2023-01-06 17:40:41 +01:00
require " uri "
include CrystalGauntlet
CrystalGauntlet . endpoints [ " /deleteGJComment20.php " ] = - > ( context : HTTP :: Server :: Context ) : String {
params = URI :: Params . parse ( context . request . body . not_nil! . gets_to_end )
LOG . debug { params . inspect }
user_id , account_id = Accounts . auth ( params )
if ! ( user_id && account_id )
2023-01-08 08:10:27 +01:00
user_id , account_id = Accounts . auth_old ( context . request , params )
if ! ( user_id && account_id )
return " -1 "
end
2023-01-06 17:40:41 +01:00
end
comment_user_id , level_user_id = DATABASE . query_one ( " select comments.user_id, levels.user_id from comments join levels on levels.id = comments.id where comments.id = ? " , params [ " commentID " ] . to_i , as : { Int32 , Int32 } )
if comment_user_id != user_id && level_user_id != user_id
return " -1 "
end
DATABASE . exec ( " delete from comments where id = ? " , params [ " commentID " ] . to_i )
return " 1 "
}
2023-01-07 16:25:32 +01:00
2023-01-08 08:10:27 +01:00
CrystalGauntlet . endpoints [ " /deleteGJComment19.php " ] = CrystalGauntlet . endpoints [ " /deleteGJComment20.php " ]