external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Support comment editing in the backend

Browse source 
Create two new actions, do_AddComment and do_EditComment. When editing
or deleting a comment, a timestamp is added.

Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Marcel Korpel 2015-07-10 18:47:32 +02:00 committed by Lukas Fleischer
parent 92e19e95f3
commit e331ce273c
5 changed files with 73 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

34
web/lib/pkgbasefuncs.inc.php
View file

@ -830,7 +830,8 @@ function pkgbase_delete_comment() {
$dbh = DB::connect();
if (can_delete_comment($comment_id)) {
$q = "UPDATE PackageComments ";
$q.= "SET DelUsersID = ".$uid." ";
$q.= "SET DelUsersID = ".$uid.", ";
$q.= "EditedTS = UNIX_TIMESTAMP() ";
$q.= "WHERE ID = ".intval($comment_id);
$dbh->exec($q);
return array(true, __("Comment has been deleted."));
@ -839,6 +840,37 @@ function pkgbase_delete_comment() {
}
}
/**
* Edit a package comment
*
* @return array Tuple of success/failure indicator and error message
*/
function pkgbase_edit_comment($comment) {
$uid = uid_from_sid($_COOKIE["AURSID"]);
if (!$uid) {
return array(false, __("You must be logged in before you can edit package information."));
}
if (isset($_POST["comment_id"])) {
$comment_id = $_POST["comment_id"];
} else {
return array(false, __("Missing comment ID."));
}
$dbh = DB::connect();
if (can_edit_comment($comment_id)) {
$q = "UPDATE PackageComments ";
$q.= "SET EditedUsersID = ".$uid.", ";
$q.= "Comments = ".$dbh->quote($comment).", ";
$q.= "EditedTS = UNIX_TIMESTAMP() ";
$q.= "WHERE ID = ".intval($comment_id);
$dbh->exec($q);
return array(true, __("Comment has been edited."));
} else {
return array(false, __("You are not allowed to edit this comment."));
}
}
/**
* Get a list of package base keywords
*

26
web/lib/pkgfuncs.inc.php
View file

@ -42,6 +42,32 @@ function can_delete_comment_array($comment) {
return has_credential(CRED_COMMENT_DELETE, array($comment['UsersID']));
}
/**
* Determine if the user can edit a specific package comment
*
* Only the comment submitter, Trusted Users, and Developers can edit
* comments. This function is used for the backend side of comment editing.
*
* @param string $comment_id The comment ID in the database
*
* @return bool True if the user can edit the comment, otherwise false
*/
function can_edit_comment($comment_id=0) {
$dbh = DB::connect();
$q = "SELECT UsersID FROM PackageComments ";
$q.= "WHERE ID = " . intval($comment_id);
$result = $dbh->query($q);
if (!$result) {
return false;
}
$uid = $result->fetch(PDO::FETCH_COLUMN, 0);
return has_credential(CRED_COMMENT_EDIT, array($uid));
}
/**
* Determine if the user can edit a specific package comment using an array
*