+		Set the formatters for this handler. Provide at least one formatter.
+		When no text_fmt is provided, no text-part is created for the email body.
+		"""
+		assert (text_fmt, html_fmt) != (None, None), "At least one formatter should be provided"
+		if type(text_fmt)==str:
+			text_fmt = FlaskMailTextFormatter(text_fmt)
+		self.formatter = text_fmt
+		if type(html_fmt)==str:
+			html_fmt = FlaskMailHTMLFormatter(html_fmt)
+		self.html_formatter = html_fmt
+
+	def getSubject(self, record):
+		fmt = FlaskMailSubjectFormatter(self.subject_template)
+		subject = fmt.format(record)
+		#Since templates can cause header problems, and we rather have a incomplete email then an error, we fix this
+		if _is_bad_subject(subject):
+			subject="FlaskMailHandler log-entry from %s [original subject is replaced, because it would result in a bad header]" % self.mailer.app.name
+		return subject
+
+	def emit(self, record):
+		text = self.format(record)				if self.formatter	  else None
+		html = self.html_formatter.format(record) if self.html_formatter else None
+		sendEmailRaw.delay(self.send_to, self.getSubject(record), text, html)
+
+
+def register_mail_error_handler(app, mailer):
+	subject_template = "ContentDB crashed (%(module)s > %(funcName)s)"
+	text_template = """
+Message type: %(levelname)s
+Location:	 %(pathname)s:%(lineno)d
+Module:	   %(module)s
+Function:	 %(funcName)s
+Time:		 %(asctime)s
+Message:
+%(message)s"""
+	html_template = """
+<style>th { text-align: right}</style><table>
+<tr><th>Message type:</th><td>%(levelname)s</td></tr>
+<tr>	<th>Location:</th><td>%(pathname)s:%(lineno)d</td></tr>
+<tr>	  <th>Module:</th><td>%(module)s</td></tr>
+<tr>	<th>Function:</th><td>%(funcName)s</td></tr>
+<tr>		<th>Time:</th><td>%(asctime)s</td></tr>
+</table>
+<h2>Message</h2>
+<pre>%(message)s</pre>"""
+
+	import logging
+	mail_handler = FlaskMailHandler(mailer, subject_template)
+	mail_handler.setLevel(logging.ERROR)
+	mail_handler.setFormatter(text_template, html_template)
+	app.logger.addHandler(mail_handler)

app/models.py

@@ -15,19 +15,29 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 
-from flask import Flask, url_for
-from flask_sqlalchemy import SQLAlchemy
-from flask_migrate import Migrate
+import enum, datetime
+
+from app import app, gravatar
 from urllib.parse import urlparse
-from app import app
-from datetime import datetime
-from sqlalchemy.orm import validates
+
+from flask import Flask, url_for
+from flask_sqlalchemy import SQLAlchemy, BaseQuery
+from flask_migrate import Migrate
 from flask_user import login_required, UserManager, UserMixin, SQLAlchemyAdapter
-import enum
+from sqlalchemy.orm import validates
+from sqlalchemy_searchable import SearchQueryMixin
+from sqlalchemy_utils.types import TSVectorType
+from sqlalchemy_searchable import make_searchable
+
 
 # Initialise database
 db = SQLAlchemy(app)
 migrate = Migrate(app, db)
+make_searchable(db.metadata)
+
+
+class ArticleQuery(BaseQuery, SearchQueryMixin):
+	pass
 
 
 class UserRank(enum.Enum):
@@ -66,6 +76,7 @@ class Permission(enum.Enum):
 	APPROVE_CHANGES    = "APPROVE_CHANGES"
 	DELETE_PACKAGE     = "DELETE_PACKAGE"
 	CHANGE_AUTHOR      = "CHANGE_AUTHOR"
+	CHANGE_NAME        = "CHANGE_NAME"
 	MAKE_RELEASE       = "MAKE_RELEASE"
 	ADD_SCREENSHOTS    = "ADD_SCREENSHOTS"
 	APPROVE_SCREENSHOT = "APPROVE_SCREENSHOT"
@@ -77,6 +88,9 @@ class Permission(enum.Enum):
 	CHANGE_EMAIL       = "CHANGE_EMAIL"
 	EDIT_EDITREQUEST   = "EDIT_EDITREQUEST"
 	SEE_THREAD         = "SEE_THREAD"
+	CREATE_THREAD      = "CREATE_THREAD"
+	UNAPPROVE_PACKAGE  = "UNAPPROVE_PACKAGE"
+	TOPIC_DISCARD      = "TOPIC_DISCARD"
 
 	# Only return true if the permission is valid for *all* contexts
 	# See Package.checkPerm for package-specific contexts
@@ -85,34 +99,40 @@ class Permission(enum.Enum):
 			return False
 
 		if self == Permission.APPROVE_NEW or \
-				self == Permission.APPROVE_CHANGES or \
-				self == Permission.APPROVE_RELEASE or \
-				self == Permission.APPROVE_SCREENSHOT:
+				self == Permission.APPROVE_CHANGES    or \
+				self == Permission.APPROVE_RELEASE    or \
+				self == Permission.APPROVE_SCREENSHOT or \
+				self == Permission.SEE_THREAD:
 			return user.rank.atLeast(UserRank.EDITOR)
 		else:
 			raise Exception("Non-global permission checked globally. Use Package.checkPerm or User.checkPerm instead.")
 
 class User(db.Model, UserMixin):
-	id = db.Column(db.Integer, primary_key=True)
+	id           = db.Column(db.Integer, primary_key=True)
 
 	# User authentication information
-	username = db.Column(db.String(50, collation="NOCASE"), nullable=False, unique=True, index=True)
-	password = db.Column(db.String(255), nullable=True)
+	username     = db.Column(db.String(50, collation="NOCASE"), nullable=False, unique=True, index=True)
+	password     = db.Column(db.String(255), nullable=True)
 	reset_password_token = db.Column(db.String(100), nullable=False, server_default="")
 
-	rank = db.Column(db.Enum(UserRank))
+	rank         = db.Column(db.Enum(UserRank))
 
 	# Account linking
 	github_username = db.Column(db.String(50, collation="NOCASE"), nullable=True, unique=True)
 	forums_username = db.Column(db.String(50, collation="NOCASE"), nullable=True, unique=True)
 
 	# User email information
-	email = db.Column(db.String(255), nullable=True, unique=True)
-	confirmed_at = db.Column(db.DateTime())
+	email         = db.Column(db.String(255), nullable=True, unique=True)
+	confirmed_at  = db.Column(db.DateTime())
 
 	# User information
-	active = db.Column("is_active", db.Boolean, nullable=False, server_default="0")
-	display_name = db.Column(db.String(100), nullable=False, server_default="")
+	profile_pic   = db.Column(db.String(255), nullable=True, server_default=None)
+	active        = db.Column("is_active", db.Boolean, nullable=False, server_default="0")
+	display_name  = db.Column(db.String(100), nullable=False, server_default="")
+
+	# Links
+	website_url   = db.Column(db.String(255), nullable=True, default=None)
+	donate_url    = db.Column(db.String(255), nullable=True, default=None)
 
 	# Content
 	notifications = db.relationship("Notification", primaryjoin="User.id==Notification.user_id")
@@ -124,8 +144,6 @@ class User(db.Model, UserMixin):
 	replies       = db.relationship("ThreadReply", backref="author", lazy="dynamic")
 
 	def __init__(self, username, active=False, email=None, password=None):
-		import datetime
-
 		self.username = username
 		self.confirmed_at = datetime.datetime.now() - datetime.timedelta(days=6000)
 		self.display_name = username
@@ -142,6 +160,12 @@ class User(db.Model, UserMixin):
 	def isClaimed(self):
 		return self.rank.atLeast(UserRank.NEW_MEMBER)
 
+	def getProfilePicURL(self):
+		if self.profile_pic:
+			return self.profile_pic
+		else:
+			return gravatar(self.email or "")
+
 	def checkPerm(self, user, perm):
 		if not user.is_authenticated:
 			return False
@@ -161,6 +185,16 @@ class User(db.Model, UserMixin):
 		else:
 			raise Exception("Permission {} is not related to users".format(perm.name))
 
+	def canCommentRL(self):
+		hour_ago = datetime.datetime.utcnow() - datetime.timedelta(hours=1)
+		return ThreadReply.query.filter_by(author=self) \
+			.filter(ThreadReply.created_at > hour_ago).count() < 4
+
+	def canOpenThreadRL(self):
+		hour_ago = datetime.datetime.utcnow() - datetime.timedelta(hours=1)
+		return Thread.query.filter_by(author=self) \
+			.filter(Thread.created_at > hour_ago).count() < 2
+
 class UserEmailVerification(db.Model):
 	id      = db.Column(db.Integer, primary_key=True)
 	user_id = db.Column(db.Integer, db.ForeignKey("user.id"))
@@ -179,6 +213,9 @@ class Notification(db.Model):
 	url       = db.Column(db.String(200), nullable=True)
 
 	def __init__(self, us, cau, titl, ur):
+		if len(titl) > 100:
+			title = title[:99] + "…"
+
 		self.user   = us
 		self.causer = cau
 		self.title  = titl
@@ -209,6 +246,13 @@ class PackageType(enum.Enum):
 	def __str__(self):
 		return self.name
 
+	@classmethod
+	def get(cls, name):
+		try:
+			return PackageType[name.upper()]
+		except KeyError:
+			return None
+
 	@classmethod
 	def choices(cls):
 		return [(choice, choice.value) for choice in cls]
@@ -221,7 +265,7 @@ class PackageType(enum.Enum):
 class PackagePropertyKey(enum.Enum):
 	name          = "Name"
 	title         = "Title"
-	shortDesc     = "Short Description"
+	short_desc     = "Short Description"
 	desc          = "Description"
 	type          = "Type"
 	license       = "License"
@@ -318,18 +362,21 @@ class Dependency(db.Model):
 		return retval
 
 
-
 class Package(db.Model):
+	query_class  = ArticleQuery
+
 	id           = db.Column(db.Integer, primary_key=True)
 
 	# Basic details
 	author_id    = db.Column(db.Integer, db.ForeignKey("user.id"))
 	name         = db.Column(db.String(100), nullable=False)
-	title        = db.Column(db.String(100), nullable=False)
-	shortDesc    = db.Column(db.String(200), nullable=False)
-	desc         = db.Column(db.Text, nullable=True)
+	title        = db.Column(db.Unicode(100), nullable=False)
+	short_desc   = db.Column(db.Unicode(200), nullable=False)
+	desc         = db.Column(db.UnicodeText, nullable=True)
 	type         = db.Column(db.Enum(PackageType))
-	created_at   = db.Column(db.DateTime, nullable=False, default=datetime.utcnow)
+	created_at   = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
+
+	search_vector = db.Column(TSVectorType("title", "short_desc", "desc"))
 
 	license_id   = db.Column(db.Integer, db.ForeignKey("license.id"), nullable=False, default=1)
 	license      = db.relationship("License", foreign_keys=[license_id])
@@ -339,6 +386,8 @@ class Package(db.Model):
 	approved     = db.Column(db.Boolean, nullable=False, default=False)
 	soft_deleted = db.Column(db.Boolean, nullable=False, default=False)
 
+	score        = db.Column(db.Float, nullable=False, default=0)
+
 	review_thread_id = db.Column(db.Integer, db.ForeignKey("thread.id"), nullable=True, default=None)
 	review_thread    = db.relationship("Thread", foreign_keys=[review_thread_id])
 
@@ -349,7 +398,7 @@ class Package(db.Model):
 	forums       = db.Column(db.Integer,     nullable=True)
 
 	provides = db.relationship("MetaPackage", secondary=provides, lazy="subquery",
-			backref=db.backref("packages", lazy="dynamic"))
+			backref=db.backref("packages", lazy="dynamic", order_by=db.desc("score")))
 
 	dependencies = db.relationship("Dependency", backref="depender", lazy="dynamic", foreign_keys=[Dependency.depender_id])
 
@@ -360,7 +409,7 @@ class Package(db.Model):
 			lazy="dynamic", order_by=db.desc("package_release_releaseDate"))
 
 	screenshots = db.relationship("PackageScreenshot", backref="package",
-			lazy="dynamic")
+			lazy="dynamic", order_by=db.asc("package_screenshot_id"))
 
 	requests = db.relationship("EditRequest", backref="package",
 			lazy="dynamic")
@@ -376,35 +425,61 @@ class Package(db.Model):
 		for e in PackagePropertyKey:
 			setattr(self, e.name, getattr(package, e.name))
 
-	def getAsDictionaryShort(self, base_url):
-		tnurl = self.getThumbnailURL()
+	def getState(self):
+		if self.approved:
+			return "approved"
+		elif self.review_thread_id:
+			return "thread"
+		elif (self.type == PackageType.GAME or \
+					self.type == PackageType.TXP) and \
+				self.screenshots.count() == 0:
+			return "wip"
+		elif not self.getDownloadRelease():
+			return "wip"
+		elif "Other" in self.license.name or "Other" in self.media_license.name:
+			return "license"
+		else:
+			return "ready"
+
+	def getAsDictionaryKey(self):
 		return {
 			"name": self.name,
-			"title": self.title,
 			"author": self.author.display_name,
-			"shortDesc": self.shortDesc,
 			"type": self.type.toName(),
-			"release": self.getDownloadRelease().id if self.getDownloadRelease() is not None else None,
-			"thumbnail": (base_url + tnurl) if tnurl is not None else None
 		}
 
-	def getAsDictionary(self, base_url):
-		tnurl = self.getThumbnailURL()
+	def getAsDictionaryShort(self, base_url, version=None, protonum=None):
+		tnurl = self.getThumbnailURL(1)
+		release = self.getDownloadRelease(version=version, protonum=protonum)
+		return {
+			"name": self.name,
+			"title": self.title,
+			"author": self.author.display_name,
+			"short_description": self.short_desc,
+			"type": self.type.toName(),
+			"release": release and release.id,
+			"thumbnail": (base_url + tnurl) if tnurl is not None else None,
+			"score": round(self.score * 10) / 10
+		}
+
+	def getAsDictionary(self, base_url, version=None, protonum=None):
+		tnurl = self.getThumbnailURL(1)
+		release = self.getDownloadRelease(version=version, protonum=protonum)
 		return {
 			"author": self.author.display_name,
 			"name": self.name,
 			"title": self.title,
-			"shortDesc": self.shortDesc,
+			"short_description": self.short_desc,
 			"desc": self.desc,
 			"type": self.type.toName(),
-			"createdAt": self.created_at,
+			"created_at": self.created_at,
 
 			"license": self.license.name,
-			"mediaLicense": self.media_license.name,
+			"media_license": self.media_license.name,
 
 			"repo": self.repo,
 			"website": self.website,
-			"issueTracker": self.issueTracker,
+			"issue_tracker": self.issueTracker,
 			"forums": self.forums,
 
 			"provides": [x.name for x in self.provides],
@@ -412,15 +487,17 @@ class Package(db.Model):
 			"screenshots": [base_url + ss.url for ss in self.screenshots],
 
 			"url": base_url + self.getDownloadURL(),
-			"release": self.getDownloadRelease().id if self.getDownloadRelease() is not None else None
+			"release": release and release.id,
+
+			"score": round(self.score * 10) / 10
 		}
 
-	def getThumbnailURL(self):
-		screenshot = self.screenshots.filter_by(approved=True).first()
-		return screenshot.getThumbnailURL() if screenshot is not None else None
+	def getThumbnailURL(self, level=2):
+		screenshot = self.screenshots.filter_by(approved=True).order_by(db.asc(PackageScreenshot.id)).first()
+		return screenshot.getThumbnailURL(level) if screenshot is not None else None
 
 	def getMainScreenshotURL(self):
-		screenshot = self.screenshots.filter_by(approved=True).first()
+		screenshot = self.screenshots.filter_by(approved=True).order_by(db.asc(PackageScreenshot.id)).first()
 		return screenshot.url if screenshot is not None else None
 
 	def getDetailsURL(self):
@@ -435,8 +512,8 @@ class Package(db.Model):
 		return url_for("approve_package_page",
 				author=self.author.username, name=self.name)
 
-	def getDeleteURL(self):
-		return url_for("delete_package_page",
+	def getRemoveURL(self):
+		return url_for("remove_package_page",
 				author=self.author.username, name=self.name)
 
 	def getNewScreenshotURL(self):
@@ -451,17 +528,37 @@ class Package(db.Model):
 		return url_for("create_edit_editrequest_page",
 				author=self.author.username, name=self.name)
 
+	def getBulkReleaseURL(self):
+		return url_for("bulk_change_release_page",
+			author=self.author.username, name=self.name)
+
 	def getDownloadURL(self):
 		return url_for("package_download_page",
 				author=self.author.username, name=self.name)
 
-	def getDownloadRelease(self):
+	def getDownloadRelease(self, version=None, protonum=None):
+		if version is None and protonum is not None:
+			version = MinetestRelease.query.filter(MinetestRelease.protocol >= int(protonum)).first()
+			if version is not None:
+				version = version.id
+			else:
+				version = 10000000
+
+
 		for rel in self.releases:
-			if rel.approved:
+			if rel.approved and (version is None or
+					((rel.min_rel is None or rel.min_rel_id <= version) and \
+					(rel.max_rel is None or rel.max_rel_id >= version))):
 				return rel
 
 		return None
 
+	def getDownloadCount(self):
+		counter = 0
+		for release in self.releases:
+			counter += release.downloads
+		return counter
+
 	def checkPerm(self, user, perm):
 		if not user.is_authenticated:
 			return False
@@ -473,6 +570,9 @@ class Package(db.Model):
 
 		isOwner = user == self.author
 
+		if perm == Permission.CREATE_THREAD:
+			return user.rank.atLeast(UserRank.MEMBER)
+
 		# Members can edit their own packages, and editors can edit any packages
 		if perm == Permission.MAKE_RELEASE or perm == Permission.ADD_SCREENSHOTS:
 			return isOwner or user.rank.atLeast(UserRank.EDITOR)
@@ -483,21 +583,42 @@ class Package(db.Model):
 			else:
 				return user.rank.atLeast(UserRank.EDITOR)
 
-		# Editors can change authors
-		elif perm == Permission.CHANGE_AUTHOR:
+		# Anyone can change the package name when not approved, but only editors when approved
+		elif perm == Permission.CHANGE_NAME:
+			return not self.approved or user.rank.atLeast(UserRank.EDITOR)
+
+		# Editors can change authors and approve new packages
+		elif perm == Permission.APPROVE_NEW or perm == Permission.CHANGE_AUTHOR:
 			return user.rank.atLeast(UserRank.EDITOR)
 
-		elif perm == Permission.APPROVE_NEW or perm == Permission.APPROVE_RELEASE \
-				or perm == Permission.APPROVE_SCREENSHOT:
+		elif perm == Permission.APPROVE_RELEASE or perm == Permission.APPROVE_SCREENSHOT:
 			return user.rank.atLeast(UserRank.TRUSTED_MEMBER if isOwner else UserRank.EDITOR)
 
 		# Moderators can delete packages
-		elif perm == Permission.DELETE_PACKAGE or perm == Permission.CHANGE_RELEASE_URL:
+		elif perm == Permission.DELETE_PACKAGE or perm == Permission.UNAPPROVE_PACKAGE \
+				or perm == Permission.CHANGE_RELEASE_URL:
 			return user.rank.atLeast(UserRank.MODERATOR)
 
 		else:
 			raise Exception("Permission {} is not related to packages".format(perm.name))
 
+	def recalcScore(self):
+		self.score = 10
+
+		if self.forums is not None:
+			topic = ForumTopic.query.get(self.forums)
+			if topic:
+				days   = (datetime.datetime.now() - topic.created_at).days
+				months = days / 30
+				years  = days / 365
+				self.score = topic.views / max(years, 0.0416) + 80*min(max(months, 0.5), 6)
+
+		if self.getMainScreenshotURL() is None:
+			self.score *= 0.8
+
+		if not self.license.is_foss or not self.media_license.is_foss:
+			self.score *= 0.1
+
 class MetaPackage(db.Model):
 	id           = db.Column(db.Integer, primary_key=True)
 	name         = db.Column(db.String(100), unique=True, nullable=False)
@@ -562,15 +683,36 @@ class Tag(db.Model):
 		regex = re.compile("[^a-z_]")
 		self.name = regex.sub("", self.title.lower().replace(" ", "_"))
 
+
+class MinetestRelease(db.Model):
+	id       = db.Column(db.Integer, primary_key=True)
+	name     = db.Column(db.String(100), unique=True, nullable=False)
+	protocol = db.Column(db.Integer, nullable=False, default=0)
+
+	def __init__(self, name=None):
+		self.name = name
+
+	def getActual(self):
+		return None if self.name == "None" else self
+
+
 class PackageRelease(db.Model):
 	id           = db.Column(db.Integer, primary_key=True)
 
 	package_id   = db.Column(db.Integer, db.ForeignKey("package.id"))
 	title        = db.Column(db.String(100), nullable=False)
-	releaseDate  = db.Column(db.DateTime,        nullable=False)
+	releaseDate  = db.Column(db.DateTime,    nullable=False)
 	url          = db.Column(db.String(200), nullable=False)
 	approved     = db.Column(db.Boolean, nullable=False, default=False)
 	task_id      = db.Column(db.String(37), nullable=True)
+	commit_hash  = db.Column(db.String(41), nullable=True, default=None)
+	downloads    = db.Column(db.Integer, nullable=False, default=0)
+
+	min_rel_id = db.Column(db.Integer, db.ForeignKey("minetest_release.id"), nullable=True, server_default=None)
+	min_rel    = db.relationship("MinetestRelease", foreign_keys=[min_rel_id])
+
+	max_rel_id = db.Column(db.Integer, db.ForeignKey("minetest_release.id"), nullable=True, server_default=None)
+	max_rel    = db.relationship("MinetestRelease", foreign_keys=[max_rel_id])
 
 
 	def getEditURL(self):
@@ -579,8 +721,33 @@ class PackageRelease(db.Model):
 				name=self.package.name,
 				id=self.id)
 
+	def getDownloadURL(self):
+		return url_for("download_release_page",
+				author=self.package.author.username,
+				name=self.package.name,
+				id=self.id)
+
+
 	def __init__(self):
-		self.releaseDate = datetime.now()
+		self.releaseDate = datetime.datetime.now()
+
+	def approve(self, user):
+		if self.package.approved and \
+				not self.package.checkPerm(user, Permission.APPROVE_RELEASE):
+			return False
+
+		assert(self.task_id is None and self.url is not None and self.url != "")
+
+		self.approved = True
+		return True
+
+
+class PackageReview(db.Model):
+	id         = db.Column(db.Integer, primary_key=True)
+	package_id = db.Column(db.Integer, db.ForeignKey("package.id"))
+	thread_id  = db.Column(db.Integer, db.ForeignKey("thread.id"), nullable=False)
+	recommend  = db.Column(db.Boolean, nullable=False, default=True)
+
 
 class PackageScreenshot(db.Model):
 	id         = db.Column(db.Integer, primary_key=True)
@@ -596,8 +763,10 @@ class PackageScreenshot(db.Model):
 				name=self.package.name,
 				id=self.id)
 
-	def getThumbnailURL(self):
-		return self.url.replace("/uploads/", "/thumbnails/350x233/")
+	def getThumbnailURL(self, level=2):
+		return self.url.replace("/uploads/", ("/thumbnails/{:d}/").format(level))
+
+
 
 class EditRequest(db.Model):
 	id           = db.Column(db.Integer, primary_key=True)
@@ -702,13 +871,22 @@ class Thread(db.Model):
 	title      = db.Column(db.String(100), nullable=False)
 	private    = db.Column(db.Boolean, server_default="0")
 
-	created_at = db.Column(db.DateTime, nullable=False, default=datetime.utcnow)
+	created_at = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
 
 	replies    = db.relationship("ThreadReply", backref="thread", lazy="dynamic")
 
 	watchers   = db.relationship("User", secondary=watchers, lazy="subquery", \
 						backref=db.backref("watching", lazy=True))
 
+
+	def getSubscribeURL(self):
+		return url_for("thread_subscribe_page",
+				id=self.id)
+
+	def getUnsubscribeURL(self):
+		return url_for("thread_unsubscribe_page",
+				id=self.id)
+
 	def checkPerm(self, user, perm):
 		if not user.is_authenticated:
 			return not self.private
@@ -731,11 +909,7 @@ class ThreadReply(db.Model):
 	thread_id  = db.Column(db.Integer, db.ForeignKey("thread.id"), nullable=False)
 	comment    = db.Column(db.String(500), nullable=False)
 	author_id  = db.Column(db.Integer, db.ForeignKey("user.id"), nullable=False)
-	created_at = db.Column(db.DateTime, nullable=False, default=datetime.utcnow)
-
-
-
-
+	created_at = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
 
 
 REPO_BLACKLIST = [".zip", "mediafire.com", "dropbox.com", "weebly.com", \
@@ -743,29 +917,64 @@ REPO_BLACKLIST = [".zip", "mediafire.com", "dropbox.com", "weebly.com", \
 		"digitalaudioconcepts.com", "hg.intevation.org", "www.wtfpl.net", \
 		"imageshack.com", "imgur.com"]
 
-class KrockForumTopic(db.Model):
+class ForumTopic(db.Model):
 	topic_id  = db.Column(db.Integer, primary_key=True, autoincrement=False)
 	author_id = db.Column(db.Integer, db.ForeignKey("user.id"), nullable=False)
 	author    = db.relationship("User")
 
-	ttype     = db.Column(db.Integer, nullable=False)
+	wip       = db.Column(db.Boolean, server_default="0")
+	discarded = db.Column(db.Boolean, server_default="0")
+
+	type      = db.Column(db.Enum(PackageType), nullable=False)
 	title     = db.Column(db.String(200), nullable=False)
 	name      = db.Column(db.String(30), nullable=True)
 	link      = db.Column(db.String(200), nullable=True)
 
-	def getType(self):
-		if self.ttype == 1 or self.ttype == 2:
-			return PackageType.MOD
-		elif self.ttype == 6:
-			return PackageType.GAME
+	posts     = db.Column(db.Integer, nullable=False)
+	views     = db.Column(db.Integer, nullable=False)
+
+	created_at = db.Column(db.DateTime, nullable=False, default=datetime.datetime.utcnow)
 
 	def getRepoURL(self):
+		if self.link is None:
+			return None
+
 		for item in REPO_BLACKLIST:
 			if item in self.link:
 				return None
 
 		return self.link.replace("repo.or.cz/w/", "repo.or.cz/")
 
+	def getAsDictionary(self):
+		return {
+			"author": self.author.username,
+			"name":   self.name,
+			"type":   self.type.toName(),
+			"title":  self.title,
+			"id":     self.topic_id,
+			"link":   self.link,
+			"posts":  self.posts,
+			"views":  self.views,
+			"is_wip": self.wip,
+			"discarded":  self.discarded,
+			"created_at": self.created_at.isoformat(),
+		}
+
+	def checkPerm(self, user, perm):
+		if not user.is_authenticated:
+			return False
+
+		if type(perm) == str:
+			perm = Permission[perm]
+		elif type(perm) != Permission:
+			raise Exception("Unknown permission given to ForumTopic.checkPerm()")
+
+		if perm == Permission.TOPIC_DISCARD:
+			return self.author == user or user.rank.atLeast(UserRank.EDITOR)
+
+		else:
+			raise Exception("Permission {} is not related to topics".format(perm.name))
+
 
 # Setup Flask-User
 db_adapter = SQLAlchemyAdapter(db, User)        # Register the User model

app/public/static/opensearch.xml

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/">
+	<ShortName>ContentDB</ShortName>
+	<LongName>ContentDB</LongName>
+	<InputEncoding>UTF-8</InputEncoding>
+	<Description>Search mods, games, and textures for Minetest.</Description>
+	<Tags>Minetest Mod Game Subgame Search</Tags>
+	<Url type="text/html" method="get" template="https://content.minetest.net/packages?q={searchTerms}"/>
+</OpenSearchDescription>

app/public/static/package_create.js

@@ -11,6 +11,8 @@ $(function() {
 
 	$(".pkg_meta").hide()
 	$(".pkg_wiz_1").show()
+
+	$("#pkg_wiz_1_skip").click(finish)
 	$("#pkg_wiz_1_next").click(function() {
 		const repoURL = $("#repo").val();
 		if (repoURL.trim() != "") {
@@ -18,41 +20,38 @@ $(function() {
 			$(".pkg_wiz_2").show()
 			$(".pkg_repo").hide()
 
-			function setSpecial(id, value) {
-				if (value != "") {
+			function setField(id, value) {
+				if (value && value != "") {
 					var ele = $(id);
 					ele.val(value);
-					ele.trigger("change")
+					ele.trigger("change");
 				}
 			}
 
 			performTask("/tasks/getmeta/new/?url=" + encodeURI(repoURL)).then(function(result) {
-				$("#name").val(result.name)
-				setSpecial("#provides_str", result.provides)
-				$("#title").val(result.title)
-				$("#repo").val(result.repo || repoURL)
-				$("#issueTracker").val(result.issueTracker)
-				$("#desc").val(result.description)
-				$("#shortDesc").val(result.short_description)
-				setSpecial("#harddep_str", result.depends)
-				setSpecial("#softdep_str", result.optional_depends)
-				$("#shortDesc").val(result.short_description)
-				if (result.forumId) {
-					$("#forums").val(result.forumId)
-				}
-
+				setField("#name", result.name);
+				setField("#provides_str", result.provides);
+				setField("#title", result.title);
+				setField("#repo", result.repo || repoURL);
+				setField("#issueTracker", result.issueTracker);
+				setField("#desc", result.description);
+				setField("#short_desc", result.short_description);
+				setField("#harddep_str", result.depends);
+				setField("#softdep_str", result.optional_depends);
+				setField("#short_desc", result.short_description);
+				setField("#forums", result.forumId);
 				if (result.type && result.type.length > 2) {
-					$("#type").val(result.type)
+					$("#type").val(result.type);
 				}
 
-				finish()
+				finish();
 			}).catch(function(e) {
-				alert(e)
-				$(".pkg_wiz_1").show()
-				$(".pkg_wiz_2").hide()
-				$(".pkg_repo").show()
+				alert(e);
+				$(".pkg_wiz_1").show();
+				$(".pkg_wiz_2").hide();
+				$(".pkg_repo").show();
 				// finish()
-			})
+			});
 		} else {
 			finish()
 		}

app/public/static/package_edit.js

@@ -8,4 +8,57 @@ $(function() {
 	})
 	$(".not_mod, .not_game, .not_txp").show()
 	$(".not_" + $("#type").val().toLowerCase()).hide()
+
+	$("#forums").on('paste', function(e) {
+		try {
+			var pasteData = e.originalEvent.clipboardData.getData('text')
+			var url = new URL(pasteData);
+			if (url.hostname == "forum.minetest.net") {
+				$(this).val(url.searchParams.get("t"));
+				e.preventDefault();
+			}
+		} catch (e) {
+			console.log("Not a URL");
+		}
+	});
+
+	let hint = null;
+	function showHint(ele, text) {
+		if (hint) {
+			hint.remove();
+		}
+
+		hint = ele.parent()
+				.append(`<div class="alert alert-warning my-3">${text}</div>`)
+				.find(".alert");
+	}
+
+	let hint_mtmods = `Tip:
+		Don't include <i>Minetest</i>, <i>mod</i>, or <i>modpack</i> anywhere in the short description.
+		It is unnecessary and wastes characters.`;
+
+	let hint_thegame = `Tip:
+		It's obvious that this adds something to Minetest,
+		there's no need to use phrases such as \"adds X to the game\".`
+
+	$("#short_desc").on("change paste keyup", function() {
+		var val = $(this).val().toLowerCase();
+		if (val.indexOf("minetest") >= 0 || val.indexOf("mod") >= 0 ||
+				val.indexOf("modpack") >= 0 || val.indexOf("mod pack") >= 0) {
+			showHint($(this), hint_mtmods);
+		} else if (val.indexOf("the game") >= 0) {
+			showHint($(this), hint_thegame);
+		} else if (hint) {
+			hint.remove();
+			hint = null;
+		}
+	})
+
+	var btn = $("#forums").parent().find("label").append("<a class='ml-3 btn btn-sm btn-primary'>Open</a>");
+	btn.click(function() {
+		var id = $("#forums").val();
+		if (/^\d+$/.test(id)) {
+			window.open("https://forum.minetest.net/viewtopic.php?t=" + id, "_blank");
+		}
+	});
 })

app/public/static/release_minmax.js

@@ -0,0 +1,18 @@
+var min = $("#min_rel");
+var max = $("#max_rel");
+var none = $("#min_rel option:first-child").attr("value");
+var warning = $("#minmax_warning");
+
+function ver_check() {
+	var minv = min.val();
+	var maxv = max.val();
+
+	if (minv != none && maxv != none && minv > maxv) {
+		warning.show();
+	} else {
+		warning.hide();
+	}
+}
+
+min.change(ver_check);
+max.change(ver_check);

app/public/static/tagselector.js

@@ -5,13 +5,25 @@
  * https://petprojects.googlecode.com/svn/trunk/GPL-LICENSE.txt
  */
 (function($) {
+	function hide_error(input) {
+		var err = input.parent().parent().find(".invalid-remaining");
+		err.hide();
+	}
+
+	function show_error(input, msg) {
+		var err = input.parent().parent().find(".invalid-remaining");
+		console.log(err.length);
+		err.text(msg);
+		err.show();
+	}
+
 	$.fn.selectSelector = function(source, name, select) {
 		return this.each(function() {
 				var selector = $(this),
 					input = $('input[type=text]', this);
 
 				selector.click(function() { input.focus(); })
-					.delegate('.tag a', 'click', function() {
+					.delegate('.badge a', 'click', function() {
 						var id = $(this).parent().data("id");
 						for (var i = 0; i < source.length; i++) {
 							if (source[i].id == id) {
@@ -23,13 +35,14 @@
 					});
 
 				function addTag(item) {
-					var tag = $('<span class="tag"/>')
+					var tag = $('<span class="badge badge-pill badge-primary"/>')
 						.text(item.toString() + ' ')
 						.data("id", item.id)
 						.append('<a>x</a>')
 						.insertBefore(input);
 					input.attr("placeholder", null);
 					select.find("option[value=" + item.id + "]").attr("selected", "selected")
+					hide_error(input);
 				}
 
 				function recreate() {
@@ -42,6 +55,13 @@
 				}
 				recreate();
 
+				input.focusout(function(e) {
+					var value = input.val().trim()
+					if (value != "") {
+						show_error(input, "Please select an existing tag, it;s not possible to add custom ones.");
+					}
+				})
+
 				input.keydown(function(e) {
 						if (e.keyCode === $.ui.keyCode.TAB && $(this).data('ui-autocomplete').menu.active)
 							e.preventDefault();
@@ -92,7 +112,7 @@
 				}
 
 				selector.click(function() { input.focus(); })
-					.delegate('.tag a', 'click', function() {
+					.delegate('.badge a', 'click', function() {
 						var id = $(this).parent().data("id");
 						for (var i = 0; i < selected.length; i++) {
 							if (selected[i] == id) {
@@ -113,13 +133,14 @@
 				}
 
 				function addTag(id, value) {
-					var tag = $('<span class="tag"/>')
+					var tag = $('<span class="badge badge-pill badge-primary"/>')
 						.text(value)
 						.data("id", id)
 						.append(' <a>x</a>')
 						.insertBefore(input);
 
 					input.attr("placeholder", null);
+					hide_error(input);
 				}
 
 				function recreate() {
@@ -147,6 +168,18 @@
 
 				result.change(readFromResult);
 
+				input.focusout(function() {
+					var item = input.val();
+					if (item.length == 0) {
+						input.data("ui-autocomplete").search("");
+					} else if (item.match(/^([a-z0-9_]+)$/)) {
+						selectItem(item);
+						recreate();
+						input.val("");
+					}
+					return true;
+				});
+
 				input.keydown(function(e) {
 						if (e.keyCode === $.ui.keyCode.TAB && $(this).data('ui-autocomplete').menu.active)
 							e.preventDefault();
@@ -159,7 +192,7 @@
 								recreate();
 								input.val("");
 							} else {
-								alert("Only lowercase alphanumeric and number names allowed.");
+								show_error(input, "Only lowercase alphanumeric and number names allowed.");
 							}
 							e.preventDefault();
 							return true;

app/public/static/topic_discard.js

@@ -0,0 +1,29 @@
+$(".topic-discard").click(function() {
+	var ele = $(this);
+	var tid = ele.attr("data-tid");
+	var discard = !ele.parent().parent().hasClass("discardtopic");
+	fetch(new Request("/api/topic_discard/?tid=" + tid +
+			"&discard=" + (discard ? "true" : "false"), {
+		method: "post",
+		credentials: "same-origin",
+		headers: {
+			"Accept": "application/json",
+			"X-CSRFToken": csrf_token,
+		},
+	})).then(function(response) {
+		response.text().then(function(txt) {
+			console.log(JSON.parse(txt));
+			if (JSON.parse(txt).discarded) {
+				ele.parent().parent().addClass("discardtopic");
+				ele.removeClass("btn-danger");
+				ele.addClass("btn-success");
+				ele.text("Show");
+			} else {
+				ele.parent().parent().removeClass("discardtopic");
+				ele.removeClass("btn-success");
+				ele.addClass("btn-danger");
+				ele.text("Discard");
+			}
+		}).catch(console.log)
+	}).catch(console.log)
+});

app/querybuilder.py

@@ -0,0 +1,130 @@
+from .models import db, PackageType, Package, ForumTopic, License, MinetestRelease, PackageRelease
+from .utils import isNo, isYes
+from sqlalchemy.sql.expression import func
+from flask import abort
+from sqlalchemy import or_
+
+class QueryBuilder:
+	title  = None
+	types  = None
+	search = None
+
+	def __init__(self, args):
+		title = "Packages"
+
+		# Get request types
+		types = args.getlist("type")
+		types = [PackageType.get(tname) for tname in types]
+		types = [type for type in types if type is not None]
+		if len(types) > 0:
+			title = ", ".join([type.value + "s" for type in types])
+
+		hide_flags = args.getlist("hide")
+
+		self.title  = title
+		self.types  = types
+		self.search = args.get("q")
+		self.random = "random" in args
+		self.lucky  = self.random or "lucky" in args
+		self.hide_nonfree = "nonfree" in hide_flags
+		self.limit  = 1 if self.lucky else None
+		self.order_by  = args.get("sort")
+		self.order_dir = args.get("order") or "desc"
+		self.protocol_version = args.get("protocol_version")
+
+		self.show_discarded = isYes(args.get("show_discarded"))
+		self.show_added = args.get("show_added")
+		if self.show_added is not None:
+			self.show_added = isYes(self.show_added)
+
+		if self.search is not None and self.search.strip() == "":
+			self.search = None
+
+	def setSortIfNone(self, name):
+		if self.order_by is None:
+			self.order_by = name
+
+	def getMinetestVersion(self):
+		if not self.protocol_version:
+			return None
+
+		self.protocol_version = int(self.protocol_version)
+		version = MinetestRelease.query.filter(MinetestRelease.protocol>=self.protocol_version).first()
+		if version is not None:
+			return version.id
+		else:
+			return 10000000
+
+	def buildPackageQuery(self):
+		query = Package.query.filter_by(soft_deleted=False, approved=True)
+
+		if len(self.types) > 0:
+			query = query.filter(Package.type.in_(self.types))
+
+		if self.search:
+			query = query.search(self.search)
+
+		if self.random:
+			query = query.order_by(func.random())
+		else:
+			to_order = None
+			if self.order_by is None or self.order_by == "score":
+				to_order = Package.score
+			elif self.order_by == "created_at":
+				to_order = Package.created_at
+			else:
+				abort(400)
+
+			if self.order_dir == "asc":
+				to_order = db.asc(to_order)
+			elif self.order_dir == "desc":
+				to_order = db.desc(to_order)
+			else:
+				abort(400)
+
+			query = query.order_by(to_order)
+
+		if self.hide_nonfree:
+			query = query.filter(Package.license.has(License.is_foss == True))
+			query = query.filter(Package.media_license.has(License.is_foss == True))
+
+		if self.protocol_version:
+			version = self.getMinetestVersion()
+			query = query.join(Package.releases) \
+				.filter(PackageRelease.approved==True) \
+				.filter(or_(PackageRelease.min_rel_id==None, PackageRelease.min_rel_id<=version)) \
+				.filter(or_(PackageRelease.max_rel_id==None, PackageRelease.max_rel_id>=version))
+
+		if self.limit:
+			query = query.limit(self.limit)
+
+		return query
+
+	def buildTopicQuery(self, show_added=False):
+		query = ForumTopic.query
+
+		if not self.show_discarded:
+			query = query.filter_by(discarded=False)
+
+		show_added = self.show_added == True or (self.show_added is None and show_added)
+		if not show_added:
+			query = query.filter(~ db.exists().where(Package.forums==ForumTopic.topic_id))
+
+		if self.order_by is None or self.order_by == "name":
+			query = query.order_by(db.asc(ForumTopic.wip), db.asc(ForumTopic.name), db.asc(ForumTopic.title))
+		elif self.order_by == "views":
+			query = query.order_by(db.desc(ForumTopic.views))
+		elif self.order_by == "date":
+			query = query.order_by(db.asc(ForumTopic.created_at))
+			sort_by = "date"
+
+		if self.search:
+			query = query.filter(ForumTopic.title.ilike('%' + self.search + '%'))
+
+		if len(self.types) > 0:
+			query = query.filter(ForumTopic.type.in_(self.types))
+
+		if self.limit:
+			query = query.limit(self.limit)
+
+		return query

app/scss/comments.scss

@@ -1,49 +1,29 @@
-.comments, .comments li {
-	list-style: none;
-	padding: 0;
-	margin: 0;
-	border: 1px solid #444;
+.img-thumbnail-1 {
+	padding: 0px;
+	// width: 100%;
+	background: white;
 }
 
 .comments {
-	border-radius: 5px;
-	margin: 15px 0;
-	background: #333;
+	list-style: none;
+	padding: 0;
 
-	.info_strip, .msg {
-		display: block;
-		margin: 0;
-	}
+	.card {
+		position:relative;
 
-	.info_strip {
-		padding: 0.2em 1em;
-		border-bottom: 1px solid #444;
-	}
-
-	.msg {
-		padding: 1em;
-		background: #222;
-	}
-
-	.author {
-		font-weight: bold;
-		float: left;
-		display: inline-block;
-	}
-
-	.info_strip span {
-		float: right;
-		display: inline-block;
-		color: #bbb;
+		.card-header:before {
+			position: absolute;
+			top: 11px;
+			right: 100%;
+			width: 0;
+			height: 0;
+			display: block;
+			content:" ";
+			border-color: transparent;
+			border-style: solid solid outset;
+			pointer-events:none;
+			border-right-color: #444;
+			border-width: 14px;
+		}
 	}
 }
-
-.comment_form {
-	margin: 1em 0;
-}
-
-.comment_form textarea {
-	min-width: 60%;
-	max-width: 100%;
-	margin: 0 0 1em 0;
-}

app/scss/components.scss

@@ -1,108 +1,3 @@
-h1 {
-	margin: 0;
-}
-
-h2, h3 {
-	margin: 5px 0;
-}
-
-a {
-	color: #0be;
-	font-weight: bold;
-	text-decoration: none;
-}
-
-a:hover {
-	color: #0df;
-	text-decoration: underline;
-}
-
-/* Containers */
-
-.box {
-	border-radius: 5px;
-	margin: 15px 0;
-	padding: 0;
-}
-
-.box > h2, .box > h3 {
-	margin: 0;
-	padding: 0.5em 0.5em 0.5em 15px;
-	border-bottom: 1px solid #444;
-}
-
-.box .box-body {
-	padding: 1em !important;
-}
-
-// .box form {
-// 	padding: 1em;
-// }
-
-.box_grey {
-	background: #333;
-	border: 1px solid #444;
-}
-
-.ul_boxes {
-	display: block;
-	margin: 0;
-	padding: 0;
-	list-style: none;
-}
-
-.ul_boxes > li {
-	padding: 0;
-	list-style: none;
-}
-
-.box_link {
-	display: block;
-	color: #ddd;
-	text-decoration: none;
-}
-
-.box_link:hover{
-	background: #3a3a3a;
-}
-
-
-/*
-	buttonset
-*/
-
-.buttonset, .buttonset li {
-	display: block;
-	margin: 0;
-	padding: 0;
-	list-style: none;
-}
-
-.buttonset {
-	margin: 15px 0;
-}
-
-.button, .buttonset li a, input[type=submit] {
-	cursor: pointer;
-}
-
-.button, .buttonset li a, input[type=submit], input[type=text],
-		input[type=password], textarea, select, .bulletselector {
-	text-align: center;
-	display: inline-block;
-	padding: 0.4em 1em;
-	background: rgba(255,255,255,0.07);
-	border: 1px solid rgba(255,255,255,0.1);
-	color: #ddd;
-	border-radius: 5px;
-	text-decoration: none;
-	font-size: 100%;
-}
-
-input[type=text], input[type=password], textarea, select, .bulletselector {
-	text-align: left;
-}
-
 .ui-autocomplete, ui-front {
 	position:absolute;
 	cursor:default;
@@ -129,74 +24,11 @@ input[type=text], input[type=password], textarea, select, .bulletselector {
 	}
 }
 
-select {
-	min-width: 200px;
+.bulletselector {
+	height: auto !important;
+	display: inline-block !important;
 }
 
-select:not([multiple]) {
-	background: linear-gradient(#444, #333);
-}
-
-.form-group {
-	padding: 8px 0;
-}
-
-.form-group label {
-	display: block;
-	vertical-align: top;
-	padding: 0 8px 8px 0;
-}
-
-.form-group input, .form-group textarea, .form-group .bulletselector {
-	display: block;
-	min-width: 100%;
-	max-width: 100%;
-}
-
-.box .form-group input, .box .form-group textarea, .form-group .bulletselector {
-	min-width: 95%;
-	max-width: 95%;
-}
-
-.form-group textarea {
-	min-height: 200px;
-}
-
-.button:hover, .buttonset li a:hover, input[type=submit]:hover {
-	background: rgba(255,255,255,0.13);
-	border: 1px solid rgba(255,255,255,0.17);
-	text-decoration: none;
-	color: #ddd;
-}
-
-.btn_green {
-	background: #363 !important;
-	border: 1px solid #473;
-}
-
-.btn_green:hover {
-	background: #474 !important;
-}
-
-.linedbuttonset a {
-	border: 1px solid #eee;
-	border-radius: 3px;
-	padding: 4px 10px;
-	margin: 0;
-	display: block;
-}
-
-.linedbuttonset {
-	display: block;
-	margin: 0;
-}
-
-.linedbuttonset li {
-	display: inline-block;
-	margin: 10px 10px 0 0;
-}
-
-
 .bulletselector input {
 	border: none;
 	border-radius: 0;
@@ -211,166 +43,14 @@ select:not([multiple]) {
 	white-space: nowrap;
 	background: transparent;
 }
-.bulletselector .tag {
-	background: #375D81;
-	border-radius: 3px;
-    -moz-border-radius: 3px;
-	color: #FFF;
+.bulletselector .badge {
 	float: left;
-	height: 15px;
-	padding: 0.1em 0.4em 0.5em;
+	padding: 0.4em 0.8em;
 	margin-right: 0.3em;
-	margin-bottom: 0.3em;
-    vertical-align: baseline;
-}
-.bulletselector .tag a {
-	color: #FFF;
-	cursor: pointer;
-}
-.bulletselector .tag a:hover {
-	color: #0099CC;
-	text-decoration: none;
 }
 
-
-/* Alerts */
-
-
-.alert .alert_right, .alert > form {
-	display: inline-block;
-	margin: 0;
-	position: absolute;
-	top: 0;
-	right: 0;
-	bottom: 0;
-}
-
-.alert {
-	padding: 10px;
-	position: relative;
-
-	.alert_right:not(.button) {
-		padding: 0;
-	}
-
-	.alert_right form {
-		height: 100%;
-	}
-
-	form {
-		display: inline-block;
-		margin: 0;
-		padding: 0;
-	}
-
-	input {
-		height: 100%;
-	}
-
-	input, .button {
-		margin: 0;
-		background: 0;
-		border: 0;
-		border-left: 1px solid rgba(255,255,255,0.12);
-		border-radius: 0;
-		vertical-align: middle;
-	}
-
-	input:hover, .button:hover {
-		border: 0;
-		border-left: 1px solid rgba(255,255,255,0.2);
-	}
-}
-
-#alerts {
-	list-style: none;
-	position: fixed;
-	bottom: 15px;
-	left: 0;
-	right: 0;
-	z-index: 1000;
-}
-
-#alerts .alert {
-	margin: 5px 0;
-	vertical-align: middle;
-}
-
-#alerts .close {
-	float: right;
-	color: white;
-}
-
-#alerts .close:hover {
-	color: #fff;
-}
-
-.alert-error, .button-danger {
-	background: #933 !important;
-	border: 1px solid #c44 !important;
-}
-
-.alert-warning {
-	background: #963;
-	border: 1px solid #c96;
-}
-
-.alert-primary {
-	background: #339;
-	border: 1px solid #66a;
-}
-
-.alert-success {
-	background: #161;
-	border: 1px solid #393;
-}
-
-table.fancyTable {
-	font-family: "Arial Black", Gadget, sans-serif;
-	border: 2px solid #000000;
-	background-color: #4A4A4A;
-	width: 100%;
-	text-align: center;
-	border-collapse: collapse;
-}
-table.fancyTable td, table.fancyTable th {
-	border: 1px solid #4A4A4A;
-	padding: 3px 2px;
-}
-table.fancyTable tbody td {
-	font-size: 13px;
-	color: #E6E6E6;
-}
-table.fancyTable tr:nth-child(even) {
-	background: #888888;
-}
-table.fancyTable thead {
-	background: #000000;
-	border-bottom: 3px solid #000000;
-}
-table.fancyTable thead th {
-	font-size: 15px;
-	font-weight: bold;
-	color: #E6E6E6;
-	text-align: center;
-	border-left: 2px solid #4A4A4A;
-}
-table.fancyTable thead th:first-child {
-	border-left: none;
-}
-
-table.fancyTable tfoot {
-	font-size: 12px;
-	font-weight: bold;
-	color: #E6E6E6;
-	background: #000000;
-	background: -moz-linear-gradient(top, #404040 0%, #191919 66%, #000000 100%);
-	background: -webkit-linear-gradient(top, #404040 0%, #191919 66%, #000000 100%);
-	background: linear-gradient(to bottom, #404040 0%, #191919 66%, #000000 100%);
-	border-top: 1px solid #4A4A4A;
-}
-table.fancyTable tfoot td {
-	font-size: 12px;
+.invalid-remaining {
+	display: none;
 }
 
 .t-mll tr td:not(:first-child) {
@@ -401,53 +81,44 @@ table.fancyTable tfoot td {
 	color: #2c2;
 }
 
-/*
-	Aside
-*/
-
-.asideright {
-	float: right;
-	margin: 0 0 0 15px;
-	max-width: 300px;
+.wiptopic a:not(.btn) {
+	color: #7ac;
 }
 
-.outsidecontainer {
-	position: absolute;
-	right: 102%;
-	top: 0;
-	width: intrinsic;           /* Safari/WebKit uses a non-standard name */
-	width: -moz-max-content;    /* Firefox/Gecko */
-	width: -webkit-max-content; /* Chrome */
-}
-
-@media (max-width: 1490px) {
-	.outsidecontainer {
-		display: none;
+.discardtopic {
+	text-decoration: line-through;
+	a:not(.btn) {
+		color: #7ac;
 	}
+	filter: brightness(0.5);
 }
 
-.flatlist, .flatlist li {
-	list-style: none;
-	padding: 0;
-	margin: 0;
+.editor-toolbar, .editor-toolbar.fullscreen {
+	margin-bottom: 0 !important;
+	background-color: #444 !important;
+	border: none !important;
+	border-radius: calc(0.25rem - 1px) calc(0.25rem - 1px) 0 0 !important;
+	border-bottom: 1px solid rgba(0, 0, 0, 0.125) !important;
 }
 
-.flatlist li {
-	display: block;
+.editor-toolbar button {
+	color: white;
 }
 
-.flatlist a {
-	display: block;
-	padding: 0.5em 20px;
-	color: #ddd;
-	font-weight: normal;
+.editor-toolbar button.active, .editor-toolbar button:hover {
+	background: #375a7f !important;
+	color: white !important;
 }
 
-.flatlist a:hover {
-	background: #444;
-	text-decoration: none;
+.editor-toolbar.fullscreen::before, .editor-toolbar.fullscreen::after {
+	display: none !important;
 }
 
-.table-topalign td {
-	vertical-align: top;
+// .CodeMirror {
+// 	background-color: #222 !important;
+// }
+
+.editor-preview-side, .editor-preview {
+	background-color: #222 !important;
+	color: white !important;
 }

app/scss/custom.scss

@@ -0,0 +1,57 @@
+@import "components.scss";
+@import "packages.scss";
+@import "packagegrid.scss";
+@import "comments.scss";
+
+.dropdown-menu {
+    margin-top: 0;
+}
+
+.dropdown:hover .dropdown-menu {
+   display: block;
+}
+
+.nav-link > img {
+	max-height: 1em;
+}
+
+#alerts {
+    display: block;
+    list-style: none;
+    position: fixed;
+    bottom: 0;
+    left:0;
+    right:0;
+    margin: 0;
+    padding:0;
+    z-index: 1000;
+}
+
+#alerts li {
+    list-style: none;
+}
+
+.jumbotron {
+    background-size: cover;
+    background-repeat: no-repeat;
+    background-position: center;
+}
+
+.alert .btn {
+    text-decoration: none;
+}
+
+.card .table {
+    margin-bottom: 0;
+}
+
+.btn-download {
+    color: #fff;
+    background-color: #00b05c;
+    border-color: #00b05c;
+}
+
+.btn-download:focus, .btn-download.focus {
+    -webkit-box-shadow: 0 0 0 0.2rem rgba(231, 76, 60, 0.5);
+    box-shadow: 0 0 0 0.2rem rgba(231, 76, 60, 0.5);
+}

app/scss/main.scss

@@ -1,6 +0,0 @@
-@import "page.scss";
-@import "components.scss";
-@import "nav.scss";
-@import "packages.scss";
-@import "packagegrid.scss";
-@import "comments.scss";

app/scss/nav.scss

@@ -1,90 +0,0 @@
-nav {
-	margin: 0 auto 0 auto;
-	list-style: none;
-	background: #333;
-}
-
-nav .navbar-left {
-	float: left;
-}
-
-nav .navbar-left li {
-	float: left;
-}
-
-nav .navbar-right {
-	float: right;
-}
-
-nav ul {
-	margin: 0 auto 0 auto;
-	padding: 0;
-	list-style: none;
-}
-
-nav li {
-	margin: 0;
-	padding: 0;
-	list-style: none;
-	display: inline-block;
-}
-
-nav li a {
-	color: #ddd;
-	margin: 0;
-	padding: 1em 1em;
-	display: block;
-	border-left: 1px solid #444;
-}
-
-nav li a:not([href]) {
-	cursor: default;
-}
-
-nav ul li:last-child a {
-	border-right: 1px solid #444;
-}
-
-nav a:hover {
-	color: #eee;
-	background: #444;
-	text-decoration: none;
-}
-
-nav img {
-	height: 1em;
-}
-
-li.dropdown {
-	position: relative;
-	display: inline-block;
-}
-
-.dropdown-menu {
-	display: none;
-	position: absolute;
-	margin: 0;
-	padding: 0;
-	min-width:160px;
-	background: #333;
-	z-index: 1;
-	right: 0;
-	box-shadow: 0px 8px 16px 0px rgba(0,0,0,0.4);
-}
-
-.dropdown:hover ul {
-	display: block;
-}
-
-.dropdown li {
-	display: block;
-}
-
-.dropdown li a {
-	border: none;
-	border-top: 1px solid #444;
-}
-
-.dropdown li:last-child a {
-	border-bottom: 1px solid #444;
-}

app/scss/packagegrid.scss

@@ -1,27 +1,20 @@
-.packagegrid {
-	display: flex;
-	flex-wrap: wrap;
-	flex-direction: row;
-	flex-grow: 1;
-	flex-shrink: 1;
+.packagetile {
+	list-style: none;
 	padding: 0;
-	margin: 0 -7px;
+	margin: 0 7px 7px 0;
+	min-width: 250px;
 }
 
-.packagegrid li {
-	flex: 1;
-	display: block;
-	min-width: 300px;
-	min-height: 200px;
-	max-width: 332px;
+li.d-flex {
+	list-style: none;
 	padding: 0;
-	margin: 7px;
+	margin: 0;
 }
 
-.packagegrid a {
+.packagetile a {
 	display: block;
 	padding-bottom: 66.66%;
-	border-radius: 7px;
+	border-radius: 3px;
 	position: relative;
 	overflow: hidden;
 	background-size: cover;
@@ -29,10 +22,6 @@
 	background-position: center;
 }
 
-.packagegrid a:hover {
-	// box-shadow: 0px 0px 16px 6px rgba(0,0,0,0.4);
-}
-
 .packagegridscrub {
 	position: absolute;
 	top: 50%;
@@ -53,6 +42,14 @@
 
 .packagegridinfo h3 {
 	color: white;
+	font-size: 120%;
+	font-weight: bold;
+}
+
+.packagegridinfo small {
+	color: #ddd;
+	font-size: 75%;
+	font-weight: bold;
 }
 
 .packagegridinfo p {
@@ -61,15 +58,15 @@
 	font-weight: normal;
 }
 
-.packagegrid a:hover .packagegridinfo {
+.packagetile a:hover .packagegridinfo {
 	top: 0;
 }
 
-.packagegrid a:hover p {
+.packagetile a:hover p {
 	display: block;
 }
 
-.packagegrid a:hover .packagegridscrub {
+.packagetile a:hover .packagegridscrub {
 	top: 0;
 	background: rgba(0,0,0,0.8);
 }

app/scss/packages.scss

@@ -37,34 +37,6 @@
 	left: 15px;
 }
 
-.sidebar_container {
-	display: block;
-	position: relative;
-	padding: 0;
-	margin: 0;
-}
-
-.sidebar_container .right, .sidebar_container .left{
-	position: absolute;
-	display: block;
-	top: 10px;
-	margin-top: 0;
-}
-
-.sidebar_container .right {
-	right: 0;
-	width: 280px;
-}
-
-.sidebar_container .left {
-	right: 295px;
-	left: 0;
-}
-
-.sidebar_container .right > *:first-child, .sidebar_container .left > *:first-child {
-	margin-top: 0;
-}
-
 .package-short-large {
 	font-size: 120%;
 }

app/scss/page.scss

@@ -1,56 +0,0 @@
-html, body {
-	font-family: "Arial", sans-serif;
-	background: #222;
-	color: #ddd;
-	padding: 0;
-	margin: 0;
-}
-
-.container, main, #alerts, footer {
-	width: 90%;
-	max-width: 1024px;
-	margin: auto;
-	padding: 0;
-	display: block;
-}
-
-main {
-	padding: 7px 0;
-	position: relative;
-	box-sizing: border-box;
-}
-
-.clearboth {
-	clear: both;
-}
-
-header h1, header p, header form {
-	padding: 0 5px;
-	margin-left: 0;
-}
-
-header {
-	padding: 30px;
-	background: #258;
-}
-
-header p {
-	max-width: 400px;
-}
-
-header input {
-	margin: 3px;
-}
-
-footer {
-	color: #999;
-	padding: 30px 0;
-}
-
-footer a {
-	color: #aaa;
-}
-
-footer a:hover {
-	color: #bbb;
-}

app/tasks/__init__.py

@@ -16,8 +16,9 @@
 
 
 import flask
-from flask.ext.sqlalchemy import SQLAlchemy
+from flask_sqlalchemy import SQLAlchemy
 from celery import Celery
+from celery.schedules import crontab
 from app import app
 from app.models import *
 
@@ -64,4 +65,12 @@ def make_celery(app):
 
 celery = make_celery(app)
 
+CELERYBEAT_SCHEDULE = {
+	'topic_list_import': {
+		'task': 'app.tasks.forumtasks.importTopicList',
+		'schedule': crontab(minute=1, hour=1),
+	}
+}
+celery.conf.beat_schedule = CELERYBEAT_SCHEDULE
+
 from . import importtasks, forumtasks, emails

app/tasks/emails.py

@@ -15,14 +15,36 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 
-from flask import *
+from flask import render_template, url_for
 from flask_mail import Message
 from app import mail
 from app.tasks import celery
 
 @celery.task()
 def sendVerifyEmail(newEmail, token):
-    msg = Message("Verify email address", recipients=[newEmail])
-    msg.body = "This is a verification email!"
-    msg.html = render_template("emails/verify.html", token=token)
-    mail.send(msg)
+	print("Sending verify email!")
+	msg = Message("Verify email address", recipients=[newEmail])
+
+	msg.body = """
+			This email has been sent to you because someone (hopefully you)
+			has entered your email address as a user's email.
+
+			If it wasn't you, then just delete this email.
+
+			If this was you, then please click this link to verify the address:
+
+			{}
+		""".format(url_for('verify_email_page', token=token, _external=True))
+
+	msg.html = render_template("emails/verify.html", token=token)
+	mail.send(msg)
+
+@celery.task()
+def sendEmailRaw(to, subject, text, html):
+	from flask_mail import Message
+	msg = Message(subject, recipients=to)
+
+	msg.body = text or html
+	html = html or text
+	msg.html = render_template("emails/base.html", subject=subject, content=html)
+	mail.send(msg)

app/tasks/forumtasks.py

@@ -15,17 +15,18 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 
-import flask, json
-from flask.ext.sqlalchemy import SQLAlchemy
+import flask, json, re
+from flask_sqlalchemy import SQLAlchemy
 from app import app
 from app.models import *
 from app.tasks import celery
-from .phpbbparser import getProfile
+from .phpbbparser import getProfile, getTopicsFromForum
 import urllib.request
 from urllib.parse import urlparse, quote_plus
 
 @celery.task()
-def checkForumAccount(username, token=None):
+def checkForumAccount(username, forceNoSave=False):
+	print("Checking " + username)
 	try:
 		profile = getProfile("https://forum.minetest.net", username)
 	except OSError:
@@ -47,75 +48,130 @@ def checkForumAccount(username, token=None):
 		user.github_username = github_username
 		needsSaving = True
 
+	pic = profile.avatar
+	if pic and "http" in pic:
+		pic = None
+
+	needsSaving = needsSaving or pic != user.profile_pic
+	if pic:
+		user.profile_pic = "https://forum.minetest.net/" + pic
+	else:
+		user.profile_pic = None
+
 	# Save
-	if needsSaving:
+	if needsSaving and not forceNoSave:
 		db.session.commit()
 
-@celery.task()
-def importUsersFromModList():
-	contents = urllib.request.urlopen("http://krock-works.16mb.com/MTstuff/modList.php").read().decode("utf-8")
-	list = json.loads(contents)
-	found = {}
-	imported = []
-
-	for user in User.query.all():
-		found[user.username] = True
-		if user.forums_username is not None:
-			found[user.forums_username] = True
-
-	for x in list:
-		author = x.get("author")
-		if author is not None and not author in found:
-			user = User(author)
-			user.forums_username = author
-			imported.append(author)
-			found[author] = True
-			db.session.add(user)
-
-	db.session.commit()
-	for author in found:
-		checkForumAccount.delay(author, None)
-
-
-BANNED_NAMES = ["mod", "game", "old", "outdated", "wip", "api"]
-ALLOWED_TYPES = [1, 2, 6]
+	return needsSaving
 
 @celery.task()
-def importKrocksModList():
-	contents = urllib.request.urlopen("http://krock-works.16mb.com/MTstuff/modList.php").read().decode("utf-8")
-	list = json.loads(contents)
+def checkAllForumAccounts(forceNoSave=False):
+	needsSaving = False
+	query = User.query.filter(User.forums_username.isnot(None))
+	for user in query.all():
+		needsSaving = checkForumAccount(user.username) or needsSaving
+
+	if needsSaving and not forceNoSave:
+		db.session.commit()
+
+	return needsSaving
+
+
+regex_tag    = re.compile(r"\[([a-z0-9_]+)\]")
+BANNED_NAMES = ["mod", "game", "old", "outdated", "wip", "api", "beta", "alpha", "git"]
+def getNameFromTaglist(taglist):
+	for tag in reversed(regex_tag.findall(taglist)):
+		if len(tag) < 30 and not tag in BANNED_NAMES and \
+				not re.match(r"^[a-z]?[0-9]+$", tag):
+			return tag
+
+	return None
+
+regex_title = re.compile(r"^((?:\[[^\]]+\] *)*)([^\[]+) *((?:\[[^\]]+\] *)*)[^\[]*$")
+def parseTitle(title):
+	m = regex_title.match(title)
+	if m is None:
+		print("Invalid title format: " + title)
+		return title, getNameFromTaglist(title)
+	else:
+		return m.group(2).strip(), getNameFromTaglist(m.group(3))
+
+def getLinksFromModSearch():
+	links = {}
+
+	try:
+		contents = urllib.request.urlopen("https://krock-works.uk.to/minetest/modList.php").read().decode("utf-8")
+		for x in json.loads(contents):
+			try:
+				link = x.get("link")
+				if link is not None:
+					links[int(x["topicId"])] = link
+			except ValueError:
+				pass
+
+	except urllib.error.URLError:
+		print("Unable to open krocks mod search!")
+		return links
+
+	return links
+
+@celery.task()
+def importTopicList():
+	links_by_id = getLinksFromModSearch()
+
+	info_by_id = {}
+	getTopicsFromForum(11, out=info_by_id, extra={ 'type': PackageType.MOD,  'wip': False })
+	getTopicsFromForum(9,  out=info_by_id, extra={ 'type': PackageType.MOD,  'wip': True  })
+	getTopicsFromForum(15, out=info_by_id, extra={ 'type': PackageType.GAME, 'wip': False })
+	getTopicsFromForum(50, out=info_by_id, extra={ 'type': PackageType.GAME, 'wip': True  })
+
+	# Caches
 	username_to_user = {}
+	topics_by_id     = {}
+	for topic in ForumTopic.query.all():
+		topics_by_id[topic.topic_id] = topic
 
-	KrockForumTopic.query.delete()
+	# Create or update
+	for info in info_by_id.values():
+		id = int(info["id"])
 
-	for x in list:
-		type = int(x["type"])
-		if not type in ALLOWED_TYPES:
-			continue
-
-		username = x["author"]
+		# Get author
+		username = info["author"]
 		user = username_to_user.get(username)
 		if user is None:
 			user = User.query.filter_by(forums_username=username).first()
-			assert(user is not None)
+			if user is None:
+				print(username + " not found!")
+				user = User(username)
+				user.forums_username = username
+				db.session.add(user)
 			username_to_user[username] = user
 
-		import re
-		tags = re.findall("\[([a-z0-9_]+)\]", x["title"])
-		name = None
-		for tag in reversed(tags):
-			if len(tag) < 30 and not tag in BANNED_NAMES and \
-					not re.match("^([a-z][0-9]+)$", tag):
-				name = tag
-				break
+		# Get / add row
+		topic = topics_by_id.get(id)
+		if topic is None:
+			topic = ForumTopic()
+			db.session.add(topic)
 
-		topic = KrockForumTopic()
-		topic.topic_id  = x["topicId"]
-		topic.author_id = user.id
-		topic.ttype     = type
-		topic.title     = x["title"]
-		topic.name      = name
-		topic.link      = x.get("link")
-		db.session.add(topic)
+		# Parse title
+		title, name = parseTitle(info["title"])
+
+		# Get link
+		link = links_by_id.get(id)
+
+		# Fill row
+		topic.topic_id   = int(id)
+		topic.author     = user
+		topic.type       = info["type"]
+		topic.title      = title
+		topic.name       = name
+		topic.link       = link
+		topic.wip        = info["wip"]
+		topic.posts      = int(info["posts"])
+		topic.views      = int(info["views"])
+		topic.created_at = info["date"]
+
+	for p in Package.query.all():
+		p.recalcScore()
 
 	db.session.commit()

app/tasks/importtasks.py

@@ -17,7 +17,7 @@
 
 import flask, json, os, git, tempfile, shutil
 from git import GitCommandError
-from flask.ext.sqlalchemy import SQLAlchemy
+from flask_sqlalchemy import SQLAlchemy
 from urllib.error import HTTPError
 import urllib.request
 from urllib.parse import urlparse, quote_plus, urlsplit
@@ -29,6 +29,10 @@ from app.utils import randomString
 
 class GithubURLMaker:
 	def __init__(self, url):
+		self.baseUrl = None
+		self.user = None
+		self.repo = None
+
 		# Rewrite path
 		import re
 		m = re.search("^\/([^\/]+)\/([^\/]+)\/?$", url.path)
@@ -51,6 +55,9 @@ class GithubURLMaker:
 	def getScreenshotURL(self):
 		return self.baseUrl + "/screenshot.png"
 
+	def getModConfURL(self):
+		return self.baseUrl + "/mod.conf"
+
 	def getCommitsURL(self, branch):
 		return "https://api.github.com/repos/{}/{}/commits?sha={}" \
 				.format(self.user, self.repo, urllib.parse.quote_plus(branch))
@@ -66,7 +73,7 @@ def getKrockList():
 	global krock_list_cache_by_name
 
 	if krock_list_cache is None:
-		contents = urllib.request.urlopen("http://krock-works.16mb.com/MTstuff/modList.php").read().decode("utf-8")
+		contents = urllib.request.urlopen("https://krock-works.uk.to/minetest/modList.php").read().decode("utf-8")
 		list = json.loads(contents)
 
 		def h(x):
@@ -149,7 +156,8 @@ class PackageTreeNode:
 			type = PackageType.GAME
 		elif os.path.isfile(baseDir + "/init.lua"):
 			type = PackageType.MOD
-		elif os.path.isfile(baseDir + "/modpack.txt"):
+		elif os.path.isfile(baseDir + "/modpack.txt") or \
+				os.path.isfile(baseDir + "/modpack.conf"):
 			type = PackageType.MOD
 			is_modpack = True
 		elif os.path.isdir(baseDir + "/mods"):
@@ -290,16 +298,23 @@ def cloneRepo(urlstr, ref=None, recursive=False):
 	try:
 		gitUrl = generateGitURL(urlstr)
 		print("Cloning from " + gitUrl)
-		repo = git.Repo.clone_from(gitUrl, gitDir, \
-				progress=None, env=None, depth=1, recursive=recursive, kill_after_timeout=15)
 
-		if ref is not None:
-			repo.create_head("myhead", ref).checkout()
+		if ref is None:
+			repo = git.Repo.clone_from(gitUrl, gitDir, \
+					progress=None, env=None, depth=1, recursive=recursive, kill_after_timeout=15)
+		else:
+			repo = git.Repo.clone_from(gitUrl, gitDir, \
+					progress=None, env=None, depth=1, recursive=recursive, kill_after_timeout=15, b=ref)
+
 		return gitDir, repo
+
 	except GitCommandError as e:
 		# This is needed to stop the backtrace being weird
 		err = e.stderr
 
+	except gitdb.exc.BadName as e:
+		err = "Unable to find the reference " + (ref or "?") + "\n" + e.stderr
+
 	raise TaskError(err.replace("stderr: ", "") \
 			.replace("Cloning into '" + gitDir + "'...", "") \
 			.strip())
@@ -338,15 +353,19 @@ def makeVCSReleaseFromGithub(id, branch, release, url):
 		raise TaskError("Invalid github repo URL")
 
 	commitsURL = urlmaker.getCommitsURL(branch)
-	contents = urllib.request.urlopen(commitsURL).read().decode("utf-8")
-	commits = json.loads(contents)
+	try:
+		contents = urllib.request.urlopen(commitsURL).read().decode("utf-8")
+		commits = json.loads(contents)
+	except HTTPError:
+		raise TaskError("Unable to get commits for Github repository. Either the repository or reference doesn't exist.")
 
 	if len(commits) == 0 or not "sha" in commits[0]:
 		raise TaskError("No commits found")
 
-	release.url = urlmaker.getCommitDownload(commits[0]["sha"])
-	print(release.url)
-	release.task_id = None
+	release.url          = urlmaker.getCommitDownload(commits[0]["sha"])
+	release.task_id     = None
+	release.commit_hash = commits[0]["sha"]
+	release.approve(release.package.author)
 	db.session.commit()
 
 	return release.url
@@ -372,11 +391,13 @@ def makeVCSRelease(id, branch):
 			filename = randomString(10) + ".zip"
 			destPath = os.path.join("app/public/uploads", filename)
 			with open(destPath, "wb") as fp:
-				repo.archive(fp)
+				repo.archive(fp, format="zip")
 
-			release.url = "/uploads/" + filename
+			release.url         = "/uploads/" + filename
+			release.task_id     = None
+			release.commit_hash = repo.head.object.hexsha
+			release.approve(release.package.author)
 			print(release.url)
-			release.task_id = None
 			db.session.commit()
 
 			return release.url

app/tasks/phpbbparser.py

@@ -5,6 +5,7 @@
 import urllib, socket
 from bs4 import *
 from urllib.parse import urljoin
+from datetime import datetime
 import urllib.request
 import os.path
 import time, re
@@ -14,8 +15,9 @@ def urlEncodeNonAscii(b):
 
 class Profile:
 	def __init__(self, username):
-		self.username = username
-		self.signature = ""
+		self.username   = username
+		self.signature  = ""
+		self.avatar     = None
 		self.properties = {}
 
 	def set(self, key, value):
@@ -32,6 +34,11 @@ def __extract_properties(profile, soup):
 	if el is None:
 		return None
 
+	res1 = el.find_all("dl")
+	imgs = res1[0].find_all("img")
+	if len(imgs) == 1:
+		profile.avatar = imgs[0]["src"]
+
 	res = el.find_all("dl", class_ = "left-box details")
 	if len(res) != 1:
 		return None
@@ -77,3 +84,72 @@ def getProfile(url, username):
 		__extract_properties(profile, soup)
 
 		return profile
+
+
+regex_id = re.compile(r"^.*t=([0-9]+).*$")
+
+def parseForumListPage(id, page, out, extra=None):
+	num_per_page = 30
+	start = page*num_per_page+1
+	print(" - Fetching page {} (topics {}-{})".format(page, start, start+num_per_page))
+
+	url = "https://forum.minetest.net/viewforum.php?f=" + str(id) + "&start=" + str(start)
+	r = urllib.request.urlopen(url).read().decode("utf-8")
+	soup = BeautifulSoup(r, "html.parser")
+
+	for row in soup.find_all("li", class_="row"):
+		classes = row.get("class")
+		if "sticky" in classes or "announce" in classes or "global-announce" in classes:
+			continue
+
+		topic = row.find("dl")
+
+		# Link info
+		link   = topic.find(class_="topictitle")
+		id	   = regex_id.match(link.get("href")).group(1)
+		title  = link.find(text=True)
+
+		# Date
+		left   = topic.find("dt")
+		date   = left.get_text().split("»")[1].strip()
+		date   = datetime.strptime(date, "%a %b %d, %Y %H:%M")
+		author = left.find_all("a")[-1].get_text().strip()
+
+		# Get counts
+		posts  = topic.find(class_="posts").find(text=True)
+		views  = topic.find(class_="views").find(text=True)
+
+		if id in out:
+			print("   - got {} again, title: {}".format(id, title))
+			assert(title == out[id]['title'])
+			return False
+
+		row = {
+			"id"    : id,
+			"title" : title,
+			"author": author,
+			"posts" : posts,
+			"views" : views,
+			"date"  : date
+		}
+
+		if extra is not None:
+			for key, value in extra.items():
+				row[key] = value
+
+		out[id] = row
+
+	return True
+
+def getTopicsFromForum(id, out={}, extra=None):
+	print("Fetching all topics from forum {}".format(id))
+	page = 0
+	while parseForumListPage(id, page, out, extra):
+		page = page + 1
+
+	return out
+
+def dumpTitlesToFile(topics, path):
+	with open(path, "w") as out_file:
+		for topic in topics.values():
+			out_file.write(topic["title"] + "\n")

app/templates/admin/licenses/edit.html

@@ -0,0 +1,25 @@
+{% extends "base.html" %}
+
+{% block title %}
+	{% if license %}
+		Edit {{ license.name }}
+	{% else %}
+		New license
+	{% endif %}
+{% endblock %}
+
+{% block content %}
+	<p>
+		<a href="{{ url_for('license_list_page') }}">Back to list</a> |
+		<a href="{{ url_for('createedit_license_page') }}">New License</a>
+	</p>
+
+	{% from "macros/forms.html" import render_field, render_submit_field %}
+	<form method="POST" action="" enctype="multipart/form-data">
+		{{ form.hidden_tag() }}
+
+		{{ render_field(form.name) }}
+		{{ render_field(form.is_foss) }}
+		{{ render_submit_field(form.submit) }}
+	</form>
+{% endblock %}

app/templates/admin/licenses/list.html

@@ -0,0 +1,16 @@
+{% extends "base.html" %}
+
+{% block title %}
+Licenses
+{% endblock %}
+
+{% block content %}
+	<p>
+		<a href="{{ url_for('createedit_license_page') }}">New License</a>
+	</p>
+	<ul>
+		{% for l in licenses %}
+			<li><a href="{{ url_for('createedit_license_page', name=l.name) }}">{{ l.name }}</a> [{{ l.is_foss and "Free" or "Non-free"}}]</li>
+		{% endfor %}
+	</ul>
+{% endblock %}

app/templates/admin/list.html

@@ -8,29 +8,33 @@
 	<ul>
 		<li><a href="{{ url_for('user_list_page') }}">User list</a></li>
 		<li><a href="{{ url_for('tag_list_page') }}">Tag Editor</a></li>
+		<li><a href="{{ url_for('license_list_page') }}">License Editor</a></li>
+		<li><a href="{{ url_for('version_list_page') }}">Version Editor</a></li>
 		<li><a href="{{ url_for('switch_user_page') }}">Sign in as another user</a></li>
 	</ul>
 
-	<div class="box box_grey">
-		<h2>Do action</h2>
+	<div class="card my-4">
+		<h2 class="card-header">Do action</h2>
 
-		<form method="post" action="" class="box-body">
+		<form method="post" action="" class="card-body">
 			<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
 			<select name="action">
-				<option value="importusers">Create users from mod list</option>
-				<option value="importmodlist">Import Krock's mod list</option>
-				<option value="importscreenshots" selected>Import screenshots from VCS</option>
-				<option value="importdepends">Import dependencies from downloads</option>
-				<option value="modprovides">Set provides to mod name</option>
+				<option value="importmodlist" selected>Import forum topics</option>
+				<option value="recalcscores">Recalculate package scores</option>
+				<option value="checkusers">Check forum users</option>
+				<option value="importscreenshots">Import screenshots from VCS</option>
+				<!-- <option value="importdepends">Import dependencies from downloads</option> -->
+				<!-- <option value="modprovides">Set provides to mod name</option> -->
+				<!-- <option value="vcsrelease">Create VCS releases</option> -->
 			</select>
 			<input type="submit" value="Perform" />
 		</form>
 	</div>
 
-	<div class="box box_grey">
-		<h2>Restore Package</h2>
+	<div class="card my-4">
+		<h2 class="card-header">Restore Package</h2>
 
-		<form method="post" action="" class="box-body">
+		<form method="post" action="" class="card-body">
 			<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
 			<input type="hidden" name="action" value="restore" />
 			<select name="package">

app/templates/admin/versions/edit.html

@@ -0,0 +1,25 @@
+{% extends "base.html" %}
+
+{% block title %}
+	{% if version %}
+		Edit {{ version.name }}
+	{% else %}
+		New Minetest Version
+	{% endif %}
+{% endblock %}
+
+{% block content %}
+	<p>
+		<a href="{{ url_for('version_list_page') }}">Back to list</a> |
+		<a href="{{ url_for('createedit_version_page') }}">New Version</a>
+	</p>
+
+	{% from "macros/forms.html" import render_field, render_submit_field %}
+	<form method="POST" action="" enctype="multipart/form-data">
+		{{ form.hidden_tag() }}
+
+		{{ render_field(form.name) }}
+		{{ render_field(form.protocol) }}
+		{{ render_submit_field(form.submit) }}
+	</form>
+{% endblock %}

app/templates/admin/versions/list.html

@@ -0,0 +1,16 @@
+{% extends "base.html" %}
+
+{% block title %}
+Minetest Versions
+{% endblock %}
+
+{% block content %}
+	<p>
+		<a href="{{ url_for('createedit_version_page') }}">New Version</a>
+	</p>
+	<ul>
+		{% for v in versions %}
+			<li><a href="{{ url_for('createedit_version_page', name=v.name) }}">{{ v.name }}</a></li>
+		{% endfor %}
+	</ul>
+{% endblock %}

app/templates/base.html

@@ -6,74 +6,100 @@
 	<meta http-equiv="X-UA-Compatible" content="IE=edge">
 	<meta name="viewport" content="width=device-width, initial-scale=1">
 	<title>{% block title %}title{% endblock %} - {{ config.USER_APP_NAME }}</title>
-	<link rel="stylesheet" type="text/css" href="/static/main.css">
+	<link rel="stylesheet" type="text/css" href="/static/bootstrap.css">
+	<link rel="stylesheet" type="text/css" href="/static/custom.css?v=7">
+	<link rel="search" type="application/opensearchdescription+xml" href="/static/opensearch.xml" title="ContentDB" />
+	<link rel="shortcut icon" href="/favicon-16.png" sizes="16x16">
+	<link rel="icon" href="/favicon-128.png" sizes="128x128">
+	<link rel="icon" href="/favicon-32.png" sizes="32x32">
 	{% block headextra %}{% endblock %}
 </head>
 
 <body>
-	<nav>
+	<nav class="navbar navbar-expand-lg navbar-dark bg-primary">
 		<div class="container">
-			<ul class="nav navbar-nav navbar-left">
-				<li><a href="/">{{ config.USER_APP_NAME }}</a></li>
-				{% for item in current_menu.children recursive %}
-					{% if item.visible %}
-						<li{% if item.children %} class="dropdown"{% endif %}>
-							<a href="{{ item.url }}"
-									{% if item.children %}
-										class="dropdown-toggle"
-										data-toggle="dropdown"
-										role="button"
-										aria-expanded="false"
-									{% endif %}>
-								{{ item.text }}
-								{% if item.children %}
-									<span class="caret"></span>
-								{% endif %}
-							</a>
-							{% if item.children %}
-							<ul class="dropdown-menu" role="menu">
-								{{ loop(item.children) }}
-							</ul>
-							{% endif %}
-						</li>
-					{% endif %}
-				{% endfor %}
-			</ul>
-			<ul class="nav navbar-nav navbar-right">
-				{% if current_user.is_authenticated %}
-					<li><a href="{{ url_for('notifications_page') }}">
-						<img src="/static/notification{% if current_user.notifications %}_alert{% endif %}.svg" />
-					</a></li>
-					<li><a href="{{ url_for('create_edit_package_page') }}">+</a></li>
-					<li class="dropdown">
-						<a class="dropdown-toggle"
-							data-toggle="dropdown"
-							role="button"
-							aria-expanded="false">{{ current_user.display_name }}
-								<span class="caret"></span></a>
+			<a class="navbar-brand" href="/">{{ config.USER_APP_NAME }}</a>
+			<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarColor01" aria-controls="navbarColor01" aria-expanded="false" aria-label="Toggle navigation">
+				<span class="navbar-toggler-icon"></span>
+			</button>
 
-						<ul class="dropdown-menu" role="menu">
-							<li>
-								<a href="{{ url_for('user_profile_page', username=current_user.username) }}">Profile</a>
+			<div class="collapse navbar-collapse" id="navbarColor01">
+				<ul class="navbar-nav mr-auto">
+					{% for item in current_menu.children recursive %}
+						{% if item.visible %}
+							<li class="nav-item {% if item.children %} dropdown{% endif %}">
+								<a class="nav-link" href="{{ item.url }}"
+										{% if item.children %}
+											class="dropdown-toggle"
+											data-toggle="dropdown"
+											role="button"
+											aria-expanded="false"
+										{% endif %}>
+									{{ item.text }}
+									{% if item.children %}
+										<span class="caret"></span>
+									{% endif %}
+								</a>
+								{% if item.children %}
+								<ul class="dropdown-menu" role="menu">
+									{{ loop(item.children) }}
+								</ul>
+								{% endif %}
 							</li>
-							{% if current_user.canAccessTodoList() %}
-								<li><a href="{{ url_for('todo_page') }}">Work Queue</a></li>
-								<li><a href="{{ url_for('user_list_page') }}">User list</a></li>
-							{% endif %}
-							{% if current_user.rank == current_user.rank.ADMIN %}
-								<li><a href="{{ url_for('admin_page') }}">Admin</a></li>
-							{% endif %}
-							{% if current_user.rank == current_user.rank.MODERATOR %}
-								<li><a href="{{ url_for('tag_list_page') }}">Tag Editor</a></li>
-							{% endif %}
-							<li><a href="{{ url_for('user.logout') }}">Sign out</a></li>
-						</ul>
-					</li>
-				{% else %}
-					<li><a href="{{ url_for('user.login') }}">Sign in</a></li>
-				{% endif %}
-			</ul>
-			<div class="clearboth"></div>
+						{% endif %}
+					{% endfor %}
+				</ul>
+				<form class="form-inline my-2 my-lg-0" method="GET" action="/packages/">
+					{% if type %}<input type="hidden" name="type" value="{{ type }}" />{% endif %}
+					<input class="form-control mr-sm-2" name="q" type="text" placeholder="Search {{ title | lower or 'all packages' }}" value="{{ query or ''}}">
+					<input class="btn btn-secondary my-2 my-sm-0 mr-sm-2" type="submit" value="Search" />
+					<!-- <input class="btn btn-secondary my-2 my-sm-0"
+						data-toggle="tooltip" data-placement="bottom"
+						title="Go to the first found result for this query."
+						type="submit" name="lucky" value="First" /> -->
+				</form>
+				<ul class="navbar-nav ml-auto">
+					{% if current_user.is_authenticated %}
+						<li class="nav-item"><a class="nav-link" href="{{ url_for('notifications_page') }}">
+							<img src="/static/notification{% if current_user.notifications %}_alert{% endif %}.svg" />
+						</a></li>
+						<li class="nav-item"><a class="nav-link" href="{{ url_for('create_edit_package_page') }}">+</a></li>
+						<li class="nav-item dropdown">
+							<a class="nav-link dropdown-toggle"
+								data-toggle="dropdown"
+								role="button"
+								aria-expanded="false">{{ current_user.display_name }}
+									<span class="caret"></span></a>
+
+							<ul class="dropdown-menu" role="menu">
+								<li class="nav-item">
+									<a class="nav-link" href="{{ url_for('user_profile_page', username=current_user.username) }}">Profile</a>
+								</li>
+								<li class="nav-item">
+									<a class="nav-link" href="{{ url_for('user_profile_page', username=current_user.username) }}#unadded-topics">Your unadded topics</a>
+								</li>
+								{% if current_user.canAccessTodoList() %}
+									<li class="nav-item"><a class="nav-link" href="{{ url_for('todo_page') }}">{{ _("Work Queue") }}</a></li>
+									<li class="nav-item"><a  class="nav-link" href="{{ url_for('user_list_page') }}">{{ _("User list") }}</a></li>
+								{% endif %}
+								<li class="nav-item">
+									<a class="nav-link" href="{{ url_for('todo_topics_page') }}">{{ _("All unadded topics") }}</a>
+								</li>
+								{% if current_user.rank == current_user.rank.ADMIN %}
+									<li class="nav-item"><a class="nav-link" href="{{ url_for('admin_page') }}">{{ _("Admin") }}</a></li>
+								{% endif %}
+								{% if current_user.rank == current_user.rank.MODERATOR %}
+									<li class="nav-item"><a class="nav-link" href="{{ url_for('tag_list_page') }}">{{ _("Tag Editor") }}</a></li>
+									<li class="nav-item"><a class="nav-link" href="{{ url_for('license_list_page') }}">{{ _("License Editor") }}</a></li>
+								{% endif %}
+								<li class="nav-item"><a class="nav-link" href="{{ url_for('user.logout') }}">{{ _("Sign out") }}</a></li>
+							</ul>
+						</li>
+					{% else %}
+						<li><a class="nav-link" href="{{ url_for('user.login') }}">{{ _("Sign in") }}</a></li>
+					{% endif %}
+				</ul>
+			</div>
 		</div>
 	</nav>
 
@@ -82,7 +108,7 @@
 			{% if messages %}
 				<ul id="alerts">
 					{% for category, message in messages %}
-						<li class="box box_grey alert alert-{{category}}">
+						<li class="alert alert-{{category}} container">
 							<span class="icon_message"></span>
 
 							{{ message|safe }}
@@ -96,16 +122,31 @@
 	{% endblock %}
 
 	{% block container %}
-	<main>
+	<main class="container mt-4">
 		{% block content %}
 		{% endblock %}
 	</main>
 	{% endblock %}
 
-	<footer>
-		ContentDB &copy; 2018 to <a href="https://rubenwardy.com/">rubenwardy</a> |
+	<footer class="container footer-copyright my-5 page-footer font-small text-center">
+		ContentDB &copy; 2018-9 to <a href="https://rubenwardy.com/">rubenwardy</a> |
 		<a href="https://github.com/minetest/contentdb">GitHub</a> |
-		<a href="{{ url_for('flatpage', path='help') }}">Help</a> |
-		<a href="{{ url_for('flatpage', path='help/reporting') }}">Report / DMCA</a>
+		<a href="{{ url_for('flatpage', path='help') }}">{{ _("Help") }}</a> |
+		<a href="{{ url_for('flatpage', path='policy_and_guidance') }}">{{ _("Policy and Guidance") }}</a> |
+		<a href="{{ url_for('flatpage', path='help/reporting') }}">{{ _("Report / DMCA") }}</a> |
+		<a href="{{ url_for('user_list_page') }}">{{ _("User List") }}</a>
 	</footer>
+
+	<script src="/static/jquery.min.js"></script>
+	<script src="/static/popper.min.js"></script>
+	<script src="/static/bootstrap.min.js"></script>
+	<script src="/static/easymde.min.js"></script>
+	<link rel="stylesheet" type="text/css" href="/static/easymde.min.css">
+	<script>
+		$("textarea.markdown").each(function() {
+			new EasyMDE({ element: this, hideIcons: ["image"], forceSync: true });
+		})
+	</script>
+	{% block scriptextra %}{% endblock %}
+</body>
 </html>

app/templates/emails/base.html

@@ -0,0 +1,64 @@
+<!doctype html>
+<html>
+<head>
+	<style>
+		.btn {
+			display: inline-block !important;
+			color: #fff !important;
+			font-weight: 400;
+			text-align: center;
+			vertical-align: middle;
+			-webkit-user-select: none;
+			-moz-user-select: none;
+			-ms-user-select: none;
+			user-select: none;
+			background-color: transparent;
+			border: 1px solid transparent;
+			border-top-color: transparent;
+			border-bottom-color: transparent;
+			border-left-color: transparent;
+			padding: 0.375rem 0.75rem;
+			font-size: 0.9375rem;
+			line-height: 1.5;
+			border-radius: 0.25rem;
+			-webkit-transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;
+			transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;
+			transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
+			transition: color 0.15s ease-in-out, background-color 0.15s ease-in-out, border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out, -webkit-box-shadow 0.15s ease-in-out;
+			background-color: #2C3E50;
+			border-color: #2C3E50;
+			text-decoration: none;
+		}
+
+		.btn:hover {
+			color: #fff;
+			background-color: #1e2b37;
+			border-color: #1a252f;
+		}
+
+		.btn:focus {
+			-webkit-box-shadow: 0 0 0 0.2rem rgba(76, 91, 106, 0.5);
+			box-shadow: 0 0 0 0.2rem rgba(76, 91, 106, 0.5);
+			outline: 0;
+		}
+	</style>
+</head>
+<body>
+	<div style="font-family: 'Arial', 'sans-serif'; max-width: 700px; margin: auto; padding: 0;">
+		<div style="background: #2C3E50; padding: 1.2rem 1.2rem 1.2rem 2em; color: white;">
+			<h1 style="margin: 0; font-size: 120%; font-weight: normal;">ContentDB</h1>
+		</div>
+		<div style="padding: 2em; background: white;">
+			{% block content %}
+				<h2 style="margin-top: 0;">{{ subject }}</h2>
+
+				{{ content | safe }}
+			{% endblock %}
+
+			<div style="margin-top: 3em;font-size: 80%;color: #666;">
+				ContentDB &copy; rubenwardy
+			</div>
+		</div>
+	</div>
+</body>
+</html>

app/templates/emails/verify.html

@@ -1,4 +1,7 @@
-<h1>Hello!</h1>
+{% extends "emails/base.html" %}
+
+{% block content %}
+<h2 style="margin-top: 0;">Hello!</h2>
 
 <p>
 	This email has been sent to you because someone (hopefully you)
@@ -6,12 +9,19 @@
 </p>
 
 <p>
-	If this was you, then please click this link to verify the address:
-	<a href="{{ url_for('verify_email_page', token=token, _external=True) }}">
-		{{ url_for('verify_email_page', token=token, _external=True) }}
-	</a>
+	If it wasn't you, then just delete this email.
 </p>
 
 <p>
-	If it wasn't you, then just delete this email.
+	If this was you, then please click this link to verify the address:
 </p>
+
+<a class="btn" href="{{ url_for('verify_email_page', token=token, _external=True) }}">
+	Confirm Email Address
+</a>
+
+<p style="font-size: 80%;">
+	Or paste this into your browser: {{ url_for('verify_email_page', token=token, _external=True) }}
+<p>
+
+{% endblock %}

app/templates/flask_user/login.html

@@ -5,76 +5,76 @@ Sign in
 {% endblock %}
 
 {% block content %}
-<div class="sidebar_container">
-	<div class="left box box_grey">
-		{% from "flask_user/_macros.html" import render_field, render_checkbox_field, render_submit_field %}
-		<h2>{%trans%}Sign in{%endtrans%}</h2>
+<div class="row">
+	<div class="col-sm-8">
+		<div class="card">
+			{% from "flask_user/_macros.html" import render_field, render_checkbox_field, render_submit_field %}
+			<h2 class="card-header">{%trans%}Sign in{%endtrans%}</h2>
 
-		<form action="" method="POST" class="form box-body" role="form">
-			<h3>Sign in with username/password</h3>
-			{{ form.hidden_tag() }}
+			<form action="" method="POST" class="form card-body" role="form">
+				{{ form.hidden_tag() }}
 
-			{# Username or Email field #}
-			{% set field = form.username if user_manager.enable_username else form.email %}
-			<div class="form-group {% if field.errors %}has-error{% endif %}">
-				{# Label on left, "New here? Register." on right #}
-				<div class="row">
-					<div class="col-xs-6">
-						<label for="{{ field.id }}" class="control-label">{{ field.label.text }}</label>
-					</div>
+				{# Username or Email field #}
+				{% set field = form.username if user_manager.enable_username else form.email %}
+				<div class="form-group {% if field.errors %}has-error{% endif %}">
+					{# Label on left, "New here? Register." on right #}
+					<label for="{{ field.id }}" class="control-label">{{ field.label.text }}</label>
+					{{ field(class_='form-control', tabindex=110) }}
+					{% if field.errors %}
+					{% for e in field.errors %}
+					<p class="help-block">{{ e }}</p>
+					{% endfor %}
+					{% endif %}
 				</div>
-				{{ field(class_='form-control', tabindex=110) }}
-				{% if field.errors %}
-				{% for e in field.errors %}
-				<p class="help-block">{{ e }}</p>
-				{% endfor %}
-				{% endif %}
-			</div>
 
-			{# Password field #}
-			{% set field = form.password %}
-			<div class="form-group {% if field.errors %}has-error{% endif %}">
-				<div class="row">
+				{# Password field #}
+				{% set field = form.password %}
+				<div class="form-group {% if field.errors %}has-error{% endif %}">
 					<label for="{{ field.id }}" class="control-label">{{ field.label.text }}
 					{% if user_manager.enable_forgot_password %}
 						<a href="{{ url_for('user.forgot_password') }}" tabindex='195'>
 							[{%trans%}Forgot My Password{%endtrans%}]</a>
 					{% endif %}
 					</label>
+					{{ field(class_='form-control', tabindex=120) }}
+					{% if field.errors %}
+					{% for e in field.errors %}
+					<p class="help-block">{{ e }}</p>
+					{% endfor %}
+					{% endif %}
 				</div>
-				{{ field(class_='form-control', tabindex=120) }}
-				{% if field.errors %}
-				{% for e in field.errors %}
-				<p class="help-block">{{ e }}</p>
-				{% endfor %}
+
+				{# Remember me #}
+				{% if user_manager.enable_remember_me %}
+				{{ render_checkbox_field(login_form.remember_me, tabindex=130) }}
 				{% endif %}
+
+				{# Submit button #}
+				<p>
+					{{ render_submit_field(form.submit, tabindex=180) }}
+				</p>
+			</form>
+		</div>
+
+		<div class="card mt-4">
+			{% from "flask_user/_macros.html" import render_field, render_checkbox_field, render_submit_field %}
+			<h2 class="card-header">{%trans%}Sign in with Github{%endtrans%}</h2>
+			<div class="card-body">
+				<a class="btn btn-primary" href="{{ url_for('github_signin_page') }}">GitHub</a>
 			</div>
-
-			{# Remember me #}
-			{% if user_manager.enable_remember_me %}
-			{{ render_checkbox_field(login_form.remember_me, tabindex=130) }}
-			{% endif %}
-
-			{# Submit button #}
-			<p>
-				{{ render_submit_field(form.submit, tabindex=180) }}
-			</p>
-
-			<h3>Sign in with Github</h3>
-			<p><a class="button" href="{{ url_for('github_signin_page') }}">GitHub</a></p>
-		</form>
+		</div>
 	</div>
 
-	<div class="right">
-		<aside class="box box_grey">
-			<h2>New here?</h2>
-
-			<div class="box-body">
+	<aside class="col-sm-4">
+		<div class="card">
+			{% from "flask_user/_macros.html" import render_field, render_checkbox_field, render_submit_field %}
+			<h2 class="card-header">{%trans%}New here?{%endtrans%}</h2>
+			<div class="card-body">
 				<p>Create an account using your forum account or email.</p>
 
-				<a href="{{ url_for('user_claim_page') }}" class="button">{%trans%}Claim your account{%endtrans%}</a>
+				<a href="{{ url_for('user_claim_page') }}" class="btn btn-primary">{%trans%}Claim your account{%endtrans%}</a>
 			</div>
-		</aside>
-	</div>
+		</div>
+	</aside>
 </div>
 {% endblock %}

app/templates/flask_user/public_base.html

@@ -1,10 +1,10 @@
 {% extends "base.html" %}
 
 {% block container %}
-	<main>
-		<div class="box box_grey">
-			<!-- <h2>{{ self.title() }}</h2> -->
-			<div class="box-body">
+	<main class="container mt-4">
+		<div class="card">
+			<!-- <h2 class="card-header">{{ self.title() }}</h2> -->
+			<div class="card-body">
 				{% block content %}
 				{% endblock %}
 			</div>

app/templates/flatpage.html

@@ -5,7 +5,7 @@
 {% endblock %}
 
 {% block content %}
-	<h1>{{ page['title'] }}</h1>
+	{% if not page["no_h1"] %}<h1>{{ page['title'] }}</h1>{% endif %}
 
 	{{ page.html | safe }}
 {% endblock %}

app/templates/index.html

@@ -1,30 +1,73 @@
 {% extends "base.html" %}
 
 {% block title %}
-Welcome
+{{ _("Welcome") }}
 {% endblock %}
 
-{% block container %}
-<header>
-	<div class="container">
-		<h1>Content DB</h1>
+{% block scriptextra %}
+<script type="application/ld+json">
+{
+  "@context": "https://schema.org",
+  "@type": "WebSite",
+  "url": "https://content.minetest.net/",
+  "potentialAction": {
+    "@type": "SearchAction",
+    "target": "https://content.minetest.net/packages?q={search_term_string}",
+    "query-input": "required name=search_term_string"
+  }
+}
+</script>
+{% endblock %}
 
-		<p>
+{% block content %}
+<!-- <header class="jumbotron">
+	<div class="container">
+		<h1 class="display-3">{{ config.USER_APP_NAME }}</h1>
+
+		<p class="lead">
 			Minetest's official content repository.
 			Browse {{ count }} packages,
-			all available under a free and open source
-			license.
+			the majority of which are available under a free
+			and open source license.
 		</p>
-
-		<form method="get" action="/packages/">
-			<input type="text" name="q" value="{{ query or ''}}" />
-			<input type="submit" value="Search" />
-		</form>
 	</div>
 </header>
 
-<main>
+<main class="container"> -->
 	{% from "macros/packagegridtile.html" import render_pkggrid %}
-	{{ render_pkggrid(packages) }}
-</main>
+
+
+	<a href="{{ url_for('packages_page', sort='created_at', order='desc') }}" class="btn btn-secondary float-right">
+		{{ _("See more") }}
+	</a>
+	<h2 class="my-3">{{ _("Recently Added") }}</h2>
+	{{ render_pkggrid(new) }}
+
+
+	<a href="{{ url_for('packages_page', type='mod', sort='score', order='desc') }}" class="btn btn-secondary float-right">
+		{{ _("See more") }}
+	</a>
+	<h2 class="my-3">{{ _("Top Mods") }}</h2>
+	{{ render_pkggrid(pop_mod) }}
+
+
+	<a href="{{ url_for('packages_page', type='game', sort='score', order='desc') }}" class="btn btn-secondary float-right">
+		{{ _("See more") }}
+	</a>
+	<h2 class="my-3">{{ _("Top Games") }}</h2>
+	{{ render_pkggrid(pop_gam) }}
+
+
+	<a href="{{ url_for('packages_page', type='txp', sort='score', order='desc') }}" class="btn btn-secondary float-right">
+		{{ _("See more") }}
+	</a>
+	<h2 class="my-3">{{ _("Top Texture Packs") }}</h2>
+	{{ render_pkggrid(pop_txp) }}
+
+	<div class="text-center">
+		<small>
+			{{ _("CDB has %(count)d packages, with a total of %(downloads)d downloads.", count=count, downloads=downloads) }}
+		</small>
+	</div>
+<!-- </main> -->
 {% endblock %}

app/templates/macros/forms.html

@@ -1,10 +1,10 @@
-{% macro render_field(field, label=None, label_visible=true, right_url=None, right_label=None) -%}
+{% macro render_field(field, label=None, label_visible=true, right_url=None, right_label=None, fieldclass=None) -%}
 	<div class="form-group {% if field.errors %}has-error{% endif %} {{ kwargs.pop('class_', '') }}">
 		{% if field.type != 'HiddenField' and label_visible %}
-			{% if not label %}{% set label=field.label.text %}{% endif %}
-			<label for="{{ field.id }}" class="control-label">{{ label|safe }}</label>
+			{% if not label and label != "" %}{% set label=field.label.text %}{% endif %}
+			{% if label %}<label for="{{ field.id }}">{{ label|safe }}</label>{% endif %}
 		{% endif %}
-		{{ field(class_='form-control', **kwargs) }}
+		{{ field(class_=fieldclass or 'form-control', **kwargs) }}
 		{% if field.errors %}
 			{% for e in field.errors %}
 				<p class="help-block">{{ e }}</p>
@@ -13,9 +13,8 @@
 	</div>
 {%- endmacro %}
 
-{% macro form_includes() -%}
+{% macro form_scripts() -%}
 	<link href="/static/jquery-ui.min.css" rel="stylesheet" type="text/css">
-	<script src="/static/jquery.min.js"></script>
 	<script src="/static/jquery-ui.min.js"></script>
 	<script src="/static/tagselector.js"></script>
 {% endmacro %}
@@ -58,16 +57,17 @@
 	<div class="form-group {% if field.errors %}has-error{% endif %} {{ kwargs.pop('class_', '') }}">
 		{% if field.type != 'HiddenField' and label_visible %}
 			{% if not label %}{% set label=field.label.text %}{% endif %}
-			<label for="{{ field.id }}" class="control-label">{{ label|safe }}</label>
+			<label for="{{ field.id }}">{{ label|safe }}</label>
 		{% endif %}
-		<div class="multichoice_selector bulletselector">
+		<div class="multichoice_selector bulletselector form-control">
 			<input type="text" placeholder="Start typing to see suggestions">
 			<div class="clearboth"></div>
 		</div>
+		<div class="invalid-remaining invalid-feedback"></div>
 		{{ field(class_='form-control', **kwargs) }}
 		{% if field.errors %}
 			{% for e in field.errors %}
-				<p class="help-block">{{ e }}</p>
+				<div class="invalid-feedback">{{ e }}</div>
 			{% endfor %}
 		{% endif %}
 	</div>
@@ -77,13 +77,14 @@
 	<div class="form-group {% if field.errors %}has-error{% endif %} {{ kwargs.pop('class_', '') }}">
 		{% if field.type != 'HiddenField' and label_visible %}
 			{% if not label %}{% set label=field.label.text %}{% endif %}
-			<label for="{{ field.id }}" class="control-label">{{ label|safe }}</label>
+			<label for="{{ field.id }}">{{ label|safe }}</label>
 		{% endif %}
-		<div class="metapackage_selector bulletselector">
+		<div class="metapackage_selector bulletselector form-control">
 			<input type="text" placeholder="Comma-seperated values">
 			<div class="clearboth"></div>
 		</div>
 		{{ field(class_='form-control', **kwargs) }}
+		<div class="invalid-remaining invalid-feedback"></div>
 		{% if field.errors %}
 			{% for e in field.errors %}
 				<p class="help-block">{{ e }}</p>
@@ -96,13 +97,14 @@
 	<div class="form-group {% if field.errors %}has-error{% endif %} {{ kwargs.pop('class_', '') }}">
 		{% if field.type != 'HiddenField' and label_visible %}
 			{% if not label %}{% set label=field.label.text %}{% endif %}
-			<label for="{{ field.id }}" class="control-label">{{ label|safe }}</label>
+			<label for="{{ field.id }}">{{ label|safe }}</label>
 		{% endif %}
-		<div class="deps_selector bulletselector">
+		<div class="deps_selector bulletselector form-control">
 			<input type="text" placeholder="Comma-seperated values">
 			<div class="clearboth"></div>
 		</div>
 		{{ field(class_='form-control', **kwargs) }}
+		<div class="invalid-remaining invalid-feedback"></div>
 		{% if field.errors %}
 			{% for e in field.errors %}
 				<p class="help-block">{{ e }}</p>
@@ -113,7 +115,7 @@
 
 {% macro render_checkbox_field(field, label=None) -%}
 	{% if not label %}{% set label=field.label.text %}{% endif %}
-	<div class="checkbox">
+	<div class="checkbox {{ kwargs.pop('class_', '') }}">
 		<label>
 			{{ field(type='checkbox', **kwargs) }} {{ label }}
 		</label>
@@ -122,9 +124,9 @@
 
 {% macro render_radio_field(field) -%}
 	{% for value, label, checked in field.iter_choices() %}
-		<div class="radio">
-			<label>
-				<input type="radio" name="{{ field.id }}" id="{{ field.id }}" value="{{ value }}"{% if checked %} checked{% endif %}>
+		<div class="form-check my-1">
+			<label class="form-check-label">
+				<input class="form-check-input" type="radio" name="{{ field.id }}" id="{{ field.id }}" value="{{ value }}"{% if checked %} checked{% endif %}>
 				{{ label }}
 			</label>
 		</div>
@@ -134,7 +136,7 @@
 {% macro render_submit_field(field, label=None, tabindex=None) -%}
 	{% if not label %}{% set label=field.label.text %}{% endif %}
 	{#<button type="submit" class="form-control btn btn-default btn-primary">{{label}}</button>#}
-	<input type="submit" value="{{label}}"
+	<input type="submit" value="{{label}}" class="btn btn-primary"
 		   {% if tabindex %}tabindex="{{ tabindex }}"{% endif %}
 		   >
 {%- endmacro %}

app/templates/macros/packagegridtile.html

@@ -1,18 +1,18 @@
 {% macro render_pkgtile(package, show_author) -%}
-	<li><a href="{{ package.getDetailsURL() }}"
+	<li class="packagetile flex-fill"><a href="{{ package.getDetailsURL() }}"
 		style="background-image: url({{ package.getThumbnailURL() or '/static/placeholder.png' }});">
 		<div class="packagegridscrub"></div>
 		<div class="packagegridinfo">
 			<h3>
 				{{ package.title }}
 
-				{% if show_author %}
-					by {{ package.author.display_name }}
+				{% if show_author %}<br />
+					<small>{{ package.author.display_name }}</small>
 				{% endif %}
 			</h3>
 
 			<p>
-				{{ package.shortDesc }}
+				{{ package.short_desc }}
 			</p>
 
 
@@ -34,11 +34,14 @@
 {% endmacro %}
 
 {% macro render_pkggrid(packages, show_author=True) -%}
-	<ul class="packagegrid">
+	<ul class="d-flex p-0 flex-row flex-wrap justify-content-start align-content-start ">
 		{% for p in packages %}
 			{{ render_pkgtile(p, show_author) }}
 		{% else %}
 			<li><i>No packages available</i></ul>
 		{% endfor %}
+		{% for i in range(4) %}
+			<li class="packagetile flex-fill"></li>
+		{% endfor %}
 	</ul>
 {% endmacro %}

app/templates/macros/threads.html

@@ -1,34 +1,83 @@
 {% macro render_thread(thread, current_user) -%}
-	<ul class="comments">
-		{% for r in thread.replies %}
-			<li>
-				<div class="info_strip">
+
+<ul class="comments mt-4 mb-0">
+	{% for r in thread.replies %}
+	<li class="row my-2 mx-0">
+		<div class="col-md-1 p-1">
+			<a href="{{ url_for('user_profile_page', username=r.author.username) }}">
+				<img class="img-responsive user-photo img-thumbnail img-thumbnail-1" src="{{ r.author.getProfilePicURL() }}">
+			</a>
+		</div>
+		<div class="col">
+			<div class="card">
+				<div class="card-header">
 					<a class="author {{ r.author.rank.name }}"
 							href="{{ url_for('user_profile_page', username=r.author.username) }}">
-						{{ r.author.display_name }}</a>
-					<span>{{ r.created_at | datetime }}</span>
-					<div class="clearboth"></div>
+						{{ r.author.display_name }}
+					</a>
+					<a name="reply-{{ r.id }}" class="text-muted float-right"
+							href="{{ url_for('thread_page', id=thread.id) }}#reply-{{ r.id }}">
+						{{ r.created_at | datetime }}
+					</a>
 				</div>
-				<div class="msg">
-					{{ r.comment }}
-				</div>
-			</li>
-		{% endfor %}
-	</ul>
 
-	{% if current_user.is_authenticated %}
-		<form method="post" action="{{ url_for('thread_page', id=thread.id)}}" class="comment_form">
-			<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
-			<textarea required maxlength=500 name="comment"></textarea><br />
-			<input type="submit" value="Comment" />
-		</form>
-	{% endif %}
+				<div class="card-body">
+					{{ r.comment | markdown }}
+				</div>
+			</div>
+		</div>
+	</li>
+	{% endfor %}
+</ul>
+
+{% if current_user.is_authenticated %}
+<div class="row mt-0 mb-4 comments mx-0">
+	<div class="col-md-1 p-1">
+		<img class="img-responsive user-photo img-thumbnail img-thumbnail-1" src="{{ current_user.getProfilePicURL() }}">
+	</div>
+	<div class="col">
+		<div class="card">
+			<div class="card-header {{ current_user.rank.name }}">
+				{{ current_user.display_name }}
+				<a name="reply"></a>
+			</div>
+
+			{% if current_user.canCommentRL() %}
+				<form method="post" action="{{ url_for('thread_page', id=thread.id)}}" class="card-body">
+					<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
+					<textarea class="form-control markdown" required maxlength=500 name="comment"></textarea><br />
+					<input class="btn btn-primary" type="submit" value="Comment" />
+				</form>
+			{% else %}
+				<div class="card-body">
+					<textarea class="form-control" readonly disabled>Please wait before commenting again.</textarea><br />
+					<input class="btn btn-primary" type="submit" disabled value="Comment" />
+				</div>
+			{% endif %}
+		</div>
+	</div>
+</div>
+{% endif %}
 {% endmacro %}
 
-{% macro render_threadlist(threads) -%}
-	<ul>
+{% macro render_threadlist(threads, list_group=False) -%}
+	{% if not list_group %}<ul>{% endif %}
 		{% for t in threads %}
-			<li><a href="{{ url_for('thread_page', id=t.id) }}">{{ t.title }}</a> by {{ t.author.display_name }}</li>
+			<li {% if list_group %}class="list-group-item"{% endif %}>
+				{% if list_group %}
+					<a href="{{ url_for('thread_page', id=t.id) }}">
+						{% if t.private %}&#x1f512; {% endif %}
+						{{ t.title }}
+						by {{ t.author.display_name }}
+					</a>
+				{% else %}
+					{% if t.private %}&#x1f512; {% endif %}
+					<a href="{{ url_for('thread_page', id=t.id) }}">{{ t.title }}</a>
+					by {{ t.author.display_name }}
+				{% endif %}
+			</li>
+		{% else %}
+			<li {% if list_group %}class="list-group-item"{% endif %}><i>No threads found</i></li>
 		{% endfor %}
-	</ul>
+	{% if not list_group %}</ul>{% endif %}
 {% endmacro %}

app/templates/macros/topics.html

@@ -0,0 +1,67 @@
+{% macro render_topics_table(topics, show_author=True, show_discard=False, current_user=current_user) -%}
+<table class="table">
+	<tr>
+		<th></th>
+		<th>Title</th>
+		{% if show_author %}<th>Author</th>{% endif %}
+		<th>Name</th>
+		<th>Date</th>
+		<th>Actions</th>
+	</tr>
+	{% for topic in topics %}
+		<tr class="{% if topic.wip %}wiptopic{% endif %}{% if topic.discarded %}discardtopic{% endif %}">
+			<td>
+				[{{ topic.type.value }}]
+			</td>
+			<td>
+				<a href="https://forum.minetest.net/viewtopic.php?t={{ topic.topic_id}}">{{ topic.title }}</a>
+				{% if topic.wip %}[WIP]{% endif %}
+			</td>
+			{% if show_author %}
+				<td><a href="{{ url_for('user_profile_page', username=topic.author.username) }}">{{ topic.author.display_name}}</a></td>
+			{% endif %}
+			<td>{{ topic.name or ""}}</td>
+			<td>{{ topic.created_at | date }}</td>
+			<td class="btn-group">
+				{% if current_user == topic.author or topic.author.checkPerm(current_user, "CHANGE_AUTHOR") %}
+					<a class="btn btn-primary"
+							href="{{ url_for('create_edit_package_page', author=topic.author.username, repo=topic.getRepoURL(), forums=topic.topic_id, title=topic.title, bname=topic.name) }}">
+						Create
+					</a>
+				{% endif %}
+				{% if show_discard and current_user.is_authenticated and topic.checkPerm(current_user, "TOPIC_DISCARD") %}
+					<a class="btn btn-{% if topic.discarded %}success{% else %}danger{% endif %} topic-discard" data-tid={{ topic.topic_id }}>
+						{% if topic.discarded %}
+							Show
+						{% else %}
+							Discard
+						{% endif %}
+					</a>
+				{% endif %}
+				{% if topic.link %}
+					<a class="btn btn-info" href="{{ topic.link }}">{{ topic.link | domain | truncate(18) }}</a>
+				{% endif %}
+			</td>
+		</tr>
+	{% endfor %}
+</table>
+{% endmacro %}
+
+
+{% macro render_topics(topics, current_user, show_author=True) -%}
+<ul>
+	{% for topic in topics %}
+		<li{% if topic.wip %} class="wiptopic"{% endif %}>
+			<a href="https://forum.minetest.net/viewtopic.php?t={{ topic.topic_id}}">{{ topic.title }}</a>
+			{% if topic.wip %}[WIP]{% endif %}
+			{% if topic.name %}[{{ topic.name }}]{% endif %}
+			{% if show_author %}
+				by <a href="{{ url_for('user_profile_page', username=topic.author.username) }}">{{ topic.author.display_name }}</a>
+			{% endif %}
+			{% if topic.author == current_user or topic.author.checkPerm(current_user, "CHANGE_AUTHOR") %}
+				| <a href="{{ url_for('create_edit_package_page', author=topic.author.username, repo=topic.getRepoURL(), forums=topic.topic_id, title=topic.title, bname=topic.name) }}">Create</a>
+			{% endif %}
+		</li>
+	{% endfor %}
+</ul>
+{% endmacro %}

app/templates/macros/topictable.html

@@ -1,26 +0,0 @@
-{% macro render_topictable(topics, show_author=True) -%}
-<table>
-	<tr>
-		<th>Id</th>
-		<th>Title</th>
-		{% if show_author %}<th>Author</th>{% endif %}
-		<th>Name</th>
-		<th>Link</th>
-		<th>Actions</th>
-	</tr>
-	{% for topic in topics %}
-		<tr>
-			<td>{{ topic.topic_id }}</td>
-			<td>[{{ topic.getType().value }}] <a href="https://forum.minetest.net/viewtopic.php?t={{ topic.topic_id}}">{{ topic.title }}</a></td>
-			{% if show_author %}
-				<td><a href="{{ url_for('user_profile_page', username=topic.author.username) }}">{{ topic.author.display_name}}</a></td>
-			{% endif %}
-			<td>{{ topic.name or ""}}</td>
-			<td><a href="{{ topic.link }}">{{ topic.link | domain }}</a></td>
-			<td>
-				<a href="{{ url_for('create_edit_package_page', author=topic.author.username, repo=topic.getRepoURL(), forums=topic.topic_id, title=topic.title, bname=topic.name) }}">Create</a>
-			</td>
-		</tr>
-	{% endfor %}
-</table>
-{% endmacro %}

app/templates/packages/create_edit.html

@@ -7,79 +7,99 @@
 	{% endif %}
 {% endblock %}
 
+{% from "macros/forms.html" import render_field, render_submit_field, form_scripts, render_multiselect_field, render_mpackage_field, render_deps_field, package_lists %}
+
+{% block scriptextra %}
+	{{ form_scripts() }}
+	{% if enable_wizard %}
+		<script src="/static/url.min.js"></script>
+		<script src="/static/polltask.js"></script>
+		<script src="/static/package_create.js?v=3"></script>
+	{% endif %}
+	<script src="/static/package_edit.js?v=3"></script>
+{% endblock %}
+
 {% block content %}
-	<h1>Create Package</h1>
+	<h1>{{ _("Create Package") }}</h1>
 
-	<div class="box box_grey alert alert-info">
-		Have you read the Package Inclusion Policy and Guidance yet?
+	<div class="alert alert-info">
+		<a class="float-right btn btn-sm btn-default" href="{{ url_for('flatpage', path='policy_and_guidance') }}">{{ _("View") }}</a>
 
-		<a class="alert_right button" href="{{ url_for('flatpage', path='policy_and_guidance') }}">View</a>
+		{{ _("Have you read the Package Inclusion Policy and Guidance yet?") }}
 	</div>
 
+	<noscript>
+		<div class="alert alert-warning">
+			{{ _("Javascript is needed to improve the user interface, and is needed for features
+			such as finding metadata from git, and autocompletion.") }}<br />
+			{{ _("Whilst disabled Javascript may work, it is not officially supported.") }}
+		</div>
+	</noscript>
 
-	{% from "macros/forms.html" import render_field, render_submit_field, form_includes, render_multiselect_field, render_mpackage_field, render_deps_field, package_lists %}
-	{{ form_includes() }}
 	{{ package_lists() }}
 
 	<form method="POST" action="" class="tableform">
 		{{ form.hidden_tag() }}
 
-		<h2 class="pkg_meta">Package</h2>
+		<fieldset>
+			<legend>{{ _("Package") }}</legend>
 
-		{{ render_field(form.type, class_="pkg_meta") }}
-		{{ render_field(form.name, class_="pkg_meta") }}
-		{{ render_field(form.title, class_="pkg_meta") }}
-		{{ render_field(form.shortDesc, class_="pkg_meta") }}
-		{{ render_field(form.desc, class_="pkg_meta") }}
-		{{ render_multiselect_field(form.tags, class_="pkg_meta") }}
-		<div class="pkg_meta">
-			{{ render_field(form.license, class_="not_txp") }}
-		</div>
-		{{ render_field(form.media_license, class_="pkg_meta") }}
+			<div class="row">
+			{{ render_field(form.type, class_="pkg_meta col-sm-2") }}
+			{{ render_field(form.title, class_="pkg_meta col-sm-7") }}
+			{% if package and package.approved and not package.checkPerm(current_user, "CHANGE_NAME") %}
+				{{ render_field(form.name, class_="pkg_meta col-sm-3", readonly=True) }}
+			{% else %}
+				{{ render_field(form.name, class_="pkg_meta col-sm-3") }}
+			{% endif %}
+			</div>
+			{{ render_field(form.short_desc, class_="pkg_meta") }}
+			{{ render_multiselect_field(form.tags, class_="pkg_meta") }}
+			<div class="pkg_meta row">
+				{{ render_field(form.license, class_="not_txp col-sm-6") }}
+				{{ render_field(form.media_license, class_="col-sm-6") }}
+			</div>
+			<div class="pkg_meta row">
+				<div class="not_txp col-sm-6"></div>
+				<div class="not_txp col-sm-6">{{ _("If there is no media, set the Media License to the same as the License.") }}</div>
+			</div>
+			{{ render_field(form.desc, class_="pkg_meta", fieldclass="form-control markdown") }}
+		</fieldset>
 
-		<div class="pkg_meta">
-			<h2 class="not_txp">Dependency Info</h2>
+		<fieldset class="pkg_meta">
+			<legend class="not_txp">{{ _("Dependencies") }}</legend>
 
 			{{ render_mpackage_field(form.provides_str, class_="not_txp", placeholder="Comma separated list") }}
 			{{ render_deps_field(form.harddep_str, class_="not_txp not_game", placeholder="Comma separated list") }}
 			{{ render_deps_field(form.softdep_str, class_="not_txp not_game", placeholder="Comma separated list") }}
-		</div>
+		</fieldset>
 
-		<h2 class="pkg_meta">Repository and Links</h2>
+		<fieldset>
+			<legend class="pkg_meta">{{ _("Repository and Links") }}</legend>
 
-		<div class="pkg_wiz_1">
-			<p>Enter the repo URL for the package.
-			If the repo uses git then the metadata will be automatically imported.</p>
+			<div class="pkg_wiz_1">
+				<p>{{ _("Enter the repo URL for the package.
+				If the repo uses git then the metadata will be automatically imported.") }}</p>
 
-			<p>Leave blank if you don't have a repo.</p>
-		</div>
+				<p>{{ _("Leave blank if you don't have a repo. Click skip if the import fails.") }}</p>
+			</div>
 
-		{{ render_field(form.repo, class_="pkg_repo") }}
+			{{ render_field(form.repo, class_="pkg_repo") }}
 
-		<div class="pkg_wiz_1">
-			<a id="pkg_wiz_1_next" class="button button-primary">Next</a>
-		</div>
+			<div class="pkg_wiz_1">
+				<a id="pkg_wiz_1_next" class="btn btn-primary">{{ _("Next (Autoimport)") }}</a>
+				<a id="pkg_wiz_1_skip" class="btn btn-default">{{ _("Skip Autoimport") }}</a>
+			</div>
 
-		<div class="pkg_wiz_2">
-			Importing... (This may take a while)
-		</div>
+			<div class="pkg_wiz_2">
+					{{ _("Importing... (This may take a while)") }}
+			</div>
+
+			{{ render_field(form.website, class_="pkg_meta") }}
+			{{ render_field(form.issueTracker, class_="pkg_meta") }}
+			{{ render_field(form.forums, class_="pkg_meta", placeholder=_("Tip: paste in a forum topic URL")) }}
+		</fieldset>
 
-		{{ render_field(form.website, class_="pkg_meta") }}
-		{{ render_field(form.issueTracker, class_="pkg_meta") }}
-		{{ render_field(form.forums, class_="pkg_meta") }}
 		<div class="pkg_meta">{{ render_submit_field(form.submit) }}</div>
 	</form>
-
-	{% if enable_wizard %}
-		<script src="/static/url.min.js"></script>
-		<script src="/static/polltask.js"></script>
-		<script src="/static/package_create.js"></script>
-		<noscript>
-			<div class="box box_grey alert alert-warning">
-				<span class="icon_message"></span>
-				Javascript is needed to automatically import metadata from VCS.
-			</div>
-		</noscript>
-	{% endif %}
-	<script src="/static/package_edit.js"></script>
 {% endblock %}

app/templates/packages/editrequest_create_edit.html

@@ -17,7 +17,7 @@
 		{{ render_field(form.type) }}
 		{{ render_field(form.name) }}
 		{{ render_field(form.title) }}
-		{{ render_field(form.shortDesc) }}
+		{{ render_field(form.short_desc) }}
 		{{ render_field(form.desc) }}
 		{{ render_multiselect_field(form.tags) }}
 

app/templates/packages/editrequest_view.html

@@ -24,7 +24,7 @@
 			This edit request was merged.
 		</div>
 	{% elif request.status == 2 %}
-		<div class="box  box_grey alert alert-error">
+		<div class="box  box_grey alert alert-danger">
 			This edit request was rejected.
 		</div>
 	{% elif package.checkPerm(current_user, "APPROVE_CHANGES") %}

app/templates/packages/list.html

@@ -5,36 +5,31 @@
 {% endblock %}
 
 {% block content %}
-	<form method="get" action="" class="plsearchform">
-		{% if type %}<input type="hidden" name="type" value="{{ type }}" />{% endif %}
-		<input type="text" name="q" value="{{ query or ''}}" />
-		<input type="submit" value="Search" />
-
-		<p>
-			Found {{ packages_count }} packages.
-		</p>
-	</form>
-
-	<!--<aside class="box box_grey outsidecontainer">
-		<h3>Tags</h3>
-
-		<ul class="flatlist">
-			{% for t in tags %}
-				<li><a href="{{ url_for('packages_page', q=(query or '')+' tag:'+t.name, type=type) }}">
-					{{ t.title }}
-				</a></li>
-			{% else %}
-				<li><i>No tags available</i></ul>
-			{% endfor %}
-		</ul>
-	</aside> -->
-
 	{% from "macros/packagegridtile.html" import render_pkggrid %}
 	{{ render_pkggrid(packages) }}
 
-	<ul class="buttonset linedbuttonset">
-		{% if prev_url %}<li><a href="{{ prev_url }}">Previous</a></li>{% endif %}
-		<li>{{ page }} / {{ page_max }}</li>
-		{% if next_url %}<li><a href="{{ next_url }}">Next</a></li> {% endif %}
+	<ul class="pagination mt-4">
+		<li class="page-item {% if not prev_url %}disabled{% endif %}">
+			<a class="page-link" {% if prev_url %}href="{{ prev_url }}"{% endif %}>&laquo;</a>
+		</li>
+		{% for n in range(1, page_max+1) %}
+			<li class="page-item {% if n == page %}active{% endif %}">
+				<a class="page-link"
+						href="{{ url_for('packages_page', type=type, q=query, page=n) }}">
+					{{ n }}
+				</a>
+			</li>
+		{% endfor %}
+		<li class="page-item {% if not next_url %}disabled{% endif %}">
+			<a class="page-link" {% if next_url %}href="{{ next_url }}"{% endif %}>&raquo;</a>
+		</li>
 	</ul>
+
+	{% if topics %}
+		<h2 style="margin-top:2em;">More content from the forums</h2>
+
+		{% from "macros/topics.html" import render_topics %}
+		{{ render_topics(topics, current_user) }}
+	{% endif %}
+
 {% endblock %}

app/templates/packages/release_bulk_change.html

@@ -0,0 +1,67 @@
+{% extends "base.html" %}
+
+{% block title %}
+	Create a release | {{ package.title }}
+{% endblock %}
+
+{% block content %}
+	<h1>Bulk Change Releases</h1>
+
+	<p class="mb-5">
+		Use this page to set the min and max of all releases for your package.
+	</p>
+
+	{% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %}
+	<form method="POST" action="">
+		{{ form.hidden_tag() }}
+
+		<div class="row">
+			{{ render_checkbox_field(form.set_min, class_="col-sm-2") }}
+			{{ render_field(form.min_rel, class_="col-sm-10") }}
+		</div>
+		<div class="row">
+			{{ render_checkbox_field(form.set_max, class_="col-sm-2") }}
+			{{ render_field(form.max_rel, class_="col-sm-10") }}
+		</div>
+		{{ render_checkbox_field(form.only_change_none) }}
+
+		<p id="minmax_warning" style="color:#f00; display: none;">
+			Maximum must be greater than or equal to the minimum!
+		</p>
+
+		<p class="mt-3">
+			Note: Min and max versions will be used to hide the package on
+			platforms not within the range.
+			You cannot select the oldest version for min or the newest version
+			for max as this does not make sense - you can't predict the future.<br />
+			Leave both as None if in doubt.
+		</p>
+
+		{{ render_submit_field(form.submit) }}
+	</form>
+{% endblock %}
+
+{% block scriptextra %}
+	<script src="/static/release_minmax.js?v=1"></script>
+	<script>
+		function setup_toggle(type) {
+			var toggle = $("#set_" + type);
+			function on_change() {
+				if (toggle.is(":checked")) {
+					// $("#" + type + "_rel").removeAttr("disabled");
+					$("#" + type + "_rel").parent().css("opacity", "1");
+				} else {
+					// $("#" + type + "_rel").attr("disabled", "disabled");
+					$("#" + type + "_rel").parent().css("opacity", "0.4");
+					$("#" + type + "_rel").val($("#" + type + "_rel option:first-child").attr("value"));
+					$("#" + type + "_rel").change();
+				}
+			}
+			toggle.change(on_change);
+			on_change();
+		}
+
+		setup_toggle("min");
+		setup_toggle("max");
+	</script>
+{% endblock %}

app/templates/packages/release_edit.html

@@ -1,11 +1,11 @@
 {% extends "base.html" %}
 
 {% block title %}
-	Create a release | {{ package.title }}
+	Edit release | {{ package.title }}
 {% endblock %}
 
 {% block content %}
-	{% from "macros/forms.html" import render_field, render_submit_field %}
+	{% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %}
 	<form method="POST" action="">
 		{{ form.hidden_tag() }}
 
@@ -21,8 +21,12 @@
 			Url: <a href="{{ release.url }}">{{ release.url }}</a><br />
 		{% endif %}
 
+		{% if release.commit_hash %}
+			Commit Hash: {{ release.commit_hash }}<br />
+		{% endif %}
+
 		{% if release.task_id %}
-			Importing... <a href="{ url_for('check_task', id=release.task_id, r=release.getEditURL()) }}">view task</a><br />
+			Importing... <a href="{{ url_for('check_task', id=release.task_id, r=release.getEditURL()) }}">view task</a><br />
 			{% if package.checkPerm(current_user, "CHANGE_RELEASE_URL") %}
 				{{ render_field(form.task_id) }}
 			{% endif %}
@@ -30,31 +34,33 @@
 			<br />
 		{% else %}
 			{% if package.checkPerm(current_user, "APPROVE_RELEASE") %}
-				{{ render_field(form.approved) }}
+				{{ render_checkbox_field(form.approved, class_="my-3") }}
 			{% else %}
 				Approved: {{ release.approved }}
 			{% endif %}
 		{% endif %}
 
+		<div class="row">
+			{{ render_field(form.min_rel, class_="col-sm-6") }}
+			{{ render_field(form.max_rel, class_="col-sm-6") }}
+		</div>
+
+		<p id="minmax_warning" style="color:#f00; display: none;">
+			Maximum must be greater than or equal to the minimum!
+		</p>
+
+		<p>
+			Note: Min and max versions will be used to hide the package on
+			platforms not within the range.
+			You cannot select the oldest version for min or the newest version
+			for max as this does not make sense - you can't predict the future.<br />
+			Leave both as None if in doubt.
+		</p>
+
 		{{ render_submit_field(form.submit) }}
 	</form>
-
-	{% if package.checkPerm(current_user, "APPROVE_RELEASE") %}
-		<div class="box box_grey">
-			<h2>Approval Checklist</h2>
-			<ul>
-				<li>Link leads to a valid download, ie: is a zip file which
-					has either init.lua or modpack.txt if a mod, mods/ if a game, or textures if a texture pack.
-					It's okay if they're inside an immediate folder, like so:
-
-<pre>
-example.zip/
-└── example
-    └── init.lua
-</pre>
-				</li>
-				<li>There's no obfuscated code.</li>
-			</ul>
-		</div>
-	{% endif %}
+{% endblock %}
+
+{% block scriptextra %}
+	<script src="/static/release_minmax.js?v=1"></script>
 {% endblock %}

app/templates/packages/release_new.html

@@ -5,16 +5,54 @@
 {% endblock %}
 
 {% block content %}
-	{% from "macros/forms.html" import render_field, render_submit_field %}
+	{% from "macros/forms.html" import render_field, render_submit_field, render_radio_field %}
 	<form method="POST" action="" enctype="multipart/form-data">
 		{{ form.hidden_tag() }}
 
 		{{ render_field(form.title, placeholder="Human readable. Eg: 1.0.0 or 2018-05-28") }}
-		{{ render_field(form.uploadOpt) }}
+		<p class="mb-0">Method</p>
+		{{ render_radio_field(form.uploadOpt) }}
+
 		{% if package.repo %}
-			{{ render_field(form.vcsLabel) }}
+			{{ render_field(form.vcsLabel, class_="mt-3") }}
 		{% endif %}
-		{{ render_field(form.fileUpload) }}
+
+		{{ render_field(form.fileUpload, fieldclass="form-control-file", class_="mt-3", accept=".zip") }}
+
+		<div class="row">
+			{{ render_field(form.min_rel, class_="col-sm-6") }}
+			{{ render_field(form.max_rel, class_="col-sm-6") }}
+		</div>
+
+		<p id="minmax_warning" style="color:#f00; display: none;">
+			Maximum must be greater than or equal to the minimum!
+		</p>
+
+		<p>
+			Note: Min and max versions will be used to hide the package on
+			platforms not within the range.
+			You cannot select the oldest version for min or the newest version
+			for max as this does not make sense - you can't predict the future.<br />
+			Leave both as None if in doubt.
+		</p>
+
 		{{ render_submit_field(form.submit) }}
 	</form>
 {% endblock %}
+
+{% block scriptextra %}
+	<script src="/static/release_minmax.js?v=1"></script>
+	<script>
+		function check_opt() {
+			if ($("input[name=uploadOpt]:checked").val() == "vcs") {
+				$("#fileUpload").parent().hide();
+				$("#vcsLabel").parent().show();
+			} else {
+				$("#fileUpload").parent().show();
+				$("#vcsLabel").parent().hide();
+			}
+		}
+		$("input[name=uploadOpt]").change(check_opt);
+		check_opt();
+	</script>
+{% endblock %}

app/templates/packages/remove.html

@@ -6,13 +6,14 @@
 
 {% block content %}
 	<form method="POST" action="" class="box box_grey ">
-		<h3>Delete Package</h3>
+		<h3>Remove Package</h3>
 
 		<div class="box-body">
-			<p>This action can be undone by the admin, but he'll be very annoyed!</p>
+			<p>Deleting a package can be undone by the admin, but he'll be very annoyed!</p>
 
 			<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
-			<input type="submit" value="Delete" class="button-danger" />
+			<input type="submit" name="delete" value="Delete" class="btn btn-danger" />
+			<input type="submit" name="unapprove" value="Unapprove" class="btn btn-warning" />
 		</div>
 	</form>
 {% endblock %}

app/templates/packages/screenshot_edit.html

@@ -5,17 +5,19 @@
 {% endblock %}
 
 {% block content %}
-	<img src="{{ screenshot.getThumbnailURL() }}" alt="{{ screenshot.title }}" />
+	<a href="{{ screenshot.url }}">
+		<img src="{{ screenshot.getThumbnailURL() }}" alt="{{ screenshot.title }}" />
+	</a>
 
-	{% from "macros/forms.html" import render_field, render_submit_field %}
+	{% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %}
 	<form method="POST" action="" enctype="multipart/form-data">
 		{{ form.hidden_tag() }}
 
 		{{ render_field(form.title) }}
-		{{ render_field(form.delete) }}
+		{{ render_checkbox_field(form.delete) }}
 
 		{% if package.checkPerm(current_user, "APPROVE_SCREENSHOT") %}
-			{{ render_field(form.approved) }}
+			{{ render_checkbox_field(form.approved) }}
 		{% else %}
 			<p>Approved: {{ screenshot.approved }}</p>
 		{% endif %}

app/templates/packages/screenshot_new.html

@@ -10,7 +10,7 @@
 		{{ form.hidden_tag() }}
 
 		{{ render_field(form.title) }}
-		{{ render_field(form.fileUpload) }}
+		{{ render_field(form.fileUpload, fieldclass="form-control-file", accept="image/png,image/jpeg") }}
 		{{ render_submit_field(form.submit) }}
 	</form>
 {% endblock %}

app/templates/packages/view.html

@@ -1,303 +1,415 @@
+{% set query=package.name %}
+
 {% extends "base.html" %}
 
 {% block title %}
 	{{ package.title }}
 {% endblock %}
 
-{% block content %}
-	{% if not package.approved %}
-		<div class="box box_grey alert alert-warning">
-			<span class="icon_message"></span>
-			{% if package.releases.count() == 0 %}
-				{% if package.checkPerm(current_user, "MAKE_RELEASE") %}
-					You need to create a release before this package can be approved.
-					<p>
-						A release is a single downloadable version of your {{ package.type.value | lower }}.
-						You need to create releases even if you use a rolling release development cycle,
-						as Minetest needs them to check for updates.
-					</p>
-					<a class="button" href="{{ package.getCreateReleaseURL() }}">Create Release</a>
-				{% else %}
-					A release is required before this package can be approved.
-				{% endif %}
+{% block container %}
+	<header class="jumbotron pb-3"
+		style="background: linear-gradient(rgba(0, 0, 0, 0.3), rgba(0, 0, 0, 0.3)), url('{{ package.getMainScreenshotURL() }}');
+		    background-size: cover;
+		    background-repeat: no-repeat;
+		    background-position: center;">
+		<div class="container">
+			<h1 class="display-3">
+				{{ package.title }}
+				<small>by {{ package.author.display_name }}</small>
+			</h1>
 
-			{% elif (package.type == package.type.GAME or package.type == package.type.TXP) and package.screenshots.count() == 0 %}
-				You need to add at least one screenshot.
+			<p class="lead">
+				{{ package.short_desc }}
+			</p>
 
-			{% else %}
-				{% if package.screenshots.count() == 0 %}
-					<b>You should add at least one screenshot, but this isn't required.</b><br />
-				{% endif %}
-
-				{% if not package.getDownloadRelease() %}
-					Please wait for the release to be approved.
-				{% elif package.checkPerm(current_user, "APPROVE_NEW") %}
-					You can now approve this package if you're ready.
-					<form method="post" action="{{ package.getApproveURL() }}">
-						<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
-						<input type="submit" value="Approve" />
-					</form>
-				{% else %}
-					Please wait for the package to be approved.
-				{% endif %}
-			{% endif %}
-			<div style="clear: both;"></div>
+			<div class="row" style="margin-top: 2rem;">
+				<div class="col">
+					{{ package.getDownloadCount() }} downloads
+				</div>
+				<div class="btn-group-horizontal col-md-auto">
+					{% if package.repo %}<a class="btn btn-secondary" href="{{ package.repo }}">View Source</a>{% endif %}
+					{% if package.forums %}<a class="btn btn-secondary" href="https://forum.minetest.net/viewtopic.php?t={{ package.forums }}">Forums</a>{% endif %}
+					{% if package.issueTracker %}<a class="btn btn-secondary" href="{{ package.issueTracker }}">Issue Tracker</a>{% endif %}
+					{% if package.website %}<a class="btn btn-secondary" href="{{ package.website }}">Website</a>{% endif %}
+				</div>
+			</div>
 		</div>
+	</header>
 
-		{% if package.author == current_user or package.checkPerm(current_user, "APPROVE_NEW") %}
+	<main class="container mt-4">
+		{% if not package.approved %}
+			<div class="alert alert-warning">
+				<span class="icon_message"></span>
+				{% if package.releases.count() == 0 %}
+					<h4 class="alert-heading">Release Required</h4>
+					{% if package.checkPerm(current_user, "MAKE_RELEASE") %}
+						<p>You need to create a release before this package can be approved.</p>
+						<p>
+							A release is a single downloadable version of your {{ package.type.value | lower }}.
+							You need to create releases even if you use a rolling release development cycle,
+							as Minetest needs them to check for updates.
+						</p>
+						<a class="btn" href="{{ package.getCreateReleaseURL() }}">Create Release</a>
+					{% else %}
+						A release is required before this package can be approved.
+					{% endif %}
+
+				{% elif (package.type == package.type.GAME or package.type == package.type.TXP) and package.screenshots.count() == 0 %}
+					You need to add at least one screenshot.
+
+				{% elif topic_error_lvl == "danger" %}
+					Please fix the below topic issue(s).
+
+				{% elif "Other" in package.license.name or "Other" in package.media_license.name %}
+					Please wait for the license to be added to CDB.
+
+				{% else %}
+					{% if package.screenshots.count() == 0 %}
+						<b>You should add at least one screenshot, but this isn't required.</b><br />
+					{% endif %}
+
+					{% if not package.getDownloadRelease() %}
+						Please wait for the release to be approved.
+					{% elif package.checkPerm(current_user, "APPROVE_NEW") %}
+						<form class="float-right"  method="post" action="{{ package.getApproveURL() }}">
+							<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
+							<input class="btn btn-sm btn-warning" type="submit" value="Approve" />
+						</form>
+						You can now approve this package if you're ready.
+					{% else %}
+						Please wait for the package to be approved.
+					{% endif %}
+				{% endif %}
+				<div style="clear: both;"></div>
+			</div>
+
+			{% if topic_error %}
+				<div class="alert alert-{{ topic_error_lvl }}">
+					<span class="icon_message"></span>
+					{{ topic_error | safe }}
+					<div style="clear: both;"></div>
+				</div>
+			{% endif %}
+
+			{% if similar_topics %}
+				<div class="alert alert-warning">
+					Please make sure that this package has the right to
+					the name '{{ package.name }}'.
+					See the
+					<a href="/policy_and_guidance/">Inclusion Policy</a>
+					for more info.
+				</div>
+			{% endif %}
+
+			{% if not review_thread and (package.author == current_user or package.checkPerm(current_user, "APPROVE_NEW")) %}
+				<div class="alert alert-info">
+					<a class="float-right btn btn-sm btn-info" href="{{ url_for('new_thread_page', pid=package.id, title='Package approval comments') }}">Open Thread</a>
+
+					Privately ask a question or give feedback
+					<div style="clear:both;"></div>
+				</div>
+			{% endif %}
+		{% endif %}
+
+		<aside class="float-right ml-4" style="width: 18rem;">
+			{% set release = package.getDownloadRelease() %}
+			{% if release %}
+				<a class="btn btn-download btn-lg btn-block" rel="nofollow"
+						href="{{ package.getDownloadURL() }}" class="btn_green">
+					Download
+				</a>
+
+				<p class="text-center m-2" style="font-size: 80%;">
+					{% if release.min_rel and release.max_rel %}
+						Minetest {{ release.min_rel.name }} - {{ release.max_rel.name }}
+					{% elif release.min_rel %}
+						Supports Minetest {{ release.min_rel.name }} and above.
+					{% elif release.max_rel %}
+						Supports Minetest {{ release.max_rel.name }} and below.
+					{% endif %}
+				</p>
+			{% else %}
+				No download available.
+			{% endif %}
+
+			<div class="card my-4">
+				<div class="card-header">
+					Details
+					<div class="btn-group float-right">
+					{% if package.checkPerm(current_user, "EDIT_PACKAGE") %}
+						<a class="btn btn-default btn-sm mx-1" href="{{ package.getEditURL() }}">Edit</a>
+					{% endif %}
+					{# {% if current_user.is_authenticated %}
+						<a class="btn btn-default btn-sm mx-1" href="{{ package.getCreateEditRequestURL() }}">Suggest Changes</a>
+					{% endif %} #}
+					{% if package.checkPerm(current_user, "DELETE_PACKAGE") or package.checkPerm(current_user, "UNAPPROVE_PACKAGE") %}
+						<a class="btn btn-danger btn-sm mx-1" href="{{ package.getRemoveURL() }}">Remove</a>
+					{% endif %}
+					</div>
+
+				</div>
+				{% if not package.license.is_foss and not package.media_license.is_foss and package.type != package.type.TXP  %}
+					{% set package_warning="Non-free code and media." %}
+				{% elif not package.license.is_foss and package.type != package.type.TXP %}
+					{% set package_warning="Non-free code." %}
+				{% elif not package.media_license.is_foss %}
+					{% set package_warning="Non-free media." %}
+				{% endif %}
+				{% if package_warning %}
+					<div class="card-body">
+						<div class="alert alert-danger">
+							<b>Warning:</b> {{ package_warning }}
+						</div>
+					</div>
+				{% endif %}
+				<table class="table">
+					<tr>
+						<td>Name</td>
+						<td>{{ package.name }}</td>
+					</tr>
+					{% if package.provides %}
+					<tr>
+						<td>Provides</td>
+						<td>{% for meta in package.provides %}
+							<a class="badge badge-primary"
+							 href="{{ url_for('meta_package_page', name=meta.name) }}">{{ meta.name }}</a>
+						{% endfor %}</td>
+					</tr>
+					{% endif %}
+					<tr>
+						<td>Author</td>
+						<td class="{{ package.author.rank }}">
+							<a href="{{ url_for('user_profile_page', username=package.author.username) }}">
+								{{ package.author.display_name }}
+							</a>
+						</td>
+					</tr>
+					<tr>
+						<td>Type</td>
+						<td>{{ package.type.value }}</td>
+					</tr>
+					<tr>
+						<td>License</td>
+						<td>
+							{% if package.license == package.media_license %}
+								{{ package.license.name }}
+							{% elif package.type == package.type.TXP %}
+								{{ package.media_license.name }}
+							{% else %}
+								{{ package.license.name }} for code,<br />
+								{{ package.media_license.name }} for media.
+							{% endif %}
+						</td>
+					</tr>
+					<tr>
+						<td>Added</td>
+						<td>{{ package.created_at | datetime }}</td>
+					</tr>
+					<tr>
+						<td>Tags</td>
+						<td>
+							{% for t in package.tags %}
+								<span class="badge badge-primary">{{ t.title }}</span>
+							{% else %}
+								<i>No tags.</i>
+							{% endfor %}
+						</td>
+				</table>
+			</div>
+
+			{% if package.author.donate_url %}
+				<div class="alert alert-secondary">
+					Like {{ package.author.display_name }}'s work?
+					<a href="{{ package.author.donate_url }}" rel="nofollow">Donate now!</a>
+				</div>
+			{% endif %}
+
+			{% if package.type == package.type.MOD %}
+				<div class="card my-4">
+					<div class="card-header">Dependencies</div>
+					<div class="card-body">
+						{% for dep in package.dependencies %}
+							{% if dep.optional %}
+								{% set color="secondary" %}
+							{% else %}
+								{% set color="primary" %}
+							{% endif %}
+
+							{%- if dep.package %}
+								<a class="badge badge-{{ color }}"
+										href="{{ dep.package.getDetailsURL() }}">
+									{{ dep.package.title }} by {{ dep.package.author.display_name }}
+							{% elif dep.meta_package %}
+								<a class="badge badge-{{ color }}"
+										href="{{ url_for('meta_package_page', name=dep.meta_package.name) }}">
+									{{ dep.meta_package.name }}
+							{% else %}
+								{{ "Excepted package or meta_package in dep!" | throw }}
+							{% endif %}</a>
+						{% else %}
+							<i>No dependencies</i>
+						{% endfor %}
+					</div>
+				</div>
+			{% endif %}
+
+			<div class="card my-4">
+				<div class="card-header">
+					Releases
+					<div class="float-right">
+						{% if package.checkPerm(current_user, "MAKE_RELEASE") %}
+							<a href="{{ package.getBulkReleaseURL() }}">bulk</a>
+							|
+							<a href="{{ package.getCreateReleaseURL() }}">+</a>
+						{% endif %}
+					</div>
+				</div>
+				<ul class="list-group list-group-flush">
+					{% for rel in releases %}
+						{% if rel.approved or package.checkPerm(current_user, "MAKE_RELEASE") or package.checkPerm(current_user, "APPROVE_RELEASE")  %}
+							<li class="list-group-item">
+
+								{% if package.checkPerm(current_user, "MAKE_RELEASE") or package.checkPerm(current_user, "APPROVE_RELEASE")  %}
+									<a class="btn btn-sm btn-primary float-right" href="{{ rel.getEditURL() }}">Edit
+									{% if not rel.task_id and not rel.approved and package.checkPerm(current_user, "APPROVE_RELEASE") %}
+										/ Approve
+									{% endif %}
+									</a>
+								{% endif %}
+
+								{% if not rel.approved %}<i>{% endif %}
+
+								<a href="{{ rel.getDownloadURL() }}" rel="nofollow">{{ rel.title }}</a>
+
+								<span style="color:#ddd;">
+									{% if rel.min_rel and rel.max_rel %}
+										[MT {{ rel.min_rel.name }}-{{ rel.max_rel.name }}]
+									{% elif rel.min_rel %}
+										[MT {{ rel.min_rel.name }}+]
+									{% elif rel.max_rel %}
+										[MT &le;{{ rel.max_rel.name }}]
+									{% endif %}
+								</span>
+
+								<br>
+
+								<small style="color:#999;">
+									{% if rel.commit_hash %}
+											[{{ rel.commit_hash | truncate(5, end='') }}]
+									{% endif %}
+
+									created {{ rel.releaseDate | date }}.
+								</small>
+								{% if (package.checkPerm(current_user, "MAKE_RELEASE") or package.checkPerm(current_user, "APPROVE_RELEASE")) and rel.task_id %}
+									<a href="{{ url_for('check_task', id=rel.task_id, r=package.getDetailsURL()) }}">Importing...</a>
+								{% elif not rel.approved %}
+									Waiting for approval.
+								{% endif %}
+
+								{% if not rel.approved %}</i>{% endif %}
+
+							</li>
+						{% endif %}
+					{% else %}
+						<li class="list-group-item">No releases available.</li>
+					{% endfor %}
+				</ul>
+			</div>
+
+			<div class="card my-4"">
+				<div class="card-header">
+				{% if package.approved and package.checkPerm(current_user, "CREATE_THREAD") %}
+					<a class="float-right"
+						href="{{ url_for('new_thread_page', pid=package.id) }}">+</a>
+				{% endif %}
+					Threads
+				</div>
+				<ul class="list-group list-group-flush">
+					{% from "macros/threads.html" import render_threadlist %}
+					{{ render_threadlist(threads, list_group=True) }}
+				</ul>
+			</div>
+
+			{% if package.approved and package.checkPerm(current_user, "CREATE_THREAD") and current_user != package.author and not current_user.rank.atLeast(current_user.rank.EDITOR) %}
+				<a class="float-right"
+					href="{{ url_for('new_thread_page', pid=package.id) }}">
+						Report a problem with this listing
+				</a>
+			{% endif %}
+		</aside>
+
+		{% if not package.approved and (package.author == current_user or package.checkPerm(current_user, "APPROVE_NEW")) %}
 			{% if review_thread %}
-				<h2>&#x1f512; {{ review_thread.title }}</h2>
-				<p><i>
-					This thread is only visible to the package owner and users of
-					Editor rank or above.
-				</i></p>
+				<h2>{% if review_thread.private %}&#x1f512;{% endif %} {{ review_thread.title }}</h2>
+				{% if review_thread.private %}
+					<p><i>
+						This thread is only visible to the package owner and users of
+						Editor rank or above.
+					</i></p>
+				{% endif %}
 
 				{% from "macros/threads.html" import render_thread %}
 				{{ render_thread(review_thread, current_user) }}
-			{% else %}
-				<div class="box box_grey alert alert-info">
-					Privately ask a question or give feedback
-
-					<a class="alert_right button" href="{{ url_for('new_thread_page', pid=package.id, title='Package approval comments') }}">Open Thread</a>
-				</div>
 			{% endif %}
 		{% endif %}
-	{% endif %}
 
-	<h1>{{ package.title }} by {{ package.author.display_name }}</h1>
-
-	<ul class="screenshot_list">
-		{% for ss in package.screenshots %}
-			{% if ss.approved or package.checkPerm(current_user, "ADD_SCREENSHOTS") %}
-				<li>
-					<a href="{% if package.checkPerm(current_user, 'ADD_SCREENSHOTS') %}{{ ss.getEditURL() }}{% else %}{{ ss.url }}{% endif %}">
-						<img src="{{ ss.getThumbnailURL() }}" alt="{{ ss.title }}" />
-					</a>
-				</li>
+		<ul class="screenshot_list mb-4">
+			{% if package.checkPerm(current_user, "EDIT_PACKAGE") %}
+			<a class="btn btn-primary float-right" href="{{ package.getNewScreenshotURL() }}">Add screenshot</a>
 			{% endif %}
-		{% endfor %}
-	</ul>
-
-	<aside class="asideright box box_grey">
-		<h3>Details</h3>
-
-		<div class="box-body">
-			{% if not package.license.is_foss and not package.media_license.is_foss and package.type != package.type.TXP  %}
-				<div class="box box_grey alert alert-error" style="margin-top: 0;">
-					<b>Warning:</b> Non-free code and media.
-				</div>
-			{% elif not package.license.is_foss and package.type != package.type.TXP %}
-				<div class="box box_grey alert alert-error" style="margin-top: 0;">
-					<b>Warning:</b> Non-free code.
-				</div>
-			{% elif not package.media_license.is_foss %}
-				<div class="box box_grey alert alert-error" style="margin-top: 0;">
-					<b>Warning:</b> Non-free media.
-				</div>
-			{% endif %}
-			<table>
-				<tr>
-					<td>Name</td>
-					<td>{{ package.name }}</td>
-				</tr>
-				{% if package.provides %}
-				<tr>
-					<td>Provides</td>
-					<td>{% for meta in package.provides %}
-						<a href="{{ url_for('meta_package_page', name=meta.name) }}">{{ meta.name }}</a>
-						{%- if not loop.last %}
-						,
-						{% endif %}
-					{% endfor %}</td>
-				</tr>
-				{% endif %}
-				<tr>
-					<td>Author</td>
-					<td class="{{ package.author.rank }}">
-						<a href="{{ url_for('user_profile_page', username=package.author.username) }}">
-							{{ package.author.display_name }}
+			{% for ss in package.screenshots %}
+				{% if ss.approved or package.checkPerm(current_user, "ADD_SCREENSHOTS") %}
+					<li>
+						<a href="{% if package.checkPerm(current_user, 'ADD_SCREENSHOTS') %}{{ ss.getEditURL() }}{% else %}{{ ss.url }}{% endif %}">
+							<img src="{{ ss.getThumbnailURL() }}" alt="{{ ss.title }}" />
 						</a>
-					</td>
-				</tr>
-				<tr>
-					<td>Type</td>
-					<td>{{ package.type.value }}</td>
-				</tr>
-				<tr>
-					<td>License</td>
-					<td>
-						{% if package.license == package.media_license %}
-							{{ package.license.name }}
-						{% elif package.type == package.type.TXP %}
-							{{ package.media_license.name }}
-						{% else %}
-							{{ package.license.name }} for code,<br />
-							{{ package.media_license.name }} for media.
-						{% endif %}
-					</td>
-				</tr>
-				<tr>
-					<td>Added</td>
-					<td>{{ package.created_at | datetime }}</td>
-				</tr>
-			</table>
-
-			<ul class="buttonset linedbuttonset">
-				{% if package.getDownloadRelease() %}<li><a href="{{ package.getDownloadURL() }}" class="btn_green">Download</a></li>{% endif %}
-				{% if package.repo %}<li><a href="{{ package.repo }}">View Source</a></li>{% endif %}
-				{% if package.forums %}<li><a href="https://forum.minetest.net/viewtopic.php?t={{ package.forums }}">Forums</a></li>{% endif %}
-				{% if package.issueTracker %}<li><a href="{{ package.issueTracker }}">Issue Tracker</a></li>{% endif %}
-				{% if package.website %}<li><a href="{{ package.website }}">Website</a></li>{% endif %}
-				{% if package.checkPerm(current_user, "EDIT_PACKAGE") %}
-					<li><a href="{{ package.getEditURL() }}">Edit</a></li>
-					<li><a href="{{ package.getNewScreenshotURL() }}">Add screenshot</a></li>
+					</li>
 				{% endif %}
-				{# {% if current_user.is_authenticated %}
-					<li><a href="{{ package.getCreateEditRequestURL() }}">Suggest Changes</a></li>
-				{% endif %} #}
-				{% if package.checkPerm(current_user, "MAKE_RELEASE") %}
-					<li><a href="{{ package.getCreateReleaseURL() }}">Create Release</a></li>
-				{% endif %}
-				{% if package.checkPerm(current_user, "DELETE_PACKAGE") %}
-					<li><a href="{{ package.getDeleteURL() }}">Delete</a></li>
-				{% endif %}
-			</ul>
-		</div>
-	</aside>
+			{% endfor %}
+		</ul>
 
-	<p class="package-short-large">{{ package.shortDesc }}</p>
+		{{ package.desc | markdown }}
 
-	{{ package.desc | markdown }}
+		<div style="clear: both;"></div>
 
-	<h3>Releases</h3>
+		{#
+			{% if current_user.is_authenticated or requests %}
+				<h3>Edit Requests</h3>
 
-	<ul>
-		{% for rel in releases %}
-			{% if rel.approved or package.checkPerm(current_user, "MAKE_RELEASE") or package.checkPerm(current_user, "APPROVE_RELEASE")  %}
-				<li>
-					{% if not rel.approved %}<i>{% endif %}
-
-					<a href="{{ rel.url }}">{{ rel.title }}</a>,
-					created {{ rel.releaseDate | datetime }}.
-					{% if rel.task_id %}
-						<a href="{{ url_for('check_task', id=rel.task_id, r=package.getDetailsURL()) }}">Importing...</a>
-					{% elif not rel.approved %}
-						Waiting for approval.
-					{% endif %}
-
-					{% if package.checkPerm(current_user, "MAKE_RELEASE") or package.checkPerm(current_user, "APPROVE_RELEASE")  %}
-						<a href="{{ rel.getEditURL() }}">Edit
-						{% if not rel.task_id and not rel.approved and package.checkPerm(current_user, "APPROVE_RELEASE") %}
-							/ Approve
-						{% endif %}
-						</a>
-					{% endif %}
-
-					{% if not rel.approved %}</i>{% endif %}
-				</li>
-			{% endif %}
-		{% else %}
-			<li>No releases available.</li>
-		{% endfor %}
-	</ul>
-
-	<h3>Tags</h3>
-	<ul>
-		{% for t in package.tags %}
-			<li>{{ t.title }}</li>
-		{% else %}
-			<li>No tags.</li>
-		{% endfor %}
-	</ul>
-
-	<!-- <table class="table-topalign">
-		<tr>
-			<td> -->
-				<h3>Dependencies</h3>
 				<ul>
-					{% for dep in package.dependencies %}
+					{% for r in requests %}
 						<li>
-							{%- if dep.package %}
-								<a href="{{ dep.package.getDetailsURL() }}">{{ dep.package.title }}</a> by {{ dep.package.author.display_name }}
-							{% elif dep.meta_package %}
-								<a href="{{ url_for('meta_package_page', name=dep.meta_package.name) }}">{{ dep.meta_package.name }}</a>
-							{% else %}
-								{{ "Excepted package or meta_package in dep!" | throw }}
-							{% endif %}
-							{% if dep.optional %}
-								[optional]
-							{% endif %}
+							<a href="{{ r.getURL() }}">{{ r.title }}</a>
+							by
+							<a href="{{ url_for('user_profile_page', username=r.author.username) }}">{{ r.author.display_name }}</a>
 						</li>
 					{% else %}
-						<li><i>No dependencies</i></li>
+						<li>No edit requests have been made.</li>
 					{% endfor %}
 				</ul>
-			<!-- </td>
-			<td>
-				<h3>Required by</h3>
-				<ul>
-					{% for p in package.dependents %}
-						<li><a href="{{ p.getDetailsURL() }}">{{ p.title }}</a> by {{ p.author.display_name }}</li>
-					{% else %}
-						{% if not package.softdependents %}
-						<li>No dependents.</li>
-						{% endif %}
-					{% endfor %}
-					{% for p in package.softdependents %}
-						<li><a href="{{ p.getDetailsURL() }}">{{ p.title }}</a> by {{ p.author.display_name }} [optional]</li>
-					{% endfor %}
-				</ul>
-			</td>
-		</tr>
-	</table> -->
+			{% endif %}
+		#}
 
-	{#
-		{% if current_user.is_authenticated or requests %}
-			<h3>Edit Requests</h3>
+		{% if alternatives %}
+			<h3>Related</h3>
 
+			{% from "macros/packagegridtile.html" import render_pkggrid %}
+			{{ render_pkggrid(alternatives) }}
+		{% endif %}
+
+		{% if similar_topics %}
+			<h3>Similar Forum Topics</h3>
 			<ul>
-				{% for r in requests %}
+				{% for t in similar_topics %}
 					<li>
-						<a href="{{ r.getURL() }}">{{ r.title }}</a>
-						by
-						<a href="{{ url_for('user_profile_page', username=r.author.username) }}">{{ r.author.display_name }}</a>
+						[{{ t.type.value }}]
+						<a href="https://forum.minetest.net/viewtopic.php?t={{ t.topic_id }}">
+							{{ t.title }} by {{ t.author.display_name }}
+						</a>
+						{% if t.wip %}[WIP]{% endif %}
 					</li>
-				{% else %}
-					<li>No edit requests have been made.</li>
 				{% endfor %}
 			</ul>
 		{% endif %}
-	#}
-
-	{% if alternatives %}
-		<h3>Alternatives</h3>
-		<ul>
-			{% for p in alternatives %}
-				<li><a href="{{ p.getDetailsURL() }}">{{ p.title }} by {{ p.author.display_name }}</a></li>
-			{% endfor %}
-		</ul>
-	{% endif %}
-
-	{% if similar_topics %}
-		<h3>Similar Forum Topics</h3>
-		{% if not package.approved and package.type == package.type.MOD %}
-			<div class="box box_grey alert alert-warning">
-				Please make sure that this package has the right to
-				the name '{{ package.name }}'.
-				See the
-				<a href="/policy_and_guidance/">Inclusion Policy</a>
-				for more info.
-			</div>
-		{% endif %}
-		<ul>
-			{% for t in similar_topics %}
-				<li>
-					[{{ t.getType().value }}]
-					<a href="https://forum.minetest.net/viewtopic.php?t={{ t.topic_id }}">
-						{{ t.title }} by {{ t.author.display_name }}
-					</a>
-				</li>
-			{% endfor %}
-		</ul>
-	{% endif %}
+	</main>
 {% endblock %}

app/templates/threads/new.html

@@ -5,15 +5,44 @@
 {% endblock %}
 
 {% block content %}
-	{% from "macros/forms.html" import render_field, render_submit_field %}
-	<form method="POST" action="" enctype="multipart/form-data">
-		{{ form.hidden_tag() }}
 
-		{{ render_field(form.title) }}
-		{{ render_field(form.comment) }}
-		{{ render_field(form.private) }}
-		{{ render_submit_field(form.submit) }}
+{% if package and current_user != package.author and not current_user.rank.atLeast(current_user.rank.EDITOR) and package.issueTracker %}
+	<div class="alert alert-warning">
+		Found a bug? Post on the <a href="{{ package.issueTracker }}">issue tracker</a> instead.<br />
+		If the package shouldn't be on CDB - for example, if it doesn't work at all - then please let us know here.
+	</div>
+{% endif %}
+
+{% from "macros/forms.html" import render_field, render_submit_field, render_checkbox_field %}
+<form method="POST" action="" enctype="multipart/form-data">
+	{{ form.hidden_tag() }}
+	{{ render_field(form.title) }}
+
+	<div class="row mt-0 mb-4 comments mx-0">
+		<div class="col-md-1 p-1">
+			<img class="img-responsive user-photo img-thumbnail img-thumbnail-1" src="{{ current_user.getProfilePicURL() }}">
+		</div>
+		<div class="col">
+			<div class="card">
+				<div class="card-header {{ current_user.rank.name }}">
+					{{ current_user.display_name }}
+					<a name="reply"></a>
+				</div>
+				<div class="card-body">
+					{{ render_field(form.comment, label="", class_="m-0", fieldclass="form-control markdown") }}
+				</div>
+			</div>
+		</div>
+	</div>
+
+	{{ render_checkbox_field(form.private, class_="my-3") }}
+	<p>
+		Only the you, the package author, and users of Editor rank
+		and above can read private threads.
+	</p>
+
+	{{ render_submit_field(form.submit) }}
+</form>
+
 
-		<p>Only the you, the package author, and users of Editor rank and above can read private threads.</p>
-	</form>
 {% endblock %}

app/templates/threads/view.html

@@ -5,12 +5,26 @@ Threads
 {% endblock %}
 
 {% block content %}
+	{% if current_user.is_authenticated %}
+		{% if current_user in thread.watchers %}
+			<form method="post" action="{{ thread.getUnsubscribeURL() }}" class="float-right">
+				<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
+				<input type="submit" class="btn btn-primary" value="Unsubscribe" />
+			</form>
+		{% else %}
+			<form method="post" action="{{ thread.getSubscribeURL() }}" class="float-right">
+				<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
+				<input type="submit" class="btn btn-primary" value="Subscribe" />
+			</form>
+		{% endif %}
+	{% endif %}
+
 	<h1>{% if thread.private %}&#x1f512; {% endif %}{{ thread.title }}</h1>
 
-	{% if thread.package %}
-		<p>
-			Package: <a href="{{ thread.package.getDetailsURL() }}">{{ thread.package.title }}</a>
-		</p>
+	{% if thread.package or current_user.is_authenticated %}
+		{% if thread.package %}
+			<p>Package: <a href="{{ thread.package.getDetailsURL() }}">{{ thread.package.title }}</a></p>
+		{% endif %}
 	{% endif %}
 
 	{% if thread.private %}

app/templates/todo/list.html

@@ -5,53 +5,89 @@
 {% endblock %}
 
 {% block content %}
-	<h2>Awaiting Approval</h2>
+	<h2 class="mb-4">Approval Queue</h2>
 
-	{% if canApproveNew and packages %}
-		<h3>Packages</h3>
-		<ul>
-			{% for p in packages %}
-				<li><a href="{{ p.getDetailsURL() }}">
-					{{ p.title }} by {{ p.author.display_name }}
-				</a></li>
-			{% else %}
-				<li><i>No packages need reviewing.</i></ul>
-			{% endfor %}
-		</ul>
-	{% endif %}
+	<div class="row">
+		{% if canApproveNew and packages %}
+		<div class="col-sm-6">
+			<div class="card">
+				<h3 class="card-header">Packages</h3>
+				<div class="list-group list-group-flush">
+					{% for p in packages %}
+						<a href="{{ p.getDetailsURL() }}" class="list-group-item list-group-item-action">
+							{% if p.getState() == "thread" %}
+								<span class="mr-2 badge badge-danger">Thread</span>
+							{% elif p.getState() == "ready" %}
+								<span class="mr-2 badge badge-success">Ready</span>
+							{% elif p.getState() == "wip" %}
+								<span class="mr-2 badge badge-warning">WIP</span>
+							{% elif p.getState() == "license" %}
+								<span class="mr-2 badge badge-info">WIP</span>
+							{% endif %}
+
+							{{ p.title }} by {{ p.author.display_name }}
+						</a>
+					{% else %}
+						<li class="list-group-item"><i>No packages need reviewing.</i></li>
+					{% endfor %}
+				</div>
+			</div>
+		</div>
+		{% endif %}
+
+		{% if canApproveRel and releases %}
+		<div class="col-sm-6">
+			<div class="card">
+				<h3 class="card-header">Releases</h3>
+				<ul class="list-group list-group-flush">
+					{% for r in releases %}
+						<li class="list-group-item">
+							<a href="{{ r.getEditURL() }}">{{ r.title }}</a>
+							on
+							<a href="{{ r.package.getDetailsURL() }}">
+								{{ r.package.title }} by {{ r.package.author.display_name }}
+							</a>
+						</li>
+					{% else %}
+						<li class="list-group-item"><i>No releases need reviewing.</i></li>
+					{% endfor %}
+				</ul>
+			</div>
+		</div>
+		{% endif %}
+	</div>
 
 	{% if canApproveScn and screenshots %}
-		<h3>Screenshots</h3>
-		<ul>
-			{% for s in screenshots %}
-				<li>
-					<a href="{{ s.getEditURL() }}">{{ s.title }}</a>
-					on
-					<a href="{{ s.package.getDetailsURL() }}">
-						{{ s.package.title }} by {{ s.package.author.display_name }}
-					</a>
-				</li>
-			{% else %}
-				<li><i>No screenshots need reviewing.</i></ul>
-			{% endfor %}
-		</ul>
-	{% endif %}
-
-	{% if canApproveRel and releases %}
-		<h3>Releases</h3>
-		<ul>
-			{% for r in releases %}
-				<li>
-					<a href="{{ r.getEditURL() }}">{{ r.title }}</a>
-					on
-					<a href="{{ r.package.getDetailsURL() }}">
-						{{ r.package.title }} by {{ r.package.author.display_name }}
-					</a>
-				</li>
-			{% else %}
-				<li><i>No releases need reviewing.</i></ul>
-			{% endfor %}
-		</ul>
+		<div class="card my-4">
+			<h3 class="card-header">Screenshots
+				<form class="float-right"  method="post" action="{{ url_for('todo_page') }}">
+					<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
+					<input type="hidden" name="action" value="screenshots_approve_all" />
+					<input class="btn btn-sm btn-primary" type="submit" value="Approve All" />
+				</form>
+			</h3>
+			<ul class="card-body d-flex p-0 flex-row flex-wrap justify-content-start align-content-start p-4">
+				{% for s in screenshots %}
+					<li class="packagetile flex-fill"><a href="{{ s.getEditURL() }}"
+						style="background-image: url({{ s.getThumbnailURL(3) or '/static/placeholder.png' }});">
+						<div class="packagegridscrub"></div>
+						<div class="packagegridinfo">
+							<h3>
+								{{ s.title }}
+								<br />
+								<small>{{ s.package.title }} by {{ s.package.author.display_name }}</small>
+							</h3>
+							<p></p>
+						</div>
+					</a></li>
+				{% else %}
+					<li><i>No screenshots need reviewing.</i></li>
+				{% endfor %}
+				{% for i in range(4) %}
+					<li class="packagetile flex-fill"></li>
+				{% endfor %}
+			</ul>
+		</div>
 	{% endif %}
 
 	{% if not (packages or screenshots or releases) %}
@@ -60,11 +96,19 @@
 		</p>
 	{% endif %}
 
-	<h2>Unadded Topic List</h2>
+	<h2 class="mt-4">Unadded Topic List</h2>
 
 	<p>
-		There are
-		<a href="{{ url_for('todo_topics_page') }}">{{ topics_to_add }} packages</a>
-		to be added to cdb, based on forum topics picked up by Krock's mod search.
+		{{ total_topics - topics_to_add }} / {{ total_topics }} packages have been been added to cdb,
+		based on cdb's forum parser. {{ topics_to_add }} remaining.
 	</p>
+
+	<div class="progress my-4">
+		{% set perc = 32 %}
+		<div class="progress-bar bg-success" role="progressbar"
+			style="width: {{ perc }}%" aria-valuenow="{{ perc }}" aria-valuemin="0" aria-valuemax="100"></div>
+	</div>
+
+	<a class="btn btn-primary" href="{{ url_for('todo_topics_page') }}">View Unadded Topic List</a>
+
 {% endblock %}

app/templates/todo/topics.html

@@ -5,13 +5,94 @@ Topics to be Added
 {% endblock %}
 
 {% block content %}
+	<div class="float-right">
+		<div class="btn-group">
+			<a class="btn btn-primary {% if sort_by=='date' %}active{% endif %}"
+					href="{{ url_for('todo_topics_page', q=query, show_discarded=show_discarded, n=n, sort='date') }}">
+				Sort by date
+			</a>
+			<a class="btn btn-primary {% if sort_by=='name' %}active{% endif %}"
+					href="{{ url_for('todo_topics_page', q=query, show_discarded=show_discarded, n=n, sort='name') }}">
+				Sort by name
+			</a>
+			<a class="btn btn-primary {% if sort_by=='views' %}active{% endif %}"
+					href="{{ url_for('todo_topics_page', q=query, show_discarded=show_discarded, n=n, sort='views') }}">
+				Sort by views
+			</a>
+		</div>
+
+
+		<div class="btn-group">
+			{% if current_user.rank.atLeast(current_user.rank.EDITOR) %}
+				{% if n >= 10000 %}
+					<a class="btn btn-primary"
+							href="{{ url_for('todo_topics_page', q=query, show_discarded=show_discarded, n=100, sort=sort_by) }}">
+						Paginated list
+					</a>
+				{% else %}
+					<a class="btn btn-primary"
+							href="{{ url_for('todo_topics_page', q=query, show_discarded=show_discarded, n=10000, sort=sort_by) }}">
+						Unlimited list
+					</a>
+				{% endif %}
+			{% endif %}
+
+			<a class="btn btn-primary" href="{{ url_for('todo_topics_page', q=query, show_discarded=not show_discarded, n=n, sort=sort_by) }}">
+				{% if not show_discarded %}
+					Show
+				{% else %}
+					Hide
+				{% endif %}
+
+				discarded topics
+			</a>
+		</div>
+	</div>
+
 	<h1>Topics to be Added</h1>
 
 	<p>
-		{{ total - (topics | count) }} / {{ total }} packages have been added.
-		{{ topics | count }} remaining.
+		{{ total - topic_count }} / {{ total }} topics have been added as packages to CDB.
+		{{ topic_count }} remaining.
 	</p>
+	<div class="progress">
+		{% set perc = 100 * (total - topic_count) /  total %}
+		<div class="progress-bar bg-success" role="progressbar"
+			style="width: {{ perc }}%" aria-valuenow="{{ perc }}" aria-valuemin="0" aria-valuemax="100"></div>
+	</div>
 
-	{% from "macros/topictable.html" import render_topictable %}
-	{{ render_topictable(topics) }}
+	<form method="GET" action="{{ url_for('todo_topics_page') }}" class="my-4">
+		<input type="hidden" name="show_discarded" value={{ show_discarded and "True" or "False" }} />
+		<input type="hidden" name="n" value={{ n }} />
+		<input type="hidden" name="sort" value={{ sort_by or "date" }} />
+		<input name="q" type="text" placeholder="Search topics" value="{{ query or ''}}">
+		<input class="btn btn-secondary my-2 my-sm-0 mr-sm-2" type="submit" value="Search" />
+	</form>
+
+	{% from "macros/topics.html" import render_topics_table %}
+	{{ render_topics_table(topics, show_discard=True, current_user=current_user) }}
+
+	<ul class="pagination mt-4">
+		<li class="page-item {% if not prev_url %}disabled{% endif %}">
+			<a class="page-link" {% if prev_url %}href="{{ prev_url }}"{% endif %}>&laquo;</a>
+		</li>
+		{% for i in range(1, page_max+1) %}
+			<li class="page-item {% if i == page %}active{% endif %}">
+				<a class="page-link"
+						href="{{ url_for('todo_topics_page', page=i, query=query, show_discarded=show_discarded, n=n, sort=sort_by) }}">
+					{{ i }}
+				</a>
+			</li>
+		{% endfor %}
+		<li class="page-item {% if not next_url %}disabled{% endif %}">
+			<a class="page-link" {% if next_url %}href="{{ next_url }}"{% endif %}>&raquo;</a>
+		</li>
+	</ul>
+{% endblock %}
+
+{% block scriptextra %}
+	<script>
+		var csrf_token = "{{ csrf_token() }}";
+	</script>
+	<script src="/static/topic_discard.js"></script>
 {% endblock %}

app/templates/users/claim.html

@@ -5,10 +5,10 @@ Creating an Account
 {% endblock %}
 
 {% block content %}
-	<div class="box box_grey">
-		<h2>{{ self.title() }}</h2>
+	<div class="card">
+		<h2 class="card-header">{{ self.title() }}</h2>
 
-		<div class="box-body">
+		<div class="card-body">
 			<p>
 				If you have a forum account, you'll need to prove that you own it
 				to get an account on ContentDB.
@@ -19,7 +19,7 @@ Creating an Account
 					Please log out to continue.
 				</p>
 				<p>
-					<a href="{{ url_for('user.logout', next=url_for('user_claim_page')) }}" class="button">Logout</a>
+					<a href="{{ url_for('user.logout', next=url_for('user_claim_page')) }}" class="btn">Logout</a>
 				</p>
 			{% else %}
 				<p>
@@ -28,7 +28,7 @@ Creating an Account
 					out of the Minetest community.
 				</p>
 
-				<a href="https://forum.minetest.net/ucp.php?mode=register">
+				<a class="btn btn-primary" href="https://forum.minetest.net/ucp.php?mode=register">
 					Create a Forum Account
 				</a>
 			{% endif %}
@@ -36,18 +36,23 @@ Creating an Account
 	</div>
 
 	{% if not current_user.is_authenticated %}
-		<div class="box box_grey">
-			<h2>Option 1 - Use GitHub field in forum profile</h2>
+	<div class="row mt-4">
+		<div class="col-sm-4">
+		<div class="card">
+			<div class="card-header">
+				<span class="badge badge-pill badge-dark mr-2">Option 1</span>
+				Use GitHub field in forum profile
+			</div>
 
-			<form method="post" class="box-body" action="{{ url_for('user_claim_page') }}">
-				<input type="hidden" name="claim_type" value="github">
-				<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
+			<form method="post" class="card-body" action="{{ url_for('user_claim_page') }}">
+				<input class="form-control" type="hidden" name="claim_type" value="github">
+				<input class="form-control" type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
 
 				<p>
 					Enter your forum username here:
 				</p>
 
-				<input type="text" name="username" value="{{ username }}" required placeholder="Forum username">
+				<input class="form-control my-4" type="text" name="username" value="{{ username }}" required placeholder="Forum username">
 
 				<p>
 					You'll need to have the GitHub field in your forum profile
@@ -56,14 +61,19 @@ Creating an Account
 						do that here</a>.
 				</p>
 
-				<input type="submit" value="Next: log in with GitHub">
+				<input class="btn btn-primary" type="submit" value="Next: log in with GitHub">
 			</form>
 		</div>
+		</div>
 
-		<div class="box box_grey">
-			<h2>Option 2 - Paste verification token into signature</h2>
+		<div class="col-sm-4">
+		<div class="card">
+			<div class="card-header">
+				<span class="badge badge-pill badge-dark mr-2">Option 2</span>
+				Verification token
+			</div>
 
-			<form method="post" class="box-body" action="{{ url_for('user_claim_page') }}">
+			<form method="post" class="card-body" action="{{ url_for('user_claim_page') }}">
 				<input type="hidden" name="claim_type" value="forum">
 				<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
 
@@ -71,7 +81,7 @@ Creating an Account
 					Enter your forum username here:
 				</p>
 
-				<input type="text" name="username" value="{{ username }}" required placeholder="Forum username">
+				<input class="form-control my-3" type="text" name="username" value="{{ username }}" required placeholder="Forum username">
 
 				<p>
 					Go to
@@ -79,11 +89,12 @@ Creating an Account
 						User Control Panel > Profile > Edit signature
 					</a>
 				</p>
+
 				<p>
 					Paste this into your signature:
 				</p>
 
-				<input type="text" value="{{ key }}" readonly size=32>
+				<input class="form-control my-3" type="text" value="{{ key }}" readonly size=32>
 
 				<p>
 					Click next so we can check it.
@@ -92,15 +103,20 @@ Creating an Account
 					Don't worry, you can remove it after this is done.
 				</p>
 
-				<input type="submit" value="Next">
+				<input class="btn btn-primary" type="submit" value="Next">
 			</form>
 		</div>
+		</div>
 
-		<div class="box box_grey">
-			<h2>Option 3 - Email/password sign up</h2>
+		<div class="col-sm-4">
+		<div class="card">
+			<div class="card-header">
+				<span class="badge badge-pill badge-dark mr-2">Option 3</span>
+				Email/password sign up
+			</div>
 
-			<div class="box-body">
-				<p>
+			<div class="card-body">
+				<p class="alert alert-danger">
 					<b>Only do this if you don't have a forum account!</b>
 				</p>
 				<p>
@@ -108,8 +124,10 @@ Creating an Account
 					options.
 				</p>
 
-				<a class="button" href="{{ url_for('user.register') }}">Register</a>
+				<a class="btn btn-primary" href="{{ url_for('user.register') }}">Register</a>
 			</div>
 		</div>
+		</div>
+	</div>
 	{% endif %}
 {% endblock %}

app/templates/users/list.html

@@ -11,8 +11,10 @@
 			<a href="{{ url_for('user_profile_page', username=user.username) }}">
 				{{ user.display_name }}
 			</a> -
-			{{ user.rank.getTitle() }} -
-			{{ user.packages.count() }} packages.
+			{{ user.rank.getTitle() }}
+			{% if current_user.is_authenticated %}
+				- {{ user.packages.count() }} packages.
+			{% endif %}
 	{% endfor %}
 </ul>
 {% endblock %}

app/templates/users/send_email.html

@@ -0,0 +1,18 @@
+{% extends "base.html" %}
+
+{% block title %}
+	Send Email
+{% endblock %}
+
+{% block content %}
+<h1>Send Email</h1>
+
+{% from "macros/forms.html" import render_field, render_submit_field %}
+<form action="" method="POST" class="form" role="form">
+	{{ form.hidden_tag() }}
+	{{ render_field(form.subject) }}
+	{{ render_field(form.text, fieldclass="form-control markdown") }}
+	{{ render_submit_field(form.submit) }}
+</form>
+
+{% endblock %}

app/templates/users/set_password.html

@@ -7,7 +7,7 @@
 {% block content %}
 
 {% if optional %}
-	<div class="box box_grey alert alert-primary">
+	<div class="alert alert-primary">
 		It is recommended that you set a password for your account.
 
 		<a class="alert_right button" href="{{ url_for('home_page') }}">Skip</a>

app/templates/users/user_profile_page.html

@@ -7,76 +7,145 @@
 {% block content %}
 
 {% if not current_user.is_authenticated and user.rank == user.rank.NOT_JOINED and user.forums_username %}
-<div class="box box_grey alert alert-info">
-	Is this you? Claim your account now!
+<div class="alert alert-info">
+	<a class="float-right btn btn-default btn-sm"
+		href="{{ url_for('user_claim_page', username=user.forums_username) }}">Claim</a>
 
-	<a class="alert_right button" href="{{ url_for('user_claim_page', username=user.forums_username) }}">Claim</a>
+	Is this you? Claim your account now!
 </div>
 {% endif %}
 
-<div class="box box_grey">
-	<h2>{{ user.display_name }}</h2>
-
-	<table class="box-body">
-		<tr>
-			<td>Rank:</td>
-			<td>
-				{{ user.rank.getTitle() }}
-			</td>
-		</tr>
-		<tr>
-			<td>Accounts:</td>
-			<td>
-				{% if user.forums_username %}
-					<a href="https://forum.minetest.net/memberlist.php?mode=viewprofile&un={{ user.forums_username }}">
-						Minetest Forum
-					</a>
-				{% elif user == current_user %}
-					No forum account
-				{% endif %}
-
-				{% if (user.forums_username and user.github_username) or user == current_user %}
-					|
-				{% endif %}
-
-				{% if user.github_username %}
-					<a href="https://github.com/{{ user.github_username }}">GitHub</a>
-				{% elif user == current_user %}
-					<a href="{{ url_for('github_signin_page') }}">Link Github</a>
-				{% endif %}
-
-				{% if user == current_user %}
-					&#x1f30e;
-				{% endif %}
-			</td>
-		</tr>
-		{% if user == current_user %}
-			<tr>
-				<td>Password:</td>
-				<td>
-					{% if user.password %}
-						Set | <a href="{{ url_for('user.change_password') }}">Change</a>
-					{% else %}
-						Not set | <a href="{{ url_for('set_password_page') }}">Set</a>
+<div class="row mb-3">
+	<div class="col-sm-6">
+		<div class="card">
+			<h2 class="card-header">{{ user.display_name }}</h2>
+			<div class="card-body row">
+				<div class="col-md-2">
+					{% if user.forums_username %}
+						<a href="https://forum.minetest.net/ucp.php?i=profile&mode=avatar">
+					{% elif user.email %}
+						<a href="https://en.gravatar.com/">
 					{% endif %}
-				</td>
-			</tr>
-		{% endif %}
-	</table>
-</div>
+					<img class="img-responsive user-photo img-thumbnail  img-thumbnail-1" src="{{ user.getProfilePicURL() }}">
+					{% if user.forums_username or user.email %}
+						</a>
+					{% endif %}
+				</div>
+				<div class="col">
+					<table class="table">
+						<tr>
+							<td>Rank:</td>
+							<td>
+								{{ user.rank.getTitle() }}
+							</td>
+						</tr>
+						<tr>
+							<td>Links:</td>
+							<td>
+								{% if user.forums_username %}
+									<a href="https://forum.minetest.net/memberlist.php?mode=viewprofile&un={{ user.forums_username }}">
+										Minetest Forum
+									</a>
+								{% elif user == current_user %}
+									No forum account
+								{% endif %}
+
+								{% if user.github_username or user == current_user %}
+									|
+								{% endif %}
+
+								{% if user.github_username %}
+									<a href="https://github.com/{{ user.github_username }}">GitHub</a>
+								{% elif user == current_user %}
+									<a href="{{ url_for('github_signin_page') }}">Link Github</a>
+								{% endif %}
+
+								{% if user.website_url %}
+									| <a href="{{ user.website_url }}" rel="nofollow">Website</a>
+								{% endif %}
+
+								{% if user == current_user %}
+									<br>
+									<small class="text-muted">
+										<span style="padding-right: 5px;">&#x1f30e;</span>
+										Visible to everyone
+									</small>
+								{% endif %}
+							</td>
+						</tr>
+						{% if current_user.is_authenticated and current_user.rank.atLeast(current_user.rank.MODERATOR) %}
+						<tr>
+							<td>Admin</td>
+							<td>
+								{% if user.email %}
+									<a class="btn btn-primary" href="{{ url_for('send_email_page', username=user.username) }}">
+										Email
+									</a>
+								{% else %}
+									<a class="btn btn-primary disabled"
+											data-toggle="tooltip" data-placement="bottom"
+											title="No email address for user"
+											style="pointer-events: all;">
+										Email
+									</a>
+								{% endif %}
+							</td>
+						</tr>
+						{% endif %}
+						{% if user == current_user %}
+							<tr>
+								<td>Profile Picture:</td>
+								<td>
+									{% if user.forums_username %}
+										<form method="post" action="{{ url_for('user_check', username=user.username) }}" class="" style="display:inline-block;">
+											<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
+											<input type="submit" class="btn btn-primary" value="Sync with Forums" />
+										</form>
+									{% endif %}
+									{% if user.email %}
+										<a class="btn btn-primary" href="https://en.gravatar.com/">
+											Gravatar
+										</a>
+									{% else %}
+										<a class="btn btn-primary disabled"
+												data-toggle="tooltip" data-placement="bottom"
+												title="Please add an email address to use Gravatar"
+												style="pointer-events: all;">
+											Gravatar
+										</a>
+									{% endif %}
+								</td>
+							</tr>
+							<tr>
+								<td>Password:</td>
+								<td>
+									{% if user.password %}
+										Set | <a href="{{ url_for('user.change_password') }}">Change</a>
+									{% else %}
+										Not set | <a href="{{ url_for('set_password_page') }}">Set</a>
+									{% endif %}
+								</td>
+							</tr>
+						{% endif %}
+					</table>
+				</div>
+			</div>
+		</div>
+	</div>
 
 {% if form %}
 	{% from "macros/forms.html" import render_field, render_submit_field %}
-	<div class="box box_grey">
-		<h2>Edit Details</h2>
-
-		<form action="" method="POST" class="form box-body" role="form">
-			<div class="row">
-				<div class="col-sm-6 col-md-5 col-lg-4">
+	<div class="col-sm-6">
+		<div class="card">
+			<div class="card-header">Edit Details</div>
+			<div class="card-body">
+				<form action="" method="POST" class="form box-body" role="form">
 					{{ form.hidden_tag() }}
 
 					{% if user.checkPerm(current_user, "CHANGE_DNAME") %}
 						{{ render_field(form.display_name, tabindex=230) }}
+						{{ render_field(form.website_url, tabindex=232) }}
+						{{ render_field(form.donate_url, tabindex=233) }}
 					{% endif %}
 
 					{% if user.checkPerm(current_user, "CHANGE_EMAIL") %}
@@ -89,31 +158,48 @@
 					{% endif %}
 
 					{{ render_submit_field(form.submit, tabindex=280) }}
-				</div>
+				</form>
 			</div>
-		</form>
+		</div>
 	</div>
 {% endif %}
+</div>
 
 {% from "macros/packagegridtile.html" import render_pkggrid %}
 {{ render_pkggrid(packages, show_author=False) }}
 
-{% if topics_to_add %}
-	<div class="box box_grey">
-		<h2>Unadded Packages</h2>
+{% if user.donate_url %}
+	<div class="alert alert-secondary">
+		Like {{ user.display_name }}'s work?
+		<a href="{{ user.donate_url }}" rel="nofollow">Donate now!</a>
+	</div>
+{% endif %}
 
-		<div class="box-body">
-			<p>
-				List of your topics without a matching package.
-				Powered by Krock's Mod Search.
+{% if current_user == user or (current_user.is_authenticated and current_user.rank.atLeast(current_user.rank.EDITOR)) %}
+	<div class="card mt-3">
+		<a name="unadded-topics"></a>
+		<h2 class="card-header">Unadded topics</h2>
+
+		{% if topics_to_add %}
+			<p class="card-body">
+				List of your forum topics which do not have a matching package.
+				Topics with a strikethrough have been marked as discarded.
 			</p>
 
-			
-
-			{% from "macros/topictable.html" import render_topictable %}
-			{{ render_topictable(topics_to_add, show_author=False) }}
-		</div>
+			{% from "macros/topics.html" import render_topics_table %}
+			{{ render_topics_table(topics_to_add, show_author=False, show_discard=True, current_user=current_user) }}
+		{% else %}
+			<p class="card-body">Congrats! You don't have any topics which aren't on CDB.</p>
+		{% endif %}
 	</div>
 {% endif %}
 
 {% endblock %}
+
+
+{% block scriptextra %}
+	<script>
+		var csrf_token = "{{ csrf_token() }}";
+	</script>
+	<script src="/static/topic_discard.js"></script>
+{% endblock %}

app/utils.py

@@ -20,7 +20,7 @@ from flask_user import *
 from flask_login import login_user, logout_user
 from app.models import *
 from app import app
-import random, string, os
+import random, string, os, imghdr
 
 def getExtension(filename):
 	return filename.rsplit(".", 1)[1].lower() if "." in filename else None
@@ -28,6 +28,10 @@ def getExtension(filename):
 def isFilenameAllowed(filename, exts):
 	return getExtension(filename) in exts
 
+ALLOWED_IMAGES = set(["jpeg", "png"])
+def isAllowedImage(data):
+	return imghdr.what(None, data) in ALLOWED_IMAGES
+
 def shouldReturnJson():
 	return "application/json" in request.accept_mimetypes and \
 			not "text/html" in request.accept_mimetypes
@@ -36,20 +40,58 @@ def randomString(n):
 	return ''.join(random.choice(string.ascii_lowercase + \
 			string.ascii_uppercase + string.digits) for _ in range(n))
 
-def doFileUpload(file, allowedExtensions, fileTypeName):
+def doFileUpload(file, fileType, fileTypeDesc):
 	if not file or file is None or file.filename == "":
 		flash("No selected file", "error")
 		return None
 
+	allowedExtensions = []
+	isImage = False
+	if fileType == "image":
+		allowedExtensions = ["jpg", "jpeg", "png"]
+		isImage = True
+	elif fileType == "zip":
+		allowedExtensions = ["zip"]
+	else:
+		raise Exception("Invalid fileType")
+
 	ext = getExtension(file.filename)
 	if ext is None or not ext in allowedExtensions:
-		flash("Please upload load " + fileTypeName, "error")
+		flash("Please upload load " + fileTypeDesc, "danger")
 		return None
 
+	if isImage and not isAllowedImage(file.stream.read()):
+		flash("Uploaded image isn't actually an image", "danger")
+		return None
+
+	file.stream.seek(0)
+
 	filename = randomString(10) + "." + ext
 	file.save(os.path.join("app/public/uploads", filename))
 	return "/uploads/" + filename
 
+def make_flask_user_password(plaintext_str):
+	# http://passlib.readthedocs.io/en/stable/modular_crypt_format.html
+	# http://passlib.readthedocs.io/en/stable/lib/passlib.hash.bcrypt.html#format-algorithm
+	# Flask_User stores passwords in the Modular Crypt Format.
+	# https://github.com/lingthio/Flask-User/blob/master/flask_user/user_manager__settings.py#L166
+	#   Note that Flask_User allows customizing password algorithms.
+	#   USER_PASSLIB_CRYPTCONTEXT_SCHEMES defaults to bcrypt but if
+	#   default changes or is customized, the code below needs adapting.
+	# Individual password values will look like:
+	#   $2b$12$.az4S999Ztvy/wa3UdQvMOpcki1Qn6VYPXmEFMIdWQyYs7ULnH.JW
+	#   $XX$RR$SSSSSSSSSSSSSSSSSSSSSSHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH
+	# $XX : Selects algorithm (2b is bcrypt).
+	# $RR : Selects bcrypt key expansion rounds (12 is 2**12 rounds).
+	# $SSS... : 22 chars of (random, per-password) salt
+	#  HHH... : 31 remaining chars of password hash (note no dollar sign)
+	import bcrypt
+	plaintext = plaintext_str.encode("UTF-8")
+	password = bcrypt.hashpw(plaintext, bcrypt.gensalt())
+	if isinstance(password, str):
+		return password
+	else:
+		return password.decode("UTF-8")
 
 def _do_login_user(user, remember_me=False):
 	def _call_or_get(v):
@@ -151,3 +193,13 @@ def clearNotifications(url):
 	if current_user.is_authenticated:
 		Notification.query.filter_by(user=current_user, url=url).delete()
 		db.session.commit()
+
+
+YESES = ["yes", "true", "1", "on"]
+
+def isYes(val):
+	return val and val.lower() in YESES
+
+
+def isNo(val):
+	return val and not isYes(val)

app/views/__init__.py

@@ -18,13 +18,11 @@
 from app import app, pages
 from flask import *
 from flask_user import *
-from flask_login import login_user, logout_user
 from app.models import *
 import flask_menu as menu
-from flask.ext import markdown
-from sqlalchemy import func
 from werkzeug.contrib.cache import SimpleCache
 from urllib.parse import urlparse
+from sqlalchemy.sql.expression import func
 cache = SimpleCache()
 
 @app.template_filter()
@@ -35,6 +33,10 @@ def throw(err):
 def domain(url):
 	return urlparse(url).netloc
 
+@app.template_filter()
+def date(value):
+    return value.strftime("%Y-%m-%d")
+
 @app.template_filter()
 def datetime(value):
     return value.strftime("%Y-%m-%d %H:%M") + " UTC"
@@ -46,13 +48,18 @@ def send_upload(path):
 @app.route("/")
 @menu.register_menu(app, ".", "Home")
 def home_page():
-	query = Package.query.filter_by(approved=True, soft_deleted=False)
-	count = query.count()
-	packages = query.order_by(db.desc(Package.created_at)).limit(15).all()
-	return render_template("index.html", packages=packages, count=count)
+	query   = Package.query.filter_by(approved=True, soft_deleted=False)
+	count   = query.count()
+	new     = query.order_by(db.desc(Package.created_at)).limit(8).all()
+	pop_mod = query.filter_by(type=PackageType.MOD).order_by(db.desc(Package.score)).limit(8).all()
+	pop_gam = query.filter_by(type=PackageType.GAME).order_by(db.desc(Package.score)).limit(4).all()
+	pop_txp = query.filter_by(type=PackageType.TXP).order_by(db.desc(Package.score)).limit(4).all()
+	downloads = db.session.query(func.sum(PackageRelease.downloads)).first()[0]
+	return render_template("index.html", count=count, downloads=downloads, \
+			new=new, pop_mod=pop_mod, pop_txp=pop_txp, pop_gam=pop_gam)
 
-from . import users, githublogin, packages, meta, threads, api
-from . import sass, tasks, admin, notifications, tagseditor, thumbnails
+from . import users, packages, meta, threads, api
+from . import sass, thumbnails, tasks, admin
 
 @menu.register_menu(app, ".help", "Help", order=19, endpoint_arguments_constructor=lambda: { 'path': 'help' })
 @app.route('/<path:path>/')

app/views/admin/__init__.py

@@ -0,0 +1,18 @@
+# Content DB
+# Copyright (C) 2018  rubenwardy
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+
+from . import admin, licenseseditor, tagseditor, versioneditor, todo

app/views/admin/admin.py

@@ -17,26 +17,28 @@
 
 from flask import *
 from flask_user import *
-from flask.ext import menu
+import flask_menu as menu
 from app import app
 from app.models import *
-from app.tasks.importtasks import importRepoScreenshot, importAllDependencies
-from app.tasks.forumtasks  import importUsersFromModList, importKrocksModList
+from celery import uuid
+from app.tasks.importtasks import importRepoScreenshot, importAllDependencies, makeVCSRelease
+from app.tasks.forumtasks  import importTopicList, checkAllForumAccounts
 from flask_wtf import FlaskForm
 from wtforms import *
-from app.utils import loginUser, rank_required
+from app.utils import loginUser, rank_required, triggerNotif
+import datetime
 
 @app.route("/admin/", methods=["GET", "POST"])
 @rank_required(UserRank.ADMIN)
 def admin_page():
 	if request.method == "POST":
 		action = request.form["action"]
-		if action == "importusers":
-			task = importUsersFromModList.delay()
-			return redirect(url_for("check_task", id=task.id, r=url_for("user_list_page")))
-		elif action == "importmodlist":
-			task = importKrocksModList.delay()
+		if action == "importmodlist":
+			task = importTopicList.delay()
 			return redirect(url_for("check_task", id=task.id, r=url_for("todo_topics_page")))
+		elif action == "checkusers":
+			task = checkAllForumAccounts.delay()
+			return redirect(url_for("check_task", id=task.id, r=url_for("admin_page")))
 		elif action == "importscreenshots":
 			packages = Package.query \
 				.filter_by(soft_deleted=False) \
@@ -67,6 +69,31 @@ def admin_page():
 
 			db.session.commit()
 			return redirect(url_for("admin_page"))
+		elif action == "recalcscores":
+			for p in Package.query.all():
+				p.recalcScore()
+
+			db.session.commit()
+			return redirect(url_for("admin_page"))
+		elif action == "vcsrelease":
+			for package in Package.query.filter(Package.repo.isnot(None)).all():
+				if package.releases.count() != 0:
+					continue
+
+				rel = PackageRelease()
+				rel.package  = package
+				rel.title    = datetime.date.today().isoformat()
+				rel.url      = ""
+				rel.task_id  = uuid()
+				rel.approved = True
+				db.session.add(rel)
+				db.session.commit()
+
+				makeVCSRelease.apply_async((rel.id, "master"), task_id=rel.task_id)
+
+				msg = "{}: Release {} created".format(package.title, rel.title)
+				triggerNotif(package.author, current_user, msg, rel.getEditURL())
+				db.session.commit()
 
 		else:
 			flash("Unknown action: " + action, "error")

app/views/admin/licenseseditor.py

@@ -0,0 +1,62 @@
+# Content DB
+# Copyright (C) 2018  rubenwardy
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+
+from flask import *
+from flask_user import *
+from app import app
+from app.models import *
+from flask_wtf import FlaskForm
+from wtforms import *
+from wtforms.validators import *
+from app.utils import rank_required
+
+@app.route("/licenses/")
+@rank_required(UserRank.MODERATOR)
+def license_list_page():
+	return render_template("admin/licenses/list.html", licenses=License.query.order_by(db.asc(License.name)).all())
+
+class LicenseForm(FlaskForm):
+	name	 = StringField("Name", [InputRequired(), Length(3,100)])
+	is_foss  = BooleanField("Is FOSS")
+	submit   = SubmitField("Save")
+
+@app.route("/licenses/new/", methods=["GET", "POST"])
+@app.route("/licenses/<name>/edit/", methods=["GET", "POST"])
+@rank_required(UserRank.MODERATOR)
+def createedit_license_page(name=None):
+	license = None
+	if name is not None:
+		license = License.query.filter_by(name=name).first()
+		if license is None:
+			abort(404)
+
+	form = LicenseForm(formdata=request.form, obj=license)
+	if request.method == "GET" and license is None:
+		form.is_foss.data = True
+	elif request.method == "POST" and form.validate():
+		if license is None:
+			license = License(form.name.data)
+			db.session.add(license)
+			flash("Created license " + form.name.data, "success")
+		else:
+			flash("Updated license " + form.name.data, "success")
+
+		form.populate_obj(license)
+		db.session.commit()
+		return redirect(url_for("license_list_page"))
+
+	return render_template("admin/licenses/edit.html", license=license, form=form)

app/views/admin/tagseditor.py

@@ -27,7 +27,7 @@ from app.utils import rank_required
 @app.route("/tags/")
 @rank_required(UserRank.MODERATOR)
 def tag_list_page():
-	return render_template("tags/list.html", tags=Tag.query.order_by(db.asc(Tag.title)).all())
+	return render_template("admin/tags/list.html", tags=Tag.query.order_by(db.asc(Tag.title)).all())
 
 class TagForm(FlaskForm):
 	title	 = StringField("Title", [InputRequired(), Length(3,100)])
@@ -54,4 +54,4 @@ def createedit_tag_page(name=None):
 		db.session.commit()
 		return redirect(url_for("createedit_tag_page", name=tag.name))
 
-	return render_template("tags/edit.html", tag=tag, form=form)
+	return render_template("admin/tags/edit.html", tag=tag, form=form)

app/views/admin/todo.py

@@ -0,0 +1,101 @@
+# Content DB
+# Copyright (C) 2018  rubenwardy
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+
+from flask import *
+from flask_user import *
+import flask_menu as menu
+from app import app
+from app.models import *
+from app.querybuilder import QueryBuilder
+
+@app.route("/todo/", methods=["GET", "POST"])
+@login_required
+def todo_page():
+	canApproveNew = Permission.APPROVE_NEW.check(current_user)
+	canApproveRel = Permission.APPROVE_RELEASE.check(current_user)
+	canApproveScn = Permission.APPROVE_SCREENSHOT.check(current_user)
+
+	packages = None
+	if canApproveNew:
+		packages = Package.query.filter_by(approved=False, soft_deleted=False).all()
+
+	releases = None
+	if canApproveRel:
+		releases = PackageRelease.query.filter_by(approved=False).all()
+
+	screenshots = None
+	if canApproveScn:
+		screenshots = PackageScreenshot.query.filter_by(approved=False).all()
+
+	if not canApproveNew and not canApproveRel and not canApproveScn:
+		abort(403)
+
+	if request.method == "POST":
+		if request.form["action"] == "screenshots_approve_all":
+			if not canApproveScn:
+				abort(403)
+
+			PackageScreenshot.query.update({ "approved": True })
+			db.session.commit()
+			return redirect(url_for("todo_page"))
+		else:
+			abort(400)
+
+	topic_query = ForumTopic.query \
+			.filter_by(discarded=False)
+
+	total_topics = topic_query.count()
+	topics_to_add = topic_query \
+			.filter(~ db.exists().where(Package.forums==ForumTopic.topic_id)) \
+			.count()
+
+	return render_template("todo/list.html", title="Reports and Work Queue",
+		packages=packages, releases=releases, screenshots=screenshots,
+		canApproveNew=canApproveNew, canApproveRel=canApproveRel, canApproveScn=canApproveScn,
+		topics_to_add=topics_to_add, total_topics=total_topics)
+
+
+@app.route("/todo/topics/")
+@login_required
+def todo_topics_page():
+	qb    = QueryBuilder(request.args)
+	qb.setSortIfNone("date")
+	query = qb.buildTopicQuery()
+
+	tmp_q = ForumTopic.query
+	if not qb.show_discarded:
+		tmp_q = tmp_q.filter_by(discarded=False)
+	total = tmp_q.count()
+	topic_count = query.count()
+
+	page  = int(request.args.get("page") or 1)
+	num   = int(request.args.get("n") or 100)
+	if num > 100 and not current_user.rank.atLeast(UserRank.EDITOR):
+		num = 100
+
+	query = query.paginate(page, num, True)
+	next_url = url_for("todo_topics_page", page=query.next_num, query=qb.search, \
+	 	show_discarded=qb.show_discarded, n=num, sort=qb.order_by) \
+			if query.has_next else None
+	prev_url = url_for("todo_topics_page", page=query.prev_num, query=qb.search, \
+	 	show_discarded=qb.show_discarded, n=num, sort=qb.order_by) \
+			if query.has_prev else None
+
+	return render_template("todo/topics.html", topics=query.items, total=total, \
+			topic_count=topic_count, query=qb.search, show_discarded=qb.show_discarded, \
+			next_url=next_url, prev_url=prev_url, page=page, page_max=query.pages, \
+			n=num, sort_by=qb.order_by)

app/views/admin/versioneditor.py

@@ -0,0 +1,60 @@
+# Content DB
+# Copyright (C) 2018  rubenwardy
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+
+from flask import *
+from flask_user import *
+from app import app
+from app.models import *
+from flask_wtf import FlaskForm
+from wtforms import *
+from wtforms.validators import *
+from app.utils import rank_required
+
+@app.route("/versions/")
+@rank_required(UserRank.MODERATOR)
+def version_list_page():
+	return render_template("admin/versions/list.html", versions=MinetestRelease.query.order_by(db.asc(MinetestRelease.id)).all())
+
+class VersionForm(FlaskForm):
+	name	 = StringField("Name", [InputRequired(), Length(3,100)])
+	protocol = IntegerField("Protocol")
+	submit   = SubmitField("Save")
+
+@app.route("/versions/new/", methods=["GET", "POST"])
+@app.route("/versions/<name>/edit/", methods=["GET", "POST"])
+@rank_required(UserRank.MODERATOR)
+def createedit_version_page(name=None):
+	version = None
+	if name is not None:
+		version = MinetestRelease.query.filter_by(name=name).first()
+		if version is None:
+			abort(404)
+
+	form = VersionForm(formdata=request.form, obj=version)
+	if request.method == "POST" and form.validate():
+		if version is None:
+			version = MinetestRelease(form.name.data)
+			db.session.add(version)
+			flash("Created version " + form.name.data, "success")
+		else:
+			flash("Updated version " + form.name.data, "success")
+
+		form.populate_obj(version)
+		db.session.commit()
+		return redirect(url_for("version_list_page"))
+
+	return render_template("admin/versions/edit.html", version=version, form=form)