$user = $comment->user;
$date = date("F d, Y", $comment->creation_date);
$text = $comment->text;
// Return comment to client
include '../../app/views/comments/show.php';
exit;
}
if ($method == 'DELETE') {
// Get form data
parse_str($_SERVER['QUERY_STRING'], $post_vars);
if (isset($post_vars['cid'])) {
$comment_id = $post_vars['cid'];
$comments = new CommentService();
$comment = $comments->get_comment($comment_id);
// Check existence
if (!isset($comment)) {
HttpService::return_not_found();
}
// Check permission
if (!AuthenticationService::can_delete_comment($comment)) {
HttpService::return_unauthorized();
}
// Delete article
$comments->delete_comment($comment_id);
HttpService::return_no_content();
}
HttpService::return_bad_request();
}
// Otherwise
HttpService::return_not_found();
/**
* Updates an existing article
*
* @param $id string
* the id of the article
* @param $title string
* the title of the article
* @param $keyword_string string
* a string containing the keywords separated with space
* @param $content string
* the content of the article in block code
*/
public function update_article($id, $title, $keyword_string, $content)
{
$query = "SELECT * FROM article WHERE id = " . $id;
$result = $this->sql_con->query($query);
$row = mysqli_fetch_assoc($result);
if (!isset($row)) {
HttpService::return_not_found();
}
$change_date = time();
$query = "UPDATE article SET title = '{$title}', text = '{$content}', change_date = '{$change_date}' WHERE id = '{$id}'";
$result = $this->sql_con->query($query);
if (!isset($result)) {
HttpService::return_not_found();
}
$this->updateKeywords($id, $keyword_string);
}
