From 7a29c6265b2af2891c0b6685137f566625e6c776 Mon Sep 17 00:00:00 2001
From: Tagadda <36127788+Tagadda@users.noreply.github.com>
Date: Mon, 13 Aug 2018 15:20:06 +0200
Subject: [PATCH] Delete a Poll
---
index.php | 31 ++++++++++++++++++++++++++++---
models/Poll.php | 13 ++++++++++++-
static/js/new.js | 1 +
views/home.php | 1 +
4 files changed, 42 insertions(+), 4 deletions(-)
diff --git a/index.php b/index.php
index 2d86700..b9c1038 100644
--- a/index.php
+++ b/index.php
@@ -3,14 +3,19 @@ require __DIR__ . "/vendor/autoload.php";
require __DIR__ . "/models/Poll.php";
require __DIR__ . "/config/app.php";
-function format_poll($poll)
+function format_poll($poll, $with_delete_token = false)
{
- return [
+ $array = [
"id" => $poll->id,
"title" => $poll->title,
"creation_date" => $poll->creation_date,
"options" => $poll->options,
];
+
+ if ($with_delete_token === true)
+ $array['delete_token'] = $poll->delete_token;
+
+ return $array;
}
Flight::route("POST /polls", function () {
@@ -20,7 +25,7 @@ Flight::route("POST /polls", function () {
$request_json = $request->data;
$poll = Poll::create_poll($request_json);
if ($poll)
- Flight::json(format_poll($poll), 201);
+ Flight::json(format_poll($poll, true), 201);
else
Flight::halt(403, "403 Forbidden
Invalid data.
");
}
@@ -86,6 +91,26 @@ Flight::route("POST /polls/@id:[a-fA-F0-9]+/vote", function ($id) {
Flight::notFound();
});
+Flight::route("GET|DELETE /polls/@id:[a-fA-F0-9]+/@token:[a-fA-F0-9]+", function ($id, $token) {
+ $poll = Poll::load_poll($id);
+ if ($poll)
+ {
+ if ($poll->delete_token !== $token)
+ Flight::halt(401, "401 Unauthorized
Invalid token.
");
+
+ $poll->delete();
+
+ if (Flight::request()->type === "application/json")
+ Flight::json(format_poll($poll), 204);
+ else
+ {
+ Flight::redirect('/');
+ }
+ }
+ else
+ Flight::notFound();
+});
+
Flight::route("/", function () {
global $VERLAINE;
Flight::render("home", ["app_url" => $VERLAINE["app_url"]], "body_content");
diff --git a/models/Poll.php b/models/Poll.php
index 5dd8112..7d56e7b 100644
--- a/models/Poll.php
+++ b/models/Poll.php
@@ -22,6 +22,7 @@ class Poll
];
}
$poll->gen_new_id();
+ $poll->delete_token = bin2hex(openssl_random_pseudo_bytes(16));
$poll->save();
return $poll;
}
@@ -46,6 +47,7 @@ class Poll
$poll->title = $saved_poll_data->title;
$poll->creation_date = $saved_poll_data->creation_date;
$poll->options = $saved_poll_data->options;
+ $poll->delete_token = $saved_poll_data->delete_token;
dba_close($db);
return $poll;
@@ -61,8 +63,9 @@ class Poll
public $title;
public $creation_date;
public $options = [];
+ public $delete_token;
- public function gen_new_id()
+ private function gen_new_id()
{
$db = dba_open(SAVE_PATH . "/polls.db", "rd");
@@ -97,7 +100,15 @@ class Poll
"title" => $this->title,
"creation_date" => $this->creation_date,
"options" => $this->options,
+ "delete_token" => $this->delete_token
]), $db);
dba_close($db);
}
+
+ public function delete()
+ {
+ $db = dba_open(SAVE_PATH . "/polls.db", "wd");
+ dba_delete($this->id, $db);
+ dba_close($db);
+ }
}
diff --git a/static/js/new.js b/static/js/new.js
index a1d0012..5f3d533 100644
--- a/static/js/new.js
+++ b/static/js/new.js
@@ -48,6 +48,7 @@ document.addEventListener("DOMContentLoaded", () => {
let result_el = document.getElementById("result");
result_el.innerHTML = result_el.innerHTML.replace(/:poll_title/g, json.title);
result_el.innerHTML = result_el.innerHTML.replace(/:poll_url/g, `/polls/${json.id}`);
+ result_el.innerHTML = result_el.innerHTML.replace(/:delete_url/g, `/polls/${json.id}/${json.delete_token}`);
result_el.removeAttribute("hidden");
});
});
diff --git a/views/home.php b/views/home.php
index f541cf5..658e008 100644
--- a/views/home.php
+++ b/views/home.php
@@ -14,6 +14,7 @@