[Summary view] [Print] [Text view]

   1  <?php
   2  # MantisBT - A PHP based bugtracking system
   3  
   4  # MantisBT is free software: you can redistribute it and/or modify
   5  # it under the terms of the GNU General Public License as published by
   6  # the Free Software Foundation, either version 2 of the License, or
   7  # (at your option) any later version.
   8  #
   9  # MantisBT is distributed in the hope that it will be useful,
  10  # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  # GNU General Public License for more details.
  13  #
  14  # You should have received a copy of the GNU General Public License
  15  # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Update bugnote data then redirect to the appropriate viewing page
  19   *
  20   * @package MantisBT
  21   * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
  22   * @copyright Copyright (C) 2002 - 2011  MantisBT Team - mantisbt-dev@lists.sourceforge.net
  23   * @link http://www.mantisbt.org
  24   *
  25   * @uses core.php
  26   * @uses access_api.php
  27   * @uses authentication_api.php
  28   * @uses bug_api.php
  29   * @uses bugnote_api.php
  30   * @uses config_api.php
  31   * @uses constant_inc.php
  32   * @uses error_api.php
  33   * @uses event_api.php
  34   * @uses form_api.php
  35   * @uses gpc_api.php
  36   * @uses print_api.php
  37   * @uses string_api.php
  38   */
  39  
  40  /**
  41   * MantisBT Core API's
  42   */
  43  require_once ( 'core.php' );
  44  require_api( 'access_api.php' );
  45  require_api( 'authentication_api.php' );
  46  require_api( 'bug_api.php' );
  47  require_api( 'bugnote_api.php' );
  48  require_api( 'config_api.php' );
  49  require_api( 'constant_inc.php' );
  50  require_api( 'error_api.php' );
  51  require_api( 'event_api.php' );
  52  require_api( 'form_api.php' );
  53  require_api( 'gpc_api.php' );
  54  require_api( 'print_api.php' );
  55  require_api( 'string_api.php' );
  56  
  57  form_security_validate( 'bugnote_update' );
  58  
  59  $f_bugnote_id     = gpc_get_int( 'bugnote_id' );
  60  $f_bugnote_text     = gpc_get_string( 'bugnote_text', '' );
  61  $f_time_tracking = gpc_get_string( 'time_tracking', '0:00' );
  62  
  63  # Check if the current user is allowed to edit the bugnote
  64  $t_user_id = auth_get_current_user_id();
  65  $t_reporter_id = bugnote_get_field( $f_bugnote_id, 'reporter_id' );
  66  
  67  if ( $t_user_id == $t_reporter_id ) {
  68      access_ensure_bugnote_level( config_get( 'bugnote_user_edit_threshold' ), $f_bugnote_id );
  69  } else {
  70      access_ensure_bugnote_level( config_get( 'update_bugnote_threshold' ), $f_bugnote_id );
  71  }
  72  
  73  # Check if the bug is readonly
  74  $t_bug_id = bugnote_get_field( $f_bugnote_id, 'bug_id' );
  75  if ( bug_is_readonly( $t_bug_id ) ) {
  76      error_parameters( $t_bug_id );
  77      trigger_error( ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR );
  78  }
  79  
  80  $f_bugnote_text = trim( $f_bugnote_text ) . "\n\n";
  81  
  82  bugnote_set_text( $f_bugnote_id, $f_bugnote_text );
  83  bugnote_set_time_tracking( $f_bugnote_id, $f_time_tracking );
  84  
  85  # Plugin integration
  86  event_signal( 'EVENT_BUGNOTE_EDIT', array( $t_bug_id, $f_bugnote_id ) );
  87  
  88  form_security_purge( 'bugnote_update' );
  89  
  90  print_successful_redirect( string_get_bug_view_url( $t_bug_id ) . '#bugnotes' );