Remove old files, fix bug where when a post edit/create is cancelled …

…the autosave is not deleted
rbertram90 · May 12, 2017 · 4d3df6b · 4d3df6b
1 parent 76397cd
commit 4d3df6b
Show file tree

Hide file tree

Showing 12 changed files with 97 additions and 914 deletions.
diff --git a/app/ajax/autosave.php b/app/ajax/autosave.php
@@ -22,14 +22,14 @@
 } else if($updateDB > 0 && $updateDB !== sanitize_number($_POST['fld_postid'])) {
 	echo json_encode(array(
 		'status' => 'success',
-		'message' => 'Post last saved at '.date('Y-m-d H:i:s'),
+		'message' => 'Post autosaved at '.date('H:i'),
 		'newpostid' => $updateDB
 	));
 
 } else {
 	echo json_encode(array(
 		'status' => 'success',
-		'message' => 'Post last saved at '.date('Y-m-d H:i:s')
+		'message' => 'Post autosaved at '.date('H:i')
 	));
 }
 ?>
diff --git a/app/controller/posts_controller.inc.php b/app/controller/posts_controller.inc.php
@@ -49,14 +49,14 @@ function: route
         @param    params    Miscellaneous inputs from the URL such as blog id
                             accessed in an array.
     */
-        
+
     public function route($params)
     {
         // Create an easy reader for the params array
         $paramsReader = new Codeliner\ArrayReader\ArrayReader($params);
 
-        if(getType($params) == 'array' && array_key_exists(0, $params)):
-
+        if(getType($params) == 'array' && array_key_exists(0, $params))
+        {
             // Find and open blog
             $blogid = sanitize_number($params[0]);
             $arrayblog = $this->modelBlogs->getBlogById($blogid);
@@ -88,7 +88,8 @@ public function route($params)
             $formsubmitted = (array_key_exists(2, $params) && $params[2] == 'submit'); // Submit
             if (!$formsubmitted) $formsubmitted = (array_key_exists(3, $params) && $params[3] == 'submit'); // Submit
 
-            switch($action):
+            switch($action)
+            {
                 case 'new':
                     if($formsubmitted) $this->action_createPost();
                     $posttype = $paramsReader->stringValue(2, '');        
@@ -107,18 +108,21 @@ public function route($params)
                 case 'preview':
                     $this->previewPost();
                     break;
+
+                case 'cancelsave':
+                    $this->action_removeAutosave($arraypost);
+                    break;
 
                 default:
                     $this->managePosts($arrayblog);
                     break;
-                    
-            endswitch;
-                        
-        else:
+            }
+        }
+        else
+        {
             // Must have at least one param -> blogid
             return $this->throwNotFound();
-
-        endif;
+        }
     }
 
     /******************************************************************
@@ -308,6 +312,24 @@ public function action_createPost()
         redirect('/posts/'.$_POST['fld_blogid']);
     }
 
+    // Cancel action from new post screen
+    protected function action_removeAutosave($post)
+    {
+        // Check we have permission to perform action - if the user created the post or is blog admin
+        if(!($this->modelContributors->isBlogContributor($post['blog_id'], $_SESSION['userid'], 'all') || $_SESSION['userid'] == $post['author_id'])) return $this->throwAccessDenied();
+
+        // Delete from DB - isn't critical if fails
+        $this->modelPosts->removeAutosave($post['id']);
+
+        // Check if the actual post record is an autosave
+        if($post['initialautosave'] == 1)
+        {
+            $this->modelPosts->delete(array('id' => $post['id']));
+        }
+
+        // Redirect back to manage posts
+        redirect('/posts/' . $post['blog_id']);
+    }
 
     /**
         Edit an existing blog post
@@ -379,7 +401,7 @@ public function action_deletePost($arraypost) {
         else setSystemMessage('Sorry, There has been an error deleting your post.', 'Error');
 
         // Redirect
-        redirect('/posts/'.$arraypost['blog_id']);
+        redirect('/posts/' . $arraypost['blog_id']);
     }
 
 }

diff --git a/app/model/mdl_post.inc.php b/app/model/mdl_post.inc.php
@@ -470,7 +470,7 @@ public function getBlogPostsByTag($blogid, $ptag) {
         @param <int> $postid - id number of the post to delete
         NOTE - this function should also delete comments associated with this post!
     **/
-    public function deletePost($blogid, $postid) {
+    public function xxdeletePost($blogid, $postid) {
 
         // Sanitize Variables
         $blogid = safeNumber($blogid);
@@ -483,6 +483,12 @@ public function deletePost($blogid, $postid) {
         $sql = 'DELETE FROM '.$this->tblname.' WHERE id="'.$postid.'"';
         $this->db->runQuery($sql);
 
+        // Remove the autosave if exists
+        if($this->autosaveExists($postid))
+        {
+            $this->removeAutosave($postid);
+        }
+
         return true;
     }
 

diff --git a/app/view/posts/edit_post.php b/app/view/posts/edit_post.php
diff --git a/app/view/posts/gallery_post.php b/app/view/posts/gallery_post.php
diff --git a/app/view/posts/manage_posts.php b/app/view/posts/manage_posts.php