Backend for delete post
This commit is contained in:
Marijn Jansen
@@ -192,3 +192,56 @@ function deleteNietSlecht(int $postID, int $userID) {
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
}
|
||||
|
||||
function deletePost(int $postID, int $userID) {
|
||||
if (checkPermissionOnPost($postID, $userID)) {
|
||||
$stmt = prepareQuery("
|
||||
DELETE FROM
|
||||
`post`
|
||||
WHERE
|
||||
`postID` = :postID
|
||||
");
|
||||
$stmt->bindParam(":postID", $postID);
|
||||
$stmt->execute();
|
||||
}
|
||||
}
|
||||
|
||||
function checkPermissionOnPost(int $postID, int $userID) : bool {
|
||||
$getGroupID = prepareQuery("
|
||||
SELECT
|
||||
`author`,
|
||||
`groupID`
|
||||
FROM
|
||||
`post`
|
||||
WHERE
|
||||
`postID` = :postID
|
||||
");
|
||||
$getGroupID->bindParam(":postID", $postID);
|
||||
$getGroupID->execute();
|
||||
$postinfo = $getGroupID->fetch();
|
||||
|
||||
if ($postinfo["groupID"] == null) {
|
||||
// User post
|
||||
return ($userID == $postinfo["author"]);
|
||||
} else {
|
||||
// Group post
|
||||
$roleInGroup = getRoleInGroup($userID, $postinfo["groupID"]);
|
||||
return ($roleInGroup == "mod" or $roleInGroup == "admin");
|
||||
}
|
||||
}
|
||||
|
||||
function getRoleInGroup(int $userID, int $groupID) {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
`role`
|
||||
FROM
|
||||
`group_member`
|
||||
WHERE
|
||||
`userID` = :userID AND
|
||||
`groupID` = :groupID
|
||||
");
|
||||
$stmt->bindParam(":userID", $userID);
|
||||
$stmt->bindParam(":groupID", $groupID);
|
||||
$stmt->execute();
|
||||
return $stmt->fetch()["role"];
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user