<?php
/*=====================================================================*\
-|| ################################################################### ||
-|| # BugStrike [#]version[#]
-|| # --------------------------------------------------------------- # ||
-|| # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
-|| # This file may not be reproduced in any way without permission. # ||
-|| # --------------------------------------------------------------- # ||
-|| # User License Agreement at http://www.iris-studios.com/license/ # ||
-|| ################################################################### ||
+|| ###################################################################
+|| # Bugdar
+|| # Copyright (c)2004-2009 Blue Static
+|| #
+|| # This program is free software; you can redistribute it and/or modify
+|| # it under the terms of the GNU General Public License as published by
+|| # the Free Software Foundation; version 2 of the License.
+|| #
+|| # This program is distributed in the hope that it will be useful, but
+|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+|| # more details.
+|| #
+|| # You should have received a copy of the GNU General Public License along
+|| # with this program; if not, write to the Free Software Foundation, Inc.,
+|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+|| ###################################################################
\*=====================================================================*/
$fetchtemplates = array(
'editcomment'
);
+
+$focus['showreport'] = 'focus';
+
require_once('./global.php');
+require_once('./includes/api_comment.php');
-$comment = $db->query_first("
- SELECT comment.*, user.email, user.showemail, user.displayname
- FROM " . TABLE_PREFIX . "comment AS comment
- LEFT JOIN " . TABLE_PREFIX . "user AS user
- ON (comment.userid = user.userid)
- WHERE comment.commentid = " . intval($bugsys->in['commentid'])
-);
-if (!$comment)
-{
- $message->error('alert: bad comment');
-}
+$commentapi = new CommentAPI();
+$commentapi->set('commentid', $input->in['commentid']);
+$commentapi->fetch();
-$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
+$comment = &$commentapi->record;
-if (!((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')))
-{
- $message->error_permission();
-}
+$bug = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
-if ($bug['hidden'] AND !can_perform('canviewhidden'))
+if (!check_bug_permissions($bug))
{
- $message->error_permissison();
+ $message->errorPermission();
}
// ###################################################################
{
$_REQUEST['do'] = 'edit';
}
-/*
-#*# do these later after we work out some kind of permission system
+
// ###################################################################
-if ($_REQUEST['do'] == 'kill')
+if ($_POST['do'] == 'kill')
{
- // run code to remove item in database
+ if (!can_perform('candeletedata', $bug['product']))
+ {
+ $message->errorPermission();
+ }
+
+ // get the last post (as in prior to deletion)
+ $lastpost = $db->queryFirst("SELECT commentid FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline DESC");
+
+ $commentapi->remove();
+
+ // check to see if we need to rebuild the lastpost information
+ if ($lastpost['commentid'] == $comment['commentid'])
+ {
+ $lastgoodpublic = $db->queryFirst("
+ SELECT comment.* AS comment, user.displayname AS username
+ FROM " . TABLE_PREFIX . "comment AS comment
+ LEFT JOIN " . TABLE_PREFIX . "user AS user
+ ON (user.userid = comment.userid)
+ WHERE bugid = $bug[bugid]
+ AND !hidden ORDER BY dateline DESC
+ ");
+ $lastgoodprivate = $db->queryFirst("
+ SELECT comment.* AS comment, user.displayname AS username
+ FROM " . TABLE_PREFIX . "comment AS comment
+ LEFT JOIN " . TABLE_PREFIX . "user AS user
+ ON (user.userid = comment.userid)
+ WHERE bugid = $bug[bugid]
+ ORDER BY dateline DESC
+ ");
+ $db->query("
+ UPDATE " . TABLE_PREFIX . "bug
+ SET hiddenlastposttime = $lastgoodpublic[dateline],
+ hiddenlastpostby = $lastgoodpublic[userid],
+ hiddenlastpostbyname = '" . $db->escapeString($lastgoodpublic['username']) . "',
+ lastposttime = $lastgoodprivate[dateline],
+ lastpostby = $lastgoodprivate[userid],
+ lastpostbyname = '" . $db->escapeString($lastgoodprivate['username']) . "'
+ WHERE bugid = $bug[bugid]"
+ );
+ }
+
+ $message->redirect(T('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
}
// ###################################################################
if ($_REQUEST['do'] == 'delete')
{
- // display delete confirmation message
-}*/
+ if (!can_perform('candeletedata', $bug['product']))
+ {
+ $message->errorPermission();
+ }
+
+ if ($bug['initialreport'] == $comment['commentid'])
+ {
+ $message->error(T('You cannot delete this comment because it is attached to the bug as the first comment. You have to delete the entire bug instead (which is not recommended unless it is spam).'));
+ }
+
+ $message->confirm(T('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', T('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
+}
// ###################################################################
if ($_POST['do'] == 'update')
{
- if (!$bugsys->in['comment'])
+ if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
{
- $message->error('you need to enter some text');
+ $message->errorPermission();
}
- $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
+ $commentapi->set('comment', $input->in['comment']);
+ $commentapi->set('parselinks', $input->in['parselinks']);
+ $commentapi->set('hidden', $input->in['hidden']);
- if (!$bugsys->options['allowhtml'])
+ if ($input->in['commentid'] == $bug['initialreport'] AND $input->in['hidden'])
{
- $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
+ $message->addError(T('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
}
- $db->query("
- UPDATE " . TABLE_PREFIX . "comment
- SET comment = '" . $bugsys->in['comment'] . "',
- comment_parsed = '" . nl2br($bugsys->in['comment_parsed']) . "',
- hidden = " . intval($bugsys->in['hidden']) . "
- WHERE commentid = $comment[commentid]"
- );
-
- // setup logging
- require_once('./includes/class_history.php');
- $log = new History();
- $log->bugid = $bug['bugid'];
- $log->language = 'log_update_comment';
- $log->arguments = array($comment['commentid']);
- $log->log();
- $log->log($log->diff('hidden', $comment['hidden'], intval($bugsys->in['hidden'])));
-
- $message->redirect('comment saved', "showreport.php?bugid=$bug[bugid]");
+ if (!$message->hasErrors())
+ {
+ $commentapi->update();
+
+ // setup logging
+ require_once('./includes/class_logging.php');
+ $log = new Logging;
+ $log->setBugId($bug['bugid']);
+ $log->setCommentId($comment['commentid']);
+
+ $log->addData(true, $commentapi->record, array('comment', 'hidden'), false, 'comment');
+ $log->addData(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
+
+ $lastgood = $db->queryFirst("
+ SELECT comment.* AS comment, user.displayname AS username
+ FROM " . TABLE_PREFIX . "comment AS comment
+ LEFT JOIN " . TABLE_PREFIX . "user AS user
+ ON (user.userid = comment.userid)
+ WHERE bugid = $bug[bugid]
+ AND !hidden ORDER BY dateline DESC
+ ");
+ $db->query("
+ UPDATE " . TABLE_PREFIX . "bug
+ SET hiddenlastposttime = $lastgood[dateline],
+ hiddenlastpostby = $lastgood[userid],
+ hiddenlastpostbyname = '" . $db->escapeString($lastgood['username']) . "'
+ WHERE bugid = $bug[bugid]"
+ );
+
+ $log->updateHistory();
+
+ $message->redirect(T('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
+ }
+ else
+ {
+ $show['errors'] = true;
+ $_REQUEST['do'] = 'edit';
+ $comment['comment'] = $input->in['comment'];
+ $comment['hidden'] = $input->in['hidden'];
+ }
}
// ###################################################################
if ($_REQUEST['do'] == 'edit')
{
- $comment['posttime'] = datelike('standard', $comment['dateline']);
- $comment['postby'] = construct_user_display($comment);
- $comment['comment'] = $bugsys->sanitize($comment['comment']);
- eval('$template->flush("' . $template->fetch('editcomment') . '");');
+ if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
+ {
+ $message->errorPermission();
+ }
+
+ $comment['posttime'] = $datef->format(bugdar::$options['dateformat'], $comment['dateline']);
+ if ($comment['userid'])
+ {
+ $commenter = new UserAPI();
+ $commenter->set('userid', $comment['userid']);
+ $commenter->fetch();
+ $commenter = $commenter->record;
+ }
+ $comment['postby'] = construct_user_display($commenter);
+ $comment['comment'] = $input->sanitize($comment['comment']);
+ $show['hide'] = ($bug['initialreport'] != $comment['commentid']);
+
+ $tpl = new BSTemplate('editcomment');
+ $tpl->vars = array(
+ 'comment' => $comment,
+ 'bug' => $bug
+ );
+ $tpl->evaluate()->flush();
}
-/*=====================================================================*\
-|| ###################################################################
-|| # $HeadURL$
-|| # $Id$
-|| ###################################################################
-\*=====================================================================*/
?>
\ No newline at end of file
https://src.bluestatic.org / bugdar.git / blobdiff