diff options
Diffstat (limited to 'controllers/list.php')
| -rw-r--r-- | controllers/list.php | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/controllers/list.php b/controllers/list.php index 0561700..07db6c5 100644 --- a/controllers/list.php +++ b/controllers/list.php @@ -47,3 +47,36 @@ function on_patch() { header('Location: /list/' . $list->LID); exit(); } + +function on_put() { + global $TOKEN; + global $METHOD; + global $list_status; + + $list = null; + try { + $list = Database\ArchiveList::fromDB($METHOD['lid']); + } + catch(Exception $e) { + $list_status = "This list doesn't exist!"; + return; + } + + try { + $user = Database\Cookie::fromDB($TOKEN); + $author = Database\User::fromDBuid($list->AuthorUID); + if ($author->UID !== $user->UID) { + $list_status = "You're not the owner of this list! You have no permission to edit it!"; + return; + } + } + catch(Exception $e) { + $list_status = "Either your cookie is invalid or the author of this list has deleted their account!"; + return; + } + + $list->update($METHOD['name'], $METHOD['description']); + + header('Location: /list/' . $list->LID); + exit(); +} |