is_maintainer($_REQUEST['appId'], $_REQUEST['versionId'])) { errorpage('You don\'t have admin privilages'); exit; } opendb(); /* retrieve the parentID of the comment we are deleting */ /* so we can fix up the parentIds of this comments children */ $result = mysql_query("SELECT parentId FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); if (!$result) { errorpage('Internal error retrieving parent of commentId'); exit; } $ob = mysql_fetch_object($result); $deletedParentId = $ob->parentId; /* get the subject and body from the comment */ $result = mysql_query("select * FROM appComments WHERE commentId = '".$_REQUEST['commentId']."'"); if (!$result) { errorpage('Internal Database Access Error',mysql_error()); exit; } $ob = mysql_fetch_object($result); $body = $ob->body; $subject = $ob->subject; if($_SESSION['current']->getpref("confirm_comment_deletion") != "no" && !isset($_REQUEST['int_delete_it'])) { apidb_header("Delete Comment"); $mesTitle = "Please state why you are deleting the following comment"; echo "

\n"; echo html_frame_start($mesTitle,500,"",0); echo "
"; echo html_frame_start($ob->subject,500); echo htmlify_urls($ob->body), "

\n"; echo html_frame_end(); echo '',"\n"; echo "\n"; echo "\n"; echo "

\n"; echo " \n"; echo "

\n"; echo html_frame_end(); echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo ""; echo "

"; ?>

 

userId); $notify_user_username=lookupUsername($ob->userId); $email .= $notify_user_email; if($email) { $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']); $ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n"; $ms .= "\n"; $ms .= $_SESSION['current']->username." deleted comment from ".$fullAppName."\n"; $ms .= "\n"; $ms .= "This comment was made on ".substr($ob->time,0,10)." by $notify_user_username \n"; $ms .= "\n"; $ms .= "Subject: ".$subject."\n"; $ms .= "\n"; $ms .= $body."\n"; $ms .= "\n"; $ms .= "Because:\n"; if($_REQUEST['str_why']) $ms .= stripslashes($_REQUEST['str_why'])."\n"; else $ms .= "No reason given.\n"; $ms .= "\n"; $ms .= STANDARD_NOTIFY_FOOTER; echo $ms; mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms); } else { $email = "no one"; } addmsg("mesage sent to: ".$email, "green"); addmsg("Comment deleted", "green"); redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); } ?>