Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/js/callbacks/deletesearches.php
diff options
context:
space:
mode:
authorAndreas Baumann <mail@andreasbaumann.cc>2020-02-01 09:05:48 +0100
committerAndreas Baumann <mail@andreasbaumann.cc>2020-02-01 09:05:48 +0100
commit6854cb3f4d8219cf1829e32122eb2502a916eae9 (patch)
tree350feb504587d932e02837a1442b059759927646 /js/callbacks/deletesearches.php
initial checkin
Diffstat (limited to 'js/callbacks/deletesearches.php')
-rw-r--r--js/callbacks/deletesearches.php30
1 files changed, 30 insertions, 0 deletions
diff --git a/js/callbacks/deletesearches.php b/js/callbacks/deletesearches.php
new file mode 100644
index 0000000..2ff9e3b
--- /dev/null
+++ b/js/callbacks/deletesearches.php
@@ -0,0 +1,30 @@
+<?php
+/*
+ This script is the AJAX callback that deletes a user's saved search
+*/
+
+define('IN_FS', true);
+
+require_once('../../header.php');
+
+if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
+ $user = new User(Cookie::val('flyspray_userid'));
+ $user->check_account_ok();
+
+ if( !Post::has('csrftoken') ){
+ http_response_code(428); # 'Precondition Required'
+ die('missingtoken');
+ }elseif( Post::val('csrftoken')==$_SESSION['csrftoken']){
+ # empty
+ }else{
+ http_response_code(412); # 'Precondition Failed'
+ die('wrongtoken');
+ }
+
+ if (!$user->isAnon()) {
+ $db->query('DELETE FROM {searches} WHERE id = ? AND user_id = ?', array(Post::num('id'), $user->id));
+ echo $db->affectedRows();
+ }
+}
+
+?>