aboutsummaryrefslogtreecommitdiff
path: root/actions/friends/collections/delete.php
diff options
context:
space:
mode:
Diffstat (limited to 'actions/friends/collections/delete.php')
-rw-r--r--actions/friends/collections/delete.php29
1 files changed, 8 insertions, 21 deletions
diff --git a/actions/friends/collections/delete.php b/actions/friends/collections/delete.php
index fe719d74b..ff8f1fb55 100644
--- a/actions/friends/collections/delete.php
+++ b/actions/friends/collections/delete.php
@@ -8,29 +8,16 @@
$collection_id = (int) get_input('collection');
-// Check to see that the access collection exist and grab its owner
-$get_collection = get_access_collection($collection_id);
-
-if ($get_collection) {
-
- if ($get_collection->owner_guid == elgg_get_logged_in_user_guid()) {
-
- $delete_collection = delete_access_collection($collection_id);
+// check the ACL exists and we can edit
+if (!can_edit_access_collection($collection_id)) {
+ register_error(elgg_echo("friends:collectiondeletefailed"));
+ forward(REFERER);
+}
- // Success message
- if ($delete_collection) {
- system_message(elgg_echo("friends:collectiondeleted"));
- } else {
- register_error(elgg_echo("friends:collectiondeletefailed"));
- }
- } else {
- // Failure message
- register_error(elgg_echo("friends:collectiondeletefailed"));
- }
+if (delete_access_collection($collection_id)) {
+ system_message(elgg_echo("friends:collectiondeleted"));
} else {
- // Failure message
register_error(elgg_echo("friends:collectiondeletefailed"));
}
-// Forward to the collections page
-forward("collections/" . elgg_get_logged_in_user_entity()->username);
+forward(REFERER);