diff options
Diffstat (limited to 'web/lib')
-rw-r--r-- | web/lib/aur.inc.php | 19 | ||||
-rw-r--r-- | web/lib/credentials.inc.php | 2 | ||||
-rw-r--r-- | web/lib/pkgfuncs.inc.php | 14 |
3 files changed, 35 insertions, 0 deletions
diff --git a/web/lib/aur.inc.php b/web/lib/aur.inc.php index b410db5..9997535 100644 --- a/web/lib/aur.inc.php +++ b/web/lib/aur.inc.php @@ -577,6 +577,25 @@ function salted_hash($passwd, $salt) { } /** + * Get a package comment + * + * @param int $comment_id The ID of the comment + * + * @return array The user ID and comment OR null, null in case of an error + */ +function comment_by_id($comment_id) { + $dbh = DB::connect(); + $q = "SELECT UsersID, Comments FROM PackageComments "; + $q.= "WHERE ID = " . intval($comment_id); + $result = $dbh->query($q); + if (!$result) { + return array(null, null); + } + + return $result->fetch(PDO::FETCH_NUM); +} + +/** * Process submitted comments so any links can be followed * * @param string $comment Raw user submitted package comment diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php index cf1fcca..648d78c 100644 --- a/web/lib/credentials.inc.php +++ b/web/lib/credentials.inc.php @@ -7,6 +7,7 @@ define("CRED_ACCOUNT_LAST_LOGIN", 4); define("CRED_ACCOUNT_SEARCH", 5); define("CRED_COMMENT_DELETE", 6); define("CRED_COMMENT_VIEW_DELETED", 22); +define("CRED_COMMENT_EDIT", 25); define("CRED_PKGBASE_ADOPT", 7); define("CRED_PKGBASE_SET_KEYWORDS", 8); define("CRED_PKGBASE_DELETE", 9); @@ -58,6 +59,7 @@ function has_credential($credential, $approved_users=array()) { case CRED_ACCOUNT_SEARCH: case CRED_COMMENT_DELETE: case CRED_COMMENT_VIEW_DELETED: + case CRED_COMMENT_EDIT: case CRED_PKGBASE_ADOPT: case CRED_PKGBASE_SET_KEYWORDS: case CRED_PKGBASE_DELETE: diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index 110290b..7cb2ffc 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -43,6 +43,20 @@ function can_delete_comment_array($comment) { } /** + * Determine if the user can edit a specific package comment using an array + * + * Only the comment submitter, Trusted Users, and Developers can edit + * comments. This function is used for the frontend side of comment editing. + * + * @param array $comment All database information relating a specific comment + * + * @return bool True if the user can edit the comment, otherwise false + */ +function can_edit_comment_array($comment) { + return has_credential(CRED_COMMENT_EDIT, array($comment['UsersID'])); +} + +/** * Check to see if the package name already exists in the database * * @param string $name The package name to check |