Clean up delete code. Add missing htaccess rule. Exit after errors so the code doesn't continue running.

darcs-hash:20080720124552-533db-81be2c04445f146e477b1bb7e6e8e7d0eb27431d.gz
This commit is contained in:
Mike Cochrane 2008-07-20 08:45:52 -04:00
parent de81e92f0b
commit 060fecf5ec
3 changed files with 69 additions and 69 deletions

View File

@ -28,65 +28,64 @@ class DeletenoticeAction extends DeleteAction {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->delete_notice();
} else if ($_SERVER['REQUEST_METHOD'] == 'GET') {
$this->show_form();
} else if ($_SERVER['REQUEST_METHOD'] == 'GET') {
$this->show_form();
}
}
function get_instructions() {
return _('You are about to permanently delete a notice. Once this is done, it cannot be undone.');
}
function get_instructions() {
return _('You are about to permanently delete a notice. Once this is done, it cannot be undone.');
}
function get_title() {
return _('Delete notice');
}
function show_form($error=NULL) {
$user = common_current_user();
$user = common_current_user();
common_show_header($this->get_title(), array($this, 'show_header'), array($q, $error),
common_show_header($this->get_title(), array($this, 'show_header'), NULL,
array($this, 'show_top'));
common_element_start('form', array('id' => 'notice_delete_form',
'method' => 'post',
'action' => common_local_url('deletenotice')));
common_hidden('notice', $this->trimmed(notice));
common_element_start('p');
common_element('span', array('id' => 'confirmation_text'),_('Are you sure you want to delete this notice?'));
common_element_start('form', array('id' => 'notice_delete_form',
'method' => 'post',
'action' => common_local_url('deletenotice')));
common_hidden('notice', $this->trimmed('notice'));
common_element_start('p');
common_element('span', array('id' => 'confirmation_text'), _('Are you sure you want to delete this notice?'));
common_element('input', array('id' => 'submit_no',
'name' => 'submit',
'type' => 'submit',
'value' => _('No')));
common_element('input', array('id' => 'submit_yes',
'name' => 'submit',
'type' => 'submit',
'value' => _('Yes')));
common_element_end('p');
common_element_end('form');
common_element('input', array('id' => 'submit_no',
'name' => 'submit',
'type' => 'submit',
'value' => _('No')));
common_element('input', array('id' => 'submit_yes',
'name' => 'submit',
'type' => 'submit',
'value' => _('Yes')));
common_element_end('p');
common_element_end('form');
common_show_footer();
}
function delete_notice() {
$url = common_get_returnto();
$confirmed = $this->trimmed('submit');
if ($confirmed == 'Yes') {
$user = common_current_user();
$notice_id = $this->trimmed('notice');
$notice = Notice::staticGet($notice_id);
$replies = new Reply;
$replies->get('notice_id', $notice_id);
common_dequeue_notice($notice);
$replies->delete();
$notice->delete();
}
else {
if ($url) {
common_set_returnto(NULL);
} else {
$url = common_local_url('public');
}
}
common_redirect($url);
}
function delete_notice() {
$url = common_get_returnto();
$confirmed = $this->trimmed('submit');
if ($confirmed == _('Yes')) {
$user = common_current_user();
$notice_id = $this->trimmed('notice');
$notice = Notice::staticGet($notice_id);
$replies = new Reply;
$replies->get('notice_id', $notice_id);
common_dequeue_notice($notice);
$replies->delete();
$notice->delete();
} else {
if ($url) {
common_set_returnto(NULL);
} else {
$url = common_local_url('public');
}
}
common_redirect($url);
}
}

View File

@ -41,6 +41,7 @@ RewriteRule ^search/notice/rss$ index.php?action=noticesearchrss [L,QSA]
RewriteRule ^notice/new$ index.php?action=newnotice [L,QSA]
RewriteRule ^notice/(\d+)$ index.php?action=shownotice&notice=$1 [L,QSA]
RewriteRule ^deletenotice/((\d+))?$ index.php?action=deletenotice&notice=$2 [L,QSA]
RewriteRule ^user/(\d+)$ index.php?action=userbyid&id=$1 [L,QSA]

View File

@ -23,39 +23,39 @@ class DeleteAction extends Action {
function handle($args) {
parent::handle($args);
$user = common_current_user();
$notice_id = $this->trimmed('notice');
$notice = Notice::staticGet($notice_id);
$profile = $notice->getProfile();
$user_profile = $user->getProfile();
$user = common_current_user();
$notice_id = $this->trimmed('notice');
$notice = Notice::staticGet($notice_id);
if (!$notice) {
common_user_error(_('No such notice.'));
exit;
}
if (!common_logged_in()) {
common_user_error(_('Not logged in.'));
} else if ($notice->profile_id != $user_profile->id) {
common_user_error(_('Can\'t delete this notice.'));
}
$profile = $notice->getProfile();
$user_profile = $user->getProfile();
if (!common_logged_in()) {
common_user_error(_('Not logged in.'));
exit;
} else if ($notice->profile_id != $user_profile->id) {
common_user_error(_('Can\'t delete this notice.'));
exit;
}
}
function show_top($arr=NULL) {
if ($arr) {
$error = $arr[1];
}
if ($error) {
common_element('p', 'error', $error);
} else {
$instr = $this->get_instructions();
$output = common_markup_to_html($instr);
common_element_start('div', 'instructions');
common_raw($output);
common_element_end('div');
}
$instr = $this->get_instructions();
$output = common_markup_to_html($instr);
common_element_start('div', 'instructions');
common_raw($output);
common_element_end('div');
}
function get_title() {
return NULL;
}
function show_header($arr) {
function show_header() {
return;
}
}