/**
* Ajax handler to delete an item and its votes.
*
* @return void
*/
public function action_delete()
{
if (isset($_POST['id']) and $item = ThumbsUp_Item::load((int) $_POST['id'])) {
$item->delete();
}
}
/**
* Looks at the POST data to catch a possible new vote. If one, the vote is
* completely validated first before being registered.
*
* @return boolean TRUE if a new vote was cast; FALSE otherwise
*/
public static function catch_vote()
{
// Immediately get out of here if no valid vote was cast.
// All required POST keys must be present.
if (!isset($_POST['thumbsup_id']) or !isset($_POST['thumbsup_vote']) or !isset($_POST['thumbsup_format'])) {
return FALSE;
}
// Has somebody been messing with the form?
// Well, we won't let them mess with us!
if (!preg_match('/^[0-9]++$/D', (string) $_POST['thumbsup_id']) or !is_string($format = $_POST['thumbsup_format'])) {
return FALSE;
}
// Clean form input
$id = (int) $_POST['thumbsup_id'];
$vote = (int) $_POST['thumbsup_vote'];
// Attempt to load the relevant ThumbsUp item.
// If the item doesn't exist, the id is invalid.
if (!($item = ThumbsUp_Item::load($id))) {
$error = 'invalid_id';
} elseif ($item->closed) {
$error = 'closed';
} elseif ($item->user_voted) {
$error = 'already_voted';
} elseif (ThumbsUp::config('user_login_required') and !self::get_user_id()) {
$error = 'login_required';
}
// All checks passed, yay!
if (empty($error)) {
// Update the vote count in the items table, and recalculate the vote results
$item->cast_vote($vote);
}
// Send an ajax response
if (self::is_ajax()) {
// Send the item back in JSON format
header('Content-Type: application/json; charset=utf-8');
if (!empty($error)) {
// Send back the error
echo json_encode(array('error' => $error));
} else {
// Format the result using the same format the item was created with
$item->format($format);
// Send back the updated item.
// Note: all the public properties of $item will be included.
echo json_encode(array('item' => $item));
}
}
// A new vote has been cast successfully
return empty($error);
}
