projects / atutor.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
remove old readme
[atutor.git] / docs / mods / _standard / blogs / delete_comment.php
1 <?php\r
2 /****************************************************************/\r
3 /* ATutor                                                                                                               */\r
4 /****************************************************************/\r
5 /* Copyright (c) 2002-2010                                      */\r
6 /* Inclusive Design Institute                                   */\r
7 /* http://atutor.ca                                                                                             */\r
8 /*                                                              */\r
9 /* This program is free software. You can redistribute it and/or*/\r
10 /* modify it under the terms of the GNU General Public License  */\r
11 /* as published by the Free Software Foundation.                                */\r
12 /****************************************************************/\r
13 // $Id$\r
14 \r
15 define('AT_INCLUDE_PATH', '../../../include/');\r
16 require(AT_INCLUDE_PATH.'vitals.inc.php');\r
17 \r
18 // authenticate ot+oid..\r
19 $owner_type = abs($_REQUEST['ot']);\r
20 $owner_id = abs($_REQUEST['oid']);\r
21 if (!($owner_status = blogs_authenticate($owner_type, $owner_id)) || !query_bit($owner_status, BLOGS_AUTH_WRITE)) {\r
22         $msg->addError('ACCESS_DENIED');\r
23         header('Location: index.php');\r
24         exit;\r
25 }\r
26 \r
27 $id = abs($_REQUEST['id']);\r
28 $delete_id = abs($_REQUEST['delete_id']);\r
29 \r
30 $sql = "SELECT post_id FROM ".TABLE_PREFIX."blog_posts WHERE owner_type=$owner_type AND owner_id=$owner_id AND post_id=$id";\r
31 $result = mysql_query($sql, $db);\r
32 if (!$row = mysql_fetch_assoc($result)) {\r
33         $msg->addError('ACCESS_DENIED');\r
34         header('Location: index.php');\r
35         exit;\r
36 }\r
37 \r
38 if (isset($_POST['submit_no'])) {\r
39         $msg->addFeedback('CANCELLED');\r
40         header('Location: '.url_rewrite('mods/_standard/blogs/post.php?ot='.$owner_type.SEP.'oid='.$owner_id.SEP.'id='.$id, AT_PRETTY_URL_IS_HEADER));\r
41         exit;\r
42 } else if (isset($_POST['submit_yes'])) {\r
43 \r
44         $sql = "DELETE FROM ".TABLE_PREFIX."blog_posts_comments WHERE comment_id=$delete_id AND post_id=$id";\r
45         $result = mysql_query($sql, $db);\r
46         if (mysql_affected_rows($db) == 1) {\r
47                 $sql = "UPDATE ".TABLE_PREFIX."blog_posts SET num_comments=num_comments-1, date=date WHERE owner_type=$owner_type AND owner_id=$owner_id AND post_id=$id";\r
48                 $result = mysql_query($sql, $db);\r
49         }\r
50 \r
51         $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');\r
52         header('Location: '.url_rewrite('mods/_standard/blogs/post.php?ot='.$owner_type.SEP.'oid='.$owner_id.SEP.'id='.$id, AT_PRETTY_URL_IS_HEADER));\r
53         exit;\r
54 }\r
55 \r
56 require(AT_INCLUDE_PATH.'header.inc.php');\r
57 \r
58 $hidden_vars = array('id' => $id, 'ot' => $owner_type, 'oid' => $owner_id, 'delete_id' => $delete_id);\r
59 //get the comment to print into the confirm box\r
60 $sql = 'SELECT comment FROM '.TABLE_PREFIX.'blog_posts_comments WHERE comment_id='.$delete_id;\r
61 $result = mysql_query($sql, $db);\r
62 $row = mysql_fetch_assoc($result);\r
63 \r
64 $msg->addConfirm(array('DELETE', AT_print($row['comment'], 'blog_posts_comments.comment')), $hidden_vars);\r
65 $msg->printConfirm();\r
66 \r
67 require(AT_INCLUDE_PATH.'footer.inc.php');\r
68 ?>
Course Management Learning Management Tools