Adds functions and credential information to pin comments before others. This needs two extra columns (PinnedTS and PinnedUsersID) to the PackageComments table. Implements FS#10863 Signed-off-by: Mark Weiman <mark.weiman@markzz.com> --- web/html/css/aurweb.css | 18 ++++++++-- web/html/pkgbase.php | 4 +++ web/lib/credentials.inc.php | 2 ++ web/lib/pkgbasefuncs.inc.php | 82 +++++++++++++++++++++++++++++++++++++++++-- web/lib/pkgfuncs.inc.php | 51 ++++++++++++++++++++++++++- web/template/pkg_comments.php | 41 +++++++++++++++++++--- 6 files changed, 187 insertions(+), 11 deletions(-) diff --git a/web/html/css/aurweb.css b/web/html/css/aurweb.css index 11af747..5b36df0 100644 --- a/web/html/css/aurweb.css +++ b/web/html/css/aurweb.css @@ -101,7 +101,7 @@ color: #999; } -.delete-comment-form, .edit-comment { +.delete-comment-form, .pin-comment-form, .edit-comment { float: right; margin-left: 8px; } @@ -118,12 +118,26 @@ opacity: 0.6; } -.delete-comment:hover, .edit-comment:hover { +.delete-comment:hover, .edit-comment:hover, .pin-comment:hover { -webkit-filter: none; filter: none; opacity: 1; } +.pin-comment { + float: right; + font-weight: 600; + background: none!important; + border: none; + padding: 0!important; + font: inherit; + cursor: pointer; + color: #3366aa; + -webkit-filter: grayscale(100%); + filter: grayscale(100%); + opacity: 0.6; +} + .ajax-loader { float: right; position: relative; diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php index cbbf3cc..6f0de08 100644 --- a/web/html/pkgbase.php +++ b/web/html/pkgbase.php @@ -99,6 +99,10 @@ if (check_token()) { list($ret, $output) = pkgbase_notify($ids, false); } elseif (current_action("do_DeleteComment")) { list($ret, $output) = pkgbase_delete_comment(); + } elseif (current_action("do_PinComment")) { + list($ret, $output) = pkgbase_pin_comment(); + } elseif (current_action("do_UnpinComment")) { + list($ret, $output) = pkgbase_unpin_comment(); } elseif (current_action("do_SetKeywords")) { list($ret, $output) = pkgbase_set_keywords($base_id, preg_split("/[\s,;]+/", $_POST['keywords'], -1, PREG_SPLIT_NO_EMPTY)); } elseif (current_action("do_FileRequest")) { diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php index 648d78c..71bf5ff 100644 --- a/web/lib/credentials.inc.php +++ b/web/lib/credentials.inc.php @@ -8,6 +8,7 @@ define("CRED_ACCOUNT_SEARCH", 5); define("CRED_COMMENT_DELETE", 6); define("CRED_COMMENT_VIEW_DELETED", 22); define("CRED_COMMENT_EDIT", 25); +define("CRED_COMMENT_PIN", 26); define("CRED_PKGBASE_ADOPT", 7); define("CRED_PKGBASE_SET_KEYWORDS", 8); define("CRED_PKGBASE_DELETE", 9); @@ -60,6 +61,7 @@ function has_credential($credential, $approved_users=array()) { case CRED_COMMENT_DELETE: case CRED_COMMENT_VIEW_DELETED: case CRED_COMMENT_EDIT: + case CRED_COMMENT_PIN: case CRED_PKGBASE_ADOPT: case CRED_PKGBASE_SET_KEYWORDS: case CRED_PKGBASE_DELETE: diff --git a/web/lib/pkgbasefuncs.inc.php b/web/lib/pkgbasefuncs.inc.php index afccc7d..ea3ce0d 100644 --- a/web/lib/pkgbasefuncs.inc.php +++ b/web/lib/pkgbasefuncs.inc.php @@ -36,10 +36,11 @@ function pkgbase_comments_count($base_id, $include_deleted) { * @param int $base_id The package base ID to get comments for * @param int $limit Maximum number of comments to return (0 means unlimited) * @param bool $include_deleted True if deleted comments should be included + * @param bool $show_only_pinned True when only pinned comments are to be included * * @return array All package comment information for a specific package base */ -function pkgbase_comments($base_id, $limit, $include_deleted) { +function pkgbase_comments($base_id, $limit, $include_deleted, $show_only_pinned=false) { $base_id = intval($base_id); $limit = intval($limit); if (!$base_id) { @@ -49,11 +50,17 @@ function pkgbase_comments($base_id, $limit, $include_deleted) { $dbh = DB::connect(); $q = "SELECT PackageComments.ID, A.UserName AS UserName, UsersID, Comments, "; $q.= "CommentTS, EditedTS, B.UserName AS EditUserName, "; - $q.= "DelUsersID, C.UserName AS DelUserName FROM PackageComments "; + $q.= "DelUsersID, C.UserName AS DelUserName, "; + $q.= "PinnedUsersID, D.UserName AS PinnedUserName FROM PackageComments "; $q.= "LEFT JOIN Users A ON PackageComments.UsersID = A.ID "; $q.= "LEFT JOIN Users B ON PackageComments.EditedUsersID = B.ID "; $q.= "LEFT JOIN Users C ON PackageComments.DelUsersID = C.ID "; + $q.= "LEFT JOIN Users D ON PackageComments.PinnedUsersID = D.ID "; $q.= "WHERE PackageBaseID = " . $base_id . " "; + + if ($show_only_pinned) { + $q.= "AND PinnedUsersID IS NOT NULL "; + } if (!$include_deleted) { $q.= "AND DelUsersID IS NULL "; } @@ -111,6 +118,67 @@ function pkgbase_add_comment($base_id, $uid, $comment) { } /** + * Pin a package comment + * + * @return array Tuple of success/failure indicator and error message + */ +function pkgbase_pin_comment() { + $uid = uid_from_sid($_COOKIE["AURSID"]); + if (!$uid) { + return array(false, __("You must be logged in before you can edit package information.")); + } + + if (isset($_POST["comment_id"])) { + $comment_id = $_POST["comment_id"]; + } else { + return array(false, __("Missing comment ID.")); + } + + $dbh = DB::connect(); + if (can_pin_comment($comment_id)) { + $q = "UPDATE PackageComments "; + $q.= "SET PinnedUsersID = ".$uid.", "; + $q.= "PinnedTS = UNIX_TIMESTAMP() "; + $q.= "WHERE ID = ".intval($comment_id); + $dbh->exec($q); + return array(true, __("Comment has been pinned.")); + } else { + return array(false, __("You are not allowed to pin this comment.")); + } +} + +/** + * Unpin a package comment + * + * @return array Tuple of success/failure indicator and error message + */ +function pkgbase_unpin_comment() { + $uid = uid_from_sid($_COOKIE["AURSID"]); + if (!$uid) { + return array(false, __("You must be logged in before you can edit package information.")); + } + + if (isset($_POST["comment_id"])) { + $comment_id = $_POST["comment_id"]; + } else { + return array(false, __("Missing comment ID.")); + } + + $dbh = DB::connect(); + if (can_pin_comment($comment_id)) { + $q = "UPDATE PackageComments "; + $q.= "SET PinnedUsersID = NULL, "; + $q.= "PinnedTS = UNIX_TIMESTAMP() "; + $q.= "WHERE ID = ".intval($comment_id); + $dbh->exec($q); + return array(true, __("Comment has been unpinned.")); + } else { + return array(false, __("You are not allowed to unpin this comment.")); + } +} + +/** + * Get a list of all packages a logged-in user has voted for * * @param string $sid The session ID of the visitor @@ -196,9 +264,17 @@ function pkgbase_display_details($base_id, $row, $SID="") { if ($SID) { include('pkg_comment_box.php'); } + + $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED); + + $limit_pinned = isset($_GET['pinned']) ? 0 : 5; + $pinned = pkgbase_comments($base_id, $limit_pinned, false, true); + if (!empty($pinned)) { + include('pkg_comments.php'); + unset($pinned); + } $limit = isset($_GET['comments']) ? 0 : 10; - $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED); $comments = pkgbase_comments($base_id, $limit, $include_deleted); if (!empty($comments)) { include('pkg_comments.php'); diff --git a/web/lib/pkgfuncs.inc.php b/web/lib/pkgfuncs.inc.php index cedc360..c0ed99c 100644 --- a/web/lib/pkgfuncs.inc.php +++ b/web/lib/pkgfuncs.inc.php @@ -83,6 +83,47 @@ function can_edit_comment_array($comment) { } /** + * Determine if the user can pin a specific package comment + * + * Only the Package Maintainer, Trusted Users, and Developers can pin + * comments. This function is used for the backend side of comment pinning. + * + * @param string $comment_id The comment ID in the database + * + * @return bool True if the user can pin the comment, otherwise false + */ +function can_pin_comment($comment_id=0) { + $dbh = DB::connect(); + + $q = "SELECT MaintainerUID FROM PackageBases AS pb "; + $q.= "LEFT JOIN PackageComments AS pc ON pb.ID = pc.PackageBaseID "; + $q.= "WHERE pc.ID = " . intval($comment_id); + $result = $dbh->query($q); + + if (!$result) { + return false; + } + + $uid = $result->fetch(PDO::FETCH_COLUMN, 0); + + return has_credential(CRED_COMMENT_PIN, array($uid)); +} + +/** + * Determine if the user can edit a specific package comment using an array + * + * Only the Package Maintainer, Trusted Users, and Developers can pin + * comments. This function is used for the frontend side of comment pinning. + * + * @param array $comment All database information relating a specific comment + * + * @return bool True if the user can edit the comment, otherwise false + */ +function can_pin_comment_array($comment) { + return can_pin_comment($comment['ID']); +} + +/** * Check to see if the package name already exists in the database * * @param string $name The package name to check @@ -581,9 +622,17 @@ function pkg_display_details($id=0, $row, $SID="") { if ($SID) { include('pkg_comment_box.php'); } + + $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED); + + $limit_pinned = isset($_GET['pinned']) ? 0 : 5; + $pinned = pkgbase_comments($base_id, $limit_pinned, false, true); + if (!empty($pinned)) { + include('pkg_comments.php'); + unset($pinned); + } $limit = isset($_GET['comments']) ? 0 : 10; - $include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED); $comments = pkgbase_comments($base_id, $limit, $include_deleted); if (!empty($comments)) { include('pkg_comments.php'); diff --git a/web/template/pkg_comments.php b/web/template/pkg_comments.php index 21ce16f..8f1fb9f 100644 --- a/web/template/pkg_comments.php +++ b/web/template/pkg_comments.php @@ -6,13 +6,20 @@ if (isset($row['BaseID'])) { /* On a package base details page. */ $base_id = $row['ID']; } -$include_deleted = has_credential(CRED_COMMENT_VIEW_DELETED); -$count = pkgbase_comments_count($base_id, $include_deleted); +if (!isset($count)) { + $count = pkgbase_comments_count($base_id, $include_deleted); +} ?> <div id="news"> <h3> - <a href="<?= htmlentities(get_pkgbase_uri($pkgbase_name), ENT_QUOTES) . '?' . mkurl('comments=all') ?>" title="<?= __('View all comments' , $count) ?> (<?= $count ?>)"><?= __('Latest Comments') ?></a> - <span class="arrow"></span> + <?php if (!isset($comments)): ?> + <?php $comments = $pinned ?> + <a href="<?= htmlentities(get_pkgbase_uri($pkgbase_name), ENT_QUOTES) . '?' . mkurl('comments=all') ?>" title="<?= __('View all comments' , $count) ?> (<?= $count ?>)"><?= __('Pinned Comments') ?></a> + <span class="arrow"></span> + <?php else: ?> + <a href="<?= htmlentities(get_pkgbase_uri($pkgbase_name), ENT_QUOTES) . '?' . mkurl('comments=all') ?>" title="<?= __('View all comments' , $count) ?> (<?= $count ?>)"><?= __('Latest Comments') ?></a> + <span class="arrow"></span> + <?php endif; ?> </h3> <?php while (list($indx, $row) = each($comments)): ?> @@ -56,6 +63,30 @@ $count = pkgbase_comments_count($base_id, $include_deleted); <?php if (!$row['DelUsersID'] && can_edit_comment_array($row)): ?> <a href="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name) . 'edit-comment/?comment_id=' . $row['ID'], ENT_QUOTES) ?>" class="edit-comment" title="<?= __('Edit comment') ?>"><img src="/images/pencil.min.svg" alt="<?= __('Edit comment') ?>" width="11" height="11"></a> <?php endif; ?> + + <?php if (!$row['DelUsersID'] && !$row['PinnedUsersID'] && can_pin_comment_array($row)): ?> + <form class="pin-comment-form" method="post" action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name), ENT_QUOTES); ?>"> + <fieldset style="display:inline;"> + <input type="hidden" name="action" value="do_PinComment" /> + <input type="hidden" name="comment_id" value="<?= $row['ID'] ?>" /> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <input type="submit" class="pin-comment" value="<?= __('Pin') ?>" width="11" height="11" + alt="<?= __('Pin comment') ?>" title="<?= __('Pin comment') ?>" name="submit" value="1" /> + </fieldset> + </form> + <?php endif; ?> + + <?php if (!$row['DelUsersID'] && $row['PinnedUsersID'] && can_pin_comment_array($row)): ?> + <form class="pin-comment-form" method="post" action="<?= htmlspecialchars(get_pkgbase_uri($pkgbase_name), ENT_QUOTES); ?>"> + <fieldset style="display:inline;"> + <input type="hidden" name="action" value="do_UnpinComment" /> + <input type="hidden" name="comment_id" value="<?= $row['ID'] ?>" /> + <input type="hidden" name="token" value="<?= htmlspecialchars($_COOKIE['AURSID']) ?>" /> + <input type="submit" class="pin-comment" value="<?= __('Unpin') ?>" width="11" height="11" + alt="<?= __('Unin comment') ?>" title="<?= __('Pin comment') ?>" name="submit" value="1" /> + </fieldset> + </form> + <?php endif; ?> </h4> <div class="article-content<?php if ($row['DelUsersID']): ?> comment-deleted<?php endif; ?>"> <p> @@ -64,7 +95,7 @@ $count = pkgbase_comments_count($base_id, $include_deleted); </div> <?php endwhile; ?> -<?php if ($count > 10 && !isset($_GET['comments'])): ?> +<?php if ($count > 10 && !isset($_GET['comments']) && !isset($pinned)): ?> <h3> <a href="<?= htmlentities(get_pkgbase_uri($pkgbase_name), ENT_QUOTES) . '?' . mkurl('comments=all') ?>" title="<?= __('View all comments') ?> (<?= $count ?>)"><?= __('All comments', $count) ?></a> </h3> -- 2.6.3