/** * @param $id */ public static function delete($id) { $post = Posts::findByPK($id); if (!Request::is_authenticated()) { Response::redirect(''); } else { if (Request::user()->id !== $post['id_account']) { Session::push('flash-message', 'You does not have permission to delete the other Member\'s post!'); Response::redirect(''); } } # perform the post deletion Posts::delete($id); # redirect to main page Response::redirect(''); }
/** * @param $id */ public static function edit($id) { $post = Posts::findByPK($id); if (!Request::is_authenticated()) { Session::push('flash-message', 'You must login before!'); Response::redirect('login?next=post/edit/' . $id); } else { if (Request::user()->id !== $post['id_account']) { Session::push('flash-message', 'You does not have permission to edit the other Member\'s post!'); Response::redirect(''); } } if ("POST" == Request::method()) { $id_member = Request::user()->id; $data = Request::POST()->post; $title = Request::POST()->title; $cat = Request::POST()->category; Posts::edit($id, $id_member, $title, $data, $cat); } else { $users = Accounts::find(['type' => 2]); $categories = Categories::all(); View::render('member/edit-post', ['post' => $post, 'users' => $users, 'categories' => $categories]); } }
public static function incrementView($id) { $post = Posts::findByPK($id); $sql = sprintf("UPDATE `iniforum`.`posts`\n SET `viewers` = :view WHERE `posts`.`id` = :id"); $bindArray = [':id' => $id, ':view' => $post['viewers'] + 1]; self::query($sql, $bindArray); }