aboutsummaryrefslogtreecommitdiff
path: root/actions/friends/collections/delete.php
diff options
context:
space:
mode:
authorBrett Profitt <brett.profitt@gmail.com>2011-07-03 17:41:20 -0400
committerBrett Profitt <brett.profitt@gmail.com>2011-07-03 17:41:20 -0400
commitde111da23258cd2b513c8f4ab84712ee50272b23 (patch)
treea431dfa846987f48fb480e95bc5c5a1653c8c87c /actions/friends/collections/delete.php
parentb3bad6fc928cae56bdc3a97fe8089b27f6f79f0b (diff)
downloadelgg-de111da23258cd2b513c8f4ab84712ee50272b23.tar.gz
elgg-de111da23258cd2b513c8f4ab84712ee50272b23.tar.bz2
Merged ACL fixes from 1.7 branch.
Diffstat (limited to 'actions/friends/collections/delete.php')
-rw-r--r--actions/friends/collections/delete.php34
1 files changed, 11 insertions, 23 deletions
diff --git a/actions/friends/collections/delete.php b/actions/friends/collections/delete.php
index fe719d74b..5b0aa8e10 100644
--- a/actions/friends/collections/delete.php
+++ b/actions/friends/collections/delete.php
@@ -1,36 +1,24 @@
<?php
+
/**
* Elgg friends: delete collection action
*
- * @package Elgg.Core
- * @subpackage Friends.Collections
+ * @package Elgg
+ * @subpackage Core
*/
$collection_id = (int) get_input('collection');
-// Check to see that the access collection exist and grab its owner
-$get_collection = get_access_collection($collection_id);
-
-if ($get_collection) {
-
- if ($get_collection->owner_guid == elgg_get_logged_in_user_guid()) {
-
- $delete_collection = delete_access_collection($collection_id);
+// check the ACL exists and we can edit
+if (!can_edit_access_collection($collection_id)) {
+ register_error(elgg_echo("friends:collectiondeletefailed"));
+ forward(REFERER);
+}
- // Success message
- if ($delete_collection) {
- system_message(elgg_echo("friends:collectiondeleted"));
- } else {
- register_error(elgg_echo("friends:collectiondeletefailed"));
- }
- } else {
- // Failure message
- register_error(elgg_echo("friends:collectiondeletefailed"));
- }
+if (delete_access_collection($collection_id)) {
+ system_message(elgg_echo("friends:collectiondeleted"));
} else {
- // Failure message
register_error(elgg_echo("friends:collectiondeletefailed"));
}
-// Forward to the collections page
-forward("collections/" . elgg_get_logged_in_user_entity()->username);
+forward(REFERER);