diff options
Diffstat (limited to 'web/lib')
-rw-r--r-- | web/lib/credentials.inc.php | 2 | ||||
-rw-r--r-- | web/lib/pkgbasefuncs.inc.php | 22 |
2 files changed, 20 insertions, 4 deletions
diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php index 71bf5ffb..d8698a87 100644 --- a/web/lib/credentials.inc.php +++ b/web/lib/credentials.inc.php @@ -6,6 +6,7 @@ define("CRED_ACCOUNT_EDIT_DEV", 3); define("CRED_ACCOUNT_LAST_LOGIN", 4); define("CRED_ACCOUNT_SEARCH", 5); define("CRED_COMMENT_DELETE", 6); +define("CRED_COMMENT_UNDELETE", 27); define("CRED_COMMENT_VIEW_DELETED", 22); define("CRED_COMMENT_EDIT", 25); define("CRED_COMMENT_PIN", 26); @@ -59,6 +60,7 @@ function has_credential($credential, $approved_users=array()) { case CRED_ACCOUNT_LAST_LOGIN: case CRED_ACCOUNT_SEARCH: case CRED_COMMENT_DELETE: + case CRED_COMMENT_UNDELETE: case CRED_COMMENT_VIEW_DELETED: case CRED_COMMENT_EDIT: case CRED_COMMENT_PIN: diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index 2b1201d5..20f5bb49 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -932,9 +932,10 @@ function pkgbase_notify ($base_ids, $action=true) { /** * Delete a package comment * + * @param boolean $undelete True if undeleting rather than deleting * @return array Tuple of success/failure indicator and error message */ -function pkgbase_delete_comment() { +function pkgbase_delete_comment($undelete=false) { $uid = uid_from_sid($_COOKIE["AURSID"]); if (!$uid) { return array(false, __("You must be logged in before you can edit package information.")); @@ -947,15 +948,28 @@ function pkgbase_delete_comment() { } $dbh = DB::connect(); - if (can_delete_comment($comment_id)) { + if ($undelete) { + if (!has_credential(CRED_COMMENT_UNDELETE)) { + return array(false, __("You are not allowed to undelete this comment.")); + } + + $q = "UPDATE PackageComments "; + $q.= "SET DelUsersID = NULL, "; + $q.= "DelTS = NULL "; + $q.= "WHERE ID = ".intval($comment_id); + $dbh->exec($q); + return array(true, __("Comment has been undeleted.")); + } else { + if (!can_delete_comment($comment_id)) { + return array(false, __("You are not allowed to delete this comment.")); + } + $q = "UPDATE PackageComments "; $q.= "SET DelUsersID = ".$uid.", "; $q.= "DelTS = UNIX_TIMESTAMP() "; $q.= "WHERE ID = ".intval($comment_id); $dbh->exec($q); return array(true, __("Comment has been deleted.")); - } else { - return array(false, __("You are not allowed to delete this comment.")); } } |