Nextrek
Diff Revisions 602 vs 723 for /Android/SmartCharging/endPoints/nightly/delete_commento.php
| @@ -13,19 +13,31 @@ | |||
| 13 | 13 | $risposta = array(); | |
| 14 | 14 | $repo; | |
| 15 | 15 | ||
| 16 | + | $user_id; | |
| 17 | + | ||
| 16 | 18 | try { | |
| 17 | 19 | $conn = new PDO("mysql:host=".DB_SERVERNAME.";dbname=".DB_NAME, DB_USERNAME, DB_PASSWORD); | |
| 18 | 20 | $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); | |
| 19 | 21 | //echo "Connesso con successo al DB"; | |
| 20 | 22 | ||
| 21 | - | if (!array_key_exists("token", $params) || !UserRepository::checkToken($params["token"], $conn)) { | |
| 23 | + | if (!array_key_exists("token", $params) || $params["token"] === "") { | |
| 22 | 24 | //$risposta["return"] = -1; | |
| 23 | - | $risposta = createErrorMessage(-1, "Token non valido"); | |
| 25 | + | $risposta = createErrorMessage(-1, "Parametro \"token\" non valido"); | |
| 24 | 26 | echo json_encode($risposta); | |
| 25 | 27 | die(); | |
| 26 | 28 | } | |
| 27 | 29 | ||
| 28 | - | $repo = new CommentRepository($conn); | |
| 30 | + | $user_id = UserRepository::getUserByToken($params["token"], $conn); | |
| 31 | + | ||
| 32 | + | $repo = new CommentRepository($conn); | |
| 33 | + | $oldComment = $repo->getCommentById($params["comment_id"])["comment"]; | |
| 34 | + | ||
| 35 | + | if ($oldComment->id_user != $user_id) { //l'utente non gestisce il locale | |
| 36 | + | $risposta = createErrorMessage(-1, "Token non valido"); | |
| 37 | + | //$risposta["return"] = -1; | |
| 38 | + | echo json_encode($risposta); | |
| 39 | + | die(); | |
| 40 | + | } | |
| 29 | 41 | ||
| 30 | 42 | $risposta = $repo->removeComment($params["comment_id"]); | |
| 31 | 43 | } | |
View this file contents
View the full history
Commits for