Signed-off-by: Marcel Korpel <marcel.korpel@gmail.com> --- Changes since v2: * Drop save_comment() method. * Rename load_comment() to get_comment_form(). * Provide JSDoc. * Always use the actual parameter $http_data instead of superglobals. * Always use intval() on integer parameters. * Provide a better error handling interface. * Use early returns to be able to use less deep nesting. web/lib/aurjson.class.php | 43 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index a272741..6a51597 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -14,7 +14,7 @@ class AurJSON { private $version = 1; private static $exposed_methods = array( 'search', 'info', 'multiinfo', 'msearch', 'suggest', - 'suggest-pkgbase' + 'suggest-pkgbase', 'get-comment-form' ); private static $exposed_fields = array( 'name', 'name-desc' @@ -477,5 +477,46 @@ class AurJSON { return json_encode($result_array); } + + /** + * Get the HTML markup of the comment form. + * + * @param string $http_data Query parameters. + * + * @return string The JSON formatted response. + */ + private function get_comment_form($http_data) { + $comment_id = intval($http_data['arg']); + + if (!isset($http_data['base_id']) && isset($http_data['pkgbase_name'])) { + return json_encode(false); + } + + $base_id = intval($http_data['base_id']); + $pkgbase_name = $http_data['pkgbase_name']; + + list($user_id, $comment) = comment_by_id($comment_id); + + if (!has_credential(CRED_COMMENT_EDIT, array($user_id))) { + $output = array( + 'success' => 0, + 'error' => __('You do not have the right to edit this comment.')); + return json_encode($output); + } elseif (is_null($comment)) { + $output = array( + 'success' => 0, + 'error' => __('Comment does not exist.')); + return json_encode($output); + } + + ob_start(); + include('pkg_comment_form.php'); + $html = ob_get_clean(); + $output = array( + 'success' => 1, + 'form' => $html); + + return json_encode($output); + } } -- 2.4.6