summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Cochrane <mikec@mikenz.geek.nz>2008-07-20 08:45:52 -0400
committerMike Cochrane <mikec@mikenz.geek.nz>2008-07-20 08:45:52 -0400
commit060fecf5ec59202c5eaf3448f9723a81820d5735 (patch)
tree681838571c5db1aeb3a0dc1f5551be057f764aa0
parentde81e92f0b9b45c161912c920dd395c9cb1f1177 (diff)
Clean up delete code. Add missing htaccess rule. Exit after errors so the code doesn't continue running.
darcs-hash:20080720124552-533db-81be2c04445f146e477b1bb7e6e8e7d0eb27431d.gz
-rw-r--r--actions/deletenotice.php91
-rw-r--r--htaccess.sample1
-rw-r--r--lib/deleteaction.php48
3 files changed, 70 insertions, 70 deletions
diff --git a/actions/deletenotice.php b/actions/deletenotice.php
index 06c1bf27e..f2c040a5a 100644
--- a/actions/deletenotice.php
+++ b/actions/deletenotice.php
@@ -28,65 +28,64 @@ class DeletenoticeAction extends DeleteAction {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->delete_notice();
- } else if ($_SERVER['REQUEST_METHOD'] == 'GET') {
- $this->show_form();
+ } else if ($_SERVER['REQUEST_METHOD'] == 'GET') {
+ $this->show_form();
}
}
- function get_instructions() {
- return _('You are about to permanently delete a notice. Once this is done, it cannot be undone.');
- }
+ function get_instructions() {
+ return _('You are about to permanently delete a notice. Once this is done, it cannot be undone.');
+ }
function get_title() {
return _('Delete notice');
}
function show_form($error=NULL) {
- $user = common_current_user();
+ $user = common_current_user();
- common_show_header($this->get_title(), array($this, 'show_header'), array($q, $error),
+ common_show_header($this->get_title(), array($this, 'show_header'), NULL,
array($this, 'show_top'));
- common_element_start('form', array('id' => 'notice_delete_form',
- 'method' => 'post',
- 'action' => common_local_url('deletenotice')));
- common_hidden('notice', $this->trimmed(notice));
- common_element_start('p');
- common_element('span', array('id' => 'confirmation_text'),_('Are you sure you want to delete this notice?'));
+ common_element_start('form', array('id' => 'notice_delete_form',
+ 'method' => 'post',
+ 'action' => common_local_url('deletenotice')));
+ common_hidden('notice', $this->trimmed('notice'));
+ common_element_start('p');
+ common_element('span', array('id' => 'confirmation_text'), _('Are you sure you want to delete this notice?'));
- common_element('input', array('id' => 'submit_no',
- 'name' => 'submit',
- 'type' => 'submit',
- 'value' => _('No')));
- common_element('input', array('id' => 'submit_yes',
- 'name' => 'submit',
- 'type' => 'submit',
- 'value' => _('Yes')));
- common_element_end('p');
- common_element_end('form');
+ common_element('input', array('id' => 'submit_no',
+ 'name' => 'submit',
+ 'type' => 'submit',
+ 'value' => _('No')));
+ common_element('input', array('id' => 'submit_yes',
+ 'name' => 'submit',
+ 'type' => 'submit',
+ 'value' => _('Yes')));
+ common_element_end('p');
+ common_element_end('form');
common_show_footer();
}
- function delete_notice() {
- $url = common_get_returnto();
- $confirmed = $this->trimmed('submit');
- if ($confirmed == 'Yes') {
- $user = common_current_user();
- $notice_id = $this->trimmed('notice');
- $notice = Notice::staticGet($notice_id);
- $replies = new Reply;
- $replies->get('notice_id', $notice_id);
-
- common_dequeue_notice($notice);
- $replies->delete();
- $notice->delete();
- }
- else {
- if ($url) {
- common_set_returnto(NULL);
- } else {
- $url = common_local_url('public');
- }
- }
- common_redirect($url);
- }
+ function delete_notice() {
+ $url = common_get_returnto();
+ $confirmed = $this->trimmed('submit');
+ if ($confirmed == _('Yes')) {
+ $user = common_current_user();
+ $notice_id = $this->trimmed('notice');
+ $notice = Notice::staticGet($notice_id);
+ $replies = new Reply;
+ $replies->get('notice_id', $notice_id);
+
+ common_dequeue_notice($notice);
+ $replies->delete();
+ $notice->delete();
+ } else {
+ if ($url) {
+ common_set_returnto(NULL);
+ } else {
+ $url = common_local_url('public');
+ }
+ }
+ common_redirect($url);
+ }
}
diff --git a/htaccess.sample b/htaccess.sample
index 7ec889bc1..21c12f2eb 100644
--- a/htaccess.sample
+++ b/htaccess.sample
@@ -41,6 +41,7 @@ RewriteRule ^search/notice/rss$ index.php?action=noticesearchrss [L,QSA]
RewriteRule ^notice/new$ index.php?action=newnotice [L,QSA]
RewriteRule ^notice/(\d+)$ index.php?action=shownotice&notice=$1 [L,QSA]
+RewriteRule ^deletenotice/((\d+))?$ index.php?action=deletenotice&notice=$2 [L,QSA]
RewriteRule ^user/(\d+)$ index.php?action=userbyid&id=$1 [L,QSA]
diff --git a/lib/deleteaction.php b/lib/deleteaction.php
index 5d7a3245a..5ba0e7e44 100644
--- a/lib/deleteaction.php
+++ b/lib/deleteaction.php
@@ -23,39 +23,39 @@ class DeleteAction extends Action {
function handle($args) {
parent::handle($args);
- $user = common_current_user();
- $notice_id = $this->trimmed('notice');
- $notice = Notice::staticGet($notice_id);
- $profile = $notice->getProfile();
- $user_profile = $user->getProfile();
-
- if (!common_logged_in()) {
- common_user_error(_('Not logged in.'));
- } else if ($notice->profile_id != $user_profile->id) {
- common_user_error(_('Can\'t delete this notice.'));
- }
+ $user = common_current_user();
+ $notice_id = $this->trimmed('notice');
+ $notice = Notice::staticGet($notice_id);
+ if (!$notice) {
+ common_user_error(_('No such notice.'));
+ exit;
+ }
+
+ $profile = $notice->getProfile();
+ $user_profile = $user->getProfile();
+
+ if (!common_logged_in()) {
+ common_user_error(_('Not logged in.'));
+ exit;
+ } else if ($notice->profile_id != $user_profile->id) {
+ common_user_error(_('Can\'t delete this notice.'));
+ exit;
+ }
}
function show_top($arr=NULL) {
- if ($arr) {
- $error = $arr[1];
- }
- if ($error) {
- common_element('p', 'error', $error);
- } else {
- $instr = $this->get_instructions();
- $output = common_markup_to_html($instr);
- common_element_start('div', 'instructions');
- common_raw($output);
- common_element_end('div');
- }
+ $instr = $this->get_instructions();
+ $output = common_markup_to_html($instr);
+ common_element_start('div', 'instructions');
+ common_raw($output);
+ common_element_end('div');
}
function get_title() {
return NULL;
}
- function show_header($arr) {
+ function show_header() {
return;
}
}