$user = $comment->user; $date = date("F d, Y", $comment->creation_date); $text = $comment->text; // Return comment to client include '../../app/views/comments/show.php'; exit; } if ($method == 'DELETE') { // Get form data parse_str($_SERVER['QUERY_STRING'], $post_vars); if (isset($post_vars['cid'])) { $comment_id = $post_vars['cid']; $comments = new CommentService(); $comment = $comments->get_comment($comment_id); // Check existence if (!isset($comment)) { HttpService::return_not_found(); } // Check permission if (!AuthenticationService::can_delete_comment($comment)) { HttpService::return_unauthorized(); } // Delete article $comments->delete_comment($comment_id); HttpService::return_no_content(); } HttpService::return_bad_request(); } // Otherwise HttpService::return_not_found();
/** * Updates an existing article * * @param $id string * the id of the article * @param $title string * the title of the article * @param $keyword_string string * a string containing the keywords separated with space * @param $content string * the content of the article in block code */ public function update_article($id, $title, $keyword_string, $content) { $query = "SELECT * FROM article WHERE id = " . $id; $result = $this->sql_con->query($query); $row = mysqli_fetch_assoc($result); if (!isset($row)) { HttpService::return_not_found(); } $change_date = time(); $query = "UPDATE article SET title = '{$title}', text = '{$content}', change_date = '{$change_date}' WHERE id = '{$id}'"; $result = $this->sql_con->query($query); if (!isset($result)) { HttpService::return_not_found(); } $this->updateKeywords($id, $keyword_string); }