|
|
|
@ -12,6 +12,38 @@ function item_post(&$a) {
|
|
|
|
|
require_once('include/security.php');
|
|
|
|
|
|
|
|
|
|
$uid = $_SESSION['uid'];
|
|
|
|
|
|
|
|
|
|
if(($a->argc == 3) && ($a->argv[1] == 'drop') && intval($a->argv[2])) {
|
|
|
|
|
$r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1",
|
|
|
|
|
intval($argv[2])
|
|
|
|
|
);
|
|
|
|
|
if(! count($r)) {
|
|
|
|
|
notice("Permission denied." . EOL);
|
|
|
|
|
goway($a->get_baseurl() . $_SESSION['return_url']);
|
|
|
|
|
}
|
|
|
|
|
$item = $r[0];
|
|
|
|
|
if(($_SESSION['visitor_id'] == $item['contact-id']) || ($_SESSION['uid'] == $item['uid'])) {
|
|
|
|
|
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' WHERE `id` = %d LIMIT 1",
|
|
|
|
|
dbesc(datetime_convert()),
|
|
|
|
|
intval($item['id'])
|
|
|
|
|
);
|
|
|
|
|
if($item['uri'] == $item['parent-uri']) {
|
|
|
|
|
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' WHERE `parent-uri` = '%s',
|
|
|
|
|
dbesc(datetime_convert()),
|
|
|
|
|
dbesc($item['parent-uri'])
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$url = $a->get_baseurl();
|
|
|
|
|
$drop_id = intval($item['id'])l
|
|
|
|
|
|
|
|
|
|
proc_close(proc_open("php include/notifier.php \"$url\" \"$drop" \"$drop_id\" > notify.log &",
|
|
|
|
|
array(),$foo));
|
|
|
|
|
|
|
|
|
|
goway($a->get_baseurl() . $_SESSION['return_url']);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$parent = ((x($_POST,'parent')) ? intval($_POST['parent']) : 0);
|
|
|
|
|
|
|
|
|
|
$parent_item = null;
|
|
|
|
|