Nextrek

Explore

Commits

@ HEAD

Nextrek / Android / SmartCharging / endPoints / nightly / edit_commento.php

<?php
	header("Access-Control-Allow-Origin: *");
    header('Content-Type: application/json; charset=UTF-8');

    require_once("constants.php");

	require_once("repositories/CommentRepository.php");
    require_once("repositories/UserRepository.php");

    $params = json_decode(file_get_contents('php://input'), true);

	$conn;
	$risposta = array();
	$repo;

    $user_id;
    $is_admin = false;

	try {
    	$conn = new PDO("mysql:host=".DB_SERVERNAME.";dbname=".DB_NAME, DB_USERNAME, DB_PASSWORD);
    	$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    	//echo "Connesso con successo al DB";

        if (!array_key_exists("token", $params) || $params["token"] === "") {
            //$risposta["return"] = -1;
            $risposta = createErrorMessage(-1, "Parametro \"token\" non valido");
            echo json_encode($risposta);
            die();
        }

        $user_id = UserRepository::getUserByToken($params["token"], $conn);

        if ($user_id == -1) {
            $is_admin = UserRepository::checkAdminByToken($params["token"], $conn);
            if (!$is_admin) { //controlla che l'utente sia amministratore
                $risposta = createErrorMessage(-1, "Token non valido");
                //$risposta["return"] = -1;
                echo json_encode($risposta);
                die();
            }
        }

    	$repo = new CommentRepository($conn);

        if (!$is_admin) { //nel caso non sia ammministratore --> effettua controllo sull'utente
            $oldComment = $repo->getCommentById($params["comment_id"])["comment"];

            if (is_null($oldComment) || $oldComment->id_user != $user_id) { //l'utente non ha postato quel commento
                $risposta = createErrorMessage(-1, "Token non valido");
                //$risposta["return"] = -1;
                echo json_encode($risposta);
                die();
            }
        }

    	$risposta = $repo->editComment($params["comment_id"], $params["content"]);
    }
	catch(PDOException $e)
    {
   		echo $e->getMessage();
        $risposta = createErrorMessage(1, "Errore DB");
   		//$risposta["return"] = 1;
        $risposta["content"] = "";
    }

    echo json_encode($risposta);
	$conn = null; //Close the connection to the DBMS

?>

Commits for Nextrek/Android/SmartCharging/endPoints/nightly/edit_commento.php

Revision	Author	Commited	Message
725 Diff	FSallustio	Wed 09 Sep, 2015 07:51:47 +0000	Gestione utenze admin in SC
723 Diff	FSallustio	Tue 08 Sep, 2015 15:05:25 +0000	Aggiunto check sull’associazione tra utente e token.
602	FSallustio	Fri 28 Aug, 2015 10:49:31 +0000

History View complete history Commits RSS feed for /Android/SmartCharging/endPoints/nightly/edit_commento.php

Need assistance? Get in touch, or head to our documentation site.

URLs

Nextrek / Android / SmartCharging / endPoints / nightly / edit_commento.php

Commits for Nextrek/Android/SmartCharging/endPoints/nightly/edit_commento.php