newcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ################################################################### ||
   4 || # BugStrike [#]version[#]
   5 || # --------------------------------------------------------------- # ||
   6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
   7 || # This file may not be reproduced in any way without permission.  # ||
   8 || # --------------------------------------------------------------- # ||
   9 || # User License Agreement at http://www.iris-studios.com/license/  # ||
  10 || ################################################################### ||
  11 \*=====================================================================*/
  12
  13 $fetchtemplates = array(
  14         'newcomment'
  15 );
  16
  17 require_once('./global.php');
  18
  19 if (!can_perform('canpostcomments'))
  20 {
  21         $message->error_permission();
  22 }
  23
  24 // ###################################################################
  25
  26 if (empty($_REQUEST['do']))
  27 {
  28         $_REQUEST['do'] = 'add';
  29 }
  30
  31 // ###################################################################
  32
  33 if ($_POST['do'] == 'insert')
  34 {
  35         $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
  36
  37         if (!$bugsys->options['allowhtml'])
  38         {
  39                 $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
  40         }
  41
  42         $time = time();
  43
  44         $db->query("
  45                 INSERT INTO " . TABLE_PREFIX . "comment
  46                         (bugid, userid, dateline, comment, comment_parsed)
  47                 VALUES
  48                         (" . intval($bugsys->in['bugid']) . ", " . $bugsys->userinfo['userid'] . ",
  49                         $time, '" . $bugsys->in['comment'] . "',
  50                         '" . nl2br($bugsys->in['comment_parsed']) . "'
  51                 )"
  52         );
  53
  54         $commentid = $db->insert_id();
  55
  56         $db->query("
  57                 UPDATE " . TABLE_PREFIX . "bug
  58                 SET lastposttime = $time,
  59                         lastpostby = " . $bugsys->userinfo['userid'] . ",
  60                         hiddenlastposttime = $time,
  61                         hiddenlastpostby = " . $bugsys->userinfo['userid'] . "
  62                 WHERE bugid = " . intval($bugsys->in['bugid'])
  63         );
  64
  65         // setup logging
  66         require_once('./includes/class_history.php');
  67         $log = new History();
  68         $log->bugid = $bugsys->in['bugid'];
  69         $log->language = 'log_new_comment';
  70         $log->arguments = array($commentid);
  71         $log->log();
  72
  73         $message->redirect('comment inesrted', "showreport.php?bugid=" . intval($bugsys->in['bugid']));
  74 }
  75
  76 // ###################################################################
  77
  78 if ($_REQUEST['do'] == 'add')
  79 {
  80         $bug = $db->query_first("SELECT bug.*, comment.comment FROM " . TABLE_PREFIX . "bug LEFT JOIN " . TABLE_PREFIX . "comment AS comment ON (bug.bugid = comment.bugid) WHERE bug.bugid = " . intval($bugsys->in['bugid']));
  81         if (!$bug)
  82         {
  83                 $message->error('alert: bad bug');
  84         }
  85
  86         eval('$template->flush("' . $template->fetch('newcomment') . '");');
  87 }
  88
  89 /*=====================================================================*\
  90 || ###################################################################
  91 || # $HeadURL$
  92 || # $Id$
  93 || ###################################################################
  94 \*=====================================================================*/
  95 ?>