home » zplus/freepost.git
ID: 0b5da3f13e0d9765c9e1899e6da4559a14506ddf
100 lines — 2K — View raw


/* This script is used to edit a user own post or comment */

require_once 'session.php';
require_once 'database.php';
require_once 'date.php';
require_once 'twig.php';

$db = new Database();

// Must be logged in
if (!Session::is_valid ())
    header ('Location: ./');
    exit ();

// POST: save changes
    // Make sure we have a text
    if (!isset ($_POST['text']))
        header ('Location: ./');
        exit ();
    // Edit a post
    if (isset ($_POST['post']))
        $post = $db->get_post ($_POST['post']);
        // Make sure user has the right to edit this post
        if ($post['userId'] != Session::get_userid ())
            header ('Location: ./');
            exit ();
        $db->edit_post ($_POST['text'], $post['hashId'], Session::get_userid ());
        header ('Location: ./post/' . $post['hashId']);
        exit ();
    // Edit a comment
    if (isset ($_POST['comment']))
        $comment = $db->get_comment ($_POST['comment']);
        // Make sure user has the right to edit this comment
        if ($comment['userId'] != Session::get_userid ())
            header ('Location: ./');
            exit ();
        $db->edit_comment ($_POST['text'], $comment['hashId'], Session::get_userid ());
        header ('Location: ./post/' . $comment['postHashId'] . '#comment-' . $comment['hashId']);
        exit ();
    header ('Location: ./');
    exit ();

// GET: show reply page

// Must have a comment id (to reply to)
if (!isset ($_GET['post']) && !isset ($_GET['comment']))
    header ('Location: ./');
    exit ();

// Is user editing a post or a comment?
if (isset ($_GET['post']))
    $item = array(
        'type' => 'post',
        'data' => $db->get_post ($_GET['post']));
    $item = array(
        'type' => 'comment',
        'data' => $db->get_comment ($_GET['comment']));

// Make sure the user is the actual poster/commenter
if ($item['data']['userId'] != Session::get_userid ())
    header ('Location: ./');
    exit ();
// Render template
echo $twig->render (
    array ('item' => $item));