Nextrek
Subversion Repository Public Repository

Nextrek

URLs

Copy to Clipboard
Explore
Commits

Diff Revisions 723 vs 725 for /Android/SmartCharging/endPoints/nightly/edit_commento.php

Diff revisions: vs.
  @@ -14,6 +14,7 @@
14 14 $repo;
15 15
16 16 $user_id;
17 + $is_admin = false;
17 18
18 19 try {
19 20 $conn = new PDO("mysql:host=".DB_SERVERNAME.";dbname=".DB_NAME, DB_USERNAME, DB_PASSWORD);
  @@ -29,15 +30,27 @@
29 30
30 31 $user_id = UserRepository::getUserByToken($params["token"], $conn);
31 32
33 + if ($user_id == -1) {
34 + $is_admin = UserRepository::checkAdminByToken($params["token"], $conn);
35 + if (!$is_admin) { //controlla che l'utente sia amministratore
36 + $risposta = createErrorMessage(-1, "Token non valido");
37 + //$risposta["return"] = -1;
38 + echo json_encode($risposta);
39 + die();
40 + }
41 + }
42 +
32 43 $repo = new CommentRepository($conn);
33 44
34 - $oldComment = $repo->getCommentById($params["comment_id"])["comment"];
45 + if (!$is_admin) { //nel caso non sia ammministratore --> effettua controllo sull'utente
46 + $oldComment = $repo->getCommentById($params["comment_id"])["comment"];
35 47
36 - if (is_null($oldComment) || $oldComment->id_user != $user_id) { //l'utente non ha postato quel commento
37 - $risposta = createErrorMessage(-1, "Token non valido");
38 - //$risposta["return"] = -1;
39 - echo json_encode($risposta);
40 - die();
48 + if (is_null($oldComment) || $oldComment->id_user != $user_id) { //l'utente non ha postato quel commento
49 + $risposta = createErrorMessage(-1, "Token non valido");
50 + //$risposta["return"] = -1;
51 + echo json_encode($risposta);
52 + die();
53 + }
41 54 }
42 55
43 56 $risposta = $repo->editComment($params["comment_id"], $params["content"]);

View View this file contents

History View the full history

Feeds

Commits for /Android/SmartCharging/endPoints/nightly/edit_commento.php

Need assistance?   Get in touch, or head to our documentation site.