editcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar [#]version[#]
   5 || # Copyright ©2002-[#]year[#] Blue Static
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version [#]gpl[#] of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 $fetchtemplates = array(
  23         'editcomment'
  24 );
  25
  26 define('SVN', '$Id$');
  27
  28 $focus['showreport'] = 'focus';
  29
  30 require_once('./global.php');
  31 require_once('./includes/api_comment.php');
  32
  33 require_once('./includes/class_api_error.php');
  34 APIError(array(new API_Error_Handler($message), 'user_cumulative'));
  35
  36 $commentapi = new CommentAPI($bugsys);
  37 $commentapi->set('commentid',   $bugsys->in['commentid']);
  38 $commentapi->set_condition();
  39 $commentapi->fetch();
  40
  41 $comment =& $commentapi->objdata;
  42
  43 $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
  44
  45 if (!check_bug_permissions($bug))
  46 {
  47         $message->error_permission();
  48 }
  49
  50 // ###################################################################
  51
  52 if (empty($_REQUEST['do']))
  53 {
  54         $_REQUEST['do'] = 'edit';
  55 }
  56
  57 // ###################################################################
  58
  59 if ($_POST['do'] == 'kill')
  60 {
  61         if (!can_perform('candeletedata', $bug['product']))
  62         {
  63                 $message->error_permission();
  64         }
  65
  66         // get the last post (as in prior to deletion)
  67         $lastpost = $db->query_first("SELECT commentid FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline DESC");
  68
  69         $commentapi->delete();
  70
  71         // check to see if we need to rebuild the lastpost information
  72         if ($lastpost['commentid'] == $comment['commentid'])
  73         {
  74                 $lastgoodpublic = $db->query_first("
  75                         SELECT comment.* AS comment, user.displayname AS username
  76                         FROM " . TABLE_PREFIX . "comment AS comment
  77                         LEFT JOIN " . TABLE_PREFIX . "user AS user
  78                                 ON (user.userid = comment.userid)
  79                         WHERE bugid = $bug[bugid]
  80                                 AND !hidden ORDER BY dateline DESC
  81                 ");
  82                 $lastgoodprivate = $db->query_first("
  83                         SELECT comment.* AS comment, user.displayname AS username
  84                         FROM " . TABLE_PREFIX . "comment AS comment
  85                         LEFT JOIN " . TABLE_PREFIX . "user AS user
  86                                 ON (user.userid = comment.userid)
  87                         WHERE bugid = $bug[bugid]
  88                         ORDER BY dateline DESC
  89                 ");
  90                 $db->query("
  91                         UPDATE " . TABLE_PREFIX . "bug
  92                         SET hiddenlastposttime = $lastgoodpublic[dateline],
  93                                 hiddenlastpostby = $lastgoodpublic[userid],
  94                                 hiddenlastpostbyname = '" . $db->escape_string($lastgoodpublic['username']) . "',
  95                                 lastposttime = $lastgoodprivate[dateline],
  96                                 lastpostby = $lastgoodprivate[userid],
  97                                 lastpostbyname = '" . $db->escape_string($lastgoodprivate['username']) . "'
  98                         WHERE bugid = $bug[bugid]"
  99                 );
 100         }
 101
 102         $message->redirect(_('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
 103 }
 104
 105 // ###################################################################
 106
 107 if ($_REQUEST['do'] == 'delete')
 108 {
 109         if (!can_perform('candeletedata', $bug['product']))
 110         {
 111                 $message->error_permission();
 112         }
 113
 114         if ($bug['initialreport'] == $comment['commentid'])
 115         {
 116                 $message->error(_('You cannot delete this comment because it is attached to the bug as the first comment. You have to delete the entire bug instead (which is not recommended unless it is spam).'));
 117         }
 118
 119         $message->confirm(_('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', _('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
 120 }
 121
 122 // ###################################################################
 123
 124 if ($_POST['do'] == 'update')
 125 {
 126         if (!((can_perform('caneditownreply', $bug['product']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
 127         {
 128                 $message->error_permission();
 129         }
 130
 131         $commentapi->set('comment',     $bugsys->in['comment']);
 132         $commentapi->set('hidden',      $bugsys->in['hidden']);
 133
 134         if ($bugsys->in['commentid'] == $bug['initialreport'] AND $bugsys->in['hidden'])
 135         {
 136                 $message->add_error(_('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
 137         }
 138
 139         if (!$message->items)
 140         {
 141                 $commentapi->update();
 142
 143                 // setup logging
 144                 require_once('./includes/class_logging.php');
 145                 $log = new Logging;
 146                 $log->set_bugid($bug['bugid']);
 147                 $log->set_commentid($comment['commentid']);
 148
 149                 $log->add_data(true, $commentapi->objdata, array('comment', 'hidden'), false, 'comment');
 150                 $log->add_data(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
 151
 152                 $lastgood = $db->query_first("
 153                         SELECT comment.* AS comment, user.displayname AS username
 154                         FROM " . TABLE_PREFIX . "comment AS comment
 155                         LEFT JOIN " . TABLE_PREFIX . "user AS user
 156                                 ON (user.userid = comment.userid)
 157                         WHERE bugid = $bug[bugid]
 158                                 AND !hidden ORDER BY dateline DESC
 159                 ");
 160                 $db->query("
 161                         UPDATE " . TABLE_PREFIX . "bug
 162                         SET hiddenlastposttime = $lastgood[dateline],
 163                                 hiddenlastpostby = $lastgood[userid],
 164                                 hiddenlastpostbyname = '" . $db->escape_string($lastgood['username']) . "'
 165                         WHERE bugid = $bug[bugid]"
 166                 );
 167
 168                 $log->update_history();
 169
 170                 $message->redirect(_('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
 171         }
 172         else
 173         {
 174                 $show['errors'] = true;
 175                 $_REQUEST['do'] = 'edit';
 176                 $message->error_list_process();
 177                 $comment['comment'] = $bugsys->in['comment'];
 178                 $comment['hidden'] = $bugsys->in['hidden'];
 179         }
 180 }
 181
 182 // ###################################################################
 183
 184 if ($_REQUEST['do'] == 'edit')
 185 {
 186         if (!((can_perform('caneditownreply', $bug['product']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
 187         {
 188                 $message->error_permission();
 189         }
 190
 191         $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
 192         $comment['postby'] = construct_user_display($commentapi->relations['userid']->objdata);
 193         $comment['comment'] = $bugsys->sanitize($comment['comment']);
 194         $show['hide'] = ($bug['initialreport'] != $comment['commentid'] ? true : false);
 195         eval('$template->flush("' . $template->fetch('editcomment') . '");');
 196 }
 197
 198 /*=====================================================================*\
 199 || ###################################################################
 200 || # $HeadURL$
 201 || # $Id$
 202 || ###################################################################
 203 \*=====================================================================*/
 204 ?>