editcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar [#]version[#]
   5 || # Copyright ©2002-[#]year[#] Blue Static
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version [#]gpl[#] of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 $fetchtemplates = array(
  23         'editcomment'
  24 );
  25
  26 define('SVN', '$Id$');
  27
  28 $focus['showreport'] = 'focus';
  29
  30 require_once('./global.php');
  31 require_once('./includes/api_comment.php');
  32
  33 require_once('./includes/class_api_error.php');
  34 APIError(array(new API_Error_Handler($message), 'user_cumulative'));
  35
  36 $commentapi = new CommentAPI($bugsys);
  37 $commentapi->set('commentid',   $bugsys->in['commentid']);
  38 $commentapi->set_condition();
  39 $commentapi->fetch();
  40
  41 $comment =& $commentapi->objdata;
  42
  43 $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
  44
  45 if (!check_bug_permissions($bug))
  46 {
  47         $message->errorPermission();
  48 }
  49
  50 // ###################################################################
  51
  52 if (empty($_REQUEST['do']))
  53 {
  54         $_REQUEST['do'] = 'edit';
  55 }
  56
  57 // ###################################################################
  58
  59 if ($_POST['do'] == 'kill')
  60 {
  61         if (!can_perform('candeletedata', $bug['product']))
  62         {
  63                 $message->errorPermission();
  64         }
  65
  66         // get the last post (as in prior to deletion)
  67         $lastpost = $db->query_first("SELECT commentid FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline DESC");
  68
  69         $commentapi->delete();
  70
  71         // check to see if we need to rebuild the lastpost information
  72         if ($lastpost['commentid'] == $comment['commentid'])
  73         {
  74                 $lastgoodpublic = $db->query_first("
  75                         SELECT comment.* AS comment, user.displayname AS username
  76                         FROM " . TABLE_PREFIX . "comment AS comment
  77                         LEFT JOIN " . TABLE_PREFIX . "user AS user
  78                                 ON (user.userid = comment.userid)
  79                         WHERE bugid = $bug[bugid]
  80                                 AND !hidden ORDER BY dateline DESC
  81                 ");
  82                 $lastgoodprivate = $db->query_first("
  83                         SELECT comment.* AS comment, user.displayname AS username
  84                         FROM " . TABLE_PREFIX . "comment AS comment
  85                         LEFT JOIN " . TABLE_PREFIX . "user AS user
  86                                 ON (user.userid = comment.userid)
  87                         WHERE bugid = $bug[bugid]
  88                         ORDER BY dateline DESC
  89                 ");
  90                 $db->query("
  91                         UPDATE " . TABLE_PREFIX . "bug
  92                         SET hiddenlastposttime = $lastgoodpublic[dateline],
  93                                 hiddenlastpostby = $lastgoodpublic[userid],
  94                                 hiddenlastpostbyname = '" . $db->escape_string($lastgoodpublic['username']) . "',
  95                                 lastposttime = $lastgoodprivate[dateline],
  96                                 lastpostby = $lastgoodprivate[userid],
  97                                 lastpostbyname = '" . $db->escape_string($lastgoodprivate['username']) . "'
  98                         WHERE bugid = $bug[bugid]"
  99                 );
 100         }
 101
 102         $message->redirect(_('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
 103 }
 104
 105 // ###################################################################
 106
 107 if ($_REQUEST['do'] == 'delete')
 108 {
 109         if (!can_perform('candeletedata', $bug['product']))
 110         {
 111                 $message->errorPermission();
 112         }
 113
 114         if ($bug['initialreport'] == $comment['commentid'])
 115         {
 116                 $message->error(_('You cannot delete this comment because it is attached to the bug as the first comment. You have to delete the entire bug instead (which is not recommended unless it is spam).'));
 117         }
 118
 119         $message->confirm(_('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', _('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
 120 }
 121
 122 // ###################################################################
 123
 124 if ($_POST['do'] == 'update')
 125 {
 126         if (!((can_perform('caneditownreply', $bug['product']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
 127         {
 128                 $message->errorPermission();
 129         }
 130
 131         $commentapi->set('comment',     $bugsys->in['comment']);
 132         $commentapi->set('parselinks', $bugsys->in['parselinks']);
 133         $commentapi->set('hidden',      $bugsys->in['hidden']);
 134
 135         if ($bugsys->in['commentid'] == $bug['initialreport'] AND $bugsys->in['hidden'])
 136         {
 137                 $message->addError(_('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
 138         }
 139
 140         if (!$message->hasErrors())
 141         {
 142                 $commentapi->update();
 143
 144                 // setup logging
 145                 require_once('./includes/class_logging.php');
 146                 $log = new Logging;
 147                 $log->set_bugid($bug['bugid']);
 148                 $log->set_commentid($comment['commentid']);
 149
 150                 $log->add_data(true, $commentapi->objdata, array('comment', 'hidden'), false, 'comment');
 151                 $log->add_data(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
 152
 153                 $lastgood = $db->query_first("
 154                         SELECT comment.* AS comment, user.displayname AS username
 155                         FROM " . TABLE_PREFIX . "comment AS comment
 156                         LEFT JOIN " . TABLE_PREFIX . "user AS user
 157                                 ON (user.userid = comment.userid)
 158                         WHERE bugid = $bug[bugid]
 159                                 AND !hidden ORDER BY dateline DESC
 160                 ");
 161                 $db->query("
 162                         UPDATE " . TABLE_PREFIX . "bug
 163                         SET hiddenlastposttime = $lastgood[dateline],
 164                                 hiddenlastpostby = $lastgood[userid],
 165                                 hiddenlastpostbyname = '" . $db->escape_string($lastgood['username']) . "'
 166                         WHERE bugid = $bug[bugid]"
 167                 );
 168
 169                 $log->update_history();
 170
 171                 $message->redirect(_('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
 172         }
 173         else
 174         {
 175                 $show['errors'] = true;
 176                 $_REQUEST['do'] = 'edit';
 177                 $comment['comment'] = $bugsys->in['comment'];
 178                 $comment['hidden'] = $bugsys->in['hidden'];
 179         }
 180 }
 181
 182 // ###################################################################
 183
 184 if ($_REQUEST['do'] == 'edit')
 185 {
 186         if (!((can_perform('caneditownreply', $bug['product']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
 187         {
 188                 $message->errorPermission();
 189         }
 190
 191         $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
 192         $comment['postby'] = construct_user_display($commentapi->relations['userid']->objdata);
 193         $comment['comment'] = $bugsys->sanitize($comment['comment']);
 194         $show['hide'] = ($bug['initialreport'] != $comment['commentid'] ? true : false);
 195         eval('$template->flush("' . $template->fetch('editcomment') . '");');
 196 }
 197
 198 /*=====================================================================*\
 199 || ###################################################################
 200 || # $HeadURL$
 201 || # $Id$
 202 || ###################################################################
 203 \*=====================================================================*/
 204 ?>