function unTag(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks) { $r = new folksoResponse(); $u = $fks->userSession(null, 'folkso', 'tag'); if (!$u instanceof folksoUser || !$u->checkUserRight('folkso', 'tag')) { return $r->unAuthorized($u); } try { $i = new folksoDBinteract($dbc); $sql = ''; if (is_numeric($q->tag) && is_numeric($q->res)) { $sql = 'DELETE FROM tagevent ' . 'WHERE (tag_id = ' . $q->tag . ') ' . 'AND ' . '(resource_id = ' . $q->res . ') ' . ' and ' . "(userid = '" . $u->userid . "')"; } else { $query = 'DELETE FROM tagevent ' . 'USING tagevent JOIN resource r ON tagevent.resource_id = r.id ' . 'JOIN tag t ON tagevent.tag_id = t.id '; $where = 'WHERE'; if (is_numeric($q->tag)) { $where .= ' (tagevent.tag_id = ' . $q->tag . ') '; } else { $where .= " (t.tagnorm = normalize_tag('" . $i->dbescape($q->tag) . "')) "; } if (is_numeric($q->res)) { $where .= ' AND ' . ' (tagevent.resource_id = ' . $q->res . ') '; } else { $where .= ' AND ' . " (r.uri_normal = url_whack('" . $i->dbescape($q->res) . "')) "; } $where .= " and (tagevent.userid = '" . $u->userid . "')"; $sql = $query . $where; } $i->query($sql); } catch (dbException $e) { return $r->handleDBexception($e); } $r->setOK(200, 'Deleted'); return $r; }