65 lines
2.0 KiB
Lua
65 lines
2.0 KiB
Lua
local tags = require("tags")
|
|
local util = require("util")
|
|
local pages = require("pages")
|
|
local config = require("config")
|
|
local session = require("session")
|
|
local db = require("db")
|
|
local queries = require("queries")
|
|
local sql = require("lsqlite3")
|
|
local cache = require("cache")
|
|
|
|
local oldconfigure = configure
|
|
local stmnt_delete
|
|
function configure(...)
|
|
stmnt_delete = assert(db.conn:prepare(queries.delete_post),db.conn:errmsg())
|
|
return oldconfigure(...)
|
|
end
|
|
|
|
local function delete_post(req)
|
|
local host = http_request_get_host(req)
|
|
local path = http_request_get_path(req)
|
|
http_request_populate_post(req)
|
|
local storystr = assert(http_argument_get_string(req,"story"))
|
|
print("Looking at storystr:",storystr)
|
|
local storyid = util.decode_id(storystr)
|
|
local author, authorid = session.get(req)
|
|
if not author then
|
|
http_response(req, 401, pages.error{
|
|
errcode = 401,
|
|
errcodemsg = "Not authorized",
|
|
explanation = "You must be logged in to delete posts. You are either not logged in or your session has expired.",
|
|
should_traceback = true
|
|
})
|
|
return
|
|
end
|
|
log(LOG_DEBUG,string.format("Deleting post %d with proposed owner %d",storyid, authorid))
|
|
stmnt_delete:bind_names{
|
|
postid = storyid,
|
|
authorid = authorid
|
|
}
|
|
local err = util.do_sql(stmnt_delete)
|
|
if err ~= sql.DONE then
|
|
log(LOG_DEBUG,string.format("Failed to delete: %d:%s",err, db.conn:errmsg()))
|
|
http_response(req,500,pages.error{
|
|
errcode = 500,
|
|
errcodemsg = "Internal error",
|
|
explanation = "Failed to delete posts from database:" .. db.conn:errmsg(),
|
|
should_traceback = true,
|
|
})
|
|
stmnt_delete:reset()
|
|
else
|
|
local loc = string.format("https://%s/%s",config.domain,storystr)
|
|
http_response_header(req,"Location",loc)
|
|
http_response(req,303,"")
|
|
stmnt_delete:reset()
|
|
cache.dirty(string.format("%s",config.domain))
|
|
cache.dirty(string.format("%s-logout",config.domain))
|
|
cache.dirty(string.format("%s.%s",author,config.domain))
|
|
cache.dirty(string.format("%s",storystr))
|
|
cache.dirty(string.format("%s?comments=1",storystr))
|
|
|
|
end
|
|
end
|
|
|
|
return delete_post
|