diff options
author | Brett Profitt <brett.profitt@gmail.com> | 2011-07-03 17:41:20 -0400 |
---|---|---|
committer | Brett Profitt <brett.profitt@gmail.com> | 2011-07-03 17:41:20 -0400 |
commit | de111da23258cd2b513c8f4ab84712ee50272b23 (patch) | |
tree | a431dfa846987f48fb480e95bc5c5a1653c8c87c /actions/friends/collections/delete.php | |
parent | b3bad6fc928cae56bdc3a97fe8089b27f6f79f0b (diff) | |
download | elgg-de111da23258cd2b513c8f4ab84712ee50272b23.tar.gz elgg-de111da23258cd2b513c8f4ab84712ee50272b23.tar.bz2 |
Merged ACL fixes from 1.7 branch.
Diffstat (limited to 'actions/friends/collections/delete.php')
-rw-r--r-- | actions/friends/collections/delete.php | 34 |
1 files changed, 11 insertions, 23 deletions
diff --git a/actions/friends/collections/delete.php b/actions/friends/collections/delete.php index fe719d74b..5b0aa8e10 100644 --- a/actions/friends/collections/delete.php +++ b/actions/friends/collections/delete.php @@ -1,36 +1,24 @@ <?php + /** * Elgg friends: delete collection action * - * @package Elgg.Core - * @subpackage Friends.Collections + * @package Elgg + * @subpackage Core */ $collection_id = (int) get_input('collection'); -// Check to see that the access collection exist and grab its owner -$get_collection = get_access_collection($collection_id); - -if ($get_collection) { - - if ($get_collection->owner_guid == elgg_get_logged_in_user_guid()) { - - $delete_collection = delete_access_collection($collection_id); +// check the ACL exists and we can edit +if (!can_edit_access_collection($collection_id)) { + register_error(elgg_echo("friends:collectiondeletefailed")); + forward(REFERER); +} - // Success message - if ($delete_collection) { - system_message(elgg_echo("friends:collectiondeleted")); - } else { - register_error(elgg_echo("friends:collectiondeletefailed")); - } - } else { - // Failure message - register_error(elgg_echo("friends:collectiondeletefailed")); - } +if (delete_access_collection($collection_id)) { + system_message(elgg_echo("friends:collectiondeleted")); } else { - // Failure message register_error(elgg_echo("friends:collectiondeletefailed")); } -// Forward to the collections page -forward("collections/" . elgg_get_logged_in_user_entity()->username); +forward(REFERER); |