forked from anegostudios/vsmoddb
-
Notifications
You must be signed in to change notification settings - Fork 0
/
delete-comment.php
36 lines (26 loc) · 1.03 KB
/
delete-comment.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<?php
if (empty($user)) {
header("Location: /login");
exit();
}
if (!$user['roleid']) {
$view->display("403");
exit();
}
$commentid = empty($_POST["commentid"]) ? 0 : $_POST["commentid"];
if (!empty($_POST["delete"])) {
$cmt = $con->getRow("select assetid, userid, text from comment where commentid=?", array($commentid));
if ($user['userid'] != $cmt['userid'] && $user['rolecode'] != 'admin' && $user['rolecode'] != 'moderator') {
$view->display("403");
exit();
}
$con->Execute("delete from comment where commentid=?", array($commentid));
$con->Execute("update `mod` set comments=(select count(*) from comment where assetid=?) where assetid=?", array($cmt["assetid"], $cmt["assetid"]));
$changelog = array("Deleted own comment");
if ($user['userid'] != $cmt['userid']) {
$changelog = array("Deleted comment (".$cmt["text"].") of user " . $user['userid']);
}
logAssetChanges($changelog, $cmt['assetid']);
exit(json_encode(array("ok" => 1)));
}
exit(json_encode(array("ok" => 0)));