Only Developers and Trusted Users can undelete comments.
Signed-off-by: Marcel Korpel <[email protected]>
---
Changes from v1:
* General clean-up of code
* Placed button at the same position as the delete/edit/pin icons
* Added missing PHPDoc for parameter
web/html/css/aurweb.css | 6 +++++-
web/html/pkgbase.php | 5 +++++
web/lib/credentials.inc.php | 2 ++
web/lib/pkgbasefuncs.inc.php | 22 ++++++++++++++++++----
web/template/pkg_comments.php | 11 +++++++++++
5 files changed, 41 insertions(+), 5 deletions(-)
diff --git a/web/html/css/aurweb.css b/web/html/css/aurweb.css
index 92ff898..526e876 100644
--- a/web/html/css/aurweb.css
+++ b/web/html/css/aurweb.css
@@ -101,11 +101,15 @@
color: #999;
}
-.delete-comment-form, .pin-comment-form, .edit-comment {
+.delete-comment-form, .undelete-comment-form, .pin-comment-form, .edit-comment
{
float: right;
margin-left: 8px;
}
+.undelete-comment {
+ font-size: 75%;
+}
+
.edit-comment {
height: 11px;
position: relative;
diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php
index 45b8084..11fdf74 100644
--- a/web/html/pkgbase.php
+++ b/web/html/pkgbase.php
@@ -99,6 +99,11 @@ if (check_token()) {
list($ret, $output) = pkgbase_notify($ids, false);
} elseif (current_action("do_DeleteComment")) {
list($ret, $output) = pkgbase_delete_comment();
+ } elseif (current_action("do_UndeleteComment")) {
+ list($ret, $output) = pkgbase_delete_comment(true);
+ if ($ret && isset($_POST["comment_id"])) {
+ $fragment = '#comment-' . intval($_POST["comment_id"]);
+ }
} elseif (current_action("do_PinComment")) {
list($ret, $output) = pkgbase_pin_comment();
} elseif (current_action("do_UnpinComment")) {
diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php
index 71bf5ff..d8698a8 100644
--- a/web/lib/credentials.inc.php
+++ b/web/lib/credentials.inc.php
@@ -6,6 +6,7 @@ define("CRED_ACCOUNT_EDIT_DEV", 3);
define("CRED_ACCOUNT_LAST_LOGIN", 4);
define("CRED_ACCOUNT_SEARCH", 5);
define("CRED_COMMENT_DELETE", 6);
+define("CRED_COMMENT_UNDELETE", 27);
define("CRED_COMMENT_VIEW_DELETED", 22);
define("CRED_COMMENT_EDIT", 25);
define("CRED_COMMENT_PIN", 26);
@@ -59,6 +60,7 @@ function has_credential($credential, $approved_users=array())
{
case CRED_ACCOUNT_LAST_LOGIN:
case CRED_ACCOUNT_SEARCH:
case CRED_COMMENT_DELETE:
+ case CRED_COMMENT_UNDELETE:
case CRED_COMMENT_VIEW_DELETED:
case CRED_COMMENT_EDIT:
case CRED_COMMENT_PIN:
diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php
index 2b1201d..20f5bb4 100644
--- a/web/lib/pkgbasefuncs.inc.php
+++ b/web/lib/pkgbasefuncs.inc.php
@@ -932,9 +932,10 @@ function pkgbase_notify ($base_ids, $action=true) {
/**
* Delete a package comment
*
+ * @param boolean $undelete True if undeleting rather than deleting
* @return array Tuple of success/failure indicator and error message
*/
-function pkgbase_delete_comment() {
+function pkgbase_delete_comment($undelete=false) {
$uid = uid_from_sid($_COOKIE["AURSID"]);
if (!$uid) {
return array(false, __("You must be logged in before you can
edit package information."));
@@ -947,15 +948,28 @@ function pkgbase_delete_comment() {
}
$dbh = DB::connect();
- if (can_delete_comment($comment_id)) {
+ if ($undelete) {
+ if (!has_credential(CRED_COMMENT_UNDELETE)) {
+ return array(false, __("You are not allowed to undelete
this comment."));
+ }
+
+ $q = "UPDATE PackageComments ";
+ $q.= "SET DelUsersID = NULL, ";
+ $q.= "DelTS = NULL ";
+ $q.= "WHERE ID = ".intval($comment_id);
+ $dbh->exec($q);
+ return array(true, __("Comment has been undeleted."));
+ } else {
+ if (!can_delete_comment($comment_id)) {
+ return array(false, __("You are not allowed to delete
this comment."));
+ }
+
$q = "UPDATE PackageComments ";
$q.= "SET DelUsersID = ".$uid.", ";
$q.= "DelTS = UNIX_TIMESTAMP() ";
$q.= "WHERE ID = ".intval($comment_id);
$dbh->exec($q);
return array(true, __("Comment has been deleted."));
- } else {
- return array(false, __("You are not allowed to delete this
comment."));
}
}
diff --git a/web/template/pkg_comments.php b/web/template/pkg_comments.php
index d05c512..3f1f728 100644
--- a/web/template/pkg_comments.php
+++ b/web/template/pkg_comments.php
@@ -53,6 +53,17 @@ if (!isset($count)) {
?>
<h4 id="comment-<?= $row['ID'] ?>"<?php if ($is_deleted): ?>
class="comment-deleted"<?php endif; ?>>
<?= $heading ?>
+ <?php if ($is_deleted &&
has_credential(CRED_COMMENT_UNDELETE)): ?>
+ <form class="undelete-comment-form"
method="post" action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name),
ENT_QUOTES); ?>">
+ <fieldset style="display:inline;">
+ <input type="hidden"
name="action" value="do_UndeleteComment" />
+ <input type="hidden"
name="comment_id" value="<?= $row['ID'] ?>" />
+ <input type="hidden"
name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
+ <input type="submit"
class="undelete-comment" value="<?= __('Undelete') ?>" name="submit" />
+ </fieldset>
+ </form>
+ <?php endif;?>
+
<?php if (!$is_deleted &&
can_delete_comment_array($row)): ?>
<form class="delete-comment-form" method="post"
action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name), ENT_QUOTES); ?>">
<fieldset style="display:inline;">
--
2.7.0
