From e331ce273cab901726983e18249e0bb3455fc463 Mon Sep 17 00:00:00 2001 From: Marcel Korpel Date: Fri, 10 Jul 2015 18:47:32 +0200 Subject: Support comment editing in the backend Create two new actions, do_AddComment and do_EditComment. When editing or deleting a comment, a timestamp is added. Signed-off-by: Marcel Korpel Signed-off-by: Lukas Fleischer --- web/lib/pkgfuncs.inc.php | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'web/lib/pkgfuncs.inc.php') diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index 7cb2ffc..de57c3e 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -42,6 +42,32 @@ function can_delete_comment_array($comment) { return has_credential(CRED_COMMENT_DELETE, array($comment['UsersID'])); } +/** + * Determine if the user can edit a specific package comment + * + * Only the comment submitter, Trusted Users, and Developers can edit + * comments. This function is used for the backend side of comment editing. + * + * @param string $comment_id The comment ID in the database + * + * @return bool True if the user can edit the comment, otherwise false + */ +function can_edit_comment($comment_id=0) { + $dbh = DB::connect(); + + $q = "SELECT UsersID FROM PackageComments "; + $q.= "WHERE ID = " . intval($comment_id); + $result = $dbh->query($q); + + if (!$result) { + return false; + } + + $uid = $result->fetch(PDO::FETCH_COLUMN, 0); + + return has_credential(CRED_COMMENT_EDIT, array($uid)); +} + /** * Determine if the user can edit a specific package comment using an array * -- cgit v1.2.3-70-g09d2