public function delete()
{
$Category = new Category($this->db, $this->plural_resorce);
if (isset($_REQUEST['category_id'])) {
$user_id = $_SESSION['id'];
$category_id = $_REQUEST['category_id'];
// カテゴリーを検査する(本当にユーザー自身のカテゴリかどうか)
$sql = $Category->check($category_id);
$record = mysqli_query($this->db, $sql) or die(mysqli_error($this->db));
$table = mysqli_fetch_assoc($record);
// 本当にユーザー自身のカテゴリだったら
if ($table['user_id'] == $user_id) {
// カテゴリーの削除
$sql = $Category->delete($category_id);
mysqli_query($this->db, $sql) or die(mysqli_error($this->db));
// 削除したカテゴリーが設定されていたToDoのカテゴリ情報をクリア
$sql = $Category->clear($category_id);
mysqli_query($this->db, $sql) or die(mysqli_error($this->db));
}
}
header('Location: ../task/index');
exit;
}
/**
* Suppression d'une sous-categorie (seulement "desassociation")
*
* @param Category $fille Objet category
* @return int 1 : OK
* -3 : categorie ($this ou $fille) invalide
*/
function del_fille($fille)
{
if (!$this->check() || !$fille->check()) {
return -3;
}
$sql = "DELETE FROM " . MAIN_DB_PREFIX . "categorie_association";
$sql .= " WHERE fk_categorie_mere = " . $this->id . " and fk_categorie_fille = " . $fille->id;
if ($this->db->query($sql)) {
return 1;
} else {
$this->error = $this->db->error() . ' sql=' . $sql;
return -1;
}
}
public static function check($field, $value)
{
session_start();
$headers = apache_request_headers();
$token = $headers['X-Auth-Token'];
if (!$headers['X-Auth-Token']) {
header('Invalid CSRF Token', true, 401);
return print json_encode(array('success' => false, 'status' => 400, 'msg' => 'Invalid CSRF Token / Bad Request / Unauthorized ... Please Login again'), JSON_PRETTY_PRINT);
} else {
if ($token != $_SESSION['form_token']) {
header('Invalid CSRF Token', true, 401);
return print json_encode(array('success' => false, 'status' => 400, 'msg' => 'Invalid CSRF Token / Bad Request / Unauthorized ... Please Login again'), JSON_PRETTY_PRINT);
} else {
$value = strtolower($value);
$value = preg_replace('/\\s+/', '', $value);
Category::check($field, $value);
}
}
}
