src/detail.php

   1 <?php
   2 /**
   3  * @file detail.php
   4  * Page to edit an error report
   5  * @author Roland Hieber (roland.hieber@wilhelm-gym.net)
   6  * @date 22.10.2007
   7  *
   8  * Copyright © 2007 Roland Hieber
   9  *
  10  * Permission is hereby granted, free of charge, to any person obtaining
  11  * copy of this software and associated documentation files (the "Software"),
  12  * to deal in the Software without restriction, including without limitation
  13  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
  14  * and/or sell copies of the Software, and to permit persons to whom the
  15  * Software is furnished to do so, subject to the following conditions:
  16  *
  17  * The above copyright notice and this permission notice shall be included in
  18  * all copies or substantial portions of the Software.
  19  *
  20  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  21  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  22  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  23  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  24  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  25  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  26  * THE SOFTWARE.
  27  */
  28
  29 require_once("mod_error-reporter/init.inc");
  30 require_once("sec/secure.inc");
  31 require_once("js.inc");
  32
  33 db_user("errorreporter");
  34
  35 PageBlue(_c("error-reporter:Change an error report"), "mod_error-reporter");
  36
  37 if(!erConfig::userHasAccess()) {
  38   printf("<p class='err'>%s</p>\n", ER_ERROR_ACCESS_DENIED);
  39   _PageBlue();
  40   die();
  41 }
  42
  43 $getAction = @$_GET["action"];
  44 $getUid = @intval($_GET["uid"]);
  45 $postSubmit = @$_POST["submit"];
  46
  47 isset($getUid) or  die();
  48
  49 // Check if the specified report exists
  50 if(!is_object($doc->getErrorReportByID($getUid))) {
  51   echo sprintf("<p class='err'>%s</p>",
  52     _c("error-reporter:The specified error report does not exist!"));
  53   _PageBlue();
  54   die();
  55 }
  56
  57 // Only admins or owners can view this page
  58 if(!(erConfig::userIsAdmin() or $doc->userIsOwner($getUid))) {
  59   echo sprintf("<p class='err'>%s</div>", _c("error-reporter:You are not ".
  60     "allowed to edit this report."));
  61   _PageBlue();
  62   die();
  63 }
  64
  65 // Load old dataset
  66 $er = $doc->getErrorReportByID($getUid);
  67 $strOldComment = $er->getComment();
  68
  69 // Probably we have to update an error report
  70 if($getAction == "update" and $postSubmit == _("Change"))
  71 {
  72   if(erConfig::userIsAdmin()) {
  73     $postComment = stripslashes(@$_POST["comment"]);
  74     $postCommentOld = stripslashes(@$_POST["comment_old"]);
  75   }
  76
  77   // change the fields of the old dataset
  78   $er->setMachine(stripslashes(@$_POST["machine"]));
  79   $er->setText(stripslashes(@$_POST["text"]));
  80   $er->setVisibility(isset($_POST["hidden"]) ? true : false);
  81
  82   // Do we have to change the comment and his owner?
  83   if(erConfig::userIsAdmin()) {
  84     if(@$_POST["comment_old"] != @$_POST["comment"]) {
  85       $er->setComment(stripslashes(@$_POST["comment"]), $_SESSION["act"]);
  86     }
  87   }
  88
  89   // write into database, reload parent and close window
  90   if($doc->writeErrorReport($er) != -1) {
  91     js_try("opener.location.href = 'index.php';");
  92     js_close(500);
  93   } else {
  94     printLastError();
  95     _PageBlue();
  96     die();
  97   }
  98 }
  99
 100 // output form
 101 $hidctrl = "input type='hidden'";
 102 Title(_c("error-reporter:Change an error report"));
 103 echo sprintf("<form action='?action=update&amp;uid=%d' method='post'>\n",
 104   $getUid);
 105 echo "<table>\n";
 106 echo sprintf("<tr><td>%s</td><td>%s</td></tr>\n",
 107   _c("error-reporter:Reported by:"), q(erGetRealUserName($er->getOwner())));
 108 echo sprintf("<tr><td>%s</td><td>%s</td></tr>\n", _c("error-reporter:Date:"),
 109   SmartDate($er->getDate()));
 110 echo sprintf("<tr><td>%s</td><td><{$GLOBALS["stdedt"]} name='machine' ".
 111   "value='%s' /></td></tr>\n", _c("error-reporter:Affected machine:"),
 112   q($er->getMachine()));
 113 echo sprintf("<tr><td>%s</td><td><textarea name='text' cols='40' rows='7'>%s".
 114   "</textarea></td></tr>\n", _c("error-reporter:Text:"), $er->getText());
 115 echo sprintf("<tr><td><label for='hidden'>%s</label></td><td>".
 116   "<input type='checkbox' id='hidden' name='hidden' value='true'%s /></td>".
 117   "</tr>\n", _c("error-reporter:Hidden:"), $er->isHidden() ?
 118   " checked='checked'" : "");
 119 if(erConfig::userIsAdmin()) {
 120   echo sprintf("<tr><td>%s</td><td><textarea name='comment' cols='40' ".
 121   "rows='3'>%s</textarea>", _c("error-reporter:Comment:"), $er->getComment());
 122   if($er->getComment() != "") {
 123     echo sprintf("<input type='hidden' name='comment_old' value='%s' /></td>".
 124       "</tr>\n", $strOldComment);
 125     echo sprintf("<tr><td>%s</td><td>%s</td></tr>\n", _c("error-reporter:".
 126       "Comment written by:"), erGetRealUserName($er->getCommentOwner()));
 127   }
 128 }
 129 echo sprintf("<tr><td /><td><{$GLOBALS["smlbtn"]} name='submit' value='%s' ".
 130   "/></td></tr>\n", _("Change"));
 131 echo "</table></form><p />\n";
 132 _PageBlue();
 133 ?>