function apiAction($action) { global $errors; if (empty($errors)) { try { $action(); } catch (PDOException $e) { if ($e->errorInfo[0] === "23000") { apiAddError("Es existieren noch Verknüfungen."); } else { apiAddError($e->getMessage()); } } catch (Exception $e) { apiAddError($e->getMessage()); } } echo json_encode($errors); }
<?php include __DIR__ . "/include.php"; check_access(ADMIN); list($id, $table) = apiCheckParams("id", "table"); // user has special rules (can't delete admin) if (in_array($table, ["leckerwissen", "milestone", "suggested", "solved_challenge"])) { apiCheck(dbExists("SELECT id FROM {$table} WHERE id = :id", ['id' => $id]), "Eintrag existiert nicht!"); } else { apiAddError("Ungültiger Tabellenname"); } apiAction(function () use($id, $table) { dbExecute("DELETE FROM {$table} WHERE id = :id", ['id' => $id]); });
<?php include __DIR__ . "/include.php"; list($challenge, $type) = apiCheckParams("challenge", "type"); $challengeRow = fetch("SELECT name FROM challenge WHERE id = :challenge", ['challenge' => $challenge]); apiCheck($challengeRow !== false, "Challenge existiert nicht!"); if ($type !== TEACHER_PDF && $type !== PUPIL_PDF) { apiAddError("Ungültiger Typ"); } else { if ($type == TEACHER_PDF && !isLoggedIn()) { apiAddError("Nicht erlaubt!"); } else { $file = getPDFPath($challenge, $type); apiCheck(file_exists($file), "Datei existiert nicht!"); } } apiAction(function () use($file, $challengeRow, $type) { $filename = $challengeRow->name; // normalize filename // idea from http://stackoverflow.com/questions/2021624/string-sanitizer-for-filename $filename = mb_ereg_replace("(ä)", 'a', $filename); $filename = mb_ereg_replace("(ü)", 'u', $filename); $filename = mb_ereg_replace("(ö)", 'o', $filename); $filename = mb_ereg_replace("(Ä)", 'A', $filename); $filename = mb_ereg_replace("(Ü)", 'U', $filename); $filename = mb_ereg_replace("(Ö)", 'O', $filename); $filename = mb_ereg_replace("([^A-Za-z_0-9])", '', $filename); if ($type === TEACHER_PDF) { $filename .= "_Lehrer"; } // see http://stackoverflow.com/a/27805443