query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid'])); if (!$bug) { $message->error($lang->getlex('error_invalid_id')); } if (!can_perform('canpostcomments', $bug['productid'])) { $message->error_permission(); } // ################################################################### if ($_POST['do'] == 'insert') { $bugsys->in['comment_parsed'] = $bugsys->in['comment']; if (!$bugsys->options['allowhtml']) { $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']); } $time = TIMENOW; $db->query(" INSERT INTO " . TABLE_PREFIX . "comment (bugid, userid, dateline, comment, comment_parsed) VALUES (" . intval($bugsys->in['bugid']) . ", " . $bugsys->userinfo['userid'] . ", $time, '" . $bugsys->in['comment'] . "', '" . nl2br($bugsys->in['comment_parsed']) . "' )" ); $commentid = $db->insert_id(); $db->query(" UPDATE " . TABLE_PREFIX . "bug SET lastposttime = $time, lastpostby = " . $bugsys->userinfo['userid'] . ", hiddenlastposttime = $time, hiddenlastpostby = " . $bugsys->userinfo['userid'] . " WHERE bugid = " . intval($bugsys->in['bugid']) ); $message->redirect($lang->string('Your reply has been added to the comment list.'), "showreport.php?bugid=" . intval($bugsys->in['bugid'])); } /*=====================================================================*\ || ################################################################### || # $HeadURL$ || # $Id$ || ################################################################### \*=====================================================================*/ ?>