diff options
Diffstat (limited to 'lib/blog/delete.php')
| -rw-r--r-- | lib/blog/delete.php | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/lib/blog/delete.php b/lib/blog/delete.php new file mode 100644 index 0000000..a57b5ac --- /dev/null +++ b/lib/blog/delete.php @@ -0,0 +1,13 @@ +<?php + +assert_redir(count($args) >= 3, 'blog'); +$postid = intval($args[2]); + +$post = mysql_fetch_assoc(sql("SELECT owner FROM blog_posts WHERE id = $postid")); +assert_error($post && $post['owner'] == $user['id'], + "This note does not exist, or you are not allowed to delete it."); + +token_validate("Do you really want to delete this post ?", "blog"); +sql("DELETE FROM blog_posts WHERE id = $postid"); +sql("DELETE FROM blog_tags WHERE post = $postid"); +header("Location: drafts-blog"); |