Signed-off-by: Johannes Löthberg <johannes@kyriasis.com> --- web/html/account.php | 69 +++++++++++++++++++++++++++++- web/html/css/aurweb.css | 17 ++++++++ web/html/index.php | 2 + web/html/pkgbase.php | 7 ++- web/lib/acctfuncs.inc.php | 41 ++++++++++++++++++ web/lib/credentials.inc.php | 2 + web/template/account_edit_form.php | 1 + 7 files changed, 136 insertions(+), 3 deletions(-) diff --git a/web/html/account.php b/web/html/account.php index c30a89a..955aa4d 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -8,7 +8,7 @@ include_once('acctfuncs.inc.php'); # access Account specific functions $action = in_request("Action"); $need_userinfo = array( - "DisplayAccount", "DeleteAccount", "AccountInfo", "UpdateAccount" + "DisplayAccount", "DeleteAccount", "AccountInfo", "UpdateAccount", "ListComments" ); if (in_array($action, $need_userinfo)) { @@ -54,6 +54,8 @@ if ($action == "UpdateAccount") { if ($action == "AccountInfo") { html_header(__('Account') . ' ' . $row['Username']); +} elseif ($action == "ListComments") { + html_header(__('Comments for') . ' ' . $row['Username']); } else { html_header(__('Accounts')); } @@ -61,7 +63,11 @@ if ($action == "AccountInfo") { # Main page processing here # echo "<div class=\"box\">\n"; -echo " <h2>".__("Accounts")."</h2>\n"; +if ($action == "ListComments") { + echo " <h2>".__("Comments for").' '.$row['Username']."</h2>\n"; +} else { + echo " <h2>".__("Accounts")."</h2>\n"; +} if (isset($_COOKIE["AURSID"])) { if ($action == "SearchAccounts") { @@ -166,6 +172,65 @@ if (isset($_COOKIE["AURSID"])) { $row["Username"]); } + } elseif ($action == "ListComments") { + if (has_credential(CRED_ACCOUNT_LIST_COMMENTS)) { + # display the comment list if they're a TU/dev + # + + /* Sanitize paging variables. */ + if (isset($_GET["O"])) { + $_GET["O"] = max(intval($_GET["O"]), 0); + } else { + $_GET["O"] = 0; + } + + if (isset($_GET["PP"])) { + $_GET["PP"] = bound(intval($_GET["PP"]), 5, 250); + } else { + $_GET["PP"] = 10; + } + + $total = account_comments_count($row["ID"]); + + /* Calculate the results to use. */ + $first = $_GET['O'] + 1; + + /* Calculation of pagination links. */ + $per_page = ($_GET['PP'] > 0) ? $_GET['PP'] : 50; + $current = ceil($first / $per_page); + $pages = ceil($total / $per_page); + $templ_pages = array(); + + if ($current > 1) { + $templ_pages['« ' . __('First')] = 0; + $templ_pages['‹ ' . __('Previous')] = ($current - 2) * $per_page; + } + + if ($current - 5 > 1) + $templ_pages["..."] = false; + + for ($i = max($current - 5, 1); $i <= min($pages, $current + 5); $i++) { + $templ_pages[$i] = ($i - 1) * $per_page; + } + + if ($current + 5 < $pages) + $templ_pages["... "] = false; + + if ($current < $pages) { + $templ_pages[__('Next') . ' ›'] = $current * $per_page; + $templ_pages[__('Last') . ' »'] = ($pages - 1) * $per_page; + } + + $username = $row["Username"]; + $userid = $row["ID"]; + $comments = account_comments($row["ID"], $_GET["PP"], $_GET["O"]); + + include('account_comments.php'); + + } else { + print __("You are not allowed to access this area."); + } + } else { if (has_credential(CRED_ACCOUNT_SEARCH)) { # display the search page if they're a TU/dev diff --git a/web/html/css/aurweb.css b/web/html/css/aurweb.css index f5e1037..ce54a28 100644 --- a/web/html/css/aurweb.css +++ b/web/html/css/aurweb.css @@ -148,3 +148,20 @@ label.confirmation, color: red; font-weight: bold; } + +.commentlist-nav .page { + margin: 0 .25em; +} + +#commentlist-results .commentlist-nav { + float: right; + margin-top: -2.2em; +} + +.commentlist-nav .prev { + margin-right: 1em; +} + +.commentlist-nav .next { + margin-right: 1em; +} diff --git a/web/html/index.php b/web/html/index.php index 2c53cdd..b2cd840 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -142,6 +142,8 @@ if (!empty($tokens[1]) && '/' . $tokens[1] == get_pkg_route()) { $_REQUEST['Action'] = "UpdateAccount"; } elseif ($tokens[3] == 'delete') { $_REQUEST['Action'] = "DeleteAccount"; + } elseif ($tokens[3] == 'comments') { + $_REQUEST['Action'] = "ListComments"; } else { header("HTTP/1.0 404 Not Found"); include "./404.php"; diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php index cf9a6c6..8a0c363 100644 --- a/web/html/pkgbase.php +++ b/web/html/pkgbase.php @@ -43,6 +43,7 @@ if (isset($_POST['IDs'])) { /* Perform package base actions. */ $via = isset($_POST['via']) ? $_POST['via'] : NULL; +$return_to = isset($_POST['return_to']) ? $_POST['return_to'] : NULL; $ret = false; $output = ""; $fragment = ""; @@ -133,7 +134,11 @@ if (check_token()) { /* Redirect back to package request page on success. */ header('Location: ' . get_pkgreq_route()); exit(); - } if (isset($base_id)) { + } elseif ((current_action("do_DeleteComment") || + current_action("do_UndeleteComment")) && $return_to) { + header('Location: ' . $return_to); + exit(); + } elseif (isset($base_id)) { /* Redirect back to package base page on success. */ header('Location: ' . get_pkgbase_uri($pkgbase_name) . $fragment); exit(); diff --git a/web/lib/acctfuncs.inc.php b/web/lib/acctfuncs.inc.php index df57375..9536139 100644 --- a/web/lib/acctfuncs.inc.php +++ b/web/lib/acctfuncs.inc.php @@ -1403,3 +1403,44 @@ function accept_terms($uid, $termrev) { $dbh->exec($q); } } + +function account_comments($uid, $limit, $offset=0) { + $dbh = DB::connect(); + $q = "SELECT PackageComments.ID, Comments, "; + $q.= "PackageBaseId, CommentTS, DelTS, EditedTS, B.UserName AS EditUserName, "; + $q.= "C.UserName as DelUserName, RenderedComment, "; + $q.= "PB.ID as PackageBaseID, PB.Name as PackageBaseName "; + $q.= "FROM PackageComments "; + $q.= "LEFT JOIN PackageBases PB ON PackageComments.PackageBaseID = PB.ID "; + $q.= "LEFT JOIN Users A ON PackageComments.UsersID = A.ID "; + $q.= "LEFT JOIN Users B ON PackageComments.EditedUsersID = B.ID "; + $q.= "LEFT JOIN Users C ON PackageComments.DelUsersID = C.ID "; + $q.= "WHERE A.ID = " . $dbh->quote($uid) . " "; + $q.= "ORDER BY CommentTS DESC"; + + if ($limit > 0) { + $q.=" LIMIT " . $limit; + } + + if ($offset > 0) { + $q.=" OFFSET " . $offset; + } + + $result = $dbh->query($q); + if (!$result) { + return null; + } + + return $result->fetchAll(); +} + +function account_comments_count($uid) { + $dbh = DB::connect(); + $q = "SELECT COUNT(*) "; + $q.= "FROM PackageComments "; + $q.= "LEFT JOIN Users A ON PackageComments.UsersID = A.ID "; + $q.= "WHERE A.ID = " . $dbh->quote($uid); + + $result = $dbh->query($q); + return $result->fetch(PDO::FETCH_NUM)[0]; +} diff --git a/web/lib/credentials.inc.php b/web/lib/credentials.inc.php index d8698a8..5d90cfc 100644 --- a/web/lib/credentials.inc.php +++ b/web/lib/credentials.inc.php @@ -5,6 +5,7 @@ define("CRED_ACCOUNT_EDIT", 2); define("CRED_ACCOUNT_EDIT_DEV", 3); define("CRED_ACCOUNT_LAST_LOGIN", 4); define("CRED_ACCOUNT_SEARCH", 5); +define("CRED_ACCOUNT_LIST_COMMENTS", 28); define("CRED_COMMENT_DELETE", 6); define("CRED_COMMENT_UNDELETE", 27); define("CRED_COMMENT_VIEW_DELETED", 22); @@ -59,6 +60,7 @@ function has_credential($credential, $approved_users=array()) { case CRED_ACCOUNT_EDIT: case CRED_ACCOUNT_LAST_LOGIN: case CRED_ACCOUNT_SEARCH: + case CRED_ACCOUNT_LIST_COMMENTS: case CRED_COMMENT_DELETE: case CRED_COMMENT_UNDELETE: case CRED_COMMENT_VIEW_DELETED: diff --git a/web/template/account_edit_form.php b/web/template/account_edit_form.php index 6eff81b..38d5274 100644 --- a/web/template/account_edit_form.php +++ b/web/template/account_edit_form.php @@ -2,6 +2,7 @@ <p> <?= __('Click %shere%s if you want to permanently delete this account.', '<a href="' . get_user_uri($N) . 'delete/' . '">', '</a>') ?> <?= __('Click %shere%s for user details.', '<a href="' . get_user_uri($N) . '">', '</a>') ?> + <?= __('Click %shere%s to list the comments made by this account.', '<a href="' . get_user_uri($N) . 'comments/' . '">', '</a>') ?> </p> <form id="edit-profile-form" action="<?= get_user_uri($N) . 'update/'; ?>" method="post"> -- 2.18.0