55use Core \Database ;
66
77$ dbnew Database ($ config'database ' ]);
8+ $ currentUserId5 ;
89
9- if ($ _SERVER 'REQUEST_METHOD ' ] === 'POST ' ) {
10- echo "Deleting... " ;
11- }
10+ if ($ _SERVER 'REQUEST_METHOD ' ] === 'POST ' ) {
11+ // form was submitted delete the current note
12+ $ note$ dbquery ('SELECT * FROM notes where id = :id ' , [
13+ 'id ' => $ _GET 'id ' ]
14+ ])->findOrFail ();
15+
16+
17+ authorize ($ note'user_id ' ] === $ currentUserId
18+
19+ // dd($_POST);
20+ $ dbquery ('DELETE FROM notes WHERE id = :id ' , [
21+ ':id ' => $ _POST 'id ' ],
22+ ]);
1223
13- // $heading = 'Note';
14- $ currentUserId5 ;
1524
16- $ note = $ db -> query ( ' SELECT * FROM notes where id = :id ' , [
17- ' id ' => $ _GET [ ' id ' ]
18- ])-> findOrFail ();
25+ header ( ' location: / notes' );
26+ exit ();
27+ } else {
1928
2029
21- authorize ($ note'user_id ' ] === $ currentUserId
30+ // $heading = 'Note';
31+ // $currentUserId = 5;
2232
23- // include base_path('views/notes/show.view.php');
24- view ('notes/show.view.php ' , [
25- 'heading ' => 'Note ' ,
26- 'note ' => $ note
27- ]);
33+ $ note$ dbquery ('SELECT * FROM notes where id = :id ' , [
34+ 'id ' => $ _GET 'id ' ]
35+ ])->findOrFail ();
2836
29- // both is acceptable with : and without : no difference
30- // $notes = $db->query('SELECT * FROM notes where id = :id', ['id' => $id])->fetch();
31- // $notes = $db->query('SELECT * FROM notes where id = :id', [':id' => $id])->fetch();
37+
38+ authorize ($ note'user_id ' ] === $ currentUserId
39+
40+ // include base_path('views/notes/show.view.php');
41+ view ('notes/show.view.php ' , [
42+ 'heading ' => 'Note ' ,
43+ 'note ' => $ note
44+ ]);
45+
46+ // both is acceptable with : and without : no difference
47+ // $notes = $db->query('SELECT * FROM notes where id = :id', ['id' => $id])->fetch();
48+ // $notes = $db->query('SELECT * FROM notes where id = :id', [':id' => $id])->fetch();
49+
50+ }
0 commit comments