'caneditownreply' => $lang->string('Can Edit Own Comments'),
'caneditotherreply' => $lang->string('Can Edit Others\' Comments'),
'canassign' => $lang->string('Can Assign Bugs'),
- 'canchangestatus' => $lang->string('Can Change Status')
+ 'canchangestatus' => $lang->string('Can Change Status'),
+ 'candeletedata' => $lang->string('Can Delete Bugs and Comments')
)
);
'caneditownreply' => $lang->string('Can Edit Own Comments'),
'caneditotherreply' => $lang->string('Can Edit Others\' Comments'),
'canassign' => $lang->string('Can Assign Bugs'),
- 'canchangestatus' => $lang->string('Can Change Status')
+ 'canchangestatus' => $lang->string('Can Change Status'),
+ 'candeletedata' => $lang->string('Can Delete Bugs and Comments')
),
$lang->string('Administrator Permissions') => array(
- Usergroup
- User help
- Added support for DST observation (http://bugs.iris-studios.com/showreport.php?bugid=22)
+- Data (bugs and comments) can now be removed (http://bugs.iris-studios.com/showreport.php?bugid=16)
1.0.2
==================
$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
-if (!((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
-{
- $message->error_permission();
-}
-
if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
{
$message->error_permissison();
// ###################################################################
+if ($_POST['do'] == 'kill')
+{
+ if (!can_perform('candeletedata', $bug['productid']))
+ {
+ $message->error_permission();
+ }
+
+ $commentapi->delete();
+
+ $message->redirect($lang->string('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
+}
+
+// ###################################################################
+
+if ($_REQUEST['do'] == 'delete')
+{
+ if (!can_perform('candeletedata', $bug['productid']))
+ {
+ $message->error_permission();
+ }
+
+ $message->confirm($lang->string('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', $lang->string('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
+}
+
+// ###################################################################
+
if ($_POST['do'] == 'update')
{
+ if (!((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
+ {
+ $message->error_permission();
+ }
+
$commentapi->set('comment', $bugsys->in['comment']);
$commentapi->set('hidden', $bugsys->in['hidden']);
if ($_REQUEST['do'] == 'edit')
{
+ if (!((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
+ {
+ $message->error_permission();
+ }
+
$comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
$comment['postby'] = construct_user_display($commentapi->relations['userid']->objdata);
$comment['comment'] = $bugsys->sanitize($comment['comment']);
WHERE bug.bugid = " . $bugsys->input_clean('bugid', TYPE_UINT)
);
-if (!((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $bug['userid']) OR (can_perform('caneditother', $bug['productid']) AND $bugsys->userinfo['userid'] != $bug['userid'])) AND !can_perform('canpostcomments', $bug['productid']))
-{
- $message->error_permission();
-}
-
if (!$bug)
{
$message->error($lang->getlex('error_invalid_id'));
$notif = new NotificationCenter;
+$bugapi = new BugAPI($bugsys);
+$bugapi->set('bugid', $bugsys->in['bugid']);
+$bugapi->set_condition();
+$bugapi->dorelations = array();
+$bugapi->fetch();
+
+// ###################################################################
+
+if ($_POST['do'] == 'kill')
+{
+ if (!can_perform('candeletedata', $bug['productid']))
+ {
+ $message->error_permission();
+ }
+
+ $bugapi->delete();
+
+ $message->redirect($lang->string('The entire bug has been deleted.'), 'index.php');
+}
+
+// ###################################################################
+
+if ($_REQUEST['do'] == 'delete')
+{
+ if (!can_perform('candeletedata', $bug['productid']))
+ {
+ $message->error_permission();
+ }
+
+ $message->confirm($lang->string('Are you sure you want to delete this bug? Doing so will <strong>destroy</strong> all associated data, including comments, attachments, and votes. We strongly recommend only deleting span records and nothing else as users may wish to go back and look at any bug to check its status.'), 'editreport.php', 'kill', $lang->string('Delete Bug Permanently'), 'showreport.php?bugid=' . $bug['bugid'], array('bugid' => $bug['bugid']));
+}
+
// ###################################################################
if ($_POST['do'] == 'update')
{
- $bugapi = new BugAPI($bugsys);
- $bugapi->set('bugid', $bugsys->in['bugid']);
- $bugapi->set_condition();
- $bugapi->dorelations = array();
- $bugapi->fetch();
+ if (!((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $bug['userid']) OR (can_perform('caneditother', $bug['productid']) AND $bugsys->userinfo['userid'] != $bug['userid'])) AND !can_perform('canpostcomments', $bug['productid']))
+ {
+ $message->error_permission();
+ }
$log->add_data(true, $bugapi->objdata, $bugfields);
exit;
}
+ // ###################################################################
+ /**
+ * Displays a standard message template with extra confirm data on it
+ *
+ * @access public
+ *
+ * @param string Message to confirm to
+ * @param string Form action
+ * @param string Do branch
+ * @param string Button text
+ * @param string Cancel action
+ * @param array Extra hidden information
+ */
+ function confirm($message, $action, $do, $button, $cancel, $arrextra)
+ {
+ global $bugsys;
+ global $doctype, $header, $headinclude, $footer, $focus, $show, $stylevar;
+
+ $show['confirm'] = true;
+
+ $this->process = $message;
+
+ foreach ($arrextra AS $name => $value)
+ {
+ $extra .= '<input type="hidden" name="' . $name . '" value="' . $value . '" />' . "\n";
+ }
+
+ eval('$bugsys->template->flush("' . $bugsys->template->fetch('std_message') . '");');
+ exit;
+ }
+
/**
* Checks to make sure that there is some text in the processed variable
*/
'canbeassignedto' => 1048576, // can be assigned bugs,
'caneditattach' => 2097152, // can edit attachments
'canviewhidden' => 4194304, // can see hidden bugs
- 'caneditotherreply' => 8388608 // can edit other peoples' comments
+ 'caneditotherreply' => 8388608, // can edit other peoples' comments
+ 'candeletedata' => 16777216 // can delete data (bugs, comments)
);
$bugsys->emailoptions = array(
}
$show['edit'] = ((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $bug['userid'] AND $bug['userid'] != 0) OR (can_perform('caneditother', $bug['productid']) AND $bugsys->userinfo['userid'] != $bug['userid']));
+$show['delete'] = can_perform('candeletedata', $bug['productid']);
if (!is_array($bug))
{
/ [<a href="showhistory.php?bugid=$bug[bugid]">{@"Show Bug History"}</a>]
<if condition="$show['subscribe']">/ [<a href="favourite.php?do=handle&bugid=$bug[bugid]">$favouritetext</a>]</if>
+ <if condition="$show['delete']">/ [<a href="editreport.php?do=delete&bugid=$bug[bugid]">{@"Delete"}</a>]</if>
</div>
</fieldset>
<!-- / bug id & hidden -->
<if condition="$show['editcomment']">
<div class="box-foot">
<span style="float: right">
+ <if condition="$show['delete']">[<a href="editcomment.php?do=delete&commentid=$comment[commentid]">{@"Delete"}</a>]</if>
[<a href="editcomment.php?commentid=$comment[commentid]">{@"Edit Comment"}</a>]
</span>
<if condition="$comment['hidden']"><strong>{@"Hidden"}</strong><else />{@"Visible"}</if>
<head>
$headinclude
<link rel="stylesheet" href="templates/box.css" media="screen" />
- <title>{$bugsys->options['trackertitle']} - {@"Notice"}</title>
+ <title>{$bugsys->options['trackertitle']} - <if condition="$show['confirm']">{@"Confirm"}<else />{@"Notice"}</if></title>
</head>
<body>
$header
+<if condition="$show['confirm']">
+<form name="confirm" action="$action" method="post">
+<input type="hidden" name="do" value="$do" />
+$extra
+</if>
+
<div align="center" style="margin-top: 10px">
<div class="box" style="width: $stylevar[alternate_width]">
- <div class="box-head">{@"Notice"}</div>
+ <div class="box-head"><if condition="$show['confirm']">{@"Confirm"}<else />{@"Notice"}</if></div>
<div class="box-mid + box-overpad">
{$this->process}
+
+ <if condition="$show['confirm']">
+ <br />
+ <br />
+
+ <div id="submitrow">
+ <input type="submit" name="submit" value="$button" />
+ <script type="text/javascript"> draw_cancel("$cancel"); </script>
+ </div>
+ </if>
</div>
</div>
</div>
+<if condition="$show['confirm']">
+</form>
+</if>
+
$footer
\ No newline at end of file