editcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar [#]version[#]
   5 || # Copyright ©2002-[#]year[#] Iris Studios, Inc.
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version [#]gpl[#] of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 $fetchtemplates = array(
  23         'editcomment'
  24 );
  25
  26 define('SVN', '$Id$');
  27
  28 $focus['showreport'] = 'focus';
  29
  30 require_once('./global.php');
  31 require_once('./includes/api_comment.php');
  32
  33 require_once('./includes/class_api_error.php');
  34 APIError(array(new API_Error_Handler($message), 'user_cumulative'));
  35
  36 $commentapi = new CommentAPI($bugsys);
  37 $commentapi->set('commentid',   $bugsys->in['commentid']);
  38 $commentapi->set_condition();
  39 $commentapi->fetch();
  40
  41 $comment =& $commentapi->objdata;
  42
  43 $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
  44
  45 if (!((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
  46 {
  47         $message->error_permission();
  48 }
  49
  50 if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
  51 {
  52         $message->error_permissison();
  53 }
  54
  55 // ###################################################################
  56
  57 if (empty($_REQUEST['do']))
  58 {
  59         $_REQUEST['do'] = 'edit';
  60 }
  61
  62 // ###################################################################
  63
  64 if ($_POST['do'] == 'update')
  65 {
  66         $commentapi->set('comment',     $bugsys->in['comment']);
  67         $commentapi->set('hidden',      $bugsys->in['hidden']);
  68
  69         if ($bugsys->in['commentid'] == $bug['initialreport'] AND $bugsys->in['hidden'])
  70         {
  71                 $message->add_error($lang->string('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
  72         }
  73
  74         if (!$message->items)
  75         {
  76                 $commentapi->update();
  77
  78                 // setup logging
  79                 require_once('./includes/class_logging.php');
  80                 $log = new Logging;
  81                 $log->set_bugid($bug['bugid']);
  82                 $log->set_commentid($comment['commentid']);
  83
  84                 $log->add_data(true, $commentapi->objdata, array('comment', 'hidden'), false, 'comment');
  85                 $log->add_data(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
  86
  87                 $lastgood = $db->query_first("
  88                         SELECT comment.* AS comment, user.displayname AS username
  89                         FROM " . TABLE_PREFIX . "comment
  90                         LEFT JOIN " . TABLE_PREFIX . "user AS user
  91                                 ON (user.userid = comment.userid)
  92                         WHERE bugid = $bug[bugid]
  93                                 AND !hidden ORDER BY dateline DESC
  94                 ");
  95                 $db->query("
  96                         UPDATE " . TABLE_PREFIX . "bug
  97                         SET hiddenlastposttime = $lastgood[dateline],
  98                                 hiddenlastpostby = $lastgood[userid],
  99                                 hiddenlastpostbyname = '" . $db->escape_string($lastgood['username']) . "'
 100                         WHERE bugid = $bug[bugid]"
 101                 );
 102
 103                 $log->update_history();
 104
 105                 $message->redirect($lang->string('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
 106         }
 107         else
 108         {
 109                 $show['errors'] = true;
 110                 $_REQUEST['do'] = 'edit';
 111                 $message->error_list_process();
 112                 $comment['comment'] = $bugsys->in['comment'];
 113                 $comment['hidden'] = $bugsys->in['hidden'];
 114         }
 115 }
 116
 117 // ###################################################################
 118
 119 if ($_REQUEST['do'] == 'edit')
 120 {
 121         $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
 122         $comment['postby'] = construct_user_display($commentapi->relations['userid']->objdata);
 123         $comment['comment'] = $bugsys->sanitize($comment['comment']);
 124         $show['hide'] = ($bug['initialreport'] != $comment['commentid'] ? true : false);
 125         eval('$template->flush("' . $template->fetch('editcomment') . '");');
 126 }
 127
 128 /*=====================================================================*\
 129 || ###################################################################
 130 || # $HeadURL$
 131 || # $Id$
 132 || ###################################################################
 133 \*=====================================================================*/
 134 ?>