From ed1cd294e32647b117688b25a465889e4664fe03 Mon Sep 17 00:00:00 2001
From: Mischa POSLAWSKY <perl@shiar.org>
Date: Tue, 28 Sep 2021 17:05:22 +0200
Subject: [PATCH] issue: reuse function to create messages from reply widget

Move code to common upload include for shared validation and features.
---
 database.inc.php |  2 +-
 issue/index.html |  4 +--
 issue/index.php  | 13 ++++----
 upload.inc.php   | 77 ++++++++++++++++++++++++++++++++++++++++++++++++
 widget/reply.php | 71 ++------------------------------------------
 5 files changed, 87 insertions(+), 80 deletions(-)

diff --git a/database.inc.php b/database.inc.php
index 12a82eb..b2244b9 100644
--- a/database.inc.php
+++ b/database.inc.php
@@ -42,7 +42,7 @@ class DB
 			foreach ($row as $col => $val) {
 				$cols[] = $this->_value($val, $params);
 			}
-			$sql = sprintf('INSERT INTO %s (%s) VALUES (%s) RETURNING id',
+			$sql = sprintf('INSERT INTO %s (%s) VALUES (%s) RETURNING *',
 				'"'.$table.'"',
 				implode(', ', array_keys($row)),
 				implode(', ', $cols)
diff --git a/issue/index.html b/issue/index.html
index 3cea55d..e8486ce 100644
--- a/issue/index.html
+++ b/issue/index.html
@@ -8,8 +8,8 @@
 <li><label for="subject">Onderwerp:</label>
 	<input type="text" id="subject" name="subject" size="60" value="" />
 </li>
-<li><label for="body">Beschrijving:</label>
-	<textarea id="body" name="body" cols="60" rows="3"></textarea>
+<li><label for="reply">Beschrijving:</label>
+	<textarea id="reply" name="reply" cols="60" rows="3"></textarea>
 </li>
 </ul><p><input type="submit" value="Aanmaken" /></p>
 </ul></form>
diff --git a/issue/index.php b/issue/index.php
index a4b1314..9a35df8 100644
--- a/issue/index.php
+++ b/issue/index.php
@@ -59,14 +59,11 @@ if ($_POST and isset($_POST['subject'])) {
 		if (!$row->id) {
 			throw new Exception('Issue niet goed opgeslagen.');
 		}
-		$query = $Db->set('comments', [
-			'page'    => "{$Page->handler}/{$row->id}",
-			'raw'     => $_POST['body'],
-			'message' => messagehtml($_POST['body']),
-			'author'  => $User->login,
-		]);
-		if (!$query->rowCount()) {
-			throw new Exception('Issueinhoud niet opgeslagen.');
+		try {
+			createcomment($_POST, $row);
+		}
+		catch (Exception $e) {
+			throw new Exception("Issueinhoud niet opgeslagen: {$e->getMessage()}.");
 		}
 		$_POST = [];
 }
diff --git a/upload.inc.php b/upload.inc.php
index e270b76..d87fa2d 100644
--- a/upload.inc.php
+++ b/upload.inc.php
@@ -1,4 +1,10 @@
 <?php
+global $journalcol;
+$journalcol = [
+	'assign' => 'Toegewezen aan',
+	'subject' => 'Onderwerp',
+];
+
 function userupload($input, $target = NULL, $filename = NULL)
 {
 	switch ($input['error']) {
@@ -67,3 +73,74 @@ function messagehtml($input)
 	];
 	return preg_replace(array_keys($markup), array_values($markup), htmlspecialchars($input));
 }
+
+function createcomment($input, &$Issue = NULL)
+{
+	# insert user message as database issue/reply
+	global $User, $Db, $Page, $journalcol;
+
+	$reply = [];
+	if (isset($input['reply']) and $body = $input['reply']) {
+		$reply['raw'] = $body;
+		$reply['message'] = messagehtml($body);
+	}
+	if ($_FILES and !empty($_FILES['image'])) {
+		$target = 'data/upload';
+		if (!file_exists($target)) {
+			throw new Exception("er is geen uploadmap aanwezig op $target");
+		}
+		$target .= '/' . $User->login;
+		if ($result = userupload($_FILES['image'], $target)) {
+			$reply['raw'] .= "/$result";
+			if (preg_match('(^image/)', $_FILES['image']['type'])) {
+				$reply['message'] .= sprintf('<p><img src="/thumb/640x/%s" /></p>', $result);
+			}
+			else {
+				$reply['message'] .= sprintf('<p>Bijgevoegd bestand: <a href="/%s" />%s</a></p>',
+					$result, basename($result)
+				);
+			}
+		}
+	}
+	$query = $Db->set('comments', $reply + [
+		'page'    => "{$Page->handler}/{$Issue->id}",
+		'author'  => $User->login,
+	]);
+	if (!$query->rowCount()) {
+		throw new Exception('Fout bij opslaan');
+	}
+	$newcomment = $Db->dbh->lastInsertId('comments_id_seq');
+
+	if (isset($Issue)) {
+		$row = [];
+		foreach (array_keys($journalcol) as $col) {
+			if (!isset($input[$col])) continue;
+			$row[$col] = $input[$col] ?: NULL;
+		}
+		if (isset($input['status'])) {
+			$reset = !empty($input['status']);
+			if (isset($Issue->closed) !== $reset) {
+				$row['closed'] = $reset ? ['now()'] : NULL;
+			}
+		}
+		$derived = ['updated' => ['now()']];
+		$filter = ['id = ? RETURNING *', $Issue->id];
+		$subquery = $Db->set('issues', $row + $derived, $filter);
+
+		if ($updated = $subquery->fetch()) {
+			foreach (array_keys($row) as $col) {
+				if ($updated->$col === $Issue->$col) continue; # unaltered
+				$Db->set('journal', [
+					'comment_id' => $newcomment,
+					'property'   => 'attr',
+					'col'        => $col,
+					'old_value'  => $Issue->$col,
+					'value'      => $updated->$col,
+				]);
+			}
+			$Issue = $updated;
+		}
+	}
+
+	return $newcomment;
+}
diff --git a/widget/reply.php b/widget/reply.php
index 66e9587..b740c2a 100644
--- a/widget/reply.php
+++ b/widget/reply.php
@@ -1,78 +1,11 @@
 <?php
 global $User, $Db, $Issue;
 require_once 'database.inc.php';
-
-$journalcol = [
-	'assign' => 'Toegewezen aan',
-	'subject' => 'Onderwerp',
-];
+require_once 'upload.inc.php';
 
 if ($_POST) {
-	require_once 'upload.inc.php';
 	try {
-		$reply = [];
-		if (isset($_POST['reply']) and $body = $_POST['reply']) {
-			$reply['raw'] = $body;
-			$reply['message'] = messagehtml($body);
-		}
-		if ($_FILES and !empty($_FILES['image'])) {
-			$target = 'data/upload';
-			if (!file_exists($target)) {
-				throw new Exception("er is geen uploadmap aanwezig op $target");
-			}
-			$target .= '/' . $User->login;
-			if ($result = userupload($_FILES['image'], $target)) {
-				$reply['raw'] .= "/$result";
-				if (preg_match('(^image/)', $_FILES['image']['type'])) {
-					$reply['message'] .= sprintf('<p><img src="/thumb/640x/%s" /></p>', $result);
-				}
-				else {
-					$reply['message'] .= sprintf('<p>Bijgevoegd bestand: <a href="/%s" />%s</a></p>',
-						$result, basename($result)
-					);
-				}
-			}
-		}
-		$query = $Db->set('comments', $reply + [
-			'page'    => $Page->link,
-			'author'  => $User->login,
-		]);
-		if (!$query->rowCount()) {
-			throw new Exception('Fout bij opslaan');
-		}
-		$newcomment = $Db->dbh->lastInsertId('comments_id_seq');
-
-		if (isset($Issue)) {
-			$row = [];
-			foreach (array_keys($journalcol) as $col) {
-				if (!isset($_POST[$col])) continue;
-				$row[$col] = $_POST[$col] ?: NULL;
-			}
-			if (isset($_POST['status'])) {
-				$reset = !empty($_POST['status']);
-				if (isset($Issue->closed) !== $reset) {
-					$row['closed'] = $reset ? ['now()'] : NULL;
-				}
-			}
-			$derived = ['updated' => ['now()']];
-			$filter = ['id = ? RETURNING *', $Issue->id];
-			$subquery = $Db->set('issues', $row + $derived, $filter);
-
-			if ($updated = $subquery->fetch()) {
-				foreach (array_keys($row) as $col) {
-					if ($updated->$col === $Issue->$col) continue; # unaltered
-					$Db->set('journal', [
-						'comment_id' => $newcomment,
-						'property'   => 'attr',
-						'col'        => $col,
-						'old_value'  => $Issue->$col,
-						'value'      => $updated->$col,
-					]);
-				}
-				$Issue = $updated;
-			}
-		}
-
+		$newcomment = createcomment($_POST, $Issue);
 		$target = "/{$Page->link}/$newcomment#$newcomment";
 		abort($target, ($Page->api ? 200 : 303) . ' reply success');
 		$_POST['reply'] = NULL;
-- 
2.30.0