<?php
/*=====================================================================*\
-|| ################################################################### ||
-|| # BugStrike [#]version[#]
-|| # --------------------------------------------------------------- # ||
-|| # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
-|| # This file may not be reproduced in any way without permission. # ||
-|| # --------------------------------------------------------------- # ||
-|| # User License Agreement at http://www.iris-studios.com/license/ # ||
-|| ################################################################### ||
+|| ###################################################################
+|| # Bugdar
+|| # Copyright (c)2004-2009 Blue Static
+|| #
+|| # This program is free software; you can redistribute it and/or modify
+|| # it under the terms of the GNU General Public License as published by
+|| # the Free Software Foundation; version 2 of the License.
+|| #
+|| # This program is distributed in the hope that it will be useful, but
+|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+|| # more details.
+|| #
+|| # You should have received a copy of the GNU General Public License along
+|| # with this program; if not, write to the Free Software Foundation, Inc.,
+|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+|| ###################################################################
\*=====================================================================*/
$fetchtemplates = array(
'editcomment'
);
-define('SVN', '$Id$');
$focus['showreport'] = 'focus';
require_once('./global.php');
+require_once('./includes/api_comment.php');
-$comment = $db->query_first("
- SELECT comment.*, user.email, user.showemail, user.displayname
- FROM " . TABLE_PREFIX . "comment AS comment
- LEFT JOIN " . TABLE_PREFIX . "user AS user
- ON (comment.userid = user.userid)
- WHERE comment.commentid = " . intval($bugsys->in['commentid'])
-);
-if (!$comment)
-{
- $message->error($lang->getlex('error_invalid_id'));
-}
+$commentapi = new CommentAPI();
+$commentapi->set('commentid', $input->in['commentid']);
+$commentapi->fetch();
-$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
+$comment = &$commentapi->record;
-if (!((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', $bug['productid'])))
-{
- $message->error_permission();
-}
+$bug = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
-if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
+if (!check_bug_permissions($bug))
{
- $message->error_permissison();
+ $message->errorPermission();
}
// ###################################################################
// ###################################################################
-if ($_POST['do'] == 'update')
+if ($_POST['do'] == 'kill')
{
- if (!$bugsys->in['comment'])
+ if (!can_perform('candeletedata', $bug['product']))
{
- $message->error($lang->string('You need to enter text into the comment field'));
+ $message->errorPermission();
}
- if ($bugsys->in['commentid'] == $bug['initialreport'] AND $bugsys->in['hidden'])
+ // get the last post (as in prior to deletion)
+ $lastpost = $db->queryFirst("SELECT commentid FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline DESC");
+
+ $commentapi->remove();
+
+ // check to see if we need to rebuild the lastpost information
+ if ($lastpost['commentid'] == $comment['commentid'])
{
- $message->error($lang->string('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
+ $lastgoodpublic = $db->queryFirst("
+ SELECT comment.* AS comment, user.displayname AS username
+ FROM " . TABLE_PREFIX . "comment AS comment
+ LEFT JOIN " . TABLE_PREFIX . "user AS user
+ ON (user.userid = comment.userid)
+ WHERE bugid = $bug[bugid]
+ AND !hidden ORDER BY dateline DESC
+ ");
+ $lastgoodprivate = $db->queryFirst("
+ SELECT comment.* AS comment, user.displayname AS username
+ FROM " . TABLE_PREFIX . "comment AS comment
+ LEFT JOIN " . TABLE_PREFIX . "user AS user
+ ON (user.userid = comment.userid)
+ WHERE bugid = $bug[bugid]
+ ORDER BY dateline DESC
+ ");
+ $db->query("
+ UPDATE " . TABLE_PREFIX . "bug
+ SET hiddenlastposttime = $lastgoodpublic[dateline],
+ hiddenlastpostby = $lastgoodpublic[userid],
+ hiddenlastpostbyname = '" . $db->escapeString($lastgoodpublic['username']) . "',
+ lastposttime = $lastgoodprivate[dateline],
+ lastpostby = $lastgoodprivate[userid],
+ lastpostbyname = '" . $db->escapeString($lastgoodprivate['username']) . "'
+ WHERE bugid = $bug[bugid]"
+ );
}
- $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
+ $message->redirect(T('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
+}
+
+// ###################################################################
+
+if ($_REQUEST['do'] == 'delete')
+{
+ if (!can_perform('candeletedata', $bug['product']))
+ {
+ $message->errorPermission();
+ }
- if (!$bugsys->options['allowhtml'])
+ if ($bug['initialreport'] == $comment['commentid'])
{
- $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
+ $message->error(T('You cannot delete this comment because it is attached to the bug as the first comment. You have to delete the entire bug instead (which is not recommended unless it is spam).'));
}
- $db->query("
- UPDATE " . TABLE_PREFIX . "comment
- SET comment = '" . $bugsys->in['comment'] . "',
- comment_parsed = '" . nl2br($bugsys->in['comment_parsed']) . "',
- hidden = " . intval($bugsys->in['hidden']) . "
- WHERE commentid = $comment[commentid]"
- );
+ $message->confirm(T('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', T('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
+}
+
+// ###################################################################
+
+if ($_POST['do'] == 'update')
+{
+ if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
+ {
+ $message->errorPermission();
+ }
- // setup logging
- require_once('./includes/class_history.php');
- $log = new History();
- $log->bugid = $bug['bugid'];
- $log->commentid = $comment['commentid'];
- $log->log($log->diff('text', $comment['comment_parsed'], $bugsys->in['comment_parsed']));
- $log->log($log->diff('hidden', $comment['hidden'], intval($bugsys->in['hidden'])));
+ $commentapi->set('comment', $input->in['comment']);
+ $commentapi->set('parselinks', $input->in['parselinks']);
+ $commentapi->set('hidden', $input->in['hidden']);
- $lastgood = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] AND !hidden ORDER BY dateline DESC");
- $db->query("
- UPDATE " . TABLE_PREFIX . "bug
- SET hiddenlastposttime = $lastgood[dateline],
- hiddenlastpostby = $lastgood[userid]
- WHERE bugid = $bug[bugid]"
- );
+ if ($input->in['commentid'] == $bug['initialreport'] AND $input->in['hidden'])
+ {
+ $message->addError(T('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
+ }
- $message->redirect($lang->string('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
+ if (!$message->hasErrors())
+ {
+ $commentapi->update();
+
+ // setup logging
+ require_once('./includes/class_logging.php');
+ $log = new Logging;
+ $log->setBugId($bug['bugid']);
+ $log->setCommentId($comment['commentid']);
+
+ $log->addData(true, $commentapi->record, array('comment', 'hidden'), false, 'comment');
+ $log->addData(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
+
+ $lastgood = $db->queryFirst("
+ SELECT comment.* AS comment, user.displayname AS username
+ FROM " . TABLE_PREFIX . "comment AS comment
+ LEFT JOIN " . TABLE_PREFIX . "user AS user
+ ON (user.userid = comment.userid)
+ WHERE bugid = $bug[bugid]
+ AND !hidden ORDER BY dateline DESC
+ ");
+ $db->query("
+ UPDATE " . TABLE_PREFIX . "bug
+ SET hiddenlastposttime = $lastgood[dateline],
+ hiddenlastpostby = $lastgood[userid],
+ hiddenlastpostbyname = '" . $db->escapeString($lastgood['username']) . "'
+ WHERE bugid = $bug[bugid]"
+ );
+
+ $log->updateHistory();
+
+ $message->redirect(T('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
+ }
+ else
+ {
+ $show['errors'] = true;
+ $_REQUEST['do'] = 'edit';
+ $comment['comment'] = $input->in['comment'];
+ $comment['hidden'] = $input->in['hidden'];
+ }
}
// ###################################################################
if ($_REQUEST['do'] == 'edit')
{
- $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
- $comment['postby'] = construct_user_display($comment);
- $comment['comment'] = $bugsys->sanitize($comment['comment']);
- $show['hide'] = ($bug['initialreport'] != $comment['commentid'] ? true : false);
- eval('$template->flush("' . $template->fetch('editcomment') . '");');
+ if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
+ {
+ $message->errorPermission();
+ }
+
+ $comment['posttime'] = $datef->format(bugdar::$options['dateformat'], $comment['dateline']);
+ if ($comment['userid'])
+ {
+ $commenter = new UserAPI();
+ $commenter->set('userid', $comment['userid']);
+ $commenter->fetch();
+ $commenter = $commenter->record;
+ }
+ $comment['postby'] = construct_user_display($commenter);
+ $comment['comment'] = $input->sanitize($comment['comment']);
+ $show['hide'] = ($bug['initialreport'] != $comment['commentid']);
+
+ $tpl = new BSTemplate('editcomment');
+ $tpl->vars = array(
+ 'comment' => $comment,
+ 'bug' => $bug
+ );
+ $tpl->evaluate()->flush();
}
-/*=====================================================================*\
-|| ###################################################################
-|| # $HeadURL$
-|| # $Id$
-|| ###################################################################
-\*=====================================================================*/
?>
\ No newline at end of file
https://src.bluestatic.org / bugdar.git / blobdiff