2 /*=====================================================================*\
3 || ################################################################### ||
4 || # Renapsus [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # All parts of this file are ©2003-[#]year[#] Iris Studios, Inc. No # ||
7 || # part of this file may be reproduced in any way: part or whole. # ||
8 || # --------------------------------------------------------------- # ||
9 || # ©2003 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com # ||
10 || ################################################################### ||
11 \*=====================================================================*/
13 require_once('./global.php');
15 if (!can_perform('canpostcomments'))
21 // ###################################################################
23 if (empty($_REQUEST['do']))
25 $_REQUEST['do'] = 'add';
28 // ###################################################################
30 if ($_POST['do'] == 'insert')
32 sanitize(array('bugid' => INT, 'comment' => STR
));
34 $vars['comment_parsed'] = $vars['comment'];
36 if (!$bugsys->options
['allowhtml'])
38 $vars['comment_parsed'] = htmlspecialcharslike($vars['comment_parsed']);
44 INSERT INTO " . TABLE_PREFIX
. "comment
45 (bugid, userid, dateline, comment, comment_parsed)
47 ($vars[bugid], " . $bugsys->userinfo
['userid'] . ",
48 $time, '" . addslasheslike($vars['comment']) . "',
49 '" . addslasheslike(nl2br($vars['comment_parsed'])) . "'
53 $DB_sql->query("UPDATE " . TABLE_PREFIX
. "bug SET lastposttime = $time, lastpostby = " . $bugsys->userinfo
['userid'] . " WHERE bugid = $vars[bugid]");
55 echo "<a href=\"showreport.php?bugid=$vars[bugid]\">comment inserted</a>";
58 // ###################################################################
60 if ($_REQUEST['do'] == 'add')
62 sanitize(array('bugid' => INT));
64 $bug = $DB_sql->query_first("SELECT bug.*, comment.comment FROM " . TABLE_PREFIX
. "bug LEFT JOIN " . TABLE_PREFIX
. "comment AS comment ON (bug.bugid = comment.bugid) WHERE bug.bugid = $vars[bugid]");
67 echo 'alert: bad bug';
71 echo "<div><strong>New comment for:</strong> <em>$bug[summary]</em></div>";
72 echo '<form name="newcomment" method="post" action="newcomment.php"><input type="hidden" name="do" value="insert" /><input type="hidden" name="bugid" value="' . $bug['bugid'] . '" />';
73 echo '<div><strong>Comment:</strong></div><textarea name="comment" cols="100" rows="35"></textarea>';
74 echo '<div><input type="submit" name="submit" value="Add Comment" /></form>';
76 echo '<br /><br /><table border="1" cellspacing="2" cellpadding="4" width="100%"><tr style="background-color:#EEEEEE"><td><strong>Summary Report:</strong> ' . $bug['summary'] . '</td></tr>';
77 echo '<tr><td>' . $bug['comment'] . '</td></tr></table>';
80 /*=====================================================================*\
81 || ###################################################################
84 || ###################################################################
85 \*=====================================================================*/