WHERE bug.bugid = " . intval($bugsys->in['bugid'])
);
-if (!$bug)
+if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo')) AND !can_perform('canpostcomments'))
{
- $message->error('alert: bad bug');
+ $message->error_permission();
}
-if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo')))
+if (!$bug)
{
- $message->error_permission();
+ $message->error('alert: bad bug');
}
if ($bug['hidden'] AND !can_perform('canviewhidden'))
if ($_POST['do'] == 'update')
{
+ // -------------------------------------------------------------------
+ // process comment stuff
+ if (can_perform('canpostcomments'))
+ {
+ $hascomment = (!empty($bugsys->in['comment'])) ? true : false;
+
+ if ($hascomment OR $autoaction['comment'])
+ {
+ if ($hascomment AND $autoaction['comment'])
+ {
+ $bugsys->in['comment'] .= "\n\n--------------- AUTOMATIC RESPONSE ---------------\n" . $autoaction['comment'];
+ }
+ else if (!$hascomment AND $autoaction['comment'])
+ {
+ $bugsys->in['comment'] = $autoaction['comment'];
+ }
+
+ $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
+
+ if (!$bugsys->options['allowhtml'])
+ {
+ $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
+ }
+
+ $time = TIMENOW;
+
+ $db->query("
+ INSERT INTO " . TABLE_PREFIX . "comment
+ (bugid, userid, dateline, comment, comment_parsed)
+ VALUES
+ (" . intval($bugsys->in['bugid']) . ", " . $bugsys->userinfo['userid'] . ",
+ $time, '" . $bugsys->in['comment'] . "',
+ '" . nl2br($bugsys->in['comment_parsed']) . "'
+ )"
+ );
+
+ $commentid = $db->insert_id();
+
+ $db->query("
+ UPDATE " . TABLE_PREFIX . "bug
+ SET lastposttime = $time,
+ lastpostby = " . $bugsys->userinfo['userid'] . ",
+ hiddenlastposttime = $time,
+ hiddenlastpostby = " . $bugsys->userinfo['userid'] . "
+ WHERE bugid = " . intval($bugsys->in['bugid'])
+ );
+
+ if ($hascomment)
+ {
+ $log->language = 'log_new_comment';
+ $log->arguments = array($commentid);
+ $log->log();
+ }
+ }
+ }
+
+ if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo')))
+ {
+ $message->redirect('inserted comment', "showreport.php?bugid=$bug[bugid]");
+ }
+
+ // -------------------------------------------------------------------
+ // do update stuff
$pcv = parse_pcv_select($bugsys->in['pcv_select'], true);
if (!$bugsys->in['summary'])
}
$log->allowempty = false;
-
- // -------------------------------------------------------------------
- // process comment stuff
-
- $hascomment = (!empty($bugsys->in['comment'])) ? true : false;
-
- if ($hascomment OR $autoaction['comment'])
- {
- if ($hascomment AND $autoaction['comment'])
- {
- $bugsys->in['comment'] .= "\n\n--------------- AUTOMATIC RESPONSE ---------------\n" . $autoaction['comment'];
- }
- else if (!$hascomment AND $autoaction['comment'])
- {
- $bugsys->in['comment'] = $autoaction['comment'];
- }
-
- $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
-
- if (!$bugsys->options['allowhtml'])
- {
- $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
- }
-
- $time = TIMENOW;
-
- $db->query("
- INSERT INTO " . TABLE_PREFIX . "comment
- (bugid, userid, dateline, comment, comment_parsed)
- VALUES
- (" . intval($bugsys->in['bugid']) . ", " . $bugsys->userinfo['userid'] . ",
- $time, '" . $bugsys->in['comment'] . "',
- '" . nl2br($bugsys->in['comment_parsed']) . "'
- )"
- );
-
- $commentid = $db->insert_id();
-
- $db->query("
- UPDATE " . TABLE_PREFIX . "bug
- SET lastposttime = $time,
- lastpostby = " . $bugsys->userinfo['userid'] . ",
- hiddenlastposttime = $time,
- hiddenlastpostby = " . $bugsys->userinfo['userid'] . "
- WHERE bugid = " . intval($bugsys->in['bugid'])
- );
-
- if ($hascomment)
- {
- $log->language = 'log_new_comment';
- $log->arguments = array($commentid);
- $log->log();
- }
- }
$message->redirect('done with update bug', "showreport.php?bugid=$bug[bugid]");
}