Adds functions and credential information to pin comments before others.
This needs two extra columns (PinnedTS and PinnedUsersID) to the
PackageComments table.
Implements FS#10863
Signed-off-by: Mark Weiman <mark.weiman(a)markzz.com>
---
web/html/css/aurweb.css | 18 ++++++++--
web/html/pkgbase.php | 4 +++
web/lib/credentials.inc.php | 2 ++
web/lib/pkgbasefuncs.inc.php | 82 +++++++++++++++++++++++++++++++++++++++++--
web/lib/pkgfuncs.inc.php | 51 ++++++++++++++++++++++++++-
web/template/pkg_comments.php | 41 +++++++++++++++++++---
6 files changed, 187 insertions(+), 11 deletions(-)
diff --git a/web/html/css/aurweb.css b/web/html/css/aurweb.css
index 11af747..5b36df0 100644
--- a/web/html/css/aurweb.css
+++ b/web/html/css/aurweb.css
@@ -101,7 +101,7 @@
color: #999;
}
-.delete-comment-form, .edit-comment {
+.delete-comment-form, .pin-comment-form, .edit-comment {
float: right;
margin-left: 8px;
}
@@ -118,12 +118,26 @@
opacity: 0.6;
}
-.delete-comment:hover, .edit-comment:hover {
+.delete-comment:hover, .edit-comment:hover, .pin-comment:hover {
-webkit-filter: none;
filter: none;
opacity: 1;
}
+.pin-comment {
+ float: right;
+ font-weight: 600;
+ background: none!important;
+ border: none;
+ padding: 0!important;
+ font: inherit;
+ cursor: pointer;
+ color: #3366aa;
+ -webkit-filter: grayscale(100%);
+ filter: grayscale(100%);
+ opacity: 0.6;
+}
+
.ajax-loader {
float: right;
position: relative;
diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php
index cbbf3cc..6f0de08 100644
--- a/web/html/pkgbase.php
+++ b/web/html/pkgbase.php
@@ -99,6 +99,10 @@ if (check_token()) {
list($ret, $output) = pkgbase_notify($ids, false);
} elseif (current_action("do_DeleteComment")) {
list($ret, $output) = pkgbase_delete_comment();
+ } elseif (current_action("do_PinComment")) {
+ list($ret, $output) = pkgbase_pin_comment();
+ } elseif (current_action("do_UnpinComment")) {
+ list($ret, $output) = pkgbase_unpin_comment();
} elseif (current_action("do_SetKeywords")) {
list($ret, $output) = pkgbase_set_keywords($base_id, preg_split("/[\s,;]+/", $_POST['keywords'], -1, PREG_SPLIT_NO_EMPTY));
} elseif (current_action("do_FileRequest")) {
diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php
index 648d78c..71bf5ff 100644
--- a/web/lib/credentials.inc.php
+++ b/web/lib/credentials.inc.php
@@ -8,6 +8,7 @@ define("CRED_ACCOUNT_SEARCH", 5);
define("CRED_COMMENT_DELETE", 6);
define("CRED_COMMENT_VIEW_DELETED", 22);
define("CRED_COMMENT_EDIT", 25);
+define("CRED_COMMENT_PIN", 26);
define("CRED_PKGBASE_ADOPT", 7);
define("CRED_PKGBASE_SET_KEYWORDS", 8);
define("CRED_PKGBASE_DELETE", 9);
@@ -60,6 +61,7 @@ function has_credential($credential, $approved_users=array()) {
case CRED_COMMENT_DELETE:
case CRED_COMMENT_VIEW_DELETED:
case CRED_COMMENT_EDIT:
+ case CRED_COMMENT_PIN:
case CRED_PKGBASE_ADOPT:
case CRED_PKGBASE_SET_KEYWORDS:
case CRED_PKGBASE_DELETE:
diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php
index afccc7d..ea3ce0d 100644
--- a/web/lib/pkgbasefuncs.inc.php
+++ b/web/lib/pkgbasefuncs.inc.php
@@ -36,10 +36,11 @@ function pkgbase_comments_count($base_id, $include_deleted) {
* @param int $base_id The package base ID to get comments for
* @param int $limit Maximum number of comments to return (0 means unlimited)
* @param bool $include_deleted True if deleted comments should be included
+ * @param bool $show_only_pinned True when only pinned comments are to be included
*
* @return array All package comment information for a specific package base
*/
-function pkgbase_comments($base_id, $limit, $include_deleted) {
+function pkgbase_comments($base_id, $limit, $include_deleted, $show_only_pinned=false) {
$base_id = intval($base_id);
$limit = intval($limit);
if (!$base_id) {
@@ -49,11 +50,17 @@ function pkgbase_comments($base_id, $limit, $include_deleted) {
$dbh = DB::connect();
$q = "SELECT PackageComments.ID, A.UserName AS UserName, UsersID, Comments, ";
$q.= "CommentTS, EditedTS, B.UserName AS EditUserName, ";
- $q.= "DelUsersID, C.UserName AS DelUserName FROM PackageComments ";
+ $q.= "DelUsersID, C.UserName AS DelUserName, ";
+ $q.= "PinnedUsersID, D.UserName AS PinnedUserName FROM PackageComments ";
$q.= "LEFT JOIN Users A ON PackageComments.UsersID = A.ID ";
$q.= "LEFT JOIN Users B ON PackageComments.EditedUsersID = B.ID ";
$q.= "LEFT JOIN Users C ON PackageComments.DelUsersID = C.ID ";
+ $q.= "LEFT JOIN Users D ON PackageComments.PinnedUsersID = D.ID ";
$q.= "WHERE PackageBaseID = " . $base_id . " ";
+
+ if ($show_only_pinned) {
+ $q.= "AND PinnedUsersID IS NOT NULL ";
+ }
if (!$include_deleted) {
$q.= "AND DelUsersID IS NULL ";
}
@@ -111,6 +118,67 @@ function pkgbase_add_comment($base_id, $uid, $comment) {
}
/**
+ * Pin a package comment
+ *
+ * @return array Tuple of success/failure indicator and error message
+ */
+function pkgbase_pin_comment() {
+ $uid = uid_from_sid($_COOKIE["AURSID"]);
+ if (!$uid) {
+ return array(false, __("You must be logged in before you can edit package information."));
+ }
+
+ if (isset($_POST["comment_id"])) {
+ $comment_id = $_POST["comment_id"];
+ } else {
+ return array(false, __("Missing comment ID."));
+ }
+
+ $dbh = DB::connect();
+ if (can_pin_comment($comment_id)) {
+ $q = "UPDATE PackageComments ";
+ $q.= "SET PinnedUsersID = ".$uid.", ";
+ $q.= "PinnedTS = UNIX_TIMESTAMP() ";
+ $q.= "WHERE ID = ".intval($comment_id);
+ $dbh->exec($q);
+ return array(true, __("Comment has been pinned."));
+ } else {
+ return array(false, __("You are not allowed to pin this comment."));
+ }
+}
+
+/**
+ * Unpin a package comment
+ *
+ * @return array Tuple of success/failure indicator and error message
+ */
+function pkgbase_unpin_comment() {
+ $uid = uid_from_sid($_COOKIE["AURSID"]);
+ if (!$uid) {
+ return array(false, __("You must be logged in before you can edit package information."));
+ }
+
+ if (isset($_POST["comment_id"])) {
+ $comment_id = $_POST["comment_id"];
+ } else {
+ return array(false, __("Missing comment ID."));
+ }
+
+ $dbh = DB::connect();
+ if (can_pin_comment($comment_id)) {
+ $q = "UPDATE PackageComments ";
+ $q.= "SET PinnedUsersID = NULL, ";
+ $q.= "PinnedTS = UNIX_TIMESTAMP() ";
+ $q.= "WHERE ID = ".intval($comment_id);
+ $dbh->exec($q);
+ return array(true, __("Comment has been unpinned."));
+ } else {
+ return array(false, __("You are not allowed to unpin this comment."));
+ }
+}
+
+/**
+
* Get a list of all packages a logged-in user has voted for
*
* @param string $sid The session ID of the visitor
@@ -196,9 +264,17 @@ function pkgbase_display_details($base_id, $row, $SID="") {
if ($SID) {
include('pkg_comment_box.php');
}
+
+ $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
+
+ $limit_pinned = isset($_GET['pinned']) ? 0 : 5;
+ $pinned = pkgbase_comments($base_id, $limit_pinned, false, true);
+ if (!empty($pinned)) {
+ include('pkg_comments.php');
+ unset($pinned);
+ }
$limit = isset($_GET['comments']) ? 0 : 10;
- $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
$comments = pkgbase_comments($base_id, $limit, $include_deleted);
if (!empty($comments)) {
include('pkg_comments.php');
diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php
index cedc360..c0ed99c 100644
--- a/web/lib/pkgfuncs.inc.php
+++ b/web/lib/pkgfuncs.inc.php
@@ -83,6 +83,47 @@ function can_edit_comment_array($comment) {
}
/**
+ * Determine if the user can pin a specific package comment
+ *
+ * Only the Package Maintainer, Trusted Users, and Developers can pin
+ * comments. This function is used for the backend side of comment pinning.
+ *
+ * @param string $comment_id The comment ID in the database
+ *
+ * @return bool True if the user can pin the comment, otherwise false
+ */
+function can_pin_comment($comment_id=0) {
+ $dbh = DB::connect();
+
+ $q = "SELECT MaintainerUID FROM PackageBases AS pb ";
+ $q.= "LEFT JOIN PackageComments AS pc ON pb.ID = pc.PackageBaseID ";
+ $q.= "WHERE pc.ID = " . intval($comment_id);
+ $result = $dbh->query($q);
+
+ if (!$result) {
+ return false;
+ }
+
+ $uid = $result->fetch(PDO::FETCH_COLUMN, 0);
+
+ return has_credential(CRED_COMMENT_PIN, array($uid));
+}
+
+/**
+ * Determine if the user can edit a specific package comment using an array
+ *
+ * Only the Package Maintainer, Trusted Users, and Developers can pin
+ * comments. This function is used for the frontend side of comment pinning.
+ *
+ * @param array $comment All database information relating a specific comment
+ *
+ * @return bool True if the user can edit the comment, otherwise false
+ */
+function can_pin_comment_array($comment) {
+ return can_pin_comment($comment['ID']);
+}
+
+/**
* Check to see if the package name already exists in the database
*
* @param string $name The package name to check
@@ -581,9 +622,17 @@ function pkg_display_details($id=0, $row, $SID="") {
if ($SID) {
include('pkg_comment_box.php');
}
+
+ $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
+
+ $limit_pinned = isset($_GET['pinned']) ? 0 : 5;
+ $pinned = pkgbase_comments($base_id, $limit_pinned, false, true);
+ if (!empty($pinned)) {
+ include('pkg_comments.php');
+ unset($pinned);
+ }
$limit = isset($_GET['comments']) ? 0 : 10;
- $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
$comments = pkgbase_comments($base_id, $limit, $include_deleted);
if (!empty($comments)) {
include('pkg_comments.php');
diff --git a/web/template/pkg_comments.php b/web/template/pkg_comments.php
index 21ce16f..8f1fb9f 100644
--- a/web/template/pkg_comments.php
+++ b/web/template/pkg_comments.php
@@ -6,13 +6,20 @@ if (isset($row['BaseID'])) {
/* On a package base details page. */
$base_id = $row['ID'];
}
-$include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED);
-$count = pkgbase_comments_count($base_id, $include_deleted);
+if (!isset($count)) {
+ $count = pkgbase_comments_count($base_id, $include_deleted);
+}
?>
<div id="news">
<h3>
- <a href="<?= htmlentities(get_pkgbase_uri($pkgbase_name), ENT_QUOTES) . '?' . mkurl('comments=all') ?>" title="<?= __('View all comments' , $count) ?> (<?= $count ?>)"><?= __('Latest Comments') ?></a>
- <span class="arrow"></span>
+ <?php if (!isset($comments)): ?>
+ <?php $comments = $pinned ?>
+ <a href="<?= htmlentities(get_pkgbase_uri($pkgbase_name), ENT_QUOTES) . '?' . mkurl('comments=all') ?>" title="<?= __('View all comments' , $count) ?> (<?= $count ?>)"><?= __('Pinned Comments') ?></a>
+ <span class="arrow"></span>
+ <?php else: ?>
+ <a href="<?= htmlentities(get_pkgbase_uri($pkgbase_name), ENT_QUOTES) . '?' . mkurl('comments=all') ?>" title="<?= __('View all comments' , $count) ?> (<?= $count ?>)"><?= __('Latest Comments') ?></a>
+ <span class="arrow"></span>
+ <?php endif; ?>
</h3>
<?php while (list($indx, $row) = each($comments)): ?>
@@ -56,6 +63,30 @@ $count = pkgbase_comments_count($base_id, $include_deleted);
<?php if (!$row['DelUsersID'] && can_edit_comment_array($row)): ?>
<a href="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name) . 'edit-comment/?comment_id=' . $row['ID'], ENT_QUOTES) ?>" class="edit-comment" title="<?= __('Edit comment') ?>"><img src="/images/pencil.min.svg" alt="<?= __('Edit comment') ?>" width="11" height="11"></a>
<?php endif; ?>
+
+ <?php if (!$row['DelUsersID'] && !$row['PinnedUsersID'] && can_pin_comment_array($row)): ?>
+ <form class="pin-comment-form" method="post" action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name), ENT_QUOTES); ?>">
+ <fieldset style="display:inline;">
+ <input type="hidden" name="action" value="do_PinComment" />
+ <input type="hidden" name="comment_id" value="<?= $row['ID'] ?>" />
+ <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
+ <input type="submit" class="pin-comment" value="<?= __('Pin') ?>" width="11" height="11"
+ alt="<?= __('Pin comment') ?>" title="<?= __('Pin comment') ?>" name="submit" value="1" />
+ </fieldset>
+ </form>
+ <?php endif; ?>
+
+ <?php if (!$row['DelUsersID'] && $row['PinnedUsersID'] && can_pin_comment_array($row)): ?>
+ <form class="pin-comment-form" method="post" action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name), ENT_QUOTES); ?>">
+ <fieldset style="display:inline;">
+ <input type="hidden" name="action" value="do_UnpinComment" />
+ <input type="hidden" name="comment_id" value="<?= $row['ID'] ?>" />
+ <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" />
+ <input type="submit" class="pin-comment" value="<?= __('Unpin') ?>" width="11" height="11"
+ alt="<?= __('Unin comment') ?>" title="<?= __('Pin comment') ?>" name="submit" value="1" />
+ </fieldset>
+ </form>
+ <?php endif; ?>
</h4>
<div class="article-content<?php if ($row['DelUsersID']): ?> comment-deleted<?php endif; ?>">
<p>
@@ -64,7 +95,7 @@ $count = pkgbase_comments_count($base_id, $include_deleted);
</div>
<?php endwhile; ?>
-<?php if ($count > 10 && !isset($_GET['comments'])): ?>
+<?php if ($count > 10 && !isset($_GET['comments']) && !isset($pinned)): ?>
<h3>
<a href="<?= htmlentities(get_pkgbase_uri($pkgbase_name), ENT_QUOTES) . '?' . mkurl('comments=all') ?>" title="<?= __('View all comments') ?> (<?= $count ?>)"><?= __('All comments', $count) ?></a>
</h3>
--
2.6.3