{
// -------------------------------------------------------------------
// process comment stuff
- if (can_perform('canpostcomments'))
+ if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo')))
{
$hascomment = (!empty($bugsys->in['comment'])) ? true : false;
}
$log->allowempty = false;
+
+ $hascomment = (!empty($bugsys->in['comment'])) ? true : false;
+
+ if ($hascomment OR $autoaction['comment'])
+ {
+ if ($hascomment AND $autoaction['comment'])
+ {
+ $bugsys->in['comment'] .= "\n\n--------------- AUTOMATIC RESPONSE ---------------\n" . $autoaction['comment'];
+ }
+ else if (!$hascomment AND $autoaction['comment'])
+ {
+ $bugsys->in['comment'] = $autoaction['comment'];
+ }
+
+ $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
+
+ if (!$bugsys->options['allowhtml'])
+ {
+ $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
+ }
+
+ $time = TIMENOW;
+
+ $db->query("
+ INSERT INTO " . TABLE_PREFIX . "comment
+ (bugid, userid, dateline, comment, comment_parsed)
+ VALUES
+ (" . intval($bugsys->in['bugid']) . ", " . $bugsys->userinfo['userid'] . ",
+ $time, '" . $bugsys->in['comment'] . "',
+ '" . nl2br($bugsys->in['comment_parsed']) . "'
+ )"
+ );
+
+ $commentid = $db->insert_id();
+
+ $db->query("
+ UPDATE " . TABLE_PREFIX . "bug
+ SET lastposttime = $time,
+ lastpostby = " . $bugsys->userinfo['userid'] . ",
+ hiddenlastposttime = $time,
+ hiddenlastpostby = " . $bugsys->userinfo['userid'] . "
+ WHERE bugid = " . intval($bugsys->in['bugid'])
+ );
+
+ if ($hascomment)
+ {
+ $log->language = 'log_new_comment';
+ $log->arguments = array($commentid);
+ $log->log();
+ }
+ }
+
$message->redirect('done with update bug', "showreport.php?bugid=$bug[bugid]");
}