public function init(Website $website, Request $request) { $commentId = $request->getParamInt(0, 0); $repo = new CommentRepository($website->getDatabase()); $this->comment = $repo->getCommentOrFail($commentId); $user = $website->getAuth()->getCurrentUser(); // Check if user is allowed to delete this comment if ($user->getId() !== $this->comment->getUserId() && !$user->hasRank(Authentication::RANK_MODERATOR)) { throw new NotFoundException(); } // Check if form was submitted if (Validate::requestToken($request)) { $repo->deleteComment($commentId); $text = $website->getText(); $articleLink = $text->getUrlPage("article", $this->comment->getArticleId()); $text->addMessage($text->t("comments.comment") . ' ' . $text->t("editor.is_deleted"), Link::of($articleLink, $text->t("main.ok"))); } else { $this->requestToken = RequestToken::generateNew(); $this->requestToken->saveToSession(); } }
public function init(Website $website, Request $request) { $text = $website->getText(); $this->requestToken = RequestToken::generateNew(); $commentId = $request->getParamInt(0, 0); $auth = $website->getAuth(); $user = $auth->getCurrentUser(); $repo = new CommentRepository($website->getDatabase()); $this->comment = $repo->getCommentOrFail($commentId); if ($user->getId() !== $this->comment->getUserId() && !$user->hasRank(Authentication::RANK_MODERATOR)) { // Can only edit own comment unless moderator throw new NotFoundException(); } if ($request->hasRequestValue("submit") && Validate::requestToken($request)) { // Validate and save comment $this->updateCommentFromRequest($this->comment, $request); if ($repo->validateComment($this->comment, $text)) { $repo->saveComment($this->comment); $this->redirectLink = $this->comment->getUrl($text); } } $this->requestToken->saveToSession(); }