diff options
Diffstat (limited to 'web/lib')
-rw-r--r-- | web/lib/credentials.inc.php | 2 | ||||
-rw-r--r-- | web/lib/pkgbasefuncs.inc.php | 80 | ||||
-rw-r--r-- | web/lib/pkgfuncs.inc.php | 51 |
3 files changed, 127 insertions, 6 deletions
diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php index 648d78c..71bf5ff 100644 --- a/web/lib/credentials.inc.php +++ b/web/lib/credentials.inc.php @@ -8,6 +8,7 @@ define("CRED_ACCOUNT_SEARCH", 5); define("CRED_COMMENT_DELETE", 6); define("CRED_COMMENT_VIEW_DELETED", 22); define("CRED_COMMENT_EDIT", 25); +define("CRED_COMMENT_PIN", 26); define("CRED_PKGBASE_ADOPT", 7); define("CRED_PKGBASE_SET_KEYWORDS", 8); define("CRED_PKGBASE_DELETE", 9); @@ -60,6 +61,7 @@ function has_credential($credential, $approved_users=array()) { case CRED_COMMENT_DELETE: case CRED_COMMENT_VIEW_DELETED: case CRED_COMMENT_EDIT: + case CRED_COMMENT_PIN: case CRED_PKGBASE_ADOPT: case CRED_PKGBASE_SET_KEYWORDS: case CRED_PKGBASE_DELETE: diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index 3c199d6..7076c31 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -7,10 +7,11 @@ include_once("pkgreqfuncs.inc.php"); * * @param string $base_id The package base ID to get comment count for * @param bool $include_deleted True if deleted comments should be included + * @param bool $only_pinned True if only pinned comments should be included * * @return string The number of comments left for a specific package */ -function pkgbase_comments_count($base_id, $include_deleted) { +function pkgbase_comments_count($base_id, $include_deleted, $only_pinned=false) { $base_id = intval($base_id); if (!$base_id) { return null; @@ -22,6 +23,9 @@ function pkgbase_comments_count($base_id, $include_deleted) { if (!$include_deleted) { $q.= "AND DelUsersID IS NULL"; } + if ($only_pinned) { + $q.= "AND NOT PinnedTS = 0"; + } $result = $dbh->query($q); if (!$result) { return null; @@ -36,10 +40,11 @@ function pkgbase_comments_count($base_id, $include_deleted) { * @param int $base_id The package base ID to get comments for * @param int $limit Maximum number of comments to return (0 means unlimited) * @param bool $include_deleted True if deleted comments should be included + * @param bool $only_pinned True when only pinned comments are to be included * * @return array All package comment information for a specific package base */ -function pkgbase_comments($base_id, $limit, $include_deleted) { +function pkgbase_comments($base_id, $limit, $include_deleted, $only_pinned=false) { $base_id = intval($base_id); $limit = intval($limit); if (!$base_id) { @@ -48,15 +53,20 @@ function pkgbase_comments($base_id, $limit, $include_deleted) { $dbh = DB::connect(); $q = "SELECT PackageComments.ID, A.UserName AS UserName, UsersID, Comments, "; - $q.= "CommentTS, EditedTS, B.UserName AS EditUserName, "; - $q.= "DelUsersID, C.UserName AS DelUserName FROM PackageComments "; + $q.= "PackageBaseID, CommentTS, EditedTS, B.UserName AS EditUserName, "; + $q.= "DelUsersID, C.UserName AS DelUserName, "; + $q.= "PinnedTS FROM PackageComments "; $q.= "LEFT JOIN Users A ON PackageComments.UsersID = A.ID "; $q.= "LEFT JOIN Users B ON PackageComments.EditedUsersID = B.ID "; $q.= "LEFT JOIN Users C ON PackageComments.DelUsersID = C.ID "; $q.= "WHERE PackageBaseID = " . $base_id . " "; + if (!$include_deleted) { $q.= "AND DelUsersID IS NULL "; } + if ($only_pinned) { + $q.= "AND NOT PinnedTS = 0 "; + } $q.= "ORDER BY CommentTS DESC"; if ($limit > 0) { $q.=" LIMIT " . $limit; @@ -97,6 +107,58 @@ function pkgbase_add_comment($base_id, $uid, $comment) { } /** + * Pin/unpin a package comment + * + * @param bool $unpin True if unpinning rather than pinning + * + * @return array Tuple of success/failure indicator and error message + */ +function pkgbase_pin_comment($unpin=false) { + $uid = uid_from_sid($_COOKIE["AURSID"]); + + if (!$uid) { + return array(false, __("You must be logged in before you can edit package information.")); + } + + if (isset($_POST["comment_id"])) { + $comment_id = $_POST["comment_id"]; + } else { + return array(false, __("Missing comment ID.")); + } + + if (!$unpin) { + if (pkgbase_comments_count($_POST['package_base'], false, true) >= 5){ + return array(false, __("No more than 5 comments can be pinned.")); + } + } + + if (!can_pin_comment($comment_id)) { + if (!$unpin) { + return array(false, __("You are not allowed to pin this comment.")); + } else { + return array(false, __("You are not allowed to unpin this comment.")); + } + } + + $dbh = DB::connect(); + $q = "UPDATE PackageComments "; + if (!$unpin) { + $q.= "SET PinnedTS = UNIX_TIMESTAMP() "; + } else { + $q.= "SET PinnedTS = 0 "; + } + $q.= "WHERE ID = " . intval($comment_id); + $dbh->exec($q); + + if (!$unpin) { + return array(true, __("Comment has been pinned.")); + } else { + return array(true, __("Comment has been unpinned.")); + } +} + +/** + * Get a list of all packages a logged-in user has voted for * * @param string $sid The session ID of the visitor @@ -183,8 +245,16 @@ function pkgbase_display_details($base_id, $row, $SID="") { include('pkg_comment_box.php'); } - $limit = isset($_GET['comments']) ? 0 : 10; $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED); + + $limit_pinned = isset($_GET['pinned']) ? 0 : 5; + $pinned = pkgbase_comments($base_id, $limit_pinned, false, true); + if (!empty($pinned)) { + include('pkg_comments.php'); + unset($pinned); + } + + $limit = isset($_GET['comments']) ? 0 : 10; $comments = pkgbase_comments($base_id, $limit, $include_deleted); if (!empty($comments)) { include('pkg_comments.php'); diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index cedc360..c2bbe38 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -83,6 +83,47 @@ function can_edit_comment_array($comment) { } /** + * Determine if the user can pin a specific package comment + * + * Only the Package Maintainer, Trusted Users, and Developers can pin + * comments. This function is used for the backend side of comment pinning. + * + * @param string $comment_id The comment ID in the database + * + * @return bool True if the user can pin the comment, otherwise false + */ +function can_pin_comment($comment_id=0) { + $dbh = DB::connect(); + + $q = "SELECT MaintainerUID FROM PackageBases AS pb "; + $q.= "LEFT JOIN PackageComments AS pc ON pb.ID = pc.PackageBaseID "; + $q.= "WHERE pc.ID = " . intval($comment_id); + $result = $dbh->query($q); + + if (!$result) { + return false; + } + + $uid = $result->fetch(PDO::FETCH_COLUMN, 0); + + return has_credential(CRED_COMMENT_PIN, array($uid)); +} + +/** + * Determine if the user can edit a specific package comment using an array + * + * Only the Package Maintainer, Trusted Users, and Developers can pin + * comments. This function is used for the frontend side of comment pinning. + * + * @param array $comment All database information relating a specific comment + * + * @return bool True if the user can edit the comment, otherwise false + */ +function can_pin_comment_array($comment) { + return can_pin_comment($comment['ID']); +} + +/** * Check to see if the package name already exists in the database * * @param string $name The package name to check @@ -582,8 +623,16 @@ function pkg_display_details($id=0, $row, $SID="") { include('pkg_comment_box.php'); } - $limit = isset($_GET['comments']) ? 0 : 10; $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED); + + $limit_pinned = isset($_GET['pinned']) ? 0 : 5; + $pinned = pkgbase_comments($base_id, $limit_pinned, false, true); + if (!empty($pinned)) { + include('pkg_comments.php'); + unset($pinned); + } + + $limit = isset($_GET['comments']) ? 0 : 10; $comments = pkgbase_comments($base_id, $limit, $include_deleted); if (!empty($comments)) { include('pkg_comments.php'); |