Signed-off-by: Johannes Löthberg <johannes(a)kyriasis.com>
---
web/html/account.php | 69 +++++++++++++++++++++++++++++-
web/html/css/aurweb.css | 17 ++++++++
web/html/index.php | 2 +
web/html/pkgbase.php | 7 ++-
web/lib/acctfuncs.inc.php | 41 ++++++++++++++++++
web/lib/credentials.inc.php | 2 +
web/template/account_edit_form.php | 1 +
7 files changed, 136 insertions(+), 3 deletions(-)
diff --git a/web/html/account.php b/web/html/account.php
index c30a89a..955aa4d 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -8,7 +8,7 @@ include_once('acctfuncs.inc.php'); # access Account specific functions
$action = in_request("Action");
$need_userinfo = array(
- "DisplayAccount", "DeleteAccount", "AccountInfo", "UpdateAccount"
+ "DisplayAccount", "DeleteAccount", "AccountInfo", "UpdateAccount", "ListComments"
);
if (in_array($action, $need_userinfo)) {
@@ -54,6 +54,8 @@ if ($action == "UpdateAccount") {
if ($action == "AccountInfo") {
html_header(__('Account') . ' ' . $row['Username']);
+} elseif ($action == "ListComments") {
+ html_header(__('Comments for') . ' ' . $row['Username']);
} else {
html_header(__('Accounts'));
}
@@ -61,7 +63,11 @@ if ($action == "AccountInfo") {
# Main page processing here
#
echo "<div class=\"box\">\n";
-echo " <h2>".__("Accounts")."</h2>\n";
+if ($action == "ListComments") {
+ echo " <h2>".__("Comments for").' '.$row['Username']."</h2>\n";
+} else {
+ echo " <h2>".__("Accounts")."</h2>\n";
+}
if (isset($_COOKIE["AURSID"])) {
if ($action == "SearchAccounts") {
@@ -166,6 +172,65 @@ if (isset($_COOKIE["AURSID"])) {
$row["Username"]);
}
+ } elseif ($action == "ListComments") {
+ if (has_credential(CRED_ACCOUNT_LIST_COMMENTS)) {
+ # display the comment list if they're a TU/dev
+ #
+
+ /* Sanitize paging variables. */
+ if (isset($_GET["O"])) {
+ $_GET["O"] = max(intval($_GET["O"]), 0);
+ } else {
+ $_GET["O"] = 0;
+ }
+
+ if (isset($_GET["PP"])) {
+ $_GET["PP"] = bound(intval($_GET["PP"]), 5, 250);
+ } else {
+ $_GET["PP"] = 10;
+ }
+
+ $total = account_comments_count($row["ID"]);
+
+ /* Calculate the results to use. */
+ $first = $_GET['O'] + 1;
+
+ /* Calculation of pagination links. */
+ $per_page = ($_GET['PP'] > 0) ? $_GET['PP'] : 50;
+ $current = ceil($first / $per_page);
+ $pages = ceil($total / $per_page);
+ $templ_pages = array();
+
+ if ($current > 1) {
+ $templ_pages['« ' . __('First')] = 0;
+ $templ_pages['‹ ' . __('Previous')] = ($current - 2) * $per_page;
+ }
+
+ if ($current - 5 > 1)
+ $templ_pages["..."] = false;
+
+ for ($i = max($current - 5, 1); $i <= min($pages, $current + 5); $i++) {
+ $templ_pages[$i] = ($i - 1) * $per_page;
+ }
+
+ if ($current + 5 < $pages)
+ $templ_pages["... "] = false;
+
+ if ($current < $pages) {
+ $templ_pages[__('Next') . ' ›'] = $current * $per_page;
+ $templ_pages[__('Last') . ' »'] = ($pages - 1) * $per_page;
+ }
+
+ $username = $row["Username"];
+ $userid = $row["ID"];
+ $comments = account_comments($row["ID"], $_GET["PP"], $_GET["O"]);
+
+ include('account_comments.php');
+
+ } else {
+ print __("You are not allowed to access this area.");
+ }
+
} else {
if (has_credential(CRED_ACCOUNT_SEARCH)) {
# display the search page if they're a TU/dev
diff --git a/web/html/css/aurweb.css b/web/html/css/aurweb.css
index f5e1037..ce54a28 100644
--- a/web/html/css/aurweb.css
+++ b/web/html/css/aurweb.css
@@ -148,3 +148,20 @@ label.confirmation,
color: red;
font-weight: bold;
}
+
+.commentlist-nav .page {
+ margin: 0 .25em;
+}
+
+#commentlist-results .commentlist-nav {
+ float: right;
+ margin-top: -2.2em;
+}
+
+.commentlist-nav .prev {
+ margin-right: 1em;
+}
+
+.commentlist-nav .next {
+ margin-right: 1em;
+}
diff --git a/web/html/index.php b/web/html/index.php
index 2c53cdd..b2cd840 100644
--- a/web/html/index.php
+++ b/web/html/index.php
@@ -142,6 +142,8 @@ if (!empty($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) {
$_REQUEST['Action'] = "UpdateAccount";
} elseif ($tokens[3] == 'delete') {
$_REQUEST['Action'] = "DeleteAccount";
+ } elseif ($tokens[3] == 'comments') {
+ $_REQUEST['Action'] = "ListComments";
} else {
header("HTTP/1.0 404 Not Found");
include "./404.php";
diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php
index cf9a6c6..8a0c363 100644
--- a/web/html/pkgbase.php
+++ b/web/html/pkgbase.php
@@ -43,6 +43,7 @@ if (isset($_POST['IDs'])) {
/* Perform package base actions. */
$via = isset($_POST['via']) ? $_POST['via'] : NULL;
+$return_to = isset($_POST['return_to']) ? $_POST['return_to'] : NULL;
$ret = false;
$output = "";
$fragment = "";
@@ -133,7 +134,11 @@ if (check_token()) {
/* Redirect back to package request page on success. */
header('Location: ' . get_pkgreq_route());
exit();
- } if (isset($base_id)) {
+ } elseif ((current_action("do_DeleteComment") ||
+ current_action("do_UndeleteComment")) && $return_to) {
+ header('Location: ' . $return_to);
+ exit();
+ } elseif (isset($base_id)) {
/* Redirect back to package base page on success. */
header('Location: ' . get_pkgbase_uri($pkgbase_name) . $fragment);
exit();
diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php
index df57375..9536139 100644
--- a/web/lib/acctfuncs.inc.php
+++ b/web/lib/acctfuncs.inc.php
@@ -1403,3 +1403,44 @@ function accept_terms($uid, $termrev) {
$dbh->exec($q);
}
}
+
+function account_comments($uid, $limit, $offset=0) {
+ $dbh = DB::connect();
+ $q = "SELECT PackageComments.ID, Comments, ";
+ $q.= "PackageBaseId, CommentTS, DelTS, EditedTS, B.UserName AS EditUserName, ";
+ $q.= "C.UserName as DelUserName, RenderedComment, ";
+ $q.= "PB.ID as PackageBaseID, PB.Name as PackageBaseName ";
+ $q.= "FROM PackageComments ";
+ $q.= "LEFT JOIN PackageBases PB ON PackageComments.PackageBaseID = PB.ID ";
+ $q.= "LEFT JOIN Users A ON PackageComments.UsersID = A.ID ";
+ $q.= "LEFT JOIN Users B ON PackageComments.EditedUsersID = B.ID ";
+ $q.= "LEFT JOIN Users C ON PackageComments.DelUsersID = C.ID ";
+ $q.= "WHERE A.ID = " . $dbh->quote($uid) . " ";
+ $q.= "ORDER BY CommentTS DESC";
+
+ if ($limit > 0) {
+ $q.=" LIMIT " . $limit;
+ }
+
+ if ($offset > 0) {
+ $q.=" OFFSET " . $offset;
+ }
+
+ $result = $dbh->query($q);
+ if (!$result) {
+ return null;
+ }
+
+ return $result->fetchAll();
+}
+
+function account_comments_count($uid) {
+ $dbh = DB::connect();
+ $q = "SELECT COUNT(*) ";
+ $q.= "FROM PackageComments ";
+ $q.= "LEFT JOIN Users A ON PackageComments.UsersID = A.ID ";
+ $q.= "WHERE A.ID = " . $dbh->quote($uid);
+
+ $result = $dbh->query($q);
+ return $result->fetch(PDO::FETCH_NUM)[0];
+}
diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php
index d8698a8..5d90cfc 100644
--- a/web/lib/credentials.inc.php
+++ b/web/lib/credentials.inc.php
@@ -5,6 +5,7 @@ define("CRED_ACCOUNT_EDIT", 2);
define("CRED_ACCOUNT_EDIT_DEV", 3);
define("CRED_ACCOUNT_LAST_LOGIN", 4);
define("CRED_ACCOUNT_SEARCH", 5);
+define("CRED_ACCOUNT_LIST_COMMENTS", 28);
define("CRED_COMMENT_DELETE", 6);
define("CRED_COMMENT_UNDELETE", 27);
define("CRED_COMMENT_VIEW_DELETED", 22);
@@ -59,6 +60,7 @@ function has_credential($credential, $approved_users=array()) {
case CRED_ACCOUNT_EDIT:
case CRED_ACCOUNT_LAST_LOGIN:
case CRED_ACCOUNT_SEARCH:
+ case CRED_ACCOUNT_LIST_COMMENTS:
case CRED_COMMENT_DELETE:
case CRED_COMMENT_UNDELETE:
case CRED_COMMENT_VIEW_DELETED:
diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php
index 6eff81b..38d5274 100644
--- a/web/template/account_edit_form.php
+++ b/web/template/account_edit_form.php
@@ -2,6 +2,7 @@
<p>
<?= __('Click %shere%s if you want to permanently delete this account.', '<a href="' . get_user_uri($N) . 'delete/' . '">', '</a>') ?>
<?= __('Click %shere%s for user details.', '<a href="' . get_user_uri($N) . '">', '</a>') ?>
+ <?= __('Click %shere%s to list the comments made by this account.', '<a href="' . get_user_uri($N) . 'comments/' . '">', '</a>') ?>
</p>
<form id="edit-profile-form" action="<?= get_user_uri($N) . 'update/'; ?>" method="post">
--
2.18.0