208 lines
8.5 KiB
Plaintext
Executable File
208 lines
8.5 KiB
Plaintext
Executable File
<?page
|
|
title=>Support Stock Answers
|
|
body<=
|
|
<?_code
|
|
{
|
|
use strict;
|
|
use vars qw($GET $POST);
|
|
|
|
# must be logged in to access this page
|
|
my $remote = LJ::get_remote();
|
|
return "<?needlogin?>" unless $remote;
|
|
|
|
# most things have a category id
|
|
my $spcatid = ($GET{spcatid} || $POST{spcatid} || 0) + 0;
|
|
my $cats = LJ::Support::load_cats();
|
|
return "<?h1 Error h1?><?p Requested category doesn't exist. p?>"
|
|
unless !$spcatid || $cats->{$spcatid};
|
|
|
|
# editing is based on ability to grant supporthelp. and throw an error if they
|
|
# posted but can't edit.
|
|
my $canedit = ($spcatid && LJ::check_priv($remote, 'admin', "supporthelp/$cats->{$spcatid}->{catkey}")) ||
|
|
LJ::check_priv($remote, 'admin', 'supporthelp') ||
|
|
LJ::check_priv($remote, 'admin', '*');
|
|
return "<?h1 Error h1?><?p You do not have access to perform actions here. p?>"
|
|
if LJ::did_post() && ! $canedit;
|
|
|
|
# viewing is based on having supporthelp over the particular category you're viewing.
|
|
my %canview; # spcatid => 0/1
|
|
foreach my $cat (values %$cats) {
|
|
$canview{$cat->{spcatid}} = 1
|
|
if LJ::Support::can_help({ _cat => $cat }, $remote);
|
|
}
|
|
return "<?h1 Error h1?><?p You do not have access to view any stock answers. p?>"
|
|
unless %canview;
|
|
return "<?h1 Error h1?><?p You do not have access to view stock answers in that category. p?>"
|
|
if $spcatid && ! $canview{$spcatid};
|
|
|
|
# filter down the category list
|
|
$cats = { map { $_->{spcatid}, $_ } grep { $canview{$_->{spcatid}} } values %$cats };
|
|
|
|
my $ansid = ($GET{ansid} || 0) + 0;
|
|
|
|
my $ret = "<?h1 Stock Answers h1?>";
|
|
my $self = "$LJ::SITEROOT/support/stock_answers.bml";
|
|
|
|
if ($POST{'action:delete'}) {
|
|
my $dbh = LJ::get_db_writer();
|
|
return "<?h1 Error h1?><?p Unable to get database handle. Please try again. p?>"
|
|
unless $dbh;
|
|
|
|
my $ct = $dbh->do("DELETE FROM support_answers WHERE ansid = ? AND spcatid = ?",
|
|
undef, $ansid, $spcatid);
|
|
return "<?h1 Error h1?><?p Error: " . $dbh->errstr . " p?>" if $dbh->err;
|
|
return "<?h1 Error h1?><?p No answer was found to delete? p?>" unless $ct;
|
|
return BML::redirect("$self?spcatid=$spcatid&deleted=1");
|
|
}
|
|
|
|
if ($POST{'action:new'} || $POST{'action:save'}) {
|
|
my ($subj, $body) = ($POST{subject}, $POST{body});
|
|
|
|
foreach my $ref (\$subj, \$body) {
|
|
$$ref =~ s/^\s+//;
|
|
$$ref =~ s/\s+$//;
|
|
# FIXME: more stuff to clean it up?
|
|
}
|
|
|
|
return "<?h1 Error h1?><?p Please fill out all fields. p?>"
|
|
unless $spcatid && $subj && $body;
|
|
|
|
my $dbh = LJ::get_db_writer();
|
|
return "<?h1 Error h1?><?p Unable to get database handle. Please try again. p?>"
|
|
unless $dbh;
|
|
|
|
if ($POST{'action:new'}) {
|
|
my $newid = LJ::alloc_global_counter('A');
|
|
return "<?h1 Error h1?><?p Unable to allocate counter. Please try again. p?>"
|
|
unless $newid;
|
|
|
|
$dbh->do("INSERT INTO support_answers (ansid, spcatid, subject, body, lastmodtime, lastmoduserid) " .
|
|
"VALUES (?, ?, ?, ?, UNIX_TIMESTAMP(), ?)",
|
|
undef, $newid, $spcatid, $subj, $body, $remote->{userid});
|
|
return "<?h1 Error h1?><?p Error: " . $dbh->errstr . " p?>" if $dbh->err;
|
|
|
|
return BML::redirect("$self?user=$remote->{user}&spcatid=$spcatid&ansid=$newid&added=1");
|
|
} else {
|
|
return "<?h1 Error h1?><?p No answer id provided. p?>" unless $ansid;
|
|
|
|
$dbh->do("UPDATE support_answers SET subject = ?, body = ?, lastmodtime = UNIX_TIMESTAMP(), " .
|
|
"lastmoduserid = ? WHERE ansid = ?", undef,
|
|
$subj, $body, $remote->{userid}, $ansid);
|
|
return "<?h1 Error h1?><?p Error: " . $dbh->errstr . " p?>" if $dbh->err;
|
|
|
|
return BML::redirect("$self?user=$remote->{user}&spcatid=$spcatid&ansid=$ansid&saved=1");
|
|
}
|
|
}
|
|
|
|
if ($GET{new}) {
|
|
$ret .= "<form method='post' action='$self'>";
|
|
|
|
$ret .= "<?p Please fill out the following form to create a new stock answer. p?>";
|
|
$ret .= "<?p Category: " . LJ::html_select({ name => 'spcatid', selected => $spcatid },
|
|
0, "( please select )",
|
|
map { $_, $cats->{$_}->{catname} }
|
|
grep { $canview{$_} }
|
|
sort { $cats->{$a}->{catname} cmp $cats->{$b}->{catname} }
|
|
keys %$cats) . "<br />";
|
|
$ret .= "Subject: " . LJ::html_text({ name => 'subject', maxlength => 255, size => 40 }) . "<br />";
|
|
$ret .= LJ::html_textarea({ name => 'body', rows => 15, cols => 80 }) . "<br />";
|
|
$ret .= LJ::html_submit('action:new', "Save Answer");
|
|
$ret .= "</form> p?>";
|
|
|
|
return $ret;
|
|
}
|
|
|
|
my $dbr = LJ::get_db_reader();
|
|
return "<?h1 Error h1?><?p No database available. p?>" unless $dbr;
|
|
|
|
my $cols = "ansid, spcatid, subject, lastmodtime, lastmoduserid";
|
|
$cols .= ", body" if $ansid;
|
|
|
|
my $sql = "SELECT $cols FROM support_answers";
|
|
my @bind = ();
|
|
|
|
if ($spcatid || $ansid) {
|
|
$sql .= " WHERE ";
|
|
if ($spcatid) {
|
|
$sql .= "spcatid = ?";
|
|
push @bind, $spcatid;
|
|
}
|
|
if ($ansid) {
|
|
$sql .= ($spcatid ? " AND " : "") . "ansid = ?";
|
|
push @bind, $ansid;
|
|
}
|
|
}
|
|
|
|
my $sth = $dbr->prepare($sql);
|
|
$sth->execute(@bind);
|
|
return "<?h1 Error h1?><?p Error: " . $sth->errstr . " p?>" if $sth->err;
|
|
|
|
$ret .= "<form method='get' action='$self'>";
|
|
$ret .= "<?p Filter: ";
|
|
$ret .= LJ::html_select({ name => 'spcatid', selected => $spcatid },
|
|
0, "( none )",
|
|
map { $_, $cats->{$_}->{catname} }
|
|
sort { $cats->{$a}->{catname} cmp $cats->{$b}->{catname} } keys %$cats);
|
|
$ret .= LJ::html_submit(undef, "Show") . "</form> p?>";
|
|
|
|
my %answers;
|
|
while (my $row = $sth->fetchrow_hashref) {
|
|
$answers{$row->{spcatid}}->{$row->{ansid}} = {
|
|
subject => $row->{subject},
|
|
body => $row->{body},
|
|
lastmodtime => $row->{lastmodtime},
|
|
lastmoduser => LJ::load_userid($row->{lastmoduserid}),
|
|
};
|
|
}
|
|
|
|
$ret .= "<?p [ <a href='$self'>View All</a> ]";
|
|
$ret .= " [ <a href='$self?new=1&spcatid=$spcatid'>Add New Answer</a> ]" if $canedit;
|
|
$ret .= " p?>";
|
|
|
|
if ($GET{added}) {
|
|
$ret .= "<?p <strong>Answer added!</strong> p?>";
|
|
} elsif ($GET{saved}) {
|
|
$ret .= "<?p <strong>Changes saved!</strong> p?>";
|
|
} elsif ($GET{deleted}) {
|
|
$ret .= "<?p <strong>Answer deleted!</strong> p?>";
|
|
}
|
|
|
|
# bilevel sort, fun and messy
|
|
foreach my $spcatid (sort { $cats->{$a}->{catname} cmp $cats->{$b}->{catname} } keys %$cats) {
|
|
next unless %{$answers{$spcatid} || {}};
|
|
|
|
$ret .= "<?h2 <a href='$self?spcatid=$spcatid'>$cats->{$spcatid}->{catname}</a> h2?>";
|
|
$ret .= "<ul>";
|
|
foreach my $ansid (sort {
|
|
$answers{$spcatid}->{$a}->{subject} cmp $answers{$spcatid}->{$b}->{subject}
|
|
} keys %{$answers{$spcatid}}) {
|
|
my ($subj, $body, $lmu, $lmt) =
|
|
map { $answers{$spcatid}->{$ansid}->{$_} } qw(subject body lastmoduser lastmodtime);
|
|
if ($body) {
|
|
$ret .= "<li>";
|
|
$ret .= "<form method='post' action='$self?ansid=$ansid&spcatid=$spcatid'>";
|
|
$ret .= LJ::html_text({ name => 'subject', value => $subj, size => 40, maxlength => 255 });
|
|
$ret .= "<br />";
|
|
$ret .= LJ::html_textarea({ name => 'body', value => $body, rows => 15, cols => 80 });
|
|
$ret .= "<br />";
|
|
$ret .= "Last modified by " . LJ::ljuser($lmu) . " on " . LJ::mysql_time($lmt) . ".<br />";
|
|
if ($canedit) {
|
|
$ret .= LJ::html_submit('action:save', "Save Changes");
|
|
$ret .= LJ::html_submit('action:delete', "Delete Answer",
|
|
{ onClick => 'return confirm("Are you sure you want to delete this stock answer?");' });
|
|
}
|
|
$ret .= "</form></li>";
|
|
} else {
|
|
$ret .= "<li><a href='$self?spcatid=$spcatid&ansid=$ansid'>$subj</a></li>";
|
|
}
|
|
}
|
|
$ret .= "</ul>";
|
|
}
|
|
|
|
|
|
return $ret;
|
|
}
|
|
_code?>
|
|
<=body
|
|
page?>
|