set('commentid', $input->in['commentid']); $commentapi->fetch(); $comment = &$commentapi->record; $bug = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]"); if (!check_bug_permissions($bug)) { $message->errorPermission(); } // ################################################################### if (empty($_REQUEST['do'])) { $_REQUEST['do'] = 'edit'; } // ################################################################### if ($_POST['do'] == 'kill') { if (!can_perform('candeletedata', $bug['product'])) { $message->errorPermission(); } // get the last post (as in prior to deletion) $lastpost = $db->queryFirst("SELECT commentid FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline DESC"); $commentapi->remove(); // check to see if we need to rebuild the lastpost information if ($lastpost['commentid'] == $comment['commentid']) { $lastgoodpublic = $db->queryFirst(" SELECT comment.* AS comment, user.displayname AS username FROM " . TABLE_PREFIX . "comment AS comment LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = comment.userid) WHERE bugid = $bug[bugid] AND !hidden ORDER BY dateline DESC "); $lastgoodprivate = $db->queryFirst(" SELECT comment.* AS comment, user.displayname AS username FROM " . TABLE_PREFIX . "comment AS comment LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = comment.userid) WHERE bugid = $bug[bugid] ORDER BY dateline DESC "); $db->query(" UPDATE " . TABLE_PREFIX . "bug SET hiddenlastposttime = $lastgoodpublic[dateline], hiddenlastpostby = $lastgoodpublic[userid], hiddenlastpostbyname = '" . $db->escapeString($lastgoodpublic['username']) . "', lastposttime = $lastgoodprivate[dateline], lastpostby = $lastgoodprivate[userid], lastpostbyname = '" . $db->escapeString($lastgoodprivate['username']) . "' WHERE bugid = $bug[bugid]" ); } $message->redirect(T('The comment has been deleted. You will be redirected back to the bug.'), 'showreport.php?bugid=' . $bug['bugid']); } // ################################################################### if ($_REQUEST['do'] == 'delete') { if (!can_perform('candeletedata', $bug['product'])) { $message->errorPermission(); } if ($bug['initialreport'] == $comment['commentid']) { $message->error(T('You cannot delete this comment because it is attached to the bug as the first comment. You have to delete the entire bug instead (which is not recommended unless it is spam).')); } $message->confirm(T('Are you sure you want to delete this comment? After you do so, the data will be lost forever. We recommend only deleting spam comments and nothing else.'), 'editcomment.php', 'kill', T('Delete Comment'), 'showreport.php?bugid=' . $bug['bugid'], array('commentid' => $comment['commentid'])); } // ################################################################### if ($_POST['do'] == 'update') { if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid']))) { $message->errorPermission(); } $commentapi->set('comment', $input->in['comment']); $commentapi->set('parselinks', $input->in['parselinks']); $commentapi->set('hidden', $input->in['hidden']); if ($input->in['commentid'] == $bug['initialreport'] AND $input->in['hidden']) { $message->addError(T('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.')); } if (!$message->hasErrors()) { $commentapi->update(); // setup logging require_once('./includes/class_logging.php'); $log = new Logging; $log->setBugId($bug['bugid']); $log->setCommentId($comment['commentid']); $log->addData(true, $commentapi->record, array('comment', 'hidden'), false, 'comment'); $log->addData(false, $commentapi->values, array('comment', 'hidden'), false, 'comment'); $lastgood = $db->queryFirst(" SELECT comment.* AS comment, user.displayname AS username FROM " . TABLE_PREFIX . "comment AS comment LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = comment.userid) WHERE bugid = $bug[bugid] AND !hidden ORDER BY dateline DESC "); $db->query(" UPDATE " . TABLE_PREFIX . "bug SET hiddenlastposttime = $lastgood[dateline], hiddenlastpostby = $lastgood[userid], hiddenlastpostbyname = '" . $db->escapeString($lastgood['username']) . "' WHERE bugid = $bug[bugid]" ); $log->updateHistory(); $message->redirect(T('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]"); } else { $show['errors'] = true; $_REQUEST['do'] = 'edit'; $comment['comment'] = $input->in['comment']; $comment['hidden'] = $input->in['hidden']; } } // ################################################################### if ($_REQUEST['do'] == 'edit') { if (!((can_perform('caneditownreply', $bug['product']) AND bugdar::$userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['product']) AND bugdar::$userinfo['userid'] != $comment['userid']))) { $message->errorPermission(); } $comment['posttime'] = $datef->format(bugdar::$options['dateformat'], $comment['dateline']); if ($comment['userid']) { $commenter = new UserAPI(); $commenter->set('userid', $comment['userid']); $commenter->fetch(); $commenter = $commenter->record; } $comment['postby'] = construct_user_display($commenter); $comment['comment'] = $input->sanitize($comment['comment']); $show['hide'] = ($bug['initialreport'] != $comment['commentid']); $tpl = new BSTemplate('editcomment'); $tpl->vars = array( 'comment' => $comment, 'bug' => $bug ); $tpl->evaluate()->flush(); } ?>