/** * 初始化用户 */ public static function initUser(\firegit\http\Request $req, \firegit\http\Response $res) { if (preg_match('#^/(user|err|util)/#', $req->url)) { return; } $user = ''; $isAdmin = false; if (isset($_COOKIE['fuser'])) { $mod = new \firegit\app\mod\user\Grant(); $info = $mod->getUserFromCookie($_COOKIE['fuser']); if ($info && isset($info['username'])) { $user = $info['username']; } $isAdmin = $mod->isAdmin($user); } if (!$user) { Header("Location:/user/login"); //throw new \Exception('firegit.u_login'); } // 检查管理权限 if (strpos($req->url, '/guanli/') === 0 && !$isAdmin) { throw new \Exception('firegit.u_power'); } $req->setData('user', $user); $req->setData('isAdmin', $isAdmin); }
/** * 删除评论 * @param $commentId * @param $username * @throws \Exception comment.u_notfound 评论不存在 * @throws \Exception comment.u_power 不是评论创建者且不是管理员 */ function delComment($commentId, $username) { $db = Db::get('firegit'); $addUsername = $db->table('fg_comment')->field('username')->where(array('comment_id' => $commentId, 'comment_status' => 1))->getOne(); if (!$addUsername) { throw new \Exception('comment.u_notfound'); } if ($addUsername != $username) { $grant = new \firegit\app\mod\user\Grant(); if (!$grant->isAdmin($username)) { throw new \Exception('comment.u_power'); } } $db->table('fg_comment')->where(array('comment_id' => intval($commentId), 'username' => $username))->saveBody(array('comment_status' => -1))->update(); }