query_first(" SELECT bug.*, user.email, user.displayname, user.showemail FROM " . TABLE_PREFIX . "bug AS bug LEFT JOIN " . TABLE_PREFIX . "user AS user ON (bug.userid = user.userid) WHERE bug.bugid = " . intval($bugsys->in['bugid']) ); if (!$bug) { echo 'alert: bad bug'; exit; } if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo'))) { echo 'no permission'; exit; } // ################################################################### if (empty($_REQUEST['do'])) { $_REQUEST['do'] = 'edit'; } // ################################################################### /* #*# do these later once we have delete permissions figured out if ($_REQUEST['do'] == 'kill') { // run code to remove item in database } // ################################################################### if ($_REQUEST['do'] == 'delete') { // display delete confirmation message }*/ // ################################################################### if ($_POST['do'] == 'update') { $pcv = parse_pcv_select($bugsys->in['pcv_select'], true); if (!$bugsys->in['summary']) { echo 'you need to enter a summary'; exit; } if (!$pcv) { echo 'invalid product/component/version'; exit; } $hist[0] = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $bug[bugid]"); $db->query(" UPDATE " . TABLE_PREFIX . "bug SET summary = '" . $bugsys->in['summary'] . "', priority = " . intval($bugsys->in['priority']) . ", status = " . intval($bugsys->in['status']) . ", resolution = " . intval($bugsys->in['resolution']) . ", assignedto = " . intval($bugsys->in['assignedto']) . ", productid = " . $pcv['product'] . ", componentid = " . $pcv['component'] . ", versionid = " . $pcv['version'] . " WHERE bugid = $bug[bugid]" ); $hist[1] = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $bug[bugid]"); $diff[0] = array_diff_assoc($hist[0], $hist[1]); $diff[1] = array_diff_assoc($hist[1], $hist[0]); log_action($bug['bugid'], 'log_update_bug', array(), $diff[0], $diff[1]); if (!$bugsys->in['firstcomment']) { echo 'you need to enter some text in the first comment'; exit; } $bugsys->in['comment_parsed'] = $bugsys->in['firstcomment']; if (!$bugsys->options['allowhtml']) { $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']); } // we could pass this as a GET param, but that's unsafe $firstcomment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline ASC LIMIT 1"); $db->query(" UPDATE " . TABLE_PREFIX . "comment SET comment = '" . $bugsys->in['firstcomment'] . "', comment_parsed = '" . nl2br($bugsys->in['comment_parsed']) . "' WHERE commentid = $firstcomment[commentid]" ); if ($bugsys->in['changeproduct']) { $_REQUEST['do'] = 'editproduct'; } else { echo "done with update bug"; } } // ################################################################### if ($_REQUEST['do'] == 'edit') { foreach ($bugsys->datastore['severity'] AS $severity) { $value = $severity['severityid']; $selected = (($severity['severityid'] == $bug['severity']) ? true : false); $label = $severity['severity']; eval('$select[severity] .= "' . $template->fetch('selectoption') . '";'); } $show['changestatus'] = ((can_perform('canchangestatus')) ? true : false); if (can_perform('canchangestatus')) { foreach ($bugsys->datastore['priority'] AS $priority) { $value = $priority['priorityid']; $selected = (($priority['priorityid'] == $bug['priority']) ? true : false); $label = $priority['priority']; eval('$select[priority] .= "' . $template->fetch('selectoption') . '";'); } foreach ($bugsys->datastore['status'] AS $status) { $value = $status['statusid']; $selected = (($status['statusid'] == $bug['status']) ? true : false); $label = $status['status']; eval('$select[status] .= "' . $template->fetch('selectoption') . '";'); } foreach ($bugsys->datastore['resolution'] AS $resolution) { $value = $resolution['resolutionid']; $selected = (($resolution['resolutionid'] == $bug['resolution']) ? true : false); $label = $resolution['resolution']; eval('$select[resolution] .= "' . $template->fetch('selectoption') . '";'); } } $show['assign'] = ((can_perform('canassign')) ? true : false); if (can_perform('canassign')) { foreach ($bugsys->datastore['assignto'] AS $dev) { $value = $dev['userid']; $selected = (($dev['userid'] == $bug['assignedto']) ? true : false); $label = construct_user_display($dev, false); eval('$select[dev] .= "' . $template->fetch('selectoption') . '";'); } } $pcv_select = construct_pcv_select("p$bug[productid]c$bug[componentid]v$bug[versionid]"); $firstcomment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline ASC LIMIT 1"); eval('$template->flush("' . $template->fetch('editreport') . '");'); } /*=====================================================================*\ || ################################################################### || # $HeadURL$ || # $Id$ || ################################################################### \*=====================================================================*/ ?>