2 /*=====================================================================*\
3 || ################################################################### ||
4 || # Renapsus [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # All parts of this file are ©2003-[#]year[#] Iris Studios, Inc. No # ||
7 || # part of this file may be reproduced in any way: part or whole. # ||
8 || # --------------------------------------------------------------- # ||
9 || # ©2003 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com # ||
10 || ################################################################### ||
11 \*=====================================================================*/
13 $fetchtemplates = array(
17 require_once('./global.php');
19 sanitize(array('commentid' => INT));
21 $comment = $DB_sql->query_first("
22 SELECT comment.*, user.email, user.showemail, user.displayname
23 FROM " . TABLE_PREFIX
. "comment AS comment
24 LEFT JOIN " . TABLE_PREFIX
. "user AS user
25 ON (comment.userid = user.userid)
26 WHERE comment.commentid = $vars[commentid]"
31 echo 'alert: bad comment';
35 $bug = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX
. "bug WHERE bugid = $comment[bugid]");
37 if (!((can_perform('caneditown') AND $bugsys->userinfo
['userid'] == $comment['userid']) OR can_perform('caneditothers')))
43 // ###################################################################
45 if (empty($_REQUEST['do']))
47 $_REQUEST['do'] = 'edit';
50 #*# do these later after we work out some kind of permission system
51 // ###################################################################
53 if ($_REQUEST['do'] == 'kill')
55 // run code to remove item in database
58 // ###################################################################
60 if ($_REQUEST['do'] == 'delete')
62 // display delete confirmation message
65 // ###################################################################
67 if ($_POST['do'] == 'update')
69 sanitize(array('comment' => STR
));
71 if (!$vars['comment'])
73 echo 'you need to enter some text';
77 $vars['comment_parsed'] = $vars['comment'];
79 if (!$bugsys->options
['allowhtml'])
81 $vars['comment_parsed'] = htmlspecialcharslike($vars['comment_parsed']);
85 UPDATE " . TABLE_PREFIX
. "comment
86 SET comment = '" . addslasheslike($vars['comment']) . "',
87 comment_parsed = '" . addslasheslike(nl2br($vars['comment_parsed'])) . "'
88 WHERE commentid = $vars[commentid]"
91 echo "<a href=\"showreport.php?bugid=$bug[bugid]\">comment saved</a>";
94 // ###################################################################
96 if ($_REQUEST['do'] == 'edit')
98 $comment['posttime'] = datelike('standard', $comment['dateline']);
99 $comment['postby'] = construct_user_display($comment);
100 $comment['comment'] = htmlspecialcharslike($comment['comment']);
101 eval('$tpl->flush("' . $tpl->fetch('editcomment') . '");');
104 /*=====================================================================*\
105 || ###################################################################
108 || ###################################################################
109 \*=====================================================================*/