function unTag(folksoQuery $q, folksoDBconnect $dbc, folksoSession $fks)
{
$r = new folksoResponse();
$u = $fks->userSession(null, 'folkso', 'tag');
if (!$u instanceof folksoUser || !$u->checkUserRight('folkso', 'tag')) {
return $r->unAuthorized($u);
}
try {
$i = new folksoDBinteract($dbc);
$sql = '';
if (is_numeric($q->tag) && is_numeric($q->res)) {
$sql = 'DELETE FROM tagevent ' . 'WHERE (tag_id = ' . $q->tag . ') ' . 'AND ' . '(resource_id = ' . $q->res . ') ' . ' and ' . "(userid = '" . $u->userid . "')";
} else {
$query = 'DELETE FROM tagevent ' . 'USING tagevent JOIN resource r ON tagevent.resource_id = r.id ' . 'JOIN tag t ON tagevent.tag_id = t.id ';
$where = 'WHERE';
if (is_numeric($q->tag)) {
$where .= ' (tagevent.tag_id = ' . $q->tag . ') ';
} else {
$where .= " (t.tagnorm = normalize_tag('" . $i->dbescape($q->tag) . "')) ";
}
if (is_numeric($q->res)) {
$where .= ' AND ' . ' (tagevent.resource_id = ' . $q->res . ') ';
} else {
$where .= ' AND ' . " (r.uri_normal = url_whack('" . $i->dbescape($q->res) . "')) ";
}
$where .= " and (tagevent.userid = '" . $u->userid . "')";
$sql = $query . $where;
}
$i->query($sql);
} catch (dbException $e) {
return $r->handleDBexception($e);
}
$r->setOK(200, 'Deleted');
return $r;
}
