diff options
Diffstat (limited to 'src/application/actions/locktopic/post.php')
| -rw-r--r-- | src/application/actions/locktopic/post.php | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/src/application/actions/locktopic/post.php b/src/application/actions/locktopic/post.php new file mode 100644 index 0000000..52c60b1 --- /dev/null +++ b/src/application/actions/locktopic/post.php @@ -0,0 +1,74 @@ +<?php + +use mystic\forum\orm\Topic; +use mystic\forum\orm\TopicLogMessage; +use mystic\forum\orm\User; +use mystic\forum\orm\UserPermissions; +use mystic\forum\utils\RequestUtils; + +$topicId = $_POST["topic"] ?? null; +if ($topicId === null) { + http_response_code(400); + msg_error(__("Missing topic id")); + exit; +} +RequestUtils::setFormErrorDestination($dest = "./?_action=viewtopic&topic=" . urlencode($topicId)); +$dest = "Location: $dest"; + +if (!$currentUser) { + http_response_code(403); + msg_error(__("You need to be logged in to lock topics!")); + exit; +} + +$formId = "locktopic"; +$locked = RequestUtils::getRequiredField("locked", $formId); +if ($locked === "true") { + $locked = true; +} elseif ($locked === "false") { + $locked = false; +} else RequestUtils::triggerFormError("Invalid value", $formId); + +$topic = new Topic(); +$topic->id = $topicId; + +if (!$db->fetch($topic)) { + http_response_code(404); + msg_error(__("No topic exists with this id")); + exit; +} + +$topicAuthor = new User(); +$topicAuthor->id = $topic->createdBy; + +if (!$db->fetch($topicAuthor)) + $topicAuthor = null; + +$canEdit = ($currentUser->id === $topicAuthor?->id && $topicAuthor?->hasPermission(UserPermissions::EDIT_OWN_TOPIC)) + || ($currentUser->hasPermission(UserPermissions::EDIT_OTHER_TOPIC)); + +if (!$canEdit) { + http_response_code(403); + msg_error(__("You don't have permission to lock or unlock this topic")); + exit; +} + +$topic->isLocked = $locked; + +$log = new TopicLogMessage(); +$log->id = $db->generateId(); +$log->topicId = $topic->id; +$log->authorId = $currentUser->id; +$log->params = []; +$log->type = $locked ? TopicLogMessage::LOCKED : TopicLogMessage::UNLOCKED; +$log->postDate = new \DateTimeImmutable(); + +$db->insert($log); + +if (!$db->update($topic)) { + http_response_code(500); + msg_error(__("Failed to lock or unlock topic")); + exit; +} + +header($dest); |