Permalink
Browse files

Checking the id in database before deletion

  • Loading branch information...
1 parent b674f5c commit f79c060d04bf56d72b51f57f1630ba2b78a351cb @gregdel gregdel committed Apr 3, 2012
Showing with 21 additions and 6 deletions.
  1. +10 −0 php/database.php
  2. +11 −6 www/sync.php
View
@@ -41,6 +41,16 @@ public function delete_entry($id, $username) {
$req->execute(array('id'=>$id, 'username'=>$username));
return $id;
}
+
+ public function check_entry($id, $username) {
+ $req = $this->_db->prepare("SELECT id FROM password WHERE id=:id AND username=:username ");
+ $req->execute(array('id'=>$id, 'username'=>$username));
+ $req = $req->fetchall(PDO::FETCH_ASSOC);
+ if (count($req) == 1)
+ return true;
+ else
+ return false;
+ }
private function createTables(){
$stm = "CREATE TABLE password (id INTEGER PRIMARY KEY, data TEXT, username TEXT)";
View
@@ -40,14 +40,18 @@ public function __construct($action,$id){
private function _checkErrors(){
$error = false;
-
- //Todo: if action == 'remove' check in db if the id exist
-
+
if(isset($this->_action)) {
if ($this->_isloggedin){
- if (($this->_action == 'remove') and empty($this->_id)){
- $this->_response->error("ITEM_ID_NOT_DEFINED");
- $error = true;
+ if ($this->_action == 'remove') {
+ if ( empty($this->_id) ){
+ $this->_response->error("ITEM_ID_NOT_DEFINED");
+ $error = true;
+ }
+ elseif (!$this->_db->check_entry($this->_id, $this->_session->get_username())) {
+ $this->_response->error("ID_NOT_FOUND");
+ $error = true;
+ }
}
}
else {
@@ -102,6 +106,7 @@ public function run() {
$entries = $this->_db->get_entries($this->_session->get_username());
$this->_response->data($entries);
break;
+
}
}
$this->_response->send();

0 comments on commit f79c060

Please sign in to comment.