diff --git a/assets/script.js b/assets/script.js index ba00dea..f132107 100644 --- a/assets/script.js +++ b/assets/script.js @@ -106,7 +106,7 @@ async function displayList(data, elementId, deleteFunction) { if ("function" === typeof deleteFunction) { const th = document.createElement("th"); - th.appendChild(document.createTextNode("Delete")); + th.appendChild(document.createTextNode("")); headerRow.appendChild(th); } @@ -120,7 +120,7 @@ async function displayList(data, elementId, deleteFunction) { if ("function" === typeof deleteFunction) { const td = document.createElement("td"); const deleteButton = document.createElement('button'); - deleteButton.textContent = "Delete"; + deleteButton.textContent = ""; deleteButton.onclick = () => deleteFunction(line.ID); td.appendChild(deleteButton); dataRow.appendChild(td); @@ -629,6 +629,20 @@ function addMeme() { xhr.send(formData); } +async function deleteMeme(memeId) { + let formData = new FormData(); + formData.append('action', 'deleteMeme'); + formData.append('meme_id', memeId); + + let xhr = new XMLHttpRequest(); + xhr.open('POST', '/meme', true); + xhr.onload = function () { + const resp = JSON.parse(xhr.responseText); + handleResponse(resp, "Meme bol zmazaný", "Nastala chyba pri mazaní meme-u"); + }; + xhr.send(formData); +} + async function getMemeImages() { let memeImageSelector = document.getElementById("meme_image_input"); let fileList = await getFileList(); diff --git a/endpoints/meme.php b/endpoints/meme.php index c9d1cb7..05d636f 100644 --- a/endpoints/meme.php +++ b/endpoints/meme.php @@ -8,6 +8,7 @@ function endpoint($endpoint_data): array return match ($endpoint_data["action"]) { "addMeme" => addMeme($endpoint_data['meme_title'], $endpoint_data['meme_text'], $endpoint_data['meme_image_id']), "renderGallery" => renderMemeGallery(), + "deleteMeme" => deleteMeme($endpoint_data['meme_id']), default => ["Status" => "Fail", "message" => "Invalid action"], }; } \ No newline at end of file diff --git a/lib/meme.php b/lib/meme.php index ecab241..8ef9c23 100644 --- a/lib/meme.php +++ b/lib/meme.php @@ -1,6 +1,7 @@ 0) { $stmtMemeAdd = $mysqli->prepare('INSERT INTO Memes (AuthorID, Title, TextContent, FileID) VALUES (?, ?, ?, ?)'); $stmtMemeAdd->bind_param('issi', $_SESSION['ID'], htmlspecialchars($title), htmlspecialchars($memeText), $imageID); - if($stmtMemeAdd->execute() && $stmtMemeAdd->affected_rows > 0) { + if ($stmtMemeAdd->execute() && $stmtMemeAdd->affected_rows > 0) { $output["Status"] = "Success"; $output["Meme"] = "Funny"; } @@ -17,7 +18,7 @@ function addMeme(string $title, string $memeText, int $imageID): array return $output; } -function renderMeme(string $title, string $textContent, string $createdAt, string $filePath, string $userNickname): string +function renderMeme(int $id, string $title, string $textContent, string $createdAt, string $filePath, string $userNickname): string { global $routerConfig; $meme_template = file_get_contents($routerConfig['template_dir'] . "meme.html"); @@ -26,6 +27,8 @@ function renderMeme(string $title, string $textContent, string $createdAt, strin $meme_out = str_replace('__TEMPLATE_MEME_AUTHOR__', htmlspecialchars($userNickname), $meme_out); $meme_out = str_replace('__TEMPLATE_MEME_DATE__', htmlspecialchars($createdAt), $meme_out); $meme_out = str_replace('__TEMPLATE_MEME_IMAGE__', '/' . htmlspecialchars($filePath), $meme_out); + $meme_out = str_replace('__TEMPLATE_MEME_DELETE_BUTTON__', isModerator() ? "" : '', $meme_out); + return str_replace('__TEMPLATE_MEME_TEXT__', htmlspecialchars($textContent), $meme_out); } @@ -54,7 +57,7 @@ function renderMemeGallery(): string $memes_out = ''; while ($stmtlist->fetch()) { if (str_starts_with($fileType, 'image')) { - $memes_out .= renderMeme($title, $textContent, $createdAt, $filePath, $userNickname); + $memes_out .= renderMeme($memeID, $title, $textContent, $createdAt, $filePath, $userNickname); } } $meme_gallery_out = str_replace('__TEMPLATE_MEMES_HERE__', $memes_out, $meme_gallery_template); @@ -62,4 +65,25 @@ function renderMemeGallery(): string // Close the statement $stmtlist->close(); return $meme_gallery_out; +} + +function deleteMeme(int $memeId): string +{ + global $mysqli; + $out = ["Status" => "Fail"]; + if (isLoggedIn()) { + $query = !isAdmin() ? 'DELETE FROM Memes WHERE ID = ? AND AuthorID = ?' : 'DELETE FROM Memes WHERE ID = ?'; + $stmtDelete = $mysqli->prepare($query); + if (!isAdmin()) { + $stmtDelete->bind_param('ii', $memeId, $_SESSION['id']); + } else { + $stmtDelete->bind_param('i', $memeId); + } + $stmtDelete->execute(); + $stmtDelete->fetch(); + if ($stmtDelete->affected_rows > 0) { + $out['Status'] = 'Success'; + } + } + return $out; } \ No newline at end of file diff --git a/lib/upload.php b/lib/upload.php index b0ebe91..cea1906 100644 --- a/lib/upload.php +++ b/lib/upload.php @@ -241,11 +241,23 @@ function getImageURL(int $imageFileID) :string function deleteFile(int $fileID) :string { + global $mysqli; $out = ["Status" => "Fail"]; - $file_location = fileExists($fileID, false); - if ($file_location){ - if(unlink($file_location)) { - $out['Status'] = 'Success'; + if(isLoggedIn()) { + $file_location = fileExists($fileID, !isAdmin()); + $query = !isAdmin() ? 'DELETE FROM Files WHERE ID = ? AND UploadedBy = ?' : 'DELETE FROM Files WHERE ID = ?'; + $stmtDelete = $mysqli->prepare($query); + if (!isAdmin()) { + $stmtDelete->bind_param('ii', $fileID, $_SESSION['id']); + } else { + $stmtDelete->bind_param('i', $fileID); + } + $stmtDelete->execute(); + $stmtDelete->fetch(); + if ($file_location) { + if (unlink($file_location) && $stmtDelete->affected_rows > 0) { + $out['Status'] = 'Success'; + } } } return $out; diff --git a/templates/meme.html b/templates/meme.html index 4683c28..8a3e016 100644 --- a/templates/meme.html +++ b/templates/meme.html @@ -2,6 +2,7 @@

__TEMPLATE_MEME_TITLE__

__TEMPLATE_MEME_AUTHOR__

+ __TEMPLATE_MEME_DELETE_BUTTON__

__TEMPLATE_MEME_DATE__

__TEMPLATE_MEME_TEXT__