X-Git-Url: http://git.shiar.net/minimedit.git/blobdiff_plain/1b37c53095bb46844910ce3f0b699ea9a0b152d8..8216853ef9dabf609c67f2cfea3b71a5c9811c6e:/widget/reply.php

diff --git a/widget/reply.php b/widget/reply.php
index 4da0ffa..4f6a2c8 100644
--- a/widget/reply.php
+++ b/widget/reply.php
@@ -1,75 +1,12 @@
 <?php
 global $User, $Db, $Issue;
 require_once 'database.inc.php';
-
-$journalcol = [
-	'assign' => 'Toegewezen aan',
-	'subject' => 'Onderwerp',
-];
+require_once 'upload.inc.php';
 
 if ($_POST) {
-	require_once 'upload.inc.php';
 	try {
-		$html = messagehtml($_POST['reply']);
-		if ($_FILES and !empty($_FILES['image'])) {
-			$target = 'data/upload';
-			if (!file_exists($target)) {
-				throw new Exception("er is geen uploadmap aanwezig op $target");
-			}
-			$target .= '/' . $User->login;
-			if ($result = userupload($_FILES['image'], $target)) {
-				if (preg_match('(^image/)', $_FILES['image']['type'])) {
-					$html .= sprintf('<p><img src="/thumb/640x/%s" /></p>', $result);
-				}
-				else {
-					$html .= sprintf('<p>Bijgevoegd bestand: <a href="/%s" />%s</a></p>',
-						$result, basename($result)
-					);
-				}
-			}
-		}
-		$query = $Db->set('comments', [
-			'page'    => $Page->link,
-			'message' => $html,
-			'author'  => $User->login,
-		]);
-		if (!$query->rowCount()) {
-			throw new Exception('Fout bij opslaan');
-		}
-		$newcomment = $Db->dbh->lastInsertId('comments_id_seq');
-
-		if (isset($Issue)) {
-			$row = [];
-			foreach (array_keys($journalcol) as $col) {
-				if (!isset($_POST[$col])) continue;
-				$row[$col] = $_POST[$col] ?: NULL;
-			}
-			if (isset($_POST['status'])) {
-				$reset = !empty($_POST['status']);
-				if (isset($Issue->closed) !== $reset) {
-					$row['closed'] = $reset ? ['now()'] : NULL;
-				}
-			}
-			$derived = ['updated' => ['now()']];
-			$filter = ['id = ? RETURNING *', $Issue->id];
-			$subquery = $Db->set('issues', $row + $derived, $filter);
-
-			if ($updated = $subquery->fetch()) {
-				foreach (array_keys($row) as $col) {
-					if ($updated->$col === $Issue->$col) continue; # unaltered
-					$Db->set('journal', [
-						'comment_id' => $newcomment,
-						'property'   => 'attr',
-						'col'        => $col,
-						'old_value'  => $Issue->$col,
-						'value'      => $updated->$col,
-					]);
-				}
-				$Issue = $updated;
-			}
-		}
-
-		$target = "/{$Page->link}/$newcomment#$newcomment";
+		$newcomment = createcomment($_POST, $Issue);
+		$target = "/{$Page->link}?last=$newcomment#$newcomment";
 		abort($target, ($Page->api ? 200 : 303) . ' reply success');
 		$_POST['reply'] = NULL;
 	}
@@ -77,22 +14,36 @@ if ($_POST) {
 		if ($Page->api) {
 			abort(ucfirst($e->getMessage()), '500 reply error');
 		}
-		print "<p class=warn>Antwoord niet opgeslagen: {$e->getMessage()}.</p>\n\n";
+		printf("<p class=warn>Antwoord niet opgeslagen: %s.</p>\n\n",
+			nl2br(htmlspecialchars($e->getMessage()))
+		);
 	}
 }
 
-$cols = '*, (SELECT json_agg(journal.*) FROM journal WHERE comment_id = comments.id) AS journal';
+$cols = "*, (SELECT json_agg(journal.*) FROM journal WHERE comment_id = comments.id AND property = 'attr') AS journal";
 $query = $Db->query("SELECT $cols FROM comments WHERE page = ? ORDER BY created", [$Page->link]);
 
-print '<ul class="replies">';
+if ($row = $query->fetch()) {
+	print $row->message;
+	$Page->teaser = $row->raw;
+}
+
+print '<section class="replies">';
 
 $imagecount = 0;
 while ($row = $query->fetch()) {
 	$rowuser = new User("profile/{$row->author}");
-	printf('<li id="%d">', $row->id);
-	printf('<strong>%s</strong> <small class=date>%s</small>',
-		$rowuser->html, showdate(preg_split('/\D/', $row->created))
-	);
+	printf('<article id="%d">', $row->id);
+	printf('<strong>%s</strong>', $rowuser->html);
+	$rowdate = showdate(preg_split('/\D/', $row->created));
+	if ($User->admin('beheer') and $row->updated) {
+		$rowdate = "<s>$rowdate</s> " . showdate(preg_split('/\D/', $row->updated));
+	}
+	printf(' <small class=date>%s</small>', $rowdate);
+	if ($User->admin('beheer') and $User->admin('user') || $User->login === $row->author) {
+		printf(' <a href="%s" title="%s" class=icon>%s</a>',
+			"/{$Page->link}/{$row->id}", 'reactie aanpassen', "\u{270D}");
+	}
 	if ($html = $row->message) {
 		$html = preg_replace('/(?<=<img )/',
 			$imagecount > 2 ? 'loading="lazy" ' : '', $html, -1, $found);
@@ -120,13 +71,24 @@ while ($row = $query->fetch()) {
 		}
 		print "</ul>\n";
 	}
-	print "</li>\n";
+	print "</article>\n";
 }
 
 if ($User->login) {
-	print '<li>';
+	print '<article><hr />';
 	print '<form method="post" action="" enctype="multipart/form-data">';
 	if (isset($Issue) and $User->admin("edit {$Page->link}")) {
+		print "<aside>\n";
+		print '<p>';
+		printf(
+			'<label for="%s">%s:</label> '
+			. '<input id="%1$s" name="%1$s" value="%s" />'."\n",
+			'subject',
+			$journalcol['subject'],
+			htmlspecialchars($Issue->subject ?? '')
+		);
+		print "</p>\n";
+
 		print '<p>';
 		printf(
 			'<label for="%s">%s:</label> '
@@ -145,6 +107,22 @@ if ($User->login) {
 			'Gesloten'
 		);
 		print "</p>\n";
+		print "</aside>\n";
+	}
+	{
+		print '<p>';
+		printf(
+			'<input type="hidden" name="%s" value="" />'
+			. "Geplaatste berichten zijn hier direct zichtbaar voor bewoners.\n"
+			. '<input type="checkbox" id="%1$s" name="%1$s" value="%s"%s%s />'
+			. '<label for="%1$s"> %s</label>'."\n",
+			'announce',
+			'1',
+			($_POST['announce'] ?? TRUE) ? ' checked' : '',
+			' onclick="this.nextSibling.hidden = !this.checked"',
+			"De eerste regel wordt ook weergegeven op het scherm in de hal."
+		);
+		print "</p>\n";
 	}
 	if (isset($Issue)) {
 		printf(
@@ -161,7 +139,7 @@ if ($User->login) {
 	print '<input type="submit" value="Plaatsen" />'."\n";
 	print "</form>";
 	print '<script src="/upload/progress.js"></script>';
-	print "</li>\n";
+	print "</article>\n";
 }
 
-print "</ul>\n\n";
+print "</section>\n\n";