Clean up delete code. Add missing htaccess rule. Exit after errors so the code doesn't continue running.

darcs-hash:20080720124552-533db-81be2c04445f146e477b1bb7e6e8e7d0eb27431d.gz
This commit is contained in:
Mike Cochrane 2008-07-20 08:45:52 -04:00
parent de81e92f0b
commit 060fecf5ec
3 changed files with 69 additions and 69 deletions

View File

@ -44,12 +44,12 @@ class DeletenoticeAction extends DeleteAction {
function show_form($error=NULL) {
$user = common_current_user();
common_show_header($this->get_title(), array($this, 'show_header'), array($q, $error),
common_show_header($this->get_title(), array($this, 'show_header'), NULL,
array($this, 'show_top'));
common_element_start('form', array('id' => 'notice_delete_form',
'method' => 'post',
'action' => common_local_url('deletenotice')));
common_hidden('notice', $this->trimmed(notice));
common_hidden('notice', $this->trimmed('notice'));
common_element_start('p');
common_element('span', array('id' => 'confirmation_text'), _('Are you sure you want to delete this notice?'));
@ -69,7 +69,7 @@ class DeletenoticeAction extends DeleteAction {
function delete_notice() {
$url = common_get_returnto();
$confirmed = $this->trimmed('submit');
if ($confirmed == 'Yes') {
if ($confirmed == _('Yes')) {
$user = common_current_user();
$notice_id = $this->trimmed('notice');
$notice = Notice::staticGet($notice_id);
@ -79,8 +79,7 @@ class DeletenoticeAction extends DeleteAction {
common_dequeue_notice($notice);
$replies->delete();
$notice->delete();
}
else {
} else {
if ($url) {
common_set_returnto(NULL);
} else {

View File

@ -41,6 +41,7 @@ RewriteRule ^search/notice/rss$ index.php?action=noticesearchrss [L,QSA]
RewriteRule ^notice/new$ index.php?action=newnotice [L,QSA]
RewriteRule ^notice/(\d+)$ index.php?action=shownotice&notice=$1 [L,QSA]
RewriteRule ^deletenotice/((\d+))?$ index.php?action=deletenotice&notice=$2 [L,QSA]
RewriteRule ^user/(\d+)$ index.php?action=userbyid&id=$1 [L,QSA]

View File

@ -26,36 +26,36 @@ class DeleteAction extends Action {
$user = common_current_user();
$notice_id = $this->trimmed('notice');
$notice = Notice::staticGet($notice_id);
if (!$notice) {
common_user_error(_('No such notice.'));
exit;
}
$profile = $notice->getProfile();
$user_profile = $user->getProfile();
if (!common_logged_in()) {
common_user_error(_('Not logged in.'));
exit;
} else if ($notice->profile_id != $user_profile->id) {
common_user_error(_('Can\'t delete this notice.'));
exit;
}
}
function show_top($arr=NULL) {
if ($arr) {
$error = $arr[1];
}
if ($error) {
common_element('p', 'error', $error);
} else {
$instr = $this->get_instructions();
$output = common_markup_to_html($instr);
common_element_start('div', 'instructions');
common_raw($output);
common_element_end('div');
}
}
function get_title() {
return NULL;
}
function show_header($arr) {
function show_header() {
return;
}
}