freepost codebase git repo

[[ 🗃 ^Avlxv freepost ]] :: [📥 Inbox] [📤 Outbox] [🐤 Followers] [🤝 Collaborators] [🛠 Commits]

Clone

HTTPS: git clone https://vervis.peers.community/repos/Avlxv

SSH: git clone USERNAME@vervis.peers.community:Avlxv

Branches

Tags

master ::

edit.php

<?php

/* This script is used to edit a user own post or comment */

require_once 'session.php';
require_once 'database.php';
require_once 'date.php';
require_once 'twig.php';

$db = new Database();
$db->connect();

// Must be logged in
if (!Session::is_valid ())
{
    header ('Location: ./');
    exit ();
}

// POST: save changes
if ($_SERVER['REQUEST_METHOD'] === 'POST')
{
    // Make sure we have a text
    if (!isset ($_POST['text']))
    {
        header ('Location: ./');
        exit ();
    }
    
    // Edit a post
    if (isset ($_POST['post']))
    {
        $post = $db->get_post ($_POST['post']);
        
        // Make sure user has the right to edit this post
        if ($post['userId'] != Session::get_userid ())
        {
            header ('Location: ./');
            exit ();
        }
        
        $db->edit_post ($_POST['text'], $post['hashId'], Session::get_userid ());
        
        header ('Location: ./post/' . $post['hashId']);
        exit ();
    }
    
    // Edit a comment
    if (isset ($_POST['comment']))
    {
        $comment = $db->get_comment ($_POST['comment']);
        
        // Make sure user has the right to edit this comment
        if ($comment['userId'] != Session::get_userid ())
        {
            header ('Location: ./');
            exit ();
        }
        
        $db->edit_comment ($_POST['text'], $comment['hashId'], Session::get_userid ());
        
        header ('Location: ./post/' . $comment['postHashId'] . '#comment-' . $comment['hashId']);
        exit ();
    }
    
    header ('Location: ./');
    exit ();
}


// GET: show reply page


// Must have a comment id (to reply to)
if (!isset ($_GET['post']) && !isset ($_GET['comment']))
{
    header ('Location: ./');
    exit ();
}

// Is user editing a post or a comment?
if (isset ($_GET['post']))
    $item = array(
        'type' => 'post',
        'data' => $db->get_post ($_GET['post']));
else
    $item = array(
        'type' => 'comment',
        'data' => $db->get_comment ($_GET['comment']));

// Make sure the user is the actual poster/commenter
if ($item['data']['userId'] != Session::get_userid ())
{
    header ('Location: ./');
    exit ();
}
        
// Render template
echo $twig->render (
    'edit.twig',
    array ('item' => $item));
[See repo JSON]