}
// DB error
if (is_object($bug)) {
response_header('DB error');
display_bug_error($bug);
response_footer();
exit;
}
// Bug not found with passed id
if (!$bug) {
response_header('No Such Bug');
display_bug_error("No such bug #{$bug_id}");
response_footer();
exit;
}
$show_bug_info = bugs_has_access($bug_id, $bug, $pw, $user_flags);
if ($edit == 2 && !$show_bug_info && $pw && verify_bug_passwd($bug_id, bugs_get_hash($pw))) {
$show_bug_info = true;
}
if (isset($_POST['ncomment'])) {
/* Bugs blocked to user comments can only be commented by the team */
if ($bug['block_user_comment'] == 'Y' && $logged_in != 'developer') {
response_header('Adding comments not allowed');
display_bug_error("You're not allowed to add a comment to bug #{$bug_id}");
response_footer();
exit;
}
}
/* Just developers can change private/block_user_comment options */
if (!empty($_POST['in'])) {
if ($user_flags & BUGS_DEV_USER) {
if ($patch_name) {
$patch_name_url = urlencode($patch_name);
}
$bug_id = !empty($_GET['bug']) ? (int) $_GET['bug'] : 0;
if (empty($bug_id)) {
$bug_id = (int) $_GET['bug_id'];
}
require "{$ROOT_DIR}/include/classes/bug_patchtracker.php";
$patchinfo = new Bug_Patchtracker();
if (!($buginfo = bugs_get_bug($bug_id))) {
response_header('Error :: invalid bug selected');
display_bug_error("Invalid bug #{$bug_id} selected");
response_footer();
exit;
}
if (!bugs_has_access($bug_id, $buginfo, $pw, $user_flags)) {
response_header('Error :: No access to bug selected');
display_bug_error("You have no access to bug #{$bug_id}");
response_footer();
exit;
}
$pseudo_pkgs = get_pseudo_packages(false);
if (isset($patch_name) && isset($revision)) {
if ($revision == 'latest') {
$revisions = $patchinfo->listRevisions($buginfo['id'], $patch_name);
if (isset($revisions[0])) {
$revision = $revisions[0][0];
}
}
$path = $patchinfo->getPatchFullpath($bug_id, $patch_name, $revision);
if (!file_exists($path)) {
echo json_encode(array('result' => array('error' => 'Missing credentials')));
exit;
}
bugs_authenticate($user, $pwd, $logged_in, $user_flags);
$is_trusted_developer = $user_flags & BUGS_TRUSTED_DEV;
if (empty($auth_user->handle)) {
echo json_encode(array('result' => array('error' => 'Invalid user or password')));
exit;
}
// fetch info about the bug into $bug
$bug = bugs_get_bug($bug_id);
if (!is_array($bug)) {
echo json_encode(array('result' => array('error' => 'No such bug')));
exit;
}
if (!bugs_has_access($bug_id, $bug, $pwd, $user_flags)) {
echo json_encode(array('result' => array('error' => 'No access to bug')));
exit;
}
if (!empty($_POST['ncomment']) && !empty($_POST['user'])) {
$user = htmlspecialchars(trim($_POST['user']));
$ncomment = htmlspecialchars(trim($_POST['ncomment']));
$prep = $dbh->prepare("\n\t\tINSERT INTO bugdb_comments (bug, email, ts, comment, reporter_name, comment_type)\n\t\tVALUES (?, ?, NOW(), ?, ?, 'svn')\n\t");
$res = $prep->execute(array($bug_id, "{$user}@php.net", $ncomment, $user));
if ($res) {
echo json_encode(array('result' => array('status' => $bug)));
exit;
} else {
echo json_encode(array('result' => array('error' => MDB2::errorMessage($res))));
exit;
}
