/** * Just a list of tags */ function getMyTags(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks) { $r = new folksoResponse(); $u = $fks->userSession(); if (!$u instanceof folksoUser) { if (!$q->is_param('uid')) { return $r->unAuthorized($u); // add message about logging in? } else { $userid = $q->get_param('uid'); } } $userid = $userid ? $userid : $u->userid; try { $i = new folksoDBinteract($dbc); $sql = sprintf(' select t.tagnorm, t.id, t.tagdisplay, count(te.tag_id) as cnt, tagtime' . ' from tag t ' . ' join tagevent te on t.id = te.tag_id ' . " where te.userid = '%s' " . ' group by t.tagnorm ' . ' order by tagtime ' . ' limit 50', $i->dbescape($userid)); $i->query($sql); } catch (dbException $e) { return $r->handleDBexception($e); } if ($i->rowCount == 0) { return $r->setOk(204, 'No tags found'); } $r->setOk(200, 'Tags found'); $df = new folksoDisplayFactory(); if ($q->content_type() == 'json') { $disp = $df->json(array('resid', 'tagnorm', 'link', 'tagdisplay', 'count')); } else { $disp = $df->simpleTagList('xml'); } $r->t($disp->startform()); while ($row = $i->result->fetch_object()) { $link = new folksoTagLink($row->tagnorm); $r->t($disp->line(htmlspecialchars($row->id), htmlspecialchars($row->tagnorm), htmlspecialchars($link->getLink()), htmlspecialchars($row->tagdisplay), htmlspecialchars($row->cnt))); } $r->t($disp->endform()); return $r; }
/** * rename tag * * rename, newname * */ function renameTag(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks) { $r = new folksoResponse(); $u = $fks->userSession(null, 'folkso', 'admin'); if (!$u instanceof folksoUser || !$u->checkUserRight('folkso', 'admin')) { return $r->unAuthorized($u); } try { $i = new folksoDBinteract($dbc); if (!$i->tagp($q->tag)) { $r->setError(404, 'Tag not found', 'Nothing to rename. No such tag: ' . $q->tag); return $r; } $query = "UPDATE tag\n SET tagdisplay = '" . $i->dbescape($q->get_param('newname')) . "', " . "tagnorm = normalize_tag('" . $i->dbescape($q->get_param('newname')) . "') " . "where "; if (is_numeric($q->tag)) { $query .= " id = " . $q->tag; } else { $query .= " tagnorm = normalize_tag('" . $i->dbescape($q->tag) . "')"; } $i->query($query); } catch (dbException $e) { return $r->handleDBexception($e); } $r->setOk(204, 'Tag renamed'); return $r; }
/** * Web params: POST + note + delete * * "note" must be a numerical note id. */ function rmNote(folksoquery $q, folksoDBconnect $dbc, folksoSession $fks) { $r = new folksoResponse(); $u = $fks->userSession(null, 'folkso', 'redac'); if (!$u instanceof folksoUser || !$u->checkUserRight('folkso', 'redac')) { return $r->unAuthorized($u); } try { $i = new folksoDBinteract($dbc); if (!is_numeric($q->get_param('note'))) { $r->setError(400, 'Bad note argument', $q->get_param('note') . ' is not a number'); return $r; } $sql = "DELETE FROM note WHERE id = " . $q->get_param('note'); $i->query($sql); } catch (dbException $e) { return $r->handleDBexception($e); } $r->setOk(200, 'Deleted'); $r->t("The note " . $q->get_param('note') . " was deleted."); return $r; }