editcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ###################################################################
   4 || # Bugdar [#]version[#]
   5 || # Copyright ©2002-[#]year[#] Iris Studios, Inc.
   6 || #
   7 || # This program is free software; you can redistribute it and/or modify
   8 || # it under the terms of the GNU General Public License as published by
   9 || # the Free Software Foundation; version [#]gpl[#] of the License.
  10 || #
  11 || # This program is distributed in the hope that it will be useful, but
  12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
  14 || # more details.
  15 || #
  16 || # You should have received a copy of the GNU General Public License along
  17 || # with this program; if not, write to the Free Software Foundation, Inc.,
  18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  19 || ###################################################################
  20 \*=====================================================================*/
  21
  22 $fetchtemplates = array(
  23         'editcomment'
  24 );
  25
  26 define('SVN', '$Id$');
  27
  28 $focus['showreport'] = 'focus';
  29
  30 require_once('./global.php');
  31 require_once('./includes/api_comment.php');
  32
  33 require_once('./includes/class_api_error.php');
  34 APIError(array(new API_Error_Handler($message), 'user_cumulative'));
  35
  36 $commentapi = new CommentAPI($bugsys);
  37 $commentapi->set('commentid',   $bugsys->in['commentid']);
  38 $commentapi->set_condition();
  39 $commentapi->fetch();
  40
  41 $comment =& $commentapi->objdata;
  42
  43 $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
  44
  45 if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
  46 {
  47         $message->error_permissison();
  48 }
  49
  50 // ###################################################################
  51
  52 if (empty($_REQUEST['do']))
  53 {
  54         $_REQUEST['do'] = 'edit';
  55 }
  56
  57 // ###################################################################
  58
  59 if ($_POST['do'] == 'kill')
  60 {
  61         if (!can_perform('candeletedata', $bug['productid']))
  62         {
  63                 $message->error_permission();
  64         }
  65
  66         $commentapi->delete();
  67
  68         $message->redirect($lang->string('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']);
  69 }
  70
  71 // ###################################################################
  72
  73 if ($_REQUEST['do'] == 'delete')
  74 {
  75         if (!can_perform('candeletedata', $bug['productid']))
  76         {
  77                 $message->error_permission();
  78         }
  79
  80         $message->confirm($lang->string('Are you sure you want to delete this comment? After you do so, the data <strong>will</strong> be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', $lang->string('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid']));
  81 }
  82
  83 // ###################################################################
  84
  85 if ($_POST['do'] == 'update')
  86 {
  87         if (!((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
  88         {
  89                 $message->error_permission();
  90         }
  91
  92         $commentapi->set('comment',     $bugsys->in['comment']);
  93         $commentapi->set('hidden',      $bugsys->in['hidden']);
  94
  95         if ($bugsys->in['commentid'] == $bug['initialreport'] AND $bugsys->in['hidden'])
  96         {
  97                 $message->add_error($lang->string('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
  98         }
  99
 100         if (!$message->items)
 101         {
 102                 $commentapi->update();
 103
 104                 // setup logging
 105                 require_once('./includes/class_logging.php');
 106                 $log = new Logging;
 107                 $log->set_bugid($bug['bugid']);
 108                 $log->set_commentid($comment['commentid']);
 109
 110                 $log->add_data(true, $commentapi->objdata, array('comment', 'hidden'), false, 'comment');
 111                 $log->add_data(false, $commentapi->values, array('comment', 'hidden'), false, 'comment');
 112
 113                 $lastgood = $db->query_first("
 114                         SELECT comment.* AS comment, user.displayname AS username
 115                         FROM " . TABLE_PREFIX . "comment
 116                         LEFT JOIN " . TABLE_PREFIX . "user AS user
 117                                 ON (user.userid = comment.userid)
 118                         WHERE bugid = $bug[bugid]
 119                                 AND !hidden ORDER BY dateline DESC
 120                 ");
 121                 $db->query("
 122                         UPDATE " . TABLE_PREFIX . "bug
 123                         SET hiddenlastposttime = $lastgood[dateline],
 124                                 hiddenlastpostby = $lastgood[userid],
 125                                 hiddenlastpostbyname = '" . $db->escape_string($lastgood['username']) . "'
 126                         WHERE bugid = $bug[bugid]"
 127                 );
 128
 129                 $log->update_history();
 130
 131                 $message->redirect($lang->string('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
 132         }
 133         else
 134         {
 135                 $show['errors'] = true;
 136                 $_REQUEST['do'] = 'edit';
 137                 $message->error_list_process();
 138                 $comment['comment'] = $bugsys->in['comment'];
 139                 $comment['hidden'] = $bugsys->in['hidden'];
 140         }
 141 }
 142
 143 // ###################################################################
 144
 145 if ($_REQUEST['do'] == 'edit')
 146 {
 147         if (!((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid'])))
 148         {
 149                 $message->error_permission();
 150         }
 151
 152         $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
 153         $comment['postby'] = construct_user_display($commentapi->relations['userid']->objdata);
 154         $comment['comment'] = $bugsys->sanitize($comment['comment']);
 155         $show['hide'] = ($bug['initialreport'] != $comment['commentid'] ? true : false);
 156         eval('$template->flush("' . $template->fetch('editcomment') . '");');
 157 }
 158
 159 /*=====================================================================*\
 160 || ###################################################################
 161 || # $HeadURL$
 162 || # $Id$
 163 || ###################################################################
 164 \*=====================================================================*/
 165 ?>