misuzu/public/manage/changelog.php

<?php
require_once '../../misuzu.php';

$changelogPerms = perms_get_user(user_session_current('user_id', 0))[MSZ_PERMS_CHANGELOG];

switch ($_GET['v'] ?? null) {
    default:
    case 'changes':
        if (!perms_check($changelogPerms, MSZ_PERM_CHANGELOG_MANAGE_CHANGES)) {
            echo render_error(403);
            break;
        }

        $changesCount = (int)db_query('
            SELECT COUNT(`change_id`)
            FROM `msz_changelog_changes`
        ')->fetchColumn();

        $changelogPagination = pagination_create($changesCount, 30);
        $changelogOffset = pagination_offset($changelogPagination, pagination_param());

        if (!pagination_is_valid_offset($changelogOffset)) {
            echo render_error(404);
            break;
        }

        $getChanges = db_prepare('
            SELECT
                c.`change_id`, c.`change_log`, c.`change_created`, c.`change_action`,
                u.`user_id`, u.`username`,
                COALESCE(u.`user_colour`, r.`role_colour`) AS `user_colour`,
                DATE(`change_created`) AS `change_date`,
                !ISNULL(c.`change_text`) AS `change_has_text`
            FROM `msz_changelog_changes` AS c
            LEFT JOIN `msz_users` AS u
            ON u.`user_id` = c.`user_id`
            LEFT JOIN `msz_roles` AS r
            ON r.`role_id` = u.`display_role`
            ORDER BY c.`change_id` DESC
            LIMIT :offset, :take
        ');
        $getChanges->bindValue('take', $changelogPagination['range']);
        $getChanges->bindValue('offset', $changelogOffset);
        $changes = db_fetch_all($getChanges);

        $getTags = db_prepare('
            SELECT
                t.`tag_id`, t.`tag_name`, t.`tag_description`
            FROM `msz_changelog_change_tags` as ct
            LEFT JOIN `msz_changelog_tags` as t
            ON t.`tag_id` = ct.`tag_id`
            WHERE ct.`change_id` = :change_id
        ');

        // grab tags
        for ($i = 0; $i < count($changes); $i++) {
            $getTags->bindValue('change_id', $changes[$i]['change_id']);
            $changes[$i]['tags'] = db_fetch_all($getTags);
        }

        echo tpl_render('manage.changelog.changes', [
            'changelog_changes' => $changes,
            'changelog_changes_count' => $changesCount,
            'changelog_pagination' => $changelogPagination,
        ]);
        break;

    case 'change':
        if (!perms_check($changelogPerms, MSZ_PERM_CHANGELOG_MANAGE_CHANGES)) {
            echo render_error(403);
            break;
        }

        $changeId = (int)($_GET['c'] ?? 0);

        if ($_SERVER['REQUEST_METHOD'] === 'POST' && csrf_verify('changelog_add', $_POST['csrf'] ?? '')) {
            if (!empty($_POST['change']) && is_array($_POST['change'])) {
                if ($changeId > 0) {
                    $postChange = db_prepare('
                        UPDATE `msz_changelog_changes`
                        SET `change_log` = :log,
                            `change_text` = :text,
                            `change_action` = :action,
                            `user_id` = :user,
                            `change_created` = :created
                        WHERE `change_id` = :change_id
                    ');
                    $postChange->bindValue('change_id', $changeId);
                } else {
                    $postChange = db_prepare('
                        INSERT INTO `msz_changelog_changes`
                            (
                                `change_log`, `change_text`, `change_action`,
                                `user_id`, `change_created`
                            )
                        VALUES
                            (:log, :text, :action, :user, :created)
                    ');
                }

                $postChange->bindValue('log', $_POST['change']['log']);
                $postChange->bindValue('action', $_POST['change']['action']);
                $postChange->bindValue('text', strlen($_POST['change']['text'])
                    ? $_POST['change']['text']
                    : null);
                $postChange->bindValue('user', is_numeric($_POST['change']['user'])
                    ? $_POST['change']['user']
                    : null);
                $postChange->bindValue('created', strlen($_POST['change']['created'])
                    ? $_POST['change']['created']
                    : null);
                $postChange->execute();

                if ($changeId < 1) {
                    $changeId = db_last_insert_id();
                    audit_log(MSZ_AUDIT_CHANGELOG_ENTRY_CREATE, user_session_current('user_id', 0), [$changeId]);
                } else {
                    audit_log(MSZ_AUDIT_CHANGELOG_ENTRY_EDIT, user_session_current('user_id', 0), [$changeId]);
                }
            }

            if(!empty($_POST['tags']) && is_array($_POST['tags']) && array_test($_POST['tags'], 'ctype_digit')) {
                $setTags = array_apply($_POST['tags'], 'intval');

                $removeTags = db_prepare(sprintf('
                    DELETE FROM `msz_changelog_change_tags`
                    WHERE `change_id` = :change_id
                    AND `tag_id` NOT IN (%s)
                ', implode(',', $setTags)));
                $removeTags->bindValue('change_id', $changeId);
                $removeTags->execute();

                $addTag = db_prepare('
                    INSERT IGNORE INTO `msz_changelog_change_tags`
                        (`change_id`, `tag_id`)
                    VALUES
                        (:change_id, :tag_id)
                ');
                $addTag->bindValue('change_id', $changeId);

                foreach ($setTags as $role) {
                    $addTag->bindValue('tag_id', $role);
                    $addTag->execute();
                }
            }
        }

        $actions = [
            ['action_id' => MSZ_CHANGELOG_ACTION_ADD, 'action_name' => 'Added'],
            ['action_id' => MSZ_CHANGELOG_ACTION_REMOVE, 'action_name' => 'Removed'],
            ['action_id' => MSZ_CHANGELOG_ACTION_UPDATE, 'action_name' => 'Updated'],
            ['action_id' => MSZ_CHANGELOG_ACTION_FIX, 'action_name' => 'Fixed'],
            ['action_id' => MSZ_CHANGELOG_ACTION_IMPORT, 'action_name' => 'Imported'],
            ['action_id' => MSZ_CHANGELOG_ACTION_REVERT, 'action_name' => 'Reverted'],
        ];

        tpl_var('changelog_actions', $actions);

        if ($changeId > 0) {
            $getChange = db_prepare('
                SELECT
                    `change_id`, `change_log`, `change_text`, `user_id`,
                    `change_action`, `change_created`
                FROM `msz_changelog_changes`
                WHERE `change_id` = :change_id
            ');
            $getChange->bindValue('change_id', $changeId);
            $change = db_fetch($getChange);

            if(!$change) {
                header('Location: ?v=changes');
                return;
            }
        }

        $getChangeTags = db_prepare('
            SELECT
                ct.`tag_id`, ct.`tag_name`,
                (
                    SELECT COUNT(`change_id`) > 0
                    FROM `msz_changelog_change_tags`
                    WHERE `tag_id` = ct.`tag_id`
                    AND `change_id` = :change_id
                ) AS `has_tag`
            FROM `msz_changelog_tags` AS ct
        ');
        $getChangeTags->bindValue('change_id', $change['change_id'] ?? 0);
        $changeTags = db_fetch_all($getChangeTags);

        echo tpl_render('manage.changelog.change_edit', [
            'edit_change' => $change ?? null,
            'edit_change_tags' => $changeTags,
        ]);
        break;

    case 'tags':
        $canManageTags = perms_check($changelogPerms, MSZ_PERM_CHANGELOG_MANAGE_TAGS);

        if (!$canManageTags) {
            echo render_error(403);
            break;
        }

        if ($canManageTags) {
            $getTags = db_prepare('
                SELECT
                    t.`tag_id`, t.`tag_name`, t.`tag_description`, t.`tag_created`,
                    (
                        SELECT COUNT(ct.`change_id`)
                        FROM `msz_changelog_change_tags` as ct
                        WHERE ct.`tag_id` = t.`tag_id`
                    ) as `tag_count`
                FROM `msz_changelog_tags` as t
                ORDER BY t.`tag_id` ASC
            ');
            tpl_var('changelog_tags', db_fetch_all($getTags));
        }

        echo tpl_render('manage.changelog.tags');
        break;

    case 'tag':
        if (!perms_check($changelogPerms, MSZ_PERM_CHANGELOG_MANAGE_TAGS)) {
            echo render_error(403);
            break;
        }

        $tagId = (int)($_GET['t'] ?? 0);

        if ($_SERVER['REQUEST_METHOD'] === 'POST' && csrf_verify('changelog_tag', $_POST['csrf'] ?? '')) {
            if (!empty($_POST['tag']) && is_array($_POST['tag'])) {
                if ($tagId > 0) {
                    $updateTag = db_prepare('
                        UPDATE `msz_changelog_tags`
                        SET `tag_name` = :name,
                            `tag_description` = :description,
                            `tag_archived` = :archived
                        WHERE `tag_id` = :id
                    ');
                    $updateTag->bindValue('id', $tagId);
                } else {
                    $updateTag = db_prepare('
                        INSERT INTO `msz_changelog_tags`
                            (`tag_name`, `tag_description`, `tag_archived`)
                        VALUES
                            (:name, :description, :archived)
                    ');
                }

                $updateTag->bindValue('name', $_POST['tag']['name']);
                $updateTag->bindValue('description', $_POST['tag']['description']);
                // this is fine, after being archived there shouldn't be any other changes being made
                $updateTag->bindValue('archived', empty($_POST['tag']['archived']) ? null : date('Y-m-d H:i:s'));
                $updateTag->execute();

                if ($tagId < 1) {
                    $tagId = db_last_insert_id();
                    audit_log(MSZ_AUDIT_CHANGELOG_TAG_EDIT, user_session_current('user_id', 0), [$tagId]);
                    header('Location: ?v=tag&t=' . $tagId);
                    return;
                } else {
                    audit_log(MSZ_AUDIT_CHANGELOG_TAG_CREATE, user_session_current('user_id', 0), [$tagId]);
                }
            }
        }

        if ($tagId > 0) {
            $getTag = db_prepare('
                SELECT `tag_id`, `tag_name`, `tag_description`, `tag_archived`, `tag_created`
                FROM `msz_changelog_tags`
                WHERE `tag_id` = :tag_id
            ');
            $getTag->bindValue('tag_id', $tagId);
            $tag = db_fetch($getTag);

            if ($tag) {
                tpl_var('edit_tag', $tag);
            } else {
                header('Location: ?v=tags');
                return;
            }
        }

        echo tpl_render('manage.changelog.tag_edit');
        break;
}
changelog updates 2018-07-07 01:32:09 +00:00			`<?php`
New config system, define a root dir constant and deprecate more of Application. 2018-10-04 20:30:55 +00:00			`require_once '../../misuzu.php';`
changelog updates 2018-07-07 01:32:09 +00:00
Reworked permission fetching. 2019-04-30 00:55:10 +00:00			`$changelogPerms = perms_get_user(user_session_current('user_id', 0))[MSZ_PERMS_CHANGELOG];`
changelog updates 2018-07-07 01:32:09 +00:00
Revert fucking everything. 2019-03-18 20:47:25 +00:00			`switch ($_GET['v'] ?? null) {`
Made manage sections default to their actual default pages. 2018-07-10 01:04:44 +00:00			`default:`
changelog updates 2018-07-07 01:32:09 +00:00			`case 'changes':`
Rename global permission constants to make more sense. 2018-08-18 02:31:46 +00:00			`if (!perms_check($changelogPerms, MSZ_PERM_CHANGELOG_MANAGE_CHANGES)) {`
Initial permission stuffs. 2018-07-07 23:24:34 +00:00			`echo render_error(403);`
			`break;`
			`}`
changelog updates 2018-07-07 01:32:09 +00:00
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$changesCount = (int)db_query('`
changelog updates 2018-07-07 01:32:09 +00:00			SELECT COUNT(`change_id`)
			FROM `msz_changelog_changes`
			`')->fetchColumn();`

Rewrote the pagination system. 2019-01-03 00:33:02 +00:00			`$changelogPagination = pagination_create($changesCount, 30);`
			`$changelogOffset = pagination_offset($changelogPagination, pagination_param());`

			`if (!pagination_is_valid_offset($changelogOffset)) {`
			`echo render_error(404);`
			`break;`
			`}`

Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$getChanges = db_prepare('`
changelog updates 2018-07-07 01:32:09 +00:00			`SELECT`
Hardcoded changelog actions. 2019-04-11 22:31:23 +00:00			c.`change_id`, c.`change_log`, c.`change_created`, c.`change_action`,
changelog updates 2018-07-07 01:32:09 +00:00			u.`user_id`, u.`username`,
Hardcoded changelog actions. 2019-04-11 22:31:23 +00:00			COALESCE(u.`user_colour`, r.`role_colour`) AS `user_colour`,
			DATE(`change_created`) AS `change_date`,
			!ISNULL(c.`change_text`) AS `change_has_text`
			FROM `msz_changelog_changes` AS c
			LEFT JOIN `msz_users` AS u
changelog updates 2018-07-07 01:32:09 +00:00			ON u.`user_id` = c.`user_id`
Hardcoded changelog actions. 2019-04-11 22:31:23 +00:00			LEFT JOIN `msz_roles` AS r
changelog updates 2018-07-07 01:32:09 +00:00			ON r.`role_id` = u.`display_role`
			ORDER BY c.`change_id` DESC
			`LIMIT :offset, :take`
			`');`
Rewrote the pagination system. 2019-01-03 00:33:02 +00:00			`$getChanges->bindValue('take', $changelogPagination['range']);`
			`$getChanges->bindValue('offset', $changelogOffset);`
Added more typesafe shorthands for fetching database operations. 2019-01-09 19:06:02 +00:00			`$changes = db_fetch_all($getChanges);`
changelog updates 2018-07-07 01:32:09 +00:00
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$getTags = db_prepare('`
changelog updates 2018-07-07 01:32:09 +00:00			`SELECT`
			t.`tag_id`, t.`tag_name`, t.`tag_description`
			FROM `msz_changelog_change_tags` as ct
			LEFT JOIN `msz_changelog_tags` as t
			ON t.`tag_id` = ct.`tag_id`
			WHERE ct.`change_id` = :change_id
			`');`

			`// grab tags`
			`for ($i = 0; $i < count($changes); $i++) {`
			`$getTags->bindValue('change_id', $changes[$i]['change_id']);`
Added more typesafe shorthands for fetching database operations. 2019-01-09 19:06:02 +00:00			`$changes[$i]['tags'] = db_fetch_all($getTags);`
changelog updates 2018-07-07 01:32:09 +00:00			`}`

Restructure templating system. 2018-08-15 01:12:58 +00:00			`echo tpl_render('manage.changelog.changes', [`
changelog updates 2018-07-07 01:32:09 +00:00			`'changelog_changes' => $changes,`
			`'changelog_changes_count' => $changesCount,`
Rewrote the pagination system. 2019-01-03 00:33:02 +00:00			`'changelog_pagination' => $changelogPagination,`
changelog updates 2018-07-07 01:32:09 +00:00			`]);`
			`break;`

			`case 'change':`
Rename global permission constants to make more sense. 2018-08-18 02:31:46 +00:00			`if (!perms_check($changelogPerms, MSZ_PERM_CHANGELOG_MANAGE_CHANGES)) {`
Initial permission stuffs. 2018-07-07 23:24:34 +00:00			`echo render_error(403);`
			`break;`
			`}`

Revert fucking everything. 2019-03-18 20:47:25 +00:00			`$changeId = (int)($_GET['c'] ?? 0);`
changelog updates 2018-07-07 01:32:09 +00:00
cool new CSRF protection system 2018-10-02 19:16:42 +00:00			`if ($_SERVER['REQUEST_METHOD'] === 'POST' && csrf_verify('changelog_add', $_POST['csrf'] ?? '')) {`
changelog updates 2018-07-07 01:32:09 +00:00			`if (!empty($_POST['change']) && is_array($_POST['change'])) {`
			`if ($changeId > 0) {`
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$postChange = db_prepare('`
changelog updates 2018-07-07 01:32:09 +00:00			UPDATE `msz_changelog_changes`
			SET `change_log` = :log,
			`change_text` = :text,
Hardcoded changelog actions. 2019-04-11 22:31:23 +00:00			`change_action` = :action,
changelog updates 2018-07-07 01:32:09 +00:00			`user_id` = :user,
			`change_created` = :created
			WHERE `change_id` = :change_id
			`');`
			`$postChange->bindValue('change_id', $changeId);`
			`} else {`
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$postChange = db_prepare('`
changelog updates 2018-07-07 01:32:09 +00:00			INSERT INTO `msz_changelog_changes`
Move git functions out of ApplicationBase 2018-07-10 16:37:13 +00:00			`(`
Hardcoded changelog actions. 2019-04-11 22:31:23 +00:00			`change_log`, `change_text`, `change_action`,
Some memberlist things. 2018-07-11 20:03:43 +00:00			`user_id`, `change_created`
Move git functions out of ApplicationBase 2018-07-10 16:37:13 +00:00			`)`
changelog updates 2018-07-07 01:32:09 +00:00			`VALUES`
			`(:log, :text, :action, :user, :created)`
			`');`
			`}`

			`$postChange->bindValue('log', $_POST['change']['log']);`
			`$postChange->bindValue('action', $_POST['change']['action']);`
			`$postChange->bindValue('text', strlen($_POST['change']['text'])`
			`? $_POST['change']['text']`
			`: null);`
			`$postChange->bindValue('user', is_numeric($_POST['change']['user'])`
			`? $_POST['change']['user']`
			`: null);`
			`$postChange->bindValue('created', strlen($_POST['change']['created'])`
			`? $_POST['change']['created']`
			`: null);`
			`$postChange->execute();`

			`if ($changeId < 1) {`
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$changeId = db_last_insert_id();`
Convert audit log strings to constants. 2018-12-15 18:46:48 +00:00			`audit_log(MSZ_AUDIT_CHANGELOG_ENTRY_CREATE, user_session_current('user_id', 0), [$changeId]);`
Add audit log backend stuff. 2018-07-17 17:17:57 +00:00			`} else {`
Convert audit log strings to constants. 2018-12-15 18:46:48 +00:00			`audit_log(MSZ_AUDIT_CHANGELOG_ENTRY_EDIT, user_session_current('user_id', 0), [$changeId]);`
changelog updates 2018-07-07 01:32:09 +00:00			`}`
			`}`

Improved changelog tag management. 2019-04-02 19:02:35 +00:00			`if(!empty($_POST['tags']) && is_array($_POST['tags']) && array_test($_POST['tags'], 'ctype_digit')) {`
			`$setTags = array_apply($_POST['tags'], 'intval');`
changelog updates 2018-07-07 01:32:09 +00:00
Improved changelog tag management. 2019-04-02 19:02:35 +00:00			`$removeTags = db_prepare(sprintf('`
changelog updates 2018-07-07 01:32:09 +00:00			DELETE FROM `msz_changelog_change_tags`
			WHERE `change_id` = :change_id
Improved changelog tag management. 2019-04-02 19:02:35 +00:00			AND `tag_id` NOT IN (%s)
			`', implode(',', $setTags)));`
			`$removeTags->bindValue('change_id', $changeId);`
			`$removeTags->execute();`

			`$addTag = db_prepare('`
			INSERT IGNORE INTO `msz_changelog_change_tags`
			(`change_id`, `tag_id`)
			`VALUES`
			`(:change_id, :tag_id)`
changelog updates 2018-07-07 01:32:09 +00:00			`');`
Improved changelog tag management. 2019-04-02 19:02:35 +00:00			`$addTag->bindValue('change_id', $changeId);`

			`foreach ($setTags as $role) {`
			`$addTag->bindValue('tag_id', $role);`
			`$addTag->execute();`
Add audit log backend stuff. 2018-07-17 17:17:57 +00:00			`}`
changelog updates 2018-07-07 01:32:09 +00:00			`}`
			`}`

Hardcoded changelog actions. 2019-04-11 22:31:23 +00:00			`$actions = [`
			`['action_id' => MSZ_CHANGELOG_ACTION_ADD, 'action_name' => 'Added'],`
			`['action_id' => MSZ_CHANGELOG_ACTION_REMOVE, 'action_name' => 'Removed'],`
			`['action_id' => MSZ_CHANGELOG_ACTION_UPDATE, 'action_name' => 'Updated'],`
			`['action_id' => MSZ_CHANGELOG_ACTION_FIX, 'action_name' => 'Fixed'],`
			`['action_id' => MSZ_CHANGELOG_ACTION_IMPORT, 'action_name' => 'Imported'],`
			`['action_id' => MSZ_CHANGELOG_ACTION_REVERT, 'action_name' => 'Reverted'],`
			`];`

Restructure templating system. 2018-08-15 01:12:58 +00:00			`tpl_var('changelog_actions', $actions);`
changelog updates 2018-07-07 01:32:09 +00:00
			`if ($changeId > 0) {`
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$getChange = db_prepare('`
Move git functions out of ApplicationBase 2018-07-10 16:37:13 +00:00			`SELECT`
			`change_id`, `change_log`, `change_text`, `user_id`,
Hardcoded changelog actions. 2019-04-11 22:31:23 +00:00			`change_action`, `change_created`
changelog updates 2018-07-07 01:32:09 +00:00			FROM `msz_changelog_changes`
			WHERE `change_id` = :change_id
			`');`
			`$getChange->bindValue('change_id', $changeId);`
Added more typesafe shorthands for fetching database operations. 2019-01-09 19:06:02 +00:00			`$change = db_fetch($getChange);`
changelog updates 2018-07-07 01:32:09 +00:00
Improved changelog tag management. 2019-04-02 19:02:35 +00:00			`if(!$change) {`
changelog updates 2018-07-07 01:32:09 +00:00			`header('Location: ?v=changes');`
			`return;`
			`}`
			`}`

Improved changelog tag management. 2019-04-02 19:02:35 +00:00			`$getChangeTags = db_prepare('`
			`SELECT`
			ct.`tag_id`, ct.`tag_name`,
			`(`
			SELECT COUNT(`change_id`) > 0
			FROM `msz_changelog_change_tags`
			WHERE `tag_id` = ct.`tag_id`
			AND `change_id` = :change_id
			) AS `has_tag`
			FROM `msz_changelog_tags` AS ct
			`');`
			`$getChangeTags->bindValue('change_id', $change['change_id'] ?? 0);`
			`$changeTags = db_fetch_all($getChangeTags);`

			`echo tpl_render('manage.changelog.change_edit', [`
			`'edit_change' => $change ?? null,`
			`'edit_change_tags' => $changeTags,`
			`]);`
changelog updates 2018-07-07 01:32:09 +00:00			`break;`

			`case 'tags':`
Rename global permission constants to make more sense. 2018-08-18 02:31:46 +00:00			`$canManageTags = perms_check($changelogPerms, MSZ_PERM_CHANGELOG_MANAGE_TAGS);`
Restyled changelog related manage pages 2018-08-16 17:26:16 +00:00
Hardcoded changelog actions. 2019-04-11 22:31:23 +00:00			`if (!$canManageTags) {`
Initial permission stuffs. 2018-07-07 23:24:34 +00:00			`echo render_error(403);`
			`break;`
			`}`

Restyled changelog related manage pages 2018-08-16 17:26:16 +00:00			`if ($canManageTags) {`
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$getTags = db_prepare('`
Restyled changelog related manage pages 2018-08-16 17:26:16 +00:00			`SELECT`
			t.`tag_id`, t.`tag_name`, t.`tag_description`, t.`tag_created`,
			`(`
			SELECT COUNT(ct.`change_id`)
			FROM `msz_changelog_change_tags` as ct
			WHERE ct.`tag_id` = t.`tag_id`
			) as `tag_count`
			FROM `msz_changelog_tags` as t
			ORDER BY t.`tag_id` ASC
			`');`
Added more typesafe shorthands for fetching database operations. 2019-01-09 19:06:02 +00:00			`tpl_var('changelog_tags', db_fetch_all($getTags));`
Restyled changelog related manage pages 2018-08-16 17:26:16 +00:00			`}`
changelog updates 2018-07-07 01:32:09 +00:00
Hardcoded changelog actions. 2019-04-11 22:31:23 +00:00			`echo tpl_render('manage.changelog.tags');`
changelog updates 2018-07-07 01:32:09 +00:00			`break;`

			`case 'tag':`
Rename global permission constants to make more sense. 2018-08-18 02:31:46 +00:00			`if (!perms_check($changelogPerms, MSZ_PERM_CHANGELOG_MANAGE_TAGS)) {`
Initial permission stuffs. 2018-07-07 23:24:34 +00:00			`echo render_error(403);`
			`break;`
			`}`

Revert fucking everything. 2019-03-18 20:47:25 +00:00			`$tagId = (int)($_GET['t'] ?? 0);`
changelog updates 2018-07-07 01:32:09 +00:00
cool new CSRF protection system 2018-10-02 19:16:42 +00:00			`if ($_SERVER['REQUEST_METHOD'] === 'POST' && csrf_verify('changelog_tag', $_POST['csrf'] ?? '')) {`
changelog updates 2018-07-07 01:32:09 +00:00			`if (!empty($_POST['tag']) && is_array($_POST['tag'])) {`
			`if ($tagId > 0) {`
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$updateTag = db_prepare('`
changelog updates 2018-07-07 01:32:09 +00:00			UPDATE `msz_changelog_tags`
			SET `tag_name` = :name,
			`tag_description` = :description,
			`tag_archived` = :archived
			WHERE `tag_id` = :id
			`');`
			`$updateTag->bindValue('id', $tagId);`
			`} else {`
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$updateTag = db_prepare('`
changelog updates 2018-07-07 01:32:09 +00:00			INSERT INTO `msz_changelog_tags`
			(`tag_name`, `tag_description`, `tag_archived`)
			`VALUES`
			`(:name, :description, :archived)`
			`');`
			`}`

			`$updateTag->bindValue('name', $_POST['tag']['name']);`
			`$updateTag->bindValue('description', $_POST['tag']['description']);`
Fixed tag archival. 2018-07-07 14:06:36 +00:00			`// this is fine, after being archived there shouldn't be any other changes being made`
			`$updateTag->bindValue('archived', empty($_POST['tag']['archived']) ? null : date('Y-m-d H:i:s'));`
changelog updates 2018-07-07 01:32:09 +00:00			`$updateTag->execute();`

			`if ($tagId < 1) {`
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$tagId = db_last_insert_id();`
Convert audit log strings to constants. 2018-12-15 18:46:48 +00:00			`audit_log(MSZ_AUDIT_CHANGELOG_TAG_EDIT, user_session_current('user_id', 0), [$tagId]);`
Add audit log backend stuff. 2018-07-17 17:17:57 +00:00			`header('Location: ?v=tag&t=' . $tagId);`
changelog updates 2018-07-07 01:32:09 +00:00			`return;`
Add audit log backend stuff. 2018-07-17 17:17:57 +00:00			`} else {`
Convert audit log strings to constants. 2018-12-15 18:46:48 +00:00			`audit_log(MSZ_AUDIT_CHANGELOG_TAG_CREATE, user_session_current('user_id', 0), [$tagId]);`
changelog updates 2018-07-07 01:32:09 +00:00			`}`
			`}`
			`}`

			`if ($tagId > 0) {`
Database stuff is now also procedural, would ya look at that. 2018-10-06 23:30:48 +00:00			`$getTag = db_prepare('`
changelog updates 2018-07-07 01:32:09 +00:00			SELECT `tag_id`, `tag_name`, `tag_description`, `tag_archived`, `tag_created`
			FROM `msz_changelog_tags`
			WHERE `tag_id` = :tag_id
			`');`
			`$getTag->bindValue('tag_id', $tagId);`
Added more typesafe shorthands for fetching database operations. 2019-01-09 19:06:02 +00:00			`$tag = db_fetch($getTag);`
changelog updates 2018-07-07 01:32:09 +00:00
			`if ($tag) {`
Restructure templating system. 2018-08-15 01:12:58 +00:00			`tpl_var('edit_tag', $tag);`
changelog updates 2018-07-07 01:32:09 +00:00			`} else {`
			`header('Location: ?v=tags');`
			`return;`
			`}`
			`}`

Restructure templating system. 2018-08-15 01:12:58 +00:00			`echo tpl_render('manage.changelog.tag_edit');`
changelog updates 2018-07-07 01:32:09 +00:00			`break;`
			`}`