external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add comment undeletion functionality

Browse source 
Only Developers and Trusted Users can undelete comments.

Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Marcel Korpel 2016-01-19 14:49:50 +01:00 committed by Lukas Fleischer
parent e9fe1a9eb1
commit bd85441cf6
8 changed files with 75 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
web/lib/credentials.inc.php
View file

@ -6,6 +6,7 @@ define("CRED_ACCOUNT_EDIT_DEV", 3);
define("CRED_ACCOUNT_LAST_LOGIN", 4);
define("CRED_ACCOUNT_SEARCH", 5);
define("CRED_COMMENT_DELETE", 6);
define("CRED_COMMENT_UNDELETE", 27);
define("CRED_COMMENT_VIEW_DELETED", 22);
define("CRED_COMMENT_EDIT", 25);
define("CRED_COMMENT_PIN", 26);
@ -59,6 +60,7 @@ function has_credential($credential, $approved_users=array()) {
case CRED_ACCOUNT_LAST_LOGIN:
case CRED_ACCOUNT_SEARCH:
case CRED_COMMENT_DELETE:
case CRED_COMMENT_UNDELETE:
case CRED_COMMENT_VIEW_DELETED:
case CRED_COMMENT_EDIT:
case CRED_COMMENT_PIN:

22
web/lib/pkgbasefuncs.inc.php
View file

@ -932,9 +932,10 @@ function pkgbase_notify ($base_ids, $action=true) {
/**
* Delete a package comment
*
* @param boolean $undelete True if undeleting rather than deleting
* @return array Tuple of success/failure indicator and error message
*/
function pkgbase_delete_comment() {
function pkgbase_delete_comment($undelete=false) {
$uid = uid_from_sid($_COOKIE["AURSID"]);
if (!$uid) {
return array(false, __("You must be logged in before you can edit package information."));
@ -947,15 +948,28 @@ function pkgbase_delete_comment() {
}
$dbh = DB::connect();
if (can_delete_comment($comment_id)) {
if ($undelete) {
if (!has_credential(CRED_COMMENT_UNDELETE)) {
return array(false, __("You are not allowed to undelete this comment."));
}
$q = "UPDATE PackageComments ";
$q.= "SET DelUsersID = NULL, ";
$q.= "DelTS = NULL ";
$q.= "WHERE ID = ".intval($comment_id);
$dbh->exec($q);
return array(true, __("Comment has been undeleted."));
} else {
if (!can_delete_comment($comment_id)) {
return array(false, __("You are not allowed to delete this comment."));
}
$q = "UPDATE PackageComments ";
$q.= "SET DelUsersID = ".$uid.", ";
$q.= "DelTS = UNIX_TIMESTAMP() ";
$q.= "WHERE ID = ".intval($comment_id);
$dbh->exec($q);
return array(true, __("Comment has been deleted."));
} else {
return array(false, __("You are not allowed to delete this comment."));
}
}