diff options
Diffstat (limited to 'mod/item.php')
-rw-r--r-- | mod/item.php | 107 |
1 files changed, 11 insertions, 96 deletions
diff --git a/mod/item.php b/mod/item.php index 776c0dcc2..98f4ff90c 100644 --- a/mod/item.php +++ b/mod/item.php @@ -22,6 +22,15 @@ function item_post(&$a) { $uid = local_user(); + if(x($_POST,'dropitems')) { + require_once('include/items.php'); + $arr_drop = explode(',',$_POST['dropitems']); + drop_items($arr_drop); + $json = array('success' => 1); + echo json_encode($json); + killme(); + } + call_hooks('post_local_start', $_POST); $parent = ((x($_POST,'parent')) ? intval($_POST['parent']) : 0); @@ -735,102 +744,8 @@ function item_content(&$a) { require_once('include/security.php'); - $uid = local_user(); - if(($a->argc == 3) && ($a->argv[1] === 'drop') && intval($a->argv[2])) { - - // locate item to be deleted - - $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", - intval($a->argv[2]) - ); - - if(! count($r)) { - notice( t('Item not found.') . EOL); - goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); - } - $item = $r[0]; - - // check if logged in user is either the author or owner of this item - - if(($_SESSION['visitor_id'] == $item['contact-id']) || ($_SESSION['uid'] == $item['uid'])) { - - // delete the item - - $r = q("UPDATE `item` SET `deleted` = 1, `body` = '', `edited` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1", - dbesc(datetime_convert()), - dbesc(datetime_convert()), - intval($item['id']) - ); - - // If item is a link to a photo resource, nuke all the associated photos - // (visitors will not have photo resources) - // This only applies to photos uploaded from the photos page. Photos inserted into a post do not - // generate a resource-id and therefore aren't intimately linked to the item. - - if(strlen($item['resource-id'])) { - q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ", - dbesc($item['resource-id']), - intval($item['uid']) - ); - // ignore the result - } - - // If item is a link to an event, nuke the event record. - - if(intval($item['event-id'])) { - q("DELETE FROM `event` WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval($item['event-id']), - intval($item['uid']) - ); - // ignore the result - } - - - // If it's the parent of a comment thread, kill all the kids - - if($item['uri'] == $item['parent-uri']) { - $r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s', `body` = '' - WHERE `parent-uri` = '%s' AND `uid` = %d ", - dbesc(datetime_convert()), - dbesc(datetime_convert()), - dbesc($item['parent-uri']), - intval($item['uid']) - ); - // ignore the result - } - else { - // ensure that last-child is set in case the comment that had it just got wiped. - q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d ", - dbesc(datetime_convert()), - dbesc($item['parent-uri']), - intval($item['uid']) - ); - // who is the last child now? - $r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 AND `uid` = %d ORDER BY `edited` DESC LIMIT 1", - dbesc($item['parent-uri']), - intval($item['uid']) - ); - if(count($r)) { - q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d LIMIT 1", - intval($r[0]['id']) - ); - } - } - $drop_id = intval($item['id']); - - // send the notification upstream/downstream as the case may be - - proc_run('php',"include/notifier.php","drop","$drop_id"); -// We seem to lose the return url occasionally. Have not been able to reliably duplicate -// logger('drop_return_url: ' . $_SESSION['return_url']); - goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); - //NOTREACHED - } - else { - notice( t('Permission denied.') . EOL); - goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); - //NOTREACHED - } + require_once('include/items.php'); + drop_item($a->argv[2]); } } |