From f0c221bbfa8e6454885ed5e1b8f2693683e78ded Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Mon, 22 Aug 2005 02:29:23 +0000 Subject: [PATCH] r362: Users who can post comments, but now edit, now can actually post comments --- editreport.php | 125 ++++++++++++++++++++++++++----------------------- 1 file changed, 67 insertions(+), 58 deletions(-) diff --git a/editreport.php b/editreport.php index 97ceafc..1f09778 100644 --- a/editreport.php +++ b/editreport.php @@ -26,14 +26,14 @@ $bug = $db->query_first(" WHERE bug.bugid = " . intval($bugsys->in['bugid']) ); -if (!$bug) +if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo')) AND !can_perform('canpostcomments')) { - $message->error('alert: bad bug'); + $message->error_permission(); } -if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo'))) +if (!$bug) { - $message->error_permission(); + $message->error('alert: bad bug'); } if ($bug['hidden'] AND !can_perform('canviewhidden')) @@ -50,6 +50,69 @@ $log->bugid = $bug['bugid']; if ($_POST['do'] == 'update') { + // ------------------------------------------------------------------- + // process comment stuff + if (can_perform('canpostcomments')) + { + $hascomment = (!empty($bugsys->in['comment'])) ? true : false; + + if ($hascomment OR $autoaction['comment']) + { + if ($hascomment AND $autoaction['comment']) + { + $bugsys->in['comment'] .= "\n\n--------------- AUTOMATIC RESPONSE ---------------\n" . $autoaction['comment']; + } + else if (!$hascomment AND $autoaction['comment']) + { + $bugsys->in['comment'] = $autoaction['comment']; + } + + $bugsys->in['comment_parsed'] = $bugsys->in['comment']; + + if (!$bugsys->options['allowhtml']) + { + $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']); + } + + $time = TIMENOW; + + $db->query(" + INSERT INTO " . TABLE_PREFIX . "comment + (bugid, userid, dateline, comment, comment_parsed) + VALUES + (" . intval($bugsys->in['bugid']) . ", " . $bugsys->userinfo['userid'] . ", + $time, '" . $bugsys->in['comment'] . "', + '" . nl2br($bugsys->in['comment_parsed']) . "' + )" + ); + + $commentid = $db->insert_id(); + + $db->query(" + UPDATE " . TABLE_PREFIX . "bug + SET lastposttime = $time, + lastpostby = " . $bugsys->userinfo['userid'] . ", + hiddenlastposttime = $time, + hiddenlastpostby = " . $bugsys->userinfo['userid'] . " + WHERE bugid = " . intval($bugsys->in['bugid']) + ); + + if ($hascomment) + { + $log->language = 'log_new_comment'; + $log->arguments = array($commentid); + $log->log(); + } + } + } + + if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo'))) + { + $message->redirect('inserted comment', "showreport.php?bugid=$bug[bugid]"); + } + + // ------------------------------------------------------------------- + // do update stuff $pcv = parse_pcv_select($bugsys->in['pcv_select'], true); if (!$bugsys->in['summary']) @@ -197,60 +260,6 @@ if ($_POST['do'] == 'update') } $log->allowempty = false; - - // ------------------------------------------------------------------- - // process comment stuff - - $hascomment = (!empty($bugsys->in['comment'])) ? true : false; - - if ($hascomment OR $autoaction['comment']) - { - if ($hascomment AND $autoaction['comment']) - { - $bugsys->in['comment'] .= "\n\n--------------- AUTOMATIC RESPONSE ---------------\n" . $autoaction['comment']; - } - else if (!$hascomment AND $autoaction['comment']) - { - $bugsys->in['comment'] = $autoaction['comment']; - } - - $bugsys->in['comment_parsed'] = $bugsys->in['comment']; - - if (!$bugsys->options['allowhtml']) - { - $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']); - } - - $time = TIMENOW; - - $db->query(" - INSERT INTO " . TABLE_PREFIX . "comment - (bugid, userid, dateline, comment, comment_parsed) - VALUES - (" . intval($bugsys->in['bugid']) . ", " . $bugsys->userinfo['userid'] . ", - $time, '" . $bugsys->in['comment'] . "', - '" . nl2br($bugsys->in['comment_parsed']) . "' - )" - ); - - $commentid = $db->insert_id(); - - $db->query(" - UPDATE " . TABLE_PREFIX . "bug - SET lastposttime = $time, - lastpostby = " . $bugsys->userinfo['userid'] . ", - hiddenlastposttime = $time, - hiddenlastpostby = " . $bugsys->userinfo['userid'] . " - WHERE bugid = " . intval($bugsys->in['bugid']) - ); - - if ($hascomment) - { - $log->language = 'log_new_comment'; - $log->arguments = array($commentid); - $log->log(); - } - } $message->redirect('done with update bug', "showreport.php?bugid=$bug[bugid]"); } -- 2.22.5