[Astrospaces-commits] SF.net SVN: astrospaces: [90] trunk/functions/user.php

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 90
          http://astrospaces.svn.sourceforge.net/astrospaces/?rev=90&view=rev
Author:   deltalabs
Date:     2007-08-03 16:08:43 -0700 (Fri, 03 Aug 2007)

Log Message:
-----------
Finished edit_comment and delete_comment functions

Modified Paths:
--------------
    trunk/functions/user.php

Modified: trunk/functions/user.php
===================================================================

--- trunk/functions/user.php	2007-08-01 23:42:24 UTC (rev 89)
+++ trunk/functions/user.php	2007-08-03 23:08:43 UTC (rev 90)
@@ -349,13 +349,60 @@
             time() . ',' . $user->data['user_id'] . ',' . $id . ',' . $db->qstr($_POST['body']).')';
     	    if ($db->Execute($_query) === false)
             {
-                $error->general('<b>DB Error!</b>', 'session.php - add_comment(): '.$db->ErrorMsg());
+                $error->general('<b>DB Error!</b>', 'user.php - add_comment(): '.$db->ErrorMsg());
                 return false;
             }
     	    $session->action('2', $id);
     	}
     }
     /*
+	Function Name: delete_comment
+	Arguments: (int) id -- comment_ID of comment to be deleted
+	Purpose: Delete comment
+	*/
+    function delete_comment($id)
+    {
+        if (!is_numeric($id) and $id != null)
+        {
+            $error->general('Invalid userID', "Invalid userD = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+            return false;
+        }
+    	if($session->is_friend($id))
+    	{
+    	    /* Okay, we have permission to remove this comment */
+    	    $_query = 'DELETE FROM ' . AS_TBL_CMT . ' WHERE comment_id = ' . $id;
+    	    if ($db->Execute($_query) === false)
+            {
+                $error->general('<b>DB Error!</b>', 'user.php - delete_comment(): '.$db->ErrorMsg());
+                return false;
+            }
+    	}
+    }
+    /*
+	Function Name: edit_comment
+	Arguments: (int) id -- comment_ID of comment to be edited
+	Purpose: Edit comment
+	*/
+    function edit_comment($id)
+    {
+        if (!is_numeric($id) and $id != null)
+        {
+            $error->general('Invalid userID', "Invalid userD = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+            return false;
+        }
+    	if($session->is_friend($id))
+    	{
+    	    /* Okay, we have permission to edit this comment */
+    	    $_query = 'UPDATE ' . AS_TBL_CMT . ' SET comment = ' . $db->qstr($_POST['body']) . ' WHERE comment_id = '
+				. $id;
+    	    if ($db->Execute($_query) === false)
+            {
+                $error->general('<b>DB Error!</b>', 'user.php - edit_comment(): '.$db->ErrorMsg());
+                return false;
+            }
+    	}
+    }	
+    /*
 	Function Name: get_username
 	Arguments: (int) id -- User ID
 	Purpose: Fetch username of user based on their unique ID


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


