<?php
require_once 'header.php';
$controller = new ControllerStore();
$controllerReview = new ControllerReview();
$controllerUser = new ControllerUser();
if (!empty($_SERVER['QUERY_STRING'])) {
$extras = new Extras();
$store_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']);
$review_delete = $extras->decryptQuery2(KEY_SALT, $_SERVER['QUERY_STRING']);
$reviews = $controllerReview->getReviewsByStoreId($store_id);
$store = $controller->getStoreByStoreId($store_id);
if ($review_delete != null) {
$store_id = $review_delete[0];
$review_id = $review_delete[1];
$controllerReview->deleteReview($review_id, 1);
$viewUrl = $extras->encryptQuery1(KEY_SALT, 'store_id', $store_id, 'store_reviews_view.php');
echo "<script type='text/javascript'>location.href='{$viewUrl}';</script>";
}
if ($store_id == null) {
echo "<script type='text/javascript'>location.href='403.php';</script>";
}
}
?>
<!DOCTYPE html>
<html lang="en"><head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<?php
require '../header_rest.php';
$controllerRest = new ControllerRest();
$controllerUser = new ControllerUser();
$controllerReview = new ControllerReview();
$user_id = 0;
if (!empty($_POST['user_id'])) {
$user_id = $_POST['user_id'];
}
$store_id = 0;
if (!empty($_POST['store_id'])) {
$store_id = $_POST['store_id'];
}
$login_hash = 0;
if (!empty($_POST['login_hash'])) {
$login_hash = $_POST['login_hash'];
}
$review = "";
if (!empty($_POST['review'])) {
$review = $_POST['review'];
}
if (!empty($user_id) && !empty($store_id) && !empty($login_hash) && !empty($review)) {
if (!$controllerUser->isUserIdExistAndHash($user_id, $login_hash)) {
$json = "{ \"status\" : { \"status_code\" : \"3\", \"status_text\" : \"Invalid Access\" } }";
echo $json;
} else {
$itm = new Review();
$itm->review = $review;
$itm->store_id = $store_id;
$itm->user_id = $user_id;