diff options
| -rw-r--r-- | controllers/list.php | 33 | ||||
| -rw-r--r-- | models/archivelist.php | 8 | ||||
| -rw-r--r-- | views/list/index.php | 17 | ||||
| -rw-r--r-- | views/list/update/index.php | 46 | ||||
| -rw-r--r-- | views/list/update/meta.php | 4 | ||||
| -rw-r--r-- | views/styles.css | 8 |
6 files changed, 116 insertions, 0 deletions
diff --git a/controllers/list.php b/controllers/list.php index 0561700..07db6c5 100644 --- a/controllers/list.php +++ b/controllers/list.php @@ -47,3 +47,36 @@ function on_patch() { header('Location: /list/' . $list->LID); exit(); } + +function on_put() { + global $TOKEN; + global $METHOD; + global $list_status; + + $list = null; + try { + $list = Database\ArchiveList::fromDB($METHOD['lid']); + } + catch(Exception $e) { + $list_status = "This list doesn't exist!"; + return; + } + + try { + $user = Database\Cookie::fromDB($TOKEN); + $author = Database\User::fromDBuid($list->AuthorUID); + if ($author->UID !== $user->UID) { + $list_status = "You're not the owner of this list! You have no permission to edit it!"; + return; + } + } + catch(Exception $e) { + $list_status = "Either your cookie is invalid or the author of this list has deleted their account!"; + return; + } + + $list->update($METHOD['name'], $METHOD['description']); + + header('Location: /list/' . $list->LID); + exit(); +} diff --git a/models/archivelist.php b/models/archivelist.php index 779365e..bf734e0 100644 --- a/models/archivelist.php +++ b/models/archivelist.php @@ -41,4 +41,12 @@ class ArchiveList extends Table { 'Webpages.*' ); } + + function update(string $newName, string $newDescription) { + Table::_update( + 'ArchiveLists', + "Name = \"$newName\", Description = \"$newDescription\"", + "LID = \"$this->LID\"" + ); + } } diff --git a/views/list/index.php b/views/list/index.php index 9b49268..4a84f78 100644 --- a/views/list/index.php +++ b/views/list/index.php @@ -18,6 +18,23 @@ <?= $author->Username ?> </p> <p><?= $list->Description ?></p> + + <section id="list-buttons" hidden> + <form action="/list/update" method="GET"> + <input type="hidden" name="lid" value="<?= $list->LID ?>"> + <input type="submit" value="Update"> + </form> + <form action="/list/delete" method="GET"> + <input type="hidden" name="lid" value="<?= $list->LID ?>"> + <input type="submit" value="Delete"> + </form> + </section> + <script type="text/javascript"> + function showListButtons() { + document.getElementById('list-buttons').hidden = false; + } + authenticated(showListButtons); + </script> </section> <section> <?php diff --git a/views/list/update/index.php b/views/list/update/index.php new file mode 100644 index 0000000..9374aef --- /dev/null +++ b/views/list/update/index.php @@ -0,0 +1,46 @@ +<?php + require_login(); + + $list = null; + $author = null; + $user = null; + + try { + $list = Database\ArchiveList::fromDB($_GET['lid'] ?? -1); + $author = Database\User::fromDBuid($list->AuthorUID); + $user = Database\Cookie::fromDB($TOKEN); + } + catch(Exception $e) {} +?> + +<?php if ($list !== null && $user->UID === $author->UID): ?> + +<h1>Update list</h1> + +<form action="#" method="POST" class="font-115 flex-col-centered max-width-20 center-margin"> + <input type="hidden" name="method" value="PUT"> + <?php if (isset($list_status)): ?> + <?php if ($list_status !== ""): ?> + <p class="item error"><span> + <strong>Error:</strong> <?= $list_status ?> + </span></p> + <?php else: ?> + <script type="text/javascript"> + window.location.href = '/list/<?= $_GET["lid"] ?>'; + </script> + <?php endif; ?> + <?php endif; ?> + + <input type="hidden" name="lid" value="<?= $_GET['lid'] ?>"> + <input type="text" name="name" placeholder="List title" minlength="1" value="<?= $list->Name ?>"> + <textarea name="description" placeholder="Description"><?= $list->Description ?></textarea> + <input type="submit" value="Update"> +</form> + +<?php elseif ($list === null): ?> + <h2>No list with identifier <?= $_GET['lid'] ?> exists!</h2> + +<?php else: ?> + <h2>You're not the owner of "<?= $list->Name ?>", you have no permission to edit it!</h2> + +<?php endif; ?> diff --git a/views/list/update/meta.php b/views/list/update/meta.php new file mode 100644 index 0000000..c3a9f3c --- /dev/null +++ b/views/list/update/meta.php @@ -0,0 +1,4 @@ +<?php + +$title = 'Update a list of archives'; +$controller = 'list'; diff --git a/views/styles.css b/views/styles.css index 4d17e51..132d280 100644 --- a/views/styles.css +++ b/views/styles.css @@ -407,6 +407,14 @@ hr.new-section { vertical-align: middle; } +.list-container #list-buttons { + display: flex; + flex-direction: column; + gap: 0.9em; + font-size: 0.8em; + margin-top: 4em; +} + /* User */ .user-icon { height: 7em; |