public function removeAction() { $id = isset($_POST["id"]) ? $_POST["id"] : null; $type = isset($_POST["type"]) ? $_POST["type"] : null; $userid = $this->session->userid; if ($_SERVER['REQUEST_METHOD'] != "POST" || $_SERVER["Repository_Enabled"] !== 'true' || is_numeric($userid) == false || is_numeric($id) === false || trim($type) == "") { header("Status: 404 Not Found"); return; } $type = strtolower(trim($type)); $isvalidRequest = false; switch ($type) { case "release": $isvalidRequest = Repository::canManageEntity($userid, $id, "release"); break; case "series": $isvalidRequest = Repository::canManageEntity($userid, $id, "repoarea"); break; default: break; } if (!$isvalidRequest) { header("Status: 404 Not Found"); return; } $output = ""; header("Content-Type: text/xml"); if ($type == "release") { $result = RepositoryBackend::removeRelease($id, $userid, $output); } else { $result = RepositoryBackend::removeSeries($id, $userid, $output); } echo $output; }