diff --git a/website/public/API/deletePost.php b/website/public/API/deletePost.php new file mode 100644 index 0000000..fffadf5 --- /dev/null +++ b/website/public/API/deletePost.php @@ -0,0 +1,20 @@ += document.body.offsetHeight) { - // loadMorePosts(userID, groupID, postAmount, postLimit); - // } - // }); window.onscroll = function(ev) { if($(window).scrollTop() + $(window).height() == $(document).height() ) { loadMorePosts(userID, groupID, postAmount, postLimit); @@ -81,6 +71,13 @@ $(window).on("load", function() { }; }); +function closeModal() { + $(".modal").hide(); + scrollbarMargin(0, 'auto'); + $('#modal-response').hide(); + $('.modal-default').show(); +} + $(window).resize(function() { clearTimeout(window.resizedFinished); window.resizeFinished = setTimeout(function() { diff --git a/website/public/js/post.js b/website/public/js/post.js index 27bc34e..f176950 100644 --- a/website/public/js/post.js +++ b/website/public/js/post.js @@ -1,3 +1,4 @@ + function postComment(buttonValue) { formData = $("#newcommentform").serializeArray(); formData.push({name: "button", value: buttonValue}); @@ -19,4 +20,20 @@ function postComment(buttonValue) { ).done(function (data) { $('#modal-response').html(fancyText(data)); }); +} + +function deletePost(postID) { + var formData = [{name: "postID", value: postID}]; + $.post( + "API/deletePost.php", + formData + ).done(function (response) { + if (response == "frozen") { + alert("Je account is bevroren, dus je kan geen posts verwijderen. Contacteer een admin als je denkt dat dit onjuist is."); + } + }); + closeModal(); + masonry(masonryMode); + + } \ No newline at end of file diff --git a/website/public/styles/post-popup.css b/website/public/styles/post-popup.css index 67d7880..3f37ffd 100644 --- a/website/public/styles/post-popup.css +++ b/website/public/styles/post-popup.css @@ -83,4 +83,21 @@ vertical-align: middle; height: 24px; width: 24px; +} + +.deleteButton { + background-color: firebrick; + +} + +.deleteButton i { + display: inline-block; +} + +.deleteButton:hover span { + display: inline-block; +} + +.deleteButton span { + display: none; } \ No newline at end of file diff --git a/website/queries/post.php b/website/queries/post.php index db81892..ecc5c48 100644 --- a/website/queries/post.php +++ b/website/queries/post.php @@ -243,3 +243,56 @@ function deleteNietSlecht(int $postID, int $userID) { $stmt->execute(); return $stmt->rowCount(); } + +function deletePost(int $postID, int $userID) { + if (checkPermissionOnPost($postID, $userID)) { + $stmt = prepareQuery(" + DELETE FROM + `post` + WHERE + `postID` = :postID + "); + $stmt->bindParam(":postID", $postID); + $stmt->execute(); + } +} + +function checkPermissionOnPost(int $postID, int $userID) : bool { + $getGroupID = prepareQuery(" + SELECT + `author`, + `groupID` + FROM + `post` + WHERE + `postID` = :postID + "); + $getGroupID->bindParam(":postID", $postID); + $getGroupID->execute(); + $postinfo = $getGroupID->fetch(); + + if ($postinfo["groupID"] == null) { + // User post + return ($userID == $postinfo["author"]); + } else { + // Group post + $roleInGroup = getRoleInGroup($userID, $postinfo["groupID"]); + return ($roleInGroup == "mod" or $roleInGroup == "admin"); + } +} + +function getRoleInGroup(int $userID, int $groupID) { + $stmt = prepareQuery(" + SELECT + `role` + FROM + `group_member` + WHERE + `userID` = :userID AND + `groupID` = :groupID + "); + $stmt->bindParam(":userID", $userID); + $stmt->bindParam(":groupID", $groupID); + $stmt->execute(); + return $stmt->fetch()["role"]; +} diff --git a/website/views/post-view.php b/website/views/post-view.php index 11a985a..2ee2b66 100644 --- a/website/views/post-view.php +++ b/website/views/post-view.php @@ -6,7 +6,14 @@ session_start(); ?>

-
verwijder post
+ +
+ gepost door , '>