diff options
| -rw-r--r-- | includes/manage_post.php | 46 |
1 files changed, 0 insertions, 46 deletions
diff --git a/includes/manage_post.php b/includes/manage_post.php deleted file mode 100644 index fedc70e..0000000 --- a/includes/manage_post.php +++ /dev/null @@ -1,46 +0,0 @@ -<?php - -function delete_post($dbc, $post) { - $sql = "DELETE FROM posts WHERE post_id = $post->id"; - mysqli_query($dbc, $sql); - - $sql = "UPDATE categories SET `cat_post_count` = `cat_post_count` - '1' WHERE cat_id = " . $post->thread->category->id . ";"; - mysqli_query($dbc, $sql); -} - -include_once 'db_inc.php'; -include_once '../model/Post.php'; - -session_start(); - -if ($_SERVER['REQUEST_METHOD'] == 'GET') { - $action = filter_input(INPUT_GET, 'action', FILTER_SANITIZE_STRING); - $id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); - - $post = new Post(); - $post->get_from_database($id, $dbc); - - if (!isset($_SESSION['signed_in'])) { - echo 'You must be <a href="signin.php">signed in</a> to manage a post.'; - header("Location: /viewthread.php?id=" . $post->thread->id); - return; - } - - - if ($_SESSION['user_id'] != $post->author->id) { - echo "You can't manage another user's post!"; - header("Location: /viewthread.php?id=" . $post->thread->id); - return; - } - - switch ($action) { - case 'delete': - delete_post($dbc, $post); - break; - case 'edit': - edit_post(); - break; - } - - header("Location: /viewthread.php?id=" . $post->thread->id); -} |