public function deleteAction()
{
// Get, check and setup the parameters
$comment_id = $this->getRequest()->getParam("id");
// Get the comment and source tables
$comments = new Comments();
$sources = new Sources();
// Check if the comment exist
if (!($comment = $comments->getComment($comment_id))) {
return $this->_helper->json->sendJson(true);
}
// Check if the comment belongs to the source
if (!($source = $sources->getSource($comment->source_id))) {
return $this->_helper->json->sendJson(true);
}
// Check if we are the owner of the source
if (!($source['user_id'] == $this->_application->user->id)) {
return $this->_helper->json->sendJson(true);
}
// All checks ok, we can delete !
$comments->deleteComment($comment_id);
return $this->_helper->json->sendJson(false);
}
public function deleteAction()
{
if (!$this->_authenticateUser()) {
return;
}
// Get the item
$item = $this->_getItemByIri($this->_getItemIri('item'));
if (!$this->_isItemExists($item)) {
return;
}
// Get the comment
$comment = $this->_getCommentByIri($this->getRequest()->getParam('commentid'));
if ($comment instanceof Comment) {
// Delete the comment
$comments = new Comments();
$comments->setUser($this->_application->user);
$comments->deleteComment($comment->getCommentId());
// Set responses and response code
$this->_buildResponse(Api_BaseController::HTTP_SUCCESS);
return;
}
// Set responses and response code
$this->_buildResponse(Api_BaseController::HTTP_FAILED, 'Comment does not exists');
}
} elseif (isset($_GET['action']) && $_GET['action'] == 'comment_delete') {
// Include and instantiate the comment class
include_once 'comments.inc.php';
$comments = new Comments();
echo $comments->confirmDelete($_GET['id']);
// If the confirmDelete() form was submitted, handle it here.
} elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['action'] == 'comment_delete') {
// If set, store the entry from which we came.
$loc = isset($_POST['url']) ? $_POST['url'] : '/';
// If the user clicked yes, continue with deletion.
if ($_POST['confirm'] == "Yes") {
// Include and instantiate the comments class.
include_once 'comments.inc.php';
$comments = new Comments();
// Delete the comment and return to the entry
if ($comments->deleteComment($_POST['id'])) {
header('Location: ' . $loc);
exit;
} else {
exit('Could not delete the comment.');
}
} else {
header('Location: ' . $loc);
exit;
}
} elseif ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['action'] == 'login' && !empty($_POST['username']) && !empty($_POST['password'])) {
// Connect to the database.
include_once 'db.inc.php';
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$sql = "SELECT COUNT(*) AS num_users\n FROM admin\n WHERE username=?\n AND password=SHA1(?)";
$stmt = $db->prepare($sql);
break;
case 'verify':
$check = $obj->verifyUser($_POST);
break;
default:
$check = false;
break;
}
$header = $check === true ? 'Location: /admin/' : "Location: /{$obj->url0}/error/";
}
}
} else {
if ($_POST['action'] == 'cmnt_post') {
$cmnt = new Comments();
$header = $cmnt->postComment();
} else {
if ($_GET['action'] == 'cmnt_delete') {
$cmnt = new Comments();
$header = $cmnt->deleteComment($_GET['bid'], $_GET['cmntid']);
} else {
if ($_GET['action'] == 'logout') {
$admin = new Admin();
$check = $admin->logout();
$header = $check === true ? 'Location: /' : 'Location: /admin/error/';
} else {
$header = "Location: /";
}
}
}
}
header($header);
/**
* funkce smaze komentar
* @param int $comment_id
* @return bool
*/
public function deleteComment($comment_id)
{
try {
return Comments::deleteComment($comment_id);
} catch (Exception $e) {
throw new RPCFault($e->getMessage(), $e->getCode(), $e->getCode());
}
}
<?php
include '../classes/class.comment.php';
$id = $_GET['id'];
$com = new Comments();
$com->comment_id = $id;
$com->deleteComment($id);
header('location:../public/Customer_feedback_6.php');
break;
case 'addcomment':
if (!empty($_POST['content'])) {
// Include database connection
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$comments = new Comments($db);
$comments->addcomment($_POST);
header('location: ' . $loc);
exit;
}
break;
case 'deletecomment':
// Include database connection
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$comments = new Comments($db);
$comments->deleteComment($_GET['url']);
header('location: ' . $loc);
exit;
break;
case 'editcomment':
// Include database connection
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
$comments = new Comments($db);
if (isset($_GET['action'])) {
$c = $comments->getComment($_GET['url']);
include_once 'views/editComment.php';
exit;
} else {
$c = $comments->addcomment($_POST);
header('location: /get-lucid/dreams/' . $_POST['url']);
exit;
<?php
include_once "../properties/serverproperties.php";
include_once '../classes/Comments.php';
$action = $_GET['action'];
if ($action == "delete" && isset($_GET['id'])) {
$id = $_GET['id'];
$receiverID = $_GET['receiver_id'];
Comments::deleteComment($id);
if (isset($_GET['screen']) && $_GET['screen'] == "home") {
header("location:{$serverRoot}charhome.php#three");
exit;
} else {
if (isset($_GET['screen']) && $_GET['screen'] == "externalProfile") {
header("location:{$serverRoot}externalplayerprofile.php?userID={$receiverID}#two");
exit;
} else {
header("location:{$serverRoot}profile.php#four");
exit;
}
}
} else {
if ($action == "post") {
$receiverID = $_POST['receiver_id'];
$senderID = $_POST['sender_id'];
$content = $_POST['content'];
$time = strftime('%c');
if (Comments::postComment($senderID, $receiverID, $content, $time)) {
if (isset($_GET['screen']) && $_GET['screen'] == "externalProfile") {
header("location:{$serverRoot}externalplayerprofile.php?userID={$receiverID}#two");
exit;
