2 /*=====================================================================*\
3 || ################################################################### ||
4 || # BugStrike [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
7 || # This file may not be reproduced in any way without permission. # ||
8 || # --------------------------------------------------------------- # ||
9 || # User License Agreement at http://www.iris-studios.com/license/ # ||
10 || ################################################################### ||
11 \*=====================================================================*/
13 $fetchtemplates = array(
17 require_once('./global.php');
19 if (!can_perform('canpostcomments'))
25 // ###################################################################
27 if (empty($_REQUEST['do']))
29 $_REQUEST['do'] = 'add';
32 // ###################################################################
34 if ($_POST['do'] == 'insert')
36 sanitize(array('bugid' => INT, 'comment' => STR
));
38 $vars['comment_parsed'] = $vars['comment'];
40 if (!$bugsys->options
['allowhtml'])
42 $vars['comment_parsed'] = htmlspecialcharslike($vars['comment_parsed']);
48 INSERT INTO " . TABLE_PREFIX
. "comment
49 (bugid, userid, dateline, comment, comment_parsed)
51 ($vars[bugid], " . $bugsys->userinfo
['userid'] . ",
52 $time, '" . addslasheslike($vars['comment']) . "',
53 '" . addslasheslike(nl2br($vars['comment_parsed'])) . "'
57 $db->query("UPDATE " . TABLE_PREFIX
. "bug SET lastposttime = $time, lastpostby = " . $bugsys->userinfo
['userid'] . " WHERE bugid = $vars[bugid]");
59 echo "<a href=\"showreport.php?bugid=$vars[bugid]\">comment inserted</a>";
62 // ###################################################################
64 if ($_REQUEST['do'] == 'add')
66 sanitize(array('bugid' => INT));
68 $bug = $db->query_first("SELECT bug.*, comment.comment FROM " . TABLE_PREFIX
. "bug LEFT JOIN " . TABLE_PREFIX
. "comment AS comment ON (bug.bugid = comment.bugid) WHERE bug.bugid = $vars[bugid]");
71 echo 'alert: bad bug';
75 eval('$template->flush("' . $template->fetch('newcomment') . '");');
78 /*=====================================================================*\
79 || ###################################################################
82 || ###################################################################
83 \*=====================================================================*/