newcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ################################################################### ||
   4 || # Bugdar [#]version[#]
   5 || # --------------------------------------------------------------- # ||
   6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
   7 || # This file may not be reproduced in any way without permission.  # ||
   8 || # --------------------------------------------------------------- # ||
   9 || # User License Agreement at http://www.iris-studios.com/license/  # ||
  10 || ################################################################### ||
  11 \*=====================================================================*/
  12
  13 define('SVN', '$Id$');
  14
  15 require_once('./global.php');
  16
  17 $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid']));
  18 if (!$bug)
  19 {
  20         $message->error($lang->getlex('error_invalid_id'));
  21 }
  22
  23 if (!can_perform('canpostcomments', $bug['productid']))
  24 {
  25         $message->error_permission();
  26 }
  27
  28 // ###################################################################
  29
  30 if ($_POST['do'] == 'insert')
  31 {
  32         $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
  33
  34         if (!$bugsys->options['allowhtml'])
  35         {
  36                 $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
  37         }
  38
  39         $time = TIMENOW;
  40
  41         $db->query("
  42                 INSERT INTO " . TABLE_PREFIX . "comment
  43                         (bugid, userid, dateline, comment, comment_parsed)
  44                 VALUES
  45                         (" . intval($bugsys->in['bugid']) . ", " . $bugsys->userinfo['userid'] . ",
  46                         $time, '" . $bugsys->in['comment'] . "',
  47                         '" . nl2br($bugsys->in['comment_parsed']) . "'
  48                 )"
  49         );
  50
  51         $commentid = $db->insert_id();
  52
  53         $db->query("
  54                 UPDATE " . TABLE_PREFIX . "bug
  55                 SET lastposttime = $time,
  56                         lastpostby = " . $bugsys->userinfo['userid'] . ",
  57                         hiddenlastposttime = $time,
  58                         hiddenlastpostby = " . $bugsys->userinfo['userid'] . "
  59                 WHERE bugid = " . intval($bugsys->in['bugid'])
  60         );
  61
  62         $message->redirect($lang->string('Your reply has been added to the comment list.'), "showreport.php?bugid=" . intval($bugsys->in['bugid']));
  63 }
  64
  65 /*=====================================================================*\
  66 || ###################################################################
  67 || # $HeadURL$
  68 || # $Id$
  69 || ###################################################################
  70 \*=====================================================================*/
  71 ?>