claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,327 Commits 1 Branch 0 Tags
09d96b79bd714283760acd8a2d74819c486cd3ba
Commit Graph

43 Commits

Author SHA1 Message Date
Alexander Nicolaysen Sørnes
09d96b79bd comment: Fix delete permissions 2007-09-17 21:25:57 -04:00
Chris Morgan
2827e0654e Alexander Nicolaysen Sørnes <alex@thehandofagony.com> 
Let objectManager handle deletion and delete notification.
 2007-09-14 23:02:12 -04:00
Alexander Nicolaysen Sørnes
5a4cbf49a3 Add and use objectGetChildren() method. Add support for initializing comment class from SQL 
result.
 2007-09-08 22:38:20 +00:00
Alexander Nicolaysen Sørnes
faf7d9bb19 Add objectGetChildren() method to classes without child objects 2007-09-08 22:29:17 +00:00
Chris Morgan
9e05efb1b6 Fix comment::delete() to take $bSilent as an input parameter and use 
comment::SendNotificationEmail(). Update version::delete() to pass false into comment::delete()
so we don't send an email for each comment we are deleting for a given version. Fixes bug 8473.
 2007-08-24 02:52:34 +00:00
Chris Morgan
6119246b51 Replace direct mysql_xxx() calls with query_xxx() calls. Replace calls to mysql_insert_id() 
with calls specific to the appdb or bugzilla database. Fixes a bug where a call to
mysql_insert_id() can potentially retrieve an id from either the bugzilla or appdb database,
depending on whichever database was last opened by mysql_connect().
 2007-08-03 23:27:25 +00:00
Edwin Smulders
023ece493b Eliminate some php notices caused by use of uninitialized variables 2007-07-24 01:45:19 +00:00
Alexander Nicolaysen Sørnes
be52279bfa Fix comment creation. addcomment.php was passing a filled-in object to comment::create() 
which still expected values as parameters. Load data from the object instead
 2007-04-21 18:05:32 +00:00
Chris Morgan
cf9cba4093 Objects should set class variables and call create() instead of passing the parameters into the 
create() function.
 2007-04-21 02:30:22 +00:00
Alexander Nicolaysen Sørnes
89535dbe01 Use objectMakeLink()/Url() in more places 2007-04-03 02:08:44 +00:00
Alexander Nicolaysen Sørnes
8e6db0334b Link usernames in comments to the contact form instead of exposing email addresses 2007-03-24 18:36:43 +00:00
Chris Morgan
a1a41d6b87 Fix and enable input filtering through include/filter.php 2007-01-04 02:35:01 +00:00
EA Durbin
683a064cee Add user.php to includes as comment.php creates a new user. 2006-09-01 02:27:31 +00:00
Chris Morgan
61d338abbd Comment::grab_comments() should use $iParentId when != NULL, not just !$iParentId as this prevents the use of 
$iParentId in cases where the value is 0.  Fixes duplicate display of every comment for an application version reported by
Nick Law.
 2006-07-26 19:30:11 +00:00
Chris Morgan
3f1bfd3685 Attempt to capture the source of erroneous input to grab_comments() using error_log::logBackTrace() 2006-07-20 03:52:02 +00:00
Chris Morgan
f7763bdbfa Clean up variable naming in grab_comments() , use null instead of -1 for parent ID 2006-07-20 03:19:23 +00:00
Chris Morgan
0a9f8cc155 Performance improvements to version and application classes. Reduce the amount of queries to 
what is necessary during object creation.  The only use of all but one of the arrays we were fetching
during version and application construction was in ::delete() so we can just retrieve them there.
Speed screenshot class up by only querying for necessary columns, not select *
 2006-07-09 00:48:33 +00:00
Chris Morgan
763ad58bcf Move function in include/comment.php inside of the comment class. This lets us refer to 
these functions like Comment:: making it clear they are static functions of the comment class
 2006-07-08 22:09:14 +00:00
Chris Morgan
445fbdfdd3 Switch a few more variables over to the new naming scheme, fix deleting comments and replying to comments 2006-07-06 23:49:51 +00:00
Jonathan Ernst
735a2bc65f Prefix all GPC variables according to our coding standard 2006-07-06 17:27:54 +00:00
Tony Lambregts
55e06eee0c Remove now unnecessary stripslashes() 2006-07-04 02:12:43 +00:00
Chris Morgan
034ea689bc Clean up application and version classes. Move class related functions into the class as static member functions 2006-06-29 16:07:19 +00:00
Chris Morgan
245a6b993e Cleanup User class. Move user related functions into class as static member functions 2006-06-29 15:54:29 +00:00
Chris Morgan
e3f9e5371a Use query_parameters() in SQL select, update and delete statements to protect against 
sql injection attacks
 2006-06-27 19:16:27 +00:00
Chris Morgan
fb0f3b5dd3 Protect against sql injection attacks in sql INSERT statements 2006-06-24 04:20:32 +00:00
Chris Morgan
67550405c3 Make code more consistent by making it follow the appdb coding standards. Fix some spaces vs. tabs odd indenting. 2006-06-21 01:04:12 +00:00
EA Durbin
f982c8459e Filter all user input to reduce the security impact of manipulated data 2006-06-17 06:10:10 +00:00
Tony Lambregts
7fec72b632 Don't expose users email addresses to robots 2006-06-16 03:18:45 +00:00
Tony Lambregts
fe004f36fa Add note to use the AppDB to reply to email instead of replying to the email 2006-04-28 00:53:01 +00:00
Tony Lambregts
f6beae01cf Add tag to comment id and link it to the notification email 2006-03-24 05:01:48 +00:00
Chris Morgan
07801e8b9e Comment replies were incorrectly adding duplicate emails for threads that contained multiple posts by the same author or if a maintainer was also an admin. Ensure that there are no duplicate email addresses using array_unique() 2005-08-24 01:36:12 +00:00
Chris Morgan
c8275c3096 Pass a default into User::getPref() when trying to retrieve the comments mode set so users with no comment mode set will default to 'threaded'. Otherwise these users won't see any comments. 2005-08-15 00:25:37 +00:00
Chris Morgan
009cc6a55f Fix code indenting, change default non-logged in comment mode to threaded 2005-08-14 19:28:34 +00:00
Chris Morgan
5df2203821 Put single quotes around the application name/version name a comment is being deleted for 2005-07-30 15:36:15 +00:00
Chris Morgan
dc99aaf631 Put some single quotes around application name and version name so they can be distinguished from the rest of the email notification text more easily. 2005-06-19 15:46:57 +00:00
Jonathan Ernst
06ea1b6d3d Security fixes. Ensure that numeric values are actually numeric using is_numeric 
so users can't login as admin by passing in non-numeric values.
 2005-03-23 23:56:38 +00:00
Jonathan Ernst
12a7858235 - people can tell why they delete comments again 2005-03-12 17:13:08 +00:00
Jonathan Ernst
ea14ba0c45 - fix supermaintainers delete comments 
- use deleteAny.php for comment deletion
 2005-03-12 01:09:51 +00:00
Jonathan Ernst
067bd0e623 Fix link to version page when sending mail about a comment 2005-02-21 01:40:12 +00:00
Jonathan Ernst
124868c0a0 - fix the 25 errors reported by the w3c html validator (http://validator.w3.org) in appview.php?appid=whatever 
- fix the 46 errors reported by the w3c html validator in appview.php?versionid=whatever
- fix the 97 errors reported by the w3c html validator in index.php
 2005-02-11 23:42:50 +00:00
Jonathan Ernst
ac052e6c84 - show correct number of comment 
- remove unused function
 2005-02-09 23:48:01 +00:00
Jonathan Ernst
cfd1d1ac09 - renamed lookupVersionName and lookupAppName into lookup_version_name and lookup_app_name in respect to CODING_STANDARD 
- removed appIdToName($appId) and versionIdToName($appId) from category.php
- replaced every occurence of appIdToName and versionIdToName with lookup_app_name and lookup_version_name
 2005-02-04 02:59:05 +00:00
Jonathan Ernst
03c0c145c5 - new Comment class 
- improved performances (much less duplicated mysql queries)
- less code and better error handling
- informs the whole thread when posting new comment
- fix various bugs
 2005-02-02 03:01:29 +00:00