<?php /** * Typeframe News application * * admin-side delete controller */ // save some typing below $typef_app_dir = Typeframe::CurrentPage()->applicationUri(); // if not posting, bounce out of here if ('POST' != $_SERVER['REQUEST_METHOD']) { Typeframe::Redirect('Nothing to do.', $typef_app_dir); return; } // create news article object from given id $newsid = @$_POST['newsid']; $article = Model_News_Article::Get($newsid); // news article must exist to proceed if (!$article->exists()) { Typeframe::Redirect('Invalid article id specified.', $typef_app_dir); return; } // current user must be the author of the article or an admin if (Typeframe::User()->get('userid') != $article['authorid'] && Typeframe::User()->get('usergroupid') != TYPEF_ADMIN_USERGROUPID) { Typeframe::Redirect("You cannot delete other users' news items.", $typef_app_dir, 1, false); return; } // perform the delete $article->delete(); // done Typeframe::Redirect('Article has been deleted.', Plugin_Breadcrumbs::SavedState($typef_app_dir));
<?php $article = Model_News_Article::Get($_REQUEST['newsid']); if ($article->exists()) { include 'form.inc.php'; if (!empty($_REQUEST['revisionid'])) { $revisions = $article['revisions']; $revision = Model_News_ArticleRevision::Get($_REQUEST['revisionid']); $article->setArray(json_decode($revision['data'], true)); } $pm->setVariable('article', $article); if ($_SERVER['REQUEST_METHOD'] == 'POST') { include 'update.inc.php'; if (!$article->dirty()) { Typeframe::Redirect('Article updated.', Plugin_Breadcrumbs::SavedState(Typeframe::CurrentPage()->applicationUri())); } } } else { Typeframe::Redirect('Invalid article specified.', Plugin_Breadcrumbs::SavedState(Typeframe::CurrentPage()->applicationUri()), -1); }