editcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ################################################################### ||
   4 || # BugStrike [#]version[#]
   5 || # --------------------------------------------------------------- # ||
   6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
   7 || # This file may not be reproduced in any way without permission.  # ||
   8 || # --------------------------------------------------------------- # ||
   9 || # User License Agreement at http://www.iris-studios.com/license/  # ||
  10 || ################################################################### ||
  11 \*=====================================================================*/
  12
  13 $fetchtemplates = array(
  14         'editcomment'
  15 );
  16
  17 define('SVN', '$Id$');
  18
  19 $focus['showreport'] = 'focus';
  20
  21 require_once('./global.php');
  22
  23 $comment = $db->query_first("
  24         SELECT comment.*, user.email, user.showemail, user.displayname
  25         FROM " . TABLE_PREFIX . "comment AS comment
  26         LEFT JOIN " . TABLE_PREFIX . "user AS user
  27                 ON (comment.userid = user.userid)
  28         WHERE comment.commentid = " . intval($bugsys->in['commentid'])
  29 );
  30
  31 if (!$comment)
  32 {
  33         $message->error($lang->getlex('error_invalid_id'));
  34 }
  35
  36 $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
  37
  38 if (!((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')))
  39 {
  40         $message->error_permission();
  41 }
  42
  43 if ($bug['hidden'] AND !can_perform('canviewhidden'))
  44 {
  45         $message->error_permissison();
  46 }
  47
  48 // ###################################################################
  49
  50 if (empty($_REQUEST['do']))
  51 {
  52         $_REQUEST['do'] = 'edit';
  53 }
  54
  55 // ###################################################################
  56
  57 if ($_POST['do'] == 'update')
  58 {
  59         if (!$bugsys->in['comment'])
  60         {
  61                 $message->error($lang->string('You need to enter text into the comment field'));
  62         }
  63
  64         if ($bugsys->in['commentid'] == $bug['initialreport'] AND $bugsys->in['hidden'])
  65         {
  66                 $message->error($lang->string('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.'));
  67         }
  68
  69         $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
  70
  71         if (!$bugsys->options['allowhtml'])
  72         {
  73                 $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
  74         }
  75
  76         $db->query("
  77                 UPDATE " . TABLE_PREFIX . "comment
  78                 SET comment = '" . $bugsys->in['comment'] . "',
  79                         comment_parsed = '" . nl2br($bugsys->in['comment_parsed']) . "',
  80                         hidden = " . intval($bugsys->in['hidden']) . "
  81                 WHERE commentid = $comment[commentid]"
  82         );
  83
  84         // setup logging
  85         require_once('./includes/class_history.php');
  86         $log = new History();
  87         $log->bugid = $bug['bugid'];
  88         $log->commentid = $comment['commentid'];
  89         $log->log($log->diff('text', $comment['comment_parsed'], $bugsys->in['comment_parsed']));
  90         $log->log($log->diff('hidden', $comment['hidden'], intval($bugsys->in['hidden'])));
  91
  92         $lastgood = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] AND !hidden ORDER BY dateline DESC");
  93         $db->query("
  94                 UPDATE " . TABLE_PREFIX . "bug
  95                 SET hiddenlastposttime = $lastgood[dateline],
  96                         hiddenlastpostby = $lastgood[userid]
  97                 WHERE bugid = $bug[bugid]"
  98         );
  99
 100         $message->redirect($lang->string('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]");
 101 }
 102
 103 // ###################################################################
 104
 105 if ($_REQUEST['do'] == 'edit')
 106 {
 107         $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
 108         $comment['postby'] = construct_user_display($comment);
 109         $comment['comment'] = $bugsys->sanitize($comment['comment']);
 110         $show['hide'] = ($bug['initialreport'] != $comment['commentid'] ? true : false);
 111         eval('$template->flush("' . $template->fetch('editcomment') . '");');
 112 }
 113
 114 /*=====================================================================*\
 115 || ###################################################################
 116 || # $HeadURL$
 117 || # $Id$
 118 || ###################################################################
 119 \*=====================================================================*/
 120 ?>