editcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar
   5 || # Copyright ©2002-2007 Blue Static
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version 2 of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 $fetchtemplates = array(
  23         'editcomment'
  24 );
  25
  26 define('SVN', '$Id$');
  27
  28 $focus['showreport'] = 'focus';
  29
  30 require_once('./global.php');
  31 require_once('./includes/api_comment.php');
  32
  33 require_once('./includes/class_api_error.php');
  34
  35 $commentapi = new CommentAPI();
  36 $commentapi->set('commentid',   $input->in['commentid']);
  37 $commentapi->fetch();
  38
  39 $comment = &$commentapi->record;
  40
  41 $bug = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
  42
  43 if (!check_bug_permissions($bug))
  44 {
  45         $message->errorPermission();
  46 }
  47
  48 // ###################################################################
  49
  50 if (empty($_REQUEST['do']))
  51 {
  52         $_REQUEST['do'] = 'edit';
  53 }
  54
  55 // ###################################################################
  56
  57 if ($_POST['do'] == 'kill')
  58 {
  59         if (!can_perform('candeletedata', $bug['product']))
  60         {
  61                 $message->errorPermission();
  62         }
  63
  64         // get the last post (as in prior to deletion)
  65         $lastpost = $db->queryFirst("SELECT commentid FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline DESC");
  66
  67         $commentapi->remove();
  68
  69         // check to see if we need to rebuild the lastpost information
  70         if ($lastpost['commentid'] == $comment['commentid'])
  71         {
  72                 $lastgoodpublic = $db->queryFirst("
  73                         SELECT comment.* AS comment, user.displayname AS username
  74                         FROM " . TABLE_PREFIX . "comment AS comment
  75                         LEFT JOIN " . TABLE_PREFIX . "user AS user
  76                                 ON (user.userid = comment.userid)
  77                         WHERE bugid = $bug[bugid]
  78                                 AND !hidden ORDER BY dateline DESC
  79                 ");
  80                 $lastgoodprivate = $db->queryFirst("
  81                         SELECT comment.* AS comment, user.displayname AS username
  82                         FROM " . TABLE_PREFIX . "comment AS comment
  83                         LEFT JOIN " . TABLE_PREFIX . "user AS user
  84                                 ON (user.userid = comment.userid)
  85                         WHERE bugid = $bug[bugid]
  86                         ORDER BY dateline DESC
  87                 ");
  88                 $db->query("
  89                         UPDATE " . TABLE_PREFIX . "bug
  90                         SET hiddenlastposttime = $lastgoodpublic[dateline],
  91                                 hiddenlastpostby = $lastgoodpublic[userid],
  92                                 hiddenlastpostbyname = '" . $db->escapeString($lastgoodpublic['username']) . "',
  93                                 lastposttime = $lastgoodprivate[dateline],
  94                                 lastpostby = $lastgoodprivate[userid],
  95                                 lastpostbyname = '" . $db->escapeString($lastgoodprivate['username']) . "'
  96                         WHERE bugid = $bug[bugid]"
  97                 );
  98         }
  99
 100         $message->redirect(T('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
 101 }
 102
 103 // ###################################################################
 104
 105 if ($_REQUEST['do'] == 'delete')
 106 {
 107         if (!can_perform('candeletedata', $bug['product']))
 108         {
 109                 $message->errorPermission();
 110         }
 111
 112         if ($bug['initialreport'] == $comment['commentid'])
 113         {
 114                 $message->error(T('You cannot delete this comment because it is attached to the bug as the first comment. You have to delete the entire bug instead (which is not recommended unless it is spam).'));
 115         }
 116
 117         $message->confirm(T('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', T('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
 118 }
 119
 120 // ###################################################################
 121
 122 if ($_POST['do'] == 'update')
 123 {
 124         if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
 125         {
 126                 $message->errorPermission();
 127         }
 128
 129         $commentapi->set('comment',             $input->in['comment']);
 130         $commentapi->set('parselinks',  $input->in['parselinks']);
 131         $commentapi->set('hidden',              $input->in['hidden']);
 132
 133         if ($input->in['commentid'] == $bug['initialreport'] AND $input->in['hidden'])
 134         {
 135                 $message->addError(T('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
 136         }
 137
 138         if (!$message->hasErrors())
 139         {
 140                 $commentapi->update();
 141
 142                 // setup logging
 143                 require_once('./includes/class_logging.php');
 144                 $log = new Logging;
 145                 $log->set_bugid($bug['bugid']);
 146                 $log->set_commentid($comment['commentid']);
 147
 148                 $log->add_data(true, $commentapi->record, array('comment', 'hidden'), false, 'comment');
 149                 $log->add_data(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
 150
 151                 $lastgood = $db->queryFirst("
 152                         SELECT comment.* AS comment, user.displayname AS username
 153                         FROM " . TABLE_PREFIX . "comment AS comment
 154                         LEFT JOIN " . TABLE_PREFIX . "user AS user
 155                                 ON (user.userid = comment.userid)
 156                         WHERE bugid = $bug[bugid]
 157                                 AND !hidden ORDER BY dateline DESC
 158                 ");
 159                 $db->query("
 160                         UPDATE " . TABLE_PREFIX . "bug
 161                         SET hiddenlastposttime = $lastgood[dateline],
 162                                 hiddenlastpostby = $lastgood[userid],
 163                                 hiddenlastpostbyname = '" . $db->escapeString($lastgood['username']) . "'
 164                         WHERE bugid = $bug[bugid]"
 165                 );
 166
 167                 $log->update_history();
 168
 169                 $message->redirect(T('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
 170         }
 171         else
 172         {
 173                 $show['errors'] = true;
 174                 $_REQUEST['do'] = 'edit';
 175                 $comment['comment'] = $input->in['comment'];
 176                 $comment['hidden'] = $input->in['hidden'];
 177         }
 178 }
 179
 180 // ###################################################################
 181
 182 if ($_REQUEST['do'] == 'edit')
 183 {
 184         if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid'])))
 185         {
 186                 $message->errorPermission();
 187         }
 188
 189         $comment['posttime'] = $datef->format(bugdar::$options['dateformat'], $comment['dateline']);
 190         if ($comment['userid'])
 191         {
 192                 $commenter = new UserAPI();
 193                 $commenter->set('userid', $comment['userid']);
 194                 $commenter->fetch();
 195                 $commenter = $commenter->record;
 196         }
 197         $comment['postby'] = construct_user_display($commenter);
 198         $comment['comment'] = $input->sanitize($comment['comment']);
 199         $show['hide'] = ($bug['initialreport'] != $comment['commentid']);
 200
 201         $tpl = new BSTemplate('editcomment');
 202         $tpl->vars = array(
 203                 'comment'       => $comment,
 204                 'bug'           => $bug
 205         );
 206         $tpl->evaluate()->flush();
 207 }
 208
 209 /*=====================================================================*\
 210 || ###################################################################
 211 || # $HeadURL$
 212 || # $Id$
 213 || ###################################################################
 214 \*=====================================================================*/
 215 ?>