newcomment.php

   1 <?php
   2 /*=====================================================================*\
   3 || ################################################################### ||
   4 || # BugStrike [#]version[#]
   5 || # --------------------------------------------------------------- # ||
   6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
   7 || # This file may not be reproduced in any way without permission.  # ||
   8 || # --------------------------------------------------------------- # ||
   9 || # User License Agreement at http://www.iris-studios.com/license/  # ||
  10 || ################################################################### ||
  11 \*=====================================================================*/
  12
  13 $fetchtemplates = array(
  14         'newcomment'
  15 );
  16
  17 require_once('./global.php');
  18
  19 if (!can_perform('canpostcomments'))
  20 {
  21         echo 'no permission';
  22         exit;
  23 }
  24
  25 // ###################################################################
  26
  27 if (empty($_REQUEST['do']))
  28 {
  29         $_REQUEST['do'] = 'add';
  30 }
  31
  32 // ###################################################################
  33
  34 if ($_POST['do'] == 'insert')
  35 {
  36         $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
  37
  38         if (!$bugsys->options['allowhtml'])
  39         {
  40                 $vars['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
  41         }
  42
  43         $time = time();
  44
  45         $db->query("
  46                 INSERT INTO " . TABLE_PREFIX . "comment
  47                         (bugid, userid, dateline, comment, comment_parsed)
  48                 VALUES
  49                         ($vars[bugid], " . $bugsys->userinfo['userid'] . ",
  50                         $time, '" . $bugsys->in['comment'] . "',
  51                         '" . nl2br($bugsys->in['comment_parsed']) . "'
  52                 )"
  53         );
  54
  55         $db->query("UPDATE " . TABLE_PREFIX . "bug SET lastposttime = $time, lastpostby = " . $bugsys->userinfo['userid'] . " WHERE bugid = " . intval($bugsys->in['bugid']));
  56
  57         echo "<a href=\"showreport.php?bugid=" . intval($bugsys->in['bugid']) . "\">comment inserted</a>";
  58 }
  59
  60 // ###################################################################
  61
  62 if ($_REQUEST['do'] == 'add')
  63 {
  64         $bug = $db->query_first("SELECT bug.*, comment.comment FROM " . TABLE_PREFIX . "bug LEFT JOIN " . TABLE_PREFIX . "comment AS comment ON (bug.bugid = comment.bugid) WHERE bug.bugid = " . intval($bugsys->in['bugid']));
  65         if (!$bug)
  66         {
  67                 echo 'alert: bad bug';
  68                 exit;
  69         }
  70
  71         eval('$template->flush("' . $template->fetch('newcomment') . '");');
  72 }
  73
  74 /*=====================================================================*\
  75 || ###################################################################
  76 || # $HeadURL$
  77 || # $Id$
  78 || ###################################################################
  79 \*=====================================================================*/
  80 ?>