<?php
/**
* Typeframe News application
*
* admin-side delete controller
*/
// save some typing below
$typef_app_dir = Typeframe::CurrentPage()->applicationUri();
// if not posting, bounce out of here
if ('POST' != $_SERVER['REQUEST_METHOD']) {
Typeframe::Redirect('Nothing to do.', $typef_app_dir);
return;
}
// create news article object from given id
$newsid = @$_POST['newsid'];
$article = Model_News_Article::Get($newsid);
// news article must exist to proceed
if (!$article->exists()) {
Typeframe::Redirect('Invalid article id specified.', $typef_app_dir);
return;
}
// current user must be the author of the article or an admin
if (Typeframe::User()->get('userid') != $article['authorid'] && Typeframe::User()->get('usergroupid') != TYPEF_ADMIN_USERGROUPID) {
Typeframe::Redirect("You cannot delete other users' news items.", $typef_app_dir, 1, false);
return;
}
// perform the delete
$article->delete();
// done
Typeframe::Redirect('Article has been deleted.', Plugin_Breadcrumbs::SavedState($typef_app_dir));
<?php
$article = Model_News_Article::Get($_REQUEST['newsid']);
if ($article->exists()) {
include 'form.inc.php';
if (!empty($_REQUEST['revisionid'])) {
$revisions = $article['revisions'];
$revision = Model_News_ArticleRevision::Get($_REQUEST['revisionid']);
$article->setArray(json_decode($revision['data'], true));
}
$pm->setVariable('article', $article);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
include 'update.inc.php';
if (!$article->dirty()) {
Typeframe::Redirect('Article updated.', Plugin_Breadcrumbs::SavedState(Typeframe::CurrentPage()->applicationUri()));
}
}
} else {
Typeframe::Redirect('Invalid article specified.', Plugin_Breadcrumbs::SavedState(Typeframe::CurrentPage()->applicationUri()), -1);
}
