query_first(" SELECT comment.*, user.email, user.showemail, user.displayname FROM " . TABLE_PREFIX . "comment AS comment LEFT JOIN " . TABLE_PREFIX . "user AS user ON (comment.userid = user.userid) WHERE comment.commentid = " . intval($bugsys->in['commentid']) ); if (!$comment) { $message->error($lang->getlex('error_invalid_id')); } $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]"); if (!((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid']))) { $message->error_permission(); } if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid'])) { $message->error_permissison(); } // ################################################################### if (empty($_REQUEST['do'])) { $_REQUEST['do'] = 'edit'; } // ################################################################### if ($_POST['do'] == 'update') { if (!$bugsys->in['comment']) { $message->error($lang->string('You need to enter text into the comment field')); } if ($bugsys->in['commentid'] == $bug['initialreport'] AND $bugsys->in['hidden']) { $message->error($lang->string('You cannot hide the first comment/initial report of a bug. Instead, hide the entire bug.')); } $bugsys->in['comment_parsed'] = $bugsys->in['comment']; if (!$bugsys->options['allowhtml']) { $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']); } $db->query(" UPDATE " . TABLE_PREFIX . "comment SET comment = '" . $bugsys->in['comment'] . "', comment_parsed = '" . nl2br($bugsys->in['comment_parsed']) . "', hidden = " . intval($bugsys->in['hidden']) . " WHERE commentid = $comment[commentid]" ); // setup logging require_once('./includes/class_history.php'); $log = new History(); $log->bugid = $bug['bugid']; $log->commentid = $comment['commentid']; $log->log($log->diff('comment ' . $comment['commentid'] . ' text', $comment['comment_parsed'], nl2br($bugsys->in['comment_parsed']))); $log->log($log->diff('comment ' . $comment['commentid'] . ' hidden', $comment['hidden'], intval($bugsys->in['hidden']))); $lastgood = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] AND !hidden ORDER BY dateline DESC"); $db->query(" UPDATE " . TABLE_PREFIX . "bug SET hiddenlastposttime = $lastgood[dateline], hiddenlastpostby = $lastgood[userid] WHERE bugid = $bug[bugid]" ); $message->redirect($lang->string('The comment was modified successfully.'), "showreport.php?bugid=$bug[bugid]"); } // ################################################################### if ($_REQUEST['do'] == 'edit') { $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']); $comment['postby'] = construct_user_display($comment); $comment['comment'] = $bugsys->sanitize($comment['comment']); $show['hide'] = ($bug['initialreport'] != $comment['commentid'] ? true : false); eval('$template->flush("' . $template->fetch('editcomment') . '");'); } /*=====================================================================*\ || ################################################################### || # $HeadURL$ || # $Id$ || ################################################################### \*=====================================================================*/ ?>