claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add a delete button to comments when the user is an admin

Browse Source
This commit is contained in:
Chris Morgan
2004-10-21 19:52:35 +00:00
committed by Jeremy Newman
parent da68923dad
commit b9db13f6a8
2 changed files with 69 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
deletecomment.php Normal file
View File

@@ -0,0 +1,53 @@
<?
include("path.php");
require(BASE."include/"."incl.php");
//FIXME: should check to see if the user is an application maintainer when we have application maintainers
if(!havepriv("admin"))
{
errorpage('You don\'t have admin privilages');
exit;
}
opendb();
$commentId = strip_tags($_POST['commentId']);
$commentId = mysql_escape_string($commentId);
$appId = strip_tags($_POST['appId']);
$versionId = strip_tags($_POST['versionId']);
/* retrieve the parentID of the comment we are deleting */
/* so we can fix up the parentIds of this comments children */
$result = mysql_query("SELECT parentId FROM appComments WHERE commentId = '$commentId'");
if (!$result)
{
errorpage('Internal error retrieving parent of commentId');
exit;
}
$ob = mysql_fetch_object($result);
$deletedParentId = $ob->parentId;
/* delete the comment from the database */
$result = mysql_query("DELETE FROM appComments WHERE commentId = '$commentId'");
if (!$result)
{
errorpage('Internal Database Access Error',mysql_error());
exit;
}
/* fixup the child comments so the parentId points to a valid parent comment */
$result = mysql_query("UPDATE appComments set parentId = '$deletedParentId' WHERE parentId = '$commentId'");
if(!$result)
{
errorpage('Internal database error fixing up the parentId of child comments');
exit;
}
addmsg("Comment deleted", "green");
redirect(apidb_fullurl("appview.php?appId=$appId&versionId=$versionId"));
?>

17
include/comments.php
View File

@@ -63,7 +63,22 @@ function view_app_comment($ob)
echo " [<a href='addcomment.php?appId=$ob->appId&versionId=$ob->versionId&subject=". echo " [<a href='addcomment.php?appId=$ob->appId&versionId=$ob->versionId&subject=".
urlencode("$subject")."&thread=$ob->commentId'><small>reply to this</small></a>] \n"; urlencode("$subject")."&thread=$ob->commentId'><small>reply to this</small></a>] \n";
echo "</td></tr></table>\n"; echo "</td></tr>\n";
// delete message button, for admins
//TODO: application managers should also see this button
if(havepriv("admin"))
{
echo "<tr>";
echo '<td><form method=post name=message action="deletecomment.php"><input type=submit value="Delete" class=button> ',"\n";
echo "<input type=hidden name='commentId' value=$ob->commentId>";
echo "<input type=hidden name='appId' value=$ob->appId>";
echo "<input type=hidden name='versionId' value=$ob->versionId></form></td>","\n";
echo "</td></tr>";
}
echo "</table>\n";
echo html_frame_end(); echo html_frame_end();
} }