blob: b6d50495e769d16d4c82334e03bccc08e206574b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
<?php
require '../config.php';
require_once(TEMPLATES_PATH . "/header.php");
require_once(TEMPLATES_PATH . "/panel.php");
require_once(LIBRARY_PATH . "/functions.php");
if(!session_set()) {
header("Refresh: 2; URL={$config['urls']['base']}");
goto footer;
}
$id = isset($_GET['id']) ? $_GET['id'] : "";
$title = "";
$submitter = $_SESSION['user_name'];
$description = "";
$conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']);
if($id != "") {
$query = $conn->prepare("SELECT title, description, users.username AS submitter FROM reports
JOIN users ON reports.author=users.id
WHERE reports.id=:report_id");
$query->bindParam(':report_id', $id);
$query->execute();
$result = $query->fetch();
$title = $result['title'];
$submitter = $result['submitter'];
$description = $result['description'];
}
if(!$_SESSION['user_can_edit_reports'] || ($submitter != $_SESSION['user_name'])) {
echo "You cannot edit reports!";
goto footer;
}
# get bug id's
$bugs = $conn->query("SELECT id, title FROM bugs");
?>
<form action="update.php?id=<?php echo $id; ?>" method="post">
<input name="id" type="hidden" value="<?php echo $id; ?>">
<p>Title: <input name="title" type="text" value="<?php echo $title; ?>"></p>
<p>Submitted by: <?php echo $submitter; ?></p>
<p>Description: <br><textarea name="description" rows=25 cols=80><?php echo $description; ?></textarea></p>
<p>Assign to bug: <select name="bug_id">
<option value="">None</option>
<?php
if($_SESSION['user_can_edit_bugs']) {
foreach($bugs as $bug) {
echo "<option value=$bug[id]>$bug[title]</option>";
}
}
?>
</select></p>
<input type="submit" value="submit" >
</form>
<?php
footer: require_once(TEMPLATES_PATH . "/footer.php");
?>
|