From: Mischa POSLAWSKY <perl@shiar.org>
Date: Fri, 1 Oct 2021 01:16:03 +0000 (+0200)
Subject: issue: message editing feature
X-Git-Tag: v5.4~10
X-Git-Url: http://git.shiar.nl/minimedit.git/commitdiff_plain/2d7b510a9d33a552b024e1db00212658f21afce6

issue: message editing feature
---

diff --git a/database.inc.php b/database.inc.php
index 9b65ce6..d6da853 100644
--- a/database.inc.php
+++ b/database.inc.php
@@ -45,7 +45,7 @@ class DB
 			foreach ($row as $col => $val) {
 				$cols[] = $this->_value($val, $params);
 			}
-			$sql = sprintf('INSERT INTO %s (%s) VALUES (%s) RETURNING *',
+			$sql = sprintf('INSERT INTO %s (%s) VALUES (%s)',
 				'"'.$table.'"',
 				implode(', ', array_keys($row)),
 				implode(', ', $cols)
@@ -67,6 +67,7 @@ class DB
 				$sql .= ' ' . $filter;
 			}
 		}
+		$sql .= ' RETURNING *';
 		return $this->query($sql, $params);
 	}
 }
diff --git a/issue/index.php b/issue/index.php
index 547547a..55ea273 100644
--- a/issue/index.php
+++ b/issue/index.php
@@ -10,10 +10,32 @@ if ($id and ctype_digit($id)) {
 		'SELECT * FROM issues WHERE page = ? AND id = ?', [$Page->handler, $id]
 	)->fetch();
 	if (!$Issue) throw new Exception('Issuenummer niet gevonden');
+	$Page->title .= ': '.htmlspecialchars($Issue->subject);
 
-	$replies = $Page->widget('reply');  # handle updates
+	if ($title and ctype_digit($title)) {
+		$Page->title = "Antwoord op {$Page->title}";
+		$Page->handler = $Page->link;
+		$Page->link .= "/$title";
+		$row = $Db->query(
+			'SELECT * FROM comments WHERE id = ?', [$title]
+		)->fetch();
+		if (!$row) throw new Exception('Antwoordnummer niet gevonden');
 
-	$Page->title .= ': '.htmlspecialchars($Issue->subject);
+		print "<h2>{$Page->title}</h2>\n";
+		printf('<form method="post" action="%s" enctype="multipart/form-data">',
+			$Page->handler
+		);
+		printf('<input type="hidden" name="%s" value="%s" />'."\n", 'id', $row->id);
+		printf('<textarea id="%s" name="%1$s" cols=60 rows=3>%s</textarea>'."\n",
+			'reply',
+			htmlspecialchars($row->raw)
+		);
+		print '<input type="submit" value="Aanpassen" />'."\n";
+		print "</form>\n";
+		return;
+	}
+
+	$replies = $Page->widget('reply');  # handle updates
 	$Page->body = $replies;  # find image
 	if ($Page->api) return;
 
diff --git a/upload.inc.php b/upload.inc.php
index ff4ecd3..77fa846 100644
--- a/upload.inc.php
+++ b/upload.inc.php
@@ -94,7 +94,9 @@ function createcomment($input, &$Issue = NULL)
 		}
 		$target .= '/' . $User->login;
 		if ($result = userupload($_FILES['image'], $target)) {
+			$reply['raw'] = $reply['raw'] ?? '';
 			$reply['raw'] .= "/$result";
+			$reply['message'] = $reply['message'] ?? '';
 			if (preg_match('(^image/)', $_FILES['image']['type'])) {
 				$reply['message'] .= sprintf('<p><img src="/thumb/640x/%s" /></p>', $result);
 			}
@@ -105,14 +107,49 @@ function createcomment($input, &$Issue = NULL)
 			}
 		}
 	}
-	$query = $Db->set('comments', $reply + [
-		'page'    => "{$Page->handler}/{$Issue->id}",
-		'author'  => $User->login,
-	]);
-	if (!$query->rowCount()) {
-		throw new Exception('Fout bij opslaan');
+
+	if (isset($input['id'])) {
+		$newcomment = $input['id'];
+		$filter = ['id = ?', $newcomment];
+		$oldcomment = $Db->query("SELECT * FROM comments WHERE $filter[0]", [$filter[1]])->fetch();
+		if (empty($oldcomment)) {
+			throw new Exception('Antwoord niet gevonden');
+		}
+
+		$reply += [
+			'updated' => ['now()'],
+		];
+		$query = $Db->set('comments', $reply, $filter);
+		if (!$query->rowCount()) {
+			throw new Exception('Fout bij aanpassen');
+		}
+
+		if ($updated = $query->fetch()) {
+			foreach (array_keys(get_object_vars($updated)) as $col) {
+				if ($updated->$col === $oldcomment->$col) {
+					continue; # unaltered
+				}
+				$Db->set('journal', [
+					'comment_id' => $newcomment,
+					'property'   => 'col',
+					'col'        => $col,
+					'old_value'  => $oldcomment->$col,
+					'value'      => $updated->$col,
+				]);
+			}
+		}
+	}
+	else {
+		$reply += [
+			'page'    => "{$Page->handler}/{$Issue->id}",
+			'author'  => $User->login,
+		];
+		$query = $Db->set('comments', $reply);
+		if (!$query->rowCount()) {
+			throw new Exception('Fout bij opslaan');
+		}
+		$newcomment = $Db->dbh->lastInsertId('comments_id_seq');
 	}
-	$newcomment = $Db->dbh->lastInsertId('comments_id_seq');
 
 	if (isset($Issue)) {
 		$row = [];
@@ -127,12 +164,14 @@ function createcomment($input, &$Issue = NULL)
 			}
 		}
 		$derived = ['updated' => ['now()']];
-		$filter = ['id = ? RETURNING *', $Issue->id];
+		$filter = ['id = ?', $Issue->id];
 		$subquery = $Db->set('issues', $row + $derived, $filter);
 
 		if ($updated = $subquery->fetch()) {
 			foreach (array_keys($row) as $col) {
-				if ($updated->$col === $Issue->$col) continue; # unaltered
+				if ($updated->$col === $Issue->$col) {
+					continue; # unaltered
+				}
 				$Db->set('journal', [
 					'comment_id' => $newcomment,
 					'property'   => 'attr',
diff --git a/widget/reply.php b/widget/reply.php
index 6fe9eb1..f924851 100644
--- a/widget/reply.php
+++ b/widget/reply.php
@@ -6,7 +6,7 @@ require_once 'upload.inc.php';
 if ($_POST) {
 	try {
 		$newcomment = createcomment($_POST, $Issue);
-		$target = "/{$Page->link}/$newcomment#$newcomment";
+		$target = "/{$Page->link}?last=$newcomment#$newcomment";
 		abort($target, ($Page->api ? 200 : 303) . ' reply success');
 		$_POST['reply'] = NULL;
 	}
@@ -14,11 +14,13 @@ if ($_POST) {
 		if ($Page->api) {
 			abort(ucfirst($e->getMessage()), '500 reply error');
 		}
-		print "<p class=warn>Antwoord niet opgeslagen: {$e->getMessage()}.</p>\n\n";
+		printf("<p class=warn>Antwoord niet opgeslagen: %s.</p>\n\n",
+			nl2br(htmlspecialchars($e->getMessage()))
+		);
 	}
 }
 
-$cols = '*, (SELECT json_agg(journal.*) FROM journal WHERE comment_id = comments.id) AS journal';
+$cols = "*, (SELECT json_agg(journal.*) FROM journal WHERE comment_id = comments.id AND property = 'attr') AS journal";
 $query = $Db->query("SELECT $cols FROM comments WHERE page = ? ORDER BY created", [$Page->link]);
 
 if ($row = $query->fetch()) {