This repository has been archived by the owner on Dec 11, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
api_like.php
55 lines (55 loc) · 1.78 KB
/
api_like.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
<?php
require "./helpers/heading.php";
require "./helpers/apihelper.php";
require_once "./helpers/db.php";
loginGated();
$postIdIsSet = isset($_GET['post_id']);
$commentIdIsSet = isset($_GET['comment_id']);
if (!$postIdIsSet && !$commentIdIsSet) {
badRequest("No post_id or comment_id provided");
} else if ($postIdIsSet && $commentIdIsSet) {
badRequest("Only one of post_id or comment_id can be provided");
}
if (!isset($_GET['direction'])) {
badRequest("No direction provided (1=like, 0=remove like)");
}
$direction = $_GET['direction'];
$userId = $_SESSION['userId'];
if ($postIdIsSet) {
$postId = $_GET['post_id'];
if (!is_numeric($postId)) {
badRequest("post_id must be a number");
}
if ($direction == "0") {
$db->prepare("DELETE FROM likes WHERE post_id = :postId AND author_id = :userId")
->execute([
'postId' => $postId,
'userId' => $userId
]);
} else {
$db->prepare("INSERT IGNORE INTO likes (post_id, author_id) VALUES (:postId, :userId)")
->execute([
'postId' => $postId,
'userId' => $userId
]);
}
} else {
$commentId = $_GET['comment_id'];
if (!is_numeric($commentId)) {
badRequest("comment_id must be a number");
}
if ($direction == "0") {
$db->prepare("DELETE FROM comment_likes WHERE comment_id = :commentId AND author_id = :userId")
->execute([
'commentId' => $commentId,
'userId' => $userId
]);
} else {
$db->prepare("INSERT IGNORE INTO comment_likes (comment_id, author_id) VALUES (:commentId, :userId)")
->execute([
'commentId' => $commentId,
'userId' => $userId
]);
}
}
?>