use com\indigloo\Url; use com\indigloo\Logger; use com\indigloo\sc\auth\Login; use com\indigloo\Constants; use com\indigloo\ui\form\Sticky; use com\indigloo\ui\form\Message as FormMessage; use com\indigloo\sc\util\PseudoId; $sticky = new Sticky($gWeb->find(Constants::STICKY_MAP, true)); //q is part of URL and base64 encoded $qUrl = Url::tryBase64QueryParam("q", "/"); $fUrl = Url::current(); $itemId = Url::getQueryParam("id"); $postId = PseudoId::decode($itemId); $postDao = new \com\indigloo\sc\dao\Post(); $postDBRow = $postDao->getOnId($postId); if (!(Login::isOwner($postDBRow['login_id']) || Login::isAdmin())) { header("Location: /site/error/403.html"); exit; } ?> <!DOCTYPE html> <html> <head> <title>3mik.com - Delete a post</title> <?php include APP_WEB_DIR . '/inc/meta.inc'; ?> <?php echo \com\indigloo\sc\util\Asset::version("/css/bundle.css");
function delete($postId) { $loginId = NULL; if (\com\indigloo\sc\auth\Login::isAdmin()) { //inject right loginId for admins $postDBRow = $this->getOnId($postId); $loginId = $postDBRow["login_id"]; } else { $loginId = \com\indigloo\sc\auth\Login::getLoginIdInSession(); } mysql\Post::delete($postId, $loginId); }
include APP_WEB_DIR . '/inc/role/user.inc'; use com\indigloo\Util; use com\indigloo\Url; use com\indigloo\ui\form\Sticky; use com\indigloo\Constants; use com\indigloo\ui\form\Message as FormMessage; use com\indigloo\sc\auth\Login; use com\indigloo\sc\util\PseudoId; $sticky = new Sticky($gWeb->find(Constants::STICKY_MAP, true)); $encodedId = Url::getQueryParam("id"); $commentId = PseudoId::decode($encodedId); $qUrl = Url::tryBase64QueryParam("q", "/"); $fUrl = Url::current(); $commentDao = new com\indigloo\sc\dao\Comment(); $commentDBRow = $commentDao->getOnId($commentId); if (!(Login::isOwner($commentDBRow['login_id']) || Login::isAdmin())) { header("Location: /site/error/403.html"); exit; } $sticky = new Sticky($gWeb->find(Constants::STICKY_MAP, true)); $itemId = PseudoId::encode($commentDBRow['post_id']); ?> <!DOCTYPE html> <html> <head> <title> Edit Comment</title> <?php include APP_WEB_DIR . '/inc/meta.inc'; ?>
<?php header('Content-type: application/json'); include 'sc-app.inc'; include APP_WEB_DIR . '/inc/header.inc'; use com\indigloo\Util; use com\indigloo\sc\auth\Login; use com\indigloo\sc\ui\Constants as UIConstants; use com\indigloo\sc\util\Nest; use com\indigloo\sc\Constants as AppConstants; use com\indigloo\exception\DBException; set_exception_handler("webgloo_ajax_exception_handler"); //Admin login is required if (!Login::isAdmin()) { $message = array("code" => 401, "message" => "Authentication failure! Admin credentials missing."); $html = json_encode($message); echo $html; exit; } $postId = Util::getArrayKey($_POST, "postId"); // Action from UI is ADD | REMOVE // see com\indigloo\sc\ui\Constants file $action = Util::getArrayKey($_POST, "action"); $postDao = new \com\indigloo\sc\dao\Post(); $message = NULL; try { switch ($action) { case UIConstants::FEATURE_POST: $postDao->feature($postId); $message = sprintf("success! item %s added to featured posts", $postId); break;