44 lines
1.1 KiB
PHP
44 lines
1.1 KiB
PHP
|
<?php
|
||
|
/*****************************************************************************
|
||
|
* ConfirmDelete.php
|
||
|
* Contains the ConfirmDelete controller
|
||
|
*
|
||
|
* Kabuki CMS (C) 2013-2016, Aaron van Geffen
|
||
|
*****************************************************************************/
|
||
|
|
||
|
class ConfirmDelete extends HTMLController
|
||
|
{
|
||
|
public function __construct()
|
||
|
{
|
||
|
// Ensure we're logged in at this point.
|
||
|
$user = Registry::get('user');
|
||
|
if (!$user->isLoggedIn())
|
||
|
throw new NotAllowedException();
|
||
|
|
||
|
$photo = Asset::fromSlug($_GET['slug']);
|
||
|
if (empty($photo))
|
||
|
throw new NotFoundException();
|
||
|
|
||
|
$author = $photo->getAuthor();
|
||
|
if (!($user->isAdmin() || $user->getUserId() === $author->getUserId()))
|
||
|
throw new NotAllowedException();
|
||
|
|
||
|
if (isset($_REQUEST['confirmed']))
|
||
|
$this->handleDelete($photo);
|
||
|
|
||
|
parent::__construct('Confirm deletion' . ' - ' . SITE_TITLE);
|
||
|
$page = new ConfirmDeletePage($photo->getImage());
|
||
|
|
||
|
$this->page->adopt($page);
|
||
|
}
|
||
|
|
||
|
private function handleDelete(Asset $photo) {
|
||
|
$album_url = $photo->getSubdir();
|
||
|
|
||
|
$photo->delete();
|
||
|
|
||
|
header('Location: ' . BASEURL . '/' . $album_url);
|
||
|
exit;
|
||
|
}
|
||
|
}
|