summaryrefslogtreecommitdiffstats
path: root/web/lib
diff options
context:
space:
mode:
Diffstat (limited to 'web/lib')
-rw-r--r--web/lib/credentials.inc.php2
-rw-r--r--web/lib/pkgbasefuncs.inc.php22
2 files changed, 20 insertions, 4 deletions
diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php
index 71bf5ff..d8698a8 100644
--- a/web/lib/credentials.inc.php
+++ b/web/lib/credentials.inc.php
@@ -6,6 +6,7 @@ define("CRED_ACCOUNT_EDIT_DEV", 3);
define("CRED_ACCOUNT_LAST_LOGIN", 4);
define("CRED_ACCOUNT_SEARCH", 5);
define("CRED_COMMENT_DELETE", 6);
+define("CRED_COMMENT_UNDELETE", 27);
define("CRED_COMMENT_VIEW_DELETED", 22);
define("CRED_COMMENT_EDIT", 25);
define("CRED_COMMENT_PIN", 26);
@@ -59,6 +60,7 @@ function has_credential($credential, $approved_users=array()) {
case CRED_ACCOUNT_LAST_LOGIN:
case CRED_ACCOUNT_SEARCH:
case CRED_COMMENT_DELETE:
+ case CRED_COMMENT_UNDELETE:
case CRED_COMMENT_VIEW_DELETED:
case CRED_COMMENT_EDIT:
case CRED_COMMENT_PIN:
diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php
index 2b1201d..20f5bb4 100644
--- a/web/lib/pkgbasefuncs.inc.php
+++ b/web/lib/pkgbasefuncs.inc.php
@@ -932,9 +932,10 @@ function pkgbase_notify ($base_ids, $action=true) {
/**
* Delete a package comment
*
+ * @param boolean $undelete True if undeleting rather than deleting
* @return array Tuple of success/failure indicator and error message
*/
-function pkgbase_delete_comment() {
+function pkgbase_delete_comment($undelete=false) {
$uid = uid_from_sid($_COOKIE["AURSID"]);
if (!$uid) {
return array(false, __("You must be logged in before you can edit package information."));
@@ -947,15 +948,28 @@ function pkgbase_delete_comment() {
}
$dbh = DB::connect();
- if (can_delete_comment($comment_id)) {
+ if ($undelete) {
+ if (!has_credential(CRED_COMMENT_UNDELETE)) {
+ return array(false, __("You are not allowed to undelete this comment."));
+ }
+
+ $q = "UPDATE PackageComments ";
+ $q.= "SET DelUsersID = NULL, ";
+ $q.= "DelTS = NULL ";
+ $q.= "WHERE ID = ".intval($comment_id);
+ $dbh->exec($q);
+ return array(true, __("Comment has been undeleted."));
+ } else {
+ if (!can_delete_comment($comment_id)) {
+ return array(false, __("You are not allowed to delete this comment."));
+ }
+
$q = "UPDATE PackageComments ";
$q.= "SET DelUsersID = ".$uid.", ";
$q.= "DelTS = UNIX_TIMESTAMP() ";
$q.= "WHERE ID = ".intval($comment_id);
$dbh->exec($q);
return array(true, __("Comment has been deleted."));
- } else {
- return array(false, __("You are not allowed to delete this comment."));
}
}