claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- addcomment.php uses include/db.php for mysql queries and error handling

Browse Source 
- deletecomment.php uses include/db.php for mysql queries and error handling
- minor fixes (superglobals, indentation, typos)
This commit is contained in:
Jonathan Ernst
2004-12-29 03:42:22 +00:00
committed by WineHQ
parent e28959dc3b
commit 487bcb9264
2 changed files with 55 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
addcomment.php
View File

@@ -46,21 +46,16 @@ if(isset($_REQUEST['body']))
// get current userid // get current userid
$userId = $_SESSION['current']->userid; $userId = $_SESSION['current']->userid;
$result = mysql_query("INSERT INTO appComments VALUES (NOW(), null, '".$_REQUEST['thread']."','". $result = query_appdb("INSERT INTO appComments VALUES (NOW(), null, '".$_REQUEST['thread']."','".
$_REQUEST['appId']."', '".$_REQUEST['versionId']."', $userId, '$hostname', '$subject', ". $_REQUEST['appId']."', '".$_REQUEST['versionId']."', $userId, '$hostname', '$subject', ".
"'$body1', 0)"); "'$body1', 0)");
if ($result)
if (!$result)
{ {
errorpage('Internal Database Access Error',mysql_error()); if (isset($_REQUEST['originator']))
exit;
} else
{
if (isset($originator))
{ {
if (UserWantsEmail($originator)) if (UserWantsEmail($_REQUEST['originator']))
{ {
$email = lookupEmail($originator); $email = lookupEmail($_REQUEST['originator']);
$fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']); $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
$ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'].".\n"; $ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'].".\n";
$ms .= "\n"; $ms .= "\n";
@@ -101,8 +96,8 @@ if(isset($_REQUEST['body']))
addmsg("mesage sent to: ".$email, "green"); addmsg("mesage sent to: ".$email, "green");
addmsg("New Comment Posted", "green"); addmsg("New Comment Posted", "green");
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
################################ ################################
@@ -116,7 +111,7 @@ else if(loggedin())
if($_REQUEST['thread']) if($_REQUEST['thread'])
{ {
$result = mysql_query("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']); $result = query_appdb("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']);
$ob = mysql_fetch_object($result); $ob = mysql_fetch_object($result);
if($ob) if($ob)
{ {

107
deletecomment.php
View File

@@ -28,7 +28,7 @@ if(!havepriv("admin") &&
!$_SESSION['current']->is_maintainer($_REQUEST['appId'], !$_SESSION['current']->is_maintainer($_REQUEST['appId'],
$_REQUEST['versionId'])) $_REQUEST['versionId']))
{ {
errorpage('You don\'t have admin privilages'); errorpage('You don\'t have admin privileges');
exit; exit;
} }
@@ -36,7 +36,7 @@ opendb();
/* retrieve the parentID of the comment we are deleting */ /* retrieve the parentID of the comment we are deleting */
/* so we can fix up the parentIds of this comments children */ /* so we can fix up the parentIds of this comments children */
$result = mysql_query("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); $result = query_appdb("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if (!$result) if (!$result)
{ {
errorpage('Internal error retrieving parent of commentId'); errorpage('Internal error retrieving parent of commentId');
@@ -47,12 +47,8 @@ $ob = mysql_fetch_object($result);
$deletedParentId = $ob->parentId; $deletedParentId = $ob->parentId;
/* get the subject and body from the comment */ /* get the subject and body from the comment */
$result = mysql_query("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); $result = query_appdb("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if (!$result) if (!$result) redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
{
errorpage('Internal Database Access Error',mysql_error());
exit;
}
$ob = mysql_fetch_object($result); $ob = mysql_fetch_object($result);
$body = $ob->body; $body = $ob->body;
$subject = $ob->subject; $subject = $ob->subject;
@@ -89,56 +85,49 @@ if($_SESSION['current']->getpref("confirm_comment_deletion") != "no" &&
apidb_footer(); apidb_footer();
} else } else
{ {
/* delete the comment from the database */ /* delete the comment from the database */
$result = mysql_query("DELETE FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); $result = query_appdb("DELETE FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if ($result)
if (!isset($result)) {
{ /* fixup the child comments so the parentId points to a valid parent comment */
errorpage('Internal Database Access Error',mysql_error()); $result = query_appdb("UPDATE appComments set parentId = '$deletedParentId' WHERE parentId = '".$_REQUEST['commentId']."'");
exit; if(!$result)
} {
errorpage('Internal database error fixing up the parentId of child comments');
/* fixup the child comments so the parentId points to a valid parent comment */ exit;
$result = mysql_query("UPDATE appComments set parentId = '$deletedParentId' WHERE parentId = '".$_REQUEST['commentId']."'"); } else
if(!isset($result)) {
{ $email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']);
errorpage('Internal database error fixing up the parentId of child comments'); $notify_user_email=lookupEmail($ob->userId);
exit; $notify_user_username=lookupUsername($ob->userId);
} $email .= $notify_user_email;
$email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']); if($email)
$notify_user_email=lookupEmail($ob->userId); {
$notify_user_username=lookupUsername($ob->userId); $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
$email .= $notify_user_email; $ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n";
if($email) $ms .= "\n";
{ $ms .= $_SESSION['current']->username." deleted comment from ".$fullAppName."\n";
$fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']); $ms .= "\n";
$ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n"; $ms .= "This comment was made on ".substr($ob->time,0,10)." by $notify_user_username \n";
$ms .= "\n"; $ms .= "\n";
$ms .= $_SESSION['current']->username." deleted comment from ".$fullAppName."\n"; $ms .= "Subject: ".$subject."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= "This comment was made on ".substr($ob->time,0,10)." by $notify_user_username \n"; $ms .= $body."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= "Subject: ".$subject."\n"; $ms .= "Because:\n";
$ms .= "\n"; if($_REQUEST['str_why'])
$ms .= $body."\n"; $ms .= stripslashes($_REQUEST['str_why'])."\n";
$ms .= "\n"; else
$ms .= "Because:\n"; $ms .= "No reason given.\n";
if($_REQUEST['str_why']) $ms .= "\n";
$ms .= stripslashes($_REQUEST['str_why'])."\n"; $ms .= STANDARD_NOTIFY_FOOTER;
else mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms);
$ms .= "No reason given.\n"; } else
$ms .= "\n"; $email = "no one";
$ms .= STANDARD_NOTIFY_FOOTER; addmsg("mesage sent to: ".$email, "green");
echo $ms; addmsg("Comment deleted", "green");
mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms); redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} else }
{ }
$email = "no one";
}
addmsg("mesage sent to: ".$email, "green");
addmsg("Comment deleted", "green");
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
?> ?>