public function deleteAction()
{
if (!isset($_POST['id_article'])) {
return json_encode(["error" => "article_id missing"]);
}
$article_id = $_POST['id_article'];
$result = ArticleModel::getArticle($this->pdo, $article_id);
if ($result['id_user'] != $_SESSION['id_user']) {
return json_encode(['error' => 'utilisateur']);
}
ArticleModel::delete($this->pdo, $article_id);
return json_encode(["message" => "delete", "article_id" => $article_id]);
}
if ($article['acc_id'] != $account['acc_id']) {
return Helper::response(false, array(), 'Forbidden, article belongs to different account', 403);
}
$patched = ArticleModel::patchArticle($article['acc_id'], array('art_title' => $app->request->post('art_title', ''), 'art_body' => $app->request->post('art_body', '')));
if (!$patched) {
return Helper::response(false, array(), 'Application error', 500);
}
return Helper::response(true);
});
$app->post('/api-v1.0/article/delete/', function () use($app) {
if (!($account = Helper::checkSecret())) {
return;
}
$artId = $app->request->post('art_id');
if (empty($artId)) {
return Helper::response(false, array(), 'Bad request, art_id required', 400);
}
$article = ArticleModel::getArticle($artId);
if (empty($article)) {
return Helper::response(false, array(), 'Article not found', 404);
}
if ($article['acc_id'] != $account['acc_id']) {
return Helper::response(false, array(), 'Forbidden, article belongs to different account', 403);
}
$deleted = ArticleModel::deleteArticle($article['art_id']);
if (!$deleted) {
return Helper::response(false, array(), 'Application error', 500);
}
FB::log($deleted);
return Helper::response(true);
});
