<?php
/*=====================================================================*\
-|| ################################################################### ||
-|| # BugStrike [#]version[#]
-|| # --------------------------------------------------------------- # ||
-|| # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
-|| # This file may not be reproduced in any way without permission. # ||
-|| # --------------------------------------------------------------- # ||
-|| # User License Agreement at http://www.iris-studios.com/license/ # ||
-|| ################################################################### ||
+|| ###################################################################
+|| # Bugdar
+|| # Copyright (c)2004-2009 Blue Static
+|| #
+|| # This program is free software; you can redistribute it and/or modify
+|| # it under the terms of the GNU General Public License as published by
+|| # the Free Software Foundation; version 2 of the License.
+|| #
+|| # This program is distributed in the hope that it will be useful, but
+|| # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+|| # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+|| # more details.
+|| #
+|| # You should have received a copy of the GNU General Public License along
+|| # with this program; if not, write to the Free Software Foundation, Inc.,
+|| # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+|| ###################################################################
\*=====================================================================*/
$fetchtemplates = array(
'editcomment'
);
-define('SVN', '$Id$');
$focus['showreport'] = 'focus';
require_once('./global.php');
+require_once('./includes/api_comment.php');
-$comment = $db->query_first("
- SELECT comment.*, user.email, user.showemail, user.displayname
- FROM " . TABLE_PREFIX . "comment AS comment
- LEFT JOIN " . TABLE_PREFIX . "user AS user
- ON (comment.userid = user.userid)
- WHERE comment.commentid = " . intval($bugsys->in['commentid'])
-);
-if (!$comment)
-{
- $message->error(lang::p('invalid_comment_id'));
-}
+$commentapi = new CommentAPI();
+$commentapi->set('commentid', $input->in['commentid']);
+$commentapi->fetch();
-$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
+$comment = &$commentapi->record;
-if (!((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')))
-{
- $message->error_permission();
-}
+$bug = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
-if ($bug['hidden'] AND !can_perform('canviewhidden'))
+if (!check_bug_permissions($bug))
{
- $message->error_permissison();
+ $message->errorPermission();
}
// ###################################################################
// ###################################################################
-if ($_POST['do'] == 'update')
+if ($_POST['do'] == 'kill')
{
- if (!$bugsys->in['comment'])
+ if (!can_perform('candeletedata', $bug['product']))
{
- $message->error(lang::r('you need to enter some text'));
+ $message->errorPermission();
}
- $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
+ // get the last post (as in prior to deletion)
+ $lastpost = $db->queryFirst("SELECT commentid FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline DESC");
+
+ $commentapi->remove();
- if (!$bugsys->options['allowhtml'])
+ // check to see if we need to rebuild the lastpost information
+ if ($lastpost['commentid'] == $comment['commentid'])
{
- $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
+ $lastgoodpublic = $db->queryFirst("
+ SELECT comment.* AS comment, user.displayname AS username
+ FROM " . TABLE_PREFIX . "comment AS comment
+ LEFT JOIN " . TABLE_PREFIX . "user AS user
+ ON (user.userid = comment.userid)
+ WHERE bugid = $bug[bugid]
+ AND !hidden ORDER BY dateline DESC
+ ");
+ $lastgoodprivate = $db->queryFirst("
+ SELECT comment.* AS comment, user.displayname AS username
+ FROM " . TABLE_PREFIX . "comment AS comment
+ LEFT JOIN " . TABLE_PREFIX . "user AS user
+ ON (user.userid = comment.userid)
+ WHERE bugid = $bug[bugid]
+ ORDER BY dateline DESC
+ ");
+ $db->query("
+ UPDATE " . TABLE_PREFIX . "bug
+ SET hiddenlastposttime = $lastgoodpublic[dateline],
+ hiddenlastpostby = $lastgoodpublic[userid],
+ hiddenlastpostbyname = '" . $db->escapeString($lastgoodpublic['username']) . "',
+ lastposttime = $lastgoodprivate[dateline],
+ lastpostby = $lastgoodprivate[userid],
+ lastpostbyname = '" . $db->escapeString($lastgoodprivate['username']) . "'
+ WHERE bugid = $bug[bugid]"
+ );
}
- $db->query("
- UPDATE " . TABLE_PREFIX . "comment
- SET comment = '" . $bugsys->in['comment'] . "',
- comment_parsed = '" . nl2br($bugsys->in['comment_parsed']) . "',
- hidden = " . intval($bugsys->in['hidden']) . "
- WHERE commentid = $comment[commentid]"
- );
+ $message->redirect(T('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
+}
+
+// ###################################################################
+
+if ($_REQUEST['do'] == 'delete')
+{
+ if (!can_perform('candeletedata', $bug['product']))
+ {
+ $message->errorPermission();
+ }
- // setup logging
- require_once('./includes/class_history.php');
- $log = new History();
- $log->bugid = $bug['bugid'];
- $log->language = 'log_update_comment';
- $log->arguments = array($comment['commentid']);
- $log->log();
- $log->log($log->diff('hidden', $comment['hidden'], intval($bugsys->in['hidden'])));
+ if ($bug['initialreport'] == $comment['commentid'])
+ {
+ $message->error(T('You cannot delete this comment because it is attached to the bug as the first comment. You have to delete the entire bug instead (which is not recommended unless it is spam).'));
+ }
- $lastgood = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] AND !hidden ORDER BY dateline DESC");
- $db->query("
- UPDATE " . TABLE_PREFIX . "bug
- SET hiddenlastposttime = $lastgood[dateline],
- hiddenlastpostby = $lastgood[userid]
- WHERE bugid = $bug[bugid]"
- );
+ $message->confirm(T('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', T('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
+}
+
+// ###################################################################
+
+if ($_POST['do'] == 'update')
+{
+ if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
+ {
+ $message->errorPermission();
+ }
+
+ $commentapi->set('comment', $input->in['comment']);
+ $commentapi->set('parselinks', $input->in['parselinks']);
+ $commentapi->set('hidden', $input->in['hidden']);
+
+ if ($input->in['commentid'] == $bug['initialreport'] AND $input->in['hidden'])
+ {
+ $message->addError(T('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
+ }
- $message->redirect(lang::p('comment_updated'), "showreport.php?bugid=$bug[bugid]");
+ if (!$message->hasErrors())
+ {
+ $commentapi->update();
+
+ // setup logging
+ require_once('./includes/class_logging.php');
+ $log = new Logging;
+ $log->setBugId($bug['bugid']);
+ $log->setCommentId($comment['commentid']);
+
+ $log->addData(true, $commentapi->record, array('comment', 'hidden'), false, 'comment');
+ $log->addData(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
+
+ $lastgood = $db->queryFirst("
+ SELECT comment.* AS comment, user.displayname AS username
+ FROM " . TABLE_PREFIX . "comment AS comment
+ LEFT JOIN " . TABLE_PREFIX . "user AS user
+ ON (user.userid = comment.userid)
+ WHERE bugid = $bug[bugid]
+ AND !hidden ORDER BY dateline DESC
+ ");
+ $db->query("
+ UPDATE " . TABLE_PREFIX . "bug
+ SET hiddenlastposttime = $lastgood[dateline],
+ hiddenlastpostby = $lastgood[userid],
+ hiddenlastpostbyname = '" . $db->escapeString($lastgood['username']) . "'
+ WHERE bugid = $bug[bugid]"
+ );
+
+ $log->updateHistory();
+
+ $message->redirect(T('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
+ }
+ else
+ {
+ $show['errors'] = true;
+ $_REQUEST['do'] = 'edit';
+ $comment['comment'] = $input->in['comment'];
+ $comment['hidden'] = $input->in['hidden'];
+ }
}
// ###################################################################
if ($_REQUEST['do'] == 'edit')
{
- $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
- $comment['postby'] = construct_user_display($comment);
- $comment['comment'] = $bugsys->sanitize($comment['comment']);
- eval('$template->flush("' . $template->fetch('editcomment') . '");');
+ if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
+ {
+ $message->errorPermission();
+ }
+
+ $comment['posttime'] = $datef->format(bugdar::$options['dateformat'], $comment['dateline']);
+ if ($comment['userid'])
+ {
+ $commenter = new UserAPI();
+ $commenter->set('userid', $comment['userid']);
+ $commenter->fetch();
+ $commenter = $commenter->record;
+ }
+ $comment['postby'] = construct_user_display($commenter);
+ $comment['comment'] = $input->sanitize($comment['comment']);
+ $show['hide'] = ($bug['initialreport'] != $comment['commentid']);
+
+ $tpl = new BSTemplate('editcomment');
+ $tpl->vars = array(
+ 'comment' => $comment,
+ 'bug' => $bug
+ );
+ $tpl->evaluate()->flush();
}
-/*=====================================================================*\
-|| ###################################################################
-|| # $HeadURL$
-|| # $Id$
-|| ###################################################################
-\*=====================================================================*/
?>
\ No newline at end of file
https://src.bluestatic.org / bugdar.git / blobdiff