search

jwalanta / tit

Tiny Issue Tracker (PHP/SQLite, one-file issue tracker)
85 stars 11 forks source link

Various fixes #10

Open roytam1 opened 9 years ago

roytam1 commented 9 years ago

diff attached.

--- tit.orig.php    2014-05-14 05:27:22.000000000 +0800
+++ tit.php 2015-03-13 12:02:29.556125000 +0800
@@ -9,41 +9,44 @@

 ///////////////////
 // CONFIGURATION //
 ///////////////////

-if (!defined("TIT_INCLUSION"))
+if (!defined('TIT_INCLUSION'))
 {
-   $TITLE = "My Project";              // Project Title
-   $EMAIL = "noreply@example.com";     // "From" email address for notifications
+   $TITLE = 'My Project';              // Project Title
+   $EMAIL = 'noreply@example.com';     // "From" email address for notifications

    // Array of users.
    // Mandatory fields: username, password (md5 hash)
    // Optional fields: email, admin (true/false)

    $USERS = array(
-       array("username"=>"admin","password"=>md5("admin"),"email"=>"admin@example.com","admin"=>true),
-       array("username"=>"user" ,"password"=>md5("user") ,"email"=>"user@example.com"),
+       array('username'=>'admin','password'=>md5('admin'),'email'=>'admin@example.com','admin'=>true),
+       array('username'=>'user' ,'password'=>md5('user') ,'email'=>'user@example.com'),
    );

    // PDO Connection string ()
-   // eg, SQlite: sqlite:<filename> (Warning: if you're upgrading from an earlier version of TIT, you have to use "sqlite2"!)
+   // eg, SQlite: sqlite:<filename> (Warning: if you're upgrading from an earlier version of TIT, you have to use 'sqlite2'!)
    //     MySQL: mysql:dbname=<dbname>;host=<hostname>
-   $DB_CONNECTION = "sqlite:tit.db";
-   $DB_USERNAME = "";
-   $DB_PASSWORD = "";
+   $DB_CONNECTION = 'sqlite:tit.sdb';
+   $DB_USERNAME = '';
+   $DB_PASSWORD = '';

    // Select which notifications to send
-   $NOTIFY["ISSUE_CREATE"]     = TRUE;     // issue created
-   $NOTIFY["ISSUE_EDIT"]       = TRUE;     // issue edited
-   $NOTIFY["ISSUE_DELETE"]     = TRUE;     // issue deleted
-   $NOTIFY["ISSUE_STATUS"]     = TRUE;     // issue status change (solved / unsolved)
-   $NOTIFY["ISSUE_PRIORITY"]   = TRUE;     // issue status change (solved / unsolved)
-   $NOTIFY["COMMENT_CREATE"]   = TRUE;     // comment post
+   $NOTIFY['ISSUE_CREATE']     = TRUE;     // issue created
+   $NOTIFY['ISSUE_EDIT']       = TRUE;     // issue edited
+   $NOTIFY['ISSUE_DELETE']     = TRUE;     // issue deleted
+   $NOTIFY['ISSUE_STATUS']     = TRUE;     // issue status change (solved / unsolved)
+   $NOTIFY['ISSUE_PRIORITY']   = TRUE;     // issue status change (solved / unsolved)
+   $NOTIFY['COMMENT_CREATE']   = TRUE;     // comment post

    // Modify this issue types
-   $STATUSES = array(0 => "Active", 1 => "Resolved");
+   $STATUSES = array(0 => 'Active', 1 => 'Resolved', 2 => 'WontFix');
+
+   // default login banner
+   $message = '';
 }
 ////////////////////////////////////////////////////////////////////////
 ////// DO NOT EDIT BEYOND THIS IF YOU DON'T KNOW WHAT YOU'RE DOING /////
 ////////////////////////////////////////////////////////////////////////

@@ -54,12 +57,12 @@

 // Here we go...
 session_start();

 // check for login post
-if (isset($_POST["login"])){
-   $n = check_credentials($_POST["u"],md5($_POST["p"]));
+if (isset($_POST['login'])){
+   $n = check_credentials($_POST['u'],md5($_POST['p']));
    if ($n>=0){
        $_SESSION['tit']=$USERS[$n];

        header("Location: {$_SERVER['PHP_SELF']}");
    }
@@ -70,11 +73,11 @@
 if (isset($_GET['logout'])){
    $_SESSION['tit']=array();  // username
    header("Location: {$_SERVER['PHP_SELF']}");
 }

-if (isset($_GET['loginerror'])) $message = "Invalid username or password";
+if (isset($_GET['loginerror'])) $message = 'Invalid username or password';
 $login_html = "<html><head><title>Tiny Issue Tracker</title><style>body,input{font-family:sans-serif;font-size:11px;} label{display:block;}</style></head>
                             <body><h2>$TITLE - Issue Tracker</h2><p>$message</p><form method='POST'>
                             <label>Username</label><input type='text' name='u' />
                             <label>Password</label><input type='password' name='p' />
                             <label></label><input type='submit' name='login' value='Login' />
@@ -83,68 +86,68 @@
 // show login page on bad credential
 if (check_credentials($_SESSION['tit']['username'], $_SESSION['tit']['password'])==-1) die($login_html);

 // Check if db exists
 try{$db = new PDO($DB_CONNECTION, $DB_USERNAME, $DB_PASSWORD);}
-catch (PDOException $e) {die("DB Connection failed: ".$e->getMessage());}
+catch (PDOException $e) {die('DB Connection failed: '.$e->getMessage());}

 // create tables if not exist
 @$db->exec("CREATE TABLE issues (id INTEGER PRIMARY KEY, title TEXT, description TEXT, user TEXT, status INTEGER NOT NULL DEFAULT '0', priority INTEGER, notify_emails TEXT, entrytime DATETIME)");
-@$db->exec("CREATE TABLE comments (id INTEGER PRIMARY KEY, issue_id INTEGER, user TEXT, description TEXT, entrytime DATETIME)");
+@$db->exec('CREATE TABLE comments (id INTEGER PRIMARY KEY, issue_id INTEGER, user TEXT, description TEXT, entrytime DATETIME)');

-if (isset($_GET["id"])){
+if (isset($_GET['id'])){
    // show issue #id
    $id=pdo_escape_string($_GET['id']);
    $issue = $db->query("SELECT id, title, description, user, status, priority, notify_emails, entrytime FROM issues WHERE id='$id'")->fetchAll();
    $comments = $db->query("SELECT id, user, description, entrytime FROM comments WHERE issue_id='$id' ORDER BY entrytime ASC")->fetchAll();
 }

 // if no issue found, go to list mode
-if (count($issue)==0){
+if (!isset($issue) || (isset($issue) && count($issue)==0)){

    unset($issue, $comments);
    // show all issues

    $status = 0;
-   if (isset($_GET["status"]))
-       $status = (int)$_GET["status"];
+   if (isset($_GET['status']))
+       $status = (int)$_GET['status'];

    $issues = $db->query(
-       "SELECT id, title, description, user, status, priority, notify_emails, entrytime, comment_user, comment_time ".
-       " FROM issues ".
-       " LEFT JOIN (SELECT max(entrytime) as max_comment_time, issue_id FROM comments GROUP BY issue_id) AS cmax ON cmax.issue_id = issues.id".
-       " LEFT JOIN (SELECT user AS comment_user, entrytime AS comment_time, issue_id FROM comments ORDER BY issue_id DESC, entrytime DESC) AS c ON c.issue_id = issues.id AND cmax.max_comment_time = c.comment_time".
-       " WHERE status=".pdo_escape_string($status ? $status : "0 or status is null"). // <- this is for legacy purposes only
-       " ORDER BY priority, entrytime DESC")->fetchAll();
+       'SELECT id, title, description, user, status, priority, notify_emails, entrytime, comment_user, comment_time '.
+       ' FROM issues '.
+       ' LEFT JOIN (SELECT max(entrytime) as max_comment_time, issue_id FROM comments GROUP BY issue_id) AS cmax ON cmax.issue_id = issues.id'.
+       ' LEFT JOIN (SELECT user AS comment_user, entrytime AS comment_time, issue_id FROM comments ORDER BY issue_id DESC, entrytime DESC) AS c ON c.issue_id = issues.id AND cmax.max_comment_time = c.comment_time'.
+       ' WHERE status='.pdo_escape_string($status ? $status : '0 or status is null'). // <- this is for legacy purposes only
+       ' ORDER BY priority, entrytime DESC')->fetchAll();

-   $mode="list";
+   $mode='list';
 }
 else {
    $issue = $issue[0];
-   $mode="issue";
+   $mode='issue';
 }

 //
 // PROCESS ACTIONS
 //

 // Create / Edit issue
-if (isset($_POST["createissue"])){
+if (isset($_POST['createissue'])){

    $id=pdo_escape_string($_POST['id']);
    $title=pdo_escape_string($_POST['title']);
    $description=pdo_escape_string($_POST['description']);
    $priority=pdo_escape_string($_POST['priority']);
    $user=pdo_escape_string($_SESSION['tit']['username']);
-   $now=date("Y-m-d H:i:s");
+   $now=date('Y-m-d H:i:s');

    // gather all emails
    $emails=array();
    for ($i=0;$i<count($USERS);$i++){
-       if ($USERS[$i]["email"]!='') $emails[] = $USERS[$i]["email"];
+       if ($USERS[$i]['email']!='') $emails[] = $USERS[$i]['email'];
    }
-   $notify_emails = implode(",",$emails);
+   $notify_emails = implode(',',$emails);

    if ($id=='')
        $query = "INSERT INTO issues (title, description, user, priority, notify_emails, entrytime) values('$title','$description','$user','$priority','$notify_emails','$now')"; // create
    else
        $query = "UPDATE issues SET title='$title', description='$description' WHERE id='$id'"; // edit
@@ -152,11 +155,11 @@
    if (trim($title)!='') {     // title cant be blank
        @$db->exec($query);
        if ($id==''){
            // created
            $id=$db->lastInsertId();
-           if ($NOTIFY["ISSUE_CREATE"])
+           if ($NOTIFY['ISSUE_CREATE'])
                notify( $id,
                                "[$TITLE] New Issue Created",
                                "New Issue Created by {$user}\r\nTitle: $title\r\nURL: http://{$_SERVER['HTTP_HOST']}{$_SERVER['PHP_SELF']}?id=$id");
        }
        else{
@@ -170,100 +173,100 @@

    header("Location: {$_SERVER['PHP_SELF']}");
 }

 // Delete issue
-if (isset($_GET["deleteissue"])){
+if (isset($_GET['deleteissue'])){
    $id=pdo_escape_string($_GET['id']);
-   $title=get_col($id,"issues","title");
+   $title=get_col($id,'issues','title');

    // only the issue creator or admin can delete issue
-   if ($_SESSION['tit']['admin'] || $_SESSION['tit']['username']==get_col($id,"issues","user")){
+   if ($_SESSION['tit']['admin'] || $_SESSION['tit']['username']==get_col($id,'issues','user')){
        @$db->exec("DELETE FROM issues WHERE id='$id'");
        @$db->exec("DELETE FROM comments WHERE issue_id='$id'");

-       if ($NOTIFY["ISSUE_DELETE"])
+       if ($NOTIFY['ISSUE_DELETE'])
            notify( $id,
                            "[$TITLE] Issue Deleted",
                            "Issue deleted by {$_SESSION['tit']['username']}\r\nTitle: $title");
    }
    header("Location: {$_SERVER['PHP_SELF']}");

 }

 // Change Priority
-if (isset($_GET["changepriority"])){
+if (isset($_GET['changepriority'])){
    $id=pdo_escape_string($_GET['id']);
    $priority=pdo_escape_string($_GET['priority']);
    if ($priority>=1 && $priority<=3) @$db->exec("UPDATE issues SET priority='$priority' WHERE id='$id'");

-   if ($NOTIFY["ISSUE_PRIORITY"])
+   if ($NOTIFY['ISSUE_PRIORITY'])
        notify( $id,
                        "[$TITLE] Issue Priority Changed",
                        "Issue Priority changed by {$_SESSION['tit']['username']}\r\nTitle: ".get_col($id,"issues","title")."\r\nURL: http://{$_SERVER['HTTP_HOST']}{$_SERVER['PHP_SELF']}?id=$id");

    header("Location: {$_SERVER['PHP_SELF']}?id=$id");
 }

 // change status
-if (isset($_GET["changestatus"])){
+if (isset($_GET['changestatus'])){
    $id=pdo_escape_string($_GET['id']);
    $status=pdo_escape_string($_GET['status']);
    @$db->exec("UPDATE issues SET status='$status' WHERE id='$id'");

-   if ($NOTIFY["ISSUE_STATUS"])
+   if ($NOTIFY['ISSUE_STATUS'])
        notify( $id,
                        "[$TITLE] Issue Marked as ".$STATUSES[$status],
                        "Issue marked as {$STATUSES[$status]} by {$_SESSION['u']}\r\nTitle: ".get_col($id,"issues","title")."\r\nURL: http://{$_SERVER['HTTP_HOST']}{$_SERVER['PHP_SELF']}?id=$id");

    header("Location: {$_SERVER['PHP_SELF']}?id=$id");
 }

 // Unwatch
-if (isset($_POST["unwatch"])){
+if (isset($_POST['unwatch'])){
    $id=pdo_escape_string($_POST['id']);
    setWatch($id,false);       // remove from watch list
    header("Location: {$_SERVER['PHP_SELF']}?id=$id");
 }

 // Watch
-if (isset($_POST["watch"])){
+if (isset($_POST['watch'])){
    $id=pdo_escape_string($_POST['id']);
    setWatch($id,true);         // add to watch list
    header("Location: {$_SERVER['PHP_SELF']}?id=$id");
 }

 // Create Comment
-if (isset($_POST["createcomment"])){
+if (isset($_POST['createcomment'])){

    $issue_id=pdo_escape_string($_POST['issue_id']);
    $description=pdo_escape_string($_POST['description']);
    $user=$_SESSION['tit']['username'];
-   $now=date("Y-m-d H:i:s");
+   $now=date('Y-m-d H:i:s');

    if (trim($description)!=''){
        $query = "INSERT INTO comments (issue_id, description, user, entrytime) values('$issue_id','$description','$user','$now')"; // create
        $db->exec($query);
    }

-   if ($NOTIFY["COMMENT_CREATE"])
+   if ($NOTIFY['COMMENT_CREATE'])
        notify( $id,
                        "[$TITLE] New Comment Posted",
                        "New comment posted by {$user}\r\nTitle: ".get_col($id,"issues","title")."\r\nURL: http://{$_SERVER['HTTP_HOST']}{$_SERVER['PHP_SELF']}?id=$issue_id");

    header("Location: {$_SERVER['PHP_SELF']}?id=$issue_id");

 }

 // Delete Comment
-if (isset($_GET["deletecomment"])){
+if (isset($_GET['deletecomment'])){
    $id=pdo_escape_string($_GET['id']);
    $cid=pdo_escape_string($_GET['cid']);

    // only comment poster or admin can delete comment
-   if ($_SESSION['tit']['admin'] || $_SESSION['tit']['username']==get_col($cid,"comments","user"))
+   if ($_SESSION['tit']['admin'] || $_SESSION['tit']['username']==get_col($cid,'comments','user'))
        $db->exec("DELETE FROM comments WHERE id='$cid'");

    header("Location: {$_SERVER['PHP_SELF']}?id=$id");
 }

@@ -273,11 +276,11 @@

 // PDO quote, but without enclosing single-quote
 function pdo_escape_string($str){
    global $db;
    $quoted = $db->quote($str);
-   return ($db->quote("")=="''")?substr($quoted, 1, strlen($quoted)-2):$quoted;
+   return ($db->quote('')=="''")?substr($quoted, 1, strlen($quoted)-2):$quoted;
 }

 // check credentials, returns -1 if not okay
 function check_credentials($u, $p){
    global $USERS;
@@ -320,27 +323,27 @@
    if ($_SESSION['tit']['email']=='') return;

    $result = $db->query("SELECT notify_emails FROM issues WHERE id='$id'")->fetchAll();
    $notify_emails = $result[0]['notify_emails'];

-   $emails = $notify_emails ? explode(",",$notify_emails) : array();
+   $emails = $notify_emails ? explode(',',$notify_emails) : array();

    if ($addToWatch) $emails[] = $_SESSION['tit']['email'];
-   else $emails = array_filter( $emails, "watchFilterCallback" );
+   else $emails = array_filter( $emails, 'watchFilterCallback' );
    $emails = array_unique($emails);

-   $notify_emails = implode(",",$emails);
+   $notify_emails = implode(',',$emails);

    $db->exec("UPDATE issues SET notify_emails='$notify_emails' WHERE id='$id'");
 }

 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
-   <title><?php echo $TITLE, isset($_GET["id"]) ? (" - #".$_GET["id"]) : "" , " - Issue Tracker"; ?></title>
+   <title><?php echo $TITLE, isset($_GET['id']) ? (' - #'.$_GET['id']) : '' , ' - Issue Tracker'; ?></title>
    <meta http-equiv="content-type" content="text/html;charset=utf-8" />
    <style>
        html { overflow-y: scroll;}
        body { font-family: sans-serif; font-size: 11px; background-color: #aaa;}
        a, a:visited{color:#004989; text-decoration:none;}
@@ -367,41 +370,41 @@
 <body>
 <div id='container'>
    <div id="menu">
        <?php
            foreach($STATUSES as $code=>$name) {
-               $style=(isset($_GET[status]) && $_GET[status]==$code) || (isset($issue) && $issue['status']==$code)?"style='font-weight:bold;'":"";
+               $style=(isset($_GET['status']) && $_GET['status']==$code) || (isset($issue) && $issue['status']==$code)?"style='font-weight:bold;'":'';
                echo "<a href='{$_SERVER['PHP_SELF']}?status={$code}' alt='{$name} Issues' $style>{$name} Issues</a> | ";
            }
        ?>
        <a href="<?php echo $_SERVER['PHP_SELF']; ?>?logout" alt="Logout">Logout [<?php echo $_SESSION['tit']['username']; ?>]</a>
    </div>

    <h1><?php echo $TITLE; ?></h1>

-   <h2><a href="#" onclick="document.getElementById('create').className='';document.getElementById('title').focus();"><?php echo ($issue['id']==''?"Create":"Edit"); ?> Issue <?php echo $issue['id'] ?></a></h2>
+   <h2><a href="#" onclick="document.getElementById('create').className='';document.getElementById('title').focus();"><?php echo (!isset($issue['id']) || $issue['id']==''?'Create':'Edit'); ?> Issue <?php if(isset($issue['id'])) echo $issue['id'] ?></a></h2>
    <div id="create" class='<?php echo isset($_GET['editissue'])?'':'hide'; ?>'>
        <a href="#" onclick="document.getElementById('create').className='hide';" style="float: right;">[Close]</a>
        <form method="POST">
-           <input type="hidden" name="id" value="<?php echo $issue['id']; ?>" />
-           <label>Title</label><input type="text" size="50" name="title" id="title" value="<?php echo htmlentities($issue['title']); ?>" />
-           <label>Description</label><textarea name="description" rows="5" cols="50"><?php echo htmlentities($issue['description']); ?></textarea>
-           <label></label><input type="submit" name="createissue" value="<?php echo ($issue['id']==''?"Create":"Edit"); ?>" />
-<? if (!$issue['id']) { ?>
+           <input type="hidden" name="id" value="<?php echo isset($issue['id']) ? $issue['id'] : '0'; ?>" />
+           <label>Title</label><input type="text" size="50" name="title" id="title" value="<?php echo isset($issue['title']) ? htmlentities($issue['title']) : ''; ?>" />
+           <label>Description</label><textarea name="description" rows="5" cols="50"><?php echo isset($issue['description']) ? htmlentities($issue['description']) : ''; ?></textarea>
+           <label></label><input type="submit" name="createissue" value="<?php echo (!isset($issue['id']) || $issue['id']==''?'Create':'Edit'); ?>" />
+<? if (!isset($issue['id']) || !$issue['id']) { ?>
            Priority
                <select name="priority">
                    <option value="1">High</option>
                    <option selected value="2">Medium</option>
                    <option value="3">Low</option>
                </select>
 <? } ?>
        </form>
    </div>

-   <?php if ($mode=="list"): ?>
+   <?php if ($mode=='list'): ?>
    <div id="list">
-   <h2><?php if (isset($STATUSES[$_GET['status']])) echo $STATUSES[$_GET['status']]." "; ?>Issues</h2>
+   <h2><?php if (isset($_GET['status']) && isset($STATUSES[$_GET['status']])) echo $STATUSES[$_GET['status']].' '; ?>Issues</h2>
        <table border=1 cellpadding=5 width="100%">
            <tr>
                <th>ID</th>
                <th>Title</th>
                <th>Created by</th>
@@ -417,37 +420,37 @@
                echo "<tr class='p{$issue['priority']}'>\n";
                echo "<td>{$issue['id']}</a></td>\n";
                echo "<td><a href='?id={$issue['id']}'>".htmlentities($issue['title'],ENT_COMPAT,"UTF-8")."</a></td>\n";
                echo "<td>{$issue['user']}</td>\n";
                echo "<td>{$issue['entrytime']}</td>\n";
-               echo "<td>".($_SESSION['tit']['email']&&strpos($issue['notify_emails'],$_SESSION['tit']['email'])!==FALSE?"&#10003;":"")."</td>\n";
-               echo "<td>".($issue['comment_user'] ? date("M j",strtotime($issue['comment_time'])) . " (" . $issue['comment_user'] . ")" : "")."</td>\n";
+               echo '<td>'.($_SESSION['tit']['email']&&strpos($issue['notify_emails'],$_SESSION['tit']['email'])!==FALSE?'&#10003;':'')."</td>\n";
+               echo '<td>'.($issue['comment_user'] ? date('M j',strtotime($issue['comment_time'])) . ' (' . $issue['comment_user'] . ')' : '')."</td>\n";
                echo "<td><a href='?editissue&id={$issue['id']}'>Edit</a>";
                if ($_SESSION['tit']['admin'] || $_SESSION['tit']['username']==$issue['user']) echo " | <a href='?deleteissue&id={$issue['id']}' onclick='return confirm(\"Are you sure? All comments will be deleted too.\");'>Delete</a>";
                echo "</td>\n";
                echo "</tr>\n";
            }
            ?>
        </table>
    </div>
    <?php endif; ?>

-   <?php if ($mode=="issue"): ?>
+   <?php if ($mode=='issue'): ?>
    <div id="show">
        <div class="issue">
            <h2><?php echo htmlentities($issue['title'],ENT_COMPAT,"UTF-8"); ?></h2>
-           <p><?php echo nl2br( preg_replace("/([a-z]+:\/\/\S+)/","<a href='$1'>$1</a>", htmlentities($issue['description'],ENT_COMPAT,"UTF-8") ) ); ?></p>
+           <p><?php echo nl2br( preg_replace('/([a-z]+:\/\/\S+)/',"<a href='$1'>$1</a>", htmlentities($issue['description'],ENT_COMPAT,'UTF-8') ) ); ?></p>
        </div>
        <div class='left'>
            Priority <select name="priority" onchange="location='<?php echo $_SERVER['PHP_SELF']; ?>?changepriority&id=<?php echo $issue['id']; ?>&priority='+this.value">
-               <option value="1"<?php echo ($issue['priority']==1?"selected":""); ?>>High</option>
-               <option value="2"<?php echo ($issue['priority']==2?"selected":""); ?>>Medium</option>
-               <option value="3"<?php echo ($issue['priority']==3?"selected":""); ?>>Low</option>
+               <option value="1"<?php echo ($issue['priority']==1?'selected':''); ?>>High</option>
+               <option value="2"<?php echo ($issue['priority']==2?'selected':''); ?>>Medium</option>
+               <option value="3"<?php echo ($issue['priority']==3?'selected':''); ?>>Low</option>
            </select>
            Status <select name="priority" onchange="location='<?php echo $_SERVER['PHP_SELF']; ?>?changestatus&id=<?php echo $issue['id']; ?>&status='+this.value">
            <?php foreach($STATUSES as $code=>$name): ?>
-               <option value="<?php echo $code; ?>"<?php echo ($issue['status']==$code?"selected":""); ?>><?php echo $name; ?></option>
+               <option value="<?php echo $code; ?>"<?php echo ($issue['status']==$code?'selected':''); ?>><?php echo $name; ?></option>
            <?php endforeach; ?>
            </select>
        </div>
        <div class='left'>
            <form method="POST">
@@ -463,11 +466,11 @@
        <div class='clear'></div>
        <div id="comments">
            <?php
            if (count($comments)>0) echo "<h3>Comments</h3>\n";
            foreach ($comments as $comment){
-               echo "<div class='comment'><p>".nl2br( preg_replace("/([a-z]+:\/\/\S+)/","<a href='$1'>$1</a>",htmlentities($comment['description'],ENT_COMPAT,"UTF-8") ) )."</p>";
+               echo "<div class='comment'><p>".nl2br( preg_replace('/([a-z]+:\/\/\S+)/',"<a href='$1'>$1</a>",htmlentities($comment['description'],ENT_COMPAT,'UTF-8') ) ).'</p>';
                echo "<div class='comment-meta'><em>{$comment['user']}</em> on <em>{$comment['entrytime']}</em> ";
                if ($_SESSION['tit']['admin'] || $_SESSION['tit']['username']==$comment['user']) echo "<span class='right'><a href='{$_SERVER['PHP_SELF']}?deletecomment&id={$issue['id']}&cid={$comment['id']}' onclick='return confirm(\"Are you sure?\");'>Delete</a></span>";
                echo "</div></div>\n";
            }
            ?>
Gargaj commented 9 years ago

I just logged in And this is crazy But this is Github Pull request maybe?

jwalanta commented 9 years ago

Any rational reason for single quotes?

roytam1 commented 9 years ago

Pull request maybe?

I think a git apply is enough. ;)

Any rational reason for single quotes?

faster since it doesn't need to evaluate variables and most of escapes.