From 64b1ec0fabbf7328a79a20ff58502ebfa80fad8b Mon Sep 17 00:00:00 2001 From: Jonas Kohl Date: Thu, 10 Oct 2024 17:33:13 +0200 Subject: Break up actions into individual files --- src/application/actions/updatepost/post.php | 66 +++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 src/application/actions/updatepost/post.php (limited to 'src/application/actions/updatepost/post.php') diff --git a/src/application/actions/updatepost/post.php b/src/application/actions/updatepost/post.php new file mode 100644 index 0000000..fb4b58a --- /dev/null +++ b/src/application/actions/updatepost/post.php @@ -0,0 +1,66 @@ +id = $postId; + +if (!$db->fetch($item) || $item->deleted) { + http_response_code(404); + msg_error(__("No post exists with this id")); + exit; +} + +$topicAuthor = new User(); +$topicAuthor->id = $item->authorId; + +if (!$db->fetch($topicAuthor)) + $topicAuthor = null; + +$canEdit = ($currentUser->id === $topicAuthor?->id && $topicAuthor?->hasPermission(UserPermissions::EDIT_OWN_POST)) + || ($currentUser->hasPermission(UserPermissions::EDIT_OTHER_POST)); + +$topic = new Topic(); +$topic->id = $item->topicId; + +if (!$db->fetch($topic)) + $topic = null; + +if ($topic->isLocked) { + http_response_code(403); + msg_error(__("This topic has been locked")); + exit; +} + +if (!$canEdit) { + http_response_code(403); + msg_error(__("You don't have permission to edit this post")); + exit; +} + +$confirm = $_POST["confirm"] ?? null; + +$item->content = $message; +$item->edited = true; + +if (!$db->update($item)) { + http_response_code(500); + msg_error(__("Failed to update post")); + exit; +} + +header("Location: ?_action=viewtopic&topic=" . urlencode($item->topicId) . "#post-" . urlencode($postId)); -- cgit v1.2.3