$auth = Auth::getInstance();
$result = array("errCode" => "-1");
if ($auth->canReply()) {
$userID = $auth->getUserID();
$newsID = _get("newsID", 0);
// here, we have to GET params in POST method
$replyID = _get("replyID", 0);
$replyStatement = _post("replyStatement", "");
// deprecated in current design
$replyContent = _post("replyContent", "");
$replyType = _post("replyType", "");
if ($newsID <= 0 || $replyType == "" || $replyType != "like" && $replyContent == "") {
throw new Exception("missing parameters", -1);
}
$replyObj = new Reply();
$replyObj->saveReply($replyID, $newsID, $userID, $replyStatement, $replyContent, $replyType);
$result = $replyObj->getArray();
}
echo json_encode($result);
} else {
if (is_del()) {
$newsID = _get("newsID", 0);
$replyID = _get("replyID", 0);
$subReplyID = _get("subReplyID", 0);
if ($replyID == 0) {
throw new Exception("no such replyID", -1);
}
$auth = Auth::getInstance();
$replyObj = new Reply($replyID);
$userID = $replyObj->getReplyUserID($subReplyID);
if ($userID != $auth->getUserID()) {