Comment content can be updated.

This commit is contained in:
Pierre 2018-01-27 18:19:30 +01:00
parent 00c61345d8
commit ddd0421592
2 changed files with 70 additions and 0 deletions

View File

@ -7,6 +7,29 @@
class commentsController { class commentsController {
/**
* Edit a comment content
*
* @url POST /comments/edit
*/
public function edit_comment(){
user_login_required();
//Get comment ID
$commentID = $this->getPostCommentIDWithFullAccess("commentID");
//Get comment content$
$new_content = $this->get_comment_content("content");
//Update comment content
if(!components()->comments->edit($commentID, $new_content))
Rest_fatal_error(500, "Could not update comment content !");
//Success
return array("success" => "The comment has been updated !");
}
/** /**
* Delete a comment * Delete a comment
* *
@ -47,4 +70,28 @@ class commentsController {
//Return comment ID //Return comment ID
return $commentID; return $commentID;
} }
/**
* Get a comment content from $_POST field
*
* @param string $name The name of post field containing the commment content
* @return string The comment content, if it passed security checks
*/
private function get_comment_content(string $name) : string {
//Get comment content
if(!isset($_POST[$name]))
Rest_fatal_error(400, "Please specify the new content of the comment!");
$comment_content = (string) $_POST[$name];
//Perform security check
if(!check_string_before_insert($comment_content))
Rest_fatal_error(400, "Please check new comment content !");
//Make the comment secure before insertion
$comment_content = removeHTMLnodes($comment_content);
//Return comment conent
return $comment_content;
}
} }

View File

@ -153,6 +153,29 @@ class Comments {
} }
/**
* Edit a comment content
*
* @param int $commentID The ID of the comment to update
* @param string $content The new content for the comment
* @return bool TRUE for a success / FALSE else
*/
public function edit(int $commentID, string $content) : bool {
//Perform a request on the database
$newValues = array(
"commentaire" => $content
);
//Try to perform request
return CS::get()->db->updateDB(
$this::COMMENTS_TABLE,
"ID = ?",
$newValues,
array($commentID));
}
/** /**
* Get the ID of the post associated to a comment * Get the ID of the post associated to a comment
* *