claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- addcomment.php uses include/db.php for mysql queries and error handling

Browse Source 
- deletecomment.php uses include/db.php for mysql queries and error handling
- minor fixes (superglobals, indentation, typos)
This commit is contained in:
Jonathan Ernst
2004-12-29 03:42:22 +00:00
committed by WineHQ
parent e28959dc3b
commit 487bcb9264
2 changed files with 55 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
addcomment.php
View File

@@ -46,21 +46,16 @@ if(isset($_REQUEST['body']))
// get current userid // get current userid
$userId = $_SESSION['current']->userid; $userId = $_SESSION['current']->userid;
$result = mysql_query("INSERT INTO appComments VALUES (NOW(), null, '".$_REQUEST['thread']."','". $result = query_appdb("INSERT INTO appComments VALUES (NOW(), null, '".$_REQUEST['thread']."','".
$_REQUEST['appId']."', '".$_REQUEST['versionId']."', $userId, '$hostname', '$subject', ". $_REQUEST['appId']."', '".$_REQUEST['versionId']."', $userId, '$hostname', '$subject', ".
"'$body1', 0)"); "'$body1', 0)");
if ($result)
if (!$result)
{ {
errorpage('Internal Database Access Error',mysql_error()); if (isset($_REQUEST['originator']))
exit;
} else
{ {
if (isset($originator)) if (UserWantsEmail($_REQUEST['originator']))
{ {
if (UserWantsEmail($originator)) $email = lookupEmail($_REQUEST['originator']);
{
$email = lookupEmail($originator);
$fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']); $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
$ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'].".\n"; $ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'].".\n";
$ms .= "\n"; $ms .= "\n";
@@ -101,8 +96,8 @@ if(isset($_REQUEST['body']))
addmsg("mesage sent to: ".$email, "green"); addmsg("mesage sent to: ".$email, "green");
addmsg("New Comment Posted", "green"); addmsg("New Comment Posted", "green");
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
################################ ################################
@@ -116,7 +111,7 @@ else if(loggedin())
if($_REQUEST['thread']) if($_REQUEST['thread'])
{ {
$result = mysql_query("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']); $result = query_appdb("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']);
$ob = mysql_fetch_object($result); $ob = mysql_fetch_object($result);
if($ob) if($ob)
{ {

63
deletecomment.php
View File

@@ -28,7 +28,7 @@ if(!havepriv("admin") &&
!$_SESSION['current']->is_maintainer($_REQUEST['appId'], !$_SESSION['current']->is_maintainer($_REQUEST['appId'],
$_REQUEST['versionId'])) $_REQUEST['versionId']))
{ {
errorpage('You don\'t have admin privilages'); errorpage('You don\'t have admin privileges');
exit; exit;
} }
@@ -36,7 +36,7 @@ opendb();
/* retrieve the parentID of the comment we are deleting */ /* retrieve the parentID of the comment we are deleting */
/* so we can fix up the parentIds of this comments children */ /* so we can fix up the parentIds of this comments children */
$result = mysql_query("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); $result = query_appdb("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if (!$result) if (!$result)
{ {
errorpage('Internal error retrieving parent of commentId'); errorpage('Internal error retrieving parent of commentId');
@@ -47,12 +47,8 @@ $ob = mysql_fetch_object($result);
$deletedParentId = $ob->parentId; $deletedParentId = $ob->parentId;
/* get the subject and body from the comment */ /* get the subject and body from the comment */
$result = mysql_query("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); $result = query_appdb("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if (!$result) if (!$result) redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
{
errorpage('Internal Database Access Error',mysql_error());
exit;
}
$ob = mysql_fetch_object($result); $ob = mysql_fetch_object($result);
$body = $ob->body; $body = $ob->body;
$subject = $ob->subject; $subject = $ob->subject;
@@ -89,28 +85,24 @@ if($_SESSION['current']->getpref("confirm_comment_deletion") != "no" &&
apidb_footer(); apidb_footer();
} else } else
{ {
/* delete the comment from the database */ /* delete the comment from the database */
$result = mysql_query("DELETE FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); $result = query_appdb("DELETE FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if ($result)
if (!isset($result)) {
{ /* fixup the child comments so the parentId points to a valid parent comment */
errorpage('Internal Database Access Error',mysql_error()); $result = query_appdb("UPDATE appComments set parentId = '$deletedParentId' WHERE parentId = '".$_REQUEST['commentId']."'");
exit; if(!$result)
} {
/* fixup the child comments so the parentId points to a valid parent comment */
$result = mysql_query("UPDATE appComments set parentId = '$deletedParentId' WHERE parentId = '".$_REQUEST['commentId']."'");
if(!isset($result))
{
errorpage('Internal database error fixing up the parentId of child comments'); errorpage('Internal database error fixing up the parentId of child comments');
exit; exit;
} } else
$email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']); {
$notify_user_email=lookupEmail($ob->userId); $email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']);
$notify_user_username=lookupUsername($ob->userId); $notify_user_email=lookupEmail($ob->userId);
$email .= $notify_user_email; $notify_user_username=lookupUsername($ob->userId);
if($email) $email .= $notify_user_email;
{ if($email)
{
$fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']); $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
$ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n"; $ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n";
$ms .= "\n"; $ms .= "\n";
@@ -129,16 +121,13 @@ if($email)
$ms .= "No reason given.\n"; $ms .= "No reason given.\n";
$ms .= "\n"; $ms .= "\n";
$ms .= STANDARD_NOTIFY_FOOTER; $ms .= STANDARD_NOTIFY_FOOTER;
echo $ms;
mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms); mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms);
} else } else
{
$email = "no one"; $email = "no one";
} addmsg("mesage sent to: ".$email, "green");
addmsg("mesage sent to: ".$email, "green"); addmsg("Comment deleted", "green");
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
addmsg("Comment deleted", "green"); }
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); }
} }
?> ?>