Merge branch 'master' into hendrik-search

2017-01-31 15:32:09 +01:00
parent 78e96d5a74 2a37b9c64d
commit 93200d27c2
9 changed files with 300 additions and 173 deletions
--- a/website/public/API/postPost.php
+++ b/website/public/API/postPost.php
@@ -2,16 +2,53 @@

 session_start();

-require("../../queries/post.php");
-require("../../queries/connect.php");
-require("../../queries/checkInput.php");
+require_once("../../queries/post.php");
+require_once("../../queries/group_page.php");
+require_once("../../queries/connect.php");
+require_once("../../queries/checkInput.php");

-if (empty($_POST['newpost-title'])) {
-} else {
-    makePost($_SESSION['userID'],
-             null,
-             test_input($_POST['newpost-title']),
-             test_input($_POST['newpost-content']));
+if (empty($_POST["title"]) or
+    empty($_POST["content"]) or
+    empty($_SESSION["userID"])) {
+    header('HTTP/1.1 500 Non enough arguments');
 }

-header("Location: ../profile.php");
+if (empty($_POST["group"])) {
+    // User Post
+    makePost(
+        $_SESSION["userID"],
+        null,
+        test_input($_POST["title"]),
+        test_input($_POST["content"])
+        );
+} else {
+    // Group Post
+
+    // Check if the user is an admin or mod of the group.
+    if(!in_array(selectGroupRole($_POST["group"]), array('mod', 'admin'))) {
+        header('HTTP/1.1 500 Non enough rights');
+        return;
+    }
+
+    makePost(
+        $_SESSION["userID"],
+        $_POST["group"],
+        test_input($_POST["title"]),
+        test_input($_POST["content"])
+    );
+}
+
+
+
+
+
+
+//if (empty($_POST['newpost-title'])) {
+//} else {
+//    makePost($_SESSION['userID'],
+//             null,
+//             test_input($_POST['newpost-title']),
+//             test_input($_POST['newpost-content']));
+//}
+//
+//header("Location: ../profile.php");