diff options
| author | ilotterytea <iltsu@alright.party> | 2025-05-14 23:52:11 +0500 |
|---|---|---|
| committer | ilotterytea <iltsu@alright.party> | 2025-05-14 23:52:11 +0500 |
| commit | 3f5765a05536a5b1e524bb4f4ffd290ff23a24af (patch) | |
| tree | 4f079b946129dff78a3c7299293672d6f87f04eb /public/emotes | |
| parent | 44334d654977ed4ecd601c7a47127f91dea1517d (diff) | |
feat: emote deletion
Diffstat (limited to 'public/emotes')
| -rw-r--r-- | public/emotes/delete.php | 47 | ||||
| -rw-r--r-- | public/emotes/index.php | 19 |
2 files changed, 66 insertions, 0 deletions
diff --git a/public/emotes/delete.php b/public/emotes/delete.php new file mode 100644 index 0000000..6252e45 --- /dev/null +++ b/public/emotes/delete.php @@ -0,0 +1,47 @@ +<?php +include_once "../../src/alert.php"; +include_once "../../src/config.php"; +include_once "../../src/accounts.php"; + +if (!authorize_user(true)) { + generate_alert("/account", "Not authorized", 403); + exit; +} + +if (!isset($_POST["id"])) { + generate_alert("/emotes", "Emote ID is not specified"); + exit; +} + +$emote_id = $_POST["id"]; +$user_id = $_SESSION["user_id"]; + +$db = new PDO(DB_URL, DB_USER, DB_PASS); + +$stmt = $db->prepare("SELECT uploaded_by, code FROM emotes WHERE id = ?"); +$stmt->execute([$emote_id]); + +if ($row = $stmt->fetch()) { + if ($row["uploaded_by"] === $user_id) { + $unlink = intval($_POST["unlink"] ?? "0") == 1; + + if ($unlink) { + $stmt = $db->prepare("UPDATE emotes SET uploaded_by = NULL WHERE id = ? AND uploaded_by = ?"); + $stmt->execute([$emote_id, $user_id]); + generate_alert("/emotes/?id=$emote_id", 'Your authorship has been removed for the emote "' . $row["code"] . '"', 200); + } else { + $stmt = $db->prepare("DELETE FROM emotes WHERE id = ? AND uploaded_by = ?"); + $stmt->execute([$emote_id, $user_id]); + + $path = $_SERVER["DOCUMENT_ROOT"] . "/static/userdata/emotes/$emote_id"; + array_map("unlink", glob("$path/*.*")); + rmdir($path); + + generate_alert("/emotes", 'Emote "' . $row["code"] . '" has been removed from the servers', 200); + } + } else { + generate_alert("/emotes", "You don't own the emote \"" . $row["code"] . "\"", 403); + } +} else { + generate_alert("/emotes", "Emote ID $emote_id not found", 404); +}
\ No newline at end of file diff --git a/public/emotes/index.php b/public/emotes/index.php index 68ae983..afa24ad 100644 --- a/public/emotes/index.php +++ b/public/emotes/index.php @@ -292,6 +292,25 @@ if (CLIENT_REQUIRES_JSON) { ; } ?> + + <?php if ($emote->get_uploaded_by() === $_SESSION["user_id"]): ?> + <form action="/emotes/delete.php" method="post"> + <input type="text" name="id" value="<?php echo $emote->get_id() ?>" + style="display: none;"> + <button type="submit" class="transparent"> + <img src="/static/img/icons/bin.png" alt="Delete emote" title="Delete emote"> + </button> + </form> + <form action="/emotes/delete.php" method="post"> + <input type="text" name="id" value="<?php echo $emote->get_id() ?>" + style="display: none;"> + <input type="text" name="unlink" value="1" style="display:none"> + <button type="submit" class="transparent"> + <img src="/static/img/icons/link_break.png" alt="Remove your authorship" + title="Remove your authorship"> + </button> + </form> + <?php endif; ?> </div> <div class="items row right full"> <?php |