ljr/livejournal/htdocs/support/stock_answers.bml

208 lines
8.5 KiB
Plaintext
Raw Permalink Normal View History

2019-02-05 21:49:12 +00:00
<?page
title=>Support Stock Answers
body<=
<?_code
{
use strict;
use vars qw($GET $POST);
# must be logged in to access this page
my $remote = LJ::get_remote();
return "<?needlogin?>" unless $remote;
# most things have a category id
my $spcatid = ($GET{spcatid} || $POST{spcatid} || 0) + 0;
my $cats = LJ::Support::load_cats();
return "<?h1 Error h1?><?p Requested category doesn't exist. p?>"
unless !$spcatid || $cats->{$spcatid};
# editing is based on ability to grant supporthelp. and throw an error if they
# posted but can't edit.
my $canedit = ($spcatid && LJ::check_priv($remote, 'admin', "supporthelp/$cats->{$spcatid}->{catkey}")) ||
LJ::check_priv($remote, 'admin', 'supporthelp') ||
LJ::check_priv($remote, 'admin', '*');
return "<?h1 Error h1?><?p You do not have access to perform actions here. p?>"
if LJ::did_post() && ! $canedit;
# viewing is based on having supporthelp over the particular category you're viewing.
my %canview; # spcatid => 0/1
foreach my $cat (values %$cats) {
$canview{$cat->{spcatid}} = 1
if LJ::Support::can_help({ _cat => $cat }, $remote);
}
return "<?h1 Error h1?><?p You do not have access to view any stock answers. p?>"
unless %canview;
return "<?h1 Error h1?><?p You do not have access to view stock answers in that category. p?>"
if $spcatid && ! $canview{$spcatid};
# filter down the category list
$cats = { map { $_->{spcatid}, $_ } grep { $canview{$_->{spcatid}} } values %$cats };
my $ansid = ($GET{ansid} || 0) + 0;
my $ret = "<?h1 Stock Answers h1?>";
my $self = "$LJ::SITEROOT/support/stock_answers.bml";
if ($POST{'action:delete'}) {
my $dbh = LJ::get_db_writer();
return "<?h1 Error h1?><?p Unable to get database handle. Please try again. p?>"
unless $dbh;
my $ct = $dbh->do("DELETE FROM support_answers WHERE ansid = ? AND spcatid = ?",
undef, $ansid, $spcatid);
return "<?h1 Error h1?><?p Error: " . $dbh->errstr . " p?>" if $dbh->err;
return "<?h1 Error h1?><?p No answer was found to delete? p?>" unless $ct;
return BML::redirect("$self?spcatid=$spcatid&deleted=1");
}
if ($POST{'action:new'} || $POST{'action:save'}) {
my ($subj, $body) = ($POST{subject}, $POST{body});
foreach my $ref (\$subj, \$body) {
$$ref =~ s/^\s+//;
$$ref =~ s/\s+$//;
# FIXME: more stuff to clean it up?
}
return "<?h1 Error h1?><?p Please fill out all fields. p?>"
unless $spcatid && $subj && $body;
my $dbh = LJ::get_db_writer();
return "<?h1 Error h1?><?p Unable to get database handle. Please try again. p?>"
unless $dbh;
if ($POST{'action:new'}) {
my $newid = LJ::alloc_global_counter('A');
return "<?h1 Error h1?><?p Unable to allocate counter. Please try again. p?>"
unless $newid;
$dbh->do("INSERT INTO support_answers (ansid, spcatid, subject, body, lastmodtime, lastmoduserid) " .
"VALUES (?, ?, ?, ?, UNIX_TIMESTAMP(), ?)",
undef, $newid, $spcatid, $subj, $body, $remote->{userid});
return "<?h1 Error h1?><?p Error: " . $dbh->errstr . " p?>" if $dbh->err;
return BML::redirect("$self?user=$remote->{user}&spcatid=$spcatid&ansid=$newid&added=1");
} else {
return "<?h1 Error h1?><?p No answer id provided. p?>" unless $ansid;
$dbh->do("UPDATE support_answers SET subject = ?, body = ?, lastmodtime = UNIX_TIMESTAMP(), " .
"lastmoduserid = ? WHERE ansid = ?", undef,
$subj, $body, $remote->{userid}, $ansid);
return "<?h1 Error h1?><?p Error: " . $dbh->errstr . " p?>" if $dbh->err;
return BML::redirect("$self?user=$remote->{user}&spcatid=$spcatid&ansid=$ansid&saved=1");
}
}
if ($GET{new}) {
$ret .= "<form method='post' action='$self'>";
$ret .= "<?p Please fill out the following form to create a new stock answer. p?>";
$ret .= "<?p Category: " . LJ::html_select({ name => 'spcatid', selected => $spcatid },
0, "( please select )",
map { $_, $cats->{$_}->{catname} }
grep { $canview{$_} }
sort { $cats->{$a}->{catname} cmp $cats->{$b}->{catname} }
keys %$cats) . "<br />";
$ret .= "Subject: " . LJ::html_text({ name => 'subject', maxlength => 255, size => 40 }) . "<br />";
$ret .= LJ::html_textarea({ name => 'body', rows => 15, cols => 80 }) . "<br />";
$ret .= LJ::html_submit('action:new', "Save Answer");
$ret .= "</form> p?>";
return $ret;
}
my $dbr = LJ::get_db_reader();
return "<?h1 Error h1?><?p No database available. p?>" unless $dbr;
my $cols = "ansid, spcatid, subject, lastmodtime, lastmoduserid";
$cols .= ", body" if $ansid;
my $sql = "SELECT $cols FROM support_answers";
my @bind = ();
if ($spcatid || $ansid) {
$sql .= " WHERE ";
if ($spcatid) {
$sql .= "spcatid = ?";
push @bind, $spcatid;
}
if ($ansid) {
$sql .= ($spcatid ? " AND " : "") . "ansid = ?";
push @bind, $ansid;
}
}
my $sth = $dbr->prepare($sql);
$sth->execute(@bind);
return "<?h1 Error h1?><?p Error: " . $sth->errstr . " p?>" if $sth->err;
$ret .= "<form method='get' action='$self'>";
$ret .= "<?p Filter: ";
$ret .= LJ::html_select({ name => 'spcatid', selected => $spcatid },
0, "( none )",
map { $_, $cats->{$_}->{catname} }
sort { $cats->{$a}->{catname} cmp $cats->{$b}->{catname} } keys %$cats);
$ret .= LJ::html_submit(undef, "Show") . "</form> p?>";
my %answers;
while (my $row = $sth->fetchrow_hashref) {
$answers{$row->{spcatid}}->{$row->{ansid}} = {
subject => $row->{subject},
body => $row->{body},
lastmodtime => $row->{lastmodtime},
lastmoduser => LJ::load_userid($row->{lastmoduserid}),
};
}
$ret .= "<?p [ <a href='$self'>View All</a> ]";
$ret .= " [ <a href='$self?new=1&spcatid=$spcatid'>Add New Answer</a> ]" if $canedit;
$ret .= " p?>";
if ($GET{added}) {
$ret .= "<?p <strong>Answer added!</strong> p?>";
} elsif ($GET{saved}) {
$ret .= "<?p <strong>Changes saved!</strong> p?>";
} elsif ($GET{deleted}) {
$ret .= "<?p <strong>Answer deleted!</strong> p?>";
}
# bilevel sort, fun and messy
foreach my $spcatid (sort { $cats->{$a}->{catname} cmp $cats->{$b}->{catname} } keys %$cats) {
next unless %{$answers{$spcatid} || {}};
$ret .= "<?h2 <a href='$self?spcatid=$spcatid'>$cats->{$spcatid}->{catname}</a> h2?>";
$ret .= "<ul>";
foreach my $ansid (sort {
$answers{$spcatid}->{$a}->{subject} cmp $answers{$spcatid}->{$b}->{subject}
} keys %{$answers{$spcatid}}) {
my ($subj, $body, $lmu, $lmt) =
map { $answers{$spcatid}->{$ansid}->{$_} } qw(subject body lastmoduser lastmodtime);
if ($body) {
$ret .= "<li>";
$ret .= "<form method='post' action='$self?ansid=$ansid&spcatid=$spcatid'>";
$ret .= LJ::html_text({ name => 'subject', value => $subj, size => 40, maxlength => 255 });
$ret .= "<br />";
$ret .= LJ::html_textarea({ name => 'body', value => $body, rows => 15, cols => 80 });
$ret .= "<br />";
$ret .= "Last modified by " . LJ::ljuser($lmu) . " on " . LJ::mysql_time($lmt) . ".<br />";
if ($canedit) {
$ret .= LJ::html_submit('action:save', "Save Changes");
$ret .= LJ::html_submit('action:delete', "Delete Answer",
{ onClick => 'return confirm("Are you sure you want to delete this stock answer?");' });
}
$ret .= "</form></li>";
} else {
$ret .= "<li><a href='$self?spcatid=$spcatid&ansid=$ansid'>$subj</a></li>";
}
}
$ret .= "</ul>";
}
return $ret;
}
_code?>
<=body
page?>