editcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar [#]version[#]
   5 || # Copyright ©2002-[#]year[#] Iris Studios, Inc.
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version [#]gpl[#] of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 $fetchtemplates = array(
  23         'editcomment'
  24 );
  25
  26 define('SVN', '$Id$');
  27
  28 $focus['showreport'] = 'focus';
  29
  30 require_once('./global.php');
  31 require_once('./includes/api_comment.php');
  32
  33 require_once('./includes/class_api_error.php');
  34 APIError(array(new API_Error_Handler($message), 'user_cumulative'));
  35
  36 $commentapi = new CommentAPI($bugsys);
  37 $commentapi->set('commentid',   $bugsys->in['commentid']);
  38 $commentapi->set_condition();
  39 $commentapi->fetch();
  40
  41 $comment =& $commentapi->objdata;
  42
  43 $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
  44
  45 if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
  46 {
  47         $message->error_permissison();
  48 }
  49
  50 // ###################################################################
  51
  52 if (empty($_REQUEST['do']))
  53 {
  54         $_REQUEST['do'] = 'edit';
  55 }
  56
  57 // ###################################################################
  58
  59 if ($_POST['do'] == 'kill')
  60 {
  61         if (!can_perform('candeletedata', $bug['productid']))
  62         {
  63                 $message->error_permission();
  64         }
  65
  66         $commentapi->delete();
  67
  68         $message->redirect($lang->string('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
  69 }
  70
  71 // ###################################################################
  72
  73 if ($_REQUEST['do'] == 'delete')
  74 {
  75         if (!can_perform('candeletedata', $bug['productid']))
  76         {
  77                 $message->error_permission();
  78         }
  79
  80         if ($bug['initialreport'] == $comment['commentid'])
  81         {
  82                 $messsage->error($lang->string('You cannot delete this comment because it is attached to the bug as the first comment. You have to delete the entire bug instead (which is not recommended unless it is spam).'));
  83         }
  84
  85         $message->confirm($lang->string('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', $lang->string('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
  86 }
  87
  88 // ###################################################################
  89
  90 if ($_POST['do'] == 'update')
  91 {
  92         if (!((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
  93         {
  94                 $message->error_permission();
  95         }
  96
  97         $commentapi->set('comment',     $bugsys->in['comment']);
  98         $commentapi->set('hidden',      $bugsys->in['hidden']);
  99
 100         if ($bugsys->in['commentid'] == $bug['initialreport'] AND $bugsys->in['hidden'])
 101         {
 102                 $message->add_error($lang->string('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
 103         }
 104
 105         if (!$message->items)
 106         {
 107                 $commentapi->update();
 108
 109                 // setup logging
 110                 require_once('./includes/class_logging.php');
 111                 $log = new Logging;
 112                 $log->set_bugid($bug['bugid']);
 113                 $log->set_commentid($comment['commentid']);
 114
 115                 $log->add_data(true, $commentapi->objdata, array('comment', 'hidden'), false, 'comment');
 116                 $log->add_data(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
 117
 118                 $lastgood = $db->query_first("
 119                         SELECT comment.* AS comment, user.displayname AS username
 120                         FROM " . TABLE_PREFIX . "comment
 121                         LEFT JOIN " . TABLE_PREFIX . "user AS user
 122                                 ON (user.userid = comment.userid)
 123                         WHERE bugid = $bug[bugid]
 124                                 AND !hidden ORDER BY dateline DESC
 125                 ");
 126                 $db->query("
 127                         UPDATE " . TABLE_PREFIX . "bug
 128                         SET hiddenlastposttime = $lastgood[dateline],
 129                                 hiddenlastpostby = $lastgood[userid],
 130                                 hiddenlastpostbyname = '" . $db->escape_string($lastgood['username']) . "'
 131                         WHERE bugid = $bug[bugid]"
 132                 );
 133
 134                 $log->update_history();
 135
 136                 $message->redirect($lang->string('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
 137         }
 138         else
 139         {
 140                 $show['errors'] = true;
 141                 $_REQUEST['do'] = 'edit';
 142                 $message->error_list_process();
 143                 $comment['comment'] = $bugsys->in['comment'];
 144                 $comment['hidden'] = $bugsys->in['hidden'];
 145         }
 146 }
 147
 148 // ###################################################################
 149
 150 if ($_REQUEST['do'] == 'edit')
 151 {
 152         if (!((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
 153         {
 154                 $message->error_permission();
 155         }
 156
 157         $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
 158         $comment['postby'] = construct_user_display($commentapi->relations['userid']->objdata);
 159         $comment['comment'] = $bugsys->sanitize($comment['comment']);
 160         $show['hide'] = ($bug['initialreport'] != $comment['commentid'] ? true : false);
 161         eval('$template->flush("' . $template->fetch('editcomment') . '");');
 162 }
 163
 164 /*=====================================================================*\
 165 || ###################################################################
 166 || # $HeadURL$
 167 || # $Id$
 168 || ###################################################################
 169 \*=====================================================================*/
 170 ?>