fix: wishlist view

This commit is contained in:
grandeljay 2023-09-07 15:58:26 +02:00
parent 56993052b4
commit cfe30781a9
3 changed files with 17 additions and 26 deletions

View file

@ -108,45 +108,36 @@ switch ($_SERVER['REQUEST_METHOD']) {
$getOwnWishlists = $user->isLoggedIn(); $getOwnWishlists = $user->isLoggedIn();
if ($getWishlistCardsFromPriority) { if ($getWishlistCardsFromPriority) {
/**
* Get wishlist cards with priority
*/
$wishlist = Wishlist::getFromId($_GET['wishlist_id']); $wishlist = Wishlist::getFromId($_GET['wishlist_id']);
if (false === $wishlist) {
http_response_code(404);
}
$priorityAll = -1;
$priorityNone = 0;
$priority = (int) $_GET['priority'] ?? $priorityAll;
$options = array( $options = array(
'style' => $_GET['style'], 'style' => $_GET['style'],
'placeholders' => array(), 'placeholders' => array(),
); );
$where = array( $where = array(
'wishlist' => '`wishlist` = ' . $wishlist->getId(), 'wishlist' => '`wishlist` = ' . $wishlist->getId(),
'priority' => '`priority` = ' . $_GET['priority'], 'priority' => '`priority` = ' . $priority,
); );
if (-1 === $_GET['priority']) { if ($priorityAll === $priority) {
unset($where['priority']); unset($where['priority']);
} }
if (empty($_GET['priority'])) { if ($priorityNone === $priority) {
$where['priority'] = '`priority` IS NULL'; $where['priority'] = '`priority` IS NULL OR `priority` = 0';
} }
$options['WHERE'] = '(' . implode(') AND (', $where) . ')'; $options['WHERE'] = '(' . implode(') AND (', $where) . ')';
$response['results'] = $wishlist->getCards($options); $response['results'] = $wishlist->getCards($options);
/**
* Get wishlist by id
*/
$wishlist = Wishlist::getFromId($_GET['wishlist_id']);
/** Determine if user is allowed to access wishlist */
if ($wishlist instanceof Wishlist) {
if ($user->isLoggedIn() && $user->getId() === $wishlist->getUserId()) {
$response['results'] = $wishlist->getCards();
} else {
http_response_code(403);
}
} else {
http_response_code(404);
}
} elseif ($getWishlistFromHash) { } elseif ($getWishlistFromHash) {
$wishlist = Wishlist::getFromHash($_GET['wishlist_hash']); $wishlist = Wishlist::getFromHash($_GET['wishlist_hash']);

View file

@ -198,7 +198,7 @@ class Wish
$userCard->getLocale() . '@currency=' . $userCard->getCurrency(), $userCard->getLocale() . '@currency=' . $userCard->getCurrency(),
\NumberFormatter::CURRENCY \NumberFormatter::CURRENCY
); );
$userIsCurrent = $userCurrent->getId() === $userCard->getId(); $userIsCurrent = $userCurrent->isLoggedIn() && $userCurrent->getId() === $userCard->getId();
/** /**
* Card * Card

View file

@ -44,7 +44,7 @@ $user = User::getCurrent();
<?= __('All priorities') ?> <?= __('All priorities') ?>
</div> </div>
<div class="item" data-value=""> <div class="item" data-value="0">
<i class="ui white empty circular label"></i> <i class="ui white empty circular label"></i>
<?= __('No priority') ?> <?= __('No priority') ?>
</div> </div>