r134: - Fixed a problem where the bug fetcher would fetch the wrong bug because of...

- Added edit/update attachment methods

diff --git a/attachment.php b/attachment.php
index bbeb0b228b8fdba55b3ed9b54a86c2a90bba29bb..61e915b61ca8d7a90eca680ae0bc4c839103eaa5 100755 (executable)
--- a/attachment.php
+++ b/attachment.php
@@ -12,7 +12,7 @@
 
 $fetchtemplates = array(
        'newattach',
-       //'editattach'
+       'editattach'
 );
 
 require_once('./global.php');
@@ -27,7 +27,7 @@ if (isset($bugsys->in['attachmentid']))
        }
 }
 
-$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid']));
+$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . (($attachment['attachmentid']) ? $attachment['bugid'] : intval($bugsys->in['bugid'])));
 if (!$bug)
 {
        echo 'alert: bad bug';
@@ -79,7 +79,7 @@ if ($_POST['do'] == 'insert')
                exit;
        }
        
-       // put some MIME-type validation here
+       // #*# put some MIME-type validation here
        
        if (!$bugsys->in['description'])
        {
@@ -166,14 +166,33 @@ if ($_REQUEST['do'] == 'add')
 
 if ($_POST['do'] == 'update')
 {
-       // run code to update item in database
+       if (!(can_perform('caneditattach') OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach'))))
+       {
+               echo 'alert: no permssion';
+               exit;
+       }
+       
+       $db->query("
+               UPDATE " . TABLE_PREFIX . "attachment
+               SET description = '" . $bugsys->in['description'] . "',
+                       obsolete = " . intval($bugsys->in['obsolete']) . "
+               WHERE attachmentid = " . intval($bugsys->in['attachmentid'])
+       );
+       
+       echo "<a href=\"showreport.php?bugid=$bug[bugid]\">attachment updated</a>";
 }
 
 // ###################################################################
 
 if ($_REQUEST['do'] == 'edit')
 {
-       // display form to edit item
+       if (!(can_perform('caneditattach') OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach'))))
+       {
+               echo 'alert: no permssion';
+               exit;
+       }
+       
+       eval('$template->flush("' . $template->fetch('editattach') . '");');
 }
 
 /*=====================================================================*\

diff --git a/templates/default/editattach.tpl b/templates/default/editattach.tpl
new file mode 100644 (file)
index 0000000..e185c18
--- /dev/null
+++ b/templates/default/editattach.tpl
@@ -0,0 +1,16 @@
+<form action="attachment.php" method="post" name="editattach">
+       <input name="do" type="hidden" value="update" />
+       <input name="attachmentid" type="hidden" value="$attachment[attachmentid]" />
+       
+       <div><strong>Attachment:</strong> <a href="viewattachment.php?attachmentid=$attachment[attachmentid]">View</a> [$attachment[filename]]</div>
+       
+       <div><strong>Bug:</strong> $bug[summary] (bugid: $bug[bugid])</div>
+       
+       <div><strong>Description:</strong> <input name="description" type="text" size="35" value="$attachment[description]" /></div>
+       
+       <div><strong>Obsolete:</strong> <input name="obsolete" type="checkbox" value="1"<if condition="$attachment['obsolete']"> checked="checked"</if> /></div>
+       
+<input name="submit" type="submit" value="  Submit  " accesskey="s" />
+<input name="reset" type="reset" value="  Reset  " accesskey="r" />
+
+</form>
\ No newline at end of file