2004-12-12 03:51:51 +00:00
|
|
|
<?php
|
2004-12-25 20:08:00 +00:00
|
|
|
/*******************/
|
|
|
|
|
/* delete comments */
|
|
|
|
|
/*******************/
|
2004-10-21 19:52:35 +00:00
|
|
|
|
2004-12-25 20:08:00 +00:00
|
|
|
/*
|
2004-12-27 23:54:55 +00:00
|
|
|
* application environment
|
2004-12-25 20:08:00 +00:00
|
|
|
*/
|
2004-10-21 19:52:35 +00:00
|
|
|
include("path.php");
|
2005-01-30 00:57:34 +00:00
|
|
|
require(BASE."include/incl.php");
|
|
|
|
|
require(BASE."include/application.php");
|
|
|
|
|
require(BASE."include/mail.php");
|
2005-02-02 03:01:29 +00:00
|
|
|
require(BASE."include/comment.php");
|
2004-11-09 22:42:12 +00:00
|
|
|
|
2004-10-21 19:52:35 +00:00
|
|
|
|
2004-12-14 04:30:41 +00:00
|
|
|
$_REQUEST['appId'] = strip_tags($_REQUEST['appId']);
|
|
|
|
|
$_REQUEST['versionId'] = strip_tags($_REQUEST['versionId']);
|
|
|
|
|
$_REQUEST['commentId'] = strip_tags($_REQUEST['commentId']);
|
|
|
|
|
$_REQUEST['commentId'] = mysql_escape_string($_REQUEST['commentId']);
|
2004-11-09 22:41:18 +00:00
|
|
|
|
2005-01-30 23:12:48 +00:00
|
|
|
if(!$_SESSION['current']->isLoggedIn())
|
2004-12-19 19:30:27 +00:00
|
|
|
{
|
|
|
|
|
errorpage("You need to be logged in to delete a comment.");
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
2004-11-09 22:41:18 +00:00
|
|
|
/* if we aren't an admin or the maintainer of this app we shouldn't be */
|
|
|
|
|
/* allowed to delete any comments */
|
2005-01-30 23:12:48 +00:00
|
|
|
if(!$_SESSION['current']->hasPriv("admin") &&
|
2005-02-02 03:01:29 +00:00
|
|
|
!$_SESSION['current']->isMaintainer($_REQUEST['appId'], $_REQUEST['versionId']))
|
2004-10-21 19:52:35 +00:00
|
|
|
{
|
2005-02-02 03:01:29 +00:00
|
|
|
errorpage('You don\'t have sufficient privileges to delete this comment.');
|
2004-10-21 19:52:35 +00:00
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
2005-02-02 03:01:29 +00:00
|
|
|
$oComment = new Comment($_REQUEST['commentId']);
|
2004-10-21 19:52:35 +00:00
|
|
|
|
2004-11-09 22:42:12 +00:00
|
|
|
|
2005-02-02 03:01:29 +00:00
|
|
|
if($_SESSION['current']->getPref("confirm_comment_deletion") != "no" && !isset($_REQUEST['int_delete_it']))
|
2004-12-14 04:30:41 +00:00
|
|
|
{
|
|
|
|
|
apidb_header("Delete Comment");
|
|
|
|
|
$mesTitle = "<b>Please state why you are deleting the following comment</b>";
|
|
|
|
|
echo "<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."\">\n";
|
|
|
|
|
echo html_frame_start($mesTitle,500,"",0);
|
|
|
|
|
echo "<br />";
|
2005-02-02 03:01:29 +00:00
|
|
|
echo html_frame_start($oComment->sSubject,500);
|
|
|
|
|
echo htmlify_urls($oComment->sBody), "<br /><br />\n";
|
2004-12-14 04:30:41 +00:00
|
|
|
echo html_frame_end();
|
|
|
|
|
echo '<table width="100%" border=0 cellpadding=0 cellspacing=1>',"\n";
|
2004-12-29 20:21:31 +00:00
|
|
|
echo "<tr class=color1><td colspan=2><textarea name=\"str_why\" cols=\"70\" rows=\"15\" wrap=\"virtual\"></textarea></td></tr>\n";
|
|
|
|
|
echo "<tr class=color1><td colspan=2 align=center>\n";
|
2004-12-14 04:30:41 +00:00
|
|
|
echo " <input type=\"SUBMIT\" value=\"Delete Comment\" class=\"button\" />\n";
|
|
|
|
|
echo "</td></tr>\n";
|
|
|
|
|
echo "</table>\n";
|
|
|
|
|
echo html_frame_end();
|
|
|
|
|
echo "<input type=\"HIDDEN\" name=\"int_delete_it\" value=\"1\" />\n";
|
|
|
|
|
echo "<input type=\"HIDDEN\" name=\"thread\" value=\"".$_REQUEST['thread']."\" />\n";
|
|
|
|
|
echo "<input type=\"HIDDEN\" name=\"appId\" value=\"".$_REQUEST['appId']."\" />\n";
|
|
|
|
|
echo "<input type=\"HIDDEN\" name=\"versionId\" value=\"".$_REQUEST['versionId']."\" />\n";
|
|
|
|
|
echo "<input type=\"hidden\" name=\"commentId\" value=\"".$_REQUEST['commentId']."\" />";
|
|
|
|
|
echo "</form>";
|
|
|
|
|
?>
|
|
|
|
|
|
|
|
|
|
<p> </p>
|
|
|
|
|
|
|
|
|
|
<?php
|
|
|
|
|
apidb_footer();
|
|
|
|
|
} else
|
|
|
|
|
{
|
2005-02-02 03:01:29 +00:00
|
|
|
$oComment->delete($_REQUEST['str_why']);
|
|
|
|
|
redirect(apidb_fullurl("appview.php?versionId=".$_REQUEST['versionId']));
|
2004-12-14 04:30:41 +00:00
|
|
|
}
|
2004-10-21 19:52:35 +00:00
|
|
|
?>
|
