-
Notifications
You must be signed in to change notification settings - Fork 6
/
evenement-actions.php
97 lines (81 loc) · 3.01 KB
/
evenement-actions.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<?php
require_once("app/bootstrap.php");
use Ladecadanse\Evenement;
use Ladecadanse\UserLevel;
use Ladecadanse\HtmlShrink;
if (!$videur->checkGroup(UserLevel::ACTOR)) {
header("Location: index.php"); die();
}
$get['id'] = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
$get['action'] = filter_input(INPUT_GET, 'action', FILTER_SANITIZE_STRING);
if ($get['action'] == 'delete' && !empty($get['id']))
{
$req_im = $connector->query("SELECT titre, flyer, image, idLieu, genre, dateEvenement, dateAjout
FROM evenement WHERE idEvenement=".$get['id']);
$val_even = $connector->fetchArray($req_im);
if (!empty($val_even) && (($authorization->isAuthor('evenement', $_SESSION['SidPersonne'], $get['id']) && $_SESSION['Sgroupe'] <= 8) || $_SESSION['Sgroupe'] < 2))
{
if (PARTIAL_EDIT_MODE && $val_even['dateAjout'] < PARTIAL_EDIT_FROM_DATETIME)
{
HtmlShrink::msgErreur(PARTIAL_EDIT_MODE_MSG);
exit;
}
if (!empty($val_even['flyer']))
{
Evenement::rmImageAndItsMiniature($val_even['flyer']);
}
if (!empty($val_even['image']))
{
Evenement::rmImageAndItsMiniature($val_even['image']);
}
if ($connector->query("DELETE FROM evenement WHERE idEvenement=".$get['id']))
{
header('HTTP/1.1 200 OK');
echo 1;
}
else
{
header('HTTP/1.1 304 Not Modified');
echo 0;
}
}
else
{
header('HTTP/1.1 403 Forbidden');
echo 0;
}
}
if ($get['action'] == 'unpublish' && !empty($get['id']))
{
$req_im = $connector->query("SELECT titre, flyer, image, idLieu, genre, dateEvenement, idPersonne, dateAjout FROM evenement WHERE idEvenement=" . $get['id']);
$val_even = $connector->fetchArray($req_im);
if (!empty($val_even) &&
(
(isset($_SESSION['Sgroupe']) && ($_SESSION['Sgroupe'] <= UserLevel::AUTHOR || (isset($_SESSION['SidPersonne']) && $_SESSION['SidPersonne'] == $val_even['idPersonne']))
)
|| (isset($_SESSION['Saffiliation_lieu']) && !empty($val_even['idLieu']) && $val_even['idLieu'] == $_SESSION['Saffiliation_lieu'])
|| isset($_SESSION['SidPersonne']) && $authorization->isPersonneInEvenementByOrganisateur($_SESSION['SidPersonne'], $get['id'])
|| isset($_SESSION['SidPersonne']) && $authorization->isPersonneInLieuByOrganisateur($_SESSION['SidPersonne'], $val_even['idLieu']) ))
{
if (PARTIAL_EDIT_MODE && $val_even['dateAjout'] < PARTIAL_EDIT_FROM_DATETIME)
{
HtmlShrink::msgErreur(PARTIAL_EDIT_MODE_MSG);
exit;
}
if ($connector->query("UPDATE evenement SET statut='inactif' WHERE idEvenement=".$get['id']))
{
header('HTTP/1.1 200 OK');
echo 1;
}
else
{
header('HTTP/1.1 304 Not Modified');
echo 0;
}
}
else
{
header('HTTP/1.1 403 Forbidden');
echo 0;
}
}