|
|
@ -33,6 +33,9 @@ switch ($VARS['action']) {
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
if ($database->has('publications', ['pubid' => $VARS['pubid']])) {
|
|
|
|
if ($database->has('publications', ['pubid' => $VARS['pubid']])) {
|
|
|
|
$insert = false;
|
|
|
|
$insert = false;
|
|
|
|
|
|
|
|
if ($database->get("publications", 'uid', ['pubid' => $VARS['pubid']]) != $_SESSION['uid']) {
|
|
|
|
|
|
|
|
returnToSender("no_permission");
|
|
|
|
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
returnToSender("invalid_pubid");
|
|
|
|
returnToSender("invalid_pubid");
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -98,6 +101,9 @@ switch ($VARS['action']) {
|
|
|
|
returnToSender("pub_saved");
|
|
|
|
returnToSender("pub_saved");
|
|
|
|
case "deletepub":
|
|
|
|
case "deletepub":
|
|
|
|
if ($database->has('publications', ['pubid' => $VARS['pubid']])) {
|
|
|
|
if ($database->has('publications', ['pubid' => $VARS['pubid']])) {
|
|
|
|
|
|
|
|
if ($database->get("publications", 'uid', ['pubid' => $VARS['pubid']]) != $_SESSION['uid']) {
|
|
|
|
|
|
|
|
returnToSender("no_permission");
|
|
|
|
|
|
|
|
}
|
|
|
|
$database->delete('tiles', ['pubid' => $VARS['pubid']]);
|
|
|
|
$database->delete('tiles', ['pubid' => $VARS['pubid']]);
|
|
|
|
$database->delete('publications', ['pubid' => $VARS['pubid']]);
|
|
|
|
$database->delete('publications', ['pubid' => $VARS['pubid']]);
|
|
|
|
returnToSender("pub_deleted");
|
|
|
|
returnToSender("pub_deleted");
|
|
|
@ -109,6 +115,10 @@ switch ($VARS['action']) {
|
|
|
|
die(json_encode(["status" => "ERROR", "msg" => lang("invalid pubid", false)]));
|
|
|
|
die(json_encode(["status" => "ERROR", "msg" => lang("invalid pubid", false)]));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($database->get("publications", 'uid', ['pubid' => $VARS['pubid']]) != $_SESSION['uid']) {
|
|
|
|
|
|
|
|
die(json_encode(["status" => "ERROR", "msg" => lang("no permission", false)]));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$data = [
|
|
|
|
$data = [
|
|
|
|
"pubid" => $VARS['pubid'],
|
|
|
|
"pubid" => $VARS['pubid'],
|
|
|
|
"page" => $VARS['page'],
|
|
|
|
"page" => $VARS['page'],
|
|
|
@ -130,6 +140,10 @@ switch ($VARS['action']) {
|
|
|
|
die(json_encode(["status" => "ERROR", "msg" => lang("invalid tileid", false)]));
|
|
|
|
die(json_encode(["status" => "ERROR", "msg" => lang("invalid tileid", false)]));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($database->get("publications", 'uid', ['pubid' => $VARS['pubid']]) != $_SESSION['uid']) {
|
|
|
|
|
|
|
|
die(json_encode(["status" => "ERROR", "msg" => lang("no permission", false)]));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$database->delete('tiles', ["tileid" => $VARS['tileid']]);
|
|
|
|
$database->delete('tiles', ["tileid" => $VARS['tileid']]);
|
|
|
|
exit(json_encode(["status" => "OK"]));
|
|
|
|
exit(json_encode(["status" => "OK"]));
|
|
|
|
case "signout":
|
|
|
|
case "signout":
|
|
|
|