bugnote_update.php

   1 <?php
   2 # MantisBT - A PHP based bugtracking system
   3
   4 # MantisBT is free software: you can redistribute it and/or modify
   5 # it under the terms of the GNU General Public License as published by
   6 # the Free Software Foundation, either version 2 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # MantisBT is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU General Public License
  15 # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Update bugnote data then redirect to the appropriate viewing page
  19  *
  20  * @package MantisBT
  21  * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
  22  * @copyright Copyright (C) 2002 - 2011  MantisBT Team - mantisbt-dev@lists.sourceforge.net
  23  * @link http://www.mantisbt.org
  24  *
  25  * @uses core.php
  26  * @uses access_api.php
  27  * @uses authentication_api.php
  28  * @uses bug_api.php
  29  * @uses bugnote_api.php
  30  * @uses config_api.php
  31  * @uses constant_inc.php
  32  * @uses error_api.php
  33  * @uses event_api.php
  34  * @uses form_api.php
  35  * @uses gpc_api.php
  36  * @uses print_api.php
  37  * @uses string_api.php
  38  */
  39
  40 /**
  41  * MantisBT Core API's
  42  */
  43 require_once( 'core.php' );
  44 require_api( 'access_api.php' );
  45 require_api( 'authentication_api.php' );
  46 require_api( 'bug_api.php' );
  47 require_api( 'bugnote_api.php' );
  48 require_api( 'config_api.php' );
  49 require_api( 'constant_inc.php' );
  50 require_api( 'error_api.php' );
  51 require_api( 'event_api.php' );
  52 require_api( 'form_api.php' );
  53 require_api( 'gpc_api.php' );
  54 require_api( 'print_api.php' );
  55 require_api( 'string_api.php' );
  56
  57 form_security_validate( 'bugnote_update' );
  58
  59 $f_bugnote_id    = gpc_get_int( 'bugnote_id' );
  60 $f_bugnote_text  = gpc_get_string( 'bugnote_text', '' );
  61 $f_time_tracking = gpc_get_string( 'time_tracking', '0:00' );
  62
  63 # Check if the current user is allowed to edit the bugnote
  64 $t_user_id = auth_get_current_user_id();
  65 $t_reporter_id = bugnote_get_field( $f_bugnote_id, 'reporter_id' );
  66
  67 if ( $t_user_id == $t_reporter_id ) {
  68         access_ensure_bugnote_level( config_get( 'bugnote_user_edit_threshold' ), $f_bugnote_id );
  69 } else {
  70         access_ensure_bugnote_level( config_get( 'update_bugnote_threshold' ), $f_bugnote_id );
  71 }
  72
  73 # Check if the bug is readonly
  74 $t_bug_id = bugnote_get_field( $f_bugnote_id, 'bug_id' );
  75 if ( bug_is_readonly( $t_bug_id ) ) {
  76         error_parameters( $t_bug_id );
  77         trigger_error( ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR );
  78 }
  79
  80 $f_bugnote_text = trim( $f_bugnote_text ) . "\n\n";
  81
  82 bugnote_set_text( $f_bugnote_id, $f_bugnote_text );
  83 bugnote_set_time_tracking( $f_bugnote_id, $f_time_tracking );
  84
  85 # Plugin integration
  86 event_signal( 'EVENT_BUGNOTE_EDIT', array( $t_bug_id, $f_bugnote_id ) );
  87
  88 form_security_purge( 'bugnote_update' );
  89
  90 print_successful_redirect( string_get_bug_view_url( $t_bug_id ) . '#bugnotes' );