]> src.bluestatic.org Git - bugdar.git/blob - newcomment.php
https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r35: Presentation code moved out of PHP files and into templates. Error and stop...
[bugdar.git] / newcomment.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # Renapsus [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # All parts of this file are ©2003-[#]year[#] Iris Studios, Inc. No # ||
7 || # part of this file may be reproduced in any way: part or whole. # ||
8 || # --------------------------------------------------------------- # ||
9 || # ©2003 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 $fetchtemplates = array(
14 'newcomment'
15 );
16
17 require_once('./global.php');
18
19 if (!can_perform('canpostcomments'))
20 {
21 echo 'no permission';
22 exit;
23 }
24
25 // ###################################################################
26
27 if (empty($_REQUEST['do']))
28 {
29 $_REQUEST['do'] = 'add';
30 }
31
32 // ###################################################################
33
34 if ($_POST['do'] == 'insert')
35 {
36 sanitize(array('bugid' => INT, 'comment' => STR));
37
38 $vars['comment_parsed'] = $vars['comment'];
39
40 if (!$bugsys->options['allowhtml'])
41 {
42 $vars['comment_parsed'] = htmlspecialcharslike($vars['comment_parsed']);
43 }
44
45 $time = time();
46
47 $DB_sql->query("
48 INSERT INTO " . TABLE_PREFIX . "comment
49 (bugid, userid, dateline, comment, comment_parsed)
50 VALUES
51 ($vars[bugid], " . $bugsys->userinfo['userid'] . ",
52 $time, '" . addslasheslike($vars['comment']) . "',
53 '" . addslasheslike(nl2br($vars['comment_parsed'])) . "'
54 )"
55 );
56
57 $DB_sql->query("UPDATE " . TABLE_PREFIX . "bug SET lastposttime = $time, lastpostby = " . $bugsys->userinfo['userid'] . " WHERE bugid = $vars[bugid]");
58
59 echo "<a href=\"showreport.php?bugid=$vars[bugid]\">comment inserted</a>";
60 }
61
62 // ###################################################################
63
64 if ($_REQUEST['do'] == 'add')
65 {
66 sanitize(array('bugid' => INT));
67
68 $bug = $DB_sql->query_first("SELECT bug.*, comment.comment FROM " . TABLE_PREFIX . "bug LEFT JOIN " . TABLE_PREFIX . "comment AS comment ON (bug.bugid = comment.bugid) WHERE bug.bugid = $vars[bugid]");
69 if (!$bug)
70 {
71 echo 'alert: bad bug';
72 exit;
73 }
74
75 eval('$tpl->flush("' . $tpl->fetch('newcomment') . '");');
76 }
77
78 /*=====================================================================*\
79 || ###################################################################
80 || # $HeadURL$
81 || # $Id$
82 || ###################################################################
83 \*=====================================================================*/
84 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.