26 lines
732 B
Crystal
26 lines
732 B
Crystal
require "uri"
|
|
|
|
include CrystalGauntlet
|
|
|
|
CrystalGauntlet.endpoints["/deleteGJAccComment20.php"] = ->(context : HTTP::Server::Context): String {
|
|
params = URI::Params.parse(context.request.body.not_nil!.gets_to_end)
|
|
LOG.debug { params.inspect }
|
|
|
|
user_id, account_id = Accounts.auth(params)
|
|
if !(user_id && account_id)
|
|
return "-1"
|
|
end
|
|
|
|
comment_id = params["commentID"].to_i
|
|
|
|
# kind of a dumb hack, but it works
|
|
target_account_id = DATABASE.scalar("select max(account_id) from account_comments where id = ?", comment_id).as(Int64 | Nil)
|
|
|
|
if target_account_id && account_id == target_account_id
|
|
DATABASE.exec("delete from account_comments where id = ?", comment_id)
|
|
return "1"
|
|
else
|
|
return "-1"
|
|
end
|
|
}
|