X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fdeletenotice.php;h=ba8e86d0f495b7d4227b32ba1f0820b3cb3f471f;hb=7abf48932b35ce178d147cb62a5c83ca0f6d0cfc;hp=8022cfffd880df7883ce0d4cd3731d887b17f574;hpb=c8b8f07af14ad2ce9d0c0267962dd3bbf6473a4b;p=quix0rs-gnu-social.git diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 8022cfffd8..ba8e86d0f4 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -21,26 +21,56 @@ * * @category Personal * @package StatusNet - * @author Evan Prodromou - * @author Sarven Capadisli + * @author Evan Prodromou + * @author Sarven Capadisli * @copyright 2008 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ + * @link http://status.net/ */ -if (!defined('LACONICA')) { +if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } -require_once INSTALLDIR.'/lib/deleteaction.php'; - -class DeletenoticeAction extends DeleteAction +class DeletenoticeAction extends Action { - var $error = null; + var $error = null; + var $user = null; + var $notice = null; + var $profile = null; + var $user_profile = null; + + function prepare($args) + { + parent::prepare($args); + + $this->user = common_current_user(); + $notice_id = $this->trimmed('notice'); + $this->notice = Notice::staticGet($notice_id); + + if (!$this->notice) { + common_user_error(_('No such notice.')); + exit; + } + + $this->profile = $this->notice->getProfile(); + $this->user_profile = $this->user->getProfile(); + + return true; + } function handle($args) { parent::handle($args); + + if (!common_logged_in()) { + common_user_error(_('Not logged in.')); + exit; + } else if ($this->notice->profile_id != $this->user_profile->id && + !$this->user->hasRight(Right::DELETEOTHERSNOTICE)) { + common_user_error(_('Can\'t delete this notice.')); + exit; + } // XXX: Ajax! if ($_SERVER['REQUEST_METHOD'] == 'POST') {