/** * Replies restful api */ public function action_reply() { $this->template = ""; $this->auto_render = FALSE; $droplet_id = intval($this->request->param('id', 0)); switch ($this->request->method()) { case "GET": $params = $this->request->query(); if (isset($params['since_id'])) { $since_id = intval($this->request->query('since_id')); $comments = Model_Droplet::get_comments($droplet_id, $since_id, TRUE); } else { $last_id = $this->request->query('last_id') ? intval($this->request->query('last_id')) : PHP_INT_MAX; $comments = Model_Droplet::get_comments($droplet_id, $last_id); if (empty($comments)) { throw new HTTP_Exception_404('The requested page was not found on this server.'); } } echo json_encode($comments); break; case "POST": // Is the logged in user an owner? if (!$this->owner) { throw new HTTP_Exception_403(); } // Get the POST data $body = json_decode($this->request->body(), TRUE); $comment = ORM::factory('droplet_comment'); $comment->comment_text = $body['comment_text']; $comment->droplet_id = intval($this->request->param('id', 0)); $comment->user_id = $this->user->id; $comment->save(); if ($comment->loaded()) { echo json_encode(array('id' => $comment->id, 'droplet_id' => $comment->droplet_id, 'comment_text' => $comment->comment_text, 'identity_user_id' => $this->user->id, 'identity_name' => $this->user->name, 'identity_avatar' => Swiftriver_Users::gravatar($this->user->email, 80), 'deleted' => FALSE, 'date_added' => date_format(date_create($comment->date_added), 'M d, Y H:i') . ' UTC')); } else { $this->response->status(400); } break; case "PUT": $comment_id = intval($this->request->param('id2', 0)); $comment = ORM::factory('droplet_comment', $comment_id); // Does the comment exist? if (!$comment->loaded()) { throw new HTTP_Exception_404(); } // Is owner of the comment logged in? if ($comment->user->id != $this->user->id) { throw new HTTP_Exception_403(); } $comment->deleted = TRUE; $comment->save(); break; } }