summaryrefslogtreecommitdiffstats
path: root/web/lib
diff options
context:
space:
mode:
Diffstat (limited to 'web/lib')
-rw-r--r--web/lib/credentials.inc.php2
-rw-r--r--web/lib/pkgbasefuncs.inc.php80
-rw-r--r--web/lib/pkgfuncs.inc.php51
3 files changed, 127 insertions, 6 deletions
diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php
index 648d78c..71bf5ff 100644
--- a/web/lib/credentials.inc.php
+++ b/web/lib/credentials.inc.php
@@ -8,6 +8,7 @@ define("CRED_ACCOUNT_SEARCH", 5);
define("CRED_COMMENT_DELETE", 6);
define("CRED_COMMENT_VIEW_DELETED", 22);
define("CRED_COMMENT_EDIT", 25);
+define("CRED_COMMENT_PIN", 26);
define("CRED_PKGBASE_ADOPT", 7);
define("CRED_PKGBASE_SET_KEYWORDS", 8);
define("CRED_PKGBASE_DELETE", 9);
@@ -60,6 +61,7 @@ function has_credential($credential, $approved_users=array()) {
case CRED_COMMENT_DELETE:
case CRED_COMMENT_VIEW_DELETED:
case CRED_COMMENT_EDIT:
+ case CRED_COMMENT_PIN:
case CRED_PKGBASE_ADOPT:
case CRED_PKGBASE_SET_KEYWORDS:
case CRED_PKGBASE_DELETE:
diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php
index 3c199d6..7076c31 100644
--- a/web/lib/pkgbasefuncs.inc.php
+++ b/web/lib/pkgbasefuncs.inc.php
@@ -7,10 +7,11 @@ include_once("pkgreqfuncs.inc.php");
*
* @param string $base_id The package base ID to get comment count for
* @param bool $include_deleted True if deleted comments should be included
+ * @param bool $only_pinned True if only pinned comments should be included
*
* @return string The number of comments left for a specific package
*/
-function pkgbase_comments_count($base_id, $include_deleted) {
+function pkgbase_comments_count($base_id, $include_deleted, $only_pinned=false) {
$base_id = intval($base_id);
if (!$base_id) {
return null;
@@ -22,6 +23,9 @@ function pkgbase_comments_count($base_id, $include_deleted) {
if (!$include_deleted) {
$q.= "AND DelUsersID IS NULL";
}
+ if ($only_pinned) {
+ $q.= "AND NOT PinnedTS = 0";
+ }
$result = $dbh->query($q);
if (!$result) {
return null;
@@ -36,10 +40,11 @@ function pkgbase_comments_count($base_id, $include_deleted) {
* @param int $base_id The package base ID to get comments for
* @param int $limit Maximum number of comments to return (0 means unlimited)
* @param bool $include_deleted True if deleted comments should be included
+ * @param bool $only_pinned True when only pinned comments are to be included
*
* @return array All package comment information for a specific package base
*/
-function pkgbase_comments($base_id, $limit, $include_deleted) {
+function pkgbase_comments($base_id, $limit, $include_deleted, $only_pinned=false) {
$base_id = intval($base_id);
$limit = intval($limit);
if (!$base_id) {
@@ -48,15 +53,20 @@ function pkgbase_comments($base_id, $limit, $include_deleted) {
$dbh = DB::connect();
$q = "SELECT PackageComments.ID, A.UserName AS UserName, UsersID, Comments, ";
- $q.= "CommentTS, EditedTS, B.UserName AS EditUserName, ";
- $q.= "DelUsersID, C.UserName AS DelUserName FROM PackageComments ";
+ $q.= "PackageBaseID, CommentTS, EditedTS, B.UserName AS EditUserName, ";
+ $q.= "DelUsersID, C.UserName AS DelUserName, ";
+ $q.= "PinnedTS FROM PackageComments ";
$q.= "LEFT JOIN Users A ON PackageComments.UsersID = A.ID ";
$q.= "LEFT JOIN Users B ON PackageComments.EditedUsersID = B.ID ";
$q.= "LEFT JOIN Users C ON PackageComments.DelUsersID = C.ID ";
$q.= "WHERE PackageBaseID = " . $base_id . " ";
+
if (!$include_deleted) {
$q.= "AND DelUsersID IS NULL ";
}
+ if ($only_pinned) {
+ $q.= "AND NOT PinnedTS = 0 ";
+ }
$q.= "ORDER BY CommentTS DESC";
if ($limit > 0) {
$q.=" LIMIT " . $limit;
@@ -97,6 +107,58 @@ function pkgbase_add_comment($base_id, $uid, $comment) {
}
/**
+ * Pin/unpin a package comment
+ *
+ * @param bool $unpin True if unpinning rather than pinning
+ *
+ * @return array Tuple of success/failure indicator and error message
+ */
+function pkgbase_pin_comment($unpin=false) {
+ $uid = uid_from_sid($_COOKIE["AURSID"]);
+
+ if (!$uid) {
+ return array(false, __("You must be logged in before you can edit package information."));
+ }
+
+ if (isset($_POST["comment_id"])) {
+ $comment_id = $_POST["comment_id"];
+ } else {
+ return array(false, __("Missing comment ID."));
+ }
+
+ if (!$unpin) {
+ if (pkgbase_comments_count($_POST['package_base'], false, true) >= 5){
+ return array(false, __("No more than 5 comments can be pinned."));
+ }
+ }
+
+ if (!can_pin_comment($comment_id)) {
+ if (!$unpin) {
+ return array(false, __("You are not allowed to pin this comment."));
+ } else {
+ return array(false, __("You are not allowed to unpin this comment."));
+ }
+ }
+
+ $dbh = DB::connect();
+ $q = "UPDATE PackageComments ";
+ if (!$unpin) {
+ $q.= "SET PinnedTS = UNIX_TIMESTAMP() ";
+ } else {
+ $q.= "SET PinnedTS = 0 ";
+ }
+ $q.= "WHERE ID = " . intval($comment_id);
+ $dbh->exec($q);
+
+ if (!$unpin) {
+ return array(true, __("Comment has been pinned."));
+ } else {
+ return array(true, __("Comment has been unpinned."));
+ }
+}
+
+/**
+
* Get a list of all packages a logged-in user has voted for
*
* @param string $sid The session ID of the visitor
@@ -183,8 +245,16 @@ function pkgbase_display_details($base_id, $row, $SID="") {
include('pkg_comment_box.php');
}
- $limit = isset($_GET['comments']) ? 0 : 10;
$include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
+
+ $limit_pinned = isset($_GET['pinned']) ? 0 : 5;
+ $pinned = pkgbase_comments($base_id, $limit_pinned, false, true);
+ if (!empty($pinned)) {
+ include('pkg_comments.php');
+ unset($pinned);
+ }
+
+ $limit = isset($_GET['comments']) ? 0 : 10;
$comments = pkgbase_comments($base_id, $limit, $include_deleted);
if (!empty($comments)) {
include('pkg_comments.php');
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index cedc360..c2bbe38 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -83,6 +83,47 @@ function can_edit_comment_array($comment) {
}
/**
+ * Determine if the user can pin a specific package comment
+ *
+ * Only the Package Maintainer, Trusted Users, and Developers can pin
+ * comments. This function is used for the backend side of comment pinning.
+ *
+ * @param string $comment_id The comment ID in the database
+ *
+ * @return bool True if the user can pin the comment, otherwise false
+ */
+function can_pin_comment($comment_id=0) {
+ $dbh = DB::connect();
+
+ $q = "SELECT MaintainerUID FROM PackageBases AS pb ";
+ $q.= "LEFT JOIN PackageComments AS pc ON pb.ID = pc.PackageBaseID ";
+ $q.= "WHERE pc.ID = " . intval($comment_id);
+ $result = $dbh->query($q);
+
+ if (!$result) {
+ return false;
+ }
+
+ $uid = $result->fetch(PDO::FETCH_COLUMN, 0);
+
+ return has_credential(CRED_COMMENT_PIN, array($uid));
+}
+
+/**
+ * Determine if the user can edit a specific package comment using an array
+ *
+ * Only the Package Maintainer, Trusted Users, and Developers can pin
+ * comments. This function is used for the frontend side of comment pinning.
+ *
+ * @param array $comment All database information relating a specific comment
+ *
+ * @return bool True if the user can edit the comment, otherwise false
+ */
+function can_pin_comment_array($comment) {
+ return can_pin_comment($comment['ID']);
+}
+
+/**
* Check to see if the package name already exists in the database
*
* @param string $name The package name to check
@@ -582,8 +623,16 @@ function pkg_display_details($id=0, $row, $SID="") {
include('pkg_comment_box.php');
}
- $limit = isset($_GET['comments']) ? 0 : 10;
$include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
+
+ $limit_pinned = isset($_GET['pinned']) ? 0 : 5;
+ $pinned = pkgbase_comments($base_id, $limit_pinned, false, true);
+ if (!empty($pinned)) {
+ include('pkg_comments.php');
+ unset($pinned);
+ }
+
+ $limit = isset($_GET['comments']) ? 0 : 10;
$comments = pkgbase_comments($base_id, $limit, $include_deleted);
if (!empty($comments)) {
include('pkg_comments.php');