$fetchtemplates = array(
'newattach',
- //'editattach'
+ 'editattach'
);
require_once('./global.php');
}
}
-$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid']));
+$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . (($attachment['attachmentid']) ? $attachment['bugid'] : intval($bugsys->in['bugid'])));
if (!$bug)
{
echo 'alert: bad bug';
exit;
}
- // put some MIME-type validation here
+ // #*# put some MIME-type validation here
if (!$bugsys->in['description'])
{
if ($_POST['do'] == 'update')
{
- // run code to update item in database
+ if (!(can_perform('caneditattach') OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach'))))
+ {
+ echo 'alert: no permssion';
+ exit;
+ }
+
+ $db->query("
+ UPDATE " . TABLE_PREFIX . "attachment
+ SET description = '" . $bugsys->in['description'] . "',
+ obsolete = " . intval($bugsys->in['obsolete']) . "
+ WHERE attachmentid = " . intval($bugsys->in['attachmentid'])
+ );
+
+ echo "<a href=\"showreport.php?bugid=$bug[bugid]\">attachment updated</a>";
}
// ###################################################################
if ($_REQUEST['do'] == 'edit')
{
- // display form to edit item
+ if (!(can_perform('caneditattach') OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach'))))
+ {
+ echo 'alert: no permssion';
+ exit;
+ }
+
+ eval('$template->flush("' . $template->fetch('editattach') . '");');
}
/*=====================================================================*\
--- /dev/null
+<form action="attachment.php" method="post" name="editattach">
+ <input name="do" type="hidden" value="update" />
+ <input name="attachmentid" type="hidden" value="$attachment[attachmentid]" />
+
+ <div><strong>Attachment:</strong> <a href="viewattachment.php?attachmentid=$attachment[attachmentid]">View</a> [$attachment[filename]]</div>
+
+ <div><strong>Bug:</strong> $bug[summary] (bugid: $bug[bugid])</div>
+
+ <div><strong>Description:</strong> <input name="description" type="text" size="35" value="$attachment[description]" /></div>
+
+ <div><strong>Obsolete:</strong> <input name="obsolete" type="checkbox" value="1"<if condition="$attachment['obsolete']"> checked="checked"</if> /></div>
+
+<input name="submit" type="submit" value=" Submit " accesskey="s" />
+<input name="reset" type="reset" value=" Reset " accesskey="r" />
+
+</form>
\ No newline at end of file