diff options
author | Andreas Baumann <mail@andreasbaumann.cc> | 2019-11-17 20:45:02 +0100 |
---|---|---|
committer | Andreas Baumann <mail@andreasbaumann.cc> | 2019-11-17 20:45:02 +0100 |
commit | 8df3db566a3a937b45ebf11adb90d265e6f5e2d4 (patch) | |
tree | 4d541098d751d5a9acf8c12f6fb9f308ace066ac /js/callbacks/deletesearches.php | |
download | flyspray-8df3db566a3a937b45ebf11adb90d265e6f5e2d4.tar.xz |
initial checking of customized version 1.0rc9
Diffstat (limited to 'js/callbacks/deletesearches.php')
-rw-r--r-- | js/callbacks/deletesearches.php | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/js/callbacks/deletesearches.php b/js/callbacks/deletesearches.php new file mode 100644 index 0000000..2ff9e3b --- /dev/null +++ b/js/callbacks/deletesearches.php @@ -0,0 +1,30 @@ +<?php +/* + This script is the AJAX callback that deletes a user's saved search +*/ + +define('IN_FS', true); + +require_once('../../header.php'); + +if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) { + $user = new User(Cookie::val('flyspray_userid')); + $user->check_account_ok(); + + if( !Post::has('csrftoken') ){ + http_response_code(428); # 'Precondition Required' + die('missingtoken'); + }elseif( Post::val('csrftoken')==$_SESSION['csrftoken']){ + # empty + }else{ + http_response_code(412); # 'Precondition Failed' + die('wrongtoken'); + } + + if (!$user->isAnon()) { + $db->query('DELETE FROM {searches} WHERE id = ? AND user_id = ?', array(Post::num('id'), $user->id)); + echo $db->affectedRows(); + } +} + +?> |