<?php
$rootpath = __DIR__ . '/../';
require_once __DIR__ . '/../lib/common.inc.php';
if (!isset($_SESSION['user_id'])) {
print 'no hacking please!';
exit;
}
$powerTrailId = (int) $_REQUEST['ptId'];
$commentId = (int) $_REQUEST['commentId'];
$callingUser = (int) $_REQUEST['callingUser'];
if ($callingUser != $_SESSION['user_id']) {
print 'wrong user!';
exit;
}
//get selected comment and check if it is $callingUser comment.
$commentDbRow = powerTrailBase::getSingleComment($commentId);
// check if user is owner of selected power Trail
if (powerTrailBase::checkIfUserIsPowerTrailOwner($_SESSION['user_id'], $powerTrailId) == 1 || $commentDbRow['userId'] == $callingUser) {
$query = 'UPDATE `PowerTrail_comments` SET `deleted` = 1 WHERE `id` = :1';
$db = \lib\Database\DataBaseSingleton::Instance();
$db->multiVariableQuery($query, $commentId);
if ($commentDbRow['commentType'] == 2) {
print '2';
$q = 'UPDATE `PowerTrail` SET `PowerTrail`.`conquestedCount`= (SELECT COUNT(*) FROM `PowerTrail_comments` WHERE `PowerTrail_comments`.`PowerTrailId` = :1 AND `PowerTrail_comments`.`commentType` = 2 AND `PowerTrail_comments`.`deleted` = 0 ) WHERE `PowerTrail`.`id` = :1 ';
$db->multiVariableQuery($q, $powerTrailId);
}
sendEmail::emailOwners($powerTrailId, $commentDbRow['commentType'], $commentDbRow['logDateTime'], $commentDbRow['commentText'], 'delComment', $commentDbRow['userId'], $_REQUEST['delReason']);
}