editcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar
   5 || # Copyright ©2002-2007 Blue Static
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version 2 of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 $fetchtemplates = array(
  23         'editcomment'
  24 );
  25
  26 define('SVN', '$Id$');
  27
  28 $focus['showreport'] = 'focus';
  29
  30 require_once('./global.php');
  31 require_once('./includes/api_comment.php');
  32
  33
  34 $commentapi = new CommentAPI();
  35 $commentapi->set('commentid',   $input->in['commentid']);
  36 $commentapi->fetch();
  37
  38 $comment = &$commentapi->record;
  39
  40 $bug = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
  41
  42 if (!check_bug_permissions($bug))
  43 {
  44         $message->errorPermission();
  45 }
  46
  47 // ###################################################################
  48
  49 if (empty($_REQUEST['do']))
  50 {
  51         $_REQUEST['do'] = 'edit';
  52 }
  53
  54 // ###################################################################
  55
  56 if ($_POST['do'] == 'kill')
  57 {
  58         if (!can_perform('candeletedata', $bug['product']))
  59         {
  60                 $message->errorPermission();
  61         }
  62
  63         // get the last post (as in prior to deletion)
  64         $lastpost = $db->queryFirst("SELECT commentid FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline DESC");
  65
  66         $commentapi->remove();
  67
  68         // check to see if we need to rebuild the lastpost information
  69         if ($lastpost['commentid'] == $comment['commentid'])
  70         {
  71                 $lastgoodpublic = $db->queryFirst("
  72                         SELECT comment.* AS comment, user.displayname AS username
  73                         FROM " . TABLE_PREFIX . "comment AS comment
  74                         LEFT JOIN " . TABLE_PREFIX . "user AS user
  75                                 ON (user.userid = comment.userid)
  76                         WHERE bugid = $bug[bugid]
  77                                 AND !hidden ORDER BY dateline DESC
  78                 ");
  79                 $lastgoodprivate = $db->queryFirst("
  80                         SELECT comment.* AS comment, user.displayname AS username
  81                         FROM " . TABLE_PREFIX . "comment AS comment
  82                         LEFT JOIN " . TABLE_PREFIX . "user AS user
  83                                 ON (user.userid = comment.userid)
  84                         WHERE bugid = $bug[bugid]
  85                         ORDER BY dateline DESC
  86                 ");
  87                 $db->query("
  88                         UPDATE " . TABLE_PREFIX . "bug
  89                         SET hiddenlastposttime = $lastgoodpublic[dateline],
  90                                 hiddenlastpostby = $lastgoodpublic[userid],
  91                                 hiddenlastpostbyname = '" . $db->escapeString($lastgoodpublic['username']) . "',
  92                                 lastposttime = $lastgoodprivate[dateline],
  93                                 lastpostby = $lastgoodprivate[userid],
  94                                 lastpostbyname = '" . $db->escapeString($lastgoodprivate['username']) . "'
  95                         WHERE bugid = $bug[bugid]"
  96                 );
  97         }
  98
  99         $message->redirect(T('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
 100 }
 101
 102 // ###################################################################
 103
 104 if ($_REQUEST['do'] == 'delete')
 105 {
 106         if (!can_perform('candeletedata', $bug['product']))
 107         {
 108                 $message->errorPermission();
 109         }
 110
 111         if ($bug['initialreport'] == $comment['commentid'])
 112         {
 113                 $message->error(T('You cannot delete this comment because it is attached to the bug as the first comment. You have to delete the entire bug instead (which is not recommended unless it is spam).'));
 114         }
 115
 116         $message->confirm(T('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', T('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
 117 }
 118
 119 // ###################################################################
 120
 121 if ($_POST['do'] == 'update')
 122 {
 123         if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
 124         {
 125                 $message->errorPermission();
 126         }
 127
 128         $commentapi->set('comment',             $input->in['comment']);
 129         $commentapi->set('parselinks',  $input->in['parselinks']);
 130         $commentapi->set('hidden',              $input->in['hidden']);
 131
 132         if ($input->in['commentid'] == $bug['initialreport'] AND $input->in['hidden'])
 133         {
 134                 $message->addError(T('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
 135         }
 136
 137         if (!$message->hasErrors())
 138         {
 139                 $commentapi->update();
 140
 141                 // setup logging
 142                 require_once('./includes/class_logging.php');
 143                 $log = new Logging;
 144                 $log->setBugId($bug['bugid']);
 145                 $log->setCommentId($comment['commentid']);
 146
 147                 $log->addData(true, $commentapi->record, array('comment', 'hidden'), false, 'comment');
 148                 $log->addData(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
 149
 150                 $lastgood = $db->queryFirst("
 151                         SELECT comment.* AS comment, user.displayname AS username
 152                         FROM " . TABLE_PREFIX . "comment AS comment
 153                         LEFT JOIN " . TABLE_PREFIX . "user AS user
 154                                 ON (user.userid = comment.userid)
 155                         WHERE bugid = $bug[bugid]
 156                                 AND !hidden ORDER BY dateline DESC
 157                 ");
 158                 $db->query("
 159                         UPDATE " . TABLE_PREFIX . "bug
 160                         SET hiddenlastposttime = $lastgood[dateline],
 161                                 hiddenlastpostby = $lastgood[userid],
 162                                 hiddenlastpostbyname = '" . $db->escapeString($lastgood['username']) . "'
 163                         WHERE bugid = $bug[bugid]"
 164                 );
 165
 166                 $log->updateHistory();
 167
 168                 $message->redirect(T('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
 169         }
 170         else
 171         {
 172                 $show['errors'] = true;
 173                 $_REQUEST['do'] = 'edit';
 174                 $comment['comment'] = $input->in['comment'];
 175                 $comment['hidden'] = $input->in['hidden'];
 176         }
 177 }
 178
 179 // ###################################################################
 180
 181 if ($_REQUEST['do'] == 'edit')
 182 {
 183         if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
 184         {
 185                 $message->errorPermission();
 186         }
 187
 188         $comment['posttime'] = $datef->format(bugdar::$options['dateformat'], $comment['dateline']);
 189         if ($comment['userid'])
 190         {
 191                 $commenter = new UserAPI();
 192                 $commenter->set('userid', $comment['userid']);
 193                 $commenter->fetch();
 194                 $commenter = $commenter->record;
 195         }
 196         $comment['postby'] = construct_user_display($commenter);
 197         $comment['comment'] = $input->sanitize($comment['comment']);
 198         $show['hide'] = ($bug['initialreport'] != $comment['commentid']);
 199
 200         $tpl = new BSTemplate('editcomment');
 201         $tpl->vars = array(
 202                 'comment'       => $comment,
 203                 'bug'           => $bug
 204         );
 205         $tpl->evaluate()->flush();
 206 }
 207
 208 /*=====================================================================*\
 209 || ###################################################################
 210 || # $HeadURL$
 211 || # $Id$
 212 || ###################################################################
 213 \*=====================================================================*/
 214 ?>