claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- addcomment.php uses include/db.php for mysql queries and error handling

Browse Source 
- deletecomment.php uses include/db.php for mysql queries and error handling
- minor fixes (superglobals, indentation, typos)
This commit is contained in:
Jonathan Ernst
2004-12-29 03:42:22 +00:00
committed by WineHQ
parent e28959dc3b
commit 487bcb9264
2 changed files with 55 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
addcomment.php
View File

@@ -46,21 +46,16 @@ if(isset($_REQUEST['body']))
// get current userid
$userId = $_SESSION['current']->userid;
$result = mysql_query("INSERT INTO appComments VALUES (NOW(), null, '".$_REQUEST['thread']."','".
$result = query_appdb("INSERT INTO appComments VALUES (NOW(), null, '".$_REQUEST['thread']."','".
$_REQUEST['appId']."', '".$_REQUEST['versionId']."', $userId, '$hostname', '$subject', ".
"'$body1', 0)");
if (!$result)
if ($result)
{
errorpage('Internal Database Access Error',mysql_error());
exit;
} else
if (isset($_REQUEST['originator']))
{
if (isset($originator))
if (UserWantsEmail($_REQUEST['originator']))
{
if (UserWantsEmail($originator))
{
$email = lookupEmail($originator);
$email = lookupEmail($_REQUEST['originator']);
$fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
$ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'].".\n";
$ms .= "\n";
@@ -101,8 +96,8 @@ if(isset($_REQUEST['body']))
addmsg("mesage sent to: ".$email, "green");
addmsg("New Comment Posted", "green");
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
}
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
}
################################
@@ -116,7 +111,7 @@ else if(loggedin())
if($_REQUEST['thread'])
{
$result = mysql_query("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']);
$result = query_appdb("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']);
$ob = mysql_fetch_object($result);
if($ob)
{

63
deletecomment.php
View File

@@ -28,7 +28,7 @@ if(!havepriv("admin") &&
!$_SESSION['current']->is_maintainer($_REQUEST['appId'],
$_REQUEST['versionId']))
{
errorpage('You don\'t have admin privilages');
errorpage('You don\'t have admin privileges');
exit;
}
@@ -36,7 +36,7 @@ opendb();
/* retrieve the parentID of the comment we are deleting */
/* so we can fix up the parentIds of this comments children */
$result = mysql_query("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
$result = query_appdb("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if (!$result)
{
errorpage('Internal error retrieving parent of commentId');
@@ -47,12 +47,8 @@ $ob = mysql_fetch_object($result);
$deletedParentId = $ob->parentId;
/* get the subject and body from the comment */
$result = mysql_query("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if (!$result)
{
errorpage('Internal Database Access Error',mysql_error());
exit;
}
$result = query_appdb("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if (!$result) redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
$ob = mysql_fetch_object($result);
$body = $ob->body;
$subject = $ob->subject;
@@ -89,28 +85,24 @@ if($_SESSION['current']->getpref("confirm_comment_deletion") != "no" &&
apidb_footer();
} else
{
/* delete the comment from the database */
$result = mysql_query("DELETE FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if (!isset($result))
{
errorpage('Internal Database Access Error',mysql_error());
exit;
}
/* fixup the child comments so the parentId points to a valid parent comment */
$result = mysql_query("UPDATE appComments set parentId = '$deletedParentId' WHERE parentId = '".$_REQUEST['commentId']."'");
if(!isset($result))
{
/* delete the comment from the database */
$result = query_appdb("DELETE FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'");
if ($result)
{
/* fixup the child comments so the parentId points to a valid parent comment */
$result = query_appdb("UPDATE appComments set parentId = '$deletedParentId' WHERE parentId = '".$_REQUEST['commentId']."'");
if(!$result)
{
errorpage('Internal database error fixing up the parentId of child comments');
exit;
}
$email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']);
$notify_user_email=lookupEmail($ob->userId);
$notify_user_username=lookupUsername($ob->userId);
$email .= $notify_user_email;
if($email)
{
} else
{
$email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']);
$notify_user_email=lookupEmail($ob->userId);
$notify_user_username=lookupUsername($ob->userId);
$email .= $notify_user_email;
if($email)
{
$fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
$ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n";
$ms .= "\n";
@@ -129,16 +121,13 @@ if($email)
$ms .= "No reason given.\n";
$ms .= "\n";
$ms .= STANDARD_NOTIFY_FOOTER;
echo $ms;
mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms);
} else
{
} else
$email = "no one";
}
addmsg("mesage sent to: ".$email, "green");
addmsg("Comment deleted", "green");
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
addmsg("mesage sent to: ".$email, "green");
addmsg("Comment deleted", "green");
redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
}
}
}
?>