Commit 92e19e95 authored by Marcel Korpel's avatar Marcel Korpel Committed by Lukas Fleischer
Browse files

Add comment edit icon and form



Show an icon next to the comment deletion icon, which leads to a
comment edit form.

Signed-off-by: default avatarMarcel Korpel <marcel.korpel@gmail.com>
Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
parent 8375d212
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../lib');
include_once("aur.inc.php");
include_once("pkgbasefuncs.inc.php");
set_lang();
check_sid();
$comment_id = intval($_REQUEST['comment_id']);
list($user_id, $comment) = comment_by_id($comment_id);
if (!isset($base_id) || !has_credential(CRED_COMMENT_EDIT, array($user_id)) || is_null($comment)) {
header('Location: /');
exit();
}
html_header(__("Edit comment"));
include('pkg_comment_form.php');
html_footer(AURWEB_VERSION);
......@@ -96,17 +96,24 @@
color: #999;
}
.delete-comment-form {
.delete-comment-form, .edit-comment {
float: right;
margin-left: 8px;
}
.delete-comment {
.edit-comment {
height: 11px;
position: relative;
top: 1px;
}
.delete-comment, .edit-comment {
-webkit-filter: grayscale(100%);
filter: grayscale(100%);
opacity: 0.6;
}
.delete-comment:hover {
.delete-comment:hover, .edit-comment:hover {
-webkit-filter: none;
filter: none;
opacity: 1;
......
<svg xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns="http://www.w3.org/2000/svg" height="8" width="8" version="1.1" xmlns:cc="http://creativecommons.org/ns#" xmlns:dc="http://purl.org/dc/elements/1.1/" viewBox="0 0 8 8">
<path fill="#36a" d="m6 0l-1 1 2 2 1-1-2-2zm-2 2l-4 4v2h2l4-4-2-2z"/>
</svg>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="8"
height="8"
viewBox="0 0 8 8"
id="svg2"
version="1.1"
inkscape:version="0.91 r13725"
sodipodi:docname="pencil-arch.svg">
<metadata
id="metadata10">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<defs
id="defs8" />
<sodipodi:namedview
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1"
objecttolerance="10"
gridtolerance="10"
guidetolerance="10"
inkscape:pageopacity="0"
inkscape:pageshadow="2"
inkscape:window-width="659"
inkscape:window-height="480"
id="namedview6"
showgrid="false"
inkscape:zoom="29.5"
inkscape:cx="4"
inkscape:cy="4"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="0"
inkscape:current-layer="svg2" />
<path
d="M6 0l-1 1 2 2 1-1-2-2zm-2 2l-4 4v2h2l4-4-2-2z"
id="path4"
style="fill:#3366aa;fill-opacity:1" />
</svg>
......@@ -89,6 +89,9 @@ if (!empty($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) {
case "comaintainers":
include('comaintainers.php');
return;
case "edit-comment":
include('commentedit.php');
return;
default:
header("HTTP/1.0 404 Not Found");
include "./404.php";
......@@ -174,6 +177,7 @@ if (!empty($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) {
readfile("./$path");
break;
case "/images/x.min.svg":
case "/images/pencil.min.svg":
header("Content-Type: image/svg+xml");
readfile("./$path");
break;
......
......@@ -104,9 +104,7 @@ if (check_token()) {
list($ret, $output) = pkgreq_close($_POST['reqid'], $_POST['reason'], $_POST['comments']);
} elseif (current_action("do_EditComaintainers")) {
list($ret, $output) = pkgbase_set_comaintainers($base_id, explode("\n", $_POST['users']));
}
if (isset($_REQUEST['comment'])) {
} elseif (current_action("do_AddComment")) {
$uid = uid_from_sid($_COOKIE["AURSID"]);
pkgbase_add_comment($base_id, $uid, $_REQUEST['comment']);
$ret = true;
......
......@@ -576,6 +576,25 @@ function salted_hash($passwd, $salt) {
return md5($salt . $passwd);
}
/**
* Get a package comment
*
* @param int $comment_id The ID of the comment
*
* @return array The user ID and comment OR null, null in case of an error
*/
function comment_by_id($comment_id) {
$dbh = DB::connect();
$q = "SELECT UsersID, Comments FROM PackageComments ";
$q.= "WHERE ID = " . intval($comment_id);
$result = $dbh->query($q);
if (!$result) {
return array(null, null);
}
return $result->fetch(PDO::FETCH_NUM);
}
/**
* Process submitted comments so any links can be followed
*
......
......@@ -7,6 +7,7 @@ define("CRED_ACCOUNT_LAST_LOGIN", 4);
define("CRED_ACCOUNT_SEARCH", 5);
define("CRED_COMMENT_DELETE", 6);
define("CRED_COMMENT_VIEW_DELETED", 22);
define("CRED_COMMENT_EDIT", 25);
define("CRED_PKGBASE_ADOPT", 7);
define("CRED_PKGBASE_SET_KEYWORDS", 8);
define("CRED_PKGBASE_DELETE", 9);
......@@ -58,6 +59,7 @@ function has_credential($credential, $approved_users=array()) {
case CRED_ACCOUNT_SEARCH:
case CRED_COMMENT_DELETE:
case CRED_COMMENT_VIEW_DELETED:
case CRED_COMMENT_EDIT:
case CRED_PKGBASE_ADOPT:
case CRED_PKGBASE_SET_KEYWORDS:
case CRED_PKGBASE_DELETE:
......
......@@ -42,6 +42,20 @@ function can_delete_comment_array($comment) {
return has_credential(CRED_COMMENT_DELETE, array($comment['UsersID']));
}
/**
* Determine if the user can edit a specific package comment using an array
*
* Only the comment submitter, Trusted Users, and Developers can edit
* comments. This function is used for the frontend side of comment editing.
*
* @param array $comment All database information relating a specific comment
*
* @return bool True if the user can edit the comment, otherwise false
*/
function can_edit_comment_array($comment) {
return has_credential(CRED_COMMENT_EDIT, array($comment['UsersID']));
}
/**
* Check to see if the package name already exists in the database
*
......
<div id="generic-form" class="box">
<h2><?= __("Add Comment"); ?></h2>
<h2><?= (isset($comment_id)) ? __('Edit comment for: %s', htmlspecialchars($pkgbase_name)) : __("Add Comment"); ?></h2>
<form action="<?= get_pkgbase_uri($pkgbase_name) ?>" method="post">
<fieldset>
<?php
......@@ -8,14 +8,18 @@ if (isset($_REQUEST['comment']) && check_token()) {
}
?>
<div>
<input type="hidden" name="action" value="<?= (isset($comment_id)) ? "do_EditComment" : "do_AddComment" ?>" />
<input type="hidden" name="ID" value="<?= intval($base_id) ?>" />
<?php if (isset($comment_id)): ?>
<input type="hidden" name="comment_id" value="<?= $comment_id ?>" />
<?php endif; ?>
<input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
</div>
<p>
<textarea id="id_comment" name="comment" cols="80" rows="10"></textarea>
<textarea id="id_comment" name="comment" cols="80" rows="10"><?= (isset($comment_id)) ? htmlspecialchars($comment) : "" ?></textarea>
</p>
<p>
<input type="submit" value="<?= __("Add Comment") ?>" />
<input type="submit" value="<?= (isset($comment_id)) ? __("Save") : __("Add Comment") ?>" />
</p>
</fieldset>
</form>
......
......@@ -39,6 +39,9 @@ $count = pkgbase_comments_count($base_id, $include_deleted);
</fieldset>
</form>
<?php endif; ?>
<?php if (!$row['DelUsersID'] && can_edit_comment_array($row)): ?>
<a href="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name) . 'edit-comment/?comment_id=' . $row['ID'], ENT_QUOTES) ?>" class="edit-comment" title="<?= __('Edit comment') ?>"><img src="/images/pencil.min.svg" alt="<?= __('Edit comment') ?>" width="11" height="11"></a>
<?php endif; ?>
</h4>
<div class="article-content<?php if ($row['DelUsersID']): ?> comment-deleted<?php endif; ?>">
<p>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment